mirror of https://github.com/MISP/MISP
Removed the js title bubble for related events
- Removed javascripts based title bubble showing the event info in related events / attributes and in the search attribute view. - Replaced it with values provided by extra cake queries as the delay for fetching the info field through a js rest request was annoyingly slow - some coding standardspull/63/head
parent
0e18aa099b
commit
019e976783
|
@ -53,7 +53,10 @@ class AttributesController extends AppController {
|
|||
array(
|
||||
'Event.org =' => $this->Auth->user('org'),
|
||||
'AND' => array(
|
||||
array('Attribute.distribution !=' => 'Your organization only'),
|
||||
array('OR' => array(
|
||||
array('Attribute.private !=' => 1),
|
||||
array('Attribute.cluster =' => 1),
|
||||
)),
|
||||
array('OR' => array(
|
||||
array('Event.private !=' => 1),
|
||||
array('Event.cluster =' => 1),
|
||||
|
@ -568,7 +571,7 @@ class AttributesController extends AppController {
|
|||
|
||||
// enabling / disabling the distribution field in the edit view based on whether user's org == orgc in the event
|
||||
$this->Event->read();
|
||||
if(!$this->_isRest()) {
|
||||
if (!$this->_isRest()) {
|
||||
$canEditDist = false;
|
||||
if ($this->Event->data['Event']['orgc'] == $this->_checkOrg()) {
|
||||
$this->set('canEditDist', true);
|
||||
|
@ -758,14 +761,14 @@ class AttributesController extends AppController {
|
|||
$keywordArrayElement = '%' . trim($keywordArrayElement) . '%';
|
||||
if ($keywordArrayElement != '%%') array_push($temp, array('Attribute.value LIKE' => $keywordArrayElement));
|
||||
if ($i == 1 && $saveWord != '') $keyWordText = $saveWord;
|
||||
else if (($i > 1 && $i < 10) && $saveWord != '') $keyWordText = $keyWordText .', '. $saveWord;
|
||||
else if (($i > 1 && $i < 10) && $saveWord != '') $keyWordText = $keyWordText . ', ' . $saveWord;
|
||||
else if ($i == 10 && $saveWord != '') $keyWordText = $keyWordText . ' and several other keywords';
|
||||
$i++;
|
||||
}
|
||||
$this->set('keywordSearch', $keyWordText);
|
||||
if (!empty($temp)){
|
||||
if (!empty($temp)) {
|
||||
if (count($temp) == 1) {
|
||||
$conditions['Attribute.value LIKE'] = '%'.$keyWordText.'%';
|
||||
$conditions['Attribute.value LIKE'] = '%' . $keyWordText . '%';
|
||||
} else {
|
||||
$conditions['OR'] = $temp;
|
||||
}
|
||||
|
@ -780,12 +783,12 @@ class AttributesController extends AppController {
|
|||
if (!is_numeric($saveWord) || $saveWord < 1) continue;
|
||||
array_push($temp, array('Attribute.event_id !=' => $keywordArrayElement));
|
||||
if ($i == 1 && $saveWord != '') $keyWordText2 = $saveWord;
|
||||
else if (($i > 1 && $i < 10) && $saveWord != '') $keyWordText2 = $keyWordText2 .', '. $saveWord;
|
||||
else if (($i > 1 && $i < 10) && $saveWord != '') $keyWordText2 = $keyWordText2 . ', ' . $saveWord;
|
||||
else if ($i == 10 && $saveWord != '') $keyWordText2 = $keyWordText2 . ' and several other events';
|
||||
$i++;
|
||||
}
|
||||
$this->set('keywordSearch2', $keyWordText2);
|
||||
if (!empty($temp)){
|
||||
if (!empty($temp)) {
|
||||
if (count($temp) == 1) {
|
||||
$conditions['Attribute.event_id !='] = $keyWordText2;
|
||||
} else {
|
||||
|
@ -825,9 +828,9 @@ class AttributesController extends AppController {
|
|||
foreach ($keywordArray as $keywordArrayElement) {
|
||||
$keywordArrayElement = trim($keywordArrayElement);
|
||||
if ($attribute['Attribute']['type'] == 'malware-sample' || $attribute['Attribute']['type'] == 'link' || $attribute['Attribute']['type'] == 'attachment') {
|
||||
$attribute['Attribute']['valueNoScript'] = preg_replace('%'.$keywordArrayElement.'%i', $keywordArrayElement, $attribute['Attribute']['value']);
|
||||
$attribute['Attribute']['valueNoScript'] = preg_replace('%' . $keywordArrayElement . '%i', $keywordArrayElement, $attribute['Attribute']['value']);
|
||||
}
|
||||
$attribute['Attribute']['value'] = preg_replace('%'.$keywordArrayElement.'%i', '<span style="color:red">'.$keywordArrayElement.'</span>', $attribute['Attribute']['value']);
|
||||
$attribute['Attribute']['value'] = preg_replace('%' . $keywordArrayElement . '%i', '<span style="color:red">' . $keywordArrayElement . '</span>', $attribute['Attribute']['value']);
|
||||
}
|
||||
}
|
||||
$this->set('attributes', $attributes);
|
||||
|
|
|
@ -181,6 +181,7 @@ class EventsController extends AppController {
|
|||
|
||||
$relatedAttributes = array();
|
||||
$this->loadModel('Attribute');
|
||||
$this->loadModel('Event');
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) {
|
||||
$this->loadModel('Correlation');
|
||||
$fields = array('Correlation.event_id', 'Correlation.attribute_id', 'Correlation.date');
|
||||
|
@ -225,19 +226,31 @@ class EventsController extends AppController {
|
|||
// This is a lot faster (only additional query) than $this->Event->getRelatedEvents()
|
||||
$relatedEventIds = array();
|
||||
$relatedEventDates = array();
|
||||
$relatedEventInfos = array();
|
||||
$relatedEvents = array();
|
||||
foreach ($relatedAttributes as &$relatedAttribute) {
|
||||
if (null == $relatedAttribute) continue;
|
||||
foreach ($relatedAttribute as &$item) {
|
||||
$relatedEventsIds[] = $item['Attribute']['event_id'];
|
||||
$relatedEventsDates[$item['Attribute']['event_id']] = $item['Attribute']['date'];
|
||||
$temp = $this->Event->find('first', array(
|
||||
'conditions' => array('Event.id' => $item['Attribute']['event_id']),
|
||||
'fields' => array('info'),
|
||||
'recursive' => 0,
|
||||
));
|
||||
$item['Attribute']['event_info'] = $temp['Event']['info'];
|
||||
$relatedEventInfos[$item['Attribute']['event_id']] = $temp['Event']['info'];
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($relatedEventsDates)) {
|
||||
foreach ($relatedEventsDates as $key => $relatedEventsDate) {
|
||||
$relatedEvents[] = array('Event' => array('id' => $key, 'date' => $relatedEventsDate));
|
||||
}
|
||||
$i = 0;
|
||||
foreach ($relatedEventInfos as $info) {
|
||||
$relatedEvents[$i]['Event']['info'] = $info;
|
||||
$i++;
|
||||
}
|
||||
}
|
||||
usort($relatedEvents, array($this, 'compareRelatedEvents'));
|
||||
}
|
||||
|
@ -280,7 +293,7 @@ class EventsController extends AppController {
|
|||
$findParams = array(
|
||||
'conditions' => array('OR' => array('Event.id' => $relatedEventsIds)), //array of conditions
|
||||
'recursive' => 0, //int
|
||||
'fields' => array('Event.id', 'Event.date', 'Event.uuid'), //array of field names
|
||||
'fields' => array('Event.id', 'Event.date', 'Event.uuid', 'Event.info'), //array of field names
|
||||
'order' => array('Event.date DESC'), //string or array defining order
|
||||
);
|
||||
$relatedEvents = $this->Event->find('all', $findParams);
|
||||
|
@ -312,7 +325,6 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
$this->set('event', $event);
|
||||
|
||||
$this->set('relatedEvents', $relatedEvents);
|
||||
|
||||
$this->set('categories', $this->Attribute->validate['category']['rule'][1]);
|
||||
|
@ -522,7 +534,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
if (!$this->_isRest()) {
|
||||
if ($this->Event->data['Event']['org'] != $this->_checkOrg()){
|
||||
if ($this->Event->data['Event']['org'] != $this->_checkOrg()) {
|
||||
// throw new MethodNotAllowedException();
|
||||
$this->Session->setFlash(__('Invalid event.'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'index'));
|
||||
|
@ -1297,7 +1309,7 @@ class EventsController extends AppController {
|
|||
$params = array('conditions' => $conditions,
|
||||
'recursive' => 1,
|
||||
'fields' => $fields,
|
||||
'contain' =>array(
|
||||
'contain' => array(
|
||||
'Attribute' => array(
|
||||
'fields' => $fieldsAtt,
|
||||
'conditions' => $conditionsAttributes,
|
||||
|
@ -1486,7 +1498,6 @@ class EventsController extends AppController {
|
|||
|
||||
$this->loadModel('Attribute');
|
||||
|
||||
|
||||
//restricting to non-private or same org if the user is not a site-admin.
|
||||
$conditions['AND'] = array('Attribute.type' => $type);
|
||||
if (!$this->isSiteAdmin()) {
|
||||
|
@ -1499,7 +1510,6 @@ class EventsController extends AppController {
|
|||
$conditions['OR'] = $temp;
|
||||
}
|
||||
|
||||
|
||||
$params = array(
|
||||
'conditions' => $conditions, //array of conditions
|
||||
'recursive' => 0, //int
|
||||
|
|
|
@ -371,19 +371,18 @@ class Attribute extends AppModel {
|
|||
$compositeTypes = $this->getCompositeTypes();
|
||||
// explode composite types in value1 and value2
|
||||
//if (!isset($this->data['Attribute']['value1'])) {
|
||||
$pieces = explode('|', $this->data['Attribute']['value']);
|
||||
if (in_array($this->data['Attribute']['type'], $compositeTypes)) {
|
||||
if (2 != count($pieces)) {
|
||||
throw new InternalErrorException('Composite type, but value not explodable');
|
||||
}
|
||||
$this->data['Attribute']['value1'] = $pieces[0];
|
||||
$this->data['Attribute']['value2'] = $pieces[1];
|
||||
} else {
|
||||
$total = implode('|', $pieces);
|
||||
$this->data['Attribute']['value1'] = $total;
|
||||
$this->data['Attribute']['value2'] = '';
|
||||
$pieces = explode('|', $this->data['Attribute']['value']);
|
||||
if (in_array($this->data['Attribute']['type'], $compositeTypes)) {
|
||||
if (2 != count($pieces)) {
|
||||
throw new InternalErrorException('Composite type, but value not explodable');
|
||||
}
|
||||
//}
|
||||
$this->data['Attribute']['value1'] = $pieces[0];
|
||||
$this->data['Attribute']['value2'] = $pieces[1];
|
||||
} else {
|
||||
$total = implode('|', $pieces);
|
||||
$this->data['Attribute']['value1'] = $total;
|
||||
$this->data['Attribute']['value2'] = '';
|
||||
}
|
||||
}
|
||||
// always return true after a beforeSave()
|
||||
return true;
|
||||
|
|
|
@ -15,6 +15,7 @@ class Regexp extends AppModel {
|
|||
'change' => 'full'
|
||||
),
|
||||
);
|
||||
|
||||
/**
|
||||
* Use table
|
||||
*
|
||||
|
@ -23,6 +24,7 @@ class Regexp extends AppModel {
|
|||
public $useTable = 'regexp';
|
||||
|
||||
// this checks whether the regexp would fail and if yes, the entry is blocked from being entered.
|
||||
|
||||
public function beforeValidate($options = array()) {
|
||||
$test = preg_replace($this->data['Regexp']['regexp'], 'success', $this->data['Regexp']['regexp']);
|
||||
if ($test == null) return false;
|
||||
|
|
|
@ -1,112 +1,112 @@
|
|||
<?php
|
||||
App::uses('AppModel', 'Model');
|
||||
/**
|
||||
* Role Model
|
||||
*
|
||||
* @property User $User
|
||||
*/
|
||||
class Role extends AppModel {
|
||||
|
||||
/**
|
||||
* Validation rules
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $validate = array(
|
||||
'name' => array(
|
||||
'notempty' => array(
|
||||
'rule' => array('notempty'),
|
||||
//'message' => 'Your custom message here',
|
||||
//'allowEmpty' => false,
|
||||
//'required' => false,
|
||||
//'last' => false, // Stop validation after this rule
|
||||
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||
),
|
||||
),
|
||||
);
|
||||
|
||||
/**
|
||||
* hasMany associations
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $hasMany = array(
|
||||
'User' => array(
|
||||
'className' => 'User',
|
||||
'foreignKey' => 'role_id',
|
||||
'dependent' => false,
|
||||
'conditions' => '',
|
||||
'fields' => '',
|
||||
'order' => '',
|
||||
'limit' => '',
|
||||
'offset' => '',
|
||||
'exclusive' => '',
|
||||
'finderQuery' => '',
|
||||
'counterQuery' => ''
|
||||
)
|
||||
);
|
||||
|
||||
/**
|
||||
* TODO ACL: 1: be requester to CakePHP ACL system
|
||||
*
|
||||
* @var unknown_type
|
||||
*/
|
||||
public $actsAs = array(
|
||||
'Acl' => array('type' => 'requester'),
|
||||
'MagicTools.OrphansProtectable',
|
||||
'Trim',
|
||||
<?php
|
||||
App::uses('AppModel', 'Model');
|
||||
/**
|
||||
* Role Model
|
||||
*
|
||||
* @property User $User
|
||||
*/
|
||||
class Role extends AppModel {
|
||||
|
||||
/**
|
||||
* Validation rules
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $validate = array(
|
||||
'name' => array(
|
||||
'notempty' => array(
|
||||
'rule' => array('notempty'),
|
||||
//'message' => 'Your custom message here',
|
||||
//'allowEmpty' => false,
|
||||
//'required' => false,
|
||||
//'last' => false, // Stop validation after this rule
|
||||
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||
),
|
||||
),
|
||||
);
|
||||
|
||||
/**
|
||||
* hasMany associations
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $hasMany = array(
|
||||
'User' => array(
|
||||
'className' => 'User',
|
||||
'foreignKey' => 'role_id',
|
||||
'dependent' => false,
|
||||
'conditions' => '',
|
||||
'fields' => '',
|
||||
'order' => '',
|
||||
'limit' => '',
|
||||
'offset' => '',
|
||||
'exclusive' => '',
|
||||
'finderQuery' => '',
|
||||
'counterQuery' => ''
|
||||
)
|
||||
);
|
||||
|
||||
/**
|
||||
* TODO ACL: 1: be requester to CakePHP ACL system
|
||||
*
|
||||
* @var unknown_type
|
||||
*/
|
||||
public $actsAs = array(
|
||||
'Acl' => array('type' => 'requester'),
|
||||
'MagicTools.OrphansProtectable',
|
||||
'Trim',
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'roleModel' => 'Role',
|
||||
'roleKey' => 'role_id',
|
||||
'change' => 'full'
|
||||
),
|
||||
);
|
||||
|
||||
/**
|
||||
* TODO ACL: 2: hook Role into CakePHP ACL system (so link to aros)
|
||||
*/
|
||||
public function parentNode() {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Virtual field
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $virtualFields = array(
|
||||
'permission' => "IF (Role.perm_add && Role.perm_modify && Role.perm_publish, '3', IF (Role.perm_add && Role.perm_modify_org, '2', IF (Role.perm_add, '1', '0')))",
|
||||
);
|
||||
|
||||
public function beforeSave($options = array()) {
|
||||
switch ($this->data['Role']['permission']) {
|
||||
case '0':
|
||||
$this->data['Role']['perm_add'] = false;
|
||||
$this->data['Role']['perm_modify'] = false;
|
||||
$this->data['Role']['perm_modify_org'] = false;
|
||||
$this->data['Role']['perm_publish'] = false;
|
||||
break;
|
||||
case '1':
|
||||
$this->data['Role']['perm_add'] = true;
|
||||
$this->data['Role']['perm_modify'] = true; // SHOULD BE true
|
||||
$this->data['Role']['perm_modify_org'] = false;
|
||||
$this->data['Role']['perm_publish'] = false;
|
||||
break;
|
||||
case '2':
|
||||
$this->data['Role']['perm_add'] = true;
|
||||
$this->data['Role']['perm_modify'] = true;
|
||||
$this->data['Role']['perm_modify_org'] = true;
|
||||
$this->data['Role']['perm_publish'] = false;
|
||||
break;
|
||||
case '3':
|
||||
$this->data['Role']['perm_add'] = true;
|
||||
$this->data['Role']['perm_modify'] = true; // ?
|
||||
$this->data['Role']['perm_modify_org'] = true; // ?
|
||||
$this->data['Role']['perm_publish'] = true;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
),
|
||||
);
|
||||
|
||||
/**
|
||||
* TODO ACL: 2: hook Role into CakePHP ACL system (so link to aros)
|
||||
*/
|
||||
public function parentNode() {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Virtual field
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $virtualFields = array(
|
||||
'permission' => "IF (Role.perm_add && Role.perm_modify && Role.perm_publish, '3', IF (Role.perm_add && Role.perm_modify_org, '2', IF (Role.perm_add, '1', '0')))",
|
||||
);
|
||||
|
||||
public function beforeSave($options = array()) {
|
||||
switch ($this->data['Role']['permission']) {
|
||||
case '0':
|
||||
$this->data['Role']['perm_add'] = false;
|
||||
$this->data['Role']['perm_modify'] = false;
|
||||
$this->data['Role']['perm_modify_org'] = false;
|
||||
$this->data['Role']['perm_publish'] = false;
|
||||
break;
|
||||
case '1':
|
||||
$this->data['Role']['perm_add'] = true;
|
||||
$this->data['Role']['perm_modify'] = true; // SHOULD BE true
|
||||
$this->data['Role']['perm_modify_org'] = false;
|
||||
$this->data['Role']['perm_publish'] = false;
|
||||
break;
|
||||
case '2':
|
||||
$this->data['Role']['perm_add'] = true;
|
||||
$this->data['Role']['perm_modify'] = true;
|
||||
$this->data['Role']['perm_modify_org'] = true;
|
||||
$this->data['Role']['perm_publish'] = false;
|
||||
break;
|
||||
case '3':
|
||||
$this->data['Role']['perm_add'] = true;
|
||||
$this->data['Role']['perm_modify'] = true; // ?
|
||||
$this->data['Role']['perm_modify_org'] = true; // ?
|
||||
$this->data['Role']['perm_publish'] = true;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
}
|
|
@ -236,7 +236,7 @@ class User extends AppModel {
|
|||
public $actsAs = array(
|
||||
'Acl' => array( // TODO ACL, + 'enabled' => false
|
||||
'type' => 'requester',
|
||||
'enabled' => false
|
||||
'enabled' => false
|
||||
),
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'userModel' => 'User',
|
||||
|
|
|
@ -1,200 +1,200 @@
|
|||
<div class="event view"><!-- bluntly copied from View/Events/view.ctp -->
|
||||
<div class="actions" style="float:right;"><?php
|
||||
if ( 0 == $event['Event']['published'] && ($isAdmin || $event['Event']['org'] == $me['org'])):
|
||||
// only show button if alert has not been sent // LATER show the ALERT button in red-ish
|
||||
?>
|
||||
<ul><li><?php
|
||||
echo $this->Form->postLink('Publish Event', array('controller' => 'events', 'action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?');
|
||||
echo $this->Form->postLink('Publish (no email)', array('controller' => 'events', 'action' => 'publish', $event['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!');
|
||||
?> </li></ul><?php
|
||||
elseif (0 == $event['Event']['published']): ?>
|
||||
<ul><li>Not published</li></ul><?php
|
||||
else: ?>
|
||||
<!-- ul><li>Alert already sent</li></ul --><?php
|
||||
endif; ?>
|
||||
<ul><li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $event['Event']['id'])); ?> </li></ul>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
<h2>Event</h2>
|
||||
<dl>
|
||||
<dt>ID</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['id']); ?>
|
||||
|
||||
</dd><?php
|
||||
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
||||
<dt>Org</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['org']); ?>
|
||||
|
||||
</dd>
|
||||
<dt>Email</dt>
|
||||
<dd>
|
||||
<?php echo h($event['User']['email']); ?>
|
||||
|
||||
</dd><?php
|
||||
endif; ?>
|
||||
<dt>Date</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['date']); ?>
|
||||
|
||||
</dd>
|
||||
<dt<?php echo ' title="' . $eventDescriptions['risk']['desc'] . '"';?>>Risk</dt>
|
||||
<dd>
|
||||
<?php echo $event['Event']['risk']; ?>
|
||||
|
||||
</dd><?php
|
||||
if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<dt>Distribution</dt>
|
||||
<dd>
|
||||
<?php echo ($event['Event']['private'])? 'Yes, never upload Event or any Attributes.' : 'No, upload Event and all Attributes except those marked as Private.'; ?>
|
||||
|
||||
</dd><?php
|
||||
endif; ?>
|
||||
<!-- dt>UUID</dt>
|
||||
<dd>
|
||||
<?php echo $event['Event']['uuid']; ?>
|
||||
|
||||
</dd -->
|
||||
<dt>Info</dt>
|
||||
<dd>
|
||||
<?php echo nl2br(h($event['Event']['info'])); ?>
|
||||
|
||||
</dd>
|
||||
</dl><?php
|
||||
if (!empty($relatedEvents)):?>
|
||||
<div class="related">
|
||||
<h3>Related Events</h3>
|
||||
<ul><?php
|
||||
foreach ($relatedEvents as $relatedEvent): ?>
|
||||
<li><?php
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
|
||||
$linkText = $relatedEvent['date'] . ' (' . $relatedEvent['id'] . ')';
|
||||
echo $this->Html->link($linkText, array('controller' => 'attributes', 'action' => 'event', $relatedEvent['id']));
|
||||
} else {
|
||||
$linkText = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
|
||||
echo $this->Html->link($linkText, array('controller' => 'attributes', 'action' => 'event', $relatedEvent['Event']['id']));
|
||||
}?></li><?php
|
||||
endforeach; ?>
|
||||
</ul>
|
||||
</div><?php
|
||||
endif; ?>
|
||||
|
||||
<div class="related">
|
||||
<h3>Attributes</h3><?php
|
||||
if (!empty($event['Attribute'])):?>
|
||||
<table cellpadding = "0" cellspacing = "0">
|
||||
<tr>
|
||||
<th>Category</th>
|
||||
<th>Type</th>
|
||||
<th>Value</th>
|
||||
<th>Related Events</th>
|
||||
<th <?php echo "title='" . $attrDescriptions['signature']['desc'] . "'";?>>IDS Signature</th><?php
|
||||
if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<th <?php echo "title='" . $attrDescriptions['private']['desc'] . "'";?>>Private</th><?php
|
||||
endif;?><?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<th class="actions">Actions</th><?php
|
||||
endif;?>
|
||||
</tr><?php
|
||||
foreach ($categories as $category):
|
||||
$first = 1;
|
||||
foreach ($attributes as $attribute):
|
||||
if ($attribute['Attribute']['category'] != $category) continue;?>
|
||||
<tr>
|
||||
<td class="short" title="<?php if ('' != $attribute['Attribute']['category']) echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>"><?php
|
||||
if ($first) {
|
||||
if ('' == $attribute['Attribute']['category']) echo '(no category)';
|
||||
echo $attribute['Attribute']['category'];
|
||||
} else {
|
||||
echo ' ';
|
||||
}?></td>
|
||||
<td class="short" title="<?php echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>">
|
||||
<?php echo $attribute['Attribute']['type'];?></td>
|
||||
<td><?php
|
||||
$sigDisplay = nl2br(h($attribute['Attribute']['value']));
|
||||
if ('attachment' == $attribute['Attribute']['type'] ||
|
||||
'malware-sample' == $attribute['Attribute']['type'] ) {
|
||||
$filenameHash = explode('|', h($attribute['Attribute']['value']));
|
||||
echo $this->Html->link($filenameHash[0], array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']));
|
||||
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
|
||||
} elseif (strpos($attribute['Attribute']['type'], '|') !== false) {
|
||||
$filenameHash = explode('|', h($attribute['Attribute']['value']));
|
||||
echo $filenameHash[0];
|
||||
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
|
||||
} elseif ('vulnerability' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sigDisplay, 'http://www.google.com/search?q=' . $sigDisplay, array('target' => '_blank'));
|
||||
} elseif ('link' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sigDisplay, $sigDisplay);
|
||||
} else {
|
||||
echo $sigDisplay;
|
||||
}?></td>
|
||||
<td class="short" style="text-align: center;"><?php
|
||||
$first = 0;
|
||||
if (isset($relatedAttributes[$attribute['Attribute']['id']]) && (null != $relatedAttributes[$attribute['Attribute']['id']])) {
|
||||
foreach ($relatedAttributes[$attribute['Attribute']['id']] as $relatedAttribute) {
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
|
||||
echo $this->Html->link($relatedAttribute['Correlation']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Correlation']['event_id']));
|
||||
} else {
|
||||
echo $this->Html->link($relatedAttribute['Attribute']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Attribute']['event_id']));
|
||||
}
|
||||
echo ' ';
|
||||
}
|
||||
}?>
|
||||
</td>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No';?></td><?php
|
||||
if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['Attribute']['private'] ? 'Private' : ' ';?></td><?php
|
||||
endif;?><?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<td class="actions">
|
||||
<?php
|
||||
echo $this->Html->link(__('Edit', true), array('controller' => 'attributes', 'action' => 'edit', $attribute['Attribute']['id']));
|
||||
echo $this->Form->postLink(__('Delete'), array('controller' => 'attributes', 'action' => 'delete', $attribute['Attribute']['id']), null, __('Are you sure you want to delete this attribute? Keep in mind that this will also delete this attribute on remote MISP instances.'));
|
||||
?>
|
||||
</td><?php
|
||||
endif;?>
|
||||
</tr><?php
|
||||
endforeach; ?><?php
|
||||
endforeach; ?>
|
||||
</table>
|
||||
<p>
|
||||
<?php
|
||||
echo $this->Paginator->counter(array(
|
||||
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
|
||||
));
|
||||
?> </p>
|
||||
|
||||
<div class="paging"><?php
|
||||
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
|
||||
echo $this->Paginator->numbers(array('separator' => ''));
|
||||
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
|
||||
?>
|
||||
</div><?php
|
||||
endif; ?><?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<div class="actions">
|
||||
<ul>
|
||||
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
|
||||
</ul>
|
||||
</div><?php
|
||||
endif; ?>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="actions">
|
||||
<ul><?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<li><?php echo $this->Html->link(__('Add Attribute', true), array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link(__('Add Attachment', true), array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link(__('Edit Event', true), array('controller' => 'events', 'action' => 'edit', $event['Event']['id'])); ?> </li>
|
||||
<li><?php echo $this->Form->postLink(__('Delete Event'), array('controller' => 'events', 'action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
|
||||
<li> </li><?php
|
||||
endif; ?>
|
||||
<?php echo $this->element('actions_menu'); ?>
|
||||
</ul>
|
||||
<div class="event view"><!-- bluntly copied from View/Events/view.ctp -->
|
||||
<div class="actions" style="float:right;"><?php
|
||||
if ( 0 == $event['Event']['published'] && ($isAdmin || $event['Event']['org'] == $me['org'])):
|
||||
// only show button if alert has not been sent // LATER show the ALERT button in red-ish
|
||||
?>
|
||||
<ul><li><?php
|
||||
echo $this->Form->postLink('Publish Event', array('controller' => 'events', 'action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?');
|
||||
echo $this->Form->postLink('Publish (no email)', array('controller' => 'events', 'action' => 'publish', $event['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!');
|
||||
?> </li></ul><?php
|
||||
elseif (0 == $event['Event']['published']): ?>
|
||||
<ul><li>Not published</li></ul><?php
|
||||
else: ?>
|
||||
<!-- ul><li>Alert already sent</li></ul --><?php
|
||||
endif; ?>
|
||||
<ul><li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $event['Event']['id'])); ?> </li></ul>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
<h2>Event</h2>
|
||||
<dl>
|
||||
<dt>ID</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['id']); ?>
|
||||
|
||||
</dd><?php
|
||||
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
||||
<dt>Org</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['org']); ?>
|
||||
|
||||
</dd>
|
||||
<dt>Email</dt>
|
||||
<dd>
|
||||
<?php echo h($event['User']['email']); ?>
|
||||
|
||||
</dd><?php
|
||||
endif; ?>
|
||||
<dt>Date</dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['date']); ?>
|
||||
|
||||
</dd>
|
||||
<dt<?php echo ' title="' . $eventDescriptions['risk']['desc'] . '"';?>>Risk</dt>
|
||||
<dd>
|
||||
<?php echo $event['Event']['risk']; ?>
|
||||
|
||||
</dd><?php
|
||||
if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<dt>Distribution</dt>
|
||||
<dd>
|
||||
<?php echo ($event['Event']['private'])? 'Yes, never upload Event or any Attributes.' : 'No, upload Event and all Attributes except those marked as Private.'; ?>
|
||||
|
||||
</dd><?php
|
||||
endif; ?>
|
||||
<!-- dt>UUID</dt>
|
||||
<dd>
|
||||
<?php echo $event['Event']['uuid']; ?>
|
||||
|
||||
</dd -->
|
||||
<dt>Info</dt>
|
||||
<dd>
|
||||
<?php echo nl2br(h($event['Event']['info'])); ?>
|
||||
|
||||
</dd>
|
||||
</dl><?php
|
||||
if (!empty($relatedEvents)):?>
|
||||
<div class="related">
|
||||
<h3>Related Events</h3>
|
||||
<ul><?php
|
||||
foreach ($relatedEvents as $relatedEvent): ?>
|
||||
<li><?php
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
|
||||
$linkText = $relatedEvent['date'] . ' (' . $relatedEvent['id'] . ')';
|
||||
echo $this->Html->link($linkText, array('controller' => 'attributes', 'action' => 'event', $relatedEvent['id']));
|
||||
} else {
|
||||
$linkText = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
|
||||
echo $this->Html->link($linkText, array('controller' => 'attributes', 'action' => 'event', $relatedEvent['Event']['id']));
|
||||
}?></li><?php
|
||||
endforeach; ?>
|
||||
</ul>
|
||||
</div><?php
|
||||
endif; ?>
|
||||
|
||||
<div class="related">
|
||||
<h3>Attributes</h3><?php
|
||||
if (!empty($event['Attribute'])):?>
|
||||
<table cellpadding = "0" cellspacing = "0">
|
||||
<tr>
|
||||
<th>Category</th>
|
||||
<th>Type</th>
|
||||
<th>Value</th>
|
||||
<th>Related Events</th>
|
||||
<th <?php echo "title='" . $attrDescriptions['signature']['desc'] . "'";?>>IDS Signature</th><?php
|
||||
if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<th <?php echo "title='" . $attrDescriptions['private']['desc'] . "'";?>>Private</th><?php
|
||||
endif;?><?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<th class="actions">Actions</th><?php
|
||||
endif;?>
|
||||
</tr><?php
|
||||
foreach ($categories as $category):
|
||||
$first = 1;
|
||||
foreach ($attributes as $attribute):
|
||||
if ($attribute['Attribute']['category'] != $category) continue;?>
|
||||
<tr>
|
||||
<td class="short" title="<?php if ('' != $attribute['Attribute']['category']) echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>"><?php
|
||||
if ($first) {
|
||||
if ('' == $attribute['Attribute']['category']) echo '(no category)';
|
||||
echo $attribute['Attribute']['category'];
|
||||
} else {
|
||||
echo ' ';
|
||||
}?></td>
|
||||
<td class="short" title="<?php echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>">
|
||||
<?php echo $attribute['Attribute']['type'];?></td>
|
||||
<td><?php
|
||||
$sigDisplay = nl2br(h($attribute['Attribute']['value']));
|
||||
if ('attachment' == $attribute['Attribute']['type'] ||
|
||||
'malware-sample' == $attribute['Attribute']['type'] ) {
|
||||
$filenameHash = explode('|', h($attribute['Attribute']['value']));
|
||||
echo $this->Html->link($filenameHash[0], array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']));
|
||||
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
|
||||
} elseif (strpos($attribute['Attribute']['type'], '|') !== false) {
|
||||
$filenameHash = explode('|', h($attribute['Attribute']['value']));
|
||||
echo $filenameHash[0];
|
||||
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
|
||||
} elseif ('vulnerability' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sigDisplay, 'http://www.google.com/search?q=' . $sigDisplay, array('target' => '_blank'));
|
||||
} elseif ('link' == $attribute['Attribute']['type']) {
|
||||
echo $this->Html->link($sigDisplay, $sigDisplay);
|
||||
} else {
|
||||
echo $sigDisplay;
|
||||
}?></td>
|
||||
<td class="short" style="text-align: center;"><?php
|
||||
$first = 0;
|
||||
if (isset($relatedAttributes[$attribute['Attribute']['id']]) && (null != $relatedAttributes[$attribute['Attribute']['id']])) {
|
||||
foreach ($relatedAttributes[$attribute['Attribute']['id']] as $relatedAttribute) {
|
||||
if ('db' == Configure::read('CyDefSIG.correlation')) { // TODO array key
|
||||
echo $this->Html->link($relatedAttribute['Correlation']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Correlation']['event_id']));
|
||||
} else {
|
||||
echo $this->Html->link($relatedAttribute['Attribute']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Attribute']['event_id']));
|
||||
}
|
||||
echo ' ';
|
||||
}
|
||||
}?>
|
||||
</td>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No';?></td><?php
|
||||
if ('true' == Configure::read('CyDefSIG.sync')): ?>
|
||||
<td class="short" style="text-align: center;"><?php echo $attribute['Attribute']['private'] ? 'Private' : ' ';?></td><?php
|
||||
endif;?><?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<td class="actions">
|
||||
<?php
|
||||
echo $this->Html->link(__('Edit', true), array('controller' => 'attributes', 'action' => 'edit', $attribute['Attribute']['id']));
|
||||
echo $this->Form->postLink(__('Delete'), array('controller' => 'attributes', 'action' => 'delete', $attribute['Attribute']['id']), null, __('Are you sure you want to delete this attribute? Keep in mind that this will also delete this attribute on remote MISP instances.'));
|
||||
?>
|
||||
</td><?php
|
||||
endif;?>
|
||||
</tr><?php
|
||||
endforeach; ?><?php
|
||||
endforeach; ?>
|
||||
</table>
|
||||
<p>
|
||||
<?php
|
||||
echo $this->Paginator->counter(array(
|
||||
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
|
||||
));
|
||||
?> </p>
|
||||
|
||||
<div class="paging"><?php
|
||||
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
|
||||
echo $this->Paginator->numbers(array('separator' => ''));
|
||||
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
|
||||
?>
|
||||
</div><?php
|
||||
endif; ?><?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<div class="actions">
|
||||
<ul>
|
||||
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
|
||||
</ul>
|
||||
</div><?php
|
||||
endif; ?>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="actions">
|
||||
<ul><?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<li><?php echo $this->Html->link(__('Add Attribute', true), array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link(__('Add Attachment', true), array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link(__('Edit Event', true), array('controller' => 'events', 'action' => 'edit', $event['Event']['id'])); ?> </li>
|
||||
<li><?php echo $this->Form->postLink(__('Delete Event'), array('controller' => 'events', 'action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
|
||||
<li> </li><?php
|
||||
endif; ?>
|
||||
<?php echo $this->element('actions_menu'); ?>
|
||||
</ul>
|
||||
</div>
|
|
@ -1,19 +1,3 @@
|
|||
<script>
|
||||
function getTitle(incInt, id){
|
||||
if (document.getElementById(incInt).title == "Loading event info..."){
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: "/events/"+id+".xml",
|
||||
dataType: 'xml',
|
||||
async:true,
|
||||
success:function(result){
|
||||
var returnData = $(result).find("info").text();
|
||||
document.getElementById(incInt).title=returnData;
|
||||
},
|
||||
});
|
||||
};
|
||||
}
|
||||
</script>
|
||||
<div class="attributes index">
|
||||
<h2><?php echo __('Attributes');?></h2>
|
||||
<?php
|
||||
|
@ -41,7 +25,7 @@ foreach ($attributes as $attribute): ?>
|
|||
<tr>
|
||||
<td class="short">
|
||||
<?php
|
||||
echo "<div id = \"" . $attribute['Attribute']['id'] . "\" onMouseOver=getTitle(" . $attribute['Attribute']['id'] . "," . $attribute['Event']['id'] . ") title = \"Loading event info...\">";
|
||||
echo "<div id = \"" . $attribute['Attribute']['id'] . "\" title = \"".h($attribute['Event']['info'])."\">";
|
||||
echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id']));
|
||||
$currentCount++;
|
||||
?>
|
||||
|
|
|
@ -1,30 +1,3 @@
|
|||
<script>
|
||||
function getTitle(incInt, incIntb, incIntc){
|
||||
id = incInt;
|
||||
type = null;
|
||||
if (incIntb==0){
|
||||
type = "R";
|
||||
}else{
|
||||
type = "A";
|
||||
}
|
||||
findElementString = type+id;
|
||||
if (type == "A"){
|
||||
findElementString += "X"+incIntc;
|
||||
}
|
||||
if (document.getElementById(findElementString).title == "Loading event info..."){
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: "/events/"+id+".xml",
|
||||
dataType: 'xml',
|
||||
async:false,
|
||||
success:function(result){
|
||||
var returnData = $(result).find("info").text();
|
||||
document.getElementById(findElementString).title=returnData;
|
||||
},
|
||||
});
|
||||
};
|
||||
}
|
||||
</script>
|
||||
<?php
|
||||
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['org'] == $me['org']));
|
||||
$mayPublish = ($isAclPublish && $event['Event']['org'] == $me['org']);
|
||||
|
@ -129,7 +102,6 @@ endif; ?>
|
|||
</dd>
|
||||
</dl>
|
||||
<?php
|
||||
$passAlong = array(0, 0);
|
||||
if (!empty($relatedEvents)):?>
|
||||
<div class="related">
|
||||
<h3>Related Events</h3>
|
||||
|
@ -138,9 +110,7 @@ if (!empty($relatedEvents)):?>
|
|||
foreach ($relatedEvents as $relatedEvent): ?>
|
||||
<li><?php
|
||||
$linkText = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
|
||||
$currentID = $relatedEvent['Event']['id'];
|
||||
$passAlong[0] = $relatedEvent['Event']['id'];
|
||||
echo "<div id = \"R" . $currentID . "\" onMouseOver=getTitle(" . $passAlong[0] . "," . $passAlong[1] . ") title = \"Loading event info...\">";
|
||||
echo "<div \" title = \"".$relatedEvent['Event']['info']."\">";
|
||||
echo $this->Html->link($linkText, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id']));
|
||||
?></li>
|
||||
<?php
|
||||
|
@ -178,7 +148,6 @@ if (!empty($event['Attribute'])):?>
|
|||
<?php
|
||||
endif;?>
|
||||
</tr><?php
|
||||
$passAlong = array(0, 1, 0);
|
||||
foreach ($categories as $category):
|
||||
$first = 1;
|
||||
foreach ($event['Attribute'] as $attribute):
|
||||
|
@ -224,12 +193,10 @@ if (!empty($event['Attribute'])):?>
|
|||
$first = 0;
|
||||
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
|
||||
foreach ($relatedAttributes[$attribute['id']] as $relatedAttribute) {
|
||||
$passAlong[0] = $relatedAttribute['Attribute']['event_id'];
|
||||
echo "<span id = \"A" . $passAlong[0] . "X" . $passAlong[2] . "\" onMouseOver=getTitle(" . $passAlong[0] . "," . $passAlong[1] . "," . $passAlong[2] . ") title = \"Loading event info...\">";
|
||||
echo "<span title = \"".$relatedAttribute['Attribute']['event_info']."\">";
|
||||
echo $this->Html->link($relatedAttribute['Attribute']['event_id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['Attribute']['event_id']));
|
||||
echo "</span>";
|
||||
echo ' ';
|
||||
$passAlong[2]++;
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue