Commit Graph

1412 Commits (c08b56b1fd5e9d9e75fdfbcdd765ada67ce0ea3c)

Author SHA1 Message Date
Sami Mokaddem ddfc83af6f
chg: [navigation:socialProvider] Improved UI for SSO profile management 2022-10-21 14:14:38 +02:00
Sami Mokaddem 0f27435251
fix: [metaTemplates] Correctly show update message 2022-10-21 14:07:41 +02:00
Sami Mokaddem 455daba4d4
fix: [navigation:meta-template] Correctly show badge for new templates 2022-10-21 14:06:46 +02:00
Sami Mokaddem a091edbf22
fix: [user:beforeSave] Only call the user-update callback if the user is not new 2022-10-21 09:00:49 +02:00
Sami Mokaddem c65978f8f2
fix: [behavior:authKeycloak] Correctly check if the user was saved 2022-10-21 08:59:36 +02:00
Sami Mokaddem 96041cc71a
chg: [genericIndex:select_visible_columns] Show meta-template versions 2022-09-29 17:54:58 +02:00
Sami Mokaddem 21403995e3
new: [user:edit] Added keycloak updates when a user gets modified 2022-09-21 10:11:09 +02:00
Sami Mokaddem 37094e0abb
fix: [user:validation] Allow user edition when `username` is not set 2022-09-21 10:10:02 +02:00
Sami Mokaddem 80277e4bdf
chg: [command:keycloakSync] Make sure User model is loaded 2022-09-21 10:09:12 +02:00
Sami Mokaddem f2db6b3b5e
chg: [users:add] Missing comma 2022-09-21 10:08:40 +02:00
Sami Mokaddem 2c87b1e500
fix: [authKeycloakBehavior] Added missing association preventing user to log via keycloak 2022-09-21 10:07:51 +02:00
Sami Mokaddem 69fee02498
fix: [authKeycloakBehavior] Re-indexing array preventing roles to be parsed by keycloak 2022-09-21 10:06:33 +02:00
Sami Mokaddem efe917c824
fix: [authKeycloakBehavior] Typo preventing roles to be saved 2022-09-21 10:05:55 +02:00
Sami Mokaddem 8d26be28a2
chg: [auditlogs:index] Reverse sort by ID 2022-09-20 15:31:42 +02:00
Sami Mokaddem f37cea1cad
fix: [migration:unique_usernames] Table 'users' is specified twice, both as a target and as a separate source 2022-09-20 11:13:24 +02:00
iglocska 760badd268
fix: [alignments] missing contains added 2022-09-19 02:17:36 +02:00
iglocska fd6d3466d7
fix: [authkey] should only be used in a rest context
- otherwise some weird authentication snafus can happen
- as reported by SK-CERT
2022-09-19 02:14:57 +02:00
iglocska 3b215a5ec0
fix: [alignments] fixed invalid urls in alignment fields lacking a /
- as reported by SK-CERT
2022-09-19 01:59:23 +02:00
iglocska 4c0c6ef4ac
fix: [counter graphs] fixed to disallow invalid interval entries
- as reported by SK-CERT
2022-09-19 01:46:57 +02:00
iglocska ca65c4b68e
fix: [alignments] added an index view template
- Can't see any usefulness in this, but why not

- As reported by SK-CERT
2022-09-19 01:39:38 +02:00
iglocska 5e0ab5cc38
new: [users] username validation added
- >5 && <50 in length required
- trim username to test to avoid whitespace names

- as reported by SK-CERT
2022-09-19 01:22:53 +02:00
iglocska 9a50a5693e
fix: [users] added uniqueness to usernames
- added upgrade script with removal of duplicate usernames
- added unique index to username field
- massaging the usernames before insertion (trim + lowercasing)

- As reported by SK-CERT
2022-09-19 01:12:14 +02:00
iglocska a9eccb3097
fix: [security] X-FRAME-OPTIONS: DENY added to all responses
- as reported by SK-CERT
2022-09-19 01:11:18 +02:00
iglocska af1e2fd632
new: [security] Bruteforce protection added
- logins allow for 5 attempts every 5 minutes
- Code ported and updated from MISP

- As reported by SK-CERT
2022-09-19 00:25:15 +02:00
iglocska 07a8d1dfcb
chg: [dead variable] removed 2022-09-19 00:24:29 +02:00
iglocska 254fdc3b84
chg: [security] keycloak enabled - disallow multiple users from being created for the same individual
- as reported by SK-CERT
2022-09-18 19:26:24 +02:00
iglocska 10ea126a93
fix: [security] KeyCloak login getUser fixes
- removed dead code
- tightened check on the user profile, if the KC user's email address and that of the Cerebrate user disagree, block the authentication

- as reported by SK-CERT
2022-09-18 18:51:05 +02:00
iglocska 822c96dbf0
fix: [single view generic field] allow for unsanitised raw input 2022-09-18 18:32:43 +02:00
iglocska 09ff4eba53
fix: [xss] resolved in the genericField of the single view
- as reported by SK-CERT
2022-09-18 18:27:39 +02:00
iglocska 85e8a35091
fix: [api rearrange] shouldn't trigger when dealing with arrays 2022-09-18 18:27:00 +02:00
iglocska 370995ab50
fix: [audit log] error due to compressible fields not being streams when compression not enabled 2022-09-18 18:16:34 +02:00
Andras Iklody 0537d05f53
Merge pull request #105 from DocArmoryTech/patch-2
Alignment links missing / in 'single' view
2022-08-31 07:46:26 +02:00
Andras Iklody e43f05d539
Merge pull request #104 from DocArmoryTech/patch-1
Alignment links missing / in indexes
2022-08-31 07:45:35 +02:00
DocArmoryTech 4bcccf029c
Alignment links missing /
When baseurl is configured in the UI as: `https://cerebrate.example.com/` (`App.baseurl` is `https:\/\/cerebrate.example.com\/` in config.json  

a `/` between the `$baseurl` and the url path appears to be missing: 
 - When viewing an individual and their alignments (/individuals/view/123), links to the Organisations in their Alignments are missing a `/`
 - When viewing an organisation, links to the individuals with an alignment to the organisation are missing a `/`
2022-08-30 20:27:11 +01:00
DocArmoryTech 98970dca2c
Alignment links missing /
When baseurl is configured in the UI as: `https://cerebrate.example.com/` (`App.baseurl` is `https:\/\/cerebrate.example.com\/` in config.json  

a `/` between the `$baseurl` and the url path appears to be missing: 
 - When viewing the index of all individuals (/individuals/index), links to the Organisations in their Alignments are missing a `/`
 - When viewing an organisation that includes individuals with an alignment, links to the Individuals are missing a `/`
2022-08-30 20:19:57 +01:00
iglocska 3857de8499
fix: [notice] errors when not logged in removed 2022-08-24 14:47:40 +02:00
iglocska fac19e0a3c
fix: [exception] speculative fix to a check causing a 500 2022-08-24 11:43:36 +02:00
iglocska 4c1ce31d50
fix: [unauthed] users internal error fixed 2022-08-24 11:42:38 +02:00
iglocska d35a674505
chg: [navigation] added keycloak self management
- also some changes to the navigation system
2022-08-24 11:39:56 +02:00
iglocska 94bfafb743
fix: [meta template] fixes 2022-08-23 16:02:52 +02:00
iglocska 8bc3088e12
fix: [revert] meta fields unindexing
- required for the saving of vchanges
2022-08-23 14:50:13 +02:00
iglocska 095dd4513c
chg: [rearrange] moved to Entity 2022-08-23 11:42:30 +02:00
iglocska 1077251f8b
fix: [keycloak] fixed encoding issue with urlencoded usernames created in keycloak 2022-08-23 11:05:07 +02:00
iglocska d96353ee4f
chg: [APIRearrange] component tied into rest response 2022-08-19 13:02:25 +02:00
iglocska 3e0d015f69
fix: [meta] template loading reworked
- no more crappy string numeric keys among others
2022-08-19 13:01:47 +02:00
iglocska b9e5b76766
new: [component] APIRearrange component added
- alter the data's format before passing it back via the RestResponseComponent
  - to be used to clean up UI specific artifacts / junk
  - also to maintain compability between versions/tools
2022-08-19 13:00:19 +02:00
Andras Iklody a01236c188
Merge pull request #101 from jacobkarapatakis/main
Install instructions for RHEL
2022-08-18 15:35:00 +02:00
iglocska cbb737e18e
fix: [deprecation] pagination component's use removed to comply with 4.4 requirements 2022-08-17 14:00:38 +02:00
iglocska a5c9f68316
fix: [deprecation] futher toList() call updated 2022-08-17 13:49:52 +02:00
iglocska 60d8a8f655
fix: [deprecation] toList() queries updated 2022-08-17 13:49:11 +02:00