6b43b94811
More changes to the sync
...
- pushes are now taking into account the push_rules and pull_rules fields
2015-04-26 20:13:34 +02:00
ad1a15f36e
Work on the sync
...
- commit to update secondary test instance
2015-04-26 13:21:51 +02:00
4ef36d473f
Allow login via header for getVersion
2015-04-26 10:58:08 +02:00
ee3e2b0007
Version negotiation
2015-04-26 10:55:39 +02:00
38f50e3917
Finished the connection test tool
2015-04-21 00:31:43 +02:00
9f1d47b6bc
Added connection test
...
- also a fix to checkAuthUser
2015-04-20 23:49:18 +02:00
3bbaae6439
New Server add / edit
...
- add the remote organisation while adding a server
- remote organisation can be chosen from the list of local or known remote organisations. Alternatively a new remote org can be created on the fly
- Several UI changes
2015-04-20 22:36:29 +02:00
00dd47ef5e
Server moved to new org object
...
- relation added
- index updated
2015-04-20 15:12:36 +02:00
e0ef372392
Merge branch 'master' into feature/sg
...
Conflicts:
app/Controller/EventsController.php
app/Controller/UsersController.php
app/Model/Event.php
2015-04-12 10:40:31 +02:00
1afa15120f
Further work on the sharing groups
2015-04-07 00:24:44 +02:00
75f93641dc
Use isOK() for version check
2015-03-19 15:09:54 +01:00
850e4bd19f
Catch HTTP error codes
2015-03-19 14:05:10 +01:00
2f58fdec0d
Catch invalid proxy configuration
2015-03-19 13:33:17 +01:00
106b6cb06b
Allow SyncTool with empty $server
2015-03-19 13:03:16 +01:00
0e66ff140f
Use SyncTool for diagnostics
2015-03-19 12:31:35 +01:00
b62032fc7b
Fix typo
2015-03-19 12:20:16 +01:00
2ccab722d7
Add proxy section to server diagnostics
2015-03-19 12:15:28 +01:00
6b6c62bd53
Fix to the new sync issues since 2.3.39, fixing #365
...
Incorrectly trying to look up authenticated user in the model fixed
2015-01-15 13:46:11 +01:00
cedaac360a
Fixes to the scheduled tasks and some documentation issues
...
- Scheduled pulls should work correctly now
- Scheduled pushes and pulls correctly display in the logs
- Scheduled caching correctly sets the next date of execution
2015-01-12 17:35:08 +01:00
aa492066d8
Diagnostics check fails on PGP check if the server's key is a sign only key
2014-11-14 13:12:40 +01:00
4568589044
File management added and various small changes
...
- Important! Logo images have now moved to a different location! Make sure that you update your settings!
- Site admins can now manage the uploaded image files and the terms of use file via the server settings interface
- add, link, delete files directly from the interface
2014-10-29 15:20:30 +01:00
035dfc8b12
Made the version check exclusive to the diagnostics tab
2014-10-27 17:21:57 +01:00
6d73409b90
Version check tool added
...
- check the latest tag on github and compare it to the local version
- from here on all hotfix, minor, major releases should be tagged apropriately.
2014-10-27 16:03:43 +01:00
c2a4a993ba
Incorrect script tmp directory checked in the health tool
2014-10-07 15:55:40 +02:00
45cb52ca3f
Cleanup of the worker health tool
2014-09-26 14:28:52 +02:00
e6bf73761e
UI redesign of the template and worker health
...
- UI of templates a bit clearer
- Worker health tool added to the server settings tool
2014-09-24 15:35:25 +02:00
fa367febfa
Download of the settings/diagnostics results implemented
...
- Should help with trouble shooting, administrators can now download a json file containing all the settings and issues shown by the tool.
2014-09-11 11:30:32 +02:00
1058e418b9
Added the new server settings to the menues
2014-09-11 10:07:06 +02:00
34cc73b21a
Several changes for the diagnostic tool
...
- Added extra diagnostic tools
2014-09-10 16:55:34 +02:00
2521106254
Reworked the server settings for boolean settings and settings that have a few options as values.
...
- Toggles instead of free-text
2014-09-10 10:37:58 +02:00
79127902b7
Cleanup, MISP health tool
...
- cleanup of a lot of deprecated settings
- tool to help assess and alter issues with the instance settings
- new mechanism to store settings
2014-09-10 09:43:22 +02:00
11b1ff6926
Changes to uploading a ca file for a server link
...
- create folder if it doesn't exist
- correctly save file if edited
2014-02-17 11:40:44 +01:00
722f17f38d
Deprecated flag used to check it sync is enabled
...
- fixed, now correctly looking for MISP.sync
2014-02-14 10:27:09 +01:00
70c7f650f6
Changes to the logging and scheduling
...
- Scheduled tasks for pull / push now working as intended
- Rescheduling of all tasks fixed
- protection against the rescheduled task ending up in the past
- further event history fixes
- fixed lots of erroneous logging
- performance improvement with logging (no longer loading controllers for no reason)
- logging extra actions that weren't logged before (proposal accept / discard, server pull / push)
2014-01-29 15:52:09 +01:00
467408d9f7
Org admins should be able to delete / edit their own server links
2014-01-24 10:43:07 +01:00
fb7f084e70
Permission issue with delete servers
...
- fixed a bug that prevented the deletion of sync links
2014-01-24 10:40:46 +01:00
a9d945ff19
Changes to the sync action pages
...
- fixed access control
- any admin can now encode new servers. Org admins can pull/push for their own instances.
- Upload certificates during an edit
2014-01-21 16:41:32 +01:00
c10d3e9b95
SSL certificate changes
...
- you can now upload a certificate file and allow a server link to use a provided self signed certificate. This should solve the issues that some organisations are having when trying to connect their instances
2014-01-16 08:47:25 +01:00
cbcd7ac625
Some small fixes
...
- Corrected some weak notifications on background jobs
- Changed the view slightly to view background jobs
- fixed an issue where editing a sync server setting would cause an error due to the id not being passed to the logging plugin
2014-01-07 11:08:21 +01:00
c6fd29fb29
Several features
...
- Sync for background jobs (pull + push)
- more e-mailing delegated to background jobs
- A bunch of bug fixes and minor changes
2014-01-06 05:15:47 +01:00
a380ab444a
Work on the background job and the proposals
...
- Proposals now get synced on pull
- several bug fixes
- new startup script for the background workers
2014-01-05 21:30:39 +01:00
2b11a78e22
Merge branch 'feature/roleChanges' into feature/XML_and_UI
...
Conflicts:
app/Controller/UsersController.php
app/View/Regexp/admin_add.ctp
app/View/Regexp/admin_edit.ctp
app/View/Regexp/admin_index.ctp
app/View/Roles/admin_add.ctp
app/View/Servers/add.ctp
app/View/Servers/edit.ctp
app/View/Servers/index.ctp
app/View/Servers/pull.ctp
app/View/Servers/push.ctp
2013-10-25 10:39:18 +02:00
3c58e0071a
Further work on the UI
...
- reworked almost all of the side menues to be centralised
- Some fixes for the IOC export not handling two new-ish types correctly
- Some changes to the menues (including a few options that didn't exist before)
- rework of the popovers in some forms
2013-10-24 16:41:42 +02:00
d27ddee207
First rework of the siteadmin role
...
- ADMIN org removed.
- Siteadmins are now identified by the perm_site_admin flag
- Siteadmins can now be of any organisation
- editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role
- Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin
- If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created)
- Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin.
2013-10-03 11:45:27 +02:00
a5c100309b
Fixes to the Shadow attribute e-mailing
...
- E-mail locks are now correctly reset by discarding / accepting a proposal
- Also, new index page to see the list of proposals that a user can accept
2013-09-03 15:29:44 +02:00
932f5b89df
Introduced a typo in the previous commit.
2013-08-12 17:31:45 +02:00
285ff481a5
Further updates to the sync
2013-08-12 17:23:32 +02:00
8e8f41ab13
Fixes in server push
2013-07-17 14:27:51 +02:00
2424cbbf26
Server push lower memory footprint solving OoM problem.
...
Enabled per-id push like pull
2013-07-17 14:06:24 +02:00
e13c2e883c
fixing problems in pull with distribution data validation
2013-07-16 15:28:04 +02:00
66ce874b99
do not change 'info' field upon pull (was: Imported from $url)
2013-07-12 10:34:59 +02:00
3e9a967188
Removal of some references to the old private flag
2013-07-11 17:25:47 +02:00
5948a7c329
Several copy paste failures fixed in the previous commit
...
- /facepalm
2013-06-27 17:57:33 +02:00
8cdf97ff66
ACL checks changed
...
- until now checkAction was used to check permissions of a user
- but since all of the role permissions are checked beforefilter in
appcontroller and saved into a public array, doing a lookup of the
array saves an SQL call for each permission check.
2013-06-27 17:53:36 +02:00
8fe83c333f
micro cleanup of servers index
2013-06-19 14:58:48 +02:00
da3580de35
little bit more details about sync errors
2013-06-19 12:13:45 +02:00
dbf1065b3b
sync pull backwards compatibility with MISPv2
2013-06-18 11:19:43 +02:00
3b28d6f1e8
(workaround) better error message when HTTP problem with Server Pull
2013-06-18 09:12:09 +02:00
1635d99d8f
Pull can not edit events / attributes
...
- added the _edit method in EventsController
2013-06-11 00:41:43 +02:00
040227d66a
Some more fixes to the sync
2013-06-10 23:34:47 +02:00
f8f290375e
Further changes to the degradation of the distribution
2013-06-10 23:00:45 +02:00
cb3ac8be15
Changes to the event filtering
...
- there was a bug that pushed the data entered into the "published"
filter field to the date fields -> fixed
- Also a bug in the serverscontroller, pulling threw an undefined
warning from the log controller because a single saveField was used and
the logController couldn't save the url data for the action
2013-06-06 10:24:27 +02:00
0614db919e
fixes information leakage vulnerability on REST XML outputs
2013-05-22 10:52:03 +02:00
62a3da46f2
removed useless hop_count
2013-05-22 08:18:34 +02:00
0eec208b45
Further changes to the authorisation
2013-04-26 15:46:39 +02:00
eeaa071024
Removal of the remains of the old authorization / adding new ones where
...
needed
2013-04-26 14:43:44 +02:00
5c0fc36b79
fix sanitization in Servers #96
2013-04-24 12:23:03 +02:00
3e89c80d09
Removed some obsolete code
...
- getName functions removed
- Fixed a reference to it in the logable behaviour
2013-04-18 08:49:59 +02:00
9a6733acfd
Removal of deprecated code
...
- The flag private is deprecated, removed together with the code that was
affected by it
2013-04-17 11:13:09 +02:00
32dc28adb9
Update to the admin privileges
...
- Changed the requirement for a lot of functions to be site admin as
opposed to admin.
2013-03-05 15:19:58 +01:00
fad8e809ad
Minor changes
...
- some changes to the access control
- re-renabled regexp and blacklists, will need a closer look though
- editing a role should update ACL
- some other minor things
2013-02-21 17:24:41 +01:00
0f947085cb
Reworked the sync / release control
...
- Fixed issues with the sync
- Secondary publishes on remote servers failed
- Introduced new fields in events to stop backward traverse of
edit information that lead to low performance and eroneous
distribution information updates when more than 2 servers were
linked
- Deletion of an attribute now deletes on remote servers
- Changes to the event ownership
- Original creator org now noted in the event itself
- Only original creator org can change distribution
- Events will show up with the original creator org for users
(admins can see both that and the owner of the event on the
local instance)
- Server.organization now used in junction with the connecting
user's org and the instance's org (from the bootstrap) to
determine distribution flow control and access rights
- Lots of minor changes
2013-02-19 15:37:35 +01:00
e88a3a9cf7
Updates to security
...
- perm_auth new toggle, can disable auth key usage for a role
- prevents sync / rest with a perm_auth == false key
- some changes to sync to provide better feedback on why it failed
- rewording of distribution options
2013-02-06 17:45:43 +01:00
5706fe183f
Redirect for ServersController
...
Added redirect for index in case of non sync users
2013-02-06 08:34:41 +01:00
4d0fe60347
Corrected a typo preventing the sync from working
2013-01-30 14:02:36 +01:00
97f56a2275
Further changes to org admins
...
org admins can manage their own server connections
org admins cannot see other orgs' users in the users list
2013-01-29 08:56:38 +01:00
8d88bcb2b5
Fix for the synchronisation
...
An error in the pull fix broke the push/publish feature. Fixed.
2013-01-27 21:27:58 +01:00
3d40095547
coding standards
...
Coding Standards.
2013-01-25 07:51:20 +00:00
24b10579ad
Pull fixed
...
Fixed the issues with pull, should work fine now
2013-01-24 17:32:57 +01:00
d89ab91dee
coding standards
...
Coding Standards.
2012-12-18 16:44:07 +00:00
52a7625a9d
Source Code Review
...
sanitize everything displayed from the db.
(and some small coding standard whitespaces)
2012-12-12 14:01:00 +01:00
1e4597c009
distribution
...
if distribute upstream, do not alter org, user_id nor distribution
settings.
2012-11-28 11:09:08 +01:00
4c31bb06cc
sync
...
lastpushedid reminder.
2012-11-26 15:37:10 +01:00
b00cc0e8b2
sync & code
...
a new NameController() needs $Name->constructClasses().
odd this ever did work before (CakePHP 2.2.2 versus 2.2.3 diff?).
2012-11-20 13:55:53 +01:00
5a35e1a918
sync & merge
...
merged develop with master and have to alter ServersController a little.
2012-11-20 11:14:57 +01:00
957b3e27b8
Merge branch 'master' into develop
...
Conflicts:
app/Controller/ServersController.php
2012-11-20 11:01:18 +01:00
8b3903cde6
sync
...
push from v2 to v1.
2012-11-20 09:54:54 +01:00
52c9114694
sync
...
array correction done so no 2 kinda the same tests during pull.
2012-11-19 13:42:41 +01:00
8f70b7ce9e
sync
...
sync attributes on pull.
2012-11-19 09:13:08 +01:00
d3cf89660b
sync
...
conform the new distribution.
pull on events works too.
2012-11-19 09:02:43 +01:00
1cddb6abe0
distribution
...
conform latest, having:
- Your organization only
- This server-only
- This Community-only
- Connected communities
- All communities
Push is tested, pull not yet.
2012-11-16 15:25:57 +01:00
ea0ab59e4f
code standards
...
corrections toward code standards.
2012-11-14 17:16:36 +01:00
dd979f7325
sync
...
make pull work on an event with just one attribute.
2012-11-09 13:01:00 +01:00
d55f226275
distribution
...
now attributes do work same for pull like push.
2012-11-05 12:49:51 +01:00
29c966810e
distribution
...
let pull behave same way as a push in regard to distribution.
2012-11-05 10:24:50 +01:00
39abe9e589
Distribution
...
distribution changes conform func.spec.
2012-10-29 16:49:04 +01:00
311a09e2b0
fixes bug 87 - on import of existing event: event info changed, tagged
...
private. Also fixes events tagged private when added using REST api.
2012-10-19 13:28:32 +02:00
8f3d624c1a
Merge branch 'master' into develop
...
Conflicts:
app/Controller/AppController.php
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Controller/ServersController.php
app/Controller/UsersController.php
app/Model/Attribute.php
app/Model/Event.php
app/Model/Server.php
app/Model/User.php
app/View/Attributes/edit.ctp
app/View/Attributes/index.ctp
app/View/Elements/actions_menu.ctp
app/View/Events/add.ctp
app/View/Events/index.ctp
app/View/Events/view.ctp
app/View/Events/xml/view.ctp
app/View/Servers/index.ctp
app/View/Users/admin_index.ctp
2012-09-24 16:02:01 +02:00
1d04652476
CakePHP Coding Standards
...
changed to camel caps format where needed.
2012-09-19 11:05:10 +02:00
94a367c2f5
CakePHP Coding Standards
...
http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html
Eclipse:
Window->Preferences
General->Editors->Text Editors
Displayed tab width: 4
Insert spaces for tabs NOT
PHP->Code Style->Formatter
Tab policy: Tabs
File->Convert Line Delimeters To->Unix [default]
http://mark-story.com/posts/view/static-analysis-tools-for-php
for instance:
phpcs --standard=CakePHP app/Model/
Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
Iglocska