Merging all the new changes from master
Conflicts:
VERSION.json
app/Console/Command/AdminShell.php
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Model/Attribute.php
app/Model/Event.php
app/Model/Log.php
app/Model/Server.php
app/Model/User.php
app/View/Elements/side_menu.ctp
app/View/Pages/administration.ctp
app/View/Users/admin_index.ctp
- The event export buttons have been unified into a single download as... button
- clicking it loads a popup with all of the export formats
- added snort, suricata, text dump to the export options
- added the option for an extra setting for some exports (such as including non IDS flagged attributes, encoding attachments)
- easily extendable system
- moved the hidden popup divs into the general layout, can be easily reused anywhere
- removed the auth refresh option that was re-enabled recently as it seems to sometimes cause issues
- text exports now allow "all" to be specified as type, which will dump all attribute values that the user can see
- text exports now allow restricting the results based on event id
- shows both orgc and org to normal users
- naming convention changed (orgc => source org, org => member org)
- this should allow users to see if an event was generated on their instance or not.
- Tags are now fully shown on the event index
- can be enabled via bootstrap (the Configure::write setting is in the bootstrap.default.php file)
- shorthand distribution names
- narrowed some of the fields down
- new special role for tagging
- can create tags with a name + colour combination (using a colour picker plugin)
- users can assign tags to events
- can filter events by tags on the index
- upgrade script that populates threat level from the old risk field for every event that doesn't have a threat level set.
- threat levels in an event (from a sync for example) that are unknown to the local instance now show the numeric value of the threat level
- Valid renamed to Published on the event index
- Attributes that are flagged as IDS signatures are now shown with a (IDS) notation at the end of the line in the alert e-mail
Also, more work on the background jobs
- started work on publishing
- started making the background jobs an optional setting in bootstrap
Conflicts:
app/Controller/AppController.php
app/Controller/EventsController.php
- Event.risk has been replaced by Event.threat_level_id.
all functionality remains the same and users should not see
any difference.
ENUM() used for Event.risk is vendor specific and requires
too many hacks to play nicely with bake.
- Added default schema file, SQL dumps should be avoided since
they make updating/upgrading a pain.
- Removed old unused schemas
- Users can now see the path they took while jumping from related event to related event
- Removed the breadcrumbs
- Some UI changes (user menues were not showing the active page, etc)
- removed the e-mail for non site admins from the event index (they can
still see it in the event view if the event was created by the same org)
- added a text MISP logo
- smaller icons for the event index
- siteadmins can now search the creator org instead of the owner org
(like normal users would)
- Changed the org search to be a partial match instead of an exact match
- email of the user creating an event shown if current user's org ==
event's orgc
- on export, the check for to_ids will happen outside of the if branch
that sets extra restrictions of non site admins. Otherwise site-admins
would accidentally include attributes that aren't iocs.
- old versions of IE didn't handle an incorrect form creation as gracefully as the other browsers
- forms should not be created within a table unless it's within a <td> (it was
on <tr> level before). The normal solution would be to encapsulate the
entire table in a form, but since we have formlinks for the deletes /
publishes this would get flagged as form tampering by the security
components.
- As a fix, filter forms are created separately for the 4 search fields within their <td> now with hidden fields that keep the persistence of the previously
entered filter terms
- Fix to the proposed attribute edit that got broken in a previous
commit
- Fix to the org filters for non admin users
- Some changes to the documentation
- there was a bug that pushed the data entered into the "published"
filter field to the date fields -> fixed
- Also a bug in the serverscontroller, pulling threw an undefined
warning from the log controller because a single saveField was used and
the logController couldn't save the url data for the action
- visual changes
- date from/until fields
- published field
- a reset form button
- the org of an event added by a sync user will be that of the host
instance's own organisation identifier
- Fixed issues with the sync
- Secondary publishes on remote servers failed
- Introduced new fields in events to stop backward traverse of
edit information that lead to low performance and eroneous
distribution information updates when more than 2 servers were
linked
- Deletion of an attribute now deletes on remote servers
- Changes to the event ownership
- Original creator org now noted in the event itself
- Only original creator org can change distribution
- Events will show up with the original creator org for users
(admins can see both that and the owner of the event on the
local instance)
- Server.organization now used in junction with the connecting
user's org and the instance's org (from the bootstrap) to
determine distribution flow control and access rights
- Lots of minor changes
1. Some errors fixed in the way redirects worked for org admins
2. fixed some double sanitization resulting in incorrect characters
displayed in certain fields
-Analaysis levels setable for events as per milestone item 94
-Password change forced as per milestone item 109
-Added feedback on entered search terms for search attributes
-fixed the authentication issue
-some minor fixes
conform latest, having:
- Your organization only
- This server-only
- This Community-only
- Connected communities
- All communities
Push is tested, pull not yet.
if distribution is All, so not displayed in an index nor in attributes
per event, there is missing a line-part in IE.
Did add 1 space for All, this will maybe display the line-part again.
William Robinet