mirror of https://github.com/MISP/MISP
Update to the sync
- timestamp now correctly compared, events that have an older timestamp will be discarded, same with attributes - right now the response is the same as a successful edit though, should be handled more gracefully - pull is not yet tested - attachments and shadow attributes not yet implemented - backflow is nicely blocked by the timestamp as intended - needs cleanup (from, dist_change)pull/217/head
Iglocska
parent
1e7665cd6d
commit
22284d04d1
|
|
@ -520,20 +520,16 @@ class EventsController extends AppController {
|
|||
$existingEvent = $this->Event->findByUuid($this->request->data['Event']['uuid']);
|
||||
if (count($existingEvent)) {
|
||||
$this->request->data['Event']['id'] = $existingEvent['Event']['id'];
|
||||
if (isset($this->request->data['Event']['timestamp'])) {
|
||||
if (!$this->request->data['Event']['timestamp'] > $existingEvent['Event']['timestamp']) {
|
||||
return false;
|
||||
if (isset($existingEvent['Event']['timestamp'])) {
|
||||
if ($this->request->data['Event']['timestamp'] > $existingEvent['Event']['timestamp']) {
|
||||
|
||||
} else {
|
||||
$saveEvent = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if ($existingEvent['Event']['orgc'] == $this->_checkOrg()) {
|
||||
$this->set('canEditDist', true);
|
||||
} else {
|
||||
$this->set('canEditDist', false);
|
||||
}
|
||||
|
||||
$fieldList = array(
|
||||
'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid', 'dist_change', 'from', 'private', 'communitie', 'cluster', 'timestamp'),
|
||||
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'communitie', 'cluster', 'dist_change', 'timestamp')
|
||||
|
|
@ -549,7 +545,12 @@ class EventsController extends AppController {
|
|||
// Check if the attribute's timestamp is bigger than the one that already exists.
|
||||
// If yes, it means that it's newer, so insert it. If no, it means that it's the same attribute or older - don't insert it, insert the old attribute.
|
||||
// Alternatively, we could unset this attribute from the request, but that could lead with issues if we want to start deleting attributes that don't exist in a pushed event.
|
||||
if ($this->request->data['Attribute'][$c]['timestamp'] <= $existingAttribute['Attribute']['id']) $this->request->data['Attribute'][$c] = $existingAttribute['Attribute'];
|
||||
if ($this->request->data['Attribute'][$c]['timestamp'] > $existingAttribute['Attribute']['id']) {
|
||||
|
||||
} else {
|
||||
unset($this->request->data['Attribute'][$c]);
|
||||
//$this->request->data['Attribute'][$c] = $existingAttribute['Attribute'];
|
||||
}
|
||||
|
||||
/* Should be obsolete with timestamps
|
||||
if (!($this->request->data['Attribute'][$c]['dist_change'] > $existingAttribute['Attribute']['dist_change'])) {
|
||||
|
|
@ -564,8 +565,15 @@ class EventsController extends AppController {
|
|||
}
|
||||
// this saveAssociated() function will save not only the event, but also the attributes
|
||||
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
||||
$saveResult = $this->Event->saveAssociated($this->request->data, array('validate' => true, 'fieldList' => $fieldList));
|
||||
|
||||
if ($saveEvent) {
|
||||
$saveResult = $this->Event->saveAssociated($this->request->data, array('validate' => true, 'fieldList' => $fieldList));
|
||||
} else {
|
||||
$message = 'This would be a downgrade...';
|
||||
$this->set('event', $existingEvent);
|
||||
$this->view($existingEvent['Event']['id']);
|
||||
$this->render('view');
|
||||
return true;
|
||||
}
|
||||
if ($saveResult) {
|
||||
// TODO RESTfull: we now need to compare attributes, to see if we need to do a RESTfull attribute delete
|
||||
$message = 'Saved';
|
||||
|
|
@ -593,7 +601,6 @@ class EventsController extends AppController {
|
|||
|
||||
//Moved this out of (if ($this->_isAdmin()) to use for the dist_change
|
||||
$this->Event->read();
|
||||
|
||||
// always force the org, but do not force it for admins
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
// set the same org as existed before
|
||||
|
|
|
|||
|
|
@ -9,13 +9,11 @@
|
|||
'class' => 'datepicker'
|
||||
));
|
||||
if ('true' == Configure::read('CyDefSIG.sync')) {
|
||||
if ('true' == $canEditDist) {
|
||||
echo $this->Form->input('distribution', array(
|
||||
'label' => 'Distribution',
|
||||
'selected' => 'All communities',
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')),
|
||||
));
|
||||
}
|
||||
echo $this->Form->input('distribution', array(
|
||||
'label' => 'Distribution',
|
||||
'selected' => 'All communities',
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')),
|
||||
));
|
||||
}
|
||||
echo $this->Form->input('risk', array(
|
||||
'after' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')),
|
||||
|
|
@ -31,9 +29,7 @@ if ('true' == Configure::read('CyDefSIG.sync')) {
|
|||
));
|
||||
|
||||
// link an onchange event to the form elements
|
||||
if ('true' == $canEditDist) {
|
||||
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
|
||||
}
|
||||
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
|
||||
$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
|
||||
$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
|
||||
?>
|
||||
|
|
@ -84,13 +80,10 @@ echo $this->Form->end();
|
|||
//
|
||||
var formInfoValues = new Array();
|
||||
<?php
|
||||
if ('true' == $canEditDist) {
|
||||
foreach ($distributionDescriptions as $type => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
|
||||
}
|
||||
foreach ($distributionDescriptions as $type => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
|
||||
}
|
||||
|
||||
foreach ($riskDescriptions as $type => $def) {
|
||||
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
|
||||
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
|
||||
|
|
@ -113,9 +106,7 @@ function showFormInfo(id) {
|
|||
}
|
||||
|
||||
// hide the formInfo things
|
||||
if ('true' == $canEditDist) {
|
||||
$('#EventDistributionDiv').hide();
|
||||
}
|
||||
$('#EventDistributionDiv').hide();
|
||||
$('#EventRiskDiv').hide();
|
||||
$('#EventAnalysisDiv').hide();
|
||||
</script>
|
||||
|
|
|
|||
Loading…
Reference in New Issue