cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity
1,268 Commits
11 Branches
25 Tags
20 MiB
Commit Graph

233 Commits (3bf52c701f33f749553740607313ca95845cfd1b)

Author SHA1 Message Date
iglocska 84537c52f9
new: [user enrollment] send keycloak welcome email to users when enrolled 2022-10-25 10:57:18 +02:00
iglocska 41a241cada
new: [pgp] library ported from MISP 
- added proper view elements for encryption keys
- added key information extraction
 2022-10-21 15:25:52 +02:00
Sami Mokaddem a091edbf22
fix: [user:beforeSave] Only call the user-update callback if the user is not new 2022-10-21 09:00:49 +02:00
Sami Mokaddem 21403995e3
new: [user:edit] Added keycloak updates when a user gets modified 2022-09-21 10:11:09 +02:00
Sami Mokaddem 37094e0abb
fix: [user:validation] Allow user edition when `username` is not set 2022-09-21 10:10:02 +02:00
iglocska 5e0ab5cc38
new: [users] username validation added 
- >5 && <50 in length required
- trim username to test to avoid whitespace names

- as reported by SK-CERT
 2022-09-19 01:22:53 +02:00
iglocska 9a50a5693e
fix: [users] added uniqueness to usernames 
- added upgrade script with removal of duplicate usernames
- added unique index to username field
- massaging the usernames before insertion (trim + lowercasing)

- As reported by SK-CERT
 2022-09-19 01:12:14 +02:00
iglocska af1e2fd632
new: [security] Bruteforce protection added 
- logins allow for 5 attempts every 5 minutes
- Code ported and updated from MISP

- As reported by SK-CERT
 2022-09-19 00:25:15 +02:00
iglocska a5c9f68316
fix: [deprecation] futher toList() call updated 2022-08-17 13:49:52 +02:00
iglocska 60d8a8f655
fix: [deprecation] toList() queries updated 2022-08-17 13:49:11 +02:00
iglocska a88318c5df
fix: [auditlogs] more monkey fixing the logging errors via CLI 2022-05-17 09:26:23 +02:00
iglocska 11c9900580
chg: revert 2022-05-17 09:24:37 +02:00
iglocska 23c41008d4
chg: [audit logs] fix test 2022-05-17 09:23:08 +02:00
iglocska 8cf325d263
fix: [audit logs] monkey fix for the missing fields when coming from a CLI query 2022-05-17 09:06:16 +02:00
Sami Mokaddem 3e4d0a4544
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-03-09 11:44:26 +01:00
Sami Mokaddem 938354119b
fix: [metaFields] Added timestamp behavior 2022-03-09 11:15:41 +01:00
Sami Mokaddem 39d89efb53
chg: [meta-template:update] Default update strategy to be `create_new` 2022-03-09 08:21:27 +01:00
Sami Mokaddem 7a16c2c792
fix: [metaTemplate:view] Repair `Field` child 2022-03-08 17:49:18 +01:00
Sami Mokaddem 033792396c
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-03-08 17:13:19 +01:00
Sami Mokaddem 503b9e53b7
chg: [instance:getStatistics] Usage of cake's FrozenTime instead of DateTime 2022-03-08 16:51:10 +01:00
Luciano Righetti 9a2c6a4c4b new: add api tests for MetaTemplates and openapi spec, fix minor issues. 2022-03-08 15:51:07 +01:00
Sami Mokaddem b91f4b5d01
chg: [settingProvider:cerebrate] Typo in `password_auth.enabled`'s name 2022-03-01 13:56:54 +01:00
Sami Mokaddem a78864912e
chg: [metaTemplates:computeConflicts] Usage of subqueries instead of array of IDs 2022-03-01 11:32:30 +01:00
Sami Mokaddem 134b7bfc3e
chg: [metafields] Passed argument can either be an object or array 2022-03-01 11:30:22 +01:00
Sami Mokaddem bb94765243
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-03-01 09:52:57 +01:00
Sami Mokaddem 505e9a0973
chg: [metaFields] Added metafield type validation 2022-03-01 09:52:27 +01:00
Sami Mokaddem 4b5b2bc7e2
chg: [behaviors:metafields] Moved type handlers to the meta-template-fields table 2022-03-01 09:49:33 +01:00
Sami Mokaddem ad6362eed4
chg: [instance:searchAll] Sharinggroup filter on org membership in addition to owner 2022-02-28 14:35:06 +01:00
Sami Mokaddem bc04fd0336
fix: [instance:searchAll] Get the correct count if after filter is applied 2022-02-28 14:34:14 +01:00
Sami Mokaddem 8293312f90
fix: [instance:search_all] Support of conditions and afterFind when using global search 2022-02-28 14:16:12 +01:00
iglocska 61cda0af33
fix: [minor fixes] with the keycloak integration 2022-02-28 10:27:17 +01:00
Sami Mokaddem 3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-28 09:51:51 +01:00
iglocska 1e6b6a5abc
fix: [settings] added test for keycloak enabled 
- always require one auth method to be enabled
 2022-02-28 08:27:22 +01:00
iglocska 4902a3f8a6
new: [password auth] added setting to disable password auth 
- not needed in some cases for keycloak enabled instances
 2022-02-25 00:33:00 +01:00
iglocska 3790244ce4
new: [individuals] new finder method to find by alignment 2022-02-24 13:47:08 +01:00
iglocska 8fdb8668c8
fix: [alignments] saving of the alignment was omitted before 2022-02-24 13:46:35 +01:00
Sami Mokaddem 64cb0f920a
chg: [mailinglist] Added ACL conditions on mailing list operations 
- Site admins have all authorizations
- Org admins can manipulate the list their user own (can be later replaced by organisation_id instead of user_id)
- Other users can see the all lists they are included in
 2022-02-23 10:03:12 +01:00
Sami Mokaddem 4e4cb34b22
chg: [metaTemplates] Removed comment 2022-02-21 15:42:23 +01:00
Sami Mokaddem 7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-21 11:17:05 +01:00
iglocska 3745739158
chg: [flood protection] Changed the description of the setting based on the used IP source 
- added a warning about the IP source setting affecting the efficacy of the flood protection in regards to an attacker being potentially able to spoof their IP
- Warn the admin to make sure that the reverse proxy used (the main reason to use the alternate headers in the first place) needs to be configured to correctly overwrite the header

- as reported by Dawid Czarnecki of Zigrin Security
 2022-02-19 01:42:24 +01:00
iglocska 283299bf36
fix: [security] flood protection control enabled by default 
- as reported by Dawid Czarnecki from Zigrin Security
 2022-02-19 01:34:07 +01:00
Sami Mokaddem 20907a45da
chg: [organisation] Removed useless class variable 2022-02-09 15:41:58 +01:00
Sami Mokaddem a77e29fa38
new: [layout:sidebar] Notifications in the sidebar 2022-02-08 17:58:30 +01:00
Sami Mokaddem 62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-08 08:42:25 +01:00
Sami Mokaddem ad3e89199b
chg: [settingTable] Added value validation before saving the setting 2022-02-07 12:01:07 +01:00
Sami Mokaddem 336dfb091c
chg: [settingTable] Gracefully handle if file not writeable 2022-02-07 11:11:25 +01:00
Sami Mokaddem 14ec995c2b
fix: [userSettings] Perform URI validation for bookmarks 
- As reported by Dawid Czarnecki from Zigrin Security
 2022-02-07 10:48:55 +01:00
iglocska d45a4dc499
new: [registration] added optional registration flood protection 
- As reported by Dawid Czarnecki from Zigrin Security
 2022-02-07 02:03:41 +01:00
iglocska e6643365d2
new: [flood protection] behaviour added 
simple expiration system to allow flood protections to be added to any functionality
 2022-02-07 02:01:59 +01:00
iglocska c983c6f130
fix: [Keycloak baseurl] remove trailing slashes 2022-01-27 20:59:58 +01:00