mirror of https://github.com/MISP/MISP
chg: Viewing the public attributes of an event
- new named parameter /public:1 for the event view to view the public information of an event - it will filter out all attributes that are not visible to all or inherit the event - if an event is not set to distribution all, the view will throw an exception if the parameter is passed - it can be used for data views by accessing /events/view/event_id/public:1.json or /events/view/event_id/public:1.xml - Also some fixes to the fetchEvent algorithm that ignored optional sharing group and distribution settings for site adminspull/1387/head
parent
6cc81a011a
commit
23fca68d17
|
@ -866,7 +866,6 @@ class EventsController extends AppController {
|
|||
if (!$this->Event->exists()) {
|
||||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
|
||||
$conditions = array('eventid' => $id);
|
||||
if (!$this->_isRest()) {
|
||||
$conditions['includeAllTags'] = true;
|
||||
|
@ -876,6 +875,9 @@ class EventsController extends AppController {
|
|||
if (isset($this->params['named']['deleted']) && $this->params['named']['deleted']) {
|
||||
$conditions['deleted'] = 1;
|
||||
}
|
||||
if (isset($this->params['named']['public']) && $this->params['named']['public']) {
|
||||
$conditions['distribution'] = array(3, 5);
|
||||
}
|
||||
$results = $this->Event->fetchEvent($this->Auth->user(), $conditions);
|
||||
if (empty($results)) throw new NotFoundException('Invalid event');
|
||||
$event = &$results[0];
|
||||
|
|
|
@ -1127,15 +1127,13 @@ class Event extends AppModel {
|
|||
'Event.distribution >' => 0,
|
||||
'Event.distribution <' => 4,
|
||||
Configure::read('MISP.unpublishedprivate') ? array('Event.published =' => 1) : array(),
|
||||
$options['distribution'] !== false ? array('Event.distribution =' => $options['distribution']) : array(),
|
||||
),
|
||||
),
|
||||
array(
|
||||
'AND' => array(
|
||||
'Event.sharing_group_id' => $sgids,
|
||||
'Event.distribution' => 4,
|
||||
Configure::read('MISP.unpublishedprivate') ? array('Event.published =' => 1) : array(),
|
||||
$options['sharing_group_id'] !== false ? array('Event.sharing_group_id =' => $options['sharing_group_id']) : array(),
|
||||
Configure::read('MISP.unpublishedprivate') ? array('Event.published =' => 1) : array()
|
||||
)
|
||||
)
|
||||
);
|
||||
|
@ -1153,16 +1151,22 @@ class Event extends AppModel {
|
|||
array('AND' => array(
|
||||
'Attribute.distribution >' => 0,
|
||||
'Attribute.distribution !=' => 4,
|
||||
$options['distribution'] !== false ? array('Attribute.distribution =' => $options['distribution']) : array(),
|
||||
)),
|
||||
array('AND' => array(
|
||||
'Attribute.distribution' => 4,
|
||||
'Attribute.sharing_group_id' => $sgids,
|
||||
$options['sharing_group_id'] !== false ? array('Attribute.sharing_group_id =' => $options['sharing_group_id']) : array(),
|
||||
)),
|
||||
'(SELECT events.org_id FROM events WHERE events.id = Attribute.event_id)' => $user['org_id']
|
||||
);
|
||||
}
|
||||
if ($options['distribution']) {
|
||||
$conditions['AND'][] = array('Event.distribution' => $options['distribution']);
|
||||
$conditionsAttributes['AND'][] = array('Attribute.distribution' => $options['distribution']);
|
||||
}
|
||||
if ($options['sharing_group_id']) {
|
||||
$conditions['AND'][] = array('Event.sharing_group_id' => $options['sharing_group_id']);
|
||||
$conditionsAttributes['AND'][] = array('Attribute.sharing_group_id' => $options['sharing_group_id']);
|
||||
}
|
||||
if ($options['from']) $conditions['AND'][] = array('Event.date >=' => $options['from']);
|
||||
if ($options['to']) $conditions['AND'][] = array('Event.date <=' => $options['to']);
|
||||
if ($options['last']) $conditions['AND'][] = array('Event.publish_timestamp >=' => $options['last']);
|
||||
|
|
Loading…
Reference in New Issue