mirror of https://github.com/MISP/MISP
Handling of the "freetext" return format via the enrichment modules, and error handling fixed
- freetext is now a valid return format, it will allow module developers to return an unparsed text blob which MISP will try to loop through the freetext import's detection mechanism - still a lot of improvements to be done for the detection mechanism - error handling for modules, instead of discarding errors they are now shown as a flash message on the freetext import result screenpull/909/merge
parent
1aaff9d020
commit
18ce6872d4
|
@ -3463,24 +3463,49 @@ class EventsController extends AppController {
|
|||
} catch (Exception $e) {
|
||||
return 'Enrichment service not reachable.';
|
||||
}
|
||||
if (isset($result['error'])) $this->Session->setFlash($result['error']);
|
||||
if (!is_array($result)) throw new Exception($result);
|
||||
$resultArray = array();
|
||||
$freetextResults = array();
|
||||
App::uses('ComplexTypeTool', 'Tools');
|
||||
$complexTypeTool = new ComplexTypeTool();
|
||||
if (isset($result['results']) && !empty($result['results'])) {
|
||||
foreach ($result['results'] as $result) {
|
||||
if (!is_array($result['values'])) $result['values'] = array($result['values']);
|
||||
foreach ($result['values'] as $value) {
|
||||
$temp = array(
|
||||
'event_id' => $attribute[0]['Attribute']['event_id'],
|
||||
'types' => $result['types'],
|
||||
'default_type' => $result['types'][0],
|
||||
'comment' => isset($result['comment']) ? $result['comment'] : false,
|
||||
'to_ids' => isset($result['to_ids']) ? $result['to_ids'] : false,
|
||||
'value' => $value
|
||||
foreach ($result['results'] as $k => &$r) {
|
||||
foreach ($r['values'] as &$value) if (!is_array($r['values']) || !isset($r['values'][0])) $r['values'] = array($r['values']);
|
||||
foreach ($r['values'] as &$value) {
|
||||
if (in_array('freetext', $r['types'])) {
|
||||
if (is_array($value)) $value = json_encode($value);
|
||||
$freetextResults = array_merge($freetextResults, $complexTypeTool->checkComplexRouter($value, 'FreeText'));
|
||||
if (!empty($freetextResults)) {
|
||||
foreach ($freetextResults as &$ft) {
|
||||
$temp = array();
|
||||
foreach ($ft['types'] as $type) {
|
||||
$temp[$type] = $type;
|
||||
}
|
||||
$ft['types'] = $temp;
|
||||
}
|
||||
}
|
||||
$r['types'] = array_diff($r['types'], array('freetext'));
|
||||
// if we just removed the only type in the result then more on to the next result
|
||||
if (empty($r['types'])) continue 2;
|
||||
$r['types'] = array_values($r['types']);
|
||||
}
|
||||
}
|
||||
foreach ($r['values'] as &$value) {
|
||||
$temp = array(
|
||||
'event_id' => $attribute[0]['Attribute']['event_id'],
|
||||
'types' => $r['types'],
|
||||
'default_type' => $r['types'][0],
|
||||
'comment' => isset($r['comment']) ? $r['comment'] : false,
|
||||
'to_ids' => isset($r['to_ids']) ? $r['to_ids'] : false,
|
||||
'value' => $value
|
||||
);
|
||||
if (isset($result['data'])) $temp['data'] = $result['data'];
|
||||
if (isset($r['data'])) $temp['data'] = $r['data'];
|
||||
$resultArray[] = $temp;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
$resultArray = array_merge($resultArray, $freetextResults);
|
||||
}
|
||||
$typeCategoryMapping = array();
|
||||
foreach ($this->Event->Attribute->categoryDefinitions as $k => $cat) {
|
||||
|
|
|
@ -58,19 +58,29 @@ class ComplexTypeTool {
|
|||
return array('type' => 'other', 'value' => $input);
|
||||
}
|
||||
|
||||
private function __returnOddElements(&$array) {
|
||||
foreach ($array as $k => &$v) if ($k % 2 != 1) unset($array[$k]);
|
||||
return array_values($array);
|
||||
}
|
||||
|
||||
public function checkFreeText($input) {
|
||||
$iocArray = preg_split("/\r\n|\n|\r|\s|\s+|,|;/", $input);
|
||||
$quotedText = explode('"', $input);
|
||||
$iocArray = array_merge($iocArray, $this->__returnOddElements($quotedText));
|
||||
|
||||
$resultArray = array();
|
||||
foreach ($iocArray as $ioc) {
|
||||
$ioc = trim($ioc);
|
||||
$ioc = trim($ioc, ',');
|
||||
$ioc = preg_replace('/\p{C}+/u', '', $ioc);
|
||||
if (empty($ioc)) continue;
|
||||
$typeArray = $this->__resolveType($ioc);
|
||||
if ($typeArray === false) continue;
|
||||
$temp = $typeArray;
|
||||
if (!isset($temp['value'])) $temp['value'] = $ioc;
|
||||
$resultArray[] = $temp;
|
||||
if (!empty($iocArray)) {
|
||||
foreach ($iocArray as $ioc) {
|
||||
$ioc = trim($ioc);
|
||||
$ioc = trim($ioc, ',');
|
||||
$ioc = preg_replace('/\p{C}+/u', '', $ioc);
|
||||
if (empty($ioc)) continue;
|
||||
$typeArray = $this->__resolveType($ioc);
|
||||
if ($typeArray === false) continue;
|
||||
$temp = $typeArray;
|
||||
if (!isset($temp['value'])) $temp['value'] = $ioc;
|
||||
$resultArray[] = $temp;
|
||||
}
|
||||
}
|
||||
return $resultArray;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue