mirror of https://github.com/MISP/MISP
fix: [bug] Fixed broken multi-attribute tagger
parent
79aed910a9
commit
11856261ef
|
@ -3161,21 +3161,23 @@ class AttributesController extends AppController
|
|||
$success = 0;
|
||||
$fails = 0;
|
||||
foreach ($idList as $id) {
|
||||
$this->Attribute->id = $id;
|
||||
if (!$this->Attribute->exists()) {
|
||||
$attribute = $this->Attribute->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array('Attribute.id' => $id, 'Attribute.deleted' => 0),
|
||||
'contain' => array('Event.orgc_id')
|
||||
));
|
||||
if (empty($attribute)) {
|
||||
throw new NotFoundException(__('Invalid attribute'));
|
||||
}
|
||||
$this->Attribute->read();
|
||||
if (!$this->_isSiteAdmin() && $this->Attribute->data['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
|
||||
if (!$this->_isSiteAdmin() && $attribute['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
|
||||
$fails++;
|
||||
continue;
|
||||
}
|
||||
if ($this->Attribute->data['Attribute']['deleted']) {
|
||||
throw new NotFoundException(__('Invalid attribute'));
|
||||
}
|
||||
$eventId = $this->Attribute->data['Attribute']['event_id'];
|
||||
$this->Attribute->Event->recursive = -1;
|
||||
$event = $this->Attribute->Event->read(array(), $eventId);
|
||||
$eventId = $attribute['Attribute']['event_id'];
|
||||
$event = $this->Attribute->Event->find('first', array(
|
||||
'conditions' => array('Event.id' => $eventId),
|
||||
'recursive' => -1
|
||||
));
|
||||
if (!$this->_isSiteAdmin() && !$this->userRole['perm_sync']) {
|
||||
if (!$this->userRole['perm_tagger'] || ($this->Auth->user('org_id') !== $event['Event']['org_id'] && $this->Auth->user('org_id') !== $event['Event']['orgc_id'])) {
|
||||
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'You don\'t have permission to do that.')), 'status' => 200, 'type' => 'json'));
|
||||
|
@ -3184,8 +3186,6 @@ class AttributesController extends AppController
|
|||
if (!$this->_isRest()) {
|
||||
$this->Attribute->Event->insertLock($this->Auth->user(), $eventId);
|
||||
}
|
||||
$this->Attribute->recursive = -1;
|
||||
|
||||
foreach ($tag_id_list as $tag_id) {
|
||||
$this->Attribute->AttributeTag->Tag->id = $tag_id;
|
||||
if (!$this->Attribute->AttributeTag->Tag->exists()) {
|
||||
|
@ -3214,9 +3214,9 @@ class AttributesController extends AppController
|
|||
$event['Event']['published'] = 0;
|
||||
$date = new DateTime();
|
||||
$event['Event']['timestamp'] = $date->getTimestamp();
|
||||
$this->Attribute->Event->save($event);
|
||||
$this->Attribute->data['Attribute']['timestamp'] = $date->getTimestamp();
|
||||
$this->Attribute->save($this->Attribute->data);
|
||||
$result = $this->Attribute->Event->save($event);
|
||||
$attribute['Attribute']['timestamp'] = $date->getTimestamp();
|
||||
$this->Attribute->save($attribute);
|
||||
$log = ClassRegistry::init('Log');
|
||||
$log->createLogEntry($this->Auth->user(), 'tag', 'Attribute', $id, 'Attached tag (' . $tag_id . ') "' . $tag['Tag']['name'] . '" to attribute (' . $id . ')', 'Attribute (' . $id . ') tagged as Tag (' . $tag_id . ')');
|
||||
$success++;
|
||||
|
|
Loading…
Reference in New Issue