MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
13,858 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

3881 Commits (a98c559bff48842a786f95ed24486b4dc8686533)

Author SHA1 Message Date
chrisr3d 1784b5d76f
fix: [stix 1/2 import] Making the publish checkbox work as expected 
- Publishing as exxpected when the option is
  checked AND the user has the right to publish
 2019-09-28 02:35:22 +02:00
Andras Iklody 7a71d76d82
Merge pull request #5198 from JakubOnderka/redis-info 
new: [internal] Redis diagnostic
 2019-09-27 22:19:05 +02:00
Andras Iklody a7a5226373
Merge pull request #5202 from JakubOnderka/patch-30 
fix: [UI] GnuPG diagnostic message
 2019-09-27 22:18:33 +02:00
mokaddem f58f756dd8
Merge branch '2.4' of github.com:MISP/MISP into revisedUpdateProcess 2019-09-26 16:26:06 +02:00
mokaddem 84290eaae6
chg: [dbSchemaDiagnostic] Added support of db_version 2019-09-26 15:20:32 +02:00
mokaddem 80b345c24e
chg: [dbSchemaDiagnostic] Improved parsing and UI - WiP 2019-09-26 14:34:05 +02:00
Andras Iklody 90e1b8807e
Merge pull request #5215 from ancailliau/add_localtag_api 
Add support to add local tags to an event using the API.
 2019-09-26 12:59:14 +02:00
mokaddem c72f04dd90
Merge branch '2.4' into revisedUpdateProcess 2019-09-26 12:13:49 +02:00
iglocska dc25176384
fix: [internal] paranoid log body didn't contain full body for API calls 2019-09-26 10:28:53 +02:00
iglocska 213cd99ebf
fix: [logging] paranoid log entry not logging request body via the API 2019-09-26 10:26:32 +02:00
iglocska 946602a696
new: [User settings] Added user settings system 
- set settings / user
- settings can be set by user themselves or their org admin / site admin
- added first setting: publish_alert_filter
- accepts boolean branched filter options
  - supports deep logical trees
  - OR/NOT/AND
  - currently supports filtering on tags and the creator organisation
 2019-09-25 11:50:54 +02:00
Antoine Cailliau 453a54ca0d Add support to add local tags to an event using the API. 2019-09-25 09:19:30 +00:00
Jakub Onderka 2b28d0c39e
fix: [UI] GnuPG diagnostic message 2019-09-23 09:38:15 +02:00
Jakub Onderka 84d100e982 new: [internal] Redis diagnostic 2019-09-21 07:43:35 +02:00
iglocska 13ce0e099a
fix: [UI] Loading of local tags fixed via the UI, fixes #5197 
- over-zealous ACL removed local tags for non sync users
- UI only functionality, no need for the restriction at al
 2019-09-20 15:59:20 +02:00
iglocska 4cca9e01f0
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-20 11:54:46 +02:00
iglocska c6a1941454
fix: [API] Added DELETE http method to the rest client and fixed the JSON response of the API info 2019-09-20 11:53:28 +02:00
iglocska 0b799a43db
fix: [API] remove weird line breaks from the API descriptions 2019-09-20 11:53:03 +02:00
chrisr3d c4538e0a45 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2019-09-20 09:46:13 +02:00
iglocska 9b2916a4c0
fix: [community access requests] fixed serveral issues, fixes #5194 
- added missing view to preview the request
- don't throw errors when possible, instead show what should have been sent
 2019-09-19 15:14:51 +02:00
Andras Iklody f5e4c4f1bf
Merge pull request #5187 from challs/refactor-appController 
Refactor app controller
 2019-09-19 11:37:56 +02:00
Andreas Rammhold 624476a1f9 chg: [AppController] move debugMode setup code to a function so it can be reused 
There were already two places in AppComponent that implemented the same
functionality. It makes sense to move this to a common function so it
can also be used from Controllers that do not inherit the full
beforeFilter functionality.

Since `__preAuthException` is private and only called from the
beforeFilter method after the variable has been setup we can remove
the explicit init from there.
 2019-09-18 15:57:28 +02:00
Andreas Rammhold 96311ef480 chg: [AppController] move the database connection setup to a dedicated function on the AppComponent 
This removes a bit of clutter from the already large beforeFilter
method and allows other views to resuse the logic without having to
duplicate it.
 2019-09-18 15:57:28 +02:00
Andreas Rammhold 013b3ac619 chg: [AppController] move the `baseurl` configuration into a helper method 
This makes the beforeFilter function a bit smaller while keeping all the
functionality. It will also help with reusing the setup logic in views
that can not execute all of AppComponent::beforeFilter, like the
LinOTPAuth plugin.
 2019-09-18 15:57:28 +02:00
Andreas Rammhold 3cbc36af4e chg: [AppController] move loading and initialisation of Auth plugins to reuseable method 
For some authentication workflows it might be desireable to execute the
exact same code without having to call the entire beforeFilter method
from the base class. That way you do not have to work around all the
edge cases without having to reinvent the same code in multiple
locations.
 2019-09-18 15:57:28 +02:00
Andreas Rammhold 9edffd01ba chg: [AppController] move login redirects to dedicated functions 
This makes it easier to modify the login redirect behaviour in a unified
way. For now this just uses the default Auth loginAction while setting
the `admin` attribute to `false`. Thus application behaviour should be
unchanged.
 2019-09-18 15:57:28 +02:00
iglocska 71d8436cbc
fix: [UI] If a server add with a newly created external organisation fails, set the external organisation as the currently selected option after the validation fail redirect, fixes #5182 2019-09-18 14:37:42 +02:00
chrisr3d b3ded21b39
fix: [import modules] Avoiding issues with empty module parameter 2019-09-17 16:02:41 +02:00
iglocska 71a0fd350b
fix: [UI] Annoying race condition fixed causing redirects to the login, fixes #5172 2019-09-17 12:40:22 +02:00
iglocska 518c83362c
chg: [version] bump 2019-09-16 13:55:16 +02:00
iglocska b6ba80e26e
fix: [prio] changePriority function responses fixed 2019-09-13 15:50:06 +02:00
iglocska 5002e536ff
chg: [API] /events/view now accepts the deleted parameter via posted parameters too 2019-09-13 15:34:12 +02:00
iglocska 4d0d538ba0
fix: [API] hard delete passable via different methods to /attributes/delete than just ordered URL parameters 2019-09-13 15:18:39 +02:00
iglocska 0f4613ebd3
fix: [internal] Fix post check for attribute delete function via the API 2019-09-13 15:13:09 +02:00
iglocska 0a1165dead
fix: [ACL] priority change for servers tied into the ACL 2019-09-13 13:22:23 +02:00
iglocska 850159627a
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-13 11:51:05 +02:00
iglocska ffc9147018
new: [sync] Added sync priority system to prioritise the order of instances to push to 2019-09-13 11:49:12 +02:00
mokaddem e2a0d55348
fix: [decaying] `.json` view in `decaying/view` 2019-09-13 08:17:44 +02:00
mokaddem 813d222bf4
chg: [decaying] Added log entry if formula cannot be loaded 2019-09-12 14:10:17 +02:00
mokaddem cfafc2e51f
Merge branch '2.4' of github.com:MISP/MISP into decaying 2019-09-12 13:35:35 +02:00
mokaddem 377e748771
fix: [event] typo 2 2019-09-12 11:40:23 +02:00
mokaddem f6f1310a50
chg: [decaying:model] Third batch of fix from the PR review - WiP (not tested) 2019-09-12 11:17:33 +02:00
mokaddem 1b59a8e192
chg: [decaying:model] Second batch of fix from the PR review - WiP (not tested) 2019-09-12 11:02:39 +02:00
mokaddem a990727db2
chg: [decaying:model] First batch of fix from the PR review - WiP (not tested) 2019-09-12 10:42:53 +02:00
mokaddem 48c89ea333
chg: [event] applying few PSR2 rules 2019-09-12 10:18:52 +02:00
mokaddem 70f77f7c0e
chg: [decaying:simulation] restSearch comments added to be fixed in next 
decaying version
 2019-09-12 10:16:07 +02:00
mokaddem 5a291d87a5
chg: [decaying] First batch of fix from the PR review - WiP (not tested) 2019-09-12 09:38:15 +02:00
Andras Iklody bf55db64e4
fix: [regression] removed readded invalid acl entry 2019-09-12 06:45:58 +02:00
iglocska fdf1379f3f
fix: [ACL] removed two unused functions 2019-09-11 17:25:49 +02:00
iglocska ed0450faf4
new: [API] verbose output for /servers/update 2019-09-11 16:52:14 +02:00
iglocska 32873d7ebc
fix: [API] Empty strings should be embedded in an array for the JSON output 2019-09-11 16:41:42 +02:00
iglocska 290a92808d
fix: [customauth] default setting for use_header_namespace should adhere to what is displayed (true) 
- as requested by the MELiCERTES consortium for CSP
 2019-09-11 09:28:45 +02:00
mokaddem 35e2c62947
chg: [app] bumped queryversion 2019-09-10 15:43:20 +02:00
mokaddem f3860ade80
Merge remote-tracking branch 'origin/2.4' into decaying 2019-09-10 15:40:25 +02:00
iglocska 8a8ac9852c
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-10 15:23:31 +02:00
iglocska 77f767ff02
fix: [internal] blackhole function default fixed 2019-09-10 15:22:55 +02:00
mokaddem 9c02459fd0
new: [servers:DBDiagnostic] Improved indexTable and added new DB schema 
diagnostic (WiP)
 2019-09-10 15:13:06 +02:00
Andras Iklody 6b42f089cd
Merge pull request #5129 from JakubOnderka/array-copy-remove 
chg: [users] Remove unused method UsersController::arrayCopy
 2019-09-10 11:32:30 +02:00
iglocska 42a9e533b2
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-09-10 10:25:42 +02:00
iglocska e6e5f737d3
fix: [ACL] Added resetremoteauthkey to the ACL system 2019-09-10 10:25:14 +02:00
Jakub Onderka 1cd2ff5ca6 chg: [users] Remove unused method UsersController::arrayCopy 2019-09-09 23:37:37 +02:00
Jakub Onderka 50a0f564c6
fix: [audit] Correct title in audit log when admin edit user 2019-09-09 19:34:38 +02:00
iglocska d1e3f0455a
fix: [sync] Post test fixed for sync users 2019-09-09 15:36:30 +02:00
iglocska 33f7444fe9
new: [auth key fail logging throttle] Throttle the auth key failed log entries to 1 / hour / key 2019-09-09 14:09:18 +02:00
iglocska 75acd63c46
fix: [security] Fix to a vulnerability related to the server index 
- along with various support tools
- more information coming soon
 2019-09-09 13:00:21 +02:00
mokaddem 1d378fd7bd
Merge remote-tracking branch 'origin/2.4' into decaying 2019-09-06 16:21:17 +02:00
mokaddem e3fea69f5e
chg: [decaying:import] When importing a model, mapping is imported as custom mapping 2019-09-06 16:09:39 +02:00
mokaddem ecbea013a1
fix: [decaying:import] imported models from directory are correctly 
saved as default
 2019-09-06 15:50:24 +02:00
mokaddem 0d0002ee70
fix: [decaying:import] Correctly remove id, uuid and preserve the import 
data
 2019-09-06 15:42:52 +02:00
mokaddem e3b78bbac9
chg: [decaying:simulation] Support of `score` on-the-fly threshold 
override
 2019-09-06 15:19:33 +02:00
mokaddem 515f0572df
chg: [decaying] Added alias `score` to override on-the-fly the treshold 
of a model
 2019-09-06 14:55:12 +02:00
mokaddem 3f57d600d0
chg: [decaying] `includeFullModel` parameter support in the UI 2019-09-06 11:43:08 +02:00
mokaddem 893dd617c8
chg: [attribute:restSearch] New paramter `includeFullModel` to attach 
full model information
 2019-09-06 11:32:54 +02:00
mokaddem 519ec416ea
fix: [event:view] Toggle boolean buttons 2019-09-06 11:22:14 +02:00
iglocska 41f5c88c74
fix: [sync] Fixed major performance blocker 
- fix based on the insights of @RichieB2B, the hero we need, not the one we deserve
- added orgc_uuid to the minimal event index
- added handlers for it on the pull side
- when pulling from old instances the new functionality is skipped, resulting in the behaviour we had pre-patch
- both sides of the sync are encouraged to update, especially if the slow pulls are causing issues
 2019-09-06 10:59:48 +02:00
Jakub Onderka a45575a44d chg: [feed] Error handling for saveFreetextFeedData 2019-09-03 17:24:06 +02:00
Jakub Onderka 78f113c563 chg: [feed] Proper error handling for fetching feed events 2019-09-02 17:51:37 +02:00
Jakub Onderka 5b2bb6d0fa chg: [feed] Proper error handling for fetching freetext feed 2019-09-02 17:51:37 +02:00
Jakub Onderka 9ee3570379 chg: [feed] Proper error handling for fetching feed manifest 2019-09-02 17:51:37 +02:00
Richie B2B f6b18ccada
Fix Declaration of RestResponseComponent warning 2019-08-30 19:39:05 +02:00
iglocska 8630384f56
fix: [export] Add a proper filename to the event restsearch API's output to make downloading events a bit more convenient, fixes #4905 2019-08-30 15:39:48 +02:00
iglocska 2053d7e74f
fix: [authentication] prepend the baseurl to the login/logout redirects - fixes #3871 2019-08-30 15:24:29 +02:00
iglocska 06b786f930
fix: [API] Messages fixed for event delegations 2019-08-30 14:08:21 +02:00
iglocska af3ee16c92
fix: [API] event delegation inverted invalid IF branch 2019-08-30 13:50:13 +02:00
iglocska 540da23852
new: [API] Added event delegations to the list of API enabled functions 
- last minute feature creep
 2019-08-30 13:47:54 +02:00
iglocska 145730fe60
chg: [VERSION] bump 2019-08-30 13:09:41 +02:00
iglocska 1c2b657a02
fix: [API] Set gpgkey to '' instead of array() if user has no pgp key set 2019-08-30 11:16:16 +02:00
iglocska 181bda4698
new: [requestAccess] Made the requestAccess endpoint more API friendly and some UI improvements 
- better handling of empty parameters
- added the mock functionality to both API and UI, this will generate the e-mail to be sent and return it with no actual sending happening
- defaulting to mock if emailing is disabled
- fixed some minor bugs
 2019-08-30 11:10:59 +02:00
iglocska 1f9fcd209d
fix: [API] Added gpgkey as a valid parameter for requestAccess in the API description 2019-08-30 10:53:37 +02:00
iglocska f49c38a7fd
chg: [field rename] Renamed all community fields with redundancy to something more simple (community_uuid -> uuid, etc) 2019-08-30 09:46:22 +02:00
iglocska cc3fe7d8cf
chg: [restresponse] Added tooltips to the translatable strings, added communities/requestAccess 2019-08-30 09:36:50 +02:00
iglocska ab4a259424
chg: [API] communities/requestAccess made more API friendly 
- defaults set automatically if not set
- tied into self-describe API on GET
- fixed the attached PGP key to be the one supplied if it deviates from the user's key
 2019-08-30 09:35:12 +02:00
mokaddem 059b25f262
chg: [decaying] Added `default` column in decayingModels table, code 
path for `rest` and improved ACL
 2019-08-30 09:18:00 +02:00
mokaddem 4dbbf79c59
fix: [acl:decaying] Fixed ACL permissions 2019-08-29 16:01:55 +02:00
mokaddem 8ab78ad079
fix: [decaying:add] Formula field should be a select 2019-08-29 15:37:27 +02:00
mokaddem 673b314ce6
chg: bumped query version 2019-08-29 13:03:25 +02:00
mokaddem a5d06d1333
Merge branch '2.4' of github.com:MISP/MISP into decaying 2019-08-29 10:52:18 +02:00
iglocska 0e903115b6
new: [communities] Added version and did some cleanup on the e-mail sent in a request 2019-08-29 10:32:02 +02:00
iglocska 5f1f604231
new: [communities] Include information about the server used to issue the request 2019-08-29 10:15:00 +02:00
iglocska 1628627040
fix: [communtiies] Added correct responses to the community request interface 2019-08-29 10:08:44 +02:00
iglocska 3dc96a442d
Merge branch '2.4' into feature/communities 2019-08-29 09:33:22 +02:00
iglocska 6407938475
chg: [ACL] Added new community functions to the ACL component 2019-08-29 09:27:19 +02:00
iglocska 3aecc82804
fix: [cleanup] removed unused functions 2019-08-29 09:27:00 +02:00
iglocska feb7fe82dd
new: [communities] Added support for requesting access for known communities 
- site admins can list the misp-project maintained community list
- request access to any of the communities
 2019-08-29 09:24:33 +02:00
Andras Iklody 8a15089237
Merge pull request #5079 from zaphodef/fix/contact_event_api 
fix: contact reporter via API
 2019-08-28 15:35:57 +02:00
Pierre-Jean Grenier 14314ebd75 fix: contact reporter via API 2019-08-28 14:07:55 +02:00
mokaddem c333d23f2d
chg: [decaying] Improved embedded JSONs saving 2019-08-28 12:03:37 +02:00
mokaddem 82e70fee12
fix: [appController] Fixed updateProgress redirection link. Fix #5068 2019-08-27 15:02:02 +02:00
mokaddem 5fdfdb0028
chg: [decaying:base_score_config] Added reason of taxonomy exclusion 2019-08-27 13:59:36 +02:00
Andras Iklody 6275cdfbd3
Merge pull request #5066 from zaphodef/feature/encapsulation_api 
chg: No need to encapsulate data in API request
 2019-08-27 13:06:23 +02:00
Pierre-Jean Grenier 74c019f8c5 chg: No need to encapsulate data in API request 2019-08-27 10:54:15 +02:00
iglocska 5916de9d5e
fix: [API] Fixed output of the attribute histogram 
- no more STIX-ish barf inducing numeric string keys for dictionaries
 2019-08-27 10:34:29 +02:00
mokaddem fd30141cdf
Merge branch '2.4' of github.com:MISP/MISP into decaying 2019-08-27 08:20:42 +02:00
Andras Iklody a53ccf8976
Merge pull request #5062 from zaphodef/fix/undefined_distribution 
fix: Default to 0 when no distribution is specified
 2019-08-26 23:25:25 +02:00
Pierre-Jean Grenier 0645e19dd0 fix: Default to 0 when no distribution is specified 
The current behavior conducted to set distribution to -1 in the returned json, and raise an 'Undefined index' notice
 2019-08-26 16:49:08 +02:00
mokaddem 37f474280d
chg: [decaying] Improved response when adding a model 2019-08-26 16:26:02 +02:00
Pierre-Jean Grenier a7bef2aba1 chg: Delegate to org by UUID 2019-08-26 16:08:04 +02:00
iglocska 209c4903dd
fix: [ACL] allow users to see delegations 2019-08-26 11:58:37 +02:00
Jakub Onderka 6174c9c698
fix: [UI] Info message should not be error 2019-08-23 19:40:20 +02:00
iglocska e4708c0b6c
fix: [UI] Multi select and deletion of events fixed, #5046 2019-08-23 11:56:50 +02:00
iglocska 8769bed9ec
new: [delegations] Added delegation index, fixes #5023 
/event_delegations/index

accepts context as a parameter with the following possible values:
- pending: all delegations awaiting my organisation's review (default)
- issued: all delegations issued by my organisation

parameters can be passed via key:value parameters or via json objects
 2019-08-23 11:38:47 +02:00
mokaddem 07f1c43d55
fix: [decaying:tool] Correctly update the state of the enable/disable 
button after editing
 2019-08-23 10:39:07 +02:00
mokaddem 446cf9d823
fix: [decaying:tool] Prevent Object types overriding attribute types 2019-08-23 10:23:19 +02:00
mokaddem 82972c4850
fix: [decaying:tool] Set `isEditable` parameter after editing a model 2019-08-23 09:01:04 +02:00
mokaddem ed98d73be7
Merge branch '2.4' of github.com:MISP/MISP into decaying 2019-08-22 15:33:09 +02:00
mokaddem 5a9a905c8d
chg: [decaying] Added formula description in multiple location 2019-08-22 11:47:57 +02:00
mokaddem 3a64405bd9
chg: [decayingMapping] Refacto - Comments and code optimization 2019-08-22 11:31:50 +02:00
iglocska f6f5a8f0f5
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-08-22 10:42:26 +02:00
iglocska 96475f59f6
fix: [admin] Invalid domain restriction check for site admins, fixes #5035 2019-08-22 10:41:30 +02:00
Andras Iklody 59d8dae2db
Merge pull request #5036 from zaphodef/feature/events_contact_api 
chg: /events/contact/{event_id} can now be properly called from API
 2019-08-22 09:11:48 +02:00
Pierre-Jean Grenier 9f983ed071 chg: /events/contact/{event_id} can now be properly called from API 2019-08-21 17:53:04 +02:00
iglocska eaae866397
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-08-21 17:02:33 +02:00
iglocska bbc05b229f
new: [diagnostics] Added SQL table size tool 
- along with various other small fixes
- increased recommended memory size additionally
 2019-08-21 17:01:52 +02:00
mokaddem 86ca816dcf
chg: [decaying] refact - Accept PUT and added comment for attribute 
removal in restSearch
 2019-08-21 15:53:13 +02:00
mokaddem 3f78f0e260
chg: [decaying] Code refactoring, commenting and slight optimization 2019-08-21 15:42:14 +02:00
mokaddem efa1897c34
chg: [decaying] Renamed `tau` and `delta` into `lifetime` and 
`decay_speed`
 2019-08-21 10:02:26 +02:00
Pierre-Jean Grenier 851cfb84e4 chg: Setting the 'Tag' key when editing a tag through API is not mandatory (consistency) 2019-08-20 17:46:44 +02:00
iglocska 02376113a3
fix: [API] Made delegateEvent API friendly, fixes #5026 2019-08-20 16:45:52 +02:00
iglocska 3e9752a6a8
fix: [API] delegate events by UUID, fixes #5024 2019-08-20 16:38:48 +02:00
mokaddem 26afe1765d
chg: [roles] Added `perm_decaying` role 2019-08-20 16:37:06 +02:00
Andras Iklody d2c7eb6b9b
Merge pull request #5006 from JakubOnderka/not-found-exception 
fix: Replace not exists MethodNotFoundException with NotFoundException
 2019-08-20 16:30:02 +02:00
mokaddem cd5c9f7d1d
Merge remote-tracking branch 'origin/2.4' into decaying 2019-08-20 15:00:38 +02:00
Andras Iklody 69885806b0
Merge pull request #5021 from zaphodef/feature/return_sighting_add_rest 
chg: Return the sighting when adding one through REST API
 2019-08-20 13:45:55 +02:00
Andras Iklody cafef3dfae
Merge pull request #5020 from zaphodef/rest_import_module 
fix: Import modules using 'misp_standard' format can be called via RE…
 2019-08-20 13:40:18 +02:00
iglocska fb100a037a
fix: [ACL] Fixed read only users not being able to list the sightings, fixes #5022 2019-08-20 11:51:11 +02:00
Pierre-Jean Grenier 8207a64890 chg: Return the sighting when adding one through REST API 2019-08-20 10:52:12 +02:00
mokaddem 0866077fc6
chg: [decaying] Improved ACL integration for the UI 2019-08-20 10:06:15 +02:00
mokaddem 3979c29b61
fix: [decaying] Fixes on UI, Basescore overflow and unauthorized 
edition
 2019-08-20 09:25:48 +02:00
Pierre-Jean Grenier d6d91c56f3 fix: Import modules using 'misp_standard' format can be called via REST API 2019-08-19 16:44:49 +02:00
mokaddem a683b420bd
fix: [decaying:acl] Various ACL fixes 2019-08-19 15:19:01 +02:00