- download event as JSON now has the option to include attachments
- switched to using the restsearch api instead of the deprecated /events/xml API
- added attachment inclusion to both restsearch apis
- fixed some bugs with the API
- contact e-mail recipients were incorrectly set resulting in the e-mails landing at the wrong recipient
- disabled users were not excluded from certain e-mails
- allows a site admin to merge all objects belonging to an organisation into another
- this can be useful if duplicate organisations exist for example
- the tool overrides the built in mechanism and should only be used if absolutely required
- at the end of the process the original organisation is removed
- the tool generates 2 files that are dropped in the log directory of MISP
- 1 contains a JSON with all the changed fields and the IDs
- 1 contains an SQL script that allows an admin to revert the changes
- invalid search on the org field, a remnant from 2.3
- didn't cause exceptions on migrated issues as the field isn't removed post upgrade
- throws an exception on fresh installations
- fix now correctly looks up organisation names matching the entered string and uses the result set to filter the events
- proposals were not synchronised during pulls due to a bug
- affects both 2.3 and 2.4, the bug comes from the switch to json
- missing JSON view for proposal interface
- Also, 2.4->2.4 the organisation objects were incorrectly ommited from the sync
- Fixes:
- reverted back to XML for the old style proposal exchange
- 2.3->2.4 is now fixed
- 2.4->2.4 below 2.4.7 version will still not synchronise proposals on pull
- Proposal pull reworked
- requires 2.4.7 on both ends or higher
- proposals are now synced in one go
- massive increase in speed and reduction of log entries
- Proposal e-mailing reworked
- tied into the new 2.4 e-mailer, which was left out on 2.4's release by accident
- triggers correctly now when a proposal is added (also on pull)
- some performance tuning for the restSearch API
- fixed an issue where overriding the contain parameters in the attribute fetcher would lead to an exception
- fixed an issue where accepting a proposal would try to copy the sharing group of the event incorrectly (it now simply gets set to inherit event)
- fixed an issue with the rest search API failing when some fields were not set
- Fixed a typo that prevented the event level parameters to be used in the CSV export
- Fixed an issue where adding the contextual info in a CSV could lead to an invalid CSV if an event info field had a linebreak in it
- Tuned the performance of time based filtering (until now it would lookup events that should have been excluded in the first place, only to throw them away after the lookup again)
- added indeces to the MYSQL.sql file
- contributors now looks for shadow attributes instead of log entries (should make the event view much faster and resolve some timeout issues on sync when the log is massive)
- the process of detecting and editing existing attributes did not account for a case where the uuid is not set for an attribute and therefore should be saved as a new attribute. Fixed
- resolved a missing variable issue on event views with no posts fixes#753
- removed some obsolete code
- sorted tags on the event view when assigning one to an event by name, fixes#416
modified: app/Model/Taxonomy.php
- if a sync user adds / edits an event with a newer version of a sharing group
and the sync user is the local sync user of the SG or is an extender of the SG
then the sharing group will be updated
- valid changes:
- Sharing group metadata changes
- organisation detail changes (except uuid/name)
- add / remove extend flag from orgs in the SG
- add / remove all_orgs flag from servers in the SG
- org filters now accept org ID or org Name as parameter, fixing the sync filter
- Also, fix to saving sharing group IDs on sync edits on an attribute level
- corrected the edit access rights for sync users with sharing groups
- Various fixes to the organisation sync and how creation / modification dates are transmitted
- Internal format differences compared to 2.3 causing mismatched field lookups fixed
- Double sanitisation when edditing an attribute/proposal comment removed
- Fixed an issue where an ip/resource was recognised as a CIDR notation IP range instead of a url
- Changed the flash message for publishing without e-mails to something less scary
William Robinet