new: [test] MISP.default_publish_alert

2022-03-01 15:04:22 +01:00 · 2022-03-01 15:04:22 +01:00 · ece53cf11d
parent 013fd76995
commit ece53cf11d
5 changed files with 78 additions and 71 deletions
--- a/app/Controller/UsersController.php
+++ b/app/Controller/UsersController.php
@ -631,21 +631,19 @@ class UsersController extends AppController
                if (isset($this->request->data['User']['password'])) {
                    $this->request->data['User']['confirm_password'] = $this->request->data['User']['password'];
                }
-                $default_publish_alert = Configure::check('MISP.default_publish_alert') ? Configure::read('MISP.default_publish_alert') : 0;
                $defaults = array(
-                        'external_auth_required' => 0,
-                        'external_auth_key' => '',
-                        'server_id' => 0,
-                        'gpgkey' => '',
-                        'certif_public' => '',
-                        'autoalert' => $default_publish_alert,
-                        'contactalert' => 0,
-                        'disabled' => 0,
-                        'newsread' => 0,
-                        'change_pw' => 1,
-                        'authkey' => (new RandomTool())->random_str(true, 40),
-                        'termsaccepted' => 0,
-                        'org_id' => $this->Auth->user('org_id')
+                    'external_auth_required' => 0,
+                    'external_auth_key' => '',
+                    'server_id' => 0,
+                    'gpgkey' => '',
+                    'certif_public' => '',
+                    'autoalert' => $this->User->defaultPublishAlert(),
+                    'contactalert' => 0,
+                    'disabled' => 0,
+                    'newsread' => 0,
+                    'change_pw' => 1,
+                    'termsaccepted' => 0,
+                    'org_id' => $this->Auth->user('org_id'),
                );
                foreach ($defaults as $key => $value) {
                    if (!isset($this->request->data['User'][$key])) {
@ -654,7 +652,6 @@ class UsersController extends AppController
                }
            }
            $this->request->data['User']['date_created'] = time();
-            $this->request->data['User']['date_modified'] = time();
            if (!array_key_exists($this->request->data['User']['role_id'], $syncRoles)) {
                $this->request->data['User']['server_id'] = 0;
            }
--- a/app/Model/User.php
+++ b/app/Model/User.php
@ -57,7 +57,6 @@ class User extends AppModel
                //'on' => 'create', // Limit validation to 'create' or 'update' operations
            ),
        ),
-
        'org_id' => array(
            'valueNotEmpty' => array(
                'rule' => array('valueNotEmpty'),
@ -227,6 +226,9 @@ class User extends AppModel
        'Containable'
    );

+    /** @var CryptGpgExtended|null|false */
+    private $gpg;
+
    public function __construct($id = false, $table = null, $ds = null)
    {
        parent::__construct($id, $table, $ds);
@ -239,28 +241,23 @@ class User extends AppModel
        }
    }

-    /** @var CryptGpgExtended|null|false */
-    private $gpg;
-
    public function beforeValidate($options = array())
    {
-        if (!isset($this->data['User']['id'])) {
-            if ((isset($this->data['User']['enable_password']) && (!$this->data['User']['enable_password'])) || (empty($this->data['User']['password']) && empty($this->data['User']['confirm_password']))) {
-                $this->data['User']['password'] = $this->generateRandomPassword();
-                $this->data['User']['confirm_password'] = $this->data['User']['password'];
+        $user = &$this->data['User'];
+        if (!isset($user['id'])) {
+            if ((isset($user['enable_password']) && !$user['enable_password']) || (empty($user['password']) && empty($user['confirm_password']))) {
+                $user['password'] = $this->generateRandomPassword();
+                $user['confirm_password'] = $user['password'];
            }
        }
-        if (!isset($this->data['User']['certif_public']) || empty($this->data['User']['certif_public'])) {
-            $this->data['User']['certif_public'] = '';
+        if (empty($user['certif_public'])) {
+            $user['certif_public'] = '';
        }
-        if (!isset($this->data['User']['authkey']) || empty($this->data['User']['authkey'])) {
-            $this->data['User']['authkey'] = $this->generateAuthKey();
+        if (empty($user['authkey'])) {
+            $user['authkey'] = $this->generateAuthKey();
        }
-        if (!isset($this->data['User']['nids_sid']) || empty($this->data['User']['nids_sid'])) {
-            $this->data['User']['nids_sid'] = mt_rand(1000000, 9999999);
-        }
-        if (isset($this->data['User']['newsread']) && $this->data['User']['newsread'] === null) {
-            $this->data['User']['newsread'] = 0;
+        if (empty($user['nids_sid'])) {
+            $user['nids_sid'] = mt_rand(1000000, 9999999);
        }
        return true;
    }
@ -414,21 +411,14 @@ class User extends AppModel

    public function identicalFieldValues($field = array(), $compareField = null)
    {
-        foreach ($field as $key => $value) {
-            $v1 = $value;
-            $v2 = $this->data[$this->name][$compareField];
-            if ($v1 !== $v2) {
-                return false;
-            } else {
-                continue;
-            }
-        }
-        return true;
+        $v1 = array_values($field)[0];
+        $v2 = $this->data[$this->name][$compareField];
+        return $v1 === $v2;
    }

    public function generateAuthKey()
    {
-        return (new RandomTool())->random_str(true, 40);
+        return RandomTool::random_str(true, 40);
    }

    /**
@ -436,19 +426,19 @@ class User extends AppModel
     *
     * @param int $passwordLength
     * @return string
+     * @throws Exception
     */
    public function generateRandomPassword($passwordLength = 40)
    {
        // makes sure, the password policy isn't undermined by setting a manual passwordLength
-        $policyPasswordLength = Configure::read('Security.password_policy_length') ? Configure::read('Security.password_policy_length') : false;
+        $policyPasswordLength = Configure::read('Security.password_policy_length') ?: false;
        if (is_int($policyPasswordLength) && $policyPasswordLength > $passwordLength) {
            $passwordLength = $policyPasswordLength;
        }
        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-+=!@#$%^&*()<>/?';
-        return (new RandomTool())->random_str(true, $passwordLength, $characters);
+        return RandomTool::random_str(true, $passwordLength, $characters);
    }

-
    public function checkAndCorrectPgps()
    {
        $fails = array();
@ -462,15 +452,6 @@ class User extends AppModel
        return $fails;
    }

-    public function getOrgs()
-    {
-        $orgs = $this->Organisation->find('list', array(
-            'recursive' => -1,
-            'fields' => array('name'),
-        ));
-        return $orgs;
-    }
-
    public function getOrgMemberCount($org)
    {
        return $this->find('count', array(
@ -1303,20 +1284,21 @@ class User extends AppModel
        return $data;
    }

-    public function registerUser($added_by, $registration, $org_id, $role_id) {
+    public function registerUser($added_by, $registration, $org_id, $role_id)
+    {
        $user = array(
-                'email' => $registration['data']['email'],
-                'gpgkey' => empty($registration['data']['pgp']) ? '' : $registration['data']['pgp'],
-                'disabled' => 0,
-                'newsread' => 0,
-                'change_pw' => 1,
-                'authkey' => $this->generateAuthKey(),
-                'termsaccepted' => 0,
-                'org_id' => $org_id,
-                'role_id' => $role_id,
-                'invited_by' => $added_by['id'],
-                'contactalert' => 1,
-                'autoalert' => Configure::check('MISP.default_publish_alert') ? Configure::read('MISP.default_publish_alert') : 1
+            'email' => $registration['data']['email'],
+            'gpgkey' => empty($registration['data']['pgp']) ? '' : $registration['data']['pgp'],
+            'disabled' => 0,
+            'newsread' => 0,
+            'change_pw' => 1,
+            'authkey' => $this->generateAuthKey(),
+            'termsaccepted' => 0,
+            'org_id' => $org_id,
+            'role_id' => $role_id,
+            'invited_by' => $added_by['id'],
+            'contactalert' => 1,
+            'autoalert' => $this->defaultPublishAlert(),
        );
        $this->create();
        $this->Log = ClassRegistry::init('Log');
@ -1528,6 +1510,14 @@ class User extends AppModel
        return $banStatus;
    }

+    /**
+     * @return bool
+     */
+    public function defaultPublishAlert()
+    {
+        return (bool)Configure::read('MISP.default_publish_alert');
+    }
+
    /**
     * @param array $user
     * @return bool
--- a/app/Plugin/OidcAuth/Lib/Oidc.php
+++ b/app/Plugin/OidcAuth/Lib/Oidc.php
@ -115,13 +115,15 @@ class Oidc

        $this->log($mispUsername, 'Not found in database.');

+        $time = time();
        $userData = [
            'email' => $mispUsername,
            'org_id' => $organisationId,
-            'newsread' => time(),
+            'newsread' => $time,
+            'autoalert' => $this->User->defaultPublishAlert(),
            'role_id' => $roleId,
            'change_pw' => 0,
-            'date_created' => time(),
+            'date_created' => $time,
            'sub' => $sub,
        ];

--- a/app/View/Users/admin_add.ctp
+++ b/app/View/Users/admin_add.ctp
@ -81,7 +81,7 @@
    ?>
    <div class="user-edit-checkboxes" style="margin-bottom: 1em">
    <?php
-        $default_publish_alert = Configure::check('MISP.default_publish_alert') ? Configure::read('MISP.default_publish_alert') : true;
+        $default_publish_alert = Configure::read('MISP.default_publish_alert') ?: true;
        echo $this->Form->input('autoalert', array(
            'label' => __('Receive email alerts when events are published'),
            'type' => 'checkbox',
--- a/tests/testlive_comprehensive_local.py
+++ b/tests/testlive_comprehensive_local.py
@ -763,6 +763,24 @@ class TestComprehensive(unittest.TestCase):
        response = requests.get(self.admin_misp_connector.root_url + '/attributes/describeTypes.json', headers=headers)
        self.assertEqual(304, response.status_code, response.headers)

+    def test_event_alert_default_enabled(self):
+        user = MISPUser()
+        user.email = 'testusr_alert_disabled@user.local'
+        user.org_id = self.test_org.id
+
+        created_user = check_response(self.admin_misp_connector.add_user(user))
+        self.assertFalse(created_user.autoalert, created_user)
+        self.admin_misp_connector.delete_user(created_user)
+
+        with MISPSetting(self.admin_misp_connector, {"MISP.default_publish_alert": True}):
+            user = MISPUser()
+            user.email = 'testusr_alert_enabled@user.local'
+            user.org_id = self.test_org.id
+
+            created_user = check_response(self.admin_misp_connector.add_user(user))
+            self.assertTrue(created_user.autoalert, created_user)
+            self.admin_misp_connector.delete_user(created_user)
+
    def _search(self, query: dict):
        response = self.admin_misp_connector._prepare_request('POST', 'events/restSearch', data=query)
        response = self.admin_misp_connector._check_response(response)