7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-21 11:17:05 +01:00
b67c221476
fix: [copy pasta fail] left previous assignment in that is now superseeded by the if branch above
2022-02-20 15:07:58 +01:00
e2bb58d3c7
fix: [flood protection] default to 127.0.0.1 if no remote_addr is set as we're dealing with a local CLI script
2022-02-20 15:00:15 +01:00
b046990153
fix: [flood protection] default to REMOTE_ADDR if the selected default logging IP source header is not populated
2022-02-20 11:49:57 +01:00
a77e29fa38
new: [layout:sidebar] Notifications in the sidebar
2022-02-08 17:58:30 +01:00
62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable
2022-02-08 08:42:25 +01:00
c7b226f844
chg: [flood protection] added cleanup
2022-02-07 02:14:53 +01:00
e6643365d2
new: [flood protection] behaviour added
...
simple expiration system to allow flood protections to be added to any functionality
2022-02-07 02:01:59 +01:00
15190b930e
fix: [security] Sharing group ACL fixes
...
- added indirect object reference protection
- added correct ACL functionalities to delete, addOrg, removeOrg
- as reported by Dawid Czarnecki from Zigrin Security
2022-02-04 00:16:24 +01:00
6443f36650
Merge pull request #86 from righel/add-inter-connection-tests
...
Add inter-connection test
2022-01-27 16:13:35 +01:00
789bd9926f
chg: [navigation:users] Restored breadcrumb navigation to access user profile settings
2022-01-27 08:41:31 +01:00
2e7aabf704
fix: [users:toggle] Prevent users to disable admins
2022-01-26 16:10:33 +01:00
d91a362e99
Merge branch 'develop' into add-inter-connection-tests
2022-01-26 15:31:49 +01:00
665999b8f4
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 15:29:53 +01:00
95ecc2bc80
fix: [security] fields not adhered to in CRUD components edit
...
- users can circumvent restrictions on editable fields
- can lead to privilege escalation when users edit themselves
2022-01-26 15:28:10 +01:00
d05868106d
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 14:59:57 +01:00
b7facf226d
chg: [Navigationcomponent] added missing changes from previous commit
2022-01-26 14:55:47 +01:00
74e95855bd
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 14:54:03 +01:00
c186c88d5c
chg: [navigation] Breadcrumb generation is user aware
...
- moved the initialisation of the generation to be invoked from the appcontroller's beforefilter, after the user is loaded into the ACL component
- Only show user setting edits when the user is editing themselves
2022-01-26 14:21:27 +01:00
9a0ddef2af
new: [ACL] added canEditUser() function
...
- simple comparison between two users
- checks role + org based permission
2022-01-26 14:16:28 +01:00
54ee91ba1a
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-26 12:11:53 +01:00
f53b458103
fix: [userSettings] Allow admin to edit other user's settings
2022-01-26 12:11:44 +01:00
d18471ba95
fix: failing when request is empty json object
2022-01-25 18:02:41 +01:00
acc9c94baa
Merge branch 'main' into develop
2022-01-25 15:59:31 +01:00
dc2bfcb6b2
fix: [components:CRUD] Support of controller's paginate public variable
2022-01-25 15:02:16 +01:00
e9f77aff51
Merge branch 'develop' into main
2022-01-25 11:36:06 +01:00
74df550419
chg: [inbox:collectNotifications] Collect notifications for the logged in user
2022-01-25 11:32:09 +01:00
6321725fa9
new: [notification] Added initial version of the notification system
2022-01-24 15:13:28 +01:00
932a28288d
new: [CRUD] added some new useful features
...
- afterFind for the edit functions to make last minute decisions on the modification after already having loaded the data to be modified
- moved the field restrictions to be able to pass it to the view
- try/catch for bulk deletions. A single failure in the beforeSave call will no longer block the entire saving process
2022-01-21 13:41:29 +01:00
a59f59ba0d
fix: [components:CRUD] Support of controller's paginate public variable
2022-01-21 09:35:55 +01:00
ec76948ebd
fix: [component:CRUD] Filtering view variables get correctly set
2022-01-20 13:54:17 +01:00
86946719c7
chg: [component:CRUD] Fixed typo
2022-01-20 11:57:48 +01:00
a60ca95120
chg: [ui:api] Moved API navigation link into admin section and created breadcrumb config
2022-01-20 09:32:39 +01:00
324ac1ce40
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into refactor-metatemplates
2022-01-20 09:00:45 +01:00
afcfe57767
Merge branch 'develop' into add-integration-tests
2022-01-18 16:26:06 +01:00
eae8e62e5e
fix: [CRUD] delete post message fix
...
- correct order of execution for the beforesave command
2022-01-18 16:24:24 +01:00
6e31005d79
Merge branch 'develop' into add-integration-tests
2022-01-18 16:11:23 +01:00
8cb24baf5f
fix: [ACL] tightening for delete functions
...
- implemented beforeSave() function in the CRUD::delete() functionality
- added correct handling for the organisation level encryption keys in the beforeSave constructor
2022-01-18 15:35:55 +01:00
f48c1a5a17
Merge branch 'develop' into add-integration-tests
2022-01-18 14:29:54 +01:00
8c97c3b3a0
Merge branch 'main' into develop
2022-01-17 17:17:31 +01:00
6d13d4aba0
fix: [authkeys] tighten requirements to add authkeys for other org admins
...
- site admin: can add to all
- org admin: can add to all in org, except site admin
- everyone else: can add to self only
2022-01-17 17:16:03 +01:00
0c9b032536
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
2022-01-17 15:30:07 +01:00
98e8272810
fix: [ACL] Allow anyone to view encryption keys
2022-01-17 15:29:58 +01:00
453c838dfe
fix: [placeholder removed] WiP functionality for local_tool->local_tool connections within the same brood temporarily removed
...
- was never fully implemented
2022-01-17 13:15:26 +01:00
241e760ad2
add: add API menu option
2022-01-10 16:20:22 +01:00
ce1a51cc39
fix: incorrect check
2022-01-10 11:59:23 +01:00
a69608530c
new: add /api openapi spec view with redoc, add faker to fixtures, validate api responses with openapi spec, add /api/v1/ prefix to api routes
2022-01-07 13:45:52 +01:00
f45727704f
fix: deprecation warning
2022-01-05 17:44:24 +01:00
02cc0c30a3
chg: [metaTemplate] Major refactoring and documentation - WiP
2021-12-14 15:09:40 +01:00
f7ae58a22d
chg: [component:crud] Renaming the default `all` contextual filter
2021-12-14 15:08:28 +01:00
aa83b1aa37
chg: [metaTemplate] Update system and conflict resolution interfaces - WiP
2021-12-08 11:11:46 +01:00
fbb1a52724
new: [ACL component] new functionalities
...
- getRoleAccess now returns either URLs or arrays
- array format allows for easy checking of controller + action pairs
2021-12-01 14:22:02 +01:00
819d96e805
new: [metaTemplate] Interface and functions to update meta-templates - WiP
...
Actual update not implemented yet.
2021-12-01 11:01:31 +01:00
d2a88b3a18
chg: [Component:Navigation] Breadcrumbs get loaded before rendering to have access to view var
...
So that it can have access to view variables
2021-12-01 08:25:20 +01:00
392faa60e4
new: [ACL] getRoleAccess endpoint added
...
- prints all valid URLs for the current user's role
2021-11-30 00:00:05 +01:00
c7d40d42c7
fix: [ACL] added missing entries
2021-11-29 23:37:41 +01:00
22be309dc2
fix: [ACL] fix wildcard controller checks failing
2021-11-28 23:42:22 +01:00
cc5c750de8
chg: [audit log] change field renamed to changed
...
- change is a reserved keyword
- this way quoting of field names is no longer needed in the cakePHP settings
2021-11-25 00:57:31 +01:00
aa42e6763a
chg: [metaTemplate] Started implementing new update system - WiP
2021-11-24 09:14:09 +01:00
94c0b171a1
chg: [component:CRUD] Added comment to be fixed later on - WiP
2021-11-24 09:12:39 +01:00
0fe7f4f931
new: [CRUD] added additional features to the CRUD component
...
- conditions passable to add/edit/index/delete
- refactored get() requests internally to finds to accomodate for additional parameters
- delete() now takes a params[] array as a second argument
2021-11-24 01:30:28 +01:00
5483357e1c
chg: [ACL] fix permissions for org admins
...
- also, fix a bug with the simple permissions being ignored
2021-11-24 01:29:39 +01:00
3c0237f387
fix: [component:CRUD] Regression where entities not supporting metafields couldn't be saved
2021-11-23 14:56:25 +01:00
ef91cfcee3
chg: [genericElements:index_table] Continuation of stats for current view - WiP
2021-11-17 17:04:39 +01:00
cc04373375
new: [crud component] fixes
...
- add hidden option
- fix afterfind
2021-11-17 15:47:32 +01:00
af4f114f2f
chg: [audit logs] tied into side menu
2021-11-17 14:45:20 +01:00
25f0f07251
chg: [genericElements:index_table] Added support of statistic for current view - WiP
2021-11-15 11:51:47 +01:00
b51cf2ed59
fix: [Component:CRUD] Pass expected argument
2021-11-11 14:51:51 +01:00
cc0b1ad3b4
chg: [component:CRUD] Added support of metafield in quickfilter feature
2021-11-10 15:28:09 +01:00
d6d592ff8c
new: [genericElement:index_table] Added support of meta_fields searches
2021-11-10 12:07:27 +01:00
a005d0491f
new: [genericElements:index_table] Support of meta_fields in table column
2021-11-10 09:06:39 +01:00
d71f48fc9f
chg: [component:CRUD] Small refactoring to improve re-usability
2021-11-10 09:02:51 +01:00
04ad3be4a6
fix: [component:CRUD] Correctly inspect the redirect key
2021-11-09 09:15:19 +01:00
1feed8ecaf
fix: [component:paramHandler] Correctly handle arrays
...
Also removed duplicated function
2021-11-09 09:12:41 +01:00
a0f6c6a7e0
chg: [behavior:meta_field] Better integration in CRUD and tables
2021-11-09 08:59:17 +01:00
f62caa919b
chg: [navigation] Navigation's actions now relies on modal instead of redirecting to the page
2021-11-08 15:56:39 +01:00
d045f1f4d5
chg: [ui] Added support of redirections via Ajax responses
2021-11-08 15:54:37 +01:00
50737543a9
chg: [component:CRUD] Cleanup leftovers comments
2021-11-08 15:03:05 +01:00
94fbd74918
chg: [component:CRUD] Support of validation and re-edition (WiP)
2021-11-08 14:08:47 +01:00
b1f08f3b2d
chg: [component:CRUD] Actually delete empty metafields on edit
2021-11-05 17:44:37 +01:00
26859d045e
fix: [element] Made single views aware of multiple meta-fields
2021-11-05 17:03:11 +01:00
bb9ca6e69d
fix: [Component:CRUD] Make set quickfilter works again
...
Call the function with correct number of argument
2021-11-04 15:21:03 +01:00
c55088aa85
chg: [metaTemplate] Continuation of refactoring - WiP
...
Editing meta field from entities working
2021-11-04 08:10:32 +01:00
9373c35bc6
chg: [metaTemplate] Started refactoring the whole feature
...
Objective of the refactoring is to:
Simplified metafields searches and started to add support of multi-field and edition
2021-11-03 11:47:10 +01:00
51d93d40af
chg: [ui] Various UI improvement and cleanup
...
New according bootstrap component and small UI enhancements
2021-10-28 09:27:30 +02:00
4ef6738053
chg: [mailinglist] Improved feature
...
Previously, emails were stored as json encoded string. To add more flexibility and prevent inconsistencies (such as propagating email changes to the mailing list), it has been moved to a table.
2021-10-28 09:00:20 +02:00
fe9fbe2e99
new: [mailing-list] Added mailing list feature - WiP
2021-10-25 16:20:36 +02:00
d21bad721a
fix: [genericTemplate:filters] Correctly takes filter fields and simplified UI
2021-10-21 10:20:07 +02:00
370ae3438e
new: [user:registration] Added user self-registration feature
2021-10-20 22:29:23 +02:00
e5a958e8c9
chg: [sidemenu] Moved local tools
2021-10-20 15:47:45 +02:00
78180fa90f
new: [userSettings] Added complete support of user settings
...
Including support of bookmarks, sidebar behavior and theming
2021-10-18 13:28:26 +02:00
29ca08ce60
new: [sidebar:bookmarks] Added early version of user-defined bookmarks
...
Bookmark configs are saved in their respective user setting for each users
2021-10-08 16:57:38 +02:00
0d4fafb14b
chg: [navigation:sidemenu] Translation for link groups
2021-10-08 16:47:38 +02:00
39fdb8ec0d
new: [user-settings] Added user settings feature
2021-10-08 10:27:40 +02:00
7ab8a93fbd
chg: [navigation] regrouped navigation related data into files
2021-10-08 10:23:03 +02:00
9685406d99
Merge branch 'develop-unstable' of github.com:cerebrate-project/cerebrate into develop-unstable
2021-10-01 15:13:54 +02:00
85ee7c69a5
fix: [plugins:tags] Use correct namespace and variable name
2021-10-01 15:13:18 +02:00
99a89977c8
Merge branch 'keycloak' into develop-unstable
2021-10-01 13:53:14 +02:00
f60e411af1
new [keycloak]: WiP user enrollment added
...
- also moved the keycloak specific functionalities to a behaviour
- added new role permission (org admin)
2021-10-01 13:19:26 +02:00
de8ee047f9
chg: [component:navigation] Added support of settings in breadcrumbs
2021-09-27 14:02:50 +02:00
43ac537fbc
fix: [navigation] Added setting page and more layout fixes
2021-09-18 10:31:05 +02:00
cf3e87614e
chg: [navigation] Fixed navigation for tag endpoints
2021-09-17 18:30:32 +02:00
0d8841a3bf
Merge branch 'ui-navigation' into develop-unstable
2021-09-17 17:12:33 +02:00
9172e1b405
chg: [layout:navbar] Moved links and actions breadcrumb items out of the main top navbar
2021-09-17 15:44:52 +02:00
a869faa72b
chg: [component:navigation] Added support of home route
2021-09-17 13:07:44 +02:00
9dc27f4cc8
chg: [instance:navigation] Usage of the mapped icons
2021-09-10 16:05:05 +02:00
0da5d456d1
chg: [layout:breadcrumb] Support of icon in breadcrumb
2021-09-10 15:58:41 +02:00
b3c25f0cae
new: [instance:search_all] Early work on search all feature
2021-09-10 11:55:54 +02:00
bf3c1b9ee4
chg: [layout:header] Improved breadcrumb generation
2021-09-09 13:12:52 +02:00
866f73af88
chg: [app:naviation] Support of breadcrumbs for navigation - WiP
2021-09-09 11:05:44 +02:00
50c4a31a2e
chg: [layout:sidebar] Started integration of sidebar - WiP
2021-09-07 15:51:21 +02:00
99c857d586
chg: [aclcomponent] Added ACL entry
2021-09-03 09:49:20 +02:00
eed5b9226a
chg: [behavior:tags] Custom finder and small improvements
2021-09-01 16:12:56 +02:00
61255e2837
chg: [tags] Improved UI and added missing files
2021-08-31 15:21:28 +02:00
a4535ea42e
chg: [tag] Continuation of integrating tagging plugin - WiP
...
- Filtering
- CRUD of tags
2021-08-30 15:11:21 +02:00
29595c6e22
chg: [tag] Continuation of integrating tagging plugin - WiP
...
- Can tag/untag any model
2021-08-26 16:12:55 +02:00
8b659fb6af
chg: [tag] Continuation of integrating tagging plugin - WiP
...
- Tagging / Untagging
2021-08-26 12:06:12 +02:00
9f4fbf0410
chg: [instance:settings] Improved UI interface
...
Added searches and notices for individual settings
2021-07-21 11:18:06 +02:00
d9bef3dc0c
new: [localTools] Setting validation
2021-07-05 17:27:39 +02:00
25ca89a701
chg: [CRUD] Improved validation message feedback
2021-06-30 12:18:58 +02:00
217ec250f0
chg: [ACLComponenent] Allow sync-user to use exposedTools endpoint
2021-06-29 16:17:56 +02:00
bb70a58885
fix: [ACL] fixed checks for multiple values
2021-06-29 11:51:29 +02:00
f22ad57575
fix: [ACL] added all new functionalities
2021-06-28 23:55:24 +02:00
0e8a6cbe1c
chg: [view] templates added for new permission role
...
- also fixed an issue with the signature of the component import in CRUDcomponent
2021-06-28 23:27:21 +02:00
cf3a8653e1
fix: [app] Prevent some ID overrides
2021-06-28 14:49:38 +02:00
524dd10aae
chg: [CRUD:add] Always allow UUID field to be set
2021-06-28 14:02:52 +02:00
39f44471e4
chg: [ACLComponent] Moved DB migration to administration tab
2021-06-28 11:35:31 +02:00
7ec0dabd0b
chg: [CRUDComponent] Support of bulk delete operations
2021-06-23 11:12:14 +02:00
83161817d5
Merge remote-tracking branch 'origin/develop' into inbox-misp-sync
2021-06-21 08:45:22 +02:00
1da74b283a
new: [outbox] Added outbox and linked it with failed outgoing messages
2021-06-19 13:16:25 +02:00
7757bec292
fix: [API] various fixes
2021-06-17 08:54:09 +02:00
543603339b
new: [inbox] Added list request processors
2021-06-12 12:04:11 +02:00
ef94ce147c
Merge branch 'main' into inbox
2021-06-01 14:37:29 +02:00
51b4bc811f
chg: [improvements] to a st of controllers and components to support localtools
...
- still missing ACL entries!
2021-06-01 07:47:22 +02:00
2d4727770c
wip: initial connectors
2021-04-30 23:59:53 +02:00
bc1feaa9e6
chg: [requestProcessor] Moved setViewVariables
2021-03-19 11:15:43 +01:00
77fe4e6505
new: [inbox] First version of Inbox system and requestProcessors - WiP
2021-03-15 22:47:13 +01:00
004bca47e6
new: [CRUD] Advanced filtering capabilities for index
2021-03-10 09:43:36 +01:00
97c5f7b197
chg: [ParamHandler] Allow haversting negated filter from URL
...
- These are separated by a space character which is being converted to `_`
2021-03-10 09:40:54 +01:00
851d9cfee7
fix: [CRUD] Renamed confusing function
2021-03-10 09:38:41 +01:00
697c1ff0a6
fix: [CRUD] Correct usage of the `like` condition operator on the query
2021-03-10 09:37:22 +01:00
9a1b38ff5a
chg: [CRUD] Passes active filters to the view
2021-03-10 09:36:45 +01:00
67d6683ed8
chg: [CRUD] Also harvest negated filters from URL
2021-03-10 09:35:26 +01:00
d4001fab18
chg: [CRUD] Improved metaFields filtering capabilities
2021-02-26 10:36:06 +01:00
5d1106e82a
chg: [CRUDComponent] Improved related filter condition
2021-02-24 11:11:29 +01:00
de4ba80e21
fix: [CRUDComponent] Full group by on meta-templates
2021-02-24 11:10:10 +01:00
a8951ed69e
new: [instance] Added first version of database migration plugin
2021-02-24 11:05:23 +01:00
d61c6c930a
fix: [componenent:CRUD] Fixed oneToMany contextual filters
2021-01-19 12:28:46 +01:00
d974f784b6
fix: [component:CRUD] Support for older PHP versions
2021-01-18 16:21:43 +01:00
cfea15ff03
fix: [component:CRUD] Fixed FULL_GROUP_BY issue and simplified contextual filtering
2021-01-18 16:13:10 +01:00
Sami Mokaddem