MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
25,712 Commits
33 Branches
364 Tags
185 MiB
Commit Graph

20544 Commits (2.4)

Author SHA1 Message Date
Raphaël Vinot 5b5584596c chg: [PyMISP] Bump 2024-03-20 14:15:17 +01:00
iglocska 6e1811a8e0
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-03-20 14:11:17 +01:00
Alexandre Dulaunoy 2b0721cca1
chg: [misp-galaxy] updated 2024-03-20 14:10:27 +01:00
Alexandre Dulaunoy c73ab62b4a
chg: [misp-object] updated 2024-03-20 14:09:49 +01:00
iglocska 394d680a7b
chg: [version] bump 2024-03-20 14:09:22 +01:00
Alexandre Dulaunoy 4ce0ea4fcb
chg: [warning-lists] updated 2024-03-20 14:09:06 +01:00
iglocska 94d7537eec
chg: [attribute search] rework 
- Massive performance improvement when using MysqlExtended or MysqlObserverExtended data sources
- event level lookup moved to subqueries, allowing for simpler, much faster indexed queries
- Ignoring the deleted index as it slows things down
 2024-03-20 13:07:10 +01:00
iglocska 7072451d0f
new: [datasource] improvements 
- Some datasources updated with the ignoreIndexHint parameter
  - mysqlExtended
  - mysqlObserverExtended

- Also fixed forceIndexHint
 2024-03-20 13:04:36 +01:00
Sami Mokaddem 1be477c457
Merge remote-tracking branch 'origin/develop' into pr-9589 2024-03-19 14:22:32 +01:00
Sami Mokaddem 5b86e5b51f
chg: [openapi:analyst_data] Added content for analyst-data 2024-03-19 11:50:41 +01:00
Sami Mokaddem 88cf4919b0
chg: [openapi:event_report] Added content for event-reports 2024-03-19 10:53:52 +01:00
Vincenzo Caputo 752638528b Fix key error on shadow attribute's id 2024-03-16 16:27:57 +00:00
Vincenzo Caputo 044923ee3a Change trigger's icon 2024-03-16 15:33:45 +00:00
Vincenzo Caputo ee3508182d Change scope to 'shadow-attribute' 2024-03-16 15:32:42 +00:00
iglocska 3022d51a06
fix: [performance] load analyst data in bulk 
speeds up event loading dramatically
 2024-03-15 08:41:55 +01:00
iglocska 945f875e10
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-03-15 07:48:18 +01:00
iglocska 6b408a6be5
chg: [attribute fetch] slightly refactored 
- simplify conditions
- don't load acl conditions twice
 2024-03-15 07:43:58 +01:00
Sami Mokaddem c23363ac87
chg: [ls22shell] Improvement for LS24 adding support of analyst-data & detection/mitigation rules + some tweaks 2024-03-14 16:31:22 +01:00
Alexandre Dulaunoy 60fccf0723
chg: [misp-galaxy] updated 2024-03-14 16:25:24 +01:00
Alexandre Dulaunoy fa0fa036b5
Merge branch '2.4' into develop 2024-03-14 16:24:52 +01:00
Alexandre Dulaunoy 0723035c02
Merge pull request #9615 from vincenzocaputo/fix-accept-delegation-attachments 
fix: Attachments deletion when accepting a delegation request
 2024-03-14 16:20:38 +01:00
Alexandre Dulaunoy 7ce57dd24b
Merge branch '2.4' into develop 2024-03-14 15:57:41 +01:00
Koen Van Impe 9dd238c90d Add ICS-CSIRT.io community 2024-03-14 14:16:18 +01:00
Alexandre Dulaunoy 4834fa96a4
Merge branch '2.4' into develop 2024-03-13 11:18:19 +01:00
Vincenzo Caputo f0e1dcb3da
Add include attachments option when fetching event in EventDelegation.php 2024-03-13 10:57:39 +01:00
Sami Mokaddem c797865c7c
chg: [sightings:getLastSighting] Added support of sighting policy 
Fix #8660
 2024-03-12 14:41:22 +01:00
Sami Mokaddem 7d8b1b0260
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-03-12 11:33:54 +01:00
Sami Mokaddem ec769c3f27
chg: [attribute:restSearch] Improved performance of `includeDecayScore` by a factor of 5 2024-03-12 11:32:10 +01:00
Jakub Onderka df27db5644 fix: [UI] Add missing `MISP.email_reply_to` to server config 2024-03-12 10:06:48 +01:00
Jakub Onderka 031afce5d2 chg: [internal] Add title to alert template 2024-03-12 09:33:44 +01:00
iglocska 3c79ebbc06
new: [settings] added setting to (temporarily) disable the loading of sightings via the API 
- affected endpoints: restsearch and /events/view
- temporarily skips the loading of sightings

- helps alleviate absolutely massive sighting data sets from killing server performance
- temporary measure, doesn't prevent the creation of sightings / viewing of sightings via the UI
 2024-03-12 08:24:13 +01:00
iglocska 30f6e07a8a
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-03-07 15:03:53 +01:00
Raphaël Vinot 08367489c9 chg: [PyMISP] Update 2024-03-07 14:51:35 +01:00
iglocska 3aa1ddbe03
new: [cli] added org list to the shell commands 
- and some fixes to the roles
 2024-03-07 14:49:24 +01:00
Alexandre Dulaunoy 834b873e03
chg: [misp-galaxy] updated to the latest version 2024-03-07 14:41:33 +01:00
Alexandre Dulaunoy 095afcd666
chg: [misp-warninglists] updated to the latest version 2024-03-07 14:40:33 +01:00
Alexandre Dulaunoy 0218bf86a4
chg: [misp-objects] updated to the latest version 2024-03-07 14:40:01 +01:00
Alexandre Dulaunoy a8bcacfcb0
chg: [taxonomies] 2.4.187 2024-03-07 14:39:23 +01:00
iglocska 31d20f094f
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-03-07 13:56:42 +01:00
iglocska f1102decf6
fix: [CLI] added some new functionalities 
- list roles
- create user
 2024-03-07 13:56:03 +01:00
Sami Mokaddem aaf3633cb0
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-03-07 10:54:44 +01:00
Sami Mokaddem 3dcf54aad5
fix: [events:restsearch] Correctly unset variable by reference after looping 
- This avoid attributes being overridden others when using `includeAnalystData` parameter
 2024-03-07 10:52:54 +01:00
iglocska b6d7755e9e
fix: [sync] pulls should continue after an event save failure 
- fixes #9558
 2024-03-06 13:28:11 +01:00
iglocska 826c60b62c
Merge branch '2.4' into develop 2024-03-06 11:01:47 +01:00
Andras Iklody 11865f6755
Merge pull request #9602 from karenyousefi/2.4 
Update Event.php
 2024-03-06 11:00:39 +01:00
iglocska aac29ad6af
fix: [db update] added IF NOT EXISTS clauses to create table calls 2024-03-06 10:57:30 +01:00
iglocska 6979fef446
fix: [API consistency] 
- represent the local field for tags as a boolean rather than an int
 2024-03-06 10:47:28 +01:00
iglocska 30e8aa454a
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-03-06 10:40:41 +01:00
iglocska dc0cb15675
fix: [logging] fixed using removeTagFromObject() 
- no longer creates erroneous log entries when unpublishing the event
 2024-03-06 10:39:55 +01:00
Andras Iklody e42802bcfb
fix: [database update] fix 
- for older mysql versions
 2024-03-06 10:24:54 +01:00
Andras Iklody bdc0637e3d
Update AppModel.php 
fix: [analyst data] update script

- remove default current_timestamp() on older versions of v121 of the db updates
- avoids chicken and egg problem on ancient mysql versions
 2024-03-06 10:18:09 +01:00
Jakub Onderka e79fc41ce2
Merge pull request #9605 from JakubOnderka/fix-pull-analyst 
fix: [pull] Fix pulling from remote server when analyst data is not s…
 2024-03-05 16:44:45 +01:00
iglocska 6a2986be6a
fix: [security] properly check for valid logo upload 
- as kindly reported by Rémi Matasse and Raphael Lob from Synacktiv (https://www.synacktiv.com)
 2024-03-05 14:48:57 +01:00
iglocska 238010bfd0
fix: [security] properly check for valid file upload 
- as kindly reported by Rémi Matasse and Raphael Lob from Synacktiv (https://www.synacktiv.com)
 2024-03-05 13:54:28 +01:00
Jakub Onderka 14f8a7120e
Merge pull request #9606 from JakubOnderka/cli-role-change 
new: [CLI] New command to change user role
 2024-03-04 18:35:33 +01:00
Jakub Onderka 258b521870 fix: [oidc] Setting checking if variable is false 2024-03-04 18:23:48 +01:00
Jakub Onderka 6140f8a14a new: [CLI] New command to change user role 2024-03-04 18:18:47 +01:00
Jakub Onderka 37cfd37cdb
Merge pull request #9604 from JakubOnderka/ext-zstd-suggested 
chg: [internal] Add ext-zstd to suggested PHP extension
 2024-03-04 15:56:26 +01:00
Jakub Onderka 5acf0a922c fix: [pull] Fix pulling from remote server when analyst data is not supported 2024-03-04 15:36:34 +01:00
Sami Mokaddem 1c7121b881
chg: [analyst-data:add] Fixed non-focusable relationship dropdown search field 2024-03-04 15:28:57 +01:00
Jakub Onderka 84ea097995 chg: [internal] Add ext-zstd to suggested PHP extension 2024-03-04 15:27:07 +01:00
Sami Mokaddem 242cfb192a
Merget branch 'develop' of github.com:MISP/MISP into develop 2024-03-04 08:18:34 +01:00
Sami Mokaddem 974e58c121
fix: [Galaxies:toggle] Display correct message when disabling a galaxy 2024-03-04 08:18:00 +01:00
Karen Yousefi 939764d274
Update Event.php 
fix error Undefined offset: 0 in [/var/www/MISP/app/Model/Event.php, line 3682]
 2024-03-01 22:03:58 +03:30
Jakub Onderka 745098c9dd
Merge pull request #9600 from JakubOnderka/oidc-update-user-role 
new: [oidc] New option OidcAuth.update_user_role to disable role chan…
 2024-03-01 10:15:08 +01:00
Sami Mokaddem a4f0a6681b
fix: [event:_mergeExtension] Include analyst data on extension if originally requested in the request 2024-02-29 14:52:52 +01:00
Sami Mokaddem e6dd70bd64
fix: [analyst-data:hasMoreNotesOrOpinions] Use correct model to fetch additional opinions 2024-02-29 14:24:45 +01:00
Jakub Onderka 7ebb7a5107 new: [oidc] New option OidcAuth.update_user_role to disable role changes from OIDC 2024-02-29 13:00:41 +01:00
iglocska b870728f6b
fix: [analystdata] push and pull fixes 
- push: check sharing group data correctly
- pull: Don't throw errors if not all 3 types of notes exist on the remote
 2024-02-29 11:18:06 +01:00
Bradley Logan ee986fc2fc
chg: Set BrowscapPHP logging from default DEBUG to INFO 2024-02-28 15:22:14 -08:00
Jakub Onderka 8854fa58b2
Merge pull request #9508 from JakubOnderka/redis-info 
new: [UI] Show dragonfly version in diagnostics
 2024-02-28 13:53:59 +01:00
Jeroen Pinoy c09d5861c6
fix: [UI] Fix MISP logo display on object templates index 2024-02-28 11:20:39 +01:00
Raphaël Vinot 7cd28317de chg: [PyMISP] Bump 2024-02-28 00:25:04 +01:00
Christian Studer d262767ab7
fix: [stix2 import] Making the organisation uuid argument specific to external STIX 2 import 2024-02-27 22:09:12 +01:00
Christian Studer 3d2e563c33
chg: [misp-stix] Bumped latest version 2024-02-27 17:46:29 +01:00
Alexandre Dulaunoy 7c66aa699c
chg: [warning-lists] updated to the latest version 2024-02-27 17:39:22 +01:00
Alexandre Dulaunoy d66f6d90d5
chg: [misp-galaxy] updated to the latest version 2024-02-27 17:38:58 +01:00
iglocska cf0910dc04
fix: [analystdata] removed invalid field from the change before the last 2024-02-27 09:06:15 +01:00
iglocska 4d8e04fd4c
fix: [analyst data blocklist] removed unused edit button 2024-02-27 09:04:55 +01:00
iglocska 060cf4f45d
fix: [analystdata] restrict what to display in associated models 2024-02-27 09:03:17 +01:00
iglocska 38c6ffd7a0
fix: [analystdata] fixed editing of context specific editable fields 2024-02-27 08:44:34 +01:00
iglocska 9f859892c2
fix: [analyst data] zero out sharing group ID when other distribution setting is selected 2024-02-27 08:24:24 +01:00
iglocska 27885e19ca
fix: [analystdata] clarified hover text 2024-02-27 07:24:48 +01:00
iglocska ba08a8219b
fix: [analystdata ui] oversanitisation of relationships fixed 2024-02-27 07:21:15 +01:00
Vincenzo Caputo 84eed089c2 Remove newline in overhead message 2024-02-25 16:00:01 +00:00
Vincenzo Caputo 74c7133be8 Add overhead message 2024-02-25 15:59:14 +00:00
Vincenzo Caputo eca3cd9cbf Add call to trigger before saving shadow attribute 2024-02-25 15:54:42 +00:00
Vincenzo Caputo 02de43a49e Add shadow attribute before save trigger 2024-02-25 15:51:01 +00:00
Alexandre Dulaunoy d82387b376
chg: [misp-galaxy] updated 2024-02-24 18:17:34 +01:00
Alexandre Dulaunoy 8d1a74b40b
Merge branch '2.4' into develop 2024-02-24 13:46:09 +01:00
Vincenzo Caputo 626fafc40f Fix Tag replacement workflow module description 2024-02-24 11:31:17 +00:00
Christian Studer 7b5e75a1b5
fix: [stix2 import] Added missing `organisation_uuid` argument 2024-02-23 23:44:08 +01:00
Christian Studer 354da05e19
fix: [upload_stix] Fixed naive copy paste failing after an arbitrary variable name change 2024-02-23 22:44:38 +01:00
Christian Studer 5f6c1327ff
chg: [misp-stix] Bumped latest version with the changes on the organisation uuid argument 2024-02-23 21:42:38 +01:00
Christian Studer 41b20f96d3
add: [stix2 import] Added organisation UUID parameter to be used when generating custom Galaxy Clusters UUID 2024-02-23 21:41:08 +01:00
Christian Studer 1163539038
fix: [upload_stix] Fixed undefined index `cluster_sharing_group_id` when uploading stix file 2024-02-23 16:03:00 +01:00
Christian Studer 9221682157
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-02-23 15:49:03 +01:00
Jakub Onderka c07ee0066c
fix: [UI] Catch exception when custom file is not readable 2024-02-23 12:19:00 +01:00
Sami Mokaddem f09fdad92d
Merge branch 'fix/custom-image-rendering' into 2.4 2024-02-23 12:10:39 +01:00
Sami Mokaddem f9174e9a4d
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-02-23 12:07:48 +01:00
Sami Mokaddem abcbc575c1
fix: [users:login401] Usage of Image->base64 to follow what users:login does 2024-02-23 12:07:45 +01:00
Sami Mokaddem 7ad892a028
fix: [users:login401] Usage of Image->base64 to follow what users:login does 2024-02-23 12:06:49 +01:00
Alexandre Dulaunoy b5d0f2407c
Merge branch '2.4' into develop 2024-02-23 12:06:09 +01:00
Alexandre Dulaunoy 5646474130
Merge pull request #9582 from cudeso/2.4 
Minor documentation changes; add example to create users via REST API
 2024-02-23 12:05:31 +01:00
Sami Mokaddem af1ba18319
fix: [user:login] Make sure welcome_logos exists before trying to render them 2024-02-23 12:03:35 +01:00
Sami Mokaddem 6e06cf433c
fix: [user:login] Make sure welcome_logos exists before trying to render them 2024-02-23 12:00:26 +01:00
iglocska f7c76e965f
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-02-23 11:03:01 +01:00
iglocska 0561953c12
fix: [UI] correct encoding for the notes 2024-02-23 11:02:36 +01:00
Sami Mokaddem 0fce6c7784
fix: [eventReports:view/analystData] Load assets before trying to render notes 2024-02-23 11:02:23 +01:00
Jakub Onderka a92b2c5111
Merge pull request #9583 from JakubOnderka/image-helper-fix 
fix: [UI] Catch exception when custom file is not readable
 2024-02-23 10:45:07 +01:00
Sami Mokaddem a7c47f9b24
fix: [users:login] Check file existence in the correct location 2024-02-23 10:34:23 +01:00
Jakub Onderka f8a92524ee
fix: [UI] Custom logos 2024-02-23 10:31:42 +01:00
Jakub Onderka 52ff88d5c8 fix: [internal] exif_imagetype is not standard part of PHP 2024-02-23 10:29:18 +01:00
iglocska e6ec7871e3
fix: [notes] changed timestamp output to not include timezone 
- doesn't work on all versions of mariadb/mysql
 2024-02-23 10:18:29 +01:00
Jakub Onderka 7e7dcec240 fix: [UI] Catch exception when custom file is not readable 2024-02-23 10:01:18 +01:00
Koen Van Impe 105e7fc267
Minor documentation changes; add example to create users via REST API 2024-02-23 09:43:53 +01:00
iglocska 45e23c8509
fix: [processtool] make old versions happy 
- proc_open only started accepting $command as an array in 7.4
 2024-02-22 17:03:48 +01:00
Sami Mokaddem 6655697dbc
fix: [users:login] Check file existence in the correct location 2024-02-22 10:30:15 +01:00
Sami Mokaddem b8c2c7be64
fix: [login:UI] Reverted change that swapped `main_logo` with `home_logo` 2024-02-22 10:20:11 +01:00
Sami Mokaddem 48a7addb04
fix: [galaxyCluster:view/analystData] Load assets before trying to render notes 2024-02-22 08:40:58 +01:00
Sami Mokaddem 224415c3b4
chg: [analyst-data:edit] Added support of editable fields 2024-02-22 08:32:47 +01:00
Sami Mokaddem 7b661f740a
chg: [analyst-data:UI] Added highlight on note opener button 
- As request by gallypette
 2024-02-22 08:32:05 +01:00
Sami Mokaddem 396837675e
chg: [analyst-data:thread] Gracefully catch cases where the related object is not found when generating link URL 2024-02-21 16:20:26 +01:00
Sami Mokaddem 720336f65d
chg: [analyst-data:datetimes] Moved datetime manamgent of created and modified field from the DB to the app. 
- This change is to enforce the usage of UTC time as using MySQL's CURRENT_TIMESTAMP uses the TZ of the server
 2024-02-21 16:20:07 +01:00
Christian Studer 9573c308e0
fix: [stix2 import] Setting the `single_event` argument to avoid skipping content in case of multiple reports or groupings 2024-02-21 11:46:21 +01:00
Jakub Onderka 2c43d5c277 fix: [UI] Custom logos 2024-02-20 16:17:43 +01:00
Sami Mokaddem d8bf22b422
Merge remote-tracking branch 'origin/develop' into notes 2024-02-20 11:16:01 +01:00
Sami Mokaddem 752807ef37
fix: [workflowModules:attributeEditionOperation] Make sure to call Attribute->editAttribute on data to be saved 2024-02-19 15:02:27 +01:00
Jeroen Pinoy 31cd3f2023
fix: [workflow] fix attribute edit module actions 2024-02-18 18:05:08 +01:00
Christian Studer e703307f14
chg: [misp-stix] Bumped latest version 2024-02-16 16:29:04 +01:00
iglocska fd7548243b
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-02-16 16:27:43 +01:00
iglocska a2c9740c0f
fix: [missing images] re-added 2024-02-16 16:27:17 +01:00
Alexandre Dulaunoy b1649cca55
chg: [taxonomies] updated to the latest version 2024-02-16 16:23:47 +01:00
Alexandre Dulaunoy e84ca24ff5
chg: [misp-objects] updated to the latest version 2024-02-16 16:23:09 +01:00
Alexandre Dulaunoy 1b3fd41a64
chg: [warning-lists] updated to the latest version 2024-02-16 16:22:42 +01:00
Alexandre Dulaunoy ecfa6224a9
chg: [misp-galaxy] updated to the latest version 2024-02-16 16:22:17 +01:00
Sami Mokaddem 6f99b148f0
Merge remote-tracking branch 'origin/develop' into notes 2024-02-16 15:29:03 +01:00
Sami Mokaddem 8530d6344b
fix: [analyst-data:relationship] Make sure to rearrange data only when the referrenced element exists 2024-02-16 15:26:11 +01:00
Raphaël Vinot e4e6f1625a chg: [PyMISP] Bump version 2024-02-16 14:50:47 +01:00
iglocska c47f1987dc
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-02-16 14:24:44 +01:00
iglocska c1638e0a9c
fix: [sighting sync] speculative fix for critical sync issue 
- pulls from an instance with extremely high numbers of sightings (~300M+) can lead to the pulled instance becoming unusable
- This fix addresses multiple issues:
  - The use of last:0 as a sighting pull filter parameter lead to a search using an unindexed field
  - Internally searching for sighting IDs across 500 events in one shot can lead to massive data-sets
  - Internally searching for sighting IDs by Event.uuid on a joined table is extremely slow compared to searching on the sighting table alone
 2024-02-16 14:21:10 +01:00
Sami Mokaddem 159f5278ef
fix: [analyst-data:view] Fixed analyst-data/view/all endpoint 2024-02-16 10:30:26 +01:00
Sami Mokaddem 9d66ff0815
fix: [app] Fixed error while merging in db_change number 2024-02-16 08:38:45 +01:00
Sami Mokaddem 66cd091ac4
Merge remote-tracking branch 'origin/develop' into notes 2024-02-16 08:30:04 +01:00
Andras Iklody aa67046917
Merge pull request #9564 from Wachizungu/fix-objects-restsearch-first-seen 
fix: fix objects restsearch first_seen filter
 2024-02-15 17:26:43 +01:00
iglocska 7a22d7c413
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-02-15 15:37:32 +01:00
iglocska 9c244eb115
fix: [security] Org image upload moved out of webroot 
- images will no longer be accessible directly, only via inclusion via file-read/b64 encoding
- The new store for org images is MISP/app/files/img/orgs

- As reported by Yusuke Nakajima
 2024-02-15 15:35:12 +01:00
Sami Mokaddem 502682ee51
fix: [analyst-data:pull] Return early if there is nothing to pull 2024-02-15 15:21:00 +01:00
Sami Mokaddem 3db65a5548
fix: [test:testlive_sync] Adapted message to adhere to server change 2024-02-15 14:39:43 +01:00
Sami Mokaddem 25869b189f
fix: [object:editObject] Call function from the correct model 2024-02-15 14:12:55 +01:00
Sami Mokaddem 147c9b1af4
fix: [object:editObject] Avoid un-nesting object when not applicable 2024-02-15 13:31:53 +01:00
Sami Mokaddem 5827170008
fix: [aclComponent] Make queryACL not complaining 2024-02-15 13:30:16 +01:00
Sami Mokaddem df95b4ba7f
fix: [eventReport:editReport] Call function from the correct model 2024-02-15 13:27:54 +01:00
Sami Mokaddem 66926d1b60
fix: [attribute:editAttributePostProcessing] Call function from the correct model 2024-02-15 12:09:36 +01:00
Sami Mokaddem 0e47d79340
Merge remote-tracking branch 'origin/develop' into notes 2024-02-14 15:54:28 +01:00
Jeroen Pinoy bf6a148bc8
fix: fix objects restsearch first_seen filter 2024-02-14 15:40:06 +01:00
Sami Mokaddem 54b3c566d4
new: [Event:_edit] Added support of recursive update of analyst data 2024-02-14 11:22:43 +01:00
Sami Mokaddem 006c900c8e
new: [Event:_add] Added support of recursive capture of analyst data 2024-02-14 09:48:11 +01:00
Jeroen Pinoy e99b89433a
fix: fix object_name, object_template_uuid and object_template_version object restsearch filters 2024-02-14 09:41:08 +01:00
Sami Mokaddem 714cb9ea78
chg: [event:restSearch] Added support of `includeAnalystData` options 
Also export analyst data using the event `Download as` function by default
 2024-02-14 08:36:28 +01:00
Jeroen Pinoy 236759217e
chg: [doc/openapi] clarify 'deleted' restsearch filter (#9485) 2024-02-13 17:40:30 +01:00
Sami Mokaddem 9c64255e50
chg: [analyst-data:UI] Reduced number of inline asset ressources inclusion 2024-02-13 16:02:12 +01:00
Sami Mokaddem 8c59b9897d
fix: [analyst-data:add] Allow not providing a language when creating a note 2024-02-13 15:41:57 +01:00
Sami Mokaddem 1afd609581
chg: [analyst-data:thread-view] Added possibility to fetch data having a deeper depth 2024-02-13 15:38:23 +01:00
Sami Mokaddem e9d01c5f5f
chg: [analyst-data] Added many improvements for UI and fixed infite loop due to recursion 2024-02-13 14:37:00 +01:00
Sami Mokaddem 31ed2113fb
fix: [analyst-data:recursive-fetch] Second tentative to prevent recursion in relationship 2024-02-13 11:13:39 +01:00
Sami Mokaddem 9e97ae868c
fix: [analystData:fetchChildNotesAndOpinions] Added support of depth 2024-02-13 10:23:09 +01:00
Sami Mokaddem 9e19438a16
Merge remote-tracking branch 'origin/develop' into notes 2024-02-07 17:17:29 +01:00
Sami Mokaddem 9887843358
chg: [servers:getVersion] Include the remote instance UUID if user has perm_sync permission 2024-02-07 17:15:58 +01:00
Sami Mokaddem 509708a2a2
chg: [app:queryVersion] Bumped version 2024-02-07 15:21:58 +01:00
Sami Mokaddem bb6b105bef
chg: [analyst-data:edit] Fetch referenced element for analyst-data relationships by default 2024-02-07 15:20:13 +01:00
Sami Mokaddem 7653b0d450
fix: [analyst-data:add] Added missing field `related_object_type` in form 2024-02-07 15:17:56 +01:00
Sami Mokaddem a1e215c097
chg: [analyst-data:add] Added support of author field and prefill it with current user's email address 2024-02-07 15:07:13 +01:00
Sami Mokaddem 2fa33ef129
chg: [analyst-data:global_menu] Added entry in the global menu 2024-02-07 14:59:56 +01:00
Sami Mokaddem 4fca835c39
chg: [analyst-data:crud] Do not recursively fetch child analyst-data in REST context 2024-02-07 14:53:37 +01:00
Sami Mokaddem ceb04b2662
chg: [analyst-data:beforeValidate] Do not override authors field if already set 2024-02-07 11:29:35 +01:00
Sami Mokaddem 4ed433a0eb
Merge remote-tracking branch 'origin/develop' into notes 2024-02-07 11:12:10 +01:00
Sami Mokaddem 0eb23bbf2f
fix: [console:serverShell] Set `CurrentUserId` to the ID of the user being used 2024-02-07 11:10:35 +01:00
Alexandre Dulaunoy da7a21a333
chg: [develop] merge back the Curl option issue 2024-02-07 10:51:54 +01:00
Sami Mokaddem d67506e9a6
chg: [analyst-data:CRUD] Allow viewing, editing and deleting any analyst-data by their UUIDs 2024-02-07 10:34:09 +01:00
Benni0 45f264de49 fix: CurlClient doesn't use correct Proxy settings 2024-02-07 09:59:26 +01:00
Sami Mokaddem ea7e48b2a7
Merge remote-tracking branch 'origin/develop' into notes 2024-02-06 15:04:09 +01:00
Sami Mokaddem 6e41c956fa
chg: [collection-elements:addElementToCollection] Redirect to collection creation if there no collections 2024-02-06 14:25:54 +01:00
Sami Mokaddem 3944d75f44
fix: [collection] Enforce cascade on delete 2024-02-06 14:20:47 +01:00
Sami Mokaddem ff42823f2f
fix: [analyst-data:pull] Make sure to correctly decode returned data 2024-02-06 11:34:37 +01:00
Sami Mokaddem 18dde0a73b
fix: [analyst-data:indexMinimal] Use the organisation name instead of UUID 
- This is because PULL sync filter rules relies on organisation names of the remote
- This change is to avoid rewriting the regular sync path that relies on the org name
 2024-02-06 11:30:11 +01:00
Sami Mokaddem ca7b7dfb18
chg: [analyst-data:pull] Refactored condition building function for PULL sync rules 2024-02-06 11:15:05 +01:00
Sami Mokaddem a8607c54dd
ichg: [analyst-note:pull] Continuation of adding support of PULL sync filtering rule - WiP 2024-02-06 10:58:58 +01:00
Sami Mokaddem b928e8241b
chg: [analyst-note:pull] Started adding support of PULL sync filtering rule - WiP 2024-02-06 10:23:19 +01:00
Sami Mokaddem e5d000143a
chg: [analyst-data:push] Added support of sync-filtering rules 2024-02-06 10:13:16 +01:00
Sami Mokaddem 9d18007b2e
fix: [analyst-data] Various fixes regarding ACL and recursive fetching 2024-02-06 10:04:20 +01:00
Sami Mokaddem 744a1124fd
chg: [analyst-data:identifyForPush] Removed commented code 2024-02-06 09:14:55 +01:00
Sami Mokaddem 5d112ced18
chg: [analyst-data] Allow fetching analyst-data by UUID 2024-02-06 09:09:30 +01:00
Sami Mokaddem 80f97ad79f
chg: [analyst-data] Added missing ACL entries and improved pre-filtering before negotiation starts 2024-02-06 08:50:21 +01:00
Sami Mokaddem 3a8fe00df8
chg: [analyst-data:push] Simplified filtering logic during negotiation 2024-02-05 15:45:38 +01:00
Sami Mokaddem a82fde10b4
chg: [analyst-data] Renamed bunch of synchronisation functions 2024-02-05 15:18:07 +01:00
Sami Mokaddem 207c55e1e4
fix: [analyst-data:push] Correctly adjust locked flag for push 2024-02-05 11:59:13 +01:00
Sami Mokaddem 7fee219b45
fix: [analyst-data:pull] Correctly adjust distribution level and locked flag when pulling 2024-02-05 11:58:40 +01:00
Sami Mokaddem f71b50d3d7
fix: [analyst-data:edit] Bump `modified` field before updating 2024-02-05 11:24:15 +01:00
Sami Mokaddem 1444523dfa
chg: [component:CRUD] Added support of parameter as a list 2024-02-05 11:03:07 +01:00
Sami Mokaddem f649814afb
chg: [analyst-data:pull] Change in pull strategy + few improvements 2024-02-05 10:59:20 +01:00
Sami Mokaddem ea88d5c7bb
chg: [analyst-data:pull] Continuation implementation of pull - WiP 2024-02-05 09:27:13 +01:00
Swapneel Patnekar a8fb77c848 Added Shreshta NRD 1 week and 1 month community feeds 2024-02-03 21:53:48 +05:30
Alexandre Dulaunoy 6a7a7a81f3
chg: [GeoOpen] updated 2024-02-02 15:50:28 +01:00
Alexandre Dulaunoy 4cb3c38613
chg: [warning-lists] updated to the latest version 2024-02-02 15:47:26 +01:00
Alexandre Dulaunoy d7fa34f47e
chg: [misp-galaxy] updated to the latest version 2024-02-02 15:46:26 +01:00
iglocska c691965480
chg: [appcontroller] versions bump 2024-02-02 15:28:32 +01:00
iglocska 5f45c9adf3
chg: [submodules] updated 2024-02-02 15:25:51 +01:00
Jakub Onderka 70c2b83e84 fix: [log] Do not save to database big changes 2024-02-01 17:46:56 +01:00
Jakub Onderka 9ebf18e82b new: [UI] Show dragonfly version in diagnostics 2024-02-01 17:34:53 +01:00
Sami Mokaddem 8e6758e6f6
chg: [analyst-data:pull] Started implementation of pull - WiP 2024-02-01 16:27:54 +01:00
Sami Mokaddem 9da67879d4
fix: [security] auditlogs's fullChange lack of ACL controls 
Added proper ACL handling
- As reported by Jeroen Pinoy
 2024-02-01 15:17:53 +01:00
Sami Mokaddem 727ca98f93
chg: [analyst-data:delete] Make deletion `hard` by default 2024-02-01 15:03:58 +01:00
Sami Mokaddem c4fc994857
fix: [analyst-data:pushAnalystData] Typo in success reporting log line 2024-02-01 14:53:36 +01:00
Sami Mokaddem dc6b6cc3b3
fix: [analyst-data:CRUD] Make sure to return the data in the afterFind function 2024-02-01 14:51:26 +01:00
Sami Mokaddem 2c2c297b32
fix: [analyst-data:db-migration] Fixed typo in create table instruction 2024-02-01 14:43:33 +01:00
Sami Mokaddem eaf8a2b98a
chg: [analyst-data] Added `locked` flag, support of orgc/org, analyst-data-blocklist and most implementation of push synchronisation - WiP 2024-02-01 14:24:41 +01:00
Jakub Onderka 3d8a3919d0 fix: [internal] Raise size for access_logs action column 2024-01-31 16:32:12 +01:00
Sami Mokaddem 8cef82f1ea
chg: [server:sync/analyst-data] Started integration of server synchronisation - WiP 2024-01-31 15:10:08 +01:00
Sami Mokaddem ceb423ae76
chg: [permission:analyst-data] Added new permission `perm_analyst_data` 2024-01-31 15:05:49 +01:00
Sami Mokaddem 065b492280
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-01-31 14:30:32 +01:00
Sami Mokaddem 312d2d5422
fix: [security] Improved security checks for organisation logo upload 
- As reported by Andrei Agape / Teliacompany

Checks are:
- Maximum file size of 250K since the recommanded picture size is 48x48.
- File extension check
- File mime type checks
 2024-01-31 14:27:59 +01:00
Sami Mokaddem 51840a0697
chg: [events:export] Make setting `MISP.disable_cached_exports` enabled by default 
Since the /events/export has been marked deprecated for a years started
the process to phase it out by first disabling the endpoint by default.
 2024-01-31 14:26:22 +01:00
Sami Mokaddem 0ac2468c28
fix: [security] Enforce usage of POST to start an export generation process 
As reported by Andrei Agape / Teliacompany
 2024-01-31 14:24:17 +01:00
Alexandre Dulaunoy 4be80d39a8
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-01-31 13:34:26 +01:00
Alexandre Dulaunoy 7b49980b5c
chg: [develop] merge back 2.4 2024-01-31 13:33:58 +01:00
Sami Mokaddem 9425c99894
Merge branch 'develop' of github.com:MISP/MISP into develop 2024-01-31 10:44:43 +01:00
Sami Mokaddem ebdf1c0004
fix: [organisation:orgMerge] Added missing models for organisation handover 2024-01-31 10:44:11 +01:00
Jakub Onderka ebbe17b88c
Merge pull request #9534 from JakubOnderka/speedup-vol2 
chg: [internal] Faster check for session destruction
 2024-01-31 10:30:36 +01:00
Sami Mokaddem 7513cfaeb0
fix: [organisation:orgMerge] Make sure to serialize array before insertion 2024-01-31 10:06:16 +01:00
Jakub Onderka c2811888e4 chg: [internal] Faster freetext parsing 2024-01-31 09:47:54 +01:00
Jakub Onderka 7f935f4cec chg: [internal] Faster check for session destruction 2024-01-30 18:54:11 +01:00
Luciano Righetti f1bab1e98c Revert "fix: incorrect foreing key" 
This reverts commit 6a36d7a3cd.
 2024-01-30 18:49:05 +01:00
Sami Mokaddem 8ecdf70da0
chg: [galaxyClusters:view] Added analystData support in /galaxyClusters/view 2024-01-30 15:17:40 +01:00
Sami Mokaddem b6c6ee60e4
chg: [eventReport:view] Added analystData support in /eventReports/view 2024-01-30 15:16:38 +01:00
Sami Mokaddem e060aed9ee
fix: [events:view/analyst-data] Added missing relationship_path 2024-01-30 15:16:29 +01:00
Luciano Righetti 6a36d7a3cd fix: incorrect foreing key 2024-01-30 15:16:18 +01:00
Sami Mokaddem b2f3602265
chg: [analyst-data:ACL] Enforced ACL and reflected the change in the UI 2024-01-30 15:15:26 +01:00
Jakub Onderka b1d31d653d fix: [admin] Show logos in SVG format in admin 2024-01-30 14:49:37 +01:00
Sami Mokaddem b9f1a0ad89
chg: [analyst-data:index] Improved UI for related element 2024-01-30 11:06:21 +01:00
Sami Mokaddem d702535a76
chg: [analyst-data:UI] Improved UI, better support of opinions in CRUD views and added single/index fields for opinion scale 2024-01-30 10:51:31 +01:00
Sami Mokaddem 9feed62a5d
fix: [analyst-data:ui-generic] Make sure to always show analyst-data 2024-01-30 10:14:27 +01:00
Sami Mokaddem caf55c3eec
chg: [analyst-data:event-report] Added support of analyst-data to event reports 2024-01-30 10:13:58 +01:00
Sami Mokaddem 5664a735e2
chg: [analyst-data:ACL] Added ACL rules and fixed side-menu to support ACL 2024-01-30 09:45:51 +01:00
Sami Mokaddem e3b09cd5a5
fix: [analyst-data:afterFind] Only rearrange key sharing-group key if they distribution exists 2024-01-30 09:36:45 +01:00
Sami Mokaddem 90ae8739da
chg: [analyst-data:view] Display fields based on note model and slightly improved UI 2024-01-30 09:29:36 +01:00
Sami Mokaddem 9de54fa208
fix: [analyst-data:view] Use correct model to access element property 2024-01-30 09:12:49 +01:00
Sami Mokaddem 1975e38d8c
chg: [galaxyCluster] Added support of analyst-note in the UI 2024-01-30 09:03:16 +01:00
Sami Mokaddem f534b22582
chg: [analyst-data:sideMenu] Added support of analyst-data in the side menu 2024-01-30 09:01:06 +01:00
Sami Mokaddem 6909e5feaf
new: [singleView:sidePanels] Added new `html` side panel template to feed any HTML into the view 2024-01-30 09:00:06 +01:00