mirror of https://github.com/MISP/MISP
Merge branch 'master' into develop
Conflicts: app/Controller/AttributesController.php app/Controller/EventsController.phppull/63/head
commit
2903493205
|
@ -153,6 +153,10 @@ Configure::write('CyDefSIG.correlation', 'db'); // correlation between at
|
||||||
*/
|
*/
|
||||||
Configure::write('CyDefSIG.dns', 'false'); // there is a nameserver available to do resolution.
|
Configure::write('CyDefSIG.dns', 'false'); // there is a nameserver available to do resolution.
|
||||||
|
|
||||||
|
Configure::write('CyDefSIG.rest', 'ii'); // RESTfull, possible values:
|
||||||
|
// - i, event without attributes
|
||||||
|
// - ii, event with attributes (more framework friendly and more RESTfull friendly)
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The settings below can be used to set additional paths to models, views and controllers.
|
* The settings below can be used to set additional paths to models, views and controllers.
|
||||||
*
|
*
|
||||||
|
@ -239,4 +243,4 @@ CakeLog::config('error', array(
|
||||||
'engine' => 'FileLog',
|
'engine' => 'FileLog',
|
||||||
'types' => array('warning', 'error', 'critical', 'alert', 'emergency'),
|
'types' => array('warning', 'error', 'critical', 'alert', 'emergency'),
|
||||||
'file' => 'error',
|
'file' => 'error',
|
||||||
));
|
));
|
||||||
|
|
|
@ -145,7 +145,7 @@ class AttributesController extends AppController {
|
||||||
$successes = "";
|
$successes = "";
|
||||||
foreach ($attributes as $key => $attribute) {
|
foreach ($attributes as $key => $attribute) {
|
||||||
$attribute = trim($attribute);
|
$attribute = trim($attribute);
|
||||||
if (strlen($attribute) == 0 )
|
if (strlen($attribute) == 0)
|
||||||
continue; // don't do anything for empty lines
|
continue; // don't do anything for empty lines
|
||||||
|
|
||||||
$this->Attribute->create();
|
$this->Attribute->create();
|
||||||
|
@ -202,12 +202,16 @@ class AttributesController extends AppController {
|
||||||
$this->request->data = $this->Attribute->massageData(&$this->request->data);
|
$this->request->data = $this->Attribute->massageData(&$this->request->data);
|
||||||
}
|
}
|
||||||
|
|
||||||
unset($this->request->data['Event']);
|
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||||
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
unset($this->request->data['Event']);
|
||||||
$this->request->data['Attribute']['event_id'] = $eventId;
|
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
||||||
|
//$this->request->data['Attribute']['event_id'] = $eventId;
|
||||||
|
}
|
||||||
|
$savedId = $this->request->data['Attribute']['id'];
|
||||||
|
|
||||||
if ($this->Attribute->save($this->request->data)) {
|
if ($this->Attribute->save($this->request->data)) {
|
||||||
if ($this->_isRest()) {
|
if ($this->_isRest()) {
|
||||||
// REST users want to see the newly created event
|
// REST users want to see the newly created attribute
|
||||||
$this->view($this->Attribute->getId());
|
$this->view($this->Attribute->getId());
|
||||||
$this->render('view');
|
$this->render('view');
|
||||||
} else {
|
} else {
|
||||||
|
@ -216,8 +220,14 @@ class AttributesController extends AppController {
|
||||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (!CakeSession::read('Message.flash')) {
|
if ($this->_isRest()) { // TODO return error if REST
|
||||||
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
// REST users want to see the failed attribute
|
||||||
|
$this->view($savedId);
|
||||||
|
$this->render('view');
|
||||||
|
} else {
|
||||||
|
if (!CakeSession::read('Message.flash')) {
|
||||||
|
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -464,11 +474,19 @@ class AttributesController extends AppController {
|
||||||
$this->request->data = $this->Attribute->massageData(&$this->request->data);
|
$this->request->data = $this->Attribute->massageData(&$this->request->data);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// reposition to get the attribute.id with given uuid
|
||||||
|
$existingAttribute = $this->Attribute->findByUuid($this->request->data['Attribute']['uuid']);
|
||||||
|
if (count($existingAttribute)) {
|
||||||
|
$this->request->data['Attribute']['id'] = $existingAttribute['Attribute']['id'];
|
||||||
|
}
|
||||||
|
|
||||||
// say what fields are to be updated
|
// say what fields are to be updated
|
||||||
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private', 'cluster');
|
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private', 'cluster');
|
||||||
unset($this->request->data['Event']);
|
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||||
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
unset($this->request->data['Event']);
|
||||||
$this->request->data['Attribute']['event_id'] = $eventId;
|
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
||||||
|
$this->request->data['Attribute']['event_id'] = $eventId;
|
||||||
|
}
|
||||||
if ($this->Attribute->save($this->request->data)) {
|
if ($this->Attribute->save($this->request->data)) {
|
||||||
$this->Session->setFlash(__('The attribute has been saved'));
|
$this->Session->setFlash(__('The attribute has been saved'));
|
||||||
|
|
||||||
|
@ -477,7 +495,13 @@ class AttributesController extends AppController {
|
||||||
$this->Event->id = $eventId;
|
$this->Event->id = $eventId;
|
||||||
$this->Event->saveField('published', 0);
|
$this->Event->saveField('published', 0);
|
||||||
|
|
||||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
|
if ($this->_isRest()) {
|
||||||
|
// REST users want to see the newly created event
|
||||||
|
$this->view($this->Attribute->getId());
|
||||||
|
$this->render('view');
|
||||||
|
} else {
|
||||||
|
$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if (!CakeSession::read('Message.flash')) {
|
if (!CakeSession::read('Message.flash')) {
|
||||||
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
||||||
|
@ -559,19 +583,11 @@ class AttributesController extends AppController {
|
||||||
* TODO move this to a component(?)
|
* TODO move this to a component(?)
|
||||||
*/
|
*/
|
||||||
private function __deleteAttributeFromServers($uuid) {
|
private function __deleteAttributeFromServers($uuid) {
|
||||||
$result = $this->Attribute->find('first', array('conditions' => array('Attribute.uuid' => $uuid)));
|
|
||||||
$id = $result['Attribute']['id'];
|
|
||||||
|
|
||||||
// TODO private and delete .. bring up ..
|
// TODO private and delete .. bring up ..
|
||||||
//if (true == $result['Attribute']['private']) { // never upload private attributes
|
//if (true == $result['Attribute']['private']) { // never upload private attributes
|
||||||
// return "Attribute is private and non exportable";
|
// return "Attribute is private and non exportable";
|
||||||
//}
|
//}
|
||||||
|
|
||||||
// make sure we have all the data of the Attribute
|
|
||||||
$this->Attribute->id = $id;
|
|
||||||
$this->Attribute->recursive = 1; // TODO ERROR, was 1 so this could even whipe out things!!(?)
|
|
||||||
$this->Attribute->read();
|
|
||||||
|
|
||||||
// get a list of the servers
|
// get a list of the servers
|
||||||
$this->loadModel('Server');
|
$this->loadModel('Server');
|
||||||
$servers = $this->Server->find('all', array());
|
$servers = $this->Server->find('all', array());
|
||||||
|
@ -583,7 +599,7 @@ class AttributesController extends AppController {
|
||||||
App::uses('HttpSocket', 'Network/Http');
|
App::uses('HttpSocket', 'Network/Http');
|
||||||
$HttpSocket = new HttpSocket();
|
$HttpSocket = new HttpSocket();
|
||||||
foreach ($servers as &$server) {
|
foreach ($servers as &$server) {
|
||||||
$this->Attribute->deleteAttributeFromServer($this->Attribute->data['Attribute']['uuid'], $server, $HttpSocket);
|
$this->Attribute->deleteAttributeFromServer($uuid, $server, $HttpSocket);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -349,7 +349,7 @@ class EventsController extends AppController {
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if ($this->_isRest()) { // TODO return error if REST
|
if ($this->_isRest()) { // TODO return error if REST
|
||||||
// REST users want to see the newly created event
|
// REST users want to see the failed event
|
||||||
$this->view($savedId);
|
$this->view($savedId);
|
||||||
$this->render('view');
|
$this->render('view');
|
||||||
} else {
|
} else {
|
||||||
|
@ -432,11 +432,16 @@ class EventsController extends AppController {
|
||||||
$data = $this->Event->massageData(&$data);
|
$data = $this->Event->massageData(&$data);
|
||||||
}
|
}
|
||||||
|
|
||||||
// this saveAssociated() function will save not only the event, but also the attributes
|
if ("i" == Configure::read('CyDefSIG.baseurl')) {
|
||||||
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
// this saveAssociated() function will save not only the event, but also the attributes
|
||||||
unset($data['Attribute']);
|
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
||||||
$this->Event->unbindModel(array('hasMany' => array('Attribute')));
|
unset($data['Attribute']);
|
||||||
if ($this->Event->save($data, array('validate' => true, 'fieldList' => $fieldList))) {
|
$this->Event->unbindModel(array('hasMany' => array('Attribute')));
|
||||||
|
$saveResult = $this->Event->save($data, array('validate' => true, 'fieldList' => $fieldList));
|
||||||
|
} else {
|
||||||
|
$saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList));
|
||||||
|
}
|
||||||
|
if ($saveResult) {
|
||||||
if (!empty($data['Event']['published']) && 1 == $data['Event']['published']) {
|
if (!empty($data['Event']['published']) && 1 == $data['Event']['published']) {
|
||||||
// do the necessary actions to publish the event (email, upload,...)
|
// do the necessary actions to publish the event (email, upload,...)
|
||||||
$this->__publish($this->Event->getId());
|
$this->__publish($this->Event->getId());
|
||||||
|
@ -495,28 +500,35 @@ class EventsController extends AppController {
|
||||||
$this->request->data['Event']['id'] = $existingEvent['Event']['id'];
|
$this->request->data['Event']['id'] = $existingEvent['Event']['id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
// reposition to get the attribute.id with given uuid
|
if ("ii" == Configure::read('CyDefSIG.rest')) {
|
||||||
$c = 0;
|
// reposition to get the attribute.id with given uuid
|
||||||
if (isset($this->request->data['Attribute'])) {
|
$c = 0;
|
||||||
foreach ($this->request->data['Attribute'] as $attribute) {
|
if (isset($this->request->data['Attribute'])) {
|
||||||
$existingAttribute = $this->Event->Attribute->findByUuid($attribute['uuid']);
|
foreach ($this->request->data['Attribute'] as $attribute) {
|
||||||
if (count($existingAttribute)) {
|
$existingAttribute = $this->Event->Attribute->findByUuid($attribute['uuid']);
|
||||||
$this->request->data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id'];
|
if (count($existingAttribute)) {
|
||||||
}
|
$this->request->data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id'];
|
||||||
$c++;
|
}
|
||||||
}
|
$c++;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$fieldList = array(
|
$fieldList = array(
|
||||||
'Event' => array('org', 'date', 'risk', 'info', 'published', 'uuid', 'private', 'communitie'),
|
'Event' => array('org', 'date', 'risk', 'info', 'published', 'uuid', 'private', 'communitie'),
|
||||||
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'communitie')
|
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'communitie')
|
||||||
);
|
);
|
||||||
// this saveAssociated() function will save not only the event, but also the attributes
|
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||||
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
// this saveAssociated() function will save not only the event, but also the attributes
|
||||||
// the following 2 lines can be out-commented if we opt to save associated (Event.php:263-264)
|
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
|
||||||
unset($this->request->data['Attribute']);
|
// the following 2 lines can be out-commented if we opt to save associated (Event.php:263-264)
|
||||||
$this->Event->unbindModel(array('hasMany' => array('Attribute')));
|
unset($this->request->data['Attribute']);
|
||||||
if ($this->Event->save($this->request->data, array('validate' => true, 'fieldList' => $fieldList))) {
|
$this->Event->unbindModel(array('hasMany' => array('Attribute')));
|
||||||
|
$saveResult = $this->Event->save($this->request->data, array('validate' => true, 'fieldList' => $fieldList));
|
||||||
|
} else {
|
||||||
|
$saveResult = $this->Event->saveAssociated($this->request->data, array('validate' => true, 'fieldList' => $fieldList));
|
||||||
|
}
|
||||||
|
if ($saveResult) {
|
||||||
|
|
||||||
// TODO RESTfull: we now need to compare attributes, to see if we need to do a RESTfull attribute delete
|
// TODO RESTfull: we now need to compare attributes, to see if we need to do a RESTfull attribute delete
|
||||||
|
|
||||||
|
|
|
@ -375,14 +375,19 @@ class Event extends AppModel {
|
||||||
return $data;
|
return $data;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function uploadEventToServer($event, $server, $HttpSocket=null) {
|
public function uploadEventToServer($event, $server, $HttpSocket = null) {
|
||||||
$newLocation = $newTextBody = '';
|
$newLocation = $newTextBody = '';
|
||||||
$result = $this->RESTfullEventToServer($event, $server, null, $HttpSocket, &$newLocation, &$newTextBody);
|
$result = $this->RESTfullEventToServer($event, $server, null, $HttpSocket, &$newLocation, &$newTextBody);
|
||||||
if (strlen($newLocation) || $result) { // HTTP/1.1 302 Found and Location: http://<newLocation>
|
if (strlen($newLocation) || $result) { // HTTP/1.1 302 Found and Location: http://<newLocation>
|
||||||
if (strlen($newLocation)) { // HTTP/1.1 302 Found and Location: http://<newLocation>
|
if (strlen($newLocation)) { // HTTP/1.1 302 Found and Location: http://<newLocation>
|
||||||
$result = $this->RESTfullEventToServer($event, $server, $newLocation, $HttpSocket, &$newLocation, &$newTextBody);
|
$result = $this->RESTfullEventToServer($event, $server, $newLocation, $HttpSocket, &$newLocation, &$newTextBody);
|
||||||
}
|
}
|
||||||
$xml = Xml::build($newTextBody);
|
try { // TODO Xml::build() does not throw the XmlException
|
||||||
|
$xml = Xml::build($newTextBody);
|
||||||
|
} catch (XmlException $e) {
|
||||||
|
throw new InternalErrorException();
|
||||||
|
//return false;
|
||||||
|
}
|
||||||
// get the remote event_id
|
// get the remote event_id
|
||||||
foreach ($xml as $xmlEvent) {
|
foreach ($xml as $xmlEvent) {
|
||||||
foreach ($xmlEvent as $key => $value) {
|
foreach ($xmlEvent as $key => $value) {
|
||||||
|
@ -398,11 +403,13 @@ class Event extends AppModel {
|
||||||
foreach ($event['Attribute'] as $attribute) {
|
foreach ($event['Attribute'] as $attribute) {
|
||||||
$newerUuids[$attribute['id']] = $attribute['uuid'];
|
$newerUuids[$attribute['id']] = $attribute['uuid'];
|
||||||
$attribute['event_id'] = $remoteId;
|
$attribute['event_id'] = $remoteId;
|
||||||
// do the add attributes here i.s.o. saveAssociates() or save()
|
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||||
// and unset Attributes and hasMany for this
|
// do the add attributes here i.s.o. saveAssociates() or save()
|
||||||
// following 2 lines can be out-commented if. (EventsController.php:364-365)
|
// and unset Attributes and hasMany for this
|
||||||
$anAttr = ClassRegistry::init('Attribute');
|
// following 2 lines can be out-commented if. (EventsController.php:364-365)
|
||||||
$anAttr->uploadAttributeToServer($attribute, $server, $HttpSocket);
|
$anAttr = ClassRegistry::init('Attribute');
|
||||||
|
$anAttr->uploadAttributeToServer($attribute, $server, $HttpSocket);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
// get the already existing attributes and delete the ones that are not there
|
// get the already existing attributes and delete the ones that are not there
|
||||||
foreach ($xml->Event->Attribute as $attribute) {
|
foreach ($xml->Event->Attribute as $attribute) {
|
||||||
|
@ -519,7 +526,7 @@ class Event extends AppModel {
|
||||||
// parse the XML response and keep the reason why it failed
|
// parse the XML response and keep the reason why it failed
|
||||||
$xmlArray = Xml::toArray(Xml::build($response->body));
|
$xmlArray = Xml::toArray(Xml::build($response->body));
|
||||||
} catch (XmlException $e) {
|
} catch (XmlException $e) {
|
||||||
return true;
|
return true; // TODO should be false
|
||||||
}
|
}
|
||||||
if (strpos($xmlArray['response']['name'],"Event already exists")) { // strpos, so i can piggyback some value if needed.
|
if (strpos($xmlArray['response']['name'],"Event already exists")) { // strpos, so i can piggyback some value if needed.
|
||||||
return true;
|
return true;
|
||||||
|
@ -530,6 +537,8 @@ class Event extends AppModel {
|
||||||
break;
|
break;
|
||||||
case '302': // Found
|
case '302': // Found
|
||||||
case '404': // Not Found
|
case '404': // Not Found
|
||||||
|
debug($response);
|
||||||
|
//debug();
|
||||||
$newLocation = $response->headers['Location'];
|
$newLocation = $response->headers['Location'];
|
||||||
$newTextBody = $response->body();
|
$newTextBody = $response->body();
|
||||||
return true;
|
return true;
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
||||||
--data "@input/33529.xml" -X POST http://localhost/attributes
|
--data "@input/215.xml" -X POST http://localhost/attributes
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
#curl -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
#curl -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
||||||
#--data "@input/event.xml" -X PUT http://localhost/events/14'
|
#--data "@input/event.xml" -X PUT http://localhost/attributes/14'
|
||||||
#http://bel_mod1.local.net:80/events/29
|
|
||||||
|
|
||||||
# POST can be used as well..
|
# POST can be used as well..
|
||||||
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
||||||
--data "@input/33529.xml" -X POST http://localhost/attributes/33525
|
--data "@input/215.xml" -X POST http://localhost/attributes/215 # 116 # 33525
|
||||||
|
|
|
@ -3,4 +3,4 @@
|
||||||
|
|
||||||
# POST can be used as well..
|
# POST can be used as well..
|
||||||
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
|
||||||
--data "@input/event.xml" -X POST http://localhost/events/$1
|
--data "@input/14.xml" -X POST http://localhost/events/$1
|
||||||
|
|
Loading…
Reference in New Issue