mirror of https://github.com/MISP/MISP
Merge branch 'log_last_api' into develop
commit
c764bb0e8f
|
@ -71,6 +71,7 @@ $config = array(
|
||||||
'enableOrgBlocklisting' => true,
|
'enableOrgBlocklisting' => true,
|
||||||
'log_client_ip' => false,
|
'log_client_ip' => false,
|
||||||
'log_auth' => false,
|
'log_auth' => false,
|
||||||
|
'store_api_access_time' => false,
|
||||||
'disableUserSelfManagement' => false,
|
'disableUserSelfManagement' => false,
|
||||||
'disable_user_login_change' => false,
|
'disable_user_login_change' => false,
|
||||||
'disable_user_password_change' => false,
|
'disable_user_password_change' => false,
|
||||||
|
|
|
@ -435,6 +435,10 @@ class AppController extends Controller
|
||||||
);
|
);
|
||||||
$this->Log->save($log);
|
$this->Log->save($log);
|
||||||
}
|
}
|
||||||
|
$storeAPITime = Configure::read('MISP.store_api_access_time');
|
||||||
|
if (!empty($storeAPITime) && $storeAPITime) {
|
||||||
|
$this->User->updateAPIAccessTime($user);
|
||||||
|
}
|
||||||
$this->Session->renew();
|
$this->Session->renew();
|
||||||
$this->Session->write(AuthComponent::$sessionKey, $user);
|
$this->Session->write(AuthComponent::$sessionKey, $user);
|
||||||
$this->isApiAuthed = true;
|
$this->isApiAuthed = true;
|
||||||
|
|
|
@ -445,6 +445,7 @@ class UsersController extends AppController
|
||||||
'expiration',
|
'expiration',
|
||||||
'current_login',
|
'current_login',
|
||||||
'last_login',
|
'last_login',
|
||||||
|
'last_api_access',
|
||||||
'force_logout',
|
'force_logout',
|
||||||
'date_created',
|
'date_created',
|
||||||
'date_modified'
|
'date_modified'
|
||||||
|
|
|
@ -82,7 +82,7 @@ class AppModel extends Model
|
||||||
69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false,
|
69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false,
|
||||||
75 => false, 76 => true, 77 => false, 78 => false, 79 => false, 80 => false,
|
75 => false, 76 => true, 77 => false, 78 => false, 79 => false, 80 => false,
|
||||||
81 => false, 82 => false, 83 => false, 84 => false, 85 => false, 86 => false,
|
81 => false, 82 => false, 83 => false, 84 => false, 85 => false, 86 => false,
|
||||||
87 => false, 88 => false, 89 => false, 90 => false, 91 => false
|
87 => false, 88 => false, 89 => false, 90 => false, 91 => false, 92 => false
|
||||||
);
|
);
|
||||||
|
|
||||||
const ADVANCED_UPDATES_DESCRIPTION = array(
|
const ADVANCED_UPDATES_DESCRIPTION = array(
|
||||||
|
@ -1831,6 +1831,9 @@ class AppModel extends Model
|
||||||
INDEX `timestamp` (`timestamp`)
|
INDEX `timestamp` (`timestamp`)
|
||||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;";
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;";
|
||||||
break;
|
break;
|
||||||
|
case 92:
|
||||||
|
$sqlArray[] = "ALTER TABLE users ADD `last_api_access` INT(11) DEFAULT 0;";
|
||||||
|
break;
|
||||||
case 'fixNonEmptySharingGroupID':
|
case 'fixNonEmptySharingGroupID':
|
||||||
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
|
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
|
||||||
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
|
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
|
||||||
|
|
|
@ -5442,6 +5442,13 @@ class Server extends AppModel
|
||||||
'type' => 'string',
|
'type' => 'string',
|
||||||
'null' => true,
|
'null' => true,
|
||||||
),
|
),
|
||||||
|
'store_api_access_time' => array(
|
||||||
|
'level' => 1,
|
||||||
|
'description' => __('If enabled, MISP will capture the last API access time following a successful authentication using API keys, stored against a user under the last_api_access field.'),
|
||||||
|
'value' => false,
|
||||||
|
'test' => 'testBool',
|
||||||
|
'type' => 'boolean',
|
||||||
|
),
|
||||||
'log_auth' => array(
|
'log_auth' => array(
|
||||||
'level' => 1,
|
'level' => 1,
|
||||||
'description' => __('If enabled, MISP will log all successful authentications using API keys. The requested URLs are also logged.'),
|
'description' => __('If enabled, MISP will log all successful authentications using API keys. The requested URLs are also logged.'),
|
||||||
|
|
|
@ -1404,6 +1404,22 @@ class User extends AppModel
|
||||||
return $this->save($user, true, array('id', 'last_login', 'current_login'));
|
return $this->save($user, true, array('id', 'last_login', 'current_login'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Updates `last_api_access` time in database.
|
||||||
|
*
|
||||||
|
* @param array $user
|
||||||
|
* @return array|bool
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
public function updateAPIAccessTime(array $user)
|
||||||
|
{
|
||||||
|
if (!isset($user['id'])) {
|
||||||
|
throw new InvalidArgumentException("Invalid user object provided.");
|
||||||
|
}
|
||||||
|
$user['last_api_access'] = time();
|
||||||
|
return $this->save($user, true, array('id', 'last_api_access'));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Update field in user model and also set `date_modified`
|
* Update field in user model and also set `date_modified`
|
||||||
*
|
*
|
||||||
|
|
|
@ -199,6 +199,14 @@
|
||||||
'class' => 'short',
|
'class' => 'short',
|
||||||
'data_path' => 'User.date_created'
|
'data_path' => 'User.date_created'
|
||||||
),
|
),
|
||||||
|
array(
|
||||||
|
'name' => __('Last API Access'),
|
||||||
|
'sort' => 'User.last_api_access',
|
||||||
|
'element' => 'datetime',
|
||||||
|
'class' => 'short',
|
||||||
|
'data_path' => 'User.last_api_access',
|
||||||
|
'requirement' => !empty(Configure::read('MISP.store_api_access_time')) && Configure::read('MISP.store_api_access_time', false)
|
||||||
|
),
|
||||||
array(
|
array(
|
||||||
'name' => (Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : __('External Auth')),
|
'name' => (Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : __('External Auth')),
|
||||||
'sort' => 'User.external_auth_required',
|
'sort' => 'User.external_auth_required',
|
||||||
|
|
10476
db_schema.json
10476
db_schema.json
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue