MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
23,666 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

369 Commits (fe83ea6b7ae36bf2d65e461013d529f28c6ddce1)

Author SHA1 Message Date
Tom King de351faaac new: [internal] Add option to log last API request 2022-08-01 15:02:49 +01:00
Sami Mokaddem a6f676a66c
chg: [workflow] Simplified call to executeTrigger 2022-07-27 10:43:09 +02:00
Sami Mokaddem 85ada91dde
chg: [user:afterSave] Do not execute trigger for login and logout actions 2022-07-22 10:05:34 +02:00
Sami Mokaddem 99a76812bc
Merge remote-tracking branch 'origin/develop' into feature-workflows-2 2022-07-07 09:09:39 +02:00
Sami Mokaddem dbcedbc505
chg: [workflow] Various improvement and added support of `enrichment_before_query` trigger 2022-07-05 11:19:18 +02:00
Sami Mokaddem 0a478bfda0
fix: [Workflow:UserBeforeSave] Ignore workflow execution for logins and logouts 2022-06-24 15:48:50 +02:00
Sami Mokaddem 8ce148effb
chg: [user:saveCallbacks] Added support of trigger in beforeSave and afterSave 
Triggers are named respectively `user-before-save` and `user-after-save`
 2022-06-24 11:23:25 +02:00
Jakub Onderka 21f5f52988 chg: [internal] Unsubscribe code 2022-06-07 15:07:28 +02:00
Jakub Onderka ece53cf11d new: [test] MISP.default_publish_alert 2022-05-07 12:39:29 +02:00
Silvian I a5b8886c7c fix: [email] user emails sent two times 2022-04-20 13:06:00 +02:00
iglocska b36207a8c2
Merge branch 'custom_email_templates' into develop 2022-04-19 15:25:35 +02:00
iglocska 3e706867e9
new: [emailing] add custom templates to override existing ones 
- currently implemented for event publish alerts and user enrollment (password_reset.ctp, alert.ctp)
- simply place the new templates in MISP/app/View/Emails/[text|html]/Custom
 2022-04-15 16:28:36 +02:00
Jakub Onderka 8636c1f903 chg: [syslog] Remove duplicate date and log type from log 2022-03-27 13:05:33 +02:00
Jakub Onderka 8409a1871e chg: [oidc] Move OIDC to different class 2022-02-19 16:07:11 +01:00
Jakub Onderka f5e32123c5 chg: [oidc] Check user org when checking if user is valid 2022-02-19 16:07:11 +01:00
Jakub Onderka e1774abe80 new: [oidc] Check user validity 2022-02-19 16:07:10 +01:00
Steve Clement 021334f8cc
fix: [typo] check - not chech 2022-01-07 11:19:49 +09:00
Jakub Onderka 1e5ca3dc59
Merge pull request #7577 from JakubOnderka/add-event-cleanup 
chg: [internal] Convert array to const
 2021-11-23 11:51:58 +01:00
Luciano Righetti 713b2c66ee chg: use new bg jobs tool in user model 2021-11-03 11:39:04 +01:00
Jakub Onderka ab1e79646e new: [internal] Use pubToZmq to check if publish to ZMQ 2021-11-03 10:27:42 +01:00
Jakub Onderka 9ab3998b9d chg: [internal] Remove unused variable 2021-11-03 10:27:42 +01:00
Jakub Onderka 3d236bcdea chg: [internal] Reduce one SQL query for every request 2021-10-25 18:39:09 +02:00
Jakub Onderka 0d78d0f994 chg: [internal] Simplified notifications loading 2021-10-23 19:50:38 +02:00
Jakub Onderka d9e89955bc chg: [internal] Simplify fetching Kafka topic 2021-10-11 09:41:46 +02:00
Jakub Onderka 544c9ee8b9 new: [internal] Store MISP live status also in Redis 2021-10-04 10:07:32 +02:00
Jakub Onderka 48016120b7 chg: [internal] Use AdminSetting::getSetting method 2021-09-30 13:09:46 +02:00
Jakub Onderka 01f4897635
Merge pull request #7759 from JakubOnderka/pgp-view-pgp 
chg: [UI] PGP error message
 2021-09-16 16:57:19 +02:00
Jakub Onderka 1c58bd21b4 chg: [UI] PGP error message 2021-09-16 16:24:10 +02:00
Jakub Onderka bc3bbfdf75 chg: [internal] Do not fetch authkey from db 2021-09-16 10:43:57 +02:00
Jakub Onderka 44fbf45ce5 chg: [internal] Do not fetch password from db 2021-09-15 09:55:46 +02:00
Jakub Onderka 81eddfdb76 chg: [internal] Do not fetch keys from db for authkey login 2021-09-15 09:51:02 +02:00
Jakub Onderka a147b5a5b1 fix: [internal] Sending external e-mail 2021-09-14 14:59:33 +02:00
mokaddem f2a1e47a3e
chg: [user:checkNotificationBanStatus] Typo in comment 2021-09-07 09:01:41 +02:00
mokaddem 2153537e01
new: [event:notification] Added email notification ban system based on users triggering the notification 2021-08-31 09:39:05 +02:00
Jakub Onderka 96f6900887
Merge pull request #7691 from JakubOnderka/user-shell 
new: [CLI] User shell
 2021-08-25 14:03:23 +02:00
Jakub Onderka 902be03f2b new: [CLI] User shell 2021-08-25 09:48:14 +02:00
Jakub Onderka 98b87d8987 chg: [security] Use const hasher also for login 2021-08-24 21:45:37 +02:00
Jakub Onderka 439ec5cceb fix: [internal] Code cleanup 2021-08-23 17:03:44 +02:00
Jakub Onderka c2553f4f66 chg: [security] Mitigate timing attacks when comparing advanced auth keys hashes 2021-08-20 18:01:18 +02:00
Jakub Onderka 1cd09dd919 chg: [schema] Mark more indexes as unique 2021-08-13 13:59:47 +02:00
Jakub Onderka bcc499db1e chg: [internal] Optimise loading attribute histogram 2021-08-02 10:40:18 +02:00
iglocska c8d34cc0f5
fix: [Userinit] create advanced auth key when needed 2021-07-26 16:12:04 +02:00
mokaddem e7fd73e50e
chg: [user:updateToAdvancedAuthKeys] Functionality accessible via the CLI 2021-07-16 15:13:55 +02:00
mokaddem 6f85e3e39d
chg: [user] Relaxed email validation rule 2021-06-16 14:07:45 +02:00
Jakub Onderka ad1b373766 new: [log] Audit log 2021-05-03 13:44:44 +02:00
iglocska ef9370514f
fix: [emailing] password resets and OTP didn't handle line breaks correctly 2021-04-28 15:33:50 +02:00
Jakub Onderka 1ff23960a5 new: [UI] User can choose columns for event index 2021-03-29 14:19:51 +02:00
Jakub Onderka 032302dbf9 fix: [workers] Worker name when processing freetext 2021-03-10 21:34:14 +01:00
Jakub Onderka d523025b6d new: [email] Command for testing generated alert email 2021-03-06 10:39:16 +01:00
Jakub Onderka 9b9c69bfad new: [email] Allow to set email subject from template 2021-03-06 10:39:16 +01:00
Jakub Onderka 17fb5db3cf new: [mail] Move contact alert email to templates 2021-03-06 10:39:16 +01:00
Jakub Onderka e2b1ba18a3 new: [mail] HTML alert emails 2021-03-06 10:39:16 +01:00
Jakub Onderka 79e78b817f new: [mail] Backend support for sending HTML emails 2021-03-06 10:39:15 +01:00
Jakub Onderka ab84aecc48 new: [authkeys] Copy key info when resetting key 2021-03-03 09:23:07 +01:00
Jakub Onderka 08925f4612 new: [oidc] OpenID Connect authentication 2021-02-16 10:47:56 +01:00
Jakub Onderka 37acdc21fa chg: [internal] Use find('column') on more places 2020-12-31 09:55:37 +01:00
Jakub Onderka 23c3034351 new: [UI] Allow to sort orgs by number of orgs 2020-12-23 15:09:22 +01:00
Jakub Onderka ee8a495d89 new: [internal] Show auth key usage in key view page 2020-12-17 13:49:32 +01:00
Jakub Onderka b7eef315df chg: [internal] Do not fetch user settings for User::getAuthUser 2020-12-17 13:49:32 +01:00
Jakub Onderka 7f0d06ae4d chg: [internal] Move user checks to one place 2020-12-17 13:49:32 +01:00
Jakub Onderka becbf95c37 new: [UI] Download GPG public key from GPG homedir 2020-12-17 13:19:55 +01:00
Jakub Onderka 2c7d6e4466 new: [auth] Allow to enforce auth plugin authentication 2020-11-30 14:46:36 +01:00
Andras Iklody 8fbdaddca2
fix: [bindmodel] added reset = false to the linking of users to authkeys 
- added reset = false in parameters (otherwise consecutive calls to the user model will not include the relation)
 2020-11-29 12:10:53 +01:00
Jakub Onderka c9e96322a9 new: [shibb] Allow to get organisation UUID from HTTP headers 2020-11-25 21:21:14 +01:00
iglocska 68fc0eca7d
fix: [authkey] only link the model if the instance is already updated 2020-11-24 16:28:10 +01:00
iglocska 2eec8878cd
new: [authkey] generate authkeys automatically when creating users 
- when using the new authkey system
 2020-11-13 12:54:14 +01:00
iglocska dbffebe503
Merge branch '2.4' into CRUD 2020-11-11 11:19:23 +01:00
Jakub Onderka 5a4ba9cbc1 fix: [internal] Properly set login times for custom auth 2020-10-29 17:53:11 +01:00
iglocska 62bbc95472
Merge branch '2.4' into CRUD 2020-10-20 02:01:21 +02:00
iglocska 5ea44e691d
chg: [authkey] model tied to user model 2020-10-20 01:43:38 +02:00
Jakub Onderka 380fba5405 new: [GPG] Validate fetched GPG key 2020-10-09 16:58:59 +02:00
Jakub Onderka 77833be960 chg: [mail] Another code cleanup for alert and contact mails template 2020-09-21 13:17:00 +02:00
Jakub Onderka 76b2a51253 fix: [ACL] Permissions when sending contact and alert emails 2020-09-21 13:17:00 +02:00
Jakub Onderka 8f806c4f1b
Merge pull request #6214 from JakubOnderka/otp-encryption 
fix: [otp] Allow to send encrypted OTP by mail
 2020-08-30 11:22:05 +02:00
Jakub Onderka d3eb86553b chg: [internal] Less SQL queries for event index page 2020-08-24 16:27:27 +02:00
Jakub Onderka 3005ef8f6e fix: [otp] Allow to send encrypted OTP by mail 2020-08-20 19:58:24 +02:00
Jakub Onderka f157b879a3 fix: [test] Use two spaces to pass the test 2020-08-12 19:34:05 +02:00
Jakub Onderka 6ee505a207 chg: [mail] Initialize GPG just once 2020-08-12 19:33:15 +02:00
Jakub Onderka ee4de160e8 chg: [internal] Move GPG initialization to GpgTool 2020-08-12 19:33:15 +02:00
Jakub Onderka 65a4ece3bb chg: [test] Set correct setting for GPG 2020-08-12 19:33:15 +02:00
Jakub Onderka d044df2cb4 chg: [internal] Refactor S/MIME certificate validation 2020-08-12 19:33:15 +02:00
Jakub Onderka 6d1757188a new: [internal] Log if e-mail was send encrypted or not 2020-08-12 19:33:15 +02:00
Jakub Onderka 652df56ba6 chg: [internal] Rework email sending 2020-08-12 19:33:15 +02:00
Jakub Onderka 54aa24a31e fix: [intrernal] Undefined index: Organisation notice 2020-08-12 18:32:12 +02:00
Václav Bartoš 369341683d fix: [mail] Fix body of passwordReset/newUser emails 
When MISP sends an email with new credentials, the body is generated from one of the configured templates - passwordResetText or newUserText. However, these two templates were swapped - the newUserText was used for password reset, while passwordResetText was used when new account is created.

This commit fixes it.
 2020-06-05 13:47:16 +02:00
mokaddem b724e30282
chg: [user:finaliseAndSendEmail] Aggresively catch errors and log them 
while sending email
 2020-05-07 17:11:42 +02:00
iglocska 3740e38907
fix: [registration] log entry action shortened to not cause issues 2020-05-07 15:56:08 +02:00
mokaddem 6bff239740
chg: [user:registration] Added audit log 2020-04-22 10:04:07 +02:00
iglocska 3241e95730
fix: [user registration] automatically convert selected orgs to local as described in the tool 2020-04-07 14:27:21 +02:00
iglocska 4ebc0a7988
new: [inbox] system added 
- user self-registration is the first use-case
- if the feature is enabled, users can unauthenticated send a registration request to MISP
  - request includes information on desired org and some privileges (sync / org admin / publisher)
- requests land in the inbox, admins can inspect the registration requests
  - they can accept/discard them individually or en masse
  - users will be notified of their credentials automatically
  - quick user creation if the user asks for an org that doesn't exist yet
 2020-04-07 13:21:01 +02:00
iglocska d7e3674987
new: [audit] Added user monitoring 
- site admins can set the monitoring flag on a user if the feature is enabled on the instance
- monitored users will have all requests logged along with POST bodies

- keep in mind this functionality is quite heavy and intrusive - so use it with care. The idea is that this allows us to track potentially malicious users during an investigation
 2020-03-25 11:49:33 +01:00
mokaddem 6e66256f7a
Merge branch '2.4' of github.com:MISP/MISP into pr-5210 2020-02-10 11:09:14 +01:00
Jakub Onderka 5391611d75
fix: [log] Proper format log message for reset auth key 
In future, it will be also possible to filter auth keys in logs.
 2020-01-27 16:58:46 +01:00
Jakub Onderka fd4588154a fixup! chg: [user] GPG key fetching by server 2020-01-26 19:28:04 +01:00
iglocska 56902c265e
Merge branch '2.4' of github.com:MISP/MISP into add_attribute 2019-12-12 10:05:01 +01:00
Andras Iklody 91a045c13f
Merge pull request #5208 from JakubOnderka/patch-34 
Simplify user profile logging
 2019-12-11 19:28:32 +01:00
iglocska b6bb2bb576
new: [UI] first implementation of the modal forms 2019-12-11 10:03:43 +01:00
mokaddem 806f443764
new: [statistics] Added organisation activity over time 2019-11-16 15:40:02 -05:00
iglocska 6d8b76ae4f
fix: [user] Include user settings in /users/view 2019-10-15 07:24:43 +02:00
Jakub Onderka 688bab2778 chg: [internal] Simplify UserController::admin_edit 2019-10-11 20:35:27 +02:00