822c96dbf0
fix: [single view generic field] allow for unsanitised raw input
2022-09-18 18:32:43 +02:00
09ff4eba53
fix: [xss] resolved in the genericField of the single view
...
- as reported by SK-CERT
2022-09-18 18:27:39 +02:00
d35a674505
chg: [navigation] added keycloak self management
...
- also some changes to the navigation system
2022-08-24 11:39:56 +02:00
8c4c75d83a
fix: [localTools:action] Catch error if local tool's action returned unexpected data
2022-06-08 11:51:52 +02:00
c6572885a9
chg: [users view] added KC checks for the profile link
2022-05-17 10:47:25 +02:00
be064bb0c9
new: [KC] profile link added
2022-05-17 10:42:44 +02:00
5c520e440d
chg: [metatemplate:meta_fields_to_update] Only show notice if applicable
2022-03-09 09:16:47 +01:00
61736531b1
chg: [indexTable:context_filters] Support of default context filter
...
This filter is used by default if none is provided
2022-03-09 08:55:59 +01:00
39d89efb53
chg: [meta-template:update] Default update strategy to be `create_new`
2022-03-09 08:21:27 +01:00
66572a788f
fix: [metatemplates:index] Pass all needed arguments
2022-03-08 17:22:39 +01:00
3d0fdeba81
fix: [users:add] Decoupled password required and visibility
2022-03-01 13:59:10 +01:00
7d345f98f2
chg: [index_table:group_search] Changed name for better visibility
2022-02-28 10:46:38 +01:00
3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-28 09:51:51 +01:00
04b82d356e
chg: [indexTable:filtering] Initial work on supporting custom operators
2022-02-25 15:36:55 +01:00
4902a3f8a6
new: [password auth] added setting to disable password auth
...
- not needed in some cases for keycloak enabled instances
2022-02-25 00:33:00 +01:00
678ad0fe8e
chg: [templates] for user creation now have a minimalist individiual creation included
2022-02-24 13:48:10 +01:00
304586ff19
chg: [user] view add link to user's individual
2022-02-24 13:47:49 +01:00
f044bd8957
chg: [layout:sidebar] Only show collapsible parents if they have children
2022-02-23 10:19:16 +01:00
bd14d52571
chg: Removed useless comments
2022-02-23 08:11:24 +01:00
c0b6925aa5
chg: Removed unused commented code
2022-02-22 14:07:01 +01:00
7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-21 11:17:05 +01:00
9245b2d720
fix: [genericTemplates] delete template can be invoked without an ID
2022-02-20 15:05:03 +01:00
495c4ee93c
fix: [security] XSS in the generic action template
...
- a previously assumed internal url can have user input appended via the MISP local tool connector
- requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads
- as reported by Dawid Czarcnecki of Zigrin Security
2022-02-20 12:07:06 +01:00
ec37a637f8
chg: [header] moved inline style in css file
2022-02-09 09:51:21 +01:00
e67c711935
chg: [notifications] Slightly improved UI
2022-02-09 09:30:59 +01:00
a77e29fa38
new: [layout:sidebar] Notifications in the sidebar
2022-02-08 17:58:30 +01:00
d1cf408163
new: [helpers:bootstrap] Added notification bubble
2022-02-08 17:57:20 +01:00
62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-08 08:42:25 +01:00
e13b4e7bc5
fix: [settings:settingField] Enforce sanitization of input fields
...
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 11:43:09 +01:00
14ec995c2b
fix: [userSettings] Perform URI validation for bookmarks
...
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 10:48:55 +01:00
dfb8d73a92
fix: [userSettings] Renamed template to match the controller endpoint
2022-02-07 10:37:03 +01:00
e60d97c214
fix: [security] genericForm reflected XSS in form descriptions for user controlled descriptions
...
- accessible via the MISP local tool setting change
- sanitise the description
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-03 23:56:23 +01:00
8b6fc78695
fix: [generic fields] org field URL missing slash fixed
2022-01-28 00:51:09 +01:00
9dd488e766
fix: [login] hide keycloak login if keycloak login is disabled
2022-01-27 22:11:51 +01:00
1ca0f21b86
chg: [user add] form defaults
...
- org will default to own org for site admins
- role will default to the default role (if set)
2022-01-27 21:54:59 +01:00
05daa5470a
fix: [sharing group form] default to own org as owner
...
- reconsider if this should be a configurable setting at all
2022-01-27 21:10:00 +01:00
589f932fe9
chg: [form] dropdown default key added
2022-01-27 21:09:32 +01:00
7de1c14407
chg: [userSettings:add] Adhere to the passed user context
2022-01-27 10:44:47 +01:00
dc8710d89e
fix: [users:view] Correctly reload authkey child panel when performing operations
2022-01-27 10:21:55 +01:00
789bd9926f
chg: [navigation:users] Restored breadcrumb navigation to access user profile settings
2022-01-27 08:41:31 +01:00
54ee91ba1a
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 12:11:53 +01:00
f53b458103
fix: [userSettings] Allow admin to edit other user's settings
2022-01-26 12:11:44 +01:00
acc9c94baa
Merge branch 'main' into develop
2022-01-25 15:59:31 +01:00
578eacfd89
fix: [templates:common] Removed extra closing tag
2022-01-25 15:02:58 +01:00
4f8b663b87
chg: [localtTools:connectionRequest] Provide more info on exception
2022-01-25 15:02:30 +01:00
6005552e76
fix: [genericElements:tags] List tags when editing an entity
2022-01-25 15:02:04 +01:00
a7e2fb2ea7
chg: [auditlog:index] Break text in changed column
2022-01-25 15:01:48 +01:00
77285257da
fix: [templates:common] Removed extra closing tag
2022-01-25 14:03:48 +01:00
e9f77aff51
Merge branch 'develop' into main
2022-01-25 11:36:06 +01:00
57e2c75352
fix: [users] role based action filtering added
...
- to avoid annoying clickable, but blocked actions for og admins
2022-01-25 11:34:22 +01:00
42de70e87d
chg: [ui:header-notification] Added support of variant severity
2022-01-25 11:31:17 +01:00
249892c3e0
chg: [notifications] Support of modal when clicking on notification element
2022-01-25 09:32:16 +01:00
7535cd2bdf
chg: [localtTools:connectionRequest] Provide more info on exception
2022-01-24 16:12:46 +01:00
6321725fa9
new: [notification] Added initial version of the notification system
2022-01-24 15:13:28 +01:00
fc2c67ef55
new: [dependency:js] Added moment.js
2022-01-24 15:12:48 +01:00
7af31448cd
fix: [genericElements:index_table] Improved positioniong of pagination link for sorting
2022-01-21 09:09:05 +01:00
695fcdaf26
chg: [genericELements:index_table] Tabler head accept icons
2022-01-21 09:08:13 +01:00
f8c775ba03
chg: [api:index] Serve redoc script directly form the server
2022-01-20 14:54:47 +01:00
d324eb497e
fix: [genericElements:tags] List tags when editing an entity
2022-01-20 14:37:19 +01:00
ef16bc3676
chg: [auditlog:index] Break text in changed column
2022-01-20 14:24:03 +01:00
38a9aa9869
chg: [auditlog] Allow filtering and searching the table
2022-01-20 13:55:27 +01:00
e6ec31ff23
fix: [appTable:table_statistics] Compute timeline only if the fields exist in the DB schema
2022-01-20 13:44:19 +01:00
a98c7f8f32
fix: [metaTemplate] Various fixed on meta-templates updates
2022-01-20 12:00:39 +01:00
324ac1ce40
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into refactor-metatemplates
2022-01-20 09:00:45 +01:00
80cd93da40
Merge pull request #80 from righel/add-integration-tests
...
Add integration tests
2022-01-19 16:25:19 +01:00
1d7fc00a65
chg: [layout:header-profile] Improved spacing
2022-01-19 09:33:57 +01:00
ee5c723c71
Merge branch 'develop' into add-integration-tests
2022-01-18 18:11:53 +01:00
dbaa2ba7b3
fix: [encryption keys] several fixes
...
- fix the user view to correctly point to the list of related encryption keys
- fix the lookup on the index to be based on owner_model + owner_id combo
- fix the filtering of the dropdown in the encryption key add form to only valid options
2022-01-18 16:56:38 +01:00
f48c1a5a17
Merge branch 'develop' into add-integration-tests
2022-01-18 14:29:54 +01:00
46870a4bcc
fix: [organisation:add] Removed useless description field
2022-01-17 15:45:51 +01:00
0328bfed46
fix: [inividuals] add shouldn't have the tagging options
...
- can't tag that which does not exist yet
2022-01-17 13:20:34 +01:00
244020802c
Merge branch 'main' into develop
2022-01-17 13:17:51 +01:00
453c838dfe
fix: [placeholder removed] WiP functionality for local_tool->local_tool connections within the same brood temporarily removed
...
- was never fully implemented
2022-01-17 13:15:26 +01:00
b4534c373b
fix: [organisation] add/edit doesn't save URL
2022-01-17 12:53:14 +01:00
f18307b3cb
chg: [localTools:local_tool_connectors] Added support of CodeMirror placeholder
2022-01-17 11:30:26 +01:00
aeaa833f64
new: [CodeMirror] Shows a placeholder whenever the textarea is empty
2022-01-17 11:29:50 +01:00
12d7607aae
new: [encryption key] view added
...
- was missing, despite links to it
2022-01-17 09:45:45 +01:00
a69608530c
new: add /api openapi spec view with redoc, add faker to fixtures, validate api responses with openapi spec, add /api/v1/ prefix to api routes
2022-01-07 13:45:52 +01:00
30ec856dc3
fix: [local_tool:batchApiAction] Various UI and backend fixes
2021-12-21 12:36:36 +01:00
3ed5af776a
fix: [local_tool:batchApiAction] Various UI and backend fixes
2021-12-21 12:34:37 +01:00
a1a9029053
chg: [metaTemplate] Better placement of notice message
2021-12-20 14:28:04 +01:00
19b4648efb
chg: [genericElement:metafield_panel] Only display notice if the entity has meta fields
2021-12-17 14:04:44 +01:00
da5c4e2de7
chg: [metaTemplate:index] Improved text
2021-12-16 11:03:34 +01:00
fa364c2b2f
fix: [metaTemplate] Repaired update_all
2021-12-15 15:33:58 +01:00
02cc0c30a3
chg: [metaTemplate] Major refactoring and documentation - WiP
2021-12-14 15:09:40 +01:00
aa83b1aa37
chg: [metaTemplate] Update system and conflict resolution interfaces - WiP
2021-12-08 11:11:46 +01:00
6865114118
chg: [genericElements:form] Support of more option and radio input
2021-12-08 11:08:40 +01:00
296e8b119a
fix: [genericTemplates:delete] Make sure to sanitize modal content
2021-12-08 11:07:02 +01:00
bb3b264cfb
fix: [sharing group index] fixed members link
2021-12-05 00:02:33 +01:00
5041a57e08
fix: [sharing groups] index members column fixed
2021-12-04 23:58:42 +01:00
332f374e01
chg: [sharing group index] add button now has the new checkaccess conditions applied
2021-12-01 14:26:20 +01:00
819d96e805
new: [metaTemplate] Interface and functions to update meta-templates - WiP
...
Actual update not implemented yet.
2021-12-01 11:01:31 +01:00
a6ecab5b47
new: [elements:breadcrumb] Added possibility to have badges in action item
2021-12-01 08:41:25 +01:00
2406e31b72
fix: [user add] form fixes
2021-11-26 10:53:24 +01:00
2eb2459936
fix: [forms] added missing password form field
2021-11-26 10:52:44 +01:00
15d738aa77
fix: [forms] dropdowns overriding values from request
2021-11-26 10:51:58 +01:00
cc5c750de8
chg: [audit log] change field renamed to changed
...
- change is a reserved keyword
- this way quoting of field names is no longer needed in the cakePHP settings
2021-11-25 00:57:31 +01:00
a4f6e06e7a
fix: [roles index] correctly allow site admins to modify / remove roles
2021-11-25 00:55:36 +01:00
e8e1a16673
chg: [search_all] Added drafty support of meta-fields
2021-11-24 22:39:22 +01:00
aa42e6763a
chg: [metaTemplate] Started implementing new update system - WiP
2021-11-24 09:14:09 +01:00
6d7a555368
chg: [index views] slight changes
...
- hide inaccessible action buttons on org index
- add owner to sharing group index
2021-11-24 01:28:01 +01:00
e708730e97
chg: [roles] hide action buttons on the role index when they wouldn't be available anyway
2021-11-24 01:27:14 +01:00
ed848e9cee
chg: [sharing groups] show owner org on the index
2021-11-24 01:26:55 +01:00
061f3fc468
chg: [profile] added org to profile menu
2021-11-24 01:26:29 +01:00
81ab202917
chg: [templates] org fields added to user templates
2021-11-24 01:25:57 +01:00
d136955160
chg: [elements:widgets] Slightly refactored highlight panel and removed useless code
2021-11-23 22:07:31 +01:00
bfd3a0c1e0
chg: [genericElements:index_table] Immediately save index setting when dropdown menu gets closed
2021-11-23 21:55:01 +01:00
7c92c12de9
chg: [element:index_table] Slight UI adjustement
2021-11-23 15:53:05 +01:00
025b551e77
chg: [genericElements:index_table] Added close button for stat widget config UI
2021-11-23 13:49:34 +01:00
ef91cfcee3
chg: [genericElements:index_table] Continuation of stats for current view - WiP
2021-11-17 17:04:39 +01:00
7f138325a8
fix: [log index] use the proper action column
2021-11-17 16:04:02 +01:00
92ddd04ba0
fix: [JSON fields] fixed escaping issues
2021-11-17 15:58:52 +01:00
de2ee49ccf
new: [auditlogs] UI
2021-11-17 14:44:54 +01:00
25f0f07251
chg: [genericElements:index_table] Added support of statistic for current view - WiP
2021-11-15 11:51:47 +01:00
829e471ac1
chg: [element:widget] Added support of condensed UI for highlight-panel
...
This could be later on refactored to be formed from smaller views
2021-11-15 11:51:08 +01:00
5e39707623
chg: [element:bar] better support of passed options
2021-11-15 11:49:35 +01:00
c6925c2d98
fix: [home:ui] Use correct bootstrap class
2021-11-15 11:46:15 +01:00
7cf7363009
chg: [genericElements:index_table] Moved description to a tooltip
...
Description describing indexes are great when discovering an app for the first time but start taking important place and become useless when users gets to know the app better. Moving it to a tooltip makes sense in that regard.
2021-11-15 08:29:16 +01:00
509b203591
chg: [instance:home] Added support of both `modified` and `created` in stat panels
2021-11-12 15:40:03 +01:00
6579482526
chg: [Organisation] Moved model to use meta-field behavior instead of association
2021-11-11 14:50:25 +01:00
0dfa87be6f
chg: [genericElement:index_table] Conditional inclusion of header in column visibility selector
2021-11-11 08:24:07 +01:00
fc0f12e38e
chg: [genericElement:index] Highlight filtering button if filters are present
2021-11-10 15:34:33 +01:00
33c83f4020
chg: [ui] Renamed search button in index_table
...
Search seems more appropriate than filter
2021-11-10 15:31:09 +01:00
cc0b1ad3b4
chg: [component:CRUD] Added support of metafield in quickfilter feature
2021-11-10 15:28:09 +01:00
d6d592ff8c
new: [genericElement:index_table] Added support of meta_fields searches
2021-11-10 12:07:27 +01:00
acd80e2f18
chg: [genericElement:index_table] Small UI improvement for column visibility selector
2021-11-10 09:30:23 +01:00
a005d0491f
new: [genericElements:index_table] Support of meta_fields in table column
2021-11-10 09:06:39 +01:00
b6cf9e39dd
chg: [genericElement:index_table] Better support of array in generic fields
2021-11-10 08:58:21 +01:00
452873e3ba
chg: [ui:meta_templates] Slightly improved UI
2021-11-09 09:11:35 +01:00
f62caa919b
chg: [navigation] Navigation's actions now relies on modal instead of redirecting to the page
2021-11-08 15:56:39 +01:00
50737543a9
chg: [component:CRUD] Cleanup leftovers comments
2021-11-08 15:03:05 +01:00
94fbd74918
chg: [component:CRUD] Support of validation and re-edition (WiP)
2021-11-08 14:08:47 +01:00
fc436e89e2
chg: [element:genericForm] Usage of bootstrap component to generate ajax modal
2021-11-05 17:44:05 +01:00
26859d045e
fix: [element] Made single views aware of multiple meta-fields
2021-11-05 17:03:11 +01:00
9f7f39ec85
chg: [app] More UI improvement for responsiveness
2021-11-04 15:19:45 +01:00
4f084e6beb
chg: [app] Various layout improvements for responsiveness
2021-11-04 10:47:03 +01:00
c55088aa85
chg: [metaTemplate] Continuation of refactoring - WiP
...
Editing meta field from entities working
2021-11-04 08:10:32 +01:00
9373c35bc6
chg: [metaTemplate] Started refactoring the whole feature
...
Objective of the refactoring is to:
Simplified metafields searches and started to add support of multi-field and edition
2021-11-03 11:47:10 +01:00
51d93d40af
chg: [ui] Various UI improvement and cleanup
...
New according bootstrap component and small UI enhancements
2021-10-28 09:27:30 +02:00
4ef6738053
chg: [mailinglist] Improved feature
...
Previously, emails were stored as json encoded string. To add more flexibility and prevent inconsistencies (such as propagating email changes to the mailing list), it has been moved to a table.
2021-10-28 09:00:20 +02:00
fe9fbe2e99
new: [mailing-list] Added mailing list feature - WiP
2021-10-25 16:20:36 +02:00
fe500e9796
fix: [settings] self registration setting path fixed
2021-10-21 13:45:24 +02:00
d21bad721a
fix: [genericTemplate:filters] Correctly takes filter fields and simplified UI
2021-10-21 10:20:07 +02:00
1fc583c9aa
fix: [registter] Typo in login link
2021-10-21 09:17:53 +02:00
49ec327923
chg: [ui:register] Added sign-in link
2021-10-21 09:16:51 +02:00
740c28a01e
fix: [register] Fix login in title
2021-10-21 08:47:51 +02:00
e1b066143c
fix: [ui:login] Typo in tittle
2021-10-21 08:47:13 +02:00
370ae3438e
new: [user:registration] Added user self-registration feature
2021-10-20 22:29:23 +02:00
0953a91db4
Merge remote-tracking branch 'origin/develop' into develop
2021-10-20 15:41:21 +02:00
8686aa87a6
fix: [genericElement:index_table] Better support of nested dropdown if it has been added after page load
2021-10-20 15:41:11 +02:00
iglocska