iglocska
3ee3c6a34d
chg: [debugkit] Added the commented out loading of debugkit for convenience
2018-09-27 23:02:15 +02:00
Raphaël Vinot
ed64988ffd
chg: Bump recommended pyMispVersion
2018-09-06 11:27:02 -07:00
iglocska
6850d7dff3
fix: [internal] AppController minor fix
...
- fix bug of invalid forcing of JSON export type in certain conditions
2018-09-03 17:46:35 +02:00
iglocska
69b1b741b6
chg: [API] legacy passing of the api key via URL parameters caused an invalid response type
...
- automatically selects json now
2018-09-03 10:07:47 +02:00
iglocska
f2a81866c1
new: [internal] SQL debug API tool added
...
- just pass /sql:1 to any query via the API to see a dump of all queries
- Response isn't very clean, JSON pushed infront of whatever the output is
- requires debug mode = 2
2018-08-31 13:22:31 +02:00
iglocska
2a10276d07
Merge branch '2.4' into feature/api_rework
2018-08-22 17:39:56 +02:00
Steve Clement
1bac3749c5
fix: [i18n] Variables are in no need to be translated, it will break stuff, horribly.
...
upd: [i18n] Update default.pot again
2018-08-21 14:48:23 +03:00
iglocska
3371ad4494
chg: [querystring] version bumped
2018-08-21 07:56:33 +02:00
iglocska
b407aba746
fix: [CS] Updated recent changes
2018-08-20 10:50:09 +02:00
iglocska
4c604636d4
fix: [API] allow other returnFormats besides download to work for restsearch
2018-08-09 16:26:12 +02:00
iglocska
8907517330
new: [internal] Added new internal functions to be used by all export APIs in the future
...
- authenticate user via URL params if not already authenticated (to support legacy APIs)
- harvest parameters in a standardised way for filtering all export APIs
2018-08-06 10:46:52 +02:00
iglocska
a81894f14c
chg: [CS] Changed to PSR-2
...
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
2018-07-19 11:48:22 +02:00
Sami Mokaddem
225c34ef0b
Merge remote-tracking branch 'upstream/2.4' into sharingGraph
2018-07-12 14:47:14 +00:00
iglocska
cbc09e4540
fix: [i18n] Added default language
2018-07-12 16:12:15 +02:00
iglocska
0d45dbc27a
new: [API] Check for malformed JSON requests
2018-07-11 10:16:19 +02:00
Sami Mokaddem
b7a16803f3
chg: [appController] bumped query version
2018-07-06 14:48:14 +00:00
Alexandre Dulaunoy
e8d8d80aba
chg: [PyMISP] released as 2.4.93
2018-07-01 18:26:06 +02:00
iglocska
81c0fc2279
new: [API] Added unsafe URL parameter to authenticate users
...
- for legacy tools that cannot pass headers in HTTP requests for some insane reason
- Needs to be enabled by a site admin - default is that it is disabled
- MISP's diagnostic tool WILL complain if this is ever enabled
2018-06-27 14:25:40 +02:00
Sami Mokaddem
6637d19e46
fix: bump query_version and updated queryACL
2018-06-22 13:37:49 +00:00
iglocska
72050ec5ea
fix: [UI] Fixed a bug with galaxies not being addable
2018-06-22 12:08:26 +02:00
iglocska
437793a65f
fix: Fixed a bug where users couldn't add galaxies after paginating/filtering on event attributes
2018-06-21 09:07:38 +02:00
iglocska
a930fdeaeb
new: [i18n] Added tools to switch between languages via the server settings
2018-06-20 15:11:43 +02:00
iglocska
381a4b8895
fix: Don't require API users to acept the terms / change password to get going
...
- to get the API key they need to log in anyway via the interface
2018-06-20 07:55:04 +02:00
iglocska
5d925cbf96
fix: [bug] Endless loop when terms are not accepted / password not reset fixed, fixes #3336
2018-06-12 22:41:57 +02:00
iglocska
ac0663862f
chg: [version bump] querystring bumped
2018-06-12 16:10:49 +02:00
iglocska
e3eb71b29a
new: [ACL] Added new role permission: publish_zmq
...
- permission flag to use the "publish to ZMQ" button
2018-06-07 17:52:01 +02:00
Raphaël Vinot
4ee0e8dced
chg: Bump PyMISP version.
2018-06-07 12:12:29 +02:00
iglocska
e3c8f80421
new: batch delete should hard delete if event hasn't been published yet, fixes #3311
2018-06-05 17:50:26 +02:00
iglocska
a2746418ae
fix: Allow updateDatabase to accept numbers
2018-05-31 14:39:28 +02:00
iglocska
2ed4ecec02
new: Stricter validation of baseurl when coming via the API tool
2018-05-26 06:55:28 +02:00
iglocska
9ffd05e57d
fix: [API] Add object request has been black-holed. #3271
...
- blanket disabling the security component for API requests clashes with explicit disabling of certain security component features in the objects controller causing exceptions
2018-05-23 10:33:40 +02:00
iglocska
68b8266584
new: New flash message system, fixes #3252
...
- 3 types of flash messages (success, error, warning)
- uses bootstrap's own classes/structure
2018-05-16 19:32:38 +02:00
iglocska
d49a190f99
fix: Version bump
2018-05-14 23:22:35 +02:00
iglocska
5acfac3539
fix: Some cleanup
2018-05-12 17:26:16 +02:00
iglocska
42d86d7b18
fix: [API] Tightened the disabling of the security component to counter the effects of cakephp 2.10.x
2018-05-09 13:08:42 +02:00
iglocska
776084130f
fix: Remove form tampering for REST requests
...
- makes MISP compatible with 2.10.x
- No point in running the security component's test since no form is submitted via REST anyway.
2018-05-08 18:50:27 +02:00
Sami Mokaddem
680311f68f
chg: [Controllers] sets the ajax variable globally
...
As well as removing useless set in controllers and accessing it instead
of passing through the request.
2018-05-07 14:44:59 +00:00
Sami Mokaddem
6d476814b0
Merge remote-tracking branch 'upstream/2.4' into distributionGraphDonut
2018-05-03 13:52:40 +00:00
Sami Mokaddem
50ac404da7
chg: update __query version
2018-05-03 09:58:44 +00:00
Alexandre Dulaunoy
d960ce3642
fix: PyMISP version 2.4.90
2018-04-25 11:59:55 +02:00
Sami Mokaddem
c7496c67ca
fix: changed "xhtml:body" into "xhtml:div", to avoid creating a body DOM
...
which cause listener on the original body to bug. Incremented js number
and check if request is ajax or not in ObjectController
2018-04-23 07:35:52 +00:00
iglocska
279a6459ff
new: Preview the extended event ID / UUID
...
- Also, cleanup of the nasty event tag code
2018-04-19 13:56:50 +02:00
iglocska
e89d7ebc16
new: Added separation between enabled feeds and feeds enabled for caching
2018-03-30 23:30:54 +02:00
StefanKelm
a57ed6f3cd
Update AppController.php
2018-03-27 15:38:53 +02:00
iglocska
41fdf6da8b
new: Allow further role settings
...
- exclude a role from non site admin assignment
- set max memory usage and execution time / role
2018-03-24 21:43:46 +01:00
Alexandre Dulaunoy
bc5eb68919
fix: PyMISP version is 2.4.89
2018-03-23 10:57:53 +01:00
Alexandre Dulaunoy
ebe39b834e
fix: PyMISP recommended version fixed
2018-03-23 10:52:28 +01:00
iglocska
ddf481042f
chg: Query string bumped
2018-03-23 09:40:02 +01:00
iglocska
ee6f5f46e2
fix: Fixed annoying download list only having one side clickable
...
- it was annoying to brigadier general @adulau
2018-02-22 12:02:34 +01:00
iglocska
a0d7cececc
new: Reowkred organisation merge workflow, #fixes 2931
...
- Organisation merge is now offered to the user by the edit page if a UUID was used to edit an organisation that is already in use
- Merging a local org with 1+ user(s) into an external organisation converts the target organisation into a local one
- Merging a local organisation with a logo into an organisation without one will move the current logo to over
- caveat: this will only happen for organisations already using the new logo naming ([id].png as opposed to [name].png)
2018-02-16 16:34:12 +01:00