mirror of https://github.com/MISP/MISP
First finished version
parent
c834715aae
commit
a1ffdc7790
|
@ -278,13 +278,22 @@ class AppController extends Controller {
|
|||
}
|
||||
$this->debugMode = 'debugOff';
|
||||
if (Configure::read('debug') > 1) $this->debugMode = 'debugOn';
|
||||
|
||||
// update script
|
||||
$this->{$this->modelClass}->runUpdates();
|
||||
$this->set('loggedInUserName', $this->__convertEmailToName($this->Auth->user('email')));
|
||||
$this->set('debugMode', $this->debugMode);
|
||||
$proposalCount = $this->_getProposalCount();
|
||||
$this->set('proposalCount', $proposalCount[0]);
|
||||
$this->set('proposalEventCount', $proposalCount[1]);
|
||||
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user());
|
||||
$this->set('notifications', $notifications);
|
||||
$this->set('mispVersion', $this->mispVersion);
|
||||
}
|
||||
|
||||
private function __convertEmailToName($email) {
|
||||
$name = explode('@', $email);
|
||||
$name = explode('.', $name[0]);
|
||||
foreach ($name as &$temp) $temp = ucfirst($temp);
|
||||
$name = implode(' ', $name);
|
||||
return $name;
|
||||
}
|
||||
|
||||
public function blackhole($type) {
|
||||
if ($type === 'csrf') throw new BadRequestException(__d('cake_dev', $type));
|
||||
|
@ -314,26 +323,6 @@ class AppController extends Controller {
|
|||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private function _getProposalCount() {
|
||||
$this->loadModel('ShadowAttribute');
|
||||
$this->ShadowAttribute->recursive = -1;
|
||||
$shadowAttributes = $this->ShadowAttribute->find('all', array(
|
||||
'recursive' => -1,
|
||||
'fields' => array('event_id', 'event_org_id'),
|
||||
'conditions' => array(
|
||||
'ShadowAttribute.event_org_id' => $this->Auth->user('org_id'),
|
||||
'ShadowAttribute.deleted' => 0,
|
||||
)));
|
||||
$results = array();
|
||||
$eventIds = array();
|
||||
$results[0] = count($shadowAttributes);
|
||||
foreach ($shadowAttributes as $sa) {
|
||||
if (!in_array($sa['ShadowAttribute']['event_id'], $eventIds)) $eventIds[] = $sa['ShadowAttribute']['event_id'];
|
||||
}
|
||||
$results[1] = count($eventIds);
|
||||
return $results;
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert an array to the same array but with the values also as index instead of an interface_exists
|
||||
|
@ -525,8 +514,4 @@ class AppController extends Controller {
|
|||
$this->redirect(array('controller' => 'pages', 'action' => 'display', 'administration'));
|
||||
}
|
||||
}
|
||||
|
||||
public function test() {
|
||||
$this->{$this->modelClass}->runUpdates();
|
||||
}
|
||||
}
|
|
@ -16,35 +16,135 @@ class EventDelegationsController extends AppController {
|
|||
),
|
||||
);
|
||||
|
||||
public function index() {
|
||||
}
|
||||
|
||||
public function add() {
|
||||
|
||||
}
|
||||
|
||||
public function edit($id) {
|
||||
|
||||
}
|
||||
|
||||
public function delete($id) {
|
||||
|
||||
public function view($id) {
|
||||
$delegation = $this->EventDelegation->find('first', array(
|
||||
'conditions' => array('EventDelegation.id' => $id),
|
||||
'recursive' => -1,
|
||||
'contain' => array('Org', 'Event', 'RequesterOrg', 'SharingGroup'),
|
||||
));
|
||||
if (empty($delegation) || (!$this->_isSiteAdmin() && $this->Auth->user('org_id') != $delegation['EventDelegation']['org_id'] && $this->Auth->user('org_id') != $delegation['EventDelegation']['requester_org_id'])) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
$delegation['requested_distribution_level'] = $delegation['EventDelegation']['distribution'] == -1 ? false : $this->EventDelegation->Event->distributionLevels[$delegation['EventDelegation']['distribution']];
|
||||
$this->set('delegation', $delegation);
|
||||
$this->render('ajax/view');
|
||||
}
|
||||
|
||||
public function delegateEvent($id) {
|
||||
debug($this->EventDelegation->find('all'));
|
||||
$event = $this->EventDelegation->Event->find('first', array(
|
||||
'conditions' => array('Event.id' => $id),
|
||||
'recursive' => -1,
|
||||
'fields' => array('Event.id', 'Event.orgc_id', 'Event.distribution')
|
||||
));
|
||||
if (!$this->_isSiteAdmin() || $this->Auth->user('org_id') !== $event['Event']['orgc_id']) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
if (!$this->_isSiteAdmin() && $this->Auth->user('org_id') !== $event['Event']['orgc_id']) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
if ($event['Event']['distribution'] != 0) throw new MethodNotAllowedException('Only events with the distribution setting "Your Organisation Only" can be delegated.');
|
||||
$existingDelegations = $this->EventDelegation->find('first', array('conditions' => array('event_id' => $id), 'recursive' => -1));
|
||||
if (!empty($existingDelegations)) throw new MethodNotAllowedException('This event already has a pending delegation request. Please revoke that before creating a new request.');
|
||||
if ($this->request->is('Post')) {
|
||||
|
||||
if ($this->request->data['EventDelegation']['distribution'] != 4) $this->request->data['EventDelegation']['sharing_group_id'] = '0';
|
||||
$this->request->data['EventDelegation']['event_id'] = $event['Event']['id'];
|
||||
$this->request->data['EventDelegation']['requester_org_id'] = $this->Auth->user('org_id');
|
||||
$this->EventDelegation->create();
|
||||
$this->EventDelegation->save($this->request->data['EventDelegation']);
|
||||
$org = $this->EventDelegation->Event->Org->find('first', array(
|
||||
'conditions' => array('id' => $this->request->data['EventDelegation']['requester_org_id']),
|
||||
'recursive' => -1,
|
||||
'fields' => array('name')
|
||||
));
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $this->Auth->user('Organisation')['name'],
|
||||
'model' => 'Event',
|
||||
'model_id' => $event['Event']['id'],
|
||||
'email' => $this->Auth->user('email'),
|
||||
'action' => 'request_delegation',
|
||||
'user_id' => $this->Auth->user('id'),
|
||||
'title' => 'Requested event delegation',
|
||||
'change' => 'Requested the delegation of event ' . $event['Event']['id'] . ' to organisation ' . $org['Org']['name'],
|
||||
));
|
||||
$this->Session->setFlash('Delegation request created.');
|
||||
$this->redirect('/events/view/' . $id);
|
||||
} else {
|
||||
|
||||
$orgs = $this->EventDelegation->Event->Org->find('list', array(
|
||||
'conditions' => array(
|
||||
'Org.id !=' => $this->Auth->user('org_id'),
|
||||
'Org.local' => 1,
|
||||
),
|
||||
'fields' => array('name'),
|
||||
'order' => array('lower(name) ASC')
|
||||
));
|
||||
$distribution = $this->EventDelegation->Event->distributionLevels;
|
||||
$sgs = $this->EventDelegation->Event->SharingGroup->fetchAllAuthorised($this->Auth->User, 'name', true);
|
||||
if (empty($sgs)) unset($distribution[4]);
|
||||
$distribution[-1] = 'Recipient decides';
|
||||
$this->set('distributionOptions', array('-1' => 'Recipient decides') + $distribution);
|
||||
$this->set('org', $orgs);
|
||||
$this->set('sgOptions', $sgs);
|
||||
$this->set('id', $id);
|
||||
$this->render('ajax/delegate_event');
|
||||
}
|
||||
}
|
||||
|
||||
public function acceptDelegation($id) {
|
||||
$delegation = $this->EventDelegation->find('first', array(
|
||||
'conditions' => array('EventDelegation.id' => $id),
|
||||
'recursive' => -1,
|
||||
'contain' => array('Org', 'Event'),
|
||||
));
|
||||
if (empty($delegation) || (!$this->_isSiteAdmin() && $this->Auth->user('org_id') != $delegation['EventDelegation']['org_id'])) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
if ($this->request->is('post')) {
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $this->Auth->user('Organisation')['name'],
|
||||
'model' => 'Event',
|
||||
'model_id' => $delegation['Event']['id'],
|
||||
'email' => $this->Auth->user('email'),
|
||||
'action' => 'accept_delegation',
|
||||
'user_id' => $this->Auth->user('id'),
|
||||
'title' => 'Accepted event delegation',
|
||||
'change' => 'Starting the transfer of event ' . $delegation['Event']['id'] . ' to organisation ' . $this->Auth->user('Organisation')['name'],
|
||||
));
|
||||
$result = $this->EventDelegation->transferEvent($delegation, $this->Auth->user());
|
||||
if ($result) {
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $this->Auth->user('Organisation')['name'],
|
||||
'model' => 'Event',
|
||||
'model_id' => 0,
|
||||
'email' => $this->Auth->user('email'),
|
||||
'action' => 'accept_delegation',
|
||||
'user_id' => $this->Auth->user('id'),
|
||||
'title' => 'Completed event delegation',
|
||||
'change' => 'Event ' . $delegation['Event']['id'] . ' successfully transferred to organisation ' . $this->Auth->user('Organisation')['name'],
|
||||
));
|
||||
$this->Session->setFlash('Event ownership transferred.');
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $result));
|
||||
} else {
|
||||
$this->Session->setFlash('Something went wrong and the event could not be transferred.');
|
||||
$this->redirect(array('controller' => 'Event', 'action' => 'view', $delegation['EventDelegation']['event_id']));
|
||||
}
|
||||
} else {
|
||||
$this->set('delegationRequest', $delegation);
|
||||
$this->render('ajax/accept_delegation');
|
||||
}
|
||||
}
|
||||
|
||||
public function deleteDelegation($id) {
|
||||
$delegation = $this->EventDelegation->find('first', array(
|
||||
'conditions' => array('EventDelegation.id' => $id),
|
||||
'recursive' => -1,
|
||||
'contain' => array('Org', 'Event'),
|
||||
));
|
||||
if (empty($delegation) || (!$this->_isSiteAdmin() && !in_array($this->Auth->user('org_id'), array($delegation['EventDelegation']['requester_org_id'], $delegation['EventDelegation']['org_id'])))) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
if ($this->request->is('post')) {
|
||||
$this->EventDelegation->delete($delegation['EventDelegation']['id']);
|
||||
$this->Session->setFlash('Delegation request deleted.');
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $delegation['EventDelegation']['event_id']));
|
||||
} else {
|
||||
$this->set('delegationRequest', $delegation);
|
||||
$this->render('ajax/delete_delegation');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -683,6 +683,12 @@ class EventsController extends AppController {
|
|||
$this->set($variable, $currentModel->{$variable});
|
||||
}
|
||||
}
|
||||
if (Configure::read('MISP.delegation')) {
|
||||
$this->loadModel('EventDelegation');
|
||||
$delegationConditions = array('EventDelegation.event_id' => $event['Event']['id']);
|
||||
if (!$this->_isSiteAdmin() && $this->userRole['perm_publish']) $delegationConditions['OR'] = array('EventDelegation.org_id' => $this->Auth->user('org_id'), 'EventDelegation.requester_org_id' => $this->Auth->user('org_id'));
|
||||
$this->set('delegationRequest', $this->EventDelegation->find('first', array('conditions' => $delegationConditions, 'recursive' => -1, 'contain' => array('Org', 'RequesterOrg'))));
|
||||
}
|
||||
$this->set('contributors', $contributors);
|
||||
$this->set('typeGroups', array_keys($this->Event->Attribute->typeGroupings));
|
||||
}
|
||||
|
@ -3295,4 +3301,54 @@ class EventsController extends AppController {
|
|||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public function delegation_index() {
|
||||
$this->loadmodel('EventDelegation');
|
||||
$delegatedEvents = $this->EventDelegation->find('list', array(
|
||||
'conditions' => array('EventDelegation.org_id' => $this->Auth->user('org_id')),
|
||||
'fields' => array('event_id')
|
||||
));
|
||||
$this->Event->contain(array('User.email', 'EventTag' => array('Tag')));
|
||||
$tags = $this->Event->EventTag->Tag->find('all', array('recursive' => -1));
|
||||
$tagNames = array('None');
|
||||
foreach ($tags as $k => $v) {
|
||||
$tagNames[$v['Tag']['id']] = $v['Tag']['name'];
|
||||
}
|
||||
$this->set('tags', $tagNames);
|
||||
$this->paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'Event.timestamp' => 'DESC'
|
||||
),
|
||||
'contain' => array(
|
||||
'Org' => array('fields' => array('id', 'name')),
|
||||
'Orgc' => array('fields' => array('id', 'name')),
|
||||
'SharingGroup' => array('fields' => array('id', 'name')),
|
||||
'ThreatLevel' => array('fields' => array('ThreatLevel.name'))
|
||||
|
||||
),
|
||||
'conditions' => array('Event.id' => $delegatedEvents),
|
||||
);
|
||||
|
||||
$this->set('events', $this->paginate());
|
||||
$threat_levels = $this->Event->ThreatLevel->find('all');
|
||||
$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
|
||||
$this->set('eventDescriptions', $this->Event->fieldDescriptions);
|
||||
$this->set('analysisLevels', $this->Event->analysisLevels);
|
||||
$this->set('distributionLevels', $this->Event->distributionLevels);
|
||||
|
||||
$shortDist = array(0 => 'Organisation', 1 => 'Community', 2 => 'Connected', 3 => 'All', 4 => ' sharing Group');
|
||||
$this->set('shortDist', $shortDist);
|
||||
$this->set('ajax', false);
|
||||
$this->set('simple', true);
|
||||
$this->Event->contain(array('User.email', 'EventTag' => array('Tag')));
|
||||
$tags = $this->Event->EventTag->Tag->find('all', array('recursive' => -1));
|
||||
$tagNames = array('None');
|
||||
foreach ($tags as $k => $v) {
|
||||
$tagNames[$v['Tag']['id']] = $v['Tag']['name'];
|
||||
}
|
||||
$this->set('tags', $tagNames);
|
||||
$this->render('index');
|
||||
}
|
||||
}
|
||||
|
|
|
@ -589,6 +589,11 @@ class UsersController extends AppController {
|
|||
public function login() {
|
||||
if ($this->Auth->login()) {
|
||||
$this->__extralog("login"); // TODO Audit, __extralog, check: customLog i.s.o. __extralog, no auth user?: $this->User->customLog('login', $this->Auth->user('id'), array('title' => '','user_id' => $this->Auth->user('id'),'email' => $this->Auth->user('email'),'org' => 'IN2'));
|
||||
$this->User->Behaviors->disable('SysLogLogable.SysLogLogable');
|
||||
$this->User->id = $this->Auth->user('id');
|
||||
$this->User->saveField('last_login', $this->Auth->user('current_login'));
|
||||
$this->User->saveField('current_login', time());
|
||||
$this->User->Behaviors->enable('SysLogLogable.SysLogLogable');
|
||||
// TODO removed the auto redirect for now, due to security concerns - will look more into this
|
||||
// $this->redirect($this->Auth->redirectUrl());
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'index'));
|
||||
|
@ -634,6 +639,9 @@ class UsersController extends AppController {
|
|||
'type' => 'ADMIN',
|
||||
'uuid' => $this->User->Organisation->generateUuid(),
|
||||
'local' => 1,
|
||||
'type' => '',
|
||||
'sector' => '',
|
||||
'nationality' => ''
|
||||
));
|
||||
$this->User->Organisation->save($org);
|
||||
$org_id = $this->User->Organisation->id;
|
||||
|
@ -1075,4 +1083,16 @@ class UsersController extends AppController {
|
|||
$this->layout = false;
|
||||
$this->render('ajax/fetchpgpkey');
|
||||
}
|
||||
|
||||
public function dashBoard() {
|
||||
$events = array();
|
||||
// the last login in the session is not updated after the login - only in the db, so let's fetch it.
|
||||
$lastLogin = $this->Auth->user('last_login');
|
||||
$this->loadModel('Event');
|
||||
$events['changed'] = count($this->Event->fetchEventIds($this->Auth->user(), false, false, false, true, $lastLogin));
|
||||
$events['published'] = count($this->Event->fetchEventIds($this->Auth->user(), false, false, false, true, false, $lastLogin));
|
||||
$notifications = $this->{$this->modelClass}->populateNotifications($this->Auth->user());
|
||||
$this->set('notifications', $notifications);
|
||||
$this->set('events', $events);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
<?php
|
||||
App::uses('AppModel', 'Model');
|
||||
|
||||
class AdminSetting extends AppModel {
|
||||
public $actsAs = array('Containable');
|
||||
public $validate = array('setting' => 'isUnique');
|
||||
}
|
|
@ -46,11 +46,10 @@ class AppModel extends Model {
|
|||
$this->name = get_class($this);
|
||||
}
|
||||
|
||||
// major -> minor -> hotfix -> requires_logout
|
||||
public $db_changes = array(
|
||||
2 => array(
|
||||
4 => array(
|
||||
6 => 'enableEventDelegation'
|
||||
)
|
||||
4 => array(18 => true, 19=>false)
|
||||
)
|
||||
);
|
||||
|
||||
|
@ -84,6 +83,10 @@ class AppModel extends Model {
|
|||
$sql = 'DELETE FROM `cake_sessions` WHERE `expires` < ' . time() . ';';
|
||||
$clean = false;
|
||||
break;
|
||||
case 'destroyAllSessions':
|
||||
$sql = 'DELETE FROM `cake_sessions`;';
|
||||
$clean = false;
|
||||
break;
|
||||
case 'addIPLogging':
|
||||
$sql = 'ALTER TABLE `logs` ADD `ip` varchar(45) COLLATE utf8_bin DEFAULT NULL;';
|
||||
break;
|
||||
|
@ -171,13 +174,26 @@ class AppModel extends Model {
|
|||
}
|
||||
}
|
||||
break;
|
||||
case 'enableEventDelegation':
|
||||
case 'adminTable':
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `admin_settings` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`setting` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
$sqlArray[] = "INSERT INTO `admin_settings` (`setting`, `value`) VALUES ('db_version', '2.4.0')";
|
||||
break;
|
||||
case '2.4.18':
|
||||
$sqlArray[] = "ALTER TABLE `users` ADD `current_login` INT(11) DEFAULT 0;";
|
||||
$sqlArray[] = "ALTER TABLE `users` ADD `last_login` INT(11) DEFAULT 0;";
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `event_delegations` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`requester_org_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`message` text,
|
||||
`distribution` tinyint(4),
|
||||
`distribution` tinyint(4) NOT NULL DEFAULT '-1',
|
||||
`sharing_group_id` int(11),
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `org_id` (`org_id`),
|
||||
KEY `event_id` (`event_id`)
|
||||
|
@ -286,9 +302,96 @@ class AppModel extends Model {
|
|||
}
|
||||
|
||||
public function runUpdates() {
|
||||
$adminTable = $this->query("SHOW TABLES LIKE 'administration';");
|
||||
if (empty($adminTable)) $dbVersion = '2.4.0';
|
||||
$currentVersion = explode('.', $this->mispVersion);
|
||||
$dbVersion;
|
||||
$this->AdminSetting = ClassRegistry::init('AdminSetting');
|
||||
$db = ConnectionManager::getDataSource('default');
|
||||
$tables = $db->listSources();
|
||||
$requiresLogout = false;
|
||||
// if we don't even have an admin table, time to create it.
|
||||
if (!in_array('admin_settings', $tables)) {
|
||||
$this->updateDatabase('adminTable');
|
||||
$requiresLogout = true;
|
||||
} else {
|
||||
$db_version = $this->AdminSetting->find('first', array('conditions' => array('setting' => 'db_version')));
|
||||
$updates = $this->__findUpgrades($db_version['AdminSetting']['value']);
|
||||
if (!empty($updates)) {
|
||||
foreach ($updates as $update => $temp) {
|
||||
$this->updateDatabase($update);
|
||||
if ($temp) $requiresLogout = true;
|
||||
$db_version['AdminSetting']['value'] = $update;
|
||||
$this->AdminSetting->save($db_version);
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($requiresLogout) {
|
||||
$this->updateDatabase('destroyAllSessions');
|
||||
}
|
||||
}
|
||||
private function __findUpgrades($db_version) {
|
||||
$version = explode('.', $db_version);
|
||||
$updates = array();
|
||||
foreach ($this->db_changes as $major => $rest) {
|
||||
if ($major < $version[0]) continue;
|
||||
else if ($major == $version[0]) {
|
||||
foreach ($rest as $minor => $hotfixes) {
|
||||
if ($minor < $version[1]) continue;
|
||||
else if ($minor == $version[1]) {
|
||||
foreach ($hotfixes as $hotfix => $requiresLogout) if ($hotfix > $version[2]) $updates[$major . '.' . $minor . '.' . $hotfix] = $requiresLogout;
|
||||
} else {
|
||||
foreach ($hotfixes as $hotfix => $requiresLogout) $updates[$major . '.' . $minor . '.' . $hotfix] = $requiresLogout;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// we'll fill this out when 3.0 comes around
|
||||
}
|
||||
}
|
||||
return $updates;
|
||||
}
|
||||
|
||||
|
||||
public function populateNotifications($user) {
|
||||
$notifications = array();
|
||||
$proposalCount = $this->_getProposalCount($user);
|
||||
$notifications['total'] = 0;
|
||||
$notifications['proposalCount'] = $proposalCount[0];
|
||||
$notifications['total'] += $proposalCount[0];
|
||||
$notifications['proposalEventCount'] = $proposalCount[1];
|
||||
if (Configure::read('MISP.delegation')) {
|
||||
$delegationCount = $this->_getDelegationCount($user);
|
||||
$notifications['total'] += $delegationCount;
|
||||
$notifications['delegationCount'] = $delegationCount;
|
||||
}
|
||||
return $notifications;
|
||||
}
|
||||
|
||||
|
||||
private function _getProposalCount($user) {
|
||||
$this->ShadowAttribute = ClassRegistry::init('ShadowAttribute');
|
||||
$this->ShadowAttribute->recursive = -1;
|
||||
$shadowAttributes = $this->ShadowAttribute->find('all', array(
|
||||
'recursive' => -1,
|
||||
'fields' => array('event_id', 'event_org_id'),
|
||||
'conditions' => array(
|
||||
'ShadowAttribute.event_org_id' => $user['org_id'],
|
||||
'ShadowAttribute.deleted' => 0,
|
||||
)));
|
||||
$results = array();
|
||||
$eventIds = array();
|
||||
$results[0] = count($shadowAttributes);
|
||||
foreach ($shadowAttributes as $sa) {
|
||||
if (!in_array($sa['ShadowAttribute']['event_id'], $eventIds)) $eventIds[] = $sa['ShadowAttribute']['event_id'];
|
||||
}
|
||||
$results[1] = count($eventIds);
|
||||
return $results;
|
||||
}
|
||||
|
||||
private function _getDelegationCount($user) {
|
||||
$this->EventDelegation = ClassRegistry::init('EventDelegation');
|
||||
$delegations = $this->EventDelegation->find('count', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array(
|
||||
'EventDelegation.org_id' => $user['org_id']
|
||||
)
|
||||
));
|
||||
return $delegations;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -982,7 +982,7 @@ class Event extends AppModel {
|
|||
}
|
||||
}
|
||||
|
||||
public function fetchEventIds($user, $from = false, $to = false, $last = false, $list = false) {
|
||||
public function fetchEventIds($user, $from = false, $to = false, $last = false, $list = false, $timestamp = false, $publish_timestamp = false) {
|
||||
$conditions = array();
|
||||
$isSiteAdmin = $user['Role']['perm_site_admin'];
|
||||
|
||||
|
@ -1013,6 +1013,8 @@ class Event extends AppModel {
|
|||
if ($from) $conditions['AND'][] = array('Event.date >=' => $from);
|
||||
if ($to) $conditions['AND'][] = array('Event.date <=' => $to);
|
||||
if ($last) $conditions['AND'][] = array('Event.publish_timestamp >=' => $last);
|
||||
if ($timestamp) $conditions['AND'][] = array('Event.timestamp >=' => $timestamp);
|
||||
if ($publish_timestamp) $conditions['AND'][] = array('Event.publish_timestamp >=' => $publish_timestamp);
|
||||
|
||||
if ($list) {
|
||||
$params = array(
|
||||
|
@ -1055,6 +1057,7 @@ class Event extends AppModel {
|
|||
$isSiteAdmin = $user['Role']['perm_site_admin'];
|
||||
if (isset($options['disableSiteAdmin']) && $options['disableSiteAdmin']) $isSiteAdmin = false;
|
||||
$conditionsAttributes = array();
|
||||
|
||||
//restricting to non-private or same org if the user is not a site-admin.
|
||||
if (!$isSiteAdmin) {
|
||||
$sgids = $this->SharingGroup->fetchAllAuthorised($user);
|
||||
|
@ -1078,6 +1081,16 @@ class Event extends AppModel {
|
|||
)
|
||||
)
|
||||
);
|
||||
// if delegations are enabled, check if there is an event that the current user might see because of the request itself
|
||||
if (Configure::read('MISP.delegation')) {
|
||||
$this->EventDelegation = ClassRegistry::init('EventDelegation');
|
||||
$delegatedEventIDs = $this->EventDelegation->find('list', array(
|
||||
'conditions' => array('EventDelegation.org_id' => $user['org_id']),
|
||||
'fields' => array('event_id')
|
||||
));
|
||||
$conditions['AND']['OR']['Event.id'] = $delegatedEventIDs;
|
||||
}
|
||||
|
||||
$conditionsAttributes['AND'][0]['OR'] = array(
|
||||
array('AND' => array(
|
||||
'Attribute.distribution >' => 0,
|
||||
|
@ -1276,7 +1289,8 @@ class Event extends AppModel {
|
|||
}
|
||||
$params = array(
|
||||
'conditions' => $conditions, //array of conditions
|
||||
'fields' => array('Attribute.event_id', 'Attribute.distribution', 'Attribute.category', 'Attribute.type', 'Attribute.value', 'Attribute.comment', 'Attribute.uuid', 'Attribute.to_ids', 'Attribute.timestamp'),
|
||||
'fields' => array('Attribute.event_id', 'Attribute.distribution', 'Attribute.category', 'Attribute.type', 'Attribute.value', 'Attribute.comment', 'Attribute.uuid', 'Attribute.to_ids', 'Attribute.timestamp', 'Attribute.id'),
|
||||
'sort' => 'Attribute.id ASC'
|
||||
);
|
||||
|
||||
if ($includeContext) {
|
||||
|
@ -1962,6 +1976,48 @@ class Event extends AppModel {
|
|||
} return $this->validationErrors;
|
||||
}
|
||||
|
||||
// format has to be:
|
||||
// array('Event' => array(), 'Attribute' => array('ShadowAttribute' => array()), 'EventTag' => array(), 'ShadowAttribute' => array());
|
||||
public function savePreparedEvent($event) {
|
||||
unset($event['Event']['id']);
|
||||
$this->create();
|
||||
$this->save($event['Event']);
|
||||
$event['Event']['id'] = $this->id;
|
||||
$objects = array('Attribute', 'ShadowAttribute', 'EventTag');
|
||||
foreach ($objects as $object_type) {
|
||||
if (!empty($event[$object_type])) {
|
||||
$saveMethod = '__savePrepared' . $object_type;
|
||||
foreach ($event[$object_type] as $object) $this->$saveMethod($object, $event);
|
||||
}
|
||||
}
|
||||
return $event['Event']['id'];
|
||||
}
|
||||
|
||||
private function __savePreparedAttribute(&$attribute, &$event) {
|
||||
unset($attribute['id']);
|
||||
$attribute['event_id'] = $event['Event']['id'];
|
||||
$this->Attribute->create();
|
||||
$this->Attribute->save($attribute);
|
||||
foreach ($attribute['ShadowAttribute'] as $k => $sa) {
|
||||
$this->__savePreparedShadowAttribute($sa, $event, $this->Attribute->id);
|
||||
}
|
||||
}
|
||||
|
||||
private function __savePreparedShadowAttribute($shadow_attribute, &$event, $old_id = 0) {
|
||||
unset($shadow_attribute['id']);
|
||||
$shadow_attribute['event_id'] = $event['Event']['id'];
|
||||
$shadow_attribute['old_id'] = $old_id;
|
||||
$this->ShadowAttribute->create();
|
||||
$this->ShadowAttribute->save($shadow_attribute);
|
||||
}
|
||||
|
||||
private function __savePreparedEventTag($event_tag, &$event) {
|
||||
unset($event_tag['id']);
|
||||
$event_tag['event_id'] = $event['Event']['id'];
|
||||
$this->EventTag->create();
|
||||
$this->EventTag->save($event_tag);
|
||||
}
|
||||
|
||||
private function __searchUuidInAttributeArray($uuid, &$attr_array) {
|
||||
foreach ($attr_array['Attribute'] as &$attr) {
|
||||
if ($attr['uuid'] == $uuid) return array('Attribute' => $attr);
|
||||
|
|
|
@ -25,6 +25,12 @@ class EventDelegation extends AppModel {
|
|||
'Org' => array(
|
||||
'className' => 'Organisation',
|
||||
),
|
||||
'RequesterOrg' => array(
|
||||
'className' => 'Organisation'
|
||||
),
|
||||
'SharingGroup' => array(
|
||||
'className' => 'SharingGroup'
|
||||
)
|
||||
);
|
||||
|
||||
public function attachTagToEvent($event_id, $tag_id) {
|
||||
|
@ -41,4 +47,71 @@ class EventDelegation extends AppModel {
|
|||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public function transferEvent($delegation, $user) {
|
||||
$this->Event->Attribute->bindModel(
|
||||
array(
|
||||
'hasMany' => array(
|
||||
'ShadowAttribute' => array(
|
||||
'className' => 'ShadowAttribute',
|
||||
'foreignKey' => 'old_id'
|
||||
)
|
||||
)
|
||||
)
|
||||
);
|
||||
$event = $this->Event->find('first', array(
|
||||
'conditions' => array('Event.id' => $delegation['EventDelegation']['event_id']),
|
||||
'recursive' => -1,
|
||||
'contain' => array(
|
||||
'ShadowAttribute' => array(
|
||||
'conditions' => array(
|
||||
'ShadowAttribute.old_id' => 0,
|
||||
'ShadowAttribute.event_id' => $delegation['EventDelegation']['event_id']
|
||||
)
|
||||
),
|
||||
'EventTag',
|
||||
'Attribute' => array(
|
||||
'ShadowAttribute'
|
||||
)
|
||||
),
|
||||
));
|
||||
$event['Event']['user_id'] = $user['id'];
|
||||
$event['Event']['orgc_id'] = $delegation['EventDelegation']['org_id'];
|
||||
$event['Event']['org_id'] = $delegation['EventDelegation']['org_id'];
|
||||
$this->Event->delete($delegation['EventDelegation']['event_id']);
|
||||
$event_id = $this->Event->savePreparedEvent($event);
|
||||
return $event_id;
|
||||
}
|
||||
|
||||
private function __prepareEvent(&$event) {
|
||||
$objects = array('Attribute', 'ShadowAttribute', 'EventTag');
|
||||
$objects = array(
|
||||
'Attribute' => array('id', 'event_id'),
|
||||
'EventTag' => array('id', 'event_id'),
|
||||
'ShadowAttribute' => array('id', 'event_id'),
|
||||
);
|
||||
$objectsWithAttachments = array('Attribute', 'ShadowAttribute');
|
||||
$objectsToRearrange = array('Attribute', 'ShadowAttribute', 'EventTag');
|
||||
unset ($event['Event']['id']);
|
||||
foreach ($objects as $object_type => $fields) {
|
||||
foreach ($event[$object_type] as &$object) {
|
||||
// append attachment
|
||||
if (in_array($object_type, $objectsWithAttachments)) {
|
||||
if ($this->Event->Attribute->typeIsAttachment($object['type'])) {
|
||||
$encodedFile = $this->Event->$object_type->base64EncodeAttachment($object);
|
||||
$object['data'] = $encodedFile;
|
||||
}
|
||||
}
|
||||
|
||||
// unset ID fields and relations
|
||||
foreach ($fields as $field) {
|
||||
unset($object[$field]);
|
||||
}
|
||||
}
|
||||
if (in_array($object_type, $objectsToRearrange)) {
|
||||
$event['Event'][$object_type] = $event[$object_type];
|
||||
unset($event[$object_type]);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -41,7 +41,9 @@ class Log extends AppModel {
|
|||
'reset_auth_key',
|
||||
'update',
|
||||
'enable',
|
||||
'disable'
|
||||
'disable',
|
||||
'accept_delegation',
|
||||
'request_delegation'
|
||||
)),
|
||||
'message' => 'Options : ...'
|
||||
)
|
||||
|
|
|
@ -495,6 +495,15 @@ class Server extends AppModel {
|
|||
'type' => 'boolean',
|
||||
'null' => true
|
||||
),
|
||||
'delegation' => array(
|
||||
'level' => 1,
|
||||
'description' => 'This feature allows users to created org only events and ask another organisation to take owenership of the event. This allows organisations to remain anonymous by asking a partner to publish an event for them.',
|
||||
'value' => false,
|
||||
'errorMessage' => '',
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
'null' => true
|
||||
),
|
||||
),
|
||||
'GnuPG' => array(
|
||||
'branch' => 1,
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
<div class="dashboard_element w-2 h-1 dashboard_notifications">
|
||||
<h4>Changes since last visit</h4>
|
||||
<p>
|
||||
<b>Events updated: </b><span class="bold <?php echo $events['changed'] ? 'red' : 'green'; ?>"><?php echo h($events['changed']);?></span> (<a href="<?php echo $baseurl;?>/events/index">View</a>)<br />
|
||||
<b>Events published: </b><span class="bold <?php echo $events['published'] ? 'red' : 'green'; ?>"><?php echo h($events['published']);?></span> (<a href="<?php echo $baseurl;?>/events/index">View</a>)<br />
|
||||
</p>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
$(document).ready(function() {
|
||||
var elem = $('.dashboard_notifications').width();
|
||||
$('.dashboard_notifications').css({'height':elem+'px'});
|
||||
});
|
||||
</script>
|
|
@ -0,0 +1,14 @@
|
|||
<div class="dashboard_element w-2 h-1 dashboard_notifications">
|
||||
<h4>Notifications</h4>
|
||||
<p>
|
||||
<b>Proposals: </b><span class="bold <?php echo $notifications['proposalCount'] ? 'red' : 'green'; ?>"><?php echo h($notifications['proposalCount']);?></span> (<a href="<?php echo $baseurl;?>/shadow_attributes/index">View</a>)<br />
|
||||
<b>Events with proposals: </b><span class="bold <?php echo $notifications['proposalEventCount'] ? 'red' : 'green'; ?>"><?php echo h($notifications['proposalEventCount']);?></span> (<a href="<?php echo $baseurl;?>/events/proposalEventIndex">View</a>)<br />
|
||||
<b>Delegation requests: </b><span class="bold <?php echo $notifications['delegationCount'] ? 'red' : 'green'; ?>"><?php echo h($notifications['delegationCount']);?></span> (<a href="<?php echo $baseurl;?>/events/delegation_index">View</a>)
|
||||
</p>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
$(document).ready(function() {
|
||||
var elem = $('.dashboard_notifications').width();
|
||||
$('.dashboard_notifications').css({'height':elem+'px'});
|
||||
});
|
||||
</script>
|
|
@ -71,6 +71,7 @@
|
|||
</a>
|
||||
<ul class="dropdown-menu">
|
||||
<li><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
|
||||
<li><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
|
||||
<li><a href="<?php echo $baseurl;?>/users/memberslist">Members List</a></li>
|
||||
<li><a href="<?php echo $baseurl;?>/organisations/index">Organisations</a></li>
|
||||
<li><a href="<?php echo $baseurl;?>/roles/index">Role Permissions</a></li>
|
||||
|
@ -166,17 +167,6 @@
|
|||
</div>
|
||||
<div class="nav-collapse collapse pull-right">
|
||||
<ul class="nav">
|
||||
<li>
|
||||
<a href="<?php echo $baseurl;?>/events/proposalEventIndex" <?php if ($proposalCount > 0) echo 'style="font-weight:bold;"'; ?>>
|
||||
<?php
|
||||
$proposalPluralOrZero = 's';
|
||||
if ($proposalCount == 1) $proposalPluralOrZero = '';
|
||||
$proposalEventPluralOrZero = 's';
|
||||
if ($proposalEventCount == 1) $proposalEventPluralOrZero = '';
|
||||
echo $proposalCount . ' proposal' . $proposalPluralOrZero . ' in ' . $proposalEventCount . ' event' . $proposalEventPluralOrZero;
|
||||
?>
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="<?php echo $baseurl;?>/" id="fullLogo" style="font-weight:bold;">
|
||||
<span class="logoBlueStatic">M</span><span class="logoGray">alware</span>
|
||||
|
@ -188,6 +178,14 @@
|
|||
<span class="logoBlueStatic">MISP</span>
|
||||
</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="<?php echo $baseurl;?>/users/view/me" class="white" style="padding-left:0px;padding-right:5px;" title="<?php echo h($me['email']);?>"><?php echo $loggedInUserName;?></a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="<?php echo $baseurl;?>/users/dashboard" style="padding-left:0px;padding-right:0px;">
|
||||
<span class="notification-<?php echo ($notifications['total'] > 0) ? 'active' : 'passive';?>"><span style="float:left;margin-top:3px;margin-right:3px;margin-left:3px;" class="icon-envelope icon-white"></span></span>
|
||||
</a>
|
||||
</li>
|
||||
<li><a href="<?php echo $baseurl;?>/users/logout">Log out</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
|
|
|
@ -46,10 +46,19 @@
|
|||
?>
|
||||
<li<?php echo $publishButtons; ?> class="publishButtons"><a href="#" onClick="publishPopup('<?php echo h($event['Event']['id']); ?>', 'alert')">Publish Event</a></li>
|
||||
<li<?php echo $publishButtons; ?> class="publishButtons"><a href="#" onClick="publishPopup('<?php echo h($event['Event']['id']); ?>', 'publish')">Publish (no email)</a></li>
|
||||
<?php if ($isSiteAdmin || (isset($mayModify) && $mayModify)): ?>
|
||||
<li id='lidelegateEvent'><a href="#" onClick="delegatePopup('<?php echo h($event['Event']['id']); ?>');">Delegate Publishing</a></li>
|
||||
<?php if (Configure::read('MISP.delegation')):?>
|
||||
<?php if (isset($event['Event']['distribution']) && (!isset($delegationRequest) || !$delegationRequest) && $event['Event']['distribution'] == 0 && ($isSiteAdmin || (isset($mayPublish) && $mayPublish))): ?>
|
||||
<li id='lidelegateEvent'><a href="#" onClick="delegatePopup('<?php echo h($event['Event']['id']); ?>');">Delegate Publishing</a></li>
|
||||
<?php endif;?>
|
||||
<?php if (isset($delegationRequest) && $delegationRequest && ($isSiteAdmin || ($isAclPublish && ($me['org_id'] == $delegationRequest['EventDelegation']['org_id'] || $me['org_id'] == $delegationRequest['EventDelegation']['requester_org_id'])))): ?>
|
||||
<li class="divider"></li>
|
||||
<?php if ($isSiteAdmin || ($isAclPublish && ($me['org_id'] == $delegationRequest['EventDelegation']['org_id']))): ?>
|
||||
<li id='liacceptDelegation'><a href="#" onClick="genericPopup('<?php echo $baseurl?>/event_delegations/acceptDelegation/<?php echo h($delegationRequest['EventDelegation']['id']); ?>', '#confirmation_box');">Accept Delegation Request</a></li>
|
||||
<?php endif;?>
|
||||
<li id='lideleteDelegation'><a href="#" onClick="genericPopup('<?php echo $baseurl?>/event_delegations/deleteDelegation/<?php echo h($delegationRequest['EventDelegation']['id']); ?>', '#confirmation_box');">Discard Delegation Request</a></li>
|
||||
<li class="divider"></li>
|
||||
<?php endif;?>
|
||||
<?php endif;?>
|
||||
|
||||
<li id='licontact'><a href="<?php echo $baseurl;?>/events/contact/<?php echo h($event['Event']['id']);?>">Contact Reporter</a></li>
|
||||
<li><a onClick="getPopup('<?php echo h($event['Event']['id']); ?>', 'events', 'exportChoice');" style="cursor:pointer;">Download as...</a></li>
|
||||
<li class="divider"></li>
|
||||
|
@ -116,6 +125,7 @@
|
|||
<li class="divider"></li>
|
||||
<?php endif; ?>
|
||||
<li id='liview'><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
|
||||
<li id='lidashboard'><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
|
||||
<li id='limembers'><a href="<?php echo $baseurl;?>/users/memberslist">Members List</a></li>
|
||||
<li id='liindexOrg'><a href="<?php echo $baseurl;?>/organisations/index">List Organisations</a></li>
|
||||
<?php if ($menuItem === 'viewOrg'): ?>
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
<div class="confirmation">
|
||||
<div class="legend">Accept Delegation Request</div>
|
||||
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
|
||||
<p>Are you sure you would like to accept the request by <?php echo h($delegationRequest['Org']['name']); ?> to take ownership of Event #<?php echo h($delegationRequest['Event']['id']);?>?</p>
|
||||
<table>
|
||||
<tr>
|
||||
<td style="vertical-align:top">
|
||||
<?php
|
||||
echo $this->Form->create('EventDelegation', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
|
||||
echo $this->Form->submit('Yes', array('div' => false, 'class' => 'btn btn-primary'));
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</td>
|
||||
<td style="width:540px;">
|
||||
</td>
|
||||
<td style="vertical-align:top;">
|
||||
<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();">No</span>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
|
@ -1,30 +1,55 @@
|
|||
<div class="confirmation">
|
||||
<?php
|
||||
echo $this->Form->create('Event', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => '/events/' . $type . '/' . $id));
|
||||
$extraTitle = "";
|
||||
if ($type == 'publish') $extraTitle = ' (no email)';
|
||||
?>
|
||||
<legend>Publish Event<?php echo $extraTitle; ?></legend>
|
||||
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
|
||||
<?php if ($type == 'alert'): ?>
|
||||
<p>Are you sure this event is complete and everyone should be informed?</p>
|
||||
<?php else: ?>
|
||||
<p>Publish but do NOT send alert email? Only for minor changes!</p>
|
||||
<?php endif; ?>
|
||||
<table>
|
||||
<tr>
|
||||
<td style="vertical-align:top">
|
||||
<span id="PromptYesButton" class="btn btn-primary" onClick="submitPublish()">Yes</span>
|
||||
</td>
|
||||
<td style="width:540px;">
|
||||
</td>
|
||||
<td style="vertical-align:top;">
|
||||
<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();">No</span>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<div class="popover_choice" style="padding-bottom:5px;">
|
||||
<div class="legend">Delegate the publishing of the Event to another organisation</div>
|
||||
<p class="white" style="background:red;">Warning: You are about to request another organisation to take ownership of this event.</p>
|
||||
<div class="popover_choice_main overlay_spacing bottomGap" id ="popover_choice_main">
|
||||
<?php
|
||||
echo $this->Form->create('EventDelegation', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
|
||||
echo $this->Form->input('org_id', array(
|
||||
'label' => 'Target Organisation',
|
||||
'options' => array($org),
|
||||
'empty' => 'Select organisation',
|
||||
'div' => 'clear'
|
||||
));
|
||||
echo $this->Form->input('distribution', array(
|
||||
'options' => $distributionOptions,
|
||||
'label' => 'Desired Distribution',
|
||||
));
|
||||
?>
|
||||
<div id="sgid" class="hidden">
|
||||
<?php
|
||||
echo $this->Form->input('sharing_group_id', array(
|
||||
'options' => $sgOptions,
|
||||
'label' => 'Desired Sharing Group',
|
||||
'div' => false
|
||||
));
|
||||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->Form->input('message', array(
|
||||
'label' => false,
|
||||
'div' => false,
|
||||
'type' => 'textarea',
|
||||
'style' => 'width:665px;',
|
||||
'placeholder' => 'Message to the recipient organisation'
|
||||
));
|
||||
echo $this->Form->submit('Yes', array('div' => false, 'class' => 'btn btn-primary'));
|
||||
?>
|
||||
<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPopoverForm();" style="float:right;">No</span>
|
||||
<?php
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</div>
|
||||
<?php
|
||||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
|
||||
$(document).ready(function() {
|
||||
$('#EventDelegationDistribution').change(function() {
|
||||
if ($('#EventDelegationDistribution').val() == 4) $('#sgid').show();
|
||||
else $('#sgid').hide();
|
||||
});
|
||||
});
|
||||
|
||||
</script>
|
||||
<?php echo $this->Js->writeBuffer();
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
<div class="confirmation">
|
||||
<div class="legend">Delete Delegation Request</div>
|
||||
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
|
||||
<p>Are you sure you would like to discard the request by <?php echo h($delegationRequest['Org']['name']); ?> to take owenership of Event #<?php echo h($delegationRequest['Event']['id']);?>?</p>
|
||||
<table>
|
||||
<tr>
|
||||
<td style="vertical-align:top">
|
||||
<?php
|
||||
echo $this->Form->create('EventDelegation', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
|
||||
echo $this->Form->submit('Yes', array('div' => false, 'class' => 'btn btn-primary'));
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</td>
|
||||
<td style="width:540px;">
|
||||
</td>
|
||||
<td style="vertical-align:top;">
|
||||
<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();">No</span>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
|
@ -0,0 +1,26 @@
|
|||
<div class="confirmation">
|
||||
<legend>Event Delegation</legend>
|
||||
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
|
||||
<?php
|
||||
$target = $me['org_id'] == $delegation['Org']['id'] ? 'your organisation' : $delegation['Org']['name'];
|
||||
$requester = $me['org_id'] == $delegation['RequesterOrg']['id'] ? 'Your organisation' : $delegation['RequesterOrg']['name'];
|
||||
?>
|
||||
<p>
|
||||
<b>Request details</b><br /><span class="red bold"><?php echo h($requester);?></span> is requesting <span class="red bold"><?php echo h($target); ?></span> to take over this event.
|
||||
<?php if ($delegation['EventDelegation']['distribution'] != -1): ?>
|
||||
<?php if ($delegation['EventDelegation']['distribution'] < 4): ?> <br />
|
||||
The desired distribution level is <span class="red bold"><?php echo h($delegation['requested_distribution_level']);?></span>
|
||||
<?php else: ?>
|
||||
The desired sharing group to distribute the event to is: <span class="red bold"><?php echo h($delegation['SharingGroup']['name']);?></span>.
|
||||
<?php endif;?>
|
||||
<?php endif;?>
|
||||
</p>
|
||||
<p><b>Message from requester</b><br /><?php echo h($delegation['EventDelegation']['message']); ?></p>
|
||||
<div class="row-fluid">
|
||||
<?php if ($isSiteAdmin || $me['org_id'] == $delegation['Org']['id']):?>
|
||||
<span class="btn btn-primary" onClick="genericPopup('<?php echo $baseurl?>/event_delegations/acceptDelegation/<?php echo h($delegation['EventDelegation']['id']); ?>', '#confirmation_box');">Accept</span>
|
||||
<?php endif;?>
|
||||
<span class="btn btn-inverse" onClick="genericPopup('<?php echo $baseurl?>/event_delegations/deleteDelegation/<?php echo h($delegation['EventDelegation']['id']); ?>', '#confirmation_box');">Discard</span>
|
||||
<span class="btn btn-inverse" style="float:right;" id="PromptNoButton" onClick="cancelPrompt();">Cancel</span>
|
||||
</div>
|
||||
</div>
|
|
@ -104,48 +104,48 @@
|
|||
</div>
|
||||
</fieldset>
|
||||
<div class="overlay_spacing">
|
||||
<?php echo $this->Form->end();?>
|
||||
<div id="rule_table">
|
||||
<table style="background-color:white;">
|
||||
<tr style="width:680px;background-color:#0088cc;color:white;">
|
||||
<th style="width:100px;border:1px solid #cccccc;text-align: left;">Target</th>
|
||||
<th style="width:567px;border:1px solid #cccccc;border-right:0px;text-align: left;">Value</th>
|
||||
<th style="width:10px;border:1px solid #cccccc;border-left:0px;text-align: left;"></th>
|
||||
</tr>
|
||||
<?php
|
||||
$fields = array('published', 'org', 'tag', 'date', 'eventinfo', 'threatlevel', 'analysis', 'distribution', 'attribute');
|
||||
foreach ($fields as $k => $field):
|
||||
?>
|
||||
<tr id="row_<?php echo $field; ?>" class="hidden filterTableRow">
|
||||
<td id="key_<?php echo $field;?>" style="border:1px solid #cccccc;font-weight:bold;"><?php echo ucfirst($field); ?></td>
|
||||
<td id="value_<?php echo $field;?>" style="border:1px solid #cccccc;border-right:0px;"></td>
|
||||
<td id="delete_<?php echo $field;?>" style="border:1px solid #cccccc;border-left:0px;"><span class="icon-trash" onClick="indexFilterClearRow('<?php echo $field;?>')"></span></td>
|
||||
<?php echo $this->Form->end();?>
|
||||
<div id="rule_table">
|
||||
<table style="background-color:white;">
|
||||
<tr style="width:680px;background-color:#0088cc;color:white;">
|
||||
<th style="width:100px;border:1px solid #cccccc;text-align: left;">Target</th>
|
||||
<th style="width:567px;border:1px solid #cccccc;border-right:0px;text-align: left;">Value</th>
|
||||
<th style="width:10px;border:1px solid #cccccc;border-left:0px;text-align: left;"></th>
|
||||
</tr>
|
||||
<?php
|
||||
endforeach;
|
||||
?>
|
||||
</table>
|
||||
<table style="background-color:white;width:100%;" id="FilterplaceholderTable">
|
||||
<tr class="filterTableRow">
|
||||
<td style="border:1px solid #cccccc;border-top:0px;font-weight:bold;width:100%;color:red;">No filters set - add filter terms above.</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<?php echo $this->Form->create('Event', array('id' => 'test', 'url' => $baseurl . '/events/index'));?>
|
||||
<fieldset>
|
||||
<?php
|
||||
echo $this->Form->input('generatedURL', array(
|
||||
'label' => false,
|
||||
'class' => 'input',
|
||||
'style' => 'width:620px;display:none;',
|
||||
'div' => false
|
||||
));
|
||||
?>
|
||||
</fieldset>
|
||||
<div id = "generatedURL" style="word-wrap: break-word;"><br />Save this URL if you would like to use the same filter settings again<br /><div style="background-color:#f5f5f5;border: 1px solid #e3e3e3; border-radius:4px;padding:3px;background-color:white;"><span id="generatedURLContent"></span></div></div>
|
||||
<br />
|
||||
<span class="btn btn-primary" onClick="indexApplyFilters();">Apply</span>
|
||||
<span class="btn btn-inverse" onClick="cancelPopoverForm();" style="float:right;">Cancel</span>
|
||||
<?php
|
||||
$fields = array('published', 'org', 'tag', 'date', 'eventinfo', 'threatlevel', 'analysis', 'distribution', 'attribute');
|
||||
foreach ($fields as $k => $field):
|
||||
?>
|
||||
<tr id="row_<?php echo $field; ?>" class="hidden filterTableRow">
|
||||
<td id="key_<?php echo $field;?>" style="border:1px solid #cccccc;font-weight:bold;"><?php echo ucfirst($field); ?></td>
|
||||
<td id="value_<?php echo $field;?>" style="border:1px solid #cccccc;border-right:0px;"></td>
|
||||
<td id="delete_<?php echo $field;?>" style="border:1px solid #cccccc;border-left:0px;"><span class="icon-trash" onClick="indexFilterClearRow('<?php echo $field;?>')"></span></td>
|
||||
</tr>
|
||||
<?php
|
||||
endforeach;
|
||||
?>
|
||||
</table>
|
||||
<table style="background-color:white;width:100%;" id="FilterplaceholderTable">
|
||||
<tr class="filterTableRow">
|
||||
<td style="border:1px solid #cccccc;border-top:0px;font-weight:bold;width:100%;color:red;">No filters set - add filter terms above.</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<?php echo $this->Form->create('Event', array('id' => 'test', 'url' => $baseurl . '/events/index'));?>
|
||||
<fieldset>
|
||||
<?php
|
||||
echo $this->Form->input('generatedURL', array(
|
||||
'label' => false,
|
||||
'class' => 'input',
|
||||
'style' => 'width:620px;display:none;',
|
||||
'div' => false
|
||||
));
|
||||
?>
|
||||
</fieldset>
|
||||
<div id = "generatedURL" style="word-wrap: break-word;"><br />Save this URL if you would like to use the same filter settings again<br /><div style="background-color:#f5f5f5;border: 1px solid #e3e3e3; border-radius:4px;padding:3px;background-color:white;"><span id="generatedURLContent"></span></div></div>
|
||||
<br />
|
||||
<span class="btn btn-primary" onClick="indexApplyFilters();">Apply</span>
|
||||
<span class="btn btn-inverse" onClick="cancelPopoverForm();" style="float:right;">Cancel</span>
|
||||
</div>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
|
|
|
@ -17,12 +17,13 @@
|
|||
</div>
|
||||
<?php
|
||||
$tab = "Center";
|
||||
if (!isset($simple)) $simple = false;
|
||||
$filtered = false;
|
||||
if (count($passedArgsArray) > 0) {
|
||||
if (!$simple && count($passedArgsArray) > 0) {
|
||||
$tab = "Left";
|
||||
$filtered = true;
|
||||
}
|
||||
if (!$ajax):
|
||||
if (!$ajax && !$simple):
|
||||
?>
|
||||
<div class="tabMenuFixedContainer" style="display:inline-block;">
|
||||
<span class="tabMenuFixed tabMenuFixed<?php echo $tab; ?> tabMenuSides">
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
<?php
|
||||
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id'] && $event['Orgc']['id'] == $me['org_id']) || ($isAclModifyOrg && $event['Orgc']['id'] == $me['org_id']));
|
||||
$mayPublish = ($isAclPublish && $event['Orgc']['id'] == $me['org_id']);
|
||||
?>
|
||||
<?php
|
||||
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id'] && $event['Orgc']['id'] == $me['org_id']) || ($isAclModifyOrg && $event['Orgc']['id'] == $me['org_id']));
|
||||
$mayPublish = ($isAclPublish && $event['Orgc']['id'] == $me['org_id']);
|
||||
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'viewEvent', 'mayModify' => $mayModify, 'mayPublish' => $mayPublish));
|
||||
?>
|
||||
<div class="events view">
|
||||
|
@ -125,27 +123,21 @@ $mayPublish = ($isAclPublish && $event['Orgc']['id'] == $me['org_id']);
|
|||
<?php echo nl2br(h($event['Event']['info'])); ?>
|
||||
|
||||
</dd>
|
||||
<dt class="<?php echo ($event['Event']['published'] == 0) ? (($isAclPublish && $me['org_id'] == $event['Event']['orgc_id']) ? 'background-red bold' : 'bold') : 'bold'; ?>">Published</dt>
|
||||
<dd class="<?php echo ($event['Event']['published'] == 0) ? (($isAclPublish && $me['org_id'] == $event['Event']['orgc_id']) ? 'background-red bold' : 'red bold') : 'green bold'; ?>"><?php echo ($event['Event']['published'] == 0) ? 'No' : 'Yes'; ?></dd>
|
||||
<?php
|
||||
$published = '';
|
||||
$notPublished = 'style="display:none;"';
|
||||
if ($event['Event']['published'] == 0) {
|
||||
$published = 'style="display:none;"';
|
||||
$notPublished = '';
|
||||
}
|
||||
if (!empty($delegationRequest)):
|
||||
if ($isSiteAdmin || $me['org_id'] == $delegationRequest['EventDelegation']['org_id']) {
|
||||
$target = $isSiteAdmin ? $delegationRequest['Org']['name'] : 'you';
|
||||
$subject = $delegationRequest['RequesterOrg']['name'] . ' has';
|
||||
} else {
|
||||
$target = $delegationRequest['Org']['name'];
|
||||
$subject = 'You have';
|
||||
}
|
||||
?>
|
||||
<dt class="published" <?php echo $published;?>>Published</dt>
|
||||
<dd class="published green" <?php echo $published;?>>Yes</dd>
|
||||
<?php
|
||||
if ($isAclPublish) :
|
||||
?>
|
||||
<dt class="visibleDL notPublished" <?php echo $notPublished;?>>Published</dt>
|
||||
<dd class="visibleDL notPublished" <?php echo $notPublished;?>>No</dd>
|
||||
<?php
|
||||
else:
|
||||
?>
|
||||
<dt class="notPublished" <?php echo $notPublished;?>>Published</dt>
|
||||
<dd class="notPublished red" <?php echo $notPublished;?>>No</dd>
|
||||
<?php endif; ?>
|
||||
<dt class="background-red bold">Delegation request</dt>
|
||||
<dd class="background-red bold"><?php echo h($subject);?> requested that <?php echo h($target)?> take over this event. (<a href="#" style="color:white;" onClick="genericPopup('<?php echo $baseurl;?>/eventDelegations/view/<?php echo h($delegationRequest['EventDelegation']['id']);?>', '#confirmation_box');">View request details</a>)</dd>
|
||||
<?php endif;?>
|
||||
</dl>
|
||||
</div>
|
||||
<?php if (!empty($event['RelatedEvent'])):?>
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
<div class="Dashboard index">
|
||||
<h2>Dashboard</h2>
|
||||
<div class="row">
|
||||
<div class="span3 dashboard_container">
|
||||
<?php
|
||||
echo $this->element('dashboard/dashboard_notifications');
|
||||
?>
|
||||
</div>
|
||||
<div class="span3 dashboard_container">
|
||||
<?php
|
||||
echo $this->element('dashboard/dashboard_events');
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'globalActions', 'menuItem' => 'dashboard'));
|
||||
?>
|
|
@ -337,6 +337,7 @@ td.action-links {
|
|||
dl {
|
||||
line-height: 2em;
|
||||
margin: 0em 0em;
|
||||
overflow: hidden
|
||||
/*width: 60%;*/
|
||||
}
|
||||
dl dd:nth-child(4n+2),
|
||||
|
@ -345,15 +346,19 @@ dl dt:nth-child(4n+1) {
|
|||
}
|
||||
|
||||
dt {
|
||||
float:left;
|
||||
font-weight: bold;
|
||||
padding-left: 4px;
|
||||
padding: 0;
|
||||
margin: 0;
|
||||
vertical-align: top;
|
||||
width: 12em;
|
||||
width: 15%;
|
||||
}
|
||||
dd {
|
||||
margin-left: 12em;
|
||||
margin-top: -1.7em;
|
||||
float:left;'
|
||||
vertical-align: top;
|
||||
width: 85%;
|
||||
padding: 0;
|
||||
margin: 0;
|
||||
}
|
||||
|
||||
|
||||
|
@ -749,7 +754,7 @@ a.proposal_link_red:hover {
|
|||
z-index:5;
|
||||
}
|
||||
|
||||
.confirmation_box legend {
|
||||
.confirmation_box legend, .confirmation .legend {
|
||||
border-radius: 5px 5px 0px 0px;
|
||||
margin-bottom:5px;
|
||||
padding-left:5px;
|
||||
|
@ -758,6 +763,16 @@ a.proposal_link_red:hover {
|
|||
color:white;
|
||||
}
|
||||
|
||||
.legend {
|
||||
display: block;
|
||||
width: 100%;
|
||||
padding: 0;
|
||||
font-size: 21px;
|
||||
line-height: 40px;
|
||||
color: #333333;
|
||||
border: 0;
|
||||
}
|
||||
|
||||
.ajax_popover_form {
|
||||
display:none;
|
||||
width: 700px;
|
||||
|
@ -779,6 +794,16 @@ a.proposal_link_red:hover {
|
|||
color:white;
|
||||
}
|
||||
|
||||
.ajax_popover_form .legend {
|
||||
border-radius: 10px 10px 0px 0px;
|
||||
padding-left:10px;
|
||||
width:690px;
|
||||
background-color:black;
|
||||
color:white;
|
||||
font-size: 21px;
|
||||
line-height: 40px;
|
||||
}
|
||||
|
||||
.ajax_popover_form form {
|
||||
margin: 0 0 5px;
|
||||
}
|
||||
|
@ -1415,14 +1440,24 @@ a.proposal_link_red:hover {
|
|||
color: orange !important;
|
||||
}
|
||||
|
||||
.orange {
|
||||
color: orange;
|
||||
.white {
|
||||
color: white !important;
|
||||
}
|
||||
|
||||
.bold {
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
.background-red {
|
||||
background: red !important;
|
||||
color: white !important;
|
||||
}
|
||||
|
||||
.background-blue {
|
||||
background: #0088cc !important;
|
||||
color: white !important;
|
||||
}
|
||||
|
||||
.hidden {
|
||||
display:none;
|
||||
}
|
||||
|
@ -1442,6 +1477,35 @@ a.discrete {
|
|||
border-left: 1px solid grey;
|
||||
}
|
||||
|
||||
.notification-active {
|
||||
float:left;
|
||||
background-color:red;
|
||||
color:white;
|
||||
border-radius: 50%;
|
||||
width:20px;
|
||||
height:20px;
|
||||
}
|
||||
|
||||
.notification-passive {
|
||||
float:left;
|
||||
width:20px;
|
||||
height:20px;
|
||||
}
|
||||
|
||||
.dashboard_element{
|
||||
border: 1px solid #0088cc;
|
||||
border-radius: 5px;
|
||||
box-shadow: 0px 0px 6px #B2B2B2;
|
||||
padding-left:10px;
|
||||
padding-right:10px;
|
||||
width: 100%;
|
||||
height: 100%;
|
||||
}
|
||||
|
||||
.dashboard_container {
|
||||
margin-right:15px;
|
||||
}
|
||||
|
||||
@-webkit-keyframes rotation {
|
||||
from {-webkit-transform: rotate(0deg);}
|
||||
to {-webkit-transform: rotate(359deg);}
|
||||
|
|
|
@ -24,6 +24,22 @@ function publishPopup(id, type) {
|
|||
});
|
||||
}
|
||||
|
||||
function delegatePopup(id) {
|
||||
$.get( "/event_delegations/delegateEvent/" + id, function(data) {
|
||||
$("#popover_form").html(data);
|
||||
$("#popover_form").fadeIn();
|
||||
$("#gray_out").fadeIn();
|
||||
});
|
||||
}
|
||||
|
||||
function genericPopup(url, popupTarget) {
|
||||
$.get(url, function(data) {
|
||||
$(popupTarget).html(data);
|
||||
$(popupTarget).fadeIn();
|
||||
$("#gray_out").fadeIn();
|
||||
});
|
||||
}
|
||||
|
||||
function submitPublish(id, type) {
|
||||
$("#PromptForm").submit();
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue