2017-06-13 12:08:26 +02:00
< ? php
App :: uses ( 'AppController' , 'Controller' );
2021-11-24 14:36:08 +01:00
App :: uses ( 'JsonTool' , 'Tools' );
2017-06-13 12:08:26 +02:00
2020-07-20 10:10:47 +02:00
/**
* @ property MispObject $MispObject
*/
2018-07-19 11:48:22 +02:00
class ObjectsController extends AppController
{
public $uses = 'MispObject' ;
2017-07-05 14:25:09 +02:00
2021-11-23 14:53:27 +01:00
public $components = array ( 'RequestHandler' , 'Session' );
2017-06-13 12:08:26 +02:00
2018-07-19 11:48:22 +02:00
public $paginate = array (
'limit' => 20 ,
'order' => array (
'Object.id' => 'desc'
),
);
2017-06-13 12:08:26 +02:00
2018-07-19 11:48:22 +02:00
public function beforeFilter ()
{
parent :: beforeFilter ();
if ( ! $this -> _isRest ()) {
$this -> Security -> unlockedActions = array ( 'revise_object' , 'get_row' );
}
}
2017-08-29 18:28:18 +02:00
2019-04-25 10:55:34 +02:00
public function revise_object ( $action , $event_id , $template_id , $object_id = false , $similar_objects_display_threshold = 15 )
2018-07-19 11:48:22 +02:00
{
if ( ! $this -> request -> is ( 'post' ) && ! $this -> request -> is ( 'put' )) {
throw new MethodNotAllowedException ( __ ( 'This action can only be reached via POST requests' ));
}
$this -> request -> data = $this -> MispObject -> attributeCleanup ( $this -> request -> data );
$template = $this -> MispObject -> ObjectTemplate -> find ( 'first' , array (
'conditions' => array ( 'ObjectTemplate.id' => $template_id ),
'recursive' => - 1 ,
'contain' => array (
'ObjectTemplateElement'
)
));
2020-12-05 14:26:38 +01:00
$event = $this -> MispObject -> Event -> fetchSimpleEvent ( $this -> Auth -> user (), $event_id , [ 'contain' => [ 'Orgc' ]]);
2020-07-20 10:10:47 +02:00
if ( empty ( $event )) {
2018-07-19 11:48:22 +02:00
throw new NotFoundException ( __ ( 'Invalid event.' ));
}
2020-07-20 10:10:47 +02:00
if ( ! $this -> __canModifyEvent ( $event )) {
throw new ForbiddenException ( __ ( 'You do not have permission to do that.' ));
}
2018-07-19 11:48:22 +02:00
$sharing_groups = array ();
if ( $this -> request -> data [ 'Object' ][ 'distribution' ] == 4 ) {
$sharing_groups [ $this -> request -> data [ 'Object' ][ 'sharing_group_id' ]] = false ;
}
foreach ( $this -> request -> data [ 'Attribute' ] as $attribute ) {
if ( $attribute [ 'distribution' ] == 4 ) {
$sharing_groups [ $attribute [ 'sharing_group_id' ]] = false ;
}
}
if ( ! empty ( $sharing_groups )) {
2020-07-24 21:53:28 +02:00
$sgs = $this -> MispObject -> SharingGroup -> fetchAllAuthorised ( $this -> Auth -> user (), 'name' , false , array_keys ( $sharing_groups ));
$this -> set ( 'sharing_groups' , $sgs );
2018-07-19 11:48:22 +02:00
}
2019-04-23 13:47:33 +02:00
$multiple_template_elements = Hash :: extract ( $template [ 'ObjectTemplateElement' ], sprintf ( '{n}[multiple=true]' ));
$multiple_attribute_allowed = array ();
2021-11-24 15:03:48 +01:00
foreach ( $multiple_template_elements as $template_element ) {
2019-04-23 13:47:33 +02:00
$relation_type = $template_element [ 'object_relation' ] . ':' . $template_element [ 'type' ];
$multiple_attribute_allowed [ $relation_type ] = true ;
}
$this -> set ( 'multiple_attribute_allowed' , $multiple_attribute_allowed );
2019-04-18 16:58:49 +02:00
// try to fetch similar objects
$cur_attrs = Hash :: extract ( $this -> request -> data , 'Attribute.{n}.value' );
$conditions = array (
2019-05-13 08:53:22 +02:00
'event_id' => $event_id ,
'value1' => $cur_attrs ,
'object_id !=' => '0'
2019-04-18 16:58:49 +02:00
);
2019-04-23 14:54:09 +02:00
$similar_objects = $this -> MispObject -> Attribute -> find ( 'all' , array (
2019-04-18 16:58:49 +02:00
'conditions' => $conditions ,
'recursive' => - 1 ,
2019-04-23 14:54:09 +02:00
'fields' => 'object_id, count(object_id) as similarity_amount' ,
'group' => 'object_id' ,
'order' => 'similarity_amount DESC'
2019-04-18 16:58:49 +02:00
));
2019-04-23 14:54:09 +02:00
$similar_object_ids = array ();
$similar_object_similarity_amount = array ();
foreach ( $similar_objects as $obj ) {
$similar_object_ids [] = $obj [ 'Attribute' ][ 'object_id' ];
$similar_object_similarity_amount [ $obj [ 'Attribute' ][ 'object_id' ]] = $obj [ 0 ][ 'similarity_amount' ];
}
2019-04-18 16:58:49 +02:00
2020-10-10 16:42:23 +02:00
if ( isset ( $this -> request -> data [ 'Attribute' ])) {
foreach ( $this -> request -> data [ 'Attribute' ] as & $attribute ) {
2021-11-24 15:03:48 +01:00
if ( empty ( $attribute [ 'uuid' ])) {
$attribute [ 'uuid' ] = CakeText :: uuid ();
}
2020-10-18 12:53:41 +02:00
$validation = $this -> MispObject -> Attribute -> validateAttribute ( $attribute , false );
2020-10-10 16:42:23 +02:00
if ( $validation !== true ) {
$attribute [ 'validation' ] = $validation ;
}
}
}
2018-07-19 11:48:22 +02:00
$this -> set ( 'distributionLevels' , $this -> MispObject -> Attribute -> distributionLevels );
$this -> set ( 'action' , $action );
$this -> set ( 'template' , $template );
$this -> set ( 'object_id' , $object_id );
$this -> set ( 'event' , $event );
$this -> set ( 'data' , $this -> request -> data );
2020-07-30 15:28:57 +02:00
// Make sure the data stored in the session applies to this object. User might be prompted to perform a merge with another object if the session's data is somehow not cleaned
2020-07-27 16:10:47 +02:00
$curObjectTmpUuid = CakeText :: uuid ();
$this -> set ( 'cur_object_tmp_uuid' , $curObjectTmpUuid );
2020-07-28 09:03:34 +02:00
$this -> Session -> write ( 'object_being_created' , array (
2020-07-27 16:10:47 +02:00
'cur_object_tmp_uuid' => $curObjectTmpUuid ,
'data' => $this -> request -> data
));
2019-04-24 15:47:47 +02:00
if ( ! empty ( $similar_object_ids )) {
2019-04-25 10:55:34 +02:00
$this -> set ( 'similar_objects_count' , count ( $similar_object_ids ));
2019-04-24 15:47:47 +02:00
$similar_object_ids = array_slice ( $similar_object_ids , 0 , $similar_objects_display_threshold ); // slice to honor the threshold
$similar_objects = $this -> MispObject -> fetchObjects ( $this -> Auth -> user (), array (
'conditions' => array (
'Object.id' => $similar_object_ids ,
'Object.template_uuid' => $template [ 'ObjectTemplate' ][ 'uuid' ]
)
));
2019-04-23 14:54:09 +02:00
foreach ( $similar_objects as $key => $obj ) {
2019-04-24 15:47:47 +02:00
$similar_objects [ $key ][ 'Object' ][ 'similarity_amount' ] = $similar_object_similarity_amount [ $obj [ 'Object' ][ 'id' ]]; // sorting function cannot use external variables
2019-04-23 14:54:09 +02:00
}
2019-04-24 15:47:47 +02:00
usort ( $similar_objects , function ( $a , $b ) { // fetch Object returns object sorted by IDs, force the sort by the similarity amount
2019-04-23 14:54:09 +02:00
if ( $a [ 'Object' ][ 'similarity_amount' ] == $b [ 'Object' ][ 'similarity_amount' ]) {
return 0 ;
}
return ( $a [ 'Object' ][ 'similarity_amount' ] > $b [ 'Object' ][ 'similarity_amount' ]) ? - 1 : 1 ;
});
2019-04-18 16:58:49 +02:00
$this -> set ( 'similar_objects' , $similar_objects );
2019-04-23 14:54:09 +02:00
$this -> set ( 'similar_object_similarity_amount' , $similar_object_similarity_amount );
2019-04-24 15:47:47 +02:00
$this -> set ( 'similar_objects_display_threshold' , $similar_objects_display_threshold );
2019-04-18 16:58:49 +02:00
}
2018-07-19 11:48:22 +02:00
}
2017-08-29 18:28:18 +02:00
2018-07-19 11:48:22 +02:00
/**
2022-10-03 09:55:52 +02:00
* Create an object using a template
2018-07-19 11:48:22 +02:00
* POSTing will take the input and validate it against the template
* GETing will return the template
*/
public function add ( $eventId , $templateId = false , $version = false )
{
if ( ! $this -> userRole [ 'perm_modify' ]) {
2020-07-20 10:10:47 +02:00
throw new ForbiddenException ( __ ( 'You don\'t have permissions to create objects.' ));
2018-07-19 11:48:22 +02:00
}
2017-07-02 00:05:15 +02:00
2018-07-19 11:48:22 +02:00
if ( ! empty ( $templateId ) && Validation :: uuid ( $templateId )) {
$conditions = array ( 'ObjectTemplate.uuid' => $templateId );
if ( ! empty ( $version )) {
$conditions [ 'ObjectTemplate.version' ] = $version ;
}
$temp = $this -> MispObject -> ObjectTemplate -> find ( 'all' , array (
'recursive' => - 1 ,
'fields' => array ( 'ObjectTemplate.id' , 'ObjectTemplate.uuid' , 'ObjectTemplate.version' ),
'conditions' => $conditions
));
if ( ! empty ( $temp )) {
$version = 0 ;
foreach ( $temp as $tempTemplate ) {
if ( $tempTemplate [ 'ObjectTemplate' ][ 'version' ] > $version ) {
$version = $tempTemplate [ 'ObjectTemplate' ][ 'version' ];
$templateId = $tempTemplate [ 'ObjectTemplate' ][ 'id' ];
}
}
unset ( $temp );
} else {
throw new NotFoundException ( __ ( 'Invalid template.' ));
}
}
// Find the event that is to be updated
2020-12-05 14:26:38 +01:00
$event = $this -> MispObject -> Event -> fetchSimpleEvent ( $this -> Auth -> user (), $eventId , [ 'contain' => [ 'Orgc' ]]);
2020-07-20 10:10:47 +02:00
if ( empty ( $event )) {
2018-07-19 11:48:22 +02:00
throw new NotFoundException ( __ ( 'Invalid event.' ));
}
2020-07-20 10:10:47 +02:00
if ( ! $this -> __canModifyEvent ( $event )) {
throw new ForbiddenException ( __ ( 'You do not have permission to do that.' ));
2018-07-19 11:48:22 +02:00
}
$eventId = $event [ 'Event' ][ 'id' ];
if ( ! $this -> _isRest ()) {
$this -> MispObject -> Event -> insertLock ( $this -> Auth -> user (), $eventId );
}
2019-03-01 10:00:54 +01:00
$error = false ;
2019-11-15 14:11:24 +01:00
$template = false ;
2018-07-19 11:48:22 +02:00
if ( ! empty ( $templateId ) || ! $this -> _isRest ()) {
$templates = $this -> MispObject -> ObjectTemplate -> find ( 'all' , array (
'conditions' => array ( 'ObjectTemplate.id' => $templateId ),
'recursive' => - 1 ,
'contain' => array (
'ObjectTemplateElement'
)
));
$template_version = false ;
$template = false ;
foreach ( $templates as $temp ) {
if ( ! empty ( $template_version )) {
if ( intval ( $template [ 'ObjectTemplate' ][ 'version' ]) > intval ( $template_version )) {
$template = $temp ;
}
} else {
$template = $temp ;
}
}
2019-03-01 10:00:54 +01:00
if ( empty ( $template )) {
$error = 'No valid template found to edit the object.' ;
}
2018-07-19 11:48:22 +02:00
}
// If we have received a POST request
if ( $this -> request -> is ( 'post' )) {
if ( isset ( $this -> request -> data [ 'request' ])) {
$this -> request -> data = $this -> request -> data [ 'request' ];
}
2019-04-18 16:58:49 +02:00
2018-07-19 11:48:22 +02:00
if ( isset ( $this -> request -> data [ 'Object' ][ 'data' ])) {
$this -> request -> data = json_decode ( $this -> request -> data [ 'Object' ][ 'data' ], true );
}
if ( ! isset ( $this -> request -> data [ 'Object' ])) {
$this -> request -> data = array ( 'Object' => $this -> request -> data );
}
if ( ! isset ( $this -> request -> data [ 'Attribute' ]) && isset ( $this -> request -> data [ 'Object' ][ 'Attribute' ])) {
$this -> request -> data [ 'Attribute' ] = $this -> request -> data [ 'Object' ][ 'Attribute' ];
unset ( $this -> request -> data [ 'Object' ][ 'Attribute' ]);
}
2020-02-10 14:30:34 +01:00
$breakOnDuplicate = ! empty ( $this -> request -> data [ 'Object' ][ 'breakOnDuplicate' ]) || ! empty ( $this -> params [ 'named' ][ 'breakOnDuplicate' ]);
2018-07-19 11:48:22 +02:00
$object = $this -> MispObject -> attributeCleanup ( $this -> request -> data );
// we pre-validate the attributes before we create an object at this point
// This allows us to stop the process and return an error (API) or return
// to the add form
if ( empty ( $object [ 'Attribute' ])) {
$error = 'Could not save the object as no attributes were set.' ;
} else {
foreach ( $object [ 'Attribute' ] as $k => $attribute ) {
2018-11-23 14:11:33 +01:00
unset ( $object [ 'Attribute' ][ $k ][ 'id' ]);
2018-07-19 11:48:22 +02:00
$object [ 'Attribute' ][ $k ][ 'event_id' ] = $eventId ;
2019-11-15 14:11:24 +01:00
$this -> MispObject -> Event -> Attribute -> set ( $object [ 'Attribute' ][ $k ]);
2018-07-19 11:48:22 +02:00
if ( ! $this -> MispObject -> Event -> Attribute -> validates ()) {
2020-10-29 09:02:50 +01:00
$validationErrors = $this -> MispObject -> Event -> Attribute -> validationErrors ;
$isCompositeError = isset ( $validationErrors [ 'value' ]) && $validationErrors [ 'value' ][ 0 ] === 'Composite type found but the value not in the composite (value1|value2) format.' ;
if ( ! $isCompositeError ) {
2019-11-15 14:11:24 +01:00
$error = sprintf (
'Could not save object as at least one attribute has failed validation (%s). %s' ,
isset ( $attribute [ 'object_relation' ]) ? $attribute [ 'object_relation' ] : 'No object_relation' ,
2020-10-29 09:02:50 +01:00
json_encode ( $validationErrors )
2019-11-15 14:11:24 +01:00
);
2019-03-24 22:30:41 +01:00
}
2018-07-19 11:48:22 +02:00
}
}
}
if ( empty ( $error )) {
if ( empty ( $template )) {
if ( ! empty ( $object [ 'Object' ][ 'template_uuid' ]) && ! empty ( $object [ 'Object' ][ 'template_version' ])) {
$template = $this -> MispObject -> ObjectTemplate -> find ( 'first' , array (
'conditions' => array (
'ObjectTemplate.uuid' => $object [ 'Object' ][ 'template_uuid' ],
'ObjectTemplate.version' => $object [ 'Object' ][ 'template_version' ]
),
'recursive' => - 1 ,
'contain' => array (
'ObjectTemplateElement'
)
));
}
}
if ( ! empty ( $template )) {
2019-03-01 10:00:54 +01:00
$conformity = $this -> MispObject -> ObjectTemplate -> checkTemplateConformity ( $template , $object );
if ( $conformity !== true ) {
$error = $conformity ;
}
2018-07-19 11:48:22 +02:00
}
2019-03-01 10:00:54 +01:00
if ( empty ( $error )) {
2018-11-23 14:11:33 +01:00
unset ( $object [ 'Object' ][ 'id' ]);
2020-02-10 14:30:34 +01:00
$result = $this -> MispObject -> saveObject ( $object , $eventId , $template , $this -> Auth -> user (), 'halt' , $breakOnDuplicate );
2018-10-08 21:38:47 +02:00
if ( is_numeric ( $result )) {
2022-10-12 20:32:39 +02:00
$this -> MispObject -> Event -> unpublishEvent ( $event );
2020-01-27 16:29:28 +01:00
} else {
$object_validation_errors = array ();
foreach ( $result as $field => $field_errors ) {
$object_validation_errors [] = sprintf ( '%s: %s' , $field , implode ( ', ' , $field_errors ));
}
$error = __ ( 'Object could not be saved.' ) . PHP_EOL . implode ( PHP_EOL , $object_validation_errors );
2018-07-19 11:48:22 +02:00
}
} else {
$result = false ;
}
if ( $this -> _isRest ()) {
if ( is_numeric ( $result )) {
$object = $this -> MispObject -> find ( 'first' , array (
'recursive' => - 1 ,
'conditions' => array ( 'Object.id' => $result ),
'contain' => array ( 'Attribute' )
));
2019-02-10 13:08:12 +01:00
if ( ! empty ( $object )) {
$object [ 'Object' ][ 'Attribute' ] = $object [ 'Attribute' ];
unset ( $object [ 'Attribute' ]);
}
2018-07-19 11:48:22 +02:00
return $this -> RestResponse -> viewData ( $object , $this -> response -> type ());
} else {
return $this -> RestResponse -> saveFailResponse ( 'Objects' , 'add' , false , $error , $this -> response -> type ());
}
} else {
if ( is_numeric ( $result )) {
$this -> Flash -> success ( 'Object saved.' );
$this -> redirect ( array ( 'controller' => 'events' , 'action' => 'view' , $eventId ));
}
}
}
}
// In the case of a GET request or if the object could not be validated, show the form / the requirement
if ( $this -> _isRest ()) {
if ( $error ) {
return $this -> RestResponse -> saveFailResponse ( 'objects' , 'add' , $eventId . '/' . $templateId , $error , $this -> response -> type ());
} else {
return $this -> RestResponse -> viewData ( $orgs , $this -> response -> type ());
}
} else {
if ( ! empty ( $error )) {
$this -> Flash -> error ( $error );
}
$template = $this -> MispObject -> prepareTemplate ( $template , $this -> request -> data );
$enabledRows = array_keys ( $template [ 'ObjectTemplateElement' ]);
$this -> set ( 'enabledRows' , $enabledRows );
$distributionData = $this -> MispObject -> Event -> Attribute -> fetchDistributionData ( $this -> Auth -> user ());
$this -> set ( 'distributionData' , $distributionData );
$this -> set ( 'event' , $event );
$this -> set ( 'action' , 'add' );
$this -> set ( 'template' , $template );
}
}
2017-06-13 12:08:26 +02:00
2018-07-19 11:48:22 +02:00
public function get_row ( $template_id , $object_relation , $k )
{
$template = $this -> MispObject -> ObjectTemplate -> find ( 'first' , array (
'conditions' => array ( 'ObjectTemplate.id' => $template_id ),
'recursive' => - 1 ,
'contain' => array (
'ObjectTemplateElement'
)
));
$template = $this -> MispObject -> prepareTemplate ( $template );
$element = array ();
foreach ( $template [ 'ObjectTemplateElement' ] as $templateElement ) {
2022-10-01 11:02:09 +02:00
if ( $templateElement [ 'object_relation' ] === $object_relation ) {
2018-07-19 11:48:22 +02:00
$element = $templateElement ;
2022-10-01 11:02:09 +02:00
break ;
2018-07-19 11:48:22 +02:00
}
}
2022-10-01 11:02:09 +02:00
if ( empty ( $element )) {
throw new NotFoundException ( __ ( " Object template do not contains object relation $object_relation " ));
}
2018-07-19 11:48:22 +02:00
$distributionData = $this -> MispObject -> Event -> Attribute -> fetchDistributionData ( $this -> Auth -> user ());
$this -> layout = false ;
$this -> set ( 'distributionData' , $distributionData );
$this -> set ( 'k' , $k );
$this -> set ( 'element' , $element );
}
2017-08-29 18:28:18 +02:00
2019-06-13 09:16:34 +02:00
public function edit ( $id , $update_template_available = false , $onlyAddNewAttribute = false )
2018-07-19 11:48:22 +02:00
{
2022-09-23 15:03:46 +02:00
$user = $this -> Auth -> user ();
$object = $this -> MispObject -> fetchObjects ( $user , array (
2020-07-24 21:53:28 +02:00
'conditions' => $this -> __objectIdToConditions ( $id ),
));
2018-07-19 11:48:22 +02:00
if ( empty ( $object )) {
throw new NotFoundException ( __ ( 'Invalid object.' ));
}
2020-01-17 10:11:51 +01:00
$object = $object [ 0 ];
2022-09-23 15:03:46 +02:00
$event = $this -> MispObject -> Event -> fetchSimpleEvent ( $user , $object [ 'Event' ][ 'id' ]);
2020-07-20 10:10:47 +02:00
if ( ! $this -> __canModifyEvent ( $event )) {
throw new ForbiddenException ( __ ( 'Insufficient permissions to edit this object.' ));
}
2018-07-19 11:48:22 +02:00
if ( ! $this -> _isRest ()) {
2022-09-23 15:03:46 +02:00
$this -> MispObject -> Event -> insertLock ( $user , $object [ 'Event' ][ 'id' ]);
2018-07-19 11:48:22 +02:00
}
2021-09-07 08:47:43 +02:00
if ( ! empty ( $object [ 'Object' ][ 'template_uuid' ]) && ! empty ( $object [ 'Object' ][ 'template_version' ])) {
$template = $this -> MispObject -> ObjectTemplate -> find ( 'first' , array (
'conditions' => array (
'ObjectTemplate.uuid' => $object [ 'Object' ][ 'template_uuid' ],
'ObjectTemplate.version' => $object [ 'Object' ][ 'template_version' ],
),
'recursive' => - 1 ,
'contain' => array (
'ObjectTemplateElement'
)
));
}
2021-02-16 10:59:18 +01:00
if ( empty ( $template ) && ! $this -> _isRest () && ! $update_template_available ) {
$this -> Flash -> error ( 'Object cannot be edited, no valid template found. ' , [ 'params' => [ 'url' => sprintf ( '/objects/edit/%s/1/0' , $id ), 'urlName' => __ ( 'Force update anyway' )]]);
2018-07-19 11:48:22 +02:00
$this -> redirect ( array ( 'controller' => 'events' , 'action' => 'view' , $object [ 'Object' ][ 'event_id' ]));
}
2021-09-07 08:47:43 +02:00
if ( ! empty ( $template )) {
$templateData = $this -> MispObject -> resolveUpdatedTemplate ( $template , $object , $update_template_available );
$this -> set ( 'updateable_attribute' , $templateData [ 'updateable_attribute' ]);
$this -> set ( 'not_updateable_attribute' , $templateData [ 'not_updateable_attribute' ]);
$this -> set ( 'original_template_unkown' , $templateData [ 'original_template_unkown' ]);
if ( ! empty ( $this -> Session -> read ( 'object_being_created' )) && ! empty ( $this -> params [ 'named' ][ 'cur_object_tmp_uuid' ])) {
$revisedObjectData = $this -> Session -> read ( 'object_being_created' );
if ( $this -> params [ 'named' ][ 'cur_object_tmp_uuid' ] == $revisedObjectData [ 'cur_object_tmp_uuid' ]) { // ensure that the passed session data is for the correct object
$revisedObjectData = $revisedObjectData [ 'data' ];
} else {
$this -> Session -> delete ( 'object_being_created' );
$revisedObjectData = array ();
}
}
if ( ! empty ( $revisedObjectData )) {
$revisedData = $this -> MispObject -> reviseObject ( $revisedObjectData , $object , $template );
$this -> set ( 'revised_object' , $revisedData [ 'revised_object_both' ]);
$object = $revisedData [ 'object' ];
}
if ( ! empty ( $templateData [ 'template' ])) {
$template = $this -> MispObject -> prepareTemplate ( $templateData [ 'template' ], $object );
2020-07-27 16:10:47 +02:00
}
2019-04-18 16:58:49 +02:00
}
2018-07-19 11:48:22 +02:00
if ( $this -> request -> is ( 'post' ) || $this -> request -> is ( 'put' )) {
2020-07-28 09:03:34 +02:00
$this -> Session -> delete ( 'object_being_created' );
2018-07-19 11:48:22 +02:00
if ( isset ( $this -> request -> data [ 'request' ])) {
$this -> request -> data = $this -> request -> data [ 'request' ];
}
2020-01-17 10:11:51 +01:00
if ( empty ( $this -> request -> data [ 'Object' ])) {
$this -> request -> data [ 'Object' ] = $this -> request -> data ;
}
2018-07-19 11:48:22 +02:00
if ( isset ( $this -> request -> data [ 'Object' ][ 'data' ])) {
2021-11-24 14:36:08 +01:00
$this -> request -> data = JsonTool :: decode ( $this -> request -> data [ 'Object' ][ 'data' ]);
2018-07-19 11:48:22 +02:00
}
2019-08-05 13:41:23 +02:00
if ( isset ( $this -> request -> data [ 'Object' ])) {
$this -> request -> data = array_merge ( $this -> request -> data , $this -> request -> data [ 'Object' ]);
unset ( $this -> request -> data [ 'Object' ]);
}
2018-07-19 11:48:22 +02:00
$objectToSave = $this -> MispObject -> attributeCleanup ( $this -> request -> data );
2022-09-23 15:03:46 +02:00
$objectToSave = $this -> MispObject -> deltaMerge ( $object , $objectToSave , $onlyAddNewAttribute , $user );
2020-01-27 16:29:28 +01:00
$error_message = __ ( 'Object could not be saved.' );
2021-09-07 08:47:43 +02:00
$savedObject = array ();
if ( ! is_numeric ( $objectToSave )) {
2020-01-27 16:29:28 +01:00
$object_validation_errors = array ();
2022-09-28 10:11:57 +02:00
foreach ( $objectToSave as $field => $field_errors ) {
2020-01-27 16:29:28 +01:00
$object_validation_errors [] = sprintf ( '%s: %s' , $field , implode ( ', ' , $field_errors ));
}
$error_message = __ ( 'Object could not be saved.' ) . PHP_EOL . implode ( PHP_EOL , $object_validation_errors );
2021-09-07 08:47:43 +02:00
} else {
2022-09-23 15:03:46 +02:00
$savedObject = $this -> MispObject -> fetchObjects ( $user , array ( 'conditions' => array ( 'Object.id' => $object [ 'Object' ][ 'id' ])));
2020-07-23 16:14:32 +02:00
if ( isset ( $this -> request -> data [ 'deleted' ]) && $this -> request -> data [ 'deleted' ]) {
2020-07-23 11:52:46 +02:00
$this -> MispObject -> deleteObject ( $savedObject [ 0 ], $hard = false , $unpublish = false );
2022-09-23 15:03:46 +02:00
$savedObject = $this -> MispObject -> fetchObjects ( $user , array ( 'conditions' => array ( 'Object.id' => $object [ 'Object' ][ 'id' ]))); // make sure the object is deleted
2020-07-23 11:52:46 +02:00
}
}
2018-07-19 11:48:22 +02:00
// we pre-validate the attributes before we create an object at this point
// This allows us to stop the process and return an error (API) or return
// to the add form
2020-01-17 10:11:51 +01:00
if ( $this -> _isRest ()) {
if ( is_numeric ( $objectToSave )) {
2020-07-23 11:52:46 +02:00
if ( ! empty ( $savedObject )) {
$savedObject = $savedObject [ 0 ];
$savedObject [ 'Object' ][ 'Attribute' ] = $savedObject [ 'Attribute' ];
unset ( $savedObject [ 'Attribute' ]);
2022-10-12 20:32:39 +02:00
$this -> MispObject -> Event -> unpublishEvent ( $event );
2018-07-19 11:48:22 +02:00
}
2020-07-23 11:52:46 +02:00
return $this -> RestResponse -> viewData ( $savedObject , $this -> response -> type ());
2018-07-19 11:48:22 +02:00
} else {
2020-01-27 16:29:28 +01:00
return $this -> RestResponse -> saveFailResponse ( 'Objects' , 'edit' , false , $id , $this -> response -> type ());
2018-07-19 11:48:22 +02:00
}
2020-01-17 10:11:51 +01:00
} else {
2019-10-02 14:30:34 +02:00
if ( $this -> request -> is ( 'ajax' )) {
if ( is_numeric ( $objectToSave )) {
2022-10-12 20:32:39 +02:00
$this -> MispObject -> Event -> unpublishEvent ( $event );
2022-09-28 10:11:57 +02:00
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'success' => __ ( 'Object attributes saved.' ))), 'status' => 200 , 'type' => 'json' ));
2018-07-19 11:48:22 +02:00
} else {
2019-10-02 14:30:34 +02:00
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'errors' => $error_message )), 'status' => 200 , 'type' => 'json' ));
2018-07-19 11:48:22 +02:00
}
2020-01-20 06:10:41 +01:00
} else {
2019-10-02 14:30:34 +02:00
if ( is_numeric ( $objectToSave )) {
2022-10-12 20:32:39 +02:00
$this -> MispObject -> Event -> unpublishEvent ( $event );
2020-01-20 06:10:41 +01:00
$this -> Flash -> success ( 'Object saved.' );
2019-10-02 14:30:34 +02:00
} else {
$this -> Flash -> error ( $error_message );
2018-07-19 11:48:22 +02:00
}
$this -> redirect ( array ( 'controller' => 'events' , 'action' => 'view' , $object [ 'Object' ][ 'event_id' ]));
}
}
} else {
$enabledRows = array ();
$this -> request -> data [ 'Object' ] = $object [ 'Object' ];
foreach ( $template [ 'ObjectTemplateElement' ] as $k => $element ) {
2022-09-23 15:03:46 +02:00
foreach ( $object [ 'Attribute' ] as $attribute ) {
if ( $attribute [ 'object_relation' ] === $element [ 'object_relation' ]) {
2018-07-19 11:48:22 +02:00
$enabledRows [] = $k ;
$this -> request -> data [ 'Attribute' ][ $k ] = $attribute ;
if ( ! empty ( $element [ 'values_list' ])) {
$this -> request -> data [ 'Attribute' ][ $k ][ 'value_select' ] = $attribute [ 'value' ];
} else {
if ( ! empty ( $element [ 'sane_default' ])) {
2022-09-23 15:03:46 +02:00
if ( in_array ( $attribute [ 'value' ], $element [ 'sane_default' ], true )) {
2018-07-19 11:48:22 +02:00
$this -> request -> data [ 'Attribute' ][ $k ][ 'value_select' ] = $attribute [ 'value' ];
} else {
$this -> request -> data [ 'Attribute' ][ $k ][ 'value_select' ] = 'Enter value manually' ;
}
}
}
}
}
}
}
$this -> set ( 'enabledRows' , $enabledRows );
2022-09-23 15:03:46 +02:00
$distributionData = $this -> MispObject -> Event -> Attribute -> fetchDistributionData ( $user );
2018-07-19 11:48:22 +02:00
$this -> set ( 'distributionData' , $distributionData );
$this -> set ( 'event' , $event );
$this -> set ( 'ajax' , false );
$this -> set ( 'template' , $template );
$this -> set ( 'action' , 'edit' );
$this -> set ( 'object' , $object );
2019-04-24 15:47:47 +02:00
$this -> set ( 'update_template_available' , $update_template_available );
2020-01-17 10:11:51 +01:00
$this -> set ( 'newer_template_version' , empty ( $templateData [ 'newer_template_version' ]) ? false : $templateData [ 'newer_template_version' ]);
2018-07-19 11:48:22 +02:00
$this -> render ( 'add' );
}
2017-07-06 15:04:01 +02:00
2019-06-13 09:16:34 +02:00
// ajax edit - post a single edited field and this method will attempt to save it and return a json with the validation errors if they occur.
public function editField ( $id )
{
if (( ! $this -> request -> is ( 'post' ) && ! $this -> request -> is ( 'put' ))) {
2019-07-11 10:36:37 +02:00
throw new MethodNotAllowedException ( __ ( 'This function can only be accessed via POST or PUT' ));
2019-06-13 09:16:34 +02:00
}
2019-10-28 15:45:33 +01:00
$object = $this -> MispObject -> find ( 'first' , array (
2020-07-24 21:53:28 +02:00
'conditions' => $this -> __objectIdToConditions ( $id ),
2019-10-28 15:45:33 +01:00
'contain' => 'Event' ,
'recursive' => - 1
));
2019-07-11 10:36:37 +02:00
if ( empty ( $object )) {
2019-06-13 10:51:59 +02:00
return $this -> RestResponse -> saveFailResponse ( 'Objects' , 'edit' , false , 'Invalid object' );
2019-06-13 09:16:34 +02:00
}
2020-07-20 10:10:47 +02:00
if ( ! $this -> __canModifyEvent ( $object )) {
return $this -> RestResponse -> saveFailResponse ( 'Objects' , 'edit' , false , 'You do not have permission to do that.' );
2019-06-13 09:16:34 +02:00
}
$validFields = array ( 'comment' , 'distribution' , 'first_seen' , 'last_seen' );
$changed = false ;
if ( empty ( $this -> request -> data [ 'Object' ])) {
$this -> request -> data = array ( 'Object' => $this -> request -> data );
if ( empty ( $this -> request -> data [ 'Object' ])) {
throw new MethodNotAllowedException ( 'Invalid input.' );
}
}
2019-07-04 13:52:29 +02:00
$seen_changed = false ;
2019-06-13 09:16:34 +02:00
foreach ( $this -> request -> data [ 'Object' ] as $changedKey => $changedField ) {
if ( ! in_array ( $changedKey , $validFields )) {
throw new MethodNotAllowedException ( 'Invalid field.' );
}
if ( $object [ 'Object' ][ $changedKey ] == $changedField ) {
$this -> autoRender = false ;
2019-06-13 10:51:59 +02:00
return $this -> RestResponse -> saveSuccessResponse ( 'Objects' , 'edit' , $id , false , 'nochange' );
2019-06-13 09:16:34 +02:00
}
2019-07-04 13:52:29 +02:00
$seen_changed = $changedKey == 'first_seen' || $changedKey == 'last_seen' ;
2019-06-13 09:16:34 +02:00
$object [ 'Object' ][ $changedKey ] = $changedField ;
$changed = true ;
}
2019-10-28 15:45:33 +01:00
$forcedSeenOnElements = array ();
2019-06-13 09:16:34 +02:00
if ( ! $changed ) {
2019-06-13 10:51:59 +02:00
return $this -> RestResponse -> saveSuccessResponse ( 'Objects' , 'edit' , $id , false , 'nochange' );
2019-10-28 15:45:33 +01:00
} elseif ( $seen_changed ) {
$forcedSeenOnElements [ $changedKey ] = $changedField ;
2019-06-13 09:16:34 +02:00
}
$date = new DateTime ();
$object [ 'Object' ][ 'timestamp' ] = $date -> getTimestamp ();
2020-11-06 09:16:15 +01:00
$object = $this -> MispObject -> syncObjectAndAttributeSeen ( $object , $forcedSeenOnElements , false );
2019-06-13 09:16:34 +02:00
if ( $this -> MispObject -> save ( $object )) {
2022-10-12 20:32:39 +02:00
$this -> MispObject -> Event -> unpublishEvent ( $object , false , $date -> getTimestamp ());
2019-07-04 13:52:29 +02:00
if ( $seen_changed ) {
2020-07-24 14:30:41 +02:00
$this -> MispObject -> Attribute -> saveAttributes ( $object [ 'Attribute' ], $this -> Auth -> user ());
2019-07-04 13:52:29 +02:00
}
2019-06-13 10:51:59 +02:00
return $this -> RestResponse -> saveSuccessResponse ( 'Objects' , 'edit' , $id , false , 'Field updated' );
2019-06-13 09:16:34 +02:00
} else {
2019-06-13 10:51:59 +02:00
return $this -> RestResponse -> saveFailResponse ( 'Objects' , 'edit' , false , $this -> MispObject -> validationErrors );
2019-06-13 09:16:34 +02:00
}
}
public function fetchViewValue ( $id , $field = null )
{
$validFields = array ( 'timestamp' , 'comment' , 'distribution' , 'first_seen' , 'last_seen' );
2022-04-17 09:58:28 +02:00
if ( ! isset ( $field ) || ! in_array ( $field , $validFields , true )) {
2019-06-13 09:16:34 +02:00
throw new MethodNotAllowedException ( 'Invalid field requested.' );
}
if ( ! $this -> request -> is ( 'ajax' )) {
throw new MethodNotAllowedException ( 'This function can only be accessed via AJAX.' );
}
$params = array (
2022-04-17 09:58:28 +02:00
'conditions' => array ( 'Object.id' => $id ),
'fields' => array ( 'id' , 'distribution' , 'event_id' , $field ),
'contain' => array (
'Event' => array (
'fields' => array ( 'distribution' , 'id' , 'org_id' ),
)
),
'flatten' => 1
2019-06-13 09:16:34 +02:00
);
$object = $this -> MispObject -> fetchObjectSimple ( $this -> Auth -> user (), $params );
if ( empty ( $object )) {
throw new NotFoundException ( __ ( 'Invalid object' ));
}
$object = $object [ 0 ];
$result = $object [ 'Object' ][ $field ];
2022-04-17 09:58:28 +02:00
if ( $field === 'distribution' ) {
2022-09-29 16:19:27 +02:00
$this -> set ( 'shortDist' , $this -> Attribute -> shortDist );
2019-06-13 09:16:34 +02:00
}
$this -> set ( 'value' , $result );
2022-04-17 09:58:28 +02:00
$this -> set ( 'field' , $field );
2022-04-28 14:51:21 +02:00
$this -> layout = false ;
2019-06-13 09:16:34 +02:00
$this -> render ( 'ajax/objectViewFieldForm' );
}
public function fetchEditForm ( $id , $field = null )
{
$validFields = array ( 'distribution' , 'comment' , 'first_seen' , 'last_seen' );
if ( ! isset ( $field ) || ! in_array ( $field , $validFields )) {
throw new MethodNotAllowedException ( 'Invalid field requested.' );
}
if ( ! $this -> request -> is ( 'ajax' )) {
throw new MethodNotAllowedException ( 'This function can only be accessed via AJAX.' );
}
$fields = array ( 'id' , 'distribution' , 'event_id' );
$fields [] = $field ;
$params = array (
'conditions' => array ( 'Object.id' => $id ),
'fields' => $fields ,
'contain' => array (
'Event' => array (
'fields' => array ( 'distribution' , 'id' , 'user_id' , 'orgc_id' , 'org_id' ),
)
)
);
$object = $this -> MispObject -> fetchObjectSimple ( $this -> Auth -> user (), $params );
if ( empty ( $object )) {
throw new NotFoundException ( __ ( 'Invalid attribute' ));
}
$object = $object [ 0 ];
2020-07-20 10:10:47 +02:00
if ( ! $this -> __canModifyEvent ( $object )) {
throw new NotFoundException ( __ ( 'Invalid object' ));
2019-06-13 09:16:34 +02:00
}
2022-04-28 14:51:21 +02:00
$this -> layout = false ;
2022-09-29 16:19:27 +02:00
if ( $field === 'distribution' ) {
2019-06-13 09:16:34 +02:00
$distributionLevels = $this -> MispObject -> shortDist ;
unset ( $distributionLevels [ 4 ]);
$this -> set ( 'distributionLevels' , $distributionLevels );
}
$this -> set ( 'object' , $object [ 'Object' ]);
$fieldURL = ucfirst ( $field );
$this -> render ( 'ajax/objectEdit' . $fieldURL . 'Form' );
}
// Construct a template with valid object attributes to add to an object
2020-07-20 10:10:47 +02:00
public function quickFetchTemplateWithValidObjectAttributes ( $id )
{
2019-06-13 09:16:34 +02:00
$params = array (
'conditions' => array ( 'Object.id' => $id ),
2022-09-23 15:03:46 +02:00
'fields' => array ( 'template_uuid' , 'template_version' , 'id' ),
2019-06-13 09:16:34 +02:00
'flatten' => 1 ,
);
// fetchObjects restrict access based on user
$object = $this -> MispObject -> fetchObjects ( $this -> Auth -> user (), $params );
if ( empty ( $object )) {
if ( $this -> request -> is ( 'ajax' )) {
return $this -> RestResponse -> saveFailResponse ( 'Objects' , 'add' , false , 'Invalid object' , $this -> response -> type ());
} else {
throw new NotFoundException ( __ ( 'Invalid object' ));
}
} else {
$object = $object [ 0 ];
}
// get object attributes already set
2022-09-23 15:03:46 +02:00
$existsObjectRelation = array ();
foreach ( $object [ 'Attribute' ] as $attr ) {
$existsObjectRelation [ $attr [ 'object_relation' ]] = true ;
2019-06-13 09:16:34 +02:00
}
// get object attribute defined in the object's template
$template = $this -> MispObject -> ObjectTemplate -> find ( 'first' , array (
'conditions' => array (
'ObjectTemplate.uuid' => $object [ 'Object' ][ 'template_uuid' ],
'ObjectTemplate.version' => $object [ 'Object' ][ 'template_version' ],
),
'recursive' => - 1 ,
'flatten' => 1 ,
'contain' => 'ObjectTemplateElement'
));
if ( empty ( $template )) {
if ( $this -> request -> is ( 'ajax' )) {
return $this -> RestResponse -> saveFailResponse ( 'Objects' , 'add' , false , 'Invalid template' , $this -> response -> type ());
} else {
throw new NotFoundException ( __ ( 'Invalid template' ));
}
}
// unset object invalid object attribute
2022-09-23 15:03:46 +02:00
foreach ( $template [ 'ObjectTemplateElement' ] as $i => $objAttr ) {
if ( isset ( $existsObjectRelation [ $objAttr [ 'object_relation' ]]) && ! $objAttr [ 'multiple' ]) {
2019-06-13 09:16:34 +02:00
unset ( $template [ 'ObjectTemplateElement' ][ $i ]);
}
}
if ( $this -> request -> is ( 'get' ) || $this -> request -> is ( 'post' )) {
$this -> set ( 'template' , $template );
$this -> set ( 'objectId' , $object [ 'Object' ][ 'id' ]);
2019-06-13 14:14:02 +02:00
$items = array ();
foreach ( $template [ 'ObjectTemplateElement' ] as $objectAttribute ) {
$name = sprintf ( '%s :: %s' , $objectAttribute [ 'object_relation' ], $objectAttribute [ 'type' ]);
$items [] = array (
'name' => $name ,
'value' => '/objects/quickAddAttributeForm/' . $object [ 'Object' ][ 'id' ] . '/' . $objectAttribute [ 'object_relation' ],
'template' => array (
'name' => $name ,
'infoExtra' => $objectAttribute [ 'description' ],
)
);
}
$this -> set ( 'options' , array (
'flag_redraw_chosen' => true
));
$this -> set ( 'items' , $items );
$this -> render ( '/Elements/generic_picker' );
2019-06-13 09:16:34 +02:00
} else {
return $template ;
}
}
/**
* GET : Returns a form allowing to add a valid object attribute to an object
* POST / PUT : Add the attribute to the object
*/
2020-07-20 10:10:47 +02:00
public function quickAddAttributeForm ( $id , $fieldName = null )
{
2019-06-13 09:16:34 +02:00
if ( $this -> request -> is ( 'GET' )) {
if ( ! isset ( $fieldName )) {
throw new MethodNotAllowedException ( 'No field requested.' );
}
$params = array (
'conditions' => array ( 'Object.id' => $id ),
2022-04-24 10:39:08 +02:00
'fields' => array ( 'template_uuid' , 'template_version' , 'id' , 'event_id' ),
2019-06-13 09:16:34 +02:00
'flatten' => 1 ,
2020-07-20 10:10:47 +02:00
'contain' => array (
2022-09-30 09:43:10 +02:00
'Event' => [ 'fields' => [ 'id' , 'user_id' , 'org_id' , 'orgc_id' ]]
2020-07-20 10:10:47 +02:00
)
2019-06-13 09:16:34 +02:00
);
// fetchObjects restrict access based on user
$object = $this -> MispObject -> fetchObjects ( $this -> Auth -> user (), $params );
if ( empty ( $object )) {
throw new NotFoundException ( __ ( 'Invalid object' ));
}
2022-04-24 10:39:08 +02:00
$object = $object [ 0 ];
2020-07-20 10:10:47 +02:00
if ( ! $this -> __canModifyEvent ( $object )) {
throw new ForbiddenException ( __ ( 'You do not have permission to do that.' ));
}
2019-06-13 09:16:34 +02:00
$template = $this -> MispObject -> ObjectTemplate -> find ( 'first' , array (
'conditions' => array (
'ObjectTemplate.uuid' => $object [ 'Object' ][ 'template_uuid' ],
'ObjectTemplate.version' => $object [ 'Object' ][ 'template_version' ],
),
'recursive' => - 1 ,
'flatten' => 1 ,
'contain' => array (
'ObjectTemplateElement' => array ( 'conditions' => array (
'object_relation' => $fieldName
))
)
));
if ( empty ( $template )) {
2020-07-20 10:10:47 +02:00
throw new NotFoundException ( __ ( 'Invalid template' ));
2019-06-13 09:16:34 +02:00
}
if ( empty ( $template [ 'ObjectTemplateElement' ])) {
2022-09-23 15:03:46 +02:00
throw new NotFoundException ( __ ( 'Invalid field `%s`' , h ( $fieldName )));
2019-06-13 09:16:34 +02:00
}
// check if fields can be added
2022-09-23 15:03:46 +02:00
foreach ( $object [ 'Attribute' ] as $objAttr ) {
2019-06-13 09:16:34 +02:00
$objectAttrFromTemplate = $template [ 'ObjectTemplateElement' ][ 0 ];
2022-09-23 15:03:46 +02:00
if ( $objAttr [ 'object_relation' ] === $fieldName && ! $objectAttrFromTemplate [ 'multiple' ]) {
2019-06-13 09:16:34 +02:00
throw new NotFoundException ( __ ( 'Invalid field' ));
}
}
$template = $this -> MispObject -> prepareTemplate ( $template , $object );
2022-04-24 10:39:08 +02:00
$this -> layout = false ;
2019-06-13 09:16:34 +02:00
$this -> set ( 'object' , $object [ 'Object' ]);
2019-06-13 14:14:02 +02:00
$template_element = $template [ 'ObjectTemplateElement' ][ 0 ];
unset ( $template_element [ 'value' ]); // avoid filling if multiple
$this -> set ( 'template_element' , $template_element );
2022-04-24 10:39:08 +02:00
$distributionData = $this -> MispObject -> Attribute -> fetchDistributionData ( $this -> Auth -> user ());
2019-06-13 09:16:34 +02:00
$this -> set ( 'distributionData' , $distributionData );
2022-04-24 10:39:08 +02:00
$info = [ 'category' => [], 'distribution' => []];
foreach ( $this -> MispObject -> Attribute -> categoryDefinitions as $key => $value ) {
$info [ 'category' ][ $key ] = isset ( $value [ 'formdesc' ]) ? $value [ 'formdesc' ] : $value [ 'desc' ];
}
foreach ( $this -> MispObject -> Attribute -> distributionLevels as $key => $value ) {
$info [ 'distribution' ][ $key ] = $this -> MispObject -> Attribute -> distributionDescriptions [ $key ][ 'formdesc' ];
2019-06-13 09:16:34 +02:00
}
2022-04-24 10:39:08 +02:00
$this -> set ( 'fieldDesc' , $info );
2019-06-13 09:16:34 +02:00
$this -> render ( 'ajax/quickAddAttributeForm' );
} else if ( $this -> request -> is ( 'post' ) || $this -> request -> is ( 'put' )) {
2019-06-13 10:34:22 +02:00
return $this -> edit ( $this -> request -> data [ 'Object' ][ 'id' ], false , true );
2019-06-13 09:16:34 +02:00
}
}
2018-07-19 11:48:22 +02:00
public function delete ( $id , $hard = false )
{
if ( ! $this -> userRole [ 'perm_modify' ]) {
2020-07-20 10:10:47 +02:00
throw new ForbiddenException ( __ ( 'You don\'t have permissions to delete objects.' ));
2018-07-19 11:48:22 +02:00
}
$object = $this -> MispObject -> find ( 'first' , array (
'recursive' => - 1 ,
2020-07-24 21:53:28 +02:00
'fields' => array ( 'Object.id' , 'Object.event_id' , 'Event.id' , 'Event.uuid' , 'Event.orgc_id' , 'Event.user_id' ),
'conditions' => $this -> __objectIdToConditions ( $id ),
2018-07-19 11:48:22 +02:00
'contain' => array (
'Event'
)
));
if ( empty ( $object )) {
2020-07-20 10:10:47 +02:00
throw new NotFoundException ( __ ( 'Invalid object.' ));
2018-07-19 11:48:22 +02:00
}
2020-07-20 10:10:47 +02:00
if ( ! $this -> __canModifyEvent ( $object )) {
throw new ForbiddenException ( __ ( 'You do not have permission to do that.' ));
2018-07-19 11:48:22 +02:00
}
2020-07-20 10:10:47 +02:00
$eventId = $object [ 'Event' ][ 'id' ];
2018-07-19 11:48:22 +02:00
if ( ! $this -> _isRest ()) {
$this -> MispObject -> Event -> insertLock ( $this -> Auth -> user (), $eventId );
}
2019-07-12 16:05:15 +02:00
if ( $this -> request -> is ( 'post' ) || $this -> request -> is ( 'delete' )) {
2021-01-22 10:26:14 +01:00
if ( ! empty ( $this -> request -> data [ 'hard' ])) {
$hard = true ;
}
2020-07-24 21:53:28 +02:00
if ( $this -> __delete ( $object [ 'Object' ][ 'id' ], $hard )) {
2018-07-19 11:48:22 +02:00
$message = 'Object deleted.' ;
if ( $this -> request -> is ( 'ajax' )) {
return new CakeResponse (
array (
'body' => json_encode (
array (
'saved' => true ,
'success' => $message
)
),
'status' => 200 ,
'type' => 'json'
)
);
} elseif ( $this -> _isRest ()) {
return $this -> RestResponse -> saveSuccessResponse (
'Objects' ,
'delete' ,
2020-07-24 21:53:28 +02:00
$eventId ,
2018-07-19 11:48:22 +02:00
$this -> response -> type ()
);
} else {
$this -> Flash -> success ( $message );
2020-07-24 21:53:28 +02:00
$this -> redirect ( array ( 'controller' => 'events' , 'action' => 'view' , $eventId ));
2018-07-19 11:48:22 +02:00
}
} else {
$message = 'Object could not be deleted.' ;
if ( $this -> request -> is ( 'ajax' )) {
return new CakeResponse (
array (
'body' => json_encode (
array (
'saved' => false ,
'errors' => $message
)
),
'status' => 200 ,
'type' => 'json'
)
);
} elseif ( $this -> _isRest ()) {
return $this -> RestResponse -> saveFailResponse (
'Objects' ,
'delete' ,
false ,
$this -> MispObject -> validationErrors ,
$this -> response -> type ()
);
} else {
$this -> Flash -> error ( $message );
$this -> redirect ( array ( 'controller' => 'events' , 'action' => 'view' , $object [ 'Event' ][ 'id' ]));
}
}
} else {
if ( $this -> request -> is ( 'ajax' ) && $this -> request -> is ( 'get' )) {
$this -> set ( 'hard' , $hard );
$this -> set ( 'id' , $id );
2020-07-24 21:53:28 +02:00
$this -> set ( 'event_id' , $eventId );
2018-07-19 11:48:22 +02:00
$this -> render ( 'ajax/delete' );
}
}
}
2017-06-13 12:08:26 +02:00
2018-07-19 11:48:22 +02:00
private function __delete ( $id , $hard )
{
2020-07-23 11:52:46 +02:00
$options = array (
'conditions' => array ( 'Object.id' => $id )
);
$object = $this -> MispObject -> fetchObjects ( $this -> Auth -> user (), $options );
2018-07-19 11:48:22 +02:00
if ( empty ( $object )) {
throw new MethodNotAllowedException ( __ ( 'Object not found or not authorised.' ));
}
2020-07-23 11:52:46 +02:00
$object = $object [ 0 ];
return $this -> MispObject -> deleteObject ( $object , $hard = $hard );
2018-07-19 11:48:22 +02:00
}
2017-08-06 18:23:24 +02:00
2018-07-19 11:48:22 +02:00
public function view ( $id )
{
2020-11-02 17:28:17 +01:00
if ( $this -> request -> is ( 'head' )) { // Just check if object exists
$exists = $this -> MispObject -> fetchObjects ( $this -> Auth -> user (), [
2020-07-24 21:53:28 +02:00
'conditions' => $this -> __objectIdToConditions ( $id ),
2020-11-02 17:28:17 +01:00
'metadata' => true ,
]);
return new CakeResponse ([ 'status' => $exists ? 200 : 404 ]);
}
$objects = $this -> MispObject -> fetchObjects ( $this -> Auth -> user (), array (
'conditions' => $this -> __objectIdToConditions ( $id ),
));
if ( empty ( $objects )) {
2019-08-14 11:39:51 +02:00
throw new NotFoundException ( __ ( 'Invalid object.' ));
2018-07-19 11:48:22 +02:00
}
2020-11-02 17:28:17 +01:00
$object = $objects [ 0 ];
if ( $this -> _isRest ()) {
if ( ! empty ( $object [ 'Event' ])) {
$object [ 'Object' ][ 'Event' ] = $object [ 'Event' ];
}
if ( ! empty ( $object [ 'Attribute' ])) {
$object [ 'Object' ][ 'Attribute' ] = $object [ 'Attribute' ];
}
return $this -> RestResponse -> viewData ( array ( 'Object' => $object [ 'Object' ]), $this -> response -> type ());
} else {
$this -> redirect ( '/events/view/' . $object [ 'Object' ][ 'event_id' ]);
}
2018-07-19 11:48:22 +02:00
}
2017-08-06 18:23:24 +02:00
2018-07-19 11:48:22 +02:00
public function orphanedObjectDiagnostics ()
{
$objectIds = $this -> MispObject -> find ( 'list' , array (
'fields' => array ( 'id' , 'event_id' )
));
$template_uuids = $this -> MispObject -> ObjectTemplate -> find ( 'list' , array (
'recursive' => - 1 ,
'fields' => array ( 'ObjectTemplate.version' , 'ObjectTemplate.id' , 'ObjectTemplate.uuid' )
));
$template_ids = array ();
foreach ( $template_uuids as $template_uuid ) {
$template_ids [] = end ( $template_uuid );
}
$templates = $this -> MispObject -> ObjectTemplate -> find ( 'all' , array (
'conditions' => array ( 'ObjectTemplate.id' => $template_ids ),
'recursive' => - 1 ,
'fields' => array (
'ObjectTemplate.id' ,
'ObjectTemplate.uuid' ,
'ObjectTemplate.name' ,
'ObjectTemplate.version' ,
'ObjectTemplate.description' ,
'ObjectTemplate.meta-category' ,
),
'contain' => array ( 'ObjectTemplateElement' => array ( 'fields' => array ( 'ObjectTemplateElement.object_relation' , 'ObjectTemplateElement.type' )))
));
foreach ( $templates as $k => $v ) {
$templates [ $k ][ 'elements' ] = array ();
foreach ( $v [ 'ObjectTemplateElement' ] as $k2 => $v2 ) {
$templates [ $k ][ 'elements' ][ $v2 [ 'object_relation' ]] = $v2 [ 'type' ];
}
unset ( $templates [ $k ][ 'ObjectTemplateElement' ]);
}
$count = 0 ;
$capturedObjects = array ();
$unmappedAttributes = array ();
foreach ( $objectIds as $objectId => $event_id ) {
$attributes = $this -> MispObject -> Attribute -> find ( 'all' , array (
'conditions' => array (
'Attribute.object_id' => $objectId ,
'Attribute.event_id !=' => $event_id ,
'Attribute.deleted' => 0
),
'recursive' => - 1
));
$matched_template = false ;
if ( ! empty ( $attributes )) {
foreach ( $templates as $template ) {
$fail = false ;
$original_event_id = false ;
$original_timestamp = false ;
foreach ( $attributes as $ka => $attribute ) {
if ( $original_event_id == false ) {
$original_event_id = $attribute [ 'Attribute' ][ 'event_id' ];
}
if ( $original_timestamp == false ) {
$original_timestamp = $attribute [ 'Attribute' ][ 'timestamp' ] - 1 ;
} elseif ( $original_event_id != $attribute [ 'Attribute' ][ 'event_id' ]) {
unset ( $attributes [ $ka ]);
break ;
}
if ( ! isset ( $template [ 'elements' ][ $attribute [ 'Attribute' ][ 'object_relation' ]]) || $template [ 'elements' ][ $attribute [ 'Attribute' ][ 'object_relation' ]] != $attribute [ 'Attribute' ][ 'type' ]) {
$fail = true ;
break ;
}
}
$template [ 'ObjectTemplate' ][ 'timestamp' ] = $original_timestamp ;
if ( ! $fail ) {
$matched_template = $template ;
$template [ 'ObjectTemplate' ][ 'template_uuid' ] = $template [ 'ObjectTemplate' ][ 'uuid' ];
unset ( $template [ 'ObjectTemplate' ][ 'uuid' ]);
$template [ 'ObjectTemplate' ][ 'template_version' ] = $template [ 'ObjectTemplate' ][ 'version' ];
unset ( $template [ 'ObjectTemplate' ][ 'version' ]);
$template [ 'ObjectTemplate' ][ 'original_id' ] = $objectId ;
unset ( $template [ 'ObjectTemplate' ][ 'id' ]);
$template [ 'ObjectTemplate' ][ 'distribution' ] = 0 ;
$template [ 'ObjectTemplate' ][ 'sharing_group_id' ] = 0 ;
$template [ 'ObjectTemplate' ][ 'comment' ] = '' ;
$template [ 'ObjectTemplate' ][ 'event_id' ] = $original_event_id ;
$capturedObjects [ $objectId ][ 'Object' ] = $template [ 'ObjectTemplate' ];
$capturedObjects [ $objectId ][ 'Attribute' ] = array ();
foreach ( $attributes as $attribute ) {
if ( $attribute [ 'Attribute' ][ 'event_id' ] == $original_event_id ) {
$capturedObjects [ $objectId ][ 'Attribute' ][] = $attribute [ 'Attribute' ];
} else {
$unmappedAttributes [] = $attribute [ 'Attribute' ];
}
}
$this -> loadModel ( 'Log' );
$logEntries = $this -> Log -> find ( 'list' , array (
'recursive' => - 1 ,
'conditions' => array (
'model_id' => $template [ 'ObjectTemplate' ][ 'original_id' ],
'action' => 'add' ,
'model' => 'MispObject'
),
'fields' => array ( 'id' , 'change' ),
'sort' => array ( 'id asc' )
));
$capturedOriginalData = array ();
// reconstructing object details via log entries
if ( ! empty ( $logEntries )) {
$logEntry = reset ( $logEntries );
preg_match ( '/event_id.\(\).\=\>.\(([0-9]+)?\)/' , $logEntry , $capturedOriginalData [ 'event_id' ]);
preg_match ( '/uuid.\(\).\=\>.\(([0-9a-f\-]+)?\)/' , $logEntry , $capturedOriginalData [ 'uuid' ]);
preg_match ( '/distribution.\(\).\=\>.\(([0-9]+)?\)/' , $logEntry , $capturedOriginalData [ 'distribution' ]);
preg_match ( '/sharing_group_id.\(\).\=\>.\(([0-9]+)?\)/' , $logEntry , $capturedOriginalData [ 'sharing_group_id' ]);
if ( ! empty ( $capturedOriginalData [ 'event_id' ]) && $capturedOriginalData [ 'event_id' ] == $original_event_id ) {
if ( isset ( $capturedOriginalData [ 'uuid' ][ 1 ])) {
$capturedObjects [ $objectId ][ 'uuid' ] = $capturedOriginalData [ 'uuid' ][ 1 ];
}
if ( isset ( $capturedOriginalData [ 'distribution' ][ 1 ])) {
$capturedObjects [ $objectId ][ 'distribution' ] = $capturedOriginalData [ 'distribution' ][ 1 ];
}
if ( isset ( $capturedOriginalData [ 'sharing_group_id' ][ 1 ])) {
$capturedObjects [ $objectId ][ 'sharing_group_id' ] = $capturedOriginalData [ 'sharing_group_id' ][ 1 ];
}
} else {
$capturedOriginalData = array ();
}
}
$objectReferences = $this -> MispObject -> ObjectReference -> find ( 'all' , array (
'recursive' => - 1 ,
'conditions' => array (
'ObjectReference.event_id' => $original_event_id ,
'ObjectReference.object_id' => $template [ 'ObjectTemplate' ][ 'original_id' ]
)
));
$objectReferencesReverse = $this -> MispObject -> ObjectReference -> find ( 'all' , array (
'recursive' => - 1 ,
'conditions' => array (
'ObjectReference.event_id' => $original_event_id ,
'ObjectReference.referenced_id' => $template [ 'ObjectTemplate' ][ 'original_id' ],
'ObjectReference.referenced_type' => 1 ,
)
));
$original_uuid = false ;
if ( ! empty ( $objectReferences )) {
foreach ( $objectReferences as $objectReference ) {
$original_uuid = $objectReference [ 'ObjectReference' ][ 'object_uuid' ];
$capturedObjects [ $objectId ][ 'ObjectReference' ][] = $objectReference [ 'ObjectReference' ];
}
}
if ( ! empty ( $objectReferencesReverse )) {
foreach ( $objectReferencesReverse as $objectReference ) {
$original_uuid = $objectReference [ 'ObjectReference' ][ 'object_uuid' ];
$capturedObjects [ $objectId ][ 'ObjectReferenceReverse' ][] = $objectReference [ 'ObjectReference' ];
}
}
break ;
}
}
}
}
if ( $this -> request -> is ( 'post' )) {
$success = 0 ;
$log = ClassRegistry :: init ( 'Log' );
$queries = array ();
$counterQueries = array ();
foreach ( $capturedObjects as $object ) {
$this -> MispObject -> create ();
$result = $this -> MispObject -> save ( $object );
$id = intval ( $this -> MispObject -> id );
if ( $id > 0 ) {
$success ++ ;
$saveResult [ 'success' ][ 'Object' ][] = $id ;
foreach ( $object [ 'Attribute' ] as $attribute ) {
if ( ! empty ( $attribute [ 'id' ]) && $attribute [ 'id' ] > 0 ) {
$queries [] = 'UPDATE attributes SET object_id = ' . $id . ' WHERE id = ' . intval ( $attribute [ 'id' ]) . ';' ;
$counterQueries [] = 'UPDATE attributes SET object_id = ' . intval ( $attribute [ 'object_id' ]) . ' WHERE id = ' . intval ( $attribute [ 'id' ]) . ';' ;
}
}
if ( ! empty ( $object [ 'ObjectReference' ])) {
foreach ( $object [ 'ObjectReference' ] as $reference ) {
if ( ! empty ( $reference [ 'id' ]) && $reference [ 'id' ] > 0 ) {
$queries [] = 'UPDATE object_references SET object_id = ' . $id . ' WHERE id = ' . intval ( $reference [ 'id' ]) . ';' ;
$counterQueries [] = 'UPDATE object_references SET object_id = ' . intval ( $reference [ 'object_id' ]) . ' WHERE id = ' . intval ( $reference [ 'id' ]) . ';' ;
}
}
}
if ( ! empty ( $object [ 'ObjectReferenceReverse' ])) {
foreach ( $object [ 'ObjectReferenceReverse' ] as $reference ) {
if ( ! empty ( $reference [ 'id' ]) && $reference [ 'id' ] > 0 ) {
$queries [] = 'UPDATE object_references SET referenced_id = ' . $id . ' WHERE id = ' . intval ( $reference [ 'id' ]) . ';' ;
$counterQueries [] = 'UPDATE object_references SET referenced_id = ' . intval ( $reference [ 'referenced_id' ]) . ' WHERE id = ' . intval ( $reference [ 'id' ]) . ';' ;
}
}
}
}
}
file_put_contents ( APP . 'files/scripts/tmp/object_recovery_' . time () . '.sql' , implode ( " \n " , $counterQueries ));
$this -> MispObject -> query ( implode ( " \n " , $queries ));
$message = '' ;
$this -> Flash -> success ( __ ( '%s objects successfully reconstructed.' , $success ));
$this -> redirect ( '/objects/orphanedObjectDiagnostics' );
}
$this -> set ( 'captured' , $capturedObjects );
$this -> set ( 'unmapped' , $unmappedAttributes );
}
2019-05-08 16:56:19 +02:00
2022-09-22 16:09:18 +02:00
public function proposeObjectsFromAttributes ( $eventId , $selectedAttributes = '[]' )
2019-05-08 16:56:19 +02:00
{
2019-06-12 11:17:17 +02:00
if ( ! $this -> request -> is ( 'ajax' )) {
throw new MethodNotAllowedException ( __ ( 'This action can only be reached via AJAX.' ));
}
2022-09-22 16:09:18 +02:00
$selectedAttributes = $this -> _jsonDecode ( $selectedAttributes );
$res = $this -> MispObject -> validObjectsFromAttributeTypes ( $this -> Auth -> user (), $eventId , $selectedAttributes );
2022-10-01 13:52:43 +02:00
$this -> set ( 'potential_templates' , $res [ 'templates' ]);
$this -> set ( 'selected_types' , $res [ 'types' ]);
2022-09-22 16:09:18 +02:00
$this -> set ( 'event_id' , $eventId );
2019-05-16 17:13:18 +02:00
}
2020-07-24 21:53:28 +02:00
public function groupAttributesIntoObject ( $event_id , $selected_template , $selected_attribute_ids = '[]' )
2019-05-16 17:13:18 +02:00
{
2022-09-23 11:31:18 +02:00
if ( ! $this -> request -> is ( 'ajax' )) {
throw new MethodNotAllowedException ( __ ( 'This action can only be reached via AJAX.' ));
}
2019-06-12 11:00:17 +02:00
$event = $this -> MispObject -> Event -> find ( 'first' , array (
'recursive' => - 1 ,
2020-07-24 21:53:28 +02:00
'fields' => array ( 'Event.id' , 'Event.uuid' , 'Event.orgc_id' , 'Event.user_id' , 'Event.publish_timestamp' ),
2019-06-12 11:00:17 +02:00
'conditions' => array ( 'Event.id' => $event_id )
));
2020-07-24 21:53:28 +02:00
if ( empty ( $event )) {
2019-06-12 11:00:17 +02:00
throw new NotFoundException ( __ ( 'Invalid event.' ));
}
2020-07-24 21:53:28 +02:00
if ( ! $this -> __canModifyEvent ( $event )) {
throw new ForbiddenException ( __ ( 'You do not have permission to do that.' ));
}
2019-06-12 11:00:17 +02:00
$hard_delete_attribute = $event [ 'Event' ][ 'publish_timestamp' ] == 0 ;
2019-05-16 17:13:18 +02:00
if ( $this -> request -> is ( 'post' )) {
2019-05-17 16:02:06 +02:00
$template = $this -> MispObject -> ObjectTemplate -> find ( 'first' , array (
2019-05-16 17:13:18 +02:00
'recursive' => - 1 ,
'conditions' => array ( 'ObjectTemplate.id' => $selected_template , 'ObjectTemplate.active' => true )
));
if ( empty ( $template )) {
2019-05-17 16:02:06 +02:00
throw new NotFoundException ( __ ( 'Invalid template.' ));
2019-05-16 17:13:18 +02:00
}
2019-05-20 14:30:20 +02:00
$distribution = $this -> request -> data [ 'Object' ][ 'distribution' ];
2022-09-23 11:31:18 +02:00
$sharingGroupId = $this -> request -> data [ 'Object' ][ 'sharing_group_id' ] ? ? 0 ;
2019-05-20 14:30:20 +02:00
$comment = $this -> request -> data [ 'Object' ][ 'comment' ];
2022-09-23 11:31:18 +02:00
$selected_attribute_ids = $this -> _jsonDecode ( $this -> request -> data [ 'Object' ][ 'selectedAttributeIds' ]);
$selected_object_relation_mapping = $this -> _jsonDecode ( $this -> request -> data [ 'Object' ][ 'selectedObjectRelationMapping' ]);
2019-05-20 14:30:20 +02:00
if ( $distribution == 4 ) {
2022-09-23 11:31:18 +02:00
$sg = $this -> MispObject -> SharingGroup -> fetchSG ( $sharingGroupId , $this -> Auth -> user ());
2019-05-20 14:30:20 +02:00
if ( empty ( $sg )) {
throw new NotFoundException ( __ ( 'Invalid sharing group.' ));
}
2019-05-20 17:36:00 +02:00
} else {
2022-09-23 11:31:18 +02:00
$sharingGroupId = 0 ;
2019-05-20 14:30:20 +02:00
}
2019-06-06 15:11:34 +02:00
$object = array (
'Object' => array (
'distribution' => $distribution ,
2022-09-23 11:31:18 +02:00
'sharing_group_id' => $sharingGroupId ,
2019-06-06 15:11:34 +02:00
'comment' => $comment ,
),
'Attribute' => array ()
);
2019-06-12 11:00:17 +02:00
$result = $this -> MispObject -> groupAttributesIntoObject ( $this -> Auth -> user (), $event_id , $object , $template , $selected_attribute_ids , $selected_object_relation_mapping , $hard_delete_attribute );
2019-05-20 17:36:00 +02:00
if ( is_numeric ( $result )) {
2022-10-12 20:32:39 +02:00
$this -> MispObject -> Event -> unpublishEvent ( $event );
2019-05-20 17:36:00 +02:00
return $this -> RestResponse -> saveSuccessResponse ( 'Objects' , 'Created from Attributes' , $result , $this -> response -> type ());
2019-05-20 14:30:20 +02:00
} else {
2019-05-20 17:36:00 +02:00
$error = __ ( 'Failed to create an Object from Attributes. Error: ' ) . PHP_EOL . h ( $result );
return $this -> RestResponse -> saveFailResponse ( 'Objects' , 'Created from Attributes' , false , $error , $this -> response -> type ());
2019-05-20 14:30:20 +02:00
}
2019-05-16 17:13:18 +02:00
} else {
2022-09-23 11:31:18 +02:00
$selected_attribute_ids = $this -> _jsonDecode ( $selected_attribute_ids );
2019-05-17 16:28:58 +02:00
$selected_attributes = $this -> MispObject -> Attribute -> fetchAttributes ( $this -> Auth -> user (), array ( 'conditions' => array (
'Attribute.id' => $selected_attribute_ids ,
'Attribute.event_id' => $event_id ,
'Attribute.object_id' => 0
)));
if ( empty ( $selected_attributes )) {
throw new MethodNotAllowedException ( __ ( 'No Attribute selected.' ));
}
2019-05-17 16:02:06 +02:00
$template = $this -> MispObject -> ObjectTemplate -> find ( 'first' , array (
'recursive' => - 1 ,
'conditions' => array ( 'ObjectTemplate.id' => $selected_template , 'ObjectTemplate.active' => true ),
2019-05-17 16:28:58 +02:00
'contain' => 'ObjectTemplateElement'
2019-05-17 16:02:06 +02:00
));
if ( empty ( $template )) {
throw new NotFoundException ( __ ( 'Invalid template.' ));
}
2022-10-01 13:52:43 +02:00
$attributeTypes = array_column ( array_column ( $selected_attributes , 'Attribute' ), 'type' );
$conformity_result = $this -> MispObject -> ObjectTemplate -> checkTemplateConformityBasedOnTypes ( $template , $attributeTypes );
2019-05-17 16:28:58 +02:00
$skipped_attributes = 0 ;
foreach ( $selected_attributes as $i => $attribute ) {
2022-09-23 11:31:18 +02:00
if ( in_array ( $attribute [ 'Attribute' ][ 'type' ], $conformity_result [ 'invalidTypes' ], true )) {
2019-05-17 16:28:58 +02:00
unset ( $selected_attributes [ $i ]);
2019-05-21 10:56:58 +02:00
$array_position = array_search ( $attribute [ 'Attribute' ][ 'id' ], $selected_attribute_ids );
unset ( $selected_attribute_ids [ $array_position ]);
2019-05-17 16:28:58 +02:00
$skipped_attributes ++ ;
}
}
2019-05-17 16:02:06 +02:00
$object_relations = array ();
foreach ( $template [ 'ObjectTemplateElement' ] as $template_element ) {
2019-05-24 14:29:35 +02:00
$object_relations [ $template_element [ 'type' ]][] = $template_element ;
2019-05-17 16:02:06 +02:00
}
2019-06-06 16:43:54 +02:00
$object_references = $this -> MispObject -> ObjectReference -> find ( 'all' , array (
'conditions' => array (
'ObjectReference.referenced_id' => $selected_attribute_ids ,
),
'recursive' => - 1
));
foreach ( $object_references as $i => $object_reference ) {
$temp_object = $this -> MispObject -> find ( 'first' , array ( 'id' => $object_reference [ 'ObjectReference' ][ 'object_id' ], 'recursive' => - 1 ));
$temp_attribute = $this -> MispObject -> Attribute -> find ( 'first' , array ( 'id' => $object_reference [ 'ObjectReference' ][ 'referenced_id' ], 'recursive' => - 1 ));
if ( ! empty ( $temp_object ) && ! empty ( $temp_attribute )) {
$temp_object = $temp_object [ 'Object' ];
$temp_attribute = $temp_attribute [ 'Attribute' ];
$object_references [ $i ][ 'ObjectReference' ][ 'object_name' ] = $temp_object [ 'name' ];
$object_references [ $i ][ 'ObjectReference' ][ 'attribute_name' ] = sprintf ( '%s/%s: "%s"' , $temp_attribute [ 'category' ], $temp_attribute [ 'type' ], $temp_attribute [ 'value' ]);
}
}
2019-05-16 17:13:18 +02:00
$distributionData = $this -> MispObject -> Event -> Attribute -> fetchDistributionData ( $this -> Auth -> user ());
2019-05-17 16:51:21 +02:00
$this -> set ( 'event_id' , $event_id );
2019-06-12 11:00:17 +02:00
$this -> set ( 'hard_delete_attribute' , $hard_delete_attribute );
2019-05-16 17:13:18 +02:00
$this -> set ( 'distributionData' , $distributionData );
$this -> set ( 'distributionLevels' , $this -> MispObject -> Attribute -> distributionLevels );
$this -> set ( 'selectedTemplateTd' , $selected_template );
$this -> set ( 'selectedAttributeIds' , $selected_attribute_ids );
2019-05-17 16:02:06 +02:00
$this -> set ( 'template' , $template );
$this -> set ( 'object_relations' , $object_relations );
2019-05-16 17:13:18 +02:00
$this -> set ( 'attributes' , $selected_attributes );
2019-05-17 16:28:58 +02:00
$this -> set ( 'skipped_attributes' , $skipped_attributes );
2019-06-06 16:43:54 +02:00
$this -> set ( 'object_references' , $object_references );
2019-05-16 17:13:18 +02:00
}
2019-05-08 16:56:19 +02:00
}
2020-07-24 21:53:28 +02:00
private function __objectIdToConditions ( $id )
{
if ( is_numeric ( $id )) {
$conditions = array ( 'Object.id' => $id );
} elseif ( Validation :: uuid ( $id )) {
$conditions = array ( 'Object.uuid' => $id );
} else {
throw new NotFoundException ( __ ( 'Invalid object ID.' ));
}
return $conditions ;
}
2017-06-13 12:08:26 +02:00
}
