mirror of https://github.com/MISP/MISP
Merge pull request #8518 from JakubOnderka/disable-key-fetching
new: [UI] Allow to disable PGP key fetchingpull/8647/head
commit
82698a5fa0
|
@ -254,6 +254,7 @@ class UsersController extends AppController
|
|||
$this->set('id', $id);
|
||||
$this->set('canChangePassword', $this->__canChangePassword());
|
||||
$this->set('canChangeLogin', $this->__canChangeLogin());
|
||||
$this->set('canFetchPgpKey', $this->__canFetchPgpKey());
|
||||
}
|
||||
|
||||
public function change_pw()
|
||||
|
@ -824,6 +825,7 @@ class UsersController extends AppController
|
|||
$this->set('default_role_id', $default_role_id);
|
||||
$this->set('servers', $servers);
|
||||
$this->set(compact('roles', 'syncRoles'));
|
||||
$this->set('canFetchPgpKey', $this->__canFetchPgpKey());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1077,6 +1079,7 @@ class UsersController extends AppController
|
|||
$this->set(compact('roles', 'syncRoles'));
|
||||
$this->set('canChangeLogin', $this->__canChangeLogin());
|
||||
$this->set('canChangePassword', $this->__canChangePassword());
|
||||
$this->set('canFetchPgpKey', $this->__canFetchPgpKey());
|
||||
}
|
||||
|
||||
public function admin_delete($id = null)
|
||||
|
@ -2361,7 +2364,10 @@ class UsersController extends AppController
|
|||
|
||||
public function searchGpgKey($email = false)
|
||||
{
|
||||
session_abort();
|
||||
$this->_closeSession();
|
||||
if (!$this->__canFetchPgpKey()) {
|
||||
throw new ForbiddenException(__('Key fetching is disabled.'));
|
||||
}
|
||||
if (!$email) {
|
||||
throw new NotFoundException('No email provided.');
|
||||
}
|
||||
|
@ -2376,6 +2382,9 @@ class UsersController extends AppController
|
|||
|
||||
public function fetchGpgKey($fingerprint = null)
|
||||
{
|
||||
if (!$this->__canFetchPgpKey()) {
|
||||
throw new ForbiddenException(__('Key fetching is disabled.'));
|
||||
}
|
||||
if (!$fingerprint) {
|
||||
throw new NotFoundException('No fingerprint provided.');
|
||||
}
|
||||
|
@ -2383,7 +2392,7 @@ class UsersController extends AppController
|
|||
if (!$key) {
|
||||
throw new NotFoundException('No key with given fingerprint found.');
|
||||
}
|
||||
return new CakeResponse(array('body' => $key));
|
||||
return new CakeResponse(['body' => $key]);
|
||||
}
|
||||
|
||||
public function getGpgPublicKey()
|
||||
|
@ -2851,4 +2860,12 @@ class UsersController extends AppController
|
|||
$body = str_replace('$contact', Configure::read('MISP.contact'), $body);
|
||||
return $body;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return bool
|
||||
*/
|
||||
private function __canFetchPgpKey()
|
||||
{
|
||||
return !Configure::read('GnuPG.key_fetching_disabled');
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6004,7 +6004,14 @@ class Server extends AppModel
|
|||
'value' => false,
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
)
|
||||
),
|
||||
'key_fetching_disabled' => [
|
||||
'level' => self::SETTING_OPTIONAL,
|
||||
'description' => __('When disabled, user could not fetch his PGP key from CIRCL key server. Key fetching requires internet connection.'),
|
||||
'value' => false,
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
],
|
||||
),
|
||||
'SMIME' => array(
|
||||
'branch' => 1,
|
||||
|
|
|
@ -74,10 +74,14 @@
|
|||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->Form->input('gpgkey', array('label' => __('PGP key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s PGP key here or try to retrieve it from the CIRCL key server by clicking on "Fetch PGP key" below.')));
|
||||
$placeholder = $canFetchPgpKey ? __('Paste the user\'s PGP key here or try to retrieve it from the CIRCL key server by clicking on "Fetch PGP key" below.')
|
||||
: __('Paste the user\'s PGP key here');
|
||||
echo $this->Form->input('gpgkey', array('label' => __('PGP key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => $placeholder));
|
||||
if ($canFetchPgpKey):
|
||||
?>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?php echo __('Fetch the user\'s PGP key');?>" onClick="lookupPGPKey('UserEmail');" class="btn btn-inverse" style="margin-bottom:10px;"><?php echo __('Fetch PGP key');?></span></div>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?php echo __('Fetch the user\'s PGP key');?>" onclick="lookupPGPKey();" class="btn btn-inverse" style="margin-bottom:10px;"><?php echo __('Fetch PGP key');?></span></div>
|
||||
<?php
|
||||
endif;
|
||||
if (Configure::read('SMIME.enabled')) echo $this->Form->input('certif_public', array('label' => __('S/MIME Public certificate (PEM format)'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s S/MIME public key in PEM format here.')));
|
||||
?>
|
||||
<div class="user-edit-checkboxes" style="margin-bottom: 1em">
|
||||
|
|
|
@ -77,10 +77,14 @@
|
|||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->Form->input('gpgkey', array('label' => __('PGP key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s PGP key here or try to retrieve it from the CIRCL key server by clicking on "Fetch PGP key" below.')));
|
||||
$placeholder = $canFetchPgpKey ? __('Paste the user\'s PGP key here or try to retrieve it from the CIRCL key server by clicking on "Fetch PGP key" below.')
|
||||
: __('Paste the user\'s PGP key here');
|
||||
echo $this->Form->input('gpgkey', array('label' => __('PGP key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => $placeholder));
|
||||
if ($canFetchPgpKey):
|
||||
?>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?php echo __('Fetch the user\'s PGP key');?>" onClick="lookupPGPKey('UserEmail');" class="btn btn-inverse" style="margin-bottom:10px;"><?php echo __('Fetch PGP key');?></span></div>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?php echo __('Fetch the user\'s PGP key');?>" onclick="lookupPGPKey();" class="btn btn-inverse" style="margin-bottom:10px;"><?= __('Fetch PGP key');?></span></div>
|
||||
<?php
|
||||
endif;
|
||||
if (Configure::read('SMIME.enabled')) {
|
||||
echo $this->Form->input('certif_public', array('label' => __('S/MIME Public certificate (PEM format)'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s S/MIME public key in PEM format here.')));
|
||||
}
|
||||
|
|
|
@ -22,10 +22,14 @@
|
|||
?>
|
||||
<div class="input clear"></div>
|
||||
<?php
|
||||
echo $this->Form->input('gpgkey', array('label' => __('PGP key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s PGP key here or try to retrieve it from the CIRCL key server by clicking on "Fetch PGP key" below.')));
|
||||
$placeholder = $canFetchPgpKey ? __('Paste yours PGP key here or try to retrieve it from the CIRCL key server by clicking on "Fetch PGP key" below.') :
|
||||
__('Paste yours PGP key here');
|
||||
echo $this->Form->input('gpgkey', array('label' => __('PGP key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => $placeholder));
|
||||
if ($canFetchPgpKey):
|
||||
?>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?php echo __('Fetch PGP key');?>" onClick="lookupPGPKey('UserEmail');" class="btn btn-inverse" style="margin-bottom:10px;"><?php echo __('Fetch PGP key');?></span></div>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?= __('Fetch PGP key');?>" onclick="lookupPGPKey();" class="btn btn-inverse" style="margin-bottom:10px;"><?= __('Fetch PGP key');?></span></div>
|
||||
<?php
|
||||
endif;
|
||||
if (Configure::read('SMIME.enabled')) {
|
||||
echo $this->Form->input('certif_public', array('label' => __('S/MIME Public certificate (PEM format)'), 'div' => 'clear', 'class' => 'input-xxlarge'));
|
||||
}
|
||||
|
@ -58,4 +62,3 @@
|
|||
$user['User']['id'] = $id;
|
||||
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'globalActions', 'menuItem' => 'edit', 'user' => $user));
|
||||
?>
|
||||
<?php echo $this->Js->writeBuffer();
|
||||
|
|
|
@ -3515,8 +3515,8 @@ function gpgSelect(fingerprint) {
|
|||
});
|
||||
}
|
||||
|
||||
function lookupPGPKey(emailFieldName) {
|
||||
var email = $('#' + emailFieldName).val();
|
||||
function lookupPGPKey() {
|
||||
var email = $('#UserEmail').val();
|
||||
simplePopup(baseurl + "/users/searchGpgKey/" + email);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue