Commit Graph

21 Commits (e4a4a90d07045b7e0c73b0fe7dd192bc0bbb87d6)

Author SHA1 Message Date
Iglocska 47acdfd493 fix: Added the new role permission for perm_delegate to the role model 2016-07-18 01:12:54 +02:00
Andreas Ziegler dd30621155 chg: use CASE WHEN instead of IF in $virtualFields 2016-07-11 21:26:25 +02:00
Andreas Ziegler ff7a7de938 chg: use 1/0 not true/false for conditions & other boolean sqlquery elements 2016-07-11 21:26:16 +02:00
Andreas Ziegler 1d06f25b38 chg: add newline character before EOF to non-minified (text-)files 2016-06-06 10:09:55 +02:00
Andreas Ziegler 898ea1d97c remove whitespace (space/tab) from empty lines 2016-06-04 01:08:16 +02:00
Iglocska 24c7fa61fe Merge branch 'permissionfix' into 2.4 2016-04-18 17:41:59 +02:00
Iglocska fea6c35140 Split the tagging permission into two
- New permission flag: perm_tag_editor
  - taggers can tag events with existing tags
  - tag editors can create / edit / delete tags

- Fixed several misleading UI elements for tagging
  - tagging users that don't own an event and aren't creators thereof cannot tag them
  - this was enforced before but the UI elements were present and threw errors

- Migration is automatic
  - all existing tagger roles will automatically become tag editors
  - restricting current roles takes manual admin action, but the functionality should remain unchanged for those that just update
2016-03-30 18:32:17 +02:00
William Robinet 4fea371c4b Fix permissions 2016-02-11 17:03:51 +01:00
Iglocska 328c666e3a Merge branch 'master' into feature/sg
Merging all the new changes from master

Conflicts:
	VERSION.json
	app/Console/Command/AdminShell.php
	app/Controller/AttributesController.php
	app/Controller/EventsController.php
	app/Model/Attribute.php
	app/Model/Event.php
	app/Model/Log.php
	app/Model/Server.php
	app/Model/User.php
	app/View/Elements/side_menu.ctp
	app/View/Pages/administration.ctp
	app/View/Users/admin_index.ctp
2015-10-12 09:41:20 +02:00
Iglocska dc638adac2 Upgrade to CakePHP 2.7, fixes #684
- cakephp submodule updated to 2.7
- make sure that you update your instance!

- not updating will not break compatibility
2015-10-09 15:59:25 +02:00
Iglocska 186452cd5b Further progress 2015-08-31 02:32:37 +02:00
iglocska fcaccb1784 Update to the roles and user filtering
- new role permission added for SG editors
- roles reworked, permissions all looked up centrally from the role model instead of code replication across controllers and views
- user filtering now correctly uses organisation objects instead of org strings
2015-04-07 14:47:14 +02:00
iglocska 6dc75d6b22 Integration of plugins / cake core into MISP as submodules
- easier installation script
- the goal is to reduce the procedure to a few steps
2014-02-07 09:03:28 +01:00
Andras Iklody 6332dbf05b Removal of more remnants of the old ACL and tightening of the filename
checks

- actAs acl removed from role and user models together with some extra
code related to the ACL

- Fix of the filename regex as pointed out by cvandeplas.
2013-04-29 10:52:07 +02:00
Andras Iklody 4396cec8ea Integrated ownership, ACL and minor fixes
- Orgs can propose new attributes or changes to existing attributes for
  events that they do not own

- publishing users of the owner organisation can see, accept or discard
  them

- Reworked the access control

- minor fixes
2013-04-25 14:04:08 +02:00
Andras Iklody 019e976783 Removed the js title bubble for related events
- Removed javascripts based title bubble showing the event info in related
  events / attributes and in the search attribute view.

- Replaced it with values provided by extra cake queries as the delay for
  fetching the info field through a js rest request was annoyingly slow

- some coding standards
2013-03-08 13:16:02 +01:00
Andras Iklody 83294820bf Changes to logs and some minor changes
- Regexp, blacklist, roles, whitelists now logged

- adminCRUD now sets ID (for the logging) on edit

- some minor UI changes (removal of empty action menues on the left menu
  bar)
2013-03-07 11:51:43 +01:00
Andras Iklody e88a3a9cf7 Updates to security
- perm_auth new toggle, can disable auth key usage for a role

- prevents sync / rest with a perm_auth == false key

- some changes to sync to provide better feedback on why it failed

- rewording of distribution options
2013-02-06 17:45:43 +01:00
Andras Iklody e976242878 Reworked aros_acos creation
- moved and fixed the aros_acos creation on the new role creation

- new method in appController that sets all the aros_acos from scratch
  (for example for a new instance, or a changed acos / aros table)

- some minor changes, redirects to the terms page on invalid events
  removed, etc.
2013-02-05 17:22:37 +01:00
Noud de Brouwer a9a1bc91a1 AdminCrud and coding standard
more AdminCrud and coding standard clean up.
2013-01-04 15:48:46 +00:00
noud 26c8ad57ee Role
renamed everything group to role (i.s.o. renaming just the visable).
2012-12-12 16:15:01 +01:00