mirror of https://github.com/MISP/MISP
Merge branch 'master' into develop
Conflicts: app/Controller/AttributesController.php app/Controller/EventsController.phppull/63/head
commit
2903493205
|
@ -153,6 +153,10 @@ Configure::write('CyDefSIG.correlation', 'db'); // correlation between at
|
|||
*/
|
||||
Configure::write('CyDefSIG.dns', 'false'); // there is a nameserver available to do resolution.
|
||||
|
||||
Configure::write('CyDefSIG.rest', 'ii'); // RESTfull, possible values:
|
||||
// - i, event without attributes
|
||||
// - ii, event with attributes (more framework friendly and more RESTfull friendly)
|
||||
|
||||
/**
|
||||
* The settings below can be used to set additional paths to models, views and controllers.
|
||||
*
|
||||
|
@ -239,4 +243,4 @@ CakeLog::config('error', array(
|
|||
'engine' => 'FileLog',
|
||||
'types' => array('warning', 'error', 'critical', 'alert', 'emergency'),
|
||||
'file' => 'error',
|
||||
));
|
||||
));
|
||||
|
|
|
@ -145,7 +145,7 @@ class AttributesController extends AppController {
|
|||
$successes = "";
|
||||
foreach ($attributes as $key => $attribute) {
|
||||
$attribute = trim($attribute);
|
||||
if (strlen($attribute) == 0 )
|
||||
if (strlen($attribute) == 0)
|
||||
continue; // don't do anything for empty lines
|
||||
|
||||
$this->Attribute->create();
|
||||
|
@ -202,12 +202,16 @@ class AttributesController extends AppController {
|
|||
$this->request->data = $this->Attribute->massageData(&$this->request->data);
|
||||
}
|
||||
|
||||
unset($this->request->data['Event']);
|
||||
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
||||
$this->request->data['Attribute']['event_id'] = $eventId;
|
||||
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||
unset($this->request->data['Event']);
|
||||
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
||||
//$this->request->data['Attribute']['event_id'] = $eventId;
|
||||
}
|
||||
$savedId = $this->request->data['Attribute']['id'];
|
||||
|
||||
if ($this->Attribute->save($this->request->data)) {
|
||||
if ($this->_isRest()) {
|
||||
// REST users want to see the newly created event
|
||||
// REST users want to see the newly created attribute
|
||||
$this->view($this->Attribute->getId());
|
||||
$this->render('view');
|
||||
} else {
|
||||
|
@ -216,8 +220,14 @@ class AttributesController extends AppController {
|
|||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
||||
}
|
||||
} else {
|
||||
if (!CakeSession::read('Message.flash')) {
|
||||
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
||||
if ($this->_isRest()) { // TODO return error if REST
|
||||
// REST users want to see the failed attribute
|
||||
$this->view($savedId);
|
||||
$this->render('view');
|
||||
} else {
|
||||
if (!CakeSession::read('Message.flash')) {
|
||||
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -464,11 +474,19 @@ class AttributesController extends AppController {
|
|||
$this->request->data = $this->Attribute->massageData(&$this->request->data);
|
||||
}
|
||||
|
||||
// reposition to get the attribute.id with given uuid
|
||||
$existingAttribute = $this->Attribute->findByUuid($this->request->data['Attribute']['uuid']);
|
||||
if (count($existingAttribute)) {
|
||||
$this->request->data['Attribute']['id'] = $existingAttribute['Attribute']['id'];
|
||||
}
|
||||
|
||||
// say what fields are to be updated
|
||||
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private', 'cluster');
|
||||
unset($this->request->data['Event']);
|
||||
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
||||
$this->request->data['Attribute']['event_id'] = $eventId;
|
||||
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||
unset($this->request->data['Event']);
|
||||
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
||||
$this->request->data['Attribute']['event_id'] = $eventId;
|
||||
}
|
||||
if ($this->Attribute->save($this->request->data)) {
|
||||
$this->Session->setFlash(__('The attribute has been saved'));
|
||||
|
||||
|
@ -477,7 +495,13 @@ class AttributesController extends AppController {
|
|||
$this->Event->id = $eventId;
|
||||
$this->Event->saveField('published', 0);
|
||||
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
|
||||
if ($this->_isRest()) {
|
||||
// REST users want to see the newly created event
|
||||
$this->view($this->Attribute->getId());
|
||||
$this->render('view');
|
||||
} else {
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
|
||||
}
|
||||
} else {
|
||||
if (!CakeSession::read('Message.flash')) {
|
||||
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
||||
|
@ -559,19 +583,11 @@ class AttributesController extends AppController {
|
|||
* TODO move this to a component(?)
|
||||
*/
|
||||
private function __deleteAttributeFromServers($uuid) {
|
||||
$result = $this->Attribute->find('first', array('conditions' => array('Attribute.uuid' => $uuid)));
|
||||
$id = $result['Attribute']['id'];
|
||||
|
||||
// TODO private and delete .. bring up ..
|
||||
//if (true == $result['Attribute']['private']) { // never upload private attributes
|
||||
// return "Attribute is private and non exportable";
|
||||
//}
|
||||
|
||||
// make sure we have all the data of the Attribute
|
||||
$this->Attribute->id = $id;
|
||||
$this->Attribute->recursive = 1; // TODO ERROR, was 1 so this could even whipe out things!!(?)
|
||||
$this->Attribute->read();
|
||||
|
||||
// get a list of the servers
|
||||
$this->loadModel('Server');
|
||||
$servers = $this->Server->find('all', array());
|
||||
|
@ -583,7 +599,7 @@ class AttributesController extends AppController {
|
|||
App::uses('HttpSocket', 'Network/Http');
|
||||
$HttpSocket = new HttpSocket();
|
||||
foreach ($servers as &$server) {
|
||||
$this->Attribute->deleteAttributeFromServer($this->Attribute->data['Attribute']['uuid'], $server, $HttpSocket);
|
||||
$this->Attribute->deleteAttributeFromServer($uuid, $server, $HttpSocket);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -349,7 +349,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
} else {
|
||||
if ($this->_isRest()) { // TODO return error if REST
|
||||
// REST users want to see the newly created event
|
||||
// REST users want to see the failed event
|
||||
$this->view($savedId);
|
||||
$this->render('view');
|
||||
} else {
|
||||
|
@ -432,11 +432,16 @@ class EventsController extends AppController {
|
|||
$data = $this->Event->massageData(&$data);
|
||||
}
|
||||
|
||||
// this saveAssociated() function will save not only the event, but also the attributes
|
||||
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
||||
unset($data['Attribute']);
|
||||
$this->Event->unbindModel(array('hasMany' => array('Attribute')));
|
||||
if ($this->Event->save($data, array('validate' => true, 'fieldList' => $fieldList))) {
|
||||
if ("i" == Configure::read('CyDefSIG.baseurl')) {
|
||||
// this saveAssociated() function will save not only the event, but also the attributes
|
||||
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
||||
unset($data['Attribute']);
|
||||
$this->Event->unbindModel(array('hasMany' => array('Attribute')));
|
||||
$saveResult = $this->Event->save($data, array('validate' => true, 'fieldList' => $fieldList));
|
||||
} else {
|
||||
$saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList));
|
||||
}
|
||||
if ($saveResult) {
|
||||
if (!empty($data['Event']['published']) && 1 == $data['Event']['published']) {
|
||||
// do the necessary actions to publish the event (email, upload,...)
|
||||
$this->__publish($this->Event->getId());
|
||||
|
@ -495,28 +500,35 @@ class EventsController extends AppController {
|
|||
$this->request->data['Event']['id'] = $existingEvent['Event']['id'];
|
||||
}
|
||||
|
||||
// reposition to get the attribute.id with given uuid
|
||||
$c = 0;
|
||||
if (isset($this->request->data['Attribute'])) {
|
||||
foreach ($this->request->data['Attribute'] as $attribute) {
|
||||
$existingAttribute = $this->Event->Attribute->findByUuid($attribute['uuid']);
|
||||
if (count($existingAttribute)) {
|
||||
$this->request->data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id'];
|
||||
}
|
||||
$c++;
|
||||
}
|
||||
}
|
||||
if ("ii" == Configure::read('CyDefSIG.rest')) {
|
||||
// reposition to get the attribute.id with given uuid
|
||||
$c = 0;
|
||||
if (isset($this->request->data['Attribute'])) {
|
||||
foreach ($this->request->data['Attribute'] as $attribute) {
|
||||
$existingAttribute = $this->Event->Attribute->findByUuid($attribute['uuid']);
|
||||
if (count($existingAttribute)) {
|
||||
$this->request->data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id'];
|
||||
}
|
||||
$c++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$fieldList = array(
|
||||
'Event' => array('org', 'date', 'risk', 'info', 'published', 'uuid', 'private', 'communitie'),
|
||||
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'communitie')
|
||||
);
|
||||
// this saveAssociated() function will save not only the event, but also the attributes
|
||||
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
||||
// the following 2 lines can be out-commented if we opt to save associated (Event.php:263-264)
|
||||
unset($this->request->data['Attribute']);
|
||||
$this->Event->unbindModel(array('hasMany' => array('Attribute')));
|
||||
if ($this->Event->save($this->request->data, array('validate' => true, 'fieldList' => $fieldList))) {
|
||||
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||
// this saveAssociated() function will save not only the event, but also the attributes
|
||||
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
||||
// the following 2 lines can be out-commented if we opt to save associated (Event.php:263-264)
|
||||
unset($this->request->data['Attribute']);
|
||||
$this->Event->unbindModel(array('hasMany' => array('Attribute')));
|
||||
$saveResult = $this->Event->save($this->request->data, array('validate' => true, 'fieldList' => $fieldList));
|
||||
} else {
|
||||
$saveResult = $this->Event->saveAssociated($this->request->data, array('validate' => true, 'fieldList' => $fieldList));
|
||||
}
|
||||
if ($saveResult) {
|
||||
|
||||
// TODO RESTfull: we now need to compare attributes, to see if we need to do a RESTfull attribute delete
|
||||
|
||||
|
|
|
@ -375,14 +375,19 @@ class Event extends AppModel {
|
|||
return $data;
|
||||
}
|
||||
|
||||
public function uploadEventToServer($event, $server, $HttpSocket=null) {
|
||||
public function uploadEventToServer($event, $server, $HttpSocket = null) {
|
||||
$newLocation = $newTextBody = '';
|
||||
$result = $this->RESTfullEventToServer($event, $server, null, $HttpSocket, &$newLocation, &$newTextBody);
|
||||
if (strlen($newLocation) || $result) { // HTTP/1.1 302 Found and Location: http://<newLocation>
|
||||
if (strlen($newLocation)) { // HTTP/1.1 302 Found and Location: http://<newLocation>
|
||||
$result = $this->RESTfullEventToServer($event, $server, $newLocation, $HttpSocket, &$newLocation, &$newTextBody);
|
||||
}
|
||||
$xml = Xml::build($newTextBody);
|
||||
try { // TODO Xml::build() does not throw the XmlException
|
||||
$xml = Xml::build($newTextBody);
|
||||
} catch (XmlException $e) {
|
||||
throw new InternalErrorException();
|
||||
//return false;
|
||||
}
|
||||
// get the remote event_id
|
||||
foreach ($xml as $xmlEvent) {
|
||||
foreach ($xmlEvent as $key => $value) {
|
||||
|
@ -398,11 +403,13 @@ class Event extends AppModel {
|
|||
foreach ($event['Attribute'] as $attribute) {
|
||||
$newerUuids[$attribute['id']] = $attribute['uuid'];
|
||||
$attribute['event_id'] = $remoteId;
|
||||
// do the add attributes here i.s.o. saveAssociates() or save()
|
||||
// and unset Attributes and hasMany for this
|
||||
// following 2 lines can be out-commented if. (EventsController.php:364-365)
|
||||
$anAttr = ClassRegistry::init('Attribute');
|
||||
$anAttr->uploadAttributeToServer($attribute, $server, $HttpSocket);
|
||||
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||
// do the add attributes here i.s.o. saveAssociates() or save()
|
||||
// and unset Attributes and hasMany for this
|
||||
// following 2 lines can be out-commented if. (EventsController.php:364-365)
|
||||
$anAttr = ClassRegistry::init('Attribute');
|
||||
$anAttr->uploadAttributeToServer($attribute, $server, $HttpSocket);
|
||||
}
|
||||
}
|
||||
// get the already existing attributes and delete the ones that are not there
|
||||
foreach ($xml->Event->Attribute as $attribute) {
|
||||
|
@ -519,7 +526,7 @@ class Event extends AppModel {
|
|||
// parse the XML response and keep the reason why it failed
|
||||
$xmlArray = Xml::toArray(Xml::build($response->body));
|
||||
} catch (XmlException $e) {
|
||||
return true;
|
||||
return true; // TODO should be false
|
||||
}
|
||||
if (strpos($xmlArray['response']['name'],"Event already exists")) { // strpos, so i can piggyback some value if needed.
|
||||
return true;
|
||||
|
@ -530,6 +537,8 @@ class Event extends AppModel {
|
|||
break;
|
||||
case '302': // Found
|
||||
case '404': // Not Found
|
||||
debug($response);
|
||||
//debug();
|
||||
$newLocation = $response->headers['Location'];
|
||||
$newTextBody = $response->body();
|
||||
return true;
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
||||
--data "@input/33529.xml" -X POST http://localhost/attributes
|
||||
--data "@input/215.xml" -X POST http://localhost/attributes
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
#curl -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
||||
#--data "@input/event.xml" -X PUT http://localhost/events/14'
|
||||
#http://bel_mod1.local.net:80/events/29
|
||||
#--data "@input/event.xml" -X PUT http://localhost/attributes/14'
|
||||
|
||||
# POST can be used as well..
|
||||
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
||||
--data "@input/33529.xml" -X POST http://localhost/attributes/33525
|
||||
--data "@input/215.xml" -X POST http://localhost/attributes/215 # 116 # 33525
|
||||
|
|
|
@ -3,4 +3,4 @@
|
|||
|
||||
# POST can be used as well..
|
||||
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
||||
--data "@input/event.xml" -X POST http://localhost/events/$1
|
||||
--data "@input/14.xml" -X POST http://localhost/events/$1
|
||||
|
|
Loading…
Reference in New Issue