MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
768 Commits
33 Branches
364 Tags
185 MiB
Commit Graph

768 Commits (a1d51d4dfadf9df6b46a13ee8ade5034bd2f577c)

Author SHA1 Message Date
Christophe Vandeplas a1d51d4dfa updated structure of the documentation 2013-02-15 08:20:14 +01:00
Christophe Vandeplas 27c809e5f2 further cleanup 2013-02-14 17:01:49 +01:00
Christophe Vandeplas fd1a985251 updated LICENSE from copyright to AGPL and first cleanup of files 2013-02-14 13:32:48 +01:00
Andras Iklody f754eec840 Minor change to the validation 
- Some types didn't have any validation info, defaulting in an incorrect
input - fixed

- re-enabled the sanitization of file names
 2013-02-11 17:23:07 +01:00
Andras Iklody e17228490b Minor changes to the validation 2013-02-11 15:56:10 +01:00
Andras Iklody afed0f2046 Changes to link validation and minor fixes 
- Links get validated now to filter malicios code

- removed a double edit button in the case of an admin editing himself

- fixed an error with adding new attributes
 2013-02-11 11:26:34 +01:00
Andras Iklody e88a3a9cf7 Updates to security 
- perm_auth new toggle, can disable auth key usage for a role

- prevents sync / rest with a perm_auth == false key

- some changes to sync to provide better feedback on why it failed

- rewording of distribution options
 2013-02-06 17:45:43 +01:00
Andras Iklody 5706fe183f Redirect for ServersController 
Added redirect for index in case of non sync users
 2013-02-06 08:34:41 +01:00
Andras Iklody e976242878 Reworked aros_acos creation 
- moved and fixed the aros_acos creation on the new role creation

- new method in appController that sets all the aros_acos from scratch
  (for example for a new instance, or a changed acos / aros table)

- some minor changes, redirects to the terms page on invalid events
  removed, etc.
 2013-02-05 17:22:37 +01:00
Andras Iklody 6ef3ea7050 Missing file from the last commit 
Missed a file from the package
 2013-02-05 09:21:29 +01:00
Andras Iklody 7f6f166838 Fixes to access rights, some sanitization, etc 
- Admins cannot manually change anyone's authkey, they need to generate a
  new one via the reset link

- Some pages could be accessed by changing the url - fixed (though needs
  further testing)

- Edited a change in the manual that may have been confusing

- Some changes to the way ACL is set up - still needs more work
 2013-02-04 17:55:35 +01:00
Andras Iklody 879a5fb282 Temporary fix for file-uploads under windows 
Added an alternate file-upload/download path creation for PHP_OS ==
'WINNT'

Also removed autofill for the login field
 2013-01-31 10:25:03 +01:00
Andras Iklody 4d0fe60347 Corrected a typo preventing the sync from working 2013-01-30 14:02:36 +01:00
Andras Iklody 29295e1380 changes to the admin org access and sanitization 
1. Some errors fixed in the way redirects worked for org admins

2. fixed some double sanitization resulting in incorrect characters
displayed in certain fields
 2013-01-30 11:49:55 +01:00
Andras Iklody 6333055cfc Added hover over event IDs in search attributes view 
Hovering over the event IDs now shows the event info in the list generated
by the search attributes page
 2013-01-29 13:33:07 +01:00
Andras Iklody 66b9969d29 Security for UsersController 
org admins could edit users of other orgs by accessing the edit page
through the URL. Fixed.
 2013-01-29 10:51:18 +01:00
Andras Iklody 97f56a2275 Further changes to org admins 
org admins can manage their own server connections
org admins cannot see other orgs' users in the users list
 2013-01-29 08:56:38 +01:00
Andras Iklody cd78baeb14 Issue with uploading attachments fixed 
Uploading an attachment would fail while trying to set the event to
unpublished. Fixed.
 2013-01-28 15:51:54 +01:00
Andras Iklody 2d6d806cca Small update to the regular import regexp view 
An empty table cell caused a cosmetic misalignment of the cell border.
 2013-01-28 15:11:48 +01:00
Noud de Brouwer b7464db288 coding standards 
Coding Standards.
 2013-01-28 11:13:51 +00:00
Noud de Brouwer 9d9dd7b4af coding standards 
Coding Standards.
 2013-01-28 11:05:23 +00:00
Andras Iklody 504599fbcc Org admin privileges 
Added restrictions for org admins and regular users to be able to see
regexp/whitelist/blacklist information without being able to edit them.
Org admins can also see the roles but not edit them.
 2013-01-28 11:44:09 +01:00
Noud de Brouwer 729e1e2206 coding standards 
Coding Standards.
 2013-01-28 08:57:30 +00:00
Noud de Brouwer ce430a2005 coding standards 
Coding Standards.
 2013-01-28 08:43:44 +00:00
Noud de Brouwer 4c83ad3cfe coding standards 
Coding Standards.
 2013-01-28 08:42:20 +00:00
Noud de Brouwer a6371f5ad8 coding standards 
Coding Standards.
 2013-01-28 08:32:01 +00:00
Andras 8d88bcb2b5 Fix for the synchronisation 
An error in the pull fix broke the push/publish feature. Fixed.
 2013-01-27 21:27:58 +01:00
Noud de Brouwer 78f0d7ce93 coding standards 
Coding Standards.
 2013-01-25 13:02:58 +00:00
Noud de Brouwer 940df96aa5 coding standards 
Coding Standards.
 2013-01-25 12:58:19 +00:00
Andras Iklody 6afc1e993f Attribute distributions 
Added feature to block distribution levels that would get overruled by the
event distribution. The distribution of the event will be the currently
selected distribution when creating an attribute.
 2013-01-25 13:44:43 +01:00
Andras Iklody b0448c4a92 Merge branch 'develop' of ssh://172.29.79.164/home/git/cydefsig into develop 2013-01-25 12:24:37 +01:00
Noud de Brouwer 3b07348849 distribution 
attributes inherit distribution from event.
 2013-01-25 11:25:18 +00:00
Andras Iklody 9739cd1e35 Fix for the org admin privileges 
Editing / creating users and the organisation permissions for org admins
 2013-01-25 12:22:55 +01:00
Andras Iklody d4c5460d9e Org admin can only see org logs 
Added check for the above
 2013-01-25 11:21:39 +01:00
Noud de Brouwer d6adb11f52 RBAC 
only create users within own organisation.
 2013-01-25 07:52:32 +00:00
Noud de Brouwer 3d40095547 coding standards 
Coding Standards.
 2013-01-25 07:51:20 +00:00
Andras Iklody 24b10579ad Pull fixed 
Fixed the issues with pull, should work fine now
 2013-01-24 17:32:57 +01:00
Noud de Brouwer 3917e93ae6 coding standards 
Coding Standards.
 2013-01-24 14:35:13 +00:00
Andras Iklody ce4bf4bd1b Fixed push/publish 
Fixed a few issues that caused push/publish not to work
 2013-01-24 15:10:59 +01:00
Noud de Brouwer 01c0dc0e71 RBAC 
org admin and RBAC admin.
 2013-01-24 10:35:59 +00:00
deresz b1b47bc56f Better fix to Sanitize::clean() problem 
'escape' option was removed.
 2013-01-24 10:38:51 +01:00
Noud de Brouwer f8b9d85c62 Sanitize 
Sanitize can not be used in PGP key.
 2013-01-24 08:19:47 +00:00
Noud de Brouwer 48ad60eb61 GPG 
start of check/correct.
 2013-01-23 15:22:21 +00:00
Noud de Brouwer e4a812f0ff DB 
in conversion create Blacklist table as well.
 2013-01-23 14:44:41 +00:00
Noud de Brouwer ef0f2201ac PGP 
clean key remark.
 2013-01-23 13:41:34 +00:00
Noud de Brouwer 9da93c51a6 PGP 
direction-like-out-commented try.
 2013-01-23 12:31:55 +00:00
Noud de Brouwer 8bf8ef17ca RBAC 
so role is editable.
(i will not commit/push during after hours ;) )
 2013-01-22 18:37:30 +00:00
Noud de Brouwer 732ac3609f Merge branch 'develop' of ssh://misp.ncirc.nato.int/home/git/cydefsig into develop 2013-01-22 15:25:51 +00:00
Noud de Brouwer 7e5c34770e RBAC 
role editable on user page (by admin).
 2013-01-22 15:25:08 +00:00
deresz 355e9a435e Roles controller Jquery helper added 
For some reason I needed it
 2013-01-22 16:15:32 +01:00