MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
1,859 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

338 Commits (982727819bef8017b70581cbbcf8ea6d2d5fe8c0)

Author SHA1 Message Date
Christophe Vandeplas 3ed50e2aef improve UI of event index filtering 2013-06-10 17:24:41 +02:00
Christophe Vandeplas 482fd8b8b0 fix no tooltip bug on Chrome and probably IE. 2013-06-10 10:41:29 +02:00
Iglocska 22284d04d1 Update to the sync 
- timestamp now correctly compared, events that have an older timestamp
  will be discarded, same with attributes

- right now the response is the same as a successful edit though, should
  be handled more gracefully

- pull is not yet tested

- attachments and shadow attributes not yet implemented

- backflow is nicely blocked by the timestamp as intended

- needs cleanup (from, dist_change)
 2013-06-07 02:44:03 +02:00
Christophe Vandeplas 0d66ef931a UI tooltip love 2013-06-06 18:06:22 +02:00
iglocska cb3ac8be15 Changes to the event filtering 
- there was a bug that pushed the data entered into the "published"
filter field to the date fields -> fixed

- Also a bug in the serverscontroller, pulling threw an undefined
warning from the log controller because a single saveField was used and
the logController couldn't save the url data for the action
 2013-06-06 10:24:27 +02:00
iglocska bc42dbd78c Filters updated and some changes for the sync 
- visual changes
- date from/until fields
- published field
- a reset form button

- the org of an event added by a sync user will be that of the host
instance's own organisation identifier
 2013-06-05 17:45:01 +02:00
iglocska 2543916944 Merge branch 'feature/gui' of https://github.com/MISP/MISP into feature/gui 2013-06-04 17:41:53 +02:00
iglocska 0410c1465e First version of the new filters on event index 2013-06-04 17:41:27 +02:00
Christophe Vandeplas 38897d9af3 create default admin user automatically 2013-06-04 13:06:57 +02:00
iglocska d51e7a002b Small UI change to the exports screen 2013-06-04 11:01:53 +02:00
iglocska 0b834464ac Changes to the event view 
- reworked the way events are loaded and reloaded to check for
privileges
 2013-06-03 17:23:34 +02:00
iglocska f545511a76 Slight change to the event xml output 
- now includes both shadowattributes related to attributes and events
 2013-06-03 16:32:45 +02:00
iglocska 1d8003f4f5 Merge branch 'feature/gui' of https://github.com/MISP/MISP into feature/gui 
Conflicts:
	app/View/Events/view.ctp
 2013-06-03 16:30:32 +02:00
iglocska 5522578f68 Update to the shadow attributes 
- UI changes
- changed the relationship between shadowattributes and events to be
hasMany
 2013-06-03 16:25:43 +02:00
Christophe Vandeplas bdc973f9ed alignment of action buttons 2013-06-03 14:44:31 +02:00
Christophe Vandeplas d5c5134691 Display related events in multiple columns. fixes #113 2013-06-03 14:23:15 +02:00
iglocska 3549e0c49d More UI changes 2013-06-03 12:29:07 +02:00
iglocska 7eec9c01db Update to the import IOC ui 
- new css class for the graph
 2013-06-03 11:01:14 +02:00
iglocska 7691476fae More UI changes 2013-06-03 10:48:38 +02:00
iglocska 9a8f090b79 Update to the event index view 2013-06-03 08:58:57 +02:00
Andras a27b3d7208 More UI changes 2013-06-02 13:51:41 +02:00
Andras 3d7355cf14 UI changes to event add/edit and change to events controller 
- updated the UI for the event add and edit views

- change to the privileges when editing events - siteadmins could not edit
  events of other orgs.
 2013-06-02 12:44:11 +02:00
Christophe Vandeplas 03a9b2bcc2 UI event fixes 2013-06-01 11:05:15 +02:00
Christophe Vandeplas bd50135fe6 UI events partial improvements 2013-06-01 08:46:21 +02:00
Christophe Vandeplas b32ad758b8 UI export and automation 2013-05-31 11:56:37 +02:00
Christophe Vandeplas d099ca8e1c hilight row 2013-05-30 16:40:47 +02:00
Christophe Vandeplas 0fa30912a3 mirated first parts of nice GUI proposed by Alexandru of CERT-EU 2013-05-30 11:14:00 +02:00
iglocska 876381d295 Update to the IOC import tool 
- Tries to resolve some branching to increase the number of successful
  imports

- Moved to the event view and the import only adds attributes without
  changing the event's data itself

- Visualisation of the original IOC, showing the successes and failures
 2013-05-29 13:42:04 +02:00
Christophe Vandeplas e3ed847ba0 fixing some REST API and XML issues 2013-05-28 11:15:21 +02:00
iglocska 6e9b19ce51 Quick fix to the sanitization 
- the double sanitization needed a quick fix until the development branch
  gets merged in the future
 2013-05-24 10:29:08 +02:00
Christophe Vandeplas 512c74e7bd minor cleanup 2013-05-22 12:49:40 +02:00
Christophe Vandeplas 3bbd12f461 further cleanup of the REST XML output 2013-05-22 11:21:52 +02:00
Christophe Vandeplas 0614db919e fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00
Christophe Vandeplas 62a3da46f2 removed useless hop_count 2013-05-22 08:18:34 +02:00
Iglocska c653b91491 Further progress on the OpenIOC import 
- works fine now, but a lot of data still gets discarded
 2013-05-08 09:57:18 +02:00
Iglocska 60e4190b84 OpenIOC Importer 
- Import from .ioc
- map to MISP attributes and insert them
- try to resolve AND logical operators where possible, otherwise discard
 2013-05-06 16:53:54 +02:00
Iglocska c4bcf1c077 Fixes #88 
- events searchable by uuid
	-> /events/view/<uuid>
 2013-04-30 16:55:13 +02:00
Iglocska cf9546b3b0 Moved the ioc export to a component 
- Less clutter
 2013-04-30 14:17:48 +02:00
Iglocska 2b47fec2a5 Further changes to the export features 
- fixed issues with some download exports not being downloaded
- eliminated some code repetition
 2013-04-30 11:24:02 +02:00
Andras Iklody 4396cec8ea Integrated ownership, ACL and minor fixes 
- Orgs can propose new attributes or changes to existing attributes for
  events that they do not own

- publishing users of the owner organisation can see, accept or discard
  them

- Reworked the access control

- minor fixes
 2013-04-25 14:04:08 +02:00
Christophe Vandeplas 3be869a9d5 fix sanitization in Events #96 2013-04-24 15:49:35 +02:00
Christophe Vandeplas e9bcacfbc3 fix sanitization in Attributes #96 2013-04-24 15:20:20 +02:00
Christophe Vandeplas 665defe7b1 cleanup crappy sanitization 2013-04-22 15:22:20 +02:00
Christophe Vandeplas 23742c543c rewrote fetching of the related events 2013-04-22 15:04:27 +02:00
Andras Iklody 9a6733acfd Removal of deprecated code 
- The flag private is deprecated, removed together with the code that was
  affected by it
 2013-04-17 11:13:09 +02:00
Christophe Vandeplas 8d5782125d removed unused CyDefSIG.showowner field. Closes issue #93 2013-04-16 15:29:34 +02:00
iglocska 99e0a91aa8 Small bug with sorting events by validation 
- didn't work properly, fixed.
 2013-03-26 14:32:32 +01:00
iglocska c268fac392 Missing view for IOC export 2013-03-26 11:11:13 +01:00
iglocska 5d42b81989 First version of an IOC export feature 
- Builds basic .ioc file of an event, OR-ing all eligible attributes

- mass export via a zip file to be implemented later
 2013-03-26 11:02:01 +01:00
iglocska 8c0a7ad716 Double sanitization fixed 2013-03-19 15:13:07 +01:00
iglocska ef93e61efb Related events 
- Implemented on request: related events created by the same organisation are now coloured red
 2013-03-19 10:30:32 +01:00
iglocska 91b1787fe8 Change to the location of the add attribute/attachment buttons. Fixes #49 2013-03-18 15:25:32 +01:00
iglocska 32de082c88 New export feature 
- To restrict the authentication key from being used by interactive users,
implemented a new export page that uses the uses cake's user
authentication

- the old export features still exist for users with perm_auth enabled
  accounts - renamed to automation

- Exporting the events that found attributes belong to in a search
  attributes result page

- exporting of individual events to file by clicking a link in event view
 2013-03-18 11:48:36 +01:00
iglocska d5800206e6 Bug fixes 
- issues of admin orgs not being able to edit/delete org events

- owner org removed for org admins

- email only visible from own org to org admins
 2013-03-13 15:11:49 +01:00
Andras Iklody 019e976783 Removed the js title bubble for related events 
- Removed javascripts based title bubble showing the event info in related
  events / attributes and in the search attribute view.

- Replaced it with values provided by extra cake queries as the delay for
  fetching the info field through a js rest request was annoyingly slow

- some coding standards
 2013-03-08 13:16:02 +01:00
Andras Iklody 64f304da48 Tighter checks so users can't edit events of other orgs 2013-03-05 16:17:34 +01:00
Andras Iklody 0f947085cb Reworked the sync / release control 
- Fixed issues with the sync
	- Secondary publishes on remote servers failed
	- Introduced new fields in events to stop backward traverse of
	  edit information that lead to low performance and eroneous
	  distribution information updates when more than 2 servers were
	  linked
	- Deletion of an attribute now deletes on remote servers

- Changes to the event ownership
	- Original creator org now noted in the event itself
	- Only original creator org can change distribution
	- Events will show up with the original creator org for users
	  (admins can see both that and the owner of the event on the
	  local instance)
	- Server.organization now used in junction with the connecting
	  user's org and the instance's org (from the bootstrap) to
	  determine distribution flow control and access rights

- Lots of minor changes
 2013-02-19 15:37:35 +01:00
Noud de Brouwer ce44cdb529 coding standards 
this is to the new php53-pear-CakePHP_CodeSniffer-0.1.11.
 2013-02-15 14:20:03 +00:00
Andras Iklody 29295e1380 changes to the admin org access and sanitization 
1. Some errors fixed in the way redirects worked for org admins

2. fixed some double sanitization resulting in incorrect characters
displayed in certain fields
 2013-01-30 11:49:55 +01:00
Noud de Brouwer 120f907427 git 
redo 'git-trigger' change.
 2013-01-04 13:13:06 +00:00
Noud de Brouwer 4f9a2a5dd9 git 
pardon i seem to have had a:
Error: messages not turned on: /dev/ttyp3: Operation not permitted
 2013-01-02 15:32:47 +00:00
Noud de Brouwer e14d8d758d unused & coding standard 
Removed some total unused code and corrected some toward the CakePHP coding standard.
 2013-01-02 14:49:49 +00:00
Andras Iklody 0f751eb742 Validation field 
A field in the event index showing it clearly whether the event has been
published or not - shows a small image (placeholder atm)
 2012-12-20 16:56:56 +01:00
Noud de Brouwer a17eaa69ad log & code duplication 
$this->Html->image($nonExistingImage)
showed up in tmp/logs/error.log and
the origin this is in 2 Views, so a View Element was created.
 2012-12-20 10:33:54 +00:00
Noud de Brouwer 132a10182c log 
do not logs/error.log if an img does not exist.
 2012-12-19 16:18:08 +00:00
Noud de Brouwer 0b6555fa0c log & coding standards 
do not logs/error.log if an img does not exist.
and overcome the,
Each PHP statement must be on a line by itself.
 2012-12-19 14:28:39 +00:00
Noud de Brouwer f6c140e1dc coding standards 
Coding Standards.
 2012-12-19 13:34:40 +00:00
Andras Iklody 29cc79255f Added validation field to the event index 
A small image at the front of each line showing whether the event has been
validated (published) or not. The images are placeholders for now.
 2012-12-19 13:13:39 +01:00
Noud de Brouwer 0c1dd9b0ab HTML 
make Events/view.ctp valid HTML.
 2012-12-19 11:41:02 +00:00
Noud de Brouwer afd7977929 coding standards 
Coding Standards.
 2012-12-19 02:33:09 +00:00
Noud de Brouwer ea9aa8eb3a coding standards 
Coding Standards.
 2012-12-18 19:25:12 +00:00
Noud de Brouwer 8864ee78f7 generateAllFor<FieldName> 
so we can use an URL like:
http://localhost/<TableName>/generateAllFor<FieldName>/newValue/oldValue
for example:
http://localhost/events/generateAllForAnalysis/0/null
http://localhost/users/generateAllForInvitedBy/1/0
http://localhost/users/generateAllForRoleId/1/0
 2012-12-18 03:50:52 +00:00
Andras Iklody 1ceadab700 Added features from branch analysis_levels 
-Analaysis levels setable for events as per milestone item 94
-Password change forced as per milestone item 109
-Added feedback on entered search terms for search attributes
-fixed the authentication issue
-some minor fixes
 2012-12-17 15:51:30 +01:00
noud 094719fa01 Merge branch 'master' into develop 
Conflicts:
	app/Controller/AttributesController.php
	app/Controller/EventsController.php
	app/Controller/ServersController.php
	app/Model/Event.php
 2012-12-12 18:01:39 +01:00
noud c2fa68a198 attributes 
display "#Attr.".
 2012-12-07 14:03:28 +01:00
noud 45cbe60aa7 distribution 
show "All" if distribution is All communities in Events/index.ctp and
Events/view.ctp.
 2012-12-07 14:01:41 +01:00
noud e24ff690bb RESTfull/sync 
redid the sync, so if add and exist, send HTTP 302 and different
Location, and do edit there.
Still, the final result has to compare the attributes and if needed
RESTfull delete.
 2012-12-07 13:56:19 +01:00
Andras Iklody c452027340 changes to the related events mouseover bubble 
Removed unneeded headers and changed the address to relative to avoid the
sending of an OPTIONS REST request.
 2012-12-06 16:08:21 +01:00
noud b65ca1e31e typo 
typo
 2012-12-05 15:13:17 +01:00
noud 8a2bc6c6fb coding standards 
coding standards tells us "space"."space"
 2012-12-05 15:03:44 +01:00
Andras Iklody 9f745ed989 Minor update to some linking to the documentation 
Updated a few links to link to specific portions of certain pages in the
documentation instead of just the page itself.
 2012-12-05 14:00:47 +01:00
noud 47a57e6b7a coding standards 
whitespace police.
 2012-12-05 13:26:54 +01:00
noud 6ea26e8ef3 Added bubble when hovering over related events 
suppres already named caregorie again.
 2012-12-05 13:22:45 +01:00
Andras Iklody db3d9c65c9 Update to the hover effect on related items 
Several occurances of links to the same event in the attribute list
caused all instances except the first one to not display any event info
when hovered over. Fixed.
 2012-12-05 11:55:01 +01:00
noud f2ccfb60e6 coding standards 
coding standards tells us "space"."space"
 2012-12-05 11:14:11 +01:00
noud 385b12beba Added bubble when hovering over related events 
suppres already named caregorie again.
 2012-12-05 10:35:52 +01:00
noud 7e64388e67 Added bubble when hovering over related events 
no need to re-include jquery given it's included in
View/Layouts/default.ctp.
 2012-12-05 09:05:40 +01:00
noud 4ab744ed76 Added bubble when hovering over related events 
make baseurl variable conform bootstrap.
 2012-12-05 09:00:35 +01:00
noud 63811bffb6 Added bubble when hovering over related events 
make authkey variable conform the authenticated user.
 2012-12-05 08:56:58 +01:00
Andras Iklody f2856710de Added bubble when hovering over related events 
Hovering over related events will reveal the "info" field of the event
without clicking on it.
 2012-12-04 14:22:40 +01:00
noud ff0237bcb3 event/attribute delete 
In version 1 and 2 of misp/cydefsig there's a delete button upper left
in the menu that a) does not delete or b) does not return to a visable
url after deletion.
As a 'fix' those delete buttons are now removed, given there does still
exist delete in the index view.
 2012-11-27 10:43:42 +01:00
noud 2b8af20cf4 attributes delete 
oeps, attribute delete inadvertably deleted from view.
 2012-11-26 15:07:23 +01:00
noud 79d8b1d839 delete event 
in edit event screen now give correct id in delete alert box.
 2012-11-23 15:35:57 +01:00
noud 957b3e27b8 Merge branch 'master' into develop 
Conflicts:
	app/Controller/ServersController.php
 2012-11-20 11:01:18 +01:00
noud b2c268845f code standards 
respect code standards.
 2012-11-19 14:49:38 +01:00
noud c8c58fa1b9 PHP 
CakePHP php minimum_version="5.2.8" but lcfirst was introduced in PHP
5.3, so i reverted to 'strtolower(substr('.
 2012-11-19 11:02:59 +01:00
noud 1cddb6abe0 distribution 
conform latest, having:
- Your organization only
- This server-only
- This Community-only
- Connected communities
- All communities

Push is tested, pull not yet.
 2012-11-16 15:25:57 +01:00
noud 5d37e93eb6 code 
have the distribution description in one place, just the model.
 2012-11-16 11:43:47 +01:00
noud 51145da87a index 
some line disapeared, in view as well on attribute level.
Andras Iklody suggested a html non breaking space, that worked.
 2012-11-16 10:18:37 +01:00
noud b84bc50c56 index 
some line disapeared.
Andras Iklody suggested a html non breaking space, that worked.
 2012-11-14 16:43:24 +01:00
noud 6b06ba7ff6 count & GFI Sandbox 
count # attributes in events index.
plus various fixes for distribution in correlation of a GFI Sandbox
upload.
 2012-11-14 16:14:04 +01:00
noud 911c9a8da6 RBAC 
admin can always publish.
 2012-11-09 11:35:32 +01:00
noud 55f9b594d7 RBAC 
just edit your own did still give edit org as well.
can be tested if now correct.
 2012-11-09 10:14:40 +01:00
noud a2bc237bcd RBAC 
should now respect Manage, so also edit, own and org events.‏
 2012-11-08 14:09:52 +01:00
noud 12ebfafe16 RBAC 
role only add could still publish her own events,
this should be not possible anymore.
 2012-11-07 16:02:36 +01:00
noud 36292259aa contact reporter 
Submit to org button in the contact reporter view – changed it
to just submit, having the tickbox to contact a person only + the submit
to org button seems a bit confusing.
 2012-11-05 13:28:43 +01:00
noud f66b199f26 distribution 
removed No push as a distribution.
 2012-11-05 13:05:31 +01:00
noud d55f226275 distribution 
now attributes do work same for pull like push.
 2012-11-05 12:49:51 +01:00
noud 2b478605a5 Flags 
correct from 50*50 to 48*48, so it's an icon size.
 2012-10-31 15:54:15 +01:00
noud 099dd8398f distribution 
border="1"-testleftover removed.
 2012-10-30 13:19:34 +01:00
noud ed56d7c29c distribution 
if distribution is All, so not displayed in an index nor in attributes
per event, there is missing a line-part in IE.
Did add 1 space for All, this will maybe display the line-part again.
 2012-10-30 13:16:46 +01:00
noud f82c3f5f0c dropdowns 
let the risk dropdown in event add and edit behave like the other
dropdowns.
 2012-10-30 12:54:04 +01:00
noud a19571fed4 Internationalisation 
just small __() for translation lateron.
 2012-10-30 10:18:11 +01:00
noud f296a9381e RBAC 
real inactive buttons.
 2012-10-25 15:00:43 +02:00
noud e01dd6de77 distribution 
do not display distribution 'All' in Events index or Event view.
 2012-10-24 08:57:41 +02:00
noud 7a7a1142f6 distribution. 
distribution on add is default "All".
 2012-10-23 12:16:16 +02:00
noud 4b096fa584 distribution 
changes and cleanup.
 2012-10-23 11:28:39 +02:00
Andrzej Dereszowski 25e63dda68 Wording change 
Changed Private column to Distribution + some minor vocabulary changes.
 2012-10-22 16:29:08 +02:00
noud e693571fde private 
description in event::view().
 2012-10-22 11:18:53 +02:00
noud 7077d1e8d4 GFI sandbox. 
better representation of a downloadable attribute
in a link (just href the file name, not including the path).
 2012-10-19 10:04:20 +02:00
noud 67e50cb612 Private 
Private events are true private and
running a server in 2 modes (private and sync),
so real private (red) or private to server (amber)
or full distributable (green).

Mind this needs a change to tables events, attributes and correlation.
These are in MYSQL.private.sql.
 2012-10-17 14:45:26 +02:00
noud 870372fb07 Merge branch 'master' into develop 
Conflicts:
	app/Config/bootstrap.php
 2012-10-10 08:37:12 +02:00
Andrzej Dereszowski 6698e4c05e Cosmetic changes 
Descriptions in the export functionality polished.
 2012-10-09 16:08:38 +02:00
noud d112775251 Merge branch 'master' into develop 2012-10-09 13:10:27 +02:00
noud 93720a6228 Comment. 
The actual view to be able to send comment to Org or Owner/user_id.
 2012-10-09 12:57:45 +02:00
noud 8f3d624c1a Merge branch 'master' into develop 
Conflicts:
	app/Controller/AppController.php
	app/Controller/AttributesController.php
	app/Controller/EventsController.php
	app/Controller/ServersController.php
	app/Controller/UsersController.php
	app/Model/Attribute.php
	app/Model/Event.php
	app/Model/Server.php
	app/Model/User.php
	app/View/Attributes/edit.ctp
	app/View/Attributes/index.ctp
	app/View/Elements/actions_menu.ctp
	app/View/Events/add.ctp
	app/View/Events/index.ctp
	app/View/Events/view.ctp
	app/View/Events/xml/view.ctp
	app/View/Servers/index.ctp
	app/View/Users/admin_index.ctp
 2012-09-24 16:02:01 +02:00
noud 83c56ebbc0 Pagination 
Same pagination in Events as in Attributes.
 2012-09-21 08:51:00 +02:00
noud 1d04652476 CakePHP Coding Standards 
changed to camel caps format where needed.
 2012-09-19 11:05:10 +02:00
noud a4c29a812f XML related. 
Made tools/curl/input/event.xml more anonymous.
Events/xml/view.ctp wrongly showed category_order.
REST Event add did not work anymore given GFI sandbox import.
 2012-09-18 16:50:07 +02:00
noud 94a367c2f5 CakePHP Coding Standards 
http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html

Eclipse:
Window->Preferences
	General->Editors->Text Editors
		Displayed tab width:	4
		Insert spaces for tabs	NOT
	PHP->Code Style->Formatter
		Tab policy:	Tabs
File->Convert Line Delimeters To->Unix [default]

http://mark-story.com/posts/view/static-analysis-tools-for-php
for instance:
phpcs --standard=CakePHP app/Model/

Not yet done is all camel caps format.
 2012-09-18 15:30:32 +02:00
noud 253d8e1b58 Merge branch 'master' into develop 
Conflicts:
	app/Controller/EventsController.php
	app/Model/Attribute.php
	app/View/Events/view.ctp
 2012-09-17 13:02:53 +02:00
Christophe Vandeplas fd05d14602 fixes inconsistent relatedAttributes and relatedEvents arrays with 
different correlation implementations
 2012-09-04 16:14:10 +02:00
Christophe Vandeplas be10754474 improve logo and email display features 2012-08-31 10:23:40 +02:00
Andrzej Dereszowski 74764d4e8b Merge branch 'master' of code.lab.modiss.be:cydefsig 
Conflicts:
	app/Controller/Component/NidsExportComponent.php
 2012-08-30 10:59:07 +02:00
noud 5c39a46fc8 Sync. 
Better square and croped images.
 2012-08-29 13:11:00 +02:00
noud 4ae71fc963 Sync. 
Sync worked, but we did not know what to do with user_id and org.
Now, on sync, anonymize the user_id, get the Server.organization and put
that into Event.org.
And, display owning flag if Event.user_id or get the Server.logo
belonging to Event.org (=Server.organization) when Event.user_id is
empty (=0).

To this there is organization name and logo in bootstrap and
other organizations names and logos in Servers.
 2012-08-28 15:36:14 +02:00
noud 4cec4e69f9 correlation. 
do not use the AttributesController::event now,
just use the old EventsController::view.
 2012-08-24 14:06:08 +02:00
noud 7d98c5f31e GFI Sandbox upload. 
If add event, give a GFI Sandbox export file upload field option.
Unzip, read .xml, add attachment malware, created files and ip-dst.
 2012-08-22 16:04:55 +02:00
Christophe Vandeplas df46c4d93b minor layout improvement on the export info page 2012-08-20 14:32:53 +02:00
noud b0614c5b95 Whitelist. 
Mention the whitelist for NDIS export on Export page.
 2012-08-06 10:44:16 +02:00
noud 2dea0e347d Correlation performance gain. 
in Config/bootstrap.php add
Configure::write('CyDefSIG.correlation', 'sql');

possible values: 
- default, like it was
- db, correlation in database
- sql, selection on attributes i.s.o. per attribute
  (sql improvement possible if result conform db above)

Network activity, ip-src
30 class-C network ip addresses
(7650 tupels) (time in ms)

          default     db    sql
all         25366  16601  15941
            24839  16604  15611
paginated   16759   8447   6615
            17734   8639   8846

this is used in both:
- events/view/<id>
- attributes/event/<id>
 2012-08-03 12:00:16 +02:00
noud bda5e56f9b Export HIDS files with MD5 and SHA-1. 2012-07-27 15:19:40 +02:00
Andrzej Dereszowski 3ff180e898 Merge branch 'develop_0.2.2-0.2.3' into develop 
Conflicts:
	app/Config/Schema/schema_0.2.2.php
	app/Config/routes.php
	app/Controller/AppController.php
	app/Controller/UsersController.php
	app/Model/User.php
	app/README.txt
 2012-07-24 16:09:48 +02:00
git 8ba98a1e57 Rollback of pagination on event view 
Comeback to previous event layout. This does not change the preformance issue so it is not worth to put in stable.
We will move it to the devel branch
 2012-07-24 15:44:04 +02:00
noud de89d28caa Fix, paging on event with lots of attributes. 2012-07-20 13:27:55 +02:00
noud 25d5ff4290 Show events with user.email if admin. 2012-07-19 14:53:12 +02:00
deresz dbf7fafea8 Correction to "link" attribute type - links were not actually created. 
Also changed it to proper "cake" way.
 2012-07-04 15:51:19 +02:00
noud 66c5312ea6 DataBase migrate, Audit and Access Control granulation. 2012-06-28 17:24:12 +02:00
root b4558887ce Revert "Audit and ACL first cut." 
This reverts commit 5818231f48.
 2012-06-26 09:40:52 +02:00
noud 5818231f48 Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
Christophe Vandeplas 66a9950d14 minor improvement in usability on index pages 2012-06-25 08:00:08 +02:00
Christophe Vandeplas 5eb6a89384 removed reference to useless user_id. 
fixed bug where Contact reporter doesn't work when user does not exist
(contact reporter now sends mails to all the org)
 2012-06-08 16:57:10 +02:00
Christophe Vandeplas e453ee0e97 Sanitize::html() to h() for views is the way to go 2012-06-05 10:00:36 +02:00
Andrzej Dereszowski 7ee4d29fac Fixed merge conflicts with HEAD at belmod 
Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop

Conflicts:
	app/Controller/EventsController.php
	app/Model/Attribute.php
 2012-05-29 17:19:36 +02:00
Andrzej Dereszowski 1a91c2f49b Help messages implementation (forms and list views). 2012-05-29 16:53:50 +02:00
Andrzej Dereszowski 51dbbcfa13 Explanation messages implemenented for forms and for list views (using 
"title" html element)
 2012-05-29 16:50:45 +02:00
Christophe Vandeplas e4feaaa013 Part of the documentation added - docu written by Miguel Soria Machado 
(CERT-EU)
 2012-05-25 14:56:58 +02:00
Christophe Vandeplas c713d6498f fixes previous commit 2012-05-21 13:41:04 +02:00
Christophe Vandeplas 04ffe374a1 layout improvement in attribute display 2012-05-21 13:34:53 +02:00
Christophe Vandeplas 6da1906bf4 fixes typo in alert message 2012-05-16 10:27:09 +02:00
Christophe Vandeplas e5c0c5b081 do not show related events if the variable was not set 2012-04-26 18:50:58 +02:00
Christophe Vandeplas f0b8f89d50 fixes lowercase attribute bug in xml output of Events/view and hide 
value1 and value2 from the output
 2012-04-26 18:48:05 +02:00
Christophe Vandeplas aea079b8c4 bugfix in Attribute validation 
Do not search for related attributes for specific types
 2012-04-25 10:30:23 +02:00
Christophe Vandeplas d0b52de85e fixed typo 2012-04-25 09:50:40 +02:00
Christophe Vandeplas c2975a77a4 Allow saving of data using REST API 2012-04-07 08:31:01 +02:00
Christophe Vandeplas fb958eaacc Logging in for REST using Authorized HTTP header field. 2012-04-06 16:32:33 +02:00
Christophe Vandeplas 49aaced78a Merge commit '9e043116228c4866b18e92acb076462845bcf22a' into develop 
Fixed conflicts in: app/View/Events/view.ctp
 2012-04-04 17:53:51 +02:00
Andrzej Dereszowski faffe87ea6 - some bugfixes in validation corrected 
- new attribute type - link to external site
 2012-04-02 19:24:50 +02:00
Andrzej Dereszowski 62ceed286c - signatures are displayed by category always in the same order defined in model 2012-04-02 11:53:44 +02:00
Christophe Vandeplas 2142585710 Implemented basics for private, nonsyncable, Events or Attributes. 2012-04-01 18:41:47 +02:00
Christophe Vandeplas bf8ae66e9c First version or REST API to export data 2012-04-01 17:30:00 +02:00
Christophe Vandeplas 19eaa12050 Allow publishing of events without sending email. 2012-03-31 22:07:35 +02:00
Christophe Vandeplas 0fff291c67 fixed minor CSRF vulnerability + added google link on vulnerability type 2012-03-31 21:55:09 +02:00
Christophe Vandeplas 95455f51a6 Fixed minor bugs 2012-03-27 18:58:11 +02:00
Christophe Vandeplas 20cddd07db changed alerted -> published 
other minor fixes
 2012-03-27 14:49:31 +02:00
Christophe Vandeplas 7c4394682d Renamed Signature to Attribute 2012-03-26 19:56:44 +02:00
Christophe Vandeplas 28cf7d44e9 XML export ... woohoo !!! 2012-03-26 15:06:01 +02:00
Christophe Vandeplas 803bdbdf87 micro HTML bugfixes in views 2012-03-25 16:25:16 +02:00
Christophe Vandeplas 86b760cd54 Print Cascading Stylesheets and minor layout fixes 2012-03-25 15:02:15 +02:00
Christophe Vandeplas da2687846b Implemented file-upload of attachment or password protected 
malware-samples. Base code contributed by Andrzej Dereszowski
 2012-03-23 20:04:22 +01:00
Christophe Vandeplas 23572019bb Signature is now known as Attribute 2012-03-21 21:25:16 +01:00
Christophe Vandeplas 4bbbfc36c3 Not finished editing -> not published 2012-03-21 11:01:37 +01:00
Christophe Vandeplas 5907c86520 whatever 2012-03-21 10:57:59 +01:00
Christophe Vandeplas c5954b081b Layout improvements 2012-03-20 15:11:02 +01:00
Christophe Vandeplas 495cc1a6c2 UUID support for syncing 2012-03-20 13:40:58 +01:00
Christophe Vandeplas 2c7f01f61e Rename Finish Edit to Publish Event 2012-03-20 08:26:57 +01:00
Christophe Vandeplas 07f6b5e090 cleanup old __('Actions') and non echo __() 2012-03-16 14:13:31 +01:00
Christophe Vandeplas 865a24d0bd Migration to CakePHP 2.1. 
Most of the functionality migrated, Q&A review required.
 2012-03-15 15:06:45 +01:00