Tom King
de351faaac
new: [internal] Add option to log last API request
2022-08-01 15:02:49 +01:00
Sami Mokaddem
a6f676a66c
chg: [workflow] Simplified call to executeTrigger
2022-07-27 10:43:09 +02:00
Sami Mokaddem
85ada91dde
chg: [user:afterSave] Do not execute trigger for login and logout actions
2022-07-22 10:05:34 +02:00
Sami Mokaddem
99a76812bc
Merge remote-tracking branch 'origin/develop' into feature-workflows-2
2022-07-07 09:09:39 +02:00
Sami Mokaddem
dbcedbc505
chg: [workflow] Various improvement and added support of `enrichment_before_query` trigger
2022-07-05 11:19:18 +02:00
Sami Mokaddem
0a478bfda0
fix: [Workflow:UserBeforeSave] Ignore workflow execution for logins and logouts
2022-06-24 15:48:50 +02:00
Sami Mokaddem
8ce148effb
chg: [user:saveCallbacks] Added support of trigger in beforeSave and afterSave
...
Triggers are named respectively `user-before-save` and `user-after-save`
2022-06-24 11:23:25 +02:00
Jakub Onderka
21f5f52988
chg: [internal] Unsubscribe code
2022-06-07 15:07:28 +02:00
Jakub Onderka
ece53cf11d
new: [test] MISP.default_publish_alert
2022-05-07 12:39:29 +02:00
Silvian I
a5b8886c7c
fix: [email] user emails sent two times
2022-04-20 13:06:00 +02:00
iglocska
b36207a8c2
Merge branch 'custom_email_templates' into develop
2022-04-19 15:25:35 +02:00
iglocska
3e706867e9
new: [emailing] add custom templates to override existing ones
...
- currently implemented for event publish alerts and user enrollment (password_reset.ctp, alert.ctp)
- simply place the new templates in MISP/app/View/Emails/[text|html]/Custom
2022-04-15 16:28:36 +02:00
Jakub Onderka
8636c1f903
chg: [syslog] Remove duplicate date and log type from log
2022-03-27 13:05:33 +02:00
Jakub Onderka
8409a1871e
chg: [oidc] Move OIDC to different class
2022-02-19 16:07:11 +01:00
Jakub Onderka
f5e32123c5
chg: [oidc] Check user org when checking if user is valid
2022-02-19 16:07:11 +01:00
Jakub Onderka
e1774abe80
new: [oidc] Check user validity
2022-02-19 16:07:10 +01:00
Steve Clement
021334f8cc
fix: [typo] check - not chech
2022-01-07 11:19:49 +09:00
Jakub Onderka
1e5ca3dc59
Merge pull request #7577 from JakubOnderka/add-event-cleanup
...
chg: [internal] Convert array to const
2021-11-23 11:51:58 +01:00
Luciano Righetti
713b2c66ee
chg: use new bg jobs tool in user model
2021-11-03 11:39:04 +01:00
Jakub Onderka
ab1e79646e
new: [internal] Use pubToZmq to check if publish to ZMQ
2021-11-03 10:27:42 +01:00
Jakub Onderka
9ab3998b9d
chg: [internal] Remove unused variable
2021-11-03 10:27:42 +01:00
Jakub Onderka
3d236bcdea
chg: [internal] Reduce one SQL query for every request
2021-10-25 18:39:09 +02:00
Jakub Onderka
0d78d0f994
chg: [internal] Simplified notifications loading
2021-10-23 19:50:38 +02:00
Jakub Onderka
d9e89955bc
chg: [internal] Simplify fetching Kafka topic
2021-10-11 09:41:46 +02:00
Jakub Onderka
544c9ee8b9
new: [internal] Store MISP live status also in Redis
2021-10-04 10:07:32 +02:00
Jakub Onderka
48016120b7
chg: [internal] Use AdminSetting::getSetting method
2021-09-30 13:09:46 +02:00
Jakub Onderka
01f4897635
Merge pull request #7759 from JakubOnderka/pgp-view-pgp
...
chg: [UI] PGP error message
2021-09-16 16:57:19 +02:00
Jakub Onderka
1c58bd21b4
chg: [UI] PGP error message
2021-09-16 16:24:10 +02:00
Jakub Onderka
bc3bbfdf75
chg: [internal] Do not fetch authkey from db
2021-09-16 10:43:57 +02:00
Jakub Onderka
44fbf45ce5
chg: [internal] Do not fetch password from db
2021-09-15 09:55:46 +02:00
Jakub Onderka
81eddfdb76
chg: [internal] Do not fetch keys from db for authkey login
2021-09-15 09:51:02 +02:00
Jakub Onderka
a147b5a5b1
fix: [internal] Sending external e-mail
2021-09-14 14:59:33 +02:00
mokaddem
f2a1e47a3e
chg: [user:checkNotificationBanStatus] Typo in comment
2021-09-07 09:01:41 +02:00
mokaddem
2153537e01
new: [event:notification] Added email notification ban system based on users triggering the notification
2021-08-31 09:39:05 +02:00
Jakub Onderka
96f6900887
Merge pull request #7691 from JakubOnderka/user-shell
...
new: [CLI] User shell
2021-08-25 14:03:23 +02:00
Jakub Onderka
902be03f2b
new: [CLI] User shell
2021-08-25 09:48:14 +02:00
Jakub Onderka
98b87d8987
chg: [security] Use const hasher also for login
2021-08-24 21:45:37 +02:00
Jakub Onderka
439ec5cceb
fix: [internal] Code cleanup
2021-08-23 17:03:44 +02:00
Jakub Onderka
c2553f4f66
chg: [security] Mitigate timing attacks when comparing advanced auth keys hashes
2021-08-20 18:01:18 +02:00
Jakub Onderka
1cd09dd919
chg: [schema] Mark more indexes as unique
2021-08-13 13:59:47 +02:00
Jakub Onderka
bcc499db1e
chg: [internal] Optimise loading attribute histogram
2021-08-02 10:40:18 +02:00
iglocska
c8d34cc0f5
fix: [Userinit] create advanced auth key when needed
2021-07-26 16:12:04 +02:00
mokaddem
e7fd73e50e
chg: [user:updateToAdvancedAuthKeys] Functionality accessible via the CLI
2021-07-16 15:13:55 +02:00
mokaddem
6f85e3e39d
chg: [user] Relaxed email validation rule
2021-06-16 14:07:45 +02:00
Jakub Onderka
ad1b373766
new: [log] Audit log
2021-05-03 13:44:44 +02:00
iglocska
ef9370514f
fix: [emailing] password resets and OTP didn't handle line breaks correctly
2021-04-28 15:33:50 +02:00
Jakub Onderka
1ff23960a5
new: [UI] User can choose columns for event index
2021-03-29 14:19:51 +02:00
Jakub Onderka
032302dbf9
fix: [workers] Worker name when processing freetext
2021-03-10 21:34:14 +01:00
Jakub Onderka
d523025b6d
new: [email] Command for testing generated alert email
2021-03-06 10:39:16 +01:00
Jakub Onderka
9b9c69bfad
new: [email] Allow to set email subject from template
2021-03-06 10:39:16 +01:00
Jakub Onderka
17fb5db3cf
new: [mail] Move contact alert email to templates
2021-03-06 10:39:16 +01:00
Jakub Onderka
e2b1ba18a3
new: [mail] HTML alert emails
2021-03-06 10:39:16 +01:00
Jakub Onderka
79e78b817f
new: [mail] Backend support for sending HTML emails
2021-03-06 10:39:15 +01:00
Jakub Onderka
ab84aecc48
new: [authkeys] Copy key info when resetting key
2021-03-03 09:23:07 +01:00
Jakub Onderka
08925f4612
new: [oidc] OpenID Connect authentication
2021-02-16 10:47:56 +01:00
Jakub Onderka
37acdc21fa
chg: [internal] Use find('column') on more places
2020-12-31 09:55:37 +01:00
Jakub Onderka
23c3034351
new: [UI] Allow to sort orgs by number of orgs
2020-12-23 15:09:22 +01:00
Jakub Onderka
ee8a495d89
new: [internal] Show auth key usage in key view page
2020-12-17 13:49:32 +01:00
Jakub Onderka
b7eef315df
chg: [internal] Do not fetch user settings for User::getAuthUser
2020-12-17 13:49:32 +01:00
Jakub Onderka
7f0d06ae4d
chg: [internal] Move user checks to one place
2020-12-17 13:49:32 +01:00
Jakub Onderka
becbf95c37
new: [UI] Download GPG public key from GPG homedir
2020-12-17 13:19:55 +01:00
Jakub Onderka
2c7d6e4466
new: [auth] Allow to enforce auth plugin authentication
2020-11-30 14:46:36 +01:00
Andras Iklody
8fbdaddca2
fix: [bindmodel] added reset = false to the linking of users to authkeys
...
- added reset = false in parameters (otherwise consecutive calls to the user model will not include the relation)
2020-11-29 12:10:53 +01:00
Jakub Onderka
c9e96322a9
new: [shibb] Allow to get organisation UUID from HTTP headers
2020-11-25 21:21:14 +01:00
iglocska
68fc0eca7d
fix: [authkey] only link the model if the instance is already updated
2020-11-24 16:28:10 +01:00
iglocska
2eec8878cd
new: [authkey] generate authkeys automatically when creating users
...
- when using the new authkey system
2020-11-13 12:54:14 +01:00
iglocska
dbffebe503
Merge branch '2.4' into CRUD
2020-11-11 11:19:23 +01:00
Jakub Onderka
5a4ba9cbc1
fix: [internal] Properly set login times for custom auth
2020-10-29 17:53:11 +01:00
iglocska
62bbc95472
Merge branch '2.4' into CRUD
2020-10-20 02:01:21 +02:00
iglocska
5ea44e691d
chg: [authkey] model tied to user model
2020-10-20 01:43:38 +02:00
Jakub Onderka
380fba5405
new: [GPG] Validate fetched GPG key
2020-10-09 16:58:59 +02:00
Jakub Onderka
77833be960
chg: [mail] Another code cleanup for alert and contact mails template
2020-09-21 13:17:00 +02:00
Jakub Onderka
76b2a51253
fix: [ACL] Permissions when sending contact and alert emails
2020-09-21 13:17:00 +02:00
Jakub Onderka
8f806c4f1b
Merge pull request #6214 from JakubOnderka/otp-encryption
...
fix: [otp] Allow to send encrypted OTP by mail
2020-08-30 11:22:05 +02:00
Jakub Onderka
d3eb86553b
chg: [internal] Less SQL queries for event index page
2020-08-24 16:27:27 +02:00
Jakub Onderka
3005ef8f6e
fix: [otp] Allow to send encrypted OTP by mail
2020-08-20 19:58:24 +02:00
Jakub Onderka
f157b879a3
fix: [test] Use two spaces to pass the test
2020-08-12 19:34:05 +02:00
Jakub Onderka
6ee505a207
chg: [mail] Initialize GPG just once
2020-08-12 19:33:15 +02:00
Jakub Onderka
ee4de160e8
chg: [internal] Move GPG initialization to GpgTool
2020-08-12 19:33:15 +02:00
Jakub Onderka
65a4ece3bb
chg: [test] Set correct setting for GPG
2020-08-12 19:33:15 +02:00
Jakub Onderka
d044df2cb4
chg: [internal] Refactor S/MIME certificate validation
2020-08-12 19:33:15 +02:00
Jakub Onderka
6d1757188a
new: [internal] Log if e-mail was send encrypted or not
2020-08-12 19:33:15 +02:00
Jakub Onderka
652df56ba6
chg: [internal] Rework email sending
2020-08-12 19:33:15 +02:00
Jakub Onderka
54aa24a31e
fix: [intrernal] Undefined index: Organisation notice
2020-08-12 18:32:12 +02:00
Václav Bartoš
369341683d
fix: [mail] Fix body of passwordReset/newUser emails
...
When MISP sends an email with new credentials, the body is generated from one of the configured templates - passwordResetText or newUserText. However, these two templates were swapped - the newUserText was used for password reset, while passwordResetText was used when new account is created.
This commit fixes it.
2020-06-05 13:47:16 +02:00
mokaddem
b724e30282
chg: [user:finaliseAndSendEmail] Aggresively catch errors and log them
...
while sending email
2020-05-07 17:11:42 +02:00
iglocska
3740e38907
fix: [registration] log entry action shortened to not cause issues
2020-05-07 15:56:08 +02:00
mokaddem
6bff239740
chg: [user:registration] Added audit log
2020-04-22 10:04:07 +02:00
iglocska
3241e95730
fix: [user registration] automatically convert selected orgs to local as described in the tool
2020-04-07 14:27:21 +02:00
iglocska
4ebc0a7988
new: [inbox] system added
...
- user self-registration is the first use-case
- if the feature is enabled, users can unauthenticated send a registration request to MISP
- request includes information on desired org and some privileges (sync / org admin / publisher)
- requests land in the inbox, admins can inspect the registration requests
- they can accept/discard them individually or en masse
- users will be notified of their credentials automatically
- quick user creation if the user asks for an org that doesn't exist yet
2020-04-07 13:21:01 +02:00
iglocska
d7e3674987
new: [audit] Added user monitoring
...
- site admins can set the monitoring flag on a user if the feature is enabled on the instance
- monitored users will have all requests logged along with POST bodies
- keep in mind this functionality is quite heavy and intrusive - so use it with care. The idea is that this allows us to track potentially malicious users during an investigation
2020-03-25 11:49:33 +01:00
mokaddem
6e66256f7a
Merge branch '2.4' of github.com:MISP/MISP into pr-5210
2020-02-10 11:09:14 +01:00
Jakub Onderka
5391611d75
fix: [log] Proper format log message for reset auth key
...
In future, it will be also possible to filter auth keys in logs.
2020-01-27 16:58:46 +01:00
Jakub Onderka
fd4588154a
fixup! chg: [user] GPG key fetching by server
2020-01-26 19:28:04 +01:00
iglocska
56902c265e
Merge branch '2.4' of github.com:MISP/MISP into add_attribute
2019-12-12 10:05:01 +01:00
Andras Iklody
91a045c13f
Merge pull request #5208 from JakubOnderka/patch-34
...
Simplify user profile logging
2019-12-11 19:28:32 +01:00
iglocska
b6bb2bb576
new: [UI] first implementation of the modal forms
2019-12-11 10:03:43 +01:00
mokaddem
806f443764
new: [statistics] Added organisation activity over time
2019-11-16 15:40:02 -05:00
iglocska
6d8b76ae4f
fix: [user] Include user settings in /users/view
2019-10-15 07:24:43 +02:00
Jakub Onderka
688bab2778
chg: [internal] Simplify UserController::admin_edit
2019-10-11 20:35:27 +02:00