mirror of https://github.com/MISP/MISP
new: [sg blueprint] encode as sync rule functionality added
parent
2259c4c85f
commit
1cacb3abcc
|
@ -596,7 +596,9 @@ class ACLComponent extends Component
|
|||
'delete' => array('perm_sharing_group'),
|
||||
'detach' => array('perm_sharing_group'),
|
||||
'edit' => array('perm_sharing_group'),
|
||||
'encodeSyncRule' => ['perm_site_admin'],
|
||||
'execute' => array('perm_sharing_group'),
|
||||
'generateUuidList' => ['perm_sharing_group'],
|
||||
'index' => array('perm_sharing_group'),
|
||||
'view' => array('perm_sharing_group'),
|
||||
'viewOrgs' => array('perm_sharing_group'),
|
||||
|
|
|
@ -193,4 +193,91 @@ class SharingGroupBlueprintsController extends AppController
|
|||
$this->render('/genericTemplates/confirm');
|
||||
}
|
||||
}
|
||||
|
||||
public function generateUuidList($id)
|
||||
{
|
||||
$orgs = $this->__getUuidList($id);
|
||||
return $this->RestResponse->viewData($orgs, 'json');
|
||||
}
|
||||
|
||||
private function __getUuidList($id)
|
||||
{
|
||||
$conditions = [];
|
||||
if (empty($id)) {
|
||||
throw new MethodNotAllowedException(__('No ID specified.'));
|
||||
}
|
||||
$conditions['SharingGroupBlueprint.id'] = $id;
|
||||
if (!$this->Auth->user('Role')['perm_admin']) {
|
||||
$conditions['SharingGroupBlueprint.org_id'] = $this->Auth->user('org_id');
|
||||
}
|
||||
$sharingGroupBlueprint = $this->SharingGroupBlueprint->find('first', ['conditions' => $conditions, 'recursive' => -1]);
|
||||
if (empty($sharingGroupBlueprint)) {
|
||||
throw new NotFoundException(__('Invalid Sharing Group Blueprint'));
|
||||
}
|
||||
// we create a fake user to restrict the visible sharing groups to the creator of the SharingGroupBlueprint, in case an admin wants to update it
|
||||
$fake_user = [
|
||||
'Role' => [
|
||||
'perm_site_admin' => false
|
||||
],
|
||||
'org_id' => $sharingGroupBlueprint['SharingGroupBlueprint']['org_id'],
|
||||
'id' => 1
|
||||
];
|
||||
$temp = $this->SharingGroupBlueprint->evaluateSharingGroupBlueprint($sharingGroupBlueprint, $fake_user);
|
||||
$orgs = $this->SharingGroupBlueprint->SharingGroup->Organisation->find('list', [
|
||||
'recursive' => -1,
|
||||
'fields' => ['uuid'],
|
||||
'conditions' => ['id' => $temp['orgs']]
|
||||
]);
|
||||
return array_values($orgs);
|
||||
}
|
||||
|
||||
public function encodeSyncRule($id)
|
||||
{
|
||||
$org_uuids = $this->__getUuidList($id);
|
||||
$this->loadModel('Server');
|
||||
if ($this->request->is('post')) {
|
||||
if (!isset($this->request->data['SharingGroupBlueprint'])) {
|
||||
$this->request->data = ['SharingGroupBlueprint' => $this->request->data];
|
||||
}
|
||||
$server = $this->Server->find('first', [
|
||||
'conditions' => ['Server.id' => $this->request->data['SharingGroupBlueprint']['server_id']],
|
||||
'recursive' => -1
|
||||
]);
|
||||
if (empty($server)) {
|
||||
throw new NotFoundException(__('Invalid server.'));
|
||||
}
|
||||
$server['Server']['pull_rules'] = json_decode($server['Server']['pull_rules'], true);
|
||||
$server['Server']['push_rules'] = json_decode($server['Server']['push_rules'], true);
|
||||
$rules = [];
|
||||
$type_to_update = empty($this->request->data['SharingGroupBlueprint']['type']) ? 'pull' : $this->request->data['SharingGroupBlueprint']['type'];
|
||||
$rule_to_update = empty($this->request->data['SharingGroupBlueprint']['rule']) ? 'OR' : $this->request->data['SharingGroupBlueprint']['rule'];
|
||||
$rules[$type_to_update][$rule_to_update] = $org_uuids;
|
||||
$server['Server'][$type_to_update . '_rules']['orgs'][$rule_to_update] = $rules[$type_to_update][$rule_to_update];
|
||||
$server['Server']['pull_rules'] = json_encode($server['Server']['pull_rules']);
|
||||
$server['Server']['push_rules'] = json_encode($server['Server']['push_rules']);
|
||||
if (!$this->Server->save($server)) {
|
||||
throw new InvalidArgumentException(__('Could not update the server - something went wrong.'));
|
||||
} else {
|
||||
if ($this->_isRest()) {
|
||||
$server = $this->Server->find('first', [
|
||||
'recursive' => -1,
|
||||
'conditions' => ['Server.id' => $this->request->data['SharingGroupBlueprint']['server_id']]
|
||||
]);
|
||||
return $this->RestResponse->viewData($server, 'json');
|
||||
} else {
|
||||
$this->Flash->success(__('Server %s\'s %s rules\' %s branch updated with the blueprint\'s rules.', $server['Server']['id'], $type_to_update, $rule_to_update));
|
||||
$this->redirect('/servers/index');
|
||||
}
|
||||
}
|
||||
}
|
||||
$servers = $this->Server->find('all', ['recursive' => -1]);
|
||||
if (empty($servers)) {
|
||||
throw new NotFoundException(__('No valid servers found.'));
|
||||
}
|
||||
$server_data = [];
|
||||
foreach ($servers as $s) {
|
||||
$server_data[$s['Server']['id']] = $s['Server']['name'];
|
||||
}
|
||||
$this->set('servers', $server_data);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
<?php
|
||||
$modelForForm = 'SharingGroupBlueprints';
|
||||
$fields = [
|
||||
[
|
||||
'field' => 'type',
|
||||
'type' => 'dropdown',
|
||||
'options' => ['pull' => 'pull', 'push' => 'push'],
|
||||
'class' => 'span6'
|
||||
],
|
||||
[
|
||||
'field' => 'rule',
|
||||
'type' => 'dropdown',
|
||||
'options' => ['OR' => 'OR', 'NOT' => 'NOT'],
|
||||
'class' => 'span6'
|
||||
],
|
||||
[
|
||||
'field' => 'server_id',
|
||||
'type' => 'dropdown',
|
||||
'class' => 'span6',
|
||||
'options' => $servers
|
||||
]
|
||||
];
|
||||
$description = sprintf(
|
||||
'%s<br />%s<br /><br />%s<br />%s',
|
||||
__('Create a push or pull rule based '),
|
||||
__('Simply create a JSON dictionary using a combination of filters and boolean operators.'),
|
||||
'<span class="bold">Filters</span>: org_id, org_type, org_uuid, org_name, org_sector, org_nationality, sharing_group_id, , sharing_group_uuid',
|
||||
'<span class="bold">Boolean operators</span>: OR, AND, NOT'
|
||||
);
|
||||
echo $this->element('genericElements/Form/genericForm', [
|
||||
'data' => [
|
||||
'description' => __('Create a push/pull org filter rule based on the organisations contained in a blueprint. The selected blueprint\'s rules will be transposed as either a push or a pull rule\'s OR or NOT list as per the selection.'),
|
||||
'model' => 'SharingGroupBlueprint',
|
||||
'title' => __('Create sync rules'),
|
||||
'fields' => $fields,
|
||||
'submit' => [
|
||||
'action' => $this->request->params['action'],
|
||||
'ajaxSubmit' => 'submitGenericFormInPlace();'
|
||||
]
|
||||
]
|
||||
]);
|
||||
?>
|
|
@ -102,6 +102,16 @@
|
|||
'icon' => 'recycle',
|
||||
'title' => __('(Re)generate sharing group based on blueprint')
|
||||
],
|
||||
[
|
||||
'onclick' => sprintf(
|
||||
'openGenericModal(\'%s/SharingGroupBlueprints/encodeSyncRule/[onclick_params_data_path]\');',
|
||||
$baseurl
|
||||
),
|
||||
'onclick_params_data_path' => 'SharingGroupBlueprint.id',
|
||||
'icon' => 'filter',
|
||||
'title' => __('Encode blueprint\'s contents as a sync rule'),
|
||||
'requirements' => $me['Role']['perm_site_admin']
|
||||
],
|
||||
[
|
||||
'onclick' => sprintf(
|
||||
'openGenericModal(\'%s/SharingGroupBlueprints/delete/[onclick_params_data_path]\');',
|
||||
|
|
Loading…
Reference in New Issue