From d6f43b5a183b89fe9971940c57d21b5dd49b5c81 Mon Sep 17 00:00:00 2001 From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Mon, 28 Jul 2025 06:01:11 +0000 Subject: [PATCH 1/5] Add locked field to feeds for sync user permission control - Add database migration case 141 for feeds.locked field - Modify feed processing to set event locked status from feed config - Add locked checkbox to feed add/edit UI forms - Update controller to handle locked field in save operations Fixes sync user permission issue where users could pull feed events but not update them. Events from locked feeds can now be edited by sync users, while unlocked feeds remain local-only. Addresses GitHub issue #10047 Co-Authored-By: Chris Horsley --- app/Controller/FeedsController.php | 6 +++++- app/Model/AppModel.php | 3 +++ app/Model/Feed.php | 1 + app/View/Feeds/add.ctp | 6 ++++++ 4 files changed, 15 insertions(+), 1 deletion(-) diff --git a/app/Controller/FeedsController.php b/app/Controller/FeedsController.php index 62ba961b438..f9a699229c6 100644 --- a/app/Controller/FeedsController.php +++ b/app/Controller/FeedsController.php @@ -280,6 +280,9 @@ public function add() if (empty($feed['Feed']['lookup_visible'])) { $feed['Feed']['lookup_visible'] = 0; } + if (empty($feed['Feed']['locked'])) { + $feed['Feed']['locked'] = 0; + } if (empty($feed['Feed']['input_source'])) { $feed['Feed']['input_source'] = 'network'; } else { @@ -379,7 +382,8 @@ public function edit($feedId) 'lookup_visible', 'headers', 'orgc_id', - 'fixed_event' + 'fixed_event', + 'locked' ], 'afterFind' => function (array $feed) { $feed['Feed']['settings'] = json_decode($feed['Feed']['settings'], true); diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index b62f3178727..a8a124a19c7 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -2480,6 +2480,9 @@ public function updateDatabase($command) case 140: $sqlArray[] = "ALTER TABLE `taxii_servers` MODIFY `api_key` TEXT NOT NULL"; break; + case 141: + $sqlArray[] = "ALTER TABLE `feeds` ADD `locked` tinyint(1) NOT NULL DEFAULT 0;"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/Feed.php b/app/Model/Feed.php index 7fba335b4c2..9258acb2bff 100644 --- a/app/Model/Feed.php +++ b/app/Model/Feed.php @@ -1061,6 +1061,7 @@ private function __prepareEvent($event, array $feed, $filterRules) } else { $event['Event']['distribution'] = $feed['Feed']['distribution']; $event['Event']['sharing_group_id'] = $feed['Feed']['sharing_group_id']; + $event['Event']['locked'] = !empty($feed['Feed']['locked']) ? 1 : 0; if ($feed['Feed']['sharing_group_id']) { $sg = $this->SharingGroup->find('first', array( 'recursive' => -1, diff --git a/app/View/Feeds/add.ctp b/app/View/Feeds/add.ctp index 6000130d78c..caa35ce8d00 100755 --- a/app/View/Feeds/add.ctp +++ b/app/View/Feeds/add.ctp @@ -31,6 +31,12 @@ echo $this->element('genericElements/Form/genericForm', [ 'label' => __('Unpublish events'), 'type' => 'checkbox' ], + [ + 'field' => 'locked', + 'label' => __('Lock events'), + 'title' => __('Lock events created from this feed (allows sync users to edit them)'), + 'type' => 'checkbox' + ], [ 'field' => 'name', 'label' => __('Name'), From 03168a408ca9605af6cb7aaca436d42a6e8c61a4 Mon Sep 17 00:00:00 2001 From: Sid Odgers Date: Tue, 29 Jul 2025 12:15:17 +1000 Subject: [PATCH 2/5] Add schema ver 141 to DB_UPDATES --- app/Model/AppModel.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index a8a124a19c7..589d5623566 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -95,7 +95,8 @@ class AppModel extends Model 117 => false, 118 => false, 119 => false, 120 => false, 121 => false, 122 => false, 123 => false, 124 => false, 125 => false, 126 => false, 127 => false, 128 => false, 129 => false, 130 => false, 131 => false, 132 => false, 133 => false, 134 => true, - 135 => false, 136 => true, 137 => false, 138 => false, 139 => false, 140 => false + 135 => false, 136 => true, 137 => false, 138 => false, 139 => false, 140 => false, + 141 => false ); const ADVANCED_UPDATES_DESCRIPTION = array( From 87bebb151d7cd5d7097eb81e502c2dca95fe83de Mon Sep 17 00:00:00 2001 From: Sid Odgers Date: Tue, 29 Jul 2025 12:17:10 +1000 Subject: [PATCH 3/5] fix punctuation --- app/Model/AppModel.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 589d5623566..4ac5617076e 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -95,7 +95,7 @@ class AppModel extends Model 117 => false, 118 => false, 119 => false, 120 => false, 121 => false, 122 => false, 123 => false, 124 => false, 125 => false, 126 => false, 127 => false, 128 => false, 129 => false, 130 => false, 131 => false, 132 => false, 133 => false, 134 => true, - 135 => false, 136 => true, 137 => false, 138 => false, 139 => false, 140 => false, + 135 => false, 136 => true, 137 => false, 138 => false, 139 => false, 140 => false, 141 => false ); From fb76893333b9f6ed7d4ba7109fce54e14d4ba9f9 Mon Sep 17 00:00:00 2001 From: Sid Odgers Date: Tue, 29 Jul 2025 13:55:03 +1000 Subject: [PATCH 4/5] add new field to db_schema --- db_schema.json | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/db_schema.json b/db_schema.json index 81d5be98d72..831e39a7d77 100644 --- a/db_schema.json +++ b/db_schema.json @@ -3478,6 +3478,17 @@ "column_type": "int(11)", "column_default": "0", "extra": "" + }, + { + "column_name": "locked", + "is_nullable": "NO", + "data_type": "tinyint", + "character_maximum_length": null, + "numeric_precision": "3", + "collation_name": null, + "column_type": "tinyint(1)", + "column_default": "0", + "extra": "" } ], "fuzzy_correlate_ssdeep": [ @@ -11029,4 +11040,4 @@ } }, "db_version": "140" -} \ No newline at end of file +} From c66aa6551aebfcfeaf1ef7eec9e723b520e5378e Mon Sep 17 00:00:00 2001 From: Sid Odgers Date: Tue, 29 Jul 2025 13:58:03 +1000 Subject: [PATCH 5/5] rename `locked` field to `lock_events` in feed model --- app/Controller/FeedsController.php | 6 +++--- app/Model/AppModel.php | 2 +- app/Model/Feed.php | 2 +- app/View/Feeds/add.ctp | 2 +- db_schema.json | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/app/Controller/FeedsController.php b/app/Controller/FeedsController.php index f9a699229c6..087415b217c 100644 --- a/app/Controller/FeedsController.php +++ b/app/Controller/FeedsController.php @@ -280,8 +280,8 @@ public function add() if (empty($feed['Feed']['lookup_visible'])) { $feed['Feed']['lookup_visible'] = 0; } - if (empty($feed['Feed']['locked'])) { - $feed['Feed']['locked'] = 0; + if (empty($feed['Feed']['lock_events'])) { + $feed['Feed']['lock_events'] = 0; } if (empty($feed['Feed']['input_source'])) { $feed['Feed']['input_source'] = 'network'; @@ -383,7 +383,7 @@ public function edit($feedId) 'headers', 'orgc_id', 'fixed_event', - 'locked' + 'lock_events' ], 'afterFind' => function (array $feed) { $feed['Feed']['settings'] = json_decode($feed['Feed']['settings'], true); diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 4ac5617076e..71191ff2200 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -2482,7 +2482,7 @@ public function updateDatabase($command) $sqlArray[] = "ALTER TABLE `taxii_servers` MODIFY `api_key` TEXT NOT NULL"; break; case 141: - $sqlArray[] = "ALTER TABLE `feeds` ADD `locked` tinyint(1) NOT NULL DEFAULT 0;"; + $sqlArray[] = "ALTER TABLE `feeds` ADD `lock_events` tinyint(1) NOT NULL DEFAULT 0;"; break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/Feed.php b/app/Model/Feed.php index 9258acb2bff..cbf42a8bec2 100644 --- a/app/Model/Feed.php +++ b/app/Model/Feed.php @@ -1061,7 +1061,7 @@ private function __prepareEvent($event, array $feed, $filterRules) } else { $event['Event']['distribution'] = $feed['Feed']['distribution']; $event['Event']['sharing_group_id'] = $feed['Feed']['sharing_group_id']; - $event['Event']['locked'] = !empty($feed['Feed']['locked']) ? 1 : 0; + $event['Event']['lock_events'] = !empty($feed['Feed']['lock_events']) ? 1 : 0; if ($feed['Feed']['sharing_group_id']) { $sg = $this->SharingGroup->find('first', array( 'recursive' => -1, diff --git a/app/View/Feeds/add.ctp b/app/View/Feeds/add.ctp index caa35ce8d00..b1798e1fccc 100755 --- a/app/View/Feeds/add.ctp +++ b/app/View/Feeds/add.ctp @@ -32,7 +32,7 @@ echo $this->element('genericElements/Form/genericForm', [ 'type' => 'checkbox' ], [ - 'field' => 'locked', + 'field' => 'lock_events', 'label' => __('Lock events'), 'title' => __('Lock events created from this feed (allows sync users to edit them)'), 'type' => 'checkbox' diff --git a/db_schema.json b/db_schema.json index 831e39a7d77..69778209c8f 100644 --- a/db_schema.json +++ b/db_schema.json @@ -3480,7 +3480,7 @@ "extra": "" }, { - "column_name": "locked", + "column_name": "lock_events", "is_nullable": "NO", "data_type": "tinyint", "character_maximum_length": null,