mirror of https://github.com/MISP/MISP
parent
b4711463f8
commit
dad39083cf
|
@ -19,14 +19,17 @@
|
|||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||
*/
|
||||
|
||||
// @codingStandardsIgnoreStart
|
||||
|
||||
/*
|
||||
*
|
||||
* Using the Schema command line utility
|
||||
* cake schema run create i18n
|
||||
*
|
||||
*/
|
||||
class i18nSchema extends CakeSchema {
|
||||
|
||||
// @codingStandardsIgnoreEnd
|
||||
|
||||
public $name = 'i18n';
|
||||
|
||||
public function before($event = array()) {
|
||||
|
|
|
@ -22,18 +22,18 @@
|
|||
/**
|
||||
* Example
|
||||
* -------
|
||||
*
|
||||
*
|
||||
* Assumptions:
|
||||
*
|
||||
* 1. In your application you created a User model with the following properties:
|
||||
* 1. In your application you created a User model with the following properties:
|
||||
* username, group_id, password, email, firstname, lastname and so on.
|
||||
* 2. You configured AuthComponent to authorize actions via
|
||||
* $this->Auth->authorize = array('Actions' => array('actionPath' => 'controllers/'),...)
|
||||
*
|
||||
* 2. You configured AuthComponent to authorize actions via
|
||||
* $this->Auth->authorize = array('Actions' => array('actionPath' => 'controllers/'),...)
|
||||
*
|
||||
* Now, when a user (i.e. jeff) authenticates successfully and requests a controller action (i.e. /invoices/delete)
|
||||
* that is not allowed by default (e.g. via $this->Auth->allow('edit') in the Invoices controller) then AuthComponent
|
||||
* will ask the configured ACL interface if access is granted. Under the assumptions 1. and 2. this will be
|
||||
* done via a call to Acl->check() with
|
||||
* that is not allowed by default (e.g. via $this->Auth->allow('edit') in the Invoices controller) then AuthComponent
|
||||
* will ask the configured ACL interface if access is granted. Under the assumptions 1. and 2. this will be
|
||||
* done via a call to Acl->check() with
|
||||
*
|
||||
* array('User' => array('username' => 'jeff', 'group_id' => 4, ...))
|
||||
*
|
||||
|
@ -42,7 +42,7 @@
|
|||
* '/controllers/invoices/delete'
|
||||
*
|
||||
* as ACO.
|
||||
*
|
||||
*
|
||||
* If the configured map looks like
|
||||
*
|
||||
* $config['map'] = array(
|
||||
|
@ -50,17 +50,17 @@
|
|||
* 'Role' => 'User/group_id',
|
||||
* );
|
||||
*
|
||||
* then PhpAcl will lookup if we defined a role like User/jeff. If that role is not found, PhpAcl will try to
|
||||
* find a definition for Role/4. If the definition isn't found then a default role (Role/default) will be used to
|
||||
* then PhpAcl will lookup if we defined a role like User/jeff. If that role is not found, PhpAcl will try to
|
||||
* find a definition for Role/4. If the definition isn't found then a default role (Role/default) will be used to
|
||||
* check rules for the given ACO. The search can be expanded by defining aliases in the alias configuration.
|
||||
* E.g. if you want to use a more readable name than Role/4 in your definitions you can define an alias like
|
||||
*
|
||||
* $config['alias'] = array(
|
||||
* 'Role/4' => 'Role/editor',
|
||||
* );
|
||||
*
|
||||
*
|
||||
* In the roles configuration you can define roles on the lhs and inherited roles on the rhs:
|
||||
*
|
||||
*
|
||||
* $config['roles'] = array(
|
||||
* 'Role/admin' => null,
|
||||
* 'Role/accountant' => null,
|
||||
|
@ -68,7 +68,7 @@
|
|||
* 'Role/manager' => 'Role/editor, Role/accountant',
|
||||
* 'User/jeff' => 'Role/manager',
|
||||
* );
|
||||
*
|
||||
*
|
||||
* In this example manager inherits all rules from editor and accountant. Role/admin doesn't inherit from any role.
|
||||
* Lets define some rules:
|
||||
*
|
||||
|
@ -87,10 +87,10 @@
|
|||
* ),
|
||||
* );
|
||||
*
|
||||
* Ok, so as jeff inherits from Role/manager he's matched every rule that references User/jeff, Role/manager,
|
||||
* Role/editor, Role/accountant and Role/default. However, for jeff, rules for User/jeff are more specific than
|
||||
* Ok, so as jeff inherits from Role/manager he's matched every rule that references User/jeff, Role/manager,
|
||||
* Role/editor, Role/accountant and Role/default. However, for jeff, rules for User/jeff are more specific than
|
||||
* rules for Role/manager, rules for Role/manager are more specific than rules for Role/editor and so on.
|
||||
* This is important when allow and deny rules match for a role. E.g. Role/accountant is allowed
|
||||
* This is important when allow and deny rules match for a role. E.g. Role/accountant is allowed
|
||||
* controllers/invoices/* but at the same time controllers/invoices/delete is denied. But there is a more
|
||||
* specific rule defined for Role/manager which is allowed controllers/invoices/delete. However, the most specific
|
||||
* rule denies access to the delete action explicitly for User/jeff, so he'll be denied access to the resource.
|
||||
|
@ -101,7 +101,7 @@
|
|||
|
||||
/**
|
||||
* The role map defines how to resolve the user record from your application
|
||||
* to the roles you defined in the roles configuration.
|
||||
* to the roles you defined in the roles configuration.
|
||||
*/
|
||||
$config['map'] = array(
|
||||
'User' => 'User/username',
|
||||
|
|
|
@ -1,14 +1,20 @@
|
|||
81c81,83
|
||||
< if (is_dir($path)) {
|
||||
---
|
||||
> // deresz: commented out for compatibility with NCIRC PHP security settings (open_basedir restriction)
|
||||
>
|
||||
> // if (is_dir($path)) {
|
||||
83,85c85,87
|
||||
< } else {
|
||||
< $path = APP . $path . $id;
|
||||
< }
|
||||
---
|
||||
> // } else {
|
||||
> // $path = APP . $path . $id;
|
||||
> // }
|
||||
--- lib/Cake/View/MediaView.php.orig 2012-12-12 16:45:24.269525098 +0100
|
||||
+++ lib/Cake/View/MediaView.php 2012-12-12 16:46:32.173528779 +0100
|
||||
@@ -78,11 +78,13 @@
|
||||
$name = $download = $extension = $id = $modified = $path = $cache = $mimeType = $compress = null;
|
||||
extract($this->viewVars, EXTR_OVERWRITE);
|
||||
|
||||
- if (is_dir($path)) {
|
||||
+ // deresz: commented out for compatibility with NCIRC PHP security settings (open_basedir restriction)
|
||||
+
|
||||
+ //if (is_dir($path)) {
|
||||
$path = $path . $id;
|
||||
- } else {
|
||||
- $path = APP . $path . $id;
|
||||
- }
|
||||
+ //} else {
|
||||
+ // $path = APP . $path . $id;
|
||||
+ //}
|
||||
|
||||
if (!is_file($path)) {
|
||||
if (Configure::read('debug')) {
|
||||
|
|
Loading…
Reference in New Issue