mirror of https://github.com/MISP/MISP
Merge pull request #6749 from JakubOnderka/hide-orgs-from-sg
Hide orgs from sharing group viewpull/6772/head
commit
97dbe0b4ba
|
@ -21,12 +21,11 @@ class ObjectTemplatesController extends AppController
|
|||
|
||||
public function objectMetaChoice($event_id)
|
||||
{
|
||||
$metas = $this->ObjectTemplate->find('all', array(
|
||||
'recursive' => -1,
|
||||
$metas = $this->ObjectTemplate->find('column', array(
|
||||
'conditions' => array('ObjectTemplate.active' => 1),
|
||||
'fields' => array('meta-category'),
|
||||
'group' => array('ObjectTemplate.meta-category'),
|
||||
'order' => array('ObjectTemplate.meta-category asc')
|
||||
'fields' => array('ObjectTemplate.meta-category'),
|
||||
'order' => array('ObjectTemplate.meta-category asc'),
|
||||
'unique' => true,
|
||||
));
|
||||
|
||||
$eventId = h($event_id);
|
||||
|
@ -35,7 +34,6 @@ class ObjectTemplatesController extends AppController
|
|||
'value' => $this->baseurl . "/ObjectTemplates/objectChoice/$eventId/0"
|
||||
]];
|
||||
foreach ($metas as $meta) {
|
||||
$meta = $meta['ObjectTemplate']['meta-category'];
|
||||
$items[] = array(
|
||||
'name' => $meta,
|
||||
'value' => $this->baseurl . "/ObjectTemplates/objectChoice/$eventId/" . h($meta)
|
||||
|
|
|
@ -288,6 +288,16 @@ class SharingGroupsController extends AppController
|
|||
'LOWER(Organisation.name) LIKE' => $term,
|
||||
];
|
||||
}
|
||||
|
||||
// To allow sort sharing group by number of organisation and also show org count when user don't have permission ot see them
|
||||
$this->SharingGroup->addCountField('org_count', $this->SharingGroup->SharingGroupOrg, ['SharingGroupOrg.sharing_group_id = SharingGroup.id']);
|
||||
$this->paginate['fields'][] = 'SharingGroup.org_count';
|
||||
|
||||
if (!$this->__showOrgs()) {
|
||||
unset($this->paginate['contain']['SharingGroupOrg']);
|
||||
unset($this->paginate['contain']['SharingGroupServer']);
|
||||
}
|
||||
|
||||
$result = $this->paginate();
|
||||
|
||||
// check if the current user can modify or delete the SG
|
||||
|
@ -331,21 +341,30 @@ class SharingGroupsController extends AppController
|
|||
if (!$this->SharingGroup->checkIfAuthorised($this->Auth->user(), $id)) {
|
||||
throw new MethodNotAllowedException('Sharing group doesn\'t exist or you do not have permission to access it.');
|
||||
}
|
||||
$sg = $this->SharingGroup->find('first', [
|
||||
'conditions' => Validation::uuid($id) ? ['SharingGroup.uuid' => $id] : ['SharingGroup.id' => $id],
|
||||
'contain' => array(
|
||||
'SharingGroupOrg' => array(
|
||||
'Organisation' => array(
|
||||
'fields' => array('id', 'name', 'uuid', 'local')
|
||||
)
|
||||
),
|
||||
'Organisation',
|
||||
'SharingGroupServer' => array(
|
||||
'Server' => array(
|
||||
'fields' => array('id', 'name', 'url')
|
||||
)
|
||||
|
||||
$contain = array(
|
||||
'Organisation',
|
||||
'SharingGroupOrg' => array(
|
||||
'Organisation' => array(
|
||||
'fields' => array('id', 'name', 'uuid', 'local')
|
||||
)
|
||||
),
|
||||
'SharingGroupServer' => array(
|
||||
'Server' => array(
|
||||
'fields' => array('id', 'name', 'url')
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
if (!$this->__showOrgs()) {
|
||||
unset($contain['SharingGroupOrg']);
|
||||
unset($contain['SharingGroupServer']);
|
||||
$this->SharingGroup->addCountField('org_count', $this->SharingGroup->SharingGroupOrg, ['SharingGroupOrg.sharing_group_id = SharingGroup.id']);
|
||||
}
|
||||
|
||||
$sg = $this->SharingGroup->find('first', [
|
||||
'conditions' => Validation::uuid($id) ? ['SharingGroup.uuid' => $id] : ['SharingGroup.id' => $id],
|
||||
'contain' => $contain,
|
||||
]);
|
||||
if (isset($sg['SharingGroupServer'])) {
|
||||
foreach ($sg['SharingGroupServer'] as $key => $sgs) {
|
||||
|
@ -577,4 +596,12 @@ class SharingGroupsController extends AppController
|
|||
return $this->RestResponse->saveFailResponse('SharingGroup', $action, false, $object_type . ' could not be ' . $actionType . ' the sharing group.', $this->response->type());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return bool
|
||||
*/
|
||||
private function __showOrgs()
|
||||
{
|
||||
return $this->Auth->user()['Role']['perm_sharing_group'] || !Configure::read('Security.hide_organisations_in_sharing_groups');
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,12 +1,15 @@
|
|||
<?php
|
||||
class DistributionGraphTool
|
||||
{
|
||||
private $__user = false;
|
||||
/** @var array */
|
||||
private $__user;
|
||||
private $__json = array();
|
||||
/** @var Event */
|
||||
private $__eventModel;
|
||||
/** @var Organisation */
|
||||
private $__organisationModel;
|
||||
/** @var array */
|
||||
private $__serverList;
|
||||
|
||||
public function construct(Event $eventModel, array $servers, array $user, $extended_view=0)
|
||||
{
|
||||
|
@ -76,27 +79,27 @@ class DistributionGraphTool
|
|||
$this->__addAdditionalDistributionInfo(3, "All other communities"); // add current community
|
||||
|
||||
// connected
|
||||
$servers = $this->__serverList;
|
||||
$this->__addAdditionalDistributionInfo(2, "This community"); // add current community
|
||||
foreach ($servers as $server) {
|
||||
foreach ($this->__serverList as $server) {
|
||||
$this->__addAdditionalDistributionInfo(2, $server);
|
||||
}
|
||||
|
||||
// community
|
||||
$orgConditions = $this->__organisationModel->createConditions($this->__user);
|
||||
$orgConditions['local'] = true;
|
||||
$orgs = $this->__organisationModel->find('list', array(
|
||||
'fields' => array('name'),
|
||||
'conditions' => array('local' => true)
|
||||
'fields' => ['id', 'name'],
|
||||
'conditions' => $orgConditions,
|
||||
));
|
||||
$thisOrg = $this->__user['Organisation']['name'];
|
||||
$this->__addAdditionalDistributionInfo(1, $thisOrg); // add current community
|
||||
foreach ($orgs as $org) {
|
||||
if ($thisOrg != $org) {
|
||||
$this->__addAdditionalDistributionInfo(1, $org);
|
||||
foreach ($orgs as $orgId => $orgName) {
|
||||
if ($thisOrg != $orgName) {
|
||||
$this->__addAdditionalDistributionInfo(1, $orgName);
|
||||
}
|
||||
}
|
||||
|
||||
// org only
|
||||
$thisOrg = $this->__user['Organisation']['name'];
|
||||
$this->__addAdditionalDistributionInfo(0, $thisOrg); // add current community
|
||||
}
|
||||
|
||||
|
|
|
@ -55,6 +55,7 @@ class AppModel extends Model
|
|||
parent::__construct($id, $table, $ds);
|
||||
|
||||
$this->name = get_class($this);
|
||||
$this->findMethods['column'] = true;
|
||||
}
|
||||
|
||||
// deprecated, use $db_changes
|
||||
|
@ -3017,6 +3018,66 @@ class AppModel extends Model
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Find method that allows to fetch just one column from database.
|
||||
* @param $state
|
||||
* @param $query
|
||||
* @param array $results
|
||||
* @return array|mixed
|
||||
* @throws Exception
|
||||
*/
|
||||
protected function _findColumn($state, $query, $results = array())
|
||||
{
|
||||
if ($state === 'before') {
|
||||
if (count($query['fields']) === 1) {
|
||||
if (strpos($query['fields'][0], '.') === false) {
|
||||
$query['fields'][0] = $this->alias . '.' . $query['fields'][0];
|
||||
}
|
||||
|
||||
$query['column'] = $query['fields'][0];
|
||||
if (isset($query['unique']) && $query['unique']) {
|
||||
$query['fields'] = array("DISTINCT {$query['fields'][0]}");
|
||||
} else {
|
||||
$query['fields'] = array($query['fields'][0]);
|
||||
}
|
||||
} else {
|
||||
throw new Exception("Invalid number of column, expected one, " . count($query['fields']) . " given");
|
||||
}
|
||||
|
||||
if (!isset($query['recursive'])) {
|
||||
$query['recursive'] = -1;
|
||||
}
|
||||
|
||||
return $query;
|
||||
}
|
||||
|
||||
// Faster version of `Hash::extract`
|
||||
foreach (explode('.', $query['column']) as $part) {
|
||||
$results = array_column($results, $part);
|
||||
}
|
||||
return $results;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $field
|
||||
* @param AppModel $model
|
||||
* @param array $conditions
|
||||
*/
|
||||
public function addCountField($field, AppModel $model, array $conditions)
|
||||
{
|
||||
$db = $this->getDataSource();
|
||||
$subQuery = $db->buildStatement(
|
||||
array(
|
||||
'fields' => ['COUNT(*)'],
|
||||
'table' => $db->fullTableName($model),
|
||||
'alias' => $model->alias,
|
||||
'conditions' => $conditions,
|
||||
),
|
||||
$model
|
||||
);
|
||||
$this->virtualFields[$field] = $subQuery;
|
||||
}
|
||||
|
||||
/**
|
||||
* Log exception with backtrace and with nested exceptions.
|
||||
*
|
||||
|
|
|
@ -2048,11 +2048,11 @@ class Attribute extends AppModel
|
|||
}
|
||||
}
|
||||
|
||||
$ipList = $this->find('list', array(
|
||||
$ipList = $this->find('column', array(
|
||||
'conditions' => $conditions,
|
||||
'group' => 'value1', // return just unique values
|
||||
'fields' => array('value1'),
|
||||
'order' => false
|
||||
'fields' => ['Attribute.value1'],
|
||||
'unique' => true,
|
||||
'order' => false,
|
||||
));
|
||||
foreach ($ipList as $ipToCheck) {
|
||||
$ipToCheckVersion = filter_var($ipToCheck, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? 4 : 6;
|
||||
|
@ -3981,13 +3981,13 @@ class Attribute extends AppModel
|
|||
|
||||
private function __getCIDRList()
|
||||
{
|
||||
return $this->find('list', array(
|
||||
return $this->find('column', array(
|
||||
'conditions' => array(
|
||||
'type' => array('ip-src', 'ip-dst'),
|
||||
'value1 LIKE' => '%/%'
|
||||
),
|
||||
'fields' => array('value1'),
|
||||
'group' => array('value1', 'id'), // return just unique value
|
||||
'fields' => array('Attribute.value1'),
|
||||
'unique' => true,
|
||||
'order' => false
|
||||
));
|
||||
}
|
||||
|
|
|
@ -843,18 +843,16 @@ class Event extends AppModel
|
|||
// ii. Atttibute has a distribution between 1-3 (community only, connected communities, all orgs)
|
||||
// iii. Attribute has a sharing group that the user is accessible to view
|
||||
$conditionsCorrelation = $this->__buildEventConditionsCorrelation($user, $eventId, $sgids);
|
||||
$correlations = $this->Correlation->find('list', array(
|
||||
'fields' => array('Correlation.event_id', 'Correlation.event_id'),
|
||||
'conditions' => $conditionsCorrelation,
|
||||
'recursive' => 0,
|
||||
'group' => 'Correlation.event_id',
|
||||
'order' => array('Correlation.event_id DESC')));
|
||||
$relatedEventIds = $this->Correlation->find('column', array(
|
||||
'fields' => array('Correlation.event_id'),
|
||||
'conditions' => $conditionsCorrelation,
|
||||
'unique' => true,
|
||||
));
|
||||
|
||||
if (empty($correlations)) {
|
||||
if (empty($relatedEventIds)) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$relatedEventIds = array_values($correlations);
|
||||
// now look up the event data for these attributes
|
||||
$conditions = $this->createEventConditions($user);
|
||||
$conditions['AND'][] = array('Event.id' => $relatedEventIds);
|
||||
|
|
|
@ -486,6 +486,7 @@ class Organisation extends AppModel
|
|||
/**
|
||||
* Hide organisation view from users if they haven't yet contributed data and Security.hide_organisation_index_from_users is enabled
|
||||
*
|
||||
* @see Organisation::canSee if you want to check multiple orgs
|
||||
* @param array $user
|
||||
* @param int $orgId
|
||||
* @return bool
|
||||
|
@ -521,6 +522,43 @@ class Organisation extends AppModel
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create conditions for fetching orgs based on user permission.
|
||||
* @see Organisation::canSee if you want to check just one org
|
||||
* @param array $user
|
||||
* @return array|array[]
|
||||
*/
|
||||
public function createConditions(array $user)
|
||||
{
|
||||
if (!$user['Role']['perm_sharing_group'] && Configure::read('Security.hide_organisation_index_from_users')) {
|
||||
$allowedOrgs = [$user['org_id']];
|
||||
|
||||
$eventConditions = $this->Event->createEventConditions($user);
|
||||
$orgsWithEvent = $this->Event->find('column', [
|
||||
'fields' => ['Event.orgc_id'],
|
||||
'conditions' => $eventConditions,
|
||||
'unique' => true,
|
||||
]);
|
||||
$allowedOrgs = array_merge($allowedOrgs, $orgsWithEvent);
|
||||
|
||||
$proposalConditions = $this->Event->ShadowAttribute->buildConditions($user);
|
||||
// Do not check orgs that we already can see
|
||||
$proposalConditions['AND'][]['NOT'] = ['ShadowAttribute.org_id' => $allowedOrgs];
|
||||
$orgsWithProposal = $this->Event->ShadowAttribute->find('column', [
|
||||
'fields' => ['ShadowAttribute.org_id'],
|
||||
'conditions' => $proposalConditions,
|
||||
'contain' => ['Event', 'Attribute'],
|
||||
'unique' => true,
|
||||
'order' => false,
|
||||
]);
|
||||
|
||||
$allowedOrgs = array_merge($allowedOrgs, $orgsWithProposal);
|
||||
return ['AND' => ['id' => $allowedOrgs]];
|
||||
}
|
||||
|
||||
return [];
|
||||
}
|
||||
|
||||
private function getCountryGalaxyCluster()
|
||||
{
|
||||
static $list;
|
||||
|
|
|
@ -1558,6 +1558,15 @@ class Server extends AppModel
|
|||
'type' => 'boolean',
|
||||
'null' => true
|
||||
),
|
||||
'hide_organisations_in_sharing_groups' => [
|
||||
'level' => self::SETTING_RECOMMENDED,
|
||||
'description' => __('Enabling this setting will block the organisation list from being visible in sharing group besides user with sharing group permission.'),
|
||||
'value' => false,
|
||||
'errorMessage' => '',
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
'null' => true
|
||||
],
|
||||
'disable_local_feed_access' => array(
|
||||
'level' => 0,
|
||||
'description' => __('Disabling this setting will allow the creation/modification of local feeds (as opposed to network feeds). Enabling this setting will restrict feed sources to be network based only. When disabled, keep in mind that a malicious site administrator could get access to any arbitrary file on the system that the apache user has access to. Make sure that proper safe-guards are in place. This setting can only be modified via the CLI.'),
|
||||
|
|
|
@ -481,13 +481,13 @@ class ShadowAttribute extends AppModel
|
|||
*/
|
||||
public function getEventContributors($eventId)
|
||||
{
|
||||
$orgs = $this->find('all', array(
|
||||
'fields' => array('DISTINCT(ShadowAttribute.org_id)'),
|
||||
$orgIds = $this->find('column', array(
|
||||
'fields' => array('ShadowAttribute.org_id'),
|
||||
'conditions' => array('event_id' => $eventId),
|
||||
'recursive' => -1,
|
||||
'unique' => true,
|
||||
'order' => false
|
||||
));
|
||||
if (empty($orgs)) {
|
||||
if (empty($orgIds)) {
|
||||
return [];
|
||||
}
|
||||
|
||||
|
@ -495,8 +495,8 @@ class ShadowAttribute extends AppModel
|
|||
return $this->Organisation->find('list', array(
|
||||
'recursive' => -1,
|
||||
'fields' => array('id', 'name'),
|
||||
'conditions' => array('Organisation.id' => Hash::extract($orgs, "{n}.ShadowAttribute.org_id")))
|
||||
);
|
||||
'conditions' => array('Organisation.id' => $orgIds)
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -145,11 +145,10 @@ class SharingGroup extends AppModel
|
|||
}
|
||||
|
||||
if ($user['Role']['perm_site_admin']) {
|
||||
$ids = array_values($this->find('list', array(
|
||||
'recursive' => -1,
|
||||
$ids = $this->find('column', array(
|
||||
'fields' => array('id'),
|
||||
'conditions' => $conditions
|
||||
)));
|
||||
));
|
||||
} else {
|
||||
$ids = array_unique(array_merge(
|
||||
$this->SharingGroupServer->fetchAllAuthorised(),
|
||||
|
@ -204,13 +203,20 @@ class SharingGroup extends AppModel
|
|||
} elseif ($scope === 'distribution_graph') {
|
||||
// Specific scope that fetch just necessary information for distribution graph
|
||||
// @see DistributionGraphTool
|
||||
$canSeeOrgs = $user['Role']['perm_sharing_group'] || !Configure::read('Security.hide_organisations_in_sharing_groups');
|
||||
$sgs = $this->find('all', array(
|
||||
'contain' => ['SharingGroupOrg' => ['org_id']],
|
||||
'contain' => $canSeeOrgs ? ['SharingGroupOrg' => ['org_id']] : [],
|
||||
'conditions' => $conditions,
|
||||
'fields' => ['SharingGroup.id', 'SharingGroup.name', 'SharingGroup.org_id'],
|
||||
'order' => 'SharingGroup.name ASC'
|
||||
));
|
||||
return $this->appendOrgsAndServers($sgs, ['id', 'name'], []);
|
||||
if ($canSeeOrgs) {
|
||||
return $this->appendOrgsAndServers($sgs, ['id', 'name'], []);
|
||||
}
|
||||
foreach ($sgs as &$sg) {
|
||||
$sg['SharingGroupOrg'] = [];
|
||||
}
|
||||
return $sgs;
|
||||
} elseif ($scope === 'name') {
|
||||
$sgs = $this->find('list', array(
|
||||
'recursive' => -1,
|
||||
|
@ -241,8 +247,10 @@ class SharingGroup extends AppModel
|
|||
{
|
||||
$orgsToFetch = [];
|
||||
$serverToFetch = [];
|
||||
foreach($sharingGroups as $sg) {
|
||||
$orgsToFetch[$sg['SharingGroup']['org_id']] = true;
|
||||
foreach ($sharingGroups as $sg) {
|
||||
if (isset($sg['SharingGroup']['org_id'])) {
|
||||
$orgsToFetch[$sg['SharingGroup']['org_id']] = true;
|
||||
}
|
||||
if (isset($sg['SharingGroupOrg'])) {
|
||||
foreach ($sg['SharingGroupOrg'] as $sgo) {
|
||||
$orgsToFetch[$sgo['org_id']] = true;
|
||||
|
@ -283,7 +291,7 @@ class SharingGroup extends AppModel
|
|||
}
|
||||
|
||||
foreach ($sharingGroups as &$sg) {
|
||||
if (isset($orgsById[$sg['SharingGroup']['org_id']])) {
|
||||
if (isset($sg['SharingGroup']['org_id']) && isset($orgsById[$sg['SharingGroup']['org_id']])) {
|
||||
$sg['Organisation'] = $orgsById[$sg['SharingGroup']['org_id']];
|
||||
}
|
||||
|
||||
|
|
|
@ -6,6 +6,17 @@ echo $this->element('/genericElements/IndexTable/index_table', array(
|
|||
'data' => $sharingGroups,
|
||||
'top_bar' => array(
|
||||
'children' => array(
|
||||
array(
|
||||
'type' => 'simple',
|
||||
'children' => array(
|
||||
array(
|
||||
'text' => __('Add'),
|
||||
'fa-icon' => 'plus',
|
||||
'url' => $baseurl . '/sharing_groups/add',
|
||||
'requirement' => $isAclSharingGroup,
|
||||
)
|
||||
)
|
||||
),
|
||||
array(
|
||||
'type' => 'simple',
|
||||
'children' => array(
|
||||
|
@ -68,36 +79,42 @@ echo $this->element('/genericElements/IndexTable/index_table', array(
|
|||
),
|
||||
array(
|
||||
'name' => __('Org count'),
|
||||
'element' => 'custom',
|
||||
'class' => 'short',
|
||||
'function' => function (array $sharingGroup) {
|
||||
echo count($sharingGroup['SharingGroupOrg']);
|
||||
}
|
||||
'sort' => 'SharingGroup.org_count',
|
||||
'data_path' => 'SharingGroup.org_count',
|
||||
),
|
||||
array(
|
||||
'name' => __('Releasable to'),
|
||||
'element' => 'custom',
|
||||
'function' => function (array $sharingGroup) use ($baseurl) {
|
||||
$combined = __("Organisations:");
|
||||
if (empty($sharingGroup['SharingGroupOrg'])) $combined .= "<br>N/A";
|
||||
foreach ($sharingGroup['SharingGroupOrg'] as $sge) {
|
||||
if (!empty($sge['Organisation'])) {
|
||||
$combined .= "<br><a href='" . $baseurl . "/organisation/view/" . h($sge['Organisation']['id']) . "'>" . h($sge['Organisation']['name']) . "</a>";
|
||||
if ($sge['extend']) $combined .= ' (can extend)';
|
||||
if (empty($sharingGroup['SharingGroupOrg'])) {
|
||||
$combined .= "<br>N/A";
|
||||
} else {
|
||||
foreach ($sharingGroup['SharingGroupOrg'] as $sge) {
|
||||
if (!empty($sge['Organisation'])) {
|
||||
$combined .= "<br><a href='" . $baseurl . "/organisation/view/" . h($sge['Organisation']['id']) . "'>" . h($sge['Organisation']['name']) . "</a>";
|
||||
if ($sge['extend']) {
|
||||
$combined .= ' (can extend)';
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$combined .= '<hr style="margin:5px 0;"><br>Instances:';
|
||||
if (empty($sharingGroup['SharingGroupServer'])) $combined .= "<br>N/A";
|
||||
foreach ($sharingGroup['SharingGroupServer'] as $sgs) {
|
||||
if ($sgs['server_id'] != 0) {
|
||||
$combined .= "<br><a href='" . $baseurl . "/server/view/" . h($sgs['Server']['id']) . "'>" . h($sgs['Server']['name']) . "</a>";
|
||||
} else {
|
||||
$combined .= "<br>This instance";
|
||||
}
|
||||
if ($sgs['all_orgs']) {
|
||||
$combined .= ' (all organisations)';
|
||||
} else {
|
||||
$combined .= ' (as defined above)';
|
||||
if (empty($sharingGroup['SharingGroupServer'])) {
|
||||
$combined .= "<br>N/A";
|
||||
} else {
|
||||
foreach ($sharingGroup['SharingGroupServer'] as $sgs) {
|
||||
if ($sgs['server_id'] != 0) {
|
||||
$combined .= "<br><a href='" . $baseurl . "/server/view/" . h($sgs['Server']['id']) . "'>" . h($sgs['Server']['name']) . "</a>";
|
||||
} else {
|
||||
$combined .= "<br>This instance";
|
||||
}
|
||||
if ($sgs['all_orgs']) {
|
||||
$combined .= ' (all organisations)';
|
||||
} else {
|
||||
$combined .= ' (as defined above)';
|
||||
}
|
||||
}
|
||||
} ?>
|
||||
<span data-toggle="popover" data-trigger="hover" title="<?= __('Distribution List') ?>" data-content="<?= h($combined) ?>">
|
||||
|
|
|
@ -25,6 +25,12 @@ $tableData[] = [
|
|||
'key' => __('Events'),
|
||||
'html' => '<a href="' . $eventsLink . '">' . __n('%s event', '%s events', $sg['SharingGroup']['event_count'], $sg['SharingGroup']['event_count']) . '</a>',
|
||||
];
|
||||
if (isset($sg['SharingGroup']['org_count'])) {
|
||||
$tableData[] = [
|
||||
'key' => __('Organisations'),
|
||||
'html' => __n('%s organisation', '%s organisations', $sg['SharingGroup']['org_count'], $sg['SharingGroup']['org_count']),
|
||||
];
|
||||
}
|
||||
echo $this->element('genericElements/viewMetaTable', ['table_data' => $tableData]);
|
||||
?>
|
||||
</div></div>
|
||||
|
@ -56,7 +62,7 @@ echo $this->element('genericElements/viewMetaTable', ['table_data' => $tableData
|
|||
</div>
|
||||
<?php
|
||||
endif;
|
||||
if (!$sg['SharingGroup']['roaming']):
|
||||
if (!$sg['SharingGroup']['roaming'] && isset($sg['SharingGroupServer'])):
|
||||
?>
|
||||
<div class="span6">
|
||||
<b>Instances</b>
|
||||
|
|
|
@ -4200,12 +4200,18 @@ function initPopoverContent(context) {
|
|||
}
|
||||
|
||||
function checkSharingGroup(context) {
|
||||
var $sharingGroupSelect = $('#' + context + 'SharingGroupId');
|
||||
if ($('#' + context + 'Distribution').val() == 4) {
|
||||
$('#' + context + 'SharingGroupId').show();
|
||||
$('#' + context + 'SharingGroupId').closest("div").show();
|
||||
$sharingGroupSelect.show();
|
||||
$sharingGroupSelect.closest("div").show();
|
||||
|
||||
// For sharing group select with more than 10 items, use chosen
|
||||
if ($sharingGroupSelect.find('option').length > 10) {
|
||||
$sharingGroupSelect.chosen();
|
||||
}
|
||||
} else {
|
||||
$('#' + context + 'SharingGroupId').hide();
|
||||
$('#' + context + 'SharingGroupId').closest("div").hide();
|
||||
$sharingGroupSelect.hide();
|
||||
$sharingGroupSelect.closest("div").hide();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1277,6 +1277,22 @@ class TestSecurity(unittest.TestCase):
|
|||
self.assertTrue(contains)
|
||||
self.admin_misp_connector.delete_organisation(created_org)
|
||||
|
||||
def test_org_hide_from_sharing_group(self):
|
||||
secret_org = self.__create_org()
|
||||
visible_sg = self.__create_sharing_group()
|
||||
check_response(self.admin_misp_connector.add_org_to_sharing_group(visible_sg, self.test_org.uuid))
|
||||
check_response(self.admin_misp_connector.add_org_to_sharing_group(visible_sg, secret_org.uuid))
|
||||
|
||||
logged_in = PyMISP(url, self.test_usr.authkey)
|
||||
logged_in.global_pythonify = True
|
||||
|
||||
with self.__setting("Security.hide_organisations_in_sharing_groups", True):
|
||||
sg = send(logged_in, "GET", f"/sharingGroups/view/{visible_sg.id}")
|
||||
self.assertNotIn("SharingGroupOrg", sg)
|
||||
|
||||
self.admin_misp_connector.delete_organisation(secret_org)
|
||||
self.admin_misp_connector.delete_sharing_group(visible_sg)
|
||||
|
||||
def __generate_event(self, distribution: int = 1) -> MISPEvent:
|
||||
mispevent = MISPEvent()
|
||||
mispevent.info = 'This is a super simple test'
|
||||
|
|
Loading…
Reference in New Issue