mirror of https://github.com/MISP/MISP
Bug fixes
- issues of admin orgs not being able to edit/delete org events - owner org removed for org admins - email only visible from own org to org adminspull/64/merge
parent
c86a90dd9f
commit
d5800206e6
|
@ -131,7 +131,7 @@ class AppController extends Controller {
|
|||
// TODO ACL: 5: from Controller to Views
|
||||
$this->set('isAclAdd', $this->checkAcl('add'));
|
||||
$this->set('isAclModify', $this->checkAcl('edit'));
|
||||
$this->set('isAclModifyOrg', $this->checkRole());
|
||||
$this->set('isAclModifyOrg', $this->checkAction('perm_modify_org'));
|
||||
$this->set('isAclPublish', $this->checkAcl('publish'));
|
||||
$this->set('isAclAdd2', $this->checkAction('perm_add'));
|
||||
$this->set('isAclSync', $this->checkAction('perm_sync'));
|
||||
|
|
|
@ -9,7 +9,7 @@ if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
|||
<?php
|
||||
endif; ?>
|
||||
<?php
|
||||
if ($isAdmin): ?>
|
||||
if ($isSiteAdmin): ?>
|
||||
<th><?php echo $this->Paginator->sort('owner org');?></th>
|
||||
<?php
|
||||
endif; ?>
|
||||
|
@ -58,7 +58,7 @@ foreach ($events as $event):?>
|
|||
?>
|
||||
</td><?php
|
||||
endif;
|
||||
if ('true' == $isAdmin): ?>
|
||||
if ('true' == $isSiteAdmin): ?>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';"><?php
|
||||
$imgRelativePath = 'orgs' . DS . h($event['Event']['org']) . '.png';
|
||||
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
|
||||
|
@ -74,7 +74,8 @@ foreach ($events as $event):?>
|
|||
<?php echo $event['Event']['attribute_count']; ?> </td><?php
|
||||
if ('true' == Configure::read('CyDefSIG.showowner') || $isAdmin): ?>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
|
||||
<?php echo h($event['User']['email']); ?> </td><?php
|
||||
<?php if('false' == Configure::read('CyDefSIG.showowner') && ($isSiteAdmin || $event['Event']['org'] == $me['org'])) echo h($event['User']['email']);
|
||||
?> </td><?php
|
||||
endif; ?>
|
||||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
|
||||
<?php echo $event['Event']['date']; ?> </td>
|
||||
|
@ -97,7 +98,7 @@ foreach ($events as $event):?>
|
|||
endif; ?>
|
||||
<td class="actions">
|
||||
<?php
|
||||
if (0 == $event['Event']['published'] && ($isAdmin || ($isAclPublish && $event['Event']['org'] == $me['org'])))
|
||||
if (0 == $event['Event']['published'] && ($isSiteAdmin || ($isAclPublish && $event['Event']['org'] == $me['org'])))
|
||||
echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), array('action' => 'alert', $event['Event']['id']), 'Are you sure this event is complete and everyone should be informed?');
|
||||
elseif (0 == $event['Event']['published']) echo 'Not published';
|
||||
?>
|
||||
|
|
|
@ -32,14 +32,14 @@ endif; ?>
|
|||
|
||||
</dd>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
||||
<dt>Creating Org</dt>
|
||||
<dt>Org</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['orgc']); ?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
endif; ?>
|
||||
<?php if ($isAdmin): ?>
|
||||
<?php if ($isSiteAdmin): ?>
|
||||
<dt>Owner org</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['org']); ?>
|
||||
|
@ -47,7 +47,7 @@ endif; ?>
|
|||
</dd>
|
||||
<?php
|
||||
endif; ?>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.showowner') || $isAdmin): ?>
|
||||
<?php if ('true' == Configure::read('CyDefSIG.showowner') || ($isSiteAdmin || ($isAdmin && $me['org'] == $event['Event']['org']))): ?>
|
||||
<dt>Email</dt>
|
||||
<dd>
|
||||
<?php echo h($event['User']['email']); ?>
|
||||
|
|
Loading…
Reference in New Issue