mirror of https://github.com/MISP/MISP
fix: [tags] Show just tags that user can really use
parent
326ae703e0
commit
7a14e5d19b
|
@ -616,24 +616,10 @@ class TagsController extends AppController
|
|||
}
|
||||
$this->loadModel('Taxonomy');
|
||||
$expanded = array();
|
||||
$banned_tags = $this->Tag->find('list', array(
|
||||
'conditions' => array(
|
||||
'NOT' => array(
|
||||
'Tag.org_id' => array(
|
||||
0,
|
||||
$this->Auth->user('org_id')
|
||||
),
|
||||
'Tag.user_id' => array(
|
||||
0,
|
||||
$this->Auth->user('id')
|
||||
)
|
||||
)
|
||||
),
|
||||
'fields' => array('Tag.id')
|
||||
));
|
||||
$this->set('taxonomy_id', $taxonomy_id);
|
||||
if ($taxonomy_id === 'collections') {
|
||||
$this->loadModel('TagCollection');
|
||||
// This method removes banned and hidden tags
|
||||
$tagCollections = $this->TagCollection->fetchTagCollection($this->Auth->user());
|
||||
$tags = array();
|
||||
$inludedTagListString = array();
|
||||
|
@ -643,12 +629,8 @@ class TagsController extends AppController
|
|||
$expanded[$tagCollection['TagCollection']['id']] = empty($tagCollection['TagCollection']['description']) ? $tagCollection['TagCollection']['name'] : $tagCollection['TagCollection']['description'];
|
||||
if (!empty($tagCollection['TagCollectionTag'])) {
|
||||
$tagList = array();
|
||||
foreach ($tagCollection['TagCollectionTag'] as $k => $tce) {
|
||||
if (in_array($tce['tag_id'], $banned_tags)) {
|
||||
unset($tagCollection['TagCollectionTag'][$k]);
|
||||
} else {
|
||||
$tagList[] = $tce['Tag']['name'];
|
||||
}
|
||||
foreach ($tagCollection['TagCollectionTag'] as $tce) {
|
||||
$tagList[] = $tce['Tag']['name'];
|
||||
$tagCollection['TagCollectionTag'] = array_values($tagCollection['TagCollectionTag']);
|
||||
}
|
||||
$tagList = implode(', ', $tagList);
|
||||
|
@ -658,7 +640,7 @@ class TagsController extends AppController
|
|||
}
|
||||
} else {
|
||||
if ($taxonomy_id === '0') {
|
||||
$temp = $this->Taxonomy->getAllTaxonomyTags(true, false, true);
|
||||
$temp = $this->Taxonomy->getAllTaxonomyTags(true, $this->Auth->user(), true);
|
||||
$tags = array();
|
||||
foreach ($temp as $tag) {
|
||||
$tags[$tag['Tag']['id']] = $tag['Tag'];
|
||||
|
@ -667,7 +649,12 @@ class TagsController extends AppController
|
|||
$expanded = $tags;
|
||||
} elseif ($taxonomy_id === 'favourites') {
|
||||
$tags = array();
|
||||
$conditions = array('FavouriteTag.user_id' => $this->Auth->user('id'));
|
||||
$conditions = array(
|
||||
'FavouriteTag.user_id' => $this->Auth->user('id'),
|
||||
'Tag.org_id' => array(0, $this->Auth->user('org_id')),
|
||||
'Tag.user_id' => array(0, $this->Auth->user('id')),
|
||||
'Tag.hide_tag' => 0,
|
||||
);
|
||||
$favTags = $this->Tag->FavouriteTag->find('all', array(
|
||||
'conditions' => $conditions,
|
||||
'recursive' => -1,
|
||||
|
@ -679,9 +666,10 @@ class TagsController extends AppController
|
|||
$expanded = $tags;
|
||||
}
|
||||
} elseif ($taxonomy_id === 'all') {
|
||||
$conditions = [];
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$conditions = array('Tag.org_id' => array(0, $this->Auth->user('org_id')));
|
||||
$conditions = array('Tag.user_id' => array(0, $this->Auth->user('id')));
|
||||
$conditions[] = array('Tag.org_id' => array(0, $this->Auth->user('org_id')));
|
||||
$conditions[] = array('Tag.user_id' => array(0, $this->Auth->user('id')));
|
||||
}
|
||||
$conditions['Tag.hide_tag'] = 0;
|
||||
$allTags = $this->Tag->find('all', array(
|
||||
|
@ -691,13 +679,9 @@ class TagsController extends AppController
|
|||
'fields' => array('Tag.id', 'Tag.name', 'Tag.colour')
|
||||
));
|
||||
$tags = array();
|
||||
foreach ($allTags as $k => $tag) {
|
||||
$temp = explode(':', $tag['Tag']['name']);
|
||||
if (count($temp) > 1) {
|
||||
if ($temp[0] !== 'misp-galaxy') {
|
||||
$tags[$tag['Tag']['id']] = $tag['Tag'];
|
||||
}
|
||||
} else {
|
||||
foreach ($allTags as $tag) {
|
||||
$isGalaxyTag = strpos($tag['Tag']['name'], 'misp-galaxy:') === 0;
|
||||
if (!$isGalaxyTag) {
|
||||
$tags[$tag['Tag']['id']] = $tag['Tag'];
|
||||
}
|
||||
}
|
||||
|
@ -714,21 +698,38 @@ class TagsController extends AppController
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
// Unset all tags that this user cannot use for tagging, determined by the org restriction on tags
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
foreach ($banned_tags as $banned_tag) {
|
||||
unset($tags[$banned_tag]);
|
||||
unset($expanded[$banned_tag]);
|
||||
|
||||
// Unset all tags that this user cannot use for tagging, determined by the org restriction on tags
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$banned_tags = $this->Tag->find('list', array(
|
||||
'conditions' => array(
|
||||
'NOT' => array(
|
||||
'Tag.org_id' => array(
|
||||
0,
|
||||
$this->Auth->user('org_id')
|
||||
),
|
||||
'Tag.user_id' => array(
|
||||
0,
|
||||
$this->Auth->user('id')
|
||||
)
|
||||
)
|
||||
),
|
||||
'fields' => array('Tag.id')
|
||||
));
|
||||
foreach ($banned_tags as $banned_tag) {
|
||||
unset($tags[$banned_tag]);
|
||||
unset($expanded[$banned_tag]);
|
||||
}
|
||||
}
|
||||
}
|
||||
$hidden_tags = $this->Tag->find('list', array(
|
||||
|
||||
$hidden_tags = $this->Tag->find('list', array(
|
||||
'conditions' => array('Tag.hide_tag' => 1),
|
||||
'fields' => array('Tag.id')
|
||||
));
|
||||
foreach ($hidden_tags as $hidden_tag) {
|
||||
unset($tags[$hidden_tag]);
|
||||
unset($expanded[$hidden_tag]);
|
||||
));
|
||||
foreach ($hidden_tags as $hidden_tag) {
|
||||
unset($tags[$hidden_tag]);
|
||||
unset($expanded[$hidden_tag]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -197,8 +197,8 @@ class Taxonomy extends AppModel
|
|||
$conditions = array();
|
||||
if ($user) {
|
||||
if (!$user['Role']['perm_site_admin']) {
|
||||
$conditions = array('Tag.org_id' => array(0, $user['org_id']));
|
||||
$conditions = array('Tag.user_id' => array(0, $user['id']));
|
||||
$conditions[] = array('Tag.org_id' => array(0, $user['org_id']));
|
||||
$conditions[] = array('Tag.user_id' => array(0, $user['id']));
|
||||
}
|
||||
}
|
||||
if (Configure::read('MISP.incoming_tags_disabled_by_default')) {
|
||||
|
|
Loading…
Reference in New Issue