mirror of https://github.com/MISP/MISP
new: [UI] Download GPG public key from GPG homedir
parent
649103d91c
commit
becbf95c37
|
@ -373,7 +373,7 @@ class AppController extends Controller
|
|||
}
|
||||
}
|
||||
} else {
|
||||
$pre_auth_actions = array('login', 'register');
|
||||
$pre_auth_actions = array('login', 'register', 'getGpgPublicKey');
|
||||
if (!empty(Configure::read('Security.email_otp_enabled'))) {
|
||||
$pre_auth_actions[] = 'email_otp';
|
||||
}
|
||||
|
|
|
@ -685,6 +685,7 @@ class ACLComponent extends Component
|
|||
'verifyCertificate' => array(),
|
||||
'verifyGPG' => array(),
|
||||
'view' => array('*'),
|
||||
'getGpgPublicKey' => array('*'),
|
||||
),
|
||||
'userSettings' => array(
|
||||
'index' => array('*'),
|
||||
|
|
|
@ -33,7 +33,7 @@ class UsersController extends AppController
|
|||
parent::beforeFilter();
|
||||
|
||||
// what pages are allowed for non-logged-in users
|
||||
$allowedActions = array('login', 'logout');
|
||||
$allowedActions = array('login', 'logout', 'getGpgPublicKey');
|
||||
if(!empty(Configure::read('Security.email_otp_enabled'))) {
|
||||
$allowedActions[] = 'email_otp';
|
||||
}
|
||||
|
@ -2317,6 +2317,26 @@ class UsersController extends AppController
|
|||
return new CakeResponse(array('body' => $key));
|
||||
}
|
||||
|
||||
public function getGpgPublicKey()
|
||||
{
|
||||
if (!Configure::read("MISP.download_gpg_from_homedir")) {
|
||||
throw new MethodNotAllowedException("Downloading GPG public key from homedir is not allowed.");
|
||||
}
|
||||
|
||||
$key = $this->User->getGpgPublicKey();
|
||||
if (!$key) {
|
||||
throw new NotFoundException("Public key not found.");
|
||||
}
|
||||
|
||||
list($fingeprint, $publicKey) = $key;
|
||||
$response = new CakeResponse(array(
|
||||
'body' => $publicKey,
|
||||
'type' => 'text/plain',
|
||||
));
|
||||
$response->download($fingeprint . '.asc');
|
||||
return $response;
|
||||
}
|
||||
|
||||
public function checkIfLoggedIn()
|
||||
{
|
||||
return new CakeResponse(array('body'=> 'OK','status' => 200));
|
||||
|
|
|
@ -1212,6 +1212,27 @@ class User extends AppModel
|
|||
$syslog->write('notice', "$description -- $action" . (empty($fieldResult) ? '' : ' -- ' . $result['Log']['change']));
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array|null
|
||||
* @throws Exception
|
||||
*/
|
||||
public function getGpgPublicKey()
|
||||
{
|
||||
$email = Configure::read('GnuPG.email');
|
||||
if (!$email) {
|
||||
throw new Exception("Configuration option 'GnuPG.email' is not set, public key cannot be exported.");
|
||||
}
|
||||
|
||||
$cryptGpg = $this->initializeGpg();
|
||||
$fingerprint = $cryptGpg->getFingerprint($email);
|
||||
if (!$fingerprint) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$publicKey = $cryptGpg->exportPublicKey($fingerprint);
|
||||
return array($fingerprint, $publicKey);
|
||||
}
|
||||
|
||||
public function getOrgActivity($orgId, $params=array())
|
||||
{
|
||||
$conditions = array();
|
||||
|
|
|
@ -11,7 +11,9 @@
|
|||
<div class="pull-left footerText" style="float:left;position:absolute;padding-top:12px;z-index:2;">
|
||||
<?php
|
||||
$gpgpath = ROOT.DS.APP_DIR.DS.WEBROOT_DIR.DS.'gpg.asc';
|
||||
if (file_exists($gpgpath) && (is_file($gpgpath) || is_link($gpgpath))){ ?>
|
||||
if (Configure::read("MISP.download_gpg_from_homedir")) { ?>
|
||||
<span>Download: <?= $this->Html->link(__('GnuPG key'), array('controller' => 'users', 'action' => 'getGpgPublicKey')) ?></span>
|
||||
<?php } else if (file_exists($gpgpath) && (is_file($gpgpath) || is_link($gpgpath))){ ?>
|
||||
<span>Download: <?php echo $this->Html->link(__('GnuPG key'), $this->webroot.'gpg.asc');?></span>
|
||||
<?php } else { ?>
|
||||
<span><?php echo __('Could not locate the GnuPG public key.');?></span>
|
||||
|
|
Loading…
Reference in New Issue