241e760ad2
add: add API menu option
2022-01-10 16:20:22 +01:00
ce1a51cc39
fix: incorrect check
2022-01-10 11:59:23 +01:00
a69608530c
new: add /api openapi spec view with redoc, add faker to fixtures, validate api responses with openapi spec, add /api/v1/ prefix to api routes
2022-01-07 13:45:52 +01:00
f45727704f
fix: deprecation warning
2022-01-05 17:44:24 +01:00
a473a9d3fb
new: initial api and integration tests.
2022-01-05 17:44:02 +01:00
aa23b3e293
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2021-12-22 12:27:04 +01:00
136148705a
chg: [keycloak] added screw to loosen timing issues
2021-12-22 12:26:37 +01:00
58e32782ca
chg: misp connector index changes
2021-12-22 12:13:27 +01:00
30ec856dc3
fix: [local_tool:batchApiAction] Various UI and backend fixes
2021-12-21 12:36:36 +01:00
4c7dc85d0e
fix: [encryptions] fixed adding encryption keys
2021-12-01 15:24:08 +01:00
1e31f4d1dd
new: [ACL Helper] check access for controller / action pair for given user
...
- accesible everywhere in the UI
2021-12-01 14:25:34 +01:00
e408f29a05
chg: [appcontroller] minor changes
...
- getRoleAccess now returns array format
- moved setting of view variables behind a rest check, to avoid additional unused actions for API queries
- current user's role access matrix passed to view via "roleAccess"
2021-12-01 14:24:32 +01:00
fbb1a52724
new: [ACL component] new functionalities
...
- getRoleAccess now returns either URLs or arrays
- array format allows for easy checking of controller + action pairs
2021-12-01 14:22:02 +01:00
392faa60e4
new: [ACL] getRoleAccess endpoint added
...
- prints all valid URLs for the current user's role
2021-11-30 00:00:05 +01:00
c7d40d42c7
fix: [ACL] added missing entries
2021-11-29 23:37:41 +01:00
22be309dc2
fix: [ACL] fix wildcard controller checks failing
2021-11-28 23:42:22 +01:00
7fa0537cfd
fix: [encryption keys] only show valid options when creating keys as a user
2021-11-27 23:51:32 +01:00
312229751b
fix: [keycloak] enrollment org_id issues fixed
2021-11-25 11:55:51 +01:00
cc5c750de8
chg: [audit log] change field renamed to changed
...
- change is a reserved keyword
- this way quoting of field names is no longer needed in the cakePHP settings
2021-11-25 00:57:31 +01:00
1ee895cedf
Merge branch 'main' into develop
2021-11-25 00:36:25 +01:00
033f6d7f97
fix: [typo] organisations != oganisations
2021-11-25 00:02:16 +01:00
c2cefb4311
fix: [user init] generation fixed
2021-11-24 23:59:34 +01:00
c7768921fb
fix: [user init] explicit uuid creation removed
...
- added behavior wherever it was missing
2021-11-24 23:32:17 +01:00
716f6b1147
fix: [default user creation] explicitly create UUIDs
2021-11-24 23:24:04 +01:00
e8e1a16673
chg: [search_all] Added drafty support of meta-fields
2021-11-24 22:39:22 +01:00
eb0a67327a
fix: [initial user] generation fixed
...
- requires a default organisation + org link now
2021-11-24 14:46:34 +01:00
bacb3dc85e
fix: [API] fixed broken API
...
- don't call functions specifically meant for the UI when in an ACL context
- also fixed breaking issues with the logging
2021-11-24 01:50:55 +01:00
92fee87a7f
fix: [keycloak] when enrolling users in keycloak, use the user organisation_id instead of the individual's first alias
2021-11-24 01:34:15 +01:00
3cc857c42f
fix: [auditlog] use insert() rather than save() as that is not available in the behavior
...
- fixes exception on logging deletes, blocking any actual deletions
2021-11-24 01:33:26 +01:00
22e4a90af0
chg: [ACL] tightened ACL for several controllers
...
- org admins now have access to new functionalities, added ACL for them
- Affected controllers:
- Authkeys, encryptionkeys, users, sharinggroups
- sets defaults/restricts access accordingly
2021-11-24 01:32:05 +01:00
0fe7f4f931
new: [CRUD] added additional features to the CRUD component
...
- conditions passable to add/edit/index/delete
- refactored get() requests internally to finds to accomodate for additional parameters
- delete() now takes a params[] array as a second argument
2021-11-24 01:30:28 +01:00
5483357e1c
chg: [ACL] fix permissions for org admins
...
- also, fix a bug with the simple permissions being ignored
2021-11-24 01:29:39 +01:00
dad310f434
chg: [appcontroller] include user org in loaded user object during authentication
...
- also log username as username rather than name
2021-11-24 01:28:52 +01:00
e5e4e74cae
chg: [users] associated with orgs
2021-11-24 01:25:32 +01:00
18b78e8eec
fix: [audit log] filtering now uses request_action rather than the renamed action field
2021-11-17 16:04:57 +01:00
ff77af0a8e
new: [appmodel] moved constants related to the logging along with a getter to app model
2021-11-17 15:58:06 +01:00
fe8e217d61
chg: [audit log naming] renamed action to request_action to avoid reserved keyword usage
2021-11-17 15:57:34 +01:00
7b52d29320
new: [login] log success/failure
2021-11-17 15:49:28 +01:00
bc2e2fa488
new: [open] individualscontroller fix
...
- import badrequest exception
2021-11-17 15:48:49 +01:00
cc04373375
new: [crud component] fixes
...
- add hidden option
- fix afterfind
2021-11-17 15:47:32 +01:00
1f77569344
chg: [auditlog] log api authentication failures / successes
2021-11-17 15:46:32 +01:00
2e1ee2d064
new: [audit log] behaviour tied into the appropriate models
2021-11-17 15:43:52 +01:00
af4f114f2f
chg: [audit logs] tied into side menu
2021-11-17 14:45:20 +01:00
23dc460359
new: [auditlog system] added
...
- port of Jakub Onderka's implementation from MISP
- Still not fully realised, lacking search functionalities
2021-11-17 14:44:07 +01:00
e2d6022726
Merge branch 'main' of github.com:cerebrate-project/cerebrate into main
2021-10-21 13:47:17 +02:00
b6c3aee91f
fix: [settings] invalid path to setting fixed
2021-10-21 13:44:49 +02:00
39f7a3f9e1
fix: [user] Added support of timestamp behavior
2021-10-21 11:33:41 +02:00
481bf1201f
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2021-10-21 11:27:30 +02:00
4cc4101670
fix: [in/outboxes] Full support of timestamp behavior
2021-10-21 11:27:02 +02:00
4402e7e074
fix: [theme] drop to default if nothing is configured instead of barfing
2021-10-21 11:26:15 +02:00
Luciano Righetti