MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
13,459 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

3780 Commits (745512e71e09580ae533a1e14dfc3026cd9f9cd2)

Author SHA1 Message Date
mokaddem 7be53e6b5b
chg: [decaying:tool] Added table filtering buttons 2019-08-19 11:59:40 +02:00
mokaddem d31f34fed0
chg: [decaying:index] Added quick filter buttons 2019-08-19 10:57:58 +02:00
iglocska e296288f59
chg: [version] bump 2019-08-16 19:04:17 +02:00
mokaddem 8d8526977d
chg: [decaying] Slightly improved `Model/DecayingModel` with shortcuts 
code quality and options
 2019-08-16 16:52:36 +02:00
mokaddem d813460118
chg: [decaying] More consistency about `parameters.settings` when empty 2019-08-16 15:42:01 +02:00
mokaddem 128cdb7744
chg: [decaying] Renamed function and started true implemention of ACL 
for models
 2019-08-16 10:52:00 +02:00
mokaddem 3a356a51e4
chg: [decaying] Added restricted edition and `all_orgs`` flag - WiP 2019-08-16 10:33:58 +02:00
iglocska e8c5dba4f3
new: [API] get a single server setting via /servers/getSetting/[setting_name], fixes #4964 2019-08-15 20:01:36 +02:00
iglocska 591b83405b
fix: [internal] Feed lookup by UUID removed as feeds don't actually have UUIDs, fixes #4998 2019-08-15 19:49:55 +02:00
iglocska 85a9926b07
fix: [ToolboxComponent] fixed model name lookup by moving to Model->alias over Model->name, fixes #5003 2019-08-15 19:46:52 +02:00
iglocska 09add56ac1
fix: [internal] Breaking bug with the feed edit fixed 2019-08-15 19:43:54 +02:00
Jakub Onderka 4ef9595023 fix: Replace not exists MethodNotFoundException with NotFoundException 2019-08-14 21:27:05 +02:00
iglocska cf6bc6f204
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-08-14 17:04:28 +02:00
iglocska 7a56d9ff43
fix: [API] invalid object reference fixed in objects/view, fixes #5003 
- the Copy Pasta God(tm) strikes again
 2019-08-14 17:03:47 +02:00
Andras Iklody bb475784f0
Merge pull request #5001 from zaphodef/feature/uuid_sharing_group 
chg: Show sharing groups' uuids
 2019-08-14 16:14:57 +02:00
iglocska 50db8c9a45
new: [API] Allow posting freetext data for ingestion via the event uuid instead of ID, fixes #4995 2019-08-14 15:17:25 +02:00
iglocska 60e68d1459
fix: [API] get organisation by uuid for sightings/listSightings, fixes #4992 2019-08-14 15:08:37 +02:00
iglocska eb4e5bf765
fix: [API] Misp object delete's uuid lookup fixed 2019-08-14 15:07:11 +02:00
iglocska 519e110f9f
new: [internal / API] new component added to handle repeatable code across all controllers (toolbox controller) 
- added UUID -> ID lookup function and integrated it across several functions
- fixes #4990
- fixes #4999
- fixes #4993
- fixes #4991
- fixes #4989
- fixes #4987
 2019-08-14 15:01:31 +02:00
Pierre-Jean Grenier 8dcbbf7674 chg: Show sharing groups' uuids 2019-08-14 14:54:26 +02:00
iglocska bbd881d4f7
fix: [API] removed testing exception 2019-08-14 14:38:02 +02:00
iglocska 0a9219411f
fix: [API] Swapped error messages' content from "don't" to "do not" to avoid weird sanitisation artifacts coming from the exception handler 2019-08-14 14:33:20 +02:00
iglocska 0fd2466878
fix: [API] error message 2019-08-14 14:27:51 +02:00
iglocska 20a250ec6f
fix: [API] Attribute edit fixed 2019-08-14 14:24:41 +02:00
iglocska d7733102fe
Revert "Revert "fix: Fix error messages"" 
This reverts commit a12ea04a4c.
 2019-08-14 14:17:58 +02:00
iglocska a12ea04a4c
Revert "fix: Fix error messages" 
This reverts commit d501c56e5f.
 2019-08-14 13:58:00 +02:00
Andras Iklody 299be5c170
Merge pull request #5000 from zaphodef/bad_permissions 
fix: Fix error messages
 2019-08-14 13:53:28 +02:00
Pierre-Jean Grenier d501c56e5f fix: Fix error messages 2019-08-14 13:31:32 +02:00
iglocska 6e23cb18bf
fix: [API] /galaxies/view by uuid added, fixes #4993 2019-08-14 11:56:06 +02:00
iglocska 74bf393ead
fix: [API] Delete sightings by UUID, fixes #4987 2019-08-14 11:43:14 +02:00
iglocska 5028b7250a
fix: [API] /objects/view should accept UUID as a parameter instead of just ID, fixes #4991 2019-08-14 11:39:51 +02:00
iglocska 879c564d0c
fix: [API] Delete organisations by UUID, fixes #4989 2019-08-14 11:30:11 +02:00
iglocska 332f4e6c8b
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-08-14 11:25:37 +02:00
iglocska b176e4d027
fix: [API] Access event proposals by uuid via shadow_attributes/index/[uuid], fixes #4988 2019-08-14 11:25:20 +02:00
mokaddem 30ba0a5a5a
Merge remote-tracking branch 'origin/2.4' into decaying 2019-08-14 10:48:42 +02:00
mokaddem 05fe5e18e8
chg: [decaying] Allow for model parameteres override 2019-08-14 10:48:13 +02:00
Pierre-Jean Grenier 36f4471055 chg: delete an object by its uuid, similar syntax to attribute's deletion 2019-08-13 18:12:52 +02:00
mokaddem 6ba45b27f8
Merge remote-tracking branch 'origin/2.4' into decaying 2019-08-13 16:32:58 +02:00
mokaddem b415f8ffc7
chg: [decaying] Added list of available formulas and model settings - 
WiP
 2019-08-13 14:21:58 +02:00
iglocska ecfe1ee596
fix: [sharing groups] Fix the behaviour of roaming mode sharing groups, fixes #4983 
- creating sharing groups without roaming mode and without any sharing group servers should automatically add the own server
- adapt the new roaming mode behaviour from a few months ago on push: No explicit roaming mode set means no push, even if no servers are added
 2019-08-13 13:25:01 +02:00
iglocska 6b58b51bd3
fix: [Sharing groups] Various fixes to align the reported local instance URL as the external_baseurl if set, as opposed to always using the baseurl, fixes #4982 2019-08-13 13:00:24 +02:00
mokaddem bd1aacafea
new: [event:view] Added support of decay score 2019-08-12 16:34:26 +02:00
iglocska b2f3481806
fix: [sync] Sync object builder tool fixed 
- was picking the wrong org as the owner of the remote side
 2019-08-12 11:51:37 +02:00
iglocska a4462f717e
fix: [API] /events/delete now accepts UUID as parameter 2019-08-11 21:22:38 +02:00
iglocska 1cb9489839
fix: [sessions] Several minor fixes to the session handling 
- cookieTimeout setting fixed
- moved the session massaging into a separate function
- added some translation calls for some of the setting errors involved
 2019-08-09 15:57:15 +02:00
iglocska 539a7431a4
new: [session handling] Session handling fixes 
- changed the cookie name to MISP-[MISP.uuid] to rely on a unique data-point instead of the URL. This solves issues with multiple MISPs running on the same host via port based virtualhosts sharing sessions
- timeout issues potentially fixed when using the recommended PHP session handler. If the garbage collection is configured in php.ini it could previously purge sessions that based on the session timeout should still be valid
 2019-08-09 14:41:17 +02:00
iglocska 7b6a7a5a65
fix: [API] /servers/restartWorkers response fixed for API users, fixes #4966 2019-08-08 11:19:21 +02:00
iglocska e53a0046a9
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-08-07 15:04:51 +02:00
iglocska a46e7a680d
chg: [API] servers/serverSettingsEdit now accepts the force parameter in a posted JSON object 2019-08-07 15:03:32 +02:00
iglocska 14685c45fb
fix: [API] Further fixes to /attributes/add 2019-08-06 16:33:16 +02:00
iglocska edf0657a1d
fix: [API] Fixes to the new attribute add 2019-08-06 16:01:09 +02:00
iglocska 786d53d30b
new: [API] Attribute add rework - WIP 
- handle attribute creation in a unified manner via captureAttributes
 2019-08-06 15:55:16 +02:00
iglocska e18e7c1807
fix: [API] fixed an incorrect fix to the object references add function from earlier today, fixes #4866 2019-08-05 16:49:25 +02:00
iglocska cad286d239
fix: [API] the returned data when adding object references doesn't include the object_uuid, fixes #4866 2019-08-05 16:06:51 +02:00
iglocska dcaebb8cc4
fix: [API] Consistency in returned attribute fields when modifying it 2019-08-05 15:31:43 +02:00
iglocska ae28d7b461
fix: [API] Object edit clusterfudge fixed 2019-08-05 13:41:23 +02:00
iglocska 166fbf0da4
fix: [objects] Fix various issues with objects/edit 
- value1 and value2 should not be included in the repsonse, fixes #4944
- fixed input being misunderstood in certain situations
 2019-08-05 10:50:39 +02:00
iglocska fc3a38d463
fix: [pymisp / querystring] versions bumped 2019-08-02 17:06:17 +02:00
iglocska e5cfd152cf
fix: [local tags] Host org non admin users should be able to tag data owned by others, partially fixes #4925 2019-08-02 16:53:30 +02:00
iglocska 630c6bc1f9
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-08-02 14:43:41 +02:00
iglocska d6692c44a0
new: [sync] Previewing a remote instance now passes pagination rules in the request instead of fetching the full data-set and paginating in memory 
- fixes issues with empty preview pages
- massive performance boost
- requires the remote side to be the same version or newer
 2019-08-02 14:42:23 +02:00
iglocska 1d47e37f5c
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-08-02 14:39:15 +02:00
iglocska 7b9b58356c
new: [sync] Event index cleaned up, total count of listd events added as X-Result-Count header 2019-08-02 14:38:28 +02:00
iglocska 7003faa00c
new: [API] new parameters added to attributes/restSearch to include additional context, fixes #4935, fixes #4940, affects MISP/PyMISP#415 
- includeSightings: include sightings for all attributes returned
- includeCorrelations: include the correlations to other attributes (includes a light-weight event object with each attribute)
 2019-08-02 13:41:20 +02:00
iglocska 4781d68a44
chg: [UI] Added the new user name helper 2019-08-02 10:45:55 +02:00
iglocska a39306dfe5
fix: [API] Exception on /sharingGroups/removeOrg fixed, fixes #4884 2019-08-01 11:16:44 +02:00
iglocska 5d90a8ffc7
fix: [API] /attriutes/index fixed for non admin users 2019-08-01 11:12:59 +02:00
iglocska 220842edff
fix: [API] Freetext import now correctly handles the response of non-background processed tasks 2019-07-31 15:57:25 +02:00
iglocska 1434759135
new: [API] Disable background processing on-demand via URL parameters 2019-07-31 15:56:33 +02:00
iglocska 5f9e04aa4f
fix: [rest client] Potential fix to the skip ssl validation flag not working on wrong CN name 2019-07-31 14:10:19 +02:00
iglocska dc0f4741be
Revert "fix: [rest client] Potential fix to the SSL validation skip not working" 
This reverts commit 293871cee8.
 2019-07-31 14:03:22 +02:00
iglocska 293871cee8
fix: [rest client] Potential fix to the SSL validation skip not working 2019-07-31 13:58:34 +02:00
iglocska b83ac37ff4
new: [API] Allow adding tags via /attributes/add directly 2019-07-30 12:03:49 +02:00
Andras Iklody de228e083f
Merge pull request #4927 from 4ekin/fix-postgresql-issues 
fix: some PostgreSQL issues
 2019-07-30 09:16:11 +02:00
iglocska d6a15438f7
fix: [proposals] POST on shadow_attributes/edit/{attribute_id} inconsistent, fixes #4857 2019-07-29 17:10:21 +02:00
iglocska b2e9bbd7ef
fix: [API] taxonomy/addTag now correctly responds if queried via the API instead of redirecting, fixes #4865 2019-07-29 17:01:28 +02:00
iglocska e60f0beff9
fix: [API] sightings/listSightings should also support JSON parameters, fixes #4875 2019-07-29 16:46:02 +02:00
iglocska 30e7b49632
fix: [API] Organisation edit now also accepts UUID instead of ID via the URL param, fixes #4896 2019-07-29 16:32:24 +02:00
iglocska ed1e55b76b
fix: [API] Fixed an edge case when the attribute historgram throws a notice error 
- no idea how to reproduce it, the organisation referenced in an event orgc_id not existing is a pre-condition

- fixes #4880
 2019-07-29 16:28:42 +02:00
iglocska ebf054e0d0
fix: [API] Adding attributes via the freetext importer using the API resulted in several issues 
- adhereToWarninglists was not correctly adhered to
- the response didn't reflect what was saved, only what was pushed to be saved (excluding removals by warnintlists, several attributes added by adding more than one valid type, etc)

fixes #4881
 2019-07-29 16:15:00 +02:00
iglocska d75c6c9e3b
fix: [sharing groups] Add sharing group returns a list instead of a sharing group object, fixes #4882 2019-07-29 15:20:51 +02:00
iglocska 191983d27b
fix: [API] Exception on POST sharingGroups/addOrg, fixes #4884 2019-07-29 13:12:09 +02:00
iglocska 954b7e6727
fix: [proposals] shadow_attributes/index default behavior modified to show all proposals by default, fixes #4936 2019-07-29 11:38:20 +02:00
iglocska 118fb6649b
fix: [API] Server deletion now responds correctly via the API 2019-07-29 10:23:00 +02:00
iglocska a89b32d0c4
chg: Server pull/push endpoints allow the passing of the parameters as a POSTed JSON in addition to URL parameters, partially fixes #4889 2019-07-29 10:14:49 +02:00
mokaddem 791ef0d21c
chg: [decaying:rest] Renamed `decayed` into `excludeDecayed` for better 
usability
 2019-07-25 16:21:12 +02:00
mokaddem 28f080e581
new: [decaying:rest] Filtering out of decayed attributes 2019-07-25 16:13:42 +02:00
mokaddem e4cc20b054
new: [decaying] Partial API support - WiP 2019-07-25 15:45:33 +02:00
mokaddem 8611c2069f
new: [restResponse] Added entries in Attribute/RestSearch for decaying 
model support
 2019-07-25 11:52:16 +02:00
mokaddem 5e2968df42
chg: [decaying] Full support of enable/disable model 2019-07-24 15:41:23 +02:00
mokaddem e1d9d53390
new: [decaying] Added models import and export feature 2019-07-24 10:51:58 +02:00
Bechkalo Evgeny 76d58e6e53 fix: some PostgreSQL issues 
Closes: #3066, #3067
Fixes issues:
- wrong boolean and smallint conversion;
- postgresql table and field naming (field 1_event_id is wrong name for
field for example);
- postgresql grouping (you cannot select columns without grouping them);
- wrong checkbox rendering without keyword.
 2019-07-23 11:17:56 +03:00
mokaddem 52d143e030
chg: [decaying:tool] Dynamic redraw of the model table to support 
dynamic update
 2019-07-23 10:04:43 +02:00
mokaddem 821785273a
Merge remote-tracking branch 'origin/2.4' into decaying 2019-07-22 10:03:57 +02:00
mokaddem 194e4b5e2d
fix: [event:view] Ensure sync users do not get local tags through ajax 2019-07-19 16:23:15 +02:00
mokaddem e50f624894
fix: [tag:local] Allow users (with correct authorization) to detach 
tags
 2019-07-19 15:28:13 +02:00
mokaddem 7394385de6
chg: [decaying:model] Added support of default base_score 2019-07-18 15:08:13 +02:00
mokaddem 4817c38ac3
chg: [decaying:simulation] Added support of base_score computation, 
various UI improvements and different method to compute scores
 2019-07-17 16:14:24 +02:00
Andras Iklody 046704b735
Merge pull request #4878 from RichieB2B/ncsc-nl/fix-destroy 
Fix session_destroy errors
 2019-07-16 18:11:53 +02:00
mokaddem 458bd23937
chg: bumped queryversion 2019-07-16 16:08:28 +02:00
mokaddem 42acd1843d
chg: [decaying:simulation] Improved UI 2019-07-16 15:30:31 +02:00
Richard van den Berg 50846595c8 Destroy the CakeSession, not the php one. Fixes #4808 2019-07-16 11:56:56 +02:00
mokaddem bbab646d01
chg: [decaying:simulation] Support of sightings in the decaying simulation 2019-07-16 09:31:49 +02:00
Alexandre Dulaunoy 5122299cd4
chg: [version] align PyMISP version with core 2019-07-13 09:16:37 +02:00
iglocska aafb44a4e2
fix: [bug] RestClient notice error fixed 2019-07-12 16:34:01 +02:00
iglocska 5acc5f9658
fix: [objects] delete now accepts delete HTTP method 2019-07-12 16:05:15 +02:00
iglocska e626936191
Merge branch 'hotfix/sync_rework' into 2.4 2019-07-12 16:03:57 +02:00
iglocska 5941037610
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-07-12 16:03:47 +02:00
iglocska c8018d7daa
new: [API] Proposal sync rework done 2019-07-12 16:03:08 +02:00
mokaddem 9585c9118d
chg: [decaying:simulation] Draft 2 of simulation chart line - WiP 2019-07-12 15:20:49 +02:00
chrisr3d 991337bd8d Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-07-12 10:46:08 +02:00
chrisr3d 5d39ec7144
fix: [hover enrichement] Fixed index in attribute 
- Depending on the format of attribute passed to
  the function
 2019-07-12 10:44:20 +02:00
iglocska 19b078d72d
fix: [proposal] sync fix stage 1 
- added new capture function
- reworked the proposal index
 2019-07-11 22:57:58 +02:00
mokaddem a6182341c1
chg: [decaying:simulation] Draft of simulation chart line - WiP 2019-07-11 16:49:38 +02:00
mokaddem 4e7c628350
chg: [decaying:simulation] Attribute searches 2019-07-10 15:52:22 +02:00
iglocska be6da3481f
fix: [sync] Proposal pull restricted to 14 days 
- no need to pull ancient proposals each time
 2019-07-10 15:10:23 +02:00
iglocska 64fafa1913
fix: [api fix] Deletes broken due to invalid boolean 
- /facepalm
 2019-07-10 13:55:33 +02:00
iglocska ed401d88be
fix: [API] delete http requests properly accepted by some /delete endpoints 2019-07-10 11:57:21 +02:00
mokaddem 38fef5d1ae
fix: [galaxy:add] Prevent bug when submitting empty galaxy 2019-07-09 13:59:39 +02:00
mokaddem e2bb1a4f4d
chg: [decaying:simulation] Started simulation view - WiP 2019-07-09 13:43:41 +02:00
mokaddem 5e54a9c311
chg: [decaying:tool] Full support of base_score configuration 2019-07-09 08:49:49 +02:00
iglocska 2fc7aafd8a
chg: [docs] Added excludeLocalTags to events/restSearch 2019-07-08 16:00:34 +02:00
iglocska ce7dc6ecb0
fix: [CLI] admin->setDatabaseVersion fixed 2019-07-08 15:46:29 +02:00
iglocska b45b55e854
fix: [tmpdir] fixed invalid file path 2019-07-08 12:51:37 +02:00
iglocska b9839b8ffe
fix: [internal] upload sample had a hard coded tmp path that would fail to the php fallback if MISP is not installed in /var/www/MISP 2019-07-08 11:53:30 +02:00
iglocska d82176b5ed
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-07-08 11:45:18 +02:00
iglocska 2a059f7b31
new: [tags] Local tags feature added 
- Create tags locally if you are a host org user that allows in-place tagging for sync / export filtering
- Events are NOT modified using these tags
- Local tags always get stripped before syncing
- Local tags allow host org users to violate the ownership model of MISP
- galaxies, attack matries also included

- some sync fixes
 2019-07-08 11:39:41 +02:00
mokaddem d0b4b009e0
chg: [decayingModel:controller] Updated edit endpoint to match the 
correct view
 2019-07-08 11:28:58 +02:00
Andras Iklody 7bf2bcf085
Merge pull request #4807 from RichieB2B/ncsc-nl/IOCImport 
Support empty attribute type in IOC import
 2019-07-04 06:57:50 +02:00
mokaddem 76cddeb264
Merge branch '2.4' of github.com:MISP/MISP into decaying 2019-07-03 13:45:49 +02:00
mokaddem 41615b7ce4
fix: [eventGraph] Correctly pick the first-matching requiredOneOff to 
generate the object's label
 2019-07-03 11:38:07 +02:00
chrisr3d f651a030aa Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-07-02 22:08:11 +02:00
chrisr3d b40582679d
chg: [enrichment] Reusing the new function fetchInitialObject 
- New function that is exactly the copy paste of
  what is removed in this commit and replaced by
  the function call
 2019-07-02 22:05:38 +02:00
mokaddem 5b6b4777f2
fix: [events] Create massive dummy events 2019-07-02 11:44:05 +02:00
iglocska 9293a15e2f
Merge branch 'module_rework2' into 2.4 2019-07-01 09:51:07 +02:00
Richard van den Berg 52b7365f01 Support empty attribute type in IOC import 2019-06-27 07:39:29 +02:00
mokaddem eb21705fc5
chg: [decaying:tool] Filter taxonomies not having numerical score 2019-06-25 11:46:23 +02:00
mokaddem 4ab4318eb2
chg: [event:view] Make `Related *` scrollable 2019-06-24 14:00:51 +02:00
Andras Iklody 69febf087a
Merge pull request #4570 from mokaddem/relatedEventUI 
Related event ui
 2019-06-21 19:06:38 +01:00
chrisr3d faf7abc8e5 Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules 2019-06-21 12:15:01 +02:00
mokaddem 93e85e6d7a fix: [event:addTag] User can add multiple tag collection at once 2019-06-21 12:10:59 +02:00
mokaddem 96bc938ae1 fix: [relatedEvent:view] catch if number of correlation cannot be found 2019-06-21 11:42:21 +02:00
mokaddem 9274522177 chg: [relatedEvent:view] Display the number of unique correlation 2019-06-21 11:21:43 +02:00
iglocska d69188f66a
new: [correlation graph] Toggle physics on/off 
.,/#&&@@@@@@@@&%(*.
                                                         #@@@@%*..,..,.,,.,,.,.,.,,,,..,*#@@@@(
                                                  .&@@%,,.,,.,,,*#%&&&%#(/**,,**/(%&&&%(/,.......(@@@,
                                              %@@(,,,,,,(&&%*..........  ...*,*..,.........../&,....,%@@,
                                          &@&,,,,,*&&(....  .*....*..//.../../(...*.*(...%..........#&(....*@@/
                                      ,@@,,,.,#......#..#*..(#..(*./,..,...*(...*.,.*..........#/#.....%&,..,/@@.
                                   /@%,,,,(&(.....#/,...#../.(#...,/.,,../,..*(...*...%,.........,*...#./....#&,.,,@@.
                                .@&,.,,%&....,,....(*,.../.(,..(...,..,..*#..,,..,..,...*,....../#...,..(//.....,&/..,&@.
                              %@,,,,#&...,,/./**....(,,..(,.//..,*..............................,.....././(.,..*...,&/,,,@&
                            @%,,.(&,../(*..(#../#....(*. /....................................../,..*.*..//,,..,/.....,&...%@
                         .@(..,&&,......%,,/..../(..(................................................/(..(.,.*.....**....%#,,*@,
                        @(,,*&%*.........*((....*#.......................................................(*.,,.......*,#...*&..,@*
                      @#,,/&%,.(*..........#,/.............................................................../...*..*(.......*&.,*@,
                    #@,.,&&*.#&/(.,...............................................................................,...(...,.,,.*%..*@
                   @*,,%@/......#*(................................................................................./. (./.#.....#%..%@
                 &@,,/..........#,../................................................................................,.#.........&*,,@*
                @/,,&@,............/(..................................................................................#............*&../@
               @*,/&&.................................................................................................................&,..@
             (@,,(&(...................................................................................................................%%..@(
            (&,,#&*.....................................................................................................................,%../%
           #@,,%&........................................................*/,...../(*......................................................&..*@
          /&,,%&....................................................,                  **..................................................&..,@
         *@,,%&..................................................,     . . ..       .  .  *,................................................&..*@
         @*,#%,................................................*   ..                       (................................................&.,*%
        @/,*#*...............................................*%/,,,***,...,,.  ..............,&..............................................,&..&(
       %&,,%@...............................................%**,..,,,,,,,......,. ........   ,,%#............................................./(,.@
       @*,(%................................................*,..*(*.*,,...*,/..*,.. ... .,.*... ...............................................&*..@
      &(,,#,...............................(/**,,,.,,(.*/,%&&%#*/#(....,* .,...... */. ..,/**/(##% *,,.,,.( .   .(..............................&..##
      @*,%#................................*.... .(/..... %,,.,,*.,**.,,,,,,*((*,..... .(. . . .. ,.,,,..,. .....,..............................#(..@
     ,,/,................................*.  ...........#,*.,/*.,,,,,,,,,,,...,*.......  .(. .  *              %...............................&..*#
     @/,##.................#*..,*,,,,..(/,,,*.,***/,,,,/*/*.,,,,,,,,,,,//***,,,**...... ..   ./.%.,*.(*,,,..,.,/,..,***/*#...*%(...............%(..@
    .@*.#*..........,,,,,*,%....,/,**/...,//(/...*/((,.,/&%((/***/*//**///////********,,,,......./%(..........      . .,,,,.....#*.. ...,.........%..%/
    #(*//..........%,.,,,,.%........... . ...............*/****,*,,,,**,,,,,,,,,,,,,..,,.........(,,,,,*,,,*,,,.........     ....( ...../.........&.,.@
    @/,(/........%%,.,,*,(%/*/*...,.,,*,..............,,.,/%%%###%%##%####(#%####%%(/((###(//(%((..................,   .  ....,%%((((//(&.......#/..@
    @/,((..........%......#*...........,..............,.../,//****/***/**,,*/,,/(*,*,,........**.(.,.................*...........&     .*.........,%..@
    @/,#/..........(,,.,,,(*.........../..............,.../,/*/((((//*//*,*#***,./,/,,,........*./...................*...........%....../..........%..%.
    @/,#*..........#......*/...........*..................*.**/,.,*(//**/,..,..,...*,,,..,*,...*.(...................*...........%   .../..........&..(,
   .@(*#,..........%......//...........,.,......,,*,**....*./**(,##,(//*/,/%&&&%%&//,,,..,//,.,*.(...../,,,,.........*.,.,.,.....& .. ../..........&../,
    @(*#,..........#...(,,&/.....,%##(,*.......,,/*,(.,..,*./*/(*/**(/*,/,///***,.*/,,,..,../.,*./.....*/..(........./,*,*#......&,../..*..........&..(,
    @(*#/..........#..*...%/...,.*,..#,,.......,,,..#,,.,,*./*/(*//*(//,(**//,,,,.*/,.,.,*../../,/...../(..(.........(.,..(.,....#. ..*.,,.........%..%
    @/*/*..........#..,...%*...,.*,..#.,.......,*,..(.,,..*,**(#*((/(//,/********,*/*,,,.*..*.,/,(.,...*(..(.........(.,..(......#... *.*,.........%..@
    &//*,..........%..*...&,...../...(,,......,,*...(.,,,,,.///(*/////(*(,/*/***,,*/*.,.,*..*.,*./.,...*(../.........#,,..(......#.   /./..........#..@
    *%/,#..........%..,...%,...........,.......,*...#.,,,./.**((*//*(//*(,/*/**,*,//*,,..,..*.,/,(...,.*#../,........#. .,......./.   /.*.........**..@
     @/,(,.........%..    %....,..,....,,......,*...(,,,,/.,/,./*/(,(((/%#*,(///*//((,...*..*.,*,,#.,,,//  ,.........#...........#.   . ,.........&..%/
     @(/,/....,.........,*..,.........,,.....,.,.,,*,,,*//***,,,,,,**,***,****//(((##%%#######(#(#(..,.***,,,........#............./...    ..,*...%..@
     ,@/,#,...,..,.,**,,,..,,,.,,.....,.,.,...,,/***/,,//(/////////**///(////**,,,,,,**,,,,......./.*,,**,,,,........#.............*,,,*,,,..**..#*.,%
      @/**/...............................,,,,,,,,,,,*&&%%%###%%%%%%%%%&&&&&&%%##((/////***,*,,,,*/#%(&%###%%%%%&&&&&&%########((//**,...........%..@
       @/,/...........,%...............................**,,,,,,,*******//((###%%%&&&&@@@@@@@@@@@@@@%...............................,,,,,,,*/*.**.*&
       /,#.....,*.,%&&%...........,.,..,*.....*,&/......*.*,/....&(#%......,.....*. ,.....,,,............../*........ .............../,..#*,..%..@
        @/*,/..,*@*...../(...........%*(,*%....,/#../#....*%( /.....(*.....,*,....(,......../.,......(,......#(.....#...#...........,.....//...&..%,
         @/,**.*(....(,%./%.........*%,#.,&.....,(..&.....*%.##.....((.....,/.....*/........(........(,......#(....../../........../.......((.**.*&
         (@/,(*..%#....,.,&........................................................................................................#*....../.,%..@
          #%/,(,..**/,..*%..*....................................................................................................,..#,.**(#..#..@
           @%/*#*.,....%*.#*%,,...................................................................................................%.........%.,@
            /,(/...,%.%./.*@*,................../&//...................................................,#*................../#*....&*./..%.,@
             &&/,(%..,./.(&....,/,..............,#(/,/. ,..............................................(*,,.,,...............,*..&..*../.,#.,@
              /&/,*%..,%,....*.(&*%............##.,...*&., ,....................................../.#...,,.../................%,..../&,.*,.,@
               ,@/**%*......,&(...&.#................*&..,(,./(,*.............................*..%./*.....#*,............*......,%.*,..&.,/%
                 @(/*#&..*/@.......%#(%............,/&...,(*#..(#./#.................,*.,.%,, .( ....,*.................,#...,.....(..#,.@*
                  #&/**&%......,,(&/..*.,................,%..../%(,..........///,#(.,*.....(.#,.,....#(...............%.*..%.....(..%,,,@
                    @(/*(&*...*&.((...../%/..................,/(.............*......./##,...(,..#*.....................,#.,..%.*..,/,,@*
                     #@//*#@..##%..../.%...%....................,............(/.../..(*..,../...................#/.....#..%...,..%..*@
                       @&(**%@,.,/.,.(*...//...................................%&(................................& &,..*..%,..%,,.@
                         @&(*/#&(..((..,.#/....../.*.*.......................................................%.,...%*..%/....%...@.
                           @&(//(&@...%#/.......#/%..*.( /,..........................................*,,...../*%*,...#..../(.,.@.
                             &@(///%&/...........,/#.....*/##(.....................................,*,........(.%%#,/...%,.,*@
                               /@#((/(%&*.....*/..((%...*/#...,*((#&.  ,,*///*..............(*.../*.,.*,......&......%#.,,@%
                                  &@((//#%&*...#(**#.../,/...*#*/../,,.*.*...(*,,..((....../,.....,,./........(...%/,,,#@
                                     @@(((((%%&,....../,/...,.**/..*,*..,,,(/..,,.,.,......(,.....(,..(, ...../%*.,,(@*
                                        #@%////#%%&*....#.,(.,#*,..*,...*,./*.....#(........(,....(.......(%/,,,,&@.
                                           .&@#////(#%%&(.....*&&*/*(...*,,..*./,...(...............,/%/,,,,,%@#
                                                #@@/*////(#%%&&/.........,*(#*..(,/*.........,*#%//,,*,,*@@(
                                                     /@@@(/(////((((###%&&&&%%%%%%%%&%%##(/*******/&@@(
                                                            ,%@@@@%#((//////******/////(/#%@@@@%,
                                                                          .,***/***,.
 2019-06-20 17:46:39 +02:00
chrisr3d 084b6e0786 Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules 2019-06-20 14:44:33 +02:00
chrisr3d 7c0d7adb9e
chg: Bumped query version 2019-06-20 14:43:43 +02:00
iglocska c06aa1fd79
fix: [API] Simple worker management added 
- /servers/startWorker/[queue]
- /servers/stopWorker/[pid]
- /servers/getWorkers
 2019-06-19 14:08:06 +02:00
iglocska 5b1697667f
new: [UI] Filter the object template index using the quick search 2019-06-18 17:51:25 +02:00
iglocska 599641672e
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-06-18 10:55:07 +02:00
iglocska 007377129f
new: [API] On-demand inclusion of attribute relations via the event view endpoint 
- new URL param, includeGranularCorrelations:1 added

                                 |\    /|
                              ___| \,,/_/
                           ---__/ \/    \
                          __--/     (D)  \
                          _ -/    (_      \
                         // /       \_ / ==\
   __-------_____--___--/           / \_ O o)
  /                                 /   \==/
 /                                 /
||          )                   \_/\
||         /              _      /  |
| |      /--______      ___\    /\  :
| /   __-  - _/   ------    |  |   \ \
 |   -  -   /                | |     \ )
 |  |   -  |                 | )     | |
  | |    | |                 | |    | |
  | |    < |                 | |   |_/
  < |    /__\                <  \
  /__\                       /___\
 2019-06-18 10:51:16 +02:00
Andras Iklody 1470d21813
Merge pull request #4674 from juju4/devel-globalstrict 
strict typing - snuffleupagus tests
 2019-06-18 09:29:12 +01:00
Andras Iklody 9fca396bb4
Merge pull request #4741 from StefanKelm/2.4 
Update EventBlacklistsController.php
 2019-06-18 09:28:30 +01:00
iglocska c097f001dc
new: [security] Made certain settings modifiable via the CLI only 
- some settings are too risky to be exposed, even to site admins, so made them CLI accessible only
 2019-06-18 09:57:27 +02:00
StefanKelm 22345a747d
Update EventBlacklistsController.php 
(minor) aligns the text with app/Controller/Component/BlackListComponent.php
 2019-06-13 14:57:10 +02:00
chrisr3d b7b4002fc7 Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules 2019-06-13 14:16:39 +02:00
iglocska 6965c83fc1
new: [eventblacklist] Added search filters 
- We really need a DISP - development information sharing platform
 2019-06-12 15:53:13 +02:00
mokaddem b42f803110 chg: bumped queryversion 2019-06-12 15:31:06 +02:00
mokaddem c6fee5bc4f new: [eventBlacklist] Added support of bulk deletion of entries. Fix 2019-06-12 15:27:39 +02:00
iglocska 3bcd7c57a3
chg: [querystring] bump 2019-06-12 14:24:14 +02:00
Andras Iklody fbef06c0ca
Merge pull request #4635 from mokaddem/galaxyMatrixImprovements 
Galaxy matrix improvements
 2019-06-12 14:23:35 +02:00
mokaddem 4fcd8dc55d Merge branch '2.4' of github.com:MISP/MISP into mergeAttributeIntoObjects 2019-06-12 14:14:22 +02:00
mokaddem 210477eaaa chg: bumped queryversion 2019-06-12 14:13:25 +02:00
mokaddem f850abcdaa fix: [galaxyMatrix] Handle case if deprecated galaxy does not exists 2019-06-12 14:12:06 +02:00
mokaddem b3849655e0 fix: [attributes] Correctly pass the user object and renamed delete function 2019-06-12 11:56:42 +02:00
mokaddem d6093b9659 chg: [object:fromAttributes] Method only accesible via AJAX and regular 
users can use the feature
 2019-06-12 11:17:17 +02:00
mokaddem b050269949 chg: [object:fromAttributes] Added support of hard delete if event not 
published yet
 2019-06-12 11:00:17 +02:00
mokaddem 892348d7fd Merge branch '2.4' of github.com:MISP/MISP into mergeAttributeIntoObjects 2019-06-12 10:35:14 +02:00
mokaddem c9f8660518 chg: bumped queryversion 2019-06-12 10:11:18 +02:00
mokaddem 66ee8ef12c chg: [galaxyMatrix] Added check if event not found 2019-06-12 10:03:31 +02:00
mokaddem 43a038b0a5 chg: [galaxyMatrix] Improved `getTagScores` to allow with and without 
ACL tag score fetching
 2019-06-12 09:56:54 +02:00
mokaddem 49357e9c84 fix: [event:galaxyMatrix] Apply ACL on the galaxy matrix scores (event 
view)
 2019-06-12 09:11:08 +02:00
mokaddem 52ae153c0e Merge branch '2.4' of github.com:MISP/MISP into galaxyMatrixImprovements 2019-06-11 15:56:10 +02:00
mokaddem 11a4bdb959 chg: [restSearch:attack] Only expose attack return format to the `event` 
scope
 2019-06-11 15:50:51 +02:00
mokaddem acef3a0168 chg: [galaxyMatrix:stats] Only take into account occurences of galaxy 
once per event
 2019-06-11 15:09:02 +02:00
mokaddem fed5556976 fix: [galaxyMatrix:export] Removed multiple bugs providing inconsistent 
result
 2019-06-11 14:13:17 +02:00
chrisr3d 71209da87a Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules 2019-06-11 13:53:00 +02:00
chrisr3d ccee18b8c7
add: [enrichment view] Displaying events metadata & number of returned attributes 2019-06-11 13:51:53 +02:00
iglocska 36b43f1306
fix: [security] Org admins could reset credentials for site admins 
- org admins have the inherent ability to reset passwords for all of their org's users
- this however could be abused if for some reason the host org of an instance would create org admins
  - the org admin could set a password manually for the site admin or simply use the API key of the site admin to impersonate them
- the potential for abuse is very circumstancial as it requires the host org to create lower privilege org admins instead of the usual site admins
- only org admins of the same organisation as the site admin could abuse this

- as reported by Raymond Schippers
 2019-06-11 11:05:34 +02:00
chrisr3d 831f7575bd Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules 2019-06-07 15:32:39 +02:00
iglocska 3733f3dd00
fix: [CSRF] END THIS NIGHTMARE 2019-06-07 15:25:32 +02:00
iglocska ab86fd658b
fix: [CSRF] Potential fix for the CSRF issues via tag/galaxy additions 2019-06-07 14:44:39 +02:00
iglocska 25d8d6cf94
new: [API] added new restSearch filter - date 
- deprecated to and from
- date works similarly to timestamp, accepted syntax options:
  - time ranges in the shorthand format (7d or 24h, etc)
  - timestamps
  - fallback parsing for other formats (2019-01-01, "fortnight ago", etc)
  - date ranges using lists [14d, 7d]
 2019-06-07 09:49:52 +02:00
iglocska 75dcaa14e0
fix: [session] Fix to automatic session destruction in previous attempt to fix the overflow of API sessions 2019-06-07 08:49:30 +02:00
iglocska d6fc4272ad
fix: [API] Destroy the session at the end of the execution 2019-06-06 20:31:56 +02:00
mokaddem 82e7859182 chg: [object:fromAttributes] Show object references that will be dropped 2019-06-06 16:43:54 +02:00
mokaddem fe4740abd9 fix: [object:fromAttributes] SYNC support for older instances 
(duplicate attributes and their contexts)
 2019-06-06 15:11:34 +02:00
mokaddem 8d2c55fa69 Merge branch '2.4' of github.com:MISP/MISP into mergeAttributeIntoObjects 2019-06-05 12:02:17 +02:00
iglocska 3bcaab013e
new: [cleanup] Added admin tool to remove all published empty events 
- part of the solution to the empty event sync issue introduced in 2.4.107
- skips the event blacklisting
 2019-06-04 19:45:28 +02:00
iglocska 2590b27334
fix: [sync] Temporary fix for empty events showing up in syncs when pulling from a new instance via an outdated one 2019-06-04 13:54:47 +02:00
chrisr3d 25f6c41444 Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules 2019-06-03 18:45:45 +10:00
iglocska c9860c2a44
fix: [UI] Event lock concatinating quoted empty strings 2019-06-03 08:03:41 +02:00
iglocska d9153f8bb8
fix: [sync] Further fixes to the deleted flag changes breakig things 2019-05-31 09:19:51 +02:00
iglocska 304358b162
fix: [sync] Fixed an issue that dropped the remote org 2019-05-30 15:06:51 +02:00
iglocska b23a2395e2
fix: [sync] whitelist fields that can be added via the JSON config 2019-05-30 14:50:51 +02:00
iglocska b706b5860b
fix: [UI] Invalid redirect fixed 2019-05-30 14:46:33 +02:00
iglocska aae9307106
new: [Sync] Add a tool to create MISP sync configuration JSONs and to ingest them, fixes #4696 
- sync user can log into remote instance, extract config JSON
- paste it into own instance as site admin to add MISP sync connection
 2019-05-30 14:42:29 +02:00
iglocska aeb906b494
fix: [API] Weird responses from JSON objects fixed when data returned is empty 2019-05-30 13:49:04 +02:00
iglocska e8f5d65499
fix: [API] Wrong JSON output when /events/index returns empty result, fixes #4690 2019-05-30 10:59:29 +02:00
chrisr3d 8aa6a4571a Merge branch '2.4' of https://github.com/MISP/MISP into rework_modules 2019-05-28 12:25:43 +10:00
mokaddem af15c4af79 fix: [sync] Correctly capture the attributes from a groupment into an 
object during the sync
 2019-05-27 15:40:54 +02:00