MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
17,853 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

14188 Commits (a6b76e70ae94996ea05540f43b8dff5aba163666)

Author SHA1 Message Date
Jakub Onderka 18402c0489 chg: [internal] Load user role info from session data 2020-12-17 13:49:32 +01:00
Jakub Onderka 7f0d06ae4d chg: [internal] Move user checks to one place 2020-12-17 13:49:32 +01:00
iglocska 9d537c989a
fix: [internal] further promises removed from the galaxy model 
- easier than getting people to stop using EOL software
 2020-12-17 13:29:11 +01:00
Jakub Onderka becbf95c37 new: [UI] Download GPG public key from GPG homedir 2020-12-17 13:19:55 +01:00
iglocska b5c2261484
fix: [internal] removed function promises in crud component 
- to appease EOL php versions...
 2020-12-17 12:48:38 +01:00
iglocska 43f0ff33a8
fix: [delegation] invalid user call 2020-12-16 18:18:04 +01:00
iglocska 06bbde7141
Merge branch 'develop' into 2.4 2020-12-16 11:53:18 +01:00
Alexandre Dulaunoy 5fe4eb5aa2
chg: [warning-lists] updated to the latest version 2020-12-16 10:42:51 +01:00
Jakub Onderka 334d6c6f95 chg: [sighting] Optimise bulk sighting saving 2020-12-16 09:50:06 +01:00
Jakub Onderka 9310f5f871 chg: [shibb] Better log messages for ApacheShibbAuthenticate 2020-12-15 13:20:15 +01:00
Jakub Onderka ff36960e8d fix: [UI] Contact form text 2020-12-14 15:59:58 +01:00
Jakub Onderka 185d3e0941 fix: [distribution graph] Graph doesn't work for non sync users when event is shared to sharing group 2020-12-13 21:47:14 +01:00
Jakub Onderka 072dcfdc1d
Merge pull request #6698 from JakubOnderka/small-ui-fixes 
Small UI fixes
 2020-12-13 13:44:24 +01:00
Jakub Onderka fafb354a75
Merge pull request #6716 from JakubOnderka/cli-import 
new: [CLI] Import events with compressed file support
 2020-12-13 13:26:57 +01:00
Jakub Onderka 46b91f422e
Merge pull request #6730 from JakubOnderka/org-image-svg-uuid 
new: [UI] Find org images also by uuid and support SVG images
 2020-12-13 13:25:01 +01:00
Jakub Onderka aba8317d89 new: [UI] Find org images also by uuid and support SVG images 2020-12-13 13:09:39 +01:00
Alexandre Dulaunoy d25025d664
Merge pull request #6733 from legoguy1000/#6355-Suricata-JA3-Rules 
Create JA3 Hash Suricata Rules
 2020-12-11 23:28:08 +01:00
Jakub Onderka ef7d78e271
Merge pull request #6746 from JakubOnderka/rest-client-menu-permission 
Rest client menu permission
 2020-12-11 22:16:35 +01:00
Jakub Onderka 59c8974fd2 fix: [UI] Show REST client menu item just when user has perm_auth 2020-12-11 19:15:29 +01:00
Jakub Onderka 0904cdfc39 fix: [UI] Show correct sync org for sharing group view 2020-12-11 17:20:46 +01:00
Jakub Onderka 5f75fc07e0 fix: [UI] Change order for sg view 2020-12-11 17:20:46 +01:00
Jakub Onderka 3530123815 chg: [UI] Nicer galaxy cluster view 2020-12-11 17:20:46 +01:00
Jakub Onderka aaabbc12bd fix: [UI] Do not show authkey if advanced authkeys are enabled 2020-12-11 17:20:46 +01:00
Jakub Onderka 1dc04132fe chg: [UI] Nicer icon for discussion reply 2020-12-11 17:20:46 +01:00
Jakub Onderka f19a56955e fix: [UI] For accorddion external link do not propagate click 2020-12-11 17:20:46 +01:00
Jakub Onderka b7bc7be13a fix: [UI] Send email link should be visible just for admin view 2020-12-11 17:20:46 +01:00
Jakub Onderka feddffea35 chg: [UI] Move org UUID after ID to match other page style 2020-12-11 17:20:46 +01:00
Jakub Onderka 06bcef7dd1 chg: [UI] Add cancel for sharing group search 2020-12-11 17:20:46 +01:00
Jakub Onderka cc9e2be6e1 fix: [UI] User search keeps filter 2020-12-11 17:20:43 +01:00
Jakub Onderka 7d5691d0c8 fix: [UI] Show correct menu for EventsController::importModule action 2020-12-11 17:20:02 +01:00
Jakub Onderka 361131073b fix: [UI] For import show correct active menu 2020-12-11 17:20:02 +01:00
Jakub Onderka de1ce7f6c0 fix: [UI] For tags show actions just when user can permission to use them 2020-12-11 17:20:02 +01:00
Jakub Onderka eb42490b9f fix: [UI] For Taxonomies show actions just when user can permission to use them 2020-12-11 17:20:02 +01:00
Jakub Onderka 840bdbb956 fix: [UI] Show correct menu for Contact Reporter page 2020-12-11 17:20:02 +01:00
Jakub Onderka 1ddf44a06d fix: [UI] Remove unused All button from galaxy index 2020-12-11 17:20:00 +01:00
Jakub Onderka f4ff425c90 fix: [UI] Show feed cache buttons just to site admins 2020-12-11 17:19:22 +01:00
Jakub Onderka df9eb9d23d fix: [UI] For fail when uploading stix, show unit for maximum size 2020-12-11 17:19:22 +01:00
Jakub Onderka adf4343d2b fix: [UI] Button border when adding thread port 2020-12-11 17:19:22 +01:00
Jakub Onderka 31563db2fa chg: [UI] Nicer title when creating event report 2020-12-11 17:19:22 +01:00
Jakub Onderka f0877f53a5
Merge pull request #6743 from JakubOnderka/undefined-me 
fix: [internal] Undefined variables
 2020-12-11 17:17:33 +01:00
Jakub Onderka b382c98be0
Merge pull request #6744 from JakubOnderka/user-filter 
new: [UI] Make possible to filter users by active/disabled
 2020-12-11 17:16:51 +01:00
Jakub Onderka 583314bc02 new: [UI] Make possible to filter users by active/disabled 2020-12-11 16:44:55 +01:00
Jakub Onderka 99b783464e fix: [internal] Undefined variable $passedArgs 2020-12-11 15:35:42 +01:00
Jakub Onderka d9184bb167 fix: [internal] Undefined variables when GitHub is not reachable 2020-12-11 15:35:42 +01:00
Jakub Onderka 4004a31584 fix: [internal] Undefined variable me 2020-12-11 15:35:42 +01:00
Alex Resnick 8519f0c968 #6355 Create JA3 Hash Suricata Rules 2020-12-11 08:07:57 -06:00
Jakub Onderka 0cdcca7ab2
Merge pull request #6739 from JakubOnderka/error-message 
fix: [UI] Better error message for permission denied
 2020-12-11 11:08:01 +01:00
Jakub Onderka f5d38bcb3e fix: [UI] Better error message for permission denied 2020-12-10 23:22:18 +01:00
Alexandre Dulaunoy 476e6ab841
chg: [misp-objects] updated to the latest version 2020-12-10 23:08:48 +01:00
Alexandre Dulaunoy 0b318221b2
chg: [warning-lists] updated to the latest version 2020-12-10 23:07:52 +01:00
Jakub Onderka 20053ea32c fix: [security] Do not leak org names when hide_organisation_index_from_users enabled 2020-12-10 23:01:08 +01:00
Jakub Onderka d8f103361f
Merge pull request #6735 from JakubOnderka/error-message 
fix: [UI] Nicer error message for CSRF
 2020-12-10 21:08:14 +01:00
Jakub Onderka 255330e5a2 fix: [UI] Nicer error message for CSRF 2020-12-10 20:38:02 +01:00
Jakub Onderka 9315fa2296 fix: [internal] User should be able to see his org 2020-12-10 15:16:32 +01:00
Jakub Onderka 976591972a
Merge pull request #6727 from JakubOnderka/fix-toggle-url 
fix: [UI] Toggle doesn't work with absolute URLs
 2020-12-09 22:23:35 +01:00
Jakub Onderka 260a3a37b0 fix: [UI] Toggle doesn't work with absolute URLs 2020-12-09 22:11:14 +01:00
Jakub Onderka a4afe1cf31
Merge pull request #6721 from JakubOnderka/org-can-see 
chg: [security] For `hide_organisation_index_from_users` hide more orgs
 2020-12-09 21:27:17 +01:00
Jakub Onderka 8b4a298e4e
Merge pull request #6725 from JakubOnderka/object-delete-ui 
fix: [UI] Confusing messages after object template is deleted
 2020-12-09 21:02:04 +01:00
Jakub Onderka 30488393c9 chg: [security] For `hide_organisation_index_from_users` hide orgs that make contribution that user cannot see 2020-12-09 20:54:39 +01:00
Jakub Onderka 395cb39acb fix: [UI] Confusing messages after object template is deleted 2020-12-09 20:32:23 +01:00
Jakub Onderka e66616d20b chg: [composer] Add ext-rdkafka as suggested dependency 2020-12-09 20:27:12 +01:00
Jakub Onderka 7452d71e52
Merge pull request #6707 from JakubOnderka/event-export-library-mention 
fix: [UI] Do not mention that STIX 2 export require library
 2020-12-09 18:16:57 +01:00
Jakub Onderka fbeb4aee2c
Merge pull request #6720 from JakubOnderka/permission-ui 
Permission UI
 2020-12-09 18:16:33 +01:00
Jakub Onderka c8f7bb4a72
Merge pull request #6719 from JakubOnderka/delegation-access 
fix: [UI] Allow to access delegations index just when delegations are enabled
 2020-12-09 18:09:38 +01:00
Jakub Onderka 1a8d713356
Merge pull request #6717 from JakubOnderka/sharing-group-events 
new: [UI] Show number of events for sharing group
 2020-12-09 18:06:24 +01:00
Jakub Onderka 6f8da2c36b fix: [UI] Allow to access delegations index just when delegations are enabled 2020-12-09 17:49:14 +01:00
Jakub Onderka d6bf3710ba fix: [UI] Do not show REST client menu link when user don't have permission 2020-12-09 17:48:37 +01:00
Jakub Onderka 5fbbe5bfe7 fix: [UI] Do not show taxonomy delete menu link when user don't have permission 2020-12-09 17:44:03 +01:00
Jakub Onderka 191fe8bc89 fix: [UI] Do not show proposals menu link when user don't have permission 2020-12-09 17:39:08 +01:00
Jakub Onderka 65f17928a1 fix: [UI] Do not show extend this event button when user don't have permission to do that 2020-12-09 17:38:25 +01:00
Jakub Onderka 4d0daf6981 new: [CLI] Import events with compressed file support 
Useful for importing big files
 2020-12-09 17:06:04 +01:00
Jakub Onderka 063566a9ad new: [UI] Show number of events for sharing group 2020-12-09 17:04:51 +01:00
Jakub Onderka 6950f55c29 chg: [UI] Use PGP instead of GnuGP, GnuPG is implementation 2020-12-09 10:37:25 +01:00
Jakub Onderka 754f5fcc8b chg: [UI] Hide some fields from user profile and use better description 2020-12-09 10:37:25 +01:00
Alexandre Dulaunoy ce96003b89
fix: [doc] Location typo fixed 2020-12-08 15:47:03 +01:00
Jakub Onderka 480ecfec08
Merge pull request #6695 from JakubOnderka/add-cluster-menu-view 
fix: [UI] Show `Add Cluster` in menu just when user has permission to…
 2020-12-08 11:21:00 +01:00
Jakub Onderka 305605cd3f fix: [sighting] Make sure that correct columns are processed 2020-12-08 11:02:31 +01:00
Jakub Onderka 73eeb9fa6c
Merge pull request #6694 from JakubOnderka/invalid-controller-name-fix 
fix: [rest-client] Do not raise exception for non site admin
 2020-12-08 11:01:12 +01:00
Jakub Onderka 5215d29731 fix: [rest-client] Do not raise exception for not site admin 2020-12-08 08:47:47 +01:00
Jakub Onderka 0a202f7d5e
Merge pull request #6706 from JakubOnderka/role-edit-fix 
fix: [UI] Link to role edit
 2020-12-08 08:44:36 +01:00
Jakub Onderka bd19c72d00 fix: [UI] Do not mention that STIX 2 export require library 
This information can be useful just for site administrators, but not for users
 2020-12-07 22:30:16 +01:00
Jakub Onderka dd04b66440 fix: [UI] Link to role edit 2020-12-07 12:47:35 +01:00
Jakub Onderka a290629fe0
Merge pull request #6699 from folbricht-stripe/s3-fix-writable-check 
fix: Don't fail writable attachment dir test for S3
 2020-12-07 12:07:03 +01:00
Jakub Onderka 837dbce85e chg: [internal] HEAD check if org exists 2020-12-06 22:52:12 +01:00
Jakub Onderka 45fc1cb2bf new: [UI] Allow to search in sharing group list 2020-12-06 18:06:11 +01:00
Jakub Onderka 5dd7f68560 chg: [internal] Simplified SharingGroup::checkIfOwner method 2020-12-06 15:34:49 +01:00
Jakub Onderka 0948c7652c fix: [UI] Show delete and edit button for SG just when user has permission 2020-12-06 15:28:56 +01:00
Jakub Onderka 6a463d85d6 chg: [internal] Load orgs just when it is necessary 2020-12-06 15:28:56 +01:00
Jakub Onderka a3364f66c3 chg: [UI] Use standardised view for sharging group 2020-12-06 15:28:56 +01:00
Jakub Onderka 7092994258
Merge pull request #6701 from JakubOnderka/security-sg-view 
new: [security] Test if user can see sharing groups
 2020-12-06 15:24:24 +01:00
Jakub Onderka cb064dd9ce new: [security] Test if user can see sharing groups 2020-12-06 15:14:42 +01:00
Frank Olbricht c3cc091954 Don't fail writable attachment dir test for S3 2020-12-05 10:23:37 -07:00
Jakub Onderka af9159d951
Merge pull request #6662 from JakubOnderka/php-test 
Disable PHP 8 support
 2020-12-05 13:11:53 +01:00
Jakub Onderka 44caab8f48 fix: [pgp] Key info for older GPG versions 2020-12-05 01:07:18 +01:00
Jakub Onderka 5c55de44c7
Merge pull request #6693 from JakubOnderka/countries-order 
fix: [UI] Sort countries by name
 2020-12-04 22:37:42 +01:00
Jakub Onderka b5739c3817
Merge branch 'develop' into add-cluster-menu-view 2020-12-04 22:16:31 +01:00
Jakub Onderka a49669b346 fix: [UI] Show `Add Cluster` in menu just when user has permission to add cluster 2020-12-04 22:13:54 +01:00
Jakub Onderka 82a1a38bb4 fix: [UI] Sort countries by name 2020-12-04 21:40:27 +01:00
Jakub Onderka 523db69292
Merge pull request #6691 from JakubOnderka/shibb-new-org-local 
chg: [shibb] Newly created org should be local
 2020-12-04 21:11:35 +01:00
Jakub Onderka 1381e6c0d4 chg: [shibb] Newly created org should be local 2020-12-04 20:40:26 +01:00
Jakub Onderka 0bfc0bf38a fix: [security] XSS in authkey comment field 2020-12-04 16:20:02 +01:00
mokaddem 0e2ef44fe3
chg: [galaxyClusters:view_relation_tree] Adjust height based on the 
number of nodes
 2020-12-04 09:05:21 +01:00
iglocska 56f91f9b5f
fix: [baseurl] validation relaxed 
- no more arbitrary junk blocking https://localhost
 2020-12-01 13:41:52 +01:00
iglocska a332e1379c
Merge branch '2.4' into cerebrate 2020-11-30 23:49:40 +01:00
iglocska 776405c5ec
chg: [ACL] cerebrate added to the ACL 2020-11-30 23:48:20 +01:00
iglocska 320191bbd8
chg: [querystring] bump 2020-11-30 23:46:37 +01:00
iglocska 03deb585c8
chg: [image] added cerebrate logo 2020-11-30 23:46:07 +01:00
iglocska a016c00569
new: [factories] generic confirmation UI factory added 2020-11-30 23:45:12 +01:00
iglocska 84933646f7
new: [Cerebrates] added Cerebrate sync functionality 
- add/modify cerebrate links
- preview cerebrate instanes for organisations
- fetch organisations from cerebrate
  - ingests new organisations and updates existing ones

- More to come in the future
 2020-11-30 23:43:44 +01:00
iglocska 18593bfedf
chg: [js] runIndexQuickFilter changes 
- added optional url parameter to set a fixed URL to search from
- added target parameter for ajax refreshes (target css selector)
- added possibility to pass ordered parameters in addition to key value pairs
- added ajax lookups
 2020-11-30 23:41:34 +01:00
iglocska 90d8504b79
chg: [Cerebrate] added to the global menu 2020-11-30 23:41:08 +01:00
iglocska d962beaf16
fix: [communities] search fixed, context no longer defaults to "pending" which is an unknown value 2020-11-30 23:40:07 +01:00
iglocska da3ec7a201
fix: [authkey] fixed a bug causing recurring authkey lookups via model binding failing 
- missing parameter caused the linking to be single use
 2020-11-30 23:39:31 +01:00
iglocska dfb0810e10
fix: [community] removed invalid filter field causing notice errors 2020-11-30 23:39:05 +01:00
iglocska e65b255a62
new: [Cerebrate] db update added 2020-11-30 23:38:38 +01:00
iglocska bcd261cdba
chg: [synctool] added custom model support for the setuphttpsocket() function 2020-11-30 23:37:59 +01:00
iglocska e34b1c29fa
fix: [custompagination tool] hardcoded modelname fixed 2020-11-30 23:37:27 +01:00
iglocska 84afe9f0d3
chg: [CRUD component] call model functions in the afterfind 
- added the option to either use anonymous functions or call model functions in the hook
- fixed a bug with a missing modelname in the lookup scope for fields (carryover from cerebrate)
 2020-11-30 23:35:02 +01:00
iglocska 37af48d8dd
new: [view factories rework] 
indextable:
  - org lookup field cleaned up and made more resilient
  - remote status: status field for checking of the local vs remote state of objects added
  - pagination system updated to allow for ajax pagination
  - random named container added for the index table's scaffolding

side menu:
  - added cerebrate options

side panels:
  - new factory type added for side panel elements (for the usual 2:1 split views)
  - added logo element

single views:
  - child reworked to use the accordion element
  - added side panel support
 2020-11-30 23:30:44 +01:00
Jakub Onderka f202128af1
Merge pull request #6673 from JakubOnderka/news-date-format-change 
chg: [UI] Normalize date format to match rest of MISP
 2020-11-30 21:58:19 +01:00
Jakub Onderka 568e58aa42 chg: [UI] Normalize date format to match rest of MISP 2020-11-30 21:44:59 +01:00
Jakub Onderka e1bf73937a fix: [sightings] Support mysql in sql_mode=only_full_group_by 2020-11-30 19:50:52 +01:00
Jakub Onderka 2c7d6e4466 new: [auth] Allow to enforce auth plugin authentication 2020-11-30 14:46:36 +01:00
StefanKelm 74b47cba8b
Update event-timeline.js 
Few typos...
 2020-11-30 11:41:06 +01:00
Jakub Onderka 53fa20adef
Merge pull request #6665 from JakubOnderka/remove-hashed-keys 
fix: [security] Remove hashed advanced keys from response
 2020-11-29 20:44:03 +01:00
Jakub Onderka 03001303a6 fix: [security] Remove hashed advanced keys from response 2020-11-29 20:34:21 +01:00
Andras Iklody 8fbdaddca2
fix: [bindmodel] added reset = false to the linking of users to authkeys 
- added reset = false in parameters (otherwise consecutive calls to the user model will not include the relation)
 2020-11-29 12:10:53 +01:00
Jakub Onderka 9631f9e09d fix: [UI] Correctly handle truncated values for import 2020-11-27 22:25:24 +01:00
Jakub Onderka cb82ef2755 chg: [composer] Raise minimal PHP version to 7.2 and disable support for 8.0 2020-11-27 17:21:25 +01:00
Jakub Onderka 9a315d33d1
Merge pull request #6578 from JakubOnderka/sighting-statistics 
Experimental: Faster loading sighting statistics
 2020-11-27 16:24:24 +01:00
Jakub Onderka 02b29c1d19
Merge pull request #6657 from JakubOnderka/app-controller-cleanup 
fix: [internal] Remove unused method from AppController
 2020-11-27 09:05:27 +01:00
Jakub Onderka 165da72fdf fix: [internal] Remove unused method from AppController 2020-11-27 09:01:35 +01:00
Jakub Onderka 41d612ee8c
Merge pull request #6633 from JakubOnderka/sg-fetching-optim 
chg: [internal] Fetch just necessary orgs and server object for sg
 2020-11-26 20:52:31 +01:00
Alexandre Dulaunoy 58f7341af7
chg: [misp-galaxy] MITRE ATT&CK updated 2020-11-26 14:29:48 +01:00
Andras Iklody 953f044481
chg: [vhash] removed validation altogether 
- vhash is like a box of chocolates, you never know what you're going to get.
 2020-11-25 21:53:56 +01:00
Jakub Onderka c9e96322a9 new: [shibb] Allow to get organisation UUID from HTTP headers 2020-11-25 21:21:14 +01:00
Jakub Onderka 61f9566b3e
Merge pull request #6613 from JakubOnderka/security-tests 
new: [test] Security test suite
 2020-11-25 19:39:57 +01:00
mokaddem db1fb361e8
fix: [csvExport] Prevent override when using `includeContext` parameter 
Fix #3774
 2020-11-25 09:36:49 +01:00
mokaddem 2c29b78098
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-11-25 08:20:39 +01:00
mokaddem 2eb23a9215
chg: [events:view] Possibility to fetch events without attachments via the API 2020-11-25 08:17:51 +01:00
mokaddem 2681138b88
chg: [galaxyCluster:relationsTreeTool] Ignore duplicated cluster UUIDs 
- Some default clusters have the same UUID. They are the same entity but
stored in a different cluster package. It should be addressed in the
future
 2020-11-25 08:16:06 +01:00
iglocska 75061f6266
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2020-11-25 08:14:33 +01:00
iglocska 71ba725fd1
fix: [text export] cull duplicates after fetching the data 
- pros: No more full group by exceptions
        Handles duplicate culling across internally paginated workloads

- cons: The returned dataset's size will not always match the requested count as duplicates are culled
 2020-11-25 08:11:28 +01:00
Jakub Onderka e15ca97f33
Merge pull request #6081 from JakubOnderka/security_disable_browser_cache 
new: [security] HTTP headers hardening
 2020-11-24 21:00:02 +01:00
Jakub Onderka 54efe760a4 chg: [internal] Better exception description for PGP key validation 2020-11-24 19:21:22 +01:00
Jakub Onderka 4b44db22a9 new: [test] Security test suite 2020-11-24 19:03:17 +01:00
Jakub Onderka 5b9f8dd20a
Merge pull request #6644 from JakubOnderka/fix-redis-unlink 
fix: [internal] Redis unlink method for old Redis versions
 2020-11-24 18:31:16 +01:00
Jakub Onderka d56fe702eb fix: [internal] Redis unlink method for old Redis versions 2020-11-24 18:21:52 +01:00
Jakub Onderka d92b18970a chg: [sighting] Support for postgres 2020-11-24 16:30:03 +01:00
Jakub Onderka 982b7378de fix: [UI] Favourite only for tags 2020-11-24 16:30:03 +01:00