- started work on scheduling
- view to add scheduled tasks (still needs work)
- moved cache job bulk-code to the job model from the controller
- bootstrap timepicker
Also, more work on the background jobs
- started work on publishing
- started making the background jobs an optional setting in bootstrap
Conflicts:
app/Controller/AppController.php
app/Controller/EventsController.php
- Event.risk has been replaced by Event.threat_level_id.
all functionality remains the same and users should not see
any difference.
ENUM() used for Event.risk is vendor specific and requires
too many hacks to play nicely with bake.
- Added default schema file, SQL dumps should be avoided since
they make updating/upgrading a pain.
- Removed old unused schemas
- adds JSON example to shell scripts
- adds sample JSON event
- ??? for some redundant Attribute model conditions
- updates travis with CakePHP installation
- some changes to remove strict messages caused by an update to cakephp
- added missing changes to the sql files - all changes from the merge are reflected in ROLECHANGE.sql, import that to upgrade your instance!
- Also some improvements to the shadow attributes
- some minor UI changes
Conflicts:
app/Controller/EventsController.php
app/View/Elements/global_menu.ctp
app/View/Layouts/default.ctp
- ADMIN org removed.
- Siteadmins are now identified by the perm_site_admin flag
- Siteadmins can now be of any organisation
- editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role
- Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin
- If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created)
- Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin.
sha256, http-method, named-pipe and mutex added to the
shadow attributes. Fixing #170
This is not solving the core issue of having duplicate
attributes declaration in MISP but this is fixing the
consistency issue between attributes and shadow attributes.
- we have introduced the "locked" flag for events to protect events of the original creator from being edited by a sync user
- IMPORTANT: before running the script below, make sure to create the locked field for the event table (see INSTALL/LOCKED.sql)
- This script (generateLocked found in the Administrative tools menu) will attempt to set the locked value for existing events to ease the transition
- The default value for locked is 0, and all events created on the instance should be set to this value
- events that were synced from another instance should have their locked value set to 1
- this script checks for local organisations and sets the locked field to 1 for all events not created by them
- a local organisation, as defined for the scope of this scrips is: an organisation with at least 2 members or an organisation with a single member that is not a sync user.
- The script is only accessible by site admins and will return a notification about the number of events altered.
The attribute HTTP method added. By default, the values
must match the known HTTP method from RFC2616, RFC2518,
RFC3253, RFC3648, RFC3744, RFC5789, RFC5323. The method
is case sensitive.
- Users can now see the path they took while jumping from related event to related event
- Removed the breadcrumbs
- Some UI changes (user menues were not showing the active page, etc)
- Regular expressions are now only checked for attributes
- Regular expressions are now defined and checked on a type by type
basis, with the setting "ALL" affecting all attributes
- creation / deletion of several attributes in one edit to accommodate
for several checked type options
- perform on all admin option now only saves attributes that actually
get changed by the regexp, making the function usable again for larger
databases
- Some feedback on what got changed during a perform on all
- UI changes in the index / regexp add / edit views to reflect the type
sensitivity changes
- Since regexp can be used to blacklist things, there's no need to have
two separate features that accomplish the same thing
- Add a regexp named /1.1.1.1/ with nothing as replacement and it will
behave the same as adding a blacklist for 1.1.1.1 in the old system.
- CSV export for individual events, all events, search results
- Whitelists are now preg_matches instead of simple string matches
- whitelist checks are to be applied on almost all exports
(implementation in progress)
- the exception will be the search result exports, if the (to be
implemented) to_ids only checkbox isn't checked