Andras Iklody
6b42f089cd
Merge pull request #5129 from JakubOnderka/array-copy-remove
...
chg: [users] Remove unused method UsersController::arrayCopy
2019-09-10 11:32:30 +02:00
Jakub Onderka
1cd2ff5ca6
chg: [users] Remove unused method UsersController::arrayCopy
2019-09-09 23:37:37 +02:00
Jakub Onderka
50a0f564c6
fix: [audit] Correct title in audit log when admin edit user
2019-09-09 19:34:38 +02:00
iglocska
75acd63c46
fix: [security] Fix to a vulnerability related to the server index
...
- along with various support tools
- more information coming soon
2019-09-09 13:00:21 +02:00
iglocska
5916de9d5e
fix: [API] Fixed output of the attribute histogram
...
- no more STIX-ish barf inducing numeric string keys for dictionaries
2019-08-27 10:34:29 +02:00
iglocska
96475f59f6
fix: [admin] Invalid domain restriction check for site admins, fixes #5035
2019-08-22 10:41:30 +02:00
iglocska
ed1e55b76b
fix: [API] Fixed an edge case when the attribute historgram throws a notice error
...
- no idea how to reproduce it, the organisation referenced in an event orgc_id not existing is a pre-condition
- fixes #4880
2019-07-29 16:28:42 +02:00
iglocska
64fafa1913
fix: [api fix] Deletes broken due to invalid boolean
...
- /facepalm
2019-07-10 13:55:33 +02:00
iglocska
ed401d88be
fix: [API] delete http requests properly accepted by some /delete endpoints
2019-07-10 11:57:21 +02:00
mokaddem
f850abcdaa
fix: [galaxyMatrix] Handle case if deprecated galaxy does not exists
2019-06-12 14:12:06 +02:00
mokaddem
52ae153c0e
Merge branch '2.4' of github.com:MISP/MISP into galaxyMatrixImprovements
2019-06-11 15:56:10 +02:00
mokaddem
11a4bdb959
chg: [restSearch:attack] Only expose attack return format to the `event`
...
scope
2019-06-11 15:50:51 +02:00
mokaddem
acef3a0168
chg: [galaxyMatrix:stats] Only take into account occurences of galaxy
...
once per event
2019-06-11 15:09:02 +02:00
mokaddem
fed5556976
fix: [galaxyMatrix:export] Removed multiple bugs providing inconsistent
...
result
2019-06-11 14:13:17 +02:00
iglocska
36b43f1306
fix: [security] Org admins could reset credentials for site admins
...
- org admins have the inherent ability to reset passwords for all of their org's users
- this however could be abused if for some reason the host org of an instance would create org admins
- the org admin could set a password manually for the site admin or simply use the API key of the site admin to impersonate them
- the potential for abuse is very circumstancial as it requires the host org to create lower privilege org admins instead of the usual site admins
- only org admins of the same organisation as the site admin could abuse this
- as reported by Raymond Schippers
2019-06-11 11:05:34 +02:00
mokaddem
4fafb1541c
chg: [galaxyMatrix] Transformed query into cakephp model query
2019-05-15 11:55:22 +02:00
mokaddem
0c69e739cc
new: [statistics:galaxyMatrix] Added filtering capabilities
2019-05-15 11:12:09 +02:00
mokaddem
4fbe857f90
chg: [galaxyMatrix] Added sorting by score. Fix #4608
2019-05-13 15:07:38 +02:00
mokaddem
d3013a9252
fix: [stats:galaxyMatrix] No longer trim the end of the cluster name
2019-04-23 08:49:04 +02:00
iglocska
7a1dbe4c1f
fix: [API] role_id is not required when POSTing users if a default role is set on the instance
2019-04-04 13:42:06 +02:00
4ekin
c32d3bce32
fix: Fixed i18n strings in Controllers
2019-04-02 16:57:41 +03:00
mokaddem
d60095112f
Merge branch '2.4' of github.com:MISP/MISP into galaxyMatrixStat
2019-03-15 11:18:34 +01:00
iglocska
7b34e8cacb
fix: [API] resetting the authkey didn't respond with the new key before, making automation difficult.
2019-03-12 22:03:34 +01:00
mokaddem
04798bf7e4
new: [galaxyMatrix] Added possibility to pick a galaxy to view it's
...
statistic.
2019-03-12 15:36:00 +01:00
iglocska
66ad17a1ee
new: [API] exposed change_pw function to the API, fixes #4256
2019-03-02 23:47:13 +01:00
mokaddem
1ed609872c
chg: simplified condition 2
2019-02-15 15:04:07 +01:00
mokaddem
7a2010fb0e
chg: [galaxy_matrix] TEMPORARY - Merge scores of both deprecated and mitre-attack
...
galaxy namespace for the matrix view.
This commit aims to still have correct scores in the galaxy_matrix until the fixMitreTags functions is not live and running
2019-02-15 14:41:55 +01:00
mokaddem
12ed3457e8
chg: [galaxy_matrix] cleanup in variable names to be more generic
2019-02-15 09:24:52 +01:00
mokaddem
a5653e86ea
new: [matrix] Replaced the Att&ck matrix by a generic matrix viewer,
...
allowing custom matrix to be displayed.
Also added the external id to the chosen input.
2019-02-12 13:59:51 +01:00
mokaddem
431529c81c
chg: [attackMatrix] UI: improved color scale - WiP
2019-02-11 17:54:29 +01:00
iglocska
9afd0d8600
fix: [redirect] Correctly redirect to the requested URL after a login, fixes #4005 , fixes #1301
2019-01-28 17:02:04 +01:00
iglocska
2d0259ce13
fix: [CS] coding standards script re-run
2018-11-23 14:11:33 +01:00
mokaddem
2152493dd0
chg: [users/emails] Better comments
2018-11-09 13:42:28 +01:00
mokaddem
6bb31fbb1d
chg: [users/email] Changed behavior of sending mail to avoid code duplication
...
If an additional parameter is passed to the url, it will only shows the result of submitting the form without the submission
2018-11-09 13:38:52 +01:00
mokaddem
296128fe54
fix: [users/emails] submission fix + cleaned code + comments
2018-11-09 12:12:06 +01:00
mokaddem
651861d1d8
new: [users/mails] Added possibility to send a mail to all users of the same organisation
2018-11-09 11:48:39 +01:00
mokaddem
9b44050e1c
new: [users/mails] add confirmation popup before sending mails
2018-11-09 11:23:32 +01:00
iglocska
333cafca76
chg: [statistics] Show % of users with pgp keys
2018-10-30 14:58:49 +01:00
iglocska
3bdcca617e
new: [statistics] Added local org and user/org counts
2018-10-30 14:51:27 +01:00
iglocska
c54538766e
Merge branch '2.4' into feature/api_rework
2018-08-21 13:39:34 +02:00
iglocska
1eded5f3c7
fix: [statistics] Solve the issue with the unfiltered total counters in the user and org statistics
2018-08-21 13:37:47 +02:00
iglocska
12ac58f0e1
fix: [statistics] fixed an issue where the org statistics didn't correctly apply the local filters
...
- both local and external just showed the sum totals instead of the individual pools
2018-08-21 13:34:59 +02:00
iglocska
f675fb8b29
Merge branch '2.4' into feature/api_rework
2018-08-17 14:49:09 +02:00
Sami Mokaddem
212c11290d
fix: [usersStat] allow fetching json of statistics/users
2018-08-13 11:39:25 +00:00
Anthony Vaccaro
1b68005bbe
Add a permission check to the change password page.
...
The 'MISP.disableUserSelfManagement' config variable is checked
when rendering the link to the change password page, but is not checked
when rendering the page itself. This could lead to unauthorised
password changes by users with existing accounts on the MISP
instance.
2018-08-13 15:55:51 +10:00
iglocska
0694263e15
Merge branch '2.4' into feature/api_rework
2018-08-09 16:51:20 +02:00
iglocska
4fa5834cbc
new: [PGP] Added fingerprint to /users/verifyGPG
2018-08-06 17:00:15 +02:00
iglocska
34ba484b06
chg: [cleanup] Removed todos from userscontroller that have become irrelevant
2018-08-04 22:48:19 +02:00
iglocska
a81894f14c
chg: [CS] Changed to PSR-2
...
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
2018-07-19 11:48:22 +02:00
iglocska
71bb60a702
new: [Statistics] Added a new tab to the statistics showing the user/organisation additions over the past month/year
2018-07-13 12:08:29 +02:00