MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

new: [UI] Download GPG public key from GPG homedir

pull/5234/head
Jakub Onderka 2019-09-27 18:48:59 +02:00
parent 649103d91c
commit becbf95c37
5 changed files with 47 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/AppController.php
View File

@ -373,7 +373,7 @@ class AppController extends Controller
}
}
} else {
$pre_auth_actions = array('login', 'register');
$pre_auth_actions = array('login', 'register', 'getGpgPublicKey');
if (!empty(Configure::read('Security.email_otp_enabled'))) {
$pre_auth_actions[] = 'email_otp';
}

1
app/Controller/Component/ACLComponent.php
View File

@ -685,6 +685,7 @@ class ACLComponent extends Component
'verifyCertificate' => array(),
'verifyGPG' => array(),
'view' => array('*'),
'getGpgPublicKey' => array('*'),
),
'userSettings' => array(
'index' => array('*'),

22
app/Controller/UsersController.php
View File

@ -33,7 +33,7 @@ class UsersController extends AppController
parent::beforeFilter();
// what pages are allowed for non-logged-in users
$allowedActions = array('login', 'logout');
$allowedActions = array('login', 'logout', 'getGpgPublicKey');
if(!empty(Configure::read('Security.email_otp_enabled'))) {
$allowedActions[] = 'email_otp';
}
@ -2317,6 +2317,26 @@ class UsersController extends AppController
return new CakeResponse(array('body' => $key));
}
public function getGpgPublicKey()
{
if (!Configure::read("MISP.download_gpg_from_homedir")) {
throw new MethodNotAllowedException("Downloading GPG public key from homedir is not allowed.");
}
$key = $this->User->getGpgPublicKey();
if (!$key) {
throw new NotFoundException("Public key not found.");
}
list($fingeprint, $publicKey) = $key;
$response = new CakeResponse(array(
'body' => $publicKey,
'type' => 'text/plain',
));
$response->download($fingeprint . '.asc');
return $response;
}
public function checkIfLoggedIn()
{
return new CakeResponse(array('body'=> 'OK','status' => 200));

21
app/Model/User.php
View File

@ -1212,6 +1212,27 @@ class User extends AppModel
$syslog->write('notice', "$description -- $action" . (empty($fieldResult) ? '' : ' -- ' . $result['Log']['change']));
}
/**
* @return array|null
* @throws Exception
*/
public function getGpgPublicKey()
{
$email = Configure::read('GnuPG.email');
if (!$email) {
throw new Exception("Configuration option 'GnuPG.email' is not set, public key cannot be exported.");
}
$cryptGpg = $this->initializeGpg();
$fingerprint = $cryptGpg->getFingerprint($email);
if (!$fingerprint) {
return null;
}
$publicKey = $cryptGpg->exportPublicKey($fingerprint);
return array($fingerprint, $publicKey);
}
public function getOrgActivity($orgId, $params=array())
{
$conditions = array();

4
app/View/Elements/footer.ctp
View File

@ -11,7 +11,9 @@
<div class="pull-left footerText" style="float:left;position:absolute;padding-top:12px;z-index:2;">
<?php
$gpgpath = ROOT.DS.APP_DIR.DS.WEBROOT_DIR.DS.'gpg.asc';
if (file_exists($gpgpath) && (is_file($gpgpath) || is_link($gpgpath))){ ?>
if (Configure::read("MISP.download_gpg_from_homedir")) { ?>
<span>Download: <?= $this->Html->link(__('GnuPG key'), array('controller' => 'users', 'action' => 'getGpgPublicKey')) ?></span>
<?php } else if (file_exists($gpgpath) && (is_file($gpgpath) || is_link($gpgpath))){ ?>
<span>Download: <?php echo $this->Html->link(__('GnuPG key'), $this->webroot.'gpg.asc');?></span>
<?php } else { ?>
<span><?php echo __('Could not locate the GnuPG public key.');?></span>