Sami Mokaddem
c13fb53ae0
chg: [organisations] Added meta-field global filtering
2022-02-28 10:50:04 +01:00
Sami Mokaddem
4b95b49854
fix: [behavior:metafields] Switch to text filtering if meta-template-field is not provided
2022-02-28 10:49:34 +01:00
Sami Mokaddem
7d345f98f2
chg: [index_table:group_search] Changed name for better visibility
2022-02-28 10:46:38 +01:00
iglocska
fe8401313d
Merge branch 'main' into develop
2022-02-28 10:27:40 +01:00
iglocska
61cda0af33
fix: [minor fixes] with the keycloak integration
2022-02-28 10:27:17 +01:00
iglocska
a99a06b1c3
Merge branch 'main' into develop
2022-02-28 10:24:30 +01:00
iglocska
8a6f0ed751
fix: [settings] invalid setting name fixed
2022-02-28 10:23:23 +01:00
Sami Mokaddem
3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-28 09:51:51 +01:00
Sami Mokaddem
9fe7f06265
new: [metafields-types:ipv6] Support of ipv6
2022-02-28 09:45:43 +01:00
Sami Mokaddem
0363a91310
chg: [metafield-type:ipv4] Usage of Cdir tool
2022-02-28 09:42:49 +01:00
Sami Mokaddem
97501642b8
new: [tools:CidrTool] Ported CidrTool from MISP
2022-02-28 09:42:09 +01:00
Sami Mokaddem
7c153e6164
chg: [metafield-types:ipv4] Improved logics
2022-02-28 09:40:19 +01:00
Sami Mokaddem
4089623eaa
chg: [users] Removed useless imports
2022-02-28 09:37:29 +01:00
iglocska
5734d74a17
Merge branch 'develop' into main
2022-02-28 08:27:54 +01:00
iglocska
1e6b6a5abc
fix: [settings] added test for keycloak enabled
...
- always require one auth method to be enabled
2022-02-28 08:27:22 +01:00
iglocska
498efcf671
Merge branch 'develop' into main
2022-02-28 08:21:11 +01:00
Sami Mokaddem
6e497d1a23
new: [lib:metafields] New template `CSIRT Constituency`
2022-02-25 15:44:49 +01:00
Sami Mokaddem
04b82d356e
chg: [indexTable:filtering] Initial work on supporting custom operators
2022-02-25 15:36:55 +01:00
Sami Mokaddem
6cb9887f03
new: [metaFields] Support of meta-fields types
2022-02-25 15:22:57 +01:00
iglocska
9d04533e14
chg: [users] restrict org admins from creating other org admins
...
- temporary solution for a single community, make this optional in the future
2022-02-25 10:20:25 +01:00
Sami Mokaddem
a9570426db
fix: [component:CRUD] Fix edit where query parameters where not passed correctly
...
It fixes meta-fields duplication while saving
2022-02-25 08:19:01 +01:00
iglocska
4902a3f8a6
new: [password auth] added setting to disable password auth
...
- not needed in some cases for keycloak enabled instances
2022-02-25 00:33:00 +01:00
iglocska
79459838eb
chg: [user add] if no password was set, set a random one
...
- can't be used so far as we have no emailing in place
- it allows user creation when username/password mode is disabled
2022-02-25 00:31:19 +01:00
iglocska
6f6c10670e
new: [CRUD] added beforeMarshal hook
2022-02-25 00:30:50 +01:00
Sami Mokaddem
b30dff219b
fix: [indexTable] Missing argument to display the reload popup
2022-02-24 14:50:57 +01:00
iglocska
678ad0fe8e
chg: [templates] for user creation now have a minimalist individiual creation included
2022-02-24 13:48:10 +01:00
iglocska
304586ff19
chg: [user] view add link to user's individual
2022-02-24 13:47:49 +01:00
iglocska
3790244ce4
new: [individuals] new finder method to find by alignment
2022-02-24 13:47:08 +01:00
iglocska
8fdb8668c8
fix: [alignments] saving of the alignment was omitted before
2022-02-24 13:46:35 +01:00
iglocska
828946a97f
new: [users] several changes
...
- make usernames immutable
- restrict user creation to aligned individuals (org admin only)
- optionally create individual while creating a user
2022-02-24 13:45:10 +01:00
Sami Mokaddem
f044bd8957
chg: [layout:sidebar] Only show collapsible parents if they have children
2022-02-23 10:19:16 +01:00
Sami Mokaddem
64cb0f920a
chg: [mailinglist] Added ACL conditions on mailing list operations
...
- Site admins have all authorizations
- Org admins can manipulate the list their user own (can be later replaced by organisation_id instead of user_id)
- Other users can see the all lists they are included in
2022-02-23 10:03:12 +01:00
Sami Mokaddem
d2c98fc3c5
chg: [Component:ACL] Added entries for mailing list
2022-02-23 10:01:18 +01:00
Sami Mokaddem
ba047885c9
chg: [Component:ACL] Added entry for audit log filtering
2022-02-23 10:00:42 +01:00
Sami Mokaddem
20d896ad47
chg: [Component:CRUD] Allow to filter out rows from the index with afterFind
...
Filtering can be achieved by returning `false` instead of the row in the `afterFind` function
2022-02-23 09:58:55 +01:00
Sami Mokaddem
bf3e31c59a
fix: [Component:CRUD] Typo in merge conflict
2022-02-23 08:18:08 +01:00
Sami Mokaddem
bd14d52571
chg: Removed useless comments
2022-02-23 08:11:24 +01:00
Sami Mokaddem
c0b6925aa5
chg: Removed unused commented code
2022-02-22 14:07:01 +01:00
Sami Mokaddem
4e4cb34b22
chg: [metaTemplates] Removed comment
2022-02-21 15:42:23 +01:00
Sami Mokaddem
bce4c5fde9
chg: [Component:CRUD] Removed comment and init correct variable type
2022-02-21 11:51:05 +01:00
Sami Mokaddem
aeac86cb52
chg: [Component:CRUD] Typo
2022-02-21 11:48:41 +01:00
Sami Mokaddem
3c177254d0
chg: [migration] Finalized more-metafields-column script
2022-02-21 11:32:17 +01:00
Sami Mokaddem
7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-21 11:17:05 +01:00
iglocska
b67c221476
fix: [copy pasta fail] left previous assignment in that is now superseeded by the if branch above
2022-02-20 15:07:58 +01:00
iglocska
9245b2d720
fix: [genericTemplates] delete template can be invoked without an ID
2022-02-20 15:05:03 +01:00
iglocska
3af0b0afc5
fix: [misp connector] validations with notEmpty() deprecated, replaced with notEmptyString()
2022-02-20 15:02:07 +01:00
iglocska
e2bb58d3c7
fix: [flood protection] default to 127.0.0.1 if no remote_addr is set as we're dealing with a local CLI script
2022-02-20 15:00:15 +01:00
iglocska
c005cb7f66
fix: [error code] adding an authkey for a user you are not authorised to modify resulted in a 404 instead of a 405
2022-02-20 14:56:21 +01:00
iglocska
2ef2dbbe62
fix: [tests] changed assertion for authkey failure on insufficient privilege from 404 to 405
2022-02-20 14:48:29 +01:00
iglocska
495c4ee93c
fix: [security] XSS in the generic action template
...
- a previously assumed internal url can have user input appended via the MISP local tool connector
- requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads
- as reported by Dawid Czarcnecki of Zigrin Security
2022-02-20 12:07:06 +01:00