Commit Graph

500 Commits (40ce38efec260b95705ddae52b60418298d8635d)

Author SHA1 Message Date
Jakub Onderka f661204ed1
Merge pull request #8593 from JakubOnderka/fix-periodic-extract
fix: [internal] Extracting periodic setting for user
2022-09-20 18:48:22 +02:00
Jakub Onderka d4300f6b74 fix: [UI] Periodic summary 2022-09-20 16:33:50 +02:00
Jakub Onderka 760240eade fix: [UI] Notification settings 2022-09-20 15:43:02 +02:00
Jakub Onderka cb6f10fd69 chg: [internal] Change method name User::{extractPeriodicSettingForUser->fetchPeriodicSettingForUser} 2022-09-20 13:43:35 +02:00
Jakub Onderka 5204be7a7d fix: [internal] Refresh session after notification change 2022-09-20 13:42:14 +02:00
Jakub Onderka 5874633a77 fix: [internal] Extracting periodic setting for user 2022-09-20 13:02:01 +02:00
Jakub Onderka c0313b9c37 fix: [internal] Respect `Security.hide_organisation_index_from_users` setting 2022-09-20 10:29:07 +02:00
Sami Mokaddem c7e80e399d
chg: [users:edit] Added support of notification_* 2022-09-09 14:21:06 +02:00
Sami Mokaddem e89698f301
fix: [periodic_notification] Correctly pass period filter to event fetcher 2022-09-09 10:49:06 +02:00
Sami Mokaddem bf39655c26
chg: [periodic_notification] Improved report and parametrized tags for trending 2022-09-08 14:54:04 +02:00
Sami Mokaddem 90cab66b86
chg: [user:saveNotificationSettings] Make sure tags filter is a valid json 2022-09-07 09:38:31 +02:00
Sami Mokaddem f2ff91ee35
chg: [users] Removed useless constant 2022-08-31 15:44:36 +02:00
Sami Mokaddem 7cd3b35d61
chg: [user:periodic_notification] General improvements and added CLI support 2022-08-31 11:51:36 +02:00
Sami Mokaddem 894724a805
chg: [users:edit] Allow admins to edit periodic notification subscriptions 2022-08-30 14:53:06 +02:00
Sami Mokaddem 3338e1abef
chg: [user:periodic_notification] Added templates, basic statistics and UI integration 2022-08-30 14:10:01 +02:00
Sami Mokaddem 279f33bc4a
chg: [user:periodicNotification] Dev cont. 2022-08-29 12:06:42 +02:00
Sami Mokaddem 8db8cbd398
new: [user:periodicNotification] Started development of system allowing users to receive period notifications by email 2022-08-29 09:03:42 +02:00
iglocska c764bb0e8f
Merge branch 'log_last_api' into develop 2022-08-11 09:36:30 +02:00
Tom King de351faaac new: [internal] Add option to log last API request 2022-08-01 15:02:49 +01:00
Jakub Onderka 21f5f52988 chg: [internal] Unsubscribe code 2022-06-07 15:07:28 +02:00
Jakub Onderka c46fd203a9 new: [email] Unsubscribe 2022-06-06 18:09:46 +02:00
Jakub Onderka ccef2e4de2 chg: [internal] Cleanup code for statistics 2022-05-22 20:20:07 +02:00
Jakub Onderka 073bc4f74c fix: [UI] Warning when fetching PGP key 2022-05-22 19:59:11 +02:00
Jakub Onderka 8a4f402bf8 fix: [internal] Sending admin emails 2022-05-13 13:27:26 +02:00
Jakub Onderka 5e37283f6c chg: [internal] Cleanup code for adding and editing users 2022-05-11 16:25:46 +02:00
Jakub Onderka dba9d60ed9
Merge pull request #8180 from JakubOnderka/event_alert_default_enabled
new: [test] MISP.default_publish_alert
2022-05-07 12:48:54 +02:00
Jakub Onderka ece53cf11d new: [test] MISP.default_publish_alert 2022-05-07 12:39:29 +02:00
Jakub Onderka 5371623ad7 fix: [UI] Terms and Conditions 2022-05-07 11:46:13 +02:00
Jakub Onderka 9827449a37 chg: [UI] Asset loader for statistics 2022-05-02 10:05:05 +02:00
Jakub Onderka a007089486 chg: [internal] Do not use ajax layout 2022-04-28 14:51:21 +02:00
iglocska 01120163a6
fix: [security] Password confirmation bypass in user edit
- optional password confirmation can be potentially circumvented
- fooling the user edit via a request that sets accept:application/json whilst posting form content

- as reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army
2022-04-18 02:00:13 +02:00
Sami Mokaddem 69b0937ea2
fix: [user:getClientIp] Typo in variable name 2022-02-08 14:32:05 +01:00
Jakub Onderka 8835dc4a50 fix: [internal] Closing session for statistics 2021-11-25 14:14:41 +01:00
Jakub Onderka b100377a73 chg: [internal] Do not modify session when not necessary 2021-11-25 11:58:32 +01:00
iglocska 606962b21b
fix: [user creation] Don't create an advanced authkey by default when creating a new user
- nobody will see the initial key, users can always create API keys for themselves
2021-11-18 23:04:32 +01:00
iglocska f06edfd03d
Merge branch '2.4' into develop 2021-11-10 11:25:45 +01:00
iglocska fb6408dd4f
fix: [email OTP] subject tag fixed
- [MISP foo] to [foo MISP] to be aligned with other e-mails
2021-11-10 11:21:07 +01:00
Jakub Onderka 3e6e906ca6 chg: [optimise] Reduce number of SQL queries for login page 2021-11-06 00:54:58 +01:00
iglocska 773713e949
fix: [users] adding/modifying users fails silently for org admins if domain restriction checks fail 2021-10-06 15:54:52 +02:00
Sami Mokaddem ec4074f925
chg: [users:routeafterlogin] Allow forcing the pre-login URL to be HTTPS
This can be achieved by turning the setting MISP.forceHTTPSforPreLoginRequestedURL to true.
2021-10-06 09:09:06 +02:00
Jakub Onderka 1c58bd21b4 chg: [UI] PGP error message 2021-09-16 16:24:10 +02:00
Jakub Onderka af8ecbf5a2 chg: [UI] Sort orgs by name in statistics 2021-09-01 11:01:39 +02:00
Jakub Onderka c1aa6d51e8 chg: [optim] Little optimise sighting statistics 2021-09-01 10:54:36 +02:00
Jakub Onderka bcc499db1e chg: [internal] Optimise loading attribute histogram 2021-08-02 10:40:18 +02:00
Jakub Onderka 71bb08bf6a
Merge pull request #7538 from JakubOnderka/js-helper
chg: [internal] Remove JS helper from controllers
2021-07-21 10:40:11 +02:00
mokaddem e7fd73e50e
chg: [user:updateToAdvancedAuthKeys] Functionality accessible via the CLI 2021-07-16 15:13:55 +02:00
Jakub Onderka 10cd1ed65d chg: [internal] Remove JS helper from controllers 2021-07-02 10:04:10 +02:00
iglocska c71f4c9f2a
fix: [security] disable email uniqueness validation for the self registration 2021-05-28 10:37:01 +02:00
iglocska 72ccba98eb
fix: [OTP] identifier tag fixed
- was hard coded to [MISP]
2021-05-26 08:36:05 +02:00
mokaddem 0952609718
Merge branch 'develop' of github.com:MISP/MISP into migration-users-views 2021-05-05 15:03:07 +02:00