2012-03-15 15:06:45 +01:00
< ? php
/**
* Application model for Cake .
*
* This file is application - wide model file . You can put all
* application - wide model - related methods here .
*
* PHP 5
*
* CakePHP ( tm ) : Rapid Development Framework ( http :// cakephp . org )
2012-09-25 15:41:58 +02:00
* Copyright 2005 - 2012 , Cake Software Foundation , Inc . ( http :// cakefoundation . org )
2012-03-15 15:06:45 +01:00
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice .
*
2012-09-25 15:41:58 +02:00
* @ copyright Copyright 2005 - 2012 , Cake Software Foundation , Inc . ( http :// cakefoundation . org )
2012-03-15 15:06:45 +01:00
* @ link http :// cakephp . org CakePHP ( tm ) Project
* @ package app . Model
* @ since CakePHP ( tm ) v 0.2 . 9
* @ license MIT License ( http :// www . opensource . org / licenses / mit - license . php )
*/
App :: uses ( 'Model' , 'Model' );
2012-09-20 11:34:41 +02:00
App :: uses ( 'LogableBehavior' , 'Assets.models/behaviors' );
2012-03-15 15:06:45 +01:00
class AppModel extends Model {
2012-12-18 04:50:52 +01:00
public $name ;
public function __construct ( $id = false , $table = null , $ds = null ) {
parent :: __construct ( $id , $table , $ds );
$this -> name = get_class ( $this );
}
2016-06-04 01:08:16 +02:00
2016-02-12 05:47:06 +01:00
// major -> minor -> hotfix -> requires_logout
2016-01-10 19:47:21 +01:00
public $db_changes = array (
2 => array (
2016-11-21 17:50:23 +01:00
4 => array ( 18 => false , 19 => false , 20 => false , 25 => false , 27 => false , 32 => false , 33 => true , 38 => true , 39 => true , 40 => false , 42 => false , 44 => false , 45 => false , 49 => true , 50 => false , 51 => false , 52 => false , 55 => true )
2016-01-10 19:47:21 +01:00
)
);
2016-06-04 01:08:16 +02:00
2016-02-15 18:25:29 +01:00
// Generic update script
2016-02-17 14:43:33 +01:00
// add special cases where the upgrade does more than just update the DB
// this could become useful in the future
2016-02-15 18:25:29 +01:00
public function updateMISP ( $command ) {
2016-06-04 15:45:39 +02:00
switch ( $command ) {
2016-02-17 14:43:33 +01:00
case '2.4.20' :
2016-02-15 18:25:29 +01:00
$this -> updateDatabase ( $command );
2016-02-17 14:43:33 +01:00
$this -> ShadowAttribute = ClassRegistry :: init ( 'ShadowAttribute' );
$this -> ShadowAttribute -> upgradeToProposalCorrelation ();
2016-02-15 18:25:29 +01:00
break ;
2016-03-09 01:34:02 +01:00
case '2.4.25' :
$this -> updateDatabase ( $command );
$newFeeds = array (
2016-08-17 03:15:57 +02:00
array ( 'provider' => 'CIRCL' , 'name' => 'CIRCL OSINT Feed' , 'url' => 'https://www.circl.lu/doc/misp/feed-osint' , 'enabled' => 0 ),
2016-03-09 01:34:02 +01:00
);
$this -> __addNewFeeds ( $newFeeds );
break ;
2016-03-11 17:47:55 +01:00
case '2.4.27' :
$newFeeds = array (
2016-08-17 03:15:57 +02:00
array ( 'provider' => 'Botvrij.eu' , 'name' => 'The Botvrij.eu Data' , 'url' => 'http://www.botvrij.eu/data/feed-osint' , 'enabled' => 0 )
2016-03-11 17:47:55 +01:00
);
$this -> __addNewFeeds ( $newFeeds );
break ;
2016-07-15 23:24:27 +02:00
case '2.4.49' :
$this -> updateDatabase ( $command );
$this -> SharingGroup = ClassRegistry :: init ( 'SharingGroup' );
$this -> SharingGroup -> correctSyncedSharingGroups ();
fix: Several fixes to the sharing group behavious
- New setting roaming:
- Until now, users could unselect "Limit instances to which data in this sharing group should be pushed to"
- This lead to no servers added to the distribution list, and MISP would simply determine, based on the sync rules, whether the host organisation of the remote instance is eligible for the event
- This works well in most cases, but in some cases, the local instance is not kept after a sync (aliases for the local instance baseurl vs remote instance's view of the url)
- In these cases the sharing groups ended up being "unlimited", which was not the intent
- Generally this shouldn't cause any issues as MISP still requires the sync link's organisation to be directly contained in an SG before it would push the event further
- However, introducing the roaming setting this can be more clearly defined
- By default, sharing groups are set to non roaming
- Some further fixes to the sharing group update procedure for 2.4.49
- Update the roaming status of existing sharing groups. Local sharing groups with no instances attached will become roaming by default, all others are assumed to be non-roaming
2016-07-17 12:00:20 +02:00
$this -> SharingGroup -> updateRoaming ();
2016-07-15 23:24:27 +02:00
break ;
2016-11-21 17:27:30 +01:00
case '2.4.55' :
$this -> updateDatabase ( 'addSightings' );
break ;
2016-02-17 14:43:33 +01:00
default :
2016-02-15 18:25:29 +01:00
$this -> updateDatabase ( $command );
break ;
}
}
2016-06-04 01:08:16 +02:00
2016-03-09 01:34:02 +01:00
private function __addNewFeeds ( $feeds ) {
$this -> Feed = ClassRegistry :: init ( 'Feed' );
2016-04-04 21:35:21 +02:00
$this -> Log = ClassRegistry :: init ( 'Log' );
2016-03-09 01:34:02 +01:00
$feedNames = array ();
2016-09-04 23:31:24 +02:00
foreach ( $feeds as $feed ) $feedNames [] = $feed [ 'name' ];
2016-03-09 01:34:02 +01:00
$feedNames = implode ( ', ' , $feedNames );
$result = $this -> Feed -> addDefaultFeeds ( $feeds );
$this -> Log -> create ();
$entry = array (
'org' => 'SYSTEM' ,
'model' => 'Server' ,
'model_id' => 0 ,
'email' => 'SYSTEM' ,
'action' => 'update_database' ,
'user_id' => 0 ,
'title' => 'Added new default feeds.'
);
if ( $result ) {
$entry [ 'change' ] = 'Feeds added: ' . $feedNames ;
} else {
$entry [ 'change' ] = 'Tried adding new feeds but something went wrong.' ;
}
$this -> Log -> save ( $entry );
}
2016-06-04 01:08:16 +02:00
2016-02-15 18:25:29 +01:00
// SQL scripts for updates
2015-09-15 15:11:08 +02:00
public function updateDatabase ( $command ) {
$sql = '' ;
$this -> Log = ClassRegistry :: init ( 'Log' );
2015-09-16 18:55:28 +02:00
$clean = true ;
2015-09-15 15:11:08 +02:00
switch ( $command ) {
case 'extendServerOrganizationLength' :
$sql = 'ALTER TABLE `servers` MODIFY COLUMN `organization` varchar(255) NOT NULL;' ;
break ;
case 'convertLogFieldsToText' :
$sql = 'ALTER TABLE `logs` MODIFY COLUMN `title` text, MODIFY COLUMN `change` text;' ;
break ;
case 'addEventBlacklists' :
2016-07-11 00:15:14 +02:00
$sql = 'CREATE TABLE IF NOT EXISTS `event_blacklists` ( `id` int(11) NOT NULL AUTO_INCREMENT, `event_uuid` varchar(40) COLLATE utf8_bin NOT NULL, `created` datetime NOT NULL, PRIMARY KEY (`id`), `event_info` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, `comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, `event_orgc` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;' ;
2015-09-15 15:11:08 +02:00
break ;
2016-03-26 23:42:50 +01:00
case 'addOrgBlacklists' :
2016-07-11 00:15:14 +02:00
$sql = 'CREATE TABLE IF NOT EXISTS `org_blacklists` ( `id` int(11) NOT NULL AUTO_INCREMENT, `org_uuid` varchar(40) COLLATE utf8_bin NOT NULL, `created` datetime NOT NULL, PRIMARY KEY (`id`), `org_name` varchar(255) COLLATE utf8_bin NOT NULL, `comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;' ;
2016-03-26 23:42:50 +01:00
break ;
2015-09-15 15:11:08 +02:00
case 'addEventBlacklistsContext' :
2016-07-11 00:15:14 +02:00
$sql = 'ALTER TABLE `event_blacklists` ADD `event_orgc` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL , ADD `event_info` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, ADD `comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL;' ;
2015-09-15 15:11:08 +02:00
break ;
2015-12-20 13:41:52 +01:00
case 'addSightings' :
2016-11-21 17:57:55 +01:00
$sql = " CREATE TABLE IF NOT EXISTS sightings (
id int ( 11 ) NOT NULL AUTO_INCREMENT ,
attribute_id int ( 11 ) NOT NULL ,
event_id int ( 11 ) NOT NULL ,
org_id int ( 11 ) NOT NULL ,
date_sighting bigint ( 20 ) NOT NULL ,
PRIMARY KEY ( id ),
INDEX attribute_id ( attribute_id ),
INDEX event_id ( event_id ),
INDEX org_id ( org_id )
2016-07-11 00:15:14 +02:00
) ENGINE = InnoDB DEFAULT CHARSET = utf8 COLLATE = utf8_bin ; " ;
2015-12-20 13:41:52 +01:00
break ;
2015-09-15 15:11:08 +02:00
case 'makeAttributeUUIDsUnique' :
$this -> __dropIndex ( 'attributes' , 'uuid' );
$sql = 'ALTER TABLE `attributes` ADD UNIQUE (uuid);' ;
break ;
case 'makeEventUUIDsUnique' :
$this -> __dropIndex ( 'events' , 'uuid' );
$sql = 'ALTER TABLE `events` ADD UNIQUE (uuid);' ;
break ;
2015-09-16 18:55:28 +02:00
case 'cleanSessionTable' :
2016-08-15 06:26:25 +02:00
$sql = 'DELETE FROM cake_sessions WHERE expires < ' . time () . ';' ;
2015-09-16 18:55:28 +02:00
$clean = false ;
break ;
2016-02-12 05:47:06 +01:00
case 'destroyAllSessions' :
2016-08-15 06:26:25 +02:00
$sql = 'DELETE FROM cake_sessions;' ;
2016-02-12 05:47:06 +01:00
$clean = false ;
break ;
2015-11-08 22:35:46 +01:00
case 'addIPLogging' :
$sql = 'ALTER TABLE `logs` ADD `ip` varchar(45) COLLATE utf8_bin DEFAULT NULL;' ;
break ;
2016-03-15 23:04:20 +01:00
case 'addCustomAuth' :
2016-07-10 23:01:33 +02:00
$sqlArray [] = " ALTER TABLE `users` ADD `external_auth_required` tinyint(1) NOT NULL DEFAULT 0; " ;
2016-03-15 23:04:20 +01:00
$sqlArray [] = 'ALTER TABLE `users` ADD `external_auth_key` text COLLATE utf8_bin;' ;
break ;
2015-10-16 23:49:04 +02:00
case '24betaupdates' :
2015-11-24 03:27:14 +01:00
$sqlArray = array ();
2016-07-10 23:01:33 +02:00
$sqlArray [] = " ALTER TABLE `shadow_attributes` ADD `proposal_to_delete` tinyint(1) NOT NULL DEFAULT 0; " ;
2016-06-04 01:08:16 +02:00
2016-03-15 23:04:20 +01:00
$sqlArray [] = 'ALTER TABLE `logs` MODIFY `change` text COLLATE utf8_bin NOT NULL;' ;
2016-06-04 01:08:16 +02:00
2015-11-24 03:27:14 +01:00
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `taxonomies` (
2016-01-10 19:47:21 +01:00
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`namespace` varchar ( 255 ) COLLATE utf8_bin NOT NULL ,
`description` text COLLATE utf8_bin NOT NULL ,
`version` int ( 11 ) NOT NULL ,
2016-07-10 23:01:33 +02:00
`enabled` tinyint ( 1 ) NOT NULL DEFAULT 0 ,
2016-01-10 19:47:21 +01:00
PRIMARY KEY ( `id` )
2016-07-11 00:15:14 +02:00
) ENGINE = InnoDB DEFAULT CHARSET = utf8 COLLATE = utf8_bin ; " ;
2016-06-04 01:08:16 +02:00
2015-11-24 03:27:14 +01:00
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `taxonomy_entries` (
2016-01-10 19:47:21 +01:00
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`taxonomy_predicate_id` int ( 11 ) NOT NULL ,
`value` text COLLATE utf8_bin NOT NULL ,
`expanded` text COLLATE utf8_bin NOT NULL ,
PRIMARY KEY ( `id` ),
KEY `taxonomy_predicate_id` ( `taxonomy_predicate_id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 COLLATE = utf8_bin ; " ;
2016-06-04 01:08:16 +02:00
2015-11-24 03:27:14 +01:00
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `taxonomy_predicates` (
2016-01-10 19:47:21 +01:00
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`taxonomy_id` int ( 11 ) NOT NULL ,
`value` text COLLATE utf8_bin NOT NULL ,
`expanded` text COLLATE utf8_bin NOT NULL ,
PRIMARY KEY ( `id` ),
KEY `taxonomy_id` ( `taxonomy_id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 COLLATE = utf8_bin ; " ;
2016-06-04 01:08:16 +02:00
2015-12-09 01:43:54 +01:00
$sqlArray [] = 'ALTER TABLE `jobs` ADD `org` text COLLATE utf8_bin NOT NULL;' ;
2016-06-04 01:08:16 +02:00
2015-12-09 01:43:54 +01:00
$sqlArray [] = 'ALTER TABLE `servers` ADD `name` varchar(255) NOT NULL;' ;
2016-06-04 01:08:16 +02:00
2016-07-11 00:15:14 +02:00
$sqlArray [] = 'ALTER TABLE `sharing_groups` ADD `sync_user_id` INT( 11 ) NOT NULL DEFAULT \'0\' AFTER `org_id`;' ;
2016-06-04 01:08:16 +02:00
2015-12-09 23:47:19 +01:00
$sqlArray [] = 'ALTER TABLE `users` ADD `disabled` BOOLEAN NOT NULL;' ;
$sqlArray [] = 'ALTER TABLE `users` ADD `expiration` datetime DEFAULT NULL;' ;
2016-06-04 01:08:16 +02:00
2016-07-11 00:17:34 +02:00
$sqlArray [] = 'UPDATE `roles` SET `perm_template` = 1 WHERE `perm_site_admin` = 1 OR `perm_admin` = 1;' ;
$sqlArray [] = 'UPDATE `roles` SET `perm_sharing_group` = 1 WHERE `perm_site_admin` = 1 OR `perm_sync` = 1;' ;
2016-06-04 01:08:16 +02:00
2015-12-18 12:27:57 +01:00
//create indexes
2015-10-16 23:49:04 +02:00
break ;
2015-12-18 12:27:57 +01:00
case 'indexTables' :
$fieldsToIndex = array (
2016-02-02 09:35:14 +01:00
'attributes' => array ( array ( 'value1' , 'INDEX' , '255' ), array ( 'value2' , 'INDEX' , '255' ), array ( 'event_id' , 'INDEX' ), array ( 'sharing_group_id' , 'INDEX' ), array ( 'uuid' , 'INDEX' )),
'correlations' => array ( array ( 'org_id' , 'INDEX' ), array ( 'event_id' , 'INDEX' ), array ( 'attribute_id' , 'INDEX' ), array ( 'sharing_group_id' , 'INDEX' ), array ( '1_event_id' , 'INDEX' ), array ( '1_attribute_id' , 'INDEX' ), array ( 'a_sharing_group_id' , 'INDEX' ), array ( 'value' , 'FULLTEXT' )),
2015-12-18 12:27:57 +01:00
'events' => array ( array ( 'info' , 'FULLTEXT' ), array ( 'sharing_group_id' , 'INDEX' ), array ( 'org_id' , 'INDEX' ), array ( 'orgc_id' , 'INDEX' ), array ( 'uuid' , 'INDEX' )),
'event_tags' => array ( array ( 'event_id' , 'INDEX' ), array ( 'tag_id' , 'INDEX' )),
'organisations' => array ( array ( 'uuid' , 'INDEX' ), array ( 'name' , 'FULLTEXT' )),
'posts' => array ( array ( 'post_id' , 'INDEX' ), array ( 'thread_id' , 'INDEX' )),
2016-02-02 09:35:14 +01:00
'shadow_attributes' => array ( array ( 'value1' , 'INDEX' , '255' ), array ( 'value2' , 'INDEX' , '255' ), array ( 'old_id' , 'INDEX' ), array ( 'event_id' , 'INDEX' ), array ( 'uuid' , 'INDEX' ), array ( 'event_org_id' , 'INDEX' ), array ( 'event_uuid' , 'INDEX' )),
2015-12-18 12:27:57 +01:00
'sharing_groups' => array ( array ( 'org_id' , 'INDEX' ), array ( 'sync_user_id' , 'INDEX' ), array ( 'uuid' , 'INDEX' ), array ( 'organisation_uuid' , 'INDEX' )),
'sharing_group_orgs' => array ( array ( 'sharing_group_id' , 'INDEX' ), array ( 'org_id' , 'INDEX' )),
'sharing_group_servers' => array ( array ( 'sharing_group_id' , 'INDEX' ), array ( 'server_id' , 'INDEX' )),
'servers' => array ( array ( 'org_id' , 'INDEX' ), array ( 'remote_org_id' , 'INDEX' )),
'tags' => array ( array ( 'name' , 'FULLTEXT' )),
'threads' => array ( array ( 'user_id' , 'INDEX' ), array ( 'event_id' , 'INDEX' ), array ( 'org_id' , 'INDEX' ), array ( 'sharing_group_id' , 'INDEX' )),
2015-12-27 19:00:35 +01:00
'users' => array ( array ( 'org_id' , 'INDEX' ), array ( 'server_id' , 'INDEX' ), array ( 'email' , 'INDEX' )),
2015-12-18 12:27:57 +01:00
);
2016-06-04 01:08:16 +02:00
2015-12-18 12:27:57 +01:00
$version = $this -> query ( 'select version();' );
$version = $version [ 0 ][ 0 ][ 'version()' ];
$version = explode ( '.' , $version );
$version [ 0 ] = intval ( $version [ 0 ]);
$version [ 1 ] = intval ( $version [ 1 ]);
$downgrade = true ;
if ( $version [ 0 ] > 5 || ( $version [ 0 ] == 5 && $version [ 1 ] > 5 )) $downgrade = false ;
2016-06-04 01:08:16 +02:00
2015-12-18 12:27:57 +01:00
// keep the fulltext for now, we can change it later to actually use it once we require MySQL 5.6 / or if we decide to move some tables to MyISAM
foreach ( $fieldsToIndex as $table => $fields ) {
$downgradeThis = false ;
$table_data = $this -> query ( " SHOW TABLE STATUS WHERE Name = ' " . $table . " ' " );
if ( $downgrade && $table_data [ 0 ][ 'TABLES' ][ 'Engine' ] !== 'MyISAM' ) $downgradeThis = true ;
foreach ( $fields as $field ) {
2016-02-02 09:35:14 +01:00
$extra = '' ;
$this -> __dropIndex ( $table , $field [ 0 ]);
if ( isset ( $field [ 2 ])) $extra = ' (' . $field [ 2 ] . ')' ;
2016-07-11 00:17:34 +02:00
$sqlArray [] = 'ALTER TABLE `' . $table . '` ADD ' . ( $downgradeThis ? 'INDEX' : $field [ 1 ]) . ' `' . $field [ 0 ] . '` (`' . $field [ 0 ] . '`' . $extra . ');' ;
2015-12-18 12:27:57 +01:00
}
}
break ;
2016-02-12 05:47:06 +01:00
case 'adminTable' :
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `admin_settings` (
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`setting` varchar ( 255 ) COLLATE utf8_bin NOT NULL ,
`value` text COLLATE utf8_bin NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
2016-07-11 00:17:34 +02:00
$sqlArray [] = " INSERT INTO `admin_settings` (`setting`, `value`) VALUES ('db_version', '2.4.0'); " ;
2016-02-12 05:47:06 +01:00
break ;
2016-06-04 01:10:45 +02:00
case '2.4.18' :
2016-02-12 05:47:06 +01:00
$sqlArray [] = " ALTER TABLE `users` ADD `current_login` INT(11) DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ADD `last_login` INT(11) DEFAULT 0; " ;
2016-01-10 19:47:21 +01:00
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `event_delegations` (
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`org_id` int ( 11 ) NOT NULL ,
2016-02-12 05:47:06 +01:00
`requester_org_id` int ( 11 ) NOT NULL ,
2016-01-10 19:47:21 +01:00
`event_id` int ( 11 ) NOT NULL ,
`message` text ,
2016-02-12 05:47:06 +01:00
`distribution` tinyint ( 4 ) NOT NULL DEFAULT '-1' ,
`sharing_group_id` int ( 11 ),
2016-01-10 19:47:21 +01:00
PRIMARY KEY ( `id` ),
KEY `org_id` ( `org_id` ),
KEY `event_id` ( `event_id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
2016-02-15 18:25:29 +01:00
break ;
case '2.4.19' :
$sqlArray [] = " DELETE FROM `shadow_attributes` WHERE `event_uuid` = ''; " ;
break ;
2016-02-17 14:43:33 +01:00
case '2.4.20' :
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `shadow_attribute_correlations` (
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`org_id` int ( 11 ) NOT NULL ,
`value` text NOT NULL ,
`distribution` tinyint ( 4 ) NOT NULL ,
`a_distribution` tinyint ( 4 ) NOT NULL ,
`sharing_group_id` int ( 11 ),
`a_sharing_group_id` int ( 11 ),
`attribute_id` int ( 11 ) NOT NULL ,
`1_shadow_attribute_id` int ( 11 ) NOT NULL ,
`event_id` int ( 11 ) NOT NULL ,
`1_event_id` int ( 11 ) NOT NULL ,
2016-06-04 01:54:19 +02:00
`info` text COLLATE utf8_bin NOT NULL ,
2016-02-17 14:43:33 +01:00
PRIMARY KEY ( `id` ),
KEY `org_id` ( `org_id` ),
KEY `attribute_id` ( `attribute_id` ),
KEY `a_sharing_group_id` ( `a_sharing_group_id` ),
KEY `event_id` ( `event_id` ),
KEY `1_event_id` ( `event_id` ),
KEY `sharing_group_id` ( `sharing_group_id` ),
KEY `1_shadow_attribute_id` ( `1_shadow_attribute_id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
break ;
2016-03-09 01:34:02 +01:00
case '2.4.25' :
2016-02-28 22:54:09 +01:00
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `feeds` (
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`name` varchar ( 255 ) COLLATE utf8_bin NOT NULL ,
`provider` varchar ( 255 ) COLLATE utf8_bin NOT NULL ,
`url` varchar ( 255 ) COLLATE utf8_bin NOT NULL ,
`rules` text COLLATE utf8_bin NOT NULL ,
`enabled` BOOLEAN NOT NULL ,
2016-03-08 23:27:53 +01:00
`distribution` tinyint ( 4 ) NOT NULL ,
`sharing_group_id` int ( 11 ) NOT NULL ,
`tag_id` int ( 11 ) NOT NULL ,
2016-03-09 01:34:02 +01:00
`default` tinyint ( 1 ) NOT NULL ,
2016-02-28 22:54:09 +01:00
PRIMARY KEY ( `id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
break ;
2016-03-30 18:32:17 +02:00
case '2.4.32' :
2016-07-10 23:01:33 +02:00
$sqlArray [] = " ALTER TABLE `roles` ADD `perm_tag_editor` tinyint(1) NOT NULL DEFAULT 0; " ;
2016-07-11 00:17:34 +02:00
$sqlArray [] = 'UPDATE `roles` SET `perm_tag_editor` = 1 WHERE `perm_tagger` = 1;' ;
2016-03-30 18:32:17 +02:00
break ;
2016-03-30 23:35:56 +02:00
case '2.4.33' :
2016-07-10 23:01:33 +02:00
$sqlArray [] = " ALTER TABLE `users` ADD `force_logout` tinyint(1) NOT NULL DEFAULT 0; " ;
2016-03-30 23:35:56 +02:00
break ;
2016-04-21 22:58:49 +02:00
case '2.4.38' :
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `warninglists` (
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`name` varchar ( 255 ) COLLATE utf8_bin NOT NULL ,
`type` varchar ( 255 ) COLLATE utf8_bin NOT NULL DEFAULT 'string' ,
`description` text COLLATE utf8_bin NOT NULL ,
2016-07-11 00:16:14 +02:00
`version` int ( 11 ) NOT NULL DEFAULT 1 ,
2016-07-10 23:01:33 +02:00
`enabled` tinyint ( 1 ) NOT NULL DEFAULT 0 ,
2016-04-21 22:58:49 +02:00
`warninglist_entry_count` int ( 11 ) unsigned DEFAULT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `warninglist_entries` (
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`value` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL ,
`warninglist_id` int ( 11 ) NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `warninglist_types` (
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`type` varchar ( 255 ) COLLATE utf8_bin NOT NULL ,
`warninglist_id` int ( 11 ) NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
break ;
2016-04-26 16:40:12 +02:00
case '2.4.39' :
2016-07-22 10:48:19 +02:00
$sqlArray [] = " ALTER TABLE `users` ADD `certif_public` longtext COLLATE utf8_bin AFTER `gpgkey`; " ;
2016-04-27 09:27:34 +02:00
$sqlArray [] = 'ALTER TABLE `logs` MODIFY COLUMN `title` text, MODIFY COLUMN `change` text;' ;
2016-04-21 22:58:49 +02:00
break ;
2016-04-28 15:39:44 +02:00
case '2.4.40' :
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `favourite_tags` (
2016-04-28 18:13:56 +02:00
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`tag_id` int ( 11 ) NOT NULL ,
`user_id` int ( 11 ) NOT NULL ,
PRIMARY KEY ( `id` ),
INDEX `user_id` ( `user_id` ),
INDEX `tag_id` ( `tag_id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
2016-04-28 15:39:44 +02:00
break ;
2016-05-04 09:10:42 +02:00
case '2.4.42' :
2016-07-10 23:01:33 +02:00
$sqlArray [] = " ALTER TABLE `attributes` ADD `deleted` tinyint(1) NOT NULL DEFAULT 0; " ;
2016-05-04 09:10:42 +02:00
break ;
2016-05-12 15:22:53 +02:00
case '2.4.44' :
2016-07-11 00:17:34 +02:00
$sqlArray [] = " UPDATE `servers` SET `url` = TRIM(TRAILING '/' FROM `url`); " ;
2016-05-12 15:22:53 +02:00
break ;
2016-05-20 01:17:26 +02:00
case '2.4.45' :
$sqlArray [] = 'ALTER TABLE `users` CHANGE `newsread` `newsread` int(11) unsigned;' ;
$sqlArray [] = 'UPDATE `users` SET `newsread` = 0;' ;
$sqlArray [] = " CREATE TABLE IF NOT EXISTS `news` (
`id` int ( 11 ) NOT NULL AUTO_INCREMENT ,
`message` text COLLATE utf8_bin NOT NULL ,
`title` text COLLATE utf8_bin NOT NULL ,
`user_id` int ( 11 ) NOT NULL ,
`date_created` int ( 11 ) unsigned NOT NULL ,
PRIMARY KEY ( `id` )
) ENGINE = InnoDB DEFAULT CHARSET = utf8 ; " ;
break ;
2016-07-07 18:40:16 +02:00
case '2.4.49' :
// table: users
2016-07-11 00:17:34 +02:00
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `server_id` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `autoalert` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `invited_by` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `nids_sid` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `termsaccepted` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `role_id` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `change_pw` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `contactalert` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` ALTER COLUMN `disabled` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `users` MODIFY `authkey` varchar(40) COLLATE utf8_bin DEFAULT NULL; " ;
$sqlArray [] = " ALTER TABLE `users` MODIFY `gpgkey` longtext COLLATE utf8_bin; " ;
2016-07-07 18:40:16 +02:00
// table: events
2016-07-11 00:17:34 +02:00
$sqlArray [] = " ALTER TABLE `events` ALTER COLUMN `publish_timestamp` SET DEFAULT 0; " ;
2016-07-07 18:40:16 +02:00
// table: jobs
2016-07-11 00:17:34 +02:00
$sqlArray [] = " ALTER TABLE `jobs` ALTER COLUMN `org_id` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `jobs` MODIFY `process_id` varchar(32) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL; " ;
2016-07-07 18:40:16 +02:00
// table: organisations
2016-07-11 00:17:34 +02:00
$sqlArray [] = " ALTER TABLE `organisations` ALTER COLUMN `created_by` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `organisations` MODIFY `uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL; " ; // https://github.com/MISP/MISP/pull/1260
2016-07-07 18:40:16 +02:00
// table: logs
2016-07-11 00:17:34 +02:00
$sqlArray [] = " ALTER TABLE `logs` MODIFY `title` text CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL; " ;
$sqlArray [] = " ALTER TABLE `logs` MODIFY `change` text CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL; " ;
$sqlArray [] = " ALTER TABLE `logs` MODIFY `description` text CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL; " ;
2016-07-07 18:40:16 +02:00
// table: servers
2016-07-11 00:17:34 +02:00
$sqlArray [] = " ALTER TABLE `servers` DROP `lastfetchedid`; " ; // git commit hash d4c393897e8666fbbf04443a97d60c508700f5b4
$sqlArray [] = " ALTER TABLE `servers` MODIFY `cert_file` varchar(255) COLLATE utf8_bin DEFAULT NULL; " ;
2016-07-07 18:40:16 +02:00
// table: feeds
2016-07-11 00:17:34 +02:00
$sqlArray [] = " ALTER TABLE `feeds` ALTER COLUMN `sharing_group_id` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `feeds` ALTER COLUMN `tag_id` SET DEFAULT 0; " ;
$sqlArray [] = " ALTER TABLE `feeds` MODIFY `rules` text COLLATE utf8_bin DEFAULT NULL; " ;
2016-07-10 23:01:33 +02:00
// DB changes to support https://github.com/MISP/MISP/pull/1334
2016-07-18 01:11:52 +02:00
$sqlArray [] = " ALTER TABLE `roles` ADD `perm_delegate` tinyint(1) NOT NULL DEFAULT 0 AFTER `perm_publish`; " ;
$sqlArray [] = " UPDATE `roles` SET `perm_delegate` = 1 WHERE `perm_publish` = 1; " ;
2016-07-11 19:33:21 +02:00
// DB changes to solve https://github.com/MISP/MISP/issues/1354
$sqlArray [] = " ALTER TABLE `taxonomy_entries` MODIFY `expanded` text COLLATE utf8_bin; " ;
$sqlArray [] = " ALTER TABLE `taxonomy_predicates` MODIFY `expanded` text COLLATE utf8_bin; " ;
2016-08-18 09:54:15 +02:00
// Sharing group propagate to instances freely setting
fix: Several fixes to the sharing group behavious
- New setting roaming:
- Until now, users could unselect "Limit instances to which data in this sharing group should be pushed to"
- This lead to no servers added to the distribution list, and MISP would simply determine, based on the sync rules, whether the host organisation of the remote instance is eligible for the event
- This works well in most cases, but in some cases, the local instance is not kept after a sync (aliases for the local instance baseurl vs remote instance's view of the url)
- In these cases the sharing groups ended up being "unlimited", which was not the intent
- Generally this shouldn't cause any issues as MISP still requires the sync link's organisation to be directly contained in an SG before it would push the event further
- However, introducing the roaming setting this can be more clearly defined
- By default, sharing groups are set to non roaming
- Some further fixes to the sharing group update procedure for 2.4.49
- Update the roaming status of existing sharing groups. Local sharing groups with no instances attached will become roaming by default, all others are assumed to be non-roaming
2016-07-17 12:00:20 +02:00
$sqlArray [] = " ALTER TABLE `sharing_groups` ADD `roaming` tinyint(1) NOT NULL DEFAULT 0; " ;
2016-07-15 17:39:27 +02:00
// table: shadow_attributes
$sqlArray [] = " ALTER TABLE `shadow_attributes` MODIFY `email` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci DEFAULT NULL; " ;
2016-07-15 17:57:45 +02:00
// table: tasks
2016-07-18 00:48:41 +02:00
$sqlArray [] = " ALTER TABLE `tasks` CHANGE `job_id` `process_id` varchar(32) DEFAULT NULL; " ;
2016-08-18 09:54:15 +02:00
// Adding tag org restrictions
2016-07-20 00:08:46 +02:00
$sqlArray [] = " ALTER TABLE `tags` ADD `org_id` int(11) NOT NULL DEFAULT 0; " ;
$sqlArray [] = 'ALTER TABLE `tags` ADD INDEX `org_id` (`org_id`);' ;
2016-09-23 04:09:42 +02:00
$this -> __dropIndex ( 'tags' , 'org_id' );
2016-07-15 17:39:27 +02:00
break ;
2016-08-15 23:44:54 +02:00
case '2.4.50' :
$sqlArray [] = 'ALTER TABLE `cake_sessions` ADD INDEX `expires` (`expires`);' ;
$sqlArray [] = " ALTER TABLE `users` ADD `certif_public` longtext COLLATE utf8_bin AFTER `gpgkey`; " ;
2016-08-15 23:45:21 +02:00
$sqlArray [] = " ALTER TABLE `servers` ADD `client_cert_file` varchar(255) COLLATE utf8_bin DEFAULT NULL; " ;
2016-09-23 04:09:42 +02:00
$this -> __dropIndex ( 'cake_sessions' , 'expires' );
2016-08-15 23:44:54 +02:00
break ;
2016-08-10 16:27:46 +02:00
case '2.4.51' :
2016-08-10 16:27:24 +02:00
$sqlArray [] = 'ALTER TABLE `servers` ADD `internal` tinyint(1) NOT NULL DEFAULT 0;' ;
2016-08-29 14:49:14 +02:00
$sqlArray [] = 'ALTER TABLE `roles` ADD `default_role` tinyint(1) NOT NULL DEFAULT 0;' ;
2016-08-10 16:27:24 +02:00
break ;
2016-10-07 17:33:54 +02:00
case '2.4.52' :
$sqlArray [] = " ALTER TABLE feeds ADD source_format varchar(255) COLLATE utf8_bin DEFAULT 'misp'; " ;
$sqlArray [] = 'ALTER TABLE feeds ADD fixed_event tinyint(1) NOT NULL DEFAULT 0;' ;
$sqlArray [] = 'ALTER TABLE feeds ADD delta_merge tinyint(1) NOT NULL DEFAULT 0;' ;
$sqlArray [] = 'ALTER TABLE feeds ADD event_id int(11) NOT NULL DEFAULT 0;' ;
$sqlArray [] = 'ALTER TABLE feeds ADD publish tinyint(1) NOT NULL DEFAULT 0;' ;
2016-10-07 18:27:13 +02:00
$sqlArray [] = 'ALTER TABLE feeds ADD override_ids tinyint(1) NOT NULL DEFAULT 0;' ;
2016-10-07 17:33:54 +02:00
$sqlArray [] = " ALTER TABLE feeds ADD settings text NOT NULL DEFAULT ''; " ;
break ;
2016-01-07 16:33:35 +01:00
case 'fixNonEmptySharingGroupID' :
2016-07-11 00:17:34 +02:00
$sqlArray [] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;' ;
$sqlArray [] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;' ;
2016-01-07 16:33:35 +01:00
break ;
2016-01-20 11:45:23 +01:00
case 'cleanupAfterUpgrade' :
$sqlArray [] = 'ALTER TABLE `events` DROP `org`;' ;
$sqlArray [] = 'ALTER TABLE `events` DROP `orgc`;' ;
$sqlArray [] = 'ALTER TABLE `correlations` DROP `org`;' ;
$sqlArray [] = 'ALTER TABLE `jobs` DROP `org`;' ;
$sqlArray [] = 'ALTER TABLE `servers` DROP `org`;' ;
$sqlArray [] = 'ALTER TABLE `servers` DROP `organization`;' ;
$sqlArray [] = 'ALTER TABLE `shadow_attributes` DROP `org`;' ;
$sqlArray [] = 'ALTER TABLE `shadow_attributes` DROP `event_org`;' ;
$sqlArray [] = 'ALTER TABLE `threads` DROP `org`;' ;
$sqlArray [] = 'ALTER TABLE `users` DROP `org`;' ;
2016-01-10 19:47:21 +01:00
break ;
2015-09-15 15:11:08 +02:00
default :
return false ;
break ;
}
2015-11-24 03:27:14 +01:00
if ( ! isset ( $sqlArray )) $sqlArray = array ( $sql );
foreach ( $sqlArray as $sql ) {
try {
$this -> query ( $sql );
$this -> Log -> create ();
$this -> Log -> save ( array (
'org' => 'SYSTEM' ,
'model' => 'Server' ,
'model_id' => 0 ,
'email' => 'SYSTEM' ,
'action' => 'update_database' ,
'user_id' => 0 ,
'title' => 'Successfuly executed the SQL query for ' . $command ,
'change' => 'The executed SQL query was: ' . $sql
));
} catch ( Exception $e ) {
$this -> Log -> create ();
$this -> Log -> save ( array (
'org' => 'SYSTEM' ,
'model' => 'Server' ,
'model_id' => 0 ,
'email' => 'SYSTEM' ,
'action' => 'update_database' ,
'user_id' => 0 ,
'title' => 'Issues executing the SQL query for ' . $command ,
'change' => 'The executed SQL query was: ' . $sql . PHP_EOL . ' The returned error is: ' . $e -> getMessage ()
));
}
2015-09-15 15:11:08 +02:00
}
2015-09-16 18:55:28 +02:00
if ( $clean ) $this -> cleanCacheFiles ();
2015-09-15 15:11:08 +02:00
return true ;
}
2016-06-04 01:08:16 +02:00
2015-09-15 15:11:08 +02:00
private function __dropIndex ( $table , $field ) {
2016-09-23 04:11:52 +02:00
$dataSourceConfig = ConnectionManager :: getDataSource ( 'default' ) -> config ;
$dataSource = $dataSourceConfig [ 'datasource' ];
2015-09-15 15:11:08 +02:00
$this -> Log = ClassRegistry :: init ( 'Log' );
2016-09-23 04:11:52 +02:00
$indexCheckResult = array ();
if ( $dataSource == 'Database/Mysql' ) {
$indexCheck = " SELECT INDEX_NAME FROM INFORMATION_SCHEMA.STATISTICS WHERE table_schema=DATABASE() AND table_name=' " . $table . " ' AND index_name LIKE ' " . $field . " %'; " ;
$indexCheckResult = $this -> query ( $indexCheck );
} else if ( $dataSource == 'Database/Postgres' ) {
$pgIndexName = 'idx_' . $table . '_' . $field ;
$indexCheckResult [] = array ( 'STATISTICS' => array ( 'INDEX_NAME' => $pgIndexName ));
}
2015-09-15 15:11:08 +02:00
foreach ( $indexCheckResult as $icr ) {
2016-09-23 04:11:52 +02:00
if ( $dataSource == 'Database/Mysql' ) {
$dropIndex = 'ALTER TABLE ' . $table . ' DROP INDEX ' . $icr [ 'STATISTICS' ][ 'INDEX_NAME' ] . ';' ;
} else if ( $dataSource == 'Database/Postgres' ) {
$dropIndex = 'DROP INDEX IF EXISTS ' . $icr [ 'STATISTICS' ][ 'INDEX_NAME' ] . ';' ;
}
2015-09-15 15:11:08 +02:00
$result = true ;
try {
$this -> query ( $dropIndex );
} catch ( Exception $e ) {
$result = false ;
}
$this -> Log -> create ();
$this -> Log -> save ( array (
'org' => 'SYSTEM' ,
'model' => 'Server' ,
'model_id' => 0 ,
'email' => 'SYSTEM' ,
'action' => 'update_database' ,
'user_id' => 0 ,
'title' => ( $result ? 'Removed index ' : 'Failed to remove index ' ) . $icr [ 'STATISTICS' ][ 'INDEX_NAME' ] . ' from ' . $table ,
'change' => ( $result ? 'Removed index ' : 'Failed to remove index ' ) . $icr [ 'STATISTICS' ][ 'INDEX_NAME' ] . ' from ' . $table ,
));
}
}
2016-06-04 01:08:16 +02:00
2015-09-16 12:15:43 +02:00
public function cleanCacheFiles () {
2016-03-31 10:29:54 +02:00
Cache :: clear ();
clearCache ();
2016-03-31 00:06:16 +02:00
$files = array ();
2016-03-31 00:38:07 +02:00
$files = array_merge ( $files , glob ( CACHE . 'models' . DS . 'myapp*' ));
$files = array_merge ( $files , glob ( CACHE . 'persistent' . DS . 'myapp*' ));
2016-03-31 00:06:16 +02:00
foreach ( $files as $f ) {
if ( is_file ( $f )) {
unlink ( $f );
2015-09-15 15:11:08 +02:00
}
}
}
2016-06-04 01:08:16 +02:00
2015-09-16 12:15:43 +02:00
public function checkMISPVersion () {
App :: uses ( 'Folder' , 'Utility' );
2016-05-31 18:00:15 +02:00
$file = new File ( ROOT . DS . 'VERSION.json' , true );
2015-09-16 12:15:43 +02:00
$version_array = json_decode ( $file -> read (), true );
$file -> close ();
return $version_array ;
}
2016-06-04 01:08:16 +02:00
2015-10-09 15:59:25 +02:00
// alternative to the build in notempty/notblank validation functions, compatible with cakephp <= 2.6 and cakephp and cakephp >= 2.7
public function valueNotEmpty ( $value ) {
2015-10-09 16:24:36 +02:00
$field = array_keys ( $value );
$field = $field [ 0 ];
2015-10-09 16:38:48 +02:00
$value [ $field ] = trim ( $value [ $field ]);
if ( ! empty ( $value [ $field ])) return true ;
2015-10-09 16:24:36 +02:00
return ucfirst ( $field ) . ' cannot be empty.' ;
2015-10-09 15:59:25 +02:00
}
2016-08-18 09:54:15 +02:00
2016-06-08 13:52:55 +02:00
public function valueIsID ( $value ) {
$field = array_keys ( $value );
$field = $field [ 0 ];
2016-09-23 04:17:52 +02:00
if ( ! is_numeric ( $value [ $field ]) || $value [ $field ] < 0 ) return 'Invalid ' . ucfirst ( $field ) . ' ID' ;
2016-06-08 13:52:55 +02:00
return true ;
}
2016-06-04 01:08:16 +02:00
2016-05-03 17:17:48 +02:00
public function stringNotEmpty ( $value ) {
$field = array_keys ( $value );
$field = $field [ 0 ];
$value [ $field ] = trim ( $value [ $field ]);
2016-06-04 01:10:45 +02:00
if ( ! isset ( $value [ $field ]) || ( $value [ $field ] == false && $value [ $field ] !== " 0 " )) return ucfirst ( $field ) . ' cannot be empty.' ;
2016-05-03 17:17:48 +02:00
return true ;
}
2016-06-04 01:08:16 +02:00
2016-01-10 19:47:21 +01:00
public function runUpdates () {
2016-02-12 05:47:06 +01:00
$this -> AdminSetting = ClassRegistry :: init ( 'AdminSetting' );
$db = ConnectionManager :: getDataSource ( 'default' );
$tables = $db -> listSources ();
$requiresLogout = false ;
// if we don't even have an admin table, time to create it.
if ( ! in_array ( 'admin_settings' , $tables )) {
$this -> updateDatabase ( 'adminTable' );
$requiresLogout = true ;
} else {
2016-03-31 16:24:41 +02:00
$this -> __runCleanDB ();
2016-02-12 05:47:06 +01:00
$db_version = $this -> AdminSetting -> find ( 'first' , array ( 'conditions' => array ( 'setting' => 'db_version' )));
$updates = $this -> __findUpgrades ( $db_version [ 'AdminSetting' ][ 'value' ]);
if ( ! empty ( $updates )) {
foreach ( $updates as $update => $temp ) {
2016-02-15 18:25:29 +01:00
$this -> updateMISP ( $update );
2016-02-12 05:47:06 +01:00
if ( $temp ) $requiresLogout = true ;
$db_version [ 'AdminSetting' ][ 'value' ] = $update ;
$this -> AdminSetting -> save ( $db_version );
}
2016-03-31 16:24:41 +02:00
$this -> __queueCleanDB ();
2016-02-12 05:47:06 +01:00
}
}
if ( $requiresLogout ) {
$this -> updateDatabase ( 'destroyAllSessions' );
}
}
2016-06-04 01:08:16 +02:00
2016-03-31 16:24:41 +02:00
private function __queueCleanDB () {
$this -> AdminSetting = ClassRegistry :: init ( 'AdminSetting' );
$cleanDB = $this -> AdminSetting -> find ( 'first' , array ( 'conditions' => array ( 'setting' => 'clean_db' )));
if ( empty ( $cleanDB )) {
$this -> AdminSetting -> create ();
2016-03-31 22:54:43 +02:00
$cleanDB = array ( 'AdminSetting' => array ( 'setting' => 'clean_db' , 'value' => 1 ));
2016-03-31 16:24:41 +02:00
} else {
2016-03-31 22:54:43 +02:00
$cleanDB [ 'AdminSetting' ][ 'value' ] = 1 ;
2016-03-31 16:24:41 +02:00
}
$this -> AdminSetting -> save ( $cleanDB );
}
2016-06-04 01:08:16 +02:00
2016-03-31 16:24:41 +02:00
private function __runCleanDB () {
$this -> AdminSetting = ClassRegistry :: init ( 'AdminSetting' );
$cleanDB = $this -> AdminSetting -> find ( 'first' , array ( 'conditions' => array ( 'setting' => 'clean_db' )));
2016-03-31 22:54:43 +02:00
if ( empty ( $cleanDB ) || $cleanDB [ 'AdminSetting' ][ 'value' ] == 1 ) {
2016-03-31 16:24:41 +02:00
$this -> cleanCacheFiles ();
if ( empty ( $cleanDB )) {
$this -> AdminSetting -> create ();
2016-03-31 22:54:43 +02:00
$cleanDB = array ( 'AdminSetting' => array ( 'setting' => 'clean_db' , 'value' => 0 ));
2016-03-31 16:24:41 +02:00
} else {
2016-03-31 22:54:43 +02:00
$cleanDB [ 'AdminSetting' ][ 'value' ] = 0 ;
2016-03-31 16:24:41 +02:00
}
$this -> AdminSetting -> save ( $cleanDB );
}
}
2016-06-04 01:08:16 +02:00
2016-02-12 05:47:06 +01:00
private function __findUpgrades ( $db_version ) {
$version = explode ( '.' , $db_version );
$updates = array ();
foreach ( $this -> db_changes as $major => $rest ) {
if ( $major < $version [ 0 ]) continue ;
else if ( $major == $version [ 0 ]) {
foreach ( $rest as $minor => $hotfixes ) {
if ( $minor < $version [ 1 ]) continue ;
else if ( $minor == $version [ 1 ]) {
foreach ( $hotfixes as $hotfix => $requiresLogout ) if ( $hotfix > $version [ 2 ]) $updates [ $major . '.' . $minor . '.' . $hotfix ] = $requiresLogout ;
} else {
foreach ( $hotfixes as $hotfix => $requiresLogout ) $updates [ $major . '.' . $minor . '.' . $hotfix ] = $requiresLogout ;
}
}
} else {
// we'll fill this out when 3.0 comes around
}
}
return $updates ;
}
2016-06-04 01:08:16 +02:00
2016-02-12 05:47:06 +01:00
public function populateNotifications ( $user ) {
$notifications = array ();
$proposalCount = $this -> _getProposalCount ( $user );
$notifications [ 'total' ] = 0 ;
$notifications [ 'proposalCount' ] = $proposalCount [ 0 ];
$notifications [ 'total' ] += $proposalCount [ 0 ];
$notifications [ 'proposalEventCount' ] = $proposalCount [ 1 ];
if ( Configure :: read ( 'MISP.delegation' )) {
$delegationCount = $this -> _getDelegationCount ( $user );
$notifications [ 'total' ] += $delegationCount ;
$notifications [ 'delegationCount' ] = $delegationCount ;
}
return $notifications ;
}
2016-06-04 01:08:16 +02:00
2016-02-12 05:47:06 +01:00
private function _getProposalCount ( $user ) {
$this -> ShadowAttribute = ClassRegistry :: init ( 'ShadowAttribute' );
$this -> ShadowAttribute -> recursive = - 1 ;
$shadowAttributes = $this -> ShadowAttribute -> find ( 'all' , array (
'recursive' => - 1 ,
'fields' => array ( 'event_id' , 'event_org_id' ),
'conditions' => array (
'ShadowAttribute.event_org_id' => $user [ 'org_id' ],
'ShadowAttribute.deleted' => 0 ,
)));
$results = array ();
$eventIds = array ();
$results [ 0 ] = count ( $shadowAttributes );
foreach ( $shadowAttributes as $sa ) {
if ( ! in_array ( $sa [ 'ShadowAttribute' ][ 'event_id' ], $eventIds )) $eventIds [] = $sa [ 'ShadowAttribute' ][ 'event_id' ];
}
$results [ 1 ] = count ( $eventIds );
return $results ;
}
2016-06-04 01:08:16 +02:00
2016-02-12 05:47:06 +01:00
private function _getDelegationCount ( $user ) {
$this -> EventDelegation = ClassRegistry :: init ( 'EventDelegation' );
$delegations = $this -> EventDelegation -> find ( 'count' , array (
'recursive' => - 1 ,
'conditions' => array (
'EventDelegation.org_id' => $user [ 'org_id' ]
)
));
return $delegations ;
2016-01-10 19:47:21 +01:00
}
2016-08-24 15:30:09 +02:00
public function checkFilename ( $filename ) {
return preg_match ( '@^([a-z0-9_.]+[a-z0-9_.\- ]*[a-z0-9_.\-]|[a-z0-9_.])+$@i' , $filename );
}
2012-03-15 15:06:45 +01:00
}