Commit Graph

1547 Commits (acb66ac4a03ef81b4618d27c8d1f3a227d3ff95b)

Author SHA1 Message Date
Sami Mokaddem c13fb53ae0
chg: [organisations] Added meta-field global filtering 2022-02-28 10:50:04 +01:00
Sami Mokaddem 4b95b49854
fix: [behavior:metafields] Switch to text filtering if meta-template-field is not provided 2022-02-28 10:49:34 +01:00
Sami Mokaddem 7d345f98f2
chg: [index_table:group_search] Changed name for better visibility 2022-02-28 10:46:38 +01:00
iglocska fe8401313d
Merge branch 'main' into develop 2022-02-28 10:27:40 +01:00
iglocska 61cda0af33
fix: [minor fixes] with the keycloak integration 2022-02-28 10:27:17 +01:00
iglocska a99a06b1c3
Merge branch 'main' into develop 2022-02-28 10:24:30 +01:00
iglocska 8a6f0ed751
fix: [settings] invalid setting name fixed 2022-02-28 10:23:23 +01:00
Sami Mokaddem 3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-28 09:51:51 +01:00
Sami Mokaddem 9fe7f06265
new: [metafields-types:ipv6] Support of ipv6 2022-02-28 09:45:43 +01:00
Sami Mokaddem 0363a91310
chg: [metafield-type:ipv4] Usage of Cdir tool 2022-02-28 09:42:49 +01:00
Sami Mokaddem 97501642b8
new: [tools:CidrTool] Ported CidrTool from MISP 2022-02-28 09:42:09 +01:00
Sami Mokaddem 7c153e6164
chg: [metafield-types:ipv4] Improved logics 2022-02-28 09:40:19 +01:00
Sami Mokaddem 4089623eaa
chg: [users] Removed useless imports 2022-02-28 09:37:29 +01:00
iglocska 5734d74a17
Merge branch 'develop' into main 2022-02-28 08:27:54 +01:00
iglocska 1e6b6a5abc
fix: [settings] added test for keycloak enabled
- always require one auth method to be enabled
2022-02-28 08:27:22 +01:00
iglocska 498efcf671
Merge branch 'develop' into main 2022-02-28 08:21:11 +01:00
Sami Mokaddem 6e497d1a23
new: [lib:metafields] New template `CSIRT Constituency` 2022-02-25 15:44:49 +01:00
Sami Mokaddem 04b82d356e
chg: [indexTable:filtering] Initial work on supporting custom operators 2022-02-25 15:36:55 +01:00
Sami Mokaddem 6cb9887f03
new: [metaFields] Support of meta-fields types 2022-02-25 15:22:57 +01:00
iglocska 9d04533e14
chg: [users] restrict org admins from creating other org admins
- temporary solution for a single community, make this optional in the future
2022-02-25 10:20:25 +01:00
Sami Mokaddem a9570426db
fix: [component:CRUD] Fix edit where query parameters where not passed correctly
It fixes meta-fields duplication while saving
2022-02-25 08:19:01 +01:00
iglocska 4902a3f8a6
new: [password auth] added setting to disable password auth
- not needed in some cases for keycloak enabled instances
2022-02-25 00:33:00 +01:00
iglocska 79459838eb
chg: [user add] if no password was set, set a random one
- can't be used so far as we have no emailing in place
- it allows user creation when username/password mode is disabled
2022-02-25 00:31:19 +01:00
iglocska 6f6c10670e
new: [CRUD] added beforeMarshal hook 2022-02-25 00:30:50 +01:00
Sami Mokaddem b30dff219b
fix: [indexTable] Missing argument to display the reload popup 2022-02-24 14:50:57 +01:00
iglocska 678ad0fe8e
chg: [templates] for user creation now have a minimalist individiual creation included 2022-02-24 13:48:10 +01:00
iglocska 304586ff19
chg: [user] view add link to user's individual 2022-02-24 13:47:49 +01:00
iglocska 3790244ce4
new: [individuals] new finder method to find by alignment 2022-02-24 13:47:08 +01:00
iglocska 8fdb8668c8
fix: [alignments] saving of the alignment was omitted before 2022-02-24 13:46:35 +01:00
iglocska 828946a97f
new: [users] several changes
- make usernames immutable
- restrict user creation to aligned individuals (org admin only)
- optionally create individual while creating a user
2022-02-24 13:45:10 +01:00
Sami Mokaddem f044bd8957
chg: [layout:sidebar] Only show collapsible parents if they have children 2022-02-23 10:19:16 +01:00
Sami Mokaddem 64cb0f920a
chg: [mailinglist] Added ACL conditions on mailing list operations
- Site admins have all authorizations
- Org admins can manipulate the list their user own (can be later replaced by organisation_id instead of user_id)
- Other users can see the all lists they are included in
2022-02-23 10:03:12 +01:00
Sami Mokaddem d2c98fc3c5
chg: [Component:ACL] Added entries for mailing list 2022-02-23 10:01:18 +01:00
Sami Mokaddem ba047885c9
chg: [Component:ACL] Added entry for audit log filtering 2022-02-23 10:00:42 +01:00
Sami Mokaddem 20d896ad47
chg: [Component:CRUD] Allow to filter out rows from the index with afterFind
Filtering can be achieved by returning `false` instead of the row in the `afterFind` function
2022-02-23 09:58:55 +01:00
Sami Mokaddem bf3e31c59a
fix: [Component:CRUD] Typo in merge conflict 2022-02-23 08:18:08 +01:00
Sami Mokaddem bd14d52571
chg: Removed useless comments 2022-02-23 08:11:24 +01:00
Sami Mokaddem c0b6925aa5
chg: Removed unused commented code 2022-02-22 14:07:01 +01:00
Sami Mokaddem 4e4cb34b22
chg: [metaTemplates] Removed comment 2022-02-21 15:42:23 +01:00
Sami Mokaddem bce4c5fde9
chg: [Component:CRUD] Removed comment and init correct variable type 2022-02-21 11:51:05 +01:00
Sami Mokaddem aeac86cb52
chg: [Component:CRUD] Typo 2022-02-21 11:48:41 +01:00
Sami Mokaddem 3c177254d0
chg: [migration] Finalized more-metafields-column script 2022-02-21 11:32:17 +01:00
Sami Mokaddem 7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-21 11:17:05 +01:00
iglocska b67c221476
fix: [copy pasta fail] left previous assignment in that is now superseeded by the if branch above 2022-02-20 15:07:58 +01:00
iglocska 9245b2d720
fix: [genericTemplates] delete template can be invoked without an ID 2022-02-20 15:05:03 +01:00
iglocska 3af0b0afc5
fix: [misp connector] validations with notEmpty() deprecated, replaced with notEmptyString() 2022-02-20 15:02:07 +01:00
iglocska e2bb58d3c7
fix: [flood protection] default to 127.0.0.1 if no remote_addr is set as we're dealing with a local CLI script 2022-02-20 15:00:15 +01:00
iglocska c005cb7f66
fix: [error code] adding an authkey for a user you are not authorised to modify resulted in a 404 instead of a 405 2022-02-20 14:56:21 +01:00
iglocska 2ef2dbbe62
fix: [tests] changed assertion for authkey failure on insufficient privilege from 404 to 405 2022-02-20 14:48:29 +01:00
iglocska 495c4ee93c
fix: [security] XSS in the generic action template
- a previously assumed internal url can have user input appended via the MISP local tool connector
- requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads

- as reported by Dawid Czarcnecki of Zigrin Security
2022-02-20 12:07:06 +01:00