MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [Roles] CRUD rework

pull/6585/head
iglocska 2020-11-11 10:44:06 +01:00
parent 8192ded7dd
commit d19dbd00a6
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
5 changed files with 302 additions and 298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

156
app/Controller/RolesController.php
View File

@ -26,53 +26,31 @@ class RolesController extends AppController
)
);
public function view($id = null)
public function view($id=false)
{
$this->Role->id = $id;
if (!$this->Role->exists()) {
throw new NotFoundException(__('Invalid role'));
}
if ($this->_isRest()) {
return $this->RestResponse->viewData($this->Role->read(null, $id), $this->response->type());
} else {
$this->set('premissionLevelName', $this->Role->premissionLevelName);
$this->set('role', $this->Role->read(null, $id));
$this->set('id', $id);
$this->set('menuData', ['menuList' => 'globalActions', 'menuItem' => 'roles']);
$this->CRUD->view($id);
if ($this->IndexFilter->isRest()) {
return $this->restResponsePayload;
}
$this->set('permissionLevelName', $this->Role->premissionLevelName);
$this->set('permFlags', $this->Role->permFlags);
}
public function admin_add()
{
if (!$this->_isSiteAdmin()) {
$this->redirect(array('controller' => 'roles', 'action' => 'index', 'admin' => false));
}
if ($this->request->is('post')) {
$this->Role->create();
if ($this->Role->save($this->request->data)) {
if ($this->_isRest()) {
$role = $this->Role->find('first', array(
'recursive' => -1,
'conditions' => array('Role.id' => $this->Role->id)
));
return $this->RestResponse->viewData($role, $this->response->type());
} else {
$this->Flash->success(__('The Role has been saved'));
$this->redirect(array('action' => 'index'));
}
} else {
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Role', 'admin_add', false, $this->Role->validationErrors, $this->response->type());
} else {
if (!($this->Session->check('Message.flash'))) {
$this->Role->Session->setFlash(__('The Role could not be saved. Please, try again.'));
}
}
}
} elseif ($this->_isRest()) {
return $this->RestResponse->describe('Roles', 'admin_add', false, $this->response->type());
$this->set('menuData', array('menuList' => 'admin', 'menuItem' => 'addRole'));
$params = [];
$selectConditions = [];
$this->CRUD->add($params);
if ($this->IndexFilter->isRest()) {
return $this->restResponsePayload;
}
$this->set('permFlags', $this->Role->permFlags);
$this->set('options', $this->options);
$dropdownData = [
'options' => $this->options
];
$this->set(compact('dropdownData'));
}
public function admin_edit($id = null)
@ -121,48 +99,34 @@ class RolesController extends AppController
$this->set('id', $id);
}
public function admin_index()
public function admin_index($id = false)
{
if (!$this->_isSiteAdmin()) {
$this->redirect(array('controller' => 'roles', 'action' => 'index', 'admin' => false));
}
$this->recursive = 0;
if ($this->_isRest()) {
$roles = $this->Role->find('all', array(
'recursive' => -1
));
return $this->RestResponse->viewData($roles, $this->response->type());
} else {
$this->set('list', $this->paginate());
$this->set('permFlags', $this->Role->permFlags);
$this->loadModel('AdminSetting');
$this->set('default_role_id', $this->AdminSetting->getSetting('default_role'));
$this->set('options', $this->options);
$params = [
'filters' => ['name'],
'quickFilters' => ['name'],
'afterFind' => function($elements) {
$this->loadModel('AdminSetting');
$default_setting = $this->AdminSetting->getSetting('default_role');
foreach ($elements as &$role) {
$role['Role']['default'] = ($role['Role']['id'] == $default_setting) ? true : false;
}
return $elements;
}
];
//$this->paginate['fields'] = ['id', 'name'];
$this->CRUD->index($params);
if ($this->IndexFilter->isRest()) {
return $this->restResponsePayload;
}
$this->set('permFlags', $this->Role->permFlags);
$this->set('menuData', array('menuList' => 'globalActions', 'menuItem' => 'roles'));
}
public function admin_delete($id = null)
{
if (!$this->request->is('post') && !$this->request->is('put') && !$this->request->is('delete')) {
throw new MethodNotAllowedException();
}
$this->Role->id = $id;
if (!$this->Role->exists()) {
throw new NotFoundException(__('Invalid Role'));
}
if ($this->Role->delete()) {
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Roles', 'admin_delete', $id, $this->response->type());
} else {
$this->Flash->success(__('Role deleted'));
$this->redirect(array('action' => 'index'));
}
}
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Roles', 'admin_delete', $id, $this->Role->validationErrors, $this->response->type());
} else {
$this->Flash->error(__('Role could not be deleted'));
$this->redirect(array('action' => 'index'));
$this->CRUD->delete($id);
if ($this->IndexFilter->isRest()) {
return $this->restResponsePayload;
}
}
@ -185,29 +149,37 @@ class RolesController extends AppController
public function admin_set_default($role_id = false)
{
$this->Role->id = $role_id;
if ((!is_numeric($role_id) && $role_id !== false) || !$this->Role->exists()) {
$message = 'Invalid Role.';
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Roles', 'admin_set_default', $role_id, $message, $this->response->type());
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $message)), 'status'=>200, 'type' => 'json'));
if ($this->request->is('post')) {
$this->Role->id = $role_id;
if ((!is_numeric($role_id) && $role_id !== false) || !$this->Role->exists()) {
$message = 'Invalid Role.';
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Roles', 'admin_set_default', $role_id, $message, $this->response->type());
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $message)), 'status'=>200, 'type' => 'json'));
}
}
}
$this->loadModel('AdminSetting');
$result = $this->AdminSetting->changeSetting('default_role', $role_id);
if ($result === true) {
$message = $role_id ? __('Default role set.') : __('Default role unset.');
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Roles', 'admin_set_default', $role_id, $this->response->type(), $message);
$this->loadModel('AdminSetting');
$result = $this->AdminSetting->changeSetting('default_role', $role_id);
if ($result === true) {
$message = $role_id ? __('Default role set.') : __('Default role unset.');
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('Roles', 'admin_set_default', $role_id, $this->response->type(), $message);
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => $message)), 'status'=>200, 'type' => 'json'));
}
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => $message)), 'status'=>200, 'type' => 'json'));
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Roles', 'admin_set_default', $role_id, $result, $this->response->type());
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $result)), 'status'=>200, 'type' => 'json'));
}
}
} else {
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('Roles', 'admin_set_default', $role_id, $result, $this->response->type());
return $this->RestResponse->saveFailResponse('Role', 'admin_set_default', false, __('This endpoint expects a POST request.'), $this->response->type());
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $result)), 'status'=>200, 'type' => 'json'));
$this->layout = false;
}
}
}

146
app/View/Roles/admin_add.ctp
View File

@ -1,71 +1,84 @@
<div class="roles form">
<?php echo $this->Form->create('Role'); ?>
<fieldset>
<legend><?php echo __('Add Role');?></legend>
<?php
echo $this->Form->input('restricted_to_site_admin', array(
'type' => 'checkbox',
'class' => 'checkbox readonlyenabled',
'label' => __('Restrict to site admins')
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('name');
echo $this->Form->input('permission', array('type' => 'select', 'label' => __('Permissions'), 'options' => $options), array('value' => '3'));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('memory_limit', array('label' => __('Memory limit') . ' (' . h($default_memory_limit) . ')'));
echo $this->Form->input('max_execution_time', array('label' => __('Maximum execution time') . ' (' . h($default_max_execution_time) . ')'));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('enforce_rate_limit', array(
'type' => 'checkbox',
'label' => __('Enforce search rate limit')
));
?>
<div class="input clear"></div>
<div id="rateLimitCountContainer">
<?php
echo $this->Form->input('rate_limit_count', array('label' => __('# of searches / 15 min')));
?>
</div>
<div class="input clear"></div>
<?php
$counter = 1;
foreach ($permFlags as $k => $flag):
?>
<div class="permFlags<?php echo ' ' . ($flag['readonlyenabled'] ? 'readonlyenabled' : 'readonlydisabled'); ?>">
<?php
echo $this->Form->input($k, array(
'type' => 'checkbox',
'class' => sprintf(
'checkbox %s %s',
($flag['readonlyenabled'] ? 'readonlyenabled' : 'readonlydisabled'),
empty($flag['site_admin_optional']) ? 'site_admin_enforced' : 'site_admin_optional'
),
'checked' => false,
'label' => $flag['text'],
));
if ($counter%3 == 0) echo "<div class='input clear'></div>";
$counter++;
?>
</div>
<?php
endforeach;
?>
</fieldset>
<?php
echo $this->Form->button(__('Add'), array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'addRole'));
?>
$fields = [
[
'field' => 'restricted_to_site_admin',
'label' => __('Restrict to site admins'),
'type' => 'checkbox',
'class' => 'readonlyenabled'
],
[
'field' => 'name',
'stayInLine' => 1
],
[
'field' => 'permission',
'label' => __('Permissions'),
'type' => 'select',
'options' => $dropdownData['options'],
'value' => '3',
'class' => 'span3'
],
[
'field' => 'memory_limit',
'label' => __('Memory limit (%s)', $default_memory_limit),
'stayInLine' => 1
],
[
'field' => 'max_execution_time',
'label' => __('Maximum execution time (%ss)', $default_max_execution_time)
],
[
'field' => 'enforce_rate_limit',
'label' => __('Enforce search rate limit'),
'type' => 'checkbox',
],
[
'field' => 'rate_limit_count',
'label' => __('# of searches / 15 min'),
'div' => [
'id' => 'rateLimitCountContainer'
]
]
];
$counter = 0;
foreach ($permFlags as $k => $flag) {
$counter += 1;
$fields[] = [
'field' => $k,
'label' => h($flag['text']),
'checked' => false,
'type' => 'checkbox',
'div' => [
'class' => sprintf(
'permFlags %s checkbox',
($flag['readonlyenabled'] ? 'readonlyenabled' : 'readonlydisabled')
)
],
'class' => sprintf(
'checkbox %s %s',
($flag['readonlyenabled'] ? 'readonlyenabled' : 'readonlydisabled'),
empty($flag['site_admin_optional']) ? 'site_admin_enforced' : 'site_admin_optional'
),
'stayInLine' => ($counter%3 != 0)
];
}
echo $this->element('genericElements/Form/genericForm', [
'data' => [
'description' => false,
'title' => __('Add Role'),
'fields' => $fields,
'submit' => [
'action' => $this->request->params['action'],
'ajaxSubmit' => 'submitGenericFormInPlace();'
]
]
]);
if (!$ajax) {
echo $this->element('/genericElements/SideMenu/side_menu', $menuData);
}
?>
<script type="text/javascript">
$(function() {
checkRolePerms();
@ -78,4 +91,3 @@ echo $this->Form->end();
});
});
</script>
<?php echo $this->Js->writeBuffer();

229
app/View/Roles/admin_index.ctp
View File

@ -1,113 +1,118 @@
<div class="roles index">
<h2><?php echo __('Roles');?></h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo __('Default');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
<th><?php echo $this->Paginator->sort('restricted_to_site_admin', __('Restricted to site admins'));?></th>
<th><?php echo $this->Paginator->sort('permission', __('Permissions'));?></th>
<?php
foreach ($permFlags as $k => $flags):
?>
<th title="<?php echo h($flags['title']); ?>"><?php echo $this->Paginator->sort($k, $flags['text']);?></th>
<?php
endforeach;
?>
<th><?php echo $this->Paginator->sort('memory_limit', __('Memory limit'));?></th>
<th><?php echo $this->Paginator->sort('max_execution_time', __('Max execution time'));?></th>
<th><?php echo $this->Paginator->sort('rate_limit_count', __('Searches / 15 mins'));?></th>
<th class="actions"><?php echo __('Actions');?></th>
</tr><?php
foreach ($list as $item): ?>
<tr>
<td><?php echo $this->Html->link(h($item['Role']['id']), array('admin' => true, 'action' => 'edit', $item['Role']['id'])); ?>&nbsp;</td>
<td class="short" style="text-align:center;width:20px;"><input class="servers_default_role_checkbox" type="checkbox" aria-label="<?php echo __('Default role'); ?>" data-id="<?php echo h($item['Role']['id']); ?>" <?php if ($default_role_id && $default_role_id == $item['Role']['id']) echo 'checked'; ?>></td>
<td><?php echo h($item['Role']['name']); ?>&nbsp;</td>
<td class="short"><span class="<?php if ($item['Role']['restricted_to_site_admin']) echo 'icon-ok'; ?>" role="img" aria-label="<?php echo $item['Role']['restricted_to_site_admin'] ? __('Yes') : __('No'); ?>"></span>&nbsp;</td>
<td><?php echo h($options[$item['Role']['permission']]); ?>&nbsp;</td>
<?php
foreach ($permFlags as $k => $flags) {
$flagName = Inflector::Humanize(substr($k, 5));
echo sprintf(
'<td class="short"><span class="%s" role="img" aria-label="%s" title="%s"></span>&nbsp;</td>',
($item['Role'][$k]) ? 'icon-ok' : '',
($item['Role'][$k]) ? __('Yes') : __('No'),
sprintf(
__('%s permission %s'),
h($flagName),
$item['Role'][$k] ? 'granted' : 'denied'
)
);
}
?>
<td class="short">
<?php
if (empty($item['Role']['memory_limit'])) {
echo h($default_memory_limit);
} else {
echo h($item['Role']['memory_limit']);
}
?>
</td>
<td class="short">
<?php
if (empty($item['Role']['max_execution_time'])) {
echo h($default_max_execution_time);
} else {
echo h($item['Role']['max_execution_time']);
}
?>
</td>
<td class="short">
<?php
if (empty($item['Role']['rate_limit_count']) || empty($item['Role']['enforce_rate_limit'])) {
echo 'N/A';
} else {
echo h(intval($item['Role']['rate_limit_count']));
}
?>
</td>
<td class="short action-links">
<?php echo $this->Html->link('', array('admin' => true, 'action' => 'edit', $item['Role']['id']), array('class' => 'fa fa-edit', 'title' => __('Edit'), 'aria-label' => __('Edit'))); ?>
<?php echo $this->Form->postLink('', array('admin' => true, 'action' => 'delete', $item['Role']['id']), array('class' => 'fa fa-trash', 'title' => __('Delete'), 'aria-label' => __('Delete')), __('Are you sure you want to delete %s?', $item['Role']['name'])); ?>
</td>
</tr><?php
endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'indexRole'));
$fields = [
[
'name' => __('Id'),
'sort' => 'Role.id',
'data_path' => 'Role.id'
],
[
'name' => __('Default'),
'data_path' => 'Role.default',
'element' => 'toggle',
'url' => '/admin/roles/set_default',
'url_params_data_paths' => ['Role.id'],
'checkbox_class' => 'defaultRoleCheckbox',
'beforeHook' => "$('.defaultRoleCheckbox').prop('checked', false); $(this).prop('checked', true);"
],
[
'name' => __('Name'),
'sort' => 'Role.name',
'data_path' => 'Role.name'
]
];
foreach ($permFlags as $k => $permFlag) {
$fields[] = [
'name' => Inflector::Humanize(substr($k, 5)),
'sort' => 'Role.' . $k,
'data_path' => 'Role.' . $k,
'element' => 'boolean'
];
}
$fields[] = [
'name' => __('Memory Limit'),
'sort' => 'Role.memory_limit',
'data_path' => 'Role.memory_limit',
'decorator' => function($value) use ($default_memory_limit) {
return empty($value) ? $default_memory_limit : h($value);
}
];
$fields[] = [
'name' => __('Max execution time'),
'sort' => 'Role.max_execution_time',
'data_path' => 'Role.max_execution_time',
'decorator' => function($value) use ($default_max_execution_time) {
return (empty($value) ? $default_max_execution_time : h($value)) . 's';
}
];
$fields[] = [
'name' => __('Searches / 15 mins'),
'sort' => 'Role.rate_limit_count',
'data_path' => 'Role.rate_limit_count',
'decorator' => function($value)
{
return (empty($value) ? __('N/A') : h($value));
}
];
echo $this->element('genericElements/IndexTable/scaffold', [
'scaffold_data' => [
'data' => [
'data' => $data,
'top_bar' => [
'pull' => 'right',
'children' => [
[
'type' => 'simple',
'children' => [
'data' => [
'type' => 'simple',
'text' => __('Add role'),
'class' => 'btn btn-primary',
'onClick' => 'openGenericModal',
'onClickParams' => [
sprintf(
'%s/admin/roles/add',
$baseurl
)
]
]
]
],
[
'type' => 'search',
'button' => __('Filter'),
'placeholder' => __('Enter value to search'),
'data' => '',
'searchKey' => 'quickFilter'
]
]
],
'fields' => $fields,
'title' => empty($ajax) ? __('Roles') : false,
'description' => empty($ajax) ? __('Instance specific permission roles.') : false,
'actions' => [
[
'url' => $baseurl . '/admin/roles/edit/',
'url_params_data_paths' => array(
'Role.id'
),
'icon' => 'edit'
],
[
'onclick' => sprintf(
'openGenericModal(\'%s/admin/roles/delete/[onclick_params_data_path]\');',
$baseurl
),
'onclick_params_data_path' => 'Role.id',
'icon' => 'trash'
]
]
]
]
]);
?>

4
app/View/Roles/admin_set_default.ctp Normal file
View File

@ -0,0 +1,4 @@
<?php
echo $this->Form->create('Role');
echo $this->Form->end();
?>

65
app/View/Roles/view.ctp
View File

@ -1,29 +1,40 @@
<?php
$table_data = array();
$table_data[] = array('key' => __('Id'), 'value' => $role['Role']['id']);
$table_data[] = array('key' => __('Name'), 'value' => $role['Role']['name']);
$table_data[] = array('key' => __('Permission level'), 'value' => $premissionLevelName[$role['Role']['permission']]);
foreach ($role['Role'] as $k => $item) {
if (substr($k, 0, 5) === 'perm_' && !in_array($k, array('perm_add', 'perm_modify', 'perm_modify_org', 'perm_publish', 'perm_full'))) {
$name = substr($k, 5);
if (in_array($name, array('add', 'modify', 'modify_org', 'publish', 'full'))) {
continue;
}
$table_data[] = array(
'key' => Inflector::humanize(h($name)),
'value_class' => $role['Role'][$k] ? 'green' : 'red',
'value' => $role['Role'][$k] ? 'Granted' : 'Denied'
);
}
}
echo sprintf(
'<div class="roles view row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s',
sprintf(
'<h2>%s</h2>%s',
__('Role'),
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
),
$this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'globalActions', 'menuItem' => 'roles'))
);
?>
$fields = [
[
'key' => __('Id'),
'path' => 'Role.id'
],
[
'key' => __('Name'),
'path' => 'Role.name'
],
[
'key' => __('Permission level'),
'path' => 'Role.permission',
'type' => 'mapping',
'mapping' => $permissionLevelName
]
];
foreach ($permFlags as $permFlag => $permFlagData) {
$fields[] = [
'key' => $permFlagData['text'],
'title' => $permFlagData['title'],
'path' => 'Role.' . $permFlag,
'type' => 'boolean',
'mapping' => [
false => '<span class="red bold">Denied</span>',
true => '<span class="green bold">Granted</span>'
]
];
}
echo $this->element(
'genericElements/SingleViews/single_view',
[
'title' => 'Role view',
'data' => $data,
'fields' => $fields,
'children' => [
]
]
);