MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'feature/gui' into develop 

Conflicts:
	app/View/Users/memberslist.ctp
pull/217/head
Christophe Vandeplas 2013-06-10 20:23:29 +02:00
parent bd444d3ed8 de8793fbfc
commit 128725cb36
166 changed files with 18615 additions and 4117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
INSTALL/MYSQL.dist_change.sql
View File

@ -1,2 +1,2 @@
ALTER TABLE `events` ADD `dist_change` INT NOT NULL DEFAULT '0'
ALTER TABLE `events` ADD `dist_change` INT NOT NULL DEFAULT '0'
ALTER TABLE `attributes` ADD `dist_change` INT NOT NULL DEFAULT '0'

585
INSTALL/MYSQL.sql
View File

@ -1,294 +1,293 @@
-- --------------------------------------------------------
--
-- Table structure for table `attributes`
--
CREATE TABLE IF NOT EXISTS `attributes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`event_id` int(11) NOT NULL,
`type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`category` varchar(255) COLLATE utf8_bin NOT NULL,
`value1` text COLLATE utf8_bin,
`to_ids` tinyint(1) NOT NULL DEFAULT '1',
`uuid` varchar(40) COLLATE utf8_bin NOT NULL,
`revision` int(10) NOT NULL DEFAULT '0',
`private` tinyint(1) NOT NULL,
`cluster` tinyint(1) NOT NULL,
`communitie` tinyint(1) NOT NULL,
`value2` text COLLATE utf8_bin,
`dist_change` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
KEY `event_id` (`event_id`),
KEY `uuid` (`uuid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `blacklist`
--
CREATE TABLE IF NOT EXISTS `blacklist` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(254) COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `bruteforces`
--
CREATE TABLE IF NOT EXISTS `bruteforces` (
`ip` varchar(255) COLLATE utf8_bin NOT NULL,
`username` varchar(255) COLLATE utf8_bin NOT NULL,
`expire` datetime NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `correlations`
--
CREATE TABLE `correlations` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`value` text COLLATE utf8_bin NOT NULL,
`1_event_id` int(11) NOT NULL,
`1_attribute_id` int(11) NOT NULL,
`1_private` tinyint(1) NOT NULL DEFAULT '0',
`event_id` int(11) NOT NULL,
`attribute_id` int(11) NOT NULL,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`private` tinyint(1) NOT NULL,
`date` date NOT NULL,
`info` text COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `events`
--
CREATE TABLE IF NOT EXISTS `events` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`date` date NOT NULL,
`risk` enum('Undefined','Low','Medium','High') COLLATE utf8_bin NOT NULL,
`info` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`user_id` int(11) NOT NULL,
`uuid` varchar(40) COLLATE utf8_bin NOT NULL,
`revision` tinyint(1) NOT NULL,
`private` tinyint(1) NOT NULL,
`cluster` tinyint(1) NOT NULL,
`communitie` tinyint(1) NOT NULL,
`attribute_count` int(11) NOT NULL,
`published` tinyint(1) NOT NULL DEFAULT '0',
`analysis` tinyint(4) NOT NULL,
`orgc` varchar(255) COLLATE utf8_bin NOT NULL,
`dist_change` int(11) NOT NULL DEFAULT '0',
`from` varchar(10) COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`),
KEY `uuid` (`uuid`),
FULLTEXT KEY `info` (`info`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `logs`
--
CREATE TABLE IF NOT EXISTS `logs` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`created` datetime DEFAULT NULL,
`model` varchar(20) COLLATE utf8_bin DEFAULT NULL,
`model_id` int(11) DEFAULT NULL,
`action` varchar(20) COLLATE utf8_bin DEFAULT NULL,
`user_id` int(11) DEFAULT NULL,
`change` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`email` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`org` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`description` varchar(255) COLLATE utf8_bin DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `regexp`
--
CREATE TABLE IF NOT EXISTS `regexp` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`regexp` varchar(255) COLLATE utf8_bin NOT NULL,
`replacement` varchar(255) COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `roles`
--
CREATE TABLE IF NOT EXISTS `roles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(100) NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
`perm_add` tinyint(1) DEFAULT NULL,
`perm_modify` tinyint(1) DEFAULT NULL,
`perm_modify_org` tinyint(1) DEFAULT NULL,
`perm_publish` tinyint(1) DEFAULT NULL,
`perm_sync` tinyint(1) DEFAULT NULL,
`perm_admin` tinyint(1) DEFAULT NULL,
`perm_audit` tinyint(1) DEFAULT NULL,
`perm_full` tinyint(1) DEFAULT NULL,
`perm_auth` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
-- --------------------------------------------------------
--
-- Table structure for table `servers`
--
CREATE TABLE IF NOT EXISTS `servers` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`url` varchar(255) COLLATE utf8_bin NOT NULL,
`authkey` varchar(40) COLLATE utf8_bin NOT NULL,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`organization` varchar(10) COLLATE utf8_bin NOT NULL,
`push` tinyint(1) NOT NULL,
`pull` tinyint(1) NOT NULL,
`lastpulledid` int(11) NOT NULL,
`lastpushedid` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `shadow_attributes`
--
CREATE TABLE IF NOT EXISTS `shadow_attributes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`old_id` int(11) NOT NULL,
`event_id` int(11) NOT NULL,
`type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`category` varchar(255) COLLATE utf8_bin NOT NULL,
`value1` text COLLATE utf8_bin,
`to_ids` tinyint(1) NOT NULL DEFAULT '1',
`uuid` varchar(40) COLLATE utf8_bin NOT NULL,
`value2` text COLLATE utf8_bin,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`email` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`),
KEY `event_id` (`event_id`),
KEY `uuid` (`uuid`),
KEY `old_id` (`old_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=11 ;
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`password` varchar(40) COLLATE utf8_bin NOT NULL,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`email` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`autoalert` tinyint(1) NOT NULL,
`authkey` varchar(40) COLLATE utf8_bin NOT NULL,
`invited_by` int(11) NOT NULL,
`gpgkey` longtext COLLATE utf8_bin NOT NULL,
`nids_sid` int(15) NOT NULL,
`termsaccepted` tinyint(1) NOT NULL,
`newsread` date NOT NULL,
`role_id` int(11) DEFAULT NULL,
`change_pw` tinyint(4) NOT NULL,
`contactalert` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
KEY `username` (`password`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `whitelist`
--
CREATE TABLE IF NOT EXISTS `whitelist` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Default values for initial installation
--
INSERT INTO `users` (`id`, `password`, `org`, `email`, `autoalert`, `authkey`, `invited_by`, `gpgkey`, `nids_sid`, `termsaccepted`, `newsread`, `role_id`, `change_pw`) VALUES(1, 'babc86e0869015b3f0b4d48ca48700d3a9d1b9d7', 'ADMIN', 'admin@admin.test', 0, 'vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb', 1, '', 4000000, 0, '2012-03-13', '1', '1');
INSERT INTO `regexp`
(`regexp`, `replacement`)
VALUES
('/.:.ProgramData./i','%ALLUSERSPROFILE%\\\\'),
('/.:.Documents and Settings.All Users./i','%ALLUSERSPROFILE%\\\\'),
('/.:.Program Files.Common Files./i','%COMMONPROGRAMFILES%\\\\'),
('/.:.Program Files \(x86\).Common Files./i','%COMMONPROGRAMFILES(x86)%\\\\'),
('/.:.Users.(\\w+).AppData.Local.Temp./i','%TEMP%\\\\'),
('/.:.ProgramData./i','%PROGRAMDATA%\\\\'),
('/.:.Program Files./i','%PROGRAMFILES%\\\\'),
('/.:.Program Files \(x86\)./i','%PROGRAMFILES(X86)%\\\\'),
('/.:.Users.Public./i','%PUBLIC%\\\\'),
('/.:.Documents and Settings.(\\w+).Local Settings.Temp./i','%TEMP%\\\\'),
('/.:.Users.(\\w+).AppData.Local.Temp./i','%TEMP%\\\\'),
('/.:.Users.(\\w+).AppData.Local./i','%LOCALAPPDATA%\\\\'),
('/.:.Users.(\\w+).AppData.Roaming./i','%APPDATA%\\\\'),
('/.:.Users.(\\w+).Application Data./i','%APPDATA%\\\\'),
('/.:.Windows.(\\w+).Application Data./i','%APPDATA%\\\\'),
('/.:.Users.(\\w+)./i','%USERPROFILE%\\\\'),
('/.:.DOCUME~1.(\\w+)./i','%USERPROFILE%\\\\'),
('/.:.Documents and Settings.(\\w+)./i','%USERPROFILE%\\\\'),
('/.:.Windows./i','%WINDIR%\\\\'),
('/.:.Windows./i','%WINDIR%\\\\'),
('/.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{9}){1}(-[0-9]{10}){1}-[0-9]{9}-[0-9]{4}/i','HKCU'),
('/.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{10}){2}-[0-9]{9}-[0-9]{4}/i','HKCU'),
('/.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{10}){3}-[0-9]{4}/i','HKCU'),
('/.REGISTRY.MACHINE./i','HKLM\\\\'),
('/.Registry.Machine./i','HKLM\\\\');
-- --------------------------------------------------------
--
-- Creating initial roles
--
-- 1. Admin - has full access
-- 2. Org Admin - read/write/publish/audit/admin/sync/auth
-- 3. User - User - Read / Write, no other permissions (default)
-- 4. Sync user - read/write/publish/sync/auth
--
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('1', 'admin', NOW() , NOW() , '1', '1', '1', '1', '1', '1', '1', '1', '1');
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('2', 'Org Admin', NOW() , NOW() , '1', '1', '1' , '1', '1', '1', '1', '0' , '1');
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('3', 'User', NOW() , NOW() , '1', '1', '1' , '0' , '0' , '0' , '0' , '0' , '0');
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`)
VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1');
-- --------------------------------------------------------
--
-- Table structure for table `attributes`
--
CREATE TABLE IF NOT EXISTS `attributes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`event_id` int(11) NOT NULL,
`type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`category` varchar(255) COLLATE utf8_bin NOT NULL,
`value1` text COLLATE utf8_bin,
`to_ids` tinyint(1) NOT NULL DEFAULT '1',
`uuid` varchar(40) COLLATE utf8_bin NOT NULL,
`revision` int(10) NOT NULL DEFAULT '0',
`private` tinyint(1) NOT NULL,
`cluster` tinyint(1) NOT NULL,
`communitie` tinyint(1) NOT NULL,
`value2` text COLLATE utf8_bin,
`dist_change` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
KEY `event_id` (`event_id`),
KEY `uuid` (`uuid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `blacklist`
--
CREATE TABLE IF NOT EXISTS `blacklist` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(254) COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `bruteforces`
--
CREATE TABLE IF NOT EXISTS `bruteforces` (
`ip` varchar(255) COLLATE utf8_bin NOT NULL,
`username` varchar(255) COLLATE utf8_bin NOT NULL,
`expire` datetime NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `correlations`
--
CREATE TABLE `correlations` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`value` text COLLATE utf8_bin NOT NULL,
`1_event_id` int(11) NOT NULL,
`1_attribute_id` int(11) NOT NULL,
`1_private` tinyint(1) NOT NULL DEFAULT '0',
`event_id` int(11) NOT NULL,
`attribute_id` int(11) NOT NULL,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`private` tinyint(1) NOT NULL,
`date` date NOT NULL,
`info` text COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `events`
--
CREATE TABLE IF NOT EXISTS `events` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`date` date NOT NULL,
`risk` enum('Undefined','Low','Medium','High') COLLATE utf8_bin NOT NULL,
`info` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`user_id` int(11) NOT NULL,
`uuid` varchar(40) COLLATE utf8_bin NOT NULL,
`revision` tinyint(1) NOT NULL,
`private` tinyint(1) NOT NULL,
`cluster` tinyint(1) NOT NULL,
`communitie` tinyint(1) NOT NULL,
`attribute_count` int(11) NOT NULL,
`published` tinyint(1) NOT NULL DEFAULT '0',
`analysis` tinyint(4) NOT NULL,
`orgc` varchar(255) COLLATE utf8_bin NOT NULL,
`dist_change` int(11) NOT NULL DEFAULT '0',
`from` varchar(10) COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`),
KEY `uuid` (`uuid`),
FULLTEXT KEY `info` (`info`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `logs`
--
CREATE TABLE IF NOT EXISTS `logs` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`created` datetime DEFAULT NULL,
`model` varchar(20) COLLATE utf8_bin DEFAULT NULL,
`model_id` int(11) DEFAULT NULL,
`action` varchar(20) COLLATE utf8_bin DEFAULT NULL,
`user_id` int(11) DEFAULT NULL,
`change` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`email` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`org` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`description` varchar(255) COLLATE utf8_bin DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `regexp`
--
CREATE TABLE IF NOT EXISTS `regexp` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`regexp` varchar(255) COLLATE utf8_bin NOT NULL,
`replacement` varchar(255) COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `roles`
--
CREATE TABLE IF NOT EXISTS `roles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(100) NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
`perm_add` tinyint(1) DEFAULT NULL,
`perm_modify` tinyint(1) DEFAULT NULL,
`perm_modify_org` tinyint(1) DEFAULT NULL,
`perm_publish` tinyint(1) DEFAULT NULL,
`perm_sync` tinyint(1) DEFAULT NULL,
`perm_admin` tinyint(1) DEFAULT NULL,
`perm_audit` tinyint(1) DEFAULT NULL,
`perm_full` tinyint(1) DEFAULT NULL,
`perm_auth` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
-- --------------------------------------------------------
--
-- Table structure for table `servers`
--
CREATE TABLE IF NOT EXISTS `servers` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`url` varchar(255) COLLATE utf8_bin NOT NULL,
`authkey` varchar(40) COLLATE utf8_bin NOT NULL,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`organization` varchar(10) COLLATE utf8_bin NOT NULL,
`push` tinyint(1) NOT NULL,
`pull` tinyint(1) NOT NULL,
`lastpulledid` int(11) NOT NULL,
`lastpushedid` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `shadow_attributes`
--
CREATE TABLE IF NOT EXISTS `shadow_attributes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`old_id` int(11) NOT NULL,
`event_id` int(11) NOT NULL,
`type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`category` varchar(255) COLLATE utf8_bin NOT NULL,
`value1` text COLLATE utf8_bin,
`to_ids` tinyint(1) NOT NULL DEFAULT '1',
`uuid` varchar(40) COLLATE utf8_bin NOT NULL,
`value2` text COLLATE utf8_bin,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`email` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`),
KEY `event_id` (`event_id`),
KEY `uuid` (`uuid`),
KEY `old_id` (`old_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=11 ;
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`password` varchar(40) COLLATE utf8_bin NOT NULL,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`email` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`autoalert` tinyint(1) NOT NULL,
`authkey` varchar(40) COLLATE utf8_bin NOT NULL,
`invited_by` int(11) NOT NULL,
`gpgkey` longtext COLLATE utf8_bin NOT NULL,
`nids_sid` int(15) NOT NULL,
`termsaccepted` tinyint(1) NOT NULL,
`newsread` date NOT NULL,
`role_id` int(11) DEFAULT NULL,
`change_pw` tinyint(4) NOT NULL,
`contactalert` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
KEY `username` (`password`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Table structure for table `whitelist`
--
CREATE TABLE IF NOT EXISTS `whitelist` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- --------------------------------------------------------
--
-- Default values for initial installation
--
INSERT INTO `regexp`
(`regexp`, `replacement`)
VALUES
('/.:.ProgramData./i','%ALLUSERSPROFILE%\\\\'),
('/.:.Documents and Settings.All Users./i','%ALLUSERSPROFILE%\\\\'),
('/.:.Program Files.Common Files./i','%COMMONPROGRAMFILES%\\\\'),
('/.:.Program Files \(x86\).Common Files./i','%COMMONPROGRAMFILES(x86)%\\\\'),
('/.:.Users.(\\w+).AppData.Local.Temp./i','%TEMP%\\\\'),
('/.:.ProgramData./i','%PROGRAMDATA%\\\\'),
('/.:.Program Files./i','%PROGRAMFILES%\\\\'),
('/.:.Program Files \(x86\)./i','%PROGRAMFILES(X86)%\\\\'),
('/.:.Users.Public./i','%PUBLIC%\\\\'),
('/.:.Documents and Settings.(\\w+).Local Settings.Temp./i','%TEMP%\\\\'),
('/.:.Users.(\\w+).AppData.Local.Temp./i','%TEMP%\\\\'),
('/.:.Users.(\\w+).AppData.Local./i','%LOCALAPPDATA%\\\\'),
('/.:.Users.(\\w+).AppData.Roaming./i','%APPDATA%\\\\'),
('/.:.Users.(\\w+).Application Data./i','%APPDATA%\\\\'),
('/.:.Windows.(\\w+).Application Data./i','%APPDATA%\\\\'),
('/.:.Users.(\\w+)./i','%USERPROFILE%\\\\'),
('/.:.DOCUME~1.(\\w+)./i','%USERPROFILE%\\\\'),
('/.:.Documents and Settings.(\\w+)./i','%USERPROFILE%\\\\'),
('/.:.Windows./i','%WINDIR%\\\\'),
('/.:.Windows./i','%WINDIR%\\\\'),
('/.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{9}){1}(-[0-9]{10}){1}-[0-9]{9}-[0-9]{4}/i','HKCU'),
('/.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{10}){2}-[0-9]{9}-[0-9]{4}/i','HKCU'),
('/.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{10}){3}-[0-9]{4}/i','HKCU'),
('/.REGISTRY.MACHINE./i','HKLM\\\\'),
('/.Registry.Machine./i','HKLM\\\\');
-- --------------------------------------------------------
--
-- Creating initial roles
--
-- 1. Admin - has full access
-- 2. Org Admin - read/write/publish/audit/admin/sync/auth
-- 3. User - User - Read / Write, no other permissions (default)
-- 4. Sync user - read/write/publish/sync/auth
--
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('1', 'admin', NOW() , NOW() , '1', '1', '1', '1', '1', '1', '1', '1', '1');
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('2', 'Org Admin', NOW() , NOW() , '1', '1', '1' , '1', '1', '1', '1', '0' , '1');
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('3', 'User', NOW() , NOW() , '1', '1', '1' , '0' , '0' , '0' , '0' , '0' , '0');
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`)
VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1');
-- --------------------------------------------------------

46
INSTALL/UPGRADE.txt
View File

@ -1,24 +1,24 @@
Upgrade procedure from v1 to v2
- git pull the latest version of MISP from https://github.com/BeDefCERT/MISP.git
- execute the .sql file called "MYSQL.migrate.sql" found in the www/MISP/INSTALL folder. You can do this by
using the command "mysql -u [username] -p[password] [MISP's database] < MYSQL.migrate.sql
- excecute the following two commands from your www/MISP/app folder:
./Console/cake acl create aco root controllers
./Console/cake AclExtras.AclExtras aco_sync
- Log in with the site admin credentials and execute the following commands by changing the url
(where <MISP> is the address of your instance):
- https://<MISP>/events/generateCorrelation
- https://<MISP>/events/generateCount
- https://<MISP>/events/generateArosAcos
If all went right, then your MISP instance should now be at version 2.
Check the following:
- That your organisation in the bootstrap.php file found in www/MISP/app/Config/ is the correct
Organisation identifier used by the users of your organisation and by the sync users of
Upgrade procedure from v1 to v2
- git pull the latest version of MISP from https://github.com/BeDefCERT/MISP.git
- execute the .sql file called "MYSQL.migrate.sql" found in the www/MISP/INSTALL folder. You can do this by
using the command "mysql -u [username] -p[password] [MISP's database] < MYSQL.migrate.sql
- excecute the following two commands from your www/MISP/app folder:
./Console/cake acl create aco root controllers
./Console/cake AclExtras.AclExtras aco_sync
- Log in with the site admin credentials and execute the following commands by changing the url
(where <MISP> is the address of your instance):
- https://<MISP>/events/generateCorrelation
- https://<MISP>/events/generateCount
- https://<MISP>/events/generateArosAcos
If all went right, then your MISP instance should now be at version 2.
Check the following:
- That your organisation in the bootstrap.php file found in www/MISP/app/Config/ is the correct
Organisation identifier used by the users of your organisation and by the sync users of
other hosting organisations that synchronise with your instance.

6
app/Config/bootstrap.default.php
View File

@ -98,7 +98,6 @@
*/
Cache::config('default', array('engine' => 'File'));
//Configure::write('CyDefSIG.baseurl', 'https://sig.cyber-defence.be');
Configure::write('CyDefSIG.baseurl', 'http://localhost:8888');
if (!Configure::read('CyDefSIG.baseurl')) {
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) {
@ -108,8 +107,8 @@ if (!Configure::read('CyDefSIG.baseurl')) {
}
}
Configure::write('CyDefSIG.name', 'MISP');
Configure::write('CyDefSIG.version', '2.0');
Configure::write('CyDefSIG.header', 'CyDefSIG: Cyber Defence Signature Sharing Platform');
Configure::write('CyDefSIG.version', 'devel2.1');
Configure::write('CyDefSIG.header', 'MISP: Malware Information Sharing Platform');
Configure::write('CyDefSIG.footerpart1', 'Powered by MISP');
Configure::write('CyDefSIG.footerpart2', '&copy; Belgian Defense CERT & NCIRC');
Configure::write('CyDefSIG.footer', Configure::read('CyDefSIG.footerpart1') . ' ' . Configure::read('CyDefSIG.footerpart2'));
@ -186,6 +185,7 @@ CakePlugin::load('SysLog');
CakePlugin::load('Assets'); // having Logable
CakePlugin::load('SysLogLogable');
CakePlugin::load('MagicTools'); // having OrphansProtectable
CakePlugin::load('UrlCache');
/**
* You can attach event listeners to the request lifecyle as Dispatcher Filter . By Default CakePHP bundles two filters:

558
app/Config/core.default.php
View File

@ -1,279 +1,279 @@
<?php
/**
* This is core configuration file.
*
* Use it to configure core behavior of Cake.
*
* PHP 5
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @package app.Config
* @since CakePHP(tm) v 0.2.9
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
/**
* CakePHP Debug Level:
*
* Production Mode:
* 0: No error messages, errors, or warnings shown. Flash messages redirect.
*
* Development Mode:
* 1: Errors and warnings shown, model caches refreshed, flash messages halted.
* 2: As in 1, but also with full debug messages and SQL output.
*
* In production mode, flash messages redirect after a time interval.
* In development mode, you need to click the flash message to continue.
*/
Configure::write('debug', 0); // 0 = for production, 2 = full debug mode
/**
* Configure the Error handler used to handle errors for your application. By default
* ErrorHandler::handleError() is used. It will display errors using Debugger, when debug > 0
* and log errors with CakeLog when debug = 0.
*
* Options:
*
* - `handler` - callback - The callback to handle errors. You can set this to any callable type,
* including anonymous functions.
* - `level` - int - The level of errors you are interested in capturing.
* - `trace` - boolean - Include stack traces for errors in log files.
*
* @see ErrorHandler for more information on error handling and configuration.
*/
Configure::write('Error', array(
'handler' => 'ErrorHandler::handleError',
'level' => E_ALL & ~E_DEPRECATED,
'trace' => true
));
/**
* Configure the Exception handler used for uncaught exceptions. By default,
* ErrorHandler::handleException() is used. It will display a HTML page for the exception, and
* while debug > 0, framework errors like Missing Controller will be displayed. When debug = 0,
* framework errors will be coerced into generic HTTP errors.
*
* Options:
*
* - `handler` - callback - The callback to handle exceptions. You can set this to any callback type,
* including anonymous functions.
* - `renderer` - string - The class responsible for rendering uncaught exceptions. If you choose a custom class you
* should place the file for that class in app/Lib/Error. This class needs to implement a render method.
* - `log` - boolean - Should Exceptions be logged?
*
* @see ErrorHandler for more information on exception handling and configuration.
*/
Configure::write('Exception', array(
'handler' => 'ErrorHandler::handleException',
'renderer' => 'ExceptionRenderer',
'log' => true
));
/**
* Application wide charset encoding
*/
Configure::write('App.encoding', 'UTF-8');
/**
* To configure CakePHP *not* to use mod_rewrite and to
* use CakePHP pretty URLs, remove these .htaccess
* files:
*
* /.htaccess
* /app/.htaccess
* /app/webroot/.htaccess
*
* And uncomment the App.baseUrl below:
*/
//Configure::write('App.baseUrl', env('SCRIPT_NAME'));
/**
* Uncomment the define below to use CakePHP prefix routes.
*
* The value of the define determines the names of the routes
* and their associated controller actions:
*
* Set to an array of prefixes you want to use in your application. Use for
* admin or other prefixed routes.
*
* Routing.prefixes = array('admin', 'manager');
*
* Enables:
* `admin_index()` and `/admin/controller/index`
* `manager_index()` and `/manager/controller/index`
*
*/
Configure::write('Routing.prefixes', array('admin'));
/**
* Turn off all caching application-wide.
*
*/
Configure::write('Cache.disable', false);
/**
* Enable cache checking.
*
* If set to true, for view caching you must still use the controller
* public $cacheAction inside your controllers to define caching settings.
* You can either set it controller-wide by setting public $cacheAction = true,
* or in each action using $this->cacheAction = true.
*
*/
//Configure::write('Cache.check', true);
/**
* Defines the default error type when using the log() function. Used for
* differentiating error logging and debugging. Currently PHP supports LOG_DEBUG.
*/
define('LOG_ERROR', LOG_ERR);
/**
* Session configuration.
*
* Contains an array of settings to use for session configuration. The defaults key is
* used to define a default preset to use for sessions, any settings declared here will override
* the settings of the default config.
*
* ## Options
*
* - `Session.cookie` - The name of the cookie to use. Defaults to 'CAKEPHP'
* - `Session.timeout` - The number of minutes you want sessions to live for. This timeout is handled by CakePHP
* - `Session.cookieTimeout` - The number of minutes you want session cookies to live for.
* - `Session.checkAgent` - Do you want the user agent to be checked when starting sessions? You might want to set the
* value to false, when dealing with older versions of IE, Chrome Frame or certain web-browsing devices and AJAX
* - `Session.defaults` - The default configuration set to use as a basis for your session.
* There are four builtins: php, cake, cache, database.
* - `Session.handler` - Can be used to enable a custom session handler. Expects an array of of callables,
* that can be used with `session_save_handler`. Using this option will automatically add `session.save_handler`
* to the ini array.
* - `Session.autoRegenerate` - Enabling this setting, turns on automatic renewal of sessions, and
* sessionids that change frequently. See CakeSession::$requestCountdown.
* - `Session.ini` - An associative array of additional ini values to set.
*
* The built in defaults are:
*
* - 'php' - Uses settings defined in your php.ini.
* - 'cake' - Saves session files in CakePHP's /tmp directory.
* - 'database' - Uses CakePHP's database sessions.
* - 'cache' - Use the Cache class to save sessions.
*
* To define a custom session handler, save it at /app/Model/Datasource/Session/<name>.php.
* Make sure the class implements `CakeSessionHandlerInterface` and set Session.handler to <name>
*
* To use database sessions, run the app/Config/Schema/sessions.php schema using
* the cake shell command: cake schema create Sessions
*
*/
Configure::write('Session', array(
'timeout' => 3600, // Session timeout, default is 1 hour
'defaults' => 'php'
));
/**
* The level of CakePHP security.
*/
Configure::write('Security.level', 'medium');
/**
* A random string used in security hashing methods.
*/
Configure::write('Security.salt', 'Rooraenietu8Eeyo<Qu2eeNfterd-dd+');
/**
* A random numeric string (digits only) used to encrypt/decrypt strings.
*/
Configure::write('Security.cipherSeed', '395786739573056621429506834955');
/**
* Apply timestamps with the last modified time to static assets (js, css, images).
* Will append a querystring parameter containing the time the file was modified. This is
* useful for invalidating browser caches.
*
* Set to `true` to apply timestamps when debug > 0. Set to 'force' to always enable
* timestamping regardless of debug value.
*/
//Configure::write('Asset.timestamp', true);
/**
* Compress CSS output by removing comments, whitespace, repeating tags, etc.
* This requires a/var/cache directory to be writable by the web server for caching.
* and /vendors/csspp/csspp.php
*
* To use, prefix the CSS link URL with '/ccss/' instead of '/css/' or use HtmlHelper::css().
*/
//Configure::write('Asset.filter.css', 'css.php');
/**
* Plug in your own custom JavaScript compressor by dropping a script in your webroot to handle the
* output, and setting the config below to the name of the script.
*
* To use, prefix your JavaScript link URLs with '/cjs/' instead of '/js/' or use JavaScriptHelper::link().
*/
//Configure::write('Asset.filter.js', 'custom_javascript_output_filter.php');
/**
* The classname and database used in CakePHP's
* access control lists.
*/
Configure::write('Acl.classname', 'DbAcl');
Configure::write('Acl.database', 'default');
/**
* Uncomment this line and correct your server timezone to fix
* any date & time related errors.
*/
//date_default_timezone_set('UTC');
/**
* Pick the caching engine to use. If APC is enabled use it.
* If running via cli - apc is disabled by default. ensure it's available and enabled in this case
*
* Note: 'default' and other application caches should be configured in app/Config/bootstrap.php.
* Please check the comments in boostrap.php for more info on the cache engines available
* and their setttings.
*/
$engine = 'File';
if (extension_loaded('apc') && function_exists('apc_dec') && (php_sapi_name() !== 'cli' || ini_get('apc.enable_cli'))) {
$engine = 'Apc';
}
// In development mode, caches should expire quickly.
$duration = '+999 days';
if (Configure::read('debug') >= 1) {
$duration = '+10 seconds';
}
// Prefix each application on the same server with a different string, to avoid Memcache and APC conflicts.
$prefix = 'myapp_';
/**
* Configure the cache used for general framework caching. Path information,
* object listings, and translation cache files are stored with this configuration.
*/
Cache::config('_cake_core_', array(
'engine' => $engine,
'prefix' => $prefix . 'cake_core_',
'path' => CACHE . 'persistent' . DS,
'serialize' => ($engine === 'File'),
'duration' => $duration
));
/**
* Configure the cache for model and datasource caches. This cache configuration
* is used to store schema descriptions, and table listings in connections.
*/
Cache::config('_cake_model_', array(
'engine' => $engine,
'prefix' => $prefix . 'cake_model_',
'path' => CACHE . 'models' . DS,
'serialize' => ($engine === 'File'),
'duration' => $duration
));
<?php
/**
* This is core configuration file.
*
* Use it to configure core behavior of Cake.
*
* PHP 5
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @package app.Config
* @since CakePHP(tm) v 0.2.9
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
/**
* CakePHP Debug Level:
*
* Production Mode:
* 0: No error messages, errors, or warnings shown. Flash messages redirect.
*
* Development Mode:
* 1: Errors and warnings shown, model caches refreshed, flash messages halted.
* 2: As in 1, but also with full debug messages and SQL output.
*
* In production mode, flash messages redirect after a time interval.
* In development mode, you need to click the flash message to continue.
*/
Configure::write('debug', 0); // 0 = for production, 2 = full debug mode
/**
* Configure the Error handler used to handle errors for your application. By default
* ErrorHandler::handleError() is used. It will display errors using Debugger, when debug > 0
* and log errors with CakeLog when debug = 0.
*
* Options:
*
* - `handler` - callback - The callback to handle errors. You can set this to any callable type,
* including anonymous functions.
* - `level` - int - The level of errors you are interested in capturing.
* - `trace` - boolean - Include stack traces for errors in log files.
*
* @see ErrorHandler for more information on error handling and configuration.
*/
Configure::write('Error', array(
'handler' => 'ErrorHandler::handleError',
'level' => E_ALL & ~E_DEPRECATED,
'trace' => true
));
/**
* Configure the Exception handler used for uncaught exceptions. By default,
* ErrorHandler::handleException() is used. It will display a HTML page for the exception, and
* while debug > 0, framework errors like Missing Controller will be displayed. When debug = 0,
* framework errors will be coerced into generic HTTP errors.
*
* Options:
*
* - `handler` - callback - The callback to handle exceptions. You can set this to any callback type,
* including anonymous functions.
* - `renderer` - string - The class responsible for rendering uncaught exceptions. If you choose a custom class you
* should place the file for that class in app/Lib/Error. This class needs to implement a render method.
* - `log` - boolean - Should Exceptions be logged?
*
* @see ErrorHandler for more information on exception handling and configuration.
*/
Configure::write('Exception', array(
'handler' => 'ErrorHandler::handleException',
'renderer' => 'ExceptionRenderer',
'log' => true
));
/**
* Application wide charset encoding
*/
Configure::write('App.encoding', 'UTF-8');
/**
* To configure CakePHP *not* to use mod_rewrite and to
* use CakePHP pretty URLs, remove these .htaccess
* files:
*
* /.htaccess
* /app/.htaccess
* /app/webroot/.htaccess
*
* And uncomment the App.baseUrl below:
*/
//Configure::write('App.baseUrl', env('SCRIPT_NAME'));
/**
* Uncomment the define below to use CakePHP prefix routes.
*
* The value of the define determines the names of the routes
* and their associated controller actions:
*
* Set to an array of prefixes you want to use in your application. Use for
* admin or other prefixed routes.
*
* Routing.prefixes = array('admin', 'manager');
*
* Enables:
* `admin_index()` and `/admin/controller/index`
* `manager_index()` and `/manager/controller/index`
*
*/
Configure::write('Routing.prefixes', array('admin'));
/**
* Turn off all caching application-wide.
*
*/
Configure::write('Cache.disable', false);
/**
* Enable cache checking.
*
* If set to true, for view caching you must still use the controller
* public $cacheAction inside your controllers to define caching settings.
* You can either set it controller-wide by setting public $cacheAction = true,
* or in each action using $this->cacheAction = true.
*
*/
//Configure::write('Cache.check', true);
/**
* Defines the default error type when using the log() function. Used for
* differentiating error logging and debugging. Currently PHP supports LOG_DEBUG.
*/
define('LOG_ERROR', LOG_ERR);
/**
* Session configuration.
*
* Contains an array of settings to use for session configuration. The defaults key is
* used to define a default preset to use for sessions, any settings declared here will override
* the settings of the default config.
*
* ## Options
*
* - `Session.cookie` - The name of the cookie to use. Defaults to 'CAKEPHP'
* - `Session.timeout` - The number of minutes you want sessions to live for. This timeout is handled by CakePHP
* - `Session.cookieTimeout` - The number of minutes you want session cookies to live for.
* - `Session.checkAgent` - Do you want the user agent to be checked when starting sessions? You might want to set the
* value to false, when dealing with older versions of IE, Chrome Frame or certain web-browsing devices and AJAX
* - `Session.defaults` - The default configuration set to use as a basis for your session.
* There are four builtins: php, cake, cache, database.
* - `Session.handler` - Can be used to enable a custom session handler. Expects an array of of callables,
* that can be used with `session_save_handler`. Using this option will automatically add `session.save_handler`
* to the ini array.
* - `Session.autoRegenerate` - Enabling this setting, turns on automatic renewal of sessions, and
* sessionids that change frequently. See CakeSession::$requestCountdown.
* - `Session.ini` - An associative array of additional ini values to set.
*
* The built in defaults are:
*
* - 'php' - Uses settings defined in your php.ini.
* - 'cake' - Saves session files in CakePHP's /tmp directory.
* - 'database' - Uses CakePHP's database sessions.
* - 'cache' - Use the Cache class to save sessions.
*
* To define a custom session handler, save it at /app/Model/Datasource/Session/<name>.php.
* Make sure the class implements `CakeSessionHandlerInterface` and set Session.handler to <name>
*
* To use database sessions, run the app/Config/Schema/sessions.php schema using
* the cake shell command: cake schema create Sessions
*
*/
Configure::write('Session', array(
'timeout' => 3600, // Session timeout, default is 1 hour
'defaults' => 'php'
));
/**
* The level of CakePHP security.
*/
Configure::write('Security.level', 'medium');
/**
* A random string used in security hashing methods.
*/
Configure::write('Security.salt', 'Rooraenietu8Eeyo<Qu2eeNfterd-dd+');
/**
* A random numeric string (digits only) used to encrypt/decrypt strings.
*/
Configure::write('Security.cipherSeed', '395786739573056621429506834955');
/**
* Apply timestamps with the last modified time to static assets (js, css, images).
* Will append a querystring parameter containing the time the file was modified. This is
* useful for invalidating browser caches.
*
* Set to `true` to apply timestamps when debug > 0. Set to 'force' to always enable
* timestamping regardless of debug value.
*/
//Configure::write('Asset.timestamp', true);
/**
* Compress CSS output by removing comments, whitespace, repeating tags, etc.
* This requires a/var/cache directory to be writable by the web server for caching.
* and /vendors/csspp/csspp.php
*
* To use, prefix the CSS link URL with '/ccss/' instead of '/css/' or use HtmlHelper::css().
*/
//Configure::write('Asset.filter.css', 'css.php');
/**
* Plug in your own custom JavaScript compressor by dropping a script in your webroot to handle the
* output, and setting the config below to the name of the script.
*
* To use, prefix your JavaScript link URLs with '/cjs/' instead of '/js/' or use JavaScriptHelper::link().
*/
//Configure::write('Asset.filter.js', 'custom_javascript_output_filter.php');
/**
* The classname and database used in CakePHP's
* access control lists.
*/
Configure::write('Acl.classname', 'DbAcl');
Configure::write('Acl.database', 'default');
/**
* Uncomment this line and correct your server timezone to fix
* any date & time related errors.
*/
//date_default_timezone_set('UTC');
/**
* Pick the caching engine to use. If APC is enabled use it.
* If running via cli - apc is disabled by default. ensure it's available and enabled in this case
*
* Note: 'default' and other application caches should be configured in app/Config/bootstrap.php.
* Please check the comments in boostrap.php for more info on the cache engines available
* and their setttings.
*/
$engine = 'File';
if (extension_loaded('apc') && function_exists('apc_dec') && (php_sapi_name() !== 'cli' || ini_get('apc.enable_cli'))) {
$engine = 'Apc';
}
// In development mode, caches should expire quickly.
$duration = '+999 days';
if (Configure::read('debug') >= 1) {
$duration = '+10 seconds';
}
// Prefix each application on the same server with a different string, to avoid Memcache and APC conflicts.
$prefix = 'myapp_';
/**
* Configure the cache used for general framework caching. Path information,
* object listings, and translation cache files are stored with this configuration.
*/
Cache::config('_cake_core_', array(
'engine' => $engine,
'prefix' => $prefix . 'cake_core_',
'path' => CACHE . 'persistent' . DS,
'serialize' => ($engine === 'File'),
'duration' => $duration
));
/**
* Configure the cache for model and datasource caches. This cache configuration
* is used to store schema descriptions, and table listings in connections.
*/
Cache::config('_cake_model_', array(
'engine' => $engine,
'prefix' => $prefix . 'cake_model_',
'path' => CACHE . 'models' . DS,
'serialize' => ($engine === 'File'),
'duration' => $duration
));

144
app/Config/database.default.php
View File

@ -1,73 +1,73 @@
<?php
/**
* This is core configuration file.
*
* Use it to configure core behaviour of Cake.
*
* PHP 5
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @package app.Config
* @since CakePHP(tm) v 0.2.9
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
/**
* In this file you set up your database connection details.
*
* @package cake.config
*/
/**
* Database configuration class.
* You can specify multiple configurations for production, development and testing.
*
* datasource => The name of a supported datasource; valid options are as follows:
* Database/Mysql - MySQL 4 & 5,
* Database/Sqlite - SQLite (PHP5 only),
* Database/Postgres - PostgreSQL 7 and higher,
* Database/Sqlserver - Microsoft SQL Server 2005 and higher
*
* You can add custom database datasources (or override existing datasources) by adding the
* appropriate file to app/Model/Datasource/Database. Datasources should be named 'MyDatasource.php',
*
*
* persistent => true / false
* Determines whether or not the database should use a persistent connection
*
* host =>
* the host you connect to the database. To add a socket or port number, use 'port' => #
*
* prefix =>
* Uses the given prefix for all the tables in this database. This setting can be overridden
* on a per-table basis with the Model::$tablePrefix property.
*
* schema =>
* For Postgres specifies which schema you would like to use the tables in. Postgres defaults to 'public'.
*
* encoding =>
* For MySQL, Postgres specifies the character encoding to use when connecting to the
* database. Uses database default not specified.
*
* unix_socket =>
* For MySQL to connect via socket specify the `unix_socket` parameter instead of `host` and `port`
*/
class DATABASE_CONFIG {
public $default = array(
'datasource' => 'Database/Mysql',
'persistent' => false,
'host' => '127.0.0.1',
'login' => 'db login',
'port' => 8889,
'password' => 'db password',
'database' => 'misp',
'prefix' => '',
//'encoding' => 'utf8',
);
<?php
/**
* This is core configuration file.
*
* Use it to configure core behaviour of Cake.
*
* PHP 5
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @package app.Config
* @since CakePHP(tm) v 0.2.9
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
/**
* In this file you set up your database connection details.
*
* @package cake.config
*/
/**
* Database configuration class.
* You can specify multiple configurations for production, development and testing.
*
* datasource => The name of a supported datasource; valid options are as follows:
* Database/Mysql - MySQL 4 & 5,
* Database/Sqlite - SQLite (PHP5 only),
* Database/Postgres - PostgreSQL 7 and higher,
* Database/Sqlserver - Microsoft SQL Server 2005 and higher
*
* You can add custom database datasources (or override existing datasources) by adding the
* appropriate file to app/Model/Datasource/Database. Datasources should be named 'MyDatasource.php',
*
*
* persistent => true / false
* Determines whether or not the database should use a persistent connection
*
* host =>
* the host you connect to the database. To add a socket or port number, use 'port' => #
*
* prefix =>
* Uses the given prefix for all the tables in this database. This setting can be overridden
* on a per-table basis with the Model::$tablePrefix property.
*
* schema =>
* For Postgres specifies which schema you would like to use the tables in. Postgres defaults to 'public'.
*
* encoding =>
* For MySQL, Postgres specifies the character encoding to use when connecting to the
* database. Uses database default not specified.
*
* unix_socket =>
* For MySQL to connect via socket specify the `unix_socket` parameter instead of `host` and `port`
*/
class DATABASE_CONFIG {
public $default = array(
'datasource' => 'Database/Mysql',
'persistent' => false,
'host' => '127.0.0.1',
'login' => 'db login',
'port' => 8889,
'password' => 'db password',
'database' => 'misp',
'prefix' => '',
//'encoding' => 'utf8',
);
}

64
app/Console/cake.bat
View File

@ -1,32 +1,32 @@
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::
:: Bake is a shell script for running CakePHP bake script
:: PHP 5
::
:: CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
:: Copyright 2005-2012, Cake Software Foundation, Inc.
::
:: Licensed under The MIT License
:: Redistributions of files must retain the above copyright notice.
::
:: @copyright Copyright 2005-2012, Cake Software Foundation, Inc.
:: @link http://cakephp.org CakePHP(tm) Project
:: @package app.Console
:: @since CakePHP(tm) v 2.0
:: @license MIT License (http://www.opensource.org/licenses/mit-license.php)
::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: In order for this script to work as intended, the cake\console\ folder must be in your PATH
@echo.
@echo off
SET app=%0
SET lib=%~dp0
php -q "%lib%cake.php" -working "%CD% " %*
echo.
exit /B %ERRORLEVEL%
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
::
:: Bake is a shell script for running CakePHP bake script
:: PHP 5
::
:: CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
:: Copyright 2005-2012, Cake Software Foundation, Inc.
::
:: Licensed under The MIT License
:: Redistributions of files must retain the above copyright notice.
::
:: @copyright Copyright 2005-2012, Cake Software Foundation, Inc.
:: @link http://cakephp.org CakePHP(tm) Project
:: @package app.Console
:: @since CakePHP(tm) v 2.0
:: @license MIT License (http://www.opensource.org/licenses/mit-license.php)
::
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: In order for this script to work as intended, the cake\console\ folder must be in your PATH
@echo.
@echo off
SET app=%0
SET lib=%~dp0
php -q "%lib%cake.php" -working "%CD% " %*
echo.
exit /B %ERRORLEVEL%

34
app/Controller/AppController.php
View File

@ -87,15 +87,15 @@ class AppController extends Controller {
// Authenticate user with authkey in Authorization HTTP header
if (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
$user = $this->checkAuthUser($_SERVER['HTTP_AUTHORIZATION']);
if ($user) {
// User found in the db, add the user info to the session
$this->Session->renew();
$this->Session->write(AuthComponent::$sessionKey, $user['User']);
if ($user) {
// User found in the db, add the user info to the session
$this->Session->renew();
$this->Session->write(AuthComponent::$sessionKey, $user['User']);
}
else {
// User not authenticated correctly
// User not authenticated correctly
// reset the session information
$this->Session->destroy();
$this->Session->destroy();
throw new ForbiddenException('The authentication key provided cannot be used for syncing.');
}
}
@ -117,6 +117,18 @@ class AppController extends Controller {
$this->set('isAclAdmin', $role['perm_admin']);
$this->set('isAclAudit', $role['perm_audit']);
$this->set('isAclAuth', $role['perm_auth']);
} else {
$this->set('me', false);
$this->set('isAdmin', false);
$this->set('isSiteAdmin', false);
$this->set('isAclAdd', false);
$this->set('isAclModify', false);
$this->set('isAclModifyOrg', false);
$this->set('isAclPublish', false);
$this->set('isAclSync', false);
$this->set('isAclAdmin', false);
$this->set('isAclAudit', false);
$this->set('isAclAuth', false);
}
}
@ -171,13 +183,9 @@ class AppController extends Controller {
* @return void
*/
protected function _refreshAuth() {
if (isset($this->User)) {
$user = $this->User->read(false, $this->Auth->user('id'));
} else {
$this->loadModel('User');
$this->User->recursive = -1;
$user = $this->User->findById($this->Auth->user('id'));
}
$this->loadModel('User');
$this->User->recursive = -1;
$user = $this->User->findById($this->Auth->user('id'));
$this->Auth->login($user['User']);
}

117
app/Controller/EventsController.php
View File

@ -30,7 +30,7 @@ class EventsController extends AppController {
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
'order' => array(
'Event.id' => 'DESC'
)
),
);
public $helpers = array('Js' => array('Jquery'));
@ -77,7 +77,6 @@ class EventsController extends AppController {
)
);
}
}
/**
@ -87,8 +86,46 @@ class EventsController extends AppController {
*/
public function index() {
// list the events
$this->Event->recursive = 0;
// TODO information exposure vulnerability - as we don't limit the filter depending on the CyDefSIG.showorg parameter
// this filter will work if showorg=false and users will be able to perform the filtering and see what events were posted by what org.
// same goes for orgc in all cases
//transform POST into GET
if($this->request->is("post")) {
$url = array('action'=>'index');
$filters = array();
if (isset($this->data['Event'])) {
$filters = $this->data['Event'];
}
//redirect user to the index page including the selected filters
$this->redirect(array_merge($url,$filters));
}
$this->Event->recursive = 0;
// check each of the passed arguments whether they're a filter (could also be a sort for example) and if yes, add it to the pagination conditions
foreach ($this->passedArgs as $k => $v) {
if (substr($k, 0, 6) === 'search') {
$searchTerm = substr($k, 6);
switch ($searchTerm) {
case 'published' :
if ($v == 2) continue 2;
else $this->paginate['conditions'][] = array('Event.' . substr($k, 6) . ' =' => $v);
break;
case 'Datefrom' :
if (!$v) continue 2;
$this->paginate['conditions'][] = array('Event.date' . ' >' => $v);
break;
case 'Dateuntil' :
if (!$v) continue 2;
$this->paginate['conditions'][] = array('Event.date' . ' <' => $v);
break;
default:
if (!$v) continue 2;
$this->paginate['conditions'][] = array('Event.' . substr($k, 6) . ' LIKE' => '%' . $v . '%');
break;
}
}
}
$this->set('events', $this->paginate());
if (!$this->Auth->user('gpgkey')) {
$this->Session->setFlash(__('No GPG key set in your profile. To receive emails, submit your public key in your profile.'));
@ -126,34 +163,57 @@ class EventsController extends AppController {
if ($temp == null) throw new NotFoundException(__('Invalid event'));
$id = $temp['Event']['id'];
}
$isSiteAdmin = $this->_isSiteAdmin();
$this->Event->recursive = 2;
$this->Event->contain('Attribute', 'Attribute.ShadowAttribute', 'User.email');
$this->Event->id = $id;
$this->Event->contain('Attribute', 'ShadowAttribute', 'User.email');
$this->Event->read(null, $id);
if (!$this->Event->exists()) {
throw new NotFoundException(__('Invalid event, it already exists.'));
}
$this->Event->read(null, $id);
$userEmail = $this->Event->data['User']['email'];
unset ($this->Event->data['User']);
$this->Event->data['User']['email'] = $userEmail;
if (!$this->_IsSiteAdmin()) {
// check for non-private and re-read
if ($this->Event->data['Event']['org'] != $this->Auth->user('org')) {
$this->Event->hasMany['Attribute']['conditions'] = array('OR' => array(array('Attribute.private !=' => 1), array('Attribute.private =' => 1, 'Attribute.cluster =' => 1))); // TODO seems very dangerous for the correlation construction in afterSave!!!
$this->Event->read(null, $id);
}
$myEvent = true;
if (!$isSiteAdmin) {
// check private
if (($this->Event->data['Event']['private'] && !$this->Event->data['Event']['cluster']) && ($this->Event->data['Event']['org'] != $this->Auth->user('org'))) {
$this->Session->setFlash(__('Invalid event.'));
$this->redirect(array('controller' => 'events', 'action' => 'index'));
}
}
if ($this->Event->data['Event']['org'] != $this->Auth->user('org')) {
$myEvent = false;
}
// Now that we're loaded the event and made sure that we can actually see it, let's do 2 thngs:
// run through each attribute and unset it if it's private and we're not an admin or from the owner org of the event
// if we didn't unset the attribute, rearrange the shadow attributes
foreach ($this->Event->data['Attribute'] as $key => &$attribute) {
if (!$isSiteAdmin && !$myEvent && ($attribute['private'] == 1 && $attribute['cluster'] == 0)) {
unset($this->Event->data['Attribute'][$key]);
} else {
if (!isset($attribute['ShadowAttribute'])) $attribute['ShadowAttribute'] = array();
foreach ($this->Event->data['ShadowAttribute'] as $k => &$sa) {
if ($sa['old_id'] == $attribute['id']) {
$this->Event->data['Attribute'][$key]['ShadowAttribute'][] = $sa;
unset($this->Event->data['ShadowAttribute'][$k]);
}
}
}
}
// since we unset some attributes and shadowattributes, let's reindex them.
$this->Event->data['ShadowAttribute'] = array_values($this->Event->data['ShadowAttribute']);
$this->Event->data['Attribute'] = array_values($this->Event->data['Attribute']);
$userEmail = $this->Event->data['User']['email'];
unset ($this->Event->data['User']);
$this->Event->data['User']['email'] = $userEmail;
$this->set('analysisLevels', $this->Event->analysisLevels);
$this->loadModel('Attribute');
$relatedEvents = $this->Event->getRelatedEvents($this->Auth->user());
$relatedAttributes = $this->Event->getRelatedAttributes($this->Auth->user());
$this->loadModel('Attribute');
$this->loadModel('Attribute');
if ($this->_isRest()) {
foreach ($this->Event->data['Attribute'] as &$attribute) {
@ -185,12 +245,7 @@ class EventsController extends AppController {
} else {
$conditions = array('AND' => array('ShadowAttribute.event_id' => $this->Event->data['Event']['id'], 'ShadowAttribute.old_id' => '0', 'ShadowAttribute.org' => $this->Auth->user('org')));
}
$this->loadModel('ShadowAttribute');
// Only load the shadow attributes, nothing related
$this->ShadowAttribute->recursive = -1;
$remaining = $this->ShadowAttribute->find('all', array(
'conditions' => $conditions
));
$remaining = $this->Event->data['ShadowAttribute'];
}
// params for the jQuery RESTfull interface
@ -202,7 +257,6 @@ class EventsController extends AppController {
// passing decriptions for model fields
$this->set('eventDescriptions', $this->Event->fieldDescriptions);
$this->set('attrDescriptions', $this->Attribute->fieldDescriptions);
$this->set('event', $this->Event->data);
if(isset($remaining)) {
$this->set('remaining', $remaining);
@ -368,14 +422,15 @@ class EventsController extends AppController {
// force check userid and orgname to be from yourself
$auth = $this->Auth;
$data['Event']['user_id'] = $auth->user('id');
$data['Event']['org'] = $auth->user('org');
if ($this->checkAction('perm_sync')) $data['Event']['org'] = Configure::read('CyDefSIG.org');
else $data['Event']['org'] = $auth->user('org');
if (!$fromXml) {
$data['Event']['orgc'] = $data['Event']['org'];
}
if ($fromXml) {
// FIXME FIXME chri: temporary workaround for unclear org, orgc, from
$data['Event']['orgc'] = $data['Event']['org'];
$data['Event']['from'] = $data['Event']['org'];
//$data['Event']['orgc'] = $data['Event']['org'];
//$data['Event']['from'] = $data['Event']['org'];
// Workaround for different structure in XML/array than what CakePHP expects
$this->Event->cleanupEventArrayFromXML($data);
// the event_id field is not set (normal) so make sure no validation errors are thrown
@ -436,18 +491,12 @@ class EventsController extends AppController {
}
$this->Event->read(null, $id);
// check for if private and user not authorised to edit, go away
if (!$this->_isSiteAdmin() && !$this->checkAction('perm_sync') && $this->Event->data['Event']['distribution'] == 'Your organization only') {
if (!$this->_isSiteAdmin() && !$this->checkAction('perm_sync')) {
if (($this->Event->data['Event']['org'] != $this->_checkOrg()) || !($this->checkAction('perm_modify'))) {
$this->Session->setFlash(__('You are not authorised to do that.'));
$this->redirect(array('controller' => 'events', 'action' => 'index'));
}
}
if (!$this->_isRest()) {
if ($this->Event->data['Event']['org'] != $this->_checkOrg()) {
$this->Session->setFlash(__('Invalid event.'));
$this->redirect(array('controller' => 'events', 'action' => 'index'));
}
}
// check if the user is of the creating org, if not, don't let him/her change the distribution.
$canEditDist = false;

9
app/Controller/LogsController.php
View File

@ -50,8 +50,8 @@ class LogsController extends AppController {
$this->recursive = 0;
$this->paginate = array(
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 logs(?)
'conditions' => $conditions
'conditions' => $conditions,
'order' => array('Log.id' => 'DESC')
);
$this->set('list', $this->paginate());
@ -113,12 +113,11 @@ class LogsController extends AppController {
if (isset($change)) {
$conditions['LOWER(Log.change) LIKE'] = '%' . strtolower($change) . '%';
}
//$conditions['COLLATE'] = 'utf_general_ci';
$this->{$this->defaultModel}->recursive = 0;
$this->paginate = array(
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 logs(?)
'conditions' => $conditions
'conditions' => $conditions,
'order' => array('Log.id' => 'DESC')
);
$this->set('list', $this->paginate());

3
app/Controller/ServersController.php
View File

@ -265,7 +265,8 @@ class ServersController extends AppController {
$lastpulledid = count($successes) > 0 ? max($successes) : 0;
}
// increment lastid based on the highest ID seen
$this->Server->saveField('lastpulledid', $lastpulledid);
$this->Server->set('lastpulledid', $lastpulledid);
$this->Server->save($event, array('fieldList' => array('lastpulledid', 'url')));
}

1404
app/Controller/UsersController.php
View File

File diff suppressed because it is too large Load Diff

18
app/Model/Attribute.php
View File

@ -73,22 +73,6 @@ class Attribute extends AppModel {
'All communities' => array('desc' => 'This field determines the current distribution of the even', 'formdesc' => "This will share the event with all MISP communities, allowing the event to be freely propagated from one server to the next."),
);
public $hasMany = array(
'ShadowAttribute' => array(
'className' => 'ShadowAttribute',
'foreignKey' => 'old_id',
'dependent' => true, // cascade deletes
'conditions' => '',
'fields' => '',
'order' => array('ShadowAttribute.old_id DESC', 'ShadowAttribute.old_id DESC'),
'limit' => '',
'offset' => '',
'exclusive' => '',
'finderQuery' => '',
'counterQuery' => ''
)
);
// these are definition of possible types + their descriptions and maybe later other behaviors
// e.g. if the attribute should be correlated with others or not
@ -193,7 +177,7 @@ class Attribute extends AppModel {
)
);
public $order = array("Attribute.event_id" => "DESC", "Attribute.type" => "ASC");
public $order = array("Attribute.event_id" => "DESC");
/**
* Validation rules

162
app/Model/Behavior/RegexpBehavior.php
View File

@ -1,81 +1,81 @@
<?php
App::uses('Regexp', 'Model');
/**
* Behavior to regexp all string fields in a model
*
* @author noud
*
*/
class RegexpBehavior extends ModelBehavior {
/**
*
* @param Model $Model
* @param unknown_type $settings
*/
public function setup(Model $Model, $settings = array()) {
if (!isset($this->settings[$Model->alias])) {
$this->settings[$Model->alias] = array(
'fields' => array(),
);
}
$this->settings[$Model->alias] = array_merge(
$this->settings[$Model->alias], (array)$settings);
}
/**
*
* @param $options
*/
public function beforeValidate(Model $Model, $options = array()) {
$returnValue = true;
// process some..
$returnValue = $this->regexpStringFields($Model);
return $returnValue;
}
/**
* Trim String Fields
*
* @param Model $Model
* @param unknown_type $array
*/
public function regexpStringFields(Model $Model) {
$returnValue = true;
foreach ($Model->data[$Model->name] as $key => $field) {
if (in_array($key, $this->settings[$Model->alias]['fields']) && is_string($field)) {
$returnValue = $this->replaceWindowsSpecific($Model, $field);
$Model->data[$Model->name][$key] = $returnValue;
}
}
if ($returnValue != false) $returnValue = true;
return $returnValue;
}
/**
* Replace Windows specific info in a $string with environment variables en registry keys
*
* @var string
*
* @return string
*/
public function replaceWindowsSpecific(Model $Model, $string) {
$returnValue = $string;
$regexp = new Regexp();
$allRegexp = $regexp->find('all'); // TODO INIT LOAD ARRAY
foreach ($allRegexp as $regexp) {
if (strlen($regexp['Regexp']['replacement'] && strlen($regexp['Regexp']['regexp']))) {
$string = preg_replace($regexp['Regexp']['regexp'], $regexp['Regexp']['replacement'], $string);
$returnValue = $string;
}
if (!strlen($regexp['Regexp']['replacement']) && preg_match($regexp['Regexp']['regexp'], $string)) {
App::uses('SessionComponent', 'Controller/Component');
SessionComponent::setFlash('Blacklisted value!');
return false;
}
}
return $returnValue;
}
}
<?php
App::uses('Regexp', 'Model');
/**
* Behavior to regexp all string fields in a model
*
* @author noud
*
*/
class RegexpBehavior extends ModelBehavior {
/**
*
* @param Model $Model
* @param unknown_type $settings
*/
public function setup(Model $Model, $settings = array()) {
if (!isset($this->settings[$Model->alias])) {
$this->settings[$Model->alias] = array(
'fields' => array(),
);
}
$this->settings[$Model->alias] = array_merge(
$this->settings[$Model->alias], (array)$settings);
}
/**
*
* @param $options
*/
public function beforeValidate(Model $Model, $options = array()) {
$returnValue = true;
// process some..
$returnValue = $this->regexpStringFields($Model);
return $returnValue;
}
/**
* Trim String Fields
*
* @param Model $Model
* @param unknown_type $array
*/
public function regexpStringFields(Model $Model) {
$returnValue = true;
foreach ($Model->data[$Model->name] as $key => $field) {
if (in_array($key, $this->settings[$Model->alias]['fields']) && is_string($field)) {
$returnValue = $this->replaceWindowsSpecific($Model, $field);
$Model->data[$Model->name][$key] = $returnValue;
}
}
if ($returnValue != false) $returnValue = true;
return $returnValue;
}
/**
* Replace Windows specific info in a $string with environment variables en registry keys
*
* @var string
*
* @return string
*/
public function replaceWindowsSpecific(Model $Model, $string) {
$returnValue = $string;
$regexp = new Regexp();
$allRegexp = $regexp->find('all'); // TODO INIT LOAD ARRAY
foreach ($allRegexp as $regexp) {
if (strlen($regexp['Regexp']['replacement'] && strlen($regexp['Regexp']['regexp']))) {
$string = preg_replace($regexp['Regexp']['regexp'], $regexp['Regexp']['replacement'], $string);
$returnValue = $string;
}
if (!strlen($regexp['Regexp']['replacement']) && preg_match($regexp['Regexp']['regexp'], $string)) {
App::uses('SessionComponent', 'Controller/Component');
SessionComponent::setFlash('Blacklisted value!');
return false;
}
}
return $returnValue;
}
}

14
app/Model/Event.php
View File

@ -40,6 +40,7 @@ class Event extends AppModel {
'private' => array('desc' => 'This field tells if the event should be shared with other CyDefSIG servers'),
'classification' => array('desc' => 'Set the Traffic Light Protocol classification. <ol><li><em>TLP:AMBER</em>- Share only within the organization on a need-to-know basis</li><li><em>TLP:GREEN:NeedToKnow</em>- Share within your constituency on the need-to-know basis.</li><li><em>TLP:GREEN</em>- Share within your constituency.</li></ol>'),
'submittedgfi' => array('desc' => 'GFI sandbox: export upload', 'formdesc' => 'GFI sandbox:<br/>export upload'),
'submittedioc' => array('desc' => '', 'formdesc' => ''),
'analysis' => array('desc' => 'Analysis Levels: *Initial* means the event has just been created, *Ongoing* means that the event is being populated, *Complete* means that the event\'s creation is complete', 'formdesc' => 'Analysis levels:<br />Initial: event has been started<br />Ongoing: event population is in progress<br />Complete: event creation has finished')
);
@ -276,6 +277,19 @@ class Event extends AppModel {
'exclusive' => '',
'finderQuery' => '',
'counterQuery' => ''
),
'ShadowAttribute' => array(
'className' => 'ShadowAttribute',
'foreignKey' => 'event_id',
'dependent' => true, // cascade deletes
'conditions' => '',
'fields' => '',
'order' => array('ShadowAttribute.old_id DESC', 'ShadowAttribute.old_id DESC'),
'limit' => '',
'offset' => '',
'exclusive' => '',
'finderQuery' => '',
'counterQuery' => ''
)
);

4
app/Model/ShadowAttribute.php
View File

@ -273,8 +273,8 @@ class ShadowAttribute extends AppModel {
* @var array
*/
public $belongsTo = array(
'Attribute' => array(
'className' => 'Attribute',
'Event' => array(
'className' => 'Event',
'foreignKey' => 'id',
'conditions' => '',
'fields' => '',

158
app/Plugin/UrlCache/Lib/Routing/UrlCacheManager.php Executable file
View File

@ -0,0 +1,158 @@
<?php
/**
* This class will statically hold in memory url's indexed by a custom hash
*
* @licence MIT
* @modified Mark Scherer
* - now easier to integrate
* - optimization for `pageFiles` (still stores urls with only controller/action keys in global file)
* - can handle legacy `prefix` urls
*
* 2012-02-13 ms
*/
class UrlCacheManager {
/**
* Holds all generated urls so far by the application indexed by a custom hash
*
*/
public static $cache = array();
/**
* Holds all generated urls so far by the application indexed by a custom hash
*
*/
public static $cachePage = array();
/**
* Holds all generated urls so far by the application indexed by a custom hash
*
*/
public static $extras = array();
/**
* type for the current set (triggered by last get)
*/
public static $type = 'cache';
/**
* key for current get/set
*/
public static $key = null;
/**
* cache key for pageFiles
*/
public static $cacheKey = 'url_map';
/**
* cache key for pageFiles
*/
public static $cachePageKey = null;
/**
* params that will always be present and will determine the global cache if pageFiles is used
*/
public static $paramFields = array('controller', 'plugin', 'action', 'prefix');
/**
* should be called in beforeRender()
*
*/
public static function init(View $View) {
$params = $View->request->params;
if (Configure::read('UrlCache.pageFiles')) {
$cachePageKey = '_misc';
if (is_object($View)) {
$path = $View->request->here;
if ($path == '/') {
$path = 'uc_homepage';
} else {
$path = strtolower(Inflector::slug($path));
}
if (empty($path)) {
$path = 'uc_error';
}
$cachePageKey = '_' . $path;
}
self::$cachePageKey = self::$cacheKey . $cachePageKey;
self::$cachePage = Cache::read(self::$cachePageKey, '_cake_core_');
}
self::$cache = Cache::read(self::$cacheKey, '_cake_core_');
# still old "prefix true/false" syntax?
if (Configure::read('UrlCache.verbosePrefixes')) {
unset(self::$paramFields[3]);
self::$paramFields = array_merge(self::$paramFields, (array) Configure::read('Routing.prefixes'));
}
self::$extras = array_intersect_key($params, array_combine(self::$paramFields, self::$paramFields));
$defaults = array();
foreach (self::$paramFields as $field) {
$defaults[$field] = '';
}
self::$extras = array_merge($defaults, self::$extras);
}
/**
* should be called in afterLayout()
*
*/
public static function finalize() {
Cache::write(self::$cacheKey, self::$cache, '_cake_core_');
if (Configure::read('UrlCache.pageFiles') && !empty(self::$cachePage)) {
Cache::write(self::$cachePageKey, self::$cachePage, '_cake_core_');
}
}
/**
* Returns the stored url if it was already generated, false otherwise
*
* @param string $key
* @return mixed
*/
public static function get($url, $full) {
$keyUrl = $url;
if (is_array($keyUrl)) {
$keyUrl += self::$extras;
# prevent different hashs on different orders
ksort($keyUrl, SORT_STRING);
# prevent different hashs on different types (int/string/bool)
foreach ($keyUrl as $key => $val) {
$keyUrl[$key] = (String) $val;
}
}
self::$key = md5(serialize($keyUrl) . $full);
if (Configure::read('UrlCache.pageFiles')) {
self::$type = 'cachePage';
if (is_array($keyUrl)) {
$res = array_diff_key($keyUrl, self::$extras);
if (empty($res)) {
self::$type = 'cache';
}
}
if (self::$type === 'cachePage') {
return isset(self::$cachePage[self::$key]) ? self::$cachePage[self::$key] : false;
}
}
return isset(self::$cache[self::$key]) ? self::$cache[self::$key] : false;
}
/**
* Stores a ney key in memory cache
*
* @param string $key
* @param mixed data to be stored
* @return void
*/
public static function set($data) {
if (Configure::read('UrlCache.pageFiles') && self::$type === 'cachePage') {
self::$cachePage[self::$key] = $data;
} else {
self::$cache[self::$key] = $data;
}
}
}

74
app/Plugin/UrlCache/View/Helper/UrlCacheAppHelper.php Executable file
View File

@ -0,0 +1,74 @@
<?php
/*
* App Helper url caching
* Copyright (c) 2009 Matt Curry
* www.PseudoCoder.com
* http://github.com/mcurry/cakephp/tree/master/snippets/app_helper_url
* http://www.pseudocoder.com/archives/2009/02/27/how-to-save-half-a-second-on-every-cakephp-requestand-maintain-reverse-routing
*
* @author Matt Curry <matt@pseudocoder.com>
* @author José Lorenzo Rodríguez
* @license MIT
*
* @modified Mark Scherer
*/
App::uses('Helper', 'View');
App::uses('Inflector', 'Utility');
App::uses('UrlCacheManager', 'UrlCache.Routing');
class UrlCacheAppHelper extends Helper {
/**
* This function is responsible for setting up the Url cache before the application starts generating urls in views
*
* @return void
*/
function beforeRender($viewFile) {
if (!Configure::read('UrlCache.active') || Configure::read('UrlCache.runtime.beforeRender')) {
return;
}
# todo: maybe lazy load with HtmlHelper::url()?
UrlCacheManager::init($this->_View);
Configure::write('UrlCache.runtime.beforeRender', true);
}
/**
* This method will store the current generated urls into a persistent cache for next use
*
* @return void
*/
function afterLayout($layoutFile = null) {
if (!Configure::read('UrlCache.active') || Configure::read('UrlCache.runtime.afterLayout')) {
return;
}
UrlCacheManager::finalize();
Configure::write('UrlCache.runtime.afterLayout', true);
}
/**
* Intercepts the parent url function to first look if the cache was already generated for the same params
*
* @param mixed $url url to generate using cakephp array syntax
* @param boolean $full wheter to generate a full url or not (http scheme)
* @return string
* @see Helper::url()
*/
function url($url = null, $full = false) {
if (Configure::read('UrlCache.active')) {
if ($cachedUrl = UrlCacheManager::get($url, $full)) {
return $cachedUrl;
}
}
$routerUrl = h(Router::url($url, $full));
if (Configure::read('UrlCache.active')) {
UrlCacheManager::set($routerUrl);
}
return $routerUrl;
}
}

282
app/View/Attributes/add.ctp
View File

@ -1,118 +1,166 @@
<div class="attributes form">
<?php echo $this->Form->create('Attribute');?>
<fieldset>
<legend><?php echo __('Add Attribute'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv')),
'empty' => '(choose one)'
));
echo $this->Form->input('type', array(
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv')),
'empty' => '(first choose category)'
));
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('distribution', array('label' => 'Distribution', 'selected' => $maxDist,
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv'))
));
}
echo $this->Form->input('to_ids', array(
'checked' => true,
'before' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
'label' => 'IDS Signature?'
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
));
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
));
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeDistribution')->event('change', 'showFormInfo("#AttributeDistribution")');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>
<script type="text/javascript">
//
//Generate Category / Type filtering array
//
var category_type_mapping = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false;
else echo ', ';
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
?>
function formCategoryChanged(id) {
showFormInfo(id); // display the tooltip
// fill in the types
var options = $('#AttributeType').prop('options');
$('option', $('#AttributeType')).remove();
$.each(category_type_mapping[$('#AttributeCategory').val()], function(val, text) {
options[options.length] = new Option(text, val);
});
// enable the form element
$('#AttributeType').prop('disabled', false);
}
//
// Generate tooltip information
//
var formInfoValues = new Array();
<?php
foreach ($typeDefinitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
}
// hide the formInfo things
$('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
$('#AttributeType').prop('disabled', true);
$('#AttributeDistributionDiv').hide();
</script>
<div class="attributes form">
<?php echo $this->Form->create('Attribute');?>
<fieldset>
<legend><?php echo __('Add Attribute'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'empty' => '(choose one)'
));
echo $this->Form->input('type', array(
'empty' => '(first choose category)'
));
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('distribution', array(
'label' => 'Distribution',
'selected' => $maxDist,
));
}
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('to_ids', array(
'checked' => true,
'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
'label' => 'IDS Signature?',
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'data-content' => 'Create multiple attributes one per line',
));
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
?>
</fieldset>
<?php
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul class="nav nav-list">
<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
<li class="divider"></li>
<li class="active"><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
<li class="divider"></li>
<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
<li class="divider"></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
<script type="text/javascript">
//
//Generate Category / Type filtering array
//
var category_type_mapping = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false;
else echo ', ';
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
?>
function formCategoryChanged(id) {
// fill in the types
var options = $('#AttributeType').prop('options');
$('option', $('#AttributeType')).remove();
$.each(category_type_mapping[$('#AttributeCategory').val()], function(val, text) {
options[options.length] = new Option(text, val);
});
// enable the form element
$('#AttributeType').prop('disabled', false);
}
//
// Generate tooltip information
//
var formInfoValues = new Array();
<?php
foreach ($typeDefinitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
$(document).ready(function() {
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
$("input, label").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("input, label").on('mouseover', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
}).popover('show');
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

301
app/View/Attributes/add_attachment.ctp
View File

@ -1,138 +1,165 @@
<div class="attributes form">
<?php echo $this->Form->create('Attribute', array('enctype' => 'multipart/form-data','onSubmit' => 'document.getElementById("AttributeMalware").removeAttribute("disabled");'));?>
<fieldset>
<legend><?php echo __('Add Attachment'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
echo $this->Form->file('value', array(
'error' => array('escape' => false),
));
echo $this->Form->input('malware', array(
'type' => 'checkbox',
'checked' => false,
'after' => '<br>Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"',
));
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('distribution', array('label' => 'Distribution', 'selected' => $maxDist,
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv'))
));
//'before' => $this->Html->div('forminfo', isset($attrDescriptions['distribution']['formdesc']) ? $attrDescriptions['distribution']['formdesc'] : $attrDescriptions['distribution']['desc']),));
}
// link an onchange event to the form elements
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
$this->Js->get('#AttributeDistribution')->event('change', 'showFormInfo("#AttributeDistribution")');
?>
</fieldset>
<?php echo $this->Form->end(__('Upload'));?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>
<script type="text/javascript">
var formInfoValues = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['$category'] = \"$info\";\n";
}
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
var formZipTypeValues = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
$types = $def['types'];
$alreadySet = false;
foreach ($types as $type) {
if (in_array($type, $zippedDefinitions) && !$alreadySet) {
$alreadySet = true;
echo "formZipTypeValues['$category'] = \"true\";\n";
}
}
if (!$alreadySet) {
echo "formZipTypeValues['$category'] = \"false\";\n";
}
}
?>
var formAttTypeValues = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
$types = $def['types'];
$alreadySet = false;
foreach ($types as $type) {
if (in_array($type, $uploadDefinitions) && !$alreadySet) {
$alreadySet = true;
echo "formAttTypeValues['$category'] = \"true\";\n";
}
}
if (!$alreadySet) {
echo "formAttTypeValues['$category'] = \"false\";\n";
}
}
?>
function showFormType(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
//$(idDiv).html(formInfoValues[value]); // search in a lookup table
// do checkbox un/ticked when the document is changed
if (formZipTypeValues[value] == "true") {
document.getElementById("AttributeMalware").setAttribute("checked", "checked");
if (formAttTypeValues[value] == "false") document.getElementById("AttributeMalware").setAttribute("disabled", "disabled");
else document.getElementById("AttributeMalware").removeAttribute("disabled");
} else {
document.getElementById("AttributeMalware").removeAttribute("checked");
if (formAttTypeValues[value] == "true") document.getElementById("AttributeMalware").setAttribute("disabled", "disabled");
else document.getElementById("AttributeMalware").removeAttribute("disabled");
}
}
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
// do checkbox un/ticked when the document is changed
if (formZipTypeValues[value] == "true") {
document.getElementById("AttributeMalware").setAttribute("checked", "checked");
if (formAttTypeValues[value] == "false") document.getElementById("AttributeMalware").setAttribute("disabled", "disabled");
else document.getElementById("AttributeMalware").removeAttribute("disabled");
} else {
document.getElementById("AttributeMalware").removeAttribute("checked");
if (formAttTypeValues[value] == "true") document.getElementById("AttributeMalware").setAttribute("disabled", "disabled");
else document.getElementById("AttributeMalware").removeAttribute("disabled");
}
}
// hide the formInfo things
$('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
$(function(){
// do checkbox un/ticked when the document is ready
showFormType("#AttributeCategory");
}
);
//hide the formInfo things
$('#AttributeDistributionDiv').hide();
</script>
<div class="attributes form">
<?php echo $this->Form->create('Attribute', array('enctype' => 'multipart/form-data','onSubmit' => 'document.getElementById("AttributeMalware").removeAttribute("disabled");'));?>
<fieldset>
<legend><?php echo __('Add Attachment'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv')),
));
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('distribution', array('label' => 'Distribution', 'selected' => $maxDist,
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv')),
));
//'before' => $this->Html->div('forminfo', isset($attrDescriptions['distribution']['formdesc']) ? $attrDescriptions['distribution']['formdesc'] : $attrDescriptions['distribution']['desc']),));
}
?>
<div class="input clear"></div>
<div class="input">
<?php
echo $this->Form->file('value', array(
'error' => array('escape' => false),
));
?>
</div>
<?php
echo $this->Form->input('malware', array(
'type' => 'checkbox',
'checked' => false,
'after' => $this->Html->div('forminfo', 'Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"', ''),
//'after' => '<br>Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"',
));
// link an onchange event to the form elements
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
$this->Js->get('#AttributeDistribution')->event('change', 'showFormInfo("#AttributeDistribution")');
?>
</fieldset>
<?php
echo $this->Form->button('Upload', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul class="nav nav-list">
<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
<li class="divider"></li>
<li><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
<li class="active"><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
<li class="divider"></li>
<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
<li class="divider"></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
<script type="text/javascript">
var formInfoValues = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['$category'] = \"$info\";\n";
}
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
var formZipTypeValues = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
$types = $def['types'];
$alreadySet = false;
foreach ($types as $type) {
if (in_array($type, $zippedDefinitions) && !$alreadySet) {
$alreadySet = true;
echo "formZipTypeValues['$category'] = \"true\";\n";
}
}
if (!$alreadySet) {
echo "formZipTypeValues['$category'] = \"false\";\n";
}
}
?>
var formAttTypeValues = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
$types = $def['types'];
$alreadySet = false;
foreach ($types as $type) {
if (in_array($type, $uploadDefinitions) && !$alreadySet) {
$alreadySet = true;
echo "formAttTypeValues['$category'] = \"true\";\n";
}
}
if (!$alreadySet) {
echo "formAttTypeValues['$category'] = \"false\";\n";
}
}
?>
function showFormType(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
//$(idDiv).html(formInfoValues[value]); // search in a lookup table
// do checkbox un/ticked when the document is changed
if (formZipTypeValues[value] == "true") {
document.getElementById("AttributeMalware").setAttribute("checked", "checked");
if (formAttTypeValues[value] == "false") document.getElementById("AttributeMalware").setAttribute("disabled", "disabled");
else document.getElementById("AttributeMalware").removeAttribute("disabled");
} else {
document.getElementById("AttributeMalware").removeAttribute("checked");
if (formAttTypeValues[value] == "true") document.getElementById("AttributeMalware").setAttribute("disabled", "disabled");
else document.getElementById("AttributeMalware").removeAttribute("disabled");
}
}
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
// do checkbox un/ticked when the document is changed
if (formZipTypeValues[value] == "true") {
document.getElementById("AttributeMalware").setAttribute("checked", "checked");
if (formAttTypeValues[value] == "false") document.getElementById("AttributeMalware").setAttribute("disabled", "disabled");
else document.getElementById("AttributeMalware").removeAttribute("disabled");
} else {
document.getElementById("AttributeMalware").removeAttribute("checked");
if (formAttTypeValues[value] == "true") document.getElementById("AttributeMalware").setAttribute("disabled", "disabled");
else document.getElementById("AttributeMalware").removeAttribute("disabled");
}
}
// hide the formInfo things
$('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
$(function(){
// do checkbox un/ticked when the document is ready
showFormType("#AttributeCategory");
}
);
//hide the formInfo things
$('#AttributeDistributionDiv').hide();
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

5
app/View/Attributes/check_composites.ctp
View File

@ -8,9 +8,4 @@ if (0 == count($fails)):?>
</ul>
<?php
endif;?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

291
app/View/Attributes/edit.ctp
View File

@ -1,124 +1,167 @@
<?php
$mayModify = (($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org']));
?>
<div class="attributes form">
<?php echo $this->Form->create('Attribute');?>
<fieldset>
<legend><?php echo __('Edit Attribute'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
if ($attachment) {
echo $this->Form->hidden('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
echo "<BR>Type: " . $this->Form->value('Attribute.type');
} else {
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
}
if ('true' == Configure::read('CyDefSIG.sync')) {
if ('true' == $canEditDist) {
echo $this->Form->input('distribution', array('label' => 'Distribution',
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv'))
));
}
}
echo $this->Form->input('to_ids', array(
'before' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
'label' => 'IDS Signature?'
));
if ($attachment) {
echo $this->Form->hidden('value');
echo "<BR>Value: " . $this->Form->value('Attribute.value');
} else {
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
));
}
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
if ($canEditDist) {
$this->Js->get('#AttributeDistribution')->event('change', 'showFormInfo("#AttributeDistribution")');
}
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>
<script type="text/javascript">
//
//Generate Category / Type filtering array
//
var category_type_mapping = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false;
else echo ', ';
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
?>
function formCategoryChanged(id) {
showFormInfo(id); // display the tooltip
// fill in the types
var options = $('#AttributeType').prop('options');
$('option', $('#AttributeType')).remove();
$.each(category_type_mapping[$('#AttributeCategory').val()], function(val, text) {
options[options.length] = new Option(text, val);
});
// enable the form element
$('#AttributeType').prop('disabled', false);
}
//
//Generate tooltip information
//
var formInfoValues = new Array();
<?php
foreach ($typeDefinitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
}
//hide the formInfo things
$('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
$('#AttributeDistributionDiv').hide();
// fix the select box based on what was selected
var type_value = $('#AttributeType').val();
formCategoryChanged("#AttributeCategory");
$('#AttributeType').val(type_value);
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts
<div class="attributes form">
<?php echo $this->Form->create('Attribute');?>
<fieldset>
<legend><?php echo __('Edit Attribute'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'empty' => '(choose one)'
));
echo $this->Form->input('type', array(
'empty' => '(first choose category)'
));
if ('true' == Configure::read('CyDefSIG.sync') && $canEditDist) {
echo $this->Form->input('distribution', array(
'label' => 'Distribution',
'selected' => $maxDist,
));
}
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('to_ids', array(
'checked' => true,
'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
'label' => 'IDS Signature?',
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'data-content' => 'Create multiple attributes one per line',
));
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
?>
</fieldset>
<?php
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul class="nav nav-list">
<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
<li class="divider"></li>
<li><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
<li class="divider"></li>
<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
<li class="divider"></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
<script type="text/javascript">
//
//Generate Category / Type filtering array
//
var category_type_mapping = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false;
else echo ', ';
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
?>
function formCategoryChanged(id) {
// fill in the types
var options = $('#AttributeType').prop('options');
$('option', $('#AttributeType')).remove();
$.each(category_type_mapping[$('#AttributeCategory').val()], function(val, text) {
options[options.length] = new Option(text, val);
});
// enable the form element
$('#AttributeType').prop('disabled', false);
}
//
//Generate tooltip information
//
var formInfoValues = new Array();
<?php
foreach ($typeDefinitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
if ($canEditDist) {
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
}
?>
$(document).ready(function() {
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
$("input, label").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("input, label").on('mouseover', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
}).popover('show');
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

155
app/View/Attributes/index.ctp
View File

@ -1,5 +1,5 @@
<div class="attributes index">
<h2><?php echo __('Attributes');?></h2>
<h2>Attributes</h2>
<?php
if ($isSearch == 1) {
echo "<h4>Results for all attributes";
@ -10,7 +10,23 @@ if ($isSearch == 1) {
if (isset($orgSearch) && $orgSearch != '' && $orgSearch != null) echo " created by the organisation \"<b>" . h($orgSearch) . "</b>\"";
echo ":</h4>";
} ?>
<table cellpadding="0" cellspacing="0">
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
//echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('event_id');?></th>
<th><?php echo $this->Paginator->sort('category');?></th>
@ -18,91 +34,128 @@ if ($isSearch == 1) {
<th><?php echo $this->Paginator->sort('value');?></th>
<th<?php echo ' title="' . $attrDescriptions['signature']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('signature');?></th>
<th class="actions"><?php echo __('Actions');?></th>
<th class="actions">Actions</th>
</tr>
<?php
$currentCount = 0;
if ($isSearch == 1) {
// build the $replacePairs variable used to highlight the keywords
$replacementArray = array();
foreach ($keywordArray as &$keywordArrayElement) {
$keywordArrayElement = trim($keywordArrayElement);
if ("" == $keywordArrayElement) continue;
$replacementArray[] = '<span style="color:red">'.$keywordArrayElement.'</span>';
}
if (!empty($replacementArray))
$replacePairs = array_combine($keywordArray, $replacementArray);
// sanitize data
foreach ($keywordArray as &$keywordArrayElement) {
$keywordArrayElement = h($keywordArrayElement);
}
// build the $replacePairs variable used to highlight the keywords
$replacePairs = $this->Highlight->build_replace_pairs($keywordArray);
}
foreach ($attributes as $attribute):
?>
<tr>
<td class="short">
<div id="<?php echo $attribute['Attribute']['id']?>" title="<?php echo h($attribute['Event']['info'])?>">
<div id="<?php echo $attribute['Attribute']['id']?>" title="<?php echo h($attribute['Event']['info'])?>"
onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php
if ($attribute['Event']['orgc'] == $me['org']) {
echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id']), array('class' => 'SameOrgLink'));
$class='class="SameOrgLink"';
} else {
echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id']));
$class='';
}
$currentCount++;
?>
<a href="/events/view/<?php echo $attribute['Event']['id'];?>" <?php echo $class;?>><?php echo $attribute['Event']['id'];?></a>
</div>
</td>
<td title="<?php echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location ='
<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo h($attribute['Attribute']['category']); ?>&nbsp;</td>
<td title="<?php echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location ='
<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo h($attribute['Attribute']['type']); ?>&nbsp;</td>
<td onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<td title="<?php echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php echo $attribute['Attribute']['category']; ?>&nbsp;</td>
<td title="<?php echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php echo $attribute['Attribute']['type']; ?>&nbsp;</td>
<td class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php
$sigDisplay = nl2br(h($attribute['Attribute']['value']));
if ($isSearch == 1 && !empty($replacePairs)) {
// highlight the keywords if there are any
$sigDisplay = strtr($sigDisplay, $replacePairs);
$sigDisplay = $this->Highlight->highlighter($sigDisplay, $replacePairs);
}
if ('attachment' == $attribute['Attribute']['type'] || 'malware-sample' == $attribute['Attribute']['type']) {
echo $this->Html->link($sigDisplay, array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']), array('escape' => FALSE));
?><a href="/attributes/download/<?php echo $attribute['Attribute']['id'];?>"><?php echo $sigDisplay; ?></a><?php
} elseif ('link' == $attribute['Attribute']['type']) {
echo $this->Html->link($sigDisplay, nl2br(h($attribute['Attribute']['value'])), array('escape' => FALSE));
?><a href="<?php echo nl2br(h($attribute['Attribute']['value']));?>"><?php echo $sigDisplay; ?></a><?php
} else {
echo $sigDisplay;
}
?>&nbsp;</td>
<td class="short" style="text-align: center;" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="actions"><?php
if ($isAdmin || ($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org'])) {
echo $this->Html->link(__('Edit'), array('action' => 'edit', $attribute['Attribute']['id']), null);
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $attribute['Attribute']['id']), null, __('Are you sure you want to delete this attribute?'));
}
echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']));
?>
<td class="short" onclick="document.location ='document.location ='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No'; ?>&nbsp;
</td>
<td class="short action-links"><?php
if ($isAdmin || ($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org'])) {
?><a href="/attributes/edit/<?php echo $attribute['Attribute']['id'];?>" class="icon-edit" title="Edit"></a><?php
echo $this->Form->postLink('',array('action' => 'delete', $attribute['Attribute']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this attribute?'));
}
?>
<a href="/events/view/<?php echo $attribute['Attribute']['event_id'];?>" class="icon-list-alt" title="View"></a>
</td>
</tr>
<?php
endforeach;
?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<li><?php if ($isSearch == 1) echo $this->Html->link(__('Download results as XML'), array('admin' => false, 'controller' => 'events', 'action' => 'downloadSearchResult'));?></li>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php
if ($isSearch == 1){
$searchClass = 'class="active"';
$listClass = '';
} else {
$searchClass = '';
$listClass = 'class="active"';
}
?>
<li <?php echo $listClass;?>><a href="/attributes/index">List Attributes</a></li>
<li <?php echo $searchClass;?>><a href="/attributes/search">Search Attributes</a></li>
<?php if ($isSearch == 1): ?>
<li class="divider"></li>
<li><a href="/events/downloadSearchResult">Download results as XML</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>
</div>
<script type="text/javascript">
// tooltips
$(document).ready(function () {
$("td, div").tooltip({
'placement': 'top',
'container' : 'body',
delay: { show: 500, hide: 100 }
});
});
</script>

118
app/View/Attributes/search.ctp
View File

@ -1,21 +1,30 @@
<div class="attributes form">
<?php echo $this->Form->create('Attribute');?>
<fieldset>
<legend><?php echo __('Search Attribute'); ?></legend>
<?php
echo $this->Form->input('keyword', array('type' => 'textarea', 'label' => 'Containing the following expressions'));
echo $this->Form->input('keyword2', array('type' => 'textarea', 'label' => 'Excluding the following events'));
echo $this->Form->input('org', array('type' => 'text', 'label' => 'From the following organisation'));
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))));
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
?>
<legend>Search Attribute</legend>
<?php
echo $this->Form->input('keyword', array('type' => 'textarea', 'label' => 'Containing the following expressions', 'div' => 'clear', 'class' => 'input-xxlarge'));
echo $this->Form->input('keyword2', array('type' => 'textarea', 'label' => 'Excluding the following events', 'div' => 'clear', 'class' => 'input-xxlarge'));
?>
<?php
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin)
echo $this->Form->input('org', array(
'type' => 'text',
'label' => 'From the following organisation',
'div' => 'input clear'));
?>
<?php
echo $this->Form->input('type', array(
'div' => 'input clear',
));
echo $this->Form->input('category', array(
));
?>
</fieldset>
<?php echo $this->Form->end(__('Search', true));?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
<?php
echo $this->Form->button('Search', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<script type="text/javascript">
//
@ -90,7 +99,6 @@ foreach ($typeDefinitions as $type => $def) {
function formCategoryChanged(id) {
var alreadySelected = $('#AttributeType').val();
showFormInfo(id); // display the tooltip
// empty the types
document.getElementById("AttributeType").options.length = 1;
// add new items to options
@ -103,15 +111,10 @@ function formCategoryChanged(id) {
});
// enable the form element
$('#AttributeType').prop('disabled', false);
if ("ALL" == $('#AttributeCategory').val()) {
//alert($('#AttributeCategory').val());
$('#AttributeCategoryDiv').hide();
}
}
function formTypeChanged(id) {
var alreadySelected = $('#AttributeCategory').val();
showFormInfo(id); // display the tooltip
// empty the categories
document.getElementById("AttributeCategory").options.length = 2;
// add new items to options
@ -124,10 +127,6 @@ function formTypeChanged(id) {
});
// enable the form element
$('#AttributeCategory').prop('disabled', false);
if ("ALL" == $('#AttributeType').val()) {
//alert($('#AttributeType').val());
$('#AttributeTypeDiv').hide();
}
}
var formInfoValues = new Array();
@ -142,33 +141,64 @@ foreach ($categoryDefinitions as $category => $def) {
echo "formInfoValues['$category'] = \"$info\";\n";
}
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'formTypeChanged("#AttributeType")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
?>
formInfoValues['ALL'] = '';
formInfoValues[''] = '';
function showFormInfo(id) {
idDiv = id+'Div';
if (("ALL" != $(id).val()) && ("" != $(id).val())) {
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
} else {
$(idDiv).hide();
}
}
$(document).ready(function() {
$("#AttributeType, #AttributeCategory").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#AttributeType, #AttributeCategory").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#AttributeType, #AttributeCategory").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
// hide the formInfo things
$('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
<div class="actions">
<ul class="nav nav-list">
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="/attributes/index">List Attributes</a></li>
<li class="active"><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>

14
app/View/Blacklists/admin_add.ctp
View File

@ -1,15 +1,19 @@
<div class="whitelist form">
<?php echo $this->Form->create('Blacklist');?>
<fieldset>
<legend><?php echo __('Add Import Blacklist');?></legend>
<legend>Add Import Blacklist</legend>
<?php
echo $this->Form->input('name');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php
echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Blacklist', array('admin' => true, 'action' => 'index'));?></li>
<li class="active"><?php echo $this->Html->link('New Blacklist', array('admin' => true, 'action' => 'add'));?></li>
</ul>
</div>
</div>

9
app/View/Blacklists/admin_edit.ctp
View File

@ -1,7 +1,7 @@
<div class="whitelist form">
<?php echo $this->Form->create('Blacklist');?>
<fieldset>
<legend><?php echo __('Edit Import Blacklist'); ?></legend>
<legend>Edit Import Blacklist</legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('name');
@ -10,9 +10,10 @@
<?php echo $this->Form->end(__('Submit'));?>
</div>
<div class="actions">
<ul>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Blacklist', array('admin' => true, 'action' => 'index'));?></li>
<li><?php echo $this->Html->link('New Blacklist', array('admin' => true, 'action' => 'add'));?></li>
<li class="divider"></li>
<li><?php echo $this->Form->postLink(__('Delete Blacklist'), array('admin' => true, 'action' => 'delete', $this->Form->value('Blacklist.id')), null, __('Are you sure you want to delete # %s?', $this->Form->value('Blacklist.id')));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
</ul>
</div>

64
app/View/Blacklists/admin_index.ctp
View File

@ -1,6 +1,22 @@
<div class="whitelist index">
<h2><?php echo __('Import Blacklist');?></h2>
<table cellpadding="0" cellspacing="0">
<h2>Import Blacklist</h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
@ -9,34 +25,34 @@
foreach ($list as $item):?>
<tr>
<td class="short"><?php echo h($item['Blacklist']['id']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Blacklist']['name']);?>&nbsp;</td>
<td class="actions">
<?php echo $this->Html->link(__('Edit'), array('admin' => true, 'action' => 'edit', $item['Blacklist']['id']));?>
<?php echo $this->Form->postLink(__('Delete'), array('admin' => true, 'action' => 'delete', $item['Blacklist']['id']), null, __('Are you sure you want to delete "%s"?', $item['Blacklist']['name']));?>
<td><?php echo h($item['Blacklist']['name']);?>&nbsp;</td>
<td class="short action-links">
<?php echo $this->Html->link('', array('admin' => true, 'action' => 'edit', $item['Blacklist']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));?>
<?php echo $this->Form->postLink('', array('admin' => true, 'action' => 'delete', $item['Blacklist']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete "%s"?', $item['Blacklist']['name']));?>
</td>
</tr><?php
endforeach;?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<li><?php echo $this->Html->link(__('New Blacklist'), array('admin' => true, 'action' => 'add'));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Blacklist', array('admin' => true, 'action' => 'index'));?></li>
<li><?php echo $this->Html->link('New Blacklist', array('admin' => true, 'action' => 'add'));?></li>
</ul>
</div>

53
app/View/Blacklists/index.ctp
View File

@ -1,6 +1,22 @@
<div class="whitelist index">
<h2><?php echo __('Import Blacklist');?></h2>
<table cellpadding="0" cellspacing="0">
<h2>Import Blacklist</h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
@ -13,23 +29,24 @@ foreach ($list as $item):?>
endforeach;?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Blacklist', array('action' => 'index'));?></li>
</ul>
</div>

80
app/View/Elements/actions_menu.ctp
View File

@ -1,80 +0,0 @@
<h3><?php echo __('Event Actions'); ?></h3>
<li><?php
if ($isAclAdd) echo $this->Html->link(__('New Event', true), array('controller' => 'events', 'action' => 'add')); ?></li>
<li><?php echo $this->Html->link(__('List Events', true), array('controller' => 'events', 'action' => 'index')); ?></li>
<li><?php echo $this->Html->link(__('List Attributes', true), array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Search Attributes', true), array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><?php echo $this->Html->link(__('Export', true), array('controller' => 'events', 'action' => 'export')); ?> </li>
<li><?php
if ($isAclAuth) echo $this->Html->link(__('Automation', true), array('controller' => 'events', 'action' => 'automation')); ?></li>
<li>&nbsp;</li>
<h3><?php echo __('Global Actions'); ?></h3>
<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news')); ?> </li>
<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me')); ?> </li>
<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist')); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?> </li>
<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms')); ?> </li>
<li><?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout')); ?> </li>
<?php
if (('true' == Configure::read('CyDefSIG.sync')) && ($isAclSync || $isAdmin)): ?>
<li>&nbsp;</li>
<h3><?php echo __('Sync Actions'); ?></h3>
<li><?php echo $this->Html->link(__('List Servers'), array('controller' => 'servers', 'action' => 'index'));?></li>
<?php
endif;?>
<?php
//Site admin
if($isSiteAdmin): ?>
<li>&nbsp;</li>
<h3><?php echo __('Input Filters'); ?></h3>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index', 'admin' => true)); ?> </li>
<li>&nbsp;</li>
<h3><?php echo __('Administration'); ?></h3>
<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('New Role', true), array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Roles', true), array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Contact users', true), array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<li>&nbsp;</li>
<?php
endif;?>
<?php
//org admin
if($isAdmin && !$isSiteAdmin): ?>
<li>&nbsp;</li>
<h3><?php echo __('Input Filters'); ?></h3>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index')); ?> </li>
<li>&nbsp;</li>
<h3><?php echo __('Administration'); ?></h3>
<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('List Roles', true), array('controller' => 'roles', 'action' => 'index')); ?> </li>
<li>&nbsp;</li>
<?php
endif;?>
<?php
//normal user
if(!$isSiteAdmin && !$isAclAdmin): ?>
<li>&nbsp;</li>
<h3><?php echo __('Input Filters'); ?></h3>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index')); ?> </li>
<?php
endif;?>
<?php
if($isAclAudit): ?>
<h3><?php echo __('Audit'); ?></h3>
<li><?php echo $this->Html->link(__('List Logs', true), array('controller' => 'logs', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Search Logs', true), array('controller' => 'logs', 'action' => 'admin_search', 'admin' => true)); ?> </li>
<?php
endif;

124
app/View/Elements/global_menu.ctp Executable file
View File

@ -0,0 +1,124 @@
<div class="navbar-wrapper">
<div class="navbar navbar-inverse">
<div class="navbar-inner">
<?php if ($me != false ):?>
<div class="nav-collapse collapse">
<ul class="nav">
<li class="active"><a href="/">home</a></li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
Event Actions
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
Input Filters
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<?php if ($isSiteAdmin): ?>
<li><a href="/admin/blacklists/index">Import Blacklist</a></li>
<li><a href="/admin/regexp/index">Import Regexp</a></li>
<li><a href="/admin/whitelists/index">Signature Whitelist</a></li>
<?php endif;?>
<?php if (!$isSiteAdmin): ?>
<li><a href="/blacklists/index">Import Blacklist</a></li>
<li><a href="/regexp/index">Import Regexp</a></li>
<li><a href="/whitelists/index">Signature Whitelist</a></li>
<?php endif;?>
</ul>
</li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
Global Actions
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="/users/news">News</a></li>
<li><a href="/users/view/me">My Profile</a></li>
<li><a href="/users/memberslist">Members List</a></li>
<li><a href="/pages/display/documentation">User Guide</a></li>
<li><a href="/users/terms">Terms &amp; Conditions</a></li>
<li class="divider"></li>
<li><a href="/users/logout">Log out</a></li>
</ul>
</li>
<?php if (('true' == Configure::read('CyDefSIG.sync')) && ($isAclSync || $isAdmin)): ?>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
Sync Actions
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="/servers/index">List Servers</a></li>
</ul>
</li>
<?php endif;?>
<?php if($isAdmin || $isSiteAdmin): ?>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
Administration
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="/admin/users/add">New User</a></li>
<li><a href="/admin/users/index">List Users</a></li>
<li class="divider"></li>
<?php if($isSiteAdmin): ?>
<li><a href="/admin/roles/add">New Role</a></li>
<?php endif; ?>
<li><a href="/admin/roles/index">List Roles</a></li>
<?php if($isSiteAdmin): ?>
<li class="divider"></li>
<li><a href="/admin/users/email">Contact Users</a></li>
<?php endif; ?>
</ul>
</li>
<?php endif; ?>
<?php if($isAclAudit): ?>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
Audit
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="/admin/logs/index">List Logs</a></li>
<li><a href="/admin/logs/search">Search Logs</a></li>
</ul>
</li>
<?php endif;?>
</ul>
</div>
<div class="nav-collapse collapse pull-right">
<ul class="nav">
<li><a href="/users/logout">Log out</a></li>
</ul>
</div>
<?php endif;?>
</div>
</div>
</div>

184
app/View/Events/add.ctp
View File

@ -1,75 +1,109 @@
<div class="events form">
<?php echo $this->Form->create('Event', array('type' => 'file'));?>
<fieldset>
<legend><?php echo __('Add Event'); ?></legend>
<?php
echo $this->Form->input('date');
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('distribution', array('label' => 'Distribution', 'selected' => 'All communities',
'between' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv'))
));
}
echo $this->Form->input('risk', array(
'before' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv'))));
echo $this->Form->input('analysis', array(
'options' => array($analysisLevels),
'before' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
));
echo $this->Form->input('info');
echo $this->Form->input('Event.submittedfile', array(
'label' => '<b>GFI sandbox</b>',
'type' => 'file',
'before' => $this->Html->div('forminfo', isset($eventDescriptions['submittedfile']['formdesc']) ? $eventDescriptions['submittedfile']['formdesc'] : $eventDescriptions['submittedfile']['desc'])));
// link an onchange event to the form elements
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>
<script type="text/javascript">
//
//Generate tooltip information
//
var formInfoValues = new Array();
<?php
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($riskDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($analysisDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
}
// hide the formInfo things
$('#EventDistributionDiv').hide();
$('#EventRiskDiv').hide();
$('#EventAnalysisDiv').hide();
</script>
<?php echo $this->Js->writeBuffer();
<div class="events form">
<?php echo $this->Form->create('', array('type' => 'file'));?>
<fieldset>
<legend>Add Event</legend>
<?php
echo $this->Form->input('date', array(
'type' => 'text',
'class' => 'datepicker'
));
if ('true' == Configure::read('CyDefSIG.sync')) {
echo $this->Form->input('distribution', array(
'label' => 'Distribution',
'selected' => 'All communities'
));
}
echo $this->Form->input('risk', array(
'div' => 'input clear'
));
echo $this->Form->input('analysis', array(
'options' => array($analysisLevels),
));
echo $this->Form->input('info', array(
'div' => 'clear',
'class' => 'input-xxlarge'
));
echo $this->Form->input('Event.submittedgfi', array(
'label' => '<b>GFI sandbox</b>',
'type' => 'file',
'div' => 'clear'
));
?>
</fieldset>
<?php
echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul class="nav nav-list">
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li class="active"><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>
<script type="text/javascript">
//
//Generate tooltip information
//
var formInfoValues = new Array();
<?php
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($riskDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($analysisDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
$(document).ready(function() {
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
</script>
<?php echo $this->Js->writeBuffer();

38
app/View/Events/add_i_o_c.ctp
View File

@ -9,11 +9,39 @@ echo $this->Form->input('Event.submittedioc', array(
));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
<?php
echo $this->Form->button('Upload', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><a href="/events/view/<?php echo $this->request->data['Event']['id'];?>">View Event</a></li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><a href="/events/edit/<?php echo $this->request->data['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
<li class="divider"></li>
<li><a href="/attributes/add/<?php echo $this->request->data['Event']['id'];?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Add Attachment</a></li>
<li class="active"><a href="/events/addIOC/<?php echo $this->request->data['Event']['id'];?>">Populate from IOC</a></li>
<?php else: ?>
<li><a href="/shadow_attributes/add/<?php echo $this->request->data['Event']['id'];?>">Propose Attribute</a></li>
<li><a href="/shadow_attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php if ( 0 == $this->request->data['Event']['published'] && ($isAdmin || $mayPublish)): ?>
<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $this->request->data['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $this->request->data['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
<?php else: ?>
<!-- ul><li>Alert already sent</li></ul -->
<?php endif; ?>
<li><a href="/events/contact/<?php echo $this->request->data['Event']['id'];?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Event']['id'];?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Event']['id'];?>">Download as IOC</a></li>
<li class="divider"></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
</div>

29
app/View/Events/automation.ctp
View File

@ -36,10 +36,12 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
<h3>Text export</h3>
<p>An automatic export of all attributes of a specific type to a plain text file.</p>
<p>You can configure your tools to automatically download the following files:</p>
<pre><?php
foreach ($sigTypes as $sigType):?>
<?php echo Configure::read('CyDefSIG.baseurl');?>/events/text/<?php echo $me['authkey']; ?>/<?php echo $sigType . "\n";?><?php
endforeach;?>
<pre>
<?php
foreach ($sigTypes as $sigType) {
echo Configure::read('CyDefSIG.baseurl').'/events/text/'.$me['authkey'].'/'.$sigType . "\n";
}
?>
</pre>
<p></p>
@ -53,11 +55,20 @@ This would enable you to export:</p>
<li>...</li>
</ul>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li class="active"><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>
</div>

56
app/View/Events/contact.ctp
View File

@ -1,3 +1,7 @@
<?php
$mayModify = (($isAclModify && $this->request->data['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $this->request->data['Event']['orgc'] == $me['org']));
$mayPublish = ($isAclPublish && $this->request->data['Event']['orgc'] == $me['org']);
?>
<div class="events form">
<?php echo $this->Form->create('Event');?>
<fieldset>
@ -6,19 +10,57 @@
Feel free to add a custom message that will be sent to the reporting organization. <br/>
Your email address and details about the event will be added automagically to the message.</p>
<?php
echo $this->Form->input('message', array('type' => 'textarea'));
echo $this->Form->input('person', array(
echo $this->Form->input('message', array(
'type' => 'textarea',
'class' => 'input-xxlarge',
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('person', array(
'label' => __('Submit only to person', true),
'type' => 'checkbox',
'class' => 'clear',
'after' => $this->Html->div('forminfo', __('By selecting this box you will contact the creator of the event only.', true)),
)); ?>
<?php echo $this->Form->end(__('Submit', true));?>
));
?>
<div class="input clear">
<?php
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
</fieldset>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><a href="/events/view/<?php echo $event['Event']['id'];?>">View Event</a></li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><a href="/events/edit/<?php echo $event['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
<li class="divider"></li>
<li><a href="/attributes/add/<?php echo $event['Event']['id'];?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $event['Event']['id'];?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $event['Event']['id'];?>">Populate from IOC</a></li>
<?php else: ?>
<li><a href="/shadow_attributes/add/<?php echo $event['Event']['id'];?>">Propose Attribute</a></li>
<li><a href="/shadow_attributes/add_attachment/<?php echo $event['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php if ( 0 == $event['Event']['published'] && ($isAdmin || $mayPublish)): ?>
<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $event['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
<?php else: ?>
<!-- ul><li>Alert already sent</li></ul -->
<?php endif; ?>
<li class="active"><a href="/events/contact/<?php echo $event['Event']['id'];?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $event['Event']['id'];?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $event['Event']['id'];?>">Download as IOC</a></li>
<li class="divider"></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>

120
app/View/Events/edit.ctp
View File

@ -3,39 +3,70 @@
<fieldset>
<legend><?php echo __('Edit Event'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('date');
echo $this->Form->input('id');
echo $this->Form->input('date', array(
'type' => 'text',
'class' => 'datepicker'
));
if ('true' == Configure::read('CyDefSIG.sync')) {
if ('true' == $canEditDist) {
echo $this->Form->input('distribution', array('label' => 'Distribution',
'between' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv'))
));
echo $this->Form->input('distribution', array(
'label' => 'Distribution',
'selected' => 'All communities',
));
}
}
echo $this->Form->input('risk', array(
'before' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv'))));
echo $this->Form->input('analysis', array(
'options' => array($analysisLevels),
'before' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
));
echo $this->Form->input('info');
echo $this->Form->input('risk', array(
'div' => 'input clear'
));
echo $this->Form->input('analysis', array(
'options' => array($analysisLevels),
));
echo $this->Form->input('info', array(
'div' => 'clear',
'class' => 'input-xxlarge'
));
// link an onchange event to the form elements
if ('true' == $canEditDist) {
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
}
$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
<?php
echo $this->Form->button('Edit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><a href="/events/view/<?php echo $this->request->data['Event']['id'];?>">View Event</a></li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li class="active"><a href="/events/edit/<?php echo $this->request->data['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
<li class="divider"></li>
<li><a href="/attributes/add/<?php echo $this->request->data['Event']['id'];?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $this->request->data['Event']['id'];?>">Populate from IOC</a></li>
<?php else: ?>
<li><a href="/shadow_attributes/add/<?php echo $this->request->data['Event']['id'];?>">Propose Attribute</a></li>
<li><a href="/shadow_attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php if ( 0 == $this->request->data['Event']['published'] && ($isAdmin || $mayPublish)): ?>
<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $this->request->data['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $this->request->data['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
<?php else: ?>
<!-- ul><li>Alert already sent</li></ul -->
<?php endif; ?>
<li><a href="/events/contact/<?php echo $this->request->data['Event']['id'];?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Event']['id'];?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Event']['id'];?>">Download as IOC</a></li>
<li class="divider"></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
<script type="text/javascript">
//
//Generate tooltip information
@ -59,22 +90,37 @@ foreach ($analysisDescriptions as $type => $def) {
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
}
$(document).ready(function() {
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
// hide the formInfo things
if ('true' == $canEditDist) {
$('#EventDistributionDiv').hide();
}
$('#EventRiskDiv').hide();
$('#EventAnalysisDiv').hide();
</script>
<?php echo $this->Js->writeBuffer();

108
app/View/Events/export.ctp
View File

@ -1,51 +1,67 @@
<div class="event index">
<h2>Export</h2>
<p>Export functionality is designed to automatically generate signatures for intrusion detection systems. To enable signature generation for a given attribute, Signature field of this attribute must be set to Yes.
Note that not all attribute types are applicable for signature generation, currently we only support NIDS signature generation for IP, domains, host names, user agents etc., and hash list generation for MD5/SHA1 values of file artifacts. Support for more attribute types is planned.
<br/>
<p>Simply click on any of the following buttons to download the appropriate data.
<table>
<tr>
<td class="actions" style="text-align:center;">
<ul><li><?php echo $this->Html->link(__('Download all as XML', true), array('action' => 'xml', 'download')); ?></li></ul>
</td>
<td>
Click this to download all events and attributes that you have access to <small>(except file attachments)</small> in a custom XML format.
</td>
</tr>
<tr>
<td class="actions" style="text-align:center;">
<ul><li><?php echo $this->Html->link(__('Download NIDS signatures', true), array('action' => 'nids', 'download')); ?></li></ul>
</td>
<td>
Click this to download all network related attributes that you have access to under the Snort rule format. Only <em>published</em> events and attributes marked as <em>IDS Signature</em> are exported. Administration is able to maintain a whitelist containing host, domain name and IP numbers to exclude from the NIDS export.
</td>
</tr>
<tr>
<td class="actions" style="text-align:center;">
<ul><li><?php echo $this->Html->link(__('Download all MD5 hashes', true), array('action' => 'hids', 'md5','download')); ?> </li></ul>
<ul><li><?php echo $this->Html->link(__('Download all SHA1 hashes', true), array('action' => 'hids', 'sha1','download')); ?> </li></ul>
</td>
<td>
Click on one of these two buttons to download all MD5 or SHA1 checksums contained in file-related attributes. This list can be used to feed forensic software when searching for susipicious files. Only <em>published</em> events and attributes marked as <em>IDS Signature</em> are exported.
</td>
</tr>
</table>
<p>
Click on one of these buttons to download all the attributes with the matching type. This list can be used to feed forensic software when searching for susipicious files. Only <em>published</em> events and attributes marked as <em>IDS Signature</em> are exported.
</p>
<p>
<?php
$i = 0;
foreach ($sigTypes as $sigType):
echo "<div class=\"actions\" style=\"text-align:center; width: auto; padding: 7px 2px;\">".$this->Html->link(__($sigType, true), array('action' => 'text', 'download' ,$sigType))."</div>";
endforeach;
?>
</p>
</div>
<h2>Export</h2>
<p>Export functionality is designed to automatically generate signatures for intrusion detection systems. To enable signature generation for a given attribute, Signature field of this attribute must be set to Yes.
Note that not all attribute types are applicable for signature generation, currently we only support NIDS signature generation for IP, domains, host names, user agents etc., and hash list generation for MD5/SHA1 values of file artifacts. Support for more attribute types is planned.
<br/>
<p>Simply click on any of the following buttons to download the appropriate data.</p>
<div class="row bottom-buffer">
<div class="span3">
<?php echo $this->Html->link('Download all as XML', array('action' => 'xml', 'download'), array('class' => 'btn btn-block full-width')); ?>
</div>
<div class="span9">Click this to download all events and attributes that you have access to <small>(except file attachments)</small> in a custom XML format.
</div>
</div>
<div class="row bottom-buffer">
<div class="span3">
<?php echo $this->Html->link('Download NIDS signatures', array('action' => 'nids', 'download'), array('class' => 'btn btn-block full-width')); ?>
</div>
<div class="span9">Click this to download all network related attributes that you
have access to under the Snort rule format. Only <em>published</em>
events and attributes marked as <em>IDS Signature</em> are exported.
Administration is able to maintain a whitelist containing host,
domain name and IP numbers to exclude from the NIDS export.
</div>
</div>
<div class="row bottom-buffer">
<div class="span3">
<?php echo $this->Html->link('Download all MD5 hashes', array('action' => 'hids', 'md5','download'), array('class' => 'btn btn-block full-width')); ?>
<?php echo $this->Html->link('Download all SHA1 hashes', array('action' => 'hids', 'sha1','download'), array('class' => 'btn btn-block full-width')); ?>
</div>
<div class="span9">Click on one of these two buttons to download all MD5 or SHA1
checksums contained in file-related attributes. This list can be
used to feed forensic software when searching for susipicious files.
Only <em>published</em> events and attributes marked as <em>IDS
Signature</em> are exported.
</div>
</div>
<p>
Click on one of these buttons to download all the attributes with the matching type. This list can be used to feed forensic software when searching for susipicious files. Only <em>published</em> events and attributes marked as <em>IDS Signature</em> are exported.
</p>
<ul class="inline">
<?php
foreach ($sigTypes as $sigType): ?>
<li class="actions" style="text-align:center; width: auto; padding: 7px 2px;">
<?php echo $this->Html->link($sigType, array('action' => 'text', 'download' ,$sigType), array('class' => 'btn')) ?>
</li>
<?php endforeach; ?>
</ul>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li class="active"><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>

391
app/View/Events/index.ctp
View File

@ -1,124 +1,297 @@
<?php if(empty($this->passedArgs['searchinfo'])) $this->passedArgs['searchinfo'] = '';?>
<?php if(empty($this->passedArgs['searchorgc'])) $this->passedArgs['searchorgc'] = '';?>
<?php if(empty($this->passedArgs['searchDatefrom'])) $this->passedArgs['searchDatefrom'] = '';?>
<?php if(empty($this->passedArgs['searchDateuntil'])) $this->passedArgs['searchDateuntil'] = '';?>
<div class="events index">
<h2>Events</h2>
<table cellpadding="0" cellspacing="0">
<tr>
<th><?php echo $this->Paginator->sort('published', 'Valid.');?></th>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<?php
echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
// Let's output a small label of each filter
$count = 0;
?>
<table>
<tr>
<?php
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
<th><?php echo $this->Paginator->sort('org');?></th>
foreach ($this->passedArgs as $k => $v) {
if ((substr($k, 0, 6) === 'search')) {
$searchTerm = substr($k, 6);
if ($searchTerm === 'published') {
switch ($v) {
case '0' :
$value = 'No';
break;
case '1' :
$value = 'Yes';
break;
case '2' :
continue 2;
break;
}
} else {
if (!$v) {
continue;
}
$value = $v;
}
?>
<td class="<?php echo (($count < 1) ? 'searchLabelFirst' : 'searchLabel');?>">
<?php echo $searchTerm; ?> : <?php echo $value; ?>
</td>
<?php
$count++;
}
}
if ($count > 0) {
?>
<td class="searchLabelCancel">
<?php echo $this->Html->link('', array('controller' => 'events', 'action' => 'index'), array('class' => 'icon-remove', 'title' => 'Remove filters'));?>
</td>
<?php
endif; ?>
}
?>
</tr>
</table>
<input type="submit" style="visibility:collapse;" />
<table class="table table-striped table-hover table-condensed">
<tr>
<th class="filter">
<?php echo $this->Paginator->sort('published', 'Valid.');?>
<a onclick="$('#searchpublished').toggle();" class="icon-search"></a>
<span id="searchpublished"><br/>
<?php
// on change jquery will submit the form
echo $this->Form->input('searchpublished', array(
'options' => array('0' => 'No', '1' => 'Yes', '2' => 'Any'),
'default' => 2,
'label' => '',
'class' => 'input-mini',
'onchange' => "$('#EventIndexForm').submit()"
));
?>
</span>
</th>
<?php
if ($isSiteAdmin): ?>
<th><?php echo $this->Paginator->sort('owner org');?></th>
<?php
endif; ?>
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin) {
if ($isSiteAdmin) { ?>
<th><?php echo $this->Paginator->sort('org'); ?></th>
<?php
} else { ?>
<th class="filter"><?php echo $this->Paginator->sort('org'); ?>
<a onclick="toggleField('#searchorg')" class="icon-search"></a>
</th>
<?php
}
}
?>
<?php if ($isSiteAdmin): ?>
<th class="filter">
<?php echo $this->Paginator->sort('owner org');?>
<a onclick="toggleField('#searchorgc')" class="icon-search"></a>
<span id="searchorgc"><br/>
<?php
echo $this->Form->input('searchorgc', array(
'value' => $this->passedArgs['searchorgc'],
'label' => '',
'class' => 'input-mini'));
?>
</span>
</th>
<?php endif; ?>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('attribute_count', '#Attr.');?></th>
<?php
if ($isAdmin): ?>
<?php if ($isAdmin): ?>
<th><?php echo $this->Paginator->sort('user_id', 'Email');?></th>
<?php
endif; ?>
<th><?php echo $this->Paginator->sort('date');?></th>
<th<?php echo ' title="' . $eventDescriptions['risk']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('risk');?></th>
<th<?php echo ' title="' . $eventDescriptions['analysis']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('analysis');?></th>
<th><?php echo $this->Paginator->sort('info');?></th>
<?php
if ('true' == Configure::read('CyDefSIG.sync')): ?>
<th<?php echo ' title="' . $eventDescriptions['distribution']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('distribution');?></th>
<?php endif; ?>
<th class="filter">
<?php echo $this->Paginator->sort('date');?>
<a onclick="toggleField('#searchdate')" class="icon-search"></a>
<br/>
<div id="searchdate" class="input-append input-prepend">
<?php
echo $this->Form->input('searchDatefrom', array(
'value' => $this->passedArgs['searchDatefrom'],
'label' => false,
'div' => false,
'class' => 'span1 datepicker',
));
?>
<input type="submit" class="btn" value="&gt;"/>
<?php
echo $this->Form->input('searchDateuntil', array(
'value' => $this->passedArgs['searchDateuntil'],
'label' => false,
'class' => 'span1 datepicker',
'div' => false
));
?>
</div>
</th>
<th title="<?php echo $eventDescriptions['risk']['desc'];?>">
<?php echo $this->Paginator->sort('risk');?>
</th>
<th title="<?php echo $eventDescriptions['analysis']['desc'];?>">
<?php echo $this->Paginator->sort('analysis');?>
</th>
<th class="filter">
<?php echo $this->Paginator->sort('info');?>
<a onclick="toggleField('#searchinfo')" class="icon-search"></a>
<span id="searchinfo"><br/>
<?php
echo $this->Form->input('searchinfo', array(
'value' => $this->passedArgs['searchinfo'],
'label' => '',
'class' => 'input-large'));
?>
</span>
</th>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
<th title="<?php echo $eventDescriptions['distribution']['desc'];?>">
<?php echo $this->Paginator->sort('distribution');?>
</th>
<?php endif; ?>
<th class="actions">Actions</th>
</tr>
<?php
endif; ?>
<th class="actions"><?php echo __('Actions');?></th>
</tr><?php
foreach ($events as $event):?>
<tr>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';"><?php
if ($event['Event']['published'] == 1) {
echo $this->Html->image('yes.png', array('title' => 'Validated', 'alt' => 'Validated', 'width' => '16', 'hight' => '16'));
} else {
echo $this->Html->image('no.png', array('title' => 'Not validated', 'alt' => 'Not Validated', 'width' => '16', 'hight' => '16'));
}?>
&nbsp;</td><?php
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';"><?php
$imgRelativePath = 'orgs' . DS . h($event['Event']['orgc']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($event['Event']['orgc']) . '.png', array('alt' => h($event['Event']['orgc']),'width' => '48','hight' => '48'));
else echo $this->Html->tag('span', h($event['Event']['orgc']), array('class' => 'welcome', 'style' => 'float:right;'));?><?php
echo $this->Form->end();
?>
&nbsp;</td><?php
endif;
if ('true' == $isSiteAdmin): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';"><?php
$imgRelativePath = 'orgs' . DS . h($event['Event']['org']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($event['Event']['org']) . '.png', array('alt' => h($event['Event']['org']),'width' => '48','hight' => '48'));
else echo $this->Html->tag('span', h($event['Event']['org']), array('class' => 'welcome', 'style' => 'float:right;'));?><?php
?>
&nbsp;</td><?php
endif; ?>
<td class="short">
<?php echo $this->Html->link($event['Event']['id'], array('controller' => 'events', 'action' => 'view', $event['Event']['id'])); ?>
&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['attribute_count']; ?>&nbsp;</td><?php
if ($isAdmin): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php if($isSiteAdmin || $event['Event']['org'] == $me['org']) echo h($event['User']['email']);
?>&nbsp;</td><?php
endif; ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['date']; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['risk']; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $analysisLevels[$event['Event']['analysis']]; ?>&nbsp;</td>
<td onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo nl2br(h($event['Event']['info'])); ?>&nbsp;</td>
<?php
if ('true' == Configure::read('CyDefSIG.sync')): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['distribution'] != 'All communities' ? $event['Event']['distribution'] : 'All';?></td>
<?php
endif; ?>
<td class="actions">
<?php
if (0 == $event['Event']['published'] && ($isSiteAdmin || ($isAclPublish && $event['Event']['org'] == $me['org'])))
echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), array('action' => 'alert', $event['Event']['id']), 'Are you sure this event is complete and everyone should be informed?');
elseif (0 == $event['Event']['published']) echo 'Not published';
?>
<?php
if ($isSiteAdmin || ($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['org'] == $me['org'])) {
echo $this->Html->link(__('Edit', true), array('action' => 'edit', $event['Event']['id']), null);
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id']));
}?>
<?php echo $this->Html->link(__('View', true), array('controller' => 'events', 'action' => 'view', $event['Event']['id'])); ?>
</td>
</tr>
<?php
endforeach; ?>
<?php foreach ($events as $event):?>
<tr>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php
if ($event['Event']['published'] == 1) {
echo $this->Html->link('', array('controller' => 'events', 'action' => 'view', $event['Event']['id']), array('class' => 'icon-ok', 'title' => 'View'));
} else {
echo $this->Html->link('', array('controller' => 'events', 'action' => 'view', $event['Event']['id']), array('class' => 'icon-remove', 'title' => 'View'));
}?>&nbsp;
</td>
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';"><?php
$imgRelativePath = 'orgs' . DS . h($event['Event']['orgc']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($event['Event']['orgc']) . '.png', array('alt' => h($event['Event']['orgc']),'width' => '48','hight' => '48'));
else echo $this->Html->tag('span', h($event['Event']['orgc']), array('class' => 'welcome', 'style' => 'float:left;'));?><?php
?>
&nbsp;
</td>
<?php endif;?>
<?php if ('true' == $isSiteAdmin): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php
$imgRelativePath = 'orgs' . DS . h($event['Event']['org']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($event['Event']['org']) . '.png', array('alt' => h($event['Event']['org']),'width' => '48','hight' => '48'));
else echo $this->Html->tag('span', h($event['Event']['org']), array('class' => 'welcome', 'style' => 'float:left;'));?><?php
?>&nbsp;
</td>
<?php endif; ?>
<td class="short">
<?php echo $this->Html->link($event['Event']['id'], array('controller' => 'events', 'action' => 'view', $event['Event']['id'])); ?>&nbsp;
</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['attribute_count']; ?>&nbsp;
</td>
<?php if ($isAdmin): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php if($isSiteAdmin || $event['Event']['org'] == $me['org']) echo h($event['User']['email']); ?>&nbsp;
</td>
<?php endif; ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['date']; ?>&nbsp;
</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['risk']; ?>&nbsp;
</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $analysisLevels[$event['Event']['analysis']]; ?>&nbsp;
</td>
<td onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo nl2br(h($event['Event']['info'])); ?>&nbsp;
</td>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['distribution'] != 'All communities' ? $event['Event']['distribution'] : 'All';?>
</td>
<?php endif; ?>
<td class="short action-links">
<?php
if (0 == $event['Event']['published'] && ($isSiteAdmin || ($isAclPublish && $event['Event']['org'] == $me['org'])))
echo $this->Form->postLink('', array('action' => 'alert', $event['Event']['id']), array('class' => 'icon-download-alt', 'title' => 'Publish Event'), 'Are you sure this event is complete and everyone should be informed?');
elseif (0 == $event['Event']['published']) echo 'Not published';
if ($isSiteAdmin || ($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['org'] == $me['org'])) {
echo $this->Html->link('', array('action' => 'edit', $event['Event']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));
echo $this->Form->postLink('', array('action' => 'delete', $event['Event']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete # %s?', $event['Event']['id']));
}
echo $this->Html->link('', array('controller' => 'events', 'action' => 'view', $event['Event']['id']), array('class' => 'icon-list-alt', 'title' => 'View'));
?>
</td>
</tr>
<?php endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li class="active"><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>
</div>
<script>
$(document).ready( function () {
// onload hide all buttons
$('#searchinfo').hide();
$('#searchorgc').hide();
$('#searchdate').hide();
$('#searchpublished').hide();
});
function toggleField(field) {
$(field).toggle();
$(field +" input").focus();
}
</script>

33
app/View/Events/show_i_o_c_results.ctp
View File

@ -1,14 +1,11 @@
<div class="index">
<div class="actions" style="float:right;">
<ul><li><?php echo $this->Html->link(__('View the event', true), array('action' => 'view', $eventId)); ?> </li></ul>
</div>
<h2>Results of the import: </h2>
<h3><?php echo count($attributes); ?> attributes created successfully, <?php echo count($fails); ?> indicators could not be mapped and saved. </h3>
<br /><br />
<?php
if (0 != count($attributes)): ?>
<h4>Successfully added attributes:</h4>
<table cellpadding="0" cellspacing="0">
<table class="table table-striped table-hover table-condensed">
<tr>
<th>Uuid</th>
<th>Category</th>
@ -30,7 +27,7 @@ endif;?>
if (isset($fails)):?>
<br /><br />
<h4>Failed indicators:</h4>
<table cellpadding="0" cellspacing="0">
<table class="table table-striped table-hover table-condensed">
<tr>
<th>Uuid</th>
<th>Search term</th>
@ -44,6 +41,7 @@ foreach ($fails as $fail): ?>
</tr><?php
endforeach; ?>
</table><br /><br />
<div class="visualisation">
<h4>Visualisation:</h4>
<?php
endif;
@ -53,8 +51,29 @@ foreach ($graph as $line): ?>
<?php
endforeach; ?>
</div>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $eventId)); ?> </li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $eventId)); ?> </li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $eventId), null, __('Are you sure you want to delete # %s?', $eventId)); ?></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $eventId));?> </li>
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $eventId));?> </li>
<li class="active"><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $eventId));?> </li>
<?php else: ?>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $eventId));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $eventId));?> </li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $eventId)); ?> </li>
<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $eventId)); ?></li>
<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $eventId)); ?> </li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<?php endif; ?>
</ul>
</div>

5
app/View/Events/succes.ctp
View File

@ -5,9 +5,4 @@ if (0 == count($succes)):?>
else:?>
<p>Succes, all done.</p><?php
endif;?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

406
app/View/Events/view.ctp
View File

@ -2,163 +2,175 @@
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['orgc'] == $me['org']));
$mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
?>
<div class="events view">
<div class="actions" style="float:right;">
<?php
if ($isSiteAdmin || $mayModify): ?>
<ul><li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?>
<?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?>
<?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $event['Event']['id']));?> </li></li></ul><br />
<?php else: ?>
<ul><li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $event['Event']['id']));?></li>
<li><?php echo $this->Html->link(__('Propose Attachment', true), array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li></ul>
<?php
endif; ?>
<?php if ( 0 == $event['Event']['published'] && ($isAdmin || $mayPublish)):
// only show button if alert has not been sent // LATER show the ALERT button in red-ish
?>
<ul><li><?php
if ($isSiteAdmin || $mayPublish) {
echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?');
echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $event['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!');
}
?> </li></ul>
<?php elseif (0 == $event['Event']['published']): ?>
<ul><li>Not published</li></ul>
<?php else: ?>
<div class="actions">
<ul class="nav nav-list">
<li class="active"><a href="/events/view/<?php echo $event['Event']['id'];?>">View Event</a></li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><a href="/events/edit/<?php echo $event['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
<li class="divider"></li>
<li><a href="/attributes/add/<?php echo $event['Event']['id'];?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $event['Event']['id'];?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $event['Event']['id'];?>">Populate from IOC</a></li>
<?php else: ?>
<li><a href="/shadow_attributes/add/<?php echo $event['Event']['id'];?>">Propose Attribute</a></li>
<li><a href="/shadow_attributes/add_attachment/<?php echo $event['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php if ( 0 == $event['Event']['published'] && ($isAdmin || $mayPublish)): ?>
<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $event['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
<?php else: ?>
<!-- ul><li>Alert already sent</li></ul -->
<?php
endif; ?>
<br /><ul><li><?php echo $this->Html->link(__('Contact reporter', true), array('action' => 'contact', $event['Event']['id'])); ?> </li></ul><br />
<ul><li><?php echo $this->Html->link(__('Download as XML', true), array('action' => 'xml', 'download', $event['Event']['id'])); ?>
<?php echo $this->Html->link(__('Download as IOC', true), array('action' => 'downloadOpenIOCEvent', $event['Event']['id'])); ?> </li></ul>
<?php endif; ?>
<li><a href="/events/contact/<?php echo $event['Event']['id'];?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $event['Event']['id'];?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $event['Event']['id'];?>">Download as IOC</a></li>
<li class="divider"></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?><?php echo $this->element('img', array('id' => $event['Event']['orgc']));?><?php
endif; ?>
<h2>Event</h2>
<dl>
<dt>ID</dt>
<dd>
<?php echo h($event['Event']['id']); ?>
&nbsp;
</dd>
<dt>Uuid</dt>
<dd>
<?php echo h($event['Event']['uuid']); ?>
&nbsp;
</dd>
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
<dt>Org</dt>
<dd>
<?php echo h($event['Event']['orgc']); ?>
&nbsp;
</dd>
<?php
endif; ?>
<?php if ($isSiteAdmin): ?>
<dt>Owner org</dt>
<dd>
<?php echo h($event['Event']['org']); ?>
&nbsp;
</dd>
<?php
endif; ?>
<?php if ($isSiteAdmin || ($isAdmin && $me['org'] == $event['Event']['org'])): ?>
<dt>Email</dt>
<dd>
<?php echo h($event['User']['email']); ?>
&nbsp;
</dd>
<?php
endif; ?>
<dt>Date</dt>
<dd>
<?php echo h($event['Event']['date']); ?>
&nbsp;
</dd>
<dt<?php echo ' title="' . $eventDescriptions['risk']['desc'] . '"';?>>Risk</dt>
<dd>
<?php echo h($event['Event']['risk']); ?>
&nbsp;
</dd>
<dt<?php echo ' title="' . $eventDescriptions['analysis']['desc'] . '"';?>>Analysis</dt>
<dd>
<?php echo h($analysisLevels[$event['Event']['analysis']]); ?>
&nbsp;
</dd>
<dt>Distribution</dt>
<dd>
<?php echo h($event['Event']['distribution'] . ', ' . strtolower(substr(($distributionDescriptions[$event['Event']['distribution']]['formdesc']), 0, 1)) . substr($distributionDescriptions[$event['Event']['distribution']]['formdesc'], 1) . '.'); ?>
&nbsp;
</dd>
<!-- dt>UUID</dt>
<dd>
<?php echo h($event['Event']['uuid']); ?>
&nbsp;
</dd -->
<dt>Info</dt>
<dd>
<?php echo nl2br(h($event['Event']['info'])); ?>
&nbsp;
</dd>
</dl><br />
<?php
if (!empty($relatedEvents)):?>
<div class="related">
<h3>Related Events</h3>
<ul>
<?php
foreach ($relatedEvents as $relatedEvent): ?>
<li><?php
$linkText = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
echo "<div \" title = \"".h($relatedEvent['Event']['info'])."\">";
if ($relatedEvent['Event']['org'] == $me['org']) {
echo $this->Html->link($linkText, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id']), array('class' => 'SameOrgLink'));
} else {
echo $this->Html->link($linkText, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id']));
}
?></div></li>
<?php
endforeach; ?>
</ul>
</div><br />
<?php
endif; ?>
<div class="related">
<div class="events view">
<?php
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin) {
echo $this->element('img', array('id' => $event['Event']['orgc']));
}
?>
<div class="row-fluid">
<div class="span8">
<h2>Event</h2>
<dl>
<dt>ID</dt>
<dd>
<?php echo h($event['Event']['id']); ?>
&nbsp;
</dd>
<dt>Uuid</dt>
<dd>
<?php echo h($event['Event']['uuid']); ?>
&nbsp;
</dd>
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
<dt>Org</dt>
<dd>
<?php echo h($event['Event']['orgc']); ?>
&nbsp;
</dd>
<?php endif; ?>
<?php if ($isSiteAdmin): ?>
<dt>Owner org</dt>
<dd>
<?php echo h($event['Event']['org']); ?>
&nbsp;
</dd>
<?php endif; ?>
<?php if ($isSiteAdmin || ($isAdmin && $me['org'] == $event['Event']['org'])): ?>
<dt>Email</dt>
<dd>
<?php echo h($event['User']['email']); ?>
&nbsp;
</dd>
<?php endif; ?>
<dt>Date</dt>
<dd>
<?php echo h($event['Event']['date']); ?>
&nbsp;
</dd>
<dt title="<?php echo $eventDescriptions['risk']['desc'];?>">Risk</dt>
<dd>
<?php echo h($event['Event']['risk']); ?>
&nbsp;
</dd>
<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>">Analysis</dt>
<dd>
<?php echo h($analysisLevels[$event['Event']['analysis']]); ?>
&nbsp;
</dd>
<dt>Distribution</dt>
<dd>
<?php echo h($event['Event']['distribution'] . ', ' . strtolower(substr(($distributionDescriptions[$event['Event']['distribution']]['formdesc']), 0, 1)) . substr($distributionDescriptions[$event['Event']['distribution']]['formdesc'], 1) . '.'); ?>
&nbsp;
</dd>
<dt>Info</dt>
<dd>
<?php echo nl2br(h($event['Event']['info'])); ?>
&nbsp;
</dd>
<dt>Published</dt>
<dd style="color: red;">
<b><?php echo ($event['Event']['published'] == 1 ? 'Yes' : 'No'); ?></b>
&nbsp;
</dd>
</dl>
</div>
<?php if (!empty($relatedEvents)):?>
<div class="related span4">
<h3>Related Events</h3>
<ul class="inline">
<?php foreach ($relatedEvents as $relatedEvent): ?>
<li>
<div title="<?php echo h($relatedEvent['Event']['info']); ?>">
<?php
$linkText = $relatedEvent['Event']['date'] . ' (' . $relatedEvent['Event']['id'] . ')';
if ($relatedEvent['Event']['org'] == $me['org']) {
echo $this->Html->link($linkText, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id']), array('class' => 'SameOrgLink'));
} else {
echo $this->Html->link($linkText, array('controller' => 'events', 'action' => 'view', $relatedEvent['Event']['id']));
}
?>
</div></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
</div>
<div>
<h3>Attributes</h3>
<?php
if (!empty($event['Attribute'])):?>
<table cellpadding = "0" cellspacing = "0">
<table class="table table-condensed">
<tr>
<th>Category</th>
<th>Type</th>
<th>Value</th>
<th>Related Events</th>
<th <?php echo "title='" . $attrDescriptions['signature']['desc'] . "'";?>>IDS Signature</th>
<th <?php echo "title='" . $attrDescriptions['private']['desc'] . "'";?>>Distribution</th>
<th class="actions">Actions</th>
<th title="<?php echo $attrDescriptions['signature']['desc'];?>">IDS Signature</th>
<th title="<?php echo $attrDescriptions['private']['desc'];?>">Distribution</th>
<th class="actions">Actions</th>
</tr><?php
foreach ($categories as $category):
$first = 1;
foreach ($event['Attribute'] as $attribute):
$extra = "";
if ($attribute['category'] != $category) continue;
if (count($attribute['ShadowAttribute'])) $extra .= 'highlightGreen highlightTop';
if (count($attribute['ShadowAttribute'])) $extra .= 'highlight1';
?>
<tr>
<td class= "short <?php echo $extra; if ($extra != "") echo ' highlightLeft'; ?>" title="<?php if('' != $attribute['category']) echo $categoryDefinitions[$attribute['category']]['desc'];?>"><?php
if ($first) {
<tr>
<?php if($first): ?>
<td class= "short <?php echo $extra; ?>" title="<?php if('' != $attribute['category']) echo $categoryDefinitions[$attribute['category']]['desc'];?>">
<?php
if ('' == $attribute['category']) echo '(no category)';
echo h($attribute['category']);
} else {
echo '&nbsp;';
}?></td>
<td class= "short <?php echo $extra; ?>" title="<?php
echo $typeDefinitions[$attribute['type']]['desc'];?>"><?php
echo h($attribute['type']);?></td>
<td class= "short <?php echo $extra; ?>"><?php
else echo h($attribute['category']);
?>
</td>
<?php else: ?>
<td class= "short <?php echo $extra; ?>">
&nbsp;
</td>
<?php endif; ?>
<td class="short <?php echo $extra; ?>" title="<?php echo $typeDefinitions[$attribute['type']]['desc'];?>">
<?php echo h($attribute['type']);?>
</td>
<td class="<?php echo $extra; ?>"><?php
$sigDisplay = $attribute['value'];
if ('attachment' == $attribute['type'] || 'malware-sample' == $attribute['type'] ) {
$filenameHash = explode('|', $attribute['value']);
@ -183,7 +195,7 @@ if (!empty($event['Attribute'])):?>
echo nl2br(h($sigDisplay));
}
?></td>
<td class= "short <?php echo $extra; ?>">
<td class="<?php echo $extra; ?>" style="max-width:100px;">
<?php
$first = 0;
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
@ -201,15 +213,15 @@ if (!empty($event['Attribute'])):?>
}
?>&nbsp;
</td>
<td class= "short <?php echo $extra; ?>"><?php echo $attribute['to_ids'] ? 'Yes' : 'No';?></td>
<td class= "short <?php echo $extra; ?>"><?php echo $attribute['distribution'] != 'All communities' ? $attribute['distribution'] : 'All';?></td>
<td class = "actions <?php echo $extra; if ($extra != '') echo ' highlightRight'; ?>">
<td class="short <?php echo $extra; ?>"><?php echo $attribute['to_ids'] ? 'Yes' : 'No';?></td>
<td class="short <?php echo $extra; ?>"><?php echo $attribute['distribution'] != 'All communities' ? $attribute['distribution'] : 'All';?></td>
<td class="short action-links <?php echo $extra;?>">
<?php
if ($isSiteAdmin || $mayModify) {
echo $this->Html->link(__('Edit', true), array('controller' => 'attributes', 'action' => 'edit', $attribute['id']));
echo $this->Form->postLink(__('Delete'), array('controller' => 'attributes', 'action' => 'delete', $attribute['id']), null, __('Are you sure you want to delete this attribute? Keep in mind that this will also delete this attribute on remote MISP instances.'));
echo $this->Html->link('', array('controller' => 'attributes', 'action' => 'edit', $attribute['id']), array('class' => 'icon-edit', 'title' => 'Edit'));
echo $this->Form->postLink('', array('controller' => 'attributes', 'action' => 'delete', $attribute['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this attribute? Keep in mind that this will also delete this attribute on remote MISP instances.'));
} else {
echo $this->Html->link(__('Propose edit', true), array('controller' => 'shadow_attributes', 'action' => 'edit', $attribute['id']));
echo $this->Html->link('', array('controller' => 'shadow_attributes', 'action' => 'edit', $attribute['id']), array('class' => 'icon-edit', 'title' => 'Propose Edit'));
}
?>
</td>
@ -218,16 +230,16 @@ if (!empty($event['Attribute'])):?>
// Create an entry for each shadow attribute right below the attribute that it proposes to edit
// $extra is used for extra style code added to cells that have a highlighting border around them.
$extra = null;
$extra = 'highlight2';
foreach ($attribute['ShadowAttribute'] as $shadowAttribute):
if ($shadowAttribute === end($attribute['ShadowAttribute'])) $extra = 'highlightBottom';
?>
<tr>
<td class="highlightLeft highlightRed <?php echo $extra; ?>" title="<?php if('' != $shadowAttribute['category']) echo $categoryDefinitions[$shadowAttribute['category']]['desc'];?>">
<tr class="highlight2">
<td class="short highlight2" title="<?php if('' != $shadowAttribute['category']) echo $categoryDefinitions[$shadowAttribute['category']]['desc'];?>">
<?php
if ($shadowAttribute['category'] != $attribute['category']) echo h($shadowAttribute['category']);
?>
</td>
<td class="short highlightRed <?php echo $extra; ?>" title="
<td class="short highlight2" title="
<?php
echo $typeDefinitions[$shadowAttribute['type']]['desc'];
?>
@ -236,7 +248,7 @@ if (!empty($event['Attribute'])):?>
if ($shadowAttribute['type'] != $attribute['type']) echo h($shadowAttribute['type']);
?>
</td>
<td class = "<?php echo $extra; ?> highlightRed">
<td class = "highlight2">
<?php
if ($shadowAttribute['value'] != $attribute['value']) {
$sigDisplay = $shadowAttribute['value'];
@ -265,19 +277,19 @@ if (!empty($event['Attribute'])):?>
}
?>
</td>
<td class="short <?php echo $extra; ?> highlightRed">
<td class="short highlight2">
</td>
<td class="short <?php echo $extra; ?> highlightRed">
<td class="short highlight2">
<?php
if ($shadowAttribute['to_ids'] != $attribute['to_ids']) echo $shadowAttribute['to_ids'] ? 'Yes' : 'No';
?></td>
<td class="short <?php echo $extra; ?> highlightRed"></td>
<td class="actions highlightRight <?php echo $extra; ?> highlightRed">
<td class="short highlight2"></td>
<td class="short action-links highlight2">
<?php
if (($event['Event']['org'] == $me['org'] && $mayPublish) || $isSiteAdmin) {
echo $this->Html->link(__('Accept', true), array('controller' => 'shadow_attributes', 'action' => 'accept', $shadowAttribute['id']));
echo $this->Html->link('', array('controller' => 'shadow_attributes', 'action' => 'accept', $shadowAttribute['id']), array('class' => 'icon-ok', 'title' => 'Accept'));
}
echo $this->Html->link(__('Discard', true), array('controller' => 'shadow_attributes', 'action' => 'discard', $shadowAttribute['id']));
echo $this->Html->link('', array('controller' => 'shadow_attributes', 'action' => 'discard', $shadowAttribute['id']), array('class' => 'icon-trash', 'title' => 'Discard'));
?>
</td>
</tr>
@ -290,68 +302,68 @@ if (!empty($event['Attribute'])):?>
$first = true;
if (isset($remaining)):
foreach ($remaining as $remain):
$extra = 'highlightRed';
$extra = 'highlight2';
if ($first) {
$extra .= ' highlightTop';
//$extra .= ' highlightTop';
$first = false;
}
if ($remain === end($remaining)) $extra .= ' highlightBottom';
//if ($remain === end($remaining)) $extra .= ' highlightBottom';
?>
<tr>
<td class="highlightLeft <?php echo $extra; ?>" title="<?php if('' != $remain['ShadowAttribute']['category']) echo $categoryDefinitions[$remain['ShadowAttribute']['category']]['desc'];?>">
<tr class="highlight2">
<td class="highlight2" title="<?php if('' != $remain['category']) echo $categoryDefinitions[$remain['category']]['desc'];?>">
<?php
echo h($remain['ShadowAttribute']['category']);
echo h($remain['category']);
?>
</td>
<td class="short <?php echo $extra; ?>" title="
<td class="short highlight2" title="
<?php
echo $typeDefinitions[$remain['ShadowAttribute']['type']]['desc'];
echo $typeDefinitions[$remain['type']]['desc'];
?>
">
<?php
echo h($remain['ShadowAttribute']['type']);
echo h($remain['type']);
?>
</td>
<td class = "short <?php echo $extra; ?>">
<td class = "short highlight2">
<?php
$sigDisplay = nl2br(h($remain['ShadowAttribute']['value']));
if ('attachment' == $remain['ShadowAttribute']['type'] || 'malware-sample' == $remain['ShadowAttribute']['type'] ) {
$filenameHash = explode('|', $remain['ShadowAttribute']['value']);
$sigDisplay = nl2br(h($remain['value']));
if ('attachment' == $remain['type'] || 'malware-sample' == $remain['type'] ) {
$filenameHash = explode('|', $remain['value']);
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo $filepath;
echo $this->Html->link($filename, array('controller' => 'shadow_attributes', 'action' => 'download', $remain['ShadowAttribute']['id']));
echo $this->Html->link($filename, array('controller' => 'shadow_attributes', 'action' => 'download', $remain['id']));
} else {
echo $this->Html->link($filenameHash[0], array('controller' => 'shadow_attributes', 'action' => 'download', $remain['ShadowAttribute']['id']));
echo $this->Html->link($filenameHash[0], array('controller' => 'shadow_attributes', 'action' => 'download', $remain['id']));
}
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif (strpos($remain['ShadowAttribute']['type'], '|') !== false) {
$filenameHash = explode('|', $remain['ShadowAttribute']['value']);
} elseif (strpos($remain['type'], '|') !== false) {
$filenameHash = explode('|', $remain['value']);
echo h($filenameHash[0]);
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif ('vulnerability' == $remain['ShadowAttribute']['type']) {
} elseif ('vulnerability' == $remain['type']) {
echo $this->Html->link(h($sigDisplay), 'http://www.google.com/search?q=' . h($sigDisplay), array('target' => '_blank'));
} elseif ('link' == $remain['ShadowAttribute']['type']) {
} elseif ('link' == $remain['type']) {
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
} else {
echo h($sigDisplay);
}
?>
</td>
<td class="short <?php echo $extra; ?>">
<td class="short highlight2">
</td>
<td class="short <?php echo $extra; ?>">
<td class="short highlight2">
<?php
echo $remain['ShadowAttribute']['to_ids'] ? 'Yes' : 'No';
echo $remain['to_ids'] ? 'Yes' : 'No';
?></td>
<td class="short <?php echo $extra; ?>"></td>
<td class="actions highlightRight <?php echo $extra; ?>">
<td class="short highlight2"></td>
<td class="short action-links highlight2">
<?php
if (($event['Event']['org'] == $me['org'] && $mayPublish) || $isSiteAdmin) {
echo $this->Html->link(__('Accept', true), array('controller' => 'shadow_attributes', 'action' => 'accept', $remain['ShadowAttribute']['id']));
echo $this->Html->link('', array('controller' => 'shadow_attributes', 'action' => 'accept', $remain['id']), array('class' => 'icon-ok', 'title' => 'Accept'));
}
echo $this->Html->link(__('Discard', true), array('controller' => 'shadow_attributes', 'action' => 'discard',$remain['ShadowAttribute']['id']));
echo $this->Html->link('', array('controller' => 'shadow_attributes', 'action' => 'discard',$remain['id']), array('class' => 'icon-trash', 'title' => 'Discard'));
?>
</td>
</tr>
@ -363,26 +375,14 @@ if (!empty($event['Attribute'])):?>
<?php
endif; ?>
</div>
</div>
<div class="actions">
<ul>
<?php
if ($isSiteAdmin || $mayModify) {
?>
<li><?php echo $this->Html->link(__('Add Attribute', true), array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link(__('Add Attachment', true), array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link(__('Edit Event', true), array('action' => 'edit', $event['Event']['id'])); ?> </li>
<li><?php echo $this->Form->postLink(__('Delete Event'), array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
<li>&nbsp;</li>
<?php
} else {
?>
<li><?php echo $this->Html->link(__('Propose Attribute', true), array('controller' => 'shadow_attributes', 'action' => 'add', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link(__('Propose Attachment', true), array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
<li>&nbsp;</li>
<?php
}
echo $this->element('actions_menu');
?>
</ul>
</div>
<script type="text/javascript">
// tooltips
$(document).ready(function () {
$("th, td, dt, div, span").tooltip({
'placement': 'top',
'container' : 'body',
delay: { show: 500, hide: 100 }
});
});
</script>

2
app/View/Events/xml/view.ctp
View File

@ -3,6 +3,8 @@ $xmlArray = array();
// rearrange things to be compatible with the Xml::fromArray()
$event['Event']['Attribute'] = $event['Attribute'];
unset($event['Attribute']);
$event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
unset($event['ShadowAttribute']);
// build up a list of the related events
if (isset($relatedEvents)) {

9
app/View/Helper/AppHelper.php
View File

@ -20,7 +20,9 @@
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
App::uses('Helper', 'View');
App::uses('UrlCacheAppHelper', 'UrlCache.View/Helper');
/**
* Application helper
@ -30,12 +32,13 @@ App::uses('Helper', 'View');
*
* @package app.View.Helper
*/
class AppHelper extends Helper {
class AppHelper extends UrlCacheAppHelper {
public function url($url = null, $full = false) {
if (is_array($url) && !isset($url['admin'])) {
$url['admin'] = false;
}
return parent::url($url, $full);
return parent::url($url, $full);
}
}

32
app/View/Helper/HighlightHelper.php
View File

@ -6,17 +6,33 @@ App::uses('AppHelper', 'View/Helper');
// Used for things such as searches in the logs to highlight found terms
class HighlightHelper extends AppHelper {
public function highlighter($str, $keyWords) {
if (is_array($keyWords)) {
foreach ($keyWords as $keyword) {
$keyword = trim($keyword);
$str = preg_replace('%' . $keyword . '%i', '<span style="color:red">' . $keyword . '</span>', $str);
}
return $str;
/**
* Important: data needs to be sanitized using the h() function before entering this function
* @param unknown_type $keywordArray
*/
public function build_replace_pairs($keywordArray) {
// build the $replacePairs variable used to highlight the keywords
$replacementArray = array();
if (!is_array($keywordArray)) {
$keywordArray = array($keywordArray);
}
foreach ($keywordArray as &$keywordArrayElement) {
$keywordArrayElement = trim($keywordArrayElement);
if ("" == $keywordArrayElement) continue;
$replacementArray[] = '<span style="color:red">'.$keywordArrayElement.'</span>';
}
if (!empty($replacementArray))
return array_combine($keywordArray, $replacementArray);
}
public function highlighter($str, $replacePairs) {
if (is_array($replacePairs)) {
return strtr($str, $replacePairs);
} else {
$str = preg_replace('%' . $keyWords . '%i', '<span style="color:red">' . $keyWords . '</span>', $str);
return $str;
}
}
}
?>

71
app/View/Layouts/default.ctp
View File

@ -1,72 +1,69 @@
<?php
/**
*
* PHP 5
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @package Cake.View.Layouts
* @since CakePHP(tm) v 0.10.0.1076
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php echo $this->Html->charset(); ?>
<title>
<?php echo Configure::read('CyDefSIG.name')?>:
<?php echo $title_for_layout; ?>
<?php echo $title_for_layout, ' - ', Configure::read('CyDefSIG.name')?>:
</title>
<?php
echo $this->Html->meta('icon');
echo $this->Html->css('cake.generic');
echo $this->Html->css(array('print'), 'stylesheet', array('media' => 'print'));
// echo $this->Html->css('cake.generic');
echo $this->Html->css('roboto');
echo $this->Html->css('bootstrap'); // see http://twitter.github.io/bootstrap/base-css.html
echo $this->Html->css('datepicker');
echo $this->Html->css('main');
// FIXME chri: re-add print stylesheet
//echo $this->Html->css(array('print'), 'stylesheet', array('media' => 'print'));
echo $this->fetch('meta');
echo $this->fetch('css');
echo $this->fetch('script');
echo $this->Html->script('jquery-1.8.3.min'); // Include jQuery library
echo $this->Html->script('jquery-1.9.1.min'); // Include jQuery library
?>
<!--?php echo $scripts_for_layout; ?-->
</head>
<body>
<div id="container">
<div id="header">
<!--div id="header">
<h1><?php echo $this->Html->link(Configure::read('CyDefSIG.header'), array('controller' => 'events', 'action' => 'index')); ?>
<?php if ($logo = Configure::read('CyDefSIG.logo')) {
echo $this->Html->image($logo, array('alt' => h(Configure::read('CyDefSIG.header')), 'align' => 'right', 'height' => '30'));
}?></h1>
</div-->
<?php echo $this->element('global_menu');?>
<div class="container-fluid">
<div class="row-fluid">
<div class="span12">
<?php echo $this->Session->flash('auth'); ?>
<?php echo $this->Session->flash('error'); ?>
<?php echo $this->Session->flash('gpg'); ?>
<?php echo $this->Session->flash(); ?>
<?php echo $this->Session->flash('email'); ?>
</div>
</div>
</div>
<div id="content">
<?php echo $this->Session->flash('auth'); ?>
<?php echo $this->Session->flash('error'); ?>
<?php echo $this->Session->flash('gpg'); ?>
<?php echo $this->Session->flash(); ?>
<?php echo $this->Session->flash('email'); ?>
<?php echo $this->fetch('content'); ?>
</div>
<div id="footer">
<!--div id="footer">
<div class="noprint">
<h1 style="float:left;">Download: <?php echo $this->Html->link('PGP/GPG key', '/gpg.asc');?></h1>
<h1 style="float:right;"> <?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout'));?></h1>
</div>
<h1 style="text-align:center;"> <?php if (isset($me)) echo Configure::read('CyDefSIG.footerversion'); else echo Configure::read('CyDefSIG.footer')?></h1>
</div>
</div-->
</div>
<?php echo $this->element('sql_dump'); ?>
<?php
echo $this->element('sql_dump');
echo $this->Html->script('bootstrap');
//echo $this->Html->script('bootstrap.min');
echo $this->Html->script('bootstrap-datepicker');
echo $this->Html->script('main');
?>
</body>
</html>

136
app/View/Logs/admin_index.ctp
View File

@ -1,67 +1,109 @@
<div class="logs index">
<h2><?php echo __('Logs');?></h2>
<?php
if ($isSearch == 1) {
echo "<h4>Results for all log entries";
if ($emailSearch != null) echo " for user \"<b>" . h($emailSearch) . "\"</b>";
if ($orgSearch != null) echo " of the organisation \"<b>" . h($orgSearch) . "</b>\"";
if ($actionSearch != "ALL") echo " of type \"<b>" . h($actionSearch) . "</b>\"";
if ($titleSearch != null) echo " with the title \"<b>" . h($titleSearch) . "</b>\"";
if ($changeSearch != null) echo " including the change \"<b>" . h($changeSearch) . "</b>\"";
echo ":</h4>";
}
?>
<table cellpadding="0" cellspacing="0">
<tr>
<h2>Logs</h2>
<?php
if ($isSearch == 1) {
echo "<h4>Results for all log entries";
if ($emailSearch != null) {
echo " for user \"<b>" . h($emailSearch) . "\"</b>";
$emailSearchReplacePairs = $this->Highlight->build_replace_pairs(h($emailSearch));
}
if ($orgSearch != null) {
echo " of the organisation \"<b>" . h($orgSearch) . "</b>\"";
$orgSearchReplacePairs = $this->Highlight->build_replace_pairs(h($orgSearch));
}
if ($actionSearch != "ALL") {
echo " of type \"<b>" . h($actionSearch) . "</b>\"";
$actionSearchReplacePairs = $this->Highlight->build_replace_pairs(h($actionSearch));
}
if ($titleSearch != null) {
echo " with the title \"<b>" . h($titleSearch) . "</b>\"";
$titleSearchReplacePairs = $this->Highlight->build_replace_pairs(h($titleSearch));
}
if ($changeSearch != null) {
echo " including the change \"<b>" . h($changeSearch) . "</b>\"";
$changeSearchReplacePairs = $this->Highlight->build_replace_pairs(h($changeSearch));
}
echo ":</h4>";
}
?>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<!--th><?php echo $this->Paginator->sort('user_id');?></th-->
<th><?php echo $this->Paginator->sort('email');?></th>
<th><?php echo $this->Paginator->sort('org');?></th>
<th><?php echo $this->Paginator->sort('created');?></th>
<th><?php echo $this->Paginator->sort('action');?></th>
<th><?php echo $this->Paginator->sort('title');?></th>
<th><?php echo $this->Paginator->sort('change');?></th>
</tr><?php
foreach ($list as $item): ?>
<tr>
<td class="short"><?php echo h($item['Log']['id']); ?>&nbsp;</td>
<td class="short"><?php
if (isset($emailSearch)) echo ($this->Highlight->highlighter(h($item['Log']['email']), h($emailSearch)));
else echo (h($item['Log']['email'])); ?>&nbsp;</td>
<td class="short"><?php
if (isset($emailSearch)) echo ($this->Highlight->highlighter(h($item['Log']['org']), h($orgSearch)));
else echo (h($item['Log']['org'])); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Log']['created']); ?>&nbsp;</td>
<td class="short"><?php
if (isset($emailSearch)) echo ($this->Highlight->highlighter(h($item['Log']['action']), h($actionSearch)));
else echo (h($item['Log']['action'])); ?>&nbsp;</td>
<td class="short"><?php
if (isset($emailSearch)) echo ($this->Highlight->highlighter(h($item['Log']['title']), h($titleSearch)));
else echo (h($item['Log']['title'])); ?>&nbsp;</td>
<td class="short"><?php
if (isset($changeSearch)) echo $this->Highlight->highlighter(h($item['Log']['change']), h($changeSearch));
else echo h($item['Log']['change']);
?>&nbsp;</td>
</tr><?php
endforeach; ?>
</tr>
<?php foreach ($list as $item): ?>
<tr>
<td class="short"><?php echo h($item['Log']['id']); ?>&nbsp;</td>
<td class="short"><?php
if (isset($emailSearch) && $emailSearch != null) echo nl2br($this->Highlight->highlighter(h($item['Log']['email']), $emailSearchReplacePairs));
else echo (h($item['Log']['email'])); ?>&nbsp;</td>
<td class="short"><?php
if (isset($orgSearch) && $orgSearch != null) echo nl2br($this->Highlight->highlighter(h($item['Log']['org']), $orgSearchReplacePairs));
else echo (h($item['Log']['org'])); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Log']['created']); ?>&nbsp;</td>
<td class="short"><?php
if (isset($actionSearch) && $actionSearch != "ALL") echo nl2br($this->Highlight->highlighter(h($item['Log']['action']), $actionSearchReplacePairs));
else echo (h($item['Log']['action'])); ?>&nbsp;</td>
<td class="short"><?php
if (isset($titleSearch) && $titleSearch != null) echo nl2br($this->Highlight->highlighter(h($item['Log']['title']), $titleSearchReplacePairs));
else echo nl2br(h($item['Log']['title'])); ?>&nbsp;</td>
<td class="short"><?php
if (isset($changeSearch) && $changeSearch != null) echo nl2br($this->Highlight->highlighter(h($item['Log']['change']), $changeSearchReplacePairs));
else echo nl2br(h($item['Log']['change']));
?>&nbsp;</td>
</tr>
<?php endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<?php
if ($isSearch == 1){
$searchClass = 'class="active"';
$listClass = '';
} else {
$searchClass = '';
$listClass = 'class="active"';
}
?>
<li <?php echo $listClass;?>><?php echo $this->Html->link('List Logs', array('admin' => true, 'action' => 'index'));?></li>
<li <?php echo $searchClass;?>><?php echo $this->Html->link('Search Logs', array('admin' => true, 'action' => 'search'));?></li>
</ul>
</div>

34
app/View/Logs/admin_search.ctp
View File

@ -1,23 +1,25 @@
<div class="logs form">
<?php echo $this->Form->create('Log');?>
<?php echo $this->Form->create('Log', array('novalidate'=>true));?>
<fieldset>
<legend><?php echo __('Search Log'); ?></legend>
<legend>Search Logs</legend>
<?php
echo $this->Form->input('email', array( 'label' => 'Email'));
if ($orgRestriction == false) {
echo $this->Form->input('org', array( 'label' => 'Org'));
echo $this->Form->input('org', array( 'label' => 'Organisation'));
}
echo $this->Form->input('action', array('between' => $this->Html->div('forminfo', '', array('id' => 'LogActionDiv'))));
echo $this->Form->input('title', array( 'label' => 'Title'));
echo $this->Form->input('change', array( 'label' => 'Change'));
echo $this->Form->input('action', array(
'between' => $this->Html->div('forminfo', '', array('id' => 'LogActionDiv')),
'div' => 'input clear'));
echo $this->Form->input('title', array(
'label' => 'Title',
'div' => 'input clear'));
echo $this->Form->input('change', array('label' => 'Change'));
?>
</fieldset>
<?php echo $this->Form->end(__('Search', true));?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
<?php
echo $this->Form->button('Search', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<script type="text/javascript">
var formInfoValues = new Array();
@ -47,4 +49,10 @@ function showFormInfo(id) {
$('#LogActionDiv').hide();
</script>
<?php echo $this->Js->writeBuffer();
<?php echo $this->Js->writeBuffer(); ?>
<div class="actions">
<ul class="nav nav-list">
<li ><?php echo $this->Html->link('List Logs', array('admin' => true, 'action' => 'index'));?></li>
<li class="active"><?php echo $this->Html->link('Search Logs', array('admin' => true, 'action' => 'search'));?></li>
</ul>
</div>

225
app/View/Pages/administration.ctp
View File

@ -1,159 +1,158 @@
<div class="index">
<b>Table of contents</b><br />
1. <?php echo $this->Html->link(__('General Layout', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?><br />
2. <?php echo $this->Html->link(__('User Management and Global Actions', true), array('controller' => 'pages', 'action' => 'display', 'user_management')); ?><br />
3. <?php echo $this->Html->link(__('Using the system', true), array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?><br />
4. <?php echo $this->Html->link(__('Administration', true), array('controller' => 'pages', 'action' => 'display', 'administration')); ?><br />
<ul>
<li>a. <a href="#blacklist">Blacklist</a></li>
<li>b. <a href="#regexp">Import Regexp</a></li>
<li>c. <a href="#whitelist">Signature Whitelist</a></li>
<li>d. <a href="#user">User Management</a></li>
<li>e. <a href="#roles">Role Management</a></li>
<li>f. <a href="#logs">Logging</a></li>
</ul>
5. <?php echo $this->Html->link(__('Categories and Types', true), array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?>
<br /><br /><hr /><br />
<div class="actions" style="width:15%">
<ol class="nav nav-list">
<li><?php echo $this->Html->link('General Layout', array('controller' => 'pages', 'action' => 'display', 'documentation')); ?></li>
<li><?php echo $this->Html->link('User Management and Global actions', array('controller' => 'pages', 'action' => 'display', 'user_management')); ?></li>
<li><?php echo $this->Html->link('Using the system', array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?></li>
<li class="active"><?php echo $this->Html->link('Administration', array('controller' => 'pages', 'action' => 'display', 'administration')); ?>
<ul class="nav nav-list">
<li><a href="#blacklist">Blacklist</a></li>
<li><a href="#regexp">Import Regexp</a></li>
<li><a href="#whitelist">Signature Whitelist</a></li>
<li><a href="#user">User Management</a></li>
<li><a href="#roles">Role Management</a></li>
<li><a href="#logs">Logging</a></li>
</ul>
</li>
<li><?php echo $this->Html->link('Categories and Types', array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?></li>
</ol>
</div>
<div class="index" style="width:80%">
<h2><a name ="blacklist"></a>Import Blacklist</h2>
It is possible to ban certain values from ever being entered into the system via an event info field or an attribute value. This is done by blacklisting the value in this section.<br /><br />
It is possible to ban certain values from ever being entered into the system via an event info field or an attribute value. This is done by blacklisting the value in this section.<br />
<h3>Adding and modifying entries</h3>
Administrators can add, edit or delete blacklisted items by using the appropriate functions in the list's action menu and the menu on the left.<br />
<br /><hr /><br />
<hr />
<h2><a name ="regexp"></a>Import Regexp</h2>
The system allows administrators to set up rules for regular expressions that will automatically alter newly entered or imported events (from GFI Sandbox).<br /><br />
The system allows administrators to set up rules for regular expressions that will automatically alter newly entered or imported events (from GFI Sandbox).<br />
<h3>The purpose of Import Regexp entries</h3>
They can be used for several things, such as unifying the capitalisation of file paths for more accurate event correlation or to automatically censor the usernames and use system path variable names (changing C:\Users\UserName\Appdata\Roaming\file.exe to %APPDATA%\file.exe).<br />
The second use is blocking, if a regular expression is entered with a blank replacement, any event info or attribute value containing the expression will not be added. Please make sure the entered regexp expression follows the preg_replace pattern rules as described <a href="http://php.net/manual/en/function.preg-replace.php">here</a>.<br /><br />
The second use is blocking, if a regular expression is entered with a blank replacement, any event info or attribute value containing the expression will not be added. Please make sure the entered regexp expression follows the preg_replace pattern rules as described <a href="http://php.net/manual/en/function.preg-replace.php">here</a>.<br />
<h3>Adding and modifying entries</h3>
Administrators can add, edit or delete regular expression rules, which are made up of a regex pattern that the system searches for and a replacement for the detected pattern.<br /><br />
Administrators can add, edit or delete regular expression rules, which are made up of a regex pattern that the system searches for and a replacement for the detected pattern.<br />
<p><img src="/img/doc/regexp.png" alt = "" title = "Add, edit or remove Regexp entries that will affect all newly created attributes here."/></p><br />
<br /><hr /><br />
<hr />
<h2><a name ="whitelist"></a>Managing the Signature whitelist</h2>
The signature whitelist view, accessible through the administration menu on the left, allows administrators to create and maintain a list of addresses that are whitelisted from ever being added to the NIDS signatures. Addresses listed here will be commented out when exporting the NIDS list.<br /><br />
The signature whitelist view, accessible through the administration menu on the left, allows administrators to create and maintain a list of addresses that are whitelisted from ever being added to the NIDS signatures. Addresses listed here will be commented out when exporting the NIDS list.<br />
<h3>Whitelisting an address:</h3>
While in the whitelist view, click on New Whitelist on the left to bring up the add whitelist view to add a new address. <br /><br />
While in the whitelist view, click on New Whitelist on the left to bring up the add whitelist view to add a new address. <br />
<h3>Managing the list:</h3>
When viewing the list of whitelisted addresses, the following pieces of information are shown: The ID of the whitelist entry (assigned automatically when a new address is added), the address itself that is being whitelisted and a set of controls allowing you to delete the entry or edit the address.<br /><br />
<img src="/img/doc/whitelist.png" alt = "Whitelist" title = "You can edit or delete currently white-listed addresses using the action buttons on this list."/><br /><br />
<br /><hr /><br />
When viewing the list of whitelisted addresses, the following pieces of information are shown: The ID of the whitelist entry (assigned automatically when a new address is added), the address itself that is being whitelisted and a set of controls allowing you to delete the entry or edit the address.<br />
<img src="/img/doc/whitelist.png" alt = "Whitelist" title = "You can edit or delete currently white-listed addresses using the action buttons on this list."/><br />
<hr />
<h2><a name ="user"></a>Managing the users:</h2>
As an admin, you can set up new accounts for users, edit the profiles of users, delete them, or just have a look at all the viewers' profiles. Organisation admins are restricted to executing the same actions on their organisation's users only.<br /><br />
As an admin, you can set up new accounts for users, edit the profiles of users, delete them, or just have a look at all the viewers' profiles. Organisation admins are restricted to executing the same actions on their organisation's users only.<br />
<img src="/img/doc/add_user.png" alt = "Add user" style="float:right;" title = "Fill this form out to add a new user. Keep in mind that the drop-down menu titled Role controls the privileges the user will have."/>
<h3>Adding a new user:</h3>
To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded:<br /><br />
To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded:<br />
<ul>
<li><em>Email:</em> The user's e-mail address, this will be used as his/her login name and as an address to send all the automatic e-mails and e-mails sent by contacting the user as the reporter of an event.<br /><br /></li>
<li><em>Password:</em> A temporary password for the user that he/she should change after the first login. Make sure that it is at least 6 characters long, includes a digit or a special character and contains at least one upper-case and at least one lower-case character.<br /><br /></li>
<li><em>Confirm Password:</em> This should be an exact copy of the Password field.<br /><br /></li>
<li><em>Org:</em>The organisation of the user. Entering ADMIN into this field will give administrator privileges to the user. If you are an organisation admin, then this field will be unchangeable and be set to your own organisation.<br /><br /></li>
<li><em>Roles:</em> A drop-down list allows you to choose a role-group that the user should belong to. Roles define the privileges of the user. To learn more about roles, <a href=#roles>click here</a>.<br /><br /></li>
<li><em>Receive alerts when events are published:</em> This option will subscribe the new user to automatically generated e-mails whenever an event is published.<br /><br /></li>
<li><em>Receive alerts from "contact reporter" requests:</em> This option will subscribe the new user to e-mails that are generated when another user tries to get in touch with an event's reporting organisation that matches that of the new user.<br /><br /></li>
<li><em>Authkey:</em> This is assigned automatically and is the unique authentication key of the user (he/she will be able to reset this and receive a new key). It is used for exports and for connecting one server to another, but it requires the user to be assigned to a role that has auth permission enabled.<br /><br /></li>
<li><em>NIDS Sid:</em> Nids ID, not yet implemented.<br /><br /></li>
<li><em>Gpgkey:</em> The key used for encrypting e-mails sent through the system. <br /><br /></li>
<li><em>Email:</em> The user's e-mail address, this will be used as his/her login name and as an address to send all the automatic e-mails and e-mails sent by contacting the user as the reporter of an event.<br /></li>
<li><em>Password:</em> A temporary password for the user that he/she should change after the first login. Make sure that it is at least 6 characters long, includes a digit or a special character and contains at least one upper-case and at least one lower-case character.<br /></li>
<li><em>Confirm Password:</em> This should be an exact copy of the Password field.<br /></li>
<li><em>Org:</em>The organisation of the user. Entering ADMIN into this field will give administrator privileges to the user. If you are an organisation admin, then this field will be unchangeable and be set to your own organisation.<br /></li>
<li><em>Roles:</em> A drop-down list allows you to choose a role-group that the user should belong to. Roles define the privileges of the user. To learn more about roles, <a href=#roles>click here</a>.<br /></li>
<li><em>Receive alerts when events are published:</em> This option will subscribe the new user to automatically generated e-mails whenever an event is published.<br /></li>
<li><em>Receive alerts from "contact reporter" requests:</em> This option will subscribe the new user to e-mails that are generated when another user tries to get in touch with an event's reporting organisation that matches that of the new user.<br /></li>
<li><em>Authkey:</em> This is assigned automatically and is the unique authentication key of the user (he/she will be able to reset this and receive a new key). It is used for exports and for connecting one server to another, but it requires the user to be assigned to a role that has auth permission enabled.<br /></li>
<li><em>NIDS Sid:</em> Nids ID, not yet implemented.<br /></li>
<li><em>Gpgkey:</em> The key used for encrypting e-mails sent through the system. <br /></li>
</ul>
<h3>Listing all users:</h3>
To list all current users of the system, just click on List Users under the administration menu to the left. A view will be loaded with a list of all users and the following columns of information:<br /><br />
<img src="/img/doc/list_users.png" alt = "List users" title = "View, Edit or Delete a user using the action buttons to the right."/><br /><br />
To list all current users of the system, just click on List Users under the administration menu to the left. A view will be loaded with a list of all users and the following columns of information:<br />
<img src="/img/doc/list_users.png" alt = "List users" title = "View, Edit or Delete a user using the action buttons to the right."/><br />
<ul>
<li><em>Id:</em> The user's automatically assigned ID number.<br /><br /></li>
<li><em>Org:</em> The organisation that the user belongs to.<br /><br /></li>
<li><em>Email:</em> The e-mail address (and login name) of the user.<br /><br /></li>
<li><em>Autoalert:</em> Shows whether the user has subscribed to auto-alerts and is always receiving the mass-emails regarding newly published events that he/she is eligible for.<br /><br /></li>
<li><em>ontactalert:</em> Shows whether the user has the subscription to contact reporter e-mails directed at his/her organisation turned on or off.<br /><br /></li>
<li><em>Gpgkey:</em> Shows whether the user has entered a Gpgkey yet.<br /><br /></li>
<li><em>Nids Sid:</em> Shows the currently assigned NIDS ID.<br /><br /></li>
<li><em>Termsaccepted:</em> This flag indicates whether the user has accepted the terms of use or not.<br /><br /></li>
<li><em>Newsread:</em> The last point in time when the user has looked at the news section of the system.<br /><br /></li>
<li><em>Action Buttons:</em> Here you can view a detailed view of a user, edit the basic details of a user (same view as the one used for creating a new user, but all the fields come filled out by default) or remove a user completely. <br /><br /></li>
<li><em>Id:</em> The user's automatically assigned ID number.<br /></li>
<li><em>Org:</em> The organisation that the user belongs to.<br /></li>
<li><em>Email:</em> The e-mail address (and login name) of the user.<br /></li>
<li><em>Autoalert:</em> Shows whether the user has subscribed to auto-alerts and is always receiving the mass-emails regarding newly published events that he/she is eligible for.<br /></li>
<li><em>ontactalert:</em> Shows whether the user has the subscription to contact reporter e-mails directed at his/her organisation turned on or off.<br /></li>
<li><em>Gpgkey:</em> Shows whether the user has entered a Gpgkey yet.<br /></li>
<li><em>Nids Sid:</em> Shows the currently assigned NIDS ID.<br /></li>
<li><em>Termsaccepted:</em> This flag indicates whether the user has accepted the terms of use or not.<br /></li>
<li><em>Newsread:</em> The last point in time when the user has looked at the news section of the system.<br /></li>
<li><em>Action Buttons:</em> Here you can view a detailed view of a user, edit the basic details of a user (same view as the one used for creating a new user, but all the fields come filled out by default) or remove a user completely. <br /></li>
</ul>
<h3>Editing a user:</h3>
To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded:<br /><br />
To add a new user, click on the New User button in the administration menu to the left and fill out the following fields in the view that is loaded:<br />
<ul>
<li><em>Email:</em> The user's e-mail address, this will be used as his/her login name and as an address to send all the automatic e-mails and e-mails sent by contacting the user as the reporter of an event.<br /><br /></li>
<li><em>Password:</em> It is possible to assign a new password manually for a user. For example, in case that he/she forgot the old one a new temporary one can be assigned. Make sure to check the "Change password" field if you do give out a temporary password, so that the user will be forced to change it after login.<br /><br /></li>
<li><em>Confirm Password:</em> This should be an exact copy of the Password field.<br /><br /></li>
<li><em>Org:</em>The organisation of the user. Entering ADMIN into this field will give administrator privileges to the user. If you are an organisation admin, then this field will be unchangeable and be set to your own organisation.<br /><br /></li>
<li><em>Roles:</em> A drop-down list allows you to choose a role-group that the user should belong to. Roles define the privileges of the user. To learn more about roles, <a href=#roles>click here</a>.<br /><br /></li>
<li><em>Receive alerts when events are published:</em> This option will subscribe the user to automatically generated e-mails whenever an event is published.<br /><br /></li>
<li><em>Receive alerts from "contact reporter" requests:</em> This option will subscribe the user to e-mails that are generated when another user tries to get in touch with an event's reporting organisation that matches that of the user.<br /><br /></li>
<li><em>Authkey:</em> It is possible to request a new authentication key for the user. <br /><br /></li>
<li><em>NIDS Sid:</em> Nids ID, not yet implemented.<br /><br /></li>
<li><em>Termsaccepted:</em> Indicates whether the user has accepted the terms of use already or not.<br /><br /></li>
<li><em>Change Password:</em> Setting this flag will require the user to change password after the next login.<br /><br /></li>
<li><em>Gpgkey:</em> The key used for encrypting e-mails sent through the system. <br /><br /></li>
<li><em>Email:</em> The user's e-mail address, this will be used as his/her login name and as an address to send all the automatic e-mails and e-mails sent by contacting the user as the reporter of an event.<br /></li>
<li><em>Password:</em> It is possible to assign a new password manually for a user. For example, in case that he/she forgot the old one a new temporary one can be assigned. Make sure to check the "Change password" field if you do give out a temporary password, so that the user will be forced to change it after login.<br /></li>
<li><em>Confirm Password:</em> This should be an exact copy of the Password field.<br /></li>
<li><em>Org:</em>The organisation of the user. Entering ADMIN into this field will give administrator privileges to the user. If you are an organisation admin, then this field will be unchangeable and be set to your own organisation.<br /></li>
<li><em>Roles:</em> A drop-down list allows you to choose a role-group that the user should belong to. Roles define the privileges of the user. To learn more about roles, <a href=#roles>click here</a>.<br /></li>
<li><em>Receive alerts when events are published:</em> This option will subscribe the user to automatically generated e-mails whenever an event is published.<br /></li>
<li><em>Receive alerts from "contact reporter" requests:</em> This option will subscribe the user to e-mails that are generated when another user tries to get in touch with an event's reporting organisation that matches that of the user.<br /></li>
<li><em>Authkey:</em> It is possible to request a new authentication key for the user. <br /></li>
<li><em>NIDS Sid:</em> Nids ID, not yet implemented.<br /></li>
<li><em>Termsaccepted:</em> Indicates whether the user has accepted the terms of use already or not.<br /></li>
<li><em>Change Password:</em> Setting this flag will require the user to change password after the next login.<br /></li>
<li><em>Gpgkey:</em> The key used for encrypting e-mails sent through the system. <br /></li>
</ul>
<h3>Contacting a user:</h3>
Site admins can use the "Contact users" feature to send all or an individual user an e-mail. Users that have a PGP key set will receive their e-mails encrypted. When clicking this button on the left, you'll be presented with a form that allows you to specify the type of the e-mail, who it should reach and what the content is using the following options:<br /><br />
<img src="/img/doc/contact.png" alt = "Contact" title = "Contact your users here."/><br /><br />
Site admins can use the "Contact users" feature to send all or an individual user an e-mail. Users that have a PGP key set will receive their e-mails encrypted. When clicking this button on the left, you'll be presented with a form that allows you to specify the type of the e-mail, who it should reach and what the content is using the following options:<br />
<img src="/img/doc/contact.png" alt = "Contact" title = "Contact your users here."/><br />
<ul>
<li><em>Action:</em> This defines the type of the e-mail, which can be a custom message or a password reset. Password resets automatically include a new temporary password at the bottom of the message and will automatically change the user's password accordingly.<br /><br /></li>
<li><em>Recipient:</em> The recipient toggle lets you contact all your users, a single user (which creates a second drop-down list with all the e-mail addresses of the users) and potential future users (which opens up a text field for the e-mail address and a text area field for a PGP public key).<br /><br /></li>
<li><em>Subject:</em> In the case of a custom e-mail, you can enter a subject line here.<br /><br /></li>
<li><em>Subject:</em> In the case of a custom e-mail, you can enter a subject line here.<br /><br /></li>
<li><em>Custom message checkbox:</em> This is available for password resets, you can either write your own message (which will be appended with a temporary key and the signature), or let the system generate one automatically.<br /><br /></li>
<li><em>Action:</em> This defines the type of the e-mail, which can be a custom message or a password reset. Password resets automatically include a new temporary password at the bottom of the message and will automatically change the user's password accordingly.<br /></li>
<li><em>Recipient:</em> The recipient toggle lets you contact all your users, a single user (which creates a second drop-down list with all the e-mail addresses of the users) and potential future users (which opens up a text field for the e-mail address and a text area field for a PGP public key).<br /></li>
<li><em>Subject:</em> In the case of a custom e-mail, you can enter a subject line here.<br /></li>
<li><em>Subject:</em> In the case of a custom e-mail, you can enter a subject line here.<br /></li>
<li><em>Custom message checkbox:</em> This is available for password resets, you can either write your own message (which will be appended with a temporary key and the signature), or let the system generate one automatically.<br /></li>
</ul>
Keep in mind that all e-mails sent through this system will, in addition to your own message, will be signed in the name of the instance's host organisation's support team, will include the e-mail address of the instance's support (if the contact field is set in the bootstrap file), and will include the instance's PGP signature for users that have a PGP key set (and thus are eligible for an encrypted e-mail).
<br /><hr /><br />
<hr />
<h2><a name ="roles"></a>Managing the roles</h2>
Privileges are assigned to users by assigning them to rule groups, which use one of four options determining what they can do with events and four additional privilege elevating settings. The four options for event manipulation are: Read Only, Manage My Own Events, Manage Organisation Events, Manage &amp; Publish Organisation Events. The extra privileges are admin, sync, authentication key usage and audit permission<br /><br />
<em>Read Only:</em> This allows the user to browse events that his organisation has access to, but doesn't allow any changes to be made to the database. <br /><br />
<em>Manage My Own Events:</em> The second option, gives its users rights to create, modify or delete their own events, but they cannot publish them. <br /><br />
<em>Manage Organization Events:</em> allows users to create events or modify and delete events created by a member of their organisation. <br /><br />
<em>Manage &amp; Publish Organisation Events:</em> This last setting, gives users the right to do all of the above and also to publish the events of their organisation.<br /><br />
<em>Perm sync:</em> This setting allows the users of the role to be used as a synchronisation user. The authentication key of this user can be handed out to the administrator of a remote MISP instance to allow the synchronisation features to work.<br /><br />
<em>Perm admin:</em> Gives the user administrator privileges, this setting is used for the organisation admins. <br /><br />
<em>Perm audit:</em> Grants access to the logs. With the exception of site admins, only logs generated by the user's own org are visible. <br /><br />
<em>Perm auth:</em> This setting enables the authentication key of the role's users to be used for rest requests. <br /><br />
Privileges are assigned to users by assigning them to rule groups, which use one of four options determining what they can do with events and four additional privilege elevating settings. The four options for event manipulation are: Read Only, Manage My Own Events, Manage Organisation Events, Manage &amp; Publish Organisation Events. The extra privileges are admin, sync, authentication key usage and audit permission<br />
<em>Read Only:</em> This allows the user to browse events that his organisation has access to, but doesn't allow any changes to be made to the database. <br />
<em>Manage My Own Events:</em> The second option, gives its users rights to create, modify or delete their own events, but they cannot publish them. <br />
<em>Manage Organization Events:</em> allows users to create events or modify and delete events created by a member of their organisation. <br />
<em>Manage &amp; Publish Organisation Events:</em> This last setting, gives users the right to do all of the above and also to publish the events of their organisation.<br />
<em>Perm sync:</em> This setting allows the users of the role to be used as a synchronisation user. The authentication key of this user can be handed out to the administrator of a remote MISP instance to allow the synchronisation features to work.<br />
<em>Perm admin:</em> Gives the user administrator privileges, this setting is used for the organisation admins. <br />
<em>Perm audit:</em> Grants access to the logs. With the exception of site admins, only logs generated by the user's own org are visible. <br />
<em>Perm auth:</em> This setting enables the authentication key of the role's users to be used for rest requests. <br />
<h3>Creating roles:</h3>
When creating a new role, you will have to enter a name for the role to be created and set up the permissions (as described above) using the radio toggle and the four check-boxes.<br /><br />
When creating a new role, you will have to enter a name for the role to be created and set up the permissions (as described above) using the radio toggle and the four check-boxes.<br />
<h3>Listing roles:</h3>
By clicking on the List Roles button, you can view a list of all the currently registered roles and a list of the permission flags turned on for each. In addition, you can find buttons that allow you to edit and delete the roles. Keep in mind that you will need to first remove every member from a role before you can delete it.<br /><br />
<img src="/img/doc/list_groups.png" alt = "List roles" title = "You can View, Edit or Delete roles using the action buttons to the right in each row. Keep in mind that a role has to be devoid of members before it can be deleted."/><br /><br />
<br /><hr /><br />
By clicking on the List Roles button, you can view a list of all the currently registered roles and a list of the permission flags turned on for each. In addition, you can find buttons that allow you to edit and delete the roles. Keep in mind that you will need to first remove every member from a role before you can delete it.<br />
<img src="/img/doc/list_groups.png" alt = "List roles" title = "You can View, Edit or Delete roles using the action buttons to the right in each row. Keep in mind that a role has to be devoid of members before it can be deleted."/><br />
<hr />
<h2><a name ="logs"></a>Using the logs of MISP</h2>
Users with audit permissions are able to browse or search the logs that MISP automatically appends each time certain actions are taken (actions that modify data or if a user logs in and out).<br /><br />
Generally, the following actions are logged:<br /><br />
Users with audit permissions are able to browse or search the logs that MISP automatically appends each time certain actions are taken (actions that modify data or if a user logs in and out).<br />
Generally, the following actions are logged:<br />
<ul>
<li><em>User:</em> Creation, deletion, modification, Login / Logout<br /><br /></li>
<li><em>Event:</em>Creation, deletion, modification, publishing<br /><br /></li>
<li><em>Attribute:</em> Creation, deletion, modification<br /><br /></li>
<li><em>Roles:</em> Creation, deletion, modification<br /><br /></li>
<li><em>Blacklist:</em> Creation, deletion, modification<br /><br /></li>
<li><em>Whitelist:</em> Creation, deletion, modification<br /><br /></li>
<li><em>User:</em> Creation, deletion, modification, Login / Logout<br /></li>
<li><em>Event:</em>Creation, deletion, modification, publishing<br /></li>
<li><em>Attribute:</em> Creation, deletion, modification<br /></li>
<li><em>Roles:</em> Creation, deletion, modification<br /></li>
<li><em>Blacklist:</em> Creation, deletion, modification<br /></li>
<li><em>Whitelist:</em> Creation, deletion, modification<br /></li>
<li><em>Regexp:</em> Creation, deletion, modification</li>
</ul>
<br />
<h3>Browsing the logs:</h3>
Listing all the log entries will show the following columns generated by the users of your organisation (or all organisations in the case of site admins):<br /><br />
<img src="/img/doc/list_logs.png" alt = "List logs" title = "Here you can view a list of all logged actions."/><br /><br />
Listing all the log entries will show the following columns generated by the users of your organisation (or all organisations in the case of site admins):<br />
<img src="/img/doc/list_logs.png" alt = "List logs" title = "Here you can view a list of all logged actions."/><br />
<ul>
<li><em>Id:</em> The automatically assigned ID number of the entry.<br /><br /></li>
<li><em>Email:</em> The e-mail address of the user whose actions triggered the entry.<br /><br /></li>
<li><em>Org:</em> The organisation of the above mentioned user.<br /><br /></li>
<li><em>Created:</em> The date and time when the entry originated.<br /><br /></li>
<li><em>Action:</em> The action's type. This can include: login/logout for users, add, edit, delete for events, attributes, users and servers.<br /><br /></li>
<li><em>Title:</em> The title of an event always includes the target type (Event, User, Attribute, Server), the target's ID and the target's name (for example: e-mail address for users, event description for events).<br /><br /></li>
<li><em>Id:</em> The automatically assigned ID number of the entry.<br /></li>
<li><em>Email:</em> The e-mail address of the user whose actions triggered the entry.<br /></li>
<li><em>Org:</em> The organisation of the above mentioned user.<br /></li>
<li><em>Created:</em> The date and time when the entry originated.<br /></li>
<li><em>Action:</em> The action's type. This can include: login/logout for users, add, edit, delete for events, attributes, users and servers.<br /></li>
<li><em>Title:</em> The title of an event always includes the target type (Event, User, Attribute, Server), the target's ID and the target's name (for example: e-mail address for users, event description for events).<br /></li>
<li><em>Change:</em> This field is only filled out for entries with the action being add or edit. The changes are detailed in the following format:<br />
<i>variable (initial_value)</i> =&gt; <i>(new_value)</i>,...<br />
When the entry is about the creation of a new item (such as adding a new event) then the change will look like this for example:<br />
<i>org()</i> =&gt; <i>(ADMIN)</i>, <i>date()</i> =&gt; <i>(20012-10-19)</i>,... <br /><br />
<i>org()</i> =&gt; <i>(ADMIN)</i>, <i>date()</i> =&gt; <i>(20012-10-19)</i>,... <br />
</ul>
<img src="/img/doc/search_log.png" alt = "Search log" style="float:right;" title = "You can search the logs using this form, narrow down your search by filling out several fields."/>
<h3>Searching the Logs:</h3>
Another way to browse the logs is to search it by filtering the results according to the following fields (the search is a sub-string search, the sub-string has to be an exact match for the entry in the field that is being searched for):<br /><br />
Another way to browse the logs is to search it by filtering the results according to the following fields (the search is a sub-string search, the sub-string has to be an exact match for the entry in the field that is being searched for):<br />
<ul>
<li><em>Email:</em> By searching by Email, it is possible to view the log entries of a single user.<br /><br /></li>
<li><em>Org:</em> Searching for an organisation allows you to see all actions taken by any member of the organisation.<br /><br /></li>
<li><em>Action:</em> With the help of this drop down menu, you can search for various types of actions taken (such as logins, deletions, etc).<br /><br /></li>
<li><em>Title:</em> There are several ways in which to use this field, since the title fields contain several bits of information and the search searches for any substrings contained within the field, it is possible to just search for the ID number of a logged event, the username / server's name / event's name / attribute's name of the event target.<br /><br /></li>
<li><em>Change:</em> With the help of this field, you can search for various specific changes or changes to certain variables (such as published will find all the log entries where an event has gotten published, ip-src will find all attributes where a source IP address has been entered / edited, etc).<br /><br /></li>
<li><em>Email:</em> By searching by Email, it is possible to view the log entries of a single user.<br /></li>
<li><em>Org:</em> Searching for an organisation allows you to see all actions taken by any member of the organisation.<br /></li>
<li><em>Action:</em> With the help of this drop down menu, you can search for various types of actions taken (such as logins, deletions, etc).<br /></li>
<li><em>Title:</em> There are several ways in which to use this field, since the title fields contain several bits of information and the search searches for any substrings contained within the field, it is possible to just search for the ID number of a logged event, the username / server's name / event's name / attribute's name of the event target.<br /></li>
<li><em>Change:</em> With the help of this field, you can search for various specific changes or changes to certain variables (such as published will find all the log entries where an event has gotten published, ip-src will find all attributes where a source IP address has been entered / edited, etc).<br /></li>
</ul>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

78
app/View/Pages/categories_and_types.ctp
View File

@ -1,11 +1,13 @@
<div class="index">
<b>Table of contents</b><br />
1. <?php echo $this->Html->link(__('General Layout', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?><br />
2. <?php echo $this->Html->link(__('User Management and Global Actions', true), array('controller' => 'pages', 'action' => 'display', 'user_management')); ?><br />
3. <?php echo $this->Html->link(__('Using the system', true), array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?><br />
4. <?php echo $this->Html->link(__('Administration', true), array('controller' => 'pages', 'action' => 'display', 'administration')); ?><br />
5. <?php echo $this->Html->link(__('Categories and Types', true), array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?>
<br /><br /><hr /><br />
<div class="actions" style="width:15%">
<ol class="nav nav-list">
<li><?php echo $this->Html->link('General Layout', array('controller' => 'pages', 'action' => 'display', 'documentation')); ?></li>
<li><?php echo $this->Html->link('User Management and Global actions', array('controller' => 'pages', 'action' => 'display', 'user_management')); ?></li>
<li><?php echo $this->Html->link('Using the system', array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?></li>
<li><?php echo $this->Html->link('Administration', array('controller' => 'pages', 'action' => 'display', 'administration')); ?></li>
<li class="active"><?php echo $this->Html->link('Categories and Types', array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?></li>
</ol>
</div>
<div class="index" style="width:80%">
<?php
// Load the Attribute model to extract the documentation from the defintions
App::import('Model', 'Attribute');
@ -13,89 +15,69 @@ $attr = new Attribute();
?>
<h2>Attribute Categories and Types</h2>
<h3>Attribute Categories vs Types</h3>
<table summary = "">
<table class="table table-striped table-hover table-condensed table-bordered">
<tr>
<th>
Category
</th>
<th>Category</th>
<?php foreach ($attr->categoryDefinitions as $cat => $catDef): ?>
<th style="width:5%; text-align:center; white-space:normal">
<?php echo $cat; ?>
</th>
<?php
endforeach;
?>
<?php endforeach; ?>
<th>Category</th>
</tr>
<?php foreach ($attr->typeDefinitions as $type => $def): ?>
<tr>
<td>
<?php echo $type; ?>
</td>
<?php
foreach ($attr->categoryDefinitions as $cat => $catDef):
?>
<th><?php echo $type; ?></th>
<?php foreach ($attr->categoryDefinitions as $cat => $catDef): ?>
<td style="text-align:center">
<?php echo in_array($type, $catDef['types'])? 'X' : ''; ?>
</td>
<?php
endforeach;
?>
<?php
endforeach;
?>
<?php endforeach; ?>
<th><?php echo $type; ?></th>
<?php endforeach; ?>
</tr>
<tr>
<th>Category</th>
<?php foreach ($attr->categoryDefinitions as $cat => $catDef): ?>
<th style="width:5%; text-align:center; white-space:normal"><?php echo $cat; ?></th>
<?php
endforeach;
?>
<?php endforeach; ?>
<th>Category</th>
</tr>
</table>
<h3>Categories</h3>
<table summary = "">
<table class="table table-striped table-condensed table-bordered">
<tr>
<th>Category</th>
<th>Description</th>
</tr>
<?php foreach ($attr->categoryDefinitions as $cat => $def): ?>
<tr>
<td>
<th>
<?php echo $cat; ?>
</td>
</th>
<td>
<?php echo isset($def['formdesc'])? $def['formdesc'] : $def['desc']; ?>
</td>
</td>
</tr>
<?php
endforeach;
?>
<?php endforeach; ?>
</table>
<h3>Types</h3>
<table summary = "">
<table class="table table-striped table-condensed table-bordered">
<tr>
<th>Type</th>
<th>Description</th>
</tr>
<?php foreach ($attr->typeDefinitions as $type => $def): ?>
<tr>
<td>
<th>
<?php echo $type; ?>
</td>
</th>
<td>
<?php echo isset($def['formdesc'])? $def['formdesc'] : $def['desc']; ?>
</td>
<?php
endforeach;
?>
</tr>
<?php endforeach;?>
</table>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

56
app/View/Pages/documentation.ctp
View File

@ -1,59 +1,57 @@
<div class="index">
<b>Table of contents</b><br />
1. <?php echo $this->Html->link(__('General Layout', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?><br />
2. <?php echo $this->Html->link(__('User Management and Global actions', true), array('controller' => 'pages', 'action' => 'display', 'user_management')); ?><br />
3. <?php echo $this->Html->link(__('Using the system', true), array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?><br />
4. <?php echo $this->Html->link(__('Administration', true), array('controller' => 'pages', 'action' => 'display', 'administration')); ?><br />
5. <?php echo $this->Html->link(__('Categories and Types', true), array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?><br />
<br /><hr /><br />
<h2>General Layout</h2><br />
<div class="actions" style="width:15%">
<ol class="nav nav-list">
<li class="active"><?php echo $this->Html->link('General Layout', array('controller' => 'pages', 'action' => 'display', 'documentation')); ?></li>
<li><?php echo $this->Html->link('User Management and Global actions', array('controller' => 'pages', 'action' => 'display', 'user_management')); ?></li>
<li><?php echo $this->Html->link('Using the system', array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?></li>
<li><?php echo $this->Html->link('Administration', array('controller' => 'pages', 'action' => 'display', 'administration')); ?></li>
<li><?php echo $this->Html->link('Categories and Types', array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?></li>
</ol>
</div>
<div class="index" style="width:80%">
<h2>General Layout</h2>
<h3>The top bar</h3>
The top bar's only interactive part is a link to the MISP system itself - this will redirect the user to the default view of the site, which is the List Events view.<br /><br />
The top bar's only interactive part is a link to the MISP system itself - this will redirect the user to the default view of the site, which is the List Events view.<br />
<h3>The left menu</h3>
This menu contains all of the main functions of the site as a series of buttons.<br /><br />
This menu contains all of the main functions of the site as a series of buttons.<br />
<p><img src="/img/doc/menu_image.png" alt = "" style="float:right;" title = "This is the main menu that will be accessible from all of the views. In some instances, some additional buttons that will appear on top of these when a view provides it."/></p>
<ul>
<li><em>New Event:</em> Allows you to create a new event.</li>
<li><em>List Events:</em> You can browse all the currently stored events here.</li>
<li><em>List Attributes:</em> You can browse all the currently stored attributes of events here.</li>
<li><em>Search Attributes:</em> Search for and filter a list of attributes.</li>
<li><em>Export:</em> Export various types of data from the system for NIDSs or other uses.<br /><br /></li></ul>
<i><u>Global Actions</u></i><br /><br />
<li><em>Export:</em> Export various types of data from the system for NIDSs or other uses.<br /></li></ul>
<i><u>Global Actions</u></i><br />
<ul>
<li><em>News:</em> Read about the latest news regarding the MISP system</li>
<li><em>My Profile:</em> Manage your user account.</li>
<li><em>Members List:</em> View the number of users per organisation and get some statistics about the currently stored attributes.</li>
<li><em>User Guide:</em> A link to this user guide.</li>
<li><em>Terms &amp; Conditions:</em> View the terms &amp; conditions again.</li>
<li><em>Log out:</em> Logs the current user out.<br /><br /></li></ul>
<i><u>Sync Actions</u></i><br /><br />
<li><em>Log out:</em> Logs the current user out.<br /></li></ul>
<i><u>Sync Actions</u></i><br />
<ul>
<li><em>List Servers:</em> Connect your MISP instance to other instances, or view and modify the currently established connections.<br /><br /></li></ul>
<i><u>Input Filters</u></i><br /><br />
<li><em>List Servers:</em> Connect your MISP instance to other instances, or view and modify the currently established connections.<br /></li></ul>
<i><u>Input Filters</u></i><br />
<ul>
<li><em>Import Blacklist:</em> Create, modify or delete blacklisted strings. These will stop any matching events/attributes from being entered into the system.</li>
<li><em>Import Regexp:</em> Create, modify or delete regular expressions and their replacements. Each time an event / attribute is created or modified, they will be parsed and found expressions will be replaced.</li>
<li><em>Signature Whitelist:</em> View and manage the list of whitelisted addresses. These, if contained in attributes, will be blocked from the NIDS signature exports.<br /><br /></li></ul>
<i><u>Administration</u></i><br /><br />
<li><em>Signature Whitelist:</em> View and manage the list of whitelisted addresses. These, if contained in attributes, will be blocked from the NIDS signature exports.<br /></li></ul>
<i><u>Administration</u></i><br />
<ul>
<li><em>New User:</em> Create an account for a new user.</li>
<li><em>List Users:</em> View, modify or delete the currently registered users.</li>
<li><em>New Role:</em> Create a new role group for the users of this instance, controlling their privileges to create, modify, delete and to publish events.</li>
<li><em>List Roles:</em> List, modify or delete currently existing roles.<br /><br /></li></ul>
<i><u>Audit</u></i><br /><br />
<li><em>List Roles:</em> List, modify or delete currently existing roles.<br /></li></ul>
<i><u>Audit</u></i><br />
<ul>
<li><em>List Logs:</em> View the logs of the instance.</li>
<li><em>Search Logs:</em> Search the logs by various attributes.<br /><br /></li></ul>
<li><em>Search Logs:</em> Search the logs by various attributes.<br /></li></ul>
<h3>The main area</h3>
This is where all the views (navigated to via the menu buttons) will be displayed. In general, there are two main view types, information views (which list the currently stored data and allow you to modify it) and form views (allowing you to enter or alter data). All lists are organised in such a way that all the information columns are on the left and every line of data can be modified or viewed in more detail on the right-most column, titled "Actions". All lists display a certain set number of the most recent items, but page control buttons at the bottom allow you to browse older entries.<br /><br />
This is where all the views (navigated to via the menu buttons) will be displayed. In general, there are two main view types, information views (which list the currently stored data and allow you to modify it) and form views (allowing you to enter or alter data). All lists are organised in such a way that all the information columns are on the left and every line of data can be modified or viewed in more detail on the right-most column, titled "Actions". All lists display a certain set number of the most recent items, but page control buttons at the bottom allow you to browse older entries.<br />
<h3>The bottom bar</h3>
Contains a link to download the gpg key used for encrypting the e-mails sent through the system and the current version number - if you are logged in.<br /><br />
Contains a link to download the gpg key used for encrypting the e-mails sent through the system and the current version number - if you are logged in.<br />
<p><img src="/img/doc/bottom_bar.png" alt = "" style="float:left;" title = "Download your PGP/GPG key using the link on the bottom bar or log out."/></p><br />
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

37
app/View/Pages/user_management.ctp
View File

@ -1,18 +1,20 @@
<div class="index">
<b>Table of contents</b><br>
1. <?php echo $this->Html->link(__('General Layout', true),array('controller' => 'pages', 'action' => 'display','documentation')); ?><br>
2. <?php echo $this->Html->link(__('User Management and Global Actions', true), array('controller' => 'pages', 'action' => 'display', 'user_management')); ?><br>
<ul>
<li>a. <a href="#first_run">First run of the system</a></li>
<li>b. <a href="#manage">Managing your account</a></li>
<li>c. <a href="#uptodate">Staying up to date</a></li>
</ul>
3. <?php echo $this->Html->link(__('Using the system', true),array('controller' => 'pages', 'action' => 'display','using_the_system')); ?><br>
4. <?php echo $this->Html->link(__('Administration', true),array('controller' => 'pages', 'action' => 'display','administration')); ?><br>
5. <?php echo $this->Html->link(__('Categories and Types', true),array('controller' => 'pages', 'action' => 'display','categories_and_types')); ?><br>
<br /><hr /><br />
<div class="actions" style="width:15%">
<ol class="nav nav-list">
<li><?php echo $this->Html->link('General Layout', array('controller' => 'pages', 'action' => 'display', 'documentation')); ?></li>
<li class="active"><?php echo $this->Html->link('User Management and Global actions', array('controller' => 'pages', 'action' => 'display', 'user_management')); ?>
<ul class="nav nav-list">
<li><a href="#first_run">First run of the system</a></li>
<li><a href="#manage">Managing your account</a></li>
<li><a href="#uptodate">Staying up to date</a></li>
</ul>
</li>
<li><?php echo $this->Html->link('Using the system', array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?></li>
<li><?php echo $this->Html->link('Administration', array('controller' => 'pages', 'action' => 'display', 'administration')); ?></li>
<li><?php echo $this->Html->link('Categories and Types', array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?></li>
</ol>
</div>
<div class="index" style="width:80%">
<h2>User Management and Global Actions</h2>
<a name="first_run"></a>
<h3>First run of the system:</h3>
When first logging into MISP with the username and password provided by your administrator, there are a number of things that need to be done, before you can start using the system.<br><br>
@ -26,7 +28,7 @@
<li><em>Subscribing to e-mails sent via the "Contact Reporter" functionality:</em> This feature is turned on right below the autoalerts and will allow you to receive e-mails addressed to your organisation whenever a user tries to ask about an event that was posted by a user of your organisation. Keep in mind that you can still be addressed by such a request even when this setting is turned off, if someone tries to contact you as the event creator directly or your organisation for an event that you personally have created then you will be notified.<br /><br />
<li><em>Reviewing the Terms &amp; Conditions:</em> To review the Terms &amp; Conditions or to read the User Guide, use the appropriate button on the left navigation menu.<br /><br /></li>
<li><em>Making sure that compatibility mode is turned off (IE9&amp;IE10):</em>Compatibility mode can cause some elements to appear differently than intended or not appear at all. Make sure you have this option turned off.</li></ul>
<br /><hr /><br />
<hr />
<a name="manage"></a><h3>Managing your account:</h3>
To alter any details regarding your profile, use the "My Profile" menu button to bring up the profile overview and then click on "Edit Profile" in the right upper corner.<br>
<ul>
@ -40,7 +42,7 @@ To alter any details regarding your profile, use the "My Profile" menu button to
<li><em>Setting up the GPG Key:</em> In order for the system to be able to encrypt the messages that you send through it, it needs to know your GPG key. You can acquire this by clicking on the PGP/GPG key link at the bottom left of the screen. Copy the entirety of the key and navigate to the Edit profile view (My Profile on the left -&gt; Edit profile in the top right corner). Paste the key into the Gpgkey field and click submit.<br /><br /></li>
<li><em>Requesting a new authentication key:</em> It is possible to make the system generate a new authentication key for you (for example if your previous one gets compromised. This can be accessed by clicking on the My Profile button and then clicking the reset key next to the currently active authentication code. The old key will become invalid when the new one is generated.<br /><br />
<p><img src="/img/doc/reset.png" alt = "" title="Clicking on reset will generate a new key for you and invalidate the old one, blocking it from being used."></p></li></ul>
<br /><hr /><br />
<hr />
<a name="uptodate"></a><h3>Staying up to date:</h3>
MISP also provides its users with some information about itself and its users through the links provided in the Global Actions menu.<br><br>
<ul>
@ -58,6 +60,3 @@ All the events and attributes that get entered into MISP will be run through a s
</ul>
</div>
<div class="actions">
<ul><?php echo $this->element('actions_menu'); ?></ul>
</div>

68
app/View/Pages/using_the_system.ctp
View File

@ -1,21 +1,24 @@
<div class="index">
<b>Table of contents</b><br />
1. <?php echo $this->Html->link(__('General Layout', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?><br />
2. <?php echo $this->Html->link(__('User Management and Global actions', true), array('controller' => 'pages', 'action' => 'display', 'user_management')); ?><br />
3. <?php echo $this->Html->link(__('Using the system', true), array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?><br />
<ul>
<li>a. <a href="#create">Creating an event</a></li>
<li>b. <a href="#browsing_events">Browsing past events</a></li>
<li>c. <a href="#update_events">Updating and modifying events</a></li>
<li>d. <a href="#contact">Contacting the publisher</a></li>
<li>e. <a href="#automation">Automation</a></li>
<li>f. <a href="#export">Exporting data</a></li>
<li>g. <a href="#connect">Connecting to other servers</a></li>
<li>h. <a href="#rest">Rest API</a></li>
</ul>
4. <?php echo $this->Html->link(__('Administration', true), array('controller' => 'pages', 'action' => 'display', 'administration')); ?><br />
5. <?php echo $this->Html->link(__('Categories and Types', true), array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?><br />
<br /><hr /><br />
<div class="actions" style="width:15%">
<ol class="nav nav-list">
<li><?php echo $this->Html->link('General Layout', array('controller' => 'pages', 'action' => 'display', 'documentation')); ?></li>
<li><?php echo $this->Html->link('User Management and Global actions', array('controller' => 'pages', 'action' => 'display', 'user_management')); ?></li>
<li class="active"><?php echo $this->Html->link('Using the system', array('controller' => 'pages', 'action' => 'display', 'using_the_system')); ?>
<ul class="nav nav-list">
<li><a href="#create">Creating an event</a></li>
<li><a href="#browsing_events">Browsing past events</a></li>
<li><a href="#update_events">Updating and modifying events</a></li>
<li><a href="#contact">Contacting the publisher</a></li>
<li><a href="#automation">Automation</a></li>
<li><a href="#export">Exporting data</a></li>
<li><a href="#connect">Connecting to other servers</a></li>
<li><a href="#rest">Rest API</a></li>
</ul>
</li>
<li><?php echo $this->Html->link('Administration', array('controller' => 'pages', 'action' => 'display', 'administration')); ?></li>
<li><?php echo $this->Html->link('Categories and Types', array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?></li>
</ol>
</div>
<div class="index" style="width:80%">
<h2>Using the system:</h2>
<a name ="create"></a><h3>Creating an event:</h3>
The process of entering an event can be split into 3 phases, the creation of the event itself, populating it with attributes and attachments and finally publishing it.<br /><br />
@ -46,7 +49,7 @@ The process of entering an event can be split into 3 phases, the creation of the
<li><em>Info:</em> The info field, where the malware/incident can get a brief description starting with the internal reference. This field should be as brief and concise as possible, the more detailed description happens through attributes in the next stage of the event's creation. Keep in mind that the system will automatically replace detected text strings that match a regular expression entry set up by your server's administrator(s). <br /><br /></li>
<li><em>GFI Sandbox:</em> It is possible to upload the exported .zip file from GFI sandbox with the help of this tool. These will be dissected by the MISP and a list of attributes and attachments will automatically be generated from the .zip file. Whilst this does most of the work needed to be done in the second step of the event's creation, it is important to manually look over all the data that is being entered. <br /><br /></li>
</ul>
<br /><hr /><br />
<hr />
<a name ="create_attribute"></a><h3>Add attributes to the event:</h3>
The second step of creating an event is to populate it with attributes and attachments. In addition to being able to import the attributes and attachments from GFI, it is also possible to manually add attributes and attachments to an event, by using the two appropriate buttons on the event's page. Let's look at adding attributes first.<br />
When clicking on the add attribute button, you will have to fill out a form with all the data about the attribute.<br /><br />
@ -67,7 +70,7 @@ Keep in mind that the system searches for regular expressions in the value field
<li><em>Value:</em> The actual value of the attribute, enter data about the value based on what is valid for the chosen attribute type. For example, for an attribute of type ip-src (source IP address), 11.11.11.11 would be a valid value. For more information on types and values, <?php echo $this->Html->link(__('click here', true), array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?>.<br /><br /></li>
<li><em>Batch import:</em> If there are several attributes of the same type to enter (such as a list of IP addresses, it is possible to enter them all into the same value-field, separated by a line break between each line. This will allow the system to create separate lines for the each attribute. <br /><br /></li>
</ul>
<br /><hr /><br />
<hr />
<h3>Add attachments to the event:</h3>
You can also upload attachments, such as the malware itself, report files from external analysis or simply artifacts dropped by the malware. Clicking on the add attachment button brings up a form that allows you to quickly attach a file to the event. The following fields need to be filled out:<br /><br />
<p><img src="/img/doc/add_attachment.png" alt = "Add attachment" title = "Point the uploader to the file you want to upload. Make sure to mark it as malware if the uploaded file is harmful, that way it will be neutralised."/></p><br />
@ -84,12 +87,12 @@ You can also upload attachments, such as the malware itself, report files from e
<li><i>All:</i> This will share the attachment with all MISP communities, allowing the attachment to be freely propagated from one server to the next.<br /><br /></li>
</ul></li>
</ul>
<br /><hr /><br />
<hr />
<h3>Publish an event:</h3>
<p><img src="/img/doc/publish.png" alt = "Publish" style="float:right;" title = "Only use publish (no email) for minor changes such as the correction of typos."/></p><br />
Once all the attributes and attachments that you want to include with the event are uploaded / set, it is time to finalise its creation by publishing the event (click on publish event in the event view). This will alert the eligible users of it (based on the private-controls of the event and its attributes/attachments and whether they have auto-alert turned on), push the event to instances that your instance connects to and propagate it further based on the distribution rules. It also readies the network related attributes for NIDS signature creation (through the NIDS signature export feature, for more information, go to the export section.).<br /><br />
There is an alternate way of publishing an event without alerting any other users, by using the "publish (no email)" button. This should only be used for minor edits (such as correcting a typo). <br />
<br /><hr /><br />
<hr />
<a name ="browsing_events"></a><h2>Browsing past events:</h2>
The MISP interface allows the user to have an overview over or to search for events and attributes of events that are already stored in the system in various ways.<br /><br />
<h3>To list all events:</h3>
@ -130,7 +133,7 @@ On the left menu bar, the option "List events" will generate a list of the last
<li><em>Attributes:</em> A list of all attributes attached to the event, including its category, type, value, whether the attribute in itself is related to another event, whether the flag signalling that the attribute can be turned into an IDS signature is on, and a field showing the current privacy setting of the attribute.Attributes can also be modified or deleted via the 3 buttons at the end of each line.<br /><br />
Using the modify button will bring up the attribute creation view, with all data filled out with the attribute's currently stored data.<br /><br /></li>
</ul>
<br /><hr /><br />
<hr />
<h3>Listing all attributes:</h3>
Apart from having a list of all the events, it is also possible to get a list of all the stored attributes in the system by clicking on the list attributes button. The produced list of attributes will include the followings fields:<br /><br />
<img src="/img/doc/list_attributes2.png" alt = "" title = "Use the buttons to the right to view the event that this attribute belongs to or to modify/delete the attribute."/><br /><br />
@ -142,25 +145,25 @@ On the left menu bar, the option "List events" will generate a list of the last
<li><em>Signature:</em> Shows whether the attribute has been flagged for NIDS signature generation or not.<br /><br /></li>
<li><em>Actions:</em> A set of buttons that allow you to view the event that the attribute is tied to, to edit the attribute (using the same view as what is used to set up attributes, but filled out with the attribute's current data) and a delete button. <br /><br /></li>
</ul>
<br /><hr /><br />
<hr />
<h3>Searching for attributes:</h3>
Apart from being able to list all events, it is also possible to search for data contained in the value field of an attribute, by clicking on the "Search Attributes" button.<br /><br />
<img src="/img/doc/search_attribute.png" alt = "Search attribute" title = "You can search for attributes by searching for a phrase contained in its value. Narrow your search down by selecting a type and/or a category which the event has to belong to."/><br /><br />
This will bring up a form that lets you enter one or several search strings (separate search strings with line breaks) that will be compared to the values of all attributes, along with options to narrow down the search based on category and type. The entered search string has to be an exact match with (the sub-string of) a value. A second text field makes it possible to enter event IDs for events that should be excluded from the search (again, each line represents an event ID to be excluded).<br /><br />
The list generated by the search will look exactly the same as listing all attributes, except that only the attributes that matched the search criteria will be listed (to find out more about the list attributes view, <?php echo $this->Html->link(__('click here', true), array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?>.). The search parameters will be shown above the produced list and the search terms will be highlighted.<br />
<br /><img src="/img/doc/search_attribute_result.png" alt = "" title = "You can view the event that an attribute belongs to with the view button, or you can edit/delete the attribute via the buttons on the right."/><br />
<br /><hr /><br />
<hr />
<a name ="update_events"></a><h2>Updating and modifying events and attributes:</h2>
Every event and attribute can easily be edited. First of all it is important to find the event or attribute that is to be edited, using any of the methods mentioned in the section on <a href="#browsing_events">browsing past events</a>.<br /><br />
Once it is found, the edit button (whether it be under actions when events/attributes get listed or simply on the event view) will bring up the same screen as what is used to create the entry of the same type (for an event it would be the event screen as <a href="#create">seen here</a>, for an attribute the attribute screen as <a href="#create_attribute">described here</a>).<br /><br />
Keep in mind that editing any event (either directly or indirectly through an attribute) will unpublish it, meaning that you'll have to publish it (through the event view) again once you are done.<br /><br />
<br /><hr /><br />
<hr />
<a name ="contact"></a><h2>Contacting the reporter:</h2>
To get in touch with the reporter of a previously registered event, just find the event for which you would like to contact the reporter by either finding it on the list of events, by finding it through one of its attributes or by finding it through a related event.<br /><br />
Once the event is found and the event view opened, click the button titled "Contact Reporter". This will bring up a view where you can enter your message that is to be e-mailed to all members of the reporting organisation that subscribe to receiving such reports or the reporting user himself. Along with your message, the detailed information about the event in question will be included in the e-mail.<br /><br />
<br /><img src="/img/doc/contact_reporter.png" alt = "" title = "Enter your message to the reporter and choose whether his/her entire organisation should get the message or not by ticking the check-box."/><br /><br />
By default, the message will be sent to every member of the organisation that posted the event in the first place, but if you tick the check-box below the message field before sending the mail, only the person that reported the event will get e-mailed. <br />
<br /><hr /><br />
<hr />
<a name ="automation"></a><h2>Automation:</h2>
It is possible to quickly and conveniently export the data contained within the system using the automation features located in the main menu on the left (available to users with authentication key access only). There are various sets of data that can be exported, by using the authentication key provided by the system (also shown on the export page). If for whatever reason you would need to invalidate your current key and get a new one instead (for example due to the old one becoming compromised) just hit the reset link next to the authentication key in the export view or in your "my profile" view.<br /><br />
The following types of export are possible:<br /><br />
@ -178,7 +181,7 @@ The following types of export are possible:<br /><br />
It is also possible to export a list of all eligible attributes that match a specific type into a plain text file. The format to do this is:<br /><br />
<i>&lt;server&gt;/events/text/&lt;authentication_key&gt;/&lt;type&gt;</i><br /><br />
Type could be any valid type (as according to the list of <?php echo $this->Html->link(__('categories and types', true), array('controller' => 'pages', 'action' => 'display', 'categories_and_types')); ?>), for example md5, ip-src or comment.<br />
<br /><hr /><br />
<hr />
<a name ="export"></a><h2>Exporting data:</h2>
For users that do not have authentication key access, an alternate export feature is available that relies on your interactive login to the site. To access these, just use the automation menu button to the left and you'll be presented with a list of export options. The results of the export will automatically be offered as a file download.<br /><br/>
<br /><img src="/img/doc/export.png" alt = "" title = "Use the export features here to quickly download data in various formats"/><br /><br />
@ -186,7 +189,7 @@ Apart from that, it's also possible to export all events involved in a search at
<br /><img src="/img/doc/export_search.png" alt = "" title = "Download a .xml from all the events that are shown through an attribute in the search results."/><br /><br />
Each event's view has its own export feature, both as an XML export and as a .ioc file. To reach these features, just navigate to an event and use the appropriate buttons on the right side.<br /><br />
<br /><img src="/img/doc/export_event.png" alt = "" title = "Download a .xml or a .ioc of the event."/><br /><br />
<br /><hr /><br />
<hr />
<h2><a name ="connect"></a>Connecting to other instances:</h2>
Apart from being a self contained repository of attacks/malware, one of the main features of MISP is its ability to connect to other instances and share (parts of) its information. The following options allow you to set up and maintain such connections.<br /><br />
<h3><a name ="new_server"></a>Setting up a connection to another server:</h3>
@ -213,7 +216,7 @@ If you ever need to change the data about the linked servers or remove any conne
<li><em>Push all:</em> By clicking this button, all events that are eligible to be pushed on the instance you are on will start to be pushed to the remote instance. Events and attributes that exist on the far end will be updated.<br /><br /></li>
<li><em>Pull all:</em> By clicking this button, all events that are set to be pull-able or full access on the remote server will be copied to this instance. Existing events will not be updated.<br /><br /></li>
</ul>
<br /><hr /><br />
<hr />
<a name ="rest"></a><h2>Rest API:</h2>
The platform is also <a href="http://en.wikipedia.org/wiki/Representational_state_transfer">RESTfull</a>, so this means that you can use structured format (XML) to access Events data.<br /><br />
<h3>Requests</h3>
@ -417,9 +420,4 @@ Content-Type: application/xml
&lt;url&gt;/Waldo/&lt;/url&gt;
&lt;/response&gt;
</pre>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

13
app/View/Regexp/admin_add.ctp
View File

@ -1,16 +1,21 @@
<div class="regexp form">
<?php echo $this->Form->create('Regexp');?>
<fieldset>
<legend><?php echo __('Add Import Regexp');?></legend>
<legend>Add Import Regexp</legend>
<?php
echo $this->Form->input('regexp');
echo $this->Form->input('replacement');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php
echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Regexp', array('admin' => true, 'action' => 'index'));?></li>
<li class="active"><?php echo $this->Html->link('New Regexp', array('admin' => true, 'action' => 'add'));?></li>
<li><?php echo $this->Html->link('Perform on existing', array('admin' => true, 'action' => 'clean'));?></li>
</ul>
</div>

17
app/View/Regexp/admin_edit.ctp
View File

@ -1,7 +1,7 @@
<div class="regexp form">
<?php echo $this->Form->create('Regexp');?>
<fieldset>
<legend><?php echo __('Edit Import Regexp');?></legend>
<legend>Edit Import Regexp</legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('regexp');
@ -12,8 +12,15 @@
</div>
<div class="actions">
<ul>
<li><?php echo $this->Form->postLink(__('Delete Whitelist'), array('admin' => true, 'action' => 'delete', $this->Form->value('Whitelist.id')), null, __('Are you sure you want to delete # %s?', $this->Form->value('Whitelist.id')));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
</ul>
</div>
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Regexp', array('admin' => true, 'action' => 'index'));?></li>
<li><?php echo $this->Html->link('New Regexp', array('admin' => true, 'action' => 'add'));?></li>
<li><?php echo $this->Html->link('Perform on existing', array('admin' => true, 'action' => 'clean'));?></li>
<li class="divider"></li>
<li><?php echo $this->Form->postLink('Delete Regexp', array('admin' => true, 'action' => 'delete', $this->Form->value('Regexp.id')), null, __('Are you sure you want to delete # %s?', $this->Form->value('Regexp.id')));?></li>
</ul>
</div>

58
app/View/Regexp/admin_index.ctp
View File

@ -1,20 +1,36 @@
<div class="regexp index">
<h2><?php echo __('Import Regexp');?></h2>
<table cellpadding="0" cellspacing="0">
<h2>Import Regexp</h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('regexp');?></th>
<th><?php echo $this->Paginator->sort('replacement');?></th>
<th class="actions"><?php echo __('Actions');?></th>
<th class="actions">Actions</th>
</tr><?php
foreach ($list as $item):?>
<tr>
<td class="short"><?php echo h($item['Regexp']['id']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Regexp']['regexp']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Regexp']['replacement']);?>&nbsp;</td>
<td class="actions">
<?php echo $this->Html->link(__('Edit'), array('admin' => true, 'action' => 'edit', $item['Regexp']['id']));?>
<?php echo $this->Form->postLink(__('Delete'), array('admin' => true, 'action' => 'delete', $item['Regexp']['id']), null, __('Are you sure you want to delete %s?', h($item['Regexp']['regexp'])));?>
<td><?php echo h($item['Regexp']['regexp']);?>&nbsp;</td>
<td><?php echo h($item['Regexp']['replacement']);?>&nbsp;</td>
<td class="short action-links">
<?php echo $this->Html->link('', array('admin' => true, 'action' => 'edit', $item['Regexp']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));?>
<?php echo $this->Form->postLink('', array('admin' => true, 'action' => 'delete', $item['Regexp']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete %s?', h($item['Regexp']['regexp'])));?>
</td>
</tr><?php
endforeach;?>
@ -24,21 +40,23 @@ endforeach;?>
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<li><?php echo $this->Html->link(__('Perform on existing'), array('admin' => true, 'action' => 'clean'));?></li>
<li><?php echo $this->Html->link(__('New Regexp'), array('admin' => true, 'action' => 'add'));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Regexp', array('admin' => true, 'action' => 'index'));?></li>
<li><?php echo $this->Html->link('New Regexp', array('admin' => true, 'action' => 'add'));?></li>
<li><?php echo $this->Html->link('Perform on existing', array('admin' => true, 'action' => 'clean'));?></li>
</ul>
</div>

57
app/View/Regexp/index.ctp
View File

@ -1,6 +1,22 @@
<div class="regexp index">
<h2><?php echo __('Import Regexp');?></h2>
<table cellpadding="0" cellspacing="0">
<h2>Import Regexp</h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('regexp');?></th>
@ -9,29 +25,30 @@
foreach ($list as $item):?>
<tr>
<td class="short"><?php echo h($item['Regexp']['id']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Regexp']['regexp']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Regexp']['replacement']);?>&nbsp;</td>
<td><?php echo h($item['Regexp']['regexp']);?>&nbsp;</td>
<td><?php echo h($item['Regexp']['replacement']);?>&nbsp;</td>
</tr><?php
endforeach;?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Regexp', array('action' => 'index'));?></li>
</ul>
</div>

44
app/View/Roles/admin_add.ctp
View File

@ -1,26 +1,42 @@
<div class="roles form">
<?php echo $this->Form->create('Role');?>
<fieldset>
<legend><?php echo __('Add Role'); ?></legend>
<legend>Add Role</legend>
<?php
echo $this->Form->input('name');?>
<?php echo $this->Form->radio('permission', $options, array('value' => '3'));?>
<?php echo $this->Form->input('perm_sync', array('type' => 'checkbox', 'checked' => false));?>
<?php echo $this->Form->input('permission', array('type' => 'select', 'options' => $options), array('value' => '3'));?>
<div class = 'input clear'></div>
<?php echo $this->Form->input('perm_sync', array(
'type' => 'checkbox',
'checked' => false,
));?>
<?php echo $this->Form->input('perm_admin', array('type' => 'checkbox', 'checked' => false));?>
<?php echo $this->Form->input('perm_audit', array('type' => 'checkbox', 'checked' => false));?>
<?php echo $this->Form->input('perm_auth', array('type' => 'checkbox', 'checked' => false));?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php
echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li class="active"><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>
<?php
$this->Js->get('#RolePermission0')->event('change', 'deactivateActions()');
$this->Js->get('#RolePermission1')->event('change', 'deactivateActions()');
$this->Js->get('#RolePermission')->event('change', 'deactivateActions()');
$this->Js->get('#RolePermSync')->event('change', 'checkPerms("RolePermSync")');
$this->Js->get('#RolePermAdmin')->event('change', 'checkPerms("RolePermAdmin")');
@ -31,13 +47,17 @@ $this->Js->get('#RolePermAudit')->event('change', 'checkPerms("RolePermAudit")')
// only be able to tick perm_sync if manage org events and above.
function deactivateActions() {
document.getElementById("RolePermSync").checked = false;
document.getElementById("RolePermAdmin").checked = false;
document.getElementById("RolePermAudit").checked = false;
var e = document.getElementById("RolePermission");
if (e.options[e.selectedIndex].value == '0' || e.options[e.selectedIndex].value == '1') {
document.getElementById("RolePermSync").checked = false;
document.getElementById("RolePermAdmin").checked = false;
document.getElementById("RolePermAudit").checked = false;
}
}
function checkPerms(id) {
if ((document.getElementById("RolePermission0").checked) || (document.getElementById("RolePermission1").checked)) {
var e = document.getElementById("RolePermission");
if (e.options[e.selectedIndex].value == '0' || e.options[e.selectedIndex].value == '1') {
document.getElementById(id).checked = false;
}
}

33
app/View/Roles/admin_edit.ctp
View File

@ -4,7 +4,9 @@
<legend><?php echo __('Edit Role'); ?></legend>
<?php
echo $this->Form->input('name');?>
<?php echo $this->Form->radio('permission', $options, array('label' => 'Permissions', 'style' => 'vertical-align: middle'));?>
<?php echo $this->Form->input('permission', array('label' => 'Permissions', 'type' => 'select', 'options' => $options), array('value' => '3'));?>
<div class = 'input clear'></div>
<?php echo $this->Form->input('perm_sync', array('type' => 'checkbox', 'label' => 'Sync Actions', 'style' => 'vertical-align: middle'));?>
<?php echo $this->Form->input('perm_admin', array('type' => 'checkbox', 'label' => 'Administration Actions', 'style' => 'vertical-align: middle'));?>
<?php echo $this->Form->input('perm_audit', array('type' => 'checkbox', 'label' => 'Audit Actions', 'style' => 'vertical-align: middle'));?>
@ -13,14 +15,23 @@
<?php echo $this->Form->end(__('Submit'));?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>
<?php
$this->Js->get('#RolePermission0')->event('change', 'deactivateActions()');
$this->Js->get('#RolePermission1')->event('change', 'deactivateActions()');
$this->Js->get('#RolePermission')->event('change', 'deactivateActions()');
$this->Js->get('#RolePermSync')->event('change', 'checkPerms("RolePermSync")');
$this->Js->get('#RolePermAdmin')->event('change', 'checkPerms("RolePermAdmin")');
@ -31,13 +42,17 @@ $this->Js->get('#RolePermAudit')->event('change', 'checkPerms("RolePermAudit")')
// only be able to tick perm_sync if manage org events and above.
function deactivateActions() {
document.getElementById("RolePermSync").checked = false;
document.getElementById("RolePermAdmin").checked = false;
document.getElementById("RolePermAudit").checked = false;
var e = document.getElementById("RolePermission");
if (e.options[e.selectedIndex].value == '0' || e.options[e.selectedIndex].value == '1') {
document.getElementById("RolePermSync").checked = false;
document.getElementById("RolePermAdmin").checked = false;
document.getElementById("RolePermAudit").checked = false;
}
}
function checkPerms(id) {
if ((document.getElementById("RolePermission0").checked) || (document.getElementById("RolePermission1").checked)) {
var e = document.getElementById("RolePermission");
if (e.options[e.selectedIndex].value == '0' || e.options[e.selectedIndex].value == '1') {
document.getElementById(id).checked = false;
}
}

67
app/View/Roles/admin_index.ctp
View File

@ -1,6 +1,22 @@
<div class="roles index">
<h2><?php echo __('Roles');?></h2>
<table cellpadding="0" cellspacing="0">
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
@ -13,37 +29,50 @@
</tr><?php
foreach ($list as $item): ?>
<tr>
<td class="short"><?php echo h($item['Role']['id']); ?>&nbsp;</td>
<td class="short"><?php echo $this->Html->link(h($item['Role']['id']), array('admin' => true, 'action' => 'edit', $item['Role']['id'])); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['name']); ?>&nbsp;</td>
<td class="short"><?php echo h($options[$item['Role']['permission']]); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['perm_sync']); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['perm_admin']); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['perm_audit']); ?>&nbsp;</td>
<td class="short"><?php echo h($item['Role']['perm_auth']); ?>&nbsp;</td>
<td class="actions">
<?php echo $this->Html->link(__('Edit'), array('admin' => true, 'action' => 'edit', $item['Role']['id'])); ?>
<?php echo $this->Form->postLink(__('Delete'), array('admin' => true, 'action' => 'delete', $item['Role']['id']), null, __('Are you sure you want to delete %s?', $item['Role']['name'])); ?>
<td class="short action-links">
<?php echo $this->Html->link('', array('admin' => true, 'action' => 'edit', $item['Role']['id']), array('class' => 'icon-edit', 'title' => 'Edit')); ?>
<?php echo $this->Form->postLink('', array('admin' => true, 'action' => 'delete', $item['Role']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete %s?', $item['Role']['name'])); ?>
</td>
</tr><?php
endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li class="active"><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>

60
app/View/Roles/index.ctp
View File

@ -1,6 +1,22 @@
<div class="roles index">
<h2><?php echo __('Roles');?></h2>
<table cellpadding="0" cellspacing="0">
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
@ -23,22 +39,34 @@ foreach ($list as $item): ?>
endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li class="active"><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>

14
app/View/Roles/view.ctp
View File

@ -39,7 +39,17 @@
</dl>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>

32
app/View/Servers/add.ctp
View File

@ -1,31 +1,39 @@
<div class="servers form">
<?php echo $this->Form->create('Server');?>
<fieldset>
<legend><?php echo __('Add Server'); ?></legend>
<legend>Add Server</legend>
<?php
echo $this->Form->input('url', array(
'label' => 'Base URL',
'before' => $this->Html->div('forminfo', 'The base-url to the external server you want to sync with.<br/>Example: <i>https://foo.sig.mil.be</i>'),
'label' => 'Base URL',
'after' => $this->Html->div('forminfo', 'The base-url to the external server you want to sync with.<br/>Example: <i>https://foo.sig.mil.be</i>'),
));
echo $this->Form->input('organization', array(
'label' => 'Organization',
'before' => $this->Html->div('forminfo', 'The organization having the external server you want to sync with.<br/>Example: <i>BE</i>'),
'label' => 'Organization',
'after' => $this->Html->div('forminfo', 'The organization having the external server you want to sync with.<br/>Example: <i>BE</i>'),
));
echo $this->Form->input('authkey', array(
'before' => $this->Html->div('forminfo', 'You can find the authentication key on your profile on the external server.'),
'after' => $this->Html->div('forminfo', 'You can find the authentication key on your profile on the external server.'),
));
?>
<div class = "input clear"></div>
<?php
echo $this->Form->input('push', array(
'before' => $this->Html->div('forminfo', 'Allow the <em>upload</em> of events and their attributes.'),
'after' => $this->Html->div('forminfo', 'Allow the <em>upload</em> of events and their attributes.'),
));
echo $this->Form->input('pull', array(
'before' => $this->Html->div('forminfo', 'Allow the <em>download</em> of events and their attributes from the server.'),
'after' => $this->Html->div('forminfo', 'Allow the <em>download</em> of events and their attributes from the server.'),
));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php
echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Servers', array('controller' => 'servers', 'action' => 'index'));?></li>
<li class="active"><?php if ($isAclAdd && $me['org'] == 'ADMIN') echo $this->Html->link(__('New Server'), array('controller' => 'servers', 'action' => 'add')); ?></li>
</ul>
</div>
</div>

33
app/View/Servers/edit.ctp
View File

@ -1,35 +1,40 @@
<div class="servers form">
<?php echo $this->Form->create('Server');?>
<?php echo $this->Form->create('Server', array('novalidate'=>true));?>
<fieldset>
<legend><?php echo __('Edit Server'); ?></legend>
<legend>Edit Server</legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('url', array(
'label' => 'Base URL',
'before' => $this->Html->div('forminfo', 'The base-url to the external server you want to sync with.<br/>Example: <i>https://foo.sig.mil.be</i>'),
'label' => 'Base URL',
'before' => $this->Html->div('forminfo', 'The base-url to the external server you want to sync with.<br/>Example: <i>https://foo.sig.mil.be</i>'),
));
echo $this->Form->input('organization', array(
'label' => 'Organization',
'before' => $this->Html->div('forminfo', 'The organization having the external server you want to sync with.<br/>Example: <i>https://foo.sig.mil.be</i>'),
'label' => 'Organization',
'before' => $this->Html->div('forminfo', 'The organization having the external server you want to sync with.<br/>Example: <i>BE</i>'),
));
echo $this->Form->input('authkey', array(
'before' => $this->Html->div('forminfo', 'You can find the authentication key on your profile on the external server.<br/><i>Leave empty if you don\'t want to change it</i>.'),
'before' => $this->Html->div('forminfo', 'You can find the authentication key on your profile on the external server.'),
));
echo $this->Form->input('push', array(
'before' => $this->Html->div('forminfo', 'Allow the <em>upload</em> of events and their attributes.'),
'div' => 'input clear',
'before' => $this->Html->div('forminfo', 'Allow the <em>upload</em> of events and their attributes.'),
));
echo $this->Form->input('pull', array(
'before' => $this->Html->div('forminfo', 'Allow the <em>download</em> of events and their attributes from the server.'),
'before' => $this->Html->div('forminfo', 'Allow the <em>download</em> of events and their attributes from the server.'),
));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php
echo $this->Form->button('Edit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Servers', array('controller' => 'servers', 'action' => 'index'));?></li>
<li><?php if ($isAclAdd && $me['org'] == 'ADMIN') echo $this->Html->link(__('New Server'), array('controller' => 'servers', 'action' => 'add')); ?></li>
<li class="divider"></li>
<li><?php echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $this->Form->value('Server.id')), null, __('Are you sure you want to delete # %s?', $this->Form->value('Server.id'))); ?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

75
app/View/Servers/index.ctp
View File

@ -1,6 +1,22 @@
<div class="servers index">
<h2><?php echo __('Servers'); ?></h2>
<table cellpadding="0" cellspacing="0">
<h2>Servers</h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('push');?></th>
<th><?php echo $this->Paginator->sort('pull');?></th>
@ -14,7 +30,7 @@ if ($isAdmin): ?>
endif; ?>
<th>Last Pulled ID</th>
<th>Last Pushed ID</th>
<th class="actions"><?php echo __('Actions');?></th>
<th class="actions">Actions</th>
</tr>
<?php
foreach ($servers as $server): ?>
@ -30,43 +46,44 @@ foreach ($servers as $server): ?>
endif; ?>
<td class="short"><?php echo $server['Server']['lastpulledid']; ?></td>
<td class="short"><?php echo $server['Server']['lastpushedid']; ?></td>
<td class="actions">
<td class="short action-links">
<?php
if ($server['Server']['pull'] && $me['org'] == 'ADMIN') echo $this->Form->postLink('', array('action' => 'pull', $server['Server']['id'], 'full'), array('class' => 'icon-download', 'title' => 'Pull all'));
if ($server['Server']['push'] && $me['org'] == 'ADMIN') echo $this->Form->postLink('', array('action' => 'push', $server['Server']['id'], 'full'), array('class' => 'icon-upload', 'title' => 'Push all') );
?>
&nbsp;
<?php
$mayModify = ($me['org'] == 'ADMIN' || $me['org'] == $server['Server']['organization']) || ($isAdmin && ($server['Server']['organization'] == $me['org']));
if ($mayModify) echo $this->Html->link(__('Edit'), array('action' => 'edit', $server['Server']['id']), null);
if ($mayModify) echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $server['Server']['id']), null, __('Are you sure you want to delete # %s?', $server['Server']['id'])); ?>
if ($mayModify) echo $this->Html->link('', array('action' => 'edit', $server['Server']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));
if ($mayModify) echo $this->Form->postLink('', array('action' => 'delete', $server['Server']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete # %s?', $server['Server']['id']));
?>
<?php // if ($server['Server']['pull']) echo $this->Form->postLink(__('Pull'), array('action' => 'pull', $server['Server']['id']) ); ?>
<?php // if ($server['Server']['push']) echo $this->Form->postLink(__('Push'), array('action' => 'push', $server['Server']['id']) ); ?>
<?php if ($server['Server']['pull'] && $me['org'] == 'ADMIN') echo $this->Form->postLink(__('Pull All'), array('action' => 'pull', $server['Server']['id'], 'full') ); ?>
<?php if ($server['Server']['push'] && $me['org'] == 'ADMIN') echo $this->Form->postLink(__('Push All'), array('action' => 'push', $server['Server']['id'], 'full') ); ?>
</td>
</tr>
<?php
endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<li><?php if ($isAclAdd && $me['org'] == 'ADMIN') echo $this->Html->link(__('New Server'), array('controller' => 'servers', 'action' => 'add')); ?></li>
<li><?php echo $this->Html->link(__('List Servers'), array('controller' => 'servers', 'action' => 'index'));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Servers', array('controller' => 'servers', 'action' => 'index'));?></li>
<li><?php if ($isAclAdd && $me['org'] == 'ADMIN') echo $this->Html->link('New Server', array('controller' => 'servers', 'action' => 'add')); ?></li>
</ul>
</div>

8
app/View/Servers/pull.ctp
View File

@ -23,10 +23,8 @@ else:?>
endif;?>
</div>
<div class="actions">
<ul>
<li><?php echo $this->Html->link(__('New Server'), array('controller' => 'servers', 'action' => 'add')); ?></li>
<li><?php echo $this->Html->link(__('List Servers'), array('controller' => 'servers', 'action' => 'index'));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Servers', array('controller' => 'servers', 'action' => 'index'));?></li>
<li><?php if ($isAclAdd && $me['org'] == 'ADMIN') echo $this->Html->link('New Server', array('controller' => 'servers', 'action' => 'add')); ?></li>
</ul>
</div>

8
app/View/Servers/push.ctp
View File

@ -23,10 +23,8 @@ else:?>
endif;?>
</div>
<div class="actions">
<ul>
<li><?php echo $this->Html->link(__('New Server'), array('controller' => 'servers', 'action' => 'add')); ?></li>
<li><?php echo $this->Html->link(__('List Servers'), array('controller' => 'servers', 'action' => 'index'));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Servers', array('controller' => 'servers', 'action' => 'index'));?></li>
<li><?php if ($isAclAdd && $me['org'] == 'ADMIN') echo $this->Html->link('New Server', array('controller' => 'servers', 'action' => 'add')); ?></li>
</ul>
</div>

79
app/View/ShadowAttributes/add.ctp
View File

@ -3,40 +3,61 @@
<?php echo $this->Form->create('ShadowAttribute');?>
<fieldset>
<legend><?php echo __('Add ShadowAttribute'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'between' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeCategoryDiv')),
'empty' => '(choose one)'
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeCategoryDiv')),
'empty' => '(choose one)',
'div' => 'input'
));
echo $this->Form->input('type', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeTypeDiv')),
'empty' => '(first choose category)'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
'class' => 'input-xxlarge clear'
));
echo $this->Form->input('type', array(
'between' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeTypeDiv')),
'empty' => '(first choose category)'
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
));
echo $this->Form->input('to_ids', array(
'checked' => true,
'before' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
'label' => 'IDS Signature?'
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
));
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
));
// link an onchange event to the form elements
$this->Js->get('#ShadowAttributeCategory')->event('change', 'formCategoryChanged("#ShadowAttributeCategory")');
$this->Js->get('#ShadowAttributeType')->event('change', 'showFormInfo("#ShadowAttributeType")');
?>
echo $this->Form->input('to_ids', array(
'checked' => true,
'after' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
'label' => 'IDS Signature?',
));
// link an onchange event to the form elements
$this->Js->get('#ShadowAttributeCategory')->event('change', 'formCategoryChanged("#ShadowAttributeCategory")');
$this->Js->get('#ShadowAttributeType')->event('change', 'showFormInfo("#ShadowAttributeType")');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php
echo $this->Form->button('Propose', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['ShadowAttribute']['event_id'])); ?> </li>
<li class="active"><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['ShadowAttribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['ShadowAttribute']['event_id']));?> </li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact reporter', array('controller' => 'events', 'action' => 'contact', $this->request->data['ShadowAttribute']['event_id'])); ?> </li>
<li><?php echo $this->Html->link('Download as XML', array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['ShadowAttribute']['event_id'])); ?></li>
<li><?php echo $this->Html->link('Download as IOC', array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['ShadowAttribute']['event_id'])); ?> </li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<?php endif; ?>
</ul>
</div>
<script type="text/javascript">

67
app/View/ShadowAttributes/add_attachment.ctp
View File

@ -2,30 +2,59 @@
<?php echo $this->Form->create('ShadowAttribute', array('enctype' => 'multipart/form-data','onSubmit' => 'document.getElementById("ShadowAttributeMalware").removeAttribute("disabled");'));?>
<fieldset>
<legend><?php echo __('Add Attachment'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeCategoryDiv'))));
echo $this->Form->file('value', array(
'error' => array('escape' => false),
));
echo $this->Form->input('malware', array(
'type' => 'checkbox',
'checked' => false,
'after' => '<br>Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"',
));
// link an onchange event to the form elements
$this->Js->get('#ShadowAttributeType')->event('change', 'showFormInfo("#ShadowAttributeType")');
$this->Js->get('#ShadowAttributeCategory')->event('change', 'showFormInfo("#ShadowAttributeCategory")');
?>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeCategoryDiv')),
'empty' => '(choose one)',
'div' => 'input'
));
?>
<div class="input clear">
<?php
echo $this->Form->file('value', array(
'error' => array('escape' => false),
));
?>
</div>
<div class="input clear"><br /></div>
<div class="input clear"></div>
<?php
echo $this->Form->input('malware', array(
'type' => 'checkbox',
'checked' => false,
));
?>
<div class="forminfo input clear">
Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"
</div>
<?php
// link an onchange event to the form elements
$this->Js->get('#ShadowAttributeType')->event('change', 'showFormInfo("#ShadowAttributeType")');
$this->Js->get('#ShadowAttributeCategory')->event('change', 'showFormInfo("#ShadowAttributeCategory")');
?>
</fieldset>
<?php echo $this->Form->end(__('Upload'));?>
<?php
echo $this->Form->button('Propose', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['ShadowAttribute']['event_id'])); ?> </li>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['ShadowAttribute']['event_id']));?> </li>
<li class="active"><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['ShadowAttribute']['event_id']));?> </li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact reporter', array('controller' => 'events', 'action' => 'contact', $this->request->data['ShadowAttribute']['event_id'])); ?> </li>
<li><?php echo $this->Html->link('Download as XML', array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['ShadowAttribute']['event_id'])); ?></li>
<li><?php echo $this->Html->link('Download as IOC', array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['ShadowAttribute']['event_id'])); ?> </li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<?php endif; ?>
</ul>
</div>
<script type="text/javascript">
var formInfoValues = new Array();
<?php

197
app/View/ShadowAttributes/edit.ctp
View File

@ -1,101 +1,96 @@
<div class="shadowAttributes form">
<?php echo $this->Form->create('ShadowAttribute');?>
<fieldset>
<legend><?php echo __('Edit Attribute'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeCategoryDiv'))));
if (!$attachment) {
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeTypeDiv'))));
}
echo $this->Form->input('to_ids', array(
'before' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
'label' => 'IDS Signature?'
));
if (!$attachment) {
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
));
}
$this->Js->get('#ShadowAttributeCategory')->event('change', 'formCategoryChanged("#ShadowAttributeCategory")');
$this->Js->get('#ShadowAttributeType')->event('change', 'showFormInfo("#ShadowAttributeType")');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>
<script type="text/javascript">
//
//Generate Category / Type filtering array
//
var category_type_mapping = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false;
else echo ', ';
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
?>
function formCategoryChanged(id) {
showFormInfo(id); // display the tooltip
// fill in the types
var options = $('#ShadowAttributeType').prop('options');
$('option', $('#ShadowAttributeType')).remove();
$.each(category_type_mapping[$('#ShadowAttributeCategory').val()], function(val, text) {
options[options.length] = new Option(text, val);
});
// enable the form element
$('#ShadowAttributeType').prop('disabled', false);
}
//
//Generate tooltip information
//
var formInfoValues = new Array();
<?php
foreach ($typeDefinitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
}
//hide the formInfo things
$('#ShadowAttributeTypeDiv').hide();
$('#ShadowAttributeCategoryDiv').hide();
// fix the select box based on what was selected
var type_value = $('#ShadowAttributeType').val();
formCategoryChanged("#ShadowAttributeCategory");
$('#ShadowAttributeType').val(type_value);
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts
<div class="shadowAttributes form">
<?php echo $this->Form->create('ShadowAttribute');?>
<fieldset>
<legend><?php echo __('Edit Attribute'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('category', array('between' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeCategoryDiv'))));
if (!$attachment) {
echo $this->Form->input('type', array('between' => $this->Html->div('forminfo', '', array('id' => 'ShadowAttributeTypeDiv'))));
}
echo $this->Form->input('to_ids', array(
'before' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
'label' => 'IDS Signature?'
));
if (!$attachment) {
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
));
}
$this->Js->get('#ShadowAttributeCategory')->event('change', 'formCategoryChanged("#ShadowAttributeCategory")');
$this->Js->get('#ShadowAttributeType')->event('change', 'showFormInfo("#ShadowAttributeType")');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
</div>
<script type="text/javascript">
//
//Generate Category / Type filtering array
//
var category_type_mapping = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false;
else echo ', ';
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
?>
function formCategoryChanged(id) {
showFormInfo(id); // display the tooltip
// fill in the types
var options = $('#ShadowAttributeType').prop('options');
$('option', $('#ShadowAttributeType')).remove();
$.each(category_type_mapping[$('#ShadowAttributeCategory').val()], function(val, text) {
options[options.length] = new Option(text, val);
});
// enable the form element
$('#ShadowAttributeType').prop('disabled', false);
}
//
//Generate tooltip information
//
var formInfoValues = new Array();
<?php
foreach ($typeDefinitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
}
//hide the formInfo things
$('#ShadowAttributeTypeDiv').hide();
$('#ShadowAttributeCategoryDiv').hide();
// fix the select box based on what was selected
var type_value = $('#ShadowAttributeType').val();
formCategoryChanged("#ShadowAttributeCategory");
$('#ShadowAttributeType').val(type_value);
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

28
app/View/Users/admin_add.ctp
View File

@ -9,18 +9,30 @@
if ($currentOrg == 'ADMIN') {
echo $this->Form->input('org', array('label' => 'Organisation'));
}
echo $this->Form->input('role_id', array('label' => 'Role'));
echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
echo $this->Form->input('role_id', array('label' => 'Role', 'div' => 'input clear'));
echo $this->Form->input('authkey', array('value' => $authkey, 'readonly' => 'readonly'));
echo $this->Form->input('nids_sid');
echo $this->Form->input('gpgkey', array('label' => 'GPG key'));
echo $this->Form->input('gpgkey', array('label' => 'GPG key', 'div' => 'clear', 'class' => 'input-xxlarge'));
echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php echo $this->Form->button(__('Submit'), array('class' => 'btn btn-primary'));
echo $this->Form->end();?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>
</div>

37
app/View/Users/admin_edit.ctp
View File

@ -9,23 +9,40 @@
if ($currentOrg == 'ADMIN') {
echo $this->Form->input('org', array('label' => 'Organisation'));
}
echo $this->Form->input('role_id', array('label' => 'Role')); // TODO ACL, User edit role_id.
echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
echo $this->Form->input('role_id', array('label' => 'Role', 'div' => 'input clear')); // TODO ACL, User edit role_id.
echo $this->Form->input('authkey', array('disabled' => 'disabled', 'label' => 'Authentication key'));
echo $this->Html->link('reset', array('controller' => 'users', 'action' => 'resetauthkey', $currentId));
echo ('<br><br>');
echo $this->Form->input('nids_sid');
echo $this->Form->input('newsread', array(
'label' => 'News read (date)',
'type' => 'text',
'class' => 'datepicker',
));
echo $this->Form->input('gpgkey', array('label' => 'GPG key', 'div' => 'clear', 'class' => 'input-xxlarge'));
echo $this->Form->input('termsaccepted', array('label' => 'Terms accepted'));
echo $this->Form->input('change_pw', array('type' => 'checkbox', 'label' => 'Change Password'));
echo $this->Form->input('newsread', array('label' => 'News read (date)'));
echo $this->Form->input('gpgkey', array('label' => 'GPG key'));
echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
echo $this->Html->link('Reset Auth Key', array('controller' => 'users', 'action' => 'resetauthkey', $currentId));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php
echo $this->Form->button(__('Submit'), array('class' => 'btn btn-primary'));
echo $this->Form->end();?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>

137
app/View/Users/admin_email.ctp
View File

@ -1,64 +1,85 @@
<script>
function showMessage(){
document.getElementById("messageDiv").style.display = "none"){
document.getElementById("messageDiv").style.display="none"){
}
</script>
<div class="events form">
<?php echo $this->Form->create('User');?>
<fieldset>
<legend><?php echo __('Contact User(s)', true); ?></legend>
<h4>Messaging - here's a quick guide on how this feature works</h4><br />
You can use this view to send messages to your current or future users or send them a temporary password. <br/> <br />
<lu><li>When adding a new user to the system, or when you want to manually reset the password for a user, just use the "Send temporary password" setting.</li><br />
<li>After selecting the action, choose who the target of the e-mails should be (all users, a single user or a user not yet in the system).</li><br />
<li>You can then specify (if eligible) what the e-mail address of the target is (for existing users you can choose from a dropdown menu).</li><br />
<li>In the case of a new user, you can specify the future user's gpg key, to send his/her new key in an encrypted e-mail.</li><br />
<li>The system will automatically generate a message for you, but it is also possible to write a custom message if you tick the check-box,
but don't worry about assigning a temporary password manually, the system will do that for you, right after your custom message.</li></lu><br />
<?php
<h4>Messaging - here's a quick guide on how this feature works</h4>
You can use this view to send messages to your current or future users or send them a temporary password.
<ul>
<li>When adding a new user to the system, or when you want to manually reset the password for a user, just use the "Send temporary password" setting.</li>
<li>After selecting the action, choose who the target of the e-mails should be (all users, a single user or a user not yet in the system).</li>
<li>You can then specify (if eligible) what the e-mail address of the target is (for existing users you can choose from a dropdown menu).</li>
<li>In the case of a new user, you can specify the future user's gpg key, to send his/her new key in an encrypted e-mail.</li>
<li>The system will automatically generate a message for you, but it is also possible to write a custom message if you tick the check-box,
but don't worry about assigning a temporary password manually, the system will do that for you, right after your custom message.</li>
</ul>
<?php
// This choice will determine
$actionOptions = array('Custom message', 'Send temporary password');
$recipientOptions = array('All existing users', 'An existing user', 'New user');
echo '<div>';
echo $this->Form->input('action', array('type' => 'select', 'options' => $actionOptions, 'id' => 'action'));
echo $this->Form->input('recipient', array('type' => 'select', 'options' => $recipientOptions, 'id' => 'recipient'));
echo '</div>';
echo '<div id = "recipientEmail">';
echo $this->Form->input('recipientEmail', array('type' => 'text', 'label' => 'Recipient Email', 'style' => 'width:300px;'));
echo '</div>';
echo '<div id = "subject">';
echo $this->Form->input('subject', array('type' => 'text', 'label' => 'Subject', 'style' => 'width:400px;'));
echo '</div>';
echo '<div id = "recipientEmailList">';
echo $this->Form->input('recipientEmailList', array('type' => 'select', 'options' => $recipientEmail, 'label' => 'Recipient Email'));
echo '</div>';
echo '<div id = "gpg">';
echo $this->Form->input('gpg', array('type' => 'textarea'));
echo '</div>';
echo '<div id = "customMessage">';
echo $this->Form->input('customMessage', array(
$actionOptions=array('Custom message', 'Send temporary password');
$recipientOptions=array('All existing users', 'An existing user', 'New user');
?>
<div class="row-fluid">
<?php echo $this->Form->input('action', array('type' => 'select', 'options' => $actionOptions, 'id' => 'action')); ?>
<div id="subject">
<?php echo $this->Form->input('subject', array('type' => 'text', 'label' => 'Subject', 'style' => 'width:400px;')); ?>
</div>
</div>
<div class="row-fluid">
<?php echo $this->Form->input('recipient', array('type' => 'select', 'options' => $recipientOptions, 'id' => 'recipient')); ?>
<div id="recipientEmail">
<?php echo $this->Form->input('recipientEmail', array('type' => 'text', 'label' => 'Recipient Email', 'style' => 'width:300px;')); ?>
</div>
<div id="recipientEmailList">
<?php echo $this->Form->input('recipientEmailList', array('type' => 'select', 'options' => $recipientEmail, 'label' => 'Recipient Email')); ?>
</div>
</div>
<div id="gpg" class="row-fluid">
<?php echo $this->Form->input('gpg', array('type' => 'textarea', 'class' => 'input-xxlarge')); ?>
</div>
<div id="customMessage" class="row-fluid">
<?php
echo $this->Form->input('customMessage', array(
'label' => __('Enter a custom message', true),
'type' => 'checkbox',
'checked' => 'checked',
'id' => 'customMessageToggle'
));
echo '</div>';
$str = $this->Form->input('message', array('type' => 'textarea'));
echo $this->Html->div('messageDiv', $str, array('id' => 'messageDiv'));
?>
<?php echo $this->Form->end(__('Submit', true));
// link an onchange event to the form elements
?>
));
?>
</div>
<div class="row-fluid">
<?php
$str=$this->Form->input('message', array('type' => 'textarea', 'class' => 'input-xxlarge'));
echo $this->Html->div('messageDiv', $str, array('id' => 'messageDiv'));
?>
</div>
<div class="row-fluid">
<?php
echo $this->Form->button(__('Submit'), array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
</fieldset>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li class="active"><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>
<script>
$("#recipient").change(setRecipientEmailList);
$("#recipient").change(setGPG);
$("#action").change(setMessage);
@ -70,14 +91,14 @@ $(document).ready(setMessage);
function setRecipientEmailList() {
if ($("#recipient option:selected").text() == "An existing user") {
document.getElementById("recipientEmailList").style.display = "";
document.getElementById("recipientEmail").style.display = "none";
document.getElementById("recipientEmailList").style.display="";
document.getElementById("recipientEmail").style.display="none";
} else if ($("#recipient option:selected").text() == "All existing users") {
document.getElementById("recipientEmailList").style.display = "none";
document.getElementById("recipientEmail").style.display = "none";
document.getElementById("recipientEmailList").style.display="none";
document.getElementById("recipientEmail").style.display="none";
} else if ($("#recipient option:selected").text() == "New user") {
document.getElementById("recipientEmailList").style.display = "none";
document.getElementById("recipientEmail").style.display = "";
document.getElementById("recipientEmailList").style.display="none";
document.getElementById("recipientEmail").style.display="";
}
}
@ -85,30 +106,30 @@ function setRecipientEmailList() {
function setMessage() {
if ($("#action option:selected").text() == "Custom message") {
document.getElementById("customMessage").style.display = "none";
document.getElementById("messageDiv").style.display = "";
document.getElementById("subject").style.display = "";
document.getElementById("customMessage").style.display="none";
document.getElementById("messageDiv").style.display="";
document.getElementById("subject").style.display="";
} else {
document.getElementById("customMessage").style.display = "";
document.getElementById("subject").style.display = "none";
document.getElementById("customMessage").style.display="";
document.getElementById("subject").style.display="none";
setMessage2();
}
}
function setMessage2() {
if ($("#customMessageToggle").prop('checked')) {
document.getElementById("messageDiv").style.display = "";
document.getElementById("messageDiv").style.display="";
} else {
document.getElementById("messageDiv").style.display = "none";
document.getElementById("messageDiv").style.display="none";
}
}
function setGPG(){
if ($("#recipient option:selected").text() == "New user") {
document.getElementById("gpg").style.display = "";
document.getElementById("gpg").style.display="";
} else {
document.getElementById("gpg").style.display = "none";
document.getElementById("gpg").style.display="none";
}
}
</script>
</script>

26
app/View/Users/admin_index.ctp
View File

@ -1,6 +1,6 @@
<div class="users index">
<h2><?php echo __('Users');?></h2>
<table cellpadding="0" cellspacing="0">
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('org');?></th>
@ -23,7 +23,7 @@ foreach ($users as $user): ?>
<?php echo h($user['User']['org']); ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo $this->Html->link($user['Role']['name'], array('controller' => 'roles', 'action' => 'view', $user['Role']['id'])); ?></td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<td onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['email']); ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo $user['User']['autoalert']? 'Yes' : 'No'; ?>&nbsp;</td>
@ -43,13 +43,13 @@ foreach ($users as $user): ?>
?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['newsread']); ?>&nbsp;</td>
<td class="actions">
<td class="short action-links">
<?php
if (($isAclAdmin && (($user['User']['org'] == $me['org'])) || ('1' == $me['id'])) || ($me['org'] == 'ADMIN')) {
echo $this->Html->link(__('Edit'), array('admin' => true, 'action' => 'edit', $user['User']['id']), null);
echo $this->Form->postLink(__('Delete'), array('admin' => true, 'action' => 'delete', $user['User']['id']), null, __('Are you sure you want to delete # %s?', $user['User']['id']));
echo $this->Html->link('', array('admin' => true, 'action' => 'edit', $user['User']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));
echo $this->Form->postLink('', array('admin' => true, 'action' => 'delete', $user['User']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete # %s?', $user['User']['id']));
}?>
<?php echo $this->Html->link(__('View'), array('admin' => true, 'action' => 'view', $user['User']['id'])); ?>
<?php echo $this->Html->link('', array('admin' => true, 'action' => 'view', $user['User']['id']), array('class' => 'icon-list-alt', 'title' => 'View')); ?>
</td>
</tr>
<?php
@ -71,7 +71,17 @@ endforeach; ?>
</div>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li class="active"><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>

130
app/View/Users/admin_view.ctp
View File

@ -1,24 +1,16 @@
<?php
$buttonAddStatus = $isAclAdd ? 'button_on':'button_off';
$mayModify = ($isAclModify || ($isAclModifyOrg && ($user['User']['org'] == $me['org'])));
$mayModify = ($isSiteAdmin || ($isAdmin && ($user['User']['org'] == $me['org'])));
$buttonModifyStatus = $mayModify ? 'button_on':'button_off';
?>
<div class="users view">
<div class="actions" style="float:right;">
<ul><li><?php echo $this->Html->link(__('Edit Profile', true), array('admin' => true, 'action' => 'edit', $user['User']['id']), array('class' => $buttonModifyStatus)); ?> </li></ul>
</div>
<h2><?php echo __('User');?></h2>
<dl>
<dl style="width:600px;">
<dt><?php echo __('Id'); ?></dt>
<dd>
<?php echo h($user['User']['id']); ?>
&nbsp;
</dd>
<dt><?php echo __('Password'); ?></dt>
<dd>
<?php echo h($user['User']['password']); ?>
&nbsp;
</dd>
<dt><?php echo __('Org'); ?></dt>
<dd>
<?php echo h($user['User']['org']); ?>
@ -48,6 +40,7 @@ $buttonModifyStatus = $mayModify ? 'button_on':'button_off';
<dt><?php echo __('Authkey'); ?></dt>
<dd>
<?php echo h($user['User']['authkey']); ?>
(<?php echo $this->Html->link('reset', array('controller' => 'users', 'action' => 'resetauthkey', $user['User']['id']));?>)
&nbsp;
</dd>
<dt><?php echo __('Invited By'); ?></dt>
@ -76,6 +69,16 @@ if (h($user['User']['termsaccepted']) == 1) {
echo "Yes";
} else {
echo "No";
}?>
&nbsp;
</dd>
<dt><?php echo __('Password change'); ?></dt>
<dd>
<?php
if (h($user['User']['change_pw']) == 1) {
echo "Yes";
} else {
echo "No";
}?>
&nbsp;
</dd>
@ -85,58 +88,63 @@ if (h($user['User']['termsaccepted']) == 1) {
&nbsp;
</dd>
</dl>
<br />
<div class="related table table-striped table-condensed">
<h3><?php echo __('Related Events');?></h3>
<?php if (!empty($user['Event'])):?>
<table>
<tr>
<th><?php echo __('Published'); ?></th>
<th><?php echo __('Id'); ?></th>
<th><?php echo __('Date'); ?></th>
<th><?php echo __('Risk'); ?></th>
<th><?php echo __('Info'); ?></th>
<th><?php echo __('Uuid'); ?></th>
<th><?php echo __('Distribution'); ?></th>
<th class="actions"><?php echo __('Actions');?></th>
</tr>
<?php
$i = 0;
foreach ($user['Event'] as $event): ?>
<tr>
<td>
<div class='<?php echo ($event['published'] == 1) ? 'icon-ok' : 'icon-remove';; ?>'></div>
</td>
<td><?php echo h($event['id']);?></td>
<td><?php echo h($event['date']);?></td>
<td><?php echo h($event['risk']);?></td>
<td><?php echo h($event['info']);?></td>
<td><?php echo h($event['uuid']);?></td>
<td><?php echo h($event['distribution']);?></td>
<td class="short action-links">
<?php if ($mayModify) echo $this->Html->link('', array('controller' => 'events', 'action' => 'edit', $event['id']), array('class' => 'icon-download-alt')); ?>
<?php
if ($mayModify) echo $this->Form->postLink('', array('controller' => 'events', 'action' => 'delete', $event['id']), array('class' => 'icon-trash'), __('Are you sure you want to delete # %s?', $event['id']));
?>
<?php echo $this->Html->link('', array('controller' => 'events', 'action' => 'view', $event['id']), array('class' => 'icon-list-alt')); ?>
</td>
</tr>
<?php
endforeach; ?>
</table>
<?php
endif; ?>
</div>
</div>
<div class="actions">
<ul>
<?php
if ($isAclModify): ?>
<li><?php echo $this->Html->link(__('Edit User', true), array('admin' => 'true', 'action' => 'edit', $user['User']['id'])); ?></li>
<li>&nbsp;</li>
<?php
endif; ?>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('Edit User', array('admin' => true, 'action' => 'edit', $user['User']['id'])); ?></li>
<li class="divider"></li>
<li class="active"><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>
<div class="related">
<h3><?php echo __('Related Events');?></h3>
<?php if (!empty($user['Event'])):?>
<table cellpadding = "0" cellspacing = "0">
<tr>
<th><?php echo __('Id'); ?></th>
<th><?php echo __('Org'); ?></th>
<th><?php echo __('Date'); ?></th>
<th><?php echo __('Risk'); ?></th>
<th><?php echo __('Info'); ?></th>
<th><?php echo __('User Id'); ?></th>
<th><?php echo __('Published'); ?></th>
<th><?php echo __('Uuid'); ?></th>
<th class="actions"><?php echo __('Actions');?></th>
</tr>
<?php
$i = 0;
foreach ($user['Event'] as $event): ?>
<tr>
<td><?php echo h($event['id']);?></td>
<td><?php echo h($event['org']);?></td>
<td><?php echo h($event['date']);?></td>
<td><?php echo h($event['risk']);?></td>
<td><?php echo h($event['info']);?></td>
<td><?php echo h($event['user_id']);?></td>
<td><?php echo h($event['published']);?></td>
<td><?php echo h($event['uuid']);?></td>
<td class="actions">
<?php echo $this->Html->link(__('Edit'), array('controller' => 'events', 'action' => 'edit', $event['id']), array('class' => $buttonModifyStatus)); ?>
<?php
if ($mayModify) echo $this->Form->postLink(__('Delete'), array('controller' => 'events', 'action' => 'delete', $event['id']), null, __('Are you sure you want to delete # %s?', $event['id']));
else echo $this->Html->link(__('Delete'), array('controller' => 'events', 'action' => 'delete', $event['id']), array('class' => $buttonModifyStatus));
?>
<?php echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $event['id'])); ?>
</td>
</tr>
<?php
endforeach; ?>
</table>
<?php
endif; ?>
</div>

22
app/View/Users/change_pw.ctp
View File

@ -7,11 +7,23 @@
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
<?php
echo $this->Form->button(__('Submit'), array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('New User', array('controller' => 'users', 'action' => 'add', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link('List Users', array('controller' => 'users', 'action' => 'index', 'admin' => true)); ?> </li>
<li class="divider"></li>
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link('New Role', array('controller' => 'roles', 'action' => 'add', 'admin' => true)); ?> </li>
<?php endif; ?>
<li><?php echo $this->Html->link('List Roles', array('controller' => 'roles', 'action' => 'index', 'admin' => true)); ?> </li>
<?php if ($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Contact users', array('controller' => 'users', 'action' => 'email', 'admin' => true)); ?> </li>
<?php endif; ?>
</ul>
</div>
</div>

5
app/View/Users/check_and_correct_pgps.ctp
View File

@ -8,9 +8,4 @@ if (0 == count($fails)):?>
</ul>
<?php
endif;?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

20
app/View/Users/edit.ctp
View File

@ -6,21 +6,25 @@
echo $this->Form->input('email');
echo $this->Form->input('password');
echo $this->Form->input('confirm_password', array('type' => 'password', 'div' => array('class' => 'input password required')));
if ($isAdmin) echo $this->Form->input('org', array('label' => 'Organisation'));
else echo $this->Form->input('org', array('disabled' => 'disabled', 'label' => 'Organisation'));
if ($isAdmin) echo $this->Form->input('org', array('label' => 'Organisation', 'div' => 'input clear'));
else echo $this->Form->input('org', array('disabled' => 'disabled', 'label' => 'Organisation', 'div' => 'input clear'));
if ($isAdmin) echo $this->Form->input('role_id');
else echo $this->Form->input('role_id', array('disabled' => 'disabled')); // TODO ACL, check, My Profile not edit role_id.
echo $this->Form->input('nids_sid');
echo $this->Form->input('gpgkey', array('label' => 'GPG key', 'div' => 'clear', 'class' => 'input-xxlarge'));
echo $this->Form->input('autoalert', array('label' => 'Receive alerts when events are published'));
echo $this->Form->input('contactalert', array('label' => 'Receive alerts from "contact reporter" requests'));
echo $this->Form->input('nids_sid');
echo $this->Form->input('gpgkey', array('label' => 'GPG key'));
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
<?php echo $this->Form->button(__('Submit'), array('class' => 'btn btn-primary'));
echo $this->Form->end();?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news')); ?> </li>
<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me')); ?> </li>
<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist')); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?> </li>
<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms')); ?> </li>
</ul>
</div>

6
app/View/Users/login.ctp
View File

@ -1,3 +1,4 @@
<div class="container">
<?php
echo $this->Session->flash('auth');
echo $this->Form->create('User', array('action' => 'login'));
@ -7,4 +8,7 @@ echo $this->Form->inputs(array(
'password' => array('autocomplete' => 'off')
));
echo $this->Form->end('Login');
echo $this->Form->button('Login', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>

18
app/View/Users/memberslist.ctp
View File

@ -1,6 +1,6 @@
<div class="users index">
<h2>Members</h2>
<table cellpadding="0" cellspacing="0" style="width:300px;">
<table class="table table-striped table-condensed table-bordered" style="width:300px;">
<tr>
<th>Organisation</th>
<th># of members</th>
@ -15,7 +15,7 @@ foreach ($orgs as $org):?>
$imgRelativePath = 'orgs' . DS . h($org['User']['org']) . '.png';
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . $imgRelativePath;
?>
<td><?php if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($org['User']['org']) . '.png', array('alt' => h($org['User']['org']),'width' => '48','hight' => '48'));?>&nbsp</td>
<td><?php if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($org['User']['org']) . '.png', array('alt' => h($org['User']['org']),'width' => '48','hight' => '48'));?>&nbsp;</td>
</tr>
<?php
endforeach; ?>
@ -90,7 +90,7 @@ foreach ($graphData as $row) {
});
</script>
<!-- table cellpadding="0" cellspacing="0" style="width:400px;">
<!-- table class="table table-striped table-condensed table-bordered" style="width:400px;">
<tr>
<th>Org</th>
<th>Type</th>
@ -111,11 +111,11 @@ endforeach; ?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news')); ?> </li>
<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me')); ?> </li>
<li class="active"><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist')); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?> </li>
<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms')); ?> </li>
</ul>
</div>
<div class="users index">
</div>

9
app/View/Users/news.ctp
View File

@ -73,10 +73,13 @@ The authkey generation algorithm has also been improved.</p>
A bug in the DNS attributes has been corrected.</p>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news')); ?> </li>
<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me')); ?> </li>
<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist')); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?> </li>
<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms')); ?> </li>
</ul>
</div>

5
app/View/Users/succes.ctp
View File

@ -6,8 +6,3 @@ else:?>
<p>Succes, all done.</p><?php
endif;?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
</ul>
</div>

11
app/View/Users/terms.ctp
View File

@ -9,9 +9,12 @@ if (!$termsaccepted) {
}
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu'); ?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news')); ?> </li>
<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me')); ?> </li>
<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist')); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?> </li>
<li class="active"><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms')); ?> </li>
</ul>
</div>
</div>

33
app/View/Users/view.ctp
View File

@ -1,8 +1,4 @@
<div class="users view">
<div class="actions" style="float:right;">
<ul><li><?php if ($isAclAdmin && ($me['org'] == $user['User']['org'] || $me['org'] == 'ADMIN')) echo $this->Html->link(__('Edit Profile', true), array('admin' => true, 'action' => 'edit', $user['User']['id'])); ?> </li></ul>
<ul><li><?php if ($me['id'] == $user['User']['id'] && (!$isAclAdmin)) echo $this->Html->link(__('Edit Profile', true), array('action' => 'edit', $user['User']['id'])); ?> </li></ul>
</div>
<h2><?php echo __('User');?></h2>
<dl>
<dt><?php echo __('Id'); ?></dt>
@ -65,19 +61,20 @@ if (h($user['User']['gpgkey']) != 0) {
</dl>
</div>
<div class="actions">
<ul>
<ul class="nav nav-list">
<?php
if ($isAclAdmin && ($me['org'] == $user['User']['org'] || $me['org'] == 'ADMIN')) { ?>
<li><?php echo $this->Html->link(__('Edit User', true), array('admin' => true, 'action' => 'edit', $user['User']['id'])); ?></li>
<?php
} else if ($me['id'] == $user['User']['id'] && $me['org'] != 'ADMIN') {
?>
<li><?php echo $this->Html->link(__('Edit User', true), array('action' => 'edit', $user['User']['id'])); ?></li>
<?php
}
?>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu'); ?>
if ($me['id'] == $user['User']['id']) {
?>
<li><?php echo $this->Html->link(__('Edit User', true), array('action' => 'edit', $user['User']['id'])); ?></li>
<li class="divider"></li>
<?php
}
?>
<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news')); ?> </li>
<li class="active"><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me')); ?> </li>
<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist')); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation')); ?> </li>
<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms')); ?> </li>
</ul>
</div>
</div>

14
app/View/Whitelists/admin_add.ctp
View File

@ -1,15 +1,19 @@
<div class="whitelist form">
<?php echo $this->Form->create('Whitelist');?>
<fieldset>
<legend><?php echo __('Add Signature Whitelist');?></legend>
<legend>Add Signature Whitelist</legend>
<?php
echo $this->Form->input('name');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit'));?>
<?php
echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<div class="actions">
<ul>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Whitelist', array('admin' => true, 'action' => 'index'));?></li>
<li class="active"><?php echo $this->Html->link('New Whitelist', array('admin' => true, 'action' => 'add'));?></li>
</ul>
</div>
</div>

9
app/View/Whitelists/admin_edit.ctp
View File

@ -1,7 +1,7 @@
<div class="whitelist form">
<?php echo $this->Form->create('Whitelist');?>
<fieldset>
<legend><?php echo __('Edit Signature Whitelist'); ?></legend>
<legend>Edit Signature Whitelist</legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('name');
@ -10,9 +10,10 @@
<?php echo $this->Form->end(__('Submit'));?>
</div>
<div class="actions">
<ul>
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Whitelist', array('admin' => true, 'action' => 'index'));?></li>
<li><?php echo $this->Html->link('New Whitelist', array('admin' => true, 'action' => 'add'));?></li>
<li class="divider"></li>
<li><?php echo $this->Form->postLink(__('Delete Whitelist'), array('admin' => true, 'action' => 'delete', $this->Form->value('Whitelist.id')), null, __('Are you sure you want to delete # %s?', $this->Form->value('Whitelist.id')));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
</ul>
</div>

50
app/View/Whitelists/admin_index.ctp
View File

@ -1,6 +1,22 @@
<div class="whitelist index">
<h2><?php echo __('Signature Whitelist');?></h2>
<table cellpadding="0" cellspacing="0">
<h2>Import Whitelist</h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
@ -9,10 +25,10 @@
foreach ($list as $item):?>
<tr>
<td class="short"><?php echo h($item['Whitelist']['id']);?>&nbsp;</td>
<td class="short"><?php echo h($item['Whitelist']['name']);?>&nbsp;</td>
<td class="actions">
<?php echo $this->Html->link(__('Edit'), array('admin' => true, 'action' => 'edit', $item['Whitelist']['id']));?>
<?php echo $this->Form->postLink(__('Delete'), array('admin' => true, 'action' => 'delete', $item['Whitelist']['id']), null, __('Are you sure you want to delete "%s"?', h($item['Whitelist']['name'])));?>
<td><?php echo h($item['Whitelist']['name']);?>&nbsp;</td>
<td class="short action-links">
<?php echo $this->Html->link('', array('admin' => true, 'action' => 'edit', $item['Whitelist']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));?>
<?php echo $this->Form->postLink('', array('admin' => true, 'action' => 'delete', $item['Whitelist']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete "%s"?', $item['Whitelist']['name']));?>
</td>
</tr><?php
endforeach;?>
@ -22,21 +38,21 @@ endforeach;?>
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<li><?php echo $this->Html->link(__('New Whitelist'), array('admin' => true, 'action' => 'add'));?></li>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Whitelist', array('admin' => true, 'action' => 'index'));?></li>
<li><?php echo $this->Html->link('New Whitelist', array('admin' => true, 'action' => 'add'));?></li>
</ul>
</div>

53
app/View/Whitelists/index.ctp
View File

@ -1,6 +1,22 @@
<div class="whitelist index">
<h2><?php echo __('Signature Whitelist');?></h2>
<table cellpadding="0" cellspacing="0">
<h2>Signature Whitelist</h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
@ -13,23 +29,24 @@ foreach ($list as $item):?>
endforeach;?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?> </p>
<div class="paging">
<?php
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
echo $this->Paginator->numbers(array('separator' => ''));
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
?>
</div>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<div class="actions">
<ul>
<li>&nbsp;</li>
<?php echo $this->element('actions_menu');?>
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Whitelist', array('action' => 'index'));?></li>
</ul>
</div>

1109
app/webroot/css/bootstrap-responsive.css Executable file
View File

File diff suppressed because it is too large Load Diff

9
app/webroot/css/bootstrap-responsive.min.css vendored Executable file
View File

File diff suppressed because one or more lines are too long

6158
app/webroot/css/bootstrap.css Executable file
View File

File diff suppressed because it is too large Load Diff

9
app/webroot/css/bootstrap.min.css vendored Executable file
View File

File diff suppressed because one or more lines are too long

182
app/webroot/css/datepicker.css Executable file
View File

@ -0,0 +1,182 @@
/*!
* Datepicker for Bootstrap
*
* Copyright 2012 Stefan Petre
* Licensed under the Apache License v2.0
* http://www.apache.org/licenses/LICENSE-2.0
*
*/
.datepicker {
top: 0;
left: 0;
padding: 4px;
margin-top: 1px;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
/*.dow {
border-top: 1px solid #ddd !important;
}*/
}
.datepicker:before {
content: '';
display: inline-block;
border-left: 7px solid transparent;
border-right: 7px solid transparent;
border-bottom: 7px solid #ccc;
border-bottom-color: rgba(0, 0, 0, 0.2);
position: absolute;
top: -7px;
left: 6px;
}
.datepicker:after {
content: '';
display: inline-block;
border-left: 6px solid transparent;
border-right: 6px solid transparent;
border-bottom: 6px solid #ffffff;
position: absolute;
top: -6px;
left: 7px;
}
.datepicker > div {
display: none;
}
.datepicker table {
width: 100%;
margin: 0;
}
.datepicker td,
.datepicker th {
text-align: center;
width: 20px;
height: 20px;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
}
.datepicker td.day:hover {
background: #eeeeee;
cursor: pointer;
}
.datepicker td.day.disabled {
color: #eeeeee;
}
.datepicker td.old,
.datepicker td.new {
color: #999999;
}
.datepicker td.active,
.datepicker td.active:hover {
color: #ffffff;
background-color: #006dcc;
background-image: -moz-linear-gradient(top, #0088cc, #0044cc);
background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#0088cc), to(#0044cc));
background-image: -webkit-linear-gradient(top, #0088cc, #0044cc);
background-image: -o-linear-gradient(top, #0088cc, #0044cc);
background-image: linear-gradient(to bottom, #0088cc, #0044cc);
background-repeat: repeat-x;
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff0088cc', endColorstr='#ff0044cc', GradientType=0);
border-color: #0044cc #0044cc #002a80;
border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
*background-color: #0044cc;
/* Darken IE7 buttons by default so they stand out more given they won't have borders */
filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
color: #fff;
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
}
.datepicker td.active:hover,
.datepicker td.active:hover:hover,
.datepicker td.active:focus,
.datepicker td.active:hover:focus,
.datepicker td.active:active,
.datepicker td.active:hover:active,
.datepicker td.active.active,
.datepicker td.active:hover.active,
.datepicker td.active.disabled,
.datepicker td.active:hover.disabled,
.datepicker td.active[disabled],
.datepicker td.active:hover[disabled] {
color: #ffffff;
background-color: #0044cc;
*background-color: #003bb3;
}
.datepicker td.active:active,
.datepicker td.active:hover:active,
.datepicker td.active.active,
.datepicker td.active:hover.active {
background-color: #003399 \9;
}
.datepicker td span {
display: block;
width: 47px;
height: 54px;
line-height: 54px;
float: left;
margin: 2px;
cursor: pointer;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
}
.datepicker td span:hover {
background: #eeeeee;
}
.datepicker td span.active {
color: #ffffff;
background-color: #006dcc;
background-image: -moz-linear-gradient(top, #0088cc, #0044cc);
background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#0088cc), to(#0044cc));
background-image: -webkit-linear-gradient(top, #0088cc, #0044cc);
background-image: -o-linear-gradient(top, #0088cc, #0044cc);
background-image: linear-gradient(to bottom, #0088cc, #0044cc);
background-repeat: repeat-x;
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff0088cc', endColorstr='#ff0044cc', GradientType=0);
border-color: #0044cc #0044cc #002a80;
border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
*background-color: #0044cc;
/* Darken IE7 buttons by default so they stand out more given they won't have borders */
filter: progid:DXImageTransform.Microsoft.gradient(enabled = false);
color: #fff;
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
}
.datepicker td span.active:hover,
.datepicker td span.active:focus,
.datepicker td span.active:active,
.datepicker td span.active.active,
.datepicker td span.active.disabled,
.datepicker td span.active[disabled] {
color: #ffffff;
background-color: #0044cc;
*background-color: #003bb3;
}
.datepicker td span.active:active,
.datepicker td span.active.active {
background-color: #003399 \9;
}
.datepicker td span.old {
color: #999999;
}
.datepicker th.switch {
width: 145px;
}
.datepicker th.next,
.datepicker th.prev {
font-size: 21px;
}
.datepicker thead tr:first-child th {
cursor: pointer;
}
.datepicker thead tr:first-child th:hover {
background: #eeeeee;
}
.input-append.date .add-on i,
.input-prepend.date .add-on i {
display: block;
cursor: pointer;
width: 16px;
height: 16px;
}

BIN
app/webroot/css/fonts/roboto/Roboto-Black-webfont.eot Executable file
View File

Binary file not shown.

147
app/webroot/css/fonts/roboto/Roboto-Black-webfont.svg Executable file
View File

@ -0,0 +1,147 @@
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" >
<svg xmlns="http://www.w3.org/2000/svg">
<metadata>
This is a custom SVG webfont generated by Font Squirrel.
Copyright : Font data copyright Google 2011
Designer : Google
Foundry URL : Googlecom
</metadata>
<defs>
<font id="RobotoBlack" horiz-adv-x="1186" >
<font-face units-per-em="2048" ascent="1536" descent="-512" />
<missing-glyph horiz-adv-x="510" />
<glyph unicode=" " horiz-adv-x="510" />
<glyph unicode="&#x09;" horiz-adv-x="510" />
<glyph unicode="&#xa0;" horiz-adv-x="510" />
<glyph unicode="!" horiz-adv-x="565" d="M115 0v283h339v-283h-339zM115 516v940h339v-940h-339z" />
<glyph unicode="&#x22;" horiz-adv-x="881" d="M149 932v524h246v-275l-102 -249h-144zM506 932v524h245v-275l-102 -249h-143z" />
<glyph unicode="#" horiz-adv-x="1190" d="M37 410v183h252l44 264h-221v183h251l69 416h198l-68 -416h161l69 416h199l-69 -416h231v-183h-261l-44 -264h229v-183h-259l-67 -410h-199l67 410h-161l-67 -410h-199l67 410h-222zM488 593h161l44 264h-161z" />
<glyph unicode="$" horiz-adv-x="1227" d="M98 441l2 6h329q0 -115 55.5 -164t149.5 -49q83 0 120.5 41.5t37.5 110.5q0 80 -38.5 121.5t-146.5 86.5q-239 84 -350.5 184t-111.5 290q0 171 116 280.5t314 125.5v211h158v-214q187 -25 294 -141t104 -299l-2 -5h-330q0 100 -43.5 148t-122.5 48q-82 0 -116 -42.5 t-34 -113.5q0 -67 36.5 -106.5t147.5 -92.5q231 -74 346.5 -182t115.5 -297q0 -175 -111 -281t-304 -124v-201h-159v201q-202 17 -332 128.5t-125 329.5z" />
<glyph unicode="%" horiz-adv-x="1521" d="M91 1099v77q0 130 84 215.5t239 85.5q157 0 241 -85.5t84 -215.5v-77q0 -130 -84 -214.5t-239 -84.5q-156 0 -240.5 85t-84.5 214zM305 188l711 1138l157 -79l-711 -1138zM307 1099q0 -50 28 -83.5t81 -33.5q51 0 78.5 33.5t27.5 83.5v77q0 50 -28 84.5t-80 34.5 q-51 0 -79 -34.5t-28 -84.5v-77zM782 280v77q0 129 85 214.5t240 85.5q157 0 240.5 -85t83.5 -215v-77q0 -131 -83.5 -215.5t-238.5 -84.5q-156 0 -241.5 85t-85.5 215zM999 280q0 -48 32 -83t78 -35q62 0 84 31t22 87v77q0 49 -28.5 83.5t-79.5 34.5q-52 0 -80 -34.5 t-28 -83.5v-77z" />
<glyph unicode="&#x26;" horiz-adv-x="1380" d="M60 391q0 116 56.5 197.5t173.5 176.5l18 12q-61 86 -90.5 159t-29.5 148q0 189 110 291t302 102q159 0 258.5 -102t99.5 -248q0 -107 -36.5 -184.5t-110.5 -137.5l-100 -70l235 -271q34 57 53.5 124t19.5 140h260q0 -147 -34 -268.5t-109 -214.5l209 -240l-2 -5h-369 l-74 84q-87 -54 -173.5 -79.5t-190.5 -25.5q-218 0 -347 114t-129 298zM399 414q0 -77 46.5 -126t113.5 -49q43 0 87 9t85 28l-257 292q-41 -36 -58 -73t-17 -81zM480 1088q0 -37 17 -75.5t51 -82.5l45 28q56 36 75.5 70t19.5 75q0 46 -25.5 80t-74.5 34t-78.5 -37.5 t-29.5 -91.5z" />
<glyph unicode="'" horiz-adv-x="440" d="M74 881v575h291v-292l-102 -283h-189z" />
<glyph unicode="(" horiz-adv-x="727" d="M120 564v28q0 389 148 659.5t348 347.5h6l61 -159q-128 -94 -211 -304t-83 -542v-32q0 -333 83 -542.5t211 -303.5l-61 -159h-6q-200 77 -348 347t-148 660z" />
<glyph unicode=")" horiz-adv-x="726" d="M44 -284q126 95 210 304.5t84 541.5v32q0 332 -84 542t-210 304l61 159h6q205 -76 362 -355t157 -652v-28q0 -374 -157 -652.5t-362 -354.5h-6z" />
<glyph unicode="*" horiz-adv-x="843" d="M30 731l56 175l243 -72l8 248h182l15 -258l229 73l56 -177l-230 -85l131 -205l-149 -109l-153 204l-151 -195l-150 105l139 214z" />
<glyph unicode="+" horiz-adv-x="1094" d="M45 537v289h342v380h315v-380h341v-289h-341v-391h-315v391h-342z" />
<glyph unicode="," horiz-adv-x="590" d="M71 -326l70 327v263h326v-272l-163 -318h-233z" />
<glyph unicode="-" horiz-adv-x="875" d="M135 497v261h589v-261h-589z" />
<glyph unicode="." horiz-adv-x="619" d="M136 0v284h337v-284h-337z" />
<glyph unicode="/" horiz-adv-x="811" d="M-29 -125l497 1581h341l-497 -1581h-341z" />
<glyph unicode="0" d="M86 535v386q0 261 138 408.5t368 147.5q228 0 368 -148t140 -408v-386q0 -261 -139 -408.5t-367 -147.5q-230 0 -369 147.5t-139 408.5zM423 514q0 -136 44.5 -205.5t126.5 -69.5q80 0 124.5 69.5t44.5 205.5v430q0 133 -45.5 203t-125.5 70q-81 0 -125 -70t-44 -203 v-430z" />
<glyph unicode="1" d="M208 1167v258l631 52v-1477h-338v1167h-293z" />
<glyph unicode="2" d="M64 994q-5 202 133 342.5t366 140.5q239 0 369 -117.5t130 -323.5q0 -138 -72 -244.5t-264 -314.5l-177 -212l2 -5h562v-260h-1012v220l448 492q90 102 132 182t42 139q0 85 -38 134.5t-122 49.5q-79 0 -122.5 -64.5t-43.5 -164.5h-331z" />
<glyph unicode="3" d="M77 398l2 6h329q0 -71 49 -118t125 -47q91 0 149.5 50.5t58.5 125.5q0 106 -55.5 154.5t-156.5 48.5h-160v251h160q91 0 140 49t49 136q0 68 -50 115.5t-135 47.5q-64 0 -108.5 -37.5t-44.5 -98.5h-328l-2 6q-6 174 136.5 282t346.5 108q237 0 379.5 -108.5t142.5 -307.5 q0 -99 -60 -182t-163 -131q118 -43 182 -129.5t64 -210.5q0 -200 -153.5 -314.5t-391.5 -114.5q-206 0 -358 107.5t-147 311.5z" />
<glyph unicode="4" d="M48 515l599 938v3h338v-887h147v-262h-147v-307h-338v307h-579zM338 569h309v453l-6 1l-37 -75z" />
<glyph unicode="5" d="M92 378l1 6l331 20q0 -77 48.5 -121t128.5 -44q94 0 131 57t37 171q0 120 -43 189t-136 69q-67 0 -108.5 -29t-57.5 -73l-303 17l84 816h853v-262h-579l-37 -303q41 29 104.5 47t138.5 20q203 4 312.5 -124.5t109.5 -364.5q0 -211 -122 -350.5t-384 -139.5 q-208 0 -361.5 109.5t-147.5 289.5z" />
<glyph unicode="6" d="M74 566v293q0 288 170.5 453t438.5 165q84 0 150 -14.5t147 -46.5l-57 -246q-70 21 -121 31.5t-117 10.5q-124 0 -199 -88.5t-75 -262.5v-14q56 55 135.5 85t180.5 30q187 0 289.5 -136t102.5 -354q0 -215 -143 -354t-367 -139q-240 0 -387.5 157t-147.5 430zM411 566 q0 -158 52 -242.5t146 -84.5q76 0 124 67.5t48 165.5q0 110 -46 171t-121 61q-72 0 -123 -19t-80 -54v-65z" />
<glyph unicode="7" d="M58 1196v260h1053v-260q-232 -264 -317.5 -486.5t-85.5 -518.5v-191h-338v191q0 292 106 535.5t311 469.5h-729z" />
<glyph unicode="8" d="M72 410q0 116 70 206.5t192 140.5q-99 48 -154.5 130.5t-55.5 187.5q0 193 135 297.5t352 104.5q210 0 339 -104t129 -298q0 -105 -53 -187t-146 -131q116 -50 184 -140.5t68 -206.5q0 -204 -146 -317.5t-373 -113.5q-236 0 -388.5 114t-152.5 317zM411 428 q0 -86 57 -137.5t145 -51.5q78 0 129.5 51t51.5 138t-52.5 142t-130.5 55q-86 0 -143 -55t-57 -142zM463 1057q0 -79 40.5 -125.5t109.5 -46.5q60 0 94.5 46.5t34.5 125.5q0 76 -35 118t-96 42q-69 0 -108.5 -41.5t-39.5 -118.5z" />
<glyph unicode="9" d="M80 967q0 216 142 363t367 147q221 0 363.5 -153.5t142.5 -422.5v-366q0 -252 -155.5 -404t-391.5 -152q-74 0 -154.5 16.5t-153.5 46.5l58 241q64 -23 121 -33.5t129 -10.5q92 0 151 72.5t59 200.5v84q-49 -60 -114 -90.5t-139 -30.5q-198 0 -311.5 133.5t-113.5 358.5z M417 967q0 -112 41.5 -180.5t120.5 -68.5q58 0 103.5 22t75.5 60v163q0 124 -47.5 189t-122.5 65q-79 0 -125 -75t-46 -175z" />
<glyph unicode=":" horiz-adv-x="613" d="M136 0v284h337v-284h-337zM136 876v284h337v-284h-337z" />
<glyph unicode=";" horiz-adv-x="579" d="M137 876v284h337v-284h-337zM122 -326l70 327v263h326v-272l-163 -318h-233z" />
<glyph unicode="&#x3c;" horiz-adv-x="1044" d="M46 410v266l884 360v-306l-552 -186v-6l552 -181v-307z" />
<glyph unicode="=" horiz-adv-x="1195" d="M128 293v260h926v-260h-926zM128 732v260h926v-260h-926z" />
<glyph unicode="&#x3e;" horiz-adv-x="1050" d="M111 48v306l547 186v6l-547 182v306l879 -360v-266z" />
<glyph unicode="?" horiz-adv-x="1043" d="M18 1060q-3 208 132.5 312.5t357.5 104.5q238 0 374.5 -120t136.5 -324q0 -125 -74.5 -230t-189.5 -165q-64 -42 -86.5 -90.5t-22.5 -131.5h-338q1 139 50 209t179 161q67 42 105.5 104t38.5 143q0 84 -45 134t-128 50q-67 0 -112 -41t-47 -122h-329zM309 0v270h336v-270 h-336z" />
<glyph unicode="@" horiz-adv-x="1809" d="M43 478q18 429 258 680.5t638 251.5q391 0 598.5 -238t191.5 -652q-9 -220 -132 -380.5t-367 -160.5q-81 0 -140 45.5t-83 128.5q-41 -85 -103.5 -127.5t-146.5 -42.5q-149 0 -228 118.5t-58 314.5q26 251 146.5 402t292.5 151q121 0 194.5 -26t161.5 -80l-3 -4h5 l-51 -566q-5 -87 11.5 -119.5t44.5 -32.5q112 0 179.5 107.5t75.5 271.5q16 339 -133 528.5t-460 189.5q-302 0 -480 -204t-193 -556q-17 -343 144.5 -542t463.5 -199q84 0 174.5 18.5t156.5 46.5l38 -166q-67 -42 -170.5 -65.5t-202.5 -23.5q-404 0 -622 249t-201 682z M719 416q-9 -120 17.5 -181.5t86.5 -61.5q54 0 96.5 30t74.5 111l40 452q-22 5 -43 8.5t-42 3.5q-104 0 -158.5 -90.5t-71.5 -271.5z" />
<glyph unicode="A" horiz-adv-x="1307" d="M5 0l475 1456h181v-1l1 1h181l476 -1456h-356l-85 283h-433l-84 -283h-356zM523 543h277l-136 452h-6z" />
<glyph unicode="B" horiz-adv-x="1306" d="M116 0v1456h477q271 0 422.5 -100.5t151.5 -299.5q0 -104 -48 -184.5t-150 -121.5q130 -28 192.5 -116t62.5 -203q0 -213 -143 -322t-410 -109h-555zM454 260h217q108 0 162 42.5t54 130.5q0 93 -47.5 141t-156.5 51h-11h-218v-365zM454 849h133q122 0 182 42.5t60 126.5 q0 93 -58 135.5t-178 42.5h-139v-347z" />
<glyph unicode="C" horiz-adv-x="1307" d="M89 576v304q0 266 157.5 431.5t416.5 165.5q277 0 429 -129q148 -126 147 -362v-13l-3 -6h-329q0 134 -57 192t-187 58q-114 0 -175 -91.5t-61 -243.5v-306q0 -153 67 -245t192 -92q116 0 167.5 58t51.5 194h329l2 -6v-13q0 -238 -140 -364q-144 -128 -410 -129 q-270 0 -433.5 165t-163.5 432z" />
<glyph unicode="D" horiz-adv-x="1338" d="M116 0v1456h533q257 0 430 -167.5t173 -429.5v-262q0 -263 -173 -430t-430 -167h-533zM454 260h195q115 0 189.5 94t74.5 243v264q0 147 -74.5 241t-189.5 94h-195v-936z" />
<glyph unicode="E" horiz-adv-x="1143" d="M116 0v1456h954v-260h-616v-313h513v-260h-513v-363h615v-260h-953z" />
<glyph unicode="F" horiz-adv-x="1143" d="M116 0v1456h973v-260h-635v-350h533v-260h-533v-586h-338z" />
<glyph unicode="G" horiz-adv-x="1353" d="M88 576v304q0 263 164.5 430t423.5 167q279 0 422 -125q137 -120 137 -325v-15l-2 -6h-317q0 107 -57 159t-172 52q-118 0 -190 -93t-72 -242v-306q0 -152 71.5 -244.5t200.5 -92.5q93 0 146.5 15t84.5 40v260h-258v224h596v-577q-76 -92 -214 -157t-355 -65 q-271 0 -440 166t-169 431z" />
<glyph unicode="H" horiz-adv-x="1446" d="M116 0v1456h338v-610h539v610h337v-1456h-337v586h-539v-586h-338z" />
<glyph unicode="I" horiz-adv-x="611" d="M137 0v1456h337v-1456h-337z" />
<glyph unicode="J" horiz-adv-x="1144" d="M14 440l3 6h330q0 -107 54 -157t141 -50q66 0 108 60.5t42 167.5v989h338v-989q0 -223 -137 -355.5t-351 -132.5q-246 0 -390 118q-138 114 -138 328v15z" />
<glyph unicode="K" horiz-adv-x="1306" d="M116 0v1456h338v-570h70l329 570h425l-458 -662l497 -794h-434l-335 584h-94v-584h-338z" />
<glyph unicode="L" horiz-adv-x="1144" d="M116 0v1456h338v-1196h625v-260h-963z" />
<glyph unicode="M" horiz-adv-x="1783" d="M116 0v1456h443l326 -1019h6l329 1019h447v-1456h-338v938l-6 1l-321 -939h-227l-315 925l-6 -1v-924h-338z" />
<glyph unicode="N" horiz-adv-x="1446" d="M116 0v1456h338l533 -915l6 2v913h337v-1456h-337l-533 916l-6 -2v-914h-338z" />
<glyph unicode="O" horiz-adv-x="1416" d="M89 597v262q0 268 171.5 443t447.5 175q274 0 446 -175t172 -443v-262q0 -269 -170.5 -443.5t-445.5 -174.5q-277 0 -449 174.5t-172 443.5zM426 597q0 -158 73.5 -258t210.5 -100q133 0 206 100t73 258v264q0 156 -73.5 256t-207.5 100q-137 0 -209.5 -99.5 t-72.5 -256.5v-264z" />
<glyph unicode="P" horiz-adv-x="1306" d="M116 0v1456h556q259 0 411 -132t152 -347t-152 -346.5t-411 -131.5h-218v-499h-338zM454 759h218q110 0 168 60.5t58 155.5q0 97 -57.5 159t-168.5 62h-218v-437z" />
<glyph unicode="Q" horiz-adv-x="1447" d="M89 597v262q0 268 171.5 443t447.5 175q274 0 446 -175t172 -443v-262q0 -107 -29 -201.5t-83 -171.5l218 -222l-217 -167l-210 210q-65 -33 -139 -49.5t-156 -16.5q-277 0 -449 174.5t-172 443.5zM426 597q0 -158 73.5 -258t210.5 -100q133 0 206 100t73 258v264 q0 156 -73.5 256t-207.5 100q-137 0 -209.5 -99.5t-72.5 -256.5v-264z" />
<glyph unicode="R" horiz-adv-x="1306" d="M116 0v1456h507q253 0 401 -117t148 -320q0 -113 -59.5 -194t-175.5 -132q134 -38 192.5 -126.5t58.5 -220.5v-92q0 -57 17 -130t59 -104v-20h-349q-40 31 -52 109t-12 147v88q0 104 -55 159t-161 55h-181v-558h-338zM454 818h171q102 0 156 46.5t54 133.5 q0 89 -55.5 143.5t-156.5 54.5h-169v-378z" />
<glyph unicode="S" horiz-adv-x="1273" d="M72 462l2 6h329q0 -127 62.5 -180.5t191.5 -53.5q106 0 158 42t52 110q0 78 -51 119.5t-185 88.5q-271 88 -402.5 187.5t-131.5 286.5q0 183 153 296t389 113q249 -1 401 -117q147 -113 147 -315v-13l-2 -6h-328q0 103 -56 149.5t-169 46.5q-92 0 -145 -45t-53 -111 q0 -64 54.5 -102.5t203.5 -96.5q253 -75 383 -183t130 -296q0 -192 -150 -300.5t-398 -108.5q-247 1 -419 117q-167 113 -166 352v14z" />
<glyph unicode="T" horiz-adv-x="1150" d="M28 1196v260h1101v-260h-385v-1196h-338v1196h-378z" />
<glyph unicode="U" horiz-adv-x="1417" d="M107 512v944h339v-944q0 -135 70 -204t194 -69q123 0 191.5 68.5t68.5 204.5v944h339v-944q0 -250 -166 -391.5t-433 -141.5q-269 0 -436 141.5t-167 391.5z" />
<glyph unicode="V" horiz-adv-x="1307" d="M0 1456h353l285 -1061l10 -53h6l10 49l289 1065h354l-472 -1456h-365z" />
<glyph unicode="W" horiz-adv-x="1825" d="M12 1456h343l176 -945l6 -1l247 946h255l248 -944h6l176 944h342l-334 -1456h-318l-245 899h-6l-243 -899h-318z" />
<glyph unicode="X" horiz-adv-x="1307" d="M14 0l428 734l-417 722h387l236 -491l240 491h390l-417 -722l449 -734h-410l-248 501l-248 -501h-390z" />
<glyph unicode="Y" horiz-adv-x="1307" d="M-5 1456h366l289 -636h6l290 636h366l-494 -944v-512h-337v527z" />
<glyph unicode="Z" horiz-adv-x="1131" d="M64 1196v260h994v-146l-591 -1050h600v-260h-1000v152l588 1044h-591z" />
<glyph unicode="[" horiz-adv-x="577" d="M108 -349v2055h456v-246h-118v-1564h118v-245h-456z" />
<glyph unicode="\" horiz-adv-x="871" d="M-16 1456h338l608 -1581h-339z" />
<glyph unicode="]" horiz-adv-x="577" d="M14 -104h119v1564h-119v246h456v-2055h-456v245z" />
<glyph unicode="^" horiz-adv-x="916" d="M36 729l299 727h249l300 -727h-254l-165 413l-4 18h-6l-4 -18l-162 -413h-253z" />
<glyph unicode="_" horiz-adv-x="904" d="M0 0h903v-251h-903v251z" />
<glyph unicode="`" horiz-adv-x="695" d="M40 1512l2 6h370l208 -266h-297z" />
<glyph unicode="a" horiz-adv-x="1086" d="M32 305q0 161 121 248.5t367 87.5h139v77q0 69 -33 106t-101 37q-59 0 -87.5 -27.5t-28.5 -85.5l-328 1l-2 6v15q-1 138 123 232q130 100 345 100q201 0 325.5 -100t124.5 -286v-408q0 -86 14.5 -160t43.5 -148l-334 1q-19 34 -32.5 77t-20.5 90q-44 -86 -108.5 -137.5 t-168.5 -51.5q-170 0 -264.5 87.5t-94.5 238.5zM370 323q0 -46 31.5 -74.5t81.5 -28.5q62 0 109.5 29t66.5 69v143h-136q-81 0 -117 -39t-36 -99z" />
<glyph unicode="b" horiz-adv-x="1151" d="M96 0v1560h338v-583q45 60 104.5 92.5t137.5 32.5q209 0 315.5 -153t106.5 -410v-21q0 -247 -106 -393t-314 -146q-88 0 -154 38t-113 110l-20 -127h-295zM434 307q24 -34 63.5 -51t95.5 -17q100 0 134 69.5t34 209.5v21q0 144 -36 223.5t-134 79.5q-55 0 -94.5 -20.5 t-62.5 -59.5v-455z" />
<glyph unicode="c" horiz-adv-x="1048" d="M45 529v23q0 244 133 397t379 153q205 0 329 -114q120 -111 120 -302v-12l-2 -6h-308q0 77 -35 125.5t-104 48.5q-98 0 -136.5 -78.5t-38.5 -211.5v-23q0 -136 38.5 -213t138.5 -77q69 0 103 37.5t34 108.5h308l2 -6v-11q0 -170 -122 -278q-126 -112 -325 -111 q-247 0 -380.5 152.5t-133.5 397.5z" />
<glyph unicode="d" horiz-adv-x="1151" d="M51 518v21q0 253 110.5 408t311.5 155q75 0 135.5 -34.5t108.5 -98.5v591h338v-1560h-296l-23 132q-49 -74 -114.5 -113.5t-150.5 -39.5q-200 0 -310 148t-110 391zM389 518q0 -132 38.5 -205.5t129.5 -73.5q53 0 93.5 19.5t66.5 57.5v437q-26 43 -66 66t-92 23 q-90 0 -130 -83t-40 -220v-21z" />
<glyph unicode="e" horiz-adv-x="1070" d="M51 505v38q-1 248 131 404q131 155 378 155h3q219 0 339.5 -131t120.5 -359v-177h-620l-2 -6q8 -85 63 -137.5t158 -52.5q97 0 161.5 16t147.5 51l81 -206q-70 -51 -188 -86t-248 -35q-246 0 -385.5 149t-139.5 377zM399 651l2 -5h292v26q0 84 -29.5 127t-100.5 43 q-81 0 -119.5 -51.5t-44.5 -139.5z" />
<glyph unicode="f" horiz-adv-x="734" d="M13 848v234h156v112q0 186 112 286.5t317 100.5q39 0 78.5 -5.5t88.5 -15.5l-25 -249q-28 5 -49 7.5t-51 2.5q-64 0 -98 -33t-34 -94v-112h214v-234h-214v-848h-339v848h-156z" />
<glyph unicode="g" horiz-adv-x="1151" d="M50 518v21q0 253 110.5 408t311.5 155q85 0 150 -40.5t112 -114.5l22 135h298v-1070q0 -214 -146.5 -331.5t-403.5 -117.5q-84 0 -176 23t-176 62l58 250q73 -32 139.5 -47.5t152.5 -15.5q108 0 160.5 43t52.5 136v84q-46 -59 -106.5 -89t-138.5 -30q-200 0 -310 148 t-110 391zM387 518q0 -132 38.5 -205.5t130.5 -73.5q55 0 94.5 17t64.5 51v455q-25 39 -64 59.5t-93 20.5q-90 0 -130.5 -83.5t-40.5 -219.5v-21z" />
<glyph unicode="h" horiz-adv-x="1151" d="M86 0v1560h338v-612q49 73 119.5 113.5t155.5 40.5q168 0 264 -117t96 -363v-622h-338v624q0 124 -32 171t-97 47q-57 0 -99 -16.5t-69 -46.5v-779h-338z" />
<glyph unicode="i" horiz-adv-x="561" d="M111 0v1082h339v-1082h-339zM111 1333v227h339v-227h-339z" />
<glyph unicode="j" horiz-adv-x="548" d="M-115 -420l14 255q29 -6 49.5 -9t51.5 -3q56 0 85.5 41t29.5 121v1097h339v-1097q0 -202 -108.5 -312t-301.5 -110q-44 0 -80.5 4t-78.5 13zM109 1334v226h339v-226h-339z" />
<glyph unicode="k" horiz-adv-x="1119" d="M96 0v1560h338v-875h48l228 397h387l-333 -488l388 -594h-385l-272 430h-61v-430h-338z" />
<glyph unicode="l" horiz-adv-x="561" d="M111 0v1560h339v-1560h-339z" />
<glyph unicode="m" horiz-adv-x="1764" d="M96 0v1082h318l12 -143q51 78 128.5 120.5t177.5 42.5q101 0 174 -44t110 -134q50 85 128.5 131.5t183.5 46.5q158 0 248.5 -113.5t90.5 -349.5v-639h-339v639q0 116 -32.5 159.5t-97.5 43.5q-49 0 -86.5 -17.5t-63.5 -48.5q0 -17 1 -29.5t1 -24.5v-722h-338v639 q0 117 -32 160t-99 43q-46 0 -83.5 -17.5t-63.5 -48.5v-776h-338z" />
<glyph unicode="n" horiz-adv-x="1151" d="M90 0v1082h317l13 -152q53 81 131 126.5t174 45.5q159 0 248.5 -108t89.5 -343v-651h-338v652q0 103 -33 146.5t-96 43.5q-54 0 -97 -19t-72 -54v-769h-337z" />
<glyph unicode="o" horiz-adv-x="1151" d="M51 530v21q0 244 138 397.5t385 153.5q248 0 386 -153.5t138 -397.5v-21q0 -245 -138 -398t-384 -153q-249 0 -387 153t-138 398zM389 530q0 -136 42.5 -213.5t144.5 -77.5q99 0 142 78t43 213v21q0 132 -43 211.5t-144 79.5q-100 0 -142.5 -80t-42.5 -211v-21z" />
<glyph unicode="p" horiz-adv-x="1151" d="M96 -416v1498h319l10 -118q45 66 107.5 102t143.5 36q201 0 311.5 -155t110.5 -408v-21q0 -244 -110 -391.5t-310 -147.5q-78 0 -138.5 30t-105.5 87v-512h-338zM434 308q24 -35 63.5 -52t97.5 -17q89 0 127.5 73.5t38.5 205.5v21q0 137 -40 220t-128 83q-57 0 -96.5 -21 t-62.5 -61v-452z" />
<glyph unicode="q" horiz-adv-x="1151" d="M51 518v21q0 253 110.5 408t311.5 155q85 0 150 -40.5t112 -114.5l26 135h295v-1498h-338v516q-46 -59 -107.5 -90t-139.5 -31q-200 0 -310 148t-110 391zM389 518q0 -132 38.5 -205.5t129.5 -73.5q56 0 96 17.5t65 52.5v450q-25 41 -64.5 62t-94.5 21q-90 0 -130 -83 t-40 -220v-21z" />
<glyph unicode="r" horiz-adv-x="722" d="M96 0v1082h318l12 -159q34 85 90 132t131 47q23 0 41 -3t38 -9l-32 -296l-110 1q-58 0 -95 -21.5t-55 -60.5v-713h-338z" />
<glyph unicode="s" horiz-adv-x="1048" d="M41 341l2 6h306q2 -77 46.5 -111t126.5 -34q68 0 103 26.5t35 75.5q0 40 -45.5 71.5t-165.5 56.5q-189 37 -285 114.5t-96 213.5q0 143 120 242.5t325 99.5q216 0 344 -96q122 -92 122 -236v-14l-2 -6h-328q0 64 -32 97t-105 33q-53 0 -89 -29t-36 -74q0 -43 41.5 -73 t167.5 -54q199 -39 294 -116.5t95 -219.5q0 -146 -129.5 -240.5t-342.5 -94.5q-221 0 -349 112q-123 107 -123 238v12z" />
<glyph unicode="t" horiz-adv-x="723" d="M-5 848v234h151v269h338v-269h171v-234h-171v-496q0 -58 23.5 -83.5t63.5 -25.5q26 0 41.5 2t39.5 8l23 -250q-51 -13 -92 -18.5t-97 -5.5q-167 0 -253.5 89t-86.5 282v498h-151z" />
<glyph unicode="u" horiz-adv-x="1151" d="M88 462v620h337v-622q0 -127 32.5 -174t100.5 -47q54 0 95 15t70 45v783h338v-1082h-272l-41 162q-48 -88 -124.5 -135.5t-176.5 -47.5q-168 0 -263.5 118t-95.5 365z" />
<glyph unicode="v" horiz-adv-x="1053" d="M0 1082h356l145 -636l20 -115l6 -1l22 116l143 636h355l-352 -1082h-343z" />
<glyph unicode="w" horiz-adv-x="1485" d="M21 1082h322l108 -609h6l177 609h213l178 -605h6l107 605h322l-254 -1082h-286l-176 554h-6l-177 -554h-285z" />
<glyph unicode="x" horiz-adv-x="1053" d="M5 0l325 547l-315 535h377l132 -319h6l137 319h379l-314 -535l325 -547h-379l-144 329h-6l-144 -329h-379z" />
<glyph unicode="y" horiz-adv-x="1053" d="M-5 1082h359l161 -605l1 -8h6l179 613h360l-431 -1243q-50 -120 -129 -198t-251 -78q-44 0 -72 5.5t-88 20.5l41 241l21 -4q7 -2 18 -2q80 0 117 23.5t55 70.5l27 70z" />
<glyph unicode="z" horiz-adv-x="1053" d="M65 0v188l481 634h-460v260h888v-182l-482 -640h492v-260h-919z" />
<glyph unicode="{" horiz-adv-x="665" d="M40 505v227q82 0 122 51.5t40 145.5v203q0 171 82.5 290.5t277.5 174.5l63 -176q-73 -29 -102 -103t-29 -186v-203q0 -104 -46 -184.5t-139 -125.5q93 -47 139 -127.5t46 -182.5v-203q0 -112 29 -186t102 -103l-63 -177q-195 55 -277.5 175t-82.5 291v203q0 92 -40 144 t-122 52z" />
<glyph unicode="|" horiz-adv-x="523" d="M142 -270v1726h246v-1726h-246z" />
<glyph unicode="}" horiz-adv-x="665" d="M41 -183q72 29 101.5 103t29.5 186v203q0 103 45.5 183.5t140.5 126.5q-95 45 -140.5 125.5t-45.5 184.5v203q0 112 -29.5 186t-101.5 103l63 176q194 -55 277 -174.5t83 -290.5v-203q0 -94 39.5 -145.5t122.5 -51.5v-227q-83 0 -122.5 -52t-39.5 -144v-203 q0 -171 -83 -291t-277 -175z" />
<glyph unicode="~" horiz-adv-x="1295" d="M94 435q0 175 87 288t226 113q81 0 156 -32.5t147 -96.5q43 -42 76.5 -60.5t72.5 -18.5q43 0 74.5 50t31.5 122l232 -31q0 -175 -88.5 -288.5t-226.5 -113.5q-83 0 -154 30.5t-146 99.5q-47 43 -79.5 61t-73.5 18q-43 0 -73.5 -50t-30.5 -121z" />
<glyph unicode="&#xa2;" horiz-adv-x="1210" d="M45 529v23q0 231 120.5 381.5t345.5 166.5v218h200v-235q141 -39 221 -146.5t80 -268.5h-316q0 77 -35 125.5t-104 48.5q-98 0 -136.5 -78.5t-38.5 -211.5v-23q0 -136 38.5 -213t138.5 -77q69 0 103 37.5t34 108.5h316q0 -144 -82 -246t-219 -140v-244h-200v226 q-225 16 -345.5 166t-120.5 382z" />
<glyph unicode="&#xa3;" horiz-adv-x="1227" d="M103 575v261h154l-7 185q0 213 124.5 334.5t333.5 121.5q223 0 345 -115t118 -304l-2 -6h-330q0 85 -37.5 125t-94.5 40t-88 -51t-31 -145l9 -185h325v-261h-312l3 -51q0 -73 -34.5 -141t-98.5 -123h692v-260h-1006v260h10q47 12 70.5 86.5t23.5 156.5l-3 72h-164z" />
<glyph unicode="&#xa5;" horiz-adv-x="1258" d="M18 1456h367l243 -579h6l244 579h366l-366 -714h213v-184h-295v-106h295v-183h-295v-269h-337v269h-323v183h323v106h-323v184h249z" />
<glyph unicode="&#xa9;" horiz-adv-x="1608" d="M85 729q0 315 207 531t503 216q295 0 502.5 -216t207.5 -531q0 -316 -208 -533t-502 -217q-296 0 -503 217t-207 533zM207 729q0 -264 171.5 -444.5t416.5 -180.5q244 0 415.5 180.5t171.5 444.5q0 263 -171.5 442.5t-415.5 179.5q-246 0 -417 -179.5t-171 -442.5z M432 669v119q0 173 94.5 280t254.5 107q157 0 245.5 -79.5t84.5 -228.5l-2 -6h-148q0 94 -45 136.5t-135 42.5q-94 0 -144 -69t-50 -182v-120q0 -115 50 -183.5t144 -68.5q90 0 134.5 41.5t44.5 137.5h148l2 -6q4 -151 -84 -229.5t-245 -78.5q-160 0 -254.5 106t-94.5 281z " />
<glyph unicode="&#xad;" horiz-adv-x="875" d="M135 497v261h589v-261h-589z" />
<glyph unicode="&#xae;" horiz-adv-x="1608" d="M85 729q0 315 207 531t503 216q295 0 502.5 -216t207.5 -531q0 -316 -208 -533t-502 -217q-296 0 -503 217t-207 533zM207 729q0 -264 171.5 -444.5t416.5 -180.5q244 0 415.5 180.5t171.5 444.5q0 263 -171.5 442.5t-415.5 179.5q-246 0 -417 -179.5t-171 -442.5z M500 316v850h281q151 0 238 -69t87 -195q0 -56 -27.5 -98.5t-79.5 -71.5q55 -31 79.5 -86.5t24.5 -130.5v-56q0 -41 3.5 -73.5t13.5 -53.5v-16h-155q-9 21 -11 61.5t-2 82.5v54q0 71 -33.5 105t-109.5 34h-158v-337h-151zM651 787h128q74 0 125.5 30t51.5 86q0 72 -39 101 t-136 29h-130v-246z" />
<glyph unicode="&#xb4;" horiz-adv-x="762" d="M107 1252l206 266h371l2 -6l-281 -260h-298z" />
<glyph unicode="&#x2000;" horiz-adv-x="853" />
<glyph unicode="&#x2001;" horiz-adv-x="1706" />
<glyph unicode="&#x2002;" horiz-adv-x="853" />
<glyph unicode="&#x2003;" horiz-adv-x="1706" />
<glyph unicode="&#x2004;" horiz-adv-x="568" />
<glyph unicode="&#x2005;" horiz-adv-x="426" />
<glyph unicode="&#x2006;" horiz-adv-x="284" />
<glyph unicode="&#x2007;" horiz-adv-x="284" />
<glyph unicode="&#x2008;" horiz-adv-x="213" />
<glyph unicode="&#x2009;" horiz-adv-x="341" />
<glyph unicode="&#x200a;" horiz-adv-x="94" />
<glyph unicode="&#x2010;" horiz-adv-x="875" d="M135 497v261h589v-261h-589z" />
<glyph unicode="&#x2011;" horiz-adv-x="875" d="M135 497v261h589v-261h-589z" />
<glyph unicode="&#x2012;" horiz-adv-x="875" d="M135 497v261h589v-261h-589z" />
<glyph unicode="&#x2013;" horiz-adv-x="1412" d="M136.498 578v264h1084.19v-264h-1084.19z" />
<glyph unicode="&#x2014;" horiz-adv-x="1675" d="M134.997 578v264h1334.38v-264h-1334.38z" />
<glyph unicode="&#x2018;" horiz-adv-x="576" d="M142 912v295l102 249h167v-544h-269z" />
<glyph unicode="&#x2019;" horiz-adv-x="577" d="M158 912v544h269v-294l-102 -250h-167z" />
<glyph unicode="&#x201c;" horiz-adv-x="921" d="M120 912v295l102 249h167v-544h-269zM448 912v295l102 249h167v-544h-269z" />
<glyph unicode="&#x201d;" horiz-adv-x="932" d="M123 912v544h269v-294l-102 -250h-167zM459 912v544h269v-294l-102 -250h-167z" />
<glyph unicode="&#x2022;" horiz-adv-x="757" d="M134 706v107q0 106 69 173.5t183 67.5q118 0 186.5 -67t68.5 -174v-107q0 -107 -68.5 -172.5t-184.5 -65.5t-185 66t-69 172z" />
<glyph unicode="&#x2026;" horiz-adv-x="1587" d="M136 0v284h337v-284h-337zM579 0v284h337v-284h-337zM999 0v284h337v-284h-337z" />
<glyph unicode="&#x202f;" horiz-adv-x="341" />
<glyph unicode="&#x205f;" horiz-adv-x="426" />
<glyph unicode="&#x20ac;" horiz-adv-x="1130" d="M67 472v166h146v144h-146v166h146v13q0 235 154.5 375.5t405.5 140.5q60 0 117.5 -8t125.5 -23l-21 -264q-53 16 -109.5 25.5t-112.5 9.5q-105 0 -163 -66.5t-58 -187.5v-15h396v-166h-396v-144h396v-166h-396v-14q0 -111 57.5 -165t165.5 -54q57 0 112.5 8t107.5 25 l21 -262q-57 -15 -118 -23t-123 -8q-252 0 -407 129.5t-155 349.5v14h-146z" />
<glyph unicode="&#x2122;" horiz-adv-x="1298" d="M92 1340v116h406v-116h-121v-423h-168v423h-117zM564 913v543h180l100 -348h6l99 348h175v-543h-147v243l-6 1l-83 -244h-83l-88 260l-6 -1v-259h-147z" />
<glyph unicode="&#x2212;" horiz-adv-x="1120" d="M135 578v264h834v-264h-834z" />
<glyph unicode="&#xe000;" horiz-adv-x="1080" d="M0 1080h1080v-1080h-1080v1080z" />
</font>
</defs></svg>
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

BIN
app/webroot/css/fonts/roboto/Roboto-Black-webfont.ttf Executable file
View File

Binary file not shown.

BIN
app/webroot/css/fonts/roboto/Roboto-Black-webfont.woff Executable file
View File

Binary file not shown.

BIN
app/webroot/css/fonts/roboto/Roboto-BlackItalic-webfont.eot Executable file
View File

Binary file not shown.

147
app/webroot/css/fonts/roboto/Roboto-BlackItalic-webfont.svg Executable file
View File

@ -0,0 +1,147 @@
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" >
<svg xmlns="http://www.w3.org/2000/svg">
<metadata>
This is a custom SVG webfont generated by Font Squirrel.
Copyright : Font data copyright Google 2011
Designer : Google
Foundry URL : Googlecom
</metadata>
<defs>
<font id="RobotoBlackItalic" horiz-adv-x="1186" >
<font-face units-per-em="2048" ascent="1536" descent="-512" />
<missing-glyph horiz-adv-x="510" />
<glyph unicode=" " horiz-adv-x="510" />
<glyph unicode="&#x09;" horiz-adv-x="510" />
<glyph unicode="&#xa0;" horiz-adv-x="510" />
<glyph unicode="!" horiz-adv-x="565" d="M35 0l42 283h339l-42 -283h-339zM112 516l141 940h339l-141 -940h-339z" />
<glyph unicode="&#x22;" horiz-adv-x="881" d="M204 932l33 235l41 289h246l-39 -275l-137 -249h-144zM561 932l35 244l39 280h245l-39 -275l-137 -249h-143z" />
<glyph unicode="#" horiz-adv-x="1190" d="M19 410l27 183h252l83 264h-220l27 183h251l131 416h198l-131 -416h162l131 416h199l-131 -416h231l-27 -183h-262l-83 -264h229l-27 -183h-259l-129 -410h-199l129 410h-162l-128 -410h-199l129 410h-222zM497 593h161l83 264h-161z" />
<glyph unicode="$" horiz-adv-x="1227" d="M85 442l2 5h330q-17 -120 31 -166.5t144 -46.5q79 0 124 42t55 110q11 82 -21 122t-135 86q-228 84 -325.5 184t-69.5 290q24 178 154 284t332 122l30 211h158l-30 -215q178 -26 271.5 -143t69.5 -301h-337q14 104 -22.5 150t-116.5 46q-78 0 -120.5 -43.5t-51.5 -112.5 q-10 -70 20.5 -107.5t135.5 -91.5q221 -74 321 -182t74 -297q-26 -183 -150.5 -285.5t-321.5 -119.5l-28 -201h-159l28 201q-194 18 -310.5 130.5t-81.5 328.5z" />
<glyph unicode="%" horiz-adv-x="1521" d="M176 1099l11 77q20 134 116.5 217.5t252.5 83.5q150 0 224 -86.5t55 -214.5l-11 -77q-21 -134 -116 -216.5t-252 -82.5q-150 0 -225 86t-55 213zM253 188l882 1138l145 -79l-882 -1138zM392 1099q-8 -51 15 -84t76 -33q49 0 82.5 34t41.5 83l11 77q7 52 -15 85.5 t-75 33.5q-49 0 -83.5 -35t-41.5 -84zM744 280l12 77q19 133 116.5 216.5t253.5 83.5q150 0 223.5 -86t55.5 -214l-12 -77q-21 -135 -115.5 -217.5t-251.5 -82.5q-150 0 -226 86t-56 214zM961 280q-8 -49 19 -83.5t73 -34.5q60 0 88 32t36 86l12 77q7 51 -16.5 84.5 t-74.5 33.5q-50 0 -84 -35t-41 -83z" />
<glyph unicode="&#x26;" horiz-adv-x="1380" d="M39 391q17 120 84 198.5t202 175.5l19 11q-48 87 -67 160t-6 148q29 196 153 294.5t318 98.5q152 0 239 -103t66 -247q-17 -112 -64 -187t-131 -135l-111 -70l193 -269q44 57 73.5 123t40.5 139h260q-23 -153 -74.5 -272.5t-139.5 -211.5l176 -244h-376l-62 84 q-94 -54 -184.5 -79.5t-194.5 -25.5q-210 0 -326 115.5t-88 296.5zM381 414q-12 -80 27.5 -127.5t106.5 -47.5q42 0 86.5 9.5t89.5 28.5l-212 291q-46 -37 -68.5 -73.5t-29.5 -80.5zM563 1088q-6 -38 5.5 -76t39.5 -83l49 29q62 36 86 70.5t30 74.5q7 48 -13 81t-69 33 q-47 0 -83.5 -38t-44.5 -91z" />
<glyph unicode="'" horiz-adv-x="440" d="M122 881l38 270l43 305h291l-41 -292l-142 -283h-189z" />
<glyph unicode="(" horiz-adv-x="727" d="M124 564l4 28q56 405 239 667t398 341l6 -1l39 -159q-141 -94 -254 -304t-159 -542l-4 -32q-49 -347 4.5 -548.5t170.5 -297.5l-84 -159h-5q-189 77 -299.5 347t-55.5 660z" />
<glyph unicode=")" horiz-adv-x="726" d="M-71 -284q139 95 252.5 304.5t160.5 541.5l4 32q48 346 -5.5 548t-169.5 298l84 159h6q194 -76 311.5 -355t65.5 -652l-4 -28q-55 -389 -247.5 -659.5t-412.5 -348.5l-6 1z" />
<glyph unicode="*" horiz-adv-x="843" d="M60 731l82 175l232 -72l45 248h182l-23 -258l240 73l29 -177l-243 -85l101 -205l-166 -109l-122 204l-180 -195l-135 105l171 214z" />
<glyph unicode="+" horiz-adv-x="1094" d="M46 537l43 289h342l57 380h315l-57 -380h341l-43 -289h-342l-58 -391h-315l58 391h-341z" />
<glyph unicode="," horiz-adv-x="590" d="M-58 -326l119 327l40 263h326l-41 -272l-211 -318h-233z" />
<glyph unicode="-" horiz-adv-x="875" d="M130 497l39 261h589l-39 -261h-589z" />
<glyph unicode="." horiz-adv-x="619" d="M56 0l43 284h337l-43 -284h-337z" />
<glyph unicode="/" horiz-adv-x="811" d="M-128 -125l734 1581h341l-734 -1581h-341z" />
<glyph unicode="0" d="M86 535l58 386q40 271 198.5 413.5t391.5 142.5q220 0 341 -149t83 -407l-58 -386q-41 -272 -199.5 -414t-389.5 -142q-221 0 -342.5 148.5t-82.5 407.5zM420 514q-22 -141 12.5 -208t117.5 -67q77 0 133.5 70t76.5 205l65 430q20 138 -14.5 205.5t-115.5 67.5 q-78 0 -134.5 -71t-75.5 -202z" />
<glyph unicode="1" d="M303 1167l39 258l639 52l-222 -1477h-338l175 1167h-293z" />
<glyph unicode="2" d="M26 0l31 220l517 492q104 102 157 181.5t62 139.5q11 88 -20 136t-115 48q-75 0 -129.5 -65t-68.5 -164h-330l-2 6q25 210 180.5 346.5t386.5 136.5q230 0 347.5 -119t89.5 -322q-21 -144 -103 -243.5t-311 -315.5l-208 -211l3 -6h561l-36 -260h-1012z" />
<glyph unicode="3" d="M57 398l2 6h330q-12 -74 30 -119.5t119 -45.5q88 0 155.5 51t78.5 125q16 110 -31 156.5t-150 46.5h-160l22 149l15 102h160q88 0 146 49.5t71 135.5q10 70 -32.5 116.5t-127.5 46.5q-62 0 -113.5 -38t-60.5 -98h-327l-2 6q22 181 178.5 285.5t363.5 104.5 q229 0 358.5 -109.5t100.5 -306.5q-16 -104 -87.5 -186.5t-182.5 -128.5q109 -44 161 -130.5t34 -207.5q-32 -208 -199.5 -318.5t-409.5 -110.5q-199 0 -338.5 108t-103.5 311z" />
<glyph unicode="4" d="M34 307l11 208l739 938l1 3h338l-133 -887h147l-39 -262h-147l-46 -307h-338l46 307h-579zM348 574l2 -5h302l68 452l-6 2l-48 -75z" />
<glyph unicode="5" d="M68 378l2 5l335 21q-13 -80 28.5 -122.5t123.5 -42.5q90 0 137.5 58t64.5 170q18 124 -14.5 191t-125.5 67q-65 0 -112.5 -29.5t-69.5 -72.5l-300 17l206 816h853l-39 -262h-579l-82 -303q45 29 111 47t142 20q204 4 293.5 -124.5t54.5 -364.5q-33 -218 -174 -354 t-405 -136q-201 0 -341.5 110.5t-108.5 288.5z" />
<glyph unicode="6" d="M79 566l44 293q44 299 237 458.5t465 159.5q81 0 146.5 -15t140.5 -46l-93 -246q-67 22 -116.5 32t-115.5 10q-120 0 -211 -89.5t-116 -261.5l-2 -10q64 54 147.5 82.5t185.5 28.5q179 0 265 -137.5t54 -352.5q-34 -223 -195.5 -358t-388.5 -135q-231 0 -359.5 158.5 t-87.5 428.5zM416 566q-25 -165 14.5 -246t134.5 -81q73 0 132.5 68t74.5 165q17 114 -19.5 173t-112.5 59q-70 0 -124.5 -20t-90.5 -56z" />
<glyph unicode="7" d="M157 1196l39 260h1053l-39 -260q-271 -264 -390 -486.5t-163 -518.5l-29 -191h-338l29 191q45 303 184.5 539t382.5 466h-729z" />
<glyph unicode="8" d="M54 410q17 121 100.5 211t213.5 139q-90 50 -134.5 131t-28.5 184q30 200 179 301t369 101q202 0 318.5 -105t88.5 -297q-17 -110 -81.5 -192t-165.5 -129q107 -52 162 -141t39 -203q-32 -212 -192.5 -321.5t-391.5 -109.5q-227 0 -367 115t-109 316zM395 428 q-14 -90 35.5 -139.5t138.5 -49.5q76 0 136 51.5t73 137.5q13 91 -30.5 144t-122.5 53q-83 0 -150 -55.5t-80 -141.5zM542 1057q-13 -82 20.5 -127t103.5 -45q57 0 100 47t55 125q11 79 -17 119.5t-90 40.5q-67 0 -114.5 -42t-57.5 -118z" />
<glyph unicode="9" d="M145 967q33 224 196 367t390 143q213 0 336 -155t83 -421l-55 -366q-40 -262 -215.5 -409t-414.5 -147q-71 0 -151 17t-148 46l94 241q60 -23 116 -33.5t128 -10.5q88 0 160 73t91 200l11 79q-57 -58 -126.5 -87t-143.5 -29q-191 0 -287.5 135t-63.5 357zM482 967 q-18 -116 13.5 -182.5t111.5 -66.5q56 0 105 22.5t86 61.5l24 161q19 129 -18 191.5t-113 62.5t-135.5 -75.5t-73.5 -174.5z" />
<glyph unicode=":" horiz-adv-x="613" d="M56 0l43 284h337l-43 -284h-337zM187 876l43 284h337l-43 -284h-337z" />
<glyph unicode=";" horiz-adv-x="579" d="M188 876l43 284h337l-43 -284h-337zM-7 -326l119 327l40 263h326l-41 -272l-211 -318h-233z" />
<glyph unicode="&#x3c;" horiz-adv-x="1044" d="M28 410l14 98l25 168l938 360l-45 -306l-581 -186v-6l525 -181l-46 -307z" />
<glyph unicode="=" horiz-adv-x="1195" d="M92 293l39 260h926l-39 -260h-926zM158 732l39 260h926l-39 -260h-926z" />
<glyph unicode="&#x3e;" horiz-adv-x="1050" d="M38 48l46 306l575 186v6l-519 182l46 306l825 -360l-25 -169h-1l-14 -97z" />
<glyph unicode="?" horiz-adv-x="1043" d="M97 1060q29 208 180 312.5t373 104.5q229 0 351.5 -121t92.5 -323q-20 -130 -108.5 -232t-214.5 -163q-71 -42 -101 -90.5t-42 -131.5h-338q22 139 82 209t203 161q73 42 120.5 104t60.5 143q12 86 -24.5 135t-120.5 49q-65 0 -117.5 -41.5t-66.5 -121.5h-329zM229 0 l41 270h336l-41 -270h-336z" />
<glyph unicode="@" horiz-adv-x="1809" d="M35 478q81 429 359.5 680.5t676.5 251.5q376 0 554.5 -240.5t101.5 -649.5q-42 -220 -189 -380.5t-391 -160.5q-79 0 -131 46t-65 129q-54 -86 -123.5 -128.5t-153.5 -42.5q-143 0 -206.5 119.5t-14.5 313.5q64 251 207 402t315 151q116 0 189.5 -27t150.5 -79l-4 -4h6 l-136 -566q-18 -87 -6.5 -119.5t39.5 -32.5q107 0 193.5 108.5t118.5 270.5q66 339 -54 528.5t-431 189.5q-291 0 -505.5 -206t-281.5 -554q-68 -343 63.5 -542t433.5 -199q80 0 175.5 19t164.5 46l13 -166q-73 -42 -180 -65.5t-206 -23.5q-388 0 -575.5 251.5t-107.5 679.5 zM692 234.5q17 -61.5 77 -61.5q52 0 99.5 30t92.5 110l109 453q-21 5 -41.5 8.5t-42.5 3.5q-100 0 -170 -91.5t-115 -270.5q-26 -120 -9 -181.5z" />
<glyph unicode="A" horiz-adv-x="1307" d="M-75 0l693 1456h181v-1l1 1h181l258 -1456h-356l-43 283h-432l-127 -283h-356zM524 543h277l-67 451l-6 1z" />
<glyph unicode="B" horiz-adv-x="1306" d="M36 0l218 1456h477q261 0 402 -102q117 -84 117 -234q0 -31 -5 -64q-16 -107 -75 -187t-166 -120q124 -27 172 -115q36 -66 37 -148q0 -27 -4 -55q-34 -220 -190.5 -325.5t-427.5 -105.5h-555zM413 260h217q104 0 166.5 43.5t75.5 129.5q3 24 3 45q1 63 -29 98 q-40 46 -149 49h-11h-219zM501 849h133q117 0 186 43t82 126q3 21 3 39q0 66 -40 98q-51 41 -173 41h-139z" />
<glyph unicode="C" horiz-adv-x="1307" d="M95 576l46 304q41 276 221.5 436.5t442.5 160.5q267 0 403 -130q106 -101 106 -269q0 -49 -9 -105l-3 -6h-330q6 41 6 76q0 81 -33 119q-47 56 -179 55q-109 0 -187 -92.5t-100 -242.5l-46 -306q-7 -49 -8 -91q-1 -95 37 -157q54 -90 180 -89q111 0 174 59t83 193h328 l2 -6q-35 -259 -196 -382.5t-430 -123.5q-260 0 -404 167q-113 131 -113 320q0 53 9 110z" />
<glyph unicode="D" horiz-adv-x="1338" d="M36 0l218 1456h533q247 0 399 -169q122 -135 123 -328q0 -48 -8 -100l-39 -262q-42 -273 -237.5 -435t-455.5 -162h-533zM413 260h195q110 0 201 95t114 242l39 264q6 41 6 78q0 100 -44 166q-60 91 -176 91h-195z" />
<glyph unicode="E" horiz-adv-x="1143" d="M36 0l218 1456h954l-39 -260h-616l-47 -313h513l-39 -260h-513l-54 -363h615l-39 -260h-953z" />
<glyph unicode="F" horiz-adv-x="1143" d="M36 0l218 1456h973l-39 -260h-635l-53 -350h534l-39 -260h-534l-87 -586h-338z" />
<glyph unicode="G" horiz-adv-x="1353" d="M94 576l46 304q41 274 228.5 435.5t449.5 161.5q268 0 397 -126q100 -98 100 -248q0 -44 -8 -91l-2 -6h-318q4 28 4 51q0 72 -37 110q-48 50 -164 50q-114 0 -202.5 -94t-110.5 -241l-46 -306q-7 -46 -7 -86q0 -97 41 -161q58 -90 188 -90q89 0 147.5 15t91.5 40l39 260 h-258l34 224h596l-87 -577q-89 -92 -236.5 -157t-365.5 -65q-260 0 -410 167q-118 133 -118 324q0 51 8 106z" />
<glyph unicode="H" horiz-adv-x="1446" d="M36 0l218 1456h338l-92 -610h539l92 610h337l-218 -1456h-337l87 586h-539l-87 -586h-338z" />
<glyph unicode="I" horiz-adv-x="611" d="M57 0l218 1456h337l-218 -1456h-337z" />
<glyph unicode="J" horiz-adv-x="1144" d="M1 440l2 6h331q-5 -30 -5 -55q0 -70 35 -105q46 -47 134 -47q63 0 115.5 61t68.5 167l148 989h338l-148 -989q-35 -231 -189.5 -359.5t-371.5 -128.5q-237 0 -367 119q-100 93 -100 247q0 45 9 95z" />
<glyph unicode="K" horiz-adv-x="1269" d="M38 0l218 1456h338l-87 -576h91l346 576h446l-527 -721l328 -735h-390l-243 578h-96l-86 -578h-338z" />
<glyph unicode="L" horiz-adv-x="1144" d="M36 0l218 1456h338l-179 -1196h625l-39 -260h-963z" />
<glyph unicode="M" horiz-adv-x="1783" d="M36 0l218 1456h443l173 -1018l6 -1l482 1019h447l-218 -1456h-338l140 937l-6 1l-461 -938h-227l-177 924h-6l-138 -924h-338z" />
<glyph unicode="N" horiz-adv-x="1446" d="M36 0l218 1456h338l396 -915l6 1l137 914h337l-218 -1456h-337l-397 916l-6 -1l-136 -915h-338z" />
<glyph unicode="O" horiz-adv-x="1416" d="M99 597l39 262q41 278 236.5 448t475.5 170q264 -1 414 -177q119 -140 119 -335q0 -51 -8 -106l-39 -262q-43 -280 -237 -449t-472 -169q-265 1 -417 177q-119 139 -120 332q0 53 9 109zM436 597q-7 -49 -8 -92q0 -101 42 -169q58 -97 196 -97q128 0 218.5 101t114.5 257 l39 264q7 47 7 89q0 101 -41 170q-58 97 -193 97q-132 0 -222.5 -100.5t-113.5 -255.5z" />
<glyph unicode="P" horiz-adv-x="1306" d="M36 0l218 1456h556q249 0 386 -134q112 -109 112 -269q0 -36 -6 -76q-34 -223 -203.5 -350.5t-431.5 -127.5h-219l-74 -499h-338zM487 759h219q106 0 175 61.5t83 154.5q3 23 3 43q0 72 -37 118q-48 60 -159 60h-218z" />
<glyph unicode="Q" horiz-adv-x="1447" d="M99 597l39 262q41 278 236.5 448t475.5 170q264 0 414 -177q119 -140 119 -335q0 -51 -8 -106l-39 -262q-18 -110 -60 -205.5t-106 -171.5l182 -218l-242 -167l-176 207q-70 -31 -147.5 -47t-159.5 -16q-266 0 -417 177q-120 138 -120 332q0 53 9 109zM436 597 q-7 -49 -7 -92q0 -101 41 -169q58 -97 196 -97q128 0 218.5 101t114.5 257l39 264q7 47 7 89q0 101 -41 170q-58 97 -193 97q-132 0 -222.5 -100.5t-113.5 -255.5z" />
<glyph unicode="R" horiz-adv-x="1306" d="M36 0l218 1456h507q244 0 379 -118q110 -97 111 -249q0 -34 -6 -70q-19 -118 -90 -198t-196 -129q123 -38 171 -128q34 -65 35 -151q0 -32 -5 -67l-14 -92q-5 -34 -5 -73q1 -28 3 -58q6 -72 43 -103l-3 -20h-349q-35 31 -36 108v13q0 70 10 135l14 88q4 28 4 52 q0 70 -34 109q-46 53 -154 53h-182l-83 -558h-338zM496 818h172q98 0 160.5 47t76.5 133q3 20 3 38q0 65 -37 107q-47 53 -149 53h-169z" />
<glyph unicode="S" horiz-adv-x="1267" d="M92 425l2 6h328q-3 -20 -3 -37q-1 -78 61 -112q76 -42 184 -43q74 0 134.5 35.5t68.5 88.5q3 18 3 34q0 65 -41 99q-51 44 -198 98q-259 85 -388 202q-107 97 -107 235q0 29 5 60q27 179 188.5 282.5t389.5 103.5q248 0 389 -119q112 -95 112 -246q0 -39 -7 -81l-2 -6 h-329q2 15 2 29q0 66 -46 110q-56 53 -158 53q-74 0 -133 -36t-67 -88q-2 -14 -2 -27q0 -61 47 -94q57 -40 242 -105q236 -77 351 -195q92 -95 93 -236q0 -34 -6 -71q-29 -187 -187.5 -286.5t-392.5 -99.5q-241 0 -407 109q-134 88 -134 253q0 40 8 84z" />
<glyph unicode="T" horiz-adv-x="1150" d="M127 1196l39 260h1101l-39 -260h-385l-179 -1196h-338l179 1196h-378z" />
<glyph unicode="U" horiz-adv-x="1417" d="M104 512l141 944h339l-141 -944q-6 -38 -6 -70q-1 -88 43 -136q60 -66 186 -67q119 0 199.5 69t101.5 204l141 944h339l-141 -944q-40 -260 -224.5 -396.5t-454.5 -136.5q-259 0 -410 143q-121 114 -121 295q0 45 8 95z" />
<glyph unicode="V" horiz-adv-x="1307" d="M138 1456h353l126 -1061l2 -53l6 -1l18 50l448 1065h354l-690 -1456h-365z" />
<glyph unicode="W" horiz-adv-x="1825" d="M150 1456h343l34 -945l6 -1l389 946h255l106 -943l6 -1l318 944h342l-552 -1456h-318l-110 899l-6 1l-378 -900h-318z" />
<glyph unicode="X" horiz-adv-x="1307" d="M-66 0l538 734l-309 722h387l161 -484l6 -1l309 485h390l-525 -722l339 -734h-410l-173 501l-323 -501h-390z" />
<glyph unicode="Y" horiz-adv-x="1307" d="M133 1456h366l193 -637l6 -1l386 638h366l-636 -944l-76 -512h-337l79 528z" />
<glyph unicode="Z" horiz-adv-x="1160" d="M-6 152l713 1044h-534l39 260h972l-21 -146l-718 -1050h631l-39 -260h-1022z" />
<glyph unicode="[" horiz-adv-x="577" d="M-16 -349l288 2055h456l-35 -246h-118l-219 -1564h118l-34 -245h-456z" />
<glyph unicode="\" horiz-adv-x="871" d="M122 1456h338l371 -1581h-339z" />
<glyph unicode="]" horiz-adv-x="577" d="M-110 -349l34 245h119l219 1564h-119l35 246h456l-288 -2055h-456z" />
<glyph unicode="^" horiz-adv-x="916" d="M65 729l408 727h249l191 -727h-254l-103 413l-1 17l-6 1l-7 -18l-224 -413h-253z" />
<glyph unicode="_" horiz-adv-x="904" d="M-118 -251l38 251h903l-38 -251h-903z" />
<glyph unicode="`" horiz-adv-x="695" d="M177 1512l3 6h370l170 -266h-297z" />
<glyph unicode="a" horiz-adv-x="1086" d="M-2 305q25 167 157 251.5t381 84.5h139l12 77q3 19 3 36q0 46 -20 72q-27 36 -96 35q-57 0 -91 -28t-42 -85l-328 1l-1 6q17 154 160.5 250.5t359.5 96.5q194 0 307 -101q91 -81 91 -215q0 -33 -6 -70l-61 -408q-11 -69 -11 -128v-32q4 -72 23 -148l-334 1 q-13 34 -20.5 77t-7.5 90q-57 -86 -129 -137.5t-176 -51.5q-164 1 -248 89q-67 70 -67 178q0 28 5 59zM338 323q-1 -10 -2 -19q0 -34 22 -56q28 -28 78 -28q59 0 112.5 29.5t78.5 69.5l21 142h-136q-77 0 -121 -39.5t-53 -98.5z" />
<glyph unicode="b" horiz-adv-x="1151" d="M16 0l234 1560h338l-88 -583q54 60 118.5 92.5t142.5 32.5q201 0 288 -154q61 -108 62 -266q0 -67 -12 -143l-3 -21q-39 -256 -165 -397.5t-336 -141.5q-86 0 -146 39.5t-97 114.5l-41 -133h-295zM400 307q18 -34 55.5 -51t93.5 -17q96 0 142 71t68 208l3 21 q11 71 11 126q0 60 -13 100q-24 77 -123 77q-54 0 -96.5 -21.5t-73.5 -61.5z" />
<glyph unicode="c" horiz-adv-x="1048" d="M44 529l4 23q37 253 191.5 401.5t402.5 148.5q198 0 308 -116q84 -89 85 -226q0 -41 -8 -87l-2 -5h-309q4 24 4 46q0 49 -20 81q-28 47 -97 47q-94 0 -146.5 -80t-71.5 -210l-4 -23q-9 -62 -9 -111q0 -62 15 -104q27 -75 128 -75q66 0 107 38t52 108h307l2 -6 q-24 -184 -165.5 -292t-341.5 -108q-237 1 -353 155q-88 117 -88 283q0 54 9 112z" />
<glyph unicode="d" horiz-adv-x="1151" d="M49 518l3 21q39 262 171 412.5t335 150.5q73 0 129 -36.5t94 -104.5l90 599h338l-234 -1560h-296l-3 131q-59 -73 -131.5 -112.5t-156.5 -39.5q-192 0 -284 150q-66 107 -66 259q0 61 11 130zM387 518q-9 -59 -9 -106q0 -62 16 -102q28 -72 119 -71q51 0 95 20.5t76 59.5 l66 434q-19 43 -56 66t-89 23q-86 0 -140.5 -84.5t-74.5 -218.5z" />
<glyph unicode="e" horiz-adv-x="1070" d="M47 505l5 38q38 257 192 409q152 151 401 150h3q210 0 315 -132q80 -101 80 -256q0 -49 -8 -102l-27 -177h-621l-2 -6v-16q0 -77 42 -123q47 -51 151 -51q93 0 163 16.5t156 50.5l50 -206q-77 -51 -200.5 -86t-253.5 -35q-236 1 -358 151q-95 118 -95 280q0 46 7 95z M417 652l2 -6h291l4 26q5 31 5 56q1 46 -15 72q-24 42 -95 42q-78 0 -124.5 -51.5t-67.5 -138.5z" />
<glyph unicode="f" horiz-adv-x="734" d="M60 848l35 234h156l17 112q29 194 154.5 290.5t332.5 96.5q37 0 77.5 -6t86.5 -15l-62 -249q-27 5 -48 7.5t-51 2.5q-62 0 -102.5 -33.5t-48.5 -93.5l-17 -112h214l-35 -234h-214l-127 -848h-339l127 848h-156z" />
<glyph unicode="g" horiz-adv-x="1151" d="M19 -352l96 250q68 -32 132 -47.5t150 -15.5q104 0 165 43.5t75 135.5l12 83q-55 -58 -120 -88t-142 -30q-192 0 -284 150q-66 107 -66 259q0 61 11 130l3 21q39 262 171 412.5t335 150.5q83 0 141.5 -42t95.5 -119l44 141h298l-160 -1070q-34 -222 -196 -335.5 t-422 -113.5q-81 0 -172 23t-167 62zM385 518q-9 -59 -9 -106q0 -61 16 -102q27 -71 120 -71q54 0 96.5 18t72.5 54l68 451q-19 39 -55 59.5t-90 20.5q-86 0 -141 -84.5t-75 -218.5z" />
<glyph unicode="h" horiz-adv-x="1151" d="M6 0l234 1560h338l-91 -605q60 71 135.5 109t161.5 38q162 0 244 -118q56 -82 56 -222q0 -64 -12 -140l-93 -622h-338l94 624q8 55 8 94q-1 54 -15 80q-24 44 -90 44q-56 0 -100 -17.5t-78 -49.5l-116 -775h-338z" />
<glyph unicode="i" horiz-adv-x="561" d="M31 0l162 1082h339l-162 -1082h-339zM231 1333l34 227h339l-34 -227h-339z" />
<glyph unicode="j" horiz-adv-x="548" d="M-258 -420l52 255q28 -6 48 -9t51 -3q55 0 91.5 41.5t48.5 120.5l164 1097h339l-164 -1097q-32 -210 -155.5 -316t-318.5 -106q-42 0 -79 4t-77 13zM229 1334l34 226h339l-34 -226h-339z" />
<glyph unicode="k" horiz-adv-x="1119" d="M16 0l234 1560h338l-132 -875h49l287 397h380l2 -5l-400 -483l298 -594h-385l-208 430h-61l-64 -430h-338z" />
<glyph unicode="l" horiz-adv-x="561" d="M31 0l234 1560h339l-234 -1560h-339z" />
<glyph unicode="m" horiz-adv-x="1764" d="M16 0l162 1082h318l-9 -138q62 76 145.5 117t184.5 41q96 0 163 -43.5t92 -132.5q62 85 148 130.5t193 45.5q153 0 229 -114q52 -79 52 -214q0 -62 -11 -135l-96 -639h-339l96 639q7 50 7 86q-1 52 -15 76q-26 41 -92 41q-48 0 -88.5 -18.5t-71.5 -50.5l-6 -51l-108 -722 h-338l96 639q7 50 7 86q-1 52 -15 76q-26 41 -93 41q-44 0 -84 -18t-73 -50l-116 -774h-338z" />
<glyph unicode="n" horiz-adv-x="1151" d="M10 0l162 1082h317l-9 -147q65 80 149.5 123.5t180.5 43.5q153 0 229 -109q53 -75 52 -210q0 -60 -10 -132l-98 -651h-338l98 652q6 40 6 71q-1 51 -17 77q-26 42 -90 42q-53 0 -99 -20t-81 -55l-115 -767h-337z" />
<glyph unicode="o" horiz-adv-x="1151" d="M51 530l3 21q37 253 196 402t409 149q237 0 357 -155q92 -120 93 -291q0 -50 -8 -105l-3 -21q-39 -254 -197.5 -402.5t-407.5 -148.5q-239 1 -359 155q-92 118 -92 287q0 52 9 109zM389 530q-9 -58 -9 -105q0 -67 18 -111q31 -75 134 -75q95 0 151.5 79t77.5 212l3 21 q8 53 8 98q0 69 -19 115q-31 78 -133 78q-96 0 -153 -81t-75 -210z" />
<glyph unicode="p" horiz-adv-x="1151" d="M-46 -416l224 1498h319l-7 -118q55 66 122.5 102t148.5 36q193 0 284 -156q65 -112 65 -270q0 -65 -11 -137l-3 -21q-39 -253 -169 -396t-332 -143q-77 0 -133 31.5t-93 92.5l-77 -519h-338zM400 308q19 -35 56.5 -52t94.5 -17q86 0 136.5 74.5t71.5 204.5l3 21 q8 59 8 108q0 67 -16 114q-27 81 -115 81q-55 0 -98 -22t-74 -64z" />
<glyph unicode="q" horiz-adv-x="1151" d="M49 518l3 21q39 262 171 412.5t335 150.5q82 0 141 -41.5t96 -118.5l48 140h295l-224 -1498h-338l77 516q-56 -59 -121.5 -90t-143.5 -31q-192 0 -284 150q-66 107 -66 259q0 61 11 130zM387 518q-9 -59 -9 -106q0 -61 16 -102q27 -71 119 -71q55 0 98 18.5t74 55.5 l67 447q-19 40 -55.5 61t-91.5 21q-86 0 -140.5 -84.5t-74.5 -218.5z" />
<glyph unicode="r" horiz-adv-x="722" d="M16 0l162 1082h318l-11 -148l5 -3q42 82 104 126.5t138 44.5q22 0 40.5 -3t37.5 -9l-77 -296l-110 1q-56 0 -97 -22.5t-66 -62.5l-106 -710h-338z" />
<glyph unicode="s" horiz-adv-x="1048" d="M15 341l2 6h306q-2 -14 -1 -27q0 -56 32 -84q40 -34 121 -34q66 0 106 27t47 75q1 5 1 9q-1 36 -37 63q-40 31 -158 56q-184 36 -269 114q-69 63 -69 166q0 23 3 48q20 148 153 245t340 97q208 0 326 -98q97 -80 97 -195q0 -26 -5 -53l-2 -6h-329q2 16 2 30q-1 43 -21 68 q-28 32 -100 32q-52 0 -93 -29t-46 -74q-1 -7 -1 -13q0 -34 32 -60q38 -30 160 -54q193 -38 277 -116q69 -63 69 -170q0 -24 -4 -50q-22 -152 -162.5 -243.5t-356.5 -91.5q-211 0 -328 113q-96 93 -96 202q0 23 4 47z" />
<glyph unicode="t" horiz-adv-x="723" d="M42 848l35 234h151l41 269h338l-41 -269h171l-35 -234h-171l-74 -496q-3 -21 -3 -37q0 -32 12 -48q20 -24 61 -24q25 0 42 2t41 8l-15 -250q-52 -13 -94 -18.5t-98 -5.5q-161 0 -237 90q-55 65 -55 183q0 45 8 98l74 498h-151z" />
<glyph unicode="u" horiz-adv-x="1151" d="M77 462l93 620h337l-93 -622q-9 -58 -9 -99q1 -51 15 -77q26 -44 94 -45q53 0 97 16t77 47l117 780h338l-162 -1082h-272l-16 157q-62 -87 -145 -132.5t-184 -45.5q-162 0 -243 119q-56 82 -56 223q0 64 12 141z" />
<glyph unicode="v" horiz-adv-x="1053" d="M82 1082h356l50 -636l3 -115l6 -1l39 116l238 636h355l-514 -1082h-343z" />
<glyph unicode="w" horiz-adv-x="1485" d="M103 1082h322l17 -608l6 -1l268 609h213l87 -605h6l198 605h322l-416 -1082h-286l-92 554l-6 1l-261 -555h-285z" />
<glyph unicode="x" horiz-adv-x="1053" d="M-75 0l407 547l-235 535h377l84 -318l6 -1l185 319h379l-394 -535l243 -547h-379l-95 329h-6l-193 -329h-379z" />
<glyph unicode="y" horiz-adv-x="1053" d="M-52 -411l78 241q12 -3 19.5 -4.5t18.5 -1.5q76 0 118.5 24t67.5 70l37 70l-210 1094h359l71 -605v-5l6 -2l270 612h360l-617 -1243q-67 -120 -158.5 -198t-263.5 -78q-42 0 -71 6t-85 20z" />
<glyph unicode="z" horiz-adv-x="1053" d="M-15 0l28 188l571 629l-2 5h-453l39 260h888l-27 -182l-573 -635l2 -5h485l-39 -260h-919z" />
<glyph unicode="{" horiz-adv-x="665" d="M36 505l8 61l23 166q79 0 127.5 52t62.5 145l28 203q24 177 122.5 293.5t303.5 171.5l38 -176q-77 -29 -116.5 -103t-55.5 -186l-28 -203q-16 -109 -73 -189t-158 -124q85 -47 121 -127.5t23 -179.5l-28 -203q-17 -116 2 -187.5t88 -101.5l-87 -177q-188 55 -254 175 t-41 291l28 203q13 96 -19 146t-115 50z" />
<glyph unicode="|" horiz-adv-x="523" d="M22 -270l258 1726h246l-258 -1726h-246z" />
<glyph unicode="}" horiz-adv-x="665" d="M-60 -183q76 29 116 103t56 186l28 203q14 108 71.5 188t159.5 125q-86 46 -122 126t-22 181l28 203q16 115 -3 187t-87 102l88 176q186 -55 252 -174.5t42 -290.5l-28 -203q-14 -97 18 -147t116 -50l-9 -61h1l-23 -166q-80 0 -128.5 -52.5t-61.5 -143.5l-28 -203 q-25 -177 -123.5 -294t-301.5 -172z" />
<glyph unicode="~" horiz-adv-x="1295" d="M80 435q25 182 127 291.5t242 109.5q78 0 150.5 -33t134.5 -96q38 -43 68.5 -61t69.5 -18q42 0 81 50.5t49 121.5l228 -31q-26 -181 -129.5 -291.5t-242.5 -110.5q-80 0 -148.5 31t-132.5 99q-41 43 -71 61t-71 18q-42 0 -80.5 -50.5t-47.5 -120.5z" />
<glyph unicode="&#xa2;" horiz-adv-x="1210" d="M44 529l4 23q35 240 177 387t371 161l33 218h200l-36 -237q131 -41 196.5 -148t42.5 -265h-316q12 80 -15.5 127t-97.5 47q-94 0 -146.5 -80t-71.5 -210l-4 -23q-21 -141 6 -215.5t128 -74.5q66 0 107 38t52 108h308l3 -6q-20 -146 -115.5 -245.5t-239.5 -135.5l-36 -243 h-200l34 226q-214 17 -316 168.5t-68 379.5z" />
<glyph unicode="&#xa3;" horiz-adv-x="1227" d="M86 0l39 260h10q49 12 83 86.5t47 156.5l8 72h-164l39 261h154l21 185q32 221 173.5 338.5t353.5 117.5q214 0 323 -116t77 -303l-3 -6h-330q13 89 -18 127t-89 38q-55 0 -95.5 -51.5t-53.5 -144.5l-19 -185h325l-39 -261h-311l-5 -51q-12 -76 -55.5 -143.5 t-114.5 -120.5h689l-39 -260h-1006z" />
<glyph unicode="&#xa5;" horiz-adv-x="1258" d="M96 269l28 183h323l15 106h-322l27 184h249l-260 714h367l157 -578l6 -1l330 579h366l-473 -714h213l-27 -184h-296l-15 -106h295l-28 -183h-295l-40 -269h-337l40 269h-323z" />
<glyph unicode="&#xa9;" horiz-adv-x="1608" d="M114 729q49 327 285.5 537t536.5 210q283 0 464 -218t134 -529q-49 -328 -286.5 -539t-535.5 -211q-284 0 -464.5 218.5t-133.5 531.5zM236 729q-41 -274 103 -449.5t392 -175.5q235 0 437.5 182t242.5 443q41 273 -102.5 447.5t-390.5 174.5q-237 0 -440 -181t-242 -441 zM452 669l18 119q26 179 135.5 283t271.5 104q152 0 231 -80.5t53 -228.5l-2 -5h-149q14 97 -24 138t-129 41t-153.5 -69.5t-78.5 -181.5l-18 -120q-18 -119 22 -185.5t135 -66.5q87 0 139 42t66 137h147l2 -6q-19 -156 -117.5 -232t-257.5 -76q-154 0 -235.5 107.5 t-55.5 279.5z" />
<glyph unicode="&#xad;" horiz-adv-x="875" d="M130 497l39 261h589l-39 -261h-589z" />
<glyph unicode="&#xae;" horiz-adv-x="1608" d="M114 729q49 327 285.5 537t536.5 210q283 0 464 -218t134 -529q-49 -328 -286.5 -539t-535.5 -211q-284 0 -464.5 218.5t-133.5 531.5zM236 729q-41 -274 103 -449.5t392 -175.5q235 0 437.5 182t242.5 443q41 273 -102.5 447.5t-390.5 174.5q-237 0 -440 -181t-242 -441 zM467 316l128 850h281q145 0 224 -69.5t61 -194.5q-9 -59 -43 -101.5t-91 -70.5q49 -32 66 -87t7 -128l-8 -56q-7 -43 -8 -74.5t6 -52.5l-3 -16h-155q-5 21 -1.5 59t10.5 85l8 54q11 74 -17 106.5t-105 32.5h-158l-51 -337h-151zM689 787h128q72 0 129 30.5t65 85.5 q11 75 -22.5 102.5t-132.5 27.5h-130z" />
<glyph unicode="&#xb4;" horiz-adv-x="762" d="M212 1257l239 261h370l2 -6l-318 -260h-291z" />
<glyph unicode="&#x2000;" horiz-adv-x="853" />
<glyph unicode="&#x2001;" horiz-adv-x="1706" />
<glyph unicode="&#x2002;" horiz-adv-x="853" />
<glyph unicode="&#x2003;" horiz-adv-x="1706" />
<glyph unicode="&#x2004;" horiz-adv-x="568" />
<glyph unicode="&#x2005;" horiz-adv-x="426" />
<glyph unicode="&#x2006;" horiz-adv-x="284" />
<glyph unicode="&#x2007;" horiz-adv-x="284" />
<glyph unicode="&#x2008;" horiz-adv-x="213" />
<glyph unicode="&#x2009;" horiz-adv-x="341" />
<glyph unicode="&#x200a;" horiz-adv-x="94" />
<glyph unicode="&#x2010;" horiz-adv-x="875" d="M130 497l39 261h589l-39 -261h-589z" />
<glyph unicode="&#x2011;" horiz-adv-x="875" d="M130 497l39 261h589l-39 -261h-589z" />
<glyph unicode="&#x2012;" horiz-adv-x="875" d="M130 497l39 261h589l-39 -261h-589z" />
<glyph unicode="&#x2013;" horiz-adv-x="1412" d="M145.599 578l50.6992 264h1084.19l-50.6992 -264h-1084.19z" />
<glyph unicode="&#x2014;" horiz-adv-x="1675" d="M146.196 578l62.3994 264h1334.38l-62.3994 -264h-1334.38z" />
<glyph unicode="&#x2018;" horiz-adv-x="576" d="M199 912l44 295l139 249h167l-36 -243l-45 -301h-269z" />
<glyph unicode="&#x2019;" horiz-adv-x="577" d="M215 912l37 251l44 293h269l-44 -294l-139 -250h-167z" />
<glyph unicode="&#x201c;" horiz-adv-x="921" d="M177 912l44 295l139 249h167l-36 -243l-45 -301h-269zM505 912l44 295l139 249h167l-36 -243l-45 -301h-269z" />
<glyph unicode="&#x201d;" horiz-adv-x="932" d="M180 912l37 251l44 293h269l-44 -294l-139 -250h-167zM516 912l37 251l44 293h269l-44 -294l-139 -250h-167z" />
<glyph unicode="&#x2022;" horiz-adv-x="757" d="M160 706l16 107q16 110 94 175.5t194 65.5q113 0 173.5 -67.5t45.5 -173.5l-16 -107q-17 -111 -94 -174.5t-195 -63.5q-111 0 -172.5 66.5t-45.5 171.5z" />
<glyph unicode="&#x2026;" horiz-adv-x="1587" d="M56 0l43 284h337l-43 -284h-337zM499 0l43 284h337l-43 -284h-337zM919 0l43 284h337l-43 -284h-337z" />
<glyph unicode="&#x202f;" horiz-adv-x="341" />
<glyph unicode="&#x205f;" horiz-adv-x="426" />
<glyph unicode="&#x20ac;" horiz-adv-x="1130" d="M58 472l25 166h146l21 144h-146l25 166h146l2 13q36 244 210 380t428 136q58 0 116 -8t122 -23l-61 -264q-51 16 -105.5 25.5t-110.5 9.5q-101 0 -171.5 -67.5t-88.5 -186.5l-2 -15h396l-25 -166h-396l-22 -144h397l-25 -166h-396l-2 -14q-18 -116 31.5 -167.5 t158.5 -51.5q55 0 113.5 8.5t111.5 24.5l-18 -262q-60 -15 -122 -23t-124 -8q-242 0 -382.5 130.5t-107.5 348.5l2 14h-146z" />
<glyph unicode="&#x2122;" horiz-adv-x="1298" d="M213 1340l17 116h406l-17 -116h-121l-63 -423h-168l63 423h-117zM621 913l81 543h180l48 -347l6 -1l151 348h175l-81 -543h-147l36 242l-6 1l-119 -243h-83l-50 259h-6l-38 -259h-147z" />
<glyph unicode="&#x2212;" horiz-adv-x="1120" d="M142 578l39 264h834l-39 -264h-834z" />
<glyph unicode="&#xe000;" horiz-adv-x="1080" d="M0 1080h1080v-1080h-1080v1080z" />
</font>
</defs></svg>
Side by Side

After

Width:  |  Height:  |  Size: 27 KiB

BIN
app/webroot/css/fonts/roboto/Roboto-BlackItalic-webfont.ttf Executable file
View File

Binary file not shown.

BIN
app/webroot/css/fonts/roboto/Roboto-BlackItalic-webfont.woff Executable file
View File

Binary file not shown.

BIN
app/webroot/css/fonts/roboto/Roboto-Bold-webfont.eot Executable file
View File

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More