# Changelog ## v1.18 (2023-12-20) ### New * [settings:inbox.data_change_notify_for_all] Added setting to be more verbose for data changes. [Sami Mokaddem] * [CRUD:Filtering] Added support of options in index filtering modal. [Sami Mokaddem] ### Changes * [version] bump. [iglocska] * [inboxes:filtering] Populate username with eligible users in filtering modal. [Sami Mokaddem] * [crud:index] Include all meta-fields regardless of user's preference when in REST context. [Sami Mokaddem] * [MISP connector] added bulk org pull. [iglocska] ### Fix * [inboxes:index] Fixed pagination target key. [Sami Mokaddem] * [component:CRUD] Make sure not to override table aliases when paginating. [Sami Mokaddem] * [individual:validation] Enforce email format to be a valid email address. [Sami Mokaddem] * [behavior:notifyAdmins] Fixed typo in date serialization. [Sami Mokaddem] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] ## v1.17 (2023-11-03) ### New * [CRUD:index] Allow exporting data into csv. [Sami Mokaddem] - Added CSVConverter tool and CSV server request detector * [MISP connector] sync updated to properly support sharing group exchanges. [iglocska] * [topology improvements] added acl, menu access, downloader. [iglocska] * [topology UI] added. [iglocska] * [UI] mermaid.js added. [iglocska] ### Changes * [version] bump. [iglocska] * [users:index] Added support of table filtering. [Sami Mokaddem] * [wip] sharing group rework / MISP connector improvements. [iglocska] * [indexes] Added `select all` option for some tables. [Sami Mokaddem] * [temp] run actions in this branch. [Luciano Righetti] ### Fix * [orggroups:ui] Aligned UI with what users can actually do. [Sami Mokaddem] * [users:settings] Take into consideration perm-org-group-admin when editing users settings. [Sami Mokaddem] * [users:edit] Correctly take into consideration perm-org-group-admin. [Sami Mokaddem] * [genericElements:alignmentField] Use correct URL for individual entries. [Sami Mokaddem] * [topology] various fixes. [iglocska] * [brood preview] indeces fixed. [iglocska] * [topology] added missing view. [iglocska] * Fix tests. [Luciano Righetti] * Failing test, due to different user. [Luciano Righetti] * Fix tests, move e2e tests to a separate suite. [Luciano Righetti] * Check for required plugins online, the number makes the test fragile as debug plugins may or not be present when running the tests. [Luciano Righetti] * Fix most of the tests. [Luciano Righetti] * Fix some deprecation notices in 8.2. [Luciano Righetti] * Nodejs deprecation notice. [Luciano Righetti] * Update target php version. [Luciano Righetti] * [component:CRUD] Do not limit results if the limit query parameter is not provided. [Sami Mokaddem] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge pull request #151 from righel/fix-test-action. [Luciano Righetti] fix: fix test workflow action ## v1.16 (2023-09-13) ### New * [org Groups] added. [iglocska] - Org Groups allow user co-management of sub communities - Create an org group with a set of organisations - assign administrators to an org group - org group admins can modify users of the group ### Changes * [users:acl] Improved waterfall model for CRUD operation and updated UI to reflect them. [Sami Mokaddem] * [ui] Improved reflection of ACL logic in the UI for OrgGroups, Organisations and individuals. [Sami Mokaddem] * [VERSION] bump. [iglocska] * [alignments:acl] Reflected ACL logic from individuals to alignments. [Sami Mokaddem] * [users:edit] Allow users to self edit. [Sami Mokaddem] * [user-settings:edit] Prevent assigning a setting to another user. [Sami Mokaddem] * [command:summary] Added data about the modified entity. [Sami Mokaddem] * [navigation:tags] Updated UI to reflect users' permissions. [Sami Mokaddem] * [navigation:individuals] Only show edit and deletion buttons if users are allowed to do it. [Sami Mokaddem] * [genericElements:numberOfElement] Added parameter to show or not the `show all` option. [Sami Mokaddem] * [ACL:tags] Relaxed ACL on tags for index and view pages. [Sami Mokaddem] * [ACL:individual/add] Allow `org-admin`s to create new individuals. [Sami Mokaddem] ### Fix * [ACL] group admins can view users in their group. [iglocska] * [internal] fixed the function checking if a user belongs to the current User's managed org group. [iglocska] * [acl:canEditUser] Typo in table name. [Sami Mokaddem] * [OrgGroups:checkIfGroupAdmin] Consider site_admins as group admin. [Sami Mokaddem] * [strict typing] Made Sami's frankenstein setup happy. [iglocska] * [temp] ACL function built up. [iglocska] * [ACL] fixes. [iglocska] * [org admins] should be able to edit the org. [iglocska] * [individual:edit] Select individuals based on their id and not their user_id. [Sami Mokaddem] * [navigation:CRUDAction-auditlogs] Make ordering by created field unambigous and hide audit button to non-admin users. [Sami Mokaddem] * [userSettings:add] Aded check to avoid duplicated setting for the same user. [Sami Mokaddem] * [mailinglist:ACL] Fixed bug in ACL check for access. [Sami Mokaddem] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'develop' [iglocska] * Merge branch 'develop' [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' [iglocska] * Merge branch 'develop' [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] ## v1.15 (2023-09-04) ### Changes * [version] bump. [iglocska] * [misisng] change. [iglocska] * [internal] fetch first role if no default is set. [iglocska] * [command:summary] Consider perm meta-fields addition/deletion as uesr edit. [Sami Mokaddem] * [config] Force usage of secure cookie for session and csrf protection. [Sami Mokaddem] * [component:CRUD] Include meta-fields in REST queries and clever pagination support for REST queries. [Sami Mokaddem] * [command:summary] Added support of user MetaFields. [Sami Mokaddem] Allow to show addition and deletion of user metafields such as the ones used for permissions ### Fix * [security] user settings editable by arbitrary user fixed. [iglocska] - as reported by Infigo on behalf of ENISA * [internal] user add fix attempt #2. [iglocska] * [userSettings:edit] Correctly pre-select user to be edited. [Sami Mokaddem] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'main' into develop. [iglocska] * Update INSTALL.md. [Andras Iklody] * Update INSTALL.md. [Andras Iklody] some minor fixes ## v1.14 (2023-05-31) ### New * [enumerations] added enumerations system. [iglocska] - for string entry fields, simply add lists of values to convert the text entry for values - helps with maintaining accurate lists - currently the fields that are valid targets are organisations.nationality, organisations.sector, organisations.type * [enumerations] schema update added. [iglocska] ### Changes * [version] bump. [iglocska] * [CRUD] allow for sorting on related model fields. [iglocska] - some hacks to resolve issues with sorting on related fields * [command:importer] Make sure to use the latest known version of the template. [Sami Mokaddem] * [command:importer] Make sure to use the latest known version of the template. [Sami Mokaddem] * [UI:saas] Clean-up css files and improved sidebar behavior and rendering for all themes. [Sami Mokaddem] ### Fix * [users] added the country information to the index / view. [iglocska] * [genericElements:formInfo] Removed unused portion of code. [Sami Mokaddem] * [security] blind SQL injection in searchAll. [Sami Mokaddem] - As reported by Zigrin Security * [meta-template-name-directory] Do not access property from null object. [Sami Mokaddem] * [meta-template-direcotry:index] Pass baseurl to the anonymous function. [Sami Mokaddem] * [metaTemplateDirectory:index] No static call anymore. [Sami Mokaddem] * [template:registration] Correct usage of modal parameters. [Sami Mokaddem] * [template:update_all] Correct usage of modal parameters. [Sami Mokaddem] * [helper:formFieldMassage] Correctly check for key to avoid debug output. [Sami Mokaddem] * [app:js] Removed log forgotten console log output. [Sami Mokaddem] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [Sami Mokaddem] * Merge branch 'develop' into main. [Sami Mokaddem] ## v1.13 (2023-03-13) ### New * [metaTemplateNameDirectory] Added index to see the known template and their associated saved meta-templates. [Sami Mokaddem] * [user:permissionLimitation] Added current permission status while in `add` or `edit` context. [Sami Mokaddem] Also moved the notification key from meta-fields to meta-template-fields * [element:tagsField] Added support of editable based on passed configuration. [Sami Mokaddem] * [ui:formInfo] Rafactored formInfo and added support of field description. [Sami Mokaddem] Can be done by using the `tooltip` key on the field configuration * [crud:filter] Added support of IN searches using dropdown. [Sami Mokaddem] * [component:CRUD] Added support of IN condition when filtering index. [Sami Mokaddem] ### Changes * [version] bump. [iglocska] * [meta-template:index] Added link to metaTemplateNameDirectory. [Sami Mokaddem] * [metaTemplate:update] Gracefully handle case when template on disk is not readable. [Sami Mokaddem] * [ui:select2] Added CSS file relying on BS variables instead of default theme hardcoded values. [Sami Mokaddem] * [helper:bootstrap] Make sure to output the value even if it's a `0` [Sami Mokaddem] * [settings:cerebrate] Improved check before saving debug level. [Sami Mokaddem] * [component:CRUD] Added `afterFind` support in add. [Sami Mokaddem] * [user:permissionRestriction] Move check from beforeSave to ApplicationRule. [Sami Mokaddem] * [component:CRUD] Include meta-template before calling `afterFind` [Sami Mokaddem] * [tags:org/individual] Relaxed ACL on tagging. [Sami Mokaddem] - Before only `site_admin` could add tags. - Now `org_admins` can add tags for their orgs and individuals - Regular users can self manage their own individual tag * [encryptionKeys:beforeSave] Updated ACL to disable management of keys for regular orgs. [Sami Mokaddem] * [encryptionKey] Made key searchable with substring strategy. [Sami Mokaddem] * [organisations:add] Added notice about UUID reuse. [Sami Mokaddem] * [helper:bootstrap] Added support of ID option. [Sami Mokaddem] * [organisations] nationality field renamed to country. [iglocska] - UI display only so far - want to maintain alignment with MISP, might change in the future - filtering still calls it nationality - API still calls it nationality * [roles:index] Only show `add role` button for users having ACL access. [Sami Mokaddem] * [authkeys:add] Select logged-in user by default. [Sami Mokaddem] * [audit:filter] Made request_action a multiple search. [Sami Mokaddem] ### Fix * [meta-template:update] Typo in variable name. [Sami Mokaddem] * [elements:dropdownField] Always attach select2 to the body. [Sami Mokaddem] * [individuals:delete] Gracefully catches deletion of individuals associated to a user. [Sami Mokaddem] * [acl:metaTemplate] Added missing entry. [Sami Mokaddem] * [individuals:canEdit] Changed function from public to private. [Sami Mokaddem] * [elements:bootstrapTabs] Removed unused options. [Sami Mokaddem] * [elements:metaTemplateForm] Restored error container in the form. [Sami Mokaddem] * [element:metafields_panel] Correct usage of notices for bootstrap/listTable. [Sami Mokaddem] * [individual:getValidToEdit] Restricted ACL to prevent one org_admin to edit another from the same org. [Sami Mokaddem] * [authkey:add] Forced `expiration` field to use datetime UI component. [Sami Mokaddem] Fix #145 ### Other * Merge branch 'develop' [iglocska] * Merge branch 'develop' into main. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Security: [authkey:add] Restrict creation of API keys for users in the same org and for other org_admins. [Sami Mokaddem] ## v1.12 (2023-02-21) ### New * [crud:auditlog] Added auditlogs for entity being viewed. [Sami Mokaddem] * [metaTemplate:metaFieldMigration] Added support of force migrate. [Sami Mokaddem] Remove conflicting meta-fields and migrate non-conflicting ones * [js-bootstrap:quickConfirm] Added quickConfirm UI element to create a confirmation popover to confirm actions. [Sami Mokaddem] * [js-bootstrap:popover] Added support of popover in bootstrap-helper. [Sami Mokaddem] * [meta-template] Improvement of the update system. [Sami Mokaddem] - Changed default update strategy from `create_new` to `update_existing` - Added mechanism to automatically migrate meta-fields to newest template - Improved validation and conflict detection strategies - Fixed various UI bugs and improved QoL * [element:index_table] Added possibility to download current table based on filters. [Sami Mokaddem] * [sync+meta_fields] Initial work on meta_field synchronisation and meta_template_directory - WiP. [Sami Mokaddem] The new directory allows to ingest meta_fields without knowing their associated meta_template. Improved the way data is re-arranged, how meta-templates are saved and a helper widget showing the difference local objects have with their remote counter-part * [utility:utils] Added utils file and support of arary_diff_recursive. [Sami Mokaddem] * [bootstrap-helper:badge] Added support of ID and icon. [Sami Mokaddem] * [css:bootstrap-additional] Added table-xs class. [Sami Mokaddem] ### Changes * [users:index] Added setting to allow the deletion of users. [Sami Mokaddem] Fix #119 * [metaTemplate:updateStrategyDelete] Restored strategy to update a template and delete conflicting metafields. [Sami Mokaddem] * [js-bootstrap] Added new quick function to display a modal from an URL. [Sami Mokaddem] * [js-utils:sanitize] Added sanitization function. [Sami Mokaddem] * [metaTemplate:migrateMetaField] Ignore metafield with empty value. [Sami Mokaddem] * [inboxProcessor:dataChange] Further improved UI and readability. [Sami Mokaddem] * [bootstrap:collapse] Allow disabling card formating. [Sami Mokaddem] * [inboxProcessor:NotificationDatachange] Improved readability. [Sami Mokaddem] * [brood:queryIndex] Added support of pagination and filtering. [Sami Mokaddem] * [crud:index] Added better support of pagination for API. [Sami Mokaddem] * [users:index] Includes metafields by default when API query. [Sami Mokaddem] * [genericTemplates:toggle] Added support of confirm modal. [Sami Mokaddem] * [boostrapElement:dropdownMenu] Added support of `attrs` parameter for menu entry. [Sami Mokaddem] * [organisations:index] Always include metafields for API requests. [Sami Mokaddem] * [broods:testConnection] Prematurely close session to allow concurrent requests. [Sami Mokaddem] * [BootstrapHelper:dropdownMenu] Added support of class for menu entries. [Sami Mokaddem] * [BootstrapHelper:modal] Added support of scrolling in modal body. [Sami Mokaddem] - For the pleasure of @iglocska * [organisations:index] Added support of `full` option to include metafields. [Sami Mokaddem] * [genericTemplate:confirm] Usage of BootstrapHelper\Modal. [Sami Mokaddem] * [js:bootstrap-helper] Improved table building mechanism. [Sami Mokaddem] * [js:bootstrap-helper] Added support of modal size. [Sami Mokaddem] * [install:nginx] Cerebrate now expect php8+ [Sami Mokaddem] * [element:metafield_panel] Metafield now relying on their index type when being displayed on singleViews. [Sami Mokaddem] * [elements:settings-notice] Improved UI. [Sami Mokaddem] * [helper:bootstrap] Added more documentation and typing. [Sami Mokaddem] * [helper:bootstrap] Added documentation. [Sami Mokaddem] * [helper:bootstrapModal] Improved doc. [Sami Mokaddem] * [layout:user_profile] Improved UI. [Sami Mokaddem] * [herlper:bootstrap] Major refactor of the BootstrapHelper to make it more modular + added documentation. [Sami Mokaddem] * [version] bump. [iglocska] * [component:CRUD] Added validation of order fields. [Sami Mokaddem] ### Fix * [crud:renderInVariable] Fixed deprecation notice. [Sami Mokaddem] * [users:index] Removed deletion button for self. [Sami Mokaddem] Fix #118 * [sharingGroups:addOrg] Use correct index to add to the group. [Sami Mokaddem] * [ui:migrateMetaFields] Fixed total number of items displayed. [Sami Mokaddem] * [bootstrap:table] Fixed typo and pass field config for indexed arrays. [Sami Mokaddem] * [crud:index] Only include requested metafields for non-API queries. [Sami Mokaddem] * [navigation:metaTemplates] Allow toggling template enabled state. [Sami Mokaddem] * [encryptionKeys:index] Typo in fingerprint column. [Sami Mokaddem] * [metaFields] Fixed typo in function. [Sami Mokaddem] * [metaTemplateDirectory:create] Added gracefully handle uniqueness. [Sami Mokaddem] * [user:rearrangeForAPI] Fixed support of metafields. [Sami Mokaddem] * [command:fastUserEmrolment] Typo in condition showing the wrong warning for the faulty entity. [Sami Mokaddem] * [ui:connectionTestResult] Only display error once. [Sami Mokaddem] * [command:fastEnrolment] Coorrectly display missing organisation instead of throwing an error. [Sami Mokaddem] * [users:view] Temporary measure to gracefully catch connection issue with keycloak. [Sami Mokaddem] * [bootstrap-helper:table] Relax some argument typing. [Sami Mokaddem] * [user:login] Added support of `redirect` after login. [Sami Mokaddem] * [brood:preview] Restored searching capability on browsing. [Sami Mokaddem] * [genericTemplate:delete] Fixed usage of BootstrapElement\BootstrapModal. [Sami Mokaddem] * [elements:setting-search] Fixed typo. [Sami Mokaddem] * [layout:formLayouts] Use correct parameter for accordion header. [Sami Mokaddem] * [command:fastUserEmrolment] Typo in condition showing the wrong warning for the faulty entity. [Sami Mokaddem] * [command:fastEnrolment] Coorrectly display missing organisation instead of throwing an error. [Sami Mokaddem] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'develop-unstable' into develop. [Sami Mokaddem] * Merge branch 'chg-sync-improvements' into develop-unstable. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into chg-bootstrap-elements. [Sami Mokaddem] * Merge branch 'develop-unstable' into chg-bootstrap-elements. [Sami Mokaddem] * Merge branch 'develop' [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge pull request #123 from kamil-certat/fix-nginx-socket. [Alexandre Dulaunoy] Update PHP socket to version-agnostic * Update PHP socket to version-agnostic. [kamil-certat] The nginx example config refers to PHP 7 FPM socket, but the newer version is recommended. Changing it to the non-versioned socket to allow quick start. ## v1.11 (2023-01-18) ### New * [command:fastUserEnrolment] Added script to create alignment and enroll users from a provided CSV. [Sami Mokaddem] - The individual and Organisation must already exist in Cerebrate. They can be created using the ImporterCommand script * [command:metaTemaplate] Added meta-template shell to create and enabled template by UUID. [Sami Mokaddem] ### Changes * [version] bump. [iglocska] * [alignment] Added validation rule to avoid duplicates. [Sami Mokaddem] * [alignments:add] Usage of select2 for org selector. [Sami Mokaddem] * [ui:genericDropdownField] Allow using select2 on dropdown field. [Sami Mokaddem] * [ui:generic_index] Only show enabled meta-templates in table options. [Sami Mokaddem] ### Fix * [command:fastUserEnrolment] Better parsing of options and removed test instructions. [Sami Mokaddem] * [command:importer] FIxed several bug preventing the save to happen. [Sami Mokaddem] * [command:fieldSquasher] Allow persistence of changes. [Sami Mokaddem] * [behavior:authKeycloak] Correctly URLEncode username. [Sami Mokaddem] * [alignments:add] Index individuals and orgs by ID instead of array index. [Sami Mokaddem] * [permissionLimitations] Prevent error for org without users. [Sami Mokaddem] * [broods:add] Correctly index organisations by their ID. [Sami Mokaddem] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'main' into develop. [iglocska] ## v1.10 (2023-01-03) ### New * [doc] gitchangelog.rc added. [Alexandre Dulaunoy] ### Changes * [INSTALL] 20.04. [David Cruciani] * [version] bump. [iglocska] * [skeleton module] added extra explanations. [iglocska] ### Fix * [security] destroy session on logout. [iglocska] - As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT * [keycloak status] - handle gracefully if user not found in KC. [iglocska] - As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT * [security] disallow multiple individuals with the same e-mail address. [iglocska] - As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT * [validation] Tightened the validation rules for users to avoid 500 errors when the requirements are not met. [iglocska] - ensure that username is unique - (optional) ensure that individual->user assignment is unique - (optional) ensure that usernames are e-mail addresses - As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT * [security] reworked the Individual handling of user creations / modifications. [iglocska] - creating a new user with the e-mail address of an already existing individual should NOT overwrite the first/last name fields - it merely connects the individual to the new user - disallow changing the individual behind an existing user altogether - allow capturing individuals without updates - As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT * [users] handle saving of a user without KC. [iglocska] * [security] fixed ACL for the user view endpoint. [iglocska] - arbitrary resource access fixed - As reported by Matúš Mikuláš, Adam Gajdošík, Milan Pikula of SK-CERT ### Other * Merge branch 'main' of github.com:cerebrate-project/cerebrate. [iglocska] * Merge pull request #122 from DavidCruciani/main. [Andras Iklody] chg: [INSTALL] 20.04 * Merge branch 'develop' [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate. [iglocska] * Update INSTALL.md. [Andras Iklody] ## v1.9 (2022-12-14) ### New * [custom attribute saving] wip. [iglocska] * [users:view] Added keycloak status showing the potential differences between Cerebrate and Keycloak. [Sami Mokaddem] * [metaTemplateField] Added `index_type` virtual property to use the correct index_table element. [Sami Mokaddem] * [inbox:index] Added support of various context filtering. [Sami Mokaddem] - My notification includes message without user_ids - User registration - Inter-connection requests - Data changed - severity:* * [listTopBar:contextFilters] Added support of element to generate filter content. [Sami Mokaddem] * [element:bootstrapUI] To create HTML from BootrstrapHelper by using element. [Sami Mokaddem] * [metaFields] Adding support of sane_default + improving form & crud - WiP. [Sami Mokaddem] * [genericElement:group_table_action] Added support of `show # element` in the table. [Sami Mokaddem] * [ui:index_table] Fire pending debounced functions on dropdown hidden. [Sami Mokaddem] * [organisation] Added `notifyAdmin` behavior. [Sami Mokaddem] Might be removed later on if needed * [user] Added `notifyAdmin` behavior. [Sami Mokaddem] * [adminNotificationBehavior] Added first version of new behavior and associated inboxProcessor. [Sami Mokaddem] This behavior allows to specify on which fields modification site-admins should be notified by receiving a message in their inbox * [inboxes] Added `severity` level and `message` and removed `description` column. [Sami Mokaddem] ### Changes * [param] order changed. [iglocska] * [version] bump. [iglocska] * Php version requirement bumped. [Andras Iklody] * [behavior:keycloak] Gracefully handle issues while syncing with keycloak. [Sami Mokaddem] * [behavior:keycloak] Perform case insensitive comparison. [Sami Mokaddem] For both cerebrate and keycloak users * [users:index] Added comment. [Sami Mokaddem] * [cnw permissions] added mailing list. [iglocska] * [genericElement:fieldScaffold] Let cake's form helper decide the input type if not specified. [Sami Mokaddem] * [permissionslimitations:add] Forced comment type to be textarea. [Sami Mokaddem] * [permissionlimitation:validation] Added rule for max_occurence. [Sami Mokaddem] * [users:edit] Added role associated data for the user to be edited. [Sami Mokaddem] * [user:NotifyAdminBehavior] Track modification on meta_fields. [Sami Mokaddem] * [command:summary] Added support of destination folder. [Sami Mokaddem] * [genericElement:index_table] Use provided element for the metafields. [Sami Mokaddem] * [organisation:index] Added quickfilter showing all orgs having the same nationality as logged user.org. [Sami Mokaddem] * [organisation:index] Removed ENISA-specific quick filters. [Sami Mokaddem] But kept them as develop documentation... * [inbox:filtering] Possibility to filter on severity. [Sami Mokaddem] * [processors] Added adequate severity for some inbox/outbox processors. [Sami Mokaddem] * [auditLogs:index] Added possibility to view and filter logs base on `created` field. [Sami Mokaddem] * [metaTemplateField] More generic way to specify form type. [Sami Mokaddem] * [layout:notification-menu] Improved spacing and size. [Sami Mokaddem] * [ui:layout] Added spacing between toast. [Sami Mokaddem] * [inbox:index] Added filtering on `created` time. [Sami Mokaddem] * [component:CRUD] Improved filtering to support form type based on database column type. [Sami Mokaddem] * [inbox:index] Added quick filter on scope. [Sami Mokaddem] * [behavior:notifyAdmin] Small refactor to better handle deletions. [Sami Mokaddem] * [behavior:adminNotification] Added support of watched fields and improved metafield integration. [Sami Mokaddem] * [inbox:index] Allow filtering index by user.id and user.name. [Sami Mokaddem] * [js:bootstrap-helper] Allow closing success toast without title. [Sami Mokaddem] * [helper:bootstrap] Added support of icon in confirm modal button. [Sami Mokaddem] * [js:api-helper] Show feedback for failure in postForm. [Sami Mokaddem] * [appTable] Set string format of FrozenTime to ISO 8601-like by default. [Sami Mokaddem] * [inboxes:UI] Renamed `request` into `message` [Sami Mokaddem] * [inbox:index] Changed quick filter to show `my notification` by default. [Sami Mokaddem] * [inboxProcessor:generic] Updated to not rely on deprecated parameters anymore. [Sami Mokaddem] ### Fix * [kc] attribute update fixed. [iglocska] * [users:view] Gracefully handle the case where user exist in cerebrate but not in keycloak. [Sami Mokaddem] * [behavior:notifyAdmin] Removed required parameter after optional. [Sami Mokaddem] * [users:registration] Fixed and improved user registration. [Sami Mokaddem] * [behavior:keycloak] Trying to lower fever the best I can. [Sami Mokaddem] * [genericElement:keycloakStatus] Typo fixed. [Sami Mokaddem] * [crud:edit] Always specify the table alias when fetching by id. [Sami Mokaddem] * [user:checkPermissionRestriction] Refactor the function to support more edge-cases. [Sami Mokaddem] * [permissionlimitation:getLimitations] Mirror the permission limit if only one scope (global or org) is defined. [Sami Mokaddem] * [permissionlimitations:view] Typo for max_occurence path. [Sami Mokaddem] * [users:view] Fallback value if Keycloak was never configured. [Sami Mokaddem] * [user:add/edit] Correctly index orgs by their IDs. [Sami Mokaddem] * [behavior:notifyAdmins] Typo resetting a variable. [Sami Mokaddem] * [user:beforeSave] Make sure variable is initialized. [Sami Mokaddem] * [organisation:index] Indentation fix. [Sami Mokaddem] * [genericTemplates:filters] Make sure to always return a string when fetching data. [Sami Mokaddem] * [outboxProcessor:generic] Added support of severity. [Sami Mokaddem] * [instance:settings] Revert setting back to its original in case of failure. [Sami Mokaddem] * [crud:index] requestedEntryAmount doesn't reset the query anymore. [Sami Mokaddem] * [metafields:dropdown] Patched saving multiple fields with custom value. [Sami Mokaddem] * [metafields:dropdown] Patched saving multiple fields with custom value. [Sami Mokaddem] * [helper:boostrap] Make sure all properties are passed to the button component. [Sami Mokaddem] * [inboxProcessor:dataChange] Template clean-up. [Sami Mokaddem] * [behavior:tag] Get identifier if tag data is an array. [Sami Mokaddem] * [component:CRUD] Default custom contextual filters do not override search parameters anymore. [Sami Mokaddem] * [template:genericFilters] Do not fail if tag selector container doesn't exist. [Sami Mokaddem] * [component:CRUD] Only show metafields filters wjen the model has the behavior. [Sami Mokaddem] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'kc_fix' into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'develop' [iglocska] * Merge branch 'develop-unstable' into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Security: [users:edit] Prevent edit of all users with lower privileges by any org_admins. [Sami Mokaddem] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'feature-metafield-dropdown' into develop-unstable. [Sami Mokaddem] * Merge branch 'feature-metafield-dropdown' of github.com:mokaddem/cerebrate into feature-metafield-dropdown. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into feature-metafield-dropdown. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] ## v1.8 (2022-11-14) ### New * [command] Summary tool to collect changes done by nationalities. [Sami Mokaddem] Currently supporting individual, organisation and user * [individuals] rework. [iglocska] - allow modifications for org admins of individuals associated to their users - unless they're site admins - add user information to the individual index to bring clarity to the individual vs users confusion - rework of the user form field object * [user deletion] tied into KeyCloak. [iglocska] - remove user from KC when possible - proceed for local users ### Changes * [version] bump. [iglocska] * [user index] added column configuration. [iglocska] * [cleanup] of the default role setting for keycloak. [iglocska] - not used in any sensible way anymore ### Fix * [individual edit] permission check fix. [iglocska] * [kc] only try to set the signingin url to KC if KC is actually enabled. [iglocska] * [audit logs] change field changed to mediumblob. [iglocska] - AAAAAAAaaaaaaaaaaaaaaaaaAAAAAAAAAAAAAAAAAAaaaaaaaaaaAAAAAAAAAAaaaaaaaaAAAAAAAAAAAAaaargh * [pgp key length] extended to mediumtext. [iglocska] - Some people drive BMWs, some have pgp keys that exceed the limits of TEXT * [crud] speculative fix for notice error on metatemplates being accessed that aren't loaded. [iglocska] * [users] several fixes. [iglocska] - User enrollment in KC moved to the aftersave (we consider cerebrate to be authoritative) - adhere to restriction parameters in deletion * [beforesave] hook removed on get requests. [iglocska] * [keycloak sync] not needed on user index. [iglocska] - was a test that was left in ### Other * Merge branch 'develop' [iglocska] * Merge remote-tracking branch 'origin/cli-modification-summary' into develop. [iglocska] * Merge branch 'develop' [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' [iglocska] * Merge branch 'main' into develop. [iglocska] ## v1.7 (2022-11-09) ### New * [permission limitations] upgrade script added. [iglocska] * [permission limitations] subsystem added. [iglocska] - add limitations for users with given meta fields - x number / org and y number / globally - add comments to the limitations - enforced on user creation/modification * [metafields] added view representation of info/warning/danger keys. [iglocska] * [generic form] added checkbox option for boolean fields in metatemplates. [iglocska] * [API rearrange] added a simplifier for commonly used objects. [iglocska] - let's only return the subset of the data required to identify and retrieve the related data * [individual] editing enabled for org admins. [iglocska] - requires that a user exist for the given individual * [cnw] meta template for permissions. [iglocska] - first revision * [keycloak] automatically set mappings. [iglocska] * [user enrollment] send keycloak welcome email to users when enrolled. [iglocska] * [pgp] library ported from MISP. [iglocska] - added proper view elements for encryption keys - added key information extraction * [scss:boostrap-additional] Added `btn-outline-text` to ease integration with themes. [Sami Mokaddem] * [user:edit] Added keycloak updates when a user gets modified. [Sami Mokaddem] * [users] username validation added. [iglocska] - >5 && <50 in length required - trim username to test to avoid whitespace names - as reported by SK-CERT * [security] Bruteforce protection added. [iglocska] - logins allow for 5 attempts every 5 minutes - Code ported and updated from MISP - As reported by SK-CERT * [component] APIRearrange component added. [iglocska] - alter the data's format before passing it back via the RestResponseComponent - to be used to clean up UI specific artifacts / junk - also to maintain compability between versions/tools ### Changes * [version] bump. [iglocska] * [bootstrap helper] added warning/info/danger fields. [iglocska] * [encryption keys] rearranged for the API. [iglocska] * [soacialauth] listener updated to not save the user. [iglocska] - it wasn't making any changes anyway, but triggering a slow process * [CRUD] component - only try to unlink MetaFields if it's actually loaded. [iglocska] * [user index] API refactored. [iglocska] * [users] add metafields behaviour. [iglocska] * [keycloak mapper] also pushes default mappings if they don't exist. [iglocska] * [User] Entity - added rearrangeForAPI() to rearrange meta fields. [iglocska] * [keycloak] sync script updated. [iglocska] * [keycloak] integration rework. [iglocska] - switch to the use of attributes - several minor fixes * [auditLog:entity] unset useless noise from user-settings. [Sami Mokaddem] * [component:APIRearrange] Rearrange for all iterators. [Sami Mokaddem] * [indexTable:indexStatistic] better support of themes. [Sami Mokaddem] * [navigation:socialProvider] Improved UI for SSO profile management. [Sami Mokaddem] * [genericIndex:select_visible_columns] Show meta-template versions. [Sami Mokaddem] * [command:keycloakSync] Make sure User model is loaded. [Sami Mokaddem] * [users:add] Missing comma. [Sami Mokaddem] * [auditlogs:index] Reverse sort by ID. [Sami Mokaddem] * [dead variable] removed. [iglocska] * [security] keycloak enabled - disallow multiple users from being created for the same individual. [iglocska] - as reported by SK-CERT * [navigation] added keycloak self management. [iglocska] - also some changes to the navigation system * [rearrange] moved to Entity. [iglocska] * [APIRearrange] component tied into rest response. [iglocska] * [error handler] changed to conform with 4.4. [iglocska] ### Fix * [keycloak] re-enabled the getUser function, removed the placeholder forced user fetch. [iglocska] * [API] cleaned up the individual API. [iglocska] * [API] rearrange component - handle collections correctly. [iglocska] - return a new collection with the individual values transferred to it after changes - avoids some weird quirks with unsetting related Objects not taking effect * [typo] capitalisation mistake blocking org edits. [iglocska] * [auth] added keycloak logout. [iglocska] * [return type] validation removed. [iglocska] * [auditlogs:index] Typo preventing showing the `changed` field. [Sami Mokaddem] * [metaTemplates:updateAll] Fixed missing form preventing to update. [Sami Mokaddem] * [metaTemplates] Correctly show update message. [Sami Mokaddem] * [navigation:meta-template] Correctly show badge for new templates. [Sami Mokaddem] * [user:beforeSave] Only call the user-update callback if the user is not new. [Sami Mokaddem] * [behavior:authKeycloak] Correctly check if the user was saved. [Sami Mokaddem] * [user:validation] Allow user edition when `username` is not set. [Sami Mokaddem] * [authKeycloakBehavior] Added missing association preventing user to log via keycloak. [Sami Mokaddem] * [authKeycloakBehavior] Re-indexing array preventing roles to be parsed by keycloak. [Sami Mokaddem] * [authKeycloakBehavior] Typo preventing roles to be saved. [Sami Mokaddem] * [migration:unique_usernames] Table 'users' is specified twice, both as a target and as a separate source. [Sami Mokaddem] * [alignments] missing contains added. [iglocska] * [authkey] should only be used in a rest context. [iglocska] - otherwise some weird authentication snafus can happen - as reported by SK-CERT * [alignments] fixed invalid urls in alignment fields lacking a / [iglocska] - as reported by SK-CERT * [counter graphs] fixed to disallow invalid interval entries. [iglocska] - as reported by SK-CERT * [alignments] added an index view template. [iglocska] - Can't see any usefulness in this, but why not - As reported by SK-CERT * [users] added uniqueness to usernames. [iglocska] - added upgrade script with removal of duplicate usernames - added unique index to username field - massaging the usernames before insertion (trim + lowercasing) - As reported by SK-CERT * [security] X-FRAME-OPTIONS: DENY added to all responses. [iglocska] - as reported by SK-CERT * [security] KeyCloak login getUser fixes. [iglocska] - removed dead code - tightened check on the user profile, if the KC user's email address and that of the Cerebrate user disagree, block the authentication - as reported by SK-CERT * [single view generic field] allow for unsanitised raw input. [iglocska] * [xss] resolved in the genericField of the single view. [iglocska] - as reported by SK-CERT * [api rearrange] shouldn't trigger when dealing with arrays. [iglocska] * [audit log] error due to compressible fields not being streams when compression not enabled. [iglocska] * [notice] errors when not logged in removed. [iglocska] * [exception] speculative fix to a check causing a 500. [iglocska] * [unauthed] users internal error fixed. [iglocska] * [meta template] fixes. [iglocska] * [revert] meta fields unindexing. [iglocska] - required for the saving of vchanges * [keycloak] fixed encoding issue with urlencoded usernames created in keycloak. [iglocska] * [meta] template loading reworked. [iglocska] - no more crappy string numeric keys among others * [deprecation] pagination component's use removed to comply with 4.4 requirements. [iglocska] * [deprecation] futher toList() call updated. [iglocska] * [deprecation] toList() queries updated. [iglocska] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'develop' [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge pull request #105 from DocArmoryTech/patch-2. [Andras Iklody] Alignment links missing / in 'single' view * Alignment links missing / [DocArmoryTech] When baseurl is configured in the UI as: `https://cerebrate.example.com/` (`App.baseurl` is `https:\/\/cerebrate.example.com\/` in config.json a `/` between the `$baseurl` and the url path appears to be missing: - When viewing an individual and their alignments (/individuals/view/123), links to the Organisations in their Alignments are missing a `/` - When viewing an organisation, links to the individuals with an alignment to the organisation are missing a `/` * Merge pull request #104 from DocArmoryTech/patch-1. [Andras Iklody] Alignment links missing / in indexes * Alignment links missing / [DocArmoryTech] When baseurl is configured in the UI as: `https://cerebrate.example.com/` (`App.baseurl` is `https:\/\/cerebrate.example.com\/` in config.json a `/` between the `$baseurl` and the url path appears to be missing: - When viewing the index of all individuals (/individuals/index), links to the Organisations in their Alignments are missing a `/` - When viewing an organisation that includes individuals with an alignment, links to the Individuals are missing a `/` * Merge pull request #101 from jacobkarapatakis/main. [Andras Iklody] Install instructions for RHEL * Install instructions for RHEL. [jk] ## v1.6 (2022-06-09) ### New * [KC] profile link added. [iglocska] ### Changes * [VERSION] bump. [iglocska] * [config:bootstrap] Only get file content if config.json exists. [Sami Mokaddem] * [kc] disabled user capturing. [iglocska] - Cerebrate is now authoritative * [users view] added KC checks for the profile link. [iglocska] * Revert. [iglocska] * [audit logs] fix test. [iglocska] ### Fix * [component:CRUD] Removed deprecation notice when trying to extract without requesting the collection. [Sami Mokaddem] * [localTools:action] Catch error if local tool's action returned unexpected data. [Sami Mokaddem] * [helper:bootstrap] Allow HTML param to have value equal to 0. [Sami Mokaddem] * [user enrollment] fixed via KC. [iglocska] * [auditlogs] more monkey fixing the logging errors via CLI. [iglocska] * [audit logs] monkey fix for the missing fields when coming from a CLI query. [iglocska] * Fix broken test after wiremock-php/wiremock-php upgrade to v2.33. [Luciano Righetti] ### Other * Merge branch 'develop' [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] ## v1.5 (2022-05-17) ### New * [keycloak] command line tool. [iglocska] - automateable sync - fixed various issues - added logging of issues * [keycloak] sync added. [iglocska] - created/updates users - creates/updates/removes roles - creates/updates/removes orgs * Add api tests for MetaTemplates and openapi spec, fix minor issues. [Luciano Righetti] * [keycloak] log enrollment outcome in the audit log. [iglocska] * [password auth] added setting to disable password auth. [iglocska] - not needed in some cases for keycloak enabled instances * [CRUD] added beforeMarshal hook. [iglocska] * [individuals] new finder method to find by alignment. [iglocska] * [users] several changes. [iglocska] - make usernames immutable - restrict user creation to aligned individuals (org admin only) - optionally create individual while creating a user * [metafields-types:ipv6] Support of ipv6. [Sami Mokaddem] * [tools:CidrTool] Ported CidrTool from MISP. [Sami Mokaddem] * [lib:metafields] New template `CSIRT Constituency` [Sami Mokaddem] * [metaFields] Support of meta-fields types. [Sami Mokaddem] * [layout:sidebar] Notifications in the sidebar. [Sami Mokaddem] * [helpers:bootstrap] Added notification bubble. [Sami Mokaddem] * [registration] added optional registration flood protection. [iglocska] - As reported by Dawid Czarnecki from Zigrin Security * [flood protection] behaviour added. [iglocska] simple expiration system to allow flood protections to be added to any functionality * [flood protection] schema added. [iglocska] * [Exception] 429 added. [iglocska] * [notification] Added initial version of the notification system. [Sami Mokaddem] * [dependency:js] Added moment.js. [Sami Mokaddem] * [helper:valueGetter] Helper to help execute closure to get a value if needed. [Sami Mokaddem] * [themes] bash script to help dev compile css files. [Sami Mokaddem] * [metaTemplate] Interface and functions to update meta-templates - WiP. [Sami Mokaddem] Actual update not implemented yet. * [elements:breadcrumb] Added possibility to have badges in action item. [Sami Mokaddem] * [meta_templates:it_infra_and_services] Added new template for org infra and services. [Sami Mokaddem] * [genericElement:index_table] Added support of meta_fields searches. [Sami Mokaddem] * [genericElements:index_table] Support of meta_fields in table column. [Sami Mokaddem] * [mailing-list] Added mailing list feature - WiP. [Sami Mokaddem] ### Changes * [metatemplate:meta_fields_to_update] Only show notice if applicable. [Sami Mokaddem] * [indexTable:context_filters] Support of default context filter. [Sami Mokaddem] This filter is used by default if none is provided * [meta-template:update] Default update strategy to be `create_new` [Sami Mokaddem] * [instance:getStatistics] Usage of cake's FrozenTime instead of DateTime. [Sami Mokaddem] * [Component:CRUD] Only show used meta-template in view pages. [Sami Mokaddem] * [settingProvider:cerebrate] Typo in `password_auth.enabled`'s name. [Sami Mokaddem] * [inboxProcessors] Change deprecated `notEmpty` to `notEmptyString` [Sami Mokaddem] * [metaTemplates:computeConflicts] Usage of subqueries instead of array of IDs. [Sami Mokaddem] * [metafields] Passed argument can either be an object or array. [Sami Mokaddem] * [metaFields] Added metafield type validation. [Sami Mokaddem] * [component:CRUD] Better validation messages. [Sami Mokaddem] * [behaviors:metafields] Moved type handlers to the meta-template-fields table. [Sami Mokaddem] * [instance:searchAll] Sharinggroup filter on org membership in addition to owner. [Sami Mokaddem] * [sharingroup:index] Changed conditions allowing member org to view a sharing group. [Sami Mokaddem] Previously only the SG owner could see the SG * [organisations] Added meta-field global filtering. [Sami Mokaddem] * [index_table:group_search] Changed name for better visibility. [Sami Mokaddem] * [users] restrict org admins from creating other org admins. [iglocska] - temporary solution for a single community, make this optional in the future * [user add] if no password was set, set a random one. [iglocska] - can't be used so far as we have no emailing in place - it allows user creation when username/password mode is disabled * [templates] for user creation now have a minimalist individiual creation included. [iglocska] * [user] view add link to user's individual. [iglocska] * [metafield-type:ipv4] Usage of Cdir tool. [Sami Mokaddem] * [metafield-types:ipv4] Improved logics. [Sami Mokaddem] * [users] Removed useless imports. [Sami Mokaddem] * [indexTable:filtering] Initial work on supporting custom operators. [Sami Mokaddem] * [layout:sidebar] Only show collapsible parents if they have children. [Sami Mokaddem] * [mailinglist] Added ACL conditions on mailing list operations. [Sami Mokaddem] - Site admins have all authorizations - Org admins can manipulate the list their user own (can be later replaced by organisation_id instead of user_id) - Other users can see the all lists they are included in * [Component:ACL] Added entries for mailing list. [Sami Mokaddem] * [Component:ACL] Added entry for audit log filtering. [Sami Mokaddem] * [Component:CRUD] Allow to filter out rows from the index with afterFind. [Sami Mokaddem] Filtering can be achieved by returning `false` instead of the row in the `afterFind` function * Removed useless comments. [Sami Mokaddem] * Removed unused commented code. [Sami Mokaddem] * [metaTemplates] Removed comment. [Sami Mokaddem] * [Component:CRUD] Removed comment and init correct variable type. [Sami Mokaddem] * [Component:CRUD] Typo. [Sami Mokaddem] * [migration] Finalized more-metafields-column script. [Sami Mokaddem] * [flood protection] Changed the description of the setting based on the used IP source. [iglocska] - added a warning about the IP source setting affecting the efficacy of the flood protection in regards to an attacker being potentially able to spoof their IP - Warn the admin to make sure that the reverse proxy used (the main reason to use the alternate headers in the first place) needs to be configured to correctly overwrite the header - as reported by Dawid Czarnecki of Zigrin Security * [organisation] Removed useless class variable. [Sami Mokaddem] * [behavior:meta-fields] Renamed finder function. [Sami Mokaddem] * [libraries:meta-template] Bumped version. [Sami Mokaddem] * [header] moved inline style in css file. [Sami Mokaddem] * [notifications] Slightly improved UI. [Sami Mokaddem] * [settingTable] Added value validation before saving the setting. [Sami Mokaddem] * [settingTable] Gracefully handle if file not writeable. [Sami Mokaddem] * [flood protection] added cleanup. [iglocska] * [inbox:collectNotifications] Collect notifications for the logged in user. [Sami Mokaddem] * [ui:header-notification] Added support of variant severity. [Sami Mokaddem] * [appcontroller] Breadcrumbs and notifications are fetched only if the user is logged in. [Sami Mokaddem] * [notifications] Support of modal when clicking on notification element. [Sami Mokaddem] * [inbox:createEntry] Checks for remote back connection is more flexible. [Sami Mokaddem] Handle the case of trailing slash * [outboxProcessors:brood] Gracefully catch server errors on remote broods. [Sami Mokaddem] * [outboxProcessors:broods] Provide errors while trying to re-send a message. [Sami Mokaddem] * [brood:connectionTest] Correctly handles network exceptions. [Sami Mokaddem] * [localtTools:connectionRequest] Provide more info on exception. [Sami Mokaddem] * [web:deps] Updated font-awesome version from 5.8.2 to 5.15.4. [Sami Mokaddem] * [inbox:index] Sort messages by created datetime. [Sami Mokaddem] * [genericELements:index_table] Tabler head accept icons. [Sami Mokaddem] * [api:index] Serve redoc script directly form the server. [Sami Mokaddem] * [auditlog:index] Break text in changed column. [Sami Mokaddem] * [auditlog] Allow filtering and searching the table. [Sami Mokaddem] * [component:CRUD] Fixed typo. [Sami Mokaddem] * [ui:api] Moved API navigation link into admin section and created breadcrumb config. [Sami Mokaddem] * [appController] Don't generate nav breadcrumbs in API context. [Sami Mokaddem] * [metaTemplate] Better placement of notice message. [Sami Mokaddem] * [metaTemplate] Added endpoint to load template from disk by uuid. [Sami Mokaddem] * [genericElement:metafield_panel] Only display notice if the entity has meta fields. [Sami Mokaddem] * [metaTemplate:index] Improved text. [Sami Mokaddem] * [metaTemplate] Major refactoring and documentation - WiP. [Sami Mokaddem] * [component:crud] Renaming the default `all` contextual filter. [Sami Mokaddem] * [migration] Meta-templates can have duplicated UUID thanks to their version. [Sami Mokaddem] * [metaTemplate] Update system and conflict resolution interfaces - WiP. [Sami Mokaddem] * [genericElements:form] Support of more option and radio input. [Sami Mokaddem] * [scss:bootstrap-additional] Added hover on dropdown items and mw/mh support. [Sami Mokaddem] * [Component:Navigation] Breadcrumbs get loaded before rendering to have access to view var. [Sami Mokaddem] So that it can have access to view variables * [metaTemplate] Started implementing new update system - WiP. [Sami Mokaddem] * [component:CRUD] Added comment to be fixed later on - WiP. [Sami Mokaddem] * [elements:widgets] Slightly refactored highlight panel and removed useless code. [Sami Mokaddem] * [genericElements:index_table] Immediately save index setting when dropdown menu gets closed. [Sami Mokaddem] * [helper:bootstrap] Improved dropdown menu badge UI. [Sami Mokaddem] * [element:index_table] Slight UI adjustement. [Sami Mokaddem] * Updated .gitignore. [Sami Mokaddem] * [meta_templates:enisa-csirt-inventory] Simplified regexes. [Sami Mokaddem] * [meta_templates:individual_extended] Added support of phone number. [Sami Mokaddem] * [metaFields] Clean-up and improved regex matching. [Sami Mokaddem] * [helpers:bootstrap] Formatted file. [Sami Mokaddem] * [sharingGroups] Cleaned useless view variables. [Sami Mokaddem] * [genericElements:index_table] Added close button for stat widget config UI. [Sami Mokaddem] * [genericElements:index_table] Continuation of stats for current view - WiP. [Sami Mokaddem] * [genericElements:index_table] Added support of statistic for current view - WiP. [Sami Mokaddem] * [element:widget] Added support of condensed UI for highlight-panel. [Sami Mokaddem] This could be later on refactored to be formed from smaller views * [element:bar] better support of passed options. [Sami Mokaddem] * [appTable] Moved statistics functions out of instanceTable. [Sami Mokaddem] * [helper:boostrap] Support of list of string for class in card. [Sami Mokaddem] * [genericElements:index_table] Moved description to a tooltip. [Sami Mokaddem] Description describing indexes are great when discovering an app for the first time but start taking important place and become useless when users gets to know the app better. Moving it to a tooltip makes sense in that regard. * [instance:home] Added support of both `modified` and `created` in stat panels. [Sami Mokaddem] * [mailinglist:addIndividual] Removed possiblity to edit individual already in the list. [Sami Mokaddem] This can be confusing and require special handling when saving joinData * [Organisation] Moved model to use meta-field behavior instead of association. [Sami Mokaddem] * [genericElement:index_table] Conditional inclusion of header in column visibility selector. [Sami Mokaddem] * [genericElement:index] Highlight filtering button if filters are present. [Sami Mokaddem] * [ui] Renamed search button in index_table. [Sami Mokaddem] Search seems more appropriate than filter * [component:CRUD] Added support of metafield in quickfilter feature. [Sami Mokaddem] * [genericElement:index_table] Small UI improvement for column visibility selector. [Sami Mokaddem] * [helper:bootstrap] Support of header in dropdown menu. [Sami Mokaddem] * [component:CRUD] Small refactoring to improve re-usability. [Sami Mokaddem] * [genericElement:index_table] Better support of array in generic fields. [Sami Mokaddem] * [helper:bootstrap] Added support of badge in dropdown menu entries. [Sami Mokaddem] * [ui:meta_templates] Slightly improved UI. [Sami Mokaddem] * [behavior:meta_field] Better integration in CRUD and tables. [Sami Mokaddem] * [navigation] Navigation's actions now relies on modal instead of redirecting to the page. [Sami Mokaddem] * [ui] Added support of redirections via Ajax responses. [Sami Mokaddem] * [component:CRUD] Cleanup leftovers comments. [Sami Mokaddem] * [component:CRUD] Support of validation and re-edition (WiP) [Sami Mokaddem] * [css:metafields] Improved responsiveness. [Sami Mokaddem] * [component:CRUD] Actually delete empty metafields on edit. [Sami Mokaddem] * [element:genericForm] Usage of bootstrap component to generate ajax modal. [Sami Mokaddem] * [app] More UI improvement for responsiveness. [Sami Mokaddem] * [app] Various layout improvements for responsiveness. [Sami Mokaddem] * [metaTemplate] Continuation of refactoring - WiP. [Sami Mokaddem] Editing meta field from entities working * [individual] MailingLists association improved. [Sami Mokaddem] * [metaTemplate] Started refactoring the whole feature. [Sami Mokaddem] Objective of the refactoring is to: Simplified metafields searches and started to add support of multi-field and edition * [ui] Various UI improvement and cleanup. [Sami Mokaddem] New according bootstrap component and small UI enhancements * [mailinglist] Improved feature. [Sami Mokaddem] Previously, emails were stored as json encoded string. To add more flexibility and prevent inconsistencies (such as propagating email changes to the mailing list), it has been moved to a table. ### Fix * [users] edit. [iglocska] - various issues fixed with the edit function - re-added the chance to change organisations of a user as a site admin - tighter checks on the options for the drop downs * [component:CRUD] Avoid patching entity if it wasn't modified. [Sami Mokaddem] * [metaFields] Added timestamp behavior. [Sami Mokaddem] * Error when entity has no meta_fields. [Luciano Righetti] * [metaTemplate:view] Repair `Field` child. [Sami Mokaddem] * [metatemplates:index] Pass all needed arguments. [Sami Mokaddem] * [helpers:bootstrap] Support of cell variant in table. [Sami Mokaddem] * Remove filter. [Luciano Righetti] * Remove commented line. [Luciano Righetti] * Warnings, notices, deprecation errors. [Luciano Righetti] * Update library, has a boolean validation bug. [Luciano Righetti] * Bumped ACLComponent. [Sami Mokaddem] * [sharingrGroup:delete] Missing params variable. [Sami Mokaddem] * [component:CRUD] Fixed typo massageMetaFields. [Sami Mokaddem] * [Component:CRUD] Removed confusing `get` parameter. [Sami Mokaddem] - It was confusing and using it could lead to unwanted consequences - It's clearer to implement the desired logic on controller's side * [users:add] Decoupled password required and visibility. [Sami Mokaddem] * [minor fixes] with the keycloak integration. [iglocska] * [settings] invalid setting name fixed. [iglocska] * [instance:searchAll] Get the correct count if after filter is applied. [Sami Mokaddem] * [sharinggroups:view] Typo skipping org membership check. [Sami Mokaddem] * [instance:search_all] Support of conditions and afterFind when using global search. [Sami Mokaddem] * [Component:CRUD] Prevent duplication of first metafield if it was unmodified. [Sami Mokaddem] * [behavior:metafields] Switch to text filtering if meta-template-field is not provided. [Sami Mokaddem] * [settings] added test for keycloak enabled. [iglocska] - always require one auth method to be enabled * [alignments] saving of the alignment was omitted before. [iglocska] * [component:CRUD] Fix edit where query parameters where not passed correctly. [Sami Mokaddem] It fixes meta-fields duplication while saving * [indexTable] Missing argument to display the reload popup. [Sami Mokaddem] * [Component:CRUD] Typo in merge conflict. [Sami Mokaddem] * [copy pasta fail] left previous assignment in that is now superseeded by the if branch above. [iglocska] * [genericTemplates] delete template can be invoked without an ID. [iglocska] * [misp connector] validations with notEmpty() deprecated, replaced with notEmptyString() [iglocska] * [flood protection] default to 127.0.0.1 if no remote_addr is set as we're dealing with a local CLI script. [iglocska] * [error code] adding an authkey for a user you are not authorised to modify resulted in a 404 instead of a 405. [iglocska] * [tests] changed assertion for authkey failure on insufficient privilege from 404 to 405. [iglocska] * [security] XSS in the generic action template. [iglocska] - a previously assumed internal url can have user input appended via the MISP local tool connector - requires a compromised connected MISP instance where a malicious administrator modifies the UUIDs of cerebrate relevant objects to JS payloads - as reported by Dawid Czarcnecki of Zigrin Security * [flood protection] default to REMOTE_ADDR if the selected default logging IP source header is not populated. [iglocska] * [security] flood protection control enabled by default. [iglocska] - as reported by Dawid Czarnecki from Zigrin Security * [security] Sharing group creation on behalf of other organisation fixed. [iglocska] - org admin could create sharing groups on behalf of other organisations - can lead to misleading sharing groups being created - as reported by Dawid Czarnecki of Zigrin Security * [security] privilege escalation via user edit fixed. [iglocska] - org admins could circumvent the role restrictions and elevate themselves to a site admin - as reported by Dawid Czarnecki from Zigrin Security * [settings:settingField] Enforce sanitization of input fields. [Sami Mokaddem] - As reported by Dawid Czarnecki from Zigrin Security * [userSettings] Perform URI validation for bookmarks. [Sami Mokaddem] - As reported by Dawid Czarnecki from Zigrin Security * [userSettings] Renamed template to match the controller endpoint. [Sami Mokaddem] * [migrations] initial schema migration fixed for upgrades. [iglocska] - check if a table has already been created and block the execution for instances that get updated from before the initial schema was retroactively added * [security] user settings allow enumeration of usernames. [iglocska] - as reported by Dawid Czarnecki from Zigrin Security * [security] open endpoints should only be open when enabled. [iglocska] - as reported by Dawid Czarnecki from Zigrin Security * [security] Sharing group ACL fixes. [iglocska] - added indirect object reference protection - added correct ACL functionalities to delete, addOrg, removeOrg - as reported by Dawid Czarnecki from Zigrin Security * [security] genericForm reflected XSS in form descriptions for user controlled descriptions. [iglocska] - accessible via the MISP local tool setting change - sanitise the description - as reported by Dawid Czarnecki from Zigrin Security * [sync] created field rules added. [iglocska] - should stop issues of SG/Individual downloads from remote brood * [generic fields] org field URL missing slash fixed. [iglocska] * [localToolConnectors:MISP] Fixed bad merge. [Sami Mokaddem] * [templates:common] Removed extra closing tag. [Sami Mokaddem] * [localToolConnectors:MISP] Fixed typo. [Sami Mokaddem] * [components:CRUD] Support of controller's paginate public variable. [Sami Mokaddem] * [genericElements:index_table] Improved positioniong of pagination link for sorting. [Sami Mokaddem] * [genericElements:tags] List tags when editing an entity. [Sami Mokaddem] * [themes] Recompiled css file repairing the merge conflict overlooked. [Sami Mokaddem] * [auditlog] Typo in field name. [Sami Mokaddem] * [component:CRUD] Filtering view variables get correctly set. [Sami Mokaddem] * [appTable:table_statistics] Compute timeline only if the fields exist in the DB schema. [Sami Mokaddem] * [auditlog] Clean up of leftover copy paste. [Sami Mokaddem] * [metaTemplate] Various fixed on meta-templates updates. [Sami Mokaddem] * [appTable:activityStatistics] Variation take for the activity of the last x days. [Sami Mokaddem] * [local_tool:batchApiAction] Various UI and backend fixes. [Sami Mokaddem] * [instance:searchAll] Correct usage of parameters. [Sami Mokaddem] * [metaTemplate] Repaired update_all. [Sami Mokaddem] * [metatemplate] Removed unused code. [Sami Mokaddem] * [genericTemplates:delete] Make sure to sanitize modal content. [Sami Mokaddem] * [helper:bootstrap] Support of string and array for badge's class parameter. [Sami Mokaddem] * [helpers:bootstrap] Make sure to sanitize passed text. [Sami Mokaddem] * [meta_template:enisa-csirt-inventory] Typo in regex. [Sami Mokaddem] * [component:CRUD] Regression where entities not supporting metafields couldn't be saved. [Sami Mokaddem] * [home:ui] Use correct bootstrap class. [Sami Mokaddem] * [mailinglist] Edition was not possible in some cases. [Sami Mokaddem] * [ui:sidebar] Correctly add activeSidebarLinkColor to parent element if child is selected. [Sami Mokaddem] * [Component:CRUD] Pass expected argument. [Sami Mokaddem] * [behavior:metaField] Wildcard searches now work if the wildcare is placed in front. [Sami Mokaddem] * [component:CRUD] Correctly inspect the redirect key. [Sami Mokaddem] * [component:paramHandler] Correctly handle arrays. [Sami Mokaddem] Also removed duplicated function * [element] Made single views aware of multiple meta-fields. [Sami Mokaddem] * [Component:CRUD] Make set quickfilter works again. [Sami Mokaddem] Call the function with correct number of argument ### Other * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge pull request #89 from cerebrate-project/develop-unstable. [Andras Iklody] Features extension pack * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge pull request #93 from righel/add-meta-templates-api-tests. [Luciano Righetti] new: add api tests for MetaTemplates and openapi spec, fix minor issues. * Merge branch 'main' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge pull request #92 from righel/fix-tests-and-notices. [Andras Iklody] Fix tests and notices * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Update INSTALL.md. [Alexandre Dulaunoy] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'refactor-metatemplates' into develop-unstable. [Sami Mokaddem] * Merge branch 'refactor-metatemplates' into develop-unstable. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into refactor-metatemplates. [Sami Mokaddem] ## v1.4 (2022-01-27) ### New * [ACL] added canEditUser() function. [iglocska] - simple comparison between two users - checks role + org based permission * [CRUD] added some new useful features. [iglocska] - afterFind for the edit functions to make last minute decisions on the modification after already having loaded the data to be modified - moved the field restrictions to be able to pass it to the view - try/catch for bulk deletions. A single failure in the beforeSave call will no longer block the entire saving process * Add /api/v1/users/index api test. [Luciano Righetti] * Add /api openapi spec view with redoc, add faker to fixtures, validate api responses with openapi spec, add /api/v1/ prefix to api routes. [Luciano Righetti] * Initial api and integration tests. [Luciano Righetti] * [doc] Added prerequisites document. [Sami Mokaddem] * [localtool:commonConnectorTools] Added new logger for each local tools. [Sami Mokaddem] * [Outbox] entity added. [iglocska] - to inherit the appModel functions * [CodeMirror] Shows a placeholder whenever the textarea is empty. [Sami Mokaddem] * [encryption key] view added. [iglocska] - was missing, despite links to it * [doc] Added slides about cerebrate and local tools synchronisations. [Sami Mokaddem] ### Changes * [Version] bump. [iglocska] * [user add] form defaults. [iglocska] - org will default to own org for site admins - role will default to the default role (if set) * [form] dropdown default key added. [iglocska] * Add wiremock stub verification. [Luciano Righetti] * Do not exit 1 if wiremock was not running. [Luciano Righetti] * Clean test. [Luciano Righetti] * Add missing openapi endpoints for sync test. [Luciano Righetti] * Tighten tests assertions. [Luciano Righetti] * Clean test. [Luciano Righetti] * [userSettings:add] Adhere to the passed user context. [Sami Mokaddem] * [navigation:users] Restored breadcrumb navigation to access user profile settings. [Sami Mokaddem] * [base settings provider] pass settings by reference for evaluation. [iglocska] - opens it up for modifications by the hooking functions * [settingsTable] Use settings array for the actual saving in saveSetting. [iglocska] - allows us to modify a value in the processing steps before the value is committed to disk * [MISP connector] user edit/delete temporarily commented out as they're not implemented yet. [iglocska] * [Navigationcomponent] added missing changes from previous commit. [iglocska] * [Organisation] Entity accessibility rules. [iglocska] - make created only accessible when creating new objects * [navigation] Breadcrumb generation is user aware. [iglocska] - moved the initialisation of the generation to be invoked from the appcontroller's beforefilter, after the user is loaded into the ACL component - Only show user setting edits when the user is editing themselves * [inbox:createEntry] Checks for remote back connection is more flexible. [Sami Mokaddem] Handle the case of trailing slash * [outboxProcessors:brood] Gracefully catch server errors on remote broods. [Sami Mokaddem] * [outboxProcessors:broods] Provide errors while trying to re-send a message. [Sami Mokaddem] * [brood:connectionTest] Correctly handles network exceptions. [Sami Mokaddem] * [localtTools:connectionRequest] Provide more info on exception. [Sami Mokaddem] * [inbox:index] Sort messages by created datetime. [Sami Mokaddem] * [auditlog:index] Break text in changed column. [Sami Mokaddem] * Minor improv. [Luciano Righetti] * Remove the /api/v1 prefix for api endpoints. [Luciano Righetti] * Remove todo section. [Luciano Righetti] * Move openapi validator initialization to tests/bootstrap.php so its only parsed once. [Luciano Righetti] * Refactor ApiTestTrait to reduce code duplication, enforce openapi spec validations. [Luciano Righetti] * Extend openapi spec. [Luciano Righetti] * Rename test files. [Luciano Righetti] * Migrate mysql.sql initial schema to a phinx migration. [Luciano Righetti] * [layout:header-profile] Improved spacing. [Sami Mokaddem] * [user] edit restricted to password only for self. [iglocska] * [instance] Added support of API response for 2 endpoints. [Sami Mokaddem] * [localTools:local_tool_connectors] Added support of CodeMirror placeholder. [Sami Mokaddem] * Clear cakephp cache. [Luciano Righetti] * Wait for db before running migrations. [Luciano Righetti] ### Fix * [login] hide keycloak login if keycloak login is disabled. [iglocska] * [roles] setting default should be exclusive. [iglocska] - added aftersave action to remove default from other roles * [sharing group form] default to own org as owner. [iglocska] - reconsider if this should be a configurable setting at all * Mixed up concepts. [Luciano Righetti] * Mark test as incomplete (better). [Luciano Righetti] * Mark test as skipped, not critical. [Luciano Righetti] * Wrong namespaces. [Luciano Righetti] * Failing when request is empty json object. [Luciano Righetti] * [users:view] Correctly reload authkey child panel when performing operations. [Sami Mokaddem] * [users:toggle] Prevent users to disable admins. [Sami Mokaddem] * [users:delete] Typo copy paste error. [Sami Mokaddem] * [Keycloak baseurl] remove trailing slashes. [iglocska] * [userSettings] Allow admin to edit other user's settings. [Sami Mokaddem] * [users:settings] Allow admin to see account settings of other users. [Sami Mokaddem] * [security] fields not adhered to in CRUD components edit. [iglocska] - users can circumvent restrictions on editable fields - can lead to privilege escalation when users edit themselves * [lax URL validation] added for Broodstable. [iglocska] - can be reused elsewhere too - allows for http://hostname style urls * [user view] ACL fixed. [iglocska] * [Sharing groups] UUID and owner org shouldn't be editable. [iglocska] * [modified] saving fixed for sync captures. [iglocska] - set the field as not dirty to force an update - stops the exceptions thrown on pulling these objects in * [users] add. [iglocska] - fixed role selection * [users] role based action filtering added. [iglocska] - to avoid annoying clickable, but blocked actions for og admins * [templates:common] Removed extra closing tag. [Sami Mokaddem] * [components:CRUD] Support of controller's paginate public variable. [Sami Mokaddem] * [genericElements:tags] List tags when editing an entity. [Sami Mokaddem] * Run wiremock in background. [Luciano Righetti] * Assertions are already executed. [Luciano Righetti] * Copy&paste. [Luciano Righetti] * Incorrect check. [Luciano Righetti] * Test. [Luciano Righetti] * Deprecation warning. [Luciano Righetti] * [doc] Typo in text. [Sami Mokaddem] * [localTool:CommonConnector] Ensure one logger per connector. [Sami Mokaddem] * [authkey] add fixed. [iglocska] - incorrectly potentially filter out valid options when adding a key by a regular user * [user edit] fixed for non admins. [iglocska] * [encryption keys] several fixes. [iglocska] - fix the user view to correctly point to the list of related encryption keys - fix the lookup on the index to be based on owner_model + owner_id combo - fix the filtering of the dropdown in the encryption key add form to only valid options * [CRUD] delete post message fix. [iglocska] - correct order of execution for the beforesave command * [ACL] tightening for delete functions. [iglocska] - implemented beforeSave() function in the CRUD::delete() functionality - added correct handling for the organisation level encryption keys in the beforeSave constructor * [encryption keys] functionality to filter orgs/individuals fixed. [iglocska] - actually execute the query rather than just build it * [encryption keys] tightened ACL across all CRUD functions. [iglocska] * [authkeys] tighten requirements to add authkeys for other org admins. [iglocska] - site admin: can add to all - org admin: can add to all in org, except site admin - everyone else: can add to self only * [organisation:add] Removed useless description field. [Sami Mokaddem] * [inividuals] add shouldn't have the tagging options. [iglocska] - can't tag that which does not exist yet * [inividuals] add shouldn't have the tagging options. [iglocska] - can't tag that which does not exist yet * [placeholder removed] WiP functionality for local_tool->local_tool connections within the same brood temporarily removed. [iglocska] - was never fully implemented * [organisation] add/edit doesn't save URL. [iglocska] * [ACL] Allow anyone to view encryption keys. [Sami Mokaddem] * [userSettings] Various permissions issues. [Sami Mokaddem] * [helpers:bootstrap] Table's cell generator gets the correct row index. [Sami Mokaddem] * [tagging] error when trying to add a tag that doesn't exist yet. [iglocska] - add default colour to circumvent the error * [ACL] proper error messages on user edit. [iglocska] - don't just silently redirect to the own user editing if the user isn't authorised to modify another user * [ACL] added correct file for previous fix (user edit admin permission check) [iglocska] * [ACL] fixed ACL check on user edit for the admin permission. [iglocska] - invalid name used for the lookup (perm_side_admin instead of perm_admin) leading to incorrect downgrading of the permissions * [migrations] correct string length to avoid strict mode issues with keys exceeding 767 bytes. [iglocska] * Add missing copyright notice. [Luciano Righetti] * Typo. [Luciano Righetti] ### Other * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge pull request #86 from righel/add-inter-connection-tests. [Andras Iklody] Add inter-connection test * Merge branch 'develop' into add-inter-connection-tests. [Luciano Righetti] * Add: initial version of cerebrate->cerebrate misp interconnection. [Luciano Righetti] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Update VERSION.json. [Andras Iklody] * Merge pull request #85 from righel/add-test-workflow-gh-action. [Andras Iklody] add: github action test workflow * Add: github action test workflow. [Luciano Righetti] * Merge pull request #80 from righel/add-integration-tests. [Andras Iklody] Add integration tests * Add: change password via api test, add helper methods to ApiTestTrait. [Luciano Righetti] * Merge branch 'develop' into add-integration-tests. [Luciano Righetti] * Add: cover authkeys api endpoints, extend openapi spec. [Luciano Righetti] * Merge branch 'develop' into add-integration-tests. [Luciano Righetti] * Merge branch 'develop' into add-integration-tests. [Luciano Righetti] * Add: more encription keys api endpoints covered. [Luciano Righetti] * Merge branch 'develop' into add-integration-tests. [Luciano Righetti] * Add: api tests for /encryptionkeys, extend openapi spec. [Luciano Righetti] * Add: wiremock tests and boilerplate, update test readme, extend openapi spec. [Luciano Righetti] * Add: more sharing groups api tests, add broods api tests, extend openapi spec. [Luciano Righetti] * Add: add sharing groups api tests, extend openapi spec. [Luciano Righetti] * Add: some extra scopes and actions. [Luciano Righetti] * Add: add basic api coverage of inbox processor endpoint, extend openapi spec. [Luciano Righetti] * Add: add individuals api tests and extend openapi spec. [Luciano Righetti] * Add: add api tests for tags and orgs, extend openapi spec, fix routes for tags plugin. [Luciano Righetti] * Add: add API menu option. [Luciano Righetti] * Add: add/edit operations api tests and openapi spec. [Luciano Righetti] * Add: add users add/edit/delete api tests and openapi docs. [Luciano Righetti] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge remote-tracking branch 'origin/develop' into develop. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge pull request #79 from righel/add-wait-for-it-script-docker. [Andras Iklody] chg: wait for db before running migrations * Merge branch 'main' into develop. [iglocska] ## v1.3 (2021-12-22) ### Changes * [keycloak] added screw to loosen timing issues. [iglocska] * Misp connector index changes. [iglocska] * [themes] Recompiled themes using dart-sass. [Sami Mokaddem] * [themes:packages] Replaced node-sass by dart-sass. [Sami Mokaddem] ### Fix * [local_tool:batchApiAction] Various UI and backend fixes. [Sami Mokaddem] * [main] Prevent setting listeners if dependencies are not loaded. [Sami Mokaddem] ### Other * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Don't ignore platform reqs in dockerfile. [Andras Iklody] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] ## v1.2 (2021-12-15) ### New * [ACL Helper] check access for controller / action pair for given user. [iglocska] - accesible everywhere in the UI * [ACL component] new functionalities. [iglocska] - getRoleAccess now returns either URLs or arrays - array format allows for easy checking of controller + action pairs * [ACL] getRoleAccess endpoint added. [iglocska] - prints all valid URLs for the current user's role ### Changes * [sharing group index] add button now has the new checkaccess conditions applied. [iglocska] * [appcontroller] minor changes. [iglocska] - getRoleAccess now returns array format - moved setting of view variables behind a rest check, to avoid additional unused actions for API queries - current user's role access matrix passed to view via "roleAccess" ### Fix * [sharing group index] fixed members link. [iglocska] * [sharing groups] index members column fixed. [iglocska] * [encryptions] fixed adding encryption keys. [iglocska] * [ACL] added missing entries. [iglocska] * [ACL] fix wildcard controller checks failing. [iglocska] * [encryption keys] only show valid options when creating keys as a user. [iglocska] * [keycloak] enrollment org_id issues fixed. [iglocska] * [user add] form fixes. [iglocska] * [forms] added missing password form field. [iglocska] * [forms] dropdowns overriding values from request. [iglocska] ### Other * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] ## v1.1.1 (2021-11-24) ### Changes * [audit log] change field renamed to changed. [iglocska] - change is a reserved keyword - this way quoting of field names is no longer needed in the cakePHP settings * [search_all] Added drafty support of meta-fields. [Sami Mokaddem] ### Fix * [roles index] correctly allow site admins to modify / remove roles. [iglocska] * [conflict] resolved in user_org update script. [iglocska] * [typo] organisations != oganisations. [iglocska] * [user init] generation fixed. [iglocska] * [migrations] user org further fixes. [iglocska] * [migration] userorg migration fixed. [iglocska] * [user init] explicit uuid creation removed. [iglocska] - added behavior wherever it was missing * [default user creation] explicitly create UUIDs. [iglocska] * [mysql] action field renamed without renaming the index. [Andras Iklody] * [mysql] renamed field without renaming the associated index. [Andras Iklody] * [mysql] create if exists rather than drop + create. [Andras Iklody] - made sense early in development, however, it no longer does * Typo in mysql.sql. [Andras Iklody] * [initial user] generation fixed. [iglocska] - requires a default organisation + org link now * [migration:user_org] Fixed if org_id column does not exist. [Sami Mokaddem] ### Other * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] ## v1.1 (2021-11-24) ### New * [CRUD] added additional features to the CRUD component. [iglocska] - conditions passable to add/edit/index/delete - refactored get() requests internally to finds to accomodate for additional parameters - delete() now takes a params[] array as a second argument * [migration] organisation_id added to users. [iglocska] - also, grab the first org for a default * [appmodel] moved constants related to the logging along with a getter to app model. [iglocska] * [login] log success/failure. [iglocska] * [open] individualscontroller fix. [iglocska] - import badrequest exception * [crud component] fixes. [iglocska] - add hidden option - fix afterfind * [audit log] behaviour tied into the appropriate models. [iglocska] * [migration] scripts added. [iglocska] - also updated mysql.sql * [mysql] added new table for audit logs. [iglocska] * [auditlogs] UI. [iglocska] * [auditlog system] added. [iglocska] - port of Jakub Onderka's implementation from MISP - Still not fully realised, lacking search functionalities ### Changes * [cakephp] version bump. [iglocska] * [ACL] tightened ACL for several controllers. [iglocska] - org admins now have access to new functionalities, added ACL for them - Affected controllers: - Authkeys, encryptionkeys, users, sharinggroups - sets defaults/restricts access accordingly * [ACL] fix permissions for org admins. [iglocska] - also, fix a bug with the simple permissions being ignored * [appcontroller] include user org in loaded user object during authentication. [iglocska] - also log username as username rather than name * [index views] slight changes. [iglocska] - hide inaccessible action buttons on org index - add owner to sharing group index * [roles] hide action buttons on the role index when they wouldn't be available anyway. [iglocska] * [sharing groups] show owner org on the index. [iglocska] * [profile] added org to profile menu. [iglocska] * [templates] org fields added to user templates. [iglocska] * [users] associated with orgs. [iglocska] * [audit log naming] renamed action to request_action to avoid reserved keyword usage. [iglocska] * [auditlog] log api authentication failures / successes. [iglocska] * [audit logs] tied into side menu. [iglocska] * [docker] updated image path to the github package of this repo. [Andras Iklody] * Small changes to the readme. [Andras Iklody] * [doc] README improved for release 1.0. [Alexandre Dulaunoy] * [.gitignore] Added node_modules and .vscode. [Sami Mokaddem] * [ui:login] Better logo centering. [Sami Mokaddem] ### Fix * [API] fixed broken API. [iglocska] - don't call functions specifically meant for the UI when in an ACL context - also fixed breaking issues with the logging * [keycloak] when enrolling users in keycloak, use the user organisation_id instead of the individual's first alias. [iglocska] * [auditlog] use insert() rather than save() as that is not available in the behavior. [iglocska] - fixes exception on logging deletes, blocking any actual deletions * [audit log] filtering now uses request_action rather than the renamed action field. [iglocska] * [log index] use the proper action column. [iglocska] * [JSON fields] fixed escaping issues. [iglocska] ### Other * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge pull request #77 from drizzit56/main. [Andras Iklody] Added an nginx config for cerebrate * Adding nginx config. [drizzit56] * Adding nginx alternative config file and updating INSTALL.md for nginx usage. [drizzit56] * Merge pull request #78 from cudeso/main. [Andras Iklody] Update INSTALL.md * Update INSTALL.md. [Koen Van Impe] Minor installation documentation changes * Merge pull request #76 from DocArmoryTech/dat-patch. [Andras Iklody] Dat patch * Create logs dir. [DocArmoryTech] * Keep composer happy with permissions. [DocArmoryTech] partial resolution to issue #75 create/initialise a `/var/www/.composer` director to keep composer happy and explicitly tell sudo to set the home dir `-H` * Added missing 'Cerebrate' section. [DocArmoryTech] Second part of resolution to Issue #75 Added missing Cerebrate config section to resolved the following error: ``` warning: Warning (2): in_array() expects parameter 2 to be array, null given in [/var/www/cerebrate/src/Controller/Component/Navigation/sidemenu.php, line 130] Request URL: /users/login Referer URL: http://127.0.0.1:8000/users/login?redirect=%2F Client IP: 127.0.0.1 ``` * Merge pull request #74 from cerebrate-project/feature/docker-ci. [Andras Iklody] Feature/docker ci * [skip ci] changing triggering branch in workflow. [Rémi Laurent] * Merge branch 'feature/docker-ci' of github.com:cerebrate-project/docker-cerebrate into feature/docker-ci. [Rémi Laurent] * Create docker-publish.yml. [Rémi Laurent] initial attempt at GH actions docker build and push * Dockerfile and configuration. [Rémi Laurent] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] ## v1.0 (2021-10-21) ### New * [user:registration] Added user self-registration feature. [Sami Mokaddem] * [keycloak] initial settings. [iglocska] * [genericElement:indexTable] Table actions - WiP. [Sami Mokaddem] Table actions allow to perform actions on the table such as hide/show columns, regroup rows by fields and so on * [userSettings] Added complete support of user settings. [Sami Mokaddem] Including support of bookmarks, sidebar behavior and theming * [sidebar:bookmarks] Added early version of user-defined bookmarks. [Sami Mokaddem] Bookmark configs are saved in their respective user setting for each users * [layout:sidebar] Save sidebar expanded state in user setting. [Sami Mokaddem] * [user-settings] Added user settings feature. [Sami Mokaddem] * [keycloak auth] wip version 1 added. [iglocska] - authenticate via keycloak (on demand only at the moment) - check if user from JWT token exists - if yes: - check if role needs to be updated - do so if need be - check if organisation needs to be updated - (currently only captures, not aligned yet!) - if no: - create user - set role (if set, otherwise fall back to default configuration) - capture organisation - (currently not aligned yet!) * [keycloak auth] library loaded if configured via application.php. [iglocska] * [socialauth] dependency aded to composer. [iglocska] * [instance:search_all] Early work on search all feature. [mokaddem] * [instance:home] Added statistics and highlight panel - WiP. [mokaddem] * [genericElements:singleView] Added new string field to extract without type deduction. [mokaddem] * [tag] Started integration of tag plugin with custom helpers - WiP. [mokaddem] * Decoupled Cerebrate settings from application settings And included an example of setting provider. [mokaddem] * [bootstrapHelper:listGroup] Added list group support. [mokaddem] * [settings] Added setting and settingProvider functionality - WiP. [mokaddem] * [localTool:batchActions] Added framework to execute batch actions on list of connections. [mokaddem] * [helpers:listTable] Added listTable. [mokaddem] * [localTools] Setting validation. [mokaddem] * [localtools] Integration of codemirror of tools parameters. [mokaddem] ### Changes * [installation] Improvement installation instructions. [Sami Mokaddem] * [settings] fixes. [iglocska] - use a JSON file for the config - stop using cake4 dump/load for the process - move settings back to the root level - Research Flyer Carapace level 1 * [ui:register] Added sign-in link. [Sami Mokaddem] * [sidemenu] Moved local tools. [Sami Mokaddem] * [keycloak] settings moved to CerebrateSettingsProvider. [iglocska] * [element:settings] Added support of multi-select fields. [Sami Mokaddem] * [genericElement:indexTable] Refactored code and added support of compact display. [Sami Mokaddem] * [helpers:bootstrap] Added dropdown menu helper. [Sami Mokaddem] * [layout:home] Improved scaling when hovering activity panels. [Sami Mokaddem] * [ui:home] Nicer icons and layout. [Sami Mokaddem] * [ui:home] Let the theme decide bookmark's link color. [Sami Mokaddem] * [settings] Refactored settings table and views. [Sami Mokaddem] Allow for improved re-usability to use the views and functions with other settings * [ui:settings] Refactored setting factory to be more generic. [Sami Mokaddem] * [userSettings] Initial version of template - WiP. [Sami Mokaddem] * [userSettings] Added view template. [Sami Mokaddem] * [user] virtual field for user settings. [Sami Mokaddem] * [userSetting] Functions for easier manipulation of user settings. [Sami Mokaddem] * [userSettings] Added endpoints to better interact with user settings. [Sami Mokaddem] * [navigation:sidemenu] Translation for link groups. [Sami Mokaddem] * [app] Generate side menu for logged-in users only. [Sami Mokaddem] * [navigation] regrouped navigation related data into files. [Sami Mokaddem] * [layout:loging] Improved layout. [Sami Mokaddem] * [layout:app] Added application background. [Sami Mokaddem] * [layout:login] Improved layout. [Sami Mokaddem] * [layout:login] Improved layout. [Sami Mokaddem] * [element:genericForm] Added support of bs5 floating label. [Sami Mokaddem] * [helper:overlay] Better support of themes and added blur. [Sami Mokaddem] * [ui:keycloak] Nice login and logged-in UI. [Sami Mokaddem] * [css] Added support of variant for dropdown-item. [Sami Mokaddem] * [sass] Update package. [Sami Mokaddem] * [helper:bootstrap] Support of picture in buttons. [Sami Mokaddem] * [elements:flash] Support of toast for flash messages. [Sami Mokaddem] * [event:socialAuth] Nicer successful flash message. [Sami Mokaddem] * [ui:login] correctly supports themes. [Sami Mokaddem] * [app] Added timestamp behavior for multiple models. [mokaddem] * [ui:setting] Fixed select2 setting search input UI. [mokaddem] * [ui:settings] Setting page support themes. [mokaddem] * [instance:settings] Display section name regardless of its number of child. [mokaddem] * [instance:settings] Support of BS5 in setting page. [mokaddem] * [component:navigation] Added support of settings in breadcrumbs. [mokaddem] * [setting] Support of themes in settings. [mokaddem] * [instance:home] Slightly improved UI. [mokaddem] * [navbar:search_all] Fixed layout. [mokaddem] * [navbar:search-all] Fixed dropdown instantiation. [mokaddem] * [navigation] Fixed navigation for tag endpoints. [mokaddem] * [genericTemplate:filters] Fixed some UI issues. [mokaddem] * [genericElement:table] Changed action link display into buttons instead of links. [mokaddem] * [bootstrap] Moved more files to support bootstrap v5. [mokaddem] * [layout] Slightly more responsive. [mokaddem] * [layout:actionMenu] Make action menu aware of themes. [mokaddem] * [layout:navbar] Moved links and actions breadcrumb items out of the main top navbar. [mokaddem] * [component:navigation] Added support of home route. [mokaddem] * [bootstrap] Migrated APP to use bootstrap v5.x. [mokaddem] * [layout] Support of themes - WiP. [mokaddem] * [instance:search_all] Support of limit and per-model-searches. [mokaddem] * [layout] Modernized general UI - WiP. [mokaddem] * [elements:index_actions] UI hover feedback. [mokaddem] * [helpers:bootstrap] Added switch helper. [mokaddem] * [layout] Modern application UI - WiP. [mokaddem] * [layout:icon] Added icon effect. [mokaddem] * [instance:navigation] Usage of the mapped icons. [mokaddem] * [layout:breadcrumb] Support of icon in breadcrumb. [mokaddem] * [layout:sidebar] Support of active entries. [mokaddem] * [instance:search_all] Support of total entry found. [mokaddem] * [instance:search_all] Added support of no results. [mokaddem] * [instance:search_all] Improved layout of displayed results. [mokaddem] * [layout:header] UI improvements. [mokaddem] * [layout] Added responsiveness. [mokaddem] * [layout:navbar-right] Started implementation. [mokaddem] * [layout] UI improvements. [mokaddem] * [layout:header] Improved breadcrumb generation. [mokaddem] * [layout:header] Renamed header-breadcrumb. [mokaddem] * [app:naviation] Support of breadcrumbs for navigation - WiP. [mokaddem] * [layout:header] Added cerebrate icon. [mokaddem] * [layout:sidebar] overlay when hovering the sidebar. [mokaddem] * [layout:sidebar] Lock/unlock sidebar. [mokaddem] * [layout:navbar] Improved menu UI. [mokaddem] * [layout:navbar] Breadcrumb and navbar menu - WiP. [mokaddem] * [layout:sidebar] Show separtor when sidebar is collapsed. [mokaddem] * [layout:sidebar] collapsing sidebar. [mokaddem] * [layout:sidebar] Started integration of sidebar - WiP. [mokaddem] * [app] Added apexcharts dependency as a PoC. [mokaddem] Might get removed later on * [home] Added link to index for each panels. [mokaddem] * [charts:bar] Tooltip text color for light theme. [mokaddem] * [plugin:tags] Added migration script. [mokaddem] * [aclcomponent] Added ACL entry. [mokaddem] * [tags] Moved templates into the plugin folder. [mokaddem] * [migration] Added support of plugin migrations. [mokaddem] * [helpers:bootstrap] Prevent toast to hide if it's being hovered. [mokaddem] * [tag] Moved CSS and JS parts into the plugin folder. [mokaddem] * [tags] Moved tag helper as plugin tag helper. [mokaddem] * [tags] Transformed feature into a pluging - WiP. [mokaddem] * [behavior:tags] Custom finder and small improvements. [mokaddem] * [tags] Improved UI and added missing files. [mokaddem] * [tag] Continuation of integrating tagging plugin - WiP - Filtering - CRUD of tags. [mokaddem] * [tag] Continuation of integrating tagging plugin - WiP - Can tag/untag any model. [mokaddem] * [tag] Continuation of integrating tagging plugin - WiP - Tagging / Untagging. [mokaddem] * [settings] Possibility to add icons and description in setting panels. [mokaddem] * [setting:cerebrate] Remove useless line. [mokaddem] * [setting] Added slight support of multiselect. [mokaddem] * [setting] Nicer layout for nested settings. [mokaddem] * [setting] Improved UI of notice. [mokaddem] * [setting] List settings that triggered a notice. [mokaddem] * [setting] Slight refactoring of search function. [mokaddem] * [settings] Improved searches and focus after selection. [mokaddem] * [setting] Allow referencing and redirecting ot individual setting. [mokaddem] * [setting:fields] Improved variant support for switch checkbox. [mokaddem] * [instance:settings] group and panel level are optionals. [mokaddem] * [instance:settings] Moved setting provider function at the top. [mokaddem] * [instance:settings] Integrated actually save of settings. [mokaddem] * [helpers:api-helpers] Slight rework on notifications. [mokaddem] * [instance:settings] UI refactoring. [mokaddem] * [instance:settings] UI improvements. [mokaddem] * [instance:settings] UI improvements. [mokaddem] * [instance:settings] Improved support of selects. [mokaddem] * [instance:settings] Improved support of checkboxes. [mokaddem] * [instance:settings] Added search matcher and sorter. [mokaddem] * [instance:settings] UI Improvements and framework to save settings - WiP. [mokaddem] * [instance:settings] Improved UI interface Added searches and notices for individual settings. [mokaddem] * [instance:settings] Added notice if setting have issues. [mokaddem] * [helpers:bootstrap] Slight improvements. [mokaddem] * [helpers:submissionModal] Allow passing modalFactory options. [mokaddem] * [genericElement:single_view] Usage of factories. [mokaddem] * [genericElement:single_view] Metafields have their own element. [mokaddem] * [command:importer] More complete mapping for enisa csirts inventory. [mokaddem] * [genericElement:index-table] Automatically include selector if topbar has multi-select actions. [mokaddem] * [app_local] config defaults. [iglocska] ### Fix * [Command] typo fixed as mentioned in #71. [Alexandre Dulaunoy] * [settings] self registration setting path fixed. [iglocska] * [settings] invalid path to setting fixed. [iglocska] * [plugin:tags] Database migration. [Sami Mokaddem] * [user] Added support of timestamp behavior. [Sami Mokaddem] * [theme] drop to default if nothing is configured instead of barfing. [iglocska] * [in/outboxes] Full support of timestamp behavior. [Sami Mokaddem] * [theme] selection always defaults to default if no user setting set fixed. [iglocska] * [inboxProcessor:userRegistration] Provide correct request feedback. [Sami Mokaddem] * [helpers:bootstrap] Correctly pass modal instance and set correct status node. [Sami Mokaddem] * [genericTemplate:filters] Correctly takes filter fields and simplified UI. [Sami Mokaddem] * [registter] Typo in login link. [Sami Mokaddem] * [register] Fix login in title. [Sami Mokaddem] * [ui:login] Typo in tittle. [Sami Mokaddem] * [ui:select2] Fixed z-index issue. [Sami Mokaddem] By attaching it to the modal body if applicable * [settings] settings changes. [iglocska] - added keycloak settings back - commented out placeholder settings * [UI] invalid code in the home.php template fixed. [iglocska] * [genericElement:index_table] Better support of nested dropdown if it has been added after page load. [Sami Mokaddem] * [genericElement:indexTable] Ignore row selector column. [Sami Mokaddem] * [settings] Correctly detect value changes for select[multiple] [Sami Mokaddem] * [settings] Make sure to save multi-select value as an array. [Sami Mokaddem] * [cli:importer] Support of accessibleFields for new entities. [Sami Mokaddem] * [layout:topbar] Make icon mask supported by more browsers. [Sami Mokaddem] * [ui:sidebar] Make the sidebar scrollable if content is too large. [Sami Mokaddem] * [bootstrap-helper] Better positioning if container has the row class. [Sami Mokaddem] * [userSettings] Added missing template. [Sami Mokaddem] * [helpers:bootstrap] UI issue in button. [Sami Mokaddem] Buttons with icon should have margin only if they contain text * [behavior:authKeycloak] Typo when enrolling new user. [Sami Mokaddem] * [application:migration] Better support of plugin migration. [Sami Mokaddem] * [plugins:tags] Use correct namespace and variable name. [Sami Mokaddem] * [settings] Fixed scrollspy. [mokaddem] * [navigation] Added setting page and more layout fixes. [mokaddem] * [helpers:bootstrap] Fixed missing variable definition. [mokaddem] * [layout:sidebar] sidebar's z-index must be on top of main overlay. [mokaddem] * [layout:navbar] Adpated z-index for bootstrap's modal. [mokaddem] * [genericTemplates:filters] Custom tags (such as negated and like) are correctly parsed and added to the picker. [mokaddem] * [settingProvider] Fixed various UI bug. [mokaddem] * [setting] Support of dot and spaces when redirecting to the setting. [mokaddem] * [settings] No error by default. [mokaddem] * [settings] Fixed scrollspy resolving missing some entries. [mokaddem] * [settings:fields] Added support of textarea and fixed variant from severity. [mokaddem] * [settings] Fixed missing error when evaluating parent settings. [mokaddem] * [instance:settings] Normalise value before saving. [mokaddem] * [instance:settings] Improved support of select and apply correct UI coloring. [mokaddem] * [genericElement:singleView] Improved display of json field. [mokaddem] * [genericElement:codemirror] Catch if no data for codemirror are passed. [mokaddem] ### Other * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge remote-tracking branch 'origin/develop' into develop. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into feature-self-registration. [Sami Mokaddem] * Merge pull request #73 from mokaddem/feature-self-registration. [Andras Iklody] new: [user:registration] Added user self-registration feature * Merge remote-tracking branch 'origin/develop' into develop. [Sami Mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'user-settings' into develop. [Sami Mokaddem] * Merge branch 'develop-unstable' into develop. [iglocska] * Merge branch 'develop-unstable' of github.com:cerebrate-project/cerebrate into develop-unstable. [Sami Mokaddem] * Merge branch 'keycloak' into develop-unstable. [iglocska] * New [keycloak]: WiP user enrollment added. [iglocska] - also moved the keycloak specific functionalities to a behaviour - added new role permission (org admin) * Merge remote-tracking branch 'origin/main' into develop-unstable. [mokaddem] * Update INSTALL.md. [Andras Iklody] * Update INSTALL.md. [Andras Iklody] * Merge branch 'ui-navigation' into develop-unstable. [mokaddem] * Merge branch 'ui-refacto2' into develop-unstable. [mokaddem] * Merge branch 'tags' into develop-unstable. [mokaddem] * Merge branch 'ui-settings' into develop-unstable. [mokaddem] * Merge branch 'local-tool-batch-actions' into develop-unstable. [mokaddem] * Merge branch 'ui-refacto' into develop-unstable. [mokaddem] ## v0.3 (2021-06-30) ### New * [skeleton] integration module added. [iglocska] * [outbox] Added outbox and linked it with failed outgoing messages. [mokaddem] * [migration:remoteToolConnections] Added migration file. [mokaddem] * [requestProcessor:localTool] Added generic localTool processor files. [mokaddem] * [inbox] Created createProcessorInboxEntry endpoint. [mokaddem] * [inbox] Added list request processors. [mokaddem] * [helpers] Added collapse, progress and progressTimeline component + various improvements. [mokaddem] * [inbox] First version of Inbox system and requestProcessors - WiP. [mokaddem] * [js:api-helper] Added postData function. [mokaddem] * [migration] Added migrations scripts. [mokaddem] * [queryLocalTools] endpoint added to broods. [iglocska] - show a list of local tools exposed by a remote cerebrate * [sharing group] capture functionality added. [iglocska] - capture incoming sharing groups and add/update them when appropriate - also capture child organisations * [misp] connector fleshed out with more functionalities. [iglocska] - additionally, improvements to the common connector functionalities * [localtools] templates added. [iglocska] * [localtools] functionality added. [iglocska] * [CRUD] Advanced filtering capabilities for index. [mokaddem] * [helper:boostrap-helper] Added support of modal. [mokaddem] * [helper:boostrap-helper] Added support of badge. [mokaddem] * [command] First version of FieldSquasher - WiP. [mokaddem] * [instance] Added first version of database migration plugin. [mokaddem] * [helpers:bootstrap] Added support of button. [mokaddem] * [helpers:bootstrap] Added support of table. [mokaddem] * [helpers:bootstrap] Added support of alert. [mokaddem] ### Changes * [brood:add] Empty organisation by default. [mokaddem] * [genericForm] Allow empty option in selector. [mokaddem] * [broods] Improved validation. [mokaddem] * [CRUD] Improved validation message feedback. [mokaddem] * [ACLComponenent] Allow sync-user to use exposedTools endpoint. [mokaddem] * [users:index] Allow quick filters. [mokaddem] * [view] templates added for new permission role. [iglocska] - also fixed an issue with the signature of the component import in CRUDcomponent * [metaFieldsTemplates:enisa-csirt-inventory] Added template. [mokaddem] * [appModel] Moved getAccessibleFieldForNew function into appModel. [mokaddem] * [individuals:capture] Prevent ID override and usage of _accessible property. [mokaddem] * [CRUD:add] Always allow UUID field to be set. [mokaddem] * [ACLComponent] Moved DB migration to administration tab. [mokaddem] * [inboxProcessors] Typo. [mokaddem] * [migrations:roles] Added perm_sync column. [mokaddem] * [wip] local tool interconnector library created. [iglocska] * [wip] local tool interconnector, user browsing/searching added for misp connector. [iglocska] * [localtTools:MISP] Centralized methods to issue requests. [mokaddem] * [brood] Centralized methods to issue requests. [mokaddem] * [localTool:MISP] Indentation. [mokaddem] * [localTool:MISP] Set a meaningfull default name for the server if none is provided. [mokaddem] * [localTools:MISP] Include user_id and reflected it. [mokaddem] - So that the initiator cerebrate knows which user has to be enabled * [localTolls:broods] Reload correct index instead of redirect. [mokaddem] * [outbox] Support of bulk deletion. [mokaddem] * [inbox] Added bulk deletion support. [mokaddem] * [bootstrap:helper] Return associated ajaxApi and modalFactory object. [mokaddem] * [genericTemplate:delete] Support of single and bulk delete operations. [mokaddem] * [genericElement:index_table] Generic support of bulk operations. [mokaddem] * [CRUDComponent] Support of bulk delete operations. [mokaddem] * [inboxProcessor:localTool] Typo. [mokaddem] * [inboxProcessors:localTool] Finalize -> Finalise. [mokaddem] * [connectorTools] Tracking of connection request state and improved integration with outbox. [mokaddem] * [outboxProcessors:Broods] Slight UI improvements for resendFailedMessage. [mokaddem] * [helper:bootstrap] Added card support. [mokaddem] * [inboxProcessor] Renamed processors to use `inbox` instead of `request` [mokaddem] * [inboxProcessor] Renamed `RequestProcessors` into `InboxProcessors` [mokaddem] * [brood] Moved request sender handler in the brood table. [mokaddem] * [requestProcessor:localTool] Extendable view with specific local tool action templates. [mokaddem] * [requestProcessor:genericRequest] Improved UI. [mokaddem] * [inbox:localTool] Usage of localTools in the inbox to process connection requests - WiP. [mokaddem] * [application] Added bodyParserMiddleware to parse JSON bodies. [mokaddem] * [localToolConnector] Generic HTTP client and `skip_ssl` feature. [mokaddem] * [requestProcessors] Usage of connector name, connector/user/broods validations & UI improvements. [mokaddem] * [wip] localtools. [iglocska] * [requestProcessor] Improved integration with local tool connectors. [mokaddem] * [genericRequestProcessor] Changed signature of `process` function. [mokaddem] * [helpers:bootstrap] Allows passing modal footer buttons. [mokaddem] * [inbox] Started integrating local tools within the inbox - WiP. [mokaddem] * [migration:inbox] Removed commented lines. [mokaddem] * [requestProcessor] Recover local tool from request. [mokaddem] * [no-wrap] connections. [iglocska] * [wip] local tools integration. [iglocska] * [wip] localtools. [iglocska] * [inbox] Usage of virtual field `local_tool_name` [mokaddem] * [requestProcessors:genericProcessor] Use scope and action to get template path. [mokaddem] * [requestProcessor] Improved processor collection for local tools processor. [mokaddem] * [requestProcessor:user] Renamed template to match processor file. [mokaddem] * [requestProcessor:brood] Moved localTool to its own processor file. [mokaddem] * [genericElement:form] More flexible variable check. [mokaddem] * [genericTemplate:index_simple] Moved file to element. [mokaddem] * [doc:diagrams] Added pdf and png diagrams. [mokaddem] * [wip] localtools. [iglocska] * [monadView] Added comment. [mokaddem] * [requestProcessor] Moved templates files in libraries/default folder. [mokaddem] * [requestProcessor] Simplified genHTTPReply. [mokaddem] * [requestProcessor:user] Moved User table init in parent class. [mokaddem] * [genericElements] Index table UI improvements. [mokaddem] * [requestProcessor] Moved setViewVariables. [mokaddem] * [requestProcessor] Made function not required anymore. [mokaddem] * [requestProcessor] Added placeholder for future request processors. [mokaddem] * [requestProcessor] UI improvements and simplified creation of processors. [mokaddem] * [inbox] Improved layouts. [mokaddem] * [requestProcessor] Refactoring code organisation. [mokaddem] * [requestProcessor:user-registration] Slightly improved UI. [mokaddem] * [genericTemplates:filters] Slightly improved UI. [mokaddem] * [js:bootstrap-helper] Made submission modal more explicit. [mokaddem] * [improvements] to a st of controllers and components to support localtools. [iglocska] - still missing ACL entries! * [js] minor changes to support the localtools. [iglocska] * [templates] updated to support the new functionalities of localtools. [iglocska] * [ParamHandler] Allow haversting negated filter from URL - These are separated by a space character which is being converted to `_` [mokaddem] * [element:indexTable] Changed notification behavior of toggle field. [mokaddem] * [CRUD] Passes active filters to the view. [mokaddem] * [CRUD] Also harvest negated filters from URL. [mokaddem] * [helper:boostrap-helper] Added support of badge inside button. [mokaddem] * [js:bootstrap-helper] General improvements. [mokaddem] * [command:importer] Improved tool and added support of more options. [mokaddem] * [command] Removed unused code in fieldSquasher. [mokaddem] * [command] Extracted function. [mokaddem] * [command] Improved FieldSquasher closest matcher. [mokaddem] * [CRUD] Improved metaFields filtering capabilities. [mokaddem] * [CRUDComponent] Improved related filter condition. [mokaddem] * [helpers:bootstrap] Improvements for table. [mokaddem] * [helpers:bootstrap] General improvements. [mokaddem] ### Fix * [indexTable:group_search] Fixed typo in passed argument. [mokaddem] * [broods] Added validation. [mokaddem] * [controllers] Return data based on the CRUD component response. [mokaddem] * [individual] fetching failed due to incorrect organisation model call. [iglocska] * [ACL] fixed checks for multiple values. [iglocska] * [inbox:createEntry] Ignore user alignment with organisation when creating entry. [mokaddem] * [migrations:localTools] Make sure the table do not exists before creating it. [mokaddem] * [entities] added brood, fixed instance. [iglocska] * [instance] added entity file contents. [iglocska] * [helpers:bootstrap] Correctly destructure passed array. [mokaddem] * [ACL] added all new functionalities. [iglocska] * [authkeys] correctly filter the api keys on the user view. [iglocska] * [command:importer] Fixed variable typo. [mokaddem] * [app] Prevent some ID overrides. [mokaddem] * [brood:captureIndividual] Typos preventing calls to correct functions. [mokaddem] * [singleView:jsonField] Render only first value. [mokaddem] * [add encryption key] view description fixed, fixes #29. [iglocska] * [localTool:MISP] Effectively enable user on connection request finalisation. [mokaddem] * [localTool:commonConnector] Call localtool's finalise connection function. [mokaddem] * [outboxProcessor:broods] Do not force connector name anymore. [mokaddem] * [inbox] Typo. [mokaddem] * [helpers:bootstrap] Correct call to local function. [mokaddem] * [genericElement:index_table] Added missing multi-select-actions view. [mokaddem] * [application] Import bodyParser once. [mokaddem] * [API] various fixes. [iglocska] * [inbox] Missing `Table` in class name. [mokaddem] * [localTools] Fixed typos. [mokaddem] * [localTools] Uncommented health-check. [mokaddem] * [https] errors caught by the health element. [iglocska] * [requestProcessor:genericProcessor] Make sure view builder knows about all request variables. [mokaddem] * [genericElements:indexTable] Enforce actions button to be inline. [mokaddem] * [genericElement:singleView] Allow displaying object not included in an array. [mokaddem] * [mysql.sql] updated. [iglocska] * [genericTemplates:indexFilter] Correct usage of confirmFunction. [mokaddem] * [appcontroller] Validate form for all actions unless index. [mokaddem] * [js:bootstrap-helper] Coorectly call toasts and documentation precisions. [mokaddem] * [logout] url fixed, fixes #45. [iglocska] * [metatemplates] updated MYSQL.sql. [Andras Iklody] * [baseurl] for openmodal actions in the index factory fixed, fixes #46. [iglocska] - invalid url by prepending any url (even # for modal tags) with the baseurl * [urls in links] [iglocska] * [CRUD] Renamed confusing function. [mokaddem] * [CRUD] Correct usage of the `like` condition operator on the query. [mokaddem] * [js:bootstrap-helper] Make sure button exists. [mokaddem] * [pagination] Fixed ellipsis pagination. [mokaddem] * [command] Fixed importer support of metaFields. [mokaddem] * [element] Group context filter to support multiple conditions. [mokaddem] * [CRUDComponent] Full group by on meta-templates. [mokaddem] * [helpers:bootstrap] Correctly closes tr tag. [mokaddem] ### Other * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [mokaddem] * Merge branch 'main' into develop. [mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [mokaddem] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop. [iglocska] * Merge branch 'main' into develop. [mokaddem] * Merge branch 'main' into develop. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'main' into develop. [iglocska] * Merge branch 'develop' into main. [iglocska] * Merge branch 'fix-id-override' into develop. [mokaddem] * Merge branch 'inbox-misp-sync' into develop. [mokaddem] * Merge branch 'develop' into inbox-misp-sync. [mokaddem] * Merge remote-tracking branch 'origin/develop' into inbox-misp-sync. [mokaddem] * Merge remote-tracking branch 'origin/develop' into inbox-misp-sync. [mokaddem] * Merge branch 'develop' of github.com:cerebrate-project/cerebrate into inbox-misp-sync. [mokaddem] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Merge pull request #54 from wagner-certat/doc-upgrade. [Andras Iklody] doc: add upgrade documentation * Doc: add upgrade documentation. [Sebastian Wagner] fixes #51 * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [mokaddem] * Merge branch 'inbox' into main. [iglocska] * Merge branch 'main' into inbox. [iglocska] * Merge remote-tracking branch 'origin/main' into inbox-system. [mokaddem] * Merge branch 'connector' into main. [iglocska] * Merge branch 'main' into connector. [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Update README.md. [Andras Iklody] * Update README.md. [Andras Iklody] * Wip: initial connectors. [iglocska] * Merge branch 'index' into main. [iglocska] * Merge branch 'main' into index. [iglocska] * Merge pull request #39 from mokaddem/feature-updater. [Andras Iklody] [new] Updater system * Merge branch 'main' of github.com:cerebrate-project/cerebrate into feature-updater. [mokaddem] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into feature-metaField-index-filtering. [mokaddem] ## v0.2 (2021-02-23) ### New * [js:bootstrap-helper] Added support of text in overlay. [mokaddem] * [app] Lots of new helpers for views, js and genericElements. [mokaddem] * [genericElements:topBar] Added contextual filtering. [mokaddem] * [webroot] Added bootstrap toaster. [mokaddem] * [helper] Added simple bootstrap navigation helper. [mokaddem] * [baseurl] added better baseurl handling. [iglocska] - set the baseurl via /config/app_local.php - simple set the baseurl to an absolute path or to a relative path if you with to use a subdirectory without setting a baseurl - If no baseurl is set above, Cerebrate will also check the CEREBRATE_BASEURL environment variable * [fetch] individuals added. [iglocska] * [broods] added. [iglocska] - Cerebrate <-> Cerebrate sync - explore remote cerebrate instances - fetch data from remote (orgs, individuals) - run connection tests with a remote instance - check the version, sync user privileges on the remote * [UI] connection test field added for the brood index. [iglocska] * [templates] generic ajax form added. [iglocska] * [custom pagination] component added. [iglocska] - simply paginate arrays as opposed to going to the DB for data - just use $this->CustomPagination->paginate($array); - it will automatically use the pagination options passed in the request - compatible with the default cakePHP pagination helper * [js] added connection test script. [iglocska] * [individuals] table capture functions added. [iglocska] * [Organisation] table capture function added. [iglocska] * [drawio] graphs added. [iglocska] * [config] added config using env variables for the DB connection. [iglocska] * [command] First version of generic importer - WiP. [mokaddem] * [individuals] also contain metafields. [iglocska] * [csn] initial templates. [iglocska] * [meta templates] reworked. [iglocska] * [libraries] first JSON added to metaFields. [iglocska] * [CLI] user listing / password reset added. [iglocska] * [metaFields] system added. [iglocska] - rework of several internal libraries - append custom fields to objects - templating system to assist users, using JSON files - mapped the FIRST directory as a first test * [logos] updated colors requested by the Hungarian master. [Alexandre Dulaunoy] * [trust circles] menues added. [iglocska] * [internal] CRUD component now accepts override fields for the data to be patched. [iglocska] - values derived from for example the currently authed user can be set in the data to be created for example * [Sharing groups] added (wip) [iglocska] - CRUD - attach organisation still missing: - remove organisation * [sharing groups] added to mysql.sql. [iglocska] * [UI] some refactor and added theming. [iglocska] * [UI] made the side menu responsive, fixes #16. [iglocska] * [init] added functions to create a default user. [iglocska] * [conf] file added as an example. [iglocska] - to ease testing a simple http only conf file for cerebrate * [install] instructions. [iglocska] ### Changes * [element:generic_index] Added more flexibility in topbar. [mokaddem] * [element:generic_index] Contextual filtering button UI improved. [mokaddem] * [command:user] Renamed function toggleDisabled. [mokaddem] * [command:user] Option to enable/disable users. [mokaddem] * [js:bootstrap-helper] Overlay factory supports dark theme and auto rounding. [mokaddem] * [js:api-helper] Allow passing status node overlay config. [mokaddem] * [js] Include dark mode variable. [mokaddem] * [element:generic_index] Improved quick filter functionality and UI. [mokaddem] * [element:generic_index] Usage of additional status node for context filtering. [mokaddem] * [element:generic_index] Usage of UI factory for group_search. [mokaddem] * [js:bootstrap-helper] Allow UI.reload to include other status nodes. [mokaddem] * [component:CRUD] Pass searched value to the view and allow searching by hitting [mokaddem] * [component:CRUD] Added quick search using LIKE. [mokaddem] * [js:bootstrap-helper] Added comment. [mokaddem] * [broods] Moved to use the new factories. [mokaddem] * Added support of displayOnSuccess, non-dismissable modals and some house cleaning. [mokaddem] * [command:updater] Added draft of meta-template update. [mokaddem] * [command:updater] Draft of manual updater script. [mokaddem] * [js:bootstrap-helper] new functionalities and refacto. [mokaddem] * [js:api] new functionalities and refacto. [mokaddem] * [helpers:DataFromPathHelper] Simplified usage. [mokaddem] * [helpers:bootstrap] Added support of variant in tabs. [mokaddem] * [sharinggroup] Improved support of CRUDComponent. [mokaddem] * [element:genericElements] Button placement consistency in generic modal. [mokaddem] * [js:bootstrap-helper] Overlay factory correctly supports variant for both elements. [mokaddem] * [element:genericElements] UI improvements in index factory. [mokaddem] * [js:api-helper] Renamed function. [mokaddem] * [component:CRUD] Remove usage of custom header + added custom form validation feedback. [mokaddem] * [controllers] Bug fixes and usage of UI factory. [mokaddem] * [genericElements:indexTable] Improved UI of toggle field. [mokaddem] * [component:CRUD] Improved flexibility. [mokaddem] * [Component:CRUDComponent] Default `allow_all` to true when context filtering. [mokaddem] * [genericElements:indexTable] Added documentation for toggle field. [mokaddem] * [genericElements:indexTable] Added option in toggle field to skip full index reload. [mokaddem] * [js:api-helper] Added documentation. [mokaddem] * [js:bootstrap-helper] Added documentation. [mokaddem] * [generic] Added Modal from URL support - Support Form submission - Success / Fail callbacks - Modal reloading in case of validation errors. [mokaddem] * [js-helper] Added quick methods and more documentation. [mokaddem] * [helper:stringFromPath] Added same feature but for array of strings. [mokaddem] * [genericElement:single_view] Bit of refactoring and skip_meta_template option. [mokaddem] * [helpers] Added documentation and tweakings. [mokaddem] * [metaTemplates] Outline default template. [mokaddem] * [metaTemplate:toggle] Enforce one default template per scope. [mokaddem] * [metaTemplates:index] Improved conflict text. [mokaddem] * [genericElement:index] Allow support of closure for variables and type. [mokaddem] * [genericElements] Perform ajax call when filtering with context. [mokaddem] * [genericElements:listTopBar] Filtering context are taken from passed data instead of set variables. [mokaddem] * [component:CRUD] Improved filtering context to be more flexible. [mokaddem] - Support fields to be taken as quick filters - Support custom quick filters by specifying the conditions * [singleView:single_view] Usage of name instead of namespace for meta-templates. [mokaddem] * [helper:boostrap] Refactored to use more functions. [mokaddem] * [singleViews:single_view] Improved layout for meta-templates. [mokaddem] * [singleViews] Meta data are now clustered based on their template namespace. [mokaddem] * [genericElements:toggle] Added support of requirement for being able to change the toggle's state. [mokaddem] * [templates] House cleaning. [mokaddem] * [CRUDComponent] Added toggle. [mokaddem] - Applied to meta-templates * [metaTemplate] Moved to namespaced meta fields based on their template - WiP. [mokaddem] * [ACL] update to include broods. [iglocska] * [baseurl] exposed as an easy to reach variable in all views. [iglocska] * [Aligntments] setAlignment function moved to its appropriate model. [iglocska] * [internal] saveMetafields moved to AppTable. [iglocska] * [CRUD component] internal changes. [iglocska] - removed saveMetaFields function from the component - fixed issues with associations being patched in automatically for add/edit * [config] disable debug by default. [iglocska] * [logo] colour change. [iglocska] - for the swarm * [command] Added configuration file for enisa-csirts. [mokaddem] * [command] Generic importer usage of saveMany and improved TUI. [mokaddem] * [command] Generic importer added more validation and progress bar. [mokaddem] * [command] Added support of CSV and documentation. [mokaddem] * [command] Generic importer improved and added support of value override. [mokaddem] * [command] Generic import tool allow passing path directly. [mokaddem] * [command] Added support of meta-field in generic importer. [mokaddem] * [genericForm] Fallback entity to null (to model-less form) if not provided. [mokaddem] * [sharingGroupOrgs] Renamed table back to original name. [mokaddem] * [encryption keys] index - removed superfluous owner id. [iglocska] * [install] Added syntax highlighting. [mokaddem] * [install] Removed duplicated entries. [Sami Mokaddem] * [menu system] fixes and updates. [iglocska] changes: - added "popup" as a new flag for the menu element in the ACL component - links in the menues will be popovers for these - added some missing links bug fixes: - fixed a bug breaking the adding of sharing groups due to the id variable not being set as reported by cert.pl * [user add] don't autocomplete username/password fields. [iglocska] * [submenu fixes] Correctly show scope specific sub menues. [iglocska] - also added view my profile / edit my profile buttons * [instance] status moved to the correct controller. [iglocska] * [VERSION] string added. [iglocska] * [ACL] rework. [iglocska] - moved the menu into the ACL function - tied ACL function into menubuilding process to remove items the user has no access to - thanks to @JakubOnderka for the inspiration - tied missing endpoints into the ACL system - fixed the queryACL function to work with Cerebrate * [doc] Added mod_rewrite note. [Steve Clement] * [doc] Updated INSTALL doc. [Steve Clement] * [logo] colors requested by the Hungarian leader again. [Alexandre Dulaunoy] * [users add UI] changed password to an actual password field. [iglocska] * [INSTALL] added some missing points to get cerebrate up and running. [Andras Iklody] * [doc] install link added. [Alexandre Dulaunoy] * [UI] some adjustements to make both themes less awkward. [iglocska] * [instructions] Added requirements. [iglocska] * [cerebrate setting defaults] added. [iglocska] * [INSTALL] instruction changes. [iglocska] - no need to yell * [gitignore] updated. [iglocska] * [mysql] empty db script updated. [iglocska] * [restructure] the application. [iglocska] - move the app dir's contents to the source - update composer for easier installation ### Fix * [componenent:CRUD] Fixed oneToMany contextual filters. [mokaddem] * [sharinggroups] Possibility to remove/add org from sharinggroup. [mokaddem] * [component:CRUD] Support for older PHP versions. [mokaddem] * [component:CRUD] Fixed FULL_GROUP_BY issue and simplified contextual filtering. [mokaddem] * [element:generic_index] Toggle field passes expected data format. [mokaddem] * [element:generic_index] Correctly passes button variable. [mokaddem] * [Component:CRUD] Allow saving metaFields. [mokaddem] * [broods] Fixed quick search. [mokaddem] * [component:CRUD] Extraction contextual filters based on association type. [mokaddem] * [broods:edit] Include organisation dropdown data. [mokaddem] * [component:CRUDComponent] Take data linked to the current table Performs a query similar to a right join instead of dumping the table for composed contextual filters. [mokaddem] * [js:bootstrap-helper] Correctly returns promise. [mokaddem] * [user] Allow password update and hiden confirm_password field. [mokaddem] * [genericElements] Fixed Usage of bootstrap-helper's overlay. [mokaddem] * [helper:bootstrap] Closed correct node. [mokaddem] * [component:CRUD] Allow filtering by array of values. [mokaddem] * [genericElements:single_view] Only display meta-field box if the view contains some. [mokaddem] * [component:CRUD] Restrict metafields to only the object being viewed. [mokaddem] * [Component:CRUD] Allow edit of meta-fields and added group_by clause. [mokaddem] * [helper:bootstrap] Correctly close div if tab option is supplied. [mokaddem] * [genericElements:form] Make sure current model have meta-templates. [mokaddem] * [cleanup] unused var in single view. [iglocska] * [index] search fixed. [iglocska] - correctly persist url parameters when searching * [org] field in the index table fixed. [iglocska] - removed debug - correct extraction of the data - show links for the orgs to the org view * [metafield] account for "raw" being null but still set - use isset for the check. [iglocska] * HttpOnly should be httponly. [Andras Iklody] * [command] Generic importer correct usage of options. [mokaddem] * [organisations] Make sure to cascade deletion calls. [mokaddem] * [sharingGroup] Various fixes for sharing groups. [mokaddem] - Renamed sharingGroupsOrgs table to follow cake4's recommendation - Fix case if logged user doesn't have an organisation - Provide all orgs if user is admin - Fix issue with model associated with sharingGroupOrgs - Fix addOrg missing entity for genericForm helper * [password validation] don't accept linebreaks. [iglocska] - as reported by cert.sk * [encryption key] searches. [iglocska] * [pagination] link highlighting. [iglocska] * Encryption modifications. [iglocska] - added a limited edit function - changed the index to make more sense - as reported by cert.pl * [org controller] invalid import statement fixed. [iglocska] * [encryption keys] adding a key correctly returns the expected view elements. [iglocska] - also some minor tweaks on the index - CRUD component now accepts a redirect parameter - as reported by cert.pl * [cleanup] of breakpoint. [iglocska] * [passwords] several fixes. [iglocska] - complexity requirements added - validation rules added - added confirm password rules - as reported by cert.pl * Organisation entity renamed. [iglocska] * [metafields] don't show the element if no metafields are configured for the scope. [iglocska] * [user edit] required password change. [iglocska] - as reported by cert.pl * [security] Removed a user's ability to change their role. [iglocska] - as reported by cert.pl * [ACL] added missing entries. [iglocska] * [internal] metafields can also be empty. [iglocska] * [templates] left off. [iglocska] * [sharing groups] don't include ALL user details in the sharing group. [iglocska] * [open APIs] fixed some minor issues. [iglocska] * [encryption] keys could not be added due to invalid marshaling, fixes #15. [iglocska] * [UI] removed the annoying left side padding. [iglocska] * [UI] reverted ajax index tables not having the title/description. [iglocska] - messes with the pagination * [public API] routes added. [iglocska] * [default user] Added default first/lastname. [iglocska] * [typo] pluralise model name. [iglocska] * [internal] Correct way of fetching the ID of the new entity. [iglocska] * [import] of table registry added to users table. [iglocska] * [install] point to correct mysql script. [iglocska] * [markdown] fail fixed. [iglocska] ### Other * Merge pull request #38 from schacht-certat/schacht/debian. [Andras Iklody] Add initial debian/ directory * Add initial debian/ directory. [Birger Schacht] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Merge pull request #37 from mokaddem/namespaced-metatemplates. [Andras Iklody] New libraries and namespaced meta-templates * Merge branch 'main' of github.com:cerebrate-project/cerebrate into namespaced-metatemplates. [mokaddem] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into namespaced-metatemplates. [mokaddem] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Update README.md. [Andras Iklody] * Merge pull request #35 from mokaddem/genericImporter. [Andras Iklody] Generic importer * Merge pull request #34 from mokaddem/fix-sharing-group. [Andras Iklody] fix: [sharingGroup] Various fixes for sharing groups * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Merge pull request #32 from mokaddem/patch-1. [Andras Iklody] chg: [install] Removed duplicated entries & syntax highlighting * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Merge pull request #30 from rommelfs/patch-3. [Andras Iklody] cleanup, consistency * Cleanup, consitency. [Sascha Rommelfangen] * Merge pull request #23 from rommelfs/patch-2. [Andras Iklody] some details added * Merge branch 'main' into patch-2. [Andras Iklody] * Merge pull request #17 from SteveClement/install_docs. [Andras Iklody] chg: [doc] Updated INSTALL doc * Some details added. [Sascha Rommelfangen] * New [Authkey] implementation ready. [iglocska] - users can have multiple keys - keys are hashed with bcrypt - each key can have its own expiration - each key can have a contextual comment - authentication via API requests happens with the Authorization header * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Merge branch 'main' of github.com:cerebrate-project/cerebrate into main. [iglocska] * Update INSTALL.md. [Andras Iklody] ## v0.1 (2020-06-21) ### New * [routes] added route for open spaces. [iglocska] * [open] spaces added. [iglocska] - public interfaces that are configurable, early iteration * [API auth] added. [iglocska] * [logout] button added to the menues. [iglocska] * [single view] updated, allows for child indeces to be loaded in an accordion. [iglocska] * [UI] brought up to date with factory changes. [iglocska] * [Authkeys] added. [iglocska] * [login] page added. [iglocska] * [instance] scope added. [iglocska] * [auth] Added authentication. [iglocska] * [Roles, Users] added. [iglocska] * [encryption keys] controller/model/template added. [iglocska] * [internal] CRUD controller added. [iglocska] - centralise all CRUD operations - flexible library, with the goal of keeping controllers as lean as possible - can be used as a passthrough for options * [logo] added. [Alexandre Dulaunoy] * [internal] appcontroller/appmodel updates. [iglocska] * [UUID] behaviour added. [iglocska] - auto set UUIDs on objects * [paramhandler] component added. [iglocska] - centralised handling of all things related to request parameter parsing * [CRUD] crud component added. [iglocska] - standardise on crud operations, simplify the controller codebase - massive reduction in complexity * [menu] centralised top and side menu. [iglocska] - single source, top menu uses masked version of side menu - constructor in AppTables, making it available across the application * [encryption keys] Encryption key management added. [iglocska] - add/list/search for keys and assign them to users/organisations - several new internal features - refactored/abstracted parameter harvesting - automatic dependency system for the form templating - several others * [documentation] Added screenshots and a short descriptin. [iglocska] * [initial] import of the project files. [iglocska] - Cerebrate v0.1 initial WIP version [Features] - initial version of TrustDB - Organisation - User scope - Alignments between Users and Organisations - semi-implemented encryption key store [Internals] - MISP systems transposed to CakePHP4 / Bootstrap 4 / Cerebrate - UI factories - Index factories - Form factories - internal: - RestResponse library - ACL library in progress - new clean UI using BS4 - New systems: - UI factories - view factories - Datamodel import/cleaning via SQL scripts * Added small note to keep track of the db. [iglocska] ### Changes * [menu] Added some missing elements to the menues (encryption keys and instances) [iglocska] * [index] factories modified to make index views leaner for ajax rendering. [iglocska] * [images] added to webroot for the README.md to be rendered as a lading page. [iglocska] * [routes] updated for default landing page. [iglocska] * [composer] Added dependencies. [iglocska] * [templates] Overhaul of the factories. [iglocska] * [templates] Individuals and Organisations updated. [iglocska] * [Controllers] Alignments, Individuals, Organisations updated for the CRUD component. [iglocska] * [Factories] Refactored side-menu/header/footer construction. [iglocska] - better separation between systems and data for code reusability - genericElements should be free of any application specific code for portability * [doc] some clean-up. [Alexandre Dulaunoy] ### Fix * [css] Added login css/image. [iglocska] * [roles] API index fixed. [iglocska] * [CRUD] various issues fixed with the search parameter handling on the index views. [iglocska] * [htaccess] fixed. [iglocska] * [Individuals Model] Table updated with relations and smarter UUID handling. [iglocska] * [templates] delete url parsing rules fixed. [iglocska] * [ParamHandler] fixed correct URL query string parsing for related models. [iglocska] * [inifinite loop] resolved in the templating due to invalid element call. [iglocska] * [encryption keys] index was left off. [iglocska] * [documentation] fixed another image link. [Andras Iklody] * [documentation] invalid image link. [Andras Iklody] * [alignments] added along with various changes. [iglocska] ### Other * Merge branch 'master' of github.com:cerebrate-project/cerebrate. [iglocska] * Merge branch 'master' of github.com:cerebrate-project/cerebrate. [Alexandre Dulaunoy] * Merge branch 'master' of github.com:cerebrate-project/cerebrate. [iglocska] * Initial commit. [Andras Iklody]