mirror of https://github.com/MISP/MISP
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
commit
25003e13ae
|
@ -3063,13 +3063,21 @@ class AttributesController extends AppController
|
||||||
$success = 0;
|
$success = 0;
|
||||||
$fails = 0;
|
$fails = 0;
|
||||||
foreach ($idList as $id) {
|
foreach ($idList as $id) {
|
||||||
$attribute = $this->Attribute->find('first', array(
|
$attributes = $this->Attribute->fetchAttributes(
|
||||||
'recursive' => -1,
|
$this->Auth->user(),
|
||||||
|
array(
|
||||||
'conditions' => array('Attribute.id' => $id, 'Attribute.deleted' => 0),
|
'conditions' => array('Attribute.id' => $id, 'Attribute.deleted' => 0),
|
||||||
'contain' => array('Event.orgc_id')
|
'contain' => array('Event.orgc_id')
|
||||||
));
|
)
|
||||||
if (empty($attribute)) {
|
);
|
||||||
|
if (empty($attributes)) {
|
||||||
throw new NotFoundException(__('Invalid attribute'));
|
throw new NotFoundException(__('Invalid attribute'));
|
||||||
|
} else {
|
||||||
|
$attribute = $attributes[0];
|
||||||
|
}
|
||||||
|
if (!$this->userRole['perm_tagger']) {
|
||||||
|
$fails++;
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
if ((!$this->userRole['perm_sync'] && !$this->_isSiteAdmin()) && $attribute['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
|
if ((!$this->userRole['perm_sync'] && !$this->_isSiteAdmin()) && $attribute['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
|
||||||
if (Configure::read('MISP.host_org_id') != $this->Auth->user('org_id') || !$local) {
|
if (Configure::read('MISP.host_org_id') != $this->Auth->user('org_id') || !$local) {
|
||||||
|
@ -3082,11 +3090,6 @@ class AttributesController extends AppController
|
||||||
'conditions' => array('Event.id' => $eventId),
|
'conditions' => array('Event.id' => $eventId),
|
||||||
'recursive' => -1
|
'recursive' => -1
|
||||||
));
|
));
|
||||||
if (!$this->_isSiteAdmin() && !$this->userRole['perm_sync']) {
|
|
||||||
if (!$this->userRole['perm_tagger'] || ($this->Auth->user('org_id') !== $event['Event']['org_id'] && $this->Auth->user('org_id') !== $event['Event']['orgc_id'])) {
|
|
||||||
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'You do not have permission to do that.')), 'status' => 200, 'type' => 'json'));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (!$this->_isRest()) {
|
if (!$this->_isRest()) {
|
||||||
$this->Attribute->Event->insertLock($this->Auth->user(), $eventId);
|
$this->Attribute->Event->insertLock($this->Auth->user(), $eventId);
|
||||||
}
|
}
|
||||||
|
|
|
@ -463,15 +463,15 @@ class TagsController extends AppController
|
||||||
throw new MethodNotAllowedException('Invalid event.');
|
throw new MethodNotAllowedException('Invalid event.');
|
||||||
}
|
}
|
||||||
$this->loadModel('GalaxyCluster');
|
$this->loadModel('GalaxyCluster');
|
||||||
$cluster_names = $this->GalaxyCluster->find('list', array('fields' => array('GalaxyCluster.tag_name'), 'group' => array('GalaxyCluster.id', 'GalaxyCluster.tag_name')));
|
$cluster_names = $this->GalaxyCluster->find('list', array(
|
||||||
|
'fields' => array('GalaxyCluster.tag_name'),
|
||||||
|
'group' => array('GalaxyCluster.id', 'GalaxyCluster.tag_name')
|
||||||
|
));
|
||||||
$this->helpers[] = 'TextColour';
|
$this->helpers[] = 'TextColour';
|
||||||
$conditions = array(
|
$conditions = array(
|
||||||
'event_id' => $id,
|
'event_id' => $id,
|
||||||
'Tag.name !=' => $cluster_names
|
'Tag.name !=' => $cluster_names
|
||||||
);
|
);
|
||||||
if (empty($this->Auth->user()['Role']['perm_sync'])) {
|
|
||||||
$conditions['EventTag.local'] = false;
|
|
||||||
}
|
|
||||||
$tags = $this->EventTag->find('all', array(
|
$tags = $this->EventTag->find('all', array(
|
||||||
'conditions' => $conditions,
|
'conditions' => $conditions,
|
||||||
'contain' => array('Tag'),
|
'contain' => array('Tag'),
|
||||||
|
@ -505,9 +505,6 @@ class TagsController extends AppController
|
||||||
$eventId = $this->Tag->AttributeTag->Attribute->data['Attribute']['event_id'];
|
$eventId = $this->Tag->AttributeTag->Attribute->data['Attribute']['event_id'];
|
||||||
|
|
||||||
$conditions = array('attribute_id' => $id);
|
$conditions = array('attribute_id' => $id);
|
||||||
if (empty($this->Auth->user()['Role']['perm_sync'])) {
|
|
||||||
$conditions['AttributeTag.local'] = false;
|
|
||||||
}
|
|
||||||
$attributeTags = $this->AttributeTag->find('all', array(
|
$attributeTags = $this->AttributeTag->find('all', array(
|
||||||
'conditions' => $conditions,
|
'conditions' => $conditions,
|
||||||
'contain' => array('Tag'),
|
'contain' => array('Tag'),
|
||||||
|
|
|
@ -1460,13 +1460,15 @@ class AppModel extends Model
|
||||||
public function cleanCacheFiles()
|
public function cleanCacheFiles()
|
||||||
{
|
{
|
||||||
Cache::clear();
|
Cache::clear();
|
||||||
|
Cache::clear(false, '_cake_core_');
|
||||||
|
Cache::clear(false, '_cake_model_');
|
||||||
clearCache();
|
clearCache();
|
||||||
$files = array();
|
|
||||||
$files = array_merge($files, glob(CACHE . 'models' . DS . 'myapp*'));
|
$files = glob(CACHE . 'models' . DS . 'myapp*');
|
||||||
$files = array_merge($files, glob(CACHE . 'persistent' . DS . 'myapp*'));
|
$files = array_merge($files, glob(CACHE . 'persistent' . DS . 'myapp*'));
|
||||||
foreach ($files as $f) {
|
foreach ($files as $file) {
|
||||||
if (is_file($f)) {
|
if (is_file($file)) {
|
||||||
unlink($f);
|
unlink($file);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -177,10 +177,38 @@ class Log extends AppModel
|
||||||
return $data;
|
return $data;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function createLogEntry($user = array('Organisation' => array('name' => 'SYSTEM'), 'email' => 'SYSTEM', 'id' => 0), $action, $model, $model_id = 0, $title = '', $change = '')
|
/**
|
||||||
|
* @param string|array $user
|
||||||
|
* @param string $action
|
||||||
|
* @param string $model
|
||||||
|
* @param int $modelId
|
||||||
|
* @param string $title
|
||||||
|
* @param string|array $change
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
public function createLogEntry($user, $action, $model, $modelId = 0, $title = '', $change = '')
|
||||||
{
|
{
|
||||||
|
if ($user === 'SYSTEM') {
|
||||||
|
$user = array('Organisation' => array('name' => 'SYSTEM'), 'email' => 'SYSTEM', 'id' => 0);
|
||||||
|
} else if (!is_array($user)) {
|
||||||
|
throw new InvalidArgumentException("User must be array or 'SYSTEM' string.");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (is_array($change)) {
|
||||||
|
$output = array();
|
||||||
|
foreach ($change as $field => $values) {
|
||||||
|
if (strpos($field, 'password') !== false) { // if field name contains password, replace value with asterisk
|
||||||
|
$oldValue = $newValue = "*****";
|
||||||
|
} else {
|
||||||
|
list($oldValue, $newValue) = $values;
|
||||||
|
}
|
||||||
|
$output[] = "$field ($oldValue) => ($newValue)";
|
||||||
|
}
|
||||||
|
$change = implode(", ", $output);
|
||||||
|
}
|
||||||
|
|
||||||
$this->create();
|
$this->create();
|
||||||
$this->save(array(
|
$result = $this->save(array(
|
||||||
'org' => $user['Organisation']['name'],
|
'org' => $user['Organisation']['name'],
|
||||||
'email' => $user['email'],
|
'email' => $user['email'],
|
||||||
'user_id' => $user['id'],
|
'user_id' => $user['id'],
|
||||||
|
@ -188,8 +216,12 @@ class Log extends AppModel
|
||||||
'title' => $title,
|
'title' => $title,
|
||||||
'change' => $change,
|
'change' => $change,
|
||||||
'model' => $model,
|
'model' => $model,
|
||||||
'model_id' => $model_id,
|
'model_id' => $modelId,
|
||||||
));
|
));
|
||||||
|
|
||||||
|
if (!$result) {
|
||||||
|
throw new Exception("Cannot save log because of validation errors: " . json_encode($this->validationErrors));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// to combat a certain bug that causes the upgrade scripts to loop without being able to set the correct version
|
// to combat a certain bug that causes the upgrade scripts to loop without being able to set the correct version
|
||||||
|
|
|
@ -3726,34 +3726,18 @@ class Server extends AppModel
|
||||||
} else {
|
} else {
|
||||||
$oldValue = Configure::read($setting['name']);
|
$oldValue = Configure::read($setting['name']);
|
||||||
$settingSaveResult = $this->serverSettingsSaveValue($setting['name'], $value);
|
$settingSaveResult = $this->serverSettingsSaveValue($setting['name'], $value);
|
||||||
$this->Log = ClassRegistry::init('Log');
|
|
||||||
$this->Log->create();
|
|
||||||
if ($settingSaveResult) {
|
if ($settingSaveResult) {
|
||||||
$result = $this->Log->save(array(
|
$this->Log = ClassRegistry::init('Log');
|
||||||
'org' => $user['Organisation']['name'],
|
$change = array($setting['name'] => array($oldValue, $value));
|
||||||
'model' => 'Server',
|
$this->Log->createLogEntry($user, 'serverSettingsEdit', 'Server', 0, 'Server setting changed', $change);
|
||||||
'model_id' => 0,
|
|
||||||
'email' => $user['email'],
|
|
||||||
'action' => 'serverSettingsEdit',
|
|
||||||
'user_id' => $user['id'],
|
|
||||||
'title' => 'Server setting changed',
|
|
||||||
'change' => $setting['name'] . ' (' . $oldValue . ') => (' . $value . ')',
|
|
||||||
));
|
|
||||||
// execute after hook
|
// execute after hook
|
||||||
if (isset($setting['afterHook'])) {
|
if (isset($setting['afterHook'])) {
|
||||||
$afterResult = call_user_func_array(array($this, $setting['afterHook']), array($setting['name'], $value));
|
$afterResult = call_user_func_array(array($this, $setting['afterHook']), array($setting['name'], $value));
|
||||||
if ($afterResult !== true) {
|
if ($afterResult !== true) {
|
||||||
$this->Log->create();
|
$change = 'There was an issue after setting a new setting. The error message returned is: ' . $afterResult;
|
||||||
$result = $this->Log->save(array(
|
$this->Log->createLogEntry($user, 'serverSettingsEdit', 'Server', 0, 'Server setting issue', $change);
|
||||||
'org' => $user['Organisation']['name'],
|
|
||||||
'model' => 'Server',
|
|
||||||
'model_id' => 0,
|
|
||||||
'email' => $user['email'],
|
|
||||||
'action' => 'serverSettingsEdit',
|
|
||||||
'user_id' => $user['id'],
|
|
||||||
'title' => 'Server setting issue',
|
|
||||||
'change' => 'There was an issue after setting a new setting. The error message returned is: ' . $afterResult,
|
|
||||||
));
|
|
||||||
return $afterResult;
|
return $afterResult;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1941,5 +1941,33 @@
|
||||||
"org_id": "0",
|
"org_id": "0",
|
||||||
"hide_tag": false
|
"hide_tag": false
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Feed": {
|
||||||
|
"id": "114",
|
||||||
|
"name": "DigitalSide Threat-Intel OSINT Feed",
|
||||||
|
"provider": "osint.digitalside.it",
|
||||||
|
"url": "https:\/\/osint.digitalside.it\/Threat-Intel\/digitalside-misp-feed\/",
|
||||||
|
"rules": "",
|
||||||
|
"enabled": false,
|
||||||
|
"distribution": "0",
|
||||||
|
"sharing_group_id": "0",
|
||||||
|
"tag_id": "0",
|
||||||
|
"default": false,
|
||||||
|
"source_format": "misp",
|
||||||
|
"fixed_event": true,
|
||||||
|
"delta_merge": false,
|
||||||
|
"event_id": "0",
|
||||||
|
"publish": false,
|
||||||
|
"override_ids": false,
|
||||||
|
"settings": "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||||
|
"input_source": "network",
|
||||||
|
"delete_local_file": false,
|
||||||
|
"lookup_visible": false,
|
||||||
|
"headers": "",
|
||||||
|
"caching_enabled": false,
|
||||||
|
"force_to_ids": false,
|
||||||
|
"cache_timestamp": "1568901075"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
Loading…
Reference in New Issue