MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'develop' of github.com:MISP/MISP into develop

pull/7095/head
iglocska 2021-02-25 11:58:20 +01:00
parent b4e84726f1 fd3003da3a
commit 158304dd54
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
21 changed files with 303 additions and 324 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Controller/EventsController.php
View File

@ -767,7 +767,7 @@ class EventsController extends AppController
}
}
}
$events = $this->GalaxyCluster->attachClustersToEventIndex($this->Auth->user(), $events, false, false);
$events = $this->GalaxyCluster->attachClustersToEventIndex($this->Auth->user(), $events, false);
}
foreach ($events as $key => $event) {
if (empty($event['SharingGroup']['name'])) {
@ -830,7 +830,7 @@ class EventsController extends AppController
if (Configure::read('MISP.showDiscussionsCountOnIndex')) {
$events = $this->Event->attachDiscussionsCountToEvents($this->Auth->user(), $events);
}
$events = $this->GalaxyCluster->attachClustersToEventIndex($this->Auth->user(), $events, true, false);
$events = $this->GalaxyCluster->attachClustersToEventIndex($this->Auth->user(), $events, true);
if ($this->params['ext'] === 'csv') {
App::uses('CsvExport', 'Export');
@ -1479,7 +1479,7 @@ class EventsController extends AppController
$this->set('includeSightingdb', (!empty($filters['includeSightingdb']) && Configure::read('Plugin.Sightings_sighting_db_enable')));
$this->set('relatedEventCorrelationCount', $relatedEventCorrelationCount);
$this->set('oldest_timestamp', $oldest_timestamp);
$this->set('required_taxonomies', $this->Event->getRequiredTaxonomies());
$this->set('missingTaxonomies', $this->Event->missingTaxonomies($event));
$this->set('orgTable', $orgTable);
$this->set('currentUri', $attributeUri);
$this->set('filters', $filters);

72
app/Controller/TagsController.php
View File

@ -139,9 +139,6 @@ class TagsController extends AppController
public function add()
{
if (!$this->_isSiteAdmin() && !$this->userRole['perm_tag_editor']) {
throw new NotFoundException('You don\'t have permission to do that.');
}
if ($this->request->is('post')) {
if (!isset($this->request->data['Tag'])) {
$this->request->data = array('Tag' => $this->request->data);
@ -192,31 +189,22 @@ class TagsController extends AppController
} elseif ($this->_isRest()) {
return $this->RestResponse->describe('Tag', 'add', false, $this->response->type());
}
$this->loadModel('Organisation');
$temp = $this->Organisation->find('all', array(
$orgs = $this->Tag->Organisation->find('list', array(
'conditions' => array('local' => 1),
'fields' => array('id', 'name'),
'recursive' => -1
'order' => 'name',
));
$orgs = array(0 => 'Unrestricted');
if (!empty($temp)) {
foreach ($temp as $org) {
$orgs[$org['Organisation']['id']] = $org['Organisation']['name'];
}
}
$orgs = [0 => 'Unrestricted'] + $orgs;
$this->set('orgs', $orgs);
$users = array(0 => 'Unrestricted');
if ($this->_isSiteAdmin()) {
$temp = $this->Organisation->User->find('all', array(
$users = $this->Tag->User->find('list', array(
'conditions' => array('disabled' => 0),
'fields' => array('id', 'email'),
'recursive' => -1
'order' => 'email',
));
if (!empty($temp)) {
foreach ($temp as $user) {
$users[$user['User']['id']] = $user['User']['email'];
}
}
$users = [0 => 'Unrestricted'] + $users;
$this->set('users', $users);
}
}
@ -247,9 +235,6 @@ class TagsController extends AppController
throw new NotFoundException('Invalid tag');
}
}
if (!$this->_isSiteAdmin()) {
throw new NotFoundException('You don\'t have permission to do that.');
}
if ($this->request->is('post') || $this->request->is('put')) {
if (!isset($this->request->data['Tag'])) {
$this->request->data = array('Tag' => $this->request->data);
@ -280,41 +265,28 @@ class TagsController extends AppController
} elseif ($this->_isRest()) {
return $this->RestResponse->describe('Tag', 'edit', false, $this->response->type());
}
$this->loadModel('Organisation');
$temp = $this->Organisation->find('all', array(
$orgs = $this->Tag->Organisation->find('list', array(
'conditions' => array('local' => 1),
'fields' => array('id', 'name'),
'recursive' => -1
'order' => 'name',
));
$orgs = array(0 => 'Unrestricted');
if (!empty($temp)) {
foreach ($temp as $org) {
$orgs[$org['Organisation']['id']] = $org['Organisation']['name'];
}
}
$orgs = [0 => 'Unrestricted'] + $orgs;
$this->set('orgs', $orgs);
$users = array(0 => 'Unrestricted');
if ($this->_isSiteAdmin()) {
$temp = $this->Organisation->User->find('all', array(
'conditions' => array('disabled' => 0),
'fields' => array('id', 'email'),
'recursive' => -1
));
if (!empty($temp)) {
foreach ($temp as $user) {
$users[$user['User']['id']] = $user['User']['email'];
}
}
$this->set('users', $users);
}
$users = $this->Tag->User->find('list', array(
'conditions' => array('disabled' => 0),
'fields' => array('id', 'email'),
'order' => 'email',
));
$users = [0 => 'Unrestricted'] + $users;
$this->set('users', $users);
$this->request->data = $this->Tag->read(null, $id);
}
public function delete($id)
{
if (!$this->_isSiteAdmin()) {
throw new NotFoundException('You don\'t have permission to do that.');
}
if (!$this->request->is('post')) {
throw new MethodNotAllowedException();
}
@ -392,7 +364,7 @@ class TagsController extends AppController
$event = $this->Tag->EventTag->Event->massageTags($this->Auth->user(), $event, 'Event', false, true);
$this->set('tags', $event['EventTag']);
$this->set('required_taxonomies', $this->Tag->EventTag->Event->getRequiredTaxonomies());
$this->set('missingTaxonomies', $this->Tag->EventTag->Event->missingTaxonomies($event));
$tagConflicts = $this->Taxonomy->checkIfTagInconsistencies($event['EventTag']);
$this->set('tagConflicts', $tagConflicts);
$this->set('event', $event);

27
app/Controller/UsersController.php
View File

@ -922,23 +922,13 @@ class UsersController extends AppController
continue;
}
if ($field != 'password') {
array_push($fields, $field);
}
}
$fieldsOldValues = array();
foreach ($fields as $field) {
if ($field == 'enable_password') {
continue;
}
if ($field != 'confirm_password') {
$fieldsOldValues[$field] = $this->User->field($field);
} else {
$fieldsOldValues[$field] = $this->User->field('password');
$fields[] = $field;
}
}
if (
(!empty($this->request->data['User']['enable_password']) || $this->_isRest()) &&
!empty($this->request->data['User']['password'])
!empty($this->request->data['User']['password']) &&
$this->__canChangePassword()
) {
$fields[] = 'password';
if ($this->_isRest() && !isset($this->request->data['User']['confirm_password'])) {
@ -958,6 +948,12 @@ class UsersController extends AppController
}
}
$fields[] = 'date_modified'; // time will be inserted in `beforeSave` action
$fieldsOldValues = $this->User->find('first', [
'recursive' => -1,
'conditions' => ['id' => $id],
])['User'];
if ($this->User->save($this->request->data, true, $fields)) {
// newValues to array
$fieldsNewValues = array();
@ -967,7 +963,7 @@ class UsersController extends AppController
}
if ($field !== 'confirm_password') {
$newValue = $this->data['User'][$field];
if (gettype($newValue) == 'array') {
if (is_array($newValue)) {
$newValueStr = '';
$cP = 0;
foreach ($newValue as $newValuePart) {
@ -989,6 +985,9 @@ class UsersController extends AppController
// compare
$fieldsResult = array();
foreach ($fields as $field) {
if ($field === 'date_modified') {
continue;
}
if (isset($fieldsOldValues[$field]) && $fieldsOldValues[$field] != $fieldsNewValues[$field]) {
if ($field != 'confirm_password' && $field != 'enable_password') {
$fieldsResult[$field] = array($fieldsOldValues[$field], $fieldsNewValues[$field]);

61
app/Model/Event.php
View File

@ -7192,42 +7192,31 @@ class Event extends AppModel
return true;
}
public function getRequiredTaxonomies()
private function getRequiredTaxonomies()
{
$this->Taxonomy = ClassRegistry::init('Taxonomy');
$required_taxonomies = $this->Taxonomy->find('list', array(
'recursive' => -1,
return $this->Taxonomy->find('column', array(
'conditions' => array('Taxonomy.required' => 1, 'Taxonomy.enabled' => 1),
'fields' => array('Taxonomy.namespace')
));
return $required_taxonomies;
}
public function missingTaxonomies(array $event)
{
$requiredTaxonomies = $this->getRequiredTaxonomies();
return $this->checkMissingTaxonomies($requiredTaxonomies, $event['EventTag']);
}
public function checkIfPublishable($id)
{
$required_taxonomies = $this->getRequiredTaxonomies();
if (!empty($required_taxonomies)) {
$tags = $this->EventTag->find('all', array(
$requiredTaxonomies = $this->getRequiredTaxonomies();
if (!empty($requiredTaxonomies)) {
$eventTags = $this->EventTag->find('all', array(
'conditions' => array('EventTag.event_id' => $id),
'recursive' => -1,
'contain' => array('Tag')
'contain' => array('Tag' => ['fields' => ['name']])
));
$missing = array();
foreach ($required_taxonomies as $required_taxonomy) {
$found = false;
foreach ($tags as $tag) {
$name = explode(':', $tag['Tag']['name']);
if (count($name) > 1) {
if ($name[0] == $required_taxonomy) {
$found = true;
break;
}
}
}
if (!$found) {
$missing[] = $required_taxonomy;
}
}
$missing = $this->checkMissingTaxonomies($requiredTaxonomies, $eventTags);
if (!empty($missing)) {
return $missing;
}
@ -7235,6 +7224,30 @@ class Event extends AppModel
return true;
}
/**
* @param array $requiredTaxonomies
* @param array $eventTags
* @return array
*/
private function checkMissingTaxonomies(array $requiredTaxonomies, array $eventTags)
{
$missing = [];
foreach ($requiredTaxonomies as $requiredTaxonomy) {
$found = false;
foreach ($eventTags as $tag) {
$splits = $this->Taxonomy->splitTagToComponents($tag['Tag']['name']);
if ($splits !== null && $splits['namespace'] === $requiredTaxonomy) {
$found = true;
break;
}
}
if (!$found) {
$missing[] = $requiredTaxonomy;
}
}
return $missing;
}
public function harvestSubqueryElements($options)
{
$acceptedRules = array(

90
app/Model/GalaxyCluster.php
View File

@ -4,6 +4,7 @@ App::uses('TmpFileTool', 'Tools');
/**
* @property Tag $Tag
* @property GalaxyClusterRelation $GalaxyClusterRelation
*/
class GalaxyCluster extends AppModel
{
@ -918,7 +919,7 @@ class GalaxyCluster extends AppModel
$options = ['conditions' => $conditions];
if (!$fetchFullCluster) {
$options['contain'] = ['Galaxy'];
$options['contain'] = ['Galaxy', 'GalaxyElement'];
}
$clusters = $this->fetchGalaxyClusters($user, $options, $fetchFullCluster);
@ -967,7 +968,6 @@ class GalaxyCluster extends AppModel
return $conditions;
}
/**
* fetchGalaxyClusters Very flexible, it's basically a replacement for find, with the addition that it restricts access based on user
*
@ -988,7 +988,7 @@ class GalaxyCluster extends AppModel
'GalaxyElement',
'GalaxyClusterRelation' => array(
'conditions' => $this->GalaxyClusterRelation->buildConditions($user, false),
'GalaxyClusterRelationTag' => array('Tag'),
'GalaxyClusterRelationTag',
'SharingGroup',
),
'Orgc',
@ -1031,6 +1031,44 @@ class GalaxyCluster extends AppModel
if (empty($clusters)) {
return $clusters;
}
if ($full) {
$clusterIds = array_column(array_column($clusters, 'GalaxyCluster'), 'id');
$targetingClusterRelations = $this->TargetingClusterRelation->fetchRelations($user, array(
'contain' => array(
'GalaxyClusterRelationTag',
'SharingGroup',
),
'conditions' => array(
'TargetingClusterRelation.referenced_galaxy_cluster_id' => $clusterIds,
)
));
$tagsToFetch = Hash::extract($clusters, "{n}.GalaxyClusterRelation.{n}.GalaxyClusterRelationTag.{n}.tag_id");
$tagsToFetch = array_merge($tagsToFetch, Hash::extract($targetingClusterRelations, "GalaxyClusterRelationTag.{n}.tag_id"));
$tags = $this->GalaxyClusterRelation->GalaxyClusterRelationTag->Tag->find('all', [
'conditions' => ['id' => array_unique($tagsToFetch)],
'recursive' => -1,
]);
$tags = array_column(array_column($tags, 'Tag'), null, 'id');
foreach ($targetingClusterRelations as $k => $targetingClusterRelation) {
if (!empty($targetingClusterRelation['GalaxyClusterRelationTag'])) {
foreach ($targetingClusterRelation['GalaxyClusterRelationTag'] as $relationTag) {
if (isset($tags[$relationTag['tag_id']])) {
$targetingClusterRelation['TargetingClusterRelation']['Tag'][] = $tags[$relationTag['tag_id']];
}
}
}
unset($targetingClusterRelation['GalaxyClusterRelationTag']);
if (!empty($targetingClusterRelation['SharingGroup']['id'])) {
$targetingClusterRelation['TargetingClusterRelation']['SharingGroup'] = $targetingClusterRelation['SharingGroup'];
}
$targetingClusterRelations[$k] = $targetingClusterRelation['TargetingClusterRelation'];
}
}
$this->Event = ClassRegistry::init('Event');
$sharingGroupData = $this->Event->__cacheSharingGroupData($user, false);
foreach ($clusters as $i => $cluster) {
@ -1042,32 +1080,22 @@ class GalaxyCluster extends AppModel
if (!empty($relation['sharing_group_id']) && isset($sharingGroupData[$relation['sharing_group_id']])) {
$clusters[$i]['GalaxyClusterRelation'][$j]['SharingGroup'] = $sharingGroupData[$relation['sharing_group_id']]['SharingGroup'];
}
foreach ($relation['GalaxyClusterRelationTag'] as $relationTag) {
if (isset($tags[$relationTag['tag_id']])) {
$clusters[$i]['GalaxyClusterRelation'][$j]['Tag'][] = $tags[$relationTag['tag_id']];
}
}
unset($clusters[$i]['GalaxyClusterRelation'][$j]['GalaxyClusterRelationTag']);
}
}
if ($full && isset($cluster['GalaxyCluster']['id'])) {
$targetingClusterRelations = $this->TargetingClusterRelation->fetchRelations($user, array(
'contain' => array(
'GalaxyClusterRelationTag' => array('Tag'),
'SharingGroup',
),
'conditions' => array(
'TargetingClusterRelation.referenced_galaxy_cluster_id' => $cluster['GalaxyCluster']['id']
)
));
foreach ($targetingClusterRelations as $k => $targetingClusterRelation) {
if (!empty($targetingClusterRelation['GalaxyClusterRelationTag'])) {
$targetingClusterRelation['TargetingClusterRelation']['Tag'] = Hash::extract($targetingClusterRelation['GalaxyClusterRelationTag'], '{n}.Tag');
if ($full) {
foreach ($targetingClusterRelations as $targetingClusterRelation) {
if ($targetingClusterRelation['referenced_galaxy_cluster_id'] == $cluster['GalaxyCluster']['id']) {
$clusters[$i]['TargetingClusterRelation'][] = $targetingClusterRelation;
}
if (!empty($targetingClusterRelation['SharingGroup']['id'])) {
$targetingClusterRelation['TargetingClusterRelation']['SharingGroup'] = $targetingClusterRelation['SharingGroup'];
}
$targetingClusterRelations[$k] = $targetingClusterRelation['TargetingClusterRelation'];
}
$clusters[$i]['TargetingClusterRelation'] = $targetingClusterRelations;
}
$clusters[$i] = $this->arrangeData($clusters[$i]);
$clusters[$i] = $this->GalaxyClusterRelation->massageRelationTag($clusters[$i]);
$clusters[$i] = $this->TargetingClusterRelation->massageRelationTag($clusters[$i]);
}
return $clusters;
}
@ -1404,17 +1432,16 @@ class GalaxyCluster extends AppModel
/**
* @param array $user
* @param array $events
* @param bool $replace
* @param bool $fetchFullCluster
* @param bool $replace Remove galaxy cluster tags
* @return array
*/
public function attachClustersToEventIndex(array $user, array $events, $replace = false, $fetchFullCluster = true)
public function attachClustersToEventIndex(array $user, array $events, $replace = false)
{
$clusterTagNames = [];
foreach ($events as $event) {
foreach ($event['EventTag'] as $eventTag) {
if ($eventTag['Tag']['is_galaxy']) {
$clusterTagNames[strtolower($eventTag['Tag']['name'])] = true;
$clusterTagNames[$eventTag['Tag']['id']] = strtolower($eventTag['Tag']['name']);
}
}
}
@ -1424,12 +1451,10 @@ class GalaxyCluster extends AppModel
}
$options = [
'conditions' => ['LOWER(GalaxyCluster.tag_name)' => array_keys($clusterTagNames)],
'conditions' => ['LOWER(GalaxyCluster.tag_name)' => $clusterTagNames],
'contain' => ['Galaxy', 'GalaxyElement'],
];
if (!$fetchFullCluster) {
$options['contain'] = ['Galaxy'];
}
$clusters = $this->fetchGalaxyClusters($user, $options, $fetchFullCluster);
$clusters = $this->fetchGalaxyClusters($user, $options);
$clustersByTagName = [];
foreach ($clusters as $cluster) {
@ -1444,7 +1469,6 @@ class GalaxyCluster extends AppModel
$tagName = strtolower($eventTag['Tag']['name']);
if (isset($clustersByTagName[$tagName])) {
$cluster = $this->postprocess($clustersByTagName[$tagName], $eventTag['Tag']['id']);
$cluster['GalaxyCluster']['tag_id'] = $eventTag['Tag']['id'];
$cluster['GalaxyCluster']['local'] = $eventTag['local'];
$events[$k]['GalaxyCluster'][] = $cluster['GalaxyCluster'];
if ($replace) {

15
app/Model/GalaxyClusterRelation.php
View File

@ -163,21 +163,6 @@ class GalaxyClusterRelation extends AppModel
$this->deleteAll($conditions, false, false);
}
public function massageRelationTag($cluster)
{
if (!empty($cluster['GalaxyCluster'][$this->alias])) {
foreach ($cluster['GalaxyCluster'][$this->alias] as $k => $relation) {
if (!empty($relation['GalaxyClusterRelationTag'])) {
foreach ($relation['GalaxyClusterRelationTag'] as $relationTag) {
$cluster['GalaxyCluster'][$this->alias][$k]['Tag'][] = $relationTag['Tag'];
}
}
unset($cluster['GalaxyCluster'][$this->alias][$k]['GalaxyClusterRelationTag']);
}
}
return $cluster;
}
/**
* saveRelations
*

2
app/Model/Role.php
View File

@ -107,7 +107,7 @@ class Role extends AppModel
'id' => 'RolePermTagEditor',
'text' => 'Tag Editor',
'readonlyenabled' => false,
'title' => 'This permission gives users the ability to create, modify or remove tags.'
'title' => 'This permission gives users the ability to create tags.'
),
'perm_template' => array(
'id' => 'RolePermTemplate',

6
app/Model/Server.php
View File

@ -754,16 +754,16 @@ class Server extends AppModel
}
if ($all) {
if ($scope === 'sightings') {
// Used when pushing: return just eventUuids that has sightings newer than remote server
$this->Event = ClassRegistry::init('Event');
$localEvents = $this->Event->find('list', array(
'recursive' => -1,
'fields' => array('Event.uuid', 'Event.sighting_timestamp'),
'conditions' => array('Event.uuid' => array_column($eventArray, 'uuid'))
));
$eventUuids = array();
$eventUuids = [];
foreach ($eventArray as $event) {
if (!isset($localEvents[$event['uuid']]) && $localEvents[$event['uuid']] > $event['sighting_timestamp']) {
if (isset($localEvents[$event['uuid']]) && $localEvents[$event['uuid']] > $event['sighting_timestamp']) {
$eventUuids[] = $event['uuid'];
}
}

85
app/Model/Taxonomy.php
View File

@ -540,7 +540,12 @@ class Taxonomy extends AppModel
public function getTaxonomyForTag($tagName, $metaOnly = false, $fullTaxonomy = false)
{
if (preg_match('/^([^:="]+):([^:="]+)="([^:="]+)"$/i', $tagName, $matches)) {
$splits = $this->splitTagToComponents($tagName);
if ($splits === null) {
return false; // not taxonomy tag
}
if (isset($splits['value'])) {
$contain = array(
'TaxonomyPredicate' => array(
'TaxonomyEntry' => array()
@ -548,32 +553,15 @@ class Taxonomy extends AppModel
);
if (!$fullTaxonomy) {
$contain['TaxonomyPredicate']['conditions'] = array(
'LOWER(TaxonomyPredicate.value)' => mb_strtolower($matches[2]),
'LOWER(TaxonomyPredicate.value)' => mb_strtolower($splits['predicate']),
);
$contain['TaxonomyPredicate']['TaxonomyEntry']['conditions'] = array(
'LOWER(TaxonomyEntry.value)' => mb_strtolower($matches[3]),
'LOWER(TaxonomyEntry.value)' => mb_strtolower($splits['value']),
);
}
$taxonomy = $this->find('first', array(
'recursive' => -1,
'conditions' => array('LOWER(Taxonomy.namespace)' => mb_strtolower($matches[1])),
'contain' => $contain
));
if ($metaOnly && !empty($taxonomy)) {
return array('Taxonomy' => $taxonomy['Taxonomy']);
}
return $taxonomy;
} elseif (preg_match('/^[^:="]+:[^:="]+$/i', $tagName)) {
$pieces = explode(':', $tagName);
$contain = array('TaxonomyPredicate' => array());
if (!$fullTaxonomy) {
$contain['TaxonomyPredicate']['conditions'] = array(
'LOWER(TaxonomyPredicate.value)' => mb_strtolower($pieces[1])
);
}
$taxonomy = $this->find('first', array(
'recursive' => -1,
'conditions' => array('LOWER(Taxonomy.namespace)' => mb_strtolower($pieces[0])),
'conditions' => array('LOWER(Taxonomy.namespace)' => mb_strtolower($splits['namespace'])),
'contain' => $contain
));
if ($metaOnly && !empty($taxonomy)) {
@ -581,20 +569,39 @@ class Taxonomy extends AppModel
}
return $taxonomy;
} else {
return false;
$contain = array('TaxonomyPredicate' => array());
if (!$fullTaxonomy) {
$contain['TaxonomyPredicate']['conditions'] = array(
'LOWER(TaxonomyPredicate.value)' => mb_strtolower($splits['predicate'])
);
}
$taxonomy = $this->find('first', array(
'recursive' => -1,
'conditions' => array('LOWER(Taxonomy.namespace)' => mb_strtolower($splits['namespace'])),
'contain' => $contain
));
if ($metaOnly && !empty($taxonomy)) {
return array('Taxonomy' => $taxonomy['Taxonomy']);
}
return $taxonomy;
}
}
// Remove the value for triple component tags or the predicate for double components tags
/**
* Remove the value for triple component tags or the predicate for double components tags
* @param string $tagName
* @return string
*/
public function stripLastTagComponent($tagName)
{
$shortenedTag = '';
if (preg_match('/^[^:="]+:[^:="]+="[^:="]+"$/i', $tagName)) {
$shortenedTag = explode('=', $tagName)[0];
} elseif (preg_match('/^[^:="]+:[^:="]+$/i', $tagName)) {
$shortenedTag = explode(':', $tagName)[0];
$splits = $this->splitTagToComponents($tagName);
if ($splits === null) {
return '';
}
return $shortenedTag;
if (isset($splits['value'])) {
return $splits['namespace'] . ':' . $splits['predicate'];
}
return $splits['namespace'];
}
public function checkIfNewTagIsAllowedByTaxonomy($newTagName, $tagNameList=array())
@ -678,4 +685,24 @@ class Taxonomy extends AppModel
}
return $conflictingTaxonomy;
}
/**
* @param string $tag
* @return array|null
*/
public function splitTagToComponents($tag)
{
preg_match('/^([^:="]+):([^:="]+)(="([^:="]+)")?$/i', $tag, $matches);
if (empty($matches)) {
return null; // tag is not in taxonomy format
}
$splits = [
'namespace' => $matches[1],
'predicate' => $matches[2],
];
if (isset($matches[4])) {
$splits['value'] = $matches[4];
}
return $splits;
}
}

2
app/View/Elements/Events/eventIndexTable.ctp
View File

@ -127,7 +127,7 @@
'event' => $event,
'tags' => $event['EventTag'],
'tagAccess' => false,
'required_taxonomies' => false,
'missingTaxonomies' => false,
'columnised' => true,
'static_tags_only' => 1,
'tag_display_style' => Configure::check('MISP.full_tags_on_event_index') ? Configure::read('MISP.full_tags_on_event_index') : 1

2
app/View/Elements/Objects/object_add_attributes.ctp
View File

@ -39,7 +39,7 @@
if (!empty($template['ObjectTemplate']['requirements']['required']) && in_array($element['object_relation'], $template['ObjectTemplate']['requirements']['required'])) {
echo '<span class="red" style="vertical-align: super;font-size: 8px;margin-left: 2px;" title="' . __('Required') . '"><i class="fas fa-asterisk"></i></span>';
}
echo ' :: ' . h($element['type']) . '';
echo '<br>' . h($element['type']);
?>
</td>
<td>

23
app/View/Elements/ajaxTags.ctp
View File

@ -6,24 +6,11 @@
switch ($scope) {
case 'event':
$id = h($event['Event']['id']);
if (!empty($required_taxonomies)) {
foreach ($required_taxonomies as $k => $v) {
foreach ($tags as $tag) {
$temp_tag = explode(':', $tag['Tag']['name']);
if (count($temp_tag) > 1) {
if ($temp_tag[0] == $v) {
unset($required_taxonomies[$k]);
break;
}
}
}
}
if (!empty($required_taxonomies)) {
echo sprintf(
'Missing taxonomies: <span class="red bold">%s</span><br />',
implode(', ', $required_taxonomies)
);
}
if (!empty($missingTaxonomies)) {
echo __(
'Missing taxonomies: <span class="red bold">%s</span><br>',
implode(', ', $missingTaxonomies)
);
}
break;
case 'attribute':

2
app/View/Elements/genericElements/Form/genericForm.ctp
View File

@ -51,7 +51,7 @@
}
$params['class'] = $class;
} else {
if (!empty($fieldData['type']) && $fieldData['type'] != 'checkbox') {
if (!empty($fieldData['type']) && ($fieldData['type'] !== 'checkbox' || $fieldData['type'] !== 'radio')) {
$params['class'] = 'span6';
}
}

12
app/View/Elements/genericElements/IndexTable/index_table.ctp
View File

@ -35,13 +35,15 @@
}
}
}
$paginationData = !empty($data['paginatorOptions']) ? $data['paginatorOptions'] : [];
if ($ajax && isset($containerId)) {
$paginationData['data-paginator'] = "#{$containerId}_content";
}
$this->Paginator->options($paginationData);
$skipPagination = isset($data['skip_pagination']) ? $data['skip_pagination'] : 0;
if (!$skipPagination) {
$paginationData = !empty($data['paginatorOptions']) ? $data['paginatorOptions'] : array();
if ($ajax && isset($containerId)) {
$paginationData['data-paginator'] = "#{$containerId}_content";
}
$this->Paginator->options($paginationData);
$paginatonLinks = $this->element('/genericElements/IndexTable/pagination_links');
echo $paginatonLinks;
}

14
app/View/EventReports/ajax/indexForEvent.ctp
View File

@ -4,9 +4,7 @@
<?php endif; ?>
<?php
echo $this->element('/genericElements/IndexTable/index_table', array(
'paginatorOptions' => array(
'update' => '#eventreport_index_div',
),
'containerId' => 'eventreport',
'data' => array(
'data' => $reports,
'top_bar' => array(
@ -165,7 +163,7 @@
$('#eventReportSelectors a.btn').click(function(e) {
e.preventDefault()
$("#eventreport_index_div").empty()
$("#eventreport_content").empty()
.append(
$('<div></div>')
.css({'text-align': 'center', 'font-size': 'large', 'margin': '5px 0'})
@ -173,7 +171,7 @@
)
var url = $(this).attr('href')
$.get(url, function(data) {
$("#eventreport_index_div").html(data);
$("#eventreport_content").html(data);
});
});
})
@ -183,7 +181,7 @@
$.ajax({
dataType: "html",
beforeSend: function() {
$("#eventreport_index_div").empty()
$("#eventreport_content").empty()
.append(
$('<div></div>')
.css({'text-align': 'center', 'font-size': 'large', 'margin': '5px 0'})
@ -191,10 +189,10 @@
)
},
success:function (data) {
$("#eventreport_index_div").html(data);
$("#eventreport_content").html(data);
},
error: function (jqXHR, textStatus, errorThrown) {
$("#eventreport_index_div").empty().text('<?= __('Failed to load Event report table')?>')
$("#eventreport_content").empty().text('<?= __('Failed to load Event report table')?>')
showMessage('fail', textStatus + ": " + errorThrown);
},
url:url

8
app/View/Events/view.ctp
View File

@ -106,7 +106,7 @@
'event' => $event,
'tags' => $event['EventTag'],
'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['orgc_id']),
'required_taxonomies' => $required_taxonomies,
'missingTaxonomies' => $missingTaxonomies,
'tagConflicts' => $tagConflicts
)
)
@ -527,7 +527,7 @@
</div>
<div id="eventreport_div" style="display: none;">
<span class="report-title-section"><?php echo __('Event Reports');?></span>
<div id="eventreport_index_div"></div>
<div id="eventreport_content"></div>
</div>
<div id="clusterrelation_div" class="info_container_eventgraph_network" style="display: none;" data-fullscreen="false">
</div>
@ -554,8 +554,8 @@ $(function () {
});
$.get("<?php echo $baseurl; ?>/eventReports/index/event_id:<?= h($event['Event']['id']); ?>/index_for_event:1<?= $extended ? '/extended_event:1' : ''?>", function(data) {
$("#eventreport_index_div").html(data);
if ($('#eventreport_index_div table tbody > tr').length) { // open if contain a report
$("#eventreport_content").html(data);
if ($('#eventreport_content table tbody > tr').length) { // open if contain a report
$('#eventreport_toggle').click()
}
});

6
app/View/GalaxyClusters/view.ctp
View File

@ -96,14 +96,12 @@
<div class="row-fuild">
<div id="relations_container"></div>
</div>
<div class="">
<div id="elements_div"></div>
</div>
<div id="elements_content"></div>
</div>
<script type="text/javascript">
$(function () {
$.get("<?= $baseurl ?>/galaxy_elements/index/<?php echo $cluster['GalaxyCluster']['id']; ?>", function(data) {
$("#elements_div").html(data);
$("#elements_content").html(data);
});
$.get("<?= $baseurl ?>/galaxy_clusters/viewGalaxyMatrix/<?php echo $cluster['GalaxyCluster']['id']; ?>", function(data) {
$("#matrix_container").html(data);

12
app/View/GalaxyElements/ajax/index.ctp
View File

@ -1,9 +1,7 @@
<?php
$indexOptions = array(
'containerId' => 'elements',
'data' => array(
'paginatorOptions' => array(
'update' => '#elements_div',
),
'data' => $elements,
'top_bar' => array(
'children' => array(
@ -16,7 +14,7 @@ $indexOptions = array(
'onClickParams' => [
h($clusterId) . '/context:all',
$baseurl . '/galaxy_elements/index',
'#elements_div'
'#elements_content'
],
),
array(
@ -26,7 +24,7 @@ $indexOptions = array(
'onClickParams' => [
h($clusterId) . '/context:JSONView',
$baseurl . '/galaxy_elements/index',
'#elements_div'
'#elements_content'
],
),
)
@ -87,8 +85,6 @@ echo $this->element('/genericElements/IndexTable/index_table', $indexOptions);
if ($context == 'JSONView') {
echo sprintf('<div id="elementJSONDiv" class="well well-small">%s</div>', json_encode($JSONElements));
}
echo $this->Js->writeBuffer();
?>
<script>
@ -96,4 +92,4 @@ echo $this->Js->writeBuffer();
if ($jsondiv.length > 0) {
$jsondiv.html(syntaxHighlightJson($jsondiv.text(), 8));
}
</script>
</script>

159
app/View/Objects/revise_object.ctp
View File

@ -1,3 +1,19 @@
<?php
if ($data['Object']['distribution'] != 4) {
$distribution = $distributionLevels[$data['Object']['distribution']];
} else {
$distribution = $sharing_groups[$data['Object']['sharing_group_id']];
}
$tableData = [
['key' => __('Name'), 'value' => $template['ObjectTemplate']['name']],
['key' => __('Template version'), 'value' => $template['ObjectTemplate']['version']],
['key' => __('Meta-category'), 'value' => $template['ObjectTemplate']['meta-category']],
['key' => __('Distribution'), 'value' => $distribution],
['key' => __('Comment'), 'value' => $data['Object']['comment']],
['key' => __('First seen'), 'value' => $data['Object']['first_seen']],
['key' => __('Last seen'), 'value' => $data['Object']['last_seen']],
];
?>
<div class="form">
<h3><?php echo __('Object pre-save review');?></h3>
<p><?php echo __('Make sure that the below Object reflects your expectation before submitting it.');?></p>
@ -18,7 +34,7 @@
$formSettings['value'] = $cur_object_tmp_uuid;
echo $this->Form->input('cur_object_tmp_uuid', $formSettings);
?>
<div class='hidden'>
<div class="hidden">
<?php
echo $this->Form->input('mergeIntoObject', array(
'value' => 0,
@ -26,97 +42,62 @@
));
?>
</div>
<div style="margin-bottom:20px;">
<table class="table table-condensed table-striped">
<tbody>
<div class="row-fluid">
<div class="span8" style="margin-bottom: 2em">
<?= $this->element('genericElements/viewMetaTable', ['table_data' => $tableData]); ?>
</div>
<table id="attribute_table" class="table table-condensed table-striped">
<thead>
<tr>
<td class="bold"><?php echo __('Name');?></td>
<td><?php echo h($template['ObjectTemplate']['name']); ?></td>
<th><?php echo __('Attribute');?></th>
<th><?php echo __('Category');?></th>
<th><?php echo __('Type');?></th>
<th><?php echo __('Value');?></th>
<th><?php echo __('To IDS');?></th>
<th><?php echo __('Comment');?></th>
<th><?php echo __('UUID');?></th>
<th><?php echo __('Distribution');?></th>
</tr>
<tr>
<td class="bold"><?php echo __('Meta-category');?></td>
<td><?php echo h($template['ObjectTemplate']['meta-category']); ?></td>
</tr>
<tr>
<td class="bold"><?php echo __('Distribution');?></td>
<td><?php
if ($data['Object']['distribution'] != 4) {
echo $distributionLevels[$data['Object']['distribution']];
} else {
echo h($sharing_groups[$data['Object']['sharing_group_id']]);
}
?></td>
</tr>
<tr>
<td class="bold"><?php echo __('Template version');?></td>
<td><?php echo h($template['ObjectTemplate']['version']); ?></td>
</tr>
<tr>
<td class="bold"><?php echo __('Comment');?></td>
<td><?php echo h($data['Object']['comment']); ?></td>
</tr>
<tr>
<td class="bold"><?php echo __('First seen');?></td>
<td><?php echo h($data['Object']['first_seen']); ?></td>
</tr>
<tr>
<td class="bold"><?php echo __('Last seen');?></td>
<td><?php echo h($data['Object']['last_seen']); ?></td>
</tr>
<tr>
<table id="attribute_table" class="table table-condensed table-striped">
<thead>
<th><?php echo __('Attribute');?></th>
<th><?php echo __('Category');?></th>
<th><?php echo __('Type');?></th>
<th><?php echo __('Value');?></th>
<th><?php echo __('To IDS');?></th>
<th><?php echo __('Comment');?></th>
<th><?php echo __('UUID');?></th>
<th><?php echo __('Distribution');?></th>
</thead>
<tbody>
<?php
$simple_flattened_attribute = array();
$simple_flattened_attribute_noval = array();
$attributeFields = array('category', 'type', 'value', 'to_ids' , 'comment', 'uuid', 'distribution');
if (!empty($data['Attribute'])):
foreach ($data['Attribute'] as $id => $attribute):
$cur_flat = h($attribute['object_relation']) . '.' . h($attribute['type']) . '.' .h($attribute['value']);
$cur_flat_noval = h($attribute['object_relation']) . '.' . h($attribute['type']);
$simple_flattened_attribute[$cur_flat] = $id;
$simple_flattened_attribute_noval[$cur_flat_noval] = $id;
echo sprintf('<tr data-curflat="%s" data-curflatnoval="%s">', h($cur_flat), h($cur_flat_noval));
echo '<td>' . h($attribute['object_relation']) . '</td>';
foreach ($attributeFields as $field) {
if ($field === 'distribution') {
if ($attribute['distribution'] != 4) {
$attribute[$field] = $distributionLevels[$attribute['distribution']];
} else {
$attribute[$field] = $sharing_groups[$attribute['sharing_group_id']];
}
} else if ($field === 'to_ids') {
$attribute[$field] = $attribute[$field] ? __('Yes') : __('No');
}
if (isset($attribute[$field])) {
if (isset($attribute['validation'][$field])) {
echo '<td>' . h($attribute[$field]) . ' <i class="fas fa-times red" title="' . h(implode(', ', $attribute['validation'][$field])) . '"></i></td>';
} else {
echo '<td>' . h($attribute[$field]) . '</td>';
}
</thead>
<tbody>
<?php
$simple_flattened_attribute = array();
$simple_flattened_attribute_noval = array();
$attributeFields = array('category', 'type', 'value', 'to_ids' , 'comment', 'uuid', 'distribution');
if (!empty($data['Attribute'])):
foreach ($data['Attribute'] as $id => $attribute):
$cur_flat = h($attribute['object_relation']) . '.' . h($attribute['type']) . '.' .h($attribute['value']);
$cur_flat_noval = h($attribute['object_relation']) . '.' . h($attribute['type']);
$simple_flattened_attribute[$cur_flat] = $id;
$simple_flattened_attribute_noval[$cur_flat_noval] = $id;
echo sprintf('<tr data-curflat="%s" data-curflatnoval="%s">', h($cur_flat), h($cur_flat_noval));
echo '<td>' . h($attribute['object_relation']) . '</td>';
foreach ($attributeFields as $field) {
if ($field === 'distribution') {
if ($attribute['distribution'] != 4) {
$attribute[$field] = $distributionLevels[$attribute['distribution']];
} else {
echo '<td></td>';
$attribute[$field] = $sharing_groups[$attribute['sharing_group_id']];
}
} else if ($field === 'to_ids') {
$attribute[$field] = $attribute[$field] ? __('Yes') : __('No');
}
echo '</tr>';
endforeach;
endif;
?>
</tbody>
</table>
</tr>
</tbody>
</table>
if (isset($attribute[$field])) {
if (isset($attribute['validation'][$field])) {
echo '<td>' . h($attribute[$field]) . ' <i class="fas fa-times red" title="' . h(implode(', ', $attribute['validation'][$field])) . '"></i></td>';
} else {
echo '<td>' . h($attribute[$field]) . '</td>';
}
} else {
echo '<td></td>';
}
}
echo '</tr>';
endforeach;
endif;
?>
</tbody>
</table>
</div>
<?= $this->Form->button($action === 'add' ? __('Create new object') : __('Update object'), array('class' => 'btn btn-primary')); ?>
@ -209,6 +190,4 @@ $(document).ready(function() {
);
});
</script>
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event', 'menuItem' => 'addObject', 'event' => $event));
?>
<?= $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event', 'menuItem' => 'addObject', 'event' => $event));

11
app/webroot/css/main.css
View File

@ -2745,3 +2745,14 @@ td.rotate + td:not(.rotate) {
#RoleAdminEditForm .role-permissions div.input {
width: 160px;
}
/*
Query builder
*/
.query-builder .rule-value-container label {
margin-right: 5px;
}
.query-builder .rule-value-container label input {
margin-top: 0;
}

12
app/webroot/index.php
View File

@ -18,18 +18,6 @@
* @since CakePHP(tm) v 0.2.9
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
// This is GovCERT.CZ modified method to make translation faster
function __($singular, $args = null) {
if (!$singular) {
return null;
}
App::uses('I18n', 'I18n');
// Enforce english translation to make everything faster
$translated = I18n::translate($singular, null, null, I18n::LC_MESSAGES, null, 'eng');
$arguments = func_get_args();
return I18n::insertArgs($translated, array_slice($arguments, 1));
}
/**
* Use the DS to separate the directories in other defines
*/