mirror of https://github.com/MISP/MISP
new: [protected mode] functionalities added to the events controller
- protect/unprotect events - include pgp signature in event on load when applicablepull/8213/head
parent
b80a7af2c3
commit
09a9e55896
|
@ -1608,6 +1608,7 @@ class EventsController extends AppController
|
|||
$this->set('object_count', $objectCount);
|
||||
$this->set('warnings', $this->Event->generateWarnings($event));
|
||||
$this->set('menuData', array('menuList' => 'event', 'menuItem' => 'viewEvent'));
|
||||
$this->set('mayModify', $this->__canModifyEvent($event));
|
||||
$this->__eventViewCommon($user);
|
||||
}
|
||||
|
||||
|
@ -2086,6 +2087,24 @@ class EventsController extends AppController
|
|||
// Distribution, reporter for the events pushed will be the owner of the authentication key
|
||||
$this->request->data['Event']['user_id'] = $this->Auth->user('id');
|
||||
}
|
||||
if (
|
||||
!empty($this->request->data['Event']['protected']) &&
|
||||
$this->Auth->user('Role')['perm_sync'] &&
|
||||
!$this->Auth->user('Role')['perm_site_admin']
|
||||
) {
|
||||
$pgp_signature = $this->request->header('x-pgp-signature');
|
||||
$raw_data = $this->request->input();
|
||||
if (
|
||||
!$this->CryptographicKey->validateProtectedEvent(
|
||||
$raw_data,
|
||||
$this->Auth->user(),
|
||||
$pgp_signature,
|
||||
$this->request->data
|
||||
)
|
||||
) {
|
||||
throw new MethodNotAllowedException(__('Protected event failed signature validation.'));
|
||||
}
|
||||
}
|
||||
if (!empty($this->data)) {
|
||||
if (!isset($this->request->data['Event']['distribution'])) {
|
||||
$this->request->data['Event']['distribution'] = Configure::read('MISP.default_event_distribution') ?: 0;
|
||||
|
@ -6014,4 +6033,60 @@ class EventsController extends AppController
|
|||
}
|
||||
return $this->RestResponse->viewData($tmpFile, $format, false, true);
|
||||
}
|
||||
|
||||
public function protect($id)
|
||||
{
|
||||
$this->__toggleProtect($id, true);
|
||||
}
|
||||
|
||||
public function unprotect($id)
|
||||
{
|
||||
$this->__toggleProtect($id, false);
|
||||
}
|
||||
|
||||
private function __toggleProtect($id, $protect)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
|
||||
$event = $this->Event->fetchSimpleEvent($this->Auth->user(), $id, ['contain' => ['Orgc']]);
|
||||
if (!$event) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
}
|
||||
if (!$this->__canModifyEvent($event)) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
$event['Event']['protected'] = $protect;
|
||||
$event['Event']['timestamp'] = time();
|
||||
$event['Event']['published'] = false;
|
||||
if ($this->Event->save($event)) {
|
||||
$message = __('Event switched to %s mode.', $protect ? __('protected') : __('unprotected'));
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->saveSuccessResponse('events', $protect ? 'protect' : 'unprotect', $id, false, $message);
|
||||
} else {
|
||||
$this->Flash->success($message);
|
||||
$this->redirect(['controller' => 'events', 'action' => 'view', $id]);
|
||||
}
|
||||
} else {
|
||||
$message = __('Something went wrong - could not switch event to %s mode.', $protect ? __('protected') : __('unprotected'));
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->saveFailResponse('Events', $protect ? 'protect' : 'unprotect', false, $message, $this->response->type());
|
||||
} else {
|
||||
$this->Flash->error($message);
|
||||
$this->redirect(['controller' => 'events', 'action' => 'view', $id]);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$this->set('id', $id);
|
||||
$this->set('title', $protect ? __('Protect event') : __('Remove event protection'));
|
||||
$this->set(
|
||||
'question',
|
||||
$protect ?
|
||||
__('Are you sure you want switch the event to protected mode? The event and its subsequent modifications will be rejected by MISP instances that you synchronise with, unless the hop through which the event is propagated has their signing key in the list of event signing keys.'):
|
||||
__('Are you sure you want to switch the event to unprotected mode? Unprotected mode is the default behaviour of MISP events, with creation and modification being purely limited by the distribution mechanism and eligible sync users.')
|
||||
);
|
||||
$this->set('actionName', $protect ? __('Switch to protected mode') : __('Remove protected mode'));
|
||||
$this->layout = 'ajax';
|
||||
$this->render('/genericTemplates/confirm');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue