iglocska
7c5d052105
new: [fast api auth] added
...
- added a new optional functionality to temporarily store hashed API keys in redis
- The duration of the temporary storage is controllable by a setting (defaults to 3 minutes)
- the hashing function used is an hmac sha-512 function, with the key being stored in a generated file on the instance
- this cuts the query times of extremely fast endpoints down drastically on heavy repeated use (such as warninglists/checkValue)
2024-04-23 13:20:45 +02:00
Sami Mokaddem
a12f21ff61
fix: [workflow:ui] Make sure to use full available width
2024-04-23 07:47:13 +02:00
iglocska
eb9f1011e1
Merge branch '2.4' into develop
2024-04-23 07:15:31 +02:00
iglocska
fa9ff6f88e
fix: [benchmarking] speculative fix for using db settings and benchmarking, fixes #9702
...
- causes issues for some users, couldn't reproduce it, but addressed the potential issues
2024-04-23 07:14:31 +02:00
Jakub Onderka
34c85cfe7e
fix: [oidc] Fix issuer if not set
2024-04-22 16:57:06 +02:00
Alexandre Dulaunoy
2b3a0d73ed
Merge branch '2.4' into develop
2024-04-22 09:51:10 +02:00
Jakub Onderka
536bbb9d92
Merge pull request #9695 from christianmg99/allow-oidc-roles-string
...
chg: [config] Allow Oidc roles as string
2024-04-22 09:43:06 +02:00
Sami Mokaddem
68c68febda
chg: [behavior:analystDataParent] Prevent double nesting analyst data when bulk fetching
2024-04-22 09:42:28 +02:00
Sami Mokaddem
051153b0c6
Merge branch '2.4' into develop
2024-04-22 08:55:57 +02:00
Sami Mokaddem
745d2407cf
fix: [analyst-data:fetchAnalystDataBulk] Make sure to include all analyst-data type
2024-04-22 08:55:44 +02:00
Sami Mokaddem
ed6280f82a
fix: [analyst-data:thread] Make sure to link the add_analyst_* buttons to the correct element
2024-04-22 08:55:12 +02:00
Sami Mokaddem
5a202af3e8
fix: [events:index] Fixed `tags` index filtering parameter to correctly support list
2024-04-22 08:39:52 +02:00
Sami Mokaddem
dd02d86e9d
Revert "Revert "new: [event:index] Added support of ANDed tag filtering in the backend""
...
This reverts commit 7cf9bcc94c
.
2024-04-22 08:39:02 +02:00
Sami Mokaddem
84ac9b0733
Merge remote-tracking branch 'origin/2.4' into develop
2024-04-22 08:37:22 +02:00
Sami Mokaddem
1b7f086c16
Merge branch 'develop' of github.com:MISP/MISP into develop
2024-04-22 08:37:16 +02:00
Sami Mokaddem
7cf9bcc94c
Revert "new: [event:index] Added support of ANDed tag filtering in the backend"
...
This reverts commit fc92291092
.
2024-04-22 08:36:54 +02:00
christianmg99
ce7ab72190
chg: [config] Allow Oidc roles as string
2024-04-22 00:23:25 +02:00
Jeroen Pinoy
2b3cd11142
fix: [galaxy_clusters] Add orgc filter option for index, set it as default for galaxy view 'My Clusters'
2024-04-22 00:03:58 +02:00
Jakub Onderka
2dd74ed79b
chg: [CLI] Simplify updating JSON structures
2024-04-21 10:37:08 +02:00
christianmg99
ddd0a0cd46
chg: [config] Allow Oidc roles as string
2024-04-20 16:21:50 +02:00
Jakub Onderka
8ecb50a492
Merge pull request #8673 from JakubOnderka/menu-ui
...
chg: [UI] Make menu little bit nicer
2024-04-20 14:31:00 +02:00
Jakub Onderka
9ea64750bc
new: [test] Security test for OTP disabled
2024-04-20 14:27:37 +02:00
Jakub Onderka
0ca6a47ef8
chg: [acl] Move site admin check as last check
2024-04-20 14:27:37 +02:00
Jakub Onderka
d5ba5af530
chg: [security] Disable resetting password when password change is disabled
2024-04-20 14:27:37 +02:00
Jakub Onderka
79f6124bd2
new: [security] Make possible to disable (T/H)OTP
...
This is useful if MISP is connected to identity provider that already provides strong authentication
2024-04-20 14:27:35 +02:00
Jakub Onderka
722bcabed4
Merge pull request #8464 from JakubOnderka/restsearch-key-fetch
...
chg: [internal] Remove old way for putting API key to rest search
2024-04-20 14:26:41 +02:00
Jakub Onderka
2234a85adf
chg: [internal] Remove outdated code from beforeFilter
2024-04-20 14:15:47 +02:00
Jakub Onderka
fa02aed60c
chg: [internal] Remove old way for putting API key to rest search
2024-04-20 14:15:47 +02:00
Jakub Onderka
c0572af7dc
Merge pull request #9686 from JakubOnderka/sentry-breadcrumb
...
new: [internal] Send more logs to sentry as breadcrumbs
2024-04-20 13:38:02 +02:00
Christian Morales Guerrero
1933d30a7f
chg: [config] Set Oidc issuer
2024-04-20 01:36:27 +02:00
Jakub Onderka
b64e0bc61d
fix: [internal] Normalize extension for image helper
...
Fixes #9692
2024-04-19 23:39:35 +02:00
Alexandre Dulaunoy
2bb12095d5
chg: [warninglists] updated to the latest version
2024-04-18 14:53:52 +02:00
Alexandre Dulaunoy
89fd016e46
chg: [taxonomy] updated to the latest version
2024-04-18 14:53:06 +02:00
Alexandre Dulaunoy
1819cece53
chg: [misp-galaxy] updated to the latest version
2024-04-18 14:52:35 +02:00
Alexandre Dulaunoy
4f6e4360e4
chg: [misp-objects] updated
2024-04-18 14:52:13 +02:00
iglocska
182148d5fa
Merge branch '2.4' into develop
2024-04-18 14:34:17 +02:00
Andras Iklody
d2b18b0e8e
Merge pull request #9529 from obert01/fix-hover-enrich-accessibility
...
Accessibility: Hover enrichment icon
2024-04-18 14:33:18 +02:00
Sami Mokaddem
62392fe540
fix: [analyst-data:fetchAnalystDataBulk] Make sure to include all analyst-data type
2024-04-18 14:32:54 +02:00
iglocska
222bd2d698
Merge branch 'develop' of github.com:MISP/MISP into develop
2024-04-18 13:36:43 +02:00
iglocska
3c163d0c12
Merge branch 'feed_tag_collections' into develop
2024-04-18 13:34:45 +02:00
Raphaël Vinot
35fe93fc02
chg: Bump PyMISP
2024-04-18 13:03:10 +02:00
iglocska
be9ad95905
chg: [syslog] output slightly changed
...
- always have a consistent number of fields conveyed, include delimited ( -- ) fields even if no data is passed to a field
- Avoid linebreaks in content
2024-04-18 12:46:11 +02:00
Sami Mokaddem
00991bda27
chg: [feed] Added support of tag_collection_id when dealing with feeds
2024-04-17 15:59:10 +02:00
Sami Mokaddem
a2ea6ae0c0
fix: [feed] Added tag_collection_id as column
2024-04-17 15:17:53 +02:00
iglocska
a55a19cd09
Merge branch 'develop' of github.com:MISP/MISP into develop
2024-04-17 15:10:30 +02:00
iglocska
4544ef2516
new: [benchmarking suite] added
...
- collect metrics about the usage of MISP
- stored in redis
- per endpoint / user / user-agent collection
- collection of execution time, php memory use, sql execution time, sql query count
- the collection happens on a daily basis
- Searchable / filterable interface for the collected data
- Dashboard widget for the collected data
2024-04-17 15:08:38 +02:00
Sami Mokaddem
7ba2b39fe1
chg: [workflow:editor] Show 100 entry max in picker
2024-04-17 14:48:01 +02:00
iglocska
4dd5d369b4
chg: [attribute search] by uuid updated
...
- pre-checks if the passed UUID is actually an event UUID before going with the slow query against both tables
2024-04-17 12:00:53 +02:00
Sami Mokaddem
b5a60b5bfb
fix: [analyst-data:thread] Only render the HTML when opening the popover
2024-04-17 11:33:32 +02:00
Jakub Onderka
3b4e9675dd
new: [internal] Send more logs to sentry as breadcrumbs
2024-04-15 21:56:27 +02:00
iglocska
8934982ff2
fix: [eventreport] import from url api fixed
2024-04-15 07:23:03 +02:00
Jakub Onderka
88ab8196da
Merge pull request #9639 from JakubOnderka/http-json-content-type
...
chg: [internal] Log content type when JSON could not be parsed
2024-04-14 15:41:11 +02:00
Jakub Onderka
731b96984a
Merge pull request #9659 from JakubOnderka/curl-timeout-5-mins
...
chg: [sync] Reduce default timeout for remote HTTP request to 300 sec…
2024-04-14 15:39:24 +02:00
Jakub Onderka
df7ff3d4cd
Merge pull request #9651 from JakubOnderka/server-sync-debug
...
Server sync debug
2024-04-14 15:38:57 +02:00
Jakub Onderka
47d35dae0b
chg: [sync] Change way how event index is cached in Redis to save memory
2024-04-13 12:42:54 +02:00
Jakub Onderka
d2176ab8bd
chg: [sync] Try to reduce memory usage when fetching event index from Redis
2024-04-13 12:02:06 +02:00
Andras Iklody
c591f06fea
Merge pull request #9678 from TheDr1ver/patch-1
...
Define $relationshipsInbound before call
2024-04-13 11:12:52 +02:00
Alexandre Dulaunoy
5f7fab1564
Merge branch '2.4' into develop
2024-04-12 17:00:19 +02:00
Alexandre Dulaunoy
e968ee982a
chg: [openapi] STIX export is also supported at attribute level
2024-04-12 16:59:36 +02:00
Nick Driver
a4c230e4e4
Define $relationshipsInbound before call
...
Debug.log was showing the following error otherwise:
```
2024-04-12 14:11:52 Notice: Notice (8): Undefined variable: relationshipsInbound in [/var/www/MISP/app/View/Elements/Events/View/row_object.ctp, line 40]
Trace:
ErrorHandler::handleError() - APP/Lib/cakephp/lib/Cake/Error/ErrorHandler.php, line 230
include - APP/View/Elements/Events/View/row_object.ctp, line 40
View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971
View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933
View::_renderElement() - APP/Lib/cakephp/lib/Cake/View/View.php, line 1224
View::element() - APP/Lib/cakephp/lib/Cake/View/View.php, line 418
include - APP/View/Elements/eventattribute.ctp, line 148
View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971
View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933
View::_renderElement() - APP/Lib/cakephp/lib/Cake/View/View.php, line 1224
View::element() - APP/Lib/cakephp/lib/Cake/View/View.php, line 418
include - APP/View/Elements/Events/View/event_contents.ctp, line 64
View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971
View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933
View::_renderElement() - APP/Lib/cakephp/lib/Cake/View/View.php, line 1224
View::element() - APP/Lib/cakephp/lib/Cake/View/View.php, line 418
include - APP/View/Elements/genericElements/SingleViews/single_view.ctp, line 113
View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971
View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933
View::_renderElement() - APP/Lib/cakephp/lib/Cake/View/View.php, line 1224
View::element() - APP/Lib/cakephp/lib/Cake/View/View.php, line 418
include - APP/View/Events/view.ctp, line 296
View::_evaluate() - APP/Lib/cakephp/lib/Cake/View/View.php, line 971
View::_render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 933
View::render() - APP/Lib/cakephp/lib/Cake/View/View.php, line 473
Controller::render() - APP/Lib/cakephp/lib/Cake/Controller/Controller.php, line 968
Dispatcher::_invoke() - APP/Lib/cakephp/lib/Cake/Routing/Dispatcher.php, line 200
Dispatcher::dispatch() - APP/Lib/cakephp/lib/Cake/Routing/Dispatcher.php, line 167
[main] - APP/webroot/index.php, line 101
```
2024-04-12 10:19:56 -04:00
Sami Mokaddem
038c411366
new: [feed:pullEvents] Added support of tag collection in feed configuration
...
This allow to specify a tag collection for which all the tags will be applied on the pulled Events
2024-04-12 15:58:19 +02:00
Sami Mokaddem
9060c21adf
chg: [workflowModules:distribution-if] Allow choosing `sharing-group` and keeping the selected sharing-group list empty
...
This enables users to simply check that the sharing-group distribution was used
2024-04-12 10:35:47 +02:00
Sami Mokaddem
a9be1561e1
new: [workflowMouldes:stop-execution] Added message paramter to allow user to provide a reason why the execution was stopped
2024-04-12 10:34:58 +02:00
Sami Mokaddem
a0b92e4c7b
fix: [workflow:evaluateConfition] Fixed bug in `in_and` operator to make it order independant
2024-04-12 10:31:22 +02:00
Sami Mokaddem
b5b0412022
chg: [ui:galaxy_matrix] Resize matrix header on load
2024-04-11 16:35:58 +02:00
Sami Mokaddem
353e8c5195
fix: [users:statistics] Division by 0 when no events or no orgs
2024-04-11 11:20:04 +02:00
Sami Mokaddem
0808a6a23d
fix [event:view] Missing variable definition in row_object
2024-04-11 10:04:53 +02:00
Sami Mokaddem
ea490063c0
fix: [analystData:editableField] Made getEditableFields inheritance aware
2024-04-11 10:03:32 +02:00
Sami Mokaddem
77a114673a
chg: [analystData:API] Automatically encapsulate request's data into the analystType
2024-04-11 10:01:52 +02:00
Sami Mokaddem
309242f358
chg: [eventReports:extractAllFromReport] Expose functionality to API
2024-04-11 09:41:20 +02:00
Sami Mokaddem
6e9d748f08
fix: [eventreports:transformFreeTextIntoSuggestion] Add to_ids fallback value
2024-04-11 09:40:18 +02:00
Sami Mokaddem
c2d614f878
fix: [tagCollection:removeTag] Fixed incorrect permission check
2024-04-10 15:36:09 +02:00
Sami Mokaddem
e7fa969487
Merge branch '2.4' into develop
2024-04-10 12:17:58 +02:00
Sami Mokaddem
004b18e1d9
fix: [component:restSearch] Restored behavior of searching for org and cluster metadata
2024-04-10 12:16:49 +02:00
iglocska
04100d13d3
chg: [statistics] (R)etrieval (o)f (m)ember (m)etrics (e)valuation (l)ist (f)or (s)tatistics changed
...
- will include soft deleted attributes too
2024-04-09 13:44:07 +02:00
iglocska
45176f7dcd
chg: [statistics] (R)etrieval (o)f (m)ember (m)etrics (e)valuation (l)ist (f)or (s)tatistics changed
...
- will include soft deleted attributes too
2024-04-09 13:41:56 +02:00
Jakub Onderka
e2dbc690ac
chg: [sync] Enable garbage collector when pulling events from remote server
2024-04-08 19:45:30 +02:00
Sami Mokaddem
05be803393
fix: [dashboard:updating] Prevent sending multiple time the same save request[1;5D
2024-04-08 16:41:46 +02:00
Sami Mokaddem
5235b9729c
fix: [widget:EventEvolutionWidget] Fixed filtering on organisation not working as expected
2024-04-08 16:37:57 +02:00
Sami Mokaddem
fc92291092
new: [event:index] Added support of ANDed tag filtering in the backend
...
In addition of the OR filtering using searchtag:1|2, /events/index now supports AND filtering with searchtag:1&2.
The UI has not been updated yet.
2024-04-08 15:38:29 +02:00
Sami Mokaddem
c4c395af31
new: [feed] Added unpublish_event setting to ensure pulled events are in the unpublished state
2024-04-08 14:48:04 +02:00
Sami Mokaddem
b54eec95c1
fix: [dashboard:widgetAdd] Improved error handling for invalid JSON config
2024-04-08 11:36:51 +02:00
iglocska
5495dccb31
Merge branch '2.4' into develop
2024-04-08 10:34:06 +02:00
iglocska
ef17beb59d
fix: [status widget] ignore index hint for deleted field
2024-04-08 10:33:15 +02:00
iglocska
a7bdb225d8
Merge branch '2.4' into develop
2024-04-08 10:18:58 +02:00
iglocska
2c8c0fe508
fix: [index] Don't load analyst data by default
2024-04-08 10:18:30 +02:00
iglocska
13d33a3acb
chg: [comment] added to the previous fix to make it clear what it does
2024-04-08 10:12:22 +02:00
Jakub Onderka
8a42cf460d
chg: [sync] Reduce default timeout for remote HTTP request to 300 seconds (5 mins)
2024-04-08 09:47:36 +02:00
Jakub Onderka
a322217cbd
chg: [sync] Try to save memory when fetching sightings
2024-04-08 09:45:33 +02:00
Jakub Onderka
8cd3cb0ef2
chg: [internal] Ltrim response in HttpSocketHttpException
2024-04-08 09:45:33 +02:00
Jakub Onderka
2b38de942b
chg: [internal] Server sync debug messages
2024-04-08 09:45:33 +02:00
Jakub Onderka
2e32d22d2c
chg: [sync] Move blocklist fetching out of ServerSyncTool and reduce sightings fetched in one fetch
2024-04-06 14:05:44 +02:00
Alexandre Dulaunoy
2b6519248f
chg: [GeoOpen] updated to the latest version
2024-04-05 14:36:30 +02:00
Alexandre Dulaunoy
d0c7acfb10
chg: [misp-objects] updated to the latest version
2024-04-05 14:35:12 +02:00
Alexandre Dulaunoy
d3ee1c0c46
chg: [taxonomies] updated
2024-04-05 14:34:49 +02:00
Alexandre Dulaunoy
bc65739adc
chg: [warninglists] updated
2024-04-05 14:34:26 +02:00
Alexandre Dulaunoy
0f2cc3061e
chg: [misp-galaxy] updated
2024-04-05 14:34:08 +02:00
iglocska
e1bc2052ae
chg: [ACL] entries added
2024-04-04 12:40:12 +02:00
iglocska
914ae20dd4
fix: [junk] removed
2024-04-04 12:14:03 +02:00
iglocska
480d3ac16d
chg: [setting] added for the sighting blocklisting
2024-04-04 12:13:04 +02:00