mirror of https://github.com/MISP/MISP
Merge pull request #8751 from JakubOnderka/disable-discussion
new: [UI] Add ability to disable discussionpull/8826/head
commit
e6c174fc58
|
@ -482,9 +482,9 @@ class ACLComponent extends Component
|
|||
'display' => array('*'),
|
||||
),
|
||||
'posts' => array(
|
||||
'add' => array('not_read_only_authkey'),
|
||||
'delete' => array('not_read_only_authkey'),
|
||||
'edit' => array('not_read_only_authkey'),
|
||||
'add' => ['AND' => ['not_read_only_authkey', 'discussion_enabled']],
|
||||
'delete' => ['AND' => ['not_read_only_authkey', 'discussion_enabled']],
|
||||
'edit' => ['AND' => ['not_read_only_authkey', 'discussion_enabled']],
|
||||
'pushMessageToZMQ' => array()
|
||||
),
|
||||
'regexp' => array(
|
||||
|
@ -716,9 +716,9 @@ class ACLComponent extends Component
|
|||
'view' => array('*'),
|
||||
),
|
||||
'threads' => array(
|
||||
'index' => array('*'),
|
||||
'view' => array('*'),
|
||||
'viewEvent' => array('*'),
|
||||
'index' => array('discussion_enabled'),
|
||||
'view' => array('discussion_enabled'),
|
||||
'viewEvent' => array('discussion_enabled'),
|
||||
),
|
||||
'users' => array(
|
||||
'acceptRegistrations' => array(),
|
||||
|
@ -868,6 +868,9 @@ class ACLComponent extends Component
|
|||
$this->dynamicChecks['delegation_enabled'] = function (array $user) {
|
||||
return (bool)Configure::read('MISP.delegation');
|
||||
};
|
||||
$this->dynamicChecks['discussion_enabled'] = function (array $user) {
|
||||
return !Configure::read('MISP.discussion_disable');
|
||||
};
|
||||
// Returns true if current user is not using advanced auth key or if authkey is not read only
|
||||
$this->dynamicChecks['not_read_only_authkey'] = function (array $user) {
|
||||
return !isset($user['authkey_read_only']) || !$user['authkey_read_only'];
|
||||
|
|
|
@ -990,7 +990,7 @@ class EventsController extends AppController
|
|||
$possibleColumns[] = 'proposals';
|
||||
}
|
||||
|
||||
if (Configure::read('MISP.showDiscussionsCountOnIndex')) {
|
||||
if (Configure::read('MISP.showDiscussionsCountOnIndex') && !Configure::read('MISP.discussion_disable')) {
|
||||
$possibleColumns[] = 'discussion';
|
||||
}
|
||||
|
||||
|
@ -1037,7 +1037,7 @@ class EventsController extends AppController
|
|||
$events = $this->Event->attachProposalsCountToEvents($user, $events);
|
||||
}
|
||||
|
||||
if (in_array('discussion', $columns, true)) {
|
||||
if (in_array('discussion', $columns, true) && !Configure::read('MISP.discussion_disable')) {
|
||||
$events = $this->Event->attachDiscussionsCountToEvents($user, $events);
|
||||
}
|
||||
|
||||
|
|
|
@ -5657,6 +5657,14 @@ class Server extends AppModel
|
|||
'type' => 'boolean',
|
||||
'null' => true
|
||||
),
|
||||
'discussion_disable' => [
|
||||
'level' => 1,
|
||||
'description' => __('Completely disable ability for user to add discussion to events.'),
|
||||
'value' => false,
|
||||
'test' => 'testBool',
|
||||
'type' => 'boolean',
|
||||
'null' => true
|
||||
],
|
||||
'showCorrelationsOnIndex' => array(
|
||||
'level' => 1,
|
||||
'description' => __('When enabled, the number of correlations visible to the currently logged in user will be visible on the event index UI. This comes at a performance cost but can be very useful to see correlating events at a glance.'),
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
<?php $canAccessDiscussion = $this->Acl->canAccess('threads', 'view') ?>
|
||||
<div id="eventToggleButtons">
|
||||
<button class="btn btn-inverse toggle-left qet" id="pivots_toggle" data-toggle-type="pivots">
|
||||
<span class="fas fa-minus" title="<?php echo __('Toggle pivot graph');?>" role="button" tabindex="0" aria-label="<?php echo __('Toggle pivot graph');?>"></span><?php echo __('Pivots');?>
|
||||
|
@ -20,12 +21,14 @@
|
|||
<button class="btn btn-inverse toggle qet" id="eventreport_toggle" data-toggle-type="eventreport">
|
||||
<span class="fas fa-plus" title="<?php echo __('Toggle reports');?>" role="button" tabindex="0" aria-label="<?php echo __('Toggle reports');?>"></span><?php echo __('Event reports');?>
|
||||
</button>
|
||||
<button class="btn btn-inverse toggle qet" id="attributes_toggle" data-toggle-type="attributes">
|
||||
<button class="btn btn-inverse <?= $canAccessDiscussion ? 'toggle' : 'toggle-right' ?> qet" id="attributes_toggle" data-toggle-type="attributes">
|
||||
<span class="fas fa-minus" title="<?php echo __('Toggle attributes');?>" role="button" tabindex="0" aria-label="<?php echo __('Toggle attributes');?>"></span><?php echo __('Attributes');?>
|
||||
</button>
|
||||
<?php if ($canAccessDiscussion): ?>
|
||||
<button class="btn btn-inverse toggle-right qet" id="discussions_toggle" data-toggle-type="discussions">
|
||||
<span class="fas fa-minus" title="<?php echo __('Toggle discussions');?>" role="button" tabindex="0" aria-label="<?php echo __('Toggle discussions');?>"></span><?php echo __('Discussion');?>
|
||||
</button>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<br>
|
||||
<br>
|
||||
|
@ -83,9 +86,11 @@ $(document.body).tooltip({
|
|||
$('.tooltip').not(":last").remove();
|
||||
});
|
||||
|
||||
<?php if ($this->Acl->canAccess('threads', 'view')): ?>
|
||||
$.get("<?php echo $baseurl; ?>/threads/view/<?php echo h($event['Event']['id']); ?>/true", function(data) {
|
||||
$("#discussions_div").html(data);
|
||||
});
|
||||
<?php endif; ?>
|
||||
|
||||
$.get("<?php echo $baseurl; ?>/eventReports/index/event_id:<?= h($event['Event']['id']); ?>/index_for_event:1<?= $extended ? '/extended_event:1' : ''?>", function(data) {
|
||||
$("#eventreport_content").html(data);
|
||||
|
|
|
@ -253,15 +253,18 @@
|
|||
'url' => $baseurl . '/users/statistics'
|
||||
),
|
||||
array(
|
||||
'type' => 'separator'
|
||||
'type' => 'separator',
|
||||
'requirement' => $this->Acl->canAccess('threads', 'index'),
|
||||
),
|
||||
array(
|
||||
'text' => __('List Discussions'),
|
||||
'url' => $baseurl . '/threads/index'
|
||||
'url' => $baseurl . '/threads/index',
|
||||
'requirement' => $this->Acl->canAccess('threads', 'index'),
|
||||
),
|
||||
array(
|
||||
'text' => __('Start Discussion'),
|
||||
'url' => $baseurl . '/posts/add'
|
||||
'url' => $baseurl . '/posts/add',
|
||||
'requirement' => $this->Acl->canAccess('posts', 'add'),
|
||||
)
|
||||
)
|
||||
),
|
||||
|
|
Loading…
Reference in New Issue