MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
13,880 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

354 Commits (dc1f9fcad9587f9d61f715588687516e837987dc)

Author SHA1 Message Date
iglocska dc1f9fcad9
fix: [internal] fixed weird user massage code 
- I have no idea what I was thinking there...
 2019-11-26 19:19:58 +01:00
iglocska 26459f1b63
Merge branch '2.4' of github.com:MISP/MISP into 2.4 2019-11-26 19:04:34 +01:00
iglocska 958731920c
chg: [API] users/edit refactor 
- load only what is needed
- handle API requests in a cleaner way
 2019-11-26 19:03:53 +01:00
Andras Iklody 76656e8ed4
Merge pull request #5404 from MISP/feature-OrgsStats 
Added more Organisation statistics
 2019-11-26 13:00:13 +01:00
iglocska 8438db4565
fix: [user view] server issues fixed 2019-11-20 16:17:18 +01:00
mokaddem 806f443764
new: [statistics] Added organisation activity over time 2019-11-16 15:40:02 -05:00
mokaddem a8b5da4be2
chg: [statistics] Added Attribute count 2019-11-16 13:12:37 -05:00
iglocska b44063e7d1
fix: [internal] missing org object for users/view 2019-10-10 15:13:34 +02:00
iglocska 15b10bbcf7
new: [user settings] Added restrictions for certain settings 
- based on role permissions
- enforce the checks on set/delete
- add it to the UI elements
- /users/view /admin/users/view now include the user settings in a simplified format
 2019-10-10 11:58:26 +02:00
mokaddem 8c4799fb99
chg: [user:me] Added `Role` object in the return value for the rest context 2019-10-07 16:35:22 +02:00
Andras Iklody 6b42f089cd
Merge pull request #5129 from JakubOnderka/array-copy-remove 
chg: [users] Remove unused method UsersController::arrayCopy
 2019-09-10 11:32:30 +02:00
Jakub Onderka 1cd2ff5ca6 chg: [users] Remove unused method UsersController::arrayCopy 2019-09-09 23:37:37 +02:00
Jakub Onderka 50a0f564c6
fix: [audit] Correct title in audit log when admin edit user 2019-09-09 19:34:38 +02:00
iglocska 75acd63c46
fix: [security] Fix to a vulnerability related to the server index 
- along with various support tools
- more information coming soon
 2019-09-09 13:00:21 +02:00
iglocska 5916de9d5e
fix: [API] Fixed output of the attribute histogram 
- no more STIX-ish barf inducing numeric string keys for dictionaries
 2019-08-27 10:34:29 +02:00
iglocska 96475f59f6
fix: [admin] Invalid domain restriction check for site admins, fixes #5035 2019-08-22 10:41:30 +02:00
iglocska ed1e55b76b
fix: [API] Fixed an edge case when the attribute historgram throws a notice error 
- no idea how to reproduce it, the organisation referenced in an event orgc_id not existing is a pre-condition

- fixes #4880
 2019-07-29 16:28:42 +02:00
iglocska 64fafa1913
fix: [api fix] Deletes broken due to invalid boolean 
- /facepalm
 2019-07-10 13:55:33 +02:00
iglocska ed401d88be
fix: [API] delete http requests properly accepted by some /delete endpoints 2019-07-10 11:57:21 +02:00
mokaddem f850abcdaa fix: [galaxyMatrix] Handle case if deprecated galaxy does not exists 2019-06-12 14:12:06 +02:00
mokaddem 52ae153c0e Merge branch '2.4' of github.com:MISP/MISP into galaxyMatrixImprovements 2019-06-11 15:56:10 +02:00
mokaddem 11a4bdb959 chg: [restSearch:attack] Only expose attack return format to the `event` 
scope
 2019-06-11 15:50:51 +02:00
mokaddem acef3a0168 chg: [galaxyMatrix:stats] Only take into account occurences of galaxy 
once per event
 2019-06-11 15:09:02 +02:00
mokaddem fed5556976 fix: [galaxyMatrix:export] Removed multiple bugs providing inconsistent 
result
 2019-06-11 14:13:17 +02:00
iglocska 36b43f1306
fix: [security] Org admins could reset credentials for site admins 
- org admins have the inherent ability to reset passwords for all of their org's users
- this however could be abused if for some reason the host org of an instance would create org admins
  - the org admin could set a password manually for the site admin or simply use the API key of the site admin to impersonate them
- the potential for abuse is very circumstancial as it requires the host org to create lower privilege org admins instead of the usual site admins
- only org admins of the same organisation as the site admin could abuse this

- as reported by Raymond Schippers
 2019-06-11 11:05:34 +02:00
mokaddem 4fafb1541c chg: [galaxyMatrix] Transformed query into cakephp model query 2019-05-15 11:55:22 +02:00
mokaddem 0c69e739cc new: [statistics:galaxyMatrix] Added filtering capabilities 2019-05-15 11:12:09 +02:00
mokaddem 4fbe857f90 chg: [galaxyMatrix] Added sorting by score. Fix #4608 2019-05-13 15:07:38 +02:00
mokaddem d3013a9252 fix: [stats:galaxyMatrix] No longer trim the end of the cluster name 2019-04-23 08:49:04 +02:00
iglocska 7a1dbe4c1f fix: [API] role_id is not required when POSTing users if a default role is set on the instance 2019-04-04 13:42:06 +02:00
4ekin c32d3bce32 fix: Fixed i18n strings in Controllers 2019-04-02 16:57:41 +03:00
mokaddem d60095112f Merge branch '2.4' of github.com:MISP/MISP into galaxyMatrixStat 2019-03-15 11:18:34 +01:00
iglocska 7b34e8cacb fix: [API] resetting the authkey didn't respond with the new key before, making automation difficult. 2019-03-12 22:03:34 +01:00
mokaddem 04798bf7e4 new: [galaxyMatrix] Added possibility to pick a galaxy to view it's 
statistic.
 2019-03-12 15:36:00 +01:00
iglocska 66ad17a1ee new: [API] exposed change_pw function to the API, fixes #4256 2019-03-02 23:47:13 +01:00
mokaddem 1ed609872c chg: simplified condition 2 2019-02-15 15:04:07 +01:00
mokaddem 7a2010fb0e chg: [galaxy_matrix] TEMPORARY - Merge scores of both deprecated and mitre-attack 
galaxy namespace for the matrix view.

This commit aims to still have correct scores in the galaxy_matrix until the fixMitreTags functions is not live and running
 2019-02-15 14:41:55 +01:00
mokaddem 12ed3457e8 chg: [galaxy_matrix] cleanup in variable names to be more generic 2019-02-15 09:24:52 +01:00
mokaddem a5653e86ea new: [matrix] Replaced the Att&ck matrix by a generic matrix viewer, 
allowing custom matrix to be displayed.
Also added the external id to the chosen input.
 2019-02-12 13:59:51 +01:00
mokaddem 431529c81c chg: [attackMatrix] UI: improved color scale - WiP 2019-02-11 17:54:29 +01:00
iglocska 9afd0d8600 fix: [redirect] Correctly redirect to the requested URL after a login, fixes #4005, fixes #1301 2019-01-28 17:02:04 +01:00
iglocska 2d0259ce13 fix: [CS] coding standards script re-run 2018-11-23 14:11:33 +01:00
mokaddem 2152493dd0 chg: [users/emails] Better comments 2018-11-09 13:42:28 +01:00
mokaddem 6bb31fbb1d chg: [users/email] Changed behavior of sending mail to avoid code duplication 
If an additional parameter is passed to the url, it will only shows the result of submitting the form without the submission
 2018-11-09 13:38:52 +01:00
mokaddem 296128fe54 fix: [users/emails] submission fix + cleaned code + comments 2018-11-09 12:12:06 +01:00
mokaddem 651861d1d8 new: [users/mails] Added possibility to send a mail to all users of the same organisation 2018-11-09 11:48:39 +01:00
mokaddem 9b44050e1c new: [users/mails] add confirmation popup before sending mails 2018-11-09 11:23:32 +01:00
iglocska 333cafca76 chg: [statistics] Show % of users with pgp keys 2018-10-30 14:58:49 +01:00
iglocska 3bdcca617e new: [statistics] Added local org and user/org counts 2018-10-30 14:51:27 +01:00
iglocska c54538766e Merge branch '2.4' into feature/api_rework 2018-08-21 13:39:34 +02:00