Commit Graph

107 Commits (7416a9dd9716acb57bb48ee28286120b62069115)

Author SHA1 Message Date
Sami Mokaddem 7416a9dd97
fix: [logs:index] Fixed UI pagination in application logs 2024-04-25 14:46:22 +02:00
iglocska 7bd64bc23f
fix: [search] pagination fix 2023-10-02 15:30:17 +02:00
iglocska ed96864894
new: [logs] add time based filter 2023-09-14 14:14:51 +02:00
Luciano Righetti 1f4e2af37a fix: admin logs pagination 2023-04-18 16:58:35 +02:00
Christophe Vandeplas 9d51d143bb fix: [log] filter user logs on user_id not email 2022-12-06 13:08:31 +01:00
Jakub Onderka d4c6d9e40c fix: [internal] Cleanup for log controller 2022-12-01 15:26:17 +01:00
Jakub Onderka fbe66a26e8 fix: [test] Update after log change 2022-12-01 13:25:36 +01:00
Christophe Vandeplas b34933a4a5 chg: [logs] user can see own logs 2022-12-01 10:03:22 +01:00
Sami Mokaddem dccfc58a6c
chg: [logs:index] Allow to filter based on the created field in the UI 2022-10-14 15:30:00 +02:00
Sami Mokaddem 14ff17a6e8
chg: [workflows:index] Link to view workflow execution results 2022-06-24 12:18:52 +02:00
Sami Mokaddem a13c1a39e9
chg: [workflow] Improved logging capabilities and stop aborting execution if non-blocking module return false 2022-06-24 11:22:26 +02:00
Jakub Onderka b100377a73 chg: [internal] Do not modify session when not necessary 2021-11-25 11:58:32 +01:00
Jakub Onderka 439ec5cceb fix: [internal] Code cleanup 2021-08-23 17:03:44 +02:00
Jakub Onderka 10cd1ed65d chg: [internal] Remove JS helper from controllers 2021-07-02 10:04:10 +02:00
Jakub Onderka ad1b373766 new: [log] Audit log 2021-05-03 13:44:44 +02:00
Alexandre Dulaunoy 9e21aced11
chg: [LogsController] add missing EventReport in log search 2021-02-12 15:13:16 +01:00
iglocska 073c2530db
fix: [logs] aded eventgraph to log search 2021-02-12 15:05:11 +01:00
Jakub Onderka f4811def15 fix: [log] Allow to filter logs by org name 2021-01-20 09:20:22 +01:00
Jakub Onderka 42addaff45 fix: [log] Correctly handle limit and page params 2021-01-14 13:36:36 +01:00
Jakub Onderka b6cea13583 chg: [internal] Do not load sightings for event log 2020-12-31 09:55:37 +01:00
Jakub Onderka a635fb535d fix: [logs] Add missing AuthKey model to log search 2020-11-19 15:47:39 +01:00
mokaddem 7d07a631f2
chg: [galaxy] Added logging behavior for galaxies, clusters and relations 2020-11-12 11:18:36 +01:00
mokaddem db6d159f98
fix: [logs:admin_index] Removed bad usage of PHP's compact function
Fix #6543
2020-11-05 09:57:17 +01:00
iglocska c1d4b6547f
chg: [logs] search no longer uses csrf tokens for the form 2020-10-23 14:56:23 +02:00
Golbark 3a0bedb104 chg: [internal] Using Allowedlist instead of Whitelist 2020-09-01 16:28:20 +02:00
Golbark 3fb47d1cce chg: [internal] Using blocklist instead of blacklist 2020-09-01 16:27:36 +02:00
Jakub Onderka bc845719c4 fix: [audit] Show all attribute changes in event history 2020-07-02 15:47:16 +02:00
mokaddem f038fca803
chg: [logs:search] Added support of JSON return format 2020-04-14 10:48:58 +02:00
iglocska 23f1c9f51d
fix: [logs] pagination settings are lost when flipping pages after a search 2020-03-09 10:35:28 +01:00
Andras Iklody 0acaf546e7
fix: Make feeds a searchable scope in the logs, fixes #5501 2020-01-13 18:55:40 +01:00
mokaddem 813d222bf4
chg: [decaying] Added log entry if formula cannot be loaded 2019-09-12 14:10:17 +02:00
Jakub Onderka 4ef9595023 fix: Replace not exists MethodNotFoundException with NotFoundException 2019-08-14 21:27:05 +02:00
iglocska 36b43f1306
fix: [security] Org admins could reset credentials for site admins
- org admins have the inherent ability to reset passwords for all of their org's users
- this however could be abused if for some reason the host org of an instance would create org admins
  - the org admin could set a password manually for the site admin or simply use the API key of the site admin to impersonate them
- the potential for abuse is very circumstancial as it requires the host org to create lower privilege org admins instead of the usual site admins
- only org admins of the same organisation as the site admin could abuse this

- as reported by Raymond Schippers
2019-06-11 11:05:34 +02:00
iglocska 62f026ff8c
fix: [Logs] Event history missing proposal entries and deletions
Signed-off-by: iglocska <andras.iklody@gmail.com>
2019-05-13 15:57:00 +02:00
iglocska 756ac859d1 new: [API] Log search API now allows for last style time ranges using the created field 2019-02-06 17:47:51 +01:00
iglocska 2d0259ce13 fix: [CS] coding standards script re-run 2018-11-23 14:11:33 +01:00
iglocska 09ec9aecd6 new: [API] Added the log index/search to the API
- described in the templates / rest client page
2018-10-11 20:20:27 +02:00
iglocska a81894f14c chg: [CS] Changed to PSR-2
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
2018-07-19 11:48:22 +02:00
iglocska 68b8266584 new: New flash message system, fixes #3252
- 3 types of flash messages (success, error, warning)
- uses bootstrap's own classes/structure
2018-05-16 19:32:38 +02:00
iglocska 5f583df737 fix: log seach should allow form resubmissions 2018-04-18 15:20:53 +02:00
iglocska ee018011a8 new: Added a small diagnostic tool to debug the impact of a bug fixed in 2.4.89 2018-03-26 12:10:42 +02:00
iglocska 24ef3a311a fix: Add misp objects to log search filter 2018-03-04 15:01:13 +01:00
iglocska 5a4e8ef204 chg: Rework of the event history view, no more crazy slow parsing of all strings in the log table 2018-01-26 10:11:23 +01:00
iglocska 45d1ca3451 fix: Fix to invalid role check preventing users from seeing the org index, even if they should have access 2018-01-15 09:50:11 +01:00
iglocska 297802c2cb fix: Changed checks from isSiteAdmin to isAclSharingGroup for the org index anonymisation 2018-01-13 17:00:44 +01:00
iglocska 7772b9c43e new: Disable the viewing of a full organisation list by normal users
- Only site admins and sharing group editors can see organisation lists
  - this includes the org index and various statistics
- Keep in mind: Sharing group editors CAN see the full organisation list - otherwise they wouldn't be able to create sharing groups.
- Also, users CAN enumerate organisations that have created ANY data on the instance by looking at the given data
  - this includes events, proposals, discussion entries, etc
2018-01-13 16:55:01 +01:00
iglocska 31e1a19f13 fix: Don't cull the list of possible models based on existing data for the search logs view
- slow and useless
2017-12-05 11:37:51 +01:00
iglocska 2f824e3833 fix: History is now available via the API, fixes #2111 2017-04-05 13:29:51 +02:00
iglocska 48843b60ec fix: Fix and cleanup script for a specific bug
- rare occurance, but some MISP servers enter an upgrade loop causing massive amounts of log entries
- this patch cleans up the bug preventing further upgrade loops as well as offers a script to clean up the fallout
2017-01-30 09:16:43 +01:00
iglocska cc7242f0c9 new: Add e-mail in event history view, fixes #1389
- Only visible to site admins and org members
2016-08-27 23:53:41 +02:00