MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Subscription to alerts from contact reporter 

- Users can now choose to subscribe to receive e-mails from the "Contact
  Reporter" feature.
pull/63/head
Andras Iklody 2013-03-06 11:34:22 +01:00
parent 8abe55dd91
commit b9d4ac9cba
8 changed files with 420 additions and 387 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/Controller/EventsController.php
View File

@ -1099,7 +1099,15 @@ class EventsController extends AppController {
$this->loadModel('User');
if (!$all) {
//Insert extra field here: alertOrg or something, then foreach all the org members
$orgMembers = $this->User->findAllByOrg($event['Event']['org'], array('email', 'gpgkey'));
//limit this array to users with contactalerts turned on!
$orgMembers = array();
$this->User->recursive = 0;
$temp = $this->User->findAllByOrg($event['Event']['org'], array('email', 'gpgkey', 'contactalert'));
foreach ($temp as $tempElement) {
if ($tempElement['User']['contactalert']) {
array_push($orgMembers, $tempElement);
}
}
} else {
$orgMembers = $this->User->findAllById($event['Event']['user_id'], array('email', 'gpgkey'));
}

744
app/Model/User.php
View File

@ -1,367 +1,377 @@
<?php
App::uses('AppModel', 'Model');
App::uses('AuthComponent', 'Controller/Component');
/**
* User Model
*
* @property Role $Role
* @property Event $Event
*/
class User extends AppModel {
/**
* Display field
*
* @var string
*/
public $displayField = 'email';
public $orgField = 'org'; // TODO Audit, LogableBehaviour + org
/**
* Validation rules
*
* @var array
*/
public $validate = array(
'role_id' => array(
'numeric' => array(
'rule' => array('numeric'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'password' => array(
'minlength' => array(
'rule' => array('minlength', 6),
'message' => 'A password of a minimum length of 6 is required.',
//'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
'complexity' => array(
'rule' => array('complexPassword'),
'message' => 'The password must contain at least one upper-case, one lower-case, one (digits or special character).',
//'allowEmpty' => false,
//'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
'identical' => array(
'rule' => array('identicalFieldValues', 'confirm_password'),
'message' => 'Please re-enter your password twice so that the values match.',
//'allowEmpty' => false,
//'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'org' => array(
'notempty' => array(
'rule' => array('notempty'),
'message' => 'Please specify the organisation where you are working.',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'org_id' => array(
'notempty' => array(
'rule' => array('notempty'),
'message' => 'Please specify the organisation ID where you are working.', // TODO ACL, org_id in Users
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'email' => array(
'email' => array(
'rule' => array('email'),
'message' => 'Please enter a valid email address.',
//'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
'unique' => array(
'rule' => 'isUnique',
'message' => 'An account with this email address already exists.'
),
),
'autoalert' => array(
'boolean' => array(
'rule' => array('boolean'),
//'message' => 'Your custom message here',
'allowEmpty' => true,
'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'authkey' => array(
'minlength' => array(
'rule' => array('minlength', 40),
'message' => 'A authkey of a minimum length of 40 is required.',
'required' => true,
),
'notempty' => array(
'rule' => array('notempty'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'invited_by' => array(
'numeric' => array(
'rule' => array('numeric'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'change_pw' => array(
'numeric' => array(
'rule' => array('numeric'),
//'message' => 'Your custom message here',
'allowEmpty' => true,
'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'gpgkey' => array(
'notempty' => array(
'rule' => array('validateGpgkey'),
'message' => 'GPG key not valid, please enter a valid key.',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'nids_sid' => array(
'numeric' => array(
'rule' => array('numeric'),
'message' => 'A SID should be an integer.',
'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'termsaccepted' => array(
'boolean' => array(
'rule' => array('boolean'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'newsread' => array(
'date' => array(
'rule' => array('date'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
);
//The Associations below have been created with all possible keys, those that are not needed can be removed
/**
* belongsTo associations
*
* @var array
*/
public $belongsTo = array(
'Role' => array(
'className' => 'Role',
'foreignKey' => 'role_id',
'conditions' => '',
'fields' => '',
'order' => ''
)
);
/**
* hasMany associations
*
* @var array
*/
public $hasMany = array(
'Event' => array(
'className' => 'Event',
'foreignKey' => 'user_id',
'dependent' => false,
'conditions' => '',
'fields' => '',
'order' => '',
'limit' => '',
'offset' => '',
'exclusive' => '',
'finderQuery' => '',
'counterQuery' => ''
)
);
/**
* TODO ACL: 1: be requester to CakePHP ACL system
*/
public $actsAs = array(
'Acl' => array( // TODO ACL, + 'enabled' => false
'type' => 'requester',
'enabled' => false
),
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
'userModel' => 'User',
'userKey' => 'user_id',
'change' => 'full'
),
'Trim',
//'RemoveNewline' => array('fields' => array('gpgkey')),
);
/**
* TODO ACL: 2: hook User into CakePHP ACL system (so link to aros)
*/
public function parentNode() {
if (!$this->id && empty($this->data)) {
return null;
}
if (isset($this->data['User']['role_id'])) {
$roleId = $this->data['User']['role_id'];
} else {
$roleId = $this->field('role_id');
}
if (!$roleId) {
return null;
} else {
return array('Role' => array('id' => $roleId));
}
}
/**
* TODO ACL: 3: rights on Roles: http://stackoverflow.com/questions/6154285/aros-table-in-cakephp-is-still-including-users-even-after-bindnode
*/
public function bindNode($user) {
// return array('model' => 'Group', 'foreign_key' => $user['User']['role_id']);
return array('Role' => array('id' => $user['User']['role_id']));
}
public function beforeSave() {
if (isset($this->data[$this->alias]['password'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
}
return true;
// only accept add and edit in own org
//if ($this->data[$this->alias]['org'] != "TEST") {
// return false;
//}
//return true;
}
/**
* Checks if the GPG key is a valid key
* But also import it in the keychain.
*/
public function validateGpgkey($check) {
// LATER first remove the old gpgkey from the keychain
// empty value
if (empty($check['gpgkey'])) {
return true;
}
// we have a clean, hopefull public, key here
// key is entered
require_once 'Crypt/GPG.php';
try {
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));
try {
$keyImportOutput = $gpg->importKey($check['gpgkey']);
if (!empty($keyImportOutput['fingerprint'])) {
return true;
}
} catch (Exception $e) {
//debug($e);
return false;
}
} catch (Exception $e) {
//debug($e);
return true; // TODO was false
}
}
public function complexPassword($check) {
/*
6 characters minimum
1 or more upper-case letters
1 or more lower-case letters
1 or more digits or special characters
example: "EasyPeasy34"
*/
$value = array_values($check);
$value = $value[0];
return preg_match('/((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/', $value);
}
public function identicalFieldValues($field=array(), $compareField=null) {
foreach ($field as $key => $value) {
$v1 = $value;
$v2 = $this->data[$this->name][$compareField];
if ($v1 !== $v2) {
return false;
} else {
continue;
}
}
return true;
}
/**
* Generates an authentication key for each user
*/
public function generateAuthKey() {
//$key = sha1(mt_rand(30, 30).time());
$length = 40;
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charLen = strlen($characters) - 1;
$key = '';
for ($p = 0; $p < $length; $p++) {
$key .= $characters[rand(0, $charLen)];
}
return $key;
}
public function checkAndCorrectPgps() {
$fails = array();
$users = $this->find('all', array('recursive' => 0));
foreach ($users as $user) {
if (strlen($user['User']['gpgkey']) && strpos($user['User']['gpgkey'], "\n")) {
$fails[] = $user['User']['id'] . ':' . $user['User']['id'];
//$check['gpgkey'] = trim(preg_replace('/\n', '', $check['gpgkey']));
}
}
return $fails;
}
}
<?php
App::uses('AppModel', 'Model');
App::uses('AuthComponent', 'Controller/Component');
/**
* User Model
*
* @property Role $Role
* @property Event $Event
*/
class User extends AppModel {
/**
* Display field
*
* @var string
*/
public $displayField = 'email';
public $orgField = 'org'; // TODO Audit, LogableBehaviour + org
/**
* Validation rules
*
* @var array
*/
public $validate = array(
'role_id' => array(
'numeric' => array(
'rule' => array('numeric'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'password' => array(
'minlength' => array(
'rule' => array('minlength', 6),
'message' => 'A password of a minimum length of 6 is required.',
//'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
'complexity' => array(
'rule' => array('complexPassword'),
'message' => 'The password must contain at least one upper-case, one lower-case, one (digits or special character).',
//'allowEmpty' => false,
//'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
'identical' => array(
'rule' => array('identicalFieldValues', 'confirm_password'),
'message' => 'Please re-enter your password twice so that the values match.',
//'allowEmpty' => false,
//'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'org' => array(
'notempty' => array(
'rule' => array('notempty'),
'message' => 'Please specify the organisation where you are working.',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'org_id' => array(
'notempty' => array(
'rule' => array('notempty'),
'message' => 'Please specify the organisation ID where you are working.', // TODO ACL, org_id in Users
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'email' => array(
'email' => array(
'rule' => array('email'),
'message' => 'Please enter a valid email address.',
//'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
'unique' => array(
'rule' => 'isUnique',
'message' => 'An account with this email address already exists.'
),
),
'autoalert' => array(
'boolean' => array(
'rule' => array('boolean'),
//'message' => 'Your custom message here',
'allowEmpty' => true,
'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'contactalert' => array(
'boolean' => array(
'rule' => array('boolean'),
//'message' => 'Your custom message here',
'allowEmpty' => true,
'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'authkey' => array(
'minlength' => array(
'rule' => array('minlength', 40),
'message' => 'A authkey of a minimum length of 40 is required.',
'required' => true,
),
'notempty' => array(
'rule' => array('notempty'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'invited_by' => array(
'numeric' => array(
'rule' => array('numeric'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'change_pw' => array(
'numeric' => array(
'rule' => array('numeric'),
//'message' => 'Your custom message here',
'allowEmpty' => true,
'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'gpgkey' => array(
'notempty' => array(
'rule' => array('validateGpgkey'),
'message' => 'GPG key not valid, please enter a valid key.',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'nids_sid' => array(
'numeric' => array(
'rule' => array('numeric'),
'message' => 'A SID should be an integer.',
'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'termsaccepted' => array(
'boolean' => array(
'rule' => array('boolean'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'newsread' => array(
'date' => array(
'rule' => array('date'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
);
//The Associations below have been created with all possible keys, those that are not needed can be removed
/**
* belongsTo associations
*
* @var array
*/
public $belongsTo = array(
'Role' => array(
'className' => 'Role',
'foreignKey' => 'role_id',
'conditions' => '',
'fields' => '',
'order' => ''
)
);
/**
* hasMany associations
*
* @var array
*/
public $hasMany = array(
'Event' => array(
'className' => 'Event',
'foreignKey' => 'user_id',
'dependent' => false,
'conditions' => '',
'fields' => '',
'order' => '',
'limit' => '',
'offset' => '',
'exclusive' => '',
'finderQuery' => '',
'counterQuery' => ''
)
);
/**
* TODO ACL: 1: be requester to CakePHP ACL system
*/
public $actsAs = array(
'Acl' => array( // TODO ACL, + 'enabled' => false
'type' => 'requester',
'enabled' => false
),
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
'userModel' => 'User',
'userKey' => 'user_id',
'change' => 'full'
),
'Trim',
//'RemoveNewline' => array('fields' => array('gpgkey')),
);
/**
* TODO ACL: 2: hook User into CakePHP ACL system (so link to aros)
*/
public function parentNode() {
if (!$this->id && empty($this->data)) {
return null;
}
if (isset($this->data['User']['role_id'])) {
$roleId = $this->data['User']['role_id'];
} else {
$roleId = $this->field('role_id');
}
if (!$roleId) {
return null;
} else {
return array('Role' => array('id' => $roleId));
}
}
/**
* TODO ACL: 3: rights on Roles: http://stackoverflow.com/questions/6154285/aros-table-in-cakephp-is-still-including-users-even-after-bindnode
*/
public function bindNode($user) {
// return array('model' => 'Group', 'foreign_key' => $user['User']['role_id']);
return array('Role' => array('id' => $user['User']['role_id']));
}
public function beforeSave() {
if (isset($this->data[$this->alias]['password'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
}
return true;
// only accept add and edit in own org
//if ($this->data[$this->alias]['org'] != "TEST") {
// return false;
//}
//return true;
}
/**
* Checks if the GPG key is a valid key
* But also import it in the keychain.
*/
public function validateGpgkey($check) {
// LATER first remove the old gpgkey from the keychain
// empty value
if (empty($check['gpgkey'])) {
return true;
}
// we have a clean, hopefull public, key here
// key is entered
require_once 'Crypt/GPG.php';
try {
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));
try {
$keyImportOutput = $gpg->importKey($check['gpgkey']);
if (!empty($keyImportOutput['fingerprint'])) {
return true;
}
} catch (Exception $e) {
//debug($e);
return false;
}
} catch (Exception $e) {
//debug($e);
return true; // TODO was false
}
}
public function complexPassword($check) {
/*
6 characters minimum
1 or more upper-case letters
1 or more lower-case letters
1 or more digits or special characters
example: "EasyPeasy34"
*/
$value = array_values($check);
$value = $value[0];
return preg_match('/((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/', $value);
}
public function identicalFieldValues($field=array(), $compareField=null) {
foreach ($field as $key => $value) {
$v1 = $value;
$v2 = $this->data[$this->name][$compareField];
if ($v1 !== $v2) {
return false;
} else {
continue;
}
}
return true;
}
/**
* Generates an authentication key for each user
*/
public function generateAuthKey() {
//$key = sha1(mt_rand(30, 30).time());
$length = 40;
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charLen = strlen($characters) - 1;
$key = '';
for ($p = 0; $p < $length; $p++) {
$key .= $characters[rand(0, $charLen)];
}
return $key;
}
public function checkAndCorrectPgps() {
$fails = array();
$users = $this->find('all', array('recursive' => 0));
foreach ($users as $user) {
if (strlen($user['User']['gpgkey']) && strpos($user['User']['gpgkey'], "\n")) {
$fails[] = $user['User']['id'] . ':' . $user['User']['id'];
//$check['gpgkey'] = trim(preg_replace('/\n', '', $check['gpgkey']));
}
}
return $fails;
}
}

11
app/View/Users/admin_add.ctp
View File

@ -6,14 +6,15 @@
echo $this->Form->input('email');
echo $this->Form->input('password');
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
if ($currentOrg == 'ADMIN') {
echo $this->Form->input('org');
}
if ($currentOrg == 'ADMIN') {
echo $this->Form->input('org', array('label' => 'Organisation'));
}
echo $this->Form->input('role_id', array('label' => 'Role'));
echo $this->Form->input('autoalert');
echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
echo $this->Form->input('authkey', array('value' => $authkey, 'readonly' => 'readonly'));
echo $this->Form->input('nids_sid');
echo $this->Form->input('gpgkey');
echo $this->Form->input('gpgkey', array('label' => 'GPG key'));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>

17
app/View/Users/admin_edit.ctp
View File

@ -6,19 +6,20 @@
echo $this->Form->input('email');
echo $this->Form->input('password');
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
if ($currentOrg == 'ADMIN') {
echo $this->Form->input('org');
}
if ($currentOrg == 'ADMIN') {
echo $this->Form->input('org', array('label' => 'Organisation'));
}
echo $this->Form->input('role_id', array('label' => 'Role')); // TODO ACL, User edit role_id.
echo $this->Form->input('autoalert');
echo $this->Form->input('authkey', array('disabled' => 'disabled'));
echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
echo $this->Form->input('authkey', array('disabled' => 'disabled', 'label' => 'Authentication key'));
echo $this->Html->link('reset', array('controller' => 'users', 'action' => 'resetauthkey', $currentId));
echo ('<br><br>');
echo $this->Form->input('nids_sid');
echo $this->Form->input('termsaccepted');
echo $this->Form->input('termsaccepted', array('label' => 'Terms accepted'));
echo $this->Form->input('change_pw', array('type' => 'checkbox', 'label' => 'Change Password'));
echo $this->Form->input('newsread');
echo $this->Form->input('gpgkey');
echo $this->Form->input('newsread', array('label' => 'News read (date)'));
echo $this->Form->input('gpgkey', array('label' => 'GPG key'));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>

3
app/View/Users/admin_index.ctp
View File

@ -7,6 +7,7 @@
<th><?php echo $this->Paginator->sort('role_id', 'Role');?></th>
<th><?php echo $this->Paginator->sort('email');?></th>
<th><?php echo $this->Paginator->sort('autoalert');?></th>
<th><?php echo $this->Paginator->sort('contactalert');?></th>
<th><?php echo $this->Paginator->sort('gpgkey');?></th>
<th><?php echo $this->Paginator->sort('nids_sid');?></th>
<th><?php echo $this->Paginator->sort('termsaccepted');?></th>
@ -27,6 +28,8 @@ foreach ($users as $user): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo $user['User']['autoalert']? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo $user['User']['contactalert']? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo $user['User']['gpgkey']? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['nids_sid']); ?>&nbsp;</td>

8
app/View/Users/admin_view.ctp
View File

@ -37,8 +37,12 @@ $buttonModifyStatus = $mayModify ? 'button_on':'button_off';
<dt><?php echo __('Autoalert'); ?></dt>
<dd>
<?php
echo (h($user['User']['autoalert']) == 0)? 'No' : 'Yes';
?>
echo (h($user['User']['autoalert']) == 0)? 'No' : 'Yes'; ?>
&nbsp;
</dd>
<dt><?php echo __('Contactalert'); ?></dt>
<dd>
<?php echo h(0 == ($user['User']['contactalert'])) ? 'No' : 'Yes'; ?>
&nbsp;
</dd>
<dt><?php echo __('Authkey'); ?></dt>

9
app/View/Users/edit.ctp
View File

@ -6,13 +6,14 @@
echo $this->Form->input('email');
echo $this->Form->input('password');
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
if ($isAdmin) echo $this->Form->input('org');
else echo $this->Form->input('org', array('disabled' => 'disabled'));
if ($isAdmin) echo $this->Form->input('org', array('label' => 'Organisation'));
else echo $this->Form->input('org', array('disabled' => 'disabled', 'label' => 'Organisation'));
if ($isAdmin) echo $this->Form->input('role_id');
else echo $this->Form->input('role_id', array('disabled' => 'disabled')); // TODO ACL, check, My Profile not edit role_id.
echo $this->Form->input('autoalert');
echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
echo $this->Form->input('nids_sid');
echo $this->Form->input('gpgkey');
echo $this->Form->input('gpgkey', array('label' => 'GPG key'));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>

5
app/View/Users/view.ctp
View File

@ -30,6 +30,11 @@
<?php echo h(0 == ($user['User']['autoalert'])) ? 'No' : 'Yes'; ?>
&nbsp;
</dd>
<dt><?php echo __('Contactalert'); ?></dt>
<dd>
<?php echo h(0 == ($user['User']['contactalert'])) ? 'No' : 'Yes'; ?>
&nbsp;
</dd>
<dt><?php echo __('Authkey'); ?></dt>
<dd>
<?php echo h($user['User']['authkey']); ?>