MISP/app/Controller/RegexpController.php

<?php

App::uses('AppController', 'Controller');

/**
 * Regexps Controller
 *
 * @property Regexp $Regexp
 */
class RegexpController extends AppController {

	public $components = array('Security', 'RequestHandler', 'AdminCrud');

	public $paginate = array(
			'limit' => 60,
			'order' => array(
					'Regexp.id' => 'ASC'
			)
	);

	public function beforeFilter() {
		parent::beforeFilter();
	}

/**
 * admin_add method
 *
 * @return void
 */
	public function admin_add() {
		if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
		$this->AdminCrud->adminAdd();
	}

/**
 * admin_index method
 *
 * @return void
 */
	public function admin_index() {
		if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
		$this->AdminCrud->adminIndex();
		//}
	}

/**
 * admin_edit method
 *
 * @param string $id
 * @return void
 * @throws NotFoundException
 */
	public function admin_edit($id = null) {
		if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
		$this->AdminCrud->adminEdit($id);
	}

/**
 * admin_delete method
 *
 * @param string $id
 * @return void
 * @throws MethodNotAllowedException
 * @throws NotFoundException
 */
	public function admin_delete($id = null) {
		if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
		$this->AdminCrud->adminDelete($id);
	}

/**
 * index method
 *
 * @return void
 */
	public function index() {
		$this->recursive = 0;
		$this->set('list', $this->paginate());
	}

/**
 *
 */
	public function admin_clean() {
		if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
		$this->regexpAll('Attribute', 'value');
		$this->regexpAll('Event', 'info');

		$this->redirect(array('action' => 'index'));
	}

	public function regexpAll($Model, $Field) {
		if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
		$deletable = array();
		$this->loadModel($Model);
		$all = $this->{$Model}->find('all', array('recursive' => -1));
		foreach ($all as $item) {
			$result = $this->replaceSpecific($item[$Model][$Field]);
			if (!$result) {
				$deletable[] = $item[$Model]['id'];
			} else {
				$this->{$Model}->save($item);
			}
		}
		if (count($deletable)) {
			foreach ($deletable as $item) {
				$this->{$Model}->delete($item);
			}
		}
	}

	public function replaceSpecific($origString) {
		if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));
		$returnValue = true;
		$allRegexp = $this->Regexp->find('all'); // TODO REGEXP INIT LOAD ARRAY
		foreach ($allRegexp as $regexp) {
			if (strlen($regexp['Regexp']['replacement']) && strlen($regexp['Regexp']['regexp'])) {
				$origString = preg_replace($regexp['Regexp']['regexp'], $regexp['Regexp']['replacement'], $origString);
			}
			if (!strlen($regexp['Regexp']['replacement']) && preg_match($regexp['Regexp']['regexp'], $origString)) {
				App::uses('SessionComponent', 'Controller/Component');
				SessionComponent::setFlash('Blacklisted value!');
				$returnValue = false;
			}
		}
		return $returnValue;
	}

}
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`<?php`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`App::uses('AppController', 'Controller');`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`/**`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`* Regexps Controller`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`*`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`* @property Regexp $Regexp`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`*/`
Import Regexp Renamed Import Whitelist to Import Regexp. 2012-12-20 19:47:38 +01:00			`class RegexpController extends AppController {`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`public $components = array('Security', 'RequestHandler', 'AdminCrud');`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00
coding standards Coding Standards. 2012-12-19 02:48:53 +01:00			`public $paginate = array(`
			`'limit' => 60,`
			`'order' => array(`
Import Regexp Renamed Import Whitelist to Import Regexp. 2012-12-20 19:47:38 +01:00			`'Regexp.id' => 'ASC'`
coding standards Coding Standards. 2012-12-19 02:48:53 +01:00			`)`
			`);`
generateAllFor<FieldName> conflicts with CAKE/Model/Model::_call() so no findBy<FieldName>. (and various very minor other things.) 2012-12-19 11:30:10 +01:00
coding standards Coding Standards. 2012-12-19 02:48:53 +01:00			`public function beforeFilter() {`
			`parent::beforeFilter();`
			`}`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00
			`/**`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`* admin_add method`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`*`
			`* @return void`
			`*/`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`public function admin_add() {`
Further changes to the authorisation 2013-04-26 15:46:39 +02:00			`if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$this->AdminCrud->adminAdd();`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`}`

			`/**`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`* admin_index method`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`*`
			`* @return void`
			`*/`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`public function admin_index() {`
changes to the admin org access and sanitization 1. Some errors fixed in the way redirects worked for org admins 2. fixed some double sanitization resulting in incorrect characters displayed in certain fields 2013-01-30 11:49:55 +01:00			`if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$this->AdminCrud->adminIndex();`
Org admin privileges Added restrictions for org admins and regular users to be able to see regexp/whitelist/blacklist information without being able to edit them. Org admins can also see the roles but not edit them. 2013-01-28 11:44:09 +01:00			`//}`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`}`

			`/**`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`* admin_edit method`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`*`
			`* @param string $id`
			`* @return void`
			`* @throws NotFoundException`
			`*/`
			`public function admin_edit($id = null) {`
changes to the admin org access and sanitization 1. Some errors fixed in the way redirects worked for org admins 2. fixed some double sanitization resulting in incorrect characters displayed in certain fields 2013-01-30 11:49:55 +01:00			`if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$this->AdminCrud->adminEdit($id);`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`}`

			`/**`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`* admin_delete method`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`*`
			`* @param string $id`
			`* @return void`
			`* @throws MethodNotAllowedException`
			`* @throws NotFoundException`
			`*/`
			`public function admin_delete($id = null) {`
changes to the admin org access and sanitization 1. Some errors fixed in the way redirects worked for org admins 2. fixed some double sanitization resulting in incorrect characters displayed in certain fields 2013-01-30 11:49:55 +01:00			`if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$this->AdminCrud->adminDelete($id);`
input regex use RegexBehavior on Event.info and Attribute.value. 2012-11-30 13:52:09 +01:00			`}`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00
Org admin privileges Added restrictions for org admins and regular users to be able to see regexp/whitelist/blacklist information without being able to edit them. Org admins can also see the roles but not edit them. 2013-01-28 11:44:09 +01:00			`/**`
			`* index method`
			`*`
			`* @return void`
			`*/`
			`public function index() {`
			`$this->recursive = 0;`
fix sanitization in Regexp #96 2013-04-24 15:33:22 +02:00			`$this->set('list', $this->paginate());`
Org admin privileges Added restrictions for org admins and regular users to be able to see regexp/whitelist/blacklist information without being able to edit them. Org admins can also see the roles but not edit them. 2013-01-28 11:44:09 +01:00			`}`

Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`/**`
			`*`
			`*/`
			`public function admin_clean() {`
changes to the admin org access and sanitization 1. Some errors fixed in the way redirects worked for org admins 2. fixed some double sanitization resulting in incorrect characters displayed in certain fields 2013-01-30 11:49:55 +01:00			`if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$this->regexpAll('Attribute', 'value');`
			`$this->regexpAll('Event', 'info');`

			`$this->redirect(array('action' => 'index'));`
			`}`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`public function regexpAll($Model, $Field) {`
changes to the admin org access and sanitization 1. Some errors fixed in the way redirects worked for org admins 2. fixed some double sanitization resulting in incorrect characters displayed in certain fields 2013-01-30 11:49:55 +01:00			`if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$deletable = array();`
			`$this->loadModel($Model);`
			`$all = $this->{$Model}->find('all', array('recursive' => -1));`
			`foreach ($all as $item) {`
			`$result = $this->replaceSpecific($item[$Model][$Field]);`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`if (!$result) {`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$deletable[] = $item[$Model]['id'];`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`} else {`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$this->{$Model}->save($item);`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`}`
			`}`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`if (count($deletable)) {`
			`foreach ($deletable as $item) {`
			`$this->{$Model}->delete($item);`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`}`
			`}`
			`}`

			`public function replaceSpecific($origString) {`
changes to the admin org access and sanitization 1. Some errors fixed in the way redirects worked for org admins 2. fixed some double sanitization resulting in incorrect characters displayed in certain fields 2013-01-30 11:49:55 +01:00			`if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'regexp', 'action' => 'index', 'admin' => false));`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`$returnValue = true;`
AdminCrud use of the AdminCrud component. 2013-01-04 15:49:52 +01:00			`$allRegexp = $this->Regexp->find('all'); // TODO REGEXP INIT LOAD ARRAY`
Import Regexp Renamed Import Whitelist to Import Regexp. 2012-12-20 19:47:38 +01:00			`foreach ($allRegexp as $regexp) {`
			`if (strlen($regexp['Regexp']['replacement']) && strlen($regexp['Regexp']['regexp'])) {`
			`$origString = preg_replace($regexp['Regexp']['regexp'], $regexp['Regexp']['replacement'], $origString);`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`}`
Import Regexp Renamed Import Whitelist to Import Regexp. 2012-12-20 19:47:38 +01:00			`if (!strlen($regexp['Regexp']['replacement']) && preg_match($regexp['Regexp']['regexp'], $origString)) {`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`App::uses('SessionComponent', 'Controller/Component');`
			`SessionComponent::setFlash('Blacklisted value!');`
coding standards Coding Standards. 2012-12-19 02:48:53 +01:00			`$returnValue = false;`
Import Whitelist if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. 2012-12-04 08:51:27 +01:00			`}`
			`}`
			`return $returnValue;`
			`}`

			`}`