MISP/app/Controller/ServersController.php

<?php
App::uses('AppController', 'Controller');
App::uses('Xml', 'Utility');

/**
 * Servers Controller
 *
 * @property Server $Server
 *
 * @throws ConfigureException // TODO Exception
 */
class ServersController extends AppController {

	public $components = array('Security' ,'RequestHandler');	// XXX ACL component

	public $paginate = array(
			'limit' => 60,
			'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events
			'order' => array(
					'Server.url' => 'ASC'
			)
	);

	public $uses = array('Server', 'Event');

	public function beforeFilter() {
		parent::beforeFilter();

		// Disable this feature if the sync configuration option is not active
		if ('true' != Configure::read('CyDefSIG.sync'))
			throw new ConfigureException("The sync feature is not active in the configuration.");

		// permit reuse of CSRF tokens on some pages.
		switch ($this->request->params['action']) {
			case 'push':
			case 'pull':
				$this->Security->csrfUseOnce = false;
		}
	}

/**
 * index method
 *
 * @return void
 */
	public function index() {
		$this->Server->recursive = 0;
		if ($this->_isSiteAdmin()) {
			$this->paginate = array(
							'conditions' => array(),
			);
		} else {
			if (!$this->userRole['perm_sync'] && !$this->userRole['perm_admin']) $this->redirect(array('controller' => 'events', 'action' => 'index'));
			$conditions['Server.org LIKE'] = $this->Auth->user('org');
			$this->paginate = array(
					'conditions' => array($conditions),
			);
		}
		$this->set('servers', $this->paginate());
	}

/**
 * add method
 *
 * @return void
 */
	public function add() {
		if ((!$this->_IsSiteAdmin()) && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));
		if ($this->request->is('post')) {
			// force check userid and orgname to be from yourself
			$this->request->data['Server']['org'] = $this->Auth->user('org');
			if ($this->Server->save($this->request->data)) {
				if (isset($this->data['Server']['submitted_cert'])) {
					$ext = '';
					App::uses('File', 'Utility');
					$file = new File($this->data['Server']['submitted_cert']['name']);
					$ext = $file->ext();
					if (($ext != 'pem') || !$this->data['Server']['submitted_cert']['size'] > 0) {
						$this->Session->setFlash('Incorrect extension of empty file.');
						$this->redirect(array('action' => 'index'));
					}
				}
				if (isset($this->data['Server']['submitted_cert']) && ($ext != 'pem') && $this->data['Server']['submitted_cert']['size'] > 0 &&
				is_uploaded_file($this->data['Event']['submittedgfi']['tmp_name'])) {
					$this->Session->setFlash(__('You may only upload GFI Sandbox zip files.'));
				} else {
					$pemData = fread(fopen($this->data['Server']['submitted_cert']['tmp_name'], "r"),
							$this->data['Server']['submitted_cert']['size']);
					$destpath = APP . "files" . DS . "certs" . DS;
					if (!preg_match('@^[\w-,\s,\.]+\.[A-Za-z0-9_]{2,4}$@', $this->data['Server']['submitted_cert']['name'])) throw new Exception ('Filename not allowed');
					$pemfile = new File ($destpath . $this->Server->id . '.' . $ext);
					$result = $pemfile->write($pemData);
					$s = $this->Server->read(null, $this->Server->id);
					$s['Server']['cert_file'] = $s['Server']['id'] . '.' . $ext;
					if ($result) $this->Server->save($s);
				}
				$this->Session->setFlash(__('The server has been saved'));
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash(__('The server could not be saved. Please, try again.'));
			}
		}
	}

/**
 * edit method
 *
 * @param string $id
 * @return void
 * @throws NotFoundException
 */
	public function edit($id = null) {
		if (!$this->_IsSiteAdmin() && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));
		$this->Server->id = $id;
		if (!$this->Server->exists()) {
			throw new NotFoundException(__('Invalid server'));
		}
		if ($this->request->is('post') || $this->request->is('put')) {
			// say what fields are to be updated
			$fieldList = array('id', 'url', 'push', 'pull', 'organization');
			$this->request->data['Server']['id'] = $id;
			if ("" != $this->request->data['Server']['authkey'])
				$fieldList[] = 'authkey';
			// Save the data
			if ($this->Server->save($this->request->data, true, $fieldList)) {
				$this->Session->setFlash(__('The server has been saved'));
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash(__('The server could not be saved. Please, try again.'));
			}
		} else {
			$this->Server->read(null, $id);
			$this->Server->set('authkey', '');
			$this->request->data = $this->Server->data;
		}
	}

/**
 * delete method
 *
 * @param string $id
 * @return void
 * @throws MethodNotAllowedException
 * @throws NotFoundException
 */
	public function delete($id = null) {
		if(!$this->_IsSiteAdmin() && !($this->Server->id == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));
		if (!$this->request->is('post')) {
			throw new MethodNotAllowedException();
		}
		$this->Server->id = $id;
		if (!$this->Server->exists()) {
			throw new NotFoundException(__('Invalid server'));
		}
		if ($this->Server->delete()) {
			$this->Session->setFlash(__('Server deleted'));
			$this->redirect(array('action' => 'index'));
		}
		$this->Session->setFlash(__('Server was not deleted'));
		$this->redirect(array('action' => 'index'));
	}

	/**
	 * Pull one or more events with attributes from a remote instance.
	 * Set $technique to
	 * 		full - download everything
	 * 		incremental - only new events
	 * 		<int>	- specific id of the event to pull
	 * For example to download event 10 from server 2 to /servers/pull/2/5
	 * @param int $id The id of the server
	 * @param unknown_type $technique
	 * @throws MethodNotAllowedException
	 * @throws NotFoundException
	 */
	public function pull($id = null, $technique=false) {
		if (!$this->_isSiteAdmin() && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));
		$this->Server->id = $id;
		if (!$this->Server->exists()) {
			throw new NotFoundException(__('Invalid server'));
		}

		$s = $this->Server->read(null, $id);
		if (false == $this->Server->data['Server']['pull']) {
			$this->Session->setFlash(__('Pull setting not enabled for this server.'));
			$this->redirect(array('action' => 'index'));
		}
		if (!Configure::read('MISP.background_jobs')) {
			$result = $this->Server->pull($this->Auth->user(), $id, $technique, $s);
			
			// error codes
			if (is_numeric($result)) {
				switch ($result) {
					case '1' :
						$this->Session->setFlash(__('Not authorised. This is either due to an invalid auth key, or due to the sync user not having authentication permissions enabled on the remote server.'));
						$this->redirect(array('action' => 'index'));
						break;
					case '2' :
						$this->Session->setFlash($eventIds);
						$this->redirect(array('action' => 'index'));
						break;
					case '3' :
						throw new NotFoundException('Sorry, this is not yet implemented');
						break;
					case '4' :
						$this->redirect(array('action' => 'index'));
						break;
						
				}
			} else {
				$this->set('successes', $result[0]);
				$this->set('fails', $result[1]);
				$this->set('pulledProposals', $result[2]);
				$this->set('lastpulledid', $result[3]);
			}
		} else {
			$this->loadModel('Job');
			$this->Job->create();
			$data = array(
					'worker' => 'default',
					'job_type' => 'pull',
					'job_input' => 'Server: ' . $id,
					'status' => 0,
					'retries' => 0,
					'org' => $this->Auth->user('org'),
					'message' => 'Pulling.',
			);
			$this->Job->save($data);
			$jobId = $this->Job->id;
			$process_id = CakeResque::enqueue(
					'default',
					'ServerShell',
					array('pull', $this->Auth->user('id'), $id, $technique, $jobId)
			);
			$this->Job->saveField('process_id', $process_id);
			$this->Session->setFlash('Pull queued for background execution.');
			$this->redirect(array('action' => 'index'));
		}
	}

	public function push($id = null, $technique=false) {
		if (!$this->_isSiteAdmin() && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));
		$this->Server->id = $id;
		if (!$this->Server->exists()) {
			throw new NotFoundException(__('Invalid server'));
		}
		if (!Configure::read('MISP.background_jobs')) {
			$server = $this->Server->read(null, $id);
			App::uses('SyncTool', 'Tools');
			$syncTool = new SyncTool();
			$HttpSocket = $syncTool->setupHttpSocket($server);
			$result = $this->Server->push($id, $technique, false, $HttpSocket);
			$this->set('successes', $result[0]);
			$this->set('fails', $result[1]);
		} else {
			$this->loadModel('Job');
			$this->Job->create();
			$data = array(
					'worker' => 'default',
					'job_type' => 'push',
					'job_input' => 'Server: ' . $id,
					'status' => 0,
					'retries' => 0,
					'org' => $this->Auth->user('org'),
					'message' => 'Pushing.',
			);
			$this->Job->save($data);
			$jobId = $this->Job->id;
			$process_id = CakeResque::enqueue(
					'default',
					'ServerShell',
					array('push', $id, $technique, $jobId)
			);
			$this->Job->saveField('process_id', $process_id);
			$this->Session->setFlash('Push queued for background execution.');
			$this->redirect(array('action' => 'index'));
		}
	}
}
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`<?php`
			`App::uses('AppController', 'Controller');`
			`App::uses('Xml', 'Utility');`

			`/**`
			`* Servers Controller`
			`*`
			`* @property Server $Server`
			`*`
			`* @throws ConfigureException // TODO Exception`
			`*/`
			`class ServersController extends AppController {`

			`public $components = array('Security' ,'RequestHandler'); // XXX ACL component`

			`public $paginate = array(`
			`'limit' => 60,`
			`'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events`
			`'order' => array(`
			`'Server.url' => 'ASC'`
			`)`
			`);`

			`public $uses = array('Server', 'Event');`

			`public function beforeFilter() {`
			`parent::beforeFilter();`

			`// Disable this feature if the sync configuration option is not active`
			`if ('true' != Configure::read('CyDefSIG.sync'))`
			`throw new ConfigureException("The sync feature is not active in the configuration.");`

			`// permit reuse of CSRF tokens on some pages.`
			`switch ($this->request->params['action']) {`
			`case 'push':`
			`case 'pull':`
			`$this->Security->csrfUseOnce = false;`
			`}`
			`}`

			`/**`
			`* index method`
			`*`
			`* @return void`
			`*/`
			`public function index() {`
			`$this->Server->recursive = 0;`
Further work on the UI - reworked almost all of the side menues to be centralised - Some fixes for the IOC export not handling two new-ish types correctly - Some changes to the menues (including a few options that didn't exist before) - rework of the popovers in some forms 2013-10-24 16:41:42 +02:00			`if ($this->_isSiteAdmin()) {`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`$this->paginate = array(`
			`'conditions' => array(),`
			`);`
			`} else {`
Further work on the UI - reworked almost all of the side menues to be centralised - Some fixes for the IOC export not handling two new-ish types correctly - Some changes to the menues (including a few options that didn't exist before) - rework of the popovers in some forms 2013-10-24 16:41:42 +02:00			`if (!$this->userRole['perm_sync'] && !$this->userRole['perm_admin']) $this->redirect(array('controller' => 'events', 'action' => 'index'));`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`$conditions['Server.org LIKE'] = $this->Auth->user('org');`
			`$this->paginate = array(`
			`'conditions' => array($conditions),`
			`);`
			`}`
			`$this->set('servers', $this->paginate());`
			`}`

			`/**`
			`* add method`
			`*`
			`* @return void`
			`*/`
			`public function add() {`
Several copy paste failures fixed in the previous commit - /facepalm 2013-06-27 17:57:33 +02:00			`if ((!$this->_IsSiteAdmin()) && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`if ($this->request->is('post')) {`
			`// force check userid and orgname to be from yourself`
			`$this->request->data['Server']['org'] = $this->Auth->user('org');`
			`if ($this->Server->save($this->request->data)) {`
SSL certificate changes - you can now upload a certificate file and allow a server link to use a provided self signed certificate. This should solve the issues that some organisations are having when trying to connect their instances 2014-01-16 08:47:25 +01:00			`if (isset($this->data['Server']['submitted_cert'])) {`
			`$ext = '';`
			`App::uses('File', 'Utility');`
			`$file = new File($this->data['Server']['submitted_cert']['name']);`
			`$ext = $file->ext();`
			`if (($ext != 'pem') \|\| !$this->data['Server']['submitted_cert']['size'] > 0) {`
			`$this->Session->setFlash('Incorrect extension of empty file.');`
			`$this->redirect(array('action' => 'index'));`
			`}`
			`}`
			`if (isset($this->data['Server']['submitted_cert']) && ($ext != 'pem') && $this->data['Server']['submitted_cert']['size'] > 0 &&`
			`is_uploaded_file($this->data['Event']['submittedgfi']['tmp_name'])) {`
			`$this->Session->setFlash(__('You may only upload GFI Sandbox zip files.'));`
			`} else {`
			`$pemData = fread(fopen($this->data['Server']['submitted_cert']['tmp_name'], "r"),`
			`$this->data['Server']['submitted_cert']['size']);`
			`$destpath = APP . "files" . DS . "certs" . DS;`
			`if (!preg_match('@^[\w-,\s,\.]+\.[A-Za-z0-9_]{2,4}$@', $this->data['Server']['submitted_cert']['name'])) throw new Exception ('Filename not allowed');`
			`$pemfile = new File ($destpath . $this->Server->id . '.' . $ext);`
			`$result = $pemfile->write($pemData);`
			`$s = $this->Server->read(null, $this->Server->id);`
			`$s['Server']['cert_file'] = $s['Server']['id'] . '.' . $ext;`
			`if ($result) $this->Server->save($s);`
			`}`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`$this->Session->setFlash(__('The server has been saved'));`
			`$this->redirect(array('action' => 'index'));`
			`} else {`
			`$this->Session->setFlash(__('The server could not be saved. Please, try again.'));`
			`}`
			`}`
			`}`

			`/**`
			`* edit method`
			`*`
			`* @param string $id`
			`* @return void`
			`* @throws NotFoundException`
			`*/`
			`public function edit($id = null) {`
Several copy paste failures fixed in the previous commit - /facepalm 2013-06-27 17:57:33 +02:00			`if (!$this->_IsSiteAdmin() && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`$this->Server->id = $id;`
			`if (!$this->Server->exists()) {`
			`throw new NotFoundException(__('Invalid server'));`
			`}`
			`if ($this->request->is('post') \|\| $this->request->is('put')) {`
			`// say what fields are to be updated`
Some small fixes - Corrected some weak notifications on background jobs - Changed the view slightly to view background jobs - fixed an issue where editing a sync server setting would cause an error due to the id not being passed to the logging plugin 2014-01-07 11:08:21 +01:00			`$fieldList = array('id', 'url', 'push', 'pull', 'organization');`
			`$this->request->data['Server']['id'] = $id;`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`if ("" != $this->request->data['Server']['authkey'])`
			`$fieldList[] = 'authkey';`
			`// Save the data`
			`if ($this->Server->save($this->request->data, true, $fieldList)) {`
			`$this->Session->setFlash(__('The server has been saved'));`
			`$this->redirect(array('action' => 'index'));`
			`} else {`
			`$this->Session->setFlash(__('The server could not be saved. Please, try again.'));`
			`}`
			`} else {`
			`$this->Server->read(null, $id);`
			`$this->Server->set('authkey', '');`
			`$this->request->data = $this->Server->data;`
			`}`
			`}`

			`/**`
			`* delete method`
			`*`
			`* @param string $id`
			`* @return void`
			`* @throws MethodNotAllowedException`
			`* @throws NotFoundException`
			`*/`
			`public function delete($id = null) {`
Several copy paste failures fixed in the previous commit - /facepalm 2013-06-27 17:57:33 +02:00			`if(!$this->_IsSiteAdmin() && !($this->Server->id == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`if (!$this->request->is('post')) {`
			`throw new MethodNotAllowedException();`
			`}`
			`$this->Server->id = $id;`
			`if (!$this->Server->exists()) {`
			`throw new NotFoundException(__('Invalid server'));`
			`}`
			`if ($this->Server->delete()) {`
			`$this->Session->setFlash(__('Server deleted'));`
			`$this->redirect(array('action' => 'index'));`
			`}`
			`$this->Session->setFlash(__('Server was not deleted'));`
			`$this->redirect(array('action' => 'index'));`
			`}`

little bit more details about sync errors 2013-06-19 12:13:45 +02:00			`/**`
			`* Pull one or more events with attributes from a remote instance.`
			`* Set $technique to`
			`* full - download everything`
			`* incremental - only new events`
			`* <int> - specific id of the event to pull`
			`* For example to download event 10 from server 2 to /servers/pull/2/5`
			`* @param int $id The id of the server`
			`* @param unknown_type $technique`
			`* @throws MethodNotAllowedException`
			`* @throws NotFoundException`
			`*/`
			`public function pull($id = null, $technique=false) {`
Fixes to the Shadow attribute e-mailing - E-mail locks are now correctly reset by discarding / accepting a proposal - Also, new index page to see the list of proposals that a user can accept 2013-09-03 15:29:44 +02:00			`if (!$this->_isSiteAdmin() && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`$this->Server->id = $id;`
			`if (!$this->Server->exists()) {`
			`throw new NotFoundException(__('Invalid server'));`
			`}`

Work on the background job and the proposals - Proposals now get synced on pull - several bug fixes - new startup script for the background workers 2014-01-05 21:30:39 +01:00			`$s = $this->Server->read(null, $id);`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`if (false == $this->Server->data['Server']['pull']) {`
			`$this->Session->setFlash(__('Pull setting not enabled for this server.'));`
			`$this->redirect(array('action' => 'index'));`
			`}`
Several features - Sync for background jobs (pull + push) - more e-mailing delegated to background jobs - A bunch of bug fixes and minor changes 2014-01-06 05:15:47 +01:00			`if (!Configure::read('MISP.background_jobs')) {`
			`$result = $this->Server->pull($this->Auth->user(), $id, $technique, $s);`

			`// error codes`
			`if (is_numeric($result)) {`
			`switch ($result) {`
			`case '1' :`
			`$this->Session->setFlash(__('Not authorised. This is either due to an invalid auth key, or due to the sync user not having authentication permissions enabled on the remote server.'));`
			`$this->redirect(array('action' => 'index'));`
			`break;`
			`case '2' :`
			`$this->Session->setFlash($eventIds);`
			`$this->redirect(array('action' => 'index'));`
			`break;`
			`case '3' :`
			`throw new NotFoundException('Sorry, this is not yet implemented');`
			`break;`
			`case '4' :`
			`$this->redirect(array('action' => 'index'));`
			`break;`

			`}`
			`} else {`
			`$this->set('successes', $result[0]);`
			`$this->set('fails', $result[1]);`
			`$this->set('pulledProposals', $result[2]);`
			`$this->set('lastpulledid', $result[3]);`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`}`
Server push lower memory footprint solving OoM problem. Enabled per-id push like pull 2013-07-17 14:06:24 +02:00			`} else {`
Several features - Sync for background jobs (pull + push) - more e-mailing delegated to background jobs - A bunch of bug fixes and minor changes 2014-01-06 05:15:47 +01:00			`$this->loadModel('Job');`
			`$this->Job->create();`
			`$data = array(`
			`'worker' => 'default',`
			`'job_type' => 'pull',`
			`'job_input' => 'Server: ' . $id,`
			`'status' => 0,`
			`'retries' => 0,`
			`'org' => $this->Auth->user('org'),`
			`'message' => 'Pulling.',`
			`);`
			`$this->Job->save($data);`
			`$jobId = $this->Job->id;`
			`$process_id = CakeResque::enqueue(`
			`'default',`
			`'ServerShell',`
			`array('pull', $this->Auth->user('id'), $id, $technique, $jobId)`
			`);`
			`$this->Job->saveField('process_id', $process_id);`
			`$this->Session->setFlash('Pull queued for background execution.');`
Server push lower memory footprint solving OoM problem. Enabled per-id push like pull 2013-07-17 14:06:24 +02:00			`$this->redirect(array('action' => 'index'));`
little bit more details about sync errors 2013-06-19 12:13:45 +02:00			`}`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`}`

little bit more details about sync errors 2013-06-19 12:13:45 +02:00			`public function push($id = null, $technique=false) {`
First rework of the siteadmin role - ADMIN org removed. - Siteadmins are now identified by the perm_site_admin flag - Siteadmins can now be of any organisation - editing the regexp / whitelist rules can now be done by a special user with the perm_regexp_access in his/her role - Executing a mass replace of attribute values based on the regexp rules cannot be initiated by a regexp/whitelist user, only by a site admin - If the login page is reached without any users / roles defined they are automatically created (perviously it was only the user that was created) - Org admins are restricted from assigning perm_site_admin, perm_sync and perm_regexp_access roles to users. This can only be done by a site admin. 2013-10-03 11:45:27 +02:00			`if (!$this->_isSiteAdmin() && !($this->Server->organization == $this->Auth->user('org') && $this->userRole['perm_sync'])) $this->redirect(array('controller' => 'servers', 'action' => 'index'));`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`$this->Server->id = $id;`
			`if (!$this->Server->exists()) {`
			`throw new NotFoundException(__('Invalid server'));`
			`}`
Several features - Sync for background jobs (pull + push) - more e-mailing delegated to background jobs - A bunch of bug fixes and minor changes 2014-01-06 05:15:47 +01:00			`if (!Configure::read('MISP.background_jobs')) {`
SSL certificate changes - you can now upload a certificate file and allow a server link to use a provided self signed certificate. This should solve the issues that some organisations are having when trying to connect their instances 2014-01-16 08:47:25 +01:00			`$server = $this->Server->read(null, $id);`
			`App::uses('SyncTool', 'Tools');`
			`$syncTool = new SyncTool();`
			`$HttpSocket = $syncTool->setupHttpSocket($server);`
Several features - Sync for background jobs (pull + push) - more e-mailing delegated to background jobs - A bunch of bug fixes and minor changes 2014-01-06 05:15:47 +01:00			`$result = $this->Server->push($id, $technique, false, $HttpSocket);`
			`$this->set('successes', $result[0]);`
			`$this->set('fails', $result[1]);`
Server push lower memory footprint solving OoM problem. Enabled per-id push like pull 2013-07-17 14:06:24 +02:00			`} else {`
Several features - Sync for background jobs (pull + push) - more e-mailing delegated to background jobs - A bunch of bug fixes and minor changes 2014-01-06 05:15:47 +01:00			`$this->loadModel('Job');`
			`$this->Job->create();`
			`$data = array(`
			`'worker' => 'default',`
			`'job_type' => 'push',`
			`'job_input' => 'Server: ' . $id,`
			`'status' => 0,`
			`'retries' => 0,`
			`'org' => $this->Auth->user('org'),`
			`'message' => 'Pushing.',`
Fixes in server push 2013-07-17 14:27:51 +02:00			`);`
Several features - Sync for background jobs (pull + push) - more e-mailing delegated to background jobs - A bunch of bug fixes and minor changes 2014-01-06 05:15:47 +01:00			`$this->Job->save($data);`
			`$jobId = $this->Job->id;`
			`$process_id = CakeResque::enqueue(`
			`'default',`
			`'ServerShell',`
			`array('push', $id, $technique, $jobId)`
			`);`
			`$this->Job->saveField('process_id', $process_id);`
			`$this->Session->setFlash('Push queued for background execution.');`
			`$this->redirect(array('action' => 'index'));`
fixes information leakage vulnerability on REST XML outputs 2013-05-22 10:52:03 +02:00			`}`
			`}`
			`}`