mirror of https://github.com/MISP/MISP
new: Added the news functionality back
- admins can add/edit/delete news items - users get redirected if there is a newsitem that they haven't seen yetpull/1150/head
parent
ecd1750dfe
commit
d02adf2085
|
@ -1 +1 @@
|
|||
{"major":2, "minor":4, "hotfix":44}
|
||||
{"major":2, "minor":4, "hotfix":45}
|
||||
|
|
|
@ -60,7 +60,7 @@ class UserInitShell extends AppShell {
|
|||
'confirm_password' => 'admin',
|
||||
'authkey' => $authkey,
|
||||
'nids_sid' => 4000000,
|
||||
'newsread' => date('Y-m-d'),
|
||||
'newsread' => 0,
|
||||
'role_id' => 1,
|
||||
'change_pw' => 0,
|
||||
'termsaccepted' => 1
|
||||
|
|
|
@ -279,6 +279,10 @@ class AppController extends Controller {
|
|||
if ($this->_isRest()) throw new MethodNotAllowedException('Your user account is expecting a password change, please log in via the web interface and change it before proceeding.');
|
||||
$this->redirect(array('controller' => 'users', 'action' => 'change_pw', 'admin' => false));
|
||||
}
|
||||
$newsread = $this->User->field('newsread', array('User.id' => $this->Auth->user('id')));
|
||||
$this->loadModel('News');
|
||||
$latest_news = $this->News->field('date_created', array(), 'date_created DESC');
|
||||
if (!$this->_isRest() && ($this->params['controller'] != 'news' || $this->params['action'] != 'index') && $latest_news && $newsread < $latest_news) $this->redirect(array('controller' => 'news', 'action' => 'index', 'admin' => false));
|
||||
unset($base_dir);
|
||||
|
||||
// We don't want to run these role checks before the user is logged in, but we want them available for every view once the user is logged on
|
||||
|
|
|
@ -145,6 +145,12 @@ class ACLComponent extends Component {
|
|||
'maxDateActivity' => array('*'),
|
||||
'returnDates' => array('*'),
|
||||
),
|
||||
'news' => array(
|
||||
'add' => array(),
|
||||
'edit' => array(),
|
||||
'delete' => array(),
|
||||
'index' => array('*'),
|
||||
),
|
||||
'orgBlacklists' => array(
|
||||
'add' => array(),
|
||||
'delete' => array(),
|
||||
|
|
|
@ -0,0 +1,77 @@
|
|||
<?php
|
||||
App::uses('AppController', 'Controller');
|
||||
|
||||
class NewsController extends AppController {
|
||||
public $components = array('Session', 'RequestHandler');
|
||||
|
||||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
}
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 5,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'News.id' => 'DESC'
|
||||
),
|
||||
);
|
||||
|
||||
public function index() {
|
||||
$this->News->bindModel(array('belongsTo' => array('User' => array('className' => 'User'))));
|
||||
$this->paginate['contain'] = array('User' => array('fields' => array('User.email')));
|
||||
$newsItems = $this->paginate();
|
||||
$this->loadModel('User');
|
||||
$currentUser = $this->User->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array('User.id' => $this->Auth->user('id')),
|
||||
'fields' => array('User.newsread')
|
||||
));
|
||||
foreach ($newsItems as &$item) {
|
||||
if ($item['News']['date_created'] > $currentUser['User']['newsread']) $item['News']['new'] = true;
|
||||
else $item['News']['new'] = false;
|
||||
}
|
||||
$this->User->id = $this->Auth->user('id');
|
||||
$this->User->saveField('newsread', time());
|
||||
$this->set('newsItems', $newsItems);
|
||||
}
|
||||
|
||||
public function add() {
|
||||
if ($this->request->is('post')) {
|
||||
$this->News->create();
|
||||
$this->request->data['News']['date_created'] = time();
|
||||
if (!isset($this->request->data['News']['anonymise']) || !$this->request->data['News']['anonymise']) $this->request->data['News']['user_id'] = $this->Auth->user('id');
|
||||
else $this->request->data['News']['user_id'] = 0;
|
||||
if ($this->News->save($this->request->data)) {
|
||||
$this->Session->setFlash('News item added.');
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else $this->Session->setFlash('The news item could not be added.');
|
||||
}
|
||||
}
|
||||
|
||||
public function edit($id) {
|
||||
$this->News->id = $id;
|
||||
if (!$this->News->exists()) throw new NotFoundException('Invalid news item.');
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
$this->request->data['News']['id'] = $id;
|
||||
if ($this->News->save($this->request->data)) {
|
||||
$this->Session->setFlash('News item updated.');
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else $this->Session->setFlash('Could not update news item.');
|
||||
} else {
|
||||
$this->request->data = $this->News->read(null, $id);
|
||||
$this->set('newsItem', $this->request->data);
|
||||
}
|
||||
}
|
||||
|
||||
public function delete($id) {
|
||||
if (!$this->request->is('post')) throw new MethodNotAllowedException();
|
||||
$this->News->id = $id;
|
||||
if (!$this->News->exists()) throw new NotFoundException('Invalid news item');
|
||||
if ($this->News->delete()) {
|
||||
$this->Session->setFlash('News item deleted.');
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
$this->Session->setFlash('News item could not be deleted.');
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
}
|
|
@ -386,7 +386,7 @@ class UsersController extends AppController {
|
|||
$this->request->data['User']['termsaccepted'] = 0;
|
||||
}
|
||||
if (!isset($this->request->data['User']['disabled'])) $this->request->data['User']['disabled'] = false;
|
||||
$this->request->data['User']['newsread'] = '2000-01-01';
|
||||
$this->request->data['User']['newsread'] = 0;
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$this->request->data['User']['org_id'] = $this->Auth->User('org_id');
|
||||
$this->loadModel('Role');
|
||||
|
@ -682,7 +682,7 @@ class UsersController extends AppController {
|
|||
'confirm_password' => 'admin',
|
||||
'authkey' => $this->User->generateAuthKey(),
|
||||
'nids_sid' => 4000000,
|
||||
'newsread' => date('Y-m-d'),
|
||||
'newsread' => 0,
|
||||
'role_id' => 1,
|
||||
'change_pw' => 1
|
||||
));
|
||||
|
|
|
@ -49,7 +49,7 @@ class AppModel extends Model {
|
|||
// major -> minor -> hotfix -> requires_logout
|
||||
public $db_changes = array(
|
||||
2 => array(
|
||||
4 => array(18 => false, 19 => false, 20 => false, 25 => false, 27 => false, 32 => false, 33 => true, 38 => true, 39 => true, 40 => false, 42 => false, 44 => false)
|
||||
4 => array(18 => false, 19 => false, 20 => false, 25 => false, 27 => false, 32 => false, 33 => true, 38 => true, 39 => true, 40 => false, 42 => false, 44 => false, 45 => false)
|
||||
)
|
||||
);
|
||||
|
||||
|
@ -369,6 +369,18 @@ class AppModel extends Model {
|
|||
case '2.4.44':
|
||||
$sqlArray[] = "UPDATE `servers` SET `url` = TRIM(TRAILING '/' FROM `url`)";
|
||||
break;
|
||||
case '2.4.45':
|
||||
$sqlArray[] = 'ALTER TABLE `users` CHANGE `newsread` `newsread` int(11) unsigned;';
|
||||
$sqlArray[] = 'UPDATE `users` SET `newsread` = 0;';
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `news` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`message` text COLLATE utf8_bin NOT NULL,
|
||||
`title` text COLLATE utf8_bin NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`date_created` int(11) unsigned NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case 'fixNonEmptySharingGroupID':
|
||||
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4';
|
||||
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4';
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
<?php
|
||||
App::uses('AppModel', 'Model');
|
||||
|
||||
class News extends AppModel {
|
||||
|
||||
public $actsAs = array('Containable');
|
||||
|
||||
public $validate = array(
|
||||
'message' => array(
|
||||
'valueNotEmpty' => array(
|
||||
'rule' => array('valueNotEmpty'),
|
||||
),
|
||||
),
|
||||
'title' => array(
|
||||
'valueNotEmpty' => array(
|
||||
'rule' => array('valueNotEmpty'),
|
||||
),
|
||||
)
|
||||
);
|
||||
|
||||
public $belongsTo = array(
|
||||
'User' => array(
|
||||
'className' => 'User',
|
||||
)
|
||||
);
|
||||
}
|
|
@ -173,13 +173,8 @@ class User extends AppModel {
|
|||
),
|
||||
),
|
||||
'newsread' => array(
|
||||
'date' => array(
|
||||
'rule' => array('date'),
|
||||
//'message' => 'Your custom message here',
|
||||
//'allowEmpty' => false,
|
||||
//'required' => false,
|
||||
//'last' => false, // Stop validation after this rule
|
||||
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||
'numeric' => array(
|
||||
'rule' => array('numeric')
|
||||
),
|
||||
),
|
||||
);
|
||||
|
|
|
@ -75,6 +75,7 @@
|
|||
<b class="caret"></b>
|
||||
</a>
|
||||
<ul class="dropdown-menu">
|
||||
<li><a href="<?php echo $baseurl;?>/news">News</a></li>
|
||||
<li><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
|
||||
<li><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
|
||||
<li><a href="<?php echo $baseurl;?>/users/memberslist">Members List</a></li>
|
||||
|
|
|
@ -318,7 +318,18 @@
|
|||
<?php elseif ($menuItem === 'previewEvent'): ?>
|
||||
<li id='lipreviewEvent'><a href="<?php echo $baseurl;?>/feeds/previewEvent/<?php echo h($feed['Feed']['id']); ?>/<?php echo h($id);?>">PreviewEvent</a></li>
|
||||
<?php endif;
|
||||
break;
|
||||
break;
|
||||
|
||||
case 'news': ?>
|
||||
<li id='liindex'><a href="<?php echo $baseurl;?>/news/index">View News</a></li>
|
||||
<?php
|
||||
if ($isSiteAdmin): ?>
|
||||
<li id='liadd'><a href="<?php echo $baseurl;?>/news/add">Add News Item</a></li>
|
||||
<?php if ($menuItem === 'edit'): ?>
|
||||
<li class="active"><a href="#">Edit News Item</a></li>
|
||||
<?php endif;
|
||||
endif;
|
||||
break;
|
||||
}
|
||||
?>
|
||||
</ul>
|
||||
|
|
|
@ -0,0 +1,39 @@
|
|||
<div class="news form">
|
||||
<?php
|
||||
echo $this->Form->create('News');
|
||||
?>
|
||||
<fieldset>
|
||||
<legend><?php echo 'Add News Item'; ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('title', array(
|
||||
'type' => 'text',
|
||||
'error' => array('escape' => false),
|
||||
'div' => 'input clear',
|
||||
'class' => 'input-xxlarge'
|
||||
));
|
||||
?>
|
||||
<div class="input clear"></div>
|
||||
<?php
|
||||
echo $this->Form->input('message', array(
|
||||
'type' => 'textarea',
|
||||
'error' => array('escape' => false),
|
||||
'div' => 'input clear',
|
||||
'class' => 'input-xxlarge'
|
||||
));
|
||||
?>
|
||||
<div class="input clear"></div>
|
||||
<?php
|
||||
echo $this->Form->input('anonymise', array(
|
||||
'checked' => false,
|
||||
'label' => 'Create anonymously',
|
||||
));
|
||||
?>
|
||||
</fieldset>
|
||||
<?php
|
||||
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'news', 'menuItem' => 'add'));
|
||||
?>
|
|
@ -0,0 +1,40 @@
|
|||
<div class="news form">
|
||||
<?php
|
||||
echo $this->Form->create('News');
|
||||
?>
|
||||
<fieldset>
|
||||
<legend><?php echo 'Edit News Item'; ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('title', array(
|
||||
'type' => 'text',
|
||||
'error' => array('escape' => false),
|
||||
'div' => 'input clear',
|
||||
'class' => 'input-xxlarge'
|
||||
));
|
||||
?>
|
||||
<div class="input clear"></div>
|
||||
<?php
|
||||
echo $this->Form->input('message', array(
|
||||
'type' => 'textarea',
|
||||
'error' => array('escape' => false),
|
||||
'div' => 'input clear',
|
||||
'class' => 'input-xxlarge'
|
||||
));
|
||||
?>
|
||||
<div class="input clear"></div>
|
||||
<?php
|
||||
echo $this->Form->input('anonymise', array(
|
||||
'type' => 'checkbox',
|
||||
'checked' => $newsItem['News']['user_id'] == 0,
|
||||
'label' => 'Create anonymously',
|
||||
));
|
||||
?>
|
||||
</fieldset>
|
||||
<?php
|
||||
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'news', 'menuItem' => 'edit'));
|
||||
?>
|
|
@ -0,0 +1,54 @@
|
|||
<div class="templates view">
|
||||
<h2>News</h2>
|
||||
<div>
|
||||
<?php
|
||||
if (!empty($newsItems)):
|
||||
foreach ($newsItems as $newsItem): ?>
|
||||
<div class="templateTableRow" style="width:800px;">
|
||||
<div class="templateElementHeader" style="width:100%;position:relative;<?php if ($newsItem['News']['new']) echo 'background-color:red;'?>">
|
||||
<div class="templateGlass"></div>
|
||||
<div class ="templateElementHeaderText" style="width:100%;">
|
||||
<div style="float:left;width:83%;"><?php echo $newsItem['User']['email'] ? h($newsItem['User']['email']) : 'Administrator'; ?></div>
|
||||
<div style="float:left;width:17%;"><?php echo date('Y/m/d H:i:s', $newsItem['News']['date_created']); ?></div>
|
||||
</div>
|
||||
</div>
|
||||
<div style="padding:6px;">
|
||||
<h4><?php echo h($newsItem['News']['title']);?></h4>
|
||||
<?php
|
||||
echo nl2br(h($newsItem['News']['message']));
|
||||
if ($isSiteAdmin):
|
||||
?>
|
||||
<br /><a href="<?php echo $baseurl; ?>/news/edit/<?php echo h($newsItem['News']['id']);?>" class="icon-edit" title="Edit news message"></a>
|
||||
<?php
|
||||
echo $this->Form->postLink('', array('action' => 'delete', $newsItem['News']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete news item # %s?', $newsItem['News']['id']));
|
||||
endif;
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
<br />
|
||||
<?php
|
||||
endforeach;
|
||||
echo $this->Paginator->counter(array(
|
||||
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
|
||||
));
|
||||
?>
|
||||
</p>
|
||||
<div class="pagination">
|
||||
<ul>
|
||||
<?php
|
||||
echo $this->Paginator->prev('« ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
|
||||
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
|
||||
echo $this->Paginator->next(__('next') . ' »', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
|
||||
?>
|
||||
</ul>
|
||||
</div>
|
||||
<?php
|
||||
else:
|
||||
echo 'There are currently no news messages.';
|
||||
endif;
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'news', 'menuItem' => 'index'));
|
||||
?>
|
Loading…
Reference in New Issue