MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'develop' of github.com:MISP/MISP into develop

pull/8798/head
iglocska 2022-12-01 14:09:34 +01:00
parent 14ebd7c775 bc4b1e6f49
commit 8267d80e15
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
9 changed files with 74 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
INSTALL/MYSQL.sql
View File

@ -1523,16 +1523,16 @@ INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `pe
VALUES (2, 'Org Admin', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 0);
INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`)
VALUES (3, 'User', NOW(), NOW(), 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1);
VALUES (3, 'User', NOW(), NOW(), 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1);
INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`)
VALUES (4, 'Publisher', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0);
VALUES (4, 'Publisher', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 0);
INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`)
VALUES (5, 'Sync user', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0);
VALUES (5, 'Sync user', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0);
INSERT IGNORE INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_publish_zmq`, `perm_publish_kafka`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `perm_decaying`, `default_role`)
VALUES (6, 'Read Only', NOW(), NOW(), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
VALUES (6, 'Read Only', NOW(), NOW(), 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
-- --------------------------------------------------------

3
app/Controller/Component/ACLComponent.php
View File

@ -384,7 +384,8 @@ class ACLComponent extends Component
'event_index' => array('*'),
'returnDates' => array('*'),
'testForStolenAttributes' => array(),
'pruneUpdateLogs' => array()
'pruneUpdateLogs' => array(),
'index' => array('perm_audit')
),
'auditLogs' => [
'admin_index' => ['perm_audit'],

29
app/Controller/LogsController.php
View File

@ -28,7 +28,7 @@ class LogsController extends AppController
}
}
public function admin_index()
public function index()
{
$paramArray = array('id', 'title', 'created', 'model', 'model_id', 'action', 'user_id', 'change', 'email', 'org', 'description', 'ip');
$filterData = array(
@ -71,8 +71,15 @@ class LogsController extends AppController
}
}
if (!$this->_isSiteAdmin()) {
// no filtering for SiteAdmin
}
else if (!$this->_isSiteAdmin() && $this->_isAdmin()) {
// ORG admins can see their own org info
$orgRestriction = $this->Auth->user('Organisation')['name'];
$conditions['AND']['Log.org'] = $orgRestriction;
$conditions['Log.org'] = $orgRestriction;
} else {
// users can see their own info
$conditions['Log.email'] = $this->Auth->user('email');
}
$params = array(
'conditions' => $conditions,
@ -90,12 +97,18 @@ class LogsController extends AppController
$this->set('isSearch', 0);
$this->recursive = 0;
$validFilters = $this->Log->logMeta;
if (!$this->_isSiteAdmin()) {
if ($this->_isSiteAdmin()) {
$validFilters = array_merge_recursive($validFilters, $this->Log->logMetaAdmin);
}
else if (!$this->_isSiteAdmin() && $this->_isAdmin()) {
// ORG admins can see their own org info
$orgRestriction = $this->Auth->user('Organisation')['name'];
$conditions['Log.org'] = $orgRestriction;
$this->paginate['conditions'] = $conditions;
} else {
$validFilters = array_merge_recursive($validFilters, $this->Log->logMetaAdmin);
// users can see their own info
$conditions['Log.email'] = $this->Auth->user('email');
$this->paginate['conditions'] = $conditions;
}
if (isset($this->params['named']['filter']) && in_array($this->params['named']['filter'], array_keys($validFilters))) {
$this->paginate['conditions']['Log.action'] = $validFilters[$this->params['named']['filter']]['values'];
@ -112,6 +125,12 @@ class LogsController extends AppController
}
}
public function admin_index()
{
$this->view = 'index';
$this->index();
}
// Shows a minimalistic history for the currently selected event
public function event_index($id, $org = null)
{
@ -313,7 +332,7 @@ class LogsController extends AppController
}
// set the same view as the index page
$this->render('admin_index');
$this->render('index');
}
} else {
// get from Session

5
app/Model/AppModel.php
View File

@ -83,7 +83,7 @@ class AppModel extends Model
81 => false, 82 => false, 83 => false, 84 => false, 85 => false, 86 => false,
87 => false, 88 => false, 89 => false, 90 => false, 91 => false, 92 => false,
93 => false, 94 => false, 95 => true, 96 => false, 97 => true, 98 => false,
99 => false, 100 => false, 101 => false
99 => false, 100 => false, 101 => false, 102 => false
);
const ADVANCED_UPDATES_DESCRIPTION = array(
@ -1997,6 +1997,9 @@ class AppModel extends Model
}
}
break;
case 102:
$sqlArray[] = "UPDATE roles SET perm_audit = 1;";
break;
default:
return false;
}

13
app/Model/Bruteforce.php
View File

@ -12,17 +12,19 @@ class Bruteforce extends AppModel
$ip = $this->_remoteIp();
$expire = Configure::check('SecureAuth.expire') ? Configure::read('SecureAuth.expire') : 300;
$amount = Configure::check('SecureAuth.amount') ? Configure::read('SecureAuth.amount') : 5;
$expire = time() + $expire;
$expire = date('Y-m-d H:i:s', $expire);
$expireTime = time() + $expire;
$expireTime = date('Y-m-d H:i:s', $expireTime);
$bruteforceEntry = array(
'ip' => $ip,
'username' => trim(strtolower($username)),
'expire' => $expire
'expire' => $expireTime
);
$this->save($bruteforceEntry);
$title = 'Failed login attempt using username ' . $username . ' from IP: ' . $ip . '.';
if ($this->isBlocklisted($username)) {
$title .= 'This has tripped the bruteforce protection after ' . $amount . ' failed attempts. The user is now blocklisted for ' . $expire . ' seconds.';
$change = 'This has tripped the bruteforce protection after ' . $amount . ' failed attempts. The user is now blocklisted for ' . $expire . ' seconds.';
} else {
$change = '';
}
$log = array(
'org' => 'SYSTEM',
@ -30,7 +32,8 @@ class Bruteforce extends AppModel
'model_id' => 0,
'email' => $username,
'action' => 'login_fail',
'title' => $title
'title' => $title,
'change' => $change
);
$this->Log->save($log);
}

26
app/View/Elements/genericElements/SideMenu/side_menu.ctp
View File

@ -1093,25 +1093,29 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
case 'logs':
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'url' => $baseurl . '/admin/logs/index',
'url' => $baseurl . '/logs/index',
'text' => __('Application Logs')
));
if (Configure::read('MISP.log_new_audit')) {
if (Configure::read('MISP.log_new_audit') && $isAdmin) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'listAuditLogs',
'url' => $baseurl . '/admin/audit_logs/index',
'text' => __('Audit Logs'),
));
}
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'listAccessLogs',
'url' => $baseurl . '/admin/access_logs/index',
'text' => __('Access Logs'),
));
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'url' => $baseurl . '/admin/logs/search',
'text' => __('Search Logs')
));
if ($isSiteAdmin) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'listAccessLogs',
'url' => $baseurl . '/admin/access_logs/index',
'text' => __('Access Logs'),
));
}
if ($isAdmin) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'url' => $baseurl . '/admin/logs/search',
'text' => __('Search Logs')
));
}
break;
case 'threads':

6
app/View/Elements/global_menu.ctp
View File

@ -487,20 +487,22 @@
'children' => array(
array(
'text' => __('Application Logs'),
'url' => $baseurl . '/admin/logs/index'
'url' => $baseurl . '/logs/index'
),
array(
'text' => __('Audit Logs'),
'url' => $baseurl . '/admin/audit_logs/index',
'requirement' => Configure::read('MISP.log_new_audit'),
'requirement' => Configure::read('MISP.log_new_audit') && $isAdmin,
),
array(
'text' => __('Access Logs'),
'url' => $baseurl . '/admin/access_logs/index',
'requirement' => $isSiteAdmin
),
array(
'text' => __('Search Logs'),
'url' => $baseurl . '/admin/logs/search',
'requirement' => $isAdmin
)
)
),

8
app/View/Logs/admin_index.ctp → app/View/Logs/index.ctp
View File

@ -46,12 +46,12 @@
'text' => h($filterData['name']),
'title' => __('Modify filters'),
'active' => isset($filter) && $filterName === $filter,
'url' => $baseurl . '/admin/logs/index/filter:' . h($filterName)
'url' => $baseurl . '/logs/index/filter:' . h($filterName)
);
}
$data['children'][0]['children'][] = array(
'requirement' => !empty($filter),
'url' => $baseurl . '/admin/logs/index',
'url' => $baseurl . '/logs/index',
'title' => __('Remove filters'),
'fa-icon' => 'times'
);
@ -75,7 +75,7 @@
<td class="short"><?php echo h($item['Log']['id']); ?>&nbsp;</td>
<?php
if (Configure::read('MISP.log_client_ip')) {
echo '<td>';
echo '<td class="short">';
if (isset($ipSearch) && $ipSearch != null) echo nl2br($this->Highlight->highlighter(h($item['Log']['ip']), $ipSearchReplacePairs));
else echo h($item['Log']['ip']);
echo '</td>';
@ -97,7 +97,7 @@
<td class="short"><?php
if (isset($actionSearch) && $actionSearch != "ALL") echo nl2br($this->Highlight->highlighter(h($item['Log']['action']), $actionSearchReplacePairs));
else echo (h($item['Log']['action'])); ?>&nbsp;</td>
<td class="short"><?php
<td><?php
if (isset($titleSearch) && $titleSearch != null) echo nl2br($this->Highlight->highlighter(h($item['Log']['title']), $titleSearchReplacePairs));
else echo nl2br(h($item['Log']['title'])); ?>&nbsp;</td>
<td><?php

10
app/View/Users/view.ctp
View File

@ -130,7 +130,7 @@
'js' => array('vis', 'jquery-ui.min', 'network-distribution-graph')
));
echo sprintf(
'<div class="users view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s<div style="margin-top:20px;">%s%s</div></div>',
'<div class="users view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s%s<div style="margin-top:20px;">%s%s</div></div>',
sprintf(
'<h2>%s</h2>%s',
__('User %s', h($user['User']['email'])),
@ -145,6 +145,14 @@
),
__('Download user profile for data portability')
),
sprintf(
'&nbsp;<a href="%s" class="btn btn-inverse">%s</a>',
sprintf(
'%s/logs/index',
$baseurl
),
__('Review user logs')
),
$me['Role']['perm_auth'] ? $this->element('/genericElements/accordion', array('title' => __('Auth keys'), 'url' => '/auth_keys/index/' . h($user['User']['id']))) : '',
$this->element('/genericElements/accordion', array('title' => 'Events', 'url' => '/events/index/searchemail:' . urlencode(h($user['User']['email']))))
);