MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

new: [log] Show full change in popup

pull/6914/head
Jakub Onderka 2021-01-31 13:43:38 +01:00
parent 59a45c3695
commit 232afb9ac6
6 changed files with 96 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
app/Controller/AuditLogsController.php
View File

@ -185,6 +185,19 @@ class AuditLogsController extends AppController
$this->set('title_for_layout', __('Audit logs for event #%s', $event['Event']['id']));
}
public function fullChange($id)
{
$log = $this->AuditLog->find('first', [
'conditions' => ['id' => $id],
'recursive' => -1,
'fields' => ['change', 'action'],
]);
if (empty($log)) {
throw new Exception('Log not found.');
}
$this->set('log', $log);
}
public function returnDates($org = 'all')
{
if (!$this->Auth->user('Role')['perm_sharing_group'] && !empty(Configure::read('Security.hide_organisation_index_from_users'))) {

1
app/Controller/Component/ACLComponent.php
View File

@ -379,6 +379,7 @@ class ACLComponent extends Component
),
'auditLogs' => [
'admin_index' => ['perm_audit'],
'fullChange' => ['perm_audit'],
'eventIndex' => ['*'],
'returnDates' => ['*'],
],

70
app/View/AuditLogs/admin_index.ctp
View File

@ -1,34 +1,4 @@
<?php
$formatValue = function($field, $value) {
if (strpos($field, 'timestamp') !== false && is_numeric($value)) {
$date = date('Y-m-d H:i:s', $value);
if ($date !== false) {
return '<span title="Original value: ' . h($value) . '">' . h($date) . '</span>';
}
} else if ($field === 'last_seen' || $field === 'first_seen') {
$ls_sec = intval($value / 1000000); // $ls is in micro (10^6)
$ls_micro = $value % 1000000;
$ls_micro = str_pad($ls_micro, 6, "0", STR_PAD_LEFT);
$ls = $ls_sec . '.' . $ls_micro;
$date = DateTime::createFromFormat('U.u', $ls)->format('Y-m-d\TH:i:s.u');
return '<span title="Original value: ' . h($value) . '">' . h($date) . '</span>';
}
if (mb_strlen($value) > 64) {
$value = mb_substr($value, 0, 64) . '...';
}
return h(json_encode($value, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
};
$removeActions = [
AuditLog::ACTION_DELETE => true,
AuditLog::ACTION_REMOVE_GALAXY_LOCAL => true,
AuditLog::ACTION_REMOVE_GALAXY => true,
AuditLog::ACTION_REMOVE_TAG => true,
AuditLog::ACTION_REMOVE_TAG_LOCAL => true,
];
?><div class="logs index">
<div class="logs index">
<h2><?= __('Audit logs') ?></h2>
<div>
<div id="builder"></div>
@ -272,9 +242,9 @@ $removeActions = [
<th><?= $this->Paginator->sort('ip', __('IP')) ?></th>
<th><?= $this->Paginator->sort('org_id', __('Org')) ?></th>
<th><?= $this->Paginator->sort('action') ?></th>
<th>Model</th>
<th>Title</th>
<th>Change</th>
<th><?= __('Model') ?></th>
<th><?= __('Title') ?></th>
<th><?= __('Change') ?></th>
</tr>
<?php foreach ($list as $item): ?>
<tr>
@ -311,24 +281,7 @@ $removeActions = [
<?= isset($item['AuditLog']['model_link']) ? '</a>' : '' ?>
</td>
<td class="limitedWidth"><?= h($item['AuditLog']['title']) ?></td>
<td><?php
if (is_array($item['AuditLog']['change'])) {
foreach ($item['AuditLog']['change'] as $field => $values) {
echo '<span class="json_key">' . h($field) . ':</span> ';
if (isset($removeActions[$item['AuditLog']['action']])) {
echo '<span class="json_string">' . $formatValue($field, $values) . '</span> <i class="fas fa-arrow-right json_null"></i> <i class="fas fa-times json_string"></i><br>';
} else {
if (is_array($values)) {
echo '<span class="json_string">' . $formatValue($field, $values[0]) . '</span> ';
$value = $values[1];
} else {
$value = $values;
}
echo '<i class="fas fa-arrow-right json_null"></i> <span class="json_string">' . $formatValue($field, $value) . '</span><br>';
}
}
}
?></td>
<td ondblclick="showFullChange(<?= h($item['AuditLog']['id']) ?>)"><?= $this->element('AuditLog/change', ['item' => $item]) ?></td>
</tr>
<?php endforeach; ?>
</table>
@ -346,6 +299,19 @@ $removeActions = [
</div>
<script type="text/javascript">
var passedArgs = <?= $passedArgs ?>;
function showFullChange(id) {
$.get(baseurl + "/audit_logs/fullChange/" + id, function(data) {
var $popoverFormLarge = $('#popover_form_large');
$popoverFormLarge.html(data);
$popoverFormLarge.find("span.json").each(function () {
$(this).html(syntaxHighlightJson($(this).text()));
});
openPopup($popoverFormLarge);
});
return false;
}
$('td[data-search]').mouseenter(function() {
var $td = $(this);
if ($td.data('search-value').length === 0) {

51
app/View/AuditLogs/event_index.ctp
View File

@ -1,20 +1,4 @@
<?php
$formatValue = function($value) {
if (mb_strlen($value) > 64) {
$value = mb_substr($value, 0, 64) . '...';
}
return h(json_encode($value, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
};
$removeActions = [
AuditLog::ACTION_DELETE => true,
AuditLog::ACTION_REMOVE_GALAXY_LOCAL => true,
AuditLog::ACTION_REMOVE_GALAXY => true,
AuditLog::ACTION_REMOVE_TAG => true,
AuditLog::ACTION_REMOVE_TAG_LOCAL => true,
];
?><div class="logs index">
<div class="logs index">
<h2><?= __('Audit logs for event #%s', $event['Event']['id']) ?></h2>
<div class="pagination">
<ul>
@ -29,13 +13,13 @@ $removeActions = [
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?= $this->Paginator->sort('created');?></th>
<th><?= $this->Paginator->sort('user_id', __('User'));?></th>
<th><?= $this->Paginator->sort('org_id', __('Org'));?></th>
<th><?= $this->Paginator->sort('action');?></th>
<th>Model</th>
<th>Title</th>
<th>Change</th>
<th><?= $this->Paginator->sort('created') ?></th>
<th><?= $this->Paginator->sort('user_id', __('User')) ?></th>
<th><?= $this->Paginator->sort('org_id', __('Org')) ?></th>
<th><?= $this->Paginator->sort('action') ?></th>
<th><?= __('Model') ?></th>
<th><?= __('Title') ?></th>
<th><?= __('Change') ?></th>
</tr>
<?php foreach ($list as $item): ?>
<tr>
@ -50,24 +34,7 @@ $removeActions = [
<td class="short"><?= h($item['AuditLog']['action_human']) ?></td>
<td class="short"><?= h($item['AuditLog']['model']) . ' #' . h($item['AuditLog']['model_id']) ?></td>
<td class="limitedWidth"><?= h($item['AuditLog']['title']) ?></td>
<td><?php
if (is_array($item['AuditLog']['change'])) {
foreach ($item['AuditLog']['change'] as $field => $values) {
echo '<span class="json_key">' . h($field) . ':</span> ';
if (isset($removeActions[$item['AuditLog']['action']])) {
echo '<span class="json_string">' . $formatValue($values) . '</span> <i class="fas fa-arrow-right json_null"></i> <i class="fas fa-times json_string"></i><br>';
} else {
if (is_array($values)) {
echo '<span class="json_string">' . $formatValue($values[0]) . '</span> ';
$value = $values[1];
} else {
$value = $values;
}
echo '<i class="fas fa-arrow-right json_null"></i> <span class="json_string">' . $formatValue($value) . '</span><br>';
}
}
}
?></td>
<td><?= $this->element('AuditLog/change', ['item' => $item]) ?></td>
</tr>
<?php endforeach; ?>
</table>

3
app/View/AuditLogs/full_change.ctp Normal file
View File

@ -0,0 +1,3 @@
<div style="padding: 1em; background: white; word-wrap: break-word;">
<?= $this->element('AuditLog/change', ['item' => $log, 'full' => true]) ?>
</div>

52
app/View/Elements/AuditLog/change.ctp Normal file
View File

@ -0,0 +1,52 @@
<?php
$removeActions = [
AuditLog::ACTION_DELETE => true,
AuditLog::ACTION_REMOVE_GALAXY_LOCAL => true,
AuditLog::ACTION_REMOVE_GALAXY => true,
AuditLog::ACTION_REMOVE_TAG => true,
AuditLog::ACTION_REMOVE_TAG_LOCAL => true,
];
$full = isset($full) ? $full : false;
$formatValue = function($field, $value) use ($full) {
if ((strpos($field, 'timestamp') !== false || in_array($field, ['expiration', 'created', 'date_created'], true)) && is_numeric($value)) {
$date = date('Y-m-d H:i:s', $value);
if ($date !== false) {
return '<span title="Original value: ' . h($value) . '">' . h($date) . '</span>';
}
} else if ($field === 'last_seen' || $field === 'first_seen') {
$ls_sec = intval($value / 1000000); // $ls is in micro (10^6)
$ls_micro = $value % 1000000;
$ls_micro = str_pad($ls_micro, 6, "0", STR_PAD_LEFT);
$ls = $ls_sec . '.' . $ls_micro;
$date = DateTime::createFromFormat('U.u', $ls)->format('Y-m-d\TH:i:s.u');
return '<span title="Original value: ' . h($value) . '">' . h($date) . '</span>';
}
if ($full && is_string($value) && !empty($value) && ($value[0] === '{' || $value[0] === '[') && json_decode($value) !== null) {
return '<span class="json">' . h($value) . '</span>';
}
if (!$full && mb_strlen($value) > 64) {
$value = mb_substr($value, 0, 64) . '...';
}
return h(json_encode($value, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
};
if (is_array($item['AuditLog']['change'])) {
foreach ($item['AuditLog']['change'] as $field => $values) {
echo '<span class="json_key">' . h($field) . ':</span> ';
if (isset($removeActions[$item['AuditLog']['action']])) {
echo '<span class="json_string">' . $formatValue($field, $values) . '</span> <i class="fas fa-arrow-right json_null"></i> <i class="fas fa-times json_string"></i><br>';
} else {
if (is_array($values)) {
echo '<span class="json_string">' . $formatValue($field, $values[0]) . '</span> ';
$value = $values[1];
} else {
$value = $values;
}
echo '<i class="fas fa-arrow-right json_null"></i> <span class="json_string">' . $formatValue($field, $value) . '</span><br>';
}
}
}