MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of github.com:MISP/MISP into 2.4

pull/3450/head
chrisr3d 2018-07-03 10:31:16 +02:00
parent d674612858 c3158b50ba
commit 116da2fb9f
9 changed files with 104 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Controller/Component/ACLComponent.php
View File

@ -106,6 +106,7 @@ class ACLComponent extends Component {
'filterEventIdsForPush' => array('perm_sync'),
'filterEventIndex' => array('*'),
'freeTextImport' => array('perm_add'),
'getEditStrategy' => array('perm_add'),
'getEventInfoById' => array('*'),
'getEventGraphReferences' => array('*'),
'getEventGraphTags' => array('*'),

41
app/Controller/EventsController.php
View File

@ -5098,4 +5098,45 @@ class EventsController extends AppController {
return $this->RestResponse->viewData(array(), $this->response->type());
}
}
public function getEditStrategy($id) {
// find the id of the event, change $id to it and proceed to read the event as if the ID was entered.
if (Validation::uuid($id)) {
$this->Event->recursive = -1;
$event = $this->Event->find('first', array(
'recursive' => -1,
'conditions' => array('Event.uuid' => $id),
'fields' => array('Event.id', 'Event.uuid', 'Event.orgc_id')
));
if ($event == null) throw new NotFoundException('Invalid event');
$id = $event['Event']['id'];
} else if (!is_numeric($id)) {
throw new NotFoundException(__('Invalid event'));
} else {
$event = $this->Event->find('first', array(
'recursive' => -1,
'conditions' => array('Event.id' => $id),
'fields' => array('Event.id', 'Event.uuid', 'Event.orgc_id')
));
}
if (empty($event)) throw new NotFoundException(__('Invalid event'));
$response = array('extensions' => array());
if ($event['Event']['orgc_id'] === $this->Auth->user('org_id')) {
$response['strategy'] = 'edit';
} else {
$response['strategy'] = 'extend';
}
$extendedEvents = $this->Event->find('all', array(
'recursive' => -1,
'fields' => array('Event.id', 'Event.info', 'Event.uuid'),
'conditions' => array(
'Event.extends_uuid' => $event['Event']['uuid'],
'Event.orgc_id' => $this->Auth->user('org_id')
)
));
foreach ($extendedEvents as $extendedEvent) {
$response['extensions'][] = $extendedEvent['Event'];
}
return $this->RestResponse->viewData($response, $this->response->type());
}
}

2
app/Controller/ServersController.php
View File

@ -377,7 +377,7 @@ class ServersController extends AppController {
}
if (!$fail) {
// say what fields are to be updated
$fieldList = array('id', 'url', 'push', 'pull', 'unpublish_event', 'publish_without_email', 'remote_org_id', 'name' ,'self_signed', 'cert_file', 'client_cert_file', 'push_rules', 'pull_rules', 'internal');
$fieldList = array('id', 'url', 'push', 'pull', 'unpublish_event', 'publish_without_email', 'remote_org_id', 'name' ,'self_signed', 'cert_file', 'client_cert_file', 'push_rules', 'pull_rules', 'internal', 'skip_proxy');
$this->request->data['Server']['id'] = $id;
if (isset($this->request->data['Server']['authkey']) && "" != $this->request->data['Server']['authkey']) $fieldList[] = 'authkey';
if(isset($this->request->data['Server']['organisation_type']) && isset($json)) {

3
app/Lib/Tools/SyncTool.php
View File

@ -16,9 +16,10 @@ class SyncTool {
}
}
$HttpSocket = new HttpSocket($params);
if (empty($server['Server']['skip_proxy'])) {
$proxy = Configure::read('Proxy');
if (isset($proxy['host']) && !empty($proxy['host'])) $HttpSocket->configProxy($proxy['host'], $proxy['port'], $proxy['method'], $proxy['user'], $proxy['password']);
}
return $HttpSocket;
}

6
app/Model/AppModel.php
View File

@ -63,7 +63,8 @@ class AppModel extends Model {
public $db_changes = array(
1 => false, 2 => false, 3 => false, 4 => true, 5 => false, 6 => false,
7 => false, 8 => false, 9 => false, 10 => false, 11 => false, 12 => false
7 => false, 8 => false, 9 => false, 10 => false, 11 => false, 12 => false,
13 => false
);
function afterSave($created, $options = array()) {
@ -957,6 +958,9 @@ class AppModel extends Model {
INDEX `timestamp` (`timestamp`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
break;
case 13:
$sqlArray[] = "ALTER TABLE `servers` ADD `skip_proxy` tinyint(1) NOT NULL DEFAULT 0;";
break;
case 'fixNonEmptySharingGroupID':
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';

32
app/Model/Attribute.php
View File

@ -2605,18 +2605,35 @@ class Attribute extends AppModel {
));
return $results;
}
$results = $this->find('all', $params);
// return false if we're paginating
if (isset($options['limit']) && empty($results)) return false;
if ($options['enforceWarninglist']) {
$this->Warninglist = ClassRegistry::init('Warninglist');
$warninglists = $this->Warninglist->fetchForEventView();
}
if (empty($params['limit'])) {
$pagesToFetch = $this->find('count', array('conditions' => $params['conditions']));
$loopLimit = 100000;
$pagesToFetch = ceil($pagesToFetch / $loopLimit);
$loop = true;
} else {
$loop = false;
$pagesToFetch = 1;
}
$attributes = array();
for ($i = 0; $i < $pagesToFetch; $i++) {
if ($loop) {
$params['limit'] = $loopLimit;
$params['page'] = $i+1;
}
$results = $this->find('all', $params);
// return false if we're paginating
if (isset($options['limit']) && empty($results)) return false;
$results = array_values($results);
$proposals_block_attributes = Configure::read('MISP.proposals_block_attributes');
foreach ($results as $key => $attribute) {
if ($options['enforceWarninglist'] && !$this->Warninglist->filterWarninglistAttributes($warninglists, $attribute['Attribute'])) {
unset($results[$key]);
continue;
}
if (!empty($options['includeAttributeUuid']) || !empty($options['includeEventUuid'])) {
@ -2624,7 +2641,7 @@ class Attribute extends AppModel {
}
if ($proposals_block_attributes) {
if (!empty($attribute['ShadowAttribute'])) {
unset($results[$key]);
continue;
} else {
unset($results[$key]['ShadowAttribute']);
}
@ -2635,9 +2652,10 @@ class Attribute extends AppModel {
$results[$key]['Attribute']['data'] = $encodedFile;
}
}
$attributes[] = $results[$key];
}
$results = array_values($results);
return $results;
}
return $attributes;
}
// Method gets and converts the contents of a file passed along as a base64 encoded string with the original filename into a zip archive

4
app/View/Servers/add.ctp
View File

@ -88,6 +88,10 @@
echo $this->Form->input('self_signed', array(
'type' => 'checkbox',
));
?>
<div class = "input clear"></div>
<?php
echo $this->Form->input('skip_proxy', array('type' => 'checkbox', 'label' => 'Skip proxy (if applicable)'));
echo $this->Form->input('Server.submitted_cert', array(
'label' => '<b>' . __('Server certificate file') . '</b>',

4
app/View/Servers/edit.ctp
View File

@ -94,6 +94,10 @@
echo $this->Form->input('self_signed', array(
'type' => 'checkbox',
));
?>
<div class = "input clear"></div>
<?php
echo $this->Form->input('skip_proxy', array('type' => 'checkbox', 'label' => 'Skip proxy (if applicable)'));
?>
<div class="clear">
<p>

2
app/View/Servers/index.ctp
View File

@ -31,6 +31,7 @@
<th><?php echo $this->Paginator->sort('cert_file');?></th>
<th><?php echo $this->Paginator->sort('client_cert_file');?></th>
<th><?php echo $this->Paginator->sort('self_signed');?></th>
<th><?php echo $this->Paginator->sort('skip_proxy');?></th>
<th><?php echo $this->Paginator->sort('org');?></th>
<th class="actions"><?php echo __('Actions');?></th>
</tr>
@ -78,6 +79,7 @@ foreach ($servers as $server):
<td class="short"><?php echo h($server['Server']['cert_file']); ?>&nbsp;</td>
<td class="short"><?php echo h($server['Server']['client_cert_file']); ?>&nbsp;</td>
<td class="short"><span class="<?php echo ($server['Server']['self_signed'] ? 'icon-ok' : 'icon-remove'); ?>"></span></td>
<td class="short"><span class="<?php echo ($server['Server']['skip_proxy'] ? 'icon-ok' : 'icon-remove'); ?>"></span></td>
<td class="short"><a href="/organisations/view/<?php echo h($server['Organisation']['id']); ?>"><?php echo h($server['Organisation']['name']); ?></a></td>
<td class="short action-links">
<?php