- timestamp field added to events and attributes (int length 11 called
timestamp, default value 0)
- timestamps created on add / edit when apprioriate
- during an add, if an event/attribute is not being pushed through a
sync with an existing timestamp, create a timestamp
- on edit, check whether the timestamp is newer than the old one and
only add the attribute or event then
checks
- actAs acl removed from role and user models together with some extra
code related to the ACL
- Fix of the filename regex as pointed out by cvandeplas.
- Orgs can propose new attributes or changes to existing attributes for
events that they do not own
- publishing users of the owner organisation can see, accept or discard
them
- Reworked the access control
- minor fixes
- New search functionality on request - restrict attributes by
organisation
- Also, attributes in the list attributes and search attributes result
pages, that belong to the user's organisation will have a red event ID
- To restrict the authentication key from being used by interactive users,
implemented a new export page that uses the uses cake's user
authentication
- the old export features still exist for users with perm_auth enabled
accounts - renamed to automation
- Exporting the events that found attributes belong to in a search
attributes result page
- exporting of individual events to file by clicking a link in event view
- Removed javascripts based title bubble showing the event info in related
events / attributes and in the search attribute view.
- Replaced it with values provided by extra cake queries as the delay for
fetching the info field through a js rest request was annoyingly slow
- some coding standards
- Updated the check for authorisation to view an event and attribute as
the system hid some valid combinations (such as a server only attribute
in a higher distribution level event).
- changes to the validation of the results
- fixes an issue where the escaping of slashes showed up with a //
- made the found results more visible and case insensitive
- Fixed an issue that caused attribute values to be converted to 1 on
save in case of an empty regexp table
- Filename validation now happens via whitelisting instead of filename
sanitization
- Only the creating org of the event can change the distribution of
attributes
- Attribute distribution setting are only pushed on edits if they were
manually changed (so that the distribution level of events on the
creating server doesn't get degraded by an edit and push of the event at
a synced server when using connected community settings).
- slight change to the batch attribute search, the search terms are only
echoed up to 9 terms to prevent the mass echoing of a long list
- Editing attributes caused an error because the uuid was not passed back
from the form (and it is used to find the attribute locally for rest)
- UUID is now used from the read attribute for non rest users. In the long
run it would be cleaner to not allow non rest users to reach that part
of the code.
- Fixed issues with the sync
- Secondary publishes on remote servers failed
- Introduced new fields in events to stop backward traverse of
edit information that lead to low performance and eroneous
distribution information updates when more than 2 servers were
linked
- Deletion of an attribute now deletes on remote servers
- Changes to the event ownership
- Original creator org now noted in the event itself
- Only original creator org can change distribution
- Events will show up with the original creator org for users
(admins can see both that and the owner of the event on the
local instance)
- Server.organization now used in junction with the connecting
user's org and the instance's org (from the bootstrap) to
determine distribution flow control and access rights
- Lots of minor changes
- Links get validated now to filter malicios code
- removed a double edit button in the case of an admin editing himself
- fixed an error with adding new attributes
- moved and fixed the aros_acos creation on the new role creation
- new method in appController that sets all the aros_acos from scratch
(for example for a new instance, or a changed acos / aros table)
- some minor changes, redirects to the terms page on invalid events
removed, etc.
- Admins cannot manually change anyone's authkey, they need to generate a
new one via the reset link
- Some pages could be accessed by changing the url - fixed (though needs
further testing)
- Edited a change in the manual that may have been confusing
- Some changes to the way ACL is set up - still needs more work
Added feature to block distribution levels that would get overruled by the
event distribution. The distribution of the event will be the currently
selected distribution when creating an attribute.
After added feedback on entered search terms for search attributes
and search logs, this now also works for LogsController::index()
and next and previous page.
Signed-off-by: Noud de Brouwer <noud4@home.nl>
-Analaysis levels setable for events as per milestone item 94
-Password change forced as per milestone item 109
-Added feedback on entered search terms for search attributes
-fixed the authentication issue
-some minor fixes
this is in responce to the email
From: <User1088@QET.BE>
To: <ndebrouwer@hotmail.com>, <andrzej.dereszowski@ncirc.nato.int>
Subject: Re: sync/REST
Date: Fri, 7 Dec 2012 13:30:10 +0000
in this there is a complaint about the RESTfull sync workings.
the email hints about 2 possible options:
i) RESTfull add event without attributes (conform the web interface)
ii) RESTfull add event with attributes (more conform the code)
both are implemented and can be choisen in bootstrap.php by
Configure::write('CyDefSIG.rest', 'ii') or 'i'.
Let RESTfull only work conform the web pages (to Christophes wish),
so add/edit event apart from add/edit attribute.
(there is annotation in the code to revert back to full RESTfull and
add/edit the attribute(s) alongside add/edit the event.)
Add "Pull only" as a sharing state where,
everybody does see an event, is pullable,
but will never be pushed.
Has a generatePrivate for db conversion now.
Private events are true private and
running a server in 2 modes (private and sync),
so real private (red) or private to server (amber)
or full distributable (green).
Mind this needs a change to tables events, attributes and correlation.
These are in MYSQL.private.sql.
Forgot to clean View/Helper/AppHelper.php.
Changed underscore method names to private and protected where
appropriate given phpcs code standards errors.
Previous, upon delete only on the local server the event or attribute
was deleted.
Now, if delete, look for same event or attribute (using it's uuid)
and delete on remote servers as well.
Also look and delete if not published, so no dangling/zombie copies
remain on remote servers.
in Config/bootstrap.php add
Configure::write('CyDefSIG.correlation', 'sql');
possible values:
- default, like it was
- db, correlation in database
- sql, selection on attributes i.s.o. per attribute
(sql improvement possible if result conform db above)
Network activity, ip-src
30 class-C network ip addresses
(7650 tupels) (time in ms)
default db sql
all 25366 16601 15941
24839 16604 15611
paginated 16759 8447 6615
17734 8639 8846
this is used in both:
- events/view/<id>
- attributes/event/<id>
iglocska