Commit Graph

508 Commits (e7e5c0aebd1f712bcffb18c95efbf146e0b93626)

Author SHA1 Message Date
Sami Mokaddem af622dd19b
new: [users:view] Added keycloak status showing the potential differences between Cerebrate and Keycloak 2022-12-09 11:54:34 +01:00
Sami Mokaddem 21c5601c29
chg: [genericElement:fieldScaffold] Let cake's form helper decide the input type if not specified 2022-12-08 15:50:03 +01:00
Sami Mokaddem 31ce0feed8
chg: [permissionslimitations:add] Forced comment type to be textarea 2022-12-08 15:36:13 +01:00
Sami Mokaddem 20730401d7
fix: [permissionlimitations:view] Typo for max_occurence path 2022-12-08 15:35:41 +01:00
Sami Mokaddem 53f669e25c
new: [sync+meta_fields] Initial work on meta_field synchronisation and meta_template_directory - WiP
The new directory allows to ingest meta_fields without knowing their associated meta_template. Improved the way data is re-arranged, how meta-templates are saved and a helper widget showing the difference local objects have with their remote counter-part
2022-12-07 14:54:28 +01:00
Sami Mokaddem bdcf057608
chg: [genericTemplate:confirm] Usage of BootstrapHelper\Modal 2022-12-02 09:48:09 +01:00
Sami Mokaddem 7ce6507e94
fix: [user:login] Added support of `redirect` after login 2022-11-30 10:31:07 +01:00
Sami Mokaddem 9ad328d962
fix: [genericTemplate:delete] Fixed usage of BootstrapElement\BootstrapModal 2022-11-28 15:51:29 +01:00
Sami Mokaddem 3dddd96eeb
chg: [element:metafield_panel] Metafield now relying on their index type when being displayed on singleViews 2022-11-28 12:12:01 +01:00
Sami Mokaddem 6d2f3f2ef9
chg: [elements:settings-notice] Improved UI 2022-11-28 10:02:36 +01:00
Sami Mokaddem 796574994c
fix: [elements:setting-search] Fixed typo 2022-11-28 10:02:11 +01:00
Sami Mokaddem 251331b121
fix: [layout:formLayouts] Use correct parameter for accordion header 2022-11-28 10:01:49 +01:00
Sami Mokaddem 71164e5135
chg: [layout:user_profile] Improved UI 2022-11-28 08:37:00 +01:00
Sami Mokaddem 2c840c7d4f
chg: [herlper:bootstrap] Major refactor of the BootstrapHelper to make it more modular + added documentation 2022-11-28 08:36:17 +01:00
Sami Mokaddem d15f74698f
chg: [genericElement:index_table] Use provided element for the metafields 2022-11-15 14:55:26 +01:00
Sami Mokaddem 14b41451ac
fix: [genericTemplates:filters] Make sure to always return a string when fetching data 2022-11-15 11:27:12 +01:00
Sami Mokaddem be7293a5a4
new: [listTopBar:contextFilters] Added support of element to generate filter content 2022-11-15 11:12:03 +01:00
Sami Mokaddem f5b946d5a9
new: [element:bootstrapUI] To create HTML from BootrstrapHelper by using element 2022-11-15 11:11:06 +01:00
Sami Mokaddem 62c228c44e
chg: [auditLogs:index] Added possibility to view and filter logs base on `created` field 2022-11-14 16:11:18 +01:00
Sami Mokaddem 84069cfe40
chg: [metaTemplateField] More generic way to specify form type 2022-11-14 15:45:28 +01:00
Sami Mokaddem b6fdf37d54
fix: [metafields:dropdown] Patched saving multiple fields with custom value 2022-11-14 15:38:50 +01:00
Sami Mokaddem b53f2681b4
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into feature-metafield-dropdown 2022-11-14 14:53:02 +01:00
iglocska cc1839cbcf
fix: [kc] only try to set the signingin url to KC if KC is actually enabled 2022-11-14 11:07:52 +01:00
Sami Mokaddem 7d6696e079
new: [metaFields] Adding support of sane_default + improving form & crud - WiP 2022-11-14 09:04:35 +01:00
iglocska 6197b55ec9
chg: [user index] added column configuration 2022-11-13 11:23:23 +01:00
iglocska 260e1d30a1
new: [individuals] rework
- allow modifications for org admins of individuals associated to their users
  - unless they're site admins
- add user information to the individual index to bring clarity to the individual vs users confusion
- rework of the user form field object
2022-11-13 11:09:34 +01:00
iglocska b1f09dc97e
new: [permission limitations] subsystem added
- add limitations for users with given meta fields
  - x number / org and y number / globally
- add comments to the limitations
- enforced on user creation/modification
2022-11-09 14:09:27 +01:00
iglocska c44e1a8418
new: [metafields] added view representation of info/warning/danger keys 2022-11-09 14:01:37 +01:00
iglocska d43e7c6c22
new: [generic form] added checkbox option for boolean fields in metatemplates 2022-11-09 14:00:18 +01:00
iglocska 11510ea28f
new: [individual] editing enabled for org admins
- requires that a user exist for the given individual
2022-10-31 14:42:58 +01:00
Sami Mokaddem 866fbc2d51
chg: [layout:notification-menu] Improved spacing and size 2022-10-28 11:09:42 +02:00
Sami Mokaddem 03bd4aba30
new: [genericElement:group_table_action] Added support of `show # element` in the table 2022-10-28 09:13:15 +02:00
Sami Mokaddem 67eb9de05a
new: [ui:index_table] Fire pending debounced functions on dropdown hidden 2022-10-28 09:12:30 +02:00
Sami Mokaddem 4c401e6e29
chg: [ui:layout] Added spacing between toast 2022-10-28 09:10:26 +02:00
Sami Mokaddem aeda393bba
chg: [component:CRUD] Improved filtering to support form type based on database column type 2022-10-27 15:56:39 +02:00
Sami Mokaddem 00c1ae616f
new: [inboxes] Added `severity` level and `message` and removed `description` column 2022-10-25 14:38:16 +02:00
Sami Mokaddem a841888db9
fix: [template:genericFilters] Do not fail if tag selector container doesn't exist 2022-10-25 10:29:14 +02:00
Sami Mokaddem 8d7e2b0df2
chg: [inboxes:UI] Renamed `request` into `message` 2022-10-25 10:26:03 +02:00
Sami Mokaddem cfae8cb914
chg: [indexTable:indexStatistic] better support of themes 2022-10-21 15:36:08 +02:00
Sami Mokaddem 25b6db7303
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop 2022-10-21 15:31:41 +02:00
Sami Mokaddem 5389f02b4f
new: [scss:boostrap-additional] Added `btn-outline-text` to ease integration with themes 2022-10-21 15:29:45 +02:00
iglocska 41a241cada
new: [pgp] library ported from MISP
- added proper view elements for encryption keys
- added key information extraction
2022-10-21 15:25:52 +02:00
Sami Mokaddem 815e3e0671
fix: [metaTemplates:updateAll] Fixed missing form preventing to update 2022-10-21 14:15:08 +02:00
Sami Mokaddem ddfc83af6f
chg: [navigation:socialProvider] Improved UI for SSO profile management 2022-10-21 14:14:38 +02:00
Sami Mokaddem 96041cc71a
chg: [genericIndex:select_visible_columns] Show meta-template versions 2022-09-29 17:54:58 +02:00
Sami Mokaddem f2db6b3b5e
chg: [users:add] Missing comma 2022-09-21 10:08:40 +02:00
iglocska 3b215a5ec0
fix: [alignments] fixed invalid urls in alignment fields lacking a /
- as reported by SK-CERT
2022-09-19 01:59:23 +02:00
iglocska ca65c4b68e
fix: [alignments] added an index view template
- Can't see any usefulness in this, but why not

- As reported by SK-CERT
2022-09-19 01:39:38 +02:00
iglocska 822c96dbf0
fix: [single view generic field] allow for unsanitised raw input 2022-09-18 18:32:43 +02:00
iglocska 09ff4eba53
fix: [xss] resolved in the genericField of the single view
- as reported by SK-CERT
2022-09-18 18:27:39 +02:00
iglocska d35a674505
chg: [navigation] added keycloak self management
- also some changes to the navigation system
2022-08-24 11:39:56 +02:00
Sami Mokaddem 8c4c75d83a
fix: [localTools:action] Catch error if local tool's action returned unexpected data 2022-06-08 11:51:52 +02:00
iglocska c6572885a9
chg: [users view] added KC checks for the profile link 2022-05-17 10:47:25 +02:00
iglocska be064bb0c9
new: [KC] profile link added 2022-05-17 10:42:44 +02:00
Sami Mokaddem 5c520e440d
chg: [metatemplate:meta_fields_to_update] Only show notice if applicable 2022-03-09 09:16:47 +01:00
Sami Mokaddem 61736531b1
chg: [indexTable:context_filters] Support of default context filter
This filter is used by default if none is provided
2022-03-09 08:55:59 +01:00
Sami Mokaddem 39d89efb53
chg: [meta-template:update] Default update strategy to be `create_new` 2022-03-09 08:21:27 +01:00
Sami Mokaddem 66572a788f
fix: [metatemplates:index] Pass all needed arguments 2022-03-08 17:22:39 +01:00
Sami Mokaddem 3d0fdeba81
fix: [users:add] Decoupled password required and visibility 2022-03-01 13:59:10 +01:00
Sami Mokaddem 7d345f98f2
chg: [index_table:group_search] Changed name for better visibility 2022-02-28 10:46:38 +01:00
Sami Mokaddem 3ef64911f9
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-28 09:51:51 +01:00
Sami Mokaddem 04b82d356e
chg: [indexTable:filtering] Initial work on supporting custom operators 2022-02-25 15:36:55 +01:00
iglocska 4902a3f8a6
new: [password auth] added setting to disable password auth
- not needed in some cases for keycloak enabled instances
2022-02-25 00:33:00 +01:00
iglocska 678ad0fe8e
chg: [templates] for user creation now have a minimalist individiual creation included 2022-02-24 13:48:10 +01:00
iglocska 304586ff19
chg: [user] view add link to user's individual 2022-02-24 13:47:49 +01:00
Sami Mokaddem f044bd8957
chg: [layout:sidebar] Only show collapsible parents if they have children 2022-02-23 10:19:16 +01:00
Sami Mokaddem bd14d52571
chg: Removed useless comments 2022-02-23 08:11:24 +01:00
Sami Mokaddem c0b6925aa5
chg: Removed unused commented code 2022-02-22 14:07:01 +01:00
Sami Mokaddem 7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-21 11:17:05 +01:00
iglocska 9245b2d720
fix: [genericTemplates] delete template can be invoked without an ID 2022-02-20 15:05:03 +01:00
iglocska 495c4ee93c
fix: [security] XSS in the generic action template
- a previously assumed internal url can have user input appended via the MISP local tool connector
- requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads

- as reported by Dawid Czarcnecki of Zigrin Security
2022-02-20 12:07:06 +01:00
Sami Mokaddem ec37a637f8
chg: [header] moved inline style in css file 2022-02-09 09:51:21 +01:00
Sami Mokaddem e67c711935
chg: [notifications] Slightly improved UI 2022-02-09 09:30:59 +01:00
Sami Mokaddem a77e29fa38
new: [layout:sidebar] Notifications in the sidebar 2022-02-08 17:58:30 +01:00
Sami Mokaddem d1cf408163
new: [helpers:bootstrap] Added notification bubble 2022-02-08 17:57:20 +01:00
Sami Mokaddem 62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-08 08:42:25 +01:00
Sami Mokaddem e13b4e7bc5
fix: [settings:settingField] Enforce sanitization of input fields
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 11:43:09 +01:00
Sami Mokaddem 14ec995c2b
fix: [userSettings] Perform URI validation for bookmarks
- As reported by Dawid Czarnecki from Zigrin Security
2022-02-07 10:48:55 +01:00
Sami Mokaddem dfb8d73a92
fix: [userSettings] Renamed template to match the controller endpoint 2022-02-07 10:37:03 +01:00
iglocska e60d97c214
fix: [security] genericForm reflected XSS in form descriptions for user controlled descriptions
- accessible via the MISP local tool setting change
- sanitise the description

- as reported by Dawid Czarnecki from Zigrin Security
2022-02-03 23:56:23 +01:00
iglocska 8b6fc78695
fix: [generic fields] org field URL missing slash fixed 2022-01-28 00:51:09 +01:00
iglocska 9dd488e766
fix: [login] hide keycloak login if keycloak login is disabled 2022-01-27 22:11:51 +01:00
iglocska 1ca0f21b86
chg: [user add] form defaults
- org will default to own org for site admins
- role will default to the default role (if set)
2022-01-27 21:54:59 +01:00
iglocska 05daa5470a
fix: [sharing group form] default to own org as owner
- reconsider if this should be a configurable setting at all
2022-01-27 21:10:00 +01:00
iglocska 589f932fe9
chg: [form] dropdown default key added 2022-01-27 21:09:32 +01:00
Sami Mokaddem 7de1c14407
chg: [userSettings:add] Adhere to the passed user context 2022-01-27 10:44:47 +01:00
Sami Mokaddem dc8710d89e
fix: [users:view] Correctly reload authkey child panel when performing operations 2022-01-27 10:21:55 +01:00
Sami Mokaddem 789bd9926f
chg: [navigation:users] Restored breadcrumb navigation to access user profile settings 2022-01-27 08:41:31 +01:00
Sami Mokaddem 54ee91ba1a
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop 2022-01-26 12:11:53 +01:00
Sami Mokaddem f53b458103
fix: [userSettings] Allow admin to edit other user's settings 2022-01-26 12:11:44 +01:00
iglocska acc9c94baa
Merge branch 'main' into develop 2022-01-25 15:59:31 +01:00
Sami Mokaddem 578eacfd89
fix: [templates:common] Removed extra closing tag 2022-01-25 15:02:58 +01:00
Sami Mokaddem 4f8b663b87
chg: [localtTools:connectionRequest] Provide more info on exception 2022-01-25 15:02:30 +01:00
Sami Mokaddem 6005552e76
fix: [genericElements:tags] List tags when editing an entity 2022-01-25 15:02:04 +01:00
Sami Mokaddem a7e2fb2ea7
chg: [auditlog:index] Break text in changed column 2022-01-25 15:01:48 +01:00
Sami Mokaddem 77285257da
fix: [templates:common] Removed extra closing tag 2022-01-25 14:03:48 +01:00
iglocska e9f77aff51
Merge branch 'develop' into main 2022-01-25 11:36:06 +01:00
iglocska 57e2c75352
fix: [users] role based action filtering added
- to avoid annoying clickable, but blocked actions for og admins
2022-01-25 11:34:22 +01:00
Sami Mokaddem 42de70e87d
chg: [ui:header-notification] Added support of variant severity 2022-01-25 11:31:17 +01:00
Sami Mokaddem 249892c3e0
chg: [notifications] Support of modal when clicking on notification element 2022-01-25 09:32:16 +01:00