MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
4,169 Commits
34 Branches
365 Tags
189 MiB
Commit Graph

248 Commits (77ca0f8dd46222c2a0c7bc38608e0215988f33f3)

Author SHA1 Message Date
Andreas Ziegler 77ca0f8dd4 chg: remove obsolete uuid() wrapper 2016-07-07 15:13:16 +02:00
Cristian Bell 7b65a52a44 issue 993: Graceful maintenance message. 2016-06-30 17:33:23 +02:00
Iglocska bad3f801c0 fix: Empty comments may be added to events #1263 
- moved to plain jquery
- check on back+frontend
- better responses when adding events
- fixed an issue with the org_id not being selected for posts
 2016-06-20 19:11:39 +02:00
Andreas Ziegler 985451642e add space after keywords if/for/foreach/while/switch/catch 2016-06-04 15:45:39 +02:00
Andreas Ziegler 0fe692c56a remove whitespace at end of line 2016-06-04 01:10:45 +02:00
Andreas Ziegler 898ea1d97c remove whitespace (space/tab) from empty lines 2016-06-04 01:08:16 +02:00
Iglocska cac7742af3 fix: left off a change 2016-05-23 11:58:05 +02:00
Andreas Ziegler dc0974a55b misc cleanup 2016-05-21 05:10:49 +02:00
Iglocska f64f7ce17f fix: Added hard-delete for soft-deleted attributes, fixes #1144 2016-05-20 12:04:52 +02:00
Iglocska fe12a3f3db fix: Fix to the redirect issues on logout 2016-05-20 09:41:01 +02:00
Iglocska 646f444318 fix: Some more cleanup on the redirects at login 2016-05-20 01:26:16 +02:00
Iglocska eb788366c9 fix: Removed redirect to the news page if no user is logged on 2016-05-20 01:20:45 +02:00
Iglocska d02adf2085 new: Added the news functionality back 
- admins can add/edit/delete news items
- users get redirected if there is a newsitem that they haven't seen yet
 2016-05-20 01:17:26 +02:00
Andreas Ziegler 800721bf2f improve quality of PR#976 (kerberos auth) 2016-05-19 03:41:10 +02:00
Iglocska 617b06740f fix: Left off a change 2016-05-05 15:48:06 +02:00
Iglocska 01eb256864 fix: Comment from expansion lost after free-text import, fixes #1115 2016-05-03 12:18:18 +02:00
Iglocska 80c23fef10 chg: Renamed the JS used by MISP 2016-04-28 16:38:10 +02:00
Iglocska 8db889ce7e SMIME changes 
- tied into auto upgrade system
- tied into server settings
- some cleanup of overly verbose debug
- Enforcing enable/disable everywhere
- Changed temporary file structure
 2016-04-26 16:40:12 +02:00
Iglocska 267caa3315 Merge branch '2.4' into smime 
Conflicts:
	app/Controller/AppController.php
 2016-04-25 23:12:57 +02:00
Iglocska d90417e9db Fix to the previous commit 2016-04-22 10:51:41 +02:00
Iglocska e7760fa008 Fix to the PGP key being loaded into the session 
- it can lead to large PGP keys causing failed logins
 2016-04-22 10:38:51 +02:00
Iglocska 24c7fa61fe Merge branch 'permissionfix' into 2.4 2016-04-18 17:41:59 +02:00
Iglocska 42c612601f Merge branch 'kerberos' into 2.4 2016-04-18 17:25:21 +02:00
Iglocska 7c6ef14621 Some ACL fixes 2016-04-18 15:32:09 +02:00
Iglocska 68ae4e0b9f Pretty printed queryACL's JSON response 2016-04-18 09:56:52 +02:00
Iglocska b39d178211 some small changes 2016-04-18 09:46:08 +02:00
Iglocska 92952cc5e4 Rework of the ACL 2016-04-18 03:19:01 +02:00
devnull- 18404a9d8a Unset 'certif_public' 2016-04-05 17:59:28 +02:00
Iglocska c21c0bb57b Cache clearing improved and added a manual cache clearing for admins 2016-03-31 10:29:54 +02:00
Iglocska 0322dcb053 Force all sessions to be deleted - also, temporarily removed the per user session destruction 2016-03-31 00:57:51 +02:00
Iglocska 32f3ce8542 Destroy sessions on next page load for all users if there was a db update 2016-03-30 23:35:56 +02:00
Iglocska fea6c35140 Split the tagging permission into two 
- New permission flag: perm_tag_editor
  - taggers can tag events with existing tags
  - tag editors can create / edit / delete tags

- Fixed several misleading UI elements for tagging
  - tagging users that don't own an event and aren't creators thereof cannot tag them
  - this was enforced before but the UI elements were present and threw errors

- Migration is automatic
  - all existing tagger roles will automatically become tag editors
  - restricting current roles takes manual admin action, but the functionality should remain unchanged for those that just update
 2016-03-30 18:32:17 +02:00
Iglocska 0c316fd2e2 Reworked the Tag add/remove APIs 
- new syntax
- old syntax still accepted

- new tool for rearranging request data to allow the APIs to automatically catch and correct typical rearrange errors
 2016-03-30 11:05:06 +02:00
Iglocska 975a4ebfda Fix to an invalid log entry being created for a failed authentication, even on successful authentication attempts 2016-03-28 08:43:31 +02:00
Iglocska 17555065b9 Further fixes 2016-03-18 16:25:28 +01:00
Iglocska 1e5c387d94 Better logging of failed authentication attempts 2016-03-18 16:06:03 +01:00
Iglocska 8e6a6b86ac External auth error message changed 2016-03-18 14:39:36 +01:00
Iglocska 8077854e88 Cleaner authentication issue messages 2016-03-18 14:36:16 +01:00
Iglocska 8eee32d869 Optionally remove the log out button from externally authenticated users. 2016-03-16 22:57:48 +01:00
Iglocska 0e64f0c25a Fix to the incoming address check 2016-03-16 03:30:49 +01:00
Iglocska afaa537b82 First implementation of the new auth mechanism 2016-03-15 23:04:20 +01:00
Iglocska 1ba0db37d3 Better feedback on the sync connection test 
- sync users that have not accepted the terms / have had a password reset initiated were redirected to the login page

- fixes to the issue
  - if a user with automation/sync access uses the API and gets blocked because the terms weren't accepted or there is a pending password change they will be notified in a JSON/XML response
  - the sync test now takes this into consideration starting with this version and will report the cause of the failure

- Both instances have to be 2.4.24+ for this to be reported correctly
 2016-03-07 15:11:00 +01:00
trucky dev 8cb32887e0 Add kerberos Authentification fonction 2016-02-24 23:33:06 +01:00
Iglocska 77c9ce3b73 Fix to a critical vulnerability for the login authentication mechanism 
- The API key check was incorrectly logging in the wrong user when the API key started with a numeric value
 2016-02-19 12:40:50 +01:00
Iglocska 71c4f8efe7 Reverted a version fix within the XML file. 
- needs further fixes, sadly the version has always just showed the major and minor version in the exports
- This masked an issue that would block the import of events that are even a hotfix away

- As a temporary fix, I reverted the changes and the XML version field will now only show the major and minor version to restore compatibility (so 2.4.0 instead of 2.4.19)
 2016-02-16 00:06:42 +01:00
Iglocska b8ecd9fee1 Version bump and footer version fix 2016-02-13 13:14:26 +01:00
Iglocska b51e39200b merge fixes 2016-02-12 05:58:22 +01:00
Iglocska 4c14d3a859 Merge branch '2.4' into features/delegation 
Conflicts:
	app/Controller/AppController.php
	app/Model/AppModel.php
	app/Model/Event.php
	app/Model/Log.php
	app/Model/Server.php
	app/View/Elements/footer.ctp
	app/webroot/css/main.css
 2016-02-12 05:56:32 +01:00
Iglocska a1ffdc7790 First finished version 2016-02-12 05:47:06 +01:00
William Robinet 4fea371c4b Fix permissions 2016-02-11 17:03:51 +01:00