iglocska
95ecc2bc80
fix: [security] fields not adhered to in CRUD components edit
...
- users can circumvent restrictions on editable fields
- can lead to privilege escalation when users edit themselves
2022-01-26 15:28:10 +01:00
Luciano Righetti
bd73b620cd
chg: add missing openapi endpoints for sync test
2022-01-26 15:19:23 +01:00
Sami Mokaddem
2602b60eb0
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 15:12:46 +01:00
iglocska
006b0aab99
chg: [MISP connector] user edit/delete temporarily commented out as they're not implemented yet
2022-01-26 15:05:38 +01:00
Sami Mokaddem
d05868106d
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 14:59:57 +01:00
iglocska
519fcd2b1a
fix: [lax URL validation] added for Broodstable
...
- can be reused elsewhere too
- allows for http://hostname style urls
2022-01-26 14:57:43 +01:00
iglocska
f695744bd7
fix: [user view] ACL fixed
2022-01-26 14:57:01 +01:00
iglocska
b7facf226d
chg: [Navigationcomponent] added missing changes from previous commit
2022-01-26 14:55:47 +01:00
Sami Mokaddem
74e95855bd
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 14:54:03 +01:00
iglocska
4b5bccae28
chg: [Organisation] Entity accessibility rules
...
- make created only accessible when creating new objects
2022-01-26 14:24:53 +01:00
iglocska
c186c88d5c
chg: [navigation] Breadcrumb generation is user aware
...
- moved the initialisation of the generation to be invoked from the appcontroller's beforefilter, after the user is loaded into the ACL component
- Only show user setting edits when the user is editing themselves
2022-01-26 14:21:27 +01:00
iglocska
9a0ddef2af
new: [ACL] added canEditUser() function
...
- simple comparison between two users
- checks role + org based permission
2022-01-26 14:16:28 +01:00
Sami Mokaddem
54ee91ba1a
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 12:11:53 +01:00
Sami Mokaddem
f53b458103
fix: [userSettings] Allow admin to edit other user's settings
2022-01-26 12:11:44 +01:00
Luciano Righetti
4c60fa0017
chg: tighten tests assertions
2022-01-26 11:00:48 +01:00
Luciano Righetti
d18471ba95
fix: failing when request is empty json object
2022-01-25 18:02:41 +01:00
Luciano Righetti
5da61f15dd
add: initial version of cerebrate->cerebrate misp interconnection
2022-01-25 18:01:51 +01:00
iglocska
19c81b7c11
fix: [Sharing groups] UUID and owner org shouldn't be editable
2022-01-25 17:09:29 +01:00
iglocska
c4a4512175
Merge branch 'main' into develop
2022-01-25 17:02:45 +01:00
iglocska
1086e41086
fix: [modified] saving fixed for sync captures
...
- set the field as not dirty to force an update
- stops the exceptions thrown on pulling these objects in
2022-01-25 17:01:27 +01:00
iglocska
9ce2e1d73b
Merge branch 'develop' into main
2022-01-25 15:59:42 +01:00
iglocska
acc9c94baa
Merge branch 'main' into develop
2022-01-25 15:59:31 +01:00
iglocska
55782af52b
fix: [users] add
...
- fixed role selection
2022-01-25 15:58:31 +01:00
Sami Mokaddem
44913c5ed7
fix: [users:settings] Allow admin to see account settings of other users
2022-01-25 15:27:34 +01:00
Sami Mokaddem
578eacfd89
fix: [templates:common] Removed extra closing tag
2022-01-25 15:02:58 +01:00
Sami Mokaddem
e05bf61251
chg: [inbox:createEntry] Checks for remote back connection is more flexible
...
Handle the case of trailing slash
2022-01-25 15:02:52 +01:00
Sami Mokaddem
88313679a6
chg: [outboxProcessors:brood] Gracefully catch server errors on remote broods
2022-01-25 15:02:46 +01:00
Sami Mokaddem
7faca94520
chg: [outboxProcessors:broods] Provide errors while trying to re-send a message
2022-01-25 15:02:41 +01:00
Sami Mokaddem
eef09f44c4
chg: [brood:connectionTest] Correctly handles network exceptions
2022-01-25 15:02:35 +01:00
Sami Mokaddem
4f8b663b87
chg: [localtTools:connectionRequest] Provide more info on exception
2022-01-25 15:02:30 +01:00
Sami Mokaddem
7d227a4387
chg: [inbox:index] Sort messages by created datetime
2022-01-25 15:02:25 +01:00
Sami Mokaddem
dc2bfcb6b2
fix: [components:CRUD] Support of controller's paginate public variable
2022-01-25 15:02:16 +01:00
Sami Mokaddem
6005552e76
fix: [genericElements:tags] List tags when editing an entity
2022-01-25 15:02:04 +01:00
Sami Mokaddem
a7e2fb2ea7
chg: [auditlog:index] Break text in changed column
2022-01-25 15:01:48 +01:00
Sami Mokaddem
5682f2a816
fix: [localToolConnectors:MISP] Fixed bad merge
2022-01-25 14:04:32 +01:00
Sami Mokaddem
77285257da
fix: [templates:common] Removed extra closing tag
2022-01-25 14:03:48 +01:00
iglocska
e9f77aff51
Merge branch 'develop' into main
2022-01-25 11:36:06 +01:00
iglocska
7830e24e68
Merge branch 'main' of github.com:cerebrate-project/cerebrate into main
2022-01-25 11:35:19 +01:00
iglocska
57e2c75352
fix: [users] role based action filtering added
...
- to avoid annoying clickable, but blocked actions for og admins
2022-01-25 11:34:22 +01:00
Sami Mokaddem
74df550419
chg: [inbox:collectNotifications] Collect notifications for the logged in user
2022-01-25 11:32:09 +01:00
Sami Mokaddem
42de70e87d
chg: [ui:header-notification] Added support of variant severity
2022-01-25 11:31:17 +01:00
Sami Mokaddem
dd3a1b8a15
chg: [appcontroller] Breadcrumbs and notifications are fetched only if the user is logged in
2022-01-25 11:29:50 +01:00
Sami Mokaddem
249892c3e0
chg: [notifications] Support of modal when clicking on notification element
2022-01-25 09:32:16 +01:00
Sami Mokaddem
38caafb76e
chg: [inbox:createEntry] Checks for remote back connection is more flexible
...
Handle the case of trailing slash
2022-01-24 17:37:32 +01:00
Sami Mokaddem
670c5abaae
chg: [outboxProcessors:brood] Gracefully catch server errors on remote broods
2022-01-24 17:36:12 +01:00
Sami Mokaddem
244db2112c
chg: [outboxProcessors:broods] Provide errors while trying to re-send a message
2022-01-24 16:48:58 +01:00
Sami Mokaddem
b343c22f23
chg: [brood:connectionTest] Correctly handles network exceptions
2022-01-24 16:35:42 +01:00
Sami Mokaddem
7535cd2bdf
chg: [localtTools:connectionRequest] Provide more info on exception
2022-01-24 16:12:46 +01:00
Sami Mokaddem
5cac62a9b8
fix: [localToolConnectors:MISP] Fixed typo
2022-01-24 15:16:18 +01:00
Sami Mokaddem
6321725fa9
new: [notification] Added initial version of the notification system
2022-01-24 15:13:28 +01:00