iglocska
84537c52f9
new: [user enrollment] send keycloak welcome email to users when enrolled
2022-10-25 10:57:18 +02:00
iglocska
41a241cada
new: [pgp] library ported from MISP
...
- added proper view elements for encryption keys
- added key information extraction
2022-10-21 15:25:52 +02:00
Sami Mokaddem
a091edbf22
fix: [user:beforeSave] Only call the user-update callback if the user is not new
2022-10-21 09:00:49 +02:00
Sami Mokaddem
21403995e3
new: [user:edit] Added keycloak updates when a user gets modified
2022-09-21 10:11:09 +02:00
Sami Mokaddem
37094e0abb
fix: [user:validation] Allow user edition when `username` is not set
2022-09-21 10:10:02 +02:00
iglocska
5e0ab5cc38
new: [users] username validation added
...
- >5 && <50 in length required
- trim username to test to avoid whitespace names
- as reported by SK-CERT
2022-09-19 01:22:53 +02:00
iglocska
9a50a5693e
fix: [users] added uniqueness to usernames
...
- added upgrade script with removal of duplicate usernames
- added unique index to username field
- massaging the usernames before insertion (trim + lowercasing)
- As reported by SK-CERT
2022-09-19 01:12:14 +02:00
iglocska
af1e2fd632
new: [security] Bruteforce protection added
...
- logins allow for 5 attempts every 5 minutes
- Code ported and updated from MISP
- As reported by SK-CERT
2022-09-19 00:25:15 +02:00
iglocska
a5c9f68316
fix: [deprecation] futher toList() call updated
2022-08-17 13:49:52 +02:00
iglocska
60d8a8f655
fix: [deprecation] toList() queries updated
2022-08-17 13:49:11 +02:00
iglocska
a88318c5df
fix: [auditlogs] more monkey fixing the logging errors via CLI
2022-05-17 09:26:23 +02:00
iglocska
11c9900580
chg: revert
2022-05-17 09:24:37 +02:00
iglocska
23c41008d4
chg: [audit logs] fix test
2022-05-17 09:23:08 +02:00
iglocska
8cf325d263
fix: [audit logs] monkey fix for the missing fields when coming from a CLI query
2022-05-17 09:06:16 +02:00
Sami Mokaddem
3e4d0a4544
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-03-09 11:44:26 +01:00
Sami Mokaddem
938354119b
fix: [metaFields] Added timestamp behavior
2022-03-09 11:15:41 +01:00
Sami Mokaddem
39d89efb53
chg: [meta-template:update] Default update strategy to be `create_new`
2022-03-09 08:21:27 +01:00
Sami Mokaddem
7a16c2c792
fix: [metaTemplate:view] Repair `Field` child
2022-03-08 17:49:18 +01:00
Sami Mokaddem
033792396c
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-03-08 17:13:19 +01:00
Sami Mokaddem
503b9e53b7
chg: [instance:getStatistics] Usage of cake's FrozenTime instead of DateTime
2022-03-08 16:51:10 +01:00
Luciano Righetti
9a2c6a4c4b
new: add api tests for MetaTemplates and openapi spec, fix minor issues.
2022-03-08 15:51:07 +01:00
Sami Mokaddem
b91f4b5d01
chg: [settingProvider:cerebrate] Typo in `password_auth.enabled`'s name
2022-03-01 13:56:54 +01:00
Sami Mokaddem
a78864912e
chg: [metaTemplates:computeConflicts] Usage of subqueries instead of array of IDs
2022-03-01 11:32:30 +01:00
Sami Mokaddem
134b7bfc3e
chg: [metafields] Passed argument can either be an object or array
2022-03-01 11:30:22 +01:00
Sami Mokaddem
bb94765243
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-03-01 09:52:57 +01:00
Sami Mokaddem
505e9a0973
chg: [metaFields] Added metafield type validation
2022-03-01 09:52:27 +01:00
Sami Mokaddem
4b5b2bc7e2
chg: [behaviors:metafields] Moved type handlers to the meta-template-fields table
2022-03-01 09:49:33 +01:00
Sami Mokaddem
ad6362eed4
chg: [instance:searchAll] Sharinggroup filter on org membership in addition to owner
2022-02-28 14:35:06 +01:00
Sami Mokaddem
bc04fd0336
fix: [instance:searchAll] Get the correct count if after filter is applied
2022-02-28 14:34:14 +01:00
Sami Mokaddem
8293312f90
fix: [instance:search_all] Support of conditions and afterFind when using global search
2022-02-28 14:16:12 +01:00
iglocska
61cda0af33
fix: [minor fixes] with the keycloak integration
2022-02-28 10:27:17 +01:00
Sami Mokaddem
3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-28 09:51:51 +01:00
iglocska
1e6b6a5abc
fix: [settings] added test for keycloak enabled
...
- always require one auth method to be enabled
2022-02-28 08:27:22 +01:00
iglocska
4902a3f8a6
new: [password auth] added setting to disable password auth
...
- not needed in some cases for keycloak enabled instances
2022-02-25 00:33:00 +01:00
iglocska
3790244ce4
new: [individuals] new finder method to find by alignment
2022-02-24 13:47:08 +01:00
iglocska
8fdb8668c8
fix: [alignments] saving of the alignment was omitted before
2022-02-24 13:46:35 +01:00
Sami Mokaddem
64cb0f920a
chg: [mailinglist] Added ACL conditions on mailing list operations
...
- Site admins have all authorizations
- Org admins can manipulate the list their user own (can be later replaced by organisation_id instead of user_id)
- Other users can see the all lists they are included in
2022-02-23 10:03:12 +01:00
Sami Mokaddem
4e4cb34b22
chg: [metaTemplates] Removed comment
2022-02-21 15:42:23 +01:00
Sami Mokaddem
7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-21 11:17:05 +01:00
iglocska
3745739158
chg: [flood protection] Changed the description of the setting based on the used IP source
...
- added a warning about the IP source setting affecting the efficacy of the flood protection in regards to an attacker being potentially able to spoof their IP
- Warn the admin to make sure that the reverse proxy used (the main reason to use the alternate headers in the first place) needs to be configured to correctly overwrite the header
- as reported by Dawid Czarnecki of Zigrin Security
2022-02-19 01:42:24 +01:00
iglocska
283299bf36
fix: [security] flood protection control enabled by default
...
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-19 01:34:07 +01:00
Sami Mokaddem
20907a45da
chg: [organisation] Removed useless class variable
2022-02-09 15:41:58 +01:00
Sami Mokaddem
a77e29fa38
new: [layout:sidebar] Notifications in the sidebar
2022-02-08 17:58:30 +01:00
Sami Mokaddem
62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-08 08:42:25 +01:00
Sami Mokaddem
ad3e89199b
chg: [settingTable] Added value validation before saving the setting
2022-02-07 12:01:07 +01:00
Sami Mokaddem
336dfb091c
chg: [settingTable] Gracefully handle if file not writeable
2022-02-07 11:11:25 +01:00
Sami Mokaddem
14ec995c2b
fix: [userSettings] Perform URI validation for bookmarks
...
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 10:48:55 +01:00
iglocska
d45a4dc499
new: [registration] added optional registration flood protection
...
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 02:03:41 +01:00
iglocska
e6643365d2
new: [flood protection] behaviour added
...
simple expiration system to allow flood protections to be added to any functionality
2022-02-07 02:01:59 +01:00
iglocska
c983c6f130
fix: [Keycloak baseurl] remove trailing slashes
2022-01-27 20:59:58 +01:00