- tag filters now filter on:
- all events cotaining matching tags on event + attribute level (positive lookup)
- all events not containing matching tags (negative lookup)
- filter attributes within a matched event for blocked attributes (negative lookup)
- moved tag filtering to subquery filtering - should improve performance massively on larger instances when filtering on tags
- first round of implementations, more on the way
- despite my earlier request to @rotanid, there is no need for this feature to be optional, it's one of the few cases where it should be universally enabled
- also added a new setting to set the default posture when an event containing a tag is pushed (via the API/sync/etc)
- new setting allows to automatically set new tags to hidden
- the hidden setting only hides the tags from the tag selection when tagging an event
- removed incorrect, useless boiler plate comments
- kept useful comments intact
- added some missing line breaks to make the codebase a bit more uniform
- removed some obviously obsolete TODO comments
- New permission flag: perm_tag_editor
- taggers can tag events with existing tags
- tag editors can create / edit / delete tags
- Fixed several misleading UI elements for tagging
- tagging users that don't own an event and aren't creators thereof cannot tag them
- this was enforced before but the UI elements were present and threw errors
- Migration is automatic
- all existing tagger roles will automatically become tag editors
- restricting current roles takes manual admin action, but the functionality should remain unchanged for those that just update
What works:
- added submodules for taxonomies
- added import tool for taxonomies
- added models and convenience functions for taxonomies
- site admins can update taxonomy libraries
- list taxonomies / view indvidual ones (with all resolved tags)
- create tags manually if a taxonomy is enabled
- view related tags / events quickly from the Taxonomy view
What doesn't work:
- Users still cannot choose a tag from taxonomy lists (this will be the main functionality)
- Feature cannot be disabled
Merge and upgrade of several new features
Conflicts:
VERSION.json
app/Controller/ShadowAttributesController.php
app/Controller/TagsController.php
app/Model/AppModel.php
app/Model/Event.php
app/Plugin/SysLogLogable/Model/Behavior/SysLogLogableBehavior.php
Merging all the new changes from master
Conflicts:
VERSION.json
app/Console/Command/AdminShell.php
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Model/Attribute.php
app/Model/Event.php
app/Model/Log.php
app/Model/Server.php
app/Model/User.php
app/View/Elements/side_menu.ctp
app/View/Pages/administration.ctp
app/View/Users/admin_index.ctp
- tags can now be set correctly for all events
- some UI changes to the tags
- moved the deletion of all event_tags when a tag gets deleted to beforefilter
- xml version now included in the xml exports
- MISP will now check the xml version on all imports related to sync / add MISP XML and try to update the incoming info if it detects an older version
- exports now take tag names as a parameter (affected exports: XML, text, HIDS, NIDS)
- eventtags now correctly get removed when an event is deleted
- new special role for tagging
- can create tags with a name + colour combination (using a colour picker plugin)
- users can assign tags to events
- can filter events by tags on the index