mirror of https://github.com/MISP/MISP
chg: [logs] user can see own logs
Christophe Vandeplas
parent
77d0e9e17d
commit
b34933a4a5
|
|
@ -384,7 +384,8 @@ class ACLComponent extends Component
|
|||
'event_index' => array('*'),
|
||||
'returnDates' => array('*'),
|
||||
'testForStolenAttributes' => array(),
|
||||
'pruneUpdateLogs' => array()
|
||||
'pruneUpdateLogs' => array(),
|
||||
'index' => array('*')
|
||||
),
|
||||
'auditLogs' => [
|
||||
'admin_index' => ['perm_audit'],
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ class LogsController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public function admin_index()
|
||||
public function index()
|
||||
{
|
||||
$paramArray = array('id', 'title', 'created', 'model', 'model_id', 'action', 'user_id', 'change', 'email', 'org', 'description', 'ip');
|
||||
$filterData = array(
|
||||
|
|
@ -71,8 +71,15 @@ class LogsController extends AppController
|
|||
}
|
||||
}
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
// no filtering for SiteAdmin
|
||||
}
|
||||
else if (!$this->_isSiteAdmin() && $this->_isAdmin()) {
|
||||
// ORG admins can see their own org info
|
||||
$orgRestriction = $this->Auth->user('Organisation')['name'];
|
||||
$conditions['AND']['Log.org'] = $orgRestriction;
|
||||
$conditions['Log.org'] = $orgRestriction;
|
||||
} else {
|
||||
// users can see their own info
|
||||
$conditions['Log.email'] = $this->Auth->user('email');
|
||||
}
|
||||
$params = array(
|
||||
'conditions' => $conditions,
|
||||
|
|
@ -90,12 +97,18 @@ class LogsController extends AppController
|
|||
$this->set('isSearch', 0);
|
||||
$this->recursive = 0;
|
||||
$validFilters = $this->Log->logMeta;
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if ($this->_isSiteAdmin()) {
|
||||
$validFilters = array_merge_recursive($validFilters, $this->Log->logMetaAdmin);
|
||||
}
|
||||
else if (!$this->_isSiteAdmin() && $this->_isAdmin()) {
|
||||
// ORG admins can see their own org info
|
||||
$orgRestriction = $this->Auth->user('Organisation')['name'];
|
||||
$conditions['Log.org'] = $orgRestriction;
|
||||
$this->paginate['conditions'] = $conditions;
|
||||
} else {
|
||||
$validFilters = array_merge_recursive($validFilters, $this->Log->logMetaAdmin);
|
||||
// users can see their own info
|
||||
$conditions['Log.email'] = $this->Auth->user('email');
|
||||
$this->paginate['conditions'] = $conditions;
|
||||
}
|
||||
if (isset($this->params['named']['filter']) && in_array($this->params['named']['filter'], array_keys($validFilters))) {
|
||||
$this->paginate['conditions']['Log.action'] = $validFilters[$this->params['named']['filter']]['values'];
|
||||
|
|
@ -112,6 +125,12 @@ class LogsController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public function admin_index()
|
||||
{
|
||||
$this->view = 'index';
|
||||
$this->index();
|
||||
}
|
||||
|
||||
// Shows a minimalistic history for the currently selected event
|
||||
public function event_index($id, $org = null)
|
||||
{
|
||||
|
|
@ -313,7 +332,7 @@ class LogsController extends AppController
|
|||
}
|
||||
|
||||
// set the same view as the index page
|
||||
$this->render('admin_index');
|
||||
$this->render('index');
|
||||
}
|
||||
} else {
|
||||
// get from Session
|
||||
|
|
|
|||
|
|
@ -1093,25 +1093,29 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
|
|||
|
||||
case 'logs':
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
|
||||
'url' => $baseurl . '/admin/logs/index',
|
||||
'url' => $baseurl . '/logs/index',
|
||||
'text' => __('Application Logs')
|
||||
));
|
||||
if (Configure::read('MISP.log_new_audit')) {
|
||||
if (Configure::read('MISP.log_new_audit') && $isAdmin) {
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
|
||||
'element_id' => 'listAuditLogs',
|
||||
'url' => $baseurl . '/admin/audit_logs/index',
|
||||
'text' => __('Audit Logs'),
|
||||
));
|
||||
}
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
|
||||
'element_id' => 'listAccessLogs',
|
||||
'url' => $baseurl . '/admin/access_logs/index',
|
||||
'text' => __('Access Logs'),
|
||||
));
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
|
||||
'url' => $baseurl . '/admin/logs/search',
|
||||
'text' => __('Search Logs')
|
||||
));
|
||||
if ($isSiteAdmin) {
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
|
||||
'element_id' => 'listAccessLogs',
|
||||
'url' => $baseurl . '/admin/access_logs/index',
|
||||
'text' => __('Access Logs'),
|
||||
));
|
||||
}
|
||||
if ($isAdmin) {
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
|
||||
'url' => $baseurl . '/admin/logs/search',
|
||||
'text' => __('Search Logs')
|
||||
));
|
||||
}
|
||||
break;
|
||||
|
||||
case 'threads':
|
||||
|
|
|
|||
|
|
@ -487,20 +487,22 @@
|
|||
'children' => array(
|
||||
array(
|
||||
'text' => __('Application Logs'),
|
||||
'url' => $baseurl . '/admin/logs/index'
|
||||
'url' => $baseurl . '/logs/index'
|
||||
),
|
||||
array(
|
||||
'text' => __('Audit Logs'),
|
||||
'url' => $baseurl . '/admin/audit_logs/index',
|
||||
'requirement' => Configure::read('MISP.log_new_audit'),
|
||||
'requirement' => Configure::read('MISP.log_new_audit') && $isAdmin,
|
||||
),
|
||||
array(
|
||||
'text' => __('Access Logs'),
|
||||
'url' => $baseurl . '/admin/access_logs/index',
|
||||
'requirement' => $isSiteAdmin
|
||||
),
|
||||
array(
|
||||
'text' => __('Search Logs'),
|
||||
'url' => $baseurl . '/admin/logs/search',
|
||||
'requirement' => $isAdmin
|
||||
)
|
||||
)
|
||||
),
|
||||
|
|
|
|||
|
|
@ -46,12 +46,12 @@
|
|||
'text' => h($filterData['name']),
|
||||
'title' => __('Modify filters'),
|
||||
'active' => isset($filter) && $filterName === $filter,
|
||||
'url' => $baseurl . '/admin/logs/index/filter:' . h($filterName)
|
||||
'url' => $baseurl . '/logs/index/filter:' . h($filterName)
|
||||
);
|
||||
}
|
||||
$data['children'][0]['children'][] = array(
|
||||
'requirement' => !empty($filter),
|
||||
'url' => $baseurl . '/admin/logs/index',
|
||||
'url' => $baseurl . '/logs/index',
|
||||
'title' => __('Remove filters'),
|
||||
'fa-icon' => 'times'
|
||||
);
|
||||
|
|
@ -130,7 +130,7 @@
|
|||
'js' => array('vis', 'jquery-ui.min', 'network-distribution-graph')
|
||||
));
|
||||
echo sprintf(
|
||||
'<div class="users view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s<div style="margin-top:20px;">%s%s</div></div>',
|
||||
'<div class="users view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s%s<div style="margin-top:20px;">%s%s</div></div>',
|
||||
sprintf(
|
||||
'<h2>%s</h2>%s',
|
||||
__('User %s', h($user['User']['email'])),
|
||||
|
|
@ -145,6 +145,14 @@
|
|||
),
|
||||
__('Download user profile for data portability')
|
||||
),
|
||||
sprintf(
|
||||
' <a href="%s" class="btn btn-inverse">%s</a>',
|
||||
sprintf(
|
||||
'%s/logs/index',
|
||||
$baseurl
|
||||
),
|
||||
__('Review user logs')
|
||||
),
|
||||
$me['Role']['perm_auth'] ? $this->element('/genericElements/accordion', array('title' => __('Auth keys'), 'url' => '/auth_keys/index/' . h($user['User']['id']))) : '',
|
||||
$this->element('/genericElements/accordion', array('title' => 'Events', 'url' => '/events/index/searchemail:' . urlencode(h($user['User']['email']))))
|
||||
);
|
||||
|
|
|
|||
Loading…
Reference in New Issue