iglocska
2eec8878cd
new: [authkey] generate authkeys automatically when creating users
...
- when using the new authkey system
2020-11-13 12:54:14 +01:00
iglocska
dbffebe503
Merge branch '2.4' into CRUD
2020-11-11 11:19:23 +01:00
Jakub Onderka
5a4ba9cbc1
fix: [internal] Properly set login times for custom auth
2020-10-29 17:53:11 +01:00
iglocska
62bbc95472
Merge branch '2.4' into CRUD
2020-10-20 02:01:21 +02:00
iglocska
5ea44e691d
chg: [authkey] model tied to user model
2020-10-20 01:43:38 +02:00
Jakub Onderka
380fba5405
new: [GPG] Validate fetched GPG key
2020-10-09 16:58:59 +02:00
Jakub Onderka
77833be960
chg: [mail] Another code cleanup for alert and contact mails template
2020-09-21 13:17:00 +02:00
Jakub Onderka
76b2a51253
fix: [ACL] Permissions when sending contact and alert emails
2020-09-21 13:17:00 +02:00
Jakub Onderka
8f806c4f1b
Merge pull request #6214 from JakubOnderka/otp-encryption
...
fix: [otp] Allow to send encrypted OTP by mail
2020-08-30 11:22:05 +02:00
Jakub Onderka
d3eb86553b
chg: [internal] Less SQL queries for event index page
2020-08-24 16:27:27 +02:00
Jakub Onderka
3005ef8f6e
fix: [otp] Allow to send encrypted OTP by mail
2020-08-20 19:58:24 +02:00
Jakub Onderka
f157b879a3
fix: [test] Use two spaces to pass the test
2020-08-12 19:34:05 +02:00
Jakub Onderka
6ee505a207
chg: [mail] Initialize GPG just once
2020-08-12 19:33:15 +02:00
Jakub Onderka
ee4de160e8
chg: [internal] Move GPG initialization to GpgTool
2020-08-12 19:33:15 +02:00
Jakub Onderka
65a4ece3bb
chg: [test] Set correct setting for GPG
2020-08-12 19:33:15 +02:00
Jakub Onderka
d044df2cb4
chg: [internal] Refactor S/MIME certificate validation
2020-08-12 19:33:15 +02:00
Jakub Onderka
6d1757188a
new: [internal] Log if e-mail was send encrypted or not
2020-08-12 19:33:15 +02:00
Jakub Onderka
652df56ba6
chg: [internal] Rework email sending
2020-08-12 19:33:15 +02:00
Jakub Onderka
54aa24a31e
fix: [intrernal] Undefined index: Organisation notice
2020-08-12 18:32:12 +02:00
Václav Bartoš
369341683d
fix: [mail] Fix body of passwordReset/newUser emails
...
When MISP sends an email with new credentials, the body is generated from one of the configured templates - passwordResetText or newUserText. However, these two templates were swapped - the newUserText was used for password reset, while passwordResetText was used when new account is created.
This commit fixes it.
2020-06-05 13:47:16 +02:00
mokaddem
b724e30282
chg: [user:finaliseAndSendEmail] Aggresively catch errors and log them
...
while sending email
2020-05-07 17:11:42 +02:00
iglocska
3740e38907
fix: [registration] log entry action shortened to not cause issues
2020-05-07 15:56:08 +02:00
mokaddem
6bff239740
chg: [user:registration] Added audit log
2020-04-22 10:04:07 +02:00
iglocska
3241e95730
fix: [user registration] automatically convert selected orgs to local as described in the tool
2020-04-07 14:27:21 +02:00
iglocska
4ebc0a7988
new: [inbox] system added
...
- user self-registration is the first use-case
- if the feature is enabled, users can unauthenticated send a registration request to MISP
- request includes information on desired org and some privileges (sync / org admin / publisher)
- requests land in the inbox, admins can inspect the registration requests
- they can accept/discard them individually or en masse
- users will be notified of their credentials automatically
- quick user creation if the user asks for an org that doesn't exist yet
2020-04-07 13:21:01 +02:00
iglocska
d7e3674987
new: [audit] Added user monitoring
...
- site admins can set the monitoring flag on a user if the feature is enabled on the instance
- monitored users will have all requests logged along with POST bodies
- keep in mind this functionality is quite heavy and intrusive - so use it with care. The idea is that this allows us to track potentially malicious users during an investigation
2020-03-25 11:49:33 +01:00
mokaddem
6e66256f7a
Merge branch '2.4' of github.com:MISP/MISP into pr-5210
2020-02-10 11:09:14 +01:00
Jakub Onderka
5391611d75
fix: [log] Proper format log message for reset auth key
...
In future, it will be also possible to filter auth keys in logs.
2020-01-27 16:58:46 +01:00
Jakub Onderka
fd4588154a
fixup! chg: [user] GPG key fetching by server
2020-01-26 19:28:04 +01:00
iglocska
56902c265e
Merge branch '2.4' of github.com:MISP/MISP into add_attribute
2019-12-12 10:05:01 +01:00
Andras Iklody
91a045c13f
Merge pull request #5208 from JakubOnderka/patch-34
...
Simplify user profile logging
2019-12-11 19:28:32 +01:00
iglocska
b6bb2bb576
new: [UI] first implementation of the modal forms
2019-12-11 10:03:43 +01:00
mokaddem
806f443764
new: [statistics] Added organisation activity over time
2019-11-16 15:40:02 -05:00
iglocska
6d8b76ae4f
fix: [user] Include user settings in /users/view
2019-10-15 07:24:43 +02:00
Jakub Onderka
688bab2778
chg: [internal] Simplify UserController::admin_edit
2019-10-11 20:35:27 +02:00
Jakub Onderka
899f53dd5a
chg: [internal] Simplify User::extralog method
2019-10-11 20:35:26 +02:00
Jakub Onderka
1d15722195
fix: [internal] user_count variable is already number
2019-10-03 12:02:21 +02:00
iglocska
946602a696
new: [User settings] Added user settings system
...
- set settings / user
- settings can be set by user themselves or their org admin / site admin
- added first setting: publish_alert_filter
- accepts boolean branched filter options
- supports deep logical trees
- OR/NOT/AND
- currently supports filtering on tags and the creator organisation
2019-09-25 11:50:54 +02:00
Jakub Onderka
a9f6af9fcb
chg: [user] GPG key fetching by server
2019-09-23 22:09:02 +02:00
iglocska
9b2916a4c0
fix: [community access requests] fixed serveral issues, fixes #5194
...
- added missing view to preview the request
- don't throw errors when possible, instead show what should have been sent
2019-09-19 15:14:51 +02:00
iglocska
e89d1a267d
Merge branch '2.4' of github.com:MISP/MISP into 2.4
2019-09-09 13:03:09 +02:00
iglocska
75acd63c46
fix: [security] Fix to a vulnerability related to the server index
...
- along with various support tools
- more information coming soon
2019-09-09 13:00:21 +02:00
Jakub Onderka
4b1645a54e
fix: Throw exception when GnuGP homedir is not set
2019-09-07 00:01:55 +02:00
Jakub Onderka
863e38807d
chg: Allow to load Crypt_GPG from composer
2019-09-06 21:31:16 +02:00
Jakub Onderka
f63cfc9c5a
fix: [UI] Fetching GPG keys
...
This error was introduced in 600e540516
2019-09-06 15:56:01 +02:00
Jakub Onderka
6f4b99026e
chg: [user] Remove unused private method
2019-09-06 13:59:47 +02:00
Jakub Onderka
600e540516
chg: [user] Use machine readable format for fetching PGP keys
2019-09-04 13:10:37 +02:00
iglocska
8418e8ee57
fix: [internal] return true from the external email sender if no mocking is happening instead of the full email
2019-08-30 11:19:43 +02:00
iglocska
181bda4698
new: [requestAccess] Made the requestAccess endpoint more API friendly and some UI improvements
...
- better handling of empty parameters
- added the mock functionality to both API and UI, this will generate the e-mail to be sent and return it with no actual sending happening
- defaulting to mock if emailing is disabled
- fixed some minor bugs
2019-08-30 11:10:59 +02:00
iglocska
feb7fe82dd
new: [communities] Added support for requesting access for known communities
...
- site admins can list the misp-project maintained community list
- request access to any of the communities
2019-08-29 09:24:33 +02:00