Proposal validation now calls the Attribute validation method instead of using the (incorrect) duplication in ShadowAttribute

2014-08-13 15:24:22 +02:00 · 2014-08-13 15:24:22 +02:00 · 26a4f97adb
parent d0e121846c
commit 26a4f97adb
1 changed files with 1 additions and 236 deletions
--- a/app/Model/ShadowAttribute.php
+++ b/app/Model/ShadowAttribute.php
@ -394,242 +394,7 @@ class ShadowAttribute extends AppModel {
 	}

 	public function validateAttributeValue($fields) {
-		$value = $fields['value'];
-		$returnValue = false;
-
-		// check data validation
-		switch($this->data['ShadowAttribute']['type']) {
-			case 'md5':
-				if (preg_match("#^[0-9a-f]{32}$#", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'sha1':
-				if (preg_match("#^[0-9a-f]{40}$#", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'sha256':
-				if (preg_match("#^[0-9a-f]{64}$#", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'http-method':
-				if (preg_match("#(OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT|PROPFIND|PROPPATCH|MKCOL|COPY|MOVE|LOCK|UNLOCK|VERSION-CONTROL|REPORT|CHECKOUT|CHECKIN|UNCHECKOUT|MKWORKSPACE|UPDATE|LABEL|MERGE|BASELINE-CONTROL|MKACTIVITY|ORDERPATCH|ACL|PATCH|SEARCH)#", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Unknown HTTP method.';
-				}
-			break;
-			case 'filename':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'filename|md5':
-				// no newline
-				if (preg_match("#^.+\|[0-9a-f]{32}$#", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'filename|sha1':
-				// no newline
-				if (preg_match("#^.+\|[0-9a-f]{40}$#", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'filename|sha256':
-				// no newline
-				if (preg_match("#^.+\|[0-9a-f]{64}$#", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Checksum has invalid length or format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'ip-src':
-				$parts = explode("/", $value);
-				// [0] = the ip
-				// [1] = the network address
-				if (count($parts) <= 2 ) {
-					// ipv4 and ipv6 matching
-					if (filter_var($parts[0],FILTER_VALIDATE_IP)) {
-						// ip is validated, now check if we have a valid network mask
-						if (empty($parts[1])) {
-							$returnValue = true;
-						} else {
-							if (is_numeric($parts[1]) && $parts[1] < 129) {
-								$returnValue = true;
-							}
-						}
-					}
-				}
-				if (!$returnValue) {
-					$returnValue = 'IP address has invalid format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'ip-dst':
-				$parts = explode("/", $value);
-				// [0] = the ip
-				// [1] = the network address
-				if (count($parts) <= 2 ) {
-					// ipv4 and ipv6 matching
-					if (filter_var($parts[0],FILTER_VALIDATE_IP)) {
-						// ip is validated, now check if we have a valid network mask
-						if (empty($parts[1])) {
-							$returnValue = true;
-						} else {
-							if (is_numeric($parts[1]) && $parts[1] < 129) {
-								$returnValue = true;
-							}
-						}
-					}
-				}
-				if (!$returnValue) {
-					$returnValue = 'IP address has invalid format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'named pipe':
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'hostname':
-			case 'domain':
-				if (preg_match("#^[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Domain name has invalid format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'email-src':
-				// we don't use the native function to prevent issues with partial email addresses
-				if (preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Email address has invalid format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'email-dst':
-				// we don't use the native function to prevent issues with partial email addresses
-				if (preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Email address has invalid format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'email-subject':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'email-attachment':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'url':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'user-agent':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'regkey':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'regkey|value':
-				// no newline
-				if (preg_match("#(.)+\|(.)+#", $value) && !preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'vulnerability':
-				if (preg_match("#^(CVE-)[0-9]{4}(-)[0-9]{4,6}$#", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Invalid format. Expected: CVE-xxxx-xxxx.';
-				}
-				break;
-			case 'AS':
-			case 'snort':
-			case 'pattern-in-file':
-			case 'pattern-in-traffic':
-			case 'pattern-in-memory':
-			case 'yara':
-			case 'attachment':
-			case 'malware-sample':
-				$returnValue = true;
-				break;
-			case 'link':
-				if (preg_match('#^(http|ftp)(s)?\:\/\/((([a-z|0-9|\-]{1,25})(\.)?){2,7})($|/.*$)#i', $value) && !preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'comment':
-			case 'text':
-			case 'other':
-				$returnValue = true;
-				break;
-			case 'target-user':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'target-email':
-				if (preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value)) {
-					$returnValue = true;
-				} else {
-					$returnValue = 'Email address has invalid format. Please double check the value or select "other" for a type.';
-				}
-				break;
-			case 'target-machine':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'target-org':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'target-location':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-				break;
-			case 'target-external':
-				// no newline
-				if (!preg_match("#\n#", $value)) {
-					$returnValue = true;
-				}
-		}
-
-		return $returnValue;
+		return $this->Attribute->validateAttributeValue($fields);
 	}

 	public function getCompositeTypes() {