MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

First finished version

pull/953/head
Iglocska 2016-02-12 05:47:06 +01:00
parent c834715aae
commit a1ffdc7790
24 changed files with 805 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
app/Controller/AppController.php
View File

@ -278,13 +278,22 @@ class AppController extends Controller {
}
$this->debugMode = 'debugOff';
if (Configure::read('debug') > 1) $this->debugMode = 'debugOn';
// update script
$this->{$this->modelClass}->runUpdates();
$this->set('loggedInUserName', $this->__convertEmailToName($this->Auth->user('email')));
$this->set('debugMode', $this->debugMode);
$proposalCount = $this->_getProposalCount();
$this->set('proposalCount', $proposalCount[0]);
$this->set('proposalEventCount', $proposalCount[1]);
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user());
$this->set('notifications', $notifications);
$this->set('mispVersion', $this->mispVersion);
}
private function __convertEmailToName($email) {
$name = explode('@', $email);
$name = explode('.', $name[0]);
foreach ($name as &$temp) $temp = ucfirst($temp);
$name = implode(' ', $name);
return $name;
}
public function blackhole($type) {
if ($type === 'csrf') throw new BadRequestException(__d('cake_dev', $type));
@ -314,26 +323,6 @@ class AppController extends Controller {
}
return false;
}
private function _getProposalCount() {
$this->loadModel('ShadowAttribute');
$this->ShadowAttribute->recursive = -1;
$shadowAttributes = $this->ShadowAttribute->find('all', array(
'recursive' => -1,
'fields' => array('event_id', 'event_org_id'),
'conditions' => array(
'ShadowAttribute.event_org_id' => $this->Auth->user('org_id'),
'ShadowAttribute.deleted' => 0,
)));
$results = array();
$eventIds = array();
$results[0] = count($shadowAttributes);
foreach ($shadowAttributes as $sa) {
if (!in_array($sa['ShadowAttribute']['event_id'], $eventIds)) $eventIds[] = $sa['ShadowAttribute']['event_id'];
}
$results[1] = count($eventIds);
return $results;
}
/**
* Convert an array to the same array but with the values also as index instead of an interface_exists
@ -525,8 +514,4 @@ class AppController extends Controller {
$this->redirect(array('controller' => 'pages', 'action' => 'display', 'administration'));
}
}
public function test() {
$this->{$this->modelClass}->runUpdates();
}
}

134
app/Controller/EventDelegationsController.php
View File

@ -16,35 +16,135 @@ class EventDelegationsController extends AppController {
),
);
public function index() {
}
public function add() {
}
public function edit($id) {
}
public function delete($id) {
public function view($id) {
$delegation = $this->EventDelegation->find('first', array(
'conditions' => array('EventDelegation.id' => $id),
'recursive' => -1,
'contain' => array('Org', 'Event', 'RequesterOrg', 'SharingGroup'),
));
if (empty($delegation) || (!$this->_isSiteAdmin() && $this->Auth->user('org_id') != $delegation['EventDelegation']['org_id'] && $this->Auth->user('org_id') != $delegation['EventDelegation']['requester_org_id'])) throw new MethodNotAllowedException('You are not authorised to do that.');
$delegation['requested_distribution_level'] = $delegation['EventDelegation']['distribution'] == -1 ? false : $this->EventDelegation->Event->distributionLevels[$delegation['EventDelegation']['distribution']];
$this->set('delegation', $delegation);
$this->render('ajax/view');
}
public function delegateEvent($id) {
debug($this->EventDelegation->find('all'));
$event = $this->EventDelegation->Event->find('first', array(
'conditions' => array('Event.id' => $id),
'recursive' => -1,
'fields' => array('Event.id', 'Event.orgc_id', 'Event.distribution')
));
if (!$this->_isSiteAdmin() || $this->Auth->user('org_id') !== $event['Event']['orgc_id']) throw new MethodNotAllowedException('You are not authorised to do that.');
if (!$this->_isSiteAdmin() && $this->Auth->user('org_id') !== $event['Event']['orgc_id']) throw new MethodNotAllowedException('You are not authorised to do that.');
if ($event['Event']['distribution'] != 0) throw new MethodNotAllowedException('Only events with the distribution setting "Your Organisation Only" can be delegated.');
$existingDelegations = $this->EventDelegation->find('first', array('conditions' => array('event_id' => $id), 'recursive' => -1));
if (!empty($existingDelegations)) throw new MethodNotAllowedException('This event already has a pending delegation request. Please revoke that before creating a new request.');
if ($this->request->is('Post')) {
if ($this->request->data['EventDelegation']['distribution'] != 4) $this->request->data['EventDelegation']['sharing_group_id'] = '0';
$this->request->data['EventDelegation']['event_id'] = $event['Event']['id'];
$this->request->data['EventDelegation']['requester_org_id'] = $this->Auth->user('org_id');
$this->EventDelegation->create();
$this->EventDelegation->save($this->request->data['EventDelegation']);
$org = $this->EventDelegation->Event->Org->find('first', array(
'conditions' => array('id' => $this->request->data['EventDelegation']['requester_org_id']),
'recursive' => -1,
'fields' => array('name')
));
$this->Log = ClassRegistry::init('Log');
$this->Log->create();
$this->Log->save(array(
'org' => $this->Auth->user('Organisation')['name'],
'model' => 'Event',
'model_id' => $event['Event']['id'],
'email' => $this->Auth->user('email'),
'action' => 'request_delegation',
'user_id' => $this->Auth->user('id'),
'title' => 'Requested event delegation',
'change' => 'Requested the delegation of event ' . $event['Event']['id'] . ' to organisation ' . $org['Org']['name'],
));
$this->Session->setFlash('Delegation request created.');
$this->redirect('/events/view/' . $id);
} else {
$orgs = $this->EventDelegation->Event->Org->find('list', array(
'conditions' => array(
'Org.id !=' => $this->Auth->user('org_id'),
'Org.local' => 1,
),
'fields' => array('name'),
'order' => array('lower(name) ASC')
));
$distribution = $this->EventDelegation->Event->distributionLevels;
$sgs = $this->EventDelegation->Event->SharingGroup->fetchAllAuthorised($this->Auth->User, 'name', true);
if (empty($sgs)) unset($distribution[4]);
$distribution[-1] = 'Recipient decides';
$this->set('distributionOptions', array('-1' => 'Recipient decides') + $distribution);
$this->set('org', $orgs);
$this->set('sgOptions', $sgs);
$this->set('id', $id);
$this->render('ajax/delegate_event');
}
}
public function acceptDelegation($id) {
$delegation = $this->EventDelegation->find('first', array(
'conditions' => array('EventDelegation.id' => $id),
'recursive' => -1,
'contain' => array('Org', 'Event'),
));
if (empty($delegation) || (!$this->_isSiteAdmin() && $this->Auth->user('org_id') != $delegation['EventDelegation']['org_id'])) throw new MethodNotAllowedException('You are not authorised to do that.');
if ($this->request->is('post')) {
$this->Log = ClassRegistry::init('Log');
$this->Log->create();
$this->Log->save(array(
'org' => $this->Auth->user('Organisation')['name'],
'model' => 'Event',
'model_id' => $delegation['Event']['id'],
'email' => $this->Auth->user('email'),
'action' => 'accept_delegation',
'user_id' => $this->Auth->user('id'),
'title' => 'Accepted event delegation',
'change' => 'Starting the transfer of event ' . $delegation['Event']['id'] . ' to organisation ' . $this->Auth->user('Organisation')['name'],
));
$result = $this->EventDelegation->transferEvent($delegation, $this->Auth->user());
if ($result) {
$this->Log->create();
$this->Log->save(array(
'org' => $this->Auth->user('Organisation')['name'],
'model' => 'Event',
'model_id' => 0,
'email' => $this->Auth->user('email'),
'action' => 'accept_delegation',
'user_id' => $this->Auth->user('id'),
'title' => 'Completed event delegation',
'change' => 'Event ' . $delegation['Event']['id'] . ' successfully transferred to organisation ' . $this->Auth->user('Organisation')['name'],
));
$this->Session->setFlash('Event ownership transferred.');
$this->redirect(array('controller' => 'events', 'action' => 'view', $result));
} else {
$this->Session->setFlash('Something went wrong and the event could not be transferred.');
$this->redirect(array('controller' => 'Event', 'action' => 'view', $delegation['EventDelegation']['event_id']));
}
} else {
$this->set('delegationRequest', $delegation);
$this->render('ajax/accept_delegation');
}
}
public function deleteDelegation($id) {
$delegation = $this->EventDelegation->find('first', array(
'conditions' => array('EventDelegation.id' => $id),
'recursive' => -1,
'contain' => array('Org', 'Event'),
));
if (empty($delegation) || (!$this->_isSiteAdmin() && !in_array($this->Auth->user('org_id'), array($delegation['EventDelegation']['requester_org_id'], $delegation['EventDelegation']['org_id'])))) throw new MethodNotAllowedException('You are not authorised to do that.');
if ($this->request->is('post')) {
$this->EventDelegation->delete($delegation['EventDelegation']['id']);
$this->Session->setFlash('Delegation request deleted.');
$this->redirect(array('controller' => 'events', 'action' => 'view', $delegation['EventDelegation']['event_id']));
} else {
$this->set('delegationRequest', $delegation);
$this->render('ajax/delete_delegation');
}
}
}

56
app/Controller/EventsController.php
View File

@ -683,6 +683,12 @@ class EventsController extends AppController {
$this->set($variable, $currentModel->{$variable});
}
}
if (Configure::read('MISP.delegation')) {
$this->loadModel('EventDelegation');
$delegationConditions = array('EventDelegation.event_id' => $event['Event']['id']);
if (!$this->_isSiteAdmin() && $this->userRole['perm_publish']) $delegationConditions['OR'] = array('EventDelegation.org_id' => $this->Auth->user('org_id'), 'EventDelegation.requester_org_id' => $this->Auth->user('org_id'));
$this->set('delegationRequest', $this->EventDelegation->find('first', array('conditions' => $delegationConditions, 'recursive' => -1, 'contain' => array('Org', 'RequesterOrg'))));
}
$this->set('contributors', $contributors);
$this->set('typeGroups', array_keys($this->Event->Attribute->typeGroupings));
}
@ -3295,4 +3301,54 @@ class EventsController extends AppController {
}
return false;
}
public function delegation_index() {
$this->loadmodel('EventDelegation');
$delegatedEvents = $this->EventDelegation->find('list', array(
'conditions' => array('EventDelegation.org_id' => $this->Auth->user('org_id')),
'fields' => array('event_id')
));
$this->Event->contain(array('User.email', 'EventTag' => array('Tag')));
$tags = $this->Event->EventTag->Tag->find('all', array('recursive' => -1));
$tagNames = array('None');
foreach ($tags as $k => $v) {
$tagNames[$v['Tag']['id']] = $v['Tag']['name'];
}
$this->set('tags', $tagNames);
$this->paginate = array(
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
'order' => array(
'Event.timestamp' => 'DESC'
),
'contain' => array(
'Org' => array('fields' => array('id', 'name')),
'Orgc' => array('fields' => array('id', 'name')),
'SharingGroup' => array('fields' => array('id', 'name')),
'ThreatLevel' => array('fields' => array('ThreatLevel.name'))
),
'conditions' => array('Event.id' => $delegatedEvents),
);
$this->set('events', $this->paginate());
$threat_levels = $this->Event->ThreatLevel->find('all');
$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
$this->set('eventDescriptions', $this->Event->fieldDescriptions);
$this->set('analysisLevels', $this->Event->analysisLevels);
$this->set('distributionLevels', $this->Event->distributionLevels);
$shortDist = array(0 => 'Organisation', 1 => 'Community', 2 => 'Connected', 3 => 'All', 4 => ' sharing Group');
$this->set('shortDist', $shortDist);
$this->set('ajax', false);
$this->set('simple', true);
$this->Event->contain(array('User.email', 'EventTag' => array('Tag')));
$tags = $this->Event->EventTag->Tag->find('all', array('recursive' => -1));
$tagNames = array('None');
foreach ($tags as $k => $v) {
$tagNames[$v['Tag']['id']] = $v['Tag']['name'];
}
$this->set('tags', $tagNames);
$this->render('index');
}
}

20
app/Controller/UsersController.php
View File

@ -589,6 +589,11 @@ class UsersController extends AppController {
public function login() {
if ($this->Auth->login()) {
$this->__extralog("login"); // TODO Audit, __extralog, check: customLog i.s.o. __extralog, no auth user?: $this->User->customLog('login', $this->Auth->user('id'), array('title' => '','user_id' => $this->Auth->user('id'),'email' => $this->Auth->user('email'),'org' => 'IN2'));
$this->User->Behaviors->disable('SysLogLogable.SysLogLogable');
$this->User->id = $this->Auth->user('id');
$this->User->saveField('last_login', $this->Auth->user('current_login'));
$this->User->saveField('current_login', time());
$this->User->Behaviors->enable('SysLogLogable.SysLogLogable');
// TODO removed the auto redirect for now, due to security concerns - will look more into this
// $this->redirect($this->Auth->redirectUrl());
$this->redirect(array('controller' => 'events', 'action' => 'index'));
@ -634,6 +639,9 @@ class UsersController extends AppController {
'type' => 'ADMIN',
'uuid' => $this->User->Organisation->generateUuid(),
'local' => 1,
'type' => '',
'sector' => '',
'nationality' => ''
));
$this->User->Organisation->save($org);
$org_id = $this->User->Organisation->id;
@ -1075,4 +1083,16 @@ class UsersController extends AppController {
$this->layout = false;
$this->render('ajax/fetchpgpkey');
}
public function dashBoard() {
$events = array();
// the last login in the session is not updated after the login - only in the db, so let's fetch it.
$lastLogin = $this->Auth->user('last_login');
$this->loadModel('Event');
$events['changed'] = count($this->Event->fetchEventIds($this->Auth->user(), false, false, false, true, $lastLogin));
$events['published'] = count($this->Event->fetchEventIds($this->Auth->user(), false, false, false, true, false, $lastLogin));
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user());
$this->set('notifications', $notifications);
$this->set('events', $events);
}
}

7
app/Model/AdminSettingModel.php Normal file
View File

@ -0,0 +1,7 @@
<?php
App::uses('AppModel', 'Model');
class AdminSetting extends AppModel {
public $actsAs = array('Containable');
public $validate = array('setting' => 'isUnique');
}

121
app/Model/AppModel.php
View File

@ -46,11 +46,10 @@ class AppModel extends Model {
$this->name = get_class($this);
}
// major -> minor -> hotfix -> requires_logout
public $db_changes = array(
2 => array(
4 => array(
6 => 'enableEventDelegation'
)
4 => array(18 => true, 19=>false)
)
);
@ -84,6 +83,10 @@ class AppModel extends Model {
$sql = 'DELETE FROM `cake_sessions` WHERE `expires` < ' . time() . ';';
$clean = false;
break;
case 'destroyAllSessions':
$sql = 'DELETE FROM `cake_sessions`;';
$clean = false;
break;
case 'addIPLogging':
$sql = 'ALTER TABLE `logs` ADD `ip` varchar(45) COLLATE utf8_bin DEFAULT NULL;';
break;
@ -171,13 +174,26 @@ class AppModel extends Model {
}
}
break;
case 'enableEventDelegation':
case 'adminTable':
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `admin_settings` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`setting` varchar(255) COLLATE utf8_bin NOT NULL,
`value` text COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
$sqlArray[] = "INSERT INTO `admin_settings` (`setting`, `value`) VALUES ('db_version', '2.4.0')";
break;
case '2.4.18':
$sqlArray[] = "ALTER TABLE `users` ADD `current_login` INT(11) DEFAULT 0;";
$sqlArray[] = "ALTER TABLE `users` ADD `last_login` INT(11) DEFAULT 0;";
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `event_delegations` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`org_id` int(11) NOT NULL,
`requester_org_id` int(11) NOT NULL,
`event_id` int(11) NOT NULL,
`message` text,
`distribution` tinyint(4),
`distribution` tinyint(4) NOT NULL DEFAULT '-1',
`sharing_group_id` int(11),
PRIMARY KEY (`id`),
KEY `org_id` (`org_id`),
KEY `event_id` (`event_id`)
@ -286,9 +302,96 @@ class AppModel extends Model {
}
public function runUpdates() {
$adminTable = $this->query("SHOW TABLES LIKE 'administration';");
if (empty($adminTable)) $dbVersion = '2.4.0';
$currentVersion = explode('.', $this->mispVersion);
$dbVersion;
$this->AdminSetting = ClassRegistry::init('AdminSetting');
$db = ConnectionManager::getDataSource('default');
$tables = $db->listSources();
$requiresLogout = false;
// if we don't even have an admin table, time to create it.
if (!in_array('admin_settings', $tables)) {
$this->updateDatabase('adminTable');
$requiresLogout = true;
} else {
$db_version = $this->AdminSetting->find('first', array('conditions' => array('setting' => 'db_version')));
$updates = $this->__findUpgrades($db_version['AdminSetting']['value']);
if (!empty($updates)) {
foreach ($updates as $update => $temp) {
$this->updateDatabase($update);
if ($temp) $requiresLogout = true;
$db_version['AdminSetting']['value'] = $update;
$this->AdminSetting->save($db_version);
}
}
}
if ($requiresLogout) {
$this->updateDatabase('destroyAllSessions');
}
}
private function __findUpgrades($db_version) {
$version = explode('.', $db_version);
$updates = array();
foreach ($this->db_changes as $major => $rest) {
if ($major < $version[0]) continue;
else if ($major == $version[0]) {
foreach ($rest as $minor => $hotfixes) {
if ($minor < $version[1]) continue;
else if ($minor == $version[1]) {
foreach ($hotfixes as $hotfix => $requiresLogout) if ($hotfix > $version[2]) $updates[$major . '.' . $minor . '.' . $hotfix] = $requiresLogout;
} else {
foreach ($hotfixes as $hotfix => $requiresLogout) $updates[$major . '.' . $minor . '.' . $hotfix] = $requiresLogout;
}
}
} else {
// we'll fill this out when 3.0 comes around
}
}
return $updates;
}
public function populateNotifications($user) {
$notifications = array();
$proposalCount = $this->_getProposalCount($user);
$notifications['total'] = 0;
$notifications['proposalCount'] = $proposalCount[0];
$notifications['total'] += $proposalCount[0];
$notifications['proposalEventCount'] = $proposalCount[1];
if (Configure::read('MISP.delegation')) {
$delegationCount = $this->_getDelegationCount($user);
$notifications['total'] += $delegationCount;
$notifications['delegationCount'] = $delegationCount;
}
return $notifications;
}
private function _getProposalCount($user) {
$this->ShadowAttribute = ClassRegistry::init('ShadowAttribute');
$this->ShadowAttribute->recursive = -1;
$shadowAttributes = $this->ShadowAttribute->find('all', array(
'recursive' => -1,
'fields' => array('event_id', 'event_org_id'),
'conditions' => array(
'ShadowAttribute.event_org_id' => $user['org_id'],
'ShadowAttribute.deleted' => 0,
)));
$results = array();
$eventIds = array();
$results[0] = count($shadowAttributes);
foreach ($shadowAttributes as $sa) {
if (!in_array($sa['ShadowAttribute']['event_id'], $eventIds)) $eventIds[] = $sa['ShadowAttribute']['event_id'];
}
$results[1] = count($eventIds);
return $results;
}
private function _getDelegationCount($user) {
$this->EventDelegation = ClassRegistry::init('EventDelegation');
$delegations = $this->EventDelegation->find('count', array(
'recursive' => -1,
'conditions' => array(
'EventDelegation.org_id' => $user['org_id']
)
));
return $delegations;
}
}

60
app/Model/Event.php
View File

@ -982,7 +982,7 @@ class Event extends AppModel {
}
}
public function fetchEventIds($user, $from = false, $to = false, $last = false, $list = false) {
public function fetchEventIds($user, $from = false, $to = false, $last = false, $list = false, $timestamp = false, $publish_timestamp = false) {
$conditions = array();
$isSiteAdmin = $user['Role']['perm_site_admin'];
@ -1013,6 +1013,8 @@ class Event extends AppModel {
if ($from) $conditions['AND'][] = array('Event.date >=' => $from);
if ($to) $conditions['AND'][] = array('Event.date <=' => $to);
if ($last) $conditions['AND'][] = array('Event.publish_timestamp >=' => $last);
if ($timestamp) $conditions['AND'][] = array('Event.timestamp >=' => $timestamp);
if ($publish_timestamp) $conditions['AND'][] = array('Event.publish_timestamp >=' => $publish_timestamp);
if ($list) {
$params = array(
@ -1055,6 +1057,7 @@ class Event extends AppModel {
$isSiteAdmin = $user['Role']['perm_site_admin'];
if (isset($options['disableSiteAdmin']) && $options['disableSiteAdmin']) $isSiteAdmin = false;
$conditionsAttributes = array();
//restricting to non-private or same org if the user is not a site-admin.
if (!$isSiteAdmin) {
$sgids = $this->SharingGroup->fetchAllAuthorised($user);
@ -1078,6 +1081,16 @@ class Event extends AppModel {
)
)
);
// if delegations are enabled, check if there is an event that the current user might see because of the request itself
if (Configure::read('MISP.delegation')) {
$this->EventDelegation = ClassRegistry::init('EventDelegation');
$delegatedEventIDs = $this->EventDelegation->find('list', array(
'conditions' => array('EventDelegation.org_id' => $user['org_id']),
'fields' => array('event_id')
));
$conditions['AND']['OR']['Event.id'] = $delegatedEventIDs;
}
$conditionsAttributes['AND'][0]['OR'] = array(
array('AND' => array(
'Attribute.distribution >' => 0,
@ -1276,7 +1289,8 @@ class Event extends AppModel {
}
$params = array(
'conditions' => $conditions, //array of conditions
'fields' => array('Attribute.event_id', 'Attribute.distribution', 'Attribute.category', 'Attribute.type', 'Attribute.value', 'Attribute.comment', 'Attribute.uuid', 'Attribute.to_ids', 'Attribute.timestamp'),
'fields' => array('Attribute.event_id', 'Attribute.distribution', 'Attribute.category', 'Attribute.type', 'Attribute.value', 'Attribute.comment', 'Attribute.uuid', 'Attribute.to_ids', 'Attribute.timestamp', 'Attribute.id'),
'sort' => 'Attribute.id ASC'
);
if ($includeContext) {
@ -1962,6 +1976,48 @@ class Event extends AppModel {
} return $this->validationErrors;
}
// format has to be:
// array('Event' => array(), 'Attribute' => array('ShadowAttribute' => array()), 'EventTag' => array(), 'ShadowAttribute' => array());
public function savePreparedEvent($event) {
unset($event['Event']['id']);
$this->create();
$this->save($event['Event']);
$event['Event']['id'] = $this->id;
$objects = array('Attribute', 'ShadowAttribute', 'EventTag');
foreach ($objects as $object_type) {
if (!empty($event[$object_type])) {
$saveMethod = '__savePrepared' . $object_type;
foreach ($event[$object_type] as $object) $this->$saveMethod($object, $event);
}
}
return $event['Event']['id'];
}
private function __savePreparedAttribute(&$attribute, &$event) {
unset($attribute['id']);
$attribute['event_id'] = $event['Event']['id'];
$this->Attribute->create();
$this->Attribute->save($attribute);
foreach ($attribute['ShadowAttribute'] as $k => $sa) {
$this->__savePreparedShadowAttribute($sa, $event, $this->Attribute->id);
}
}
private function __savePreparedShadowAttribute($shadow_attribute, &$event, $old_id = 0) {
unset($shadow_attribute['id']);
$shadow_attribute['event_id'] = $event['Event']['id'];
$shadow_attribute['old_id'] = $old_id;
$this->ShadowAttribute->create();
$this->ShadowAttribute->save($shadow_attribute);
}
private function __savePreparedEventTag($event_tag, &$event) {
unset($event_tag['id']);
$event_tag['event_id'] = $event['Event']['id'];
$this->EventTag->create();
$this->EventTag->save($event_tag);
}
private function __searchUuidInAttributeArray($uuid, &$attr_array) {
foreach ($attr_array['Attribute'] as &$attr) {
if ($attr['uuid'] == $uuid) return array('Attribute' => $attr);

73
app/Model/EventDelegation.php
View File

@ -25,6 +25,12 @@ class EventDelegation extends AppModel {
'Org' => array(
'className' => 'Organisation',
),
'RequesterOrg' => array(
'className' => 'Organisation'
),
'SharingGroup' => array(
'className' => 'SharingGroup'
)
);
public function attachTagToEvent($event_id, $tag_id) {
@ -41,4 +47,71 @@ class EventDelegation extends AppModel {
}
return true;
}
public function transferEvent($delegation, $user) {
$this->Event->Attribute->bindModel(
array(
'hasMany' => array(
'ShadowAttribute' => array(
'className' => 'ShadowAttribute',
'foreignKey' => 'old_id'
)
)
)
);
$event = $this->Event->find('first', array(
'conditions' => array('Event.id' => $delegation['EventDelegation']['event_id']),
'recursive' => -1,
'contain' => array(
'ShadowAttribute' => array(
'conditions' => array(
'ShadowAttribute.old_id' => 0,
'ShadowAttribute.event_id' => $delegation['EventDelegation']['event_id']
)
),
'EventTag',
'Attribute' => array(
'ShadowAttribute'
)
),
));
$event['Event']['user_id'] = $user['id'];
$event['Event']['orgc_id'] = $delegation['EventDelegation']['org_id'];
$event['Event']['org_id'] = $delegation['EventDelegation']['org_id'];
$this->Event->delete($delegation['EventDelegation']['event_id']);
$event_id = $this->Event->savePreparedEvent($event);
return $event_id;
}
private function __prepareEvent(&$event) {
$objects = array('Attribute', 'ShadowAttribute', 'EventTag');
$objects = array(
'Attribute' => array('id', 'event_id'),
'EventTag' => array('id', 'event_id'),
'ShadowAttribute' => array('id', 'event_id'),
);
$objectsWithAttachments = array('Attribute', 'ShadowAttribute');
$objectsToRearrange = array('Attribute', 'ShadowAttribute', 'EventTag');
unset ($event['Event']['id']);
foreach ($objects as $object_type => $fields) {
foreach ($event[$object_type] as &$object) {
// append attachment
if (in_array($object_type, $objectsWithAttachments)) {
if ($this->Event->Attribute->typeIsAttachment($object['type'])) {
$encodedFile = $this->Event->$object_type->base64EncodeAttachment($object);
$object['data'] = $encodedFile;
}
}
// unset ID fields and relations
foreach ($fields as $field) {
unset($object[$field]);
}
}
if (in_array($object_type, $objectsToRearrange)) {
$event['Event'][$object_type] = $event[$object_type];
unset($event[$object_type]);
}
}
}
}

4
app/Model/Log.php
View File

@ -41,7 +41,9 @@ class Log extends AppModel {
'reset_auth_key',
'update',
'enable',
'disable'
'disable',
'accept_delegation',
'request_delegation'
)),
'message' => 'Options : ...'
)

9
app/Model/Server.php
View File

@ -495,6 +495,15 @@ class Server extends AppModel {
'type' => 'boolean',
'null' => true
),
'delegation' => array(
'level' => 1,
'description' => 'This feature allows users to created org only events and ask another organisation to take owenership of the event. This allows organisations to remain anonymous by asking a partner to publish an event for them.',
'value' => false,
'errorMessage' => '',
'test' => 'testBool',
'type' => 'boolean',
'null' => true
),
),
'GnuPG' => array(
'branch' => 1,

13
app/View/Elements/dashboard/dashboard_events.ctp Normal file
View File

@ -0,0 +1,13 @@
<div class="dashboard_element w-2 h-1 dashboard_notifications">
<h4>Changes since last visit</h4>
<p>
<b>Events updated: </b><span class="bold <?php echo $events['changed'] ? 'red' : 'green'; ?>"><?php echo h($events['changed']);?></span> (<a href="<?php echo $baseurl;?>/events/index">View</a>)<br />
<b>Events published: </b><span class="bold <?php echo $events['published'] ? 'red' : 'green'; ?>"><?php echo h($events['published']);?></span> (<a href="<?php echo $baseurl;?>/events/index">View</a>)<br />
</p>
</div>
<script type="text/javascript">
$(document).ready(function() {
var elem = $('.dashboard_notifications').width();
$('.dashboard_notifications').css({'height':elem+'px'});
});
</script>

14
app/View/Elements/dashboard/dashboard_notifications.ctp Normal file
View File

@ -0,0 +1,14 @@
<div class="dashboard_element w-2 h-1 dashboard_notifications">
<h4>Notifications</h4>
<p>
<b>Proposals: </b><span class="bold <?php echo $notifications['proposalCount'] ? 'red' : 'green'; ?>"><?php echo h($notifications['proposalCount']);?></span> (<a href="<?php echo $baseurl;?>/shadow_attributes/index">View</a>)<br />
<b>Events with proposals: </b><span class="bold <?php echo $notifications['proposalEventCount'] ? 'red' : 'green'; ?>"><?php echo h($notifications['proposalEventCount']);?></span> (<a href="<?php echo $baseurl;?>/events/proposalEventIndex">View</a>)<br />
<b>Delegation requests: </b><span class="bold <?php echo $notifications['delegationCount'] ? 'red' : 'green'; ?>"><?php echo h($notifications['delegationCount']);?></span> (<a href="<?php echo $baseurl;?>/events/delegation_index">View</a>)
</p>
</div>
<script type="text/javascript">
$(document).ready(function() {
var elem = $('.dashboard_notifications').width();
$('.dashboard_notifications').css({'height':elem+'px'});
});
</script>

20
app/View/Elements/global_menu.ctp
View File

@ -71,6 +71,7 @@
</a>
<ul class="dropdown-menu">
<li><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
<li><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
<li><a href="<?php echo $baseurl;?>/users/memberslist">Members List</a></li>
<li><a href="<?php echo $baseurl;?>/organisations/index">Organisations</a></li>
<li><a href="<?php echo $baseurl;?>/roles/index">Role Permissions</a></li>
@ -166,17 +167,6 @@
</div>
<div class="nav-collapse collapse pull-right">
<ul class="nav">
<li>
<a href="<?php echo $baseurl;?>/events/proposalEventIndex" <?php if ($proposalCount > 0) echo 'style="font-weight:bold;"'; ?>>
<?php
$proposalPluralOrZero = 's';
if ($proposalCount == 1) $proposalPluralOrZero = '';
$proposalEventPluralOrZero = 's';
if ($proposalEventCount == 1) $proposalEventPluralOrZero = '';
echo $proposalCount . ' proposal' . $proposalPluralOrZero . ' in ' . $proposalEventCount . ' event' . $proposalEventPluralOrZero;
?>
</a>
</li>
<li>
<a href="<?php echo $baseurl;?>/" id="fullLogo" style="font-weight:bold;">
<span class="logoBlueStatic">M</span><span class="logoGray">alware</span>
@ -188,6 +178,14 @@
<span class="logoBlueStatic">MISP</span>
</a>
</li>
<li>
<a href="<?php echo $baseurl;?>/users/view/me" class="white" style="padding-left:0px;padding-right:5px;" title="<?php echo h($me['email']);?>"><?php echo $loggedInUserName;?></a>
</li>
<li>
<a href="<?php echo $baseurl;?>/users/dashboard" style="padding-left:0px;padding-right:0px;">
<span class="notification-<?php echo ($notifications['total'] > 0) ? 'active' : 'passive';?>"><span style="float:left;margin-top:3px;margin-right:3px;margin-left:3px;" class="icon-envelope icon-white"></span></span>
</a>
</li>
<li><a href="<?php echo $baseurl;?>/users/logout">Log out</a></li>
</ul>
</div>

16
app/View/Elements/side_menu.ctp
View File

@ -46,10 +46,19 @@
?>
<li<?php echo $publishButtons; ?> class="publishButtons"><a href="#" onClick="publishPopup('<?php echo h($event['Event']['id']); ?>', 'alert')">Publish Event</a></li>
<li<?php echo $publishButtons; ?> class="publishButtons"><a href="#" onClick="publishPopup('<?php echo h($event['Event']['id']); ?>', 'publish')">Publish (no email)</a></li>
<?php if ($isSiteAdmin || (isset($mayModify) && $mayModify)): ?>
<li id='lidelegateEvent'><a href="#" onClick="delegatePopup('<?php echo h($event['Event']['id']); ?>');">Delegate Publishing</a></li>
<?php if (Configure::read('MISP.delegation')):?>
<?php if (isset($event['Event']['distribution']) && (!isset($delegationRequest) || !$delegationRequest) && $event['Event']['distribution'] == 0 && ($isSiteAdmin || (isset($mayPublish) && $mayPublish))): ?>
<li id='lidelegateEvent'><a href="#" onClick="delegatePopup('<?php echo h($event['Event']['id']); ?>');">Delegate Publishing</a></li>
<?php endif;?>
<?php if (isset($delegationRequest) && $delegationRequest && ($isSiteAdmin || ($isAclPublish && ($me['org_id'] == $delegationRequest['EventDelegation']['org_id'] || $me['org_id'] == $delegationRequest['EventDelegation']['requester_org_id'])))): ?>
<li class="divider"></li>
<?php if ($isSiteAdmin || ($isAclPublish && ($me['org_id'] == $delegationRequest['EventDelegation']['org_id']))): ?>
<li id='liacceptDelegation'><a href="#" onClick="genericPopup('<?php echo $baseurl?>/event_delegations/acceptDelegation/<?php echo h($delegationRequest['EventDelegation']['id']); ?>', '#confirmation_box');">Accept Delegation Request</a></li>
<?php endif;?>
<li id='lideleteDelegation'><a href="#" onClick="genericPopup('<?php echo $baseurl?>/event_delegations/deleteDelegation/<?php echo h($delegationRequest['EventDelegation']['id']); ?>', '#confirmation_box');">Discard Delegation Request</a></li>
<li class="divider"></li>
<?php endif;?>
<?php endif;?>
<li id='licontact'><a href="<?php echo $baseurl;?>/events/contact/<?php echo h($event['Event']['id']);?>">Contact Reporter</a></li>
<li><a onClick="getPopup('<?php echo h($event['Event']['id']); ?>', 'events', 'exportChoice');" style="cursor:pointer;">Download as...</a></li>
<li class="divider"></li>
@ -116,6 +125,7 @@
<li class="divider"></li>
<?php endif; ?>
<li id='liview'><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
<li id='lidashboard'><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
<li id='limembers'><a href="<?php echo $baseurl;?>/users/memberslist">Members List</a></li>
<li id='liindexOrg'><a href="<?php echo $baseurl;?>/organisations/index">List Organisations</a></li>
<?php if ($menuItem === 'viewOrg'): ?>

22
app/View/EventDelegations/ajax/accept_delegation.ctp Normal file
View File

@ -0,0 +1,22 @@
<div class="confirmation">
<div class="legend">Accept Delegation Request</div>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<p>Are you sure you would like to accept the request by <?php echo h($delegationRequest['Org']['name']); ?> to take ownership of Event #<?php echo h($delegationRequest['Event']['id']);?>?</p>
<table>
<tr>
<td style="vertical-align:top">
<?php
echo $this->Form->create('EventDelegation', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
echo $this->Form->submit('Yes', array('div' => false, 'class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</td>
<td style="width:540px;">
</td>
<td style="vertical-align:top;">
<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();">No</span>
</td>
</tr>
</table>
</div>
</div>

83
app/View/EventDelegations/ajax/delegate_event.ctp
View File

@ -1,30 +1,55 @@
<div class="confirmation">
<?php
echo $this->Form->create('Event', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => '/events/' . $type . '/' . $id));
$extraTitle = "";
if ($type == 'publish') $extraTitle = ' (no email)';
?>
<legend>Publish Event<?php echo $extraTitle; ?></legend>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<?php if ($type == 'alert'): ?>
<p>Are you sure this event is complete and everyone should be informed?</p>
<?php else: ?>
<p>Publish but do NOT send alert email? Only for minor changes!</p>
<?php endif; ?>
<table>
<tr>
<td style="vertical-align:top">
<span id="PromptYesButton" class="btn btn-primary" onClick="submitPublish()">Yes</span>
</td>
<td style="width:540px;">
</td>
<td style="vertical-align:top;">
<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();">No</span>
</td>
</tr>
</table>
<div class="popover_choice" style="padding-bottom:5px;">
<div class="legend">Delegate the publishing of the Event to another organisation</div>
<p class="white" style="background:red;">Warning: You are about to request another organisation to take ownership of this event.</p>
<div class="popover_choice_main overlay_spacing bottomGap" id ="popover_choice_main">
<?php
echo $this->Form->create('EventDelegation', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
echo $this->Form->input('org_id', array(
'label' => 'Target Organisation',
'options' => array($org),
'empty' => 'Select organisation',
'div' => 'clear'
));
echo $this->Form->input('distribution', array(
'options' => $distributionOptions,
'label' => 'Desired Distribution',
));
?>
<div id="sgid" class="hidden">
<?php
echo $this->Form->input('sharing_group_id', array(
'options' => $sgOptions,
'label' => 'Desired Sharing Group',
'div' => false
));
?>
</div>
<?php
echo $this->Form->input('message', array(
'label' => false,
'div' => false,
'type' => 'textarea',
'style' => 'width:665px;',
'placeholder' => 'Message to the recipient organisation'
));
echo $this->Form->submit('Yes', array('div' => false, 'class' => 'btn btn-primary'));
?>
<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPopoverForm();" style="float:right;">No</span>
<?php
echo $this->Form->end();
?>
</div>
<?php
?>
</div>
<?php
echo $this->Form->end();
?>
</div>
<script type="text/javascript">
$(document).ready(function() {
$('#EventDelegationDistribution').change(function() {
if ($('#EventDelegationDistribution').val() == 4) $('#sgid').show();
else $('#sgid').hide();
});
});
</script>
<?php echo $this->Js->writeBuffer();

22
app/View/EventDelegations/ajax/delete_delegation.ctp Normal file
View File

@ -0,0 +1,22 @@
<div class="confirmation">
<div class="legend">Delete Delegation Request</div>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<p>Are you sure you would like to discard the request by <?php echo h($delegationRequest['Org']['name']); ?> to take owenership of Event #<?php echo h($delegationRequest['Event']['id']);?>?</p>
<table>
<tr>
<td style="vertical-align:top">
<?php
echo $this->Form->create('EventDelegation', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
echo $this->Form->submit('Yes', array('div' => false, 'class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</td>
<td style="width:540px;">
</td>
<td style="vertical-align:top;">
<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();">No</span>
</td>
</tr>
</table>
</div>
</div>

26
app/View/EventDelegations/ajax/view.ctp Normal file
View File

@ -0,0 +1,26 @@
<div class="confirmation">
<legend>Event Delegation</legend>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<?php
$target = $me['org_id'] == $delegation['Org']['id'] ? 'your organisation' : $delegation['Org']['name'];
$requester = $me['org_id'] == $delegation['RequesterOrg']['id'] ? 'Your organisation' : $delegation['RequesterOrg']['name'];
?>
<p>
<b>Request details</b><br /><span class="red bold"><?php echo h($requester);?></span> is requesting <span class="red bold"><?php echo h($target); ?></span> to take over this event.
<?php if ($delegation['EventDelegation']['distribution'] != -1): ?>
<?php if ($delegation['EventDelegation']['distribution'] < 4): ?> <br />
The desired distribution level is <span class="red bold"><?php echo h($delegation['requested_distribution_level']);?></span>
<?php else: ?>
The desired sharing group to distribute the event to is: <span class="red bold"><?php echo h($delegation['SharingGroup']['name']);?></span>.
<?php endif;?>
<?php endif;?>
</p>
<p><b>Message from requester</b><br /><?php echo h($delegation['EventDelegation']['message']); ?></p>
<div class="row-fluid">
<?php if ($isSiteAdmin || $me['org_id'] == $delegation['Org']['id']):?>
<span class="btn btn-primary" onClick="genericPopup('<?php echo $baseurl?>/event_delegations/acceptDelegation/<?php echo h($delegation['EventDelegation']['id']); ?>', '#confirmation_box');">Accept</span>
<?php endif;?>
<span class="btn btn-inverse" onClick="genericPopup('<?php echo $baseurl?>/event_delegations/deleteDelegation/<?php echo h($delegation['EventDelegation']['id']); ?>', '#confirmation_box');">Discard</span>
<span class="btn btn-inverse" style="float:right;" id="PromptNoButton" onClick="cancelPrompt();">Cancel</span>
</div>
</div>

82
app/View/Events/filter_event_index.ctp
View File

@ -104,48 +104,48 @@
</div>
</fieldset>
<div class="overlay_spacing">
<?php echo $this->Form->end();?>
<div id="rule_table">
<table style="background-color:white;">
<tr style="width:680px;background-color:#0088cc;color:white;">
<th style="width:100px;border:1px solid #cccccc;text-align: left;">Target</th>
<th style="width:567px;border:1px solid #cccccc;border-right:0px;text-align: left;">Value</th>
<th style="width:10px;border:1px solid #cccccc;border-left:0px;text-align: left;"></th>
</tr>
<?php
$fields = array('published', 'org', 'tag', 'date', 'eventinfo', 'threatlevel', 'analysis', 'distribution', 'attribute');
foreach ($fields as $k => $field):
?>
<tr id="row_<?php echo $field; ?>" class="hidden filterTableRow">
<td id="key_<?php echo $field;?>" style="border:1px solid #cccccc;font-weight:bold;"><?php echo ucfirst($field); ?></td>
<td id="value_<?php echo $field;?>" style="border:1px solid #cccccc;border-right:0px;"></td>
<td id="delete_<?php echo $field;?>" style="border:1px solid #cccccc;border-left:0px;"><span class="icon-trash" onClick="indexFilterClearRow('<?php echo $field;?>')"></span></td>
<?php echo $this->Form->end();?>
<div id="rule_table">
<table style="background-color:white;">
<tr style="width:680px;background-color:#0088cc;color:white;">
<th style="width:100px;border:1px solid #cccccc;text-align: left;">Target</th>
<th style="width:567px;border:1px solid #cccccc;border-right:0px;text-align: left;">Value</th>
<th style="width:10px;border:1px solid #cccccc;border-left:0px;text-align: left;"></th>
</tr>
<?php
endforeach;
?>
</table>
<table style="background-color:white;width:100%;" id="FilterplaceholderTable">
<tr class="filterTableRow">
<td style="border:1px solid #cccccc;border-top:0px;font-weight:bold;width:100%;color:red;">No filters set - add filter terms above.</td>
</tr>
</table>
</div>
<?php echo $this->Form->create('Event', array('id' => 'test', 'url' => $baseurl . '/events/index'));?>
<fieldset>
<?php
echo $this->Form->input('generatedURL', array(
'label' => false,
'class' => 'input',
'style' => 'width:620px;display:none;',
'div' => false
));
?>
</fieldset>
<div id = "generatedURL" style="word-wrap: break-word;"><br />Save this URL if you would like to use the same filter settings again<br /><div style="background-color:#f5f5f5;border: 1px solid #e3e3e3; border-radius:4px;padding:3px;background-color:white;"><span id="generatedURLContent"></span></div></div>
<br />
<span class="btn btn-primary" onClick="indexApplyFilters();">Apply</span>
<span class="btn btn-inverse" onClick="cancelPopoverForm();" style="float:right;">Cancel</span>
<?php
$fields = array('published', 'org', 'tag', 'date', 'eventinfo', 'threatlevel', 'analysis', 'distribution', 'attribute');
foreach ($fields as $k => $field):
?>
<tr id="row_<?php echo $field; ?>" class="hidden filterTableRow">
<td id="key_<?php echo $field;?>" style="border:1px solid #cccccc;font-weight:bold;"><?php echo ucfirst($field); ?></td>
<td id="value_<?php echo $field;?>" style="border:1px solid #cccccc;border-right:0px;"></td>
<td id="delete_<?php echo $field;?>" style="border:1px solid #cccccc;border-left:0px;"><span class="icon-trash" onClick="indexFilterClearRow('<?php echo $field;?>')"></span></td>
</tr>
<?php
endforeach;
?>
</table>
<table style="background-color:white;width:100%;" id="FilterplaceholderTable">
<tr class="filterTableRow">
<td style="border:1px solid #cccccc;border-top:0px;font-weight:bold;width:100%;color:red;">No filters set - add filter terms above.</td>
</tr>
</table>
</div>
<?php echo $this->Form->create('Event', array('id' => 'test', 'url' => $baseurl . '/events/index'));?>
<fieldset>
<?php
echo $this->Form->input('generatedURL', array(
'label' => false,
'class' => 'input',
'style' => 'width:620px;display:none;',
'div' => false
));
?>
</fieldset>
<div id = "generatedURL" style="word-wrap: break-word;"><br />Save this URL if you would like to use the same filter settings again<br /><div style="background-color:#f5f5f5;border: 1px solid #e3e3e3; border-radius:4px;padding:3px;background-color:white;"><span id="generatedURLContent"></span></div></div>
<br />
<span class="btn btn-primary" onClick="indexApplyFilters();">Apply</span>
<span class="btn btn-inverse" onClick="cancelPopoverForm();" style="float:right;">Cancel</span>
</div>
</div>
<script type="text/javascript">

5
app/View/Events/index.ctp
View File

@ -17,12 +17,13 @@
</div>
<?php
$tab = "Center";
if (!isset($simple)) $simple = false;
$filtered = false;
if (count($passedArgsArray) > 0) {
if (!$simple && count($passedArgsArray) > 0) {
$tab = "Left";
$filtered = true;
}
if (!$ajax):
if (!$ajax && !$simple):
?>
<div class="tabMenuFixedContainer" style="display:inline-block;">
<span class="tabMenuFixed tabMenuFixed<?php echo $tab; ?> tabMenuSides">

38
app/View/Events/view.ctp
View File

@ -1,8 +1,6 @@
<?php
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id'] && $event['Orgc']['id'] == $me['org_id']) || ($isAclModifyOrg && $event['Orgc']['id'] == $me['org_id']));
$mayPublish = ($isAclPublish && $event['Orgc']['id'] == $me['org_id']);
?>
<?php
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id'] && $event['Orgc']['id'] == $me['org_id']) || ($isAclModifyOrg && $event['Orgc']['id'] == $me['org_id']));
$mayPublish = ($isAclPublish && $event['Orgc']['id'] == $me['org_id']);
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'viewEvent', 'mayModify' => $mayModify, 'mayPublish' => $mayPublish));
?>
<div class="events view">
@ -125,27 +123,21 @@ $mayPublish = ($isAclPublish && $event['Orgc']['id'] == $me['org_id']);
<?php echo nl2br(h($event['Event']['info'])); ?>
&nbsp;
</dd>
<dt class="<?php echo ($event['Event']['published'] == 0) ? (($isAclPublish && $me['org_id'] == $event['Event']['orgc_id']) ? 'background-red bold' : 'bold') : 'bold'; ?>">Published</dt>
<dd class="<?php echo ($event['Event']['published'] == 0) ? (($isAclPublish && $me['org_id'] == $event['Event']['orgc_id']) ? 'background-red bold' : 'red bold') : 'green bold'; ?>"><?php echo ($event['Event']['published'] == 0) ? 'No' : 'Yes'; ?></dd>
<?php
$published = '';
$notPublished = 'style="display:none;"';
if ($event['Event']['published'] == 0) {
$published = 'style="display:none;"';
$notPublished = '';
}
if (!empty($delegationRequest)):
if ($isSiteAdmin || $me['org_id'] == $delegationRequest['EventDelegation']['org_id']) {
$target = $isSiteAdmin ? $delegationRequest['Org']['name'] : 'you';
$subject = $delegationRequest['RequesterOrg']['name'] . ' has';
} else {
$target = $delegationRequest['Org']['name'];
$subject = 'You have';
}
?>
<dt class="published" <?php echo $published;?>>Published</dt>
<dd class="published green" <?php echo $published;?>>Yes</dd>
<?php
if ($isAclPublish) :
?>
<dt class="visibleDL notPublished" <?php echo $notPublished;?>>Published</dt>
<dd class="visibleDL notPublished" <?php echo $notPublished;?>>No</dd>
<?php
else:
?>
<dt class="notPublished" <?php echo $notPublished;?>>Published</dt>
<dd class="notPublished red" <?php echo $notPublished;?>>No</dd>
<?php endif; ?>
<dt class="background-red bold">Delegation request</dt>
<dd class="background-red bold"><?php echo h($subject);?> requested that <?php echo h($target)?> take over this event. (<a href="#" style="color:white;" onClick="genericPopup('<?php echo $baseurl;?>/eventDelegations/view/<?php echo h($delegationRequest['EventDelegation']['id']);?>', '#confirmation_box');">View request details</a>)</dd>
<?php endif;?>
</dl>
</div>
<?php if (!empty($event['RelatedEvent'])):?>

18
app/View/Users/dashboard.ctp Normal file
View File

@ -0,0 +1,18 @@
<div class="Dashboard index">
<h2>Dashboard</h2>
<div class="row">
<div class="span3 dashboard_container">
<?php
echo $this->element('dashboard/dashboard_notifications');
?>
</div>
<div class="span3 dashboard_container">
<?php
echo $this->element('dashboard/dashboard_events');
?>
</div>
</div>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'globalActions', 'menuItem' => 'dashboard'));
?>

78
app/webroot/css/main.css
View File

@ -337,6 +337,7 @@ td.action-links {
dl {
line-height: 2em;
margin: 0em 0em;
overflow: hidden
/*width: 60%;*/
}
dl dd:nth-child(4n+2),
@ -345,15 +346,19 @@ dl dt:nth-child(4n+1) {
}
dt {
float:left;
font-weight: bold;
padding-left: 4px;
padding: 0;
margin: 0;
vertical-align: top;
width: 12em;
width: 15%;
}
dd {
margin-left: 12em;
margin-top: -1.7em;
float:left;'
vertical-align: top;
width: 85%;
padding: 0;
margin: 0;
}
@ -749,7 +754,7 @@ a.proposal_link_red:hover {
z-index:5;
}
.confirmation_box legend {
.confirmation_box legend, .confirmation .legend {
border-radius: 5px 5px 0px 0px;
margin-bottom:5px;
padding-left:5px;
@ -758,6 +763,16 @@ a.proposal_link_red:hover {
color:white;
}
.legend {
display: block;
width: 100%;
padding: 0;
font-size: 21px;
line-height: 40px;
color: #333333;
border: 0;
}
.ajax_popover_form {
display:none;
width: 700px;
@ -779,6 +794,16 @@ a.proposal_link_red:hover {
color:white;
}
.ajax_popover_form .legend {
border-radius: 10px 10px 0px 0px;
padding-left:10px;
width:690px;
background-color:black;
color:white;
font-size: 21px;
line-height: 40px;
}
.ajax_popover_form form {
margin: 0 0 5px;
}
@ -1415,14 +1440,24 @@ a.proposal_link_red:hover {
color: orange !important;
}
.orange {
color: orange;
.white {
color: white !important;
}
.bold {
font-weight: bold;
}
.background-red {
background: red !important;
color: white !important;
}
.background-blue {
background: #0088cc !important;
color: white !important;
}
.hidden {
display:none;
}
@ -1442,6 +1477,35 @@ a.discrete {
border-left: 1px solid grey;
}
.notification-active {
float:left;
background-color:red;
color:white;
border-radius: 50%;
width:20px;
height:20px;
}
.notification-passive {
float:left;
width:20px;
height:20px;
}
.dashboard_element{
border: 1px solid #0088cc;
border-radius: 5px;
box-shadow: 0px 0px 6px #B2B2B2;
padding-left:10px;
padding-right:10px;
width: 100%;
height: 100%;
}
.dashboard_container {
margin-right:15px;
}
@-webkit-keyframes rotation {
from {-webkit-transform: rotate(0deg);}
to {-webkit-transform: rotate(359deg);}

16
app/webroot/js/ajaxification.js
View File

@ -24,6 +24,22 @@ function publishPopup(id, type) {
});
}
function delegatePopup(id) {
$.get( "/event_delegations/delegateEvent/" + id, function(data) {
$("#popover_form").html(data);
$("#popover_form").fadeIn();
$("#gray_out").fadeIn();
});
}
function genericPopup(url, popupTarget) {
$.get(url, function(data) {
$(popupTarget).html(data);
$(popupTarget).fadeIn();
$("#gray_out").fadeIn();
});
}
function submitPublish(id, type) {
$("#PromptForm").submit();
}