- quick e-mail: send an e-mail to a user quickly
- orgadmin: see the org admins of a user and contact them
- pgp key issues shown on the user view
- pgp fingerprint shown on the user view
- copy paste auth keys and pgp keys quickly by clicking on them
- first iteration, this is a bit more complex to get it right than this implementation
- data cleanup to make the results somewhat more useful
- raw data needs to be documented
- available APIs:
- /users/statistics/data.json
- /users/statistics/orgs.json
- /users/statistics/tags.json
- /users/statistics/attributehistogram.json
- brought back the quick organisation overview as it's a much missed feature
- added treemap for tags
- brought attribute histogram into statistics page
- more coming in the future
- User edit had an incorrect check that allowed a normal user edit on a different account within the same org
- Also removed the deprectated option for this function to be used by org/site admins to be used as an alternative to the admin edit
- as reported by: Vytautas Paulikas and Robert Giruckas from SEC Consult.
- The following urls are now available via the API:
- /admin/users/add
- /admin/users/edit/id
- /admin/users/view/id
- /admin/users/index
- /users/resetauthkey/id
- For add and edit, sending a GET request will describe the APIs
- New API response system's initial implementation, to be used for other APIs in the future
- standardised responses
- standardised error codes
- convenience functions
- TODO:
- tie non admin functions into the APIs (maybe?)
- reuse the new API system for other APIs
- highlight deleted users
- use the same index for the org user view (without the filter options)
- fixes the pagination of the users when viewing it through the organisation view
- Moved the bruteforce protection directly to the login action
- Fixed the datetime format used by the protection
- Cleaned up the logging of failed attempts
- removed incorrect, useless boiler plate comments
- kept useful comments intact
- added some missing line breaks to make the codebase a bit more uniform
- removed some obviously obsolete TODO comments
backticks are only necessary to escape reserved keywords.
as backticks are MySQL-specific, having them only where really necessary
makes integrating support for other DBMS easier.
Grouping by Organization.name will throw a MySQL error
"Syntax error or access violation: 1055 Expression #3 of SELECT list is not in GROUP BY clause and contains nonaggregated column 'misp.Organisation.id' which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by"
in "Request URL: /users/memberslist" , since Organization.name is not a unique field. Grouping by Organization.id instead will fix the issue.
- not authenticated users now automatically get redirected to the login page, no matter what action they requested
- This as a nice side effect also removed the bug that was caused by a site admin looking at an admin function before logging out / timing out and being incorrectly redirected to /admin/users/login
- users can now be disabled by an admin
- disabled users cannot login (via the UI or the API) and will be informed
- login attempts by disabled users are logged
- also added the expiration field for later use
- Changing the auth key now creates a log entry that inclues the user's ID, e-mail address old and new autkeys
- Also removed the logging of the hashed password for newly created users
- as discovered and reported by Egidio Romano of Minded Security
- Lacking checks of HTTP methods in some functionality could lead to a site admin uploading and executing malicious scripts
- Tightened HTTP method verification across the board for actions that modify data
- Turned some administrative tasks to POST only actions
Merging all the new changes from master
Conflicts:
VERSION.json
app/Console/Command/AdminShell.php
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Model/Attribute.php
app/Model/Event.php
app/Model/Log.php
app/Model/Server.php
app/Model/User.php
app/View/Elements/side_menu.ctp
app/View/Pages/administration.ctp
app/View/Users/admin_index.ctp
- OpenIOC import now correctly sets IDS flags based on type
- OpenIOC import specifies the source file in the comments
- Fixed a blackhole issue with the password reset popups
- MISP will now fetch a list of all keys matching the e-mail address from the MIT server from the user edit view
- A popup will present all the matching keys (with the creation date, key ID, email addresses associated - and the fingerprint when hovering over them)
- Once the admin clicks on one, it will fetch the desired key
- future enhancement possibility: move the second stage (the actual key fetch) to the server side instead of a direct ajax query from the user's browser
- HIDS exports did not include filename|hash types
- Sending a password reset / welcome message picked the opposite subject line
- line breaks were sent as literals.
- Reworking the way e-mails are sent - all of it goes through a centralised e-mail method
- just pass the recipient, recipient encryption key collection, body, alternate body if the message cannot be encrypted, subject, reply to address and pgp key for reply to along and the method will do the rest
- encrypt if possible, check if sending without encryption is allowed, signing, adding attachment for reply to encryption key, using alternate sanitised body if it is enforced for accounts that cannot use encryption is all done in one place
- easy to maintain and expand with future changes (such as the S/MIME pull request on github)
- new role permission added for SG editors
- roles reworked, permissions all looked up centrally from the role model instead of code replication across controllers and views
- user filtering now correctly uses organisation objects instead of org strings
- use terms file as before if nothing else specified
- specify a file in the app/files/terms directory via the server settings tool
- specify whether to show it inline or create a download link for users instead
- by default everything is the same as before, except that the MISP installation path is no longer exposed by a non-existing terms file
- AJAX requests now also respond with a small message at the bottom of the page, notifying the user of the result
- The following actions work now on the event page via ajax:
1. Add / remove tags
2. quick edit any attribute field if eligible
3. quickly create a proposal of any attribute field if not eligible to edit
4. popover attribute creation (also works with batch add)
5. popover proposal creation (also works with batch add)
6. delete attributes
7. accept/discard proposals
8. mass edit / delete attributes
Also, replaced the old memberslist, with a small lightweight css/js based one.
- Viewing an event without a discussion thread creates an empty thread in preparation of future posts - these empty threads should not count as active threads though.
- contributors shown on the event view (list of the organisation logos of users that have contributed through proposals)
- these link to the event history containing only entries from their organisation
- changes to the activity heatmap
- heatmap now dynamically changes the range on the graph based on the obtained values
- performance improved
- buttons to move back or forward in time on the calendar
- Attributes:
- warning for the user if he/she has selected the attribute category "targeting-data" or "attribution" as these could contain classified information
- UI improvements across most attribute and shadowattribute input views
- Updated cal-heatmap to the newest version
- cleaned up the methods, they all now return results without debug mode enabled
- Added a verification method for all user GPG keys (as an expired key for example would send out empty messages)
- Statistics page has gotten a lot of extra information
- Removed some old junk files
- Made the size of the graph in the memberslist larger to fit all the new attribute types
- reworked almost all of the side menues to be centralised
- Some fixes for the IOC export not handling two new-ish types correctly
- Some changes to the menues (including a few options that didn't exist before)
- rework of the popovers in some forms
- ADMIN org removed.
- Siteadmins are now identified by the perm_site_admin flag
- Siteadmins can now be of any organisation
- editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role
- Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin
- If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created)
- Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin.
- Resetting the auth key for a user that doesn't exist created an empty
user
- change_pw showed an admin menu on the side
- rerouting after an incorrect auth request fixed (users/index doesn't
exist)
- temporarily disabled the redirect after login
- the date for a new user was not set and defaulted to 0000-00-00 - this
caused an issue when the user was edited and the admin was either
prompted to change the date manually or the date was set to 2033.
- date for newsread is now initially set to 2000-01-01
- Orgs can propose new attributes or changes to existing attributes for
events that they do not own
- publishing users of the owner organisation can see, accept or discard
them
- Reworked the access control
- minor fixes
- site admins able to contact users by e-mail from within the system
- PGP encrypted where available
- Password reset with automatic temporary key generation
- all of the above options have a mass-email version where every user is
contacted at once
- Potential new users can be contacted too (GPG key can be supplied)
- Links get validated now to filter malicios code
- removed a double edit button in the case of an admin editing himself
- fixed an error with adding new attributes
- perm_auth new toggle, can disable auth key usage for a role
- prevents sync / rest with a perm_auth == false key
- some changes to sync to provide better feedback on why it failed
- rewording of distribution options
-Analaysis levels setable for events as per milestone item 94
-Password change forced as per milestone item 109
-Added feedback on entered search terms for search attributes
-fixed the authentication issue
-some minor fixes
The writing of the log in User was done by me using calls to the PHP db
driver (during my second or third day). Very wrong given that is driver
and db dependant. Now use CakePHPs calls to have abstraction.
iglocska