MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of https://github.com/MISP/MISP into 2.4

pull/5206/head
chrisr3d 2019-09-23 11:27:23 +02:00
parent 6aa636bece 1ebf403ee8
commit 25003e13ae
6 changed files with 103 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
app/Controller/AttributesController.php
View File

@ -3063,13 +3063,21 @@ class AttributesController extends AppController
$success = 0;
$fails = 0;
foreach ($idList as $id) {
$attribute = $this->Attribute->find('first', array(
'recursive' => -1,
'conditions' => array('Attribute.id' => $id, 'Attribute.deleted' => 0),
'contain' => array('Event.orgc_id')
));
if (empty($attribute)) {
$attributes = $this->Attribute->fetchAttributes(
$this->Auth->user(),
array(
'conditions' => array('Attribute.id' => $id, 'Attribute.deleted' => 0),
'contain' => array('Event.orgc_id')
)
);
if (empty($attributes)) {
throw new NotFoundException(__('Invalid attribute'));
} else {
$attribute = $attributes[0];
}
if (!$this->userRole['perm_tagger']) {
$fails++;
continue;
}
if ((!$this->userRole['perm_sync'] && !$this->_isSiteAdmin()) && $attribute['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
if (Configure::read('MISP.host_org_id') != $this->Auth->user('org_id') || !$local) {
@ -3082,11 +3090,6 @@ class AttributesController extends AppController
'conditions' => array('Event.id' => $eventId),
'recursive' => -1
));
if (!$this->_isSiteAdmin() && !$this->userRole['perm_sync']) {
if (!$this->userRole['perm_tagger'] || ($this->Auth->user('org_id') !== $event['Event']['org_id'] && $this->Auth->user('org_id') !== $event['Event']['orgc_id'])) {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'You do not have permission to do that.')), 'status' => 200, 'type' => 'json'));
}
}
if (!$this->_isRest()) {
$this->Attribute->Event->insertLock($this->Auth->user(), $eventId);
}

11
app/Controller/TagsController.php
View File

@ -463,15 +463,15 @@ class TagsController extends AppController
throw new MethodNotAllowedException('Invalid event.');
}
$this->loadModel('GalaxyCluster');
$cluster_names = $this->GalaxyCluster->find('list', array('fields' => array('GalaxyCluster.tag_name'), 'group' => array('GalaxyCluster.id', 'GalaxyCluster.tag_name')));
$cluster_names = $this->GalaxyCluster->find('list', array(
'fields' => array('GalaxyCluster.tag_name'),
'group' => array('GalaxyCluster.id', 'GalaxyCluster.tag_name')
));
$this->helpers[] = 'TextColour';
$conditions = array(
'event_id' => $id,
'Tag.name !=' => $cluster_names
);
if (empty($this->Auth->user()['Role']['perm_sync'])) {
$conditions['EventTag.local'] = false;
}
$tags = $this->EventTag->find('all', array(
'conditions' => $conditions,
'contain' => array('Tag'),
@ -505,9 +505,6 @@ class TagsController extends AppController
$eventId = $this->Tag->AttributeTag->Attribute->data['Attribute']['event_id'];
$conditions = array('attribute_id' => $id);
if (empty($this->Auth->user()['Role']['perm_sync'])) {
$conditions['AttributeTag.local'] = false;
}
$attributeTags = $this->AttributeTag->find('all', array(
'conditions' => $conditions,
'contain' => array('Tag'),

12
app/Model/AppModel.php
View File

@ -1460,13 +1460,15 @@ class AppModel extends Model
public function cleanCacheFiles()
{
Cache::clear();
Cache::clear(false, '_cake_core_');
Cache::clear(false, '_cake_model_');
clearCache();
$files = array();
$files = array_merge($files, glob(CACHE . 'models' . DS . 'myapp*'));
$files = glob(CACHE . 'models' . DS . 'myapp*');
$files = array_merge($files, glob(CACHE . 'persistent' . DS . 'myapp*'));
foreach ($files as $f) {
if (is_file($f)) {
unlink($f);
foreach ($files as $file) {
if (is_file($file)) {
unlink($file);
}
}
}

52
app/Model/Log.php
View File

@ -177,19 +177,51 @@ class Log extends AppModel
return $data;
}
public function createLogEntry($user = array('Organisation' => array('name' => 'SYSTEM'), 'email' => 'SYSTEM', 'id' => 0), $action, $model, $model_id = 0, $title = '', $change = '')
/**
* @param string|array $user
* @param string $action
* @param string $model
* @param int $modelId
* @param string $title
* @param string|array $change
* @throws Exception
*/
public function createLogEntry($user, $action, $model, $modelId = 0, $title = '', $change = '')
{
if ($user === 'SYSTEM') {
$user = array('Organisation' => array('name' => 'SYSTEM'), 'email' => 'SYSTEM', 'id' => 0);
} else if (!is_array($user)) {
throw new InvalidArgumentException("User must be array or 'SYSTEM' string.");
}
if (is_array($change)) {
$output = array();
foreach ($change as $field => $values) {
if (strpos($field, 'password') !== false) { // if field name contains password, replace value with asterisk
$oldValue = $newValue = "*****";
} else {
list($oldValue, $newValue) = $values;
}
$output[] = "$field ($oldValue) => ($newValue)";
}
$change = implode(", ", $output);
}
$this->create();
$this->save(array(
'org' => $user['Organisation']['name'],
'email' =>$user['email'],
'user_id' => $user['id'],
'action' => $action,
'title' => $title,
'change' => $change,
'model' => $model,
'model_id' => $model_id,
$result = $this->save(array(
'org' => $user['Organisation']['name'],
'email' => $user['email'],
'user_id' => $user['id'],
'action' => $action,
'title' => $title,
'change' => $change,
'model' => $model,
'model_id' => $modelId,
));
if (!$result) {
throw new Exception("Cannot save log because of validation errors: " . json_encode($this->validationErrors));
}
}
// to combat a certain bug that causes the upgrade scripts to loop without being able to set the correct version

30
app/Model/Server.php
View File

@ -3726,34 +3726,18 @@ class Server extends AppModel
} else {
$oldValue = Configure::read($setting['name']);
$settingSaveResult = $this->serverSettingsSaveValue($setting['name'], $value);
$this->Log = ClassRegistry::init('Log');
$this->Log->create();
if ($settingSaveResult) {
$result = $this->Log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Server',
'model_id' => 0,
'email' => $user['email'],
'action' => 'serverSettingsEdit',
'user_id' => $user['id'],
'title' => 'Server setting changed',
'change' => $setting['name'] . ' (' . $oldValue . ') => (' . $value . ')',
));
$this->Log = ClassRegistry::init('Log');
$change = array($setting['name'] => array($oldValue, $value));
$this->Log->createLogEntry($user, 'serverSettingsEdit', 'Server', 0, 'Server setting changed', $change);
// execute after hook
if (isset($setting['afterHook'])) {
$afterResult = call_user_func_array(array($this, $setting['afterHook']), array($setting['name'], $value));
if ($afterResult !== true) {
$this->Log->create();
$result = $this->Log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Server',
'model_id' => 0,
'email' => $user['email'],
'action' => 'serverSettingsEdit',
'user_id' => $user['id'],
'title' => 'Server setting issue',
'change' => 'There was an issue after setting a new setting. The error message returned is: ' . $afterResult,
));
$change = 'There was an issue after setting a new setting. The error message returned is: ' . $afterResult;
$this->Log->createLogEntry($user, 'serverSettingsEdit', 'Server', 0, 'Server setting issue', $change);
return $afterResult;
}
}

30
app/files/feed-metadata/defaults.json
View File

@ -1941,5 +1941,33 @@
"org_id": "0",
"hide_tag": false
}
}
},
{
"Feed": {
"id": "114",
"name": "DigitalSide Threat-Intel OSINT Feed",
"provider": "osint.digitalside.it",
"url": "https:\/\/osint.digitalside.it\/Threat-Intel\/digitalside-misp-feed\/",
"rules": "",
"enabled": false,
"distribution": "0",
"sharing_group_id": "0",
"tag_id": "0",
"default": false,
"source_format": "misp",
"fixed_event": true,
"delta_merge": false,
"event_id": "0",
"publish": false,
"override_ids": false,
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
"input_source": "network",
"delete_local_file": false,
"lookup_visible": false,
"headers": "",
"caching_enabled": false,
"force_to_ids": false,
"cache_timestamp": "1568901075"
}
}
]