diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 9b3fd78f1..6dad12d8e 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -76,11 +76,10 @@ class AppController extends Controller { 'Security' ); - public $mispVersion = '2.4.0'; public function beforeFilter() { $versionArray = $this->{$this->modelClass}->checkMISPVersion(); - $this->mispVersionFull = implode('.', array_values($versionArray)); + $this->mispVersion = implode('.', array_values($versionArray)); $this->Security->blackHoleCallback = 'blackHole'; // Let us access $baseurl from all views @@ -240,7 +239,6 @@ class AppController extends Controller { if ($this->Auth->user()) { //$this->_refreshAuth(); $this->set('mispVersion', $this->mispVersion); - $this->set('mispVersionFull', $this->mispVersionFull); $role = $this->getActions(); $this->set('me', $this->Auth->user()); $this->set('isAdmin', $role['perm_admin']); @@ -527,4 +525,8 @@ class AppController extends Controller { $this->redirect(array('controller' => 'pages', 'action' => 'display', 'administration')); } } + + public function test() { + $this->{$this->modelClass}->runUpdates(); + } } \ No newline at end of file diff --git a/app/Controller/EventDelegationsController.php b/app/Controller/EventDelegationsController.php new file mode 100644 index 000000000..fe37e8a1b --- /dev/null +++ b/app/Controller/EventDelegationsController.php @@ -0,0 +1,50 @@ + 60, + 'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page. + 'order' => array( + 'EventDelegations.id' => 'DESC' + ), + ); + + public function index() { + } + + public function add() { + + } + + public function edit($id) { + + } + + public function delete($id) { + + } + + public function delegateEvent($id) { + debug($this->EventDelegation->find('all')); + $event = $this->EventDelegation->Event->find('first', array( + 'conditions' => array('Event.id' => $id), + 'recursive' => -1, + 'fields' => array('Event.id', 'Event.orgc_id', 'Event.distribution') + )); + if (!$this->_isSiteAdmin() || $this->Auth->user('org_id') !== $event['Event']['orgc_id']) throw new MethodNotAllowedException('You are not authorised to do that.'); + if ($event['Event']['distribution'] != 0) throw new MethodNotAllowedException('Only events with the distribution setting "Your Organisation Only" can be delegated.'); + if ($this->request->is('Post')) { + + } else { + + } + } + +} diff --git a/app/Controller/UsersController.php b/app/Controller/UsersController.php index f7547500d..84f233f0c 100755 --- a/app/Controller/UsersController.php +++ b/app/Controller/UsersController.php @@ -633,7 +633,7 @@ class UsersController extends AppController { 'description' => 'Automatically generated admin organisation', 'type' => 'ADMIN', 'uuid' => $this->User->Organisation->generateUuid(), - 'local' => 1 + 'local' => 1, )); $this->User->Organisation->save($org); $org_id = $this->User->Organisation->id; diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 83726dda9..25d11c866 100755 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -46,6 +46,14 @@ class AppModel extends Model { $this->name = get_class($this); } + public $db_changes = array( + 2 => array( + 4 => array( + 6 => 'enableEventDelegation' + ) + ) + ); + public function updateDatabase($command) { $sql = ''; @@ -86,31 +94,31 @@ class AppModel extends Model { $sqlArray[] = 'ALTER TABLE `logs` MODIFY `change` text COLLATE utf8_bin NOT NULL'; $sqlArray[] = "CREATE TABLE IF NOT EXISTS `taxonomies` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `namespace` varchar(255) COLLATE utf8_bin NOT NULL, - `description` text COLLATE utf8_bin NOT NULL, - `version` int(11) NOT NULL, - `enabled` tinyint(1) NOT NULL DEFAULT '0', - PRIMARY KEY (`id`) - ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin ;"; + `id` int(11) NOT NULL AUTO_INCREMENT, + `namespace` varchar(255) COLLATE utf8_bin NOT NULL, + `description` text COLLATE utf8_bin NOT NULL, + `version` int(11) NOT NULL, + `enabled` tinyint(1) NOT NULL DEFAULT '0', + PRIMARY KEY (`id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin ;"; $sqlArray[] = "CREATE TABLE IF NOT EXISTS `taxonomy_entries` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `taxonomy_predicate_id` int(11) NOT NULL, - `value` text COLLATE utf8_bin NOT NULL, - `expanded` text COLLATE utf8_bin NOT NULL, - PRIMARY KEY (`id`), - KEY `taxonomy_predicate_id` (`taxonomy_predicate_id`) - ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"; + `id` int(11) NOT NULL AUTO_INCREMENT, + `taxonomy_predicate_id` int(11) NOT NULL, + `value` text COLLATE utf8_bin NOT NULL, + `expanded` text COLLATE utf8_bin NOT NULL, + PRIMARY KEY (`id`), + KEY `taxonomy_predicate_id` (`taxonomy_predicate_id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"; $sqlArray[] = "CREATE TABLE IF NOT EXISTS `taxonomy_predicates` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `taxonomy_id` int(11) NOT NULL, - `value` text COLLATE utf8_bin NOT NULL, - `expanded` text COLLATE utf8_bin NOT NULL, - PRIMARY KEY (`id`), - KEY `taxonomy_id` (`taxonomy_id`) - ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"; + `id` int(11) NOT NULL AUTO_INCREMENT, + `taxonomy_id` int(11) NOT NULL, + `value` text COLLATE utf8_bin NOT NULL, + `expanded` text COLLATE utf8_bin NOT NULL, + PRIMARY KEY (`id`), + KEY `taxonomy_id` (`taxonomy_id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"; $sqlArray[] = 'ALTER TABLE `jobs` ADD `org` text COLLATE utf8_bin NOT NULL;'; @@ -163,7 +171,18 @@ class AppModel extends Model { } } break; - + case 'enableEventDelegation': + $sqlArray[] = "CREATE TABLE IF NOT EXISTS `event_delegations` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `org_id` int(11) NOT NULL, + `event_id` int(11) NOT NULL, + `message` text, + `distribution` tinyint(4), + PRIMARY KEY (`id`), + KEY `org_id` (`org_id`), + KEY `event_id` (`event_id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8;"; + break; default: return false; break; @@ -265,4 +284,11 @@ class AppModel extends Model { if (!empty($value[$field])) return true; return ucfirst($field) . ' cannot be empty.'; } + + public function runUpdates() { + $adminTable = $this->query("SHOW TABLES LIKE 'administration';"); + if (empty($adminTable)) $dbVersion = '2.4.0'; + $currentVersion = explode('.', $this->mispVersion); + $dbVersion; + } } diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index bef869c0d..7a27afe7c 100755 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -1334,7 +1334,6 @@ class Attribute extends AppModel { public function hids($user, $type, $tags = '', $from = false, $to = false, $last = false) { if (empty($user)) throw new MethodNotAllowedException('Could not read user.'); - // check if it's a valid type if ($type != 'md5' && $type != 'sha1' && $type != 'sha256') { throw new UnauthorizedException('Invalid hash type.'); diff --git a/app/Model/EventDelegation.php b/app/Model/EventDelegation.php new file mode 100644 index 000000000..74db67aed --- /dev/null +++ b/app/Model/EventDelegation.php @@ -0,0 +1,44 @@ + array( + 'valueNotEmpty' => array( + 'rule' => array('valueNotEmpty'), + ), + ), + 'org_id' => array( + 'valueNotEmpty' => array( + 'rule' => array('valueNotEmpty'), + ), + ) + ); + + public $belongsTo = array( + 'Event' => array( + 'className' => 'Event', + ), + 'Org' => array( + 'className' => 'Organisation', + ), + ); + + public function attachTagToEvent($event_id, $tag_id) { + $existingAssociation = $this->find('first', array( + 'recursive' => -1, + 'conditions' => array( + 'tag_id' => $tag_id, + 'event_id' => $event_id + ) + )); + if (empty($existingAssociation)) { + $this->create(); + if (!$this->save(array('event_id' => $event_id, 'tag_id' => $tag_id))) return false; + } + return true; + } +} \ No newline at end of file diff --git a/app/Model/User.php b/app/Model/User.php index b21c1062a..3a39b2ca0 100755 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -361,15 +361,11 @@ class User extends AppModel { } public function getOrgs() { - $orgs = $this->Organisation->find('all', array( + $orgs = $this->Organisation->find('list', array( 'recursive' => -1, 'fields' => array('name'), )); - $orgNames = array(); - foreach ($orgs as $org) { - $orgNames[] = $org['Organisation']['name']; - } - return $orgNames; + return $orgs; } public function getOrgMemberCount($org) { diff --git a/app/View/Elements/footer.ctp b/app/View/Elements/footer.ctp index 27cded50f..919a4ea40 100644 --- a/app/View/Elements/footer.ctp +++ b/app/View/Elements/footer.ctp @@ -14,7 +14,7 @@
diff --git a/app/View/Elements/side_menu.ctp b/app/View/Elements/side_menu.ctp index 2a7a22a91..f94e9fa94 100755 --- a/app/View/Elements/side_menu.ctp +++ b/app/View/Elements/side_menu.ctp @@ -46,6 +46,9 @@ ?> class="publishButtons">Publish Event class="publishButtons">Publish (no email) + +
  • Delegate Publishing
    • +
  • Contact Reporter
  • Download as...
    • diff --git a/app/View/EventDelegations/ajax/delegate_event.ctp b/app/View/EventDelegations/ajax/delegate_event.ctp new file mode 100644 index 000000000..eca339986 --- /dev/null +++ b/app/View/EventDelegations/ajax/delegate_event.ctp @@ -0,0 +1,30 @@ +
    +Form->create('Event', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => '/events/' . $type . '/' . $id)); +$extraTitle = ""; +if ($type == 'publish') $extraTitle = ' (no email)'; +?> +Publish Event +
    + +

    Are you sure this event is complete and everyone should be informed?

    + +

    Publish but do NOT send alert email? Only for minor changes!

    + + + + + + + +
    + Yes + + + No +
    +
    +Form->end(); +?> +
    \ No newline at end of file