fix: [tags] More granularity for local and global add cluster buttons

2021-03-24 11:00:04 +01:00 · 2021-03-24 11:00:04 +01:00 · 84c27def91
parent 41099defb2
commit 84c27def91
7 changed files with 17 additions and 8 deletions
--- a/app/View/Elements/DecayingModels/View/row_attribute_simulation.ctp
+++ b/app/View/Elements/DecayingModels/View/row_attribute_simulation.ctp
@ -60,6 +60,7 @@
            'isSiteAdmin' => false, // prevent add button
            'isAclTagger' => false,
            'data' => !empty($object['Galaxy']) ? $object['Galaxy'] : array(),
+            'event' => $object,
            'target_id' => $object['id'],
            'target_type' => 'attribute'
        ));
--- a/app/View/Elements/Events/View/row_attribute.ctp
+++ b/app/View/Elements/Events/View/row_attribute.ctp
@ -176,6 +176,7 @@ $quickEdit = function($fieldName) use ($editScope, $object, $event) {
          'mayModify' => $mayModify,
          'isAclTagger' => $isAclTagger,
          'data' => (!empty($object['Galaxy']) ? $object['Galaxy'] : array()),
+          'event' => $event,
          'target_id' => $object['id'],
          'target_type' => 'attribute',
        ));
--- a/app/View/Elements/Events/eventIndexTable.ctp
+++ b/app/View/Elements/Events/eventIndexTable.ctp
@ -110,6 +110,7 @@
                      'mayModify' => false,
                      'isAclTagger' => false,
                      'data' => $galaxies,
+                      'event' => $event,
                      'target_id' => $event['Event']['id'],
                      'target_type' => 'event',
                      'static_tags_only' => 1
--- a/app/View/Elements/galaxyQuickViewNew.ctp
+++ b/app/View/Elements/galaxyQuickViewNew.ctp
@ -7,8 +7,15 @@ if (isset($preview) && $preview) {
 } else {
    $preview = false;
 }
+$tagAccess = ($isSiteAdmin || ($mayModify && $isAclTagger));
+if (empty($local_tag_off) || !empty($event)) {
+    $localTagAccess = ($isSiteAdmin || ($mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id'))) && $isAclTagger;
+} else {
+    $localTagAccess = false;
+}

-$editButtonsEnabled = !(isset($static_tags_only) && $static_tags_only);
+$editButtonsEnabled = empty($static_tags_only) && $tagAccess;
+$editButtonsLocalEnabled = empty($static_tags_only) && $localTagAccess && empty($local_tag_off);

 $sortClusters = function (array $clusters) {
    usort($clusters, function (array $a, array $b) {
@ -94,7 +101,7 @@ $generatePopover = function (array $cluster) use ($normalizeKey) {
            <a href="<?= $baseurl ?>/galaxy_clusters/view/<?= h($cluster['id']) ?>" class="black fa fa-search" title="<?= __('View details about this cluster') ?>" aria-label="<?= __('View cluster') ?>"></a>
            <a href="<?= $baseurl ?>/events/index/searchtag:<?= h($cluster['tag_id']) ?>" class="black fa fa-list" title="<?= __('View all events containing this cluster') ?>" aria-label="<?= __('View all events containing this cluster') ?>"></a>
            <?php endif ;?>
-            <?php if ($editButtonsEnabled && ($isSiteAdmin || ($mayModify && $isAclTagger))) {
+            <?php if ($editButtonsEnabled || ($editButtonsLocalEnabled && $cluster['local'])) {
 echo $this->Form->create(false, [
    'id' => false, // prevent duplicate ids
    'url' => $baseurl . '/galaxy_clusters/detach/' . ucfirst(h($target_id)) . '/' . h($target_type) . '/' . $cluster['tag_id'],
@ -115,7 +122,7 @@ echo $this->Form->end();
 </div>
 <?php endif; ?>
 <?php
-if ($editButtonsEnabled && ($isSiteAdmin || ($mayModify && $isAclTagger))) {
+if ($editButtonsEnabled) {
    echo sprintf(
        '<button class="%s" data-target-type="%s" data-target-id="%s" data-local="false" role="button" tabindex="0" aria-label="' . __('Add new cluster') . '" title="' . __('Add new cluster') . '">%s</button>',
        'useCursorPointer btn btn-inverse addGalaxy',
@ -125,11 +132,7 @@ if ($editButtonsEnabled && ($isSiteAdmin || ($mayModify && $isAclTagger))) {
    );
 }

-if (
-    $editButtonsEnabled &&
-    (!isset($local_tag_off) || !$local_tag_off) &&
-    ($isSiteAdmin || ($isAclTagger && $hostOrgUser))
-) {
+if ($editButtonsLocalEnabled) {
    echo sprintf(
        '<button class="%s" data-target-type="%s" data-target-id="%s" data-local="true" role="button" tabindex="0" aria-label="' . __('Add new local cluster') . '" title="' . __('Add new local cluster') . '">%s</button>',
        'useCursorPointer btn btn-inverse addGalaxy',
--- a/app/View/Events/ajax/ajaxGalaxies.ctp
+++ b/app/View/Events/ajax/ajaxGalaxies.ctp
@ -7,6 +7,7 @@ echo $this->element('galaxyQuickViewNew', [
    'mayModify' => $mayModify,
    'isAclTagger' => $isAclTagger,
    'data' => $object['Galaxy'],
+    'event' => $object,
    'target_id' => $scope == 'event' ? $object['Event']['id'] : $object['Attribute']['id'],
    'target_type' => $scope
 ]);
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@ -537,6 +537,7 @@
            'mayModify' => $mayModify,
            'isAclTagger' => $isAclTagger,
            'data' => $event['Galaxy'],
+            'event' => $event,
            'target_id' => $event['Event']['id'],
            'target_type' => 'event'
        ]); ?>
--- a/app/View/Servers/preview_event.ctp
+++ b/app/View/Servers/preview_event.ctp
@ -98,6 +98,7 @@ $tableData[] = [
        <span class="title-section"><?= __('Galaxies') ?></span>
        <?= $this->element('galaxyQuickViewNew', [
            'data' => $event['Galaxy'],
+            'event' => $event,
            'preview' => true,
        ]); ?>
    </div>