Commit Graph

99 Commits (303de0e3aa9deb852c1afb61d403d3537169ad5d)

Author SHA1 Message Date
iglocska 19302aca4f Thread count now correctly displayed in the statistics
- Viewing an event without a discussion thread creates an empty thread in preparation of future posts - these empty threads should not count as active threads though.
2014-02-14 10:19:57 +01:00
iglocska 16f1072120 Statistics changes
- remove actions such as login, logout, changepw
- fixed range so that a addinga a massive event doesn't make every other day seem less active
2014-02-12 17:17:15 +01:00
iglocska 3b8f9b9e2b Removal of obsolete stuff
- taking out the trash
2014-02-11 17:39:16 +01:00
iglocska 07c4536932 Fixed various things
- logging of event publishing enabled for background jobs
- disabled a gpg debug mode that was enabled by accident
- better feedback for publishing
2014-02-10 00:29:46 +01:00
iglocska 6bf1063a66 Small fixes 2014-02-06 09:59:41 +01:00
iglocska 22c8105f58 Mass replace replace of the old CyDefSig name to MISP - fixes #82 2014-02-05 15:01:26 +01:00
iglocska f51d61f8f9 Various changes
- contributors shown on the event view (list of the organisation logos of users that have contributed through proposals)
- these link to the event history containing only entries from their organisation

- changes to the activity heatmap
- heatmap now dynamically changes the range on the graph based on the obtained values
- performance improved
- buttons to move back or forward in time on the calendar

- Attributes:
- warning for the user if he/she has selected the attribute category "targeting-data" or "attribution" as these could contain classified information
- UI improvements across most attribute and shadowattribute input views

- Updated cal-heatmap to the newest version
2014-02-05 13:45:18 +01:00
iglocska 7545de6a6c Changes to the admin methods
- cleaned up the methods, they all now return results without debug mode enabled
- Added a verification method for all user GPG keys (as an expired key for example would send out empty messages)
2014-01-21 11:28:18 +01:00
iglocska 65753a096a Some minor changes
- Statistics page has gotten a lot of extra information
- Removed some old junk files
- Made the size of the graph in the memberslist larger to fit all the new attribute types
2014-01-09 17:13:07 +01:00
iglocska ba4e136ace First version of the new statistics page
- shows a heatmap of user activity based on the logs
- can show it for all users or for users of a specific org
2014-01-09 10:04:53 +01:00
iglocska d54793ffe6 Most of the export caching done
- also a fair bit of refactoring of the code, fatter models, thinner controllers, component moved to Lib
2013-11-15 15:39:34 +01:00
iglocska 1c3425fc91 Merge branch 'develop' into feature/CakeResque
- develop and the first CakeResque implementation merged

Conflicts:
	app/View/Layouts/default.ctp
2013-11-06 11:02:23 +01:00
iglocska 0f80145c6d :q 2013-11-06 10:52:18 +01:00
iglocska 0591db2a67 Small changes after merging the two feature branches
- Update to the representation of the new permission flags

- some small issues with the merge resolved
2013-10-25 11:31:35 +02:00
iglocska 2b11a78e22 Merge branch 'feature/roleChanges' into feature/XML_and_UI
Conflicts:
	app/Controller/UsersController.php
	app/View/Regexp/admin_add.ctp
	app/View/Regexp/admin_edit.ctp
	app/View/Regexp/admin_index.ctp
	app/View/Roles/admin_add.ctp
	app/View/Servers/add.ctp
	app/View/Servers/edit.ctp
	app/View/Servers/index.ctp
	app/View/Servers/pull.ctp
	app/View/Servers/push.ctp
2013-10-25 10:39:18 +02:00
iglocska 3c58e0071a Further work on the UI
- reworked almost all of the side menues to be centralised

- Some fixes for the IOC export not handling two new-ish types correctly

- Some changes to the menues (including a few options that didn't exist before)

- rework of the popovers in some forms
2013-10-24 16:41:42 +02:00
iglocska d27ddee207 First rework of the siteadmin role
- ADMIN org removed.

- Siteadmins are now identified by the perm_site_admin flag

- Siteadmins can now be of any organisation

- editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role

- Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin

- If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created)

- Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin.
2013-10-03 11:45:27 +02:00
iglocska 4056e163c1 Users weren't able to change the contactalert field 2013-08-20 11:26:24 +02:00
iglocska 8bf54e7c01 Removed password creation for new users through the contact users menu 2013-07-25 17:23:52 +02:00
iglocska 96170dae29 Fixed an issue with siteadmin contact e-mails resetting passwords of non existing users
- a site admin could issue a password reset to a non-existing user
2013-07-25 14:45:34 +02:00
Christophe Vandeplas bd61f73bd2 fixed a newly created bug in memberslist 2013-07-18 12:18:10 +02:00
iglocska 7486f478e0 Merge branch 'develop' of https://github.com/MISP/MISP into develop 2013-07-18 11:33:11 +02:00
iglocska 7fb1e6f70e Some bugs fixed
- Resetting the auth key for a user that doesn't exist created an empty
user 

- change_pw showed an admin menu on the side

- rerouting after an incorrect auth request fixed (users/index doesn't
exist)

- temporarily disabled the redirect after login
2013-07-18 11:32:26 +02:00
Christophe Vandeplas 4bca5b9e30 memberslist based on orgc, is more logic to reflect the contributions 2013-07-18 11:14:11 +02:00
iglocska 1f5aa5420f Security issue fixed with UsersController
- users could view other user profiles

- users could view other user profiles through edit user
2013-07-15 16:46:44 +02:00
Christophe Vandeplas ff2f08f60d fixes bug in previous commit. 2013-07-11 14:28:12 +02:00
Christophe Vandeplas 7949181fbc improved password generation algorithm in reset password 2013-07-11 14:26:28 +02:00
iglocska 17b570ec1f Typo in UsersController fixed 2013-06-11 10:37:56 +02:00
Christophe Vandeplas 213290961b force passwd change for admin user on creation 2013-06-04 13:22:05 +02:00
Christophe Vandeplas 38897d9af3 create default admin user automatically 2013-06-04 13:06:57 +02:00
Christophe Vandeplas 69251490ef Merge branch 'feature/gui' of https://github.com/MISP/MISP into
feature/gui

Conflicts:
	app/View/Logs/admin_index.ctp
	app/View/Logs/admin_search.ctp
	app/View/Users/memberslist.ctp
2013-05-31 17:50:00 +02:00
Iglocska 254936b28c Date issue when adding a user
- the date for a new user was not set and defaulted to 0000-00-00 - this
caused an issue when the user was edited and the admin was either
prompted to change the date manually or the date was set to 2033. 

- date for newsread is now initially set to 2000-01-01
2013-05-13 15:37:42 +02:00
Andras Iklody eeaa071024 Removal of the remains of the old authorization / adding new ones where
needed
2013-04-26 14:43:44 +02:00
Andras Iklody 4396cec8ea Integrated ownership, ACL and minor fixes
- Orgs can propose new attributes or changes to existing attributes for
  events that they do not own

- publishing users of the owner organisation can see, accept or discard
  them

- Reworked the access control

- minor fixes
2013-04-25 14:04:08 +02:00
Christophe Vandeplas d11422831e fix sanitization in Users #96 2013-04-24 13:06:35 +02:00
iglocska e7a7ea8824 Small error 2013-03-25 17:12:10 +01:00
iglocska 745581d38e Small bug
- Messages left empty for all but the first user in a mass custom e-mail
- fixed.
2013-03-25 17:07:56 +01:00
iglocska 4aa2bf748b Small message notifying the admin that the e-mail was sent
- flash message after e-mail sent
2013-03-25 16:52:59 +01:00
iglocska b28e884eb0 Debug exception left in
- removed
2013-03-25 16:50:26 +01:00
iglocska 0a06ceed3b E-mailing system for site-admins
- site admins able to contact users by e-mail from within the system
- PGP encrypted where available
- Password reset with automatic temporary key generation
- all of the above options have a mass-email version where every user is
  contacted at once
- Potential new users can be contacted too (GPG key can be supplied)
2013-03-25 16:38:56 +01:00
Andras Iklody afed0f2046 Changes to link validation and minor fixes
- Links get validated now to filter malicios code

- removed a double edit button in the case of an admin editing himself

- fixed an error with adding new attributes
2013-02-11 11:26:34 +01:00
Andras Iklody e88a3a9cf7 Updates to security
- perm_auth new toggle, can disable auth key usage for a role

- prevents sync / rest with a perm_auth == false key

- some changes to sync to provide better feedback on why it failed

- rewording of distribution options
2013-02-06 17:45:43 +01:00
Andras Iklody 6ef3ea7050 Missing file from the last commit
Missed a file from the package
2013-02-05 09:21:29 +01:00
Andras Iklody 66b9969d29 Security for UsersController
org admins could edit users of other orgs by accessing the edit page
through the URL. Fixed.
2013-01-29 10:51:18 +01:00
Andras Iklody 97f56a2275 Further changes to org admins
org admins can manage their own server connections
org admins cannot see other orgs' users in the users list
2013-01-29 08:56:38 +01:00
Noud de Brouwer 4c83ad3cfe coding standards
Coding Standards.
2013-01-28 08:42:20 +00:00
Noud de Brouwer a6371f5ad8 coding standards
Coding Standards.
2013-01-28 08:32:01 +00:00
Andras Iklody 9739cd1e35 Fix for the org admin privileges
Editing / creating users and the organisation permissions for org admins
2013-01-25 12:22:55 +01:00
Noud de Brouwer d6adb11f52 RBAC
only create users within own organisation.
2013-01-25 07:52:32 +00:00
deresz b1b47bc56f Better fix to Sanitize::clean() problem
'escape' option was removed.
2013-01-24 10:38:51 +01:00