mirror of https://github.com/MISP/MISP
RestSearch can now return a json (both attribute and event) fixes #233
- also a whitelisting issue fixed - tag search field not set now correctly returns all events regardless of tagspull/274/merge
iglocska
parent
29fb951c44
commit
0f060b5589
|
|
@ -1115,9 +1115,15 @@ class AttributesController extends AppController {
|
|||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
}
|
||||
$value = str_replace('|', '/', $value);
|
||||
$this->response->type('xml'); // set the content type
|
||||
$this->layout = 'xml/default';
|
||||
$this->header('Content-Disposition: download; filename="misp.search.attribute.results.xml"');
|
||||
if (!isset($this->request->params['ext']) || $this->request->params['ext'] !== 'json') {
|
||||
$this->response->type('xml'); // set the content type
|
||||
$this->layout = 'xml/default';
|
||||
$this->header('Content-Disposition: download; filename="misp.search.attribute.results.xml"');
|
||||
} else {
|
||||
$this->response->type('json'); // set the content type
|
||||
$this->layout = 'json/default';
|
||||
$this->header('Content-Disposition: download; filename="misp.search.attribute.results.json"');
|
||||
}
|
||||
$conditions['AND'] = array();
|
||||
$subcondition = array();
|
||||
$this->loadModel('Attribute');
|
||||
|
|
@ -1172,7 +1178,7 @@ class AttributesController extends AppController {
|
|||
array_push($conditions['AND'], $subcondition);
|
||||
}
|
||||
// If we sent any tags along, load the associated tag names for each attribute
|
||||
if ($tags !== '') {
|
||||
if ($tags) {
|
||||
$args = $this->Attribute->dissectArgs($tags);
|
||||
$this->loadModel('Tag');
|
||||
$tagArray = $this->Tag->fetchEventTagIds($args[0], $args[1]);
|
||||
|
|
@ -1197,8 +1203,7 @@ class AttributesController extends AppController {
|
|||
);
|
||||
$results = $this->Attribute->find('all', $params);
|
||||
$this->loadModel('Whitelist');
|
||||
$this->response->type('xml');
|
||||
$results = $this->Whitelist->removeWhitelistedFromArray($results, false);
|
||||
$results = $this->Whitelist->removeWhitelistedFromArray($results, true);
|
||||
if (empty($results)) throw new NotFoundException('No matches.');
|
||||
$this->set('results', $results);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1804,9 +1804,15 @@ class EventsController extends AppController {
|
|||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
}
|
||||
$value = str_replace('|', '/', $value);
|
||||
$this->response->type('xml'); // set the content type
|
||||
$this->layout = 'xml/default';
|
||||
$this->header('Content-Disposition: download; filename="misp.search.events.results.xml"');
|
||||
if (!isset($this->request->params['ext']) || $this->request->params['ext'] !== 'json') {
|
||||
$this->response->type('xml'); // set the content type
|
||||
$this->layout = 'xml/default';
|
||||
$this->header('Content-Disposition: download; filename="misp.search.events.results.xml"');
|
||||
} else {
|
||||
$this->response->type('json'); // set the content type
|
||||
$this->layout = 'json/default';
|
||||
$this->header('Content-Disposition: download; filename="misp.search.events.results.json"');
|
||||
}
|
||||
$conditions['AND'] = array();
|
||||
$subcondition = array();
|
||||
$this->loadModel('Attribute');
|
||||
|
|
@ -1861,7 +1867,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
// If we sent any tags along, load the associated tag names for each attribute
|
||||
if ($tags !== '') {
|
||||
if ($tags) {
|
||||
$args = $this->Event->Attribute->dissectArgs($tags);
|
||||
$this->loadModel('Tag');
|
||||
$tagArray = $this->Tag->fetchEventTagIds($args[0], $args[1]);
|
||||
|
|
@ -1891,7 +1897,7 @@ class EventsController extends AppController {
|
|||
throw new NotFoundException('No matches.');
|
||||
}
|
||||
$this->loadModel('Whitelist');
|
||||
$results = $this->Whitelist->removeWhitelistedFromArray($results, true);
|
||||
$results = $this->Whitelist->removeWhitelistedFromArray($results, false);
|
||||
$this->response->type('xml');
|
||||
$this->set('results', $results);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
Subproject commit 8b1e5e31c7517c1e1a53bf7a9fb63338ef7e0c3b
|
||||
Subproject commit ac1a5c58f5654d6a1850fe57f9f893f187c0eba4
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
<?php
|
||||
$jsonArray = array();
|
||||
foreach ($results as $k => $v) {
|
||||
unset (
|
||||
$results[$k]['Event'],
|
||||
$results[$k]['Attribute']['value1'],
|
||||
$results[$k]['Attribute']['value2'],
|
||||
$results[$k]['Attribute']['category_order']
|
||||
);
|
||||
$jsonArray['response']['Attribute'][] = $results[$k]['Attribute'];
|
||||
}
|
||||
echo json_encode($jsonArray);
|
||||
|
|
@ -0,0 +1,41 @@
|
|||
<?php
|
||||
$jsonArray = array();
|
||||
foreach ($results as $result) {
|
||||
$result['Event']['Attribute'] = $result['Attribute'];
|
||||
$result['Event']['ShadowAttribute'] = $result['ShadowAttribute'];
|
||||
$result['Event']['RelatedEvent'] = $result['RelatedEvent'];
|
||||
|
||||
//
|
||||
// cleanup the array from things we do not want to expose
|
||||
//
|
||||
unset($result['Event']['user_id']);
|
||||
// hide the org field is we are not in showorg mode
|
||||
if ('true' != Configure::read('MISP.showorg') && !$isSiteAdmin) {
|
||||
unset($result['Event']['org']);
|
||||
unset($result['Event']['orgc']);
|
||||
unset($result['Event']['from']);
|
||||
}
|
||||
// remove value1 and value2 from the output and remove invalid utf8 characters for the xml parser
|
||||
foreach ($result['Event']['Attribute'] as $key => $value) {
|
||||
$result['Event']['Attribute'][$key]['value'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $result['Event']['Attribute'][$key]['value']);
|
||||
unset($result['Event']['Attribute'][$key]['value1']);
|
||||
unset($result['Event']['Attribute'][$key]['value2']);
|
||||
unset($result['Event']['Attribute'][$key]['category_order']);
|
||||
}
|
||||
// remove invalid utf8 characters for the xml parser
|
||||
foreach($result['Event']['ShadowAttribute'] as $key => $value) {
|
||||
$result['Event']['ShadowAttribute'][$key]['value'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $result['Event']['ShadowAttribute'][$key]['value']);
|
||||
}
|
||||
|
||||
if (isset($result['Event']['RelatedEvent'])) {
|
||||
foreach ($result['Event']['RelatedEvent'] as $key => $value) {
|
||||
unset($result['Event']['RelatedEvent'][$key]['user_id']);
|
||||
if ('true' != Configure::read('MISP.showorg') && !$isAdmin) {
|
||||
unset($result['Event']['RelatedEvent'][$key]['org']);
|
||||
unset($result['Event']['RelatedEvent'][$key]['orgc']);
|
||||
}
|
||||
}
|
||||
}
|
||||
$jsonArray['response']['Event'][] = $result['Event'];
|
||||
}
|
||||
echo json_encode($jsonArray);
|
||||
Loading…
Reference in New Issue