search

MISP / MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform
https://www.misp-project.org/
GNU Affero General Public License v3.0
5.42k stars 1.41k forks source link

Adding a sighting as Read Only user throws error #3193

Closed StefanKelm closed 6 years ago

StefanKelm commented 6 years ago

Similar to #3187 when a Read Only User tries to add a sighting Request failed for an unknown reason. is being briefly displayed.

Error.log:

2018-04-25 14:25:05 Error: [MethodNotAllowedException] You do not have permission to use this functionality.
Request URL: /sightings/add/1234567
Stack Trace:
#0 /services/inst/misp/app/Controller/Component/ACLComponent.php(483): ACLComponent->__error(403, 'You do not have...')
#1 /services/inst/misp/app/Controller/AppController.php(379): ACLComponent->checkAccess(Array, 'sightings', 'add')
#2 /services/inst/misp/app/Controller/SightingsController.php(8): AppController->beforeFilter()
#3 [internal function]: SightingsController->beforeFilter(Object(CakeEvent))
#4 /services/inst/misp/app/Lib/cakephp/lib/Cake/Event/CakeEventManager.php(243): call_user_func(Array, Object(CakeEvent))
#5 /services/inst/misp/app/Lib/cakephp/lib/Cake/Controller/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))
#6 /services/inst/misp/app/Lib/cakephp/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()
#7 /services/inst/misp/app/Lib/cakephp/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(SightingsController), Object(CakeRequest))
#8 /services/inst/misp/app/webroot/index.php(92): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))
#9 {main}
iglocska commented 6 years ago

This should be fixed now, thanks!