Commit Graph

541 Commits (d12faba78f8248a3aaeeae262b78809f8ba3133b)

Author SHA1 Message Date
Sami Mokaddem f5b946d5a9
new: [element:bootstrapUI] To create HTML from BootrstrapHelper by using element 2022-11-15 11:11:06 +01:00
Sami Mokaddem 62c228c44e
chg: [auditLogs:index] Added possibility to view and filter logs base on `created` field 2022-11-14 16:11:18 +01:00
Sami Mokaddem 84069cfe40
chg: [metaTemplateField] More generic way to specify form type 2022-11-14 15:45:28 +01:00
Sami Mokaddem b6fdf37d54
fix: [metafields:dropdown] Patched saving multiple fields with custom value 2022-11-14 15:38:50 +01:00
Sami Mokaddem b53f2681b4
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into feature-metafield-dropdown 2022-11-14 14:53:02 +01:00
iglocska cc1839cbcf
fix: [kc] only try to set the signingin url to KC if KC is actually enabled 2022-11-14 11:07:52 +01:00
Sami Mokaddem 7d6696e079
new: [metaFields] Adding support of sane_default + improving form & crud - WiP 2022-11-14 09:04:35 +01:00
iglocska 6197b55ec9
chg: [user index] added column configuration 2022-11-13 11:23:23 +01:00
iglocska 260e1d30a1
new: [individuals] rework
- allow modifications for org admins of individuals associated to their users
  - unless they're site admins
- add user information to the individual index to bring clarity to the individual vs users confusion
- rework of the user form field object
2022-11-13 11:09:34 +01:00
iglocska b1f09dc97e
new: [permission limitations] subsystem added
- add limitations for users with given meta fields
  - x number / org and y number / globally
- add comments to the limitations
- enforced on user creation/modification
2022-11-09 14:09:27 +01:00
iglocska c44e1a8418
new: [metafields] added view representation of info/warning/danger keys 2022-11-09 14:01:37 +01:00
iglocska d43e7c6c22
new: [generic form] added checkbox option for boolean fields in metatemplates 2022-11-09 14:00:18 +01:00
iglocska 11510ea28f
new: [individual] editing enabled for org admins
- requires that a user exist for the given individual
2022-10-31 14:42:58 +01:00
Sami Mokaddem 866fbc2d51
chg: [layout:notification-menu] Improved spacing and size 2022-10-28 11:09:42 +02:00
Sami Mokaddem 03bd4aba30
new: [genericElement:group_table_action] Added support of `show # element` in the table 2022-10-28 09:13:15 +02:00
Sami Mokaddem 67eb9de05a
new: [ui:index_table] Fire pending debounced functions on dropdown hidden 2022-10-28 09:12:30 +02:00
Sami Mokaddem 4c401e6e29
chg: [ui:layout] Added spacing between toast 2022-10-28 09:10:26 +02:00
Sami Mokaddem aeda393bba
chg: [component:CRUD] Improved filtering to support form type based on database column type 2022-10-27 15:56:39 +02:00
Sami Mokaddem 00c1ae616f
new: [inboxes] Added `severity` level and `message` and removed `description` column 2022-10-25 14:38:16 +02:00
Sami Mokaddem a841888db9
fix: [template:genericFilters] Do not fail if tag selector container doesn't exist 2022-10-25 10:29:14 +02:00
Sami Mokaddem 8d7e2b0df2
chg: [inboxes:UI] Renamed `request` into `message` 2022-10-25 10:26:03 +02:00
Sami Mokaddem cfae8cb914
chg: [indexTable:indexStatistic] better support of themes 2022-10-21 15:36:08 +02:00
Sami Mokaddem 25b6db7303
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop 2022-10-21 15:31:41 +02:00
Sami Mokaddem 5389f02b4f
new: [scss:boostrap-additional] Added `btn-outline-text` to ease integration with themes 2022-10-21 15:29:45 +02:00
iglocska 41a241cada
new: [pgp] library ported from MISP
- added proper view elements for encryption keys
- added key information extraction
2022-10-21 15:25:52 +02:00
Sami Mokaddem 815e3e0671
fix: [metaTemplates:updateAll] Fixed missing form preventing to update 2022-10-21 14:15:08 +02:00
Sami Mokaddem ddfc83af6f
chg: [navigation:socialProvider] Improved UI for SSO profile management 2022-10-21 14:14:38 +02:00
Sami Mokaddem 96041cc71a
chg: [genericIndex:select_visible_columns] Show meta-template versions 2022-09-29 17:54:58 +02:00
Sami Mokaddem f2db6b3b5e
chg: [users:add] Missing comma 2022-09-21 10:08:40 +02:00
iglocska 3b215a5ec0
fix: [alignments] fixed invalid urls in alignment fields lacking a /
- as reported by SK-CERT
2022-09-19 01:59:23 +02:00
iglocska ca65c4b68e
fix: [alignments] added an index view template
- Can't see any usefulness in this, but why not

- As reported by SK-CERT
2022-09-19 01:39:38 +02:00
iglocska 822c96dbf0
fix: [single view generic field] allow for unsanitised raw input 2022-09-18 18:32:43 +02:00
iglocska 09ff4eba53
fix: [xss] resolved in the genericField of the single view
- as reported by SK-CERT
2022-09-18 18:27:39 +02:00
iglocska d35a674505
chg: [navigation] added keycloak self management
- also some changes to the navigation system
2022-08-24 11:39:56 +02:00
Sami Mokaddem 8c4c75d83a
fix: [localTools:action] Catch error if local tool's action returned unexpected data 2022-06-08 11:51:52 +02:00
iglocska c6572885a9
chg: [users view] added KC checks for the profile link 2022-05-17 10:47:25 +02:00
iglocska be064bb0c9
new: [KC] profile link added 2022-05-17 10:42:44 +02:00
Sami Mokaddem 5c520e440d
chg: [metatemplate:meta_fields_to_update] Only show notice if applicable 2022-03-09 09:16:47 +01:00
Sami Mokaddem 61736531b1
chg: [indexTable:context_filters] Support of default context filter
This filter is used by default if none is provided
2022-03-09 08:55:59 +01:00
Sami Mokaddem 39d89efb53
chg: [meta-template:update] Default update strategy to be `create_new` 2022-03-09 08:21:27 +01:00
Sami Mokaddem 66572a788f
fix: [metatemplates:index] Pass all needed arguments 2022-03-08 17:22:39 +01:00
Sami Mokaddem 3d0fdeba81
fix: [users:add] Decoupled password required and visibility 2022-03-01 13:59:10 +01:00
Sami Mokaddem 7d345f98f2
chg: [index_table:group_search] Changed name for better visibility 2022-02-28 10:46:38 +01:00
Sami Mokaddem 3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-28 09:51:51 +01:00
Sami Mokaddem 04b82d356e
chg: [indexTable:filtering] Initial work on supporting custom operators 2022-02-25 15:36:55 +01:00
iglocska 4902a3f8a6
new: [password auth] added setting to disable password auth
- not needed in some cases for keycloak enabled instances
2022-02-25 00:33:00 +01:00
iglocska 678ad0fe8e
chg: [templates] for user creation now have a minimalist individiual creation included 2022-02-24 13:48:10 +01:00
iglocska 304586ff19
chg: [user] view add link to user's individual 2022-02-24 13:47:49 +01:00
Sami Mokaddem f044bd8957
chg: [layout:sidebar] Only show collapsible parents if they have children 2022-02-23 10:19:16 +01:00
Sami Mokaddem bd14d52571
chg: Removed useless comments 2022-02-23 08:11:24 +01:00
Sami Mokaddem c0b6925aa5
chg: Removed unused commented code 2022-02-22 14:07:01 +01:00
Sami Mokaddem 7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-21 11:17:05 +01:00
iglocska 9245b2d720
fix: [genericTemplates] delete template can be invoked without an ID 2022-02-20 15:05:03 +01:00
iglocska 495c4ee93c
fix: [security] XSS in the generic action template
- a previously assumed internal url can have user input appended via the MISP local tool connector
- requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads

- as reported by Dawid Czarcnecki of Zigrin Security
2022-02-20 12:07:06 +01:00
Sami Mokaddem ec37a637f8
chg: [header] moved inline style in css file 2022-02-09 09:51:21 +01:00
Sami Mokaddem e67c711935
chg: [notifications] Slightly improved UI 2022-02-09 09:30:59 +01:00
Sami Mokaddem a77e29fa38
new: [layout:sidebar] Notifications in the sidebar 2022-02-08 17:58:30 +01:00
Sami Mokaddem d1cf408163
new: [helpers:bootstrap] Added notification bubble 2022-02-08 17:57:20 +01:00
Sami Mokaddem 62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-08 08:42:25 +01:00
Sami Mokaddem e13b4e7bc5
fix: [settings:settingField] Enforce sanitization of input fields
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 11:43:09 +01:00
Sami Mokaddem 14ec995c2b
fix: [userSettings] Perform URI validation for bookmarks
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 10:48:55 +01:00
Sami Mokaddem dfb8d73a92
fix: [userSettings] Renamed template to match the controller endpoint 2022-02-07 10:37:03 +01:00
iglocska e60d97c214
fix: [security] genericForm reflected XSS in form descriptions for user controlled descriptions
- accessible via the MISP local tool setting change
- sanitise the description

- as reported by Dawid Czarnecki from Zigrin Security
2022-02-03 23:56:23 +01:00
iglocska 8b6fc78695
fix: [generic fields] org field URL missing slash fixed 2022-01-28 00:51:09 +01:00
iglocska 9dd488e766
fix: [login] hide keycloak login if keycloak login is disabled 2022-01-27 22:11:51 +01:00
iglocska 1ca0f21b86
chg: [user add] form defaults
- org will default to own org for site admins
- role will default to the default role (if set)
2022-01-27 21:54:59 +01:00
iglocska 05daa5470a
fix: [sharing group form] default to own org as owner
- reconsider if this should be a configurable setting at all
2022-01-27 21:10:00 +01:00
iglocska 589f932fe9
chg: [form] dropdown default key added 2022-01-27 21:09:32 +01:00
Sami Mokaddem 7de1c14407
chg: [userSettings:add] Adhere to the passed user context 2022-01-27 10:44:47 +01:00
Sami Mokaddem dc8710d89e
fix: [users:view] Correctly reload authkey child panel when performing operations 2022-01-27 10:21:55 +01:00
Sami Mokaddem 789bd9926f
chg: [navigation:users] Restored breadcrumb navigation to access user profile settings 2022-01-27 08:41:31 +01:00
Sami Mokaddem 54ee91ba1a
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop 2022-01-26 12:11:53 +01:00
Sami Mokaddem f53b458103
fix: [userSettings] Allow admin to edit other user's settings 2022-01-26 12:11:44 +01:00
iglocska acc9c94baa
Merge branch 'main' into develop 2022-01-25 15:59:31 +01:00
Sami Mokaddem 578eacfd89
fix: [templates:common] Removed extra closing tag 2022-01-25 15:02:58 +01:00
Sami Mokaddem 4f8b663b87
chg: [localtTools:connectionRequest] Provide more info on exception 2022-01-25 15:02:30 +01:00
Sami Mokaddem 6005552e76
fix: [genericElements:tags] List tags when editing an entity 2022-01-25 15:02:04 +01:00
Sami Mokaddem a7e2fb2ea7
chg: [auditlog:index] Break text in changed column 2022-01-25 15:01:48 +01:00
Sami Mokaddem 77285257da
fix: [templates:common] Removed extra closing tag 2022-01-25 14:03:48 +01:00
iglocska e9f77aff51
Merge branch 'develop' into main 2022-01-25 11:36:06 +01:00
iglocska 57e2c75352
fix: [users] role based action filtering added
- to avoid annoying clickable, but blocked actions for og admins
2022-01-25 11:34:22 +01:00
Sami Mokaddem 42de70e87d
chg: [ui:header-notification] Added support of variant severity 2022-01-25 11:31:17 +01:00
Sami Mokaddem 249892c3e0
chg: [notifications] Support of modal when clicking on notification element 2022-01-25 09:32:16 +01:00
Sami Mokaddem 7535cd2bdf
chg: [localtTools:connectionRequest] Provide more info on exception 2022-01-24 16:12:46 +01:00
Sami Mokaddem 6321725fa9
new: [notification] Added initial version of the notification system 2022-01-24 15:13:28 +01:00
Sami Mokaddem fc2c67ef55
new: [dependency:js] Added moment.js 2022-01-24 15:12:48 +01:00
Sami Mokaddem 7af31448cd
fix: [genericElements:index_table] Improved positioniong of pagination link for sorting 2022-01-21 09:09:05 +01:00
Sami Mokaddem 695fcdaf26
chg: [genericELements:index_table] Tabler head accept icons 2022-01-21 09:08:13 +01:00
Sami Mokaddem f8c775ba03
chg: [api:index] Serve redoc script directly form the server 2022-01-20 14:54:47 +01:00
Sami Mokaddem d324eb497e
fix: [genericElements:tags] List tags when editing an entity 2022-01-20 14:37:19 +01:00
Sami Mokaddem ef16bc3676
chg: [auditlog:index] Break text in changed column 2022-01-20 14:24:03 +01:00
Sami Mokaddem 38a9aa9869
chg: [auditlog] Allow filtering and searching the table 2022-01-20 13:55:27 +01:00
Sami Mokaddem e6ec31ff23
fix: [appTable:table_statistics] Compute timeline only if the fields exist in the DB schema 2022-01-20 13:44:19 +01:00
Sami Mokaddem a98c7f8f32
fix: [metaTemplate] Various fixed on meta-templates updates 2022-01-20 12:00:39 +01:00
Sami Mokaddem 324ac1ce40
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into refactor-metatemplates 2022-01-20 09:00:45 +01:00
Andras Iklody 80cd93da40
Merge pull request #80 from righel/add-integration-tests
Add integration tests
2022-01-19 16:25:19 +01:00
Sami Mokaddem 1d7fc00a65
chg: [layout:header-profile] Improved spacing 2022-01-19 09:33:57 +01:00
Luciano Righetti ee5c723c71 Merge branch 'develop' into add-integration-tests 2022-01-18 18:11:53 +01:00
iglocska dbaa2ba7b3
fix: [encryption keys] several fixes
- fix the user view to correctly point to the list of related encryption keys
- fix the lookup on the index to be based on owner_model + owner_id combo
- fix the filtering of the dropdown in the encryption key add form to only valid options
2022-01-18 16:56:38 +01:00
Luciano Righetti f48c1a5a17 Merge branch 'develop' into add-integration-tests 2022-01-18 14:29:54 +01:00
Sami Mokaddem 46870a4bcc
fix: [organisation:add] Removed useless description field 2022-01-17 15:45:51 +01:00
iglocska 0328bfed46
fix: [inividuals] add shouldn't have the tagging options
- can't tag that which does not exist yet
2022-01-17 13:20:34 +01:00
iglocska 244020802c
Merge branch 'main' into develop 2022-01-17 13:17:51 +01:00
iglocska 453c838dfe
fix: [placeholder removed] WiP functionality for local_tool->local_tool connections within the same brood temporarily removed
- was never fully implemented
2022-01-17 13:15:26 +01:00
iglocska b4534c373b
fix: [organisation] add/edit doesn't save URL 2022-01-17 12:53:14 +01:00
Sami Mokaddem f18307b3cb
chg: [localTools:local_tool_connectors] Added support of CodeMirror placeholder 2022-01-17 11:30:26 +01:00
Sami Mokaddem aeaa833f64
new: [CodeMirror] Shows a placeholder whenever the textarea is empty 2022-01-17 11:29:50 +01:00
iglocska 12d7607aae
new: [encryption key] view added
- was missing, despite links to it
2022-01-17 09:45:45 +01:00
Luciano Righetti a69608530c new: add /api openapi spec view with redoc, add faker to fixtures, validate api responses with openapi spec, add /api/v1/ prefix to api routes 2022-01-07 13:45:52 +01:00
Sami Mokaddem 30ec856dc3
fix: [local_tool:batchApiAction] Various UI and backend fixes 2021-12-21 12:36:36 +01:00
Sami Mokaddem 3ed5af776a
fix: [local_tool:batchApiAction] Various UI and backend fixes 2021-12-21 12:34:37 +01:00
Sami Mokaddem a1a9029053
chg: [metaTemplate] Better placement of notice message 2021-12-20 14:28:04 +01:00
Sami Mokaddem 19b4648efb
chg: [genericElement:metafield_panel] Only display notice if the entity has meta fields 2021-12-17 14:04:44 +01:00
Sami Mokaddem da5c4e2de7
chg: [metaTemplate:index] Improved text 2021-12-16 11:03:34 +01:00
Sami Mokaddem fa364c2b2f
fix: [metaTemplate] Repaired update_all 2021-12-15 15:33:58 +01:00
Sami Mokaddem 02cc0c30a3
chg: [metaTemplate] Major refactoring and documentation - WiP 2021-12-14 15:09:40 +01:00
Sami Mokaddem aa83b1aa37
chg: [metaTemplate] Update system and conflict resolution interfaces - WiP 2021-12-08 11:11:46 +01:00
Sami Mokaddem 6865114118
chg: [genericElements:form] Support of more option and radio input 2021-12-08 11:08:40 +01:00
Sami Mokaddem 296e8b119a
fix: [genericTemplates:delete] Make sure to sanitize modal content 2021-12-08 11:07:02 +01:00
iglocska bb3b264cfb
fix: [sharing group index] fixed members link 2021-12-05 00:02:33 +01:00
iglocska 5041a57e08
fix: [sharing groups] index members column fixed 2021-12-04 23:58:42 +01:00
iglocska 332f374e01
chg: [sharing group index] add button now has the new checkaccess conditions applied 2021-12-01 14:26:20 +01:00
Sami Mokaddem 819d96e805
new: [metaTemplate] Interface and functions to update meta-templates - WiP
Actual update not implemented yet.
2021-12-01 11:01:31 +01:00
Sami Mokaddem a6ecab5b47
new: [elements:breadcrumb] Added possibility to have badges in action item 2021-12-01 08:41:25 +01:00
iglocska 2406e31b72
fix: [user add] form fixes 2021-11-26 10:53:24 +01:00
iglocska 2eb2459936
fix: [forms] added missing password form field 2021-11-26 10:52:44 +01:00
iglocska 15d738aa77
fix: [forms] dropdowns overriding values from request 2021-11-26 10:51:58 +01:00
iglocska cc5c750de8
chg: [audit log] change field renamed to changed
- change is a reserved keyword
- this way quoting of field names is no longer needed in the cakePHP settings
2021-11-25 00:57:31 +01:00
iglocska a4f6e06e7a
fix: [roles index] correctly allow site admins to modify / remove roles 2021-11-25 00:55:36 +01:00
Sami Mokaddem e8e1a16673
chg: [search_all] Added drafty support of meta-fields 2021-11-24 22:39:22 +01:00
Sami Mokaddem aa42e6763a
chg: [metaTemplate] Started implementing new update system - WiP 2021-11-24 09:14:09 +01:00
iglocska 6d7a555368
chg: [index views] slight changes
- hide inaccessible action buttons on org index
- add owner to sharing group index
2021-11-24 01:28:01 +01:00
iglocska e708730e97
chg: [roles] hide action buttons on the role index when they wouldn't be available anyway 2021-11-24 01:27:14 +01:00
iglocska ed848e9cee
chg: [sharing groups] show owner org on the index 2021-11-24 01:26:55 +01:00
iglocska 061f3fc468
chg: [profile] added org to profile menu 2021-11-24 01:26:29 +01:00
iglocska 81ab202917
chg: [templates] org fields added to user templates 2021-11-24 01:25:57 +01:00
Sami Mokaddem d136955160
chg: [elements:widgets] Slightly refactored highlight panel and removed useless code 2021-11-23 22:07:31 +01:00
Sami Mokaddem bfd3a0c1e0
chg: [genericElements:index_table] Immediately save index setting when dropdown menu gets closed 2021-11-23 21:55:01 +01:00
Sami Mokaddem 7c92c12de9
chg: [element:index_table] Slight UI adjustement 2021-11-23 15:53:05 +01:00
Sami Mokaddem 025b551e77
chg: [genericElements:index_table] Added close button for stat widget config UI 2021-11-23 13:49:34 +01:00
Sami Mokaddem ef91cfcee3
chg: [genericElements:index_table] Continuation of stats for current view - WiP 2021-11-17 17:04:39 +01:00
iglocska 7f138325a8
fix: [log index] use the proper action column 2021-11-17 16:04:02 +01:00
iglocska 92ddd04ba0
fix: [JSON fields] fixed escaping issues 2021-11-17 15:58:52 +01:00
iglocska de2ee49ccf
new: [auditlogs] UI 2021-11-17 14:44:54 +01:00
Sami Mokaddem 25f0f07251
chg: [genericElements:index_table] Added support of statistic for current view - WiP 2021-11-15 11:51:47 +01:00
Sami Mokaddem 829e471ac1
chg: [element:widget] Added support of condensed UI for highlight-panel
This could be later on refactored to be formed from smaller views
2021-11-15 11:51:08 +01:00
Sami Mokaddem 5e39707623
chg: [element:bar] better support of passed options 2021-11-15 11:49:35 +01:00
Sami Mokaddem c6925c2d98
fix: [home:ui] Use correct bootstrap class 2021-11-15 11:46:15 +01:00
Sami Mokaddem 7cf7363009
chg: [genericElements:index_table] Moved description to a tooltip
Description describing indexes are great when discovering an app for the first time but start taking important place and become useless when users gets to know the app better. Moving it to a tooltip makes sense in that regard.
2021-11-15 08:29:16 +01:00
Sami Mokaddem 509b203591
chg: [instance:home] Added support of both `modified` and `created` in stat panels 2021-11-12 15:40:03 +01:00