MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Added features from branch analysis_levels 

-Analaysis levels setable for events as per milestone item 94
-Password change forced as per milestone item 109
-Added feedback on entered search terms for search attributes
-fixed the authentication issue
-some minor fixes
pull/63/head
Andras Iklody 2012-12-17 15:51:30 +01:00
parent 9e9f34cb58
commit 1ceadab700
22 changed files with 224 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Config/Schema/schema_0.2.1.1.php
View File

@ -1,4 +1,4 @@
<?php
<?php
class AppSchema extends CakeSchema {
public function before($event = array()) {
@ -38,6 +38,7 @@ class AppSchema extends CakeSchema {
'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => NULL, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'private' => array('type' => 'boolean', 'null' => false, 'default' => NULL),
'analysis' => array('type' => 'tinying', 'null' => false, 'default' => NULL, 'length' => 4),
'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
@ -64,6 +65,7 @@ class AppSchema extends CakeSchema {
'gpgkey' => array('type' => 'text', 'null' => false, 'default' => NULL, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => NULL, 'length' => 15),
'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => NULL),
'change_pw' => array('type' => 'tinyint', 'null' => false, 'default' => NULL, 'length' => 1),
'newsread' => array('type' => 'date', 'null' => false, 'default' => NULL),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')

5
app/Controller/AppController.php
View File

@ -65,9 +65,12 @@ class AppController extends Controller {
public function beforeFilter() {
// user must accept terms
if ($this->Session->check('User') && !$this->Auth->user('termsaccepted') && (!in_array($this->request->here, array('/users/terms', '/users/logout', '/users/login')))) {
if ($this->Session->check('Auth.User') && !$this->Auth->user('termsaccepted') && (!in_array($this->request->here, array('/users/terms', '/users/logout', '/users/login')))) {
$this->redirect(array('controller' => 'users', 'action' => 'terms'));
}
if ($this->Session->check('Auth.User') && $this->Auth->user('change_pw') && (!in_array($this->request->here, array('/users/terms', '/users/change_pw', '/users/logout', '/users/login')))) {
$this->redirect(array('controller' => 'users', 'action' => 'change_pw'));
}
// REST things
if ($this->_isRest()) {

4
app/Controller/AttributesController.php
View File

@ -619,7 +619,9 @@ class AttributesController extends AppController {
$keyword = $this->request->data['Attribute']['keyword'];
$type = $this->request->data['Attribute']['type'];
$category = $this->request->data['Attribute']['category'];
$this->set('keywordSearch', $keyword);
$this->set('typeSearch', $type);
$this->set('categorySearch', $category);
// search the db
$conditions = array();
if ($keyword) {

32
app/Controller/EventsController.php
View File

@ -122,6 +122,7 @@ class EventsController extends AppController {
$this->Session->setFlash(__('No GPG key set in your profile. To receive emails, submit your public key in your profile.'));
}
$this->set('eventDescriptions', $this->Event->fieldDescriptions);
$this->set('analysisLevels', $this->Event->analysisLevels);
}
/**
@ -165,6 +166,7 @@ class EventsController extends AppController {
$this->redirect(array('controller' => 'users', 'action' => 'terms'));
}
}
$this->set('analysisLevels', $this->Event->analysisLevels);
}
$relatedAttributes = array();
@ -374,7 +376,15 @@ class EventsController extends AppController {
$this->set('risks',$risks);
// tooltip for risk
$this->set('riskDescriptions', $this->Event->riskDescriptions);
// combobox for analysis
$analysiss = $this->Event->validate['analysis']['rule'][1];
$analysiss = $this->_arrayToValuesIndexArray($analysiss);
$this->set('analysiss',$analysiss);
// tooltip for analysis
$this->set('analysisDescriptions', $this->Event->analysisDescriptions);
$this->set('analysisLevels', $this->Event->analysisLevels);
$this->set('eventDescriptions', $this->Event->fieldDescriptions);
}
@ -418,12 +428,12 @@ class EventsController extends AppController {
if ($upstream) {
$fieldList = array(
'Event' => array('date', 'risk', 'info', 'published', 'uuid'),
'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid'),
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision')
);
} else {
$fieldList = array(
'Event' => array('org', 'date', 'risk', 'info', 'user_id', 'published', 'uuid', 'private', 'cluster', 'communitie', 'hop_count'),
'Event' => array('org', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'private', 'cluster', 'communitie', 'hop_count'),
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'cluster', 'communitie')
);
}
@ -515,7 +525,7 @@ class EventsController extends AppController {
}
$fieldList = array(
'Event' => array('org', 'date', 'risk', 'info', 'published', 'uuid', 'private', 'communitie'),
'Event' => array('org', 'date', 'risk', 'analysis', 'info', 'published', 'uuid', 'private', 'communitie'),
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'communitie')
);
if ("i" == Configure::read('CyDefSIG.rest')) {
@ -550,7 +560,7 @@ class EventsController extends AppController {
}
// say what fields are to be updated
$fieldList = array('date', 'risk', 'info', 'published', 'private', 'cluster', 'communitie');
$fieldList = array('date', 'risk', 'analysis', 'info', 'published', 'private', 'cluster', 'communitie');
// always force the org, but do not force it for admins
if ($this->_isAdmin()) {
// set the same org as existed before
@ -588,6 +598,14 @@ class EventsController extends AppController {
// tooltip for risk
$this->set('riskDescriptions', $this->Event->riskDescriptions);
// combobox for analysis
$analysiss = $this->Event->validate['analysis']['rule'][1];
$analysiss = $this->_arrayToValuesIndexArray($analysiss);
$this->set('analysiss',$analysiss);
// tooltip for analysis
$this->set('analysisDescriptions', $this->Event->analysisDescriptions);
$this->set('analysisLevels', $this->Event->analysisLevels);
$this->set('eventDescriptions', $this->Event->fieldDescriptions);
}
@ -810,6 +828,7 @@ class EventsController extends AppController {
$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
}
$body .= 'Risk : ' . $event['Event']['risk'] . "\n";
$body .= 'Analysis : ' . $event['Event']['analysis'] . "\n";
$relatedEvents = $this->Event->getRelatedEvents($id);
if (!empty($relatedEvents)) {
foreach ($relatedEvents as &$relatedEvent) {
@ -1000,6 +1019,7 @@ class EventsController extends AppController {
$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
}
$body .= 'Risk : ' . $event['Event']['risk'] . "\n";
$body .= 'Analysis : ' . $event['Event']['analysis'] . "\n";
$relatedEvents = $this->Event->getRelatedEvents($id);
if (!empty($relatedEvents)) {
foreach ($relatedEvents as &$relatedEvent) {
@ -1125,7 +1145,7 @@ class EventsController extends AppController {
$conditions = array();
}
// do not expose all the data ...
$fields = array('Event.id', 'Event.date', 'Event.risk', 'Event.info', 'Event.published', 'Event.uuid');
$fields = array('Event.id', 'Event.date', 'Event.risk', 'Event.analysis', 'Event.info', 'Event.published', 'Event.uuid');
if ('true' == Configure::read('CyDefSIG.showorg')) {
$fields[] = 'Event.org';
}

9
app/Controller/LogsController.php
View File

@ -79,7 +79,14 @@ class LogsController extends AppController {
$action = $this->request->data['Log']['action'];
$title = $this->request->data['Log']['title'];
$change = $this->request->data['Log']['change'];
// for info on what was searched for
$this->set('emailSearch', $email);
$this->set('orgSearch', $org);
$this->set('actionSearch', $action);
$this->set('titleSearch', $title);
$this->set('changeSearch', $change);
// search the db
$conditions = array();
if ($email) {

35
app/Controller/UsersController.php
View File

@ -99,6 +99,33 @@ class UsersController extends AppController {
$this->set(compact('roles'));
}
public function change_pw() {
$id = $this->Auth->user('id');
$this->User->id = $id;
if ($this->request->is('post') || $this->request->is('put')) {
// What fields should be saved (allowed to be saved)
$fieldList[] = 'password';
// Save the data
if ($this->User->save($this->request->data, true ,$fieldList)) {
$this->Session->setFlash(__('Password Changed.'));
$this->User->saveField('email', $this->Auth->user('email'));
$this->User->saveField('change_pw', 0);
$this->_refreshAuth();
$this->redirect(array('action' => 'view', $id));
} else {
$this->Session->setFlash(__('The password could not be updated. Please, try again.'));
}
} else {
$this->User->recursive = 0;
$this->User->read(null, $id);
$this->User->set('password', '');
$this->request->data = Sanitize::clean($this->User->data);
}
// XXX ACL roles
$this->extraLog("change_pw");
$roles = Sanitize::clean($this->User->Role->find('list'));
$this->set(compact('roles'));
}
/**
* delete method
*
@ -151,6 +178,8 @@ class UsersController extends AppController {
throw new NotFoundException(__('Invalid user'));
}
$this->set('user', Sanitize::clean($this->User->read(null, $id)));
$temp = $this->User->field('invited_by');
$this->set('user2', Sanitize::clean($this->User->read(null, $temp)));
}
/**
@ -163,6 +192,7 @@ class UsersController extends AppController {
$this->User->create();
// set invited by
$this->request->data['User']['invited_by'] = $this->Auth->user('id');
$this->request->data['User']['change_pw']= 1;
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('The user has been saved'));
$this->redirect(array('action' => 'index'));
@ -322,7 +352,7 @@ class UsersController extends AppController {
}
public function logout() {
if ($this->Session->check('User')) { // TODO session, user is logged in, so ..
if ($this->Session->check('Auth.User')) { // TODO session, user is logged in, so ..
$this->extraLog("logout"); // TODO Audit, extraLog, check: customLog i.s.o. extraLog, $this->User->customLog('logout', $this->Auth->user('id'), array());
}
$this->Session->setFlash(__('Good-Bye'));
@ -432,6 +462,9 @@ class UsersController extends AppController {
$description = "User (" . $this->Auth->user('id') . "): " . $this->Auth->user('email');
} elseif ($action == 'edit') {
$description = "User (" . $this->User->id . "): " . $this->data['User']['email'];
} elseif ($action == 'change_pw') {
$description = "User (" . $this->User->id . "): " . $this->data['User']['email'];
$fieldsResult = "Password changed.";
}
// query

2
app/MYSQL.txt
View File

@ -89,6 +89,7 @@ CREATE TABLE `events` (
`revision` int(10) NOT NULL DEFAULT '0',
`private` tinyint(1) NOT NULL,
`cluster` tinyint(1) NOT NULL,
`analysis` tinyint(4) NOT NULL,
`communitie` tinyint(1) NOT NULL,
`attribute_count` int(11) UNSIGNED DEFAULT NULL,
`hop_count` int(11) UNSIGNED DEFAULT 0,
@ -185,6 +186,7 @@ CREATE TABLE `users` (
`gpgkey` longtext COLLATE utf8_bin NOT NULL,
`nids_sid` int(15) NOT NULL,
`termsaccepted` tinyint(1) NOT NULL,
`change_pw` tinyint(1) NOT NULL,
`newsread` date NOT NULL,
`role_id` int(11) NOT NULL,
PRIMARY KEY (`id`),

34
app/Model/Event.php
View File

@ -45,6 +45,13 @@ class Event extends AppModel {
'Medium' => array('desc' => '*medium* means APT malware', 'formdesc' => 'APT malware'),
'High' => array('desc' => '*high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Sophisticated APT malware or 0-day attack')
);
public $analysisDescriptions = array(
0 => array('desc' => '*Initial* means the event has just been created', 'formdesc' => 'Creation started'),
1 => array('desc' => '*Sandbox* means that the event was created using a sandbox', 'formdesc' => 'Creation ongoing'),
2 => array('desc' => '*Ongoing* means that the event is being populated', 'formdesc' => 'Creation ongoing'),
3 => array('desc' => '*Complete* means that the event\'s creation is complete', 'formdesc' => 'Creation complete')
);
public $distributionDescriptions = array(
'Your organization only' => array('desc' => 'This field determines the current distribution of the even', 'formdesc' => "Only organization members will see the event"),
@ -53,7 +60,10 @@ class Event extends AppModel {
'Connected communities' => array('desc' => 'This field determines the current distribution of the even', 'formdesc' => "Event visible to CyDefSIG instances with more then two servers but will not be shared past it"),
'All communities' => array('desc' => 'This field determines the current distribution of the even', 'formdesc' => "To be distributed to every connected CyDefSIG server"),
);
public $analysisLevels = array(
0 => 'Initial', 1 => 'Sandbox', 2 => 'Ongoing', 3 => 'Completed'
);
/**
* Validation rules
*
@ -88,6 +98,14 @@ class Event extends AppModel {
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
'analysis' => array(
'rule' => array('inList', array('0', '1', '2')),
'message' => 'Options : 0, 1, 2',
//'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
'info' => array(
'notempty' => array(
'rule' => array('notempty'),
@ -312,6 +330,20 @@ class Event extends AppModel {
$data['Event']['communitie'] = false;
break;
}
switch($data['Event']['analysis']){
case 'Initial':
$data['Event']['analysis'] = 0;
break;
case 'Ongoing':
$data['Event']['analysis'] = 1;
break;
case 'Sandbox':
$data['Event']['analysis'] = 2;
break;
case 'Completed':
$data['Event']['analysis'] = 3;
break;
}
return $data;
}

2
app/Model/Log.php
View File

@ -13,6 +13,7 @@ class Log extends AppModel {
'logout',
'add',
'edit',
'change_pw',
'delete',
'publish'
)),
@ -25,6 +26,7 @@ class Log extends AppModel {
'logout' => array('desc' => 'Logout action', 'formdesc' => "Logout action"),
'add' => array('desc' => 'Add action', 'formdesc' => "Add action"),
'edit' => array('desc' => 'Edit action', 'formdesc' => "Edit action"),
'change_pw' => array('desc' => 'Change_pw action', 'formdesc' => "Change_pw action"),
'delete' => array('desc' => 'Delete action', 'formdesc' => "Delete action"),
'publish' => array('desc' => "Publish action", 'formdesc' => "Publish action")
);

10
app/Model/User.php
View File

@ -136,6 +136,16 @@ class User extends AppModel {
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'change_pw' => array(
'numeric' => array(
'rule' => array('numeric'),
//'message' => 'Your custom message here',
'allowEmpty' => true,
'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'gpgkey' => array(
'notempty' => array(
'rule' => array('validateGpgkey'),

8
app/View/Attributes/index.ctp
View File

@ -1,5 +1,13 @@
<div class="attributes index">
<h2><?php echo __('Attributes');?></h2>
<h4>Results for all attributes
<?php
if($keywordSearch!=null) echo " with the value containing \"<b>".h($keywordSearch)."</b>\"";
if($categorySearch!="ALL") echo " of category \"<b>".h($categorySearch)."</b>\"";
if($typeSearch!="ALL") echo " of type \"<b>".h($typeSearch)."</b>\"";
echo ":";
?>
</h4>
<table cellpadding="0" cellspacing="0">
<tr>
<th><?php echo $this->Paginator->sort('event_id');?></th>

11
app/View/Events/add.ctp
View File

@ -16,6 +16,10 @@ if ('true' == Configure::read('CyDefSIG.sync')) {
}
echo $this->Form->input('risk', array(
'before' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv'))));
echo $this->Form->input('analysis', array(
'options' => array($analysisLevels),
'before' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
));
echo $this->Form->input('info');
echo $this->Form->input('Event.submittedfile', array(
'label' => '<b>GFI sandbox</b>',
@ -26,7 +30,7 @@ echo $this->Form->input('Event.submittedfile', array(
// link an onchange event to the form elements
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
@ -52,6 +56,10 @@ foreach ($riskDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($analysisDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
function showFormInfo(id) {
@ -68,5 +76,6 @@ function showFormInfo(id) {
// hide the formInfo things
$('#EventDistributionDiv').hide();
$('#EventRiskDiv').hide();
$('#EventAnalysisDiv').hide();
</script>
<?php echo $this->Js->writeBuffer();

9
app/View/Events/edit.ctp
View File

@ -7,6 +7,9 @@ echo $this->Form->input('id');
echo $this->Form->input('date');
echo $this->Form->input('risk', array(
'before' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv'))));
echo $this->Form->input('analysis', array(
'options' => array($analysisLevels),
'before' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))));
if ('true' == Configure::read('CyDefSIG.sync')) {
if ('true' == Configure::read('CyDefSIG.private')) {
echo $this->Form->input('distribution', array('label' => 'Distribution',
@ -22,6 +25,7 @@ echo $this->Form->input('info');
// link an onchange event to the form elements
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
@ -46,6 +50,10 @@ foreach ($riskDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($analysisDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
?>
function showFormInfo(id) {
@ -62,5 +70,6 @@ function showFormInfo(id) {
// hide the formInfo things
$('#EventDistributionDiv').hide();
$('#EventRiskDiv').hide();
$('#EventAnalysisDiv').hide();
</script>
<?php echo $this->Js->writeBuffer();

4
app/View/Events/index.ctp
View File

@ -13,6 +13,8 @@
<th><?php echo $this->Paginator->sort('date');?></th>
<th<?php echo ' title="' . $eventDescriptions['risk']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('risk');?></th>
<th<?php echo ' title="' . $eventDescriptions['analysis']['desc'] . '"';?>>
<?php echo $this->Paginator->sort('analysis');?></th>
<th><?php echo $this->Paginator->sort('info');?></th>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
<?php if ('true' == Configure::read('CyDefSIG.private')): ?>
@ -49,6 +51,8 @@
<?php echo $event['Event']['date']; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $event['Event']['risk']; ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo $analysisLevels[$event['Event']['analysis']]; ?>&nbsp;</td>
<td onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
<?php echo nl2br(h($event['Event']['info'])); ?>&nbsp;</td>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>

5
app/View/Events/view.ctp
View File

@ -82,6 +82,11 @@ if ($isAdmin || $mayPublish) {
<?php echo $event['Event']['risk']; ?>
&nbsp;
</dd>
<dt<?php echo ' title="' . $eventDescriptions['analysis']['desc'] . '"';?>>Analysis</dt>
<dd>
<?php echo $analysisLevels[$event['Event']['analysis']]; ?>
&nbsp;
</dd>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
<?php if ('true' == Configure::read('CyDefSIG.private')): ?>
<dt>Distribution</dt>

10
app/View/Logs/admin_index.ctp
View File

@ -1,5 +1,15 @@
<div class="logs index">
<h2><?php echo __('Logs');?></h2>
<h4>Results for all log entries
<?php
if ($emailSearch!=null) echo " for user \"<b>".h($emailSearch)."\"</b>";
if ($orgSearch!=null) echo " of the organisation \"<b>".h($orgSearch)."</b>\"";
if ($actionSearch!="ALL") echo " of type \"<b>".h($actionSearch)."</b>\"";
if ($titleSearch!=null) echo " with the title \"<b>".h($titleSearch)."</b>\"";
if ($changeSearch!=null) echo " including the change \"<b>".h($changeSearch)."</b>\"";
echo ":";
?>
</h4>
<table cellpadding="0" cellspacing="0">
<tr>
<th><?php echo $this->Paginator->sort('id');?></th>

14
app/View/Pages/using_the_system.ctp
View File

@ -36,6 +36,12 @@ The process of entering an event can be split into 3 phases, the creation of the
<li><i>Medium:</i> Advanced Persistent Threats (APT)<br /><br /></li>
<li><i>High:</i> Sophisticated APTs and 0day attacks.<br /><br /></li>
</ul>
<li><em>Analysis:</em> Indicates the current stage of the analysis for the event, with the following possible options:<br /><br /></li>
<ul>
<li><i>Initial:</i> The analysis is just beginning<br /><br /></li>
<li><i>Ongoing:</i> The analysis is in progress<br /><br /></li>
<li><i>Completed:</i> The analysis is complete<br /><br /></li>
</ul>
<li><em>Info:</em> The info field, where the malware/incident can get a brief description starting with the internal reference. This field should be as brief and concise as possible, the more detailed description happens through attributes in the next stage of the event's creation. Keep in mind that the system will automatically replace detected text strings that match a regular expression entry set up by your server's administrator(s). <br /><br /></li>
<li><em>GFI Sandbox:</em> It is possible to upload the exported .zip file from GFI sandbox with the help of this tool. These will be dissected by the MISP and a list of attributes and attachments will automatically be generated from the .zip file. Whilst this does most of the work needed to be done in the second step of the event's creation, it is important to manually look over all the data that is being entered. <br /><br /></li>
</ul>
@ -100,7 +106,13 @@ On the left menu bar, the option "List events" will generate a list of the last
<li><em>Medium:</em> Advanced Persistent Threats (APTs)</li>
<li><em>High:</em> Sophisticated APTs and 0day exploits</li>
<li><em>Undefined:</em> This field can be left undefined and edited at a later date.<br /><br /></li>
</ul></li>
</ul>
<li><em>Analysis:</em> Indicates the current stage of the analysis for the event, with the following possible options:<br /><br /></li>
<ul>
<li><em>Initial:</em> The analysis is just beginning</li>
<li><em>Ongoing:</em> The analysis is in progress</li>
<li><em>Completed:</em> The analysis is complete<br /><br /></li>
</ul>
<li><em>Info:</em> A short description of the event, starting with an internal reference number.<br /><br /></li>
<li><em>Distribution:</em> This field indicates what the sharing privileges of the event are. The selectable options are "This organisation only", "This server only", "This community only", "Connected communities", "All". For a detailed description of these settings read the section on <a href = #create>creating a new event</a>.<br /><br /></li>
<li><em>Actions:</em> The controls that the user has to view or modify the event. The possible actions that are available (depending on user privileges - <?php echo $this->Html->link(__('click here', true), array('controller' => 'pages', 'action' => 'display', 'administration', '#' => 'roles')); ?> to find out more about privileges):<br /><br /></li>

1
app/View/Users/admin_edit.ctp
View File

@ -12,6 +12,7 @@
echo $this->Form->input('authkey');
echo $this->Form->input('nids_sid');
echo $this->Form->input('termsaccepted');
echo $this->Form->input('change_pw', array('type' => 'checkbox', 'label' => 'Change Password'));
echo $this->Form->input('newsread');
echo $this->Form->input('gpgkey');
?>

8
app/View/Users/admin_index.ctp
View File

@ -31,7 +31,13 @@
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['nids_sid']); ?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['termsaccepted']); ?>&nbsp;</td>
<?php
if (h($user['User']['termsaccepted']) == 1){
echo "Yes";
}else{
echo "No";
}
?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
<?php echo h($user['User']['newsread']); ?>&nbsp;</td>
<td class="actions">

31
app/View/Users/admin_view.ctp
View File

@ -36,7 +36,9 @@ $buttonModifyStatus = $mayModify ? 'button_on':'button_off';
</dd>
<dt><?php echo __('Autoalert'); ?></dt>
<dd>
<?php echo h($user['User']['autoalert']); ?>
<?php
echo (h($user['User']['autoalert'])==0)? 'No' : 'Yes' ;
?>
&nbsp;
</dd>
<dt><?php echo __('Authkey'); ?></dt>
@ -46,16 +48,19 @@ $buttonModifyStatus = $mayModify ? 'button_on':'button_off';
</dd>
<dt><?php echo __('Invited By'); ?></dt>
<dd>
<?php echo h($user['User']['invited_by']); ?>
<?php echo h($user2['User']['email']); ?>
&nbsp;
</dd>
<dt><?php echo __('Gpgkey'); ?></dt>
<dd style="font-size: 10px; line-height:100%;">
<code><?php echo nl2br(h($user['User']['gpgkey'])); ?></code>
&nbsp;
</dd>
<dd>
<?php
if (h($user['User']['gpgkey'])!=0){
echo "<code>".nl2br(h($user['User']['gpgkey']))."</code>";
}else{
echo "N/A";
}
?>
</dd>
<dt><?php echo __('Nids Sid'); ?></dt>
<dd>
<?php echo h($user['User']['nids_sid']); ?>
@ -63,7 +68,13 @@ $buttonModifyStatus = $mayModify ? 'button_on':'button_off';
</dd>
<dt><?php echo __('Termsaccepted'); ?></dt>
<dd>
<?php echo h($user['User']['termsaccepted']); ?>
<?php
if (h($user['User']['termsaccepted']) == 1){
echo "Yes";
}else{
echo "No";
}
?>
&nbsp;
</dd>
<dt><?php echo __('Newsread'); ?></dt>
@ -76,7 +87,7 @@ $buttonModifyStatus = $mayModify ? 'button_on':'button_off';
<div class="actions">
<ul>
<?php if ($isAclModify): ?>
<li><?php echo $this->Html->link(__('Edit User', true), array('action' => 'edit', $user['User']['id'])); ?></li>
<li><?php echo $this->Html->link(__('Edit User', true), array('admin' => 'true', 'action' => 'edit', $user['User']['id'])); ?></li>
<li>&nbsp;</li>
<?php endif; ?>
<?php echo $this->element('actions_menu'); ?>

2
app/View/Users/edit.ctp
View File

@ -1,7 +1,7 @@
<div class="users form">
<?php echo $this->Form->create('User');?>
<fieldset>
<legend><?php __('Edit User'); ?></legend>
<legend><?php echo __('Edit User'); ?></legend>
<?php
echo $this->Form->input('email');
echo $this->Form->input('password');

14
app/View/Users/view.ctp
View File

@ -26,7 +26,7 @@
</dd>
<dt><?php echo __('Autoalert'); ?></dt>
<dd>
<?php echo h(0 == ($user['User']['autoalert'])) ? 'no' : 'yes'; ?>
<?php echo h(0 == ($user['User']['autoalert'])) ? 'No' : 'Yes'; ?>
&nbsp;
</dd>
<dt><?php echo __('Authkey'); ?></dt>
@ -42,12 +42,18 @@
</dd>
<dt><?php echo __('Termsaccepted'); ?></dt>
<dd>
<?php echo h((0 == $user['User']['termsaccepted'])? 'no' : 'yes'); ?>
<?php echo h((0 == $user['User']['termsaccepted'])? 'No' : 'Yes'); ?>
&nbsp;
</dd>
<dt><?php echo __('GPG Key'); ?></dt>
<dd style="font-size: 10px; line-height:100%;">
<code><?php echo nl2br(h($user['User']['gpgkey'])); ?></code>
<dd>
<?php
if (h($user['User']['gpgkey'])!=0){
echo "<code>"+nl2br(h($user['User']['gpgkey']))+"</code>";
}else{
echo "N/A";
}
?>
&nbsp;
</dd>
</dl>