MISP
/
misp-bump
mirror of https://github.com/MISP/misp-bump
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'check-user-roles' into illegal-state-during-connection

pull/5/head
Felix Prahl-Kamps 2019-07-22 14:43:31 +02:00
parent 592557176a b002032374
commit abe0fb7cb5
7 changed files with 450 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
app/src/main/java/lu/circl/mispbump/activities/LoginActivity.java
View File

@ -3,13 +3,6 @@ package lu.circl.mispbump.activities;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import androidx.constraintlayout.widget.ConstraintLayout;
import com.google.android.material.snackbar.Snackbar;
import com.google.android.material.textfield.TextInputLayout;
import androidx.appcompat.app.ActionBar;
import androidx.appcompat.app.AppCompatActivity;
import androidx.appcompat.widget.Toolbar;
import android.text.TextUtils;
import android.view.Menu;
import android.view.MenuItem;
@ -17,19 +10,24 @@ import android.view.View;
import android.widget.Button;
import android.widget.ProgressBar;
import androidx.appcompat.app.ActionBar;
import androidx.appcompat.app.AppCompatActivity;
import androidx.appcompat.widget.Toolbar;
import androidx.constraintlayout.widget.ConstraintLayout;
import com.google.android.material.snackbar.Snackbar;
import com.google.android.material.textfield.TextInputLayout;
import java.util.Objects;
import lu.circl.mispbump.R;
import lu.circl.mispbump.auxiliary.DialogManager;
import lu.circl.mispbump.auxiliary.PreferenceManager;
import lu.circl.mispbump.auxiliary.MispRestClient;
import lu.circl.mispbump.auxiliary.PreferenceManager;
import lu.circl.mispbump.models.restModels.Organisation;
import lu.circl.mispbump.models.restModels.Role;
import lu.circl.mispbump.models.restModels.User;
/**
* This activity is shown when the current device has no misp user and organisation associated with it.
* It takes care of downloading all information necessary for a sync with other misp instances.
*/
public class LoginActivity extends AppCompatActivity {
private PreferenceManager preferenceManager;
@ -64,7 +62,6 @@ public class LoginActivity extends AppCompatActivity {
return true;
}
// invoke superclass to handle unrecognized item (eg. homeAsUp)
return super.onOptionsItemSelected(item);
}
@ -72,7 +69,6 @@ public class LoginActivity extends AppCompatActivity {
private void initializeViews() {
constraintLayout = findViewById(R.id.rootLayout);
// populate Toolbar (Actionbar)
Toolbar myToolbar = findViewById(R.id.appbar);
setSupportActionBar(myToolbar);
ActionBar ab = getSupportActionBar();
@ -82,7 +78,7 @@ public class LoginActivity extends AppCompatActivity {
}
Button downloadInfoButton = findViewById(R.id.login_download_button);
downloadInfoButton.setOnClickListener(onClickDownload);
downloadInfoButton.setOnClickListener(onLogin);
serverUrl = findViewById(R.id.login_server_url);
serverAutomationKey = findViewById(R.id.login_automation_key);
@ -90,9 +86,9 @@ public class LoginActivity extends AppCompatActivity {
}
/**
* Is called when the user clicks on the login button.
* Called when the user clicks on the login button.
*/
private View.OnClickListener onClickDownload = new View.OnClickListener() {
private View.OnClickListener onLogin = new View.OnClickListener() {
@Override
public void onClick(View v) {
final String url = Objects.requireNonNull(serverUrl.getEditText()).getText().toString();
@ -126,25 +122,48 @@ public class LoginActivity extends AppCompatActivity {
mispRestClient.isAvailable(new MispRestClient.AvailableCallback() {
@Override
public void available() {
mispRestClient.getMyUser(new MispRestClient.UserCallback() {
mispRestClient.getRoles(new MispRestClient.AllRolesCallback() {
@Override
public void success(final User user) {
preferenceManager.setUserInfo(user);
mispRestClient.getOrganisation(user.org_id, new MispRestClient.OrganisationCallback() {
public void success(final Role[] roles) {
preferenceManager.setRoles(roles);
mispRestClient.getMyUser(new MispRestClient.UserCallback() {
@Override
public void success(Organisation organisation) {
preferenceManager.setUserOrgInfo(organisation);
public void success(final User user) {
preferenceManager.setUserInfo(user);
for (Role role : roles) {
if (role.getId().equals(user.role_id)) {
if (!role.getPermAdmin()) {
progressBar.setVisibility(View.GONE);
Snackbar.make(constraintLayout, "No admin is associated with this authkey.", Snackbar.LENGTH_LONG).show();
return;
}
}
}
// save authkey
preferenceManager.setAutomationKey(authkey);
mispRestClient.getOrganisation(user.org_id, new MispRestClient.OrganisationCallback() {
@Override
public void success(Organisation organisation) {
preferenceManager.setUserOrgInfo(organisation);
// save url
preferenceManager.setServerUrl(url);
// save authkey
preferenceManager.setAutomationKey(authkey);
progressBar.setVisibility(View.GONE);
Intent home = new Intent(getApplicationContext(), HomeActivity.class);
startActivity(home);
finish();
// save url
preferenceManager.setServerUrl(url);
progressBar.setVisibility(View.GONE);
Intent home = new Intent(getApplicationContext(), HomeActivity.class);
startActivity(home);
finish();
}
@Override
public void failure(String error) {
progressBar.setVisibility(View.GONE);
Snackbar.make(constraintLayout, error, Snackbar.LENGTH_LONG).show();
}
});
}
@Override
@ -166,8 +185,7 @@ public class LoginActivity extends AppCompatActivity {
@Override
public void unavailable(String error) {
progressBar.setVisibility(View.GONE);
Snackbar sb = Snackbar.make(constraintLayout, error, Snackbar.LENGTH_LONG);
sb.show();
Snackbar.make(constraintLayout, error, Snackbar.LENGTH_LONG).show();
}
});
}

18
app/src/main/java/lu/circl/mispbump/activities/ProfileActivity.java
View File

@ -29,6 +29,7 @@ import lu.circl.mispbump.auxiliary.PreferenceManager;
import lu.circl.mispbump.auxiliary.TileDrawable;
import lu.circl.mispbump.customViews.MaterialPreferenceText;
import lu.circl.mispbump.models.restModels.Organisation;
import lu.circl.mispbump.models.restModels.Role;
import lu.circl.mispbump.models.restModels.User;
import lu.circl.mispbump.security.KeyStoreWrapper;
@ -131,14 +132,22 @@ public class ProfileActivity extends AppCompatActivity {
}
public void updateProfile() {
// progressBar.setVisibility(View.VISIBLE);
mispRestClient.getRoles(new MispRestClient.AllRolesCallback() {
@Override
public void success(Role[] roles) {
preferenceManager.setRoles(roles);
}
@Override
public void failure(String error) {
Snackbar.make(rootLayout, error, Snackbar.LENGTH_LONG).show();
}
});
mispRestClient.getMyUser(new MispRestClient.UserCallback() {
@Override
public void success(final User user) {
preferenceManager.setUserInfo(user);
mispRestClient.getOrganisation(user.org_id, new MispRestClient.OrganisationCallback() {
@Override
public void success(Organisation organisation) {
@ -178,8 +187,7 @@ public class ProfileActivity extends AppCompatActivity {
builder.setPositiveButton("Delete & Logout", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
PreferenceManager prefs = PreferenceManager.getInstance(ProfileActivity.this);
prefs.clearAllData();
preferenceManager.clearAllData();
KeyStoreWrapper.deleteAllStoredKeys();
Intent login = new Intent(getApplicationContext(), LoginActivity.class);

38
app/src/main/java/lu/circl/mispbump/auxiliary/MispRestClient.java
View File

@ -23,9 +23,11 @@ import javax.net.ssl.X509TrustManager;
import lu.circl.mispbump.interfaces.MispRestInterface;
import lu.circl.mispbump.models.restModels.MispOrganisation;
import lu.circl.mispbump.models.restModels.MispRole;
import lu.circl.mispbump.models.restModels.MispServer;
import lu.circl.mispbump.models.restModels.MispUser;
import lu.circl.mispbump.models.restModels.Organisation;
import lu.circl.mispbump.models.restModels.Role;
import lu.circl.mispbump.models.restModels.Server;
import lu.circl.mispbump.models.restModels.User;
import lu.circl.mispbump.models.restModels.Version;
@ -176,6 +178,36 @@ public class MispRestClient {
});
}
public void getRoles(final AllRolesCallback callback) {
Call<List<MispRole>> call = mispRestInterface.getRoles();
call.enqueue(new Callback<List<MispRole>>() {
@Override
public void onResponse(Call<List<MispRole>> call, Response<List<MispRole>> response) {
if (!response.isSuccessful()) {
callback.failure(extractError(response));
return;
}
List<MispRole> mispRoles = response.body();
assert mispRoles != null;
Role[] roles = new Role[mispRoles.size()];
for (int i = 0; i < roles.length; i++) {
roles[i] = mispRoles.get(i).role;
}
callback.success(roles);
}
@Override
public void onFailure(Call<List<MispRole>> call, Throwable t) {
callback.failure(extractError(t));
}
});
}
/**
* Fetches information about the user that is associated with saved auth key.
@ -620,4 +652,10 @@ public class MispRestClient {
void failure(String error);
}
public interface AllRolesCallback {
void success(Role[] roles);
void failure(String error);
}
}

60
app/src/main/java/lu/circl/mispbump/auxiliary/PreferenceManager.java
View File

@ -2,7 +2,6 @@ package lu.circl.mispbump.auxiliary;
import android.content.Context;
import android.content.SharedPreferences;
import android.util.Log;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
@ -21,16 +20,14 @@ import javax.crypto.NoSuchPaddingException;
import lu.circl.mispbump.models.UploadInformation;
import lu.circl.mispbump.models.restModels.Organisation;
import lu.circl.mispbump.models.restModels.Role;
import lu.circl.mispbump.models.restModels.User;
import lu.circl.mispbump.security.KeyStoreWrapper;
public class PreferenceManager {
private static final String TAG = "PreferenceManager";
private static final String PREFERENCES_FILE = "user_settings";
private static final String SAVE_CREDENTIALS = "save_credentials";
private static final String SERVER_URL = "server_url";
private static final String AUTOMATION_KEY = "user_automation";
@ -39,6 +36,8 @@ public class PreferenceManager {
private static final String UPLOAD_INFO = "upload_info";
private static final String MISP_ROLES = "misp_roles";
private SharedPreferences preferences;
private static PreferenceManager instance;
@ -61,6 +60,36 @@ public class PreferenceManager {
}
/**
* Save downloaded MISP roles on device.
* @param roles {@link Role}
*/
public void setRoles(Role[] roles) {
SharedPreferences.Editor editor = preferences.edit();
editor.putString(MISP_ROLES, new Gson().toJson(roles));
editor.apply();
}
/**
* Gets downloaded and saved MISP roles if available.
* <p/>
* Roles are downloaded on login and updated with each profile update.
*
* @return {@link Role}[] or null
*/
public Role[] getRoles() {
Type type = new TypeToken<Role[]>() {}.getType();
String rolesString = preferences.getString(MISP_ROLES, "");
assert rolesString != null;
if (rolesString.isEmpty()) {
return null;
} else {
return new Gson().fromJson(rolesString, type);
}
}
/**
* Saves user infos from "users/view/me" (encrypted)
*
@ -430,26 +459,13 @@ public class PreferenceManager {
}
/**
* Set if credentials (authkey & server url) should be saved locally.
*
* @param save enable or disable
* @deprecated currently not used because automation key is needed to do requests to your misp instance.
* If this should be an option in future: misp automation key would be needed on each sync process.
*/
public void setSaveCredentials(boolean save) {
SharedPreferences.Editor editor = preferences.edit();
editor.putBoolean(SAVE_CREDENTIALS, save);
editor.apply();
}
public boolean getSaveCredentials() {
return preferences.getBoolean(SAVE_CREDENTIALS, false);
}
public void clearAllData() {
SharedPreferences.Editor editor = preferences.edit();
clearServerUrl();
clearAutomationKey();
clearUploadInformation();
editor.clear();
editor.apply();
}

4
app/src/main/java/lu/circl/mispbump/interfaces/MispRestInterface.java
View File

@ -3,6 +3,7 @@ package lu.circl.mispbump.interfaces;
import java.util.List;
import lu.circl.mispbump.models.restModels.MispOrganisation;
import lu.circl.mispbump.models.restModels.MispRole;
import lu.circl.mispbump.models.restModels.MispServer;
import lu.circl.mispbump.models.restModels.MispUser;
import lu.circl.mispbump.models.restModels.Organisation;
@ -25,6 +26,9 @@ public interface MispRestInterface {
@GET("servers/getPyMISPVersion")
Call<Version> pyMispVersion();
@GET("admin/roles")
Call<List<MispRole>> getRoles();
// user routes
@GET("users/view/me")

10
app/src/main/java/lu/circl/mispbump/models/restModels/MispRole.java Normal file
View File

@ -0,0 +1,10 @@
package lu.circl.mispbump.models.restModels;
import com.google.gson.annotations.Expose;
import com.google.gson.annotations.SerializedName;
public class MispRole {
@SerializedName("Role")
@Expose
public Role role;
}

296
app/src/main/java/lu/circl/mispbump/models/restModels/Role.java Normal file
View File

@ -0,0 +1,296 @@
package lu.circl.mispbump.models.restModels;
import com.google.gson.annotations.SerializedName;
public class Role {
@SerializedName("id")
private Integer id;
@SerializedName("name")
private String name;
@SerializedName("created")
private String created;
@SerializedName("modified")
private String modified;
@SerializedName("perm_add")
private Boolean permAdd;
@SerializedName("perm_modify")
private Boolean permModify;
@SerializedName("perm_modify_org")
private Boolean permModifyOrg;
@SerializedName("perm_publish")
private Boolean permPublish;
@SerializedName("perm_delegate")
private Boolean permDelegate;
@SerializedName("perm_sync")
private Boolean permSync;
@SerializedName("perm_admin")
private Boolean permAdmin;
@SerializedName("perm_audit")
private Boolean permAudit;
@SerializedName("perm_auth")
private Boolean permAuth;
@SerializedName("perm_site_admin")
private Boolean permSiteAdmin;
@SerializedName("perm_regexp_access")
private Boolean permRegexpAccess;
@SerializedName("perm_tagger")
private Boolean permTagger;
@SerializedName("perm_template")
private Boolean permTemplate;
@SerializedName("perm_sharing_group")
private Boolean permSharingGroup;
@SerializedName("perm_tag_editor")
private Boolean permTagEditor;
@SerializedName("perm_sighting")
private Boolean permSighting;
@SerializedName("perm_object_template")
private Boolean permObjectTemplate;
@SerializedName("default_role")
private Boolean defaultRole;
@SerializedName("memory_limit")
private String memoryLimit;
@SerializedName("max_execution_time")
private String maxExecutionTime;
@SerializedName("restricted_to_site_admin")
private Boolean restrictedToSiteAdmin;
@SerializedName("perm_publish_zmq")
private Boolean permPublishZmq;
@SerializedName("perm_publish_kafka")
private Boolean permPublishKafka;
@SerializedName("permission")
private String permission;
@SerializedName("permission_description")
private String permissionDescription;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getCreated() {
return created;
}
public void setCreated(String created) {
this.created = created;
}
public String getModified() {
return modified;
}
public void setModified(String modified) {
this.modified = modified;
}
public Boolean getPermAdd() {
return permAdd;
}
public void setPermAdd(Boolean permAdd) {
this.permAdd = permAdd;
}
public Boolean getPermModify() {
return permModify;
}
public void setPermModify(Boolean permModify) {
this.permModify = permModify;
}
public Boolean getPermModifyOrg() {
return permModifyOrg;
}
public void setPermModifyOrg(Boolean permModifyOrg) {
this.permModifyOrg = permModifyOrg;
}
public Boolean getPermPublish() {
return permPublish;
}
public void setPermPublish(Boolean permPublish) {
this.permPublish = permPublish;
}
public Boolean getPermDelegate() {
return permDelegate;
}
public void setPermDelegate(Boolean permDelegate) {
this.permDelegate = permDelegate;
}
public Boolean getPermSync() {
return permSync;
}
public void setPermSync(Boolean permSync) {
this.permSync = permSync;
}
public Boolean getPermAdmin() {
return permAdmin;
}
public void setPermAdmin(Boolean permAdmin) {
this.permAdmin = permAdmin;
}
public Boolean getPermAudit() {
return permAudit;
}
public void setPermAudit(Boolean permAudit) {
this.permAudit = permAudit;
}
public Boolean getPermAuth() {
return permAuth;
}
public void setPermAuth(Boolean permAuth) {
this.permAuth = permAuth;
}
public Boolean getPermSiteAdmin() {
return permSiteAdmin;
}
public void setPermSiteAdmin(Boolean permSiteAdmin) {
this.permSiteAdmin = permSiteAdmin;
}
public Boolean getPermRegexpAccess() {
return permRegexpAccess;
}
public void setPermRegexpAccess(Boolean permRegexpAccess) {
this.permRegexpAccess = permRegexpAccess;
}
public Boolean getPermTagger() {
return permTagger;
}
public void setPermTagger(Boolean permTagger) {
this.permTagger = permTagger;
}
public Boolean getPermTemplate() {
return permTemplate;
}
public void setPermTemplate(Boolean permTemplate) {
this.permTemplate = permTemplate;
}
public Boolean getPermSharingGroup() {
return permSharingGroup;
}
public void setPermSharingGroup(Boolean permSharingGroup) {
this.permSharingGroup = permSharingGroup;
}
public Boolean getPermTagEditor() {
return permTagEditor;
}
public void setPermTagEditor(Boolean permTagEditor) {
this.permTagEditor = permTagEditor;
}
public Boolean getPermSighting() {
return permSighting;
}
public void setPermSighting(Boolean permSighting) {
this.permSighting = permSighting;
}
public Boolean getPermObjectTemplate() {
return permObjectTemplate;
}
public void setPermObjectTemplate(Boolean permObjectTemplate) {
this.permObjectTemplate = permObjectTemplate;
}
public Boolean getDefaultRole() {
return defaultRole;
}
public void setDefaultRole(Boolean defaultRole) {
this.defaultRole = defaultRole;
}
public String getMemoryLimit() {
return memoryLimit;
}
public void setMemoryLimit(String memoryLimit) {
this.memoryLimit = memoryLimit;
}
public String getMaxExecutionTime() {
return maxExecutionTime;
}
public void setMaxExecutionTime(String maxExecutionTime) {
this.maxExecutionTime = maxExecutionTime;
}
public Boolean getRestrictedToSiteAdmin() {
return restrictedToSiteAdmin;
}
public void setRestrictedToSiteAdmin(Boolean restrictedToSiteAdmin) {
this.restrictedToSiteAdmin = restrictedToSiteAdmin;
}
public Boolean getPermPublishZmq() {
return permPublishZmq;
}
public void setPermPublishZmq(Boolean permPublishZmq) {
this.permPublishZmq = permPublishZmq;
}
public Boolean getPermPublishKafka() {
return permPublishKafka;
}
public void setPermPublishKafka(Boolean permPublishKafka) {
this.permPublishKafka = permPublishKafka;
}
public String getPermission() {
return permission;
}
public void setPermission(String permission) {
this.permission = permission;
}
public String getPermissionDescription() {
return permissionDescription;
}
public void setPermissionDescription(String permissionDescription) {
this.permissionDescription = permissionDescription;
}
}