MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'log_last_api' into develop

pull/8524/head
iglocska 2022-08-11 09:36:30 +02:00
parent d3d042cf2a 64d508b4e3
commit c764bb0e8f
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
8 changed files with 5271 additions and 5247 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Config/config.default.php
View File

@ -71,6 +71,7 @@ $config = array(
'enableOrgBlocklisting' => true, 'enableOrgBlocklisting' => true,
'log_client_ip' => false, 'log_client_ip' => false,
'log_auth' => false, 'log_auth' => false,
'store_api_access_time' => false,
'disableUserSelfManagement' => false, 'disableUserSelfManagement' => false,
'disable_user_login_change' => false, 'disable_user_login_change' => false,
'disable_user_password_change' => false, 'disable_user_password_change' => false,

4
app/Controller/AppController.php
View File

@ -435,6 +435,10 @@ class AppController extends Controller
); );
$this->Log->save($log); $this->Log->save($log);
} }
$storeAPITime = Configure::read('MISP.store_api_access_time');
if (!empty($storeAPITime) && $storeAPITime) {
$this->User->updateAPIAccessTime($user);
}
$this->Session->renew(); $this->Session->renew();
$this->Session->write(AuthComponent::$sessionKey, $user); $this->Session->write(AuthComponent::$sessionKey, $user);
$this->isApiAuthed = true; $this->isApiAuthed = true;

1
app/Controller/UsersController.php
View File

@ -445,6 +445,7 @@ class UsersController extends AppController
'expiration', 'expiration',
'current_login', 'current_login',
'last_login', 'last_login',
'last_api_access',
'force_logout', 'force_logout',
'date_created', 'date_created',
'date_modified' 'date_modified'

5
app/Model/AppModel.php
View File

@ -82,7 +82,7 @@ class AppModel extends Model
69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false, 69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false,
75 => false, 76 => true, 77 => false, 78 => false, 79 => false, 80 => false, 75 => false, 76 => true, 77 => false, 78 => false, 79 => false, 80 => false,
81 => false, 82 => false, 83 => false, 84 => false, 85 => false, 86 => false, 81 => false, 82 => false, 83 => false, 84 => false, 85 => false, 86 => false,
87 => false, 88 => false, 89 => false, 90 => false, 91 => false 87 => false, 88 => false, 89 => false, 90 => false, 91 => false, 92 => false
); );
const ADVANCED_UPDATES_DESCRIPTION = array( const ADVANCED_UPDATES_DESCRIPTION = array(
@ -1831,6 +1831,9 @@ class AppModel extends Model
INDEX `timestamp` (`timestamp`) INDEX `timestamp` (`timestamp`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;"; ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;";
break; break;
case 92:
$sqlArray[] = "ALTER TABLE users ADD `last_api_access` INT(11) DEFAULT 0;";
break;
case 'fixNonEmptySharingGroupID': case 'fixNonEmptySharingGroupID':
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';

7
app/Model/Server.php
View File

@ -5442,6 +5442,13 @@ class Server extends AppModel
'type' => 'string', 'type' => 'string',
'null' => true, 'null' => true,
), ),
'store_api_access_time' => array(
'level' => 1,
'description' => __('If enabled, MISP will capture the last API access time following a successful authentication using API keys, stored against a user under the last_api_access field.'),
'value' => false,
'test' => 'testBool',
'type' => 'boolean',
),
'log_auth' => array( 'log_auth' => array(
'level' => 1, 'level' => 1,
'description' => __('If enabled, MISP will log all successful authentications using API keys. The requested URLs are also logged.'), 'description' => __('If enabled, MISP will log all successful authentications using API keys. The requested URLs are also logged.'),

16
app/Model/User.php
View File

@ -1404,6 +1404,22 @@ class User extends AppModel
return $this->save($user, true, array('id', 'last_login', 'current_login')); return $this->save($user, true, array('id', 'last_login', 'current_login'));
} }
/**
* Updates `last_api_access` time in database.
*
* @param array $user
* @return array|bool
* @throws Exception
*/
public function updateAPIAccessTime(array $user)
{
if (!isset($user['id'])) {
throw new InvalidArgumentException("Invalid user object provided.");
}
$user['last_api_access'] = time();
return $this->save($user, true, array('id', 'last_api_access'));
}
/** /**
* Update field in user model and also set `date_modified` * Update field in user model and also set `date_modified`
* *

8
app/View/Users/admin_index.ctp
View File

@ -199,6 +199,14 @@
'class' => 'short', 'class' => 'short',
'data_path' => 'User.date_created' 'data_path' => 'User.date_created'
), ),
array(
'name' => __('Last API Access'),
'sort' => 'User.last_api_access',
'element' => 'datetime',
'class' => 'short',
'data_path' => 'User.last_api_access',
'requirement' => !empty(Configure::read('MISP.store_api_access_time')) && Configure::read('MISP.store_api_access_time', false)
),
array( array(
'name' => (Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : __('External Auth')), 'name' => (Configure::read('Plugin.CustomAuth_name') ? Configure::read('Plugin.CustomAuth_name') : __('External Auth')),
'sort' => 'User.external_auth_required', 'sort' => 'User.external_auth_required',

10476
db_schema.json
View File

File diff suppressed because it is too large Load Diff