04b82d356e
chg: [indexTable:filtering] Initial work on supporting custom operators
2022-02-25 15:36:55 +01:00
6cb9887f03
new: [metaFields] Support of meta-fields types
2022-02-25 15:22:57 +01:00
9d04533e14
chg: [users] restrict org admins from creating other org admins
...
- temporary solution for a single community, make this optional in the future
2022-02-25 10:20:25 +01:00
a9570426db
fix: [component:CRUD] Fix edit where query parameters where not passed correctly
...
It fixes meta-fields duplication while saving
2022-02-25 08:19:01 +01:00
4902a3f8a6
new: [password auth] added setting to disable password auth
...
- not needed in some cases for keycloak enabled instances
2022-02-25 00:33:00 +01:00
79459838eb
chg: [user add] if no password was set, set a random one
...
- can't be used so far as we have no emailing in place
- it allows user creation when username/password mode is disabled
2022-02-25 00:31:19 +01:00
6f6c10670e
new: [CRUD] added beforeMarshal hook
2022-02-25 00:30:50 +01:00
3790244ce4
new: [individuals] new finder method to find by alignment
2022-02-24 13:47:08 +01:00
8fdb8668c8
fix: [alignments] saving of the alignment was omitted before
2022-02-24 13:46:35 +01:00
828946a97f
new: [users] several changes
...
- make usernames immutable
- restrict user creation to aligned individuals (org admin only)
- optionally create individual while creating a user
2022-02-24 13:45:10 +01:00
64cb0f920a
chg: [mailinglist] Added ACL conditions on mailing list operations
...
- Site admins have all authorizations
- Org admins can manipulate the list their user own (can be later replaced by organisation_id instead of user_id)
- Other users can see the all lists they are included in
2022-02-23 10:03:12 +01:00
d2c98fc3c5
chg: [Component:ACL] Added entries for mailing list
2022-02-23 10:01:18 +01:00
ba047885c9
chg: [Component:ACL] Added entry for audit log filtering
2022-02-23 10:00:42 +01:00
20d896ad47
chg: [Component:CRUD] Allow to filter out rows from the index with afterFind
...
Filtering can be achieved by returning `false` instead of the row in the `afterFind` function
2022-02-23 09:58:55 +01:00
bf3e31c59a
fix: [Component:CRUD] Typo in merge conflict
2022-02-23 08:18:08 +01:00
4e4cb34b22
chg: [metaTemplates] Removed comment
2022-02-21 15:42:23 +01:00
bce4c5fde9
chg: [Component:CRUD] Removed comment and init correct variable type
2022-02-21 11:51:05 +01:00
aeac86cb52
chg: [Component:CRUD] Typo
2022-02-21 11:48:41 +01:00
7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-21 11:17:05 +01:00
b67c221476
fix: [copy pasta fail] left previous assignment in that is now superseeded by the if branch above
2022-02-20 15:07:58 +01:00
3af0b0afc5
fix: [misp connector] validations with notEmpty() deprecated, replaced with notEmptyString()
2022-02-20 15:02:07 +01:00
e2bb58d3c7
fix: [flood protection] default to 127.0.0.1 if no remote_addr is set as we're dealing with a local CLI script
2022-02-20 15:00:15 +01:00
c005cb7f66
fix: [error code] adding an authkey for a user you are not authorised to modify resulted in a 404 instead of a 405
2022-02-20 14:56:21 +01:00
b046990153
fix: [flood protection] default to REMOTE_ADDR if the selected default logging IP source header is not populated
2022-02-20 11:49:57 +01:00
3745739158
chg: [flood protection] Changed the description of the setting based on the used IP source
...
- added a warning about the IP source setting affecting the efficacy of the flood protection in regards to an attacker being potentially able to spoof their IP
- Warn the admin to make sure that the reverse proxy used (the main reason to use the alternate headers in the first place) needs to be configured to correctly overwrite the header
- as reported by Dawid Czarnecki of Zigrin Security
2022-02-19 01:42:24 +01:00
283299bf36
fix: [security] flood protection control enabled by default
...
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-19 01:34:07 +01:00
6e67a5b239
fix: [security] Sharing group creation on behalf of other organisation fixed
...
- org admin could create sharing groups on behalf of other organisations
- can lead to misleading sharing groups being created
- as reported by Dawid Czarnecki of Zigrin Security
2022-02-19 01:21:29 +01:00
b41b0dd712
fix: [security] privilege escalation via user edit fixed
...
- org admins could circumvent the role restrictions and elevate themselves to a site admin
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-19 01:02:49 +01:00
2da9d8f7d2
new: [keycloak] log enrollment outcome in the audit log
2022-02-18 11:47:33 +01:00
20907a45da
chg: [organisation] Removed useless class variable
2022-02-09 15:41:58 +01:00
d8807cce92
chg: [behavior:meta-fields] Renamed finder function
2022-02-09 15:18:24 +01:00
a77e29fa38
new: [layout:sidebar] Notifications in the sidebar
2022-02-08 17:58:30 +01:00
d1cf408163
new: [helpers:bootstrap] Added notification bubble
2022-02-08 17:57:20 +01:00
62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-08 08:42:25 +01:00
b01d75aaa6
fix: [helpers:bootstrap] Support of cell variant in table
2022-02-07 13:25:33 +01:00
ad3e89199b
chg: [settingTable] Added value validation before saving the setting
2022-02-07 12:01:07 +01:00
336dfb091c
chg: [settingTable] Gracefully handle if file not writeable
2022-02-07 11:11:25 +01:00
14ec995c2b
fix: [userSettings] Perform URI validation for bookmarks
...
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 10:48:55 +01:00
c7b226f844
chg: [flood protection] added cleanup
2022-02-07 02:14:53 +01:00
d45a4dc499
new: [registration] added optional registration flood protection
...
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 02:03:41 +01:00
e6643365d2
new: [flood protection] behaviour added
...
simple expiration system to allow flood protections to be added to any functionality
2022-02-07 02:01:59 +01:00
a9c1619bda
new: [Exception] 429 added
2022-02-07 01:59:33 +01:00
88f3cc7944
fix: [security] user settings allow enumeration of usernames
...
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-04 00:45:42 +01:00
a263234917
fix: [security] open endpoints should only be open when enabled
...
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-04 00:36:31 +01:00
15190b930e
fix: [security] Sharing group ACL fixes
...
- added indirect object reference protection
- added correct ACL functionalities to delete, addOrg, removeOrg
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-04 00:16:24 +01:00
5fbd53883f
fix: [sync] created field rules added
...
- should stop issues of SG/Individual downloads from remote brood
2022-01-31 09:35:33 +01:00
788feab011
chg: [Version] bump
2022-01-27 22:12:35 +01:00
cf67c3d1f0
fix: [roles] setting default should be exclusive
...
- added aftersave action to remove default from other roles
2022-01-27 22:06:26 +01:00
1ca0f21b86
chg: [user add] form defaults
...
- org will default to own org for site admins
- role will default to the default role (if set)
2022-01-27 21:54:59 +01:00
93d4917953
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-27 21:00:32 +01:00
c983c6f130
fix: [Keycloak baseurl] remove trailing slashes
2022-01-27 20:59:58 +01:00
eb5f7aa675
chg: [base settings provider] pass settings by reference for evaluation
...
- opens it up for modifications by the hooking functions
2022-01-27 20:59:20 +01:00
7834ab3d62
chg: [settingsTable] Use settings array for the actual saving in saveSetting
...
- allows us to modify a value in the processing steps before the value is committed to disk
2022-01-27 20:57:35 +01:00
6443f36650
Merge pull request #86 from righel/add-inter-connection-tests
...
Add inter-connection test
2022-01-27 16:13:35 +01:00
7de1c14407
chg: [userSettings:add] Adhere to the passed user context
2022-01-27 10:44:47 +01:00
789bd9926f
chg: [navigation:users] Restored breadcrumb navigation to access user profile settings
2022-01-27 08:41:31 +01:00
2e7aabf704
fix: [users:toggle] Prevent users to disable admins
2022-01-26 16:10:33 +01:00
fcffad6777
fix: [users:delete] Typo copy paste error
2022-01-26 15:45:57 +01:00
d91a362e99
Merge branch 'develop' into add-inter-connection-tests
2022-01-26 15:31:49 +01:00
665999b8f4
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 15:29:53 +01:00
95ecc2bc80
fix: [security] fields not adhered to in CRUD components edit
...
- users can circumvent restrictions on editable fields
- can lead to privilege escalation when users edit themselves
2022-01-26 15:28:10 +01:00
2602b60eb0
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 15:12:46 +01:00
006b0aab99
chg: [MISP connector] user edit/delete temporarily commented out as they're not implemented yet
2022-01-26 15:05:38 +01:00
d05868106d
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 14:59:57 +01:00
519fcd2b1a
fix: [lax URL validation] added for Broodstable
...
- can be reused elsewhere too
- allows for http://hostname style urls
2022-01-26 14:57:43 +01:00
f695744bd7
fix: [user view] ACL fixed
2022-01-26 14:57:01 +01:00
b7facf226d
chg: [Navigationcomponent] added missing changes from previous commit
2022-01-26 14:55:47 +01:00
74e95855bd
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 14:54:03 +01:00
4b5bccae28
chg: [Organisation] Entity accessibility rules
...
- make created only accessible when creating new objects
2022-01-26 14:24:53 +01:00
c186c88d5c
chg: [navigation] Breadcrumb generation is user aware
...
- moved the initialisation of the generation to be invoked from the appcontroller's beforefilter, after the user is loaded into the ACL component
- Only show user setting edits when the user is editing themselves
2022-01-26 14:21:27 +01:00
9a0ddef2af
new: [ACL] added canEditUser() function
...
- simple comparison between two users
- checks role + org based permission
2022-01-26 14:16:28 +01:00
54ee91ba1a
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 12:11:53 +01:00
f53b458103
fix: [userSettings] Allow admin to edit other user's settings
2022-01-26 12:11:44 +01:00
d18471ba95
fix: failing when request is empty json object
2022-01-25 18:02:41 +01:00
19c81b7c11
fix: [Sharing groups] UUID and owner org shouldn't be editable
2022-01-25 17:09:29 +01:00
1086e41086
fix: [modified] saving fixed for sync captures
...
- set the field as not dirty to force an update
- stops the exceptions thrown on pulling these objects in
2022-01-25 17:01:27 +01:00
acc9c94baa
Merge branch 'main' into develop
2022-01-25 15:59:31 +01:00
55782af52b
fix: [users] add
...
- fixed role selection
2022-01-25 15:58:31 +01:00
44913c5ed7
fix: [users:settings] Allow admin to see account settings of other users
2022-01-25 15:27:34 +01:00
e05bf61251
chg: [inbox:createEntry] Checks for remote back connection is more flexible
...
Handle the case of trailing slash
2022-01-25 15:02:52 +01:00
eef09f44c4
chg: [brood:connectionTest] Correctly handles network exceptions
2022-01-25 15:02:35 +01:00
4f8b663b87
chg: [localtTools:connectionRequest] Provide more info on exception
2022-01-25 15:02:30 +01:00
7d227a4387
chg: [inbox:index] Sort messages by created datetime
2022-01-25 15:02:25 +01:00
dc2bfcb6b2
fix: [components:CRUD] Support of controller's paginate public variable
2022-01-25 15:02:16 +01:00
5682f2a816
fix: [localToolConnectors:MISP] Fixed bad merge
2022-01-25 14:04:32 +01:00
e9f77aff51
Merge branch 'develop' into main
2022-01-25 11:36:06 +01:00
7830e24e68
Merge branch 'main' of github.com:cerebrate-project/cerebrate into main
2022-01-25 11:35:19 +01:00
57e2c75352
fix: [users] role based action filtering added
...
- to avoid annoying clickable, but blocked actions for og admins
2022-01-25 11:34:22 +01:00
74df550419
chg: [inbox:collectNotifications] Collect notifications for the logged in user
2022-01-25 11:32:09 +01:00
dd3a1b8a15
chg: [appcontroller] Breadcrumbs and notifications are fetched only if the user is logged in
2022-01-25 11:29:50 +01:00
249892c3e0
chg: [notifications] Support of modal when clicking on notification element
2022-01-25 09:32:16 +01:00
38caafb76e
chg: [inbox:createEntry] Checks for remote back connection is more flexible
...
Handle the case of trailing slash
2022-01-24 17:37:32 +01:00
b343c22f23
chg: [brood:connectionTest] Correctly handles network exceptions
2022-01-24 16:35:42 +01:00
7535cd2bdf
chg: [localtTools:connectionRequest] Provide more info on exception
2022-01-24 16:12:46 +01:00
5cac62a9b8
fix: [localToolConnectors:MISP] Fixed typo
2022-01-24 15:16:18 +01:00
6321725fa9
new: [notification] Added initial version of the notification system
2022-01-24 15:13:28 +01:00
b556f7f22a
Update VERSION.json
2022-01-21 14:39:43 +01:00
932a28288d
new: [CRUD] added some new useful features
...
- afterFind for the edit functions to make last minute decisions on the modification after already having loaded the data to be modified
- moved the field restrictions to be able to pass it to the view
- try/catch for bulk deletions. A single failure in the beforeSave call will no longer block the entire saving process
2022-01-21 13:41:29 +01:00
7c557f6d85
chg: [inbox:index] Sort messages by created datetime
2022-01-21 09:48:53 +01:00
a59f59ba0d
fix: [components:CRUD] Support of controller's paginate public variable
2022-01-21 09:35:55 +01:00
b8bc79e072
new: [helper:valueGetter] Helper to help execute closure to get a value if needed
2022-01-21 09:07:21 +01:00
38a9aa9869
chg: [auditlog] Allow filtering and searching the table
2022-01-20 13:55:27 +01:00
420bbb9207
fix: [auditlog] Typo in field name
2022-01-20 13:54:59 +01:00
ec76948ebd
fix: [component:CRUD] Filtering view variables get correctly set
2022-01-20 13:54:17 +01:00
e6ec31ff23
fix: [appTable:table_statistics] Compute timeline only if the fields exist in the DB schema
2022-01-20 13:44:19 +01:00
f3813dd5a7
fix: [auditlog] Clean up of leftover copy paste
2022-01-20 13:43:29 +01:00
a98c7f8f32
fix: [metaTemplate] Various fixed on meta-templates updates
2022-01-20 12:00:39 +01:00
86946719c7
chg: [component:CRUD] Fixed typo
2022-01-20 11:57:48 +01:00
a60ca95120
chg: [ui:api] Moved API navigation link into admin section and created breadcrumb config
2022-01-20 09:32:39 +01:00
2e0051401f
chg: [appController] Don't generate nav breadcrumbs in API context
2022-01-20 09:31:51 +01:00
6be08e3100
fix: [appTable:activityStatistics] Variation take for the activity of the last x days
2022-01-20 09:05:02 +01:00
324ac1ce40
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into refactor-metatemplates
2022-01-20 09:00:45 +01:00
80cd93da40
Merge pull request #80 from righel/add-integration-tests
...
Add integration tests
2022-01-19 16:25:19 +01:00
475a13847e
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-19 14:59:48 +01:00
d488f01051
fix: [authkey] add fixed
...
- incorrectly potentially filter out valid options when adding a key by a regular user
2022-01-19 14:39:03 +01:00
b42941dc8e
Merge remote-tracking branch 'origin/develop' into develop
2022-01-19 09:04:20 +01:00
20cc6017d0
fix: [localTool:CommonConnector] Ensure one logger per connector
2022-01-19 09:04:10 +01:00
ee5c723c71
Merge branch 'develop' into add-integration-tests
2022-01-18 18:11:53 +01:00
f75d0829d1
fix: [user edit] fixed for non admins
2022-01-18 17:52:59 +01:00
dbaa2ba7b3
fix: [encryption keys] several fixes
...
- fix the user view to correctly point to the list of related encryption keys
- fix the lookup on the index to be based on owner_model + owner_id combo
- fix the filtering of the dropdown in the encryption key add form to only valid options
2022-01-18 16:56:38 +01:00
afcfe57767
Merge branch 'develop' into add-integration-tests
2022-01-18 16:26:06 +01:00
eae8e62e5e
fix: [CRUD] delete post message fix
...
- correct order of execution for the beforesave command
2022-01-18 16:24:24 +01:00
6e31005d79
Merge branch 'develop' into add-integration-tests
2022-01-18 16:11:23 +01:00
f55365a03b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-18 15:37:20 +01:00
8cb24baf5f
fix: [ACL] tightening for delete functions
...
- implemented beforeSave() function in the CRUD::delete() functionality
- added correct handling for the organisation level encryption keys in the beforeSave constructor
2022-01-18 15:35:55 +01:00
c35d67ebca
fix: [encryption keys] functionality to filter orgs/individuals fixed
...
- actually execute the query rather than just build it
2022-01-18 14:59:41 +01:00
f48c1a5a17
Merge branch 'develop' into add-integration-tests
2022-01-18 14:29:54 +01:00
5eeda6b682
new: [localtool:commonConnectorTools] Added new logger for each local tools
2022-01-18 11:51:54 +01:00
a29a4ea024
Merge branch 'main' into develop
2022-01-18 00:23:19 +01:00
ec994b05ed
chg: [user] edit restricted to password only for self
2022-01-18 00:20:53 +01:00
b80d778e1a
fix: [encryption keys] tightened ACL across all CRUD functions
2022-01-18 00:17:47 +01:00
8c97c3b3a0
Merge branch 'main' into develop
2022-01-17 17:17:31 +01:00
6d13d4aba0
fix: [authkeys] tighten requirements to add authkeys for other org admins
...
- site admin: can add to all
- org admin: can add to all in org, except site admin
- everyone else: can add to self only
2022-01-17 17:16:03 +01:00
49a3dd1623
chg: [instance] Added support of API response for 2 endpoints
2022-01-17 15:55:55 +01:00
0c9b032536
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-17 15:30:07 +01:00
98e8272810
fix: [ACL] Allow anyone to view encryption keys
2022-01-17 15:29:58 +01:00
ef2827e87a
fix: [userSettings] Various permissions issues
2022-01-17 15:24:30 +01:00
1c81257b75
fix: [helpers:bootstrap] Table's cell generator gets the correct row index
2022-01-17 15:22:52 +01:00
244020802c
Merge branch 'main' into develop
2022-01-17 13:17:51 +01:00
453c838dfe
fix: [placeholder removed] WiP functionality for local_tool->local_tool connections within the same brood temporarily removed
...
- was never fully implemented
2022-01-17 13:15:26 +01:00
acf85e6d10
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-17 12:49:27 +01:00
1b4c681a88
new: [Outbox] entity added
...
- to inherit the appModel functions
2022-01-17 12:47:48 +01:00
f18307b3cb
chg: [localTools:local_tool_connectors] Added support of CodeMirror placeholder
2022-01-17 11:30:26 +01:00
12d7607aae
new: [encryption key] view added
...
- was missing, despite links to it
2022-01-17 09:45:45 +01:00
caf48c9060
fix: [ACL] proper error messages on user edit
...
- don't just silently redirect to the own user editing if the user isn't authorised to modify another user
2022-01-17 09:19:53 +01:00
87723c2100
fix: [ACL] added correct file for previous fix (user edit admin permission check)
2022-01-12 10:32:47 +01:00
204c60f739
fix: [ACL] fixed ACL check on user edit for the admin permission
...
- invalid name used for the lookup (perm_side_admin instead of perm_admin) leading to incorrect downgrading of the permissions
2022-01-12 10:31:06 +01:00
241e760ad2
add: add API menu option
2022-01-10 16:20:22 +01:00
ce1a51cc39
fix: incorrect check
2022-01-10 11:59:23 +01:00
a69608530c
new: add /api openapi spec view with redoc, add faker to fixtures, validate api responses with openapi spec, add /api/v1/ prefix to api routes
2022-01-07 13:45:52 +01:00
f45727704f
fix: deprecation warning
2022-01-05 17:44:24 +01:00
a473a9d3fb
new: initial api and integration tests.
2022-01-05 17:44:02 +01:00
aa23b3e293
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2021-12-22 12:27:04 +01:00
136148705a
chg: [keycloak] added screw to loosen timing issues
2021-12-22 12:26:37 +01:00
58e32782ca
chg: misp connector index changes
2021-12-22 12:13:27 +01:00
30ec856dc3
fix: [local_tool:batchApiAction] Various UI and backend fixes
2021-12-21 12:36:36 +01:00
3ed5af776a
fix: [local_tool:batchApiAction] Various UI and backend fixes
2021-12-21 12:34:37 +01:00
e346a8cb05
fix: [instance:searchAll] Correct usage of parameters
2021-12-21 08:30:37 +01:00
0dea5ab486
chg: [metaTemplate] Added endpoint to load template from disk by uuid
2021-12-20 14:24:20 +01:00
fa364c2b2f
fix: [metaTemplate] Repaired update_all
2021-12-15 15:33:58 +01:00
02cc0c30a3
chg: [metaTemplate] Major refactoring and documentation - WiP
2021-12-14 15:09:40 +01:00
f7ae58a22d
chg: [component:crud] Renaming the default `all` contextual filter
2021-12-14 15:08:28 +01:00
a5a959df2d
fix: [metatemplate] Removed unused code
2021-12-13 09:37:49 +01:00
aa83b1aa37
chg: [metaTemplate] Update system and conflict resolution interfaces - WiP
2021-12-08 11:11:46 +01:00
8b5bb087e4
fix: [helper:bootstrap] Support of string and array for badge's class parameter
2021-12-08 11:05:52 +01:00
4c7dc85d0e
fix: [encryptions] fixed adding encryption keys
2021-12-01 15:24:08 +01:00
1e31f4d1dd
new: [ACL Helper] check access for controller / action pair for given user
...
- accesible everywhere in the UI
2021-12-01 14:25:34 +01:00
e408f29a05
chg: [appcontroller] minor changes
...
- getRoleAccess now returns array format
- moved setting of view variables behind a rest check, to avoid additional unused actions for API queries
- current user's role access matrix passed to view via "roleAccess"
2021-12-01 14:24:32 +01:00
fbb1a52724
new: [ACL component] new functionalities
...
- getRoleAccess now returns either URLs or arrays
- array format allows for easy checking of controller + action pairs
2021-12-01 14:22:02 +01:00
819d96e805
new: [metaTemplate] Interface and functions to update meta-templates - WiP
...
Actual update not implemented yet.
2021-12-01 11:01:31 +01:00
da889c4ca2
fix: [helpers:bootstrap] Make sure to sanitize passed text
2021-12-01 08:26:17 +01:00
d2a88b3a18
chg: [Component:Navigation] Breadcrumbs get loaded before rendering to have access to view var
...
So that it can have access to view variables
2021-12-01 08:25:20 +01:00
392faa60e4
new: [ACL] getRoleAccess endpoint added
...
- prints all valid URLs for the current user's role
2021-11-30 00:00:05 +01:00
c7d40d42c7
fix: [ACL] added missing entries
2021-11-29 23:37:41 +01:00
22be309dc2
fix: [ACL] fix wildcard controller checks failing
2021-11-28 23:42:22 +01:00
7fa0537cfd
fix: [encryption keys] only show valid options when creating keys as a user
2021-11-27 23:51:32 +01:00
312229751b
fix: [keycloak] enrollment org_id issues fixed
2021-11-25 11:55:51 +01:00
cc5c750de8
chg: [audit log] change field renamed to changed
...
- change is a reserved keyword
- this way quoting of field names is no longer needed in the cakePHP settings
2021-11-25 00:57:31 +01:00
1ee895cedf
Merge branch 'main' into develop
2021-11-25 00:36:25 +01:00
033f6d7f97
fix: [typo] organisations != oganisations
2021-11-25 00:02:16 +01:00
c2cefb4311
fix: [user init] generation fixed
2021-11-24 23:59:34 +01:00
c7768921fb
fix: [user init] explicit uuid creation removed
...
- added behavior wherever it was missing
2021-11-24 23:32:17 +01:00
716f6b1147
fix: [default user creation] explicitly create UUIDs
2021-11-24 23:24:04 +01:00
e8e1a16673
chg: [search_all] Added drafty support of meta-fields
2021-11-24 22:39:22 +01:00
eb0a67327a
fix: [initial user] generation fixed
...
- requires a default organisation + org link now
2021-11-24 14:46:34 +01:00
aa42e6763a
chg: [metaTemplate] Started implementing new update system - WiP
2021-11-24 09:14:09 +01:00
94c0b171a1
chg: [component:CRUD] Added comment to be fixed later on - WiP
2021-11-24 09:12:39 +01:00
bacb3dc85e
fix: [API] fixed broken API
...
- don't call functions specifically meant for the UI when in an ACL context
- also fixed breaking issues with the logging
2021-11-24 01:50:55 +01:00
92fee87a7f
fix: [keycloak] when enrolling users in keycloak, use the user organisation_id instead of the individual's first alias
2021-11-24 01:34:15 +01:00
3cc857c42f
fix: [auditlog] use insert() rather than save() as that is not available in the behavior
...
- fixes exception on logging deletes, blocking any actual deletions
2021-11-24 01:33:26 +01:00
22e4a90af0
chg: [ACL] tightened ACL for several controllers
...
- org admins now have access to new functionalities, added ACL for them
- Affected controllers:
- Authkeys, encryptionkeys, users, sharinggroups
- sets defaults/restricts access accordingly
2021-11-24 01:32:05 +01:00
0fe7f4f931
new: [CRUD] added additional features to the CRUD component
...
- conditions passable to add/edit/index/delete
- refactored get() requests internally to finds to accomodate for additional parameters
- delete() now takes a params[] array as a second argument
2021-11-24 01:30:28 +01:00
5483357e1c
chg: [ACL] fix permissions for org admins
...
- also, fix a bug with the simple permissions being ignored
2021-11-24 01:29:39 +01:00
dad310f434
chg: [appcontroller] include user org in loaded user object during authentication
...
- also log username as username rather than name
2021-11-24 01:28:52 +01:00
e5e4e74cae
chg: [users] associated with orgs
2021-11-24 01:25:32 +01:00
ef41d71c8b
chg: [helper:bootstrap] Improved dropdown menu badge UI
2021-11-23 16:27:01 +01:00
4acf5209c8
chg: [metaFields] Clean-up and improved regex matching
2021-11-23 15:30:37 +01:00
87ac0f7569
chg: [helpers:bootstrap] Formatted file
2021-11-23 15:29:55 +01:00
3c0237f387
fix: [component:CRUD] Regression where entities not supporting metafields couldn't be saved
2021-11-23 14:56:25 +01:00
fd21934641
chg: [sharingGroups] Cleaned useless view variables
2021-11-23 14:55:21 +01:00
ef91cfcee3
chg: [genericElements:index_table] Continuation of stats for current view - WiP
2021-11-17 17:04:39 +01:00
18b78e8eec
fix: [audit log] filtering now uses request_action rather than the renamed action field
2021-11-17 16:04:57 +01:00
ff77af0a8e
new: [appmodel] moved constants related to the logging along with a getter to app model
2021-11-17 15:58:06 +01:00
fe8e217d61
chg: [audit log naming] renamed action to request_action to avoid reserved keyword usage
2021-11-17 15:57:34 +01:00
7b52d29320
new: [login] log success/failure
2021-11-17 15:49:28 +01:00
bc2e2fa488
new: [open] individualscontroller fix
...
- import badrequest exception
2021-11-17 15:48:49 +01:00
cc04373375
new: [crud component] fixes
...
- add hidden option
- fix afterfind
2021-11-17 15:47:32 +01:00
1f77569344
chg: [auditlog] log api authentication failures / successes
2021-11-17 15:46:32 +01:00
2e1ee2d064
new: [audit log] behaviour tied into the appropriate models
2021-11-17 15:43:52 +01:00
af4f114f2f
chg: [audit logs] tied into side menu
2021-11-17 14:45:20 +01:00
23dc460359
new: [auditlog system] added
...
- port of Jakub Onderka's implementation from MISP
- Still not fully realised, lacking search functionalities
2021-11-17 14:44:07 +01:00
25f0f07251
chg: [genericElements:index_table] Added support of statistic for current view - WiP
2021-11-15 11:51:47 +01:00
9fd7f1fe61
chg: [appTable] Moved statistics functions out of instanceTable
...
FIXME: This should be later on converted into a standalone tool
2021-11-15 11:48:23 +01:00
560832654e
chg: [helper:boostrap] Support of list of string for class in card
2021-11-15 11:47:17 +01:00
7cf7363009
chg: [genericElements:index_table] Moved description to a tooltip
...
Description describing indexes are great when discovering an app for the first time but start taking important place and become useless when users gets to know the app better. Moving it to a tooltip makes sense in that regard.
2021-11-15 08:29:16 +01:00
509b203591
chg: [instance:home] Added support of both `modified` and `created` in stat panels
2021-11-12 15:40:03 +01:00
24e5a94662
chg: [mailinglist:addIndividual] Removed possiblity to edit individual already in the list
...
This can be confusing and require special handling when saving joinData
2021-11-12 13:49:54 +01:00
2ba3e3ce00
fix: [mailinglist] Edition was not possible in some cases
2021-11-11 15:22:35 +01:00
b51cf2ed59
fix: [Component:CRUD] Pass expected argument
2021-11-11 14:51:51 +01:00
6579482526
chg: [Organisation] Moved model to use meta-field behavior instead of association
2021-11-11 14:50:25 +01:00
33c83f4020
chg: [ui] Renamed search button in index_table
...
Search seems more appropriate than filter
2021-11-10 15:31:09 +01:00
cc0b1ad3b4
chg: [component:CRUD] Added support of metafield in quickfilter feature
2021-11-10 15:28:09 +01:00
d6d592ff8c
new: [genericElement:index_table] Added support of meta_fields searches
2021-11-10 12:07:27 +01:00
549d9f3e1b
fix: [behavior:metaField] Wildcard searches now work if the wildcare is placed in front
2021-11-10 12:06:04 +01:00
a376055095
chg: [helper:bootstrap] Support of header in dropdown menu
2021-11-10 09:29:27 +01:00
a005d0491f
new: [genericElements:index_table] Support of meta_fields in table column
2021-11-10 09:06:39 +01:00
d71f48fc9f
chg: [component:CRUD] Small refactoring to improve re-usability
2021-11-10 09:02:51 +01:00
69f8375422
chg: [helper:bootstrap] Added support of badge in dropdown menu entries
2021-11-10 08:54:43 +01:00
04ad3be4a6
fix: [component:CRUD] Correctly inspect the redirect key
2021-11-09 09:15:19 +01:00
1feed8ecaf
fix: [component:paramHandler] Correctly handle arrays
...
Also removed duplicated function
2021-11-09 09:12:41 +01:00
452873e3ba
chg: [ui:meta_templates] Slightly improved UI
2021-11-09 09:11:35 +01:00
a0f6c6a7e0
chg: [behavior:meta_field] Better integration in CRUD and tables
2021-11-09 08:59:17 +01:00
f62caa919b
chg: [navigation] Navigation's actions now relies on modal instead of redirecting to the page
2021-11-08 15:56:39 +01:00
d045f1f4d5
chg: [ui] Added support of redirections via Ajax responses
2021-11-08 15:54:37 +01:00
50737543a9
chg: [component:CRUD] Cleanup leftovers comments
2021-11-08 15:03:05 +01:00
94fbd74918
chg: [component:CRUD] Support of validation and re-edition (WiP)
2021-11-08 14:08:47 +01:00
b1f08f3b2d
chg: [component:CRUD] Actually delete empty metafields on edit
2021-11-05 17:44:37 +01:00
fc436e89e2
chg: [element:genericForm] Usage of bootstrap component to generate ajax modal
2021-11-05 17:44:05 +01:00
26859d045e
fix: [element] Made single views aware of multiple meta-fields
2021-11-05 17:03:11 +01:00
bb9ca6e69d
fix: [Component:CRUD] Make set quickfilter works again
...
Call the function with correct number of argument
2021-11-04 15:21:03 +01:00
4f084e6beb
chg: [app] Various layout improvements for responsiveness
2021-11-04 10:47:03 +01:00
c55088aa85
chg: [metaTemplate] Continuation of refactoring - WiP
...
Editing meta field from entities working
2021-11-04 08:10:32 +01:00
16581a13fb
chg: [individual] MailingLists association improved
2021-11-04 08:09:01 +01:00
9373c35bc6
chg: [metaTemplate] Started refactoring the whole feature
...
Objective of the refactoring is to:
Simplified metafields searches and started to add support of multi-field and edition
2021-11-03 11:47:10 +01:00
51d93d40af
chg: [ui] Various UI improvement and cleanup
...
New according bootstrap component and small UI enhancements
2021-10-28 09:27:30 +02:00
4ef6738053
chg: [mailinglist] Improved feature
...
Previously, emails were stored as json encoded string. To add more flexibility and prevent inconsistencies (such as propagating email changes to the mailing list), it has been moved to a table.
2021-10-28 09:00:20 +02:00
fe9fbe2e99
new: [mailing-list] Added mailing list feature - WiP
2021-10-25 16:20:36 +02:00
e2d6022726
Merge branch 'main' of github.com:cerebrate-project/cerebrate into main
2021-10-21 13:47:17 +02:00
b6c3aee91f
fix: [settings] invalid path to setting fixed
2021-10-21 13:44:49 +02:00
39f7a3f9e1
fix: [user] Added support of timestamp behavior
2021-10-21 11:33:41 +02:00
Sami Mokaddem