iglocska
11510ea28f
new: [individual] editing enabled for org admins
...
- requires that a user exist for the given individual
2022-10-31 14:42:58 +01:00
Sami Mokaddem
cfae8cb914
chg: [indexTable:indexStatistic] better support of themes
2022-10-21 15:36:08 +02:00
Sami Mokaddem
25b6db7303
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-10-21 15:31:41 +02:00
Sami Mokaddem
5389f02b4f
new: [scss:boostrap-additional] Added `btn-outline-text` to ease integration with themes
2022-10-21 15:29:45 +02:00
iglocska
41a241cada
new: [pgp] library ported from MISP
...
- added proper view elements for encryption keys
- added key information extraction
2022-10-21 15:25:52 +02:00
Sami Mokaddem
815e3e0671
fix: [metaTemplates:updateAll] Fixed missing form preventing to update
2022-10-21 14:15:08 +02:00
Sami Mokaddem
ddfc83af6f
chg: [navigation:socialProvider] Improved UI for SSO profile management
2022-10-21 14:14:38 +02:00
Sami Mokaddem
96041cc71a
chg: [genericIndex:select_visible_columns] Show meta-template versions
2022-09-29 17:54:58 +02:00
Sami Mokaddem
f2db6b3b5e
chg: [users:add] Missing comma
2022-09-21 10:08:40 +02:00
iglocska
3b215a5ec0
fix: [alignments] fixed invalid urls in alignment fields lacking a /
...
- as reported by SK-CERT
2022-09-19 01:59:23 +02:00
iglocska
ca65c4b68e
fix: [alignments] added an index view template
...
- Can't see any usefulness in this, but why not
- As reported by SK-CERT
2022-09-19 01:39:38 +02:00
iglocska
822c96dbf0
fix: [single view generic field] allow for unsanitised raw input
2022-09-18 18:32:43 +02:00
iglocska
09ff4eba53
fix: [xss] resolved in the genericField of the single view
...
- as reported by SK-CERT
2022-09-18 18:27:39 +02:00
iglocska
d35a674505
chg: [navigation] added keycloak self management
...
- also some changes to the navigation system
2022-08-24 11:39:56 +02:00
Sami Mokaddem
8c4c75d83a
fix: [localTools:action] Catch error if local tool's action returned unexpected data
2022-06-08 11:51:52 +02:00
iglocska
c6572885a9
chg: [users view] added KC checks for the profile link
2022-05-17 10:47:25 +02:00
iglocska
be064bb0c9
new: [KC] profile link added
2022-05-17 10:42:44 +02:00
Sami Mokaddem
5c520e440d
chg: [metatemplate:meta_fields_to_update] Only show notice if applicable
2022-03-09 09:16:47 +01:00
Sami Mokaddem
61736531b1
chg: [indexTable:context_filters] Support of default context filter
...
This filter is used by default if none is provided
2022-03-09 08:55:59 +01:00
Sami Mokaddem
39d89efb53
chg: [meta-template:update] Default update strategy to be `create_new`
2022-03-09 08:21:27 +01:00
Sami Mokaddem
66572a788f
fix: [metatemplates:index] Pass all needed arguments
2022-03-08 17:22:39 +01:00
Sami Mokaddem
3d0fdeba81
fix: [users:add] Decoupled password required and visibility
2022-03-01 13:59:10 +01:00
Sami Mokaddem
7d345f98f2
chg: [index_table:group_search] Changed name for better visibility
2022-02-28 10:46:38 +01:00
Sami Mokaddem
3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-28 09:51:51 +01:00
Sami Mokaddem
04b82d356e
chg: [indexTable:filtering] Initial work on supporting custom operators
2022-02-25 15:36:55 +01:00
iglocska
4902a3f8a6
new: [password auth] added setting to disable password auth
...
- not needed in some cases for keycloak enabled instances
2022-02-25 00:33:00 +01:00
iglocska
678ad0fe8e
chg: [templates] for user creation now have a minimalist individiual creation included
2022-02-24 13:48:10 +01:00
iglocska
304586ff19
chg: [user] view add link to user's individual
2022-02-24 13:47:49 +01:00
Sami Mokaddem
f044bd8957
chg: [layout:sidebar] Only show collapsible parents if they have children
2022-02-23 10:19:16 +01:00
Sami Mokaddem
bd14d52571
chg: Removed useless comments
2022-02-23 08:11:24 +01:00
Sami Mokaddem
c0b6925aa5
chg: Removed unused commented code
2022-02-22 14:07:01 +01:00
Sami Mokaddem
7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-21 11:17:05 +01:00
iglocska
9245b2d720
fix: [genericTemplates] delete template can be invoked without an ID
2022-02-20 15:05:03 +01:00
iglocska
495c4ee93c
fix: [security] XSS in the generic action template
...
- a previously assumed internal url can have user input appended via the MISP local tool connector
- requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads
- as reported by Dawid Czarcnecki of Zigrin Security
2022-02-20 12:07:06 +01:00
Sami Mokaddem
ec37a637f8
chg: [header] moved inline style in css file
2022-02-09 09:51:21 +01:00
Sami Mokaddem
e67c711935
chg: [notifications] Slightly improved UI
2022-02-09 09:30:59 +01:00
Sami Mokaddem
a77e29fa38
new: [layout:sidebar] Notifications in the sidebar
2022-02-08 17:58:30 +01:00
Sami Mokaddem
d1cf408163
new: [helpers:bootstrap] Added notification bubble
2022-02-08 17:57:20 +01:00
Sami Mokaddem
62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-08 08:42:25 +01:00
Sami Mokaddem
e13b4e7bc5
fix: [settings:settingField] Enforce sanitization of input fields
...
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 11:43:09 +01:00
Sami Mokaddem
14ec995c2b
fix: [userSettings] Perform URI validation for bookmarks
...
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 10:48:55 +01:00
Sami Mokaddem
dfb8d73a92
fix: [userSettings] Renamed template to match the controller endpoint
2022-02-07 10:37:03 +01:00
iglocska
e60d97c214
fix: [security] genericForm reflected XSS in form descriptions for user controlled descriptions
...
- accessible via the MISP local tool setting change
- sanitise the description
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-03 23:56:23 +01:00
iglocska
8b6fc78695
fix: [generic fields] org field URL missing slash fixed
2022-01-28 00:51:09 +01:00
iglocska
9dd488e766
fix: [login] hide keycloak login if keycloak login is disabled
2022-01-27 22:11:51 +01:00
iglocska
1ca0f21b86
chg: [user add] form defaults
...
- org will default to own org for site admins
- role will default to the default role (if set)
2022-01-27 21:54:59 +01:00
iglocska
05daa5470a
fix: [sharing group form] default to own org as owner
...
- reconsider if this should be a configurable setting at all
2022-01-27 21:10:00 +01:00
iglocska
589f932fe9
chg: [form] dropdown default key added
2022-01-27 21:09:32 +01:00
Sami Mokaddem
7de1c14407
chg: [userSettings:add] Adhere to the passed user context
2022-01-27 10:44:47 +01:00
Sami Mokaddem
dc8710d89e
fix: [users:view] Correctly reload authkey child panel when performing operations
2022-01-27 10:21:55 +01:00