diff --git a/.gitignore b/.gitignore index 52ec6a0..72667b8 100644 --- a/.gitignore +++ b/.gitignore @@ -17,7 +17,6 @@ public/img/ public/views/ module/ node_modules/ -config/application.config.php bin/ data/DoctrineORMModule/ data/json/ diff --git a/LICENSE.txt b/LICENSE.txt index 9abddca..22e3d14 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -214,6 +214,23 @@ This software might use third party components, acknowledged here by : Copyright (c) Tjarda Koster, https://jelloween.deviantart.com Used with permission +- PHPWord + + PHPWord, a pure PHP library for reading and writing word processing documents. + + Copyright (c) 2010-2016 PHPWord. + + PHPWord is free software: you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License version 3 as published by + the Free Software Foundation. + + PHPWord is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License version 3 for more details. + + You should have received a copy of the GNU Lesser General Public License version 3 + along with PHPWord. If not, see . -------- diff --git a/README.md b/README.md index a1eed19..2bf37bd 100644 --- a/README.md +++ b/README.md @@ -1,33 +1,107 @@ Skeleton Monarc Project ======================= +*Disclaimer: This is a work in progress and software is still in alpha stage.* + Introduction ------------ -Skeleton Monarc Project. +CASES promotes information security through the use of behavioural, organizational and technical measures. Depending on its size and its security needs, organisations must react in the most appropriate manner. +Adopting good practices, taking the necessary measures and adjusting them proportionally: all this is part of the process to ensure information security. Most of all, it depends on performing a risk analysis on a regular basis. + +Although the profitability of the risk analysis approach is guaranteed, the investment represented by this approach in terms of the required cost and expertise is a barrier for many companies, especially SMEs. + +To remedy this situation and allow all organisations, both large and small, to benefit from the advantages that a risk analysis offers, CASES has developed an optimised risk analysis method: MONARC (Method for an Optimised aNAlysis of Risks by CASES), allowing precise and repeatable risk management. + +The advantage of MONARC lies in the capitalisation of risk analyses already performed in similar business contexts: the same vulnerabilities +regularly appear in many businesses, as they face the same threats and generate similar risks. Most companies have servers, printers, a fleet of smartphones, wi-fi antennas, etc. therefore the vulnerabilities and threats are the same. It is therefore sufficient to generalise risk scenarios for these assets (also called objects) by context and/or business. + +More information: [Optimised risk analysis Method] (https://www.cases.lu/index-quick.php?dims_op=doc_file_download&docfile_md5id=56ee6ff569a40a5b52bed0e526a6a77f) (pdf) Installation ------------ +PHP & MySQL +----------- +Install PHP (version 7.0 recommended) with Apache (or Nginx) with extensions : xml, mbstring, mysql, zip, unzip, mcrypt, intl, imagick (extension php) +For Apache add mods : rewrite, ssl (a2enmod) + +Install MySQL (version 5.7 recommended) or MariaDb equivalent + + Using Composer (recommended) ---------------------------- -The recommended way to get a working copy of this project is to clone the repository -and use `composer` to install dependencies using the `create-project` command: - - curl -s https://getcomposer.org/installer | php -- - php composer.phar create-project -sdev --repository="https://rhea.netlor.fr/monarc/skeleton/raw/master/packages.json" monarc/skeleton ./monarc Alternately, clone the repository and manually invoke `composer` using the shipped `composer.phar`: cd my/project/dir - git clone ssh://gogs@rhea.netlor.fr:2222/monarc/skeleton.git ./monarc + git clone ssh://github.com/CASES-LU/MonarcAppFO.git ./monarc cd monarc php composer.phar self-update - php composer.phar install -o + php composer.phar install -o (modifier le package.json deux errreurs passer en dev-beta le core et il y a un / en trop pour zm-core) (The `self-update` directive is to ensure you have an up-to-date `composer.phar` available.) +![Arbo](public/img/arbo1.png "Arbo") + +Databases +--------- +Create 2 databases: + + CREATE DATABASE monarc_cli DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; + CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; + +Change Sql Mode in my.cnf: + + sql-mode = MYSQL40 + +There is 2 databases: +* monarc_common contain models and data create by smile. +* monarc_cli contain all client risks analyses. Each analysis is based on Smile model of monarc_common + +Symbolics links +--------------- + +The project is splited on 2 parts : +* an Api in charge of retrieve data +* an interface to display data + +The Api is not direct modules of the project but libraries. +You must create modules with symbolics link to libraries + +Create 2 symbolics links at project root: + + mkdir module + cd module + ln -s ./../vendor/monarc/core MonarcCore; + ln -s ./../vendor/monarc/frontoffice MonarcFO; + +There is 2 parts: +* one only for front office +* one common for front office and back office (private project) + +It is develop with zend framework 2 + +![Arbo](public/img/arbo2.png "Arbo") + +Interfaces +---------- +Repository for angular at project root: + + mkdir node_modules + cd node_modules + git clone https://github.com/CASES-LU/ng-client.git ng_client + git clone https://github.com/CASES-LU/ng-anr.git ng_anr + +There is 2 parts: +* one only for front office (ng_client) +* one common for front office and back office (private project) (ng_anr) + +It is develop with angular framework version 1 + +![Arbo](public/img/arbo3.png "Arbo") + Web Server Setup ---------------- @@ -63,7 +137,7 @@ project and you should be ready to go! It should look something like below: Database connection ------------------- -Create file `config/autoload.local.php`: +Create file `config/autoload/local.php`: return array( 'doctrine' => array( @@ -73,9 +147,78 @@ Create file `config/autoload.local.php`: 'host' => 'host', 'user' => 'user', 'password' => 'password', - 'dbname' => 'monarc', + 'dbname' => 'monarc_common', + ), + ), + 'orm_cli' => array( + 'params' => array( + 'host' => 'host', + 'user' => 'user', + 'password' => 'password', + 'dbname' => 'monarc_cli', ), ), ), ), ); + + +Configuration +------------- + +Create file configuration + + sudo cp /config/autoload/local.php.dist /config/autoload/local.php + +Update connexion information to local.php and global.php + +Configuration files are stored in cache. +If yours changes have not been considered, empty cache by deleting file in /data/cache + +Install Grunt +------------- + + sudo apt-get install nodejs + sudo apt-get install npm + sudo npm install -g grunt-cli + +Only for linux system: + + sudo ln -s /usr/bin/nodejs /usr/bin/node (seulement linux) + +Update project +-------------- +Play script (mandatory from the root of the project)(pull and migrations): + + sudo /bin/bash ./scripts/update-all.sh + +This shell script use others shell script. May be you node to change rights of these others files + +Create Initial User and Client +------------------------------ + +Modify email and password (firstname or lastname) of first user in /module/MonarcFO/migrations/seeds/adminUserInit.php + +If you have a mail server, you can keep default password and click on "Password forgotten ?" after user creation. + +Create first user: + + php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/MonarcFO/migrations/phinx.php + +Data Model +---------- + +monarc_cli +![monarc_cli](public/img/model-cli.png "monarc_cli") + + +monarc_common +![monarc_common](public/img/model-common.png "monarc_common") + +License +------- + +This software is licensed under [GNU Affero General Public License version 3](http://www.gnu.org/licenses/agpl-3.0.html) + +Copyright (C) 2016-2017 SMILE gie securitymadein.lu + diff --git a/composer.phar b/composer.phar index 295abe4..5001689 100755 Binary files a/composer.phar and b/composer.phar differ diff --git a/config/application.config.php-dist-FO b/config/application.config.php similarity index 100% rename from config/application.config.php-dist-FO rename to config/application.config.php diff --git a/config/application.config.php-dist-BO b/config/application.config.php-dist-BO deleted file mode 100644 index 67928aa..0000000 --- a/config/application.config.php-dist-BO +++ /dev/null @@ -1,32 +0,0 @@ - array( - 'DoctrineModule', - 'DoctrineORMModule', - 'MonarcCore', - 'MonarcBO', - ), - 'module_listener_options' => array( - 'module_paths' => array( - './module', - './vendor' - ), - 'config_glob_paths' => array( - 'config/autoload/{,*.}{global,local}.php' - ), - 'config_cache_enabled' => ($env == 'production'), - 'config_cache_key' => 'c8aaaaa11586f8b1bf5565cc6064e70a', // md5('config_cache_key_monarc') - 'module_map_cache_enabled' => ($env == 'production'), - 'module_map_cache_key' => '664579376c4dcdcaa0bcdd0f7e7bf25b', // md5('module_map_cache_key_monarc'), - 'cache_dir' => 'data/cache/', - 'check_dependencies' => ($env != 'production'), - ), -); diff --git a/config/autoload/config.local.php.dist b/config/autoload/config.local.php.dist deleted file mode 100755 index 70630ba..0000000 --- a/config/autoload/config.local.php.dist +++ /dev/null @@ -1,19 +0,0 @@ - [ - 'fr' => [ - 'index' => 1, - 'label' => 'Français', - ], - 'en' => [ - 'index' => 2, - 'label' => 'English', - ], - 'de' => [ - 'index' => 3, - 'label' => 'Deutsch', - ], - ], - 'defaultLanguageIndex' => 2 -]; diff --git a/config/autoload/global.php b/config/autoload/global.php index e3b1dc0..a5451e4 100644 --- a/config/autoload/global.php +++ b/config/autoload/global.php @@ -15,6 +15,7 @@ return array( 'service_manager' => array( 'factories' => array( 'doctrine.cache.mycache' => 'MonarcCore\Service\DoctrineCacheServiceFactory', + 'doctrine.monarc_logger' => 'MonarcCore\Service\DoctrineLoggerFactory', ), ), 'doctrine' => array( @@ -24,11 +25,13 @@ return array( 'params' => array( 'host' => 'localhost', 'port' => 3306, - 'user' => 'user', - 'password' => 'password', + 'user' => 'root', + 'password' => '', 'dbname' => 'monarc_common', 'charset' => 'utf8', 'driverOptions' => array( + PDO::ATTR_STRINGIFY_FETCHES => false, + PDO::ATTR_EMULATE_PREPARES => false, PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8', ), ), @@ -39,10 +42,12 @@ return array( 'host' => 'localhost', 'port' => 3306, 'user' => 'root', - 'password' => 'password', + 'password' => '', 'dbname' => 'monarc_cli', 'charset' => 'utf8', 'driverOptions' => array( + PDO::ATTR_STRINGIFY_FETCHES => false, + PDO::ATTR_EMULATE_PREPARES => false, PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8', ), ), @@ -89,6 +94,7 @@ return array( 'string_functions' => array(), 'numeric_functions' => array(), 'second_level_cache' => array(), + 'sql_logger' => 'doctrine.monarc_logger', ), 'orm_cli' => array( 'metadata_cache' => 'mycache', @@ -103,6 +109,7 @@ return array( 'string_functions' => array(), 'numeric_functions' => array(), 'second_level_cache' => array(), + 'sql_logger' => 'doctrine.monarc_logger', ), ), ), diff --git a/config/autoload/local.php.dist b/config/autoload/local.php.dist index 96f349a..a82b963 100644 --- a/config/autoload/local.php.dist +++ b/config/autoload/local.php.dist @@ -27,7 +27,7 @@ return array( 'host' => 'localhost', 'user' => 'root', 'password' => 'password', - 'dbname' => 'monarc_master', + 'dbname' => 'monarc_cli', ), ), ), diff --git a/db-bootrstrap/monarc-common.sql.gz b/db-bootrstrap/monarc-common.sql.gz new file mode 100644 index 0000000..35776cd Binary files /dev/null and b/db-bootrstrap/monarc-common.sql.gz differ diff --git a/public/img/arbo1.png b/public/img/arbo1.png new file mode 100644 index 0000000..51f35a8 Binary files /dev/null and b/public/img/arbo1.png differ diff --git a/public/img/arbo2.png b/public/img/arbo2.png new file mode 100644 index 0000000..13a90f7 Binary files /dev/null and b/public/img/arbo2.png differ diff --git a/public/img/arbo3.png b/public/img/arbo3.png new file mode 100644 index 0000000..fc25088 Binary files /dev/null and b/public/img/arbo3.png differ diff --git a/public/img/model-cli.png b/public/img/model-cli.png new file mode 100644 index 0000000..6c08567 Binary files /dev/null and b/public/img/model-cli.png differ diff --git a/public/img/model-common.png b/public/img/model-common.png new file mode 100644 index 0000000..6d868b6 Binary files /dev/null and b/public/img/model-common.png differ diff --git a/scripts/compile_translations.sh b/scripts/compile_translations.sh index 9c63501..ef4b37f 100755 --- a/scripts/compile_translations.sh +++ b/scripts/compile_translations.sh @@ -4,10 +4,24 @@ if [ -d node_modules/ng_backoffice ]; then pushd node_modules/ng_backoffice grunt compile_translations grunt concat + + if [ -d po ]; then + for i in $(ls po/*\.po); do + l=$(basename $i .po) + msgfmt -o ./po/$l.mo -v ./po/$l.po + done; + fi fi if [ -d node_modules/ng_client ]; then pushd node_modules/ng_client grunt compile_translations grunt concat + + if [ -d po ]; then + for i in $(ls po/*\.po); do + l=$(basename $i .po) + msgfmt -o ./po/$l.mo -v ./po/$l.po + done; + fi fi diff --git a/scripts/update-all.sh b/scripts/update-all.sh index 1e54a58..ad37fd1 100755 --- a/scripts/update-all.sh +++ b/scripts/update-all.sh @@ -13,42 +13,68 @@ git pull php composer.phar update -o -pull_if_exists module/MonarcCore -pull_if_exists module/MonarcBO -pull_if_exists module/MonarcFO -pull_if_exists node_modules/ng_backoffice -pull_if_exists node_modules/ng_client -pull_if_exists node_modules/ng_anr +currentPath=`pwd` +pathCore="module/MonarcCore" +if [ -d $pathCore ]; then + pull_if_exists $pathCore +else + pathCore="vendor/monarc/core" +fi +pathBO="module/MonarcBO" +if [ -d $pathBO ]; then + pull_if_exists $pathBO +else + pathBO="vendor/monarc/backoffice" +fi +pathFO="module/MonarcFO" +if [ -d $pathFO ]; then + pull_if_exists $pathFO +else + pathFO="vendor/monarc/frontoffice" +fi -if [ -d module/MonarcCore/hooks ]; then - cd module/MonarcCore/.git/hooks - ln -s ../../hooks/pre-commit.sh pre-commit 2>/dev/null - chmod u+x pre-commit - cd ../../../../ +if [[ -d node_modules && -d node_modules/ng_anr ]]; then + if [[ -d node_modules/ng_anr/.git ]]; then + pull_if_exists node_modules/ng_backoffice + pull_if_exists node_modules/ng_client + pull_if_exists node_modules/ng_anr + else + npm update + fi +else + npm install fi -php ./vendor/robmorgan/phinx/bin/phinx migrate -c ./module/MonarcCore/migrations/phinx.php - -if [ -d module/MonarcBO ]; then - php ./vendor/robmorgan/phinx/bin/phinx migrate -c ./module/MonarcBO/migrations/phinx.php - - if [ -d module/MonarcBO/hooks ]; then - cd module/MonarcBO/.git/hooks +if [ -d $pathCore ]; then + php ./vendor/robmorgan/phinx/bin/phinx migrate -c ./$pathCore/migrations/phinx.php + if [ -d "${pathCore}/hooks" ]; then + cd $pathCore/.git/hooks ln -s ../../hooks/pre-commit.sh pre-commit 2>/dev/null chmod u+x pre-commit - cd ../../../../ + cd $currentPath fi fi -if [ -d module/MonarcFO ]; then - php ./vendor/robmorgan/phinx/bin/phinx migrate -c ./module/MonarcFO/migrations/phinx.php +if [ -d $pathBO ]; then + php ./vendor/robmorgan/phinx/bin/phinx migrate -c ./$pathBO/migrations/phinx.php - if [ -d module/MonarcFO/hooks ]; then - cd module/MonarcFO/.git/hooks + if [ -d "${pathBO}/hooks" ]; then + cd $pathBO/.git/hooks ln -s ../../hooks/pre-commit.sh pre-commit 2>/dev/null chmod u+x pre-commit - cd ../../../../ + cd $currentPath + fi +fi + +if [ -d $pathFO ]; then + php ./vendor/robmorgan/phinx/bin/phinx migrate -c ./$pathFO/migrations/phinx.php + + if [ -d "$pathFO/hooks" ]; then + cd $pathFO/.git/hooks + ln -s ../../hooks/pre-commit.sh pre-commit 2>/dev/null + chmod u+x pre-commit + cd $currentPath fi fi