MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

new: Added the news functionality back 

- admins can add/edit/delete news items
- users get redirected if there is a newsitem that they haven't seen yet
pull/1150/head
Iglocska 2016-05-20 01:17:26 +02:00
parent ecd1750dfe
commit d02adf2085
14 changed files with 278 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION.json
View File

@ -1 +1 @@
{"major":2, "minor":4, "hotfix":44}
{"major":2, "minor":4, "hotfix":45}

2
app/Console/Command/UserInitShell.php
View File

@ -60,7 +60,7 @@ class UserInitShell extends AppShell {
'confirm_password' => 'admin',
'authkey' => $authkey,
'nids_sid' => 4000000,
'newsread' => date('Y-m-d'),
'newsread' => 0,
'role_id' => 1,
'change_pw' => 0,
'termsaccepted' => 1

4
app/Controller/AppController.php
View File

@ -279,6 +279,10 @@ class AppController extends Controller {
if ($this->_isRest()) throw new MethodNotAllowedException('Your user account is expecting a password change, please log in via the web interface and change it before proceeding.');
$this->redirect(array('controller' => 'users', 'action' => 'change_pw', 'admin' => false));
}
$newsread = $this->User->field('newsread', array('User.id' => $this->Auth->user('id')));
$this->loadModel('News');
$latest_news = $this->News->field('date_created', array(), 'date_created DESC');
if (!$this->_isRest() && ($this->params['controller'] != 'news' || $this->params['action'] != 'index') && $latest_news && $newsread < $latest_news) $this->redirect(array('controller' => 'news', 'action' => 'index', 'admin' => false));
unset($base_dir);
// We don't want to run these role checks before the user is logged in, but we want them available for every view once the user is logged on

6
app/Controller/Component/ACLComponent.php
View File

@ -145,6 +145,12 @@ class ACLComponent extends Component {
'maxDateActivity' => array('*'),
'returnDates' => array('*'),
),
'news' => array(
'add' => array(),
'edit' => array(),
'delete' => array(),
'index' => array('*'),
),
'orgBlacklists' => array(
'add' => array(),
'delete' => array(),

77
app/Controller/NewsController.php Normal file
View File

@ -0,0 +1,77 @@
<?php
App::uses('AppController', 'Controller');
class NewsController extends AppController {
public $components = array('Session', 'RequestHandler');
public function beforeFilter() {
parent::beforeFilter();
}
public $paginate = array(
'limit' => 5,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
'order' => array(
'News.id' => 'DESC'
),
);
public function index() {
$this->News->bindModel(array('belongsTo' => array('User' => array('className' => 'User'))));
$this->paginate['contain'] = array('User' => array('fields' => array('User.email')));
$newsItems = $this->paginate();
$this->loadModel('User');
$currentUser = $this->User->find('first', array(
'recursive' => -1,
'conditions' => array('User.id' => $this->Auth->user('id')),
'fields' => array('User.newsread')
));
foreach ($newsItems as &$item) {
if ($item['News']['date_created'] > $currentUser['User']['newsread']) $item['News']['new'] = true;
else $item['News']['new'] = false;
}
$this->User->id = $this->Auth->user('id');
$this->User->saveField('newsread', time());
$this->set('newsItems', $newsItems);
}
public function add() {
if ($this->request->is('post')) {
$this->News->create();
$this->request->data['News']['date_created'] = time();
if (!isset($this->request->data['News']['anonymise']) || !$this->request->data['News']['anonymise']) $this->request->data['News']['user_id'] = $this->Auth->user('id');
else $this->request->data['News']['user_id'] = 0;
if ($this->News->save($this->request->data)) {
$this->Session->setFlash('News item added.');
$this->redirect(array('action' => 'index'));
} else $this->Session->setFlash('The news item could not be added.');
}
}
public function edit($id) {
$this->News->id = $id;
if (!$this->News->exists()) throw new NotFoundException('Invalid news item.');
if ($this->request->is('post') || $this->request->is('put')) {
$this->request->data['News']['id'] = $id;
if ($this->News->save($this->request->data)) {
$this->Session->setFlash('News item updated.');
$this->redirect(array('action' => 'index'));
} else $this->Session->setFlash('Could not update news item.');
} else {
$this->request->data = $this->News->read(null, $id);
$this->set('newsItem', $this->request->data);
}
}
public function delete($id) {
if (!$this->request->is('post')) throw new MethodNotAllowedException();
$this->News->id = $id;
if (!$this->News->exists()) throw new NotFoundException('Invalid news item');
if ($this->News->delete()) {
$this->Session->setFlash('News item deleted.');
$this->redirect(array('action' => 'index'));
}
$this->Session->setFlash('News item could not be deleted.');
$this->redirect(array('action' => 'index'));
}
}

4
app/Controller/UsersController.php
View File

@ -386,7 +386,7 @@ class UsersController extends AppController {
$this->request->data['User']['termsaccepted'] = 0;
}
if (!isset($this->request->data['User']['disabled'])) $this->request->data['User']['disabled'] = false;
$this->request->data['User']['newsread'] = '2000-01-01';
$this->request->data['User']['newsread'] = 0;
if (!$this->_isSiteAdmin()) {
$this->request->data['User']['org_id'] = $this->Auth->User('org_id');
$this->loadModel('Role');
@ -682,7 +682,7 @@ class UsersController extends AppController {
'confirm_password' => 'admin',
'authkey' => $this->User->generateAuthKey(),
'nids_sid' => 4000000,
'newsread' => date('Y-m-d'),
'newsread' => 0,
'role_id' => 1,
'change_pw' => 1
));

14
app/Model/AppModel.php
View File

@ -49,7 +49,7 @@ class AppModel extends Model {
// major -> minor -> hotfix -> requires_logout
public $db_changes = array(
2 => array(
4 => array(18 => false, 19 => false, 20 => false, 25 => false, 27 => false, 32 => false, 33 => true, 38 => true, 39 => true, 40 => false, 42 => false, 44 => false)
4 => array(18 => false, 19 => false, 20 => false, 25 => false, 27 => false, 32 => false, 33 => true, 38 => true, 39 => true, 40 => false, 42 => false, 44 => false, 45 => false)
)
);
@ -369,6 +369,18 @@ class AppModel extends Model {
case '2.4.44':
$sqlArray[] = "UPDATE `servers` SET `url` = TRIM(TRAILING '/' FROM `url`)";
break;
case '2.4.45':
$sqlArray[] = 'ALTER TABLE `users` CHANGE `newsread` `newsread` int(11) unsigned;';
$sqlArray[] = 'UPDATE `users` SET `newsread` = 0;';
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `news` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`message` text COLLATE utf8_bin NOT NULL,
`title` text COLLATE utf8_bin NOT NULL,
`user_id` int(11) NOT NULL,
`date_created` int(11) unsigned NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
break;
case 'fixNonEmptySharingGroupID':
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4';
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4';

26
app/Model/News.php Normal file
View File

@ -0,0 +1,26 @@
<?php
App::uses('AppModel', 'Model');
class News extends AppModel {
public $actsAs = array('Containable');
public $validate = array(
'message' => array(
'valueNotEmpty' => array(
'rule' => array('valueNotEmpty'),
),
),
'title' => array(
'valueNotEmpty' => array(
'rule' => array('valueNotEmpty'),
),
)
);
public $belongsTo = array(
'User' => array(
'className' => 'User',
)
);
}

9
app/Model/User.php
View File

@ -173,13 +173,8 @@ class User extends AppModel {
),
),
'newsread' => array(
'date' => array(
'rule' => array('date'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
'numeric' => array(
'rule' => array('numeric')
),
),
);

1
app/View/Elements/global_menu.ctp
View File

@ -75,6 +75,7 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="<?php echo $baseurl;?>/news">News</a></li>
<li><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
<li><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
<li><a href="<?php echo $baseurl;?>/users/memberslist">Members List</a></li>

13
app/View/Elements/side_menu.ctp
View File

@ -318,7 +318,18 @@
<?php elseif ($menuItem === 'previewEvent'): ?>
<li id='lipreviewEvent'><a href="<?php echo $baseurl;?>/feeds/previewEvent/<?php echo h($feed['Feed']['id']); ?>/<?php echo h($id);?>">PreviewEvent</a></li>
<?php endif;
break;
break;
case 'news': ?>
<li id='liindex'><a href="<?php echo $baseurl;?>/news/index">View News</a></li>
<?php
if ($isSiteAdmin): ?>
<li id='liadd'><a href="<?php echo $baseurl;?>/news/add">Add News Item</a></li>
<?php if ($menuItem === 'edit'): ?>
<li class="active"><a href="#">Edit News Item</a></li>
<?php endif;
endif;
break;
}
?>
</ul>

39
app/View/News/add.ctp Normal file
View File

@ -0,0 +1,39 @@
<div class="news form">
<?php
echo $this->Form->create('News');
?>
<fieldset>
<legend><?php echo 'Add News Item'; ?></legend>
<?php
echo $this->Form->input('title', array(
'type' => 'text',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('message', array(
'type' => 'textarea',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('anonymise', array(
'checked' => false,
'label' => 'Create anonymously',
));
?>
</fieldset>
<?php
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'news', 'menuItem' => 'add'));
?>

40
app/View/News/edit.ctp Normal file
View File

@ -0,0 +1,40 @@
<div class="news form">
<?php
echo $this->Form->create('News');
?>
<fieldset>
<legend><?php echo 'Edit News Item'; ?></legend>
<?php
echo $this->Form->input('title', array(
'type' => 'text',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('message', array(
'type' => 'textarea',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('anonymise', array(
'type' => 'checkbox',
'checked' => $newsItem['News']['user_id'] == 0,
'label' => 'Create anonymously',
));
?>
</fieldset>
<?php
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'news', 'menuItem' => 'edit'));
?>

54
app/View/News/index.ctp Normal file
View File

@ -0,0 +1,54 @@
<div class="templates view">
<h2>News</h2>
<div>
<?php
if (!empty($newsItems)):
foreach ($newsItems as $newsItem): ?>
<div class="templateTableRow" style="width:800px;">
<div class="templateElementHeader" style="width:100%;position:relative;<?php if ($newsItem['News']['new']) echo 'background-color:red;'?>">
<div class="templateGlass"></div>
<div class ="templateElementHeaderText" style="width:100%;">
<div style="float:left;width:83%;"><?php echo $newsItem['User']['email'] ? h($newsItem['User']['email']) : 'Administrator'; ?></div>
<div style="float:left;width:17%;"><?php echo date('Y/m/d H:i:s', $newsItem['News']['date_created']); ?></div>
</div>
</div>
<div style="padding:6px;">
<h4><?php echo h($newsItem['News']['title']);?></h4>
<?php
echo nl2br(h($newsItem['News']['message']));
if ($isSiteAdmin):
?>
<br /><a href="<?php echo $baseurl; ?>/news/edit/<?php echo h($newsItem['News']['id']);?>" class="icon-edit" title="Edit news message"></a>
<?php
echo $this->Form->postLink('', array('action' => 'delete', $newsItem['News']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete news item # %s?', $newsItem['News']['id']));
endif;
?>
</div>
</div>
<br />
<?php
endforeach;
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<?php
else:
echo 'There are currently no news messages.';
endif;
?>
</div>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'news', 'menuItem' => 'index'));
?>