cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity
1,654 Commits
10 Branches
25 Tags
20 MiB
Commit Graph

20 Commits (f0ba0d831661dff110471d2ac95ef9a39c2d7bb9)

Author SHA1 Message Date
iglocska 9305e7ceea
chg: [wip] sharing group rework / MISP connector improvements 2023-10-31 14:54:08 +01:00
Sami Mokaddem 88abecfe8f
fix: [sharingGroups:addOrg] Use correct index to add to the group 2023-02-16 14:55:43 +01:00
Sami Mokaddem 5fa0280f15
fix: [sharingrGroup:delete] Missing params variable 2022-03-01 14:08:16 +01:00
Sami Mokaddem 8450e83607
chg: [sharingroup:index] Changed conditions allowing member org to view a sharing group 
Previously only the SG owner could see the SG
 2022-02-28 14:23:40 +01:00
Sami Mokaddem b628bc38ae
fix: [sharinggroups:view] Typo skipping org membership check 2022-02-28 14:23:00 +01:00
Sami Mokaddem 7ea5acb167
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-21 11:17:05 +01:00
iglocska 6e67a5b239
fix: [security] Sharing group creation on behalf of other organisation fixed 
- org admin could create sharing groups on behalf of other organisations
- can lead to misleading sharing groups being created

- as reported by Dawid Czarnecki of Zigrin Security
 2022-02-19 01:21:29 +01:00
Sami Mokaddem 62ca877f0b
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable 2022-02-08 08:42:25 +01:00
iglocska 15190b930e
fix: [security] Sharing group ACL fixes 
- added indirect object reference protection
- added correct ACL functionalities to delete, addOrg, removeOrg

- as reported by Dawid Czarnecki from Zigrin Security
 2022-02-04 00:16:24 +01:00
iglocska 19c81b7c11
fix: [Sharing groups] UUID and owner org shouldn't be editable 2022-01-25 17:09:29 +01:00
Sami Mokaddem 324ac1ce40
Merge branch 'develop' of github.com:cerebrate-project/cerebrate into refactor-metatemplates 2022-01-20 09:00:45 +01:00
iglocska 22e4a90af0
chg: [ACL] tightened ACL for several controllers 
- org admins now have access to new functionalities, added ACL for them
- Affected controllers:
  - Authkeys, encryptionkeys, users, sharinggroups
- sets defaults/restricts access accordingly
 2021-11-24 01:32:05 +01:00
Sami Mokaddem fd21934641
chg: [sharingGroups] Cleaned useless view variables 2021-11-23 14:55:21 +01:00
mokaddem b3c25f0cae new: [instance:search_all] Early work on search all feature 2021-09-10 11:55:54 +02:00
mokaddem 4e74da6163 fix: [controllers] Return data based on the CRUD component response 2021-06-29 16:15:05 +02:00
mokaddem 41948044cd fix: [sharinggroups] Possibility to remove/add org from sharinggroup 2021-01-18 17:26:35 +01:00
mokaddem a4bb09253f chg: [sharinggroup] Improved support of CRUDComponent 2021-01-13 14:15:53 +01:00
mokaddem 54c513613e fix: [sharingGroup] Various fixes for sharing groups 
- Renamed sharingGroupsOrgs table to follow cake4's recommendation
- Fix case if logged user doesn't have an organisation
- Provide all orgs if user is admin
- Fix issue with model associated with sharingGroupOrgs
- Fix addOrg missing entity for genericForm helper
 2020-11-25 16:06:31 +01:00
iglocska 8dbc5ae016
fix: [sharing groups] don't include ALL user details in the sharing group 2020-06-25 02:05:28 +02:00
iglocska ecc81bdb00
new: [Sharing groups] added (wip) 
- CRUD
- attach organisation

still missing:
- remove organisation
 2020-06-25 01:44:26 +02:00