diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index 7a7a02c7a..bd3076e26 100755 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -1115,9 +1115,15 @@ class AttributesController extends AppController { throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.'); } $value = str_replace('|', '/', $value); - $this->response->type('xml'); // set the content type - $this->layout = 'xml/default'; - $this->header('Content-Disposition: download; filename="misp.search.attribute.results.xml"'); + if (!isset($this->request->params['ext']) || $this->request->params['ext'] !== 'json') { + $this->response->type('xml'); // set the content type + $this->layout = 'xml/default'; + $this->header('Content-Disposition: download; filename="misp.search.attribute.results.xml"'); + } else { + $this->response->type('json'); // set the content type + $this->layout = 'json/default'; + $this->header('Content-Disposition: download; filename="misp.search.attribute.results.json"'); + } $conditions['AND'] = array(); $subcondition = array(); $this->loadModel('Attribute'); @@ -1172,7 +1178,7 @@ class AttributesController extends AppController { array_push($conditions['AND'], $subcondition); } // If we sent any tags along, load the associated tag names for each attribute - if ($tags !== '') { + if ($tags) { $args = $this->Attribute->dissectArgs($tags); $this->loadModel('Tag'); $tagArray = $this->Tag->fetchEventTagIds($args[0], $args[1]); @@ -1197,8 +1203,7 @@ class AttributesController extends AppController { ); $results = $this->Attribute->find('all', $params); $this->loadModel('Whitelist'); - $this->response->type('xml'); - $results = $this->Whitelist->removeWhitelistedFromArray($results, false); + $results = $this->Whitelist->removeWhitelistedFromArray($results, true); if (empty($results)) throw new NotFoundException('No matches.'); $this->set('results', $results); } diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index abee44486..abf96d4ce 100755 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1804,9 +1804,15 @@ class EventsController extends AppController { throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.'); } $value = str_replace('|', '/', $value); - $this->response->type('xml'); // set the content type - $this->layout = 'xml/default'; - $this->header('Content-Disposition: download; filename="misp.search.events.results.xml"'); + if (!isset($this->request->params['ext']) || $this->request->params['ext'] !== 'json') { + $this->response->type('xml'); // set the content type + $this->layout = 'xml/default'; + $this->header('Content-Disposition: download; filename="misp.search.events.results.xml"'); + } else { + $this->response->type('json'); // set the content type + $this->layout = 'json/default'; + $this->header('Content-Disposition: download; filename="misp.search.events.results.json"'); + } $conditions['AND'] = array(); $subcondition = array(); $this->loadModel('Attribute'); @@ -1861,7 +1867,7 @@ class EventsController extends AppController { } // If we sent any tags along, load the associated tag names for each attribute - if ($tags !== '') { + if ($tags) { $args = $this->Event->Attribute->dissectArgs($tags); $this->loadModel('Tag'); $tagArray = $this->Tag->fetchEventTagIds($args[0], $args[1]); @@ -1891,7 +1897,7 @@ class EventsController extends AppController { throw new NotFoundException('No matches.'); } $this->loadModel('Whitelist'); - $results = $this->Whitelist->removeWhitelistedFromArray($results, true); + $results = $this->Whitelist->removeWhitelistedFromArray($results, false); $this->response->type('xml'); $this->set('results', $results); } diff --git a/app/Lib/cakephp b/app/Lib/cakephp index 8b1e5e31c..ac1a5c58f 160000 --- a/app/Lib/cakephp +++ b/app/Lib/cakephp @@ -1 +1 @@ -Subproject commit 8b1e5e31c7517c1e1a53bf7a9fb63338ef7e0c3b +Subproject commit ac1a5c58f5654d6a1850fe57f9f893f187c0eba4 diff --git a/app/View/Attributes/json/rest_search.ctp b/app/View/Attributes/json/rest_search.ctp new file mode 100644 index 000000000..d052ae47c --- /dev/null +++ b/app/View/Attributes/json/rest_search.ctp @@ -0,0 +1,12 @@ + $v) { + unset ( + $results[$k]['Event'], + $results[$k]['Attribute']['value1'], + $results[$k]['Attribute']['value2'], + $results[$k]['Attribute']['category_order'] + ); + $jsonArray['response']['Attribute'][] = $results[$k]['Attribute']; +} +echo json_encode($jsonArray); \ No newline at end of file diff --git a/app/View/Events/json/rest_search.ctp b/app/View/Events/json/rest_search.ctp new file mode 100644 index 000000000..c8b37e07a --- /dev/null +++ b/app/View/Events/json/rest_search.ctp @@ -0,0 +1,41 @@ + $value) { + $result['Event']['Attribute'][$key]['value'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $result['Event']['Attribute'][$key]['value']); + unset($result['Event']['Attribute'][$key]['value1']); + unset($result['Event']['Attribute'][$key]['value2']); + unset($result['Event']['Attribute'][$key]['category_order']); + } + // remove invalid utf8 characters for the xml parser + foreach($result['Event']['ShadowAttribute'] as $key => $value) { + $result['Event']['ShadowAttribute'][$key]['value'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $result['Event']['ShadowAttribute'][$key]['value']); + } + + if (isset($result['Event']['RelatedEvent'])) { + foreach ($result['Event']['RelatedEvent'] as $key => $value) { + unset($result['Event']['RelatedEvent'][$key]['user_id']); + if ('true' != Configure::read('MISP.showorg') && !$isAdmin) { + unset($result['Event']['RelatedEvent'][$key]['org']); + unset($result['Event']['RelatedEvent'][$key]['orgc']); + } + } + } + $jsonArray['response']['Event'][] = $result['Event']; +} +echo json_encode($jsonArray);