mirror of https://github.com/MISP/MISP
new: [publishing] Unpublish function added
- users were jumping through hoops to unpublish an eventpull/4023/head
parent
c2b1d51812
commit
76497420fa
|
@ -46,7 +46,7 @@ class AppController extends Controller
|
|||
|
||||
public $helpers = array('Utility', 'OrgImg');
|
||||
|
||||
private $__queryVersion = '51';
|
||||
private $__queryVersion = '52';
|
||||
public $pyMispVersion = '2.4.99';
|
||||
public $phpmin = '5.6.5';
|
||||
public $phprec = '7.0.16';
|
||||
|
|
|
@ -139,6 +139,7 @@ class ACLComponent extends Component
|
|||
'stix2' => array('*'),
|
||||
'strposarray' => array(),
|
||||
'toggleCorrelation' => array('perm_add'),
|
||||
'unpublish' => array('perm_modify'),
|
||||
'updateGraph' => array('*'),
|
||||
'upload_analysis_file' => array('perm_add'),
|
||||
'upload_sample' => array('AND' => array('perm_auth', 'perm_add')),
|
||||
|
|
|
@ -2145,6 +2145,42 @@ class EventsController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public function unpublish($id = null)
|
||||
{
|
||||
$this->Event->id = $id;
|
||||
if (!$this->Event->exists()) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
}
|
||||
$this->Event->recursive = -1;
|
||||
$event = $this->Event->read(null, $id);
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if (!$this->userRole['perm_modify'] || $this->Auth->user('org_id') !== $this->Event->data['Event']['orgc_id']) {
|
||||
throw new MethodNotAllowedException(__('You don\'t have the permission to do that.'));
|
||||
}
|
||||
}
|
||||
$this->Event->insertLock($this->Auth->user(), $id);
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
$fieldList = array('published', 'id', 'info');
|
||||
$event['Event']['published'] = 0;
|
||||
$result = $this->Event->save($event, array('fieldList' => $fieldList));
|
||||
if ($result) {
|
||||
$message = __('Event unpublished.');
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->saveSuccessResponse('events', 'unpublish', $id, false, $message);
|
||||
} else {
|
||||
$this->Flash->success($message);
|
||||
$this->redirect(array('action' => 'view', $id));
|
||||
}
|
||||
} else {
|
||||
throw new MethodNotAllowedException('Could not unpublish event.');
|
||||
}
|
||||
} else {
|
||||
$this->set('id', $id);
|
||||
$this->set('type', 'unpublish');
|
||||
$this->render('ajax/eventPublishConfirmationForm');
|
||||
}
|
||||
}
|
||||
|
||||
// Publishes the event without sending an alert email
|
||||
public function publish($id = null)
|
||||
{
|
||||
|
|
|
@ -122,6 +122,14 @@
|
|||
'class' => 'publishButtons not-published ' . $publishButtons,
|
||||
'text' => __('Publish (no email)')
|
||||
));
|
||||
echo $this->element('/side_menu_link', array(
|
||||
'onClick' => array(
|
||||
'function' => 'publishPopup',
|
||||
'params' => array($event['Event']['id'], 'unpublish')
|
||||
),
|
||||
'class' => (1 == $event['Event']['published'] && $mayModify) ? '' : 'hidden',
|
||||
'text' => __('Unpublish')
|
||||
));
|
||||
if (Configure::read('MISP.delegation')) {
|
||||
if ((Configure::read('MISP.unpublishedprivate') || (isset($event['Event']['distribution']) && $event['Event']['distribution'] == 0)) && (!isset($delegationRequest) || !$delegationRequest) && ($isSiteAdmin || (isset($isAclDelegate) && $isAclDelegate))) {
|
||||
echo $this->element('/side_menu_link', array(
|
||||
|
|
|
@ -3,19 +3,22 @@
|
|||
echo $this->Form->create('Event', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => '/events/' . $type . '/' . $id));
|
||||
$extraTitle = "";
|
||||
if ($type == 'publish') $extraTitle = ' (no email)';
|
||||
$message = __('Publish Event%s', $extraTitle);
|
||||
if ($type === 'unpublish') {
|
||||
$message = __('Unpublish Event%s', $extraTitle);
|
||||
}
|
||||
?>
|
||||
<legend><?php echo __('Publish Event%s', $extraTitle);?></legend>
|
||||
|
||||
<legend><?php echo $message;?></legend>
|
||||
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
|
||||
<?php
|
||||
if ($type == 'alert'):
|
||||
?>
|
||||
<p><?php echo __('Are you sure this event is complete and everyone should be informed?');?></p>
|
||||
<?php
|
||||
else:
|
||||
?>
|
||||
<p><?php echo __('Publish but do NOT send alert email? Only for minor changes!');?></p>
|
||||
<?php
|
||||
endif;
|
||||
if ($type == 'alert') {
|
||||
echo '<p>' . __('Are you sure this event is complete and everyone should be informed?') . '</p>';
|
||||
} else if ($type === 'unpublish') {
|
||||
echo '<p>' . __('Are you sure you wish to unpublish the event?') . '</p>';
|
||||
} else {
|
||||
echo '<p>' . __('Publish but do NOT send alert email? Only for minor changes!') . '</p>';
|
||||
}
|
||||
?>
|
||||
<table>
|
||||
<tr>
|
||||
|
|
|
@ -61,6 +61,7 @@ function fetchAddSightingForm(id, onvalue) {
|
|||
function publishPopup(id, type) {
|
||||
var action = "alert";
|
||||
if (type == "publish") action = "publish";
|
||||
if (type == "unpublish") action = "unpublish";
|
||||
var destination = 'attributes';
|
||||
$.get( "/events/" + action + "/" + id, function(data) {
|
||||
$("#confirmation_box").html(data);
|
||||
|
|
Loading…
Reference in New Issue