MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [decaying] Added `default` column in decayingModels table, code 

path for `rest` and improved ACL
pull/5032/head
mokaddem 2019-08-30 09:18:00 +02:00
parent 2d4dfda6c8
commit 059b25f262
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
6 changed files with 57 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
app/Controller/DecayingModelController.php
View File

@ -65,6 +65,11 @@ class DecayingModelController extends AppController
if ($json === null) {
throw new MethodNotAllowedException(__('Error while decoding JSON'));
}
unset($json['DecayingModel']['id']);
$json['DecayingModel']['default'] = 1;
$json['DecayingModel']['org_id'] = $this->Auth->user()['org_id'];
if ($this->DecayingModel->save($json)) {
$this->Flash->success(__('The model has been imported.'));
} else {
@ -144,7 +149,14 @@ class DecayingModelController extends AppController
public function add()
{
if ($this->request->is('post') || $this->request->is('put')) {
if (!isset($this->request->data['DecayingModel'])) {
$this->request->data = array('DecayingModel' => $this->request->data);
}
$this->request->data['DecayingModel']['org_id'] = $this->Auth->user()['org_id'];
unset($this->request->data['DecayingModel']['id']);
unset($this->request->data['DecayingModel']['uuid']);
$this->request->data['DecayingModel']['default'] = 0;
if (empty($this->request->data['DecayingModel']['name'])) {
throw new MethodNotAllowedException(__("The model must have a name"));
@ -153,7 +165,7 @@ class DecayingModelController extends AppController
return false;
}
if ($this->DecayingModel->save($this->request->data)) {
if ($this->request->is('ajax')) {
if ($this->request->is('ajax') || $this->_isRest()) {
$saved = $this->DecayingModel->fetchModel($this->Auth->user(), $this->DecayingModel->id);
$this->DecayingModel->attachIsEditableByCurrentUser($this->Auth->user(), $saved);
$response = array('data' => $saved, 'action' => 'add');
@ -163,7 +175,7 @@ class DecayingModelController extends AppController
$this->redirect(array('action' => 'index'));
}
} else {
if ($this->request->is('ajax')) {
if ($this->request->is('ajax') || $this->_isRest()) {
$saved = $this->DecayingModel->fetchModel($this->Auth->user(), $this->DecayingModel->id);
$response = array('data' => $saved, 'action' => 'add', 'saved' => false);
return $this->RestResponse->viewData($response, $this->response->type());
@ -186,14 +198,14 @@ class DecayingModelController extends AppController
public function edit($id)
{
$decayingModel = $this->DecayingModel->fetchModel($this->Auth->user(), $id); // ACL done in Model
$enforceRestrictedEdition = $this->DecayingModel->isDefaultModel($decayingModel);
$enforceRestrictedEdition = $decayingModel['DecayingModel']['default'];
if ($this->request->is('post') || $this->request->is('put')) {
$this->request->data['DecayingModel']['id'] = $id;
$fieldListToSave = array('enabled', 'all_orgs');
if (!$enforceRestrictedEdition) {
$fieldListToSave += array('name', 'description', 'parameters', 'formula');
$fieldListToSave = array_merge($fieldListToSave, array('name', 'description', 'parameters', 'formula'));
if (!$this->__adjustJSONData($this->request->data)) {
return false;
}
@ -201,7 +213,7 @@ class DecayingModelController extends AppController
$save_result = $this->DecayingModel->save($this->request->data, true, $fieldListToSave);
if ($save_result) {
if ($this->request->is('ajax')) {
if ($this->request->is('ajax') || $this->_isRest()) {
$saved = $this->DecayingModel->fetchModel($this->Auth->user(), $this->DecayingModel->id);
$this->DecayingModel->attachIsEditableByCurrentUser($this->Auth->user(), $saved);
$response = array('data' => $saved, 'action' => 'edit');
@ -211,7 +223,7 @@ class DecayingModelController extends AppController
$this->redirect(array('action' => 'index'));
}
} else {
if ($this->request->is('ajax')) {
if ($this->request->is('ajax') || $this->_isRest()) {
$saved = $this->DecayingModel->fetchModel($this->Auth->user(), $this->DecayingModel->id);
$response = array('data' => $saved, 'action' => 'edit', 'saved' => false);
return $this->RestResponse->viewData($response, $this->response->type());
@ -240,7 +252,7 @@ class DecayingModelController extends AppController
private function __adjustJSONData(&$json)
{
if (isset($json['DecayingModel']['parameters'])) {
if (isset($json['DecayingModel']['parameters']['settings'])) {
if (isset($json['DecayingModel']['parameters']['settings']) && !is_array($json['DecayingModel']['parameters']['settings'])) {
$settings = json_decode($json['DecayingModel']['parameters']['settings'], true);
if ($settings === null) {
$this->Flash->error(__('Invalid JSON `Settings`.'));
@ -265,12 +277,14 @@ class DecayingModelController extends AppController
return false;
}
if (isset($json['DecayingModel']['parameters']['base_score_config']) && $json['DecayingModel']['parameters']['base_score_config'] != '') {
$encoded = json_decode($json['DecayingModel']['parameters']['base_score_config'], true);
if ($encoded === null) {
$this->Flash->error(__('Invalid parameter `base_score_config`.'));
return false;
if (!is_array($json['DecayingModel']['parameters']['base_score_config'])) {
$encoded = json_decode($json['DecayingModel']['parameters']['base_score_config'], true);
if ($encoded === null) {
$this->Flash->error(__('Invalid parameter `base_score_config`.'));
return false;
}
$json['DecayingModel']['parameters']['base_score_config'] = $encoded;
}
$json['DecayingModel']['parameters']['base_score_config'] = $encoded;
} else {
$json['DecayingModel']['parameters']['base_score_config'] = new stdClass();
}
@ -282,7 +296,13 @@ class DecayingModelController extends AppController
public function delete($id)
{
if ($this->request->is('post') || $this->request->is('put')) {
$decayingModel = $this->DecayingModel->fetchModel($this->Auth->user(), $id);
$decaying_model = $this->DecayingModel->fetchModel($this->Auth->user(), $id);
if (
!$this->DecayingModel->isEditableByCurrentUser($this->Auth->user(), $decaying_model) ||
$decaying_model['DecayingModel']['default']
) {
throw new MethodNotAllowedException(__('You are not authorised to delete this model.'));
}
if ($this->DecayingModel->delete($id, true)) {
if ($this->request->is('ajax')) {
@ -306,10 +326,14 @@ class DecayingModelController extends AppController
public function enable($id)
{
$decayingModel = $this->DecayingModel->fetchModel($this->Auth->user(), $id);
$decaying_model = $this->DecayingModel->fetchModel($this->Auth->user(), $id);
if ($this->request->is('post') || $this->request->is('put')) {
$decayingModel['DecayingModel']['enabled'] = 1;
if ($this->DecayingModel->save($decayingModel)) {
if (!$this->DecayingModel->isEditableByCurrentUser($this->Auth->user(), $decaying_model)) {
throw new MethodNotAllowedException(__('You are not authorised to enable this model.'));
}
$decaying_model['DecayingModel']['enabled'] = 1;
if ($this->DecayingModel->save($decaying_model)) {
if ($this->request->is('ajax')) {
$model = $this->DecayingModel->fetchModel($this->Auth->user(), $id);
$this->DecayingModel->attachIsEditableByCurrentUser($this->Auth->user(), $model);
@ -328,7 +352,7 @@ class DecayingModelController extends AppController
}
$this->redirect(array('action' => 'index'));
} else {
$this->set('model', $decayingModel['DecayingModel']);
$this->set('model', $decaying_model['DecayingModel']);
$this->render('ajax/enable_form');
}
}
@ -337,6 +361,10 @@ class DecayingModelController extends AppController
{
$decayingModel = $this->DecayingModel->fetchModel($this->Auth->user(), $id);
if ($this->request->is('post') || $this->request->is('put')) {
if (!$this->DecayingModel->isEditableByCurrentUser($this->Auth->user(), $decaying_model)) {
throw new MethodNotAllowedException(__('You are not authorised to disable this model.'));
}
$decayingModel['DecayingModel']['enabled'] = 0;
if ($this->DecayingModel->save($decayingModel)) {
if ($this->request->is('ajax')) {

1
app/Model/AppModel.php
View File

@ -1211,6 +1211,7 @@ class AppModel extends Model
`ref` text COLLATE utf8_unicode_ci,
`formula` varchar(255) COLLATE utf8_bin NOT NULL,
`version` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
`default` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
$sqlArray[] = "CREATE TABLE IF NOT EXISTS decaying_model_mappings (

20
app/Model/DecayingModel.php
View File

@ -21,7 +21,6 @@ class DecayingModel extends AppModel
public function afterFind($results, $primary = false) {
foreach ($results as $k => $v) {
$results[$k]['DecayingModel']['isDefault'] = $this->isDefaultModel($v);
if (!empty($v['DecayingModel']['parameters'])) {
$decoded = json_decode($v['DecayingModel']['parameters'], true);
if ($decoded === null) {
@ -174,14 +173,11 @@ class DecayingModel extends AppModel
}
}
public function isDefaultModel($decaying_model)
{
return isset($decaying_model['DecayingModel']['uuid']) && !is_null($decaying_model['DecayingModel']['uuid']);
}
public function isEditableByCurrentUser($user, $decaying_model)
{
return !$this->isDefaultModel($decaying_model) && $decaying_model['DecayingModel']['org_id'] == $user['org_id'];
return (
$user['Role']['perm_site_admin'] ||
($user['Role']['perm_decaying'] && !$decaying_model['DecayingModel']['default'] && $decaying_model['DecayingModel']['org_id'] == $user['org_id']));
}
public function attachIsEditableByCurrentUser($user, &$decaying_model)
@ -191,16 +187,11 @@ class DecayingModel extends AppModel
public function fetchAllDefaultModel($user)
{
$default_models = $this->fetchAllAllowedModels($user, false);
foreach ($default_models as $i => $model) {
if (!$default_models[$i]['DecayingModel']['isDefault']) {
unset($default_models[$i]);
}
}
$default_models = $this->fetchAllAllowedModels($user, false, array(), array('DecayingModel.default' => true));
return $default_models;
}
public function fetchAllAllowedModels($user, $full=true, $filters=array())
public function fetchAllAllowedModels($user, $full=true, $filters=array(), $additionnal_conditions=array())
{
$conditions = array();
if (!$user['Role']['perm_site_admin']) {
@ -216,6 +207,7 @@ class DecayingModel extends AppModel
$conditions[] = array('not' => array('DecayingModel.uuid' => null));
}
}
$conditions[] = array('AND' => $additionnal_conditions);
$decayingModels = $this->find('all', array(
'conditions' => $conditions,
'include' => $full ? 'DecayingModelMapping' :''

2
app/Model/DecayingModelMapping.php
View File

@ -54,7 +54,7 @@ class DecayingModelMapping extends AppModel
$model = $this->DecayingModel->fetchModel($user, $model, false);
}
$decaying_model = isset($model['DecayingModel']) ? $model['DecayingModel'] : $model;
if ($decaying_model['isDefault']) {
if ($decaying_model['default']) {
$associated_types = $decaying_model['attribute_types'];
} else {
$temp = $this->find('list', array(

4
app/View/DecayingModel/index.ctp
View File

@ -110,7 +110,7 @@ foreach ($decayingModels as $item): ?>
<td><i class="fas fa-<?php echo $item['DecayingModel']['all_orgs'] ? 'check' : 'times';?>"></i></td>
<td>
<a href="<?php echo $baseurl."/decayingModel/view/" . h($item['DecayingModel']['id']); ?>"><?php echo h($item['DecayingModel']['name']); ?>&nbsp;</a>
<?php if ($item['DecayingModel']['isDefault']): ?>
<?php if ($item['DecayingModel']['default']): ?>
<img src="<?php echo $baseurl;?>/img/orgs/MISP.png" width="24" height="24" style="padding-bottom:3px;" title="<?php echo __('Default Model from MISP Project'); ?>" />
<?php endif; ?>
</td>
@ -138,7 +138,7 @@ foreach ($decayingModels as $item): ?>
<?php if ($me['Role']['perm_admin']): ?>
<?php if ($me['Role']['perm_site_admin'] || $item['DecayingModel']['org_id'] == $me['org_id']): ?>
<?php
if (!$item['DecayingModel']['isDefault']) {
if (!$item['DecayingModel']['default']) {
echo $this->Form->postLink('', array('action' => 'delete', $item['DecayingModel']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete DecayingModel #' . h($item['DecayingModel']['id']) . '?'));
}
?>

4
app/webroot/js/decayingTool.js
View File

@ -338,7 +338,7 @@
var $tr = $clicked.closest('tr');
var model = d3.select($tr[0]).data()[0].DecayingModel;
$('#table-model td > span.DMCheckbox > input').prop('checked', false).prop('disabled', true).trigger('change');
if (!model.isDefault) {
if (!model.default) {
$tr.find('td > span.DMCheckbox > input').prop('checked', true).prop('disabled', false).trigger('change');
}
@ -1020,7 +1020,7 @@ ModelTable.prototype = {
this._gen_td('<input type="checkbox" onchange="decayingTool.refreshSaveButton()" style="margin:0" ' + (is_row_selected ? 'checked' : 'disabled') + '></input>', 'DMCheckbox'),
this._gen_td_link('/decayingModel/view/'+model.DecayingModel.id, this._h(model.DecayingModel.id), 'DMId'),
this._gen_td(
this._h(model.DecayingModel.name) + (model.DecayingModel.isDefault ? '<img src="/img/orgs/MISP.png" width="24" height="24" style="padding-bottom:3px;" title="Default Model from MISP Project" />' : '') ,
this._h(model.DecayingModel.name) + (model.DecayingModel.default ? '<img src="/img/orgs/MISP.png" width="24" height="24" style="padding-bottom:3px;" title="Default Model from MISP Project" />' : '') ,
'DMName'
),
this._gen_td_link('/organisations/view/'+model.DecayingModel.org_id, this._h(model.DecayingModel.org_id), 'DMOrg'),