diff --git a/INSTALL/MYSQL.sql b/INSTALL/MYSQL.sql index c47050f64..c7f4d9464 100755 --- a/INSTALL/MYSQL.sql +++ b/INSTALL/MYSQL.sql @@ -1,230 +1,234 @@ --- phpMyAdmin SQL Dump --- version 3.3.9.2 --- http://www.phpmyadmin.net --- --- Host: localhost --- Generation Time: Jun 14, 2012 at 09:57 AM --- Server version: 5.5.9 --- PHP Version: 5.3.6 - -SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; - --- --- Database: `cydefsig` --- - --- -------------------------------------------------------- - --- --- Table structure for table `attributes` --- - -CREATE TABLE `attributes` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `event_id` int(11) NOT NULL, - `category` varchar(255) COLLATE utf8_bin NOT NULL, - `type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, - `value1` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, - `value2` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, - `to_ids` tinyint(1) NOT NULL DEFAULT '1', - `uuid` varchar(40) COLLATE utf8_bin NOT NULL, - `revision` int(10) NOT NULL DEFAULT '0', - `private` tinyint(1) NOT NULL, - `cluster` tinyint(1) NOT NULL, - `communitie` tinyint(1) NOT NULL, - PRIMARY KEY (`id`), - KEY `event_id` (`event_id`), - KEY `value1_key` (`value1`(5)), - KEY `value2_key` (`value2`(5)) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; - --- -------------------------------------------------------- - --- --- Table structure for table `blacklist` --- - -CREATE TABLE `blacklist` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `name` varchar(254) NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; - --- -------------------------------------------------------- - --- --- Table structure for table `bruteforces` --- - -CREATE TABLE `bruteforces` ( - `ip` varchar(255) COLLATE utf8_bin NOT NULL, - `username` varchar(255) COLLATE utf8_bin NOT NULL, - `expire` datetime NOT NULL -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; - --- -------------------------------------------------------- - --- --- Table structure for table `correlations` --- - -DROP TABLE IF EXISTS `correlations`; -CREATE TABLE `correlations` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `1_event_id` int(11) NOT NULL, - `1_attribute_id` int(11) NOT NULL, - `1_private` tinyint(1) NOT NULL, - `event_id` int(11) NOT NULL, - `attribute_id` int(11) NOT NULL, - `org` varchar(255) COLLATE utf8_bin NOT NULL, - `private` tinyint(1) NOT NULL, - `cluster` tinyint(1) NOT NULL, - `date` date NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM AUTO_INCREMENT=118 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; - --- -------------------------------------------------------- - --- --- Table structure for table `events` --- - -CREATE TABLE `events` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `org` varchar(255) COLLATE utf8_bin NOT NULL, - `date` date NOT NULL, - `risk` enum('Undefined','Low','Medium','High') COLLATE utf8_bin NOT NULL, - `info` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, - `user_id` int(11) NOT NULL, - `published` tinyint(1) NOT NULL DEFAULT '0', - `uuid` varchar(40) COLLATE utf8_bin NOT NULL, - `revision` int(10) NOT NULL DEFAULT '0', - `private` tinyint(1) NOT NULL, - `cluster` tinyint(1) NOT NULL, - `analysis` tinyint(4) NOT NULL, - `communitie` tinyint(1) NOT NULL, - `attribute_count` int(11) UNSIGNED DEFAULT NULL, - `hop_count` int(11) UNSIGNED DEFAULT 0, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; - --- -------------------------------------------------------- - --- --- Table structure for table `roles` --- - -CREATE TABLE `roles` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `name` varchar(100) COLLATE utf8_bin NOT NULL, - `created` datetime NOT NULL, - `modified` datetime NOT NULL, - `perm_add` tinyint(1) NOT NULL, - `perm_modify` tinyint(1) NOT NULL, - `perm_modify_org` tinyint(1) NOT NULL, - `perm_publish` tinyint(1) NOT NULL, - `perm_sync` tinyint(1) NOT NULL, - `perm_full` tinyint(1) NOT NULL, - `perm_auth` tinyint(1) NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; - --- -------------------------------------------------------- - --- --- Table structure for table `logs` --- - -CREATE TABLE `logs` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `title` varchar(255) COLLATE utf8_bin NOT NULL, - `created` datetime NOT NULL, - `model` varchar(20) COLLATE utf8_bin NOT NULL, - `model_id` int(11) NOT NULL, - `action` varchar(20) COLLATE utf8_bin NOT NULL, - `user_id` int(11) NOT NULL, - `change` varchar(255) COLLATE utf8_bin, - `email` varchar(255) COLLATE utf8_bin NOT NULL, - `org` varchar(255) COLLATE utf8_bin NOT NULL, - `description` varchar(255) COLLATE utf8_bin NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; - --- -------------------------------------------------------- - --- --- Table structure for table `regexp` --- - -CREATE TABLE `regexp` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `regexp` varchar(255) COLLATE utf8_bin NOT NULL, - `replacement` varchar(255) COLLATE utf8_bin NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM AUTO_INCREMENT=16 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; - --- -------------------------------------------------------- - --- --- Table structure for table `servers` --- - -CREATE TABLE `servers` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `url` varchar(255) COLLATE utf8_bin NOT NULL, - `authkey` varchar(40) COLLATE utf8_bin NOT NULL, - `org` varchar(255) COLLATE utf8_bin NOT NULL, - `organization` varchar(10) COLLATE utf8_bin NOT NULL, - `push` tinyint(1) NOT NULL, - `pull` tinyint(1) NOT NULL, - `lastpushedid` int(11) NOT NULL, - `lastpulledid` int(11) NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; - --- -------------------------------------------------------- - --- --- Table structure for table `users` --- - -CREATE TABLE `users` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `password` varchar(40) COLLATE utf8_bin NOT NULL, - `org` varchar(255) COLLATE utf8_bin NOT NULL, - `email` varchar(255) COLLATE utf8_bin NOT NULL, - `autoalert` tinyint(1) NOT NULL, - `authkey` varchar(40) COLLATE utf8_bin NOT NULL, - `invited_by` int(11) NOT NULL, - `gpgkey` longtext COLLATE utf8_bin NOT NULL, - `nids_sid` int(15) NOT NULL, - `termsaccepted` tinyint(1) NOT NULL, - `change_pw` tinyint(1) NOT NULL, - `newsread` date NOT NULL, - `role_id` int(11) NOT NULL, - PRIMARY KEY (`id`), - KEY `email` (`email`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ; - --- -------------------------------------------------------- - --- --- Table structure for table `whitelist` --- - -CREATE TABLE `whitelist` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `name` varchar(254) NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; - - --- --- Dumping data for table `attributes` --- - --- Dumping data for table `users` --- - -INSERT INTO `users` (`id`, `password`, `org`, `email`, `autoalert`, `authkey`, `invited_by`, `gpgkey`, `nids_sid`, `termsaccepted`, `newsread`, `role_id`) VALUES(1, 'babc86e0869015b3f0b4d48ca48700d3a9d1b9d7', 'ADMIN', 'admin@admin.test', 0, 'vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb', 1, '', 4000000, 0, '2012-03-13', ''); -INSERT INTO `regexp` (`id`, `regexp`, `replacement`) VALUES (1,'/C:.Users.(\\w+).AppData.Local.Temp./','%TEMP%\\\\'),(3,'/C:.Users.(\\w+).AppData.Local./','%LOCALAPPDATA%\\\\'),(4,'/C:.Users.(\\w+).AppData.Roaming./','%APPDATA%\\\\'),(5,'/C:.Users.(\\w+)./','%UserProfile%\\\\'),(6,'/C:.Documents and Settings.(\\w+) (\\w+)./','%UserProfile%\\\\'),(7,'/C:.DOCUME~1.(\\w+)./','%UserProfile%\\\\'),(8,'/C:.Documents and Settings.All Users/','%AllUsersProfile%'),(9,'/.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{9}){1}(-[0-9]{10}){1}-[0-9]{9}-[0-9]{4}/','HKCU'),(10,'@.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{10}){2}-[0-9]{9}-[0-9]{4}@','HKCU'),(11,'@.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{10}){3}-[0-9]{4}@','HKCU'),(13,'@.REGISTRY.MACHINE.@','HKLM\\\\'),(14,'@.Registry.Machine.@','HKLM\\\\'),(15,'','not allowed'),(16,'/not allowed/',''),(26,'/%AppData\\\\\\\\/','%AppData%'),(27,'/%APPDATA%/','%AppData%'),(20,'','replacements to uniform the data'),(25,'/%allusers%/','%AllUsers%'),(28,'/%APPDATA%/','%AppData%'),(29,'/%LocalSettings&\\\\\\\\/','%LocalSettings%'),(30,'/%Programfiles%/','%ProgramFiles%'),(31,'/%systemroot%/','%SystemRoot%'),(32,'/%Temp\\\\\\\\/','%TEMP%'),(33,'/%Temp%/','%TEMP%'),(34,'/%temp%/','%TEMP%'),(35,'/%UserProfile\\\\\\\\/','%UserProfile%'),(36,'/%userprofile%/','%UserProfile%'),(37,'/%Windir%/','%windir%'),(38,'/%WINDIR%/','%windir%'); +-- phpMyAdmin SQL Dump +-- version 3.3.9.2 +-- http://www.phpmyadmin.net +-- +-- Host: localhost +-- Generation Time: Jun 14, 2012 at 09:57 AM +-- Server version: 5.5.9 +-- PHP Version: 5.3.6 + +SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; + +-- +-- Database: `cydefsig` +-- + +-- -------------------------------------------------------- + +-- +-- Table structure for table `attributes` +-- + +CREATE TABLE `attributes` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `event_id` int(11) NOT NULL, + `category` varchar(255) COLLATE utf8_bin NOT NULL, + `type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, + `value1` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, + `value2` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, + `to_ids` tinyint(1) NOT NULL DEFAULT '1', + `uuid` varchar(40) COLLATE utf8_bin NOT NULL, + `revision` int(10) NOT NULL DEFAULT '0', + `private` tinyint(1) NOT NULL, + `cluster` tinyint(1) NOT NULL, + `communitie` tinyint(1) NOT NULL, + `dist_change` int(11) NOT NULL DEFAULT '0', + PRIMARY KEY (`id`), + KEY `event_id` (`event_id`), + KEY `value1_key` (`value1`(5)), + KEY `value2_key` (`value2`(5)) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `blacklist` +-- + +CREATE TABLE `blacklist` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `name` varchar(254) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `bruteforces` +-- + +CREATE TABLE `bruteforces` ( + `ip` varchar(255) COLLATE utf8_bin NOT NULL, + `username` varchar(255) COLLATE utf8_bin NOT NULL, + `expire` datetime NOT NULL +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `correlations` +-- + +DROP TABLE IF EXISTS `correlations`; +CREATE TABLE `correlations` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `1_event_id` int(11) NOT NULL, + `1_attribute_id` int(11) NOT NULL, + `1_private` tinyint(1) NOT NULL, + `event_id` int(11) NOT NULL, + `attribute_id` int(11) NOT NULL, + `org` varchar(255) COLLATE utf8_bin NOT NULL, + `private` tinyint(1) NOT NULL, + `cluster` tinyint(1) NOT NULL, + `date` date NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM AUTO_INCREMENT=118 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `events` +-- + +CREATE TABLE `events` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `org` varchar(255) COLLATE utf8_bin NOT NULL, + `date` date NOT NULL, + `risk` enum('Undefined','Low','Medium','High') COLLATE utf8_bin NOT NULL, + `info` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, + `user_id` int(11) NOT NULL, + `published` tinyint(1) NOT NULL DEFAULT '0', + `uuid` varchar(40) COLLATE utf8_bin NOT NULL, + `revision` int(10) NOT NULL DEFAULT '0', + `private` tinyint(1) NOT NULL, + `cluster` tinyint(1) NOT NULL, + `analysis` tinyint(4) NOT NULL, + `communitie` tinyint(1) NOT NULL, + `attribute_count` int(11) UNSIGNED DEFAULT NULL, + `hop_count` int(11) UNSIGNED DEFAULT 0, + `dist_change` int(11) NOT NULL DEFAULT '0' + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `roles` +-- + +CREATE TABLE `roles` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `name` varchar(100) COLLATE utf8_bin NOT NULL, + `created` datetime NOT NULL, + `modified` datetime NOT NULL, + `perm_add` tinyint(1) NOT NULL DEFAULT 0, + `perm_modify` tinyint(1) NOT NULL DEFAULT 0, + `perm_modify_org` tinyint(1) NOT NULL DEFAULT 0, + `perm_publish` tinyint(1) NOT NULL DEFAULT 0, + `perm_sync` tinyint(1) NOT NULL DEFAULT 0, + `perm_full` tinyint(1) NOT NULL DEFAULT 0, + `perm_audit` tinyint(1) NOT NULL DEFAULT 0, + `perm_admin` tinyint(1) NOT NULL DEFAULT 0, + `perm_auth` tinyint(1) NOT NULL DEFAULT 0, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `logs` +-- + +CREATE TABLE `logs` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `title` varchar(255) COLLATE utf8_bin NOT NULL, + `created` datetime NOT NULL, + `model` varchar(20) COLLATE utf8_bin NOT NULL, + `model_id` int(11) NOT NULL, + `action` varchar(20) COLLATE utf8_bin NOT NULL, + `user_id` int(11) NOT NULL, + `change` varchar(255) COLLATE utf8_bin, + `email` varchar(255) COLLATE utf8_bin NOT NULL, + `org` varchar(255) COLLATE utf8_bin NOT NULL, + `description` varchar(255) COLLATE utf8_bin NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `regexp` +-- + +CREATE TABLE `regexp` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `regexp` varchar(255) COLLATE utf8_bin NOT NULL, + `replacement` varchar(255) COLLATE utf8_bin NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM AUTO_INCREMENT=16 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `servers` +-- + +CREATE TABLE `servers` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `url` varchar(255) COLLATE utf8_bin NOT NULL, + `authkey` varchar(40) COLLATE utf8_bin NOT NULL, + `org` varchar(255) COLLATE utf8_bin NOT NULL, + `organization` varchar(10) COLLATE utf8_bin NOT NULL, + `push` tinyint(1) NOT NULL, + `pull` tinyint(1) NOT NULL, + `lastpushedid` int(11) NOT NULL, + `lastpulledid` int(11) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `users` +-- + +CREATE TABLE `users` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `password` varchar(40) COLLATE utf8_bin NOT NULL, + `org` varchar(255) COLLATE utf8_bin NOT NULL, + `email` varchar(255) COLLATE utf8_bin NOT NULL, + `autoalert` tinyint(1) NOT NULL, + `authkey` varchar(40) COLLATE utf8_bin NOT NULL, + `invited_by` int(11) NOT NULL, + `gpgkey` longtext COLLATE utf8_bin NOT NULL, + `nids_sid` int(15) NOT NULL, + `termsaccepted` tinyint(1) NOT NULL, + `change_pw` tinyint(1) NOT NULL, + `newsread` date NOT NULL, + `role_id` int(11) NOT NULL, + PRIMARY KEY (`id`), + KEY `email` (`email`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ; + +-- -------------------------------------------------------- + +-- +-- Table structure for table `whitelist` +-- + +CREATE TABLE `whitelist` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `name` varchar(254) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; + + +-- +-- Dumping data for table `attributes` +-- + +-- Dumping data for table `users` +-- + +INSERT INTO `users` (`id`, `password`, `org`, `email`, `autoalert`, `authkey`, `invited_by`, `gpgkey`, `nids_sid`, `termsaccepted`, `newsread`, `role_id`) VALUES(1, 'babc86e0869015b3f0b4d48ca48700d3a9d1b9d7', 'ADMIN', 'admin@admin.test', 0, 'vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb', 1, '', 4000000, 0, '2012-03-13', ''); +INSERT INTO `regexp` (`id`, `regexp`, `replacement`) VALUES (1,'/C:.Users.(\\w+).AppData.Local.Temp./','%TEMP%\\\\'),(3,'/C:.Users.(\\w+).AppData.Local./','%LOCALAPPDATA%\\\\'),(4,'/C:.Users.(\\w+).AppData.Roaming./','%APPDATA%\\\\'),(5,'/C:.Users.(\\w+)./','%UserProfile%\\\\'),(6,'/C:.Documents and Settings.(\\w+) (\\w+)./','%UserProfile%\\\\'),(7,'/C:.DOCUME~1.(\\w+)./','%UserProfile%\\\\'),(8,'/C:.Documents and Settings.All Users/','%AllUsersProfile%'),(9,'/.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{9}){1}(-[0-9]{10}){1}-[0-9]{9}-[0-9]{4}/','HKCU'),(10,'@.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{10}){2}-[0-9]{9}-[0-9]{4}@','HKCU'),(11,'@.REGISTRY.USER.S(-[0-9]{1}){2}-[0-9]{2}(-[0-9]{10}){3}-[0-9]{4}@','HKCU'),(13,'@.REGISTRY.MACHINE.@','HKLM\\\\'),(14,'@.Registry.Machine.@','HKLM\\\\'),(15,'','not allowed'),(16,'/not allowed/',''),(26,'/%AppData\\\\\\\\/','%AppData%'),(27,'/%APPDATA%/','%AppData%'),(20,'','replacements to uniform the data'),(25,'/%allusers%/','%AllUsers%'),(28,'/%APPDATA%/','%AppData%'),(29,'/%LocalSettings&\\\\\\\\/','%LocalSettings%'),(30,'/%Programfiles%/','%ProgramFiles%'),(31,'/%systemroot%/','%SystemRoot%'),(32,'/%Temp\\\\\\\\/','%TEMP%'),(33,'/%Temp%/','%TEMP%'),(34,'/%temp%/','%TEMP%'),(35,'/%UserProfile\\\\\\\\/','%UserProfile%'),(36,'/%userprofile%/','%UserProfile%'),(37,'/%Windir%/','%windir%'),(38,'/%WINDIR%/','%windir%'); diff --git a/app/Config/Schema/schema_0.2.3.php b/app/Config/Schema/schema_0.2.3.php index 2327c1203..68e48ca56 100755 --- a/app/Config/Schema/schema_0.2.3.php +++ b/app/Config/Schema/schema_0.2.3.php @@ -1,147 +1,147 @@ - array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - 'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), - 'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'), - 'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'), - 'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10), - 'private' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); - - public $bruteforces = array( - 'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'expire' => array('type' => 'datetime', 'null' => false, 'default' => null), - 'indexes' => array(), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); - - public $correlations = array( - 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - '1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), - '1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), - '1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'), - 'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), - 'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), - 'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'private' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); - - public $events = array( - 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - 'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'date' => array('type' => 'date', 'null' => false, 'default' => null), - //'risk' ENUM - 'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'), - 'user_id' => array('type' => 'integer', 'null' => false, 'default' => null), - //'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'), - 'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'private' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'), - 'revision' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 11), - 'hop_count' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 11), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); - - public $logs = array( - 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - 'title' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'created' => array('type' => 'datetime', 'null' => true, 'default' => null), - 'model' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'model_id' => array('type' => 'integer', 'null' => true, 'default' => null), - 'action' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'user_id' => array('type' => 'integer', 'null' => true, 'default' => null), - 'change' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'email' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'org' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); - - public $regex = array( - 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - 'regex' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); - - public $roles = array( - 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - 'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'), - 'created' => array('type' => 'datetime', 'null' => true, 'default' => null), - 'modified' => array('type' => 'datetime', 'null' => true, 'default' => null), - 'perm_add' => array('type' => 'boolean', 'null' => true, 'default' => null), - 'perm_modify' => array('type' => 'boolean', 'null' => true, 'default' => null), - 'perm_publish' => array('type' => 'boolean', 'null' => true, 'default' => null), - 'perm_full' => array('type' => 'boolean', 'null' => true, 'default' => null), - 'perm_auth' => array('type' => 'boolean', 'null' => true, 'default' => null), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), - 'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB') - ); - - public $servers = array( - 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - 'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'organization' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 10, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'push' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'pull' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null), - 'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); - - public $users = array( - 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - 'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null), - 'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), - 'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15), - 'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null), - 'newsread' => array('type' => 'date', 'null' => false, 'default' => null), - 'role_id' => array('type' => 'integer', 'null' => true, 'default' => null), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); - - public $whitelists = array( - 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), - 'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'), - 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), - 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') - ); -} + array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + 'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), + 'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'), + 'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'), + 'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10), + 'private' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); + + public $bruteforces = array( + 'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'expire' => array('type' => 'datetime', 'null' => false, 'default' => null), + 'indexes' => array(), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); + + public $correlations = array( + 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + '1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), + '1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), + '1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'), + 'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), + 'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'), + 'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'private' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); + + public $events = array( + 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + 'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'date' => array('type' => 'date', 'null' => false, 'default' => null), + //'risk' ENUM + 'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'), + 'user_id' => array('type' => 'integer', 'null' => false, 'default' => null), + //'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'), + 'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'private' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'), + 'revision' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 11), + 'hop_count' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 11), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); + + public $logs = array( + 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + 'title' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'created' => array('type' => 'datetime', 'null' => true, 'default' => null), + 'model' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'model_id' => array('type' => 'integer', 'null' => true, 'default' => null), + 'action' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'user_id' => array('type' => 'integer', 'null' => true, 'default' => null), + 'change' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'email' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'org' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); + + public $regex = array( + 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + 'regex' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); + + public $roles = array( + 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + 'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'), + 'created' => array('type' => 'datetime', 'null' => true, 'default' => null), + 'modified' => array('type' => 'datetime', 'null' => true, 'default' => null), + 'perm_add' => array('type' => 'boolean', 'null' => true, 'default' => null), + 'perm_modify' => array('type' => 'boolean', 'null' => true, 'default' => null), + 'perm_publish' => array('type' => 'boolean', 'null' => true, 'default' => null), + 'perm_full' => array('type' => 'boolean', 'null' => true, 'default' => null), + 'perm_auth' => array('type' => 'boolean', 'null' => true, 'default' => null), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), + 'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB') + ); + + public $servers = array( + 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + 'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'organization' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 10, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'push' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'pull' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null), + 'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); + + public $users = array( + 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + 'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null), + 'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'), + 'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15), + 'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null), + 'newsread' => array('type' => 'date', 'null' => false, 'default' => null), + 'role_id' => array('type' => 'integer', 'null' => true, 'default' => null), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); + + public $whitelists = array( + 'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'), + 'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'), + 'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)), + 'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM') + ); +} diff --git a/app/Config/bootstrap.default.php b/app/Config/bootstrap.default.php index 5873225f9..47dafc02e 100755 --- a/app/Config/bootstrap.default.php +++ b/app/Config/bootstrap.default.php @@ -114,28 +114,28 @@ Configure::write('CyDefSIG.footerpart1', 'Powered by CyDefSIG'); Configure::write('CyDefSIG.footerpart2', '© Belgian Defense CERT & NCIRC'); Configure::write('CyDefSIG.footer', Configure::read('CyDefSIG.footerpart1') . ' ' . Configure::read('CyDefSIG.footerpart2')); Configure::write('CyDefSIG.footerversion', Configure::read('CyDefSIG.footerpart1') . ' version ' . Configure::read('CyDefSIG.version') . ' ' . Configure::read('CyDefSIG.footerpart2')); -Configure::write('CyDefSIG.org', 'BE MOD'); // if sync this will be Event.org content on the peer side -Configure::write('CyDefSIG.logo', 'orgs/MIL.be.png'); // used in Events::index for owned events +Configure::write('CyDefSIG.org', 'BE MOD'); // if sync this will be Event.org content on the peer side +Configure::write('CyDefSIG.logo', 'orgs/MIL.be.png'); // used in Events::index for owned events -Configure::write('CyDefSIG.showorg', 'true'); // show the name/flag of the organisation that uploaded the data -Configure::write('CyDefSIG.showowner', 'false'); // show the email of the owner that uploaded the data -Configure::write('CyDefSIG.sync', 'false'); // enable features related to syncing with other CyDefSIG instances -Configure::write('CyDefSIG.private', 'true'); // respect private to org or server. +Configure::write('CyDefSIG.showorg', 'true'); // show the name/flag of the organisation that uploaded the data +Configure::write('CyDefSIG.showowner', 'false'); // show the email of the owner that uploaded the data +Configure::write('CyDefSIG.sync', 'false'); // enable features related to syncing with other CyDefSIG instances +Configure::write('CyDefSIG.private', 'true'); // respect private to org or server. if ('true' == Configure::read('CyDefSIG.private')) { Configure::write('CyDefSIG.sync', 'true'); } -Configure::write('CyDefSIG.email', 'no-reply@sig.mil.be'); // email from for all the mails +Configure::write('CyDefSIG.email', 'no-reply@sig.mil.be'); // email from for all the mails -Configure::write('GnuPG.onlyencrypted', 'true'); // only allow encrypted email, do not allow plaintext mails +Configure::write('GnuPG.onlyencrypted', 'true'); // only allow encrypted email, do not allow plaintext mails Configure::write('GnuPG.email', 'no-reply@sig.mil.be'); Configure::write('GnuPG.password', 'ii3naxoK|o2a'); Configure::write('GnuPG.homedir', '/Users/chri/Documents/Work/Projects/201107-CyDefSIG/.gnupg/'); -Configure::write('SecureAuth.amount', 5); // the maximum amount of failed logins -Configure::write('SecureAuth.expire', 300); // the time-window for the maximum amount of logins in seconds +Configure::write('SecureAuth.amount', 5); // the maximum amount of failed logins +Configure::write('SecureAuth.expire', 300); // the time-window for the maximum amount of logins in seconds -Configure::write('CyDefSIG.correlation', 'db'); // correlation between attributes of events. +Configure::write('CyDefSIG.correlation', 'db'); // correlation between attributes of events. // possible values: // - default, like it was (this is depreciated, use 'db' instead) // - db, correlation in database diff --git a/app/Console/Command/PasswordShell.php b/app/Console/Command/PasswordShell.php index 7d33af2f1..da3d58ee0 100755 --- a/app/Console/Command/PasswordShell.php +++ b/app/Console/Command/PasswordShell.php @@ -27,7 +27,7 @@ class PasswordShell extends AppShell { $this->out(print_r($this->User->invalidFields(), true)); } - echo 'Updated ', PHP_EOL; + echo 'Updated ', PHP_EOL; exit; } } \ No newline at end of file diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index a1a790064..c2c26fdec 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -126,6 +126,7 @@ class AppController extends Controller { // These variables are required for every view $this->set('me', Sanitize::clean($this->Auth->user())); $this->set('isAdmin', $this->_isAdmin()); + $this->set('isSiteAdmin', $this->_isSiteAdmin()); // TODO ACL: 5: from Controller to Views $this->set('isAclAdd', $this->checkAcl('add')); @@ -170,6 +171,9 @@ class AppController extends Controller { return false; } +/** + * checks if the currently logged user is a site administrator + */ protected function _isSiteAdmin() { $org = $this->Auth->user('org'); if (isset($org) && $org === 'ADMIN') { @@ -178,6 +182,10 @@ class AppController extends Controller { return false; } + protected function _checkOrg() { + return $this->Auth->user('org'); + } + /** * Refreshes the Auth session with new/updated data * @return void @@ -371,10 +379,14 @@ class AppController extends Controller { throw new NotFoundException(); } - $this->generatePrivate(); + // Deprecated - generate Private sets the values for the 3 distribution fields on migration - however the new SQL scheme sets cluster + communitie + // to false, which means that private will become org only and non-private will become all communities - which is desired behaviour. + // $this->generatePrivate(); $this->generateCorrelation(); // TODO $this->generateCount(); - $this->generateHop($yourOrg); + // Deprecated - hop unused currently, also, it would generate hop count 1 for all local events created by other hosted orgs. + // $this->generateHop($yourOrg); + $this->generateArosAcos(); } public function generateArosAcos() { @@ -389,7 +401,7 @@ class AppController extends Controller { public function generateACL($inc) { if (!self::_isAdmin()) throw new NotFoundException(); - if($inc['Role']['permission'] == null) $inc['Role']['permission'] = 0; + if ($inc['Role']['permission'] == null) $inc['Role']['permission'] = 0; switch ($inc['Role']['permission']) { case '0': $permAdd = false; @@ -418,6 +430,7 @@ class AppController extends Controller { default: break; } + //$this->Acl->allow($inc, 'controllers/Events/add'); if ($permAdd) { $this->Acl->allow($inc, 'controllers/Events/add'); $this->Acl->allow($inc, 'controllers/Attributes/add'); @@ -453,12 +466,11 @@ class AppController extends Controller { $this->Acl->deny($inc, 'controllers/Logs'); } - if (isset($inc['Role']['perm_admin'])) { - if ($inc['Role']['perm_admin']) { + if (isset($inc['Role']['perm_admin']) && $inc['Role']['perm_admin']) { //$this->Acl->allow($inc, 'controllers/Logs'); - } } else { $this->Acl->deny($inc, 'controllers/Roles'); + //$this->Acl->deny($inc, 'controllers'); } if (isset($inc['Role']['perm_auth'])) { if ($inc['Role']['perm_auth']) { @@ -583,6 +595,10 @@ class AppController extends Controller { $attribute['Attribute']['private'] = true; $attribute['Attribute']['cluster'] = false; $attribute['Attribute']['communitie'] = false; + } else { + $attribute['Attribute']['private'] = false; + $attribute['Attribute']['cluster'] = false; + $attribute['Attribute']['communitie'] = false; } $this->Attribute->save($attribute); } @@ -595,10 +611,18 @@ class AppController extends Controller { $events = $this->Event->find('all', array('recursive' => 0)); foreach ($events as $event) { if ($event['Event']['private']) { - $attribute['Event']['private'] = true; - $attribute['Event']['cluster'] = false; - $attribute['Event']['communitie'] = false; + $event['Event']['private'] = true; + $event['Event']['cluster'] = false; + $event['Event']['communitie'] = false; + } else { + $event['Event']['private'] = false; + $event['Event']['cluster'] = false; + $event['Event']['communitie'] = false; } + $event['Event']['orgc'] = $event['Event']['org']; + $event['Event']['dist_change'] = 0; + $event['Event']['analysis'] = 2; + $event['Event']['hop_count'] = 0; $this->Event->save($event); } } diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index 366a9a260..d108e48a7 100755 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -303,12 +303,8 @@ class AttributesController extends AppController { } $this->Attribute->read(); - if (PHP_OS == 'WINNT') { - $path = APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS; - $file = $this->Attribute->data['Attribute']['id']; - } else { - $file = new File(APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS . $this->Attribute->data['Attribute']['id']); - } + $path = APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS; + $file = $this->Attribute->data['Attribute']['id']; $filename = ''; if ('attachment' == $this->Attribute->data['Attribute']['type']) { $filename = Sanitize::clean($this->Attribute->data['Attribute']['value']); @@ -324,23 +320,13 @@ class AttributesController extends AppController { } $this->viewClass = 'Media'; - if (PHP_OS == 'WINNT') { - $params = array( + $params = array( 'id' => $file, 'name' => $filename, 'extension' => $fileExt, 'download' => true, 'path' => $path - ); - } else { - $params = array( - 'id' => $file->path, - 'name' => $filename, - 'extension' => $fileExt, - 'download' => true, - 'path' => DS - ); - } + ); $this->set($params); } @@ -371,17 +357,18 @@ class AttributesController extends AppController { // remove the published flag from the event $this->Event->id = $this->request->data['Attribute']['event_id']; $this->Event->saveField('published', 0); - // save the file-info in the database $this->Attribute->create(); if ($this->request->data['Attribute']['malware']) { $this->request->data['Attribute']['type'] = "malware-sample"; $filename = Sanitize::clean($filename); + preg_replace('/\//:*?"<>/', '', $filename); $this->request->data['Attribute']['value'] = $filename . '|' . $tmpfile->md5(); // TODO gives problems with bigger files $this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS } else { $this->request->data['Attribute']['type'] = "attachment"; $filename = Sanitize::clean($filename); + preg_replace('/\/:*?"<>/', '', $filename); $this->request->data['Attribute']['value'] = $filename; $this->request->data['Attribute']['to_ids'] = 0; } @@ -521,11 +508,14 @@ class AttributesController extends AppController { if (!$this->Attribute->exists()) { throw new NotFoundException(__('Invalid attribute')); } + $this->Attribute->read(); + //set stuff to fix undefined index: uuid + if (!$this->_isRest()) { + $uuid = $this->Attribute->data['Attribute']['uuid']; + } // only own attributes verified by isAuthorized - if ('true' == Configure::read('CyDefSIG.private')) { if (!$this->_IsAdmin()) { - $this->Attribute->read(null, $id); // check for non-private and re-read if (($this->Attribute->data['Event']['org'] != $this->Auth->user('org')) || (($this->Attribute->data['Event']['org'] == $this->Auth->user('org')) && ($this->Attribute->data['Event']['user_id'] != $this->Auth->user('id')) && (!$this->checkAcl('edit') || !$this->checkRole() || !$this->checkAcl('publish')))) { $this->Session->setFlash(__('Invalid attribute.')); @@ -534,7 +524,6 @@ class AttributesController extends AppController { } } - $this->Attribute->read(); $eventId = $this->Attribute->data['Attribute']['event_id']; if ('attachment' == $this->Attribute->data['Attribute']['type'] || 'malware-sample' == $this->Attribute->data['Attribute']['type'] ) { @@ -545,7 +534,6 @@ class AttributesController extends AppController { } else { $this->set('attachment', false); } - if ($this->request->is('post') || $this->request->is('put')) { if ('true' == Configure::read('CyDefSIG.private')) { $this->request->data = $this->Attribute->massageData($this->request->data); @@ -553,24 +541,44 @@ class AttributesController extends AppController { // reposition to get the attribute.id with given uuid // Notice (8): Undefined index: uuid [APP/Controller/AttributesController.php, line 502] - $existingAttribute = $this->Attribute->findByUuid($this->request->data['Attribute']['uuid']); + // Fixed - uuid was not passed back from the form since it's not a field. Set the uuid in a variable for non rest users, rest should have uuid. + // Generally all of this should be _isRest() only, but that's something for later to think about + if ($this->_isRest()) { + $existingAttribute = $this->Attribute->findByUuid($this->request->data['Attribute']['uuid']); + } else { + $existingAttribute = $this->Attribute->findByUuid($uuid); + } if (count($existingAttribute)) { $this->request->data['Attribute']['id'] = $existingAttribute['Attribute']['id']; } - // say what fields are to be updated - $fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private', 'cluster'); + $fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private', 'cluster', 'value'); if ("i" == Configure::read('CyDefSIG.rest')) { unset($this->request->data['Event']); $this->Attribute->unbindModel(array('belongsTo' => array('Event'))); $this->request->data['Attribute']['event_id'] = $eventId; } + + $this->loadModel('Event'); + $this->Event->id = $eventId; + + // enabling / disabling the distribution field in the edit view based on whether user's org == orgc in the event + $this->Event->read(); + if(!$this->_isRest()) { + $canEditDist = false; + if ($this->Event->data['Event']['orgc'] == $this->_checkOrg()) { + $this->set('canEditDist', true); + $canEditDist = true; + } else { + $this->set('canEditDist', false); + } + if (isset($this->request->data['Attribute']['distribution']) && $this->request->data['Attribute']['distribution'] != $existingAttribute['Attribute']['distribution']) { + $this->request->data['Attribute']['dist_change'] = 1 + $existingAttribute['Attribute']['dist_change']; + } + } if ($this->Attribute->save($this->request->data)) { $this->Session->setFlash(__('The attribute has been saved')); - // remove the published flag from the event - $this->loadModel('Event'); - $this->Event->id = $eventId; $this->Event->saveField('published', 0); if ($this->_isRest()) { @@ -590,9 +598,21 @@ class AttributesController extends AppController { } else { $this->request->data = $this->Attribute->read(null, $id); } - // needed for RBAC + $this->set('attribute', Sanitize::clean($this->request->data)); + // enabling / disabling the distribution field in the edit view based on whether user's org == orgc in the event + $this->loadModel('Event'); + $this->Event->id = $eventId; + $this->Event->read(); + $canEditDist = false; + if ($this->Event->data['Event']['orgc'] == $this->_checkOrg()) { + $this->set('canEditDist', true); + $canEditDist = true; + } else { + $this->set('canEditDist', false); + } + // needed for RBAC // combobox for types $types = array_keys($this->Attribute->typeDefinitions); $types = $this->_arrayToValuesIndexArray($types); @@ -602,26 +622,29 @@ class AttributesController extends AppController { array_pop($categories); // remove that last empty/space option $categories = $this->_arrayToValuesIndexArray($categories); $this->set('categories', $categories); - $this->loadModel('Event'); - $events = $this->Event->findById($eventId); - $maxDist = $events['Event']['distribution']; - $this->set('maxDist', $maxDist); - // combobox for distribution - if (isset($maxDist)) { - $distributionsBeforeCut = array_keys($this->Attribute->distributionDescriptions); - $count = 0; - foreach ($distributionsBeforeCut as $current) { - $distributions[$count] = $current; - if ($distributions[$count] == $maxDist)break; - $count++; + + if ($canEditDist) { + $this->loadModel('Event'); + $events = $this->Event->findById($eventId); + $maxDist = $events['Event']['distribution']; + $this->set('maxDist', $maxDist); + // combobox for distribution + if (isset($maxDist)) { + $distributionsBeforeCut = array_keys($this->Attribute->distributionDescriptions); + $count = 0; + foreach ($distributionsBeforeCut as $current) { + $distributions[$count] = $current; + if ($distributions[$count] == $maxDist)break; + $count++; + } + } else { + $distributions = array_keys($this->Attribute->distributionDescriptions); } - } else { - $distributions = array_keys($this->Attribute->distributionDescriptions); + $distributions = $this->_arrayToValuesIndexArray($distributions); + $this->set('distributions', $distributions); + // tooltip for distribution + $this->set('distributionDescriptions', $this->Attribute->distributionDescriptions); } - $distributions = $this->_arrayToValuesIndexArray($distributions); - $this->set('distributions', $distributions); - // tooltip for distribution - $this->set('distributionDescriptions', $this->Attribute->distributionDescriptions); $this->set('attrDescriptions', $this->Attribute->fieldDescriptions); $this->set('typeDefinitions', $this->Attribute->typeDefinitions); @@ -656,12 +679,11 @@ class AttributesController extends AppController { // attachment will be deleted with the beforeDelete() function in the Model if ($this->Attribute->delete()) { - // delete the attribute from remote servers - //if ('true' == Configure::read('CyDefSIG.sync')) { - // // find the uuid - // $this->__deleteAttributeFromServers($uuid); - //} + if ('true' == Configure::read('CyDefSIG.sync')) { + // find the uuid + $this->__deleteAttributeFromServers($uuid); + } $this->Session->setFlash(__('Attribute deleted')); } else { @@ -678,9 +700,11 @@ class AttributesController extends AppController { */ private function __deleteAttributeFromServers($uuid) { // TODO private and delete .. bring up .. - //if (true == $result['Attribute']['private']) { // never upload private attributes - // return "Attribute is private and non exportable"; - //} + //$existingAttribute = $this->Attribute->findByUuid($this->request->data['Attribute']['uuid']); + if (true == $result['Attribute']['private']) { // never upload private attributes + // return "Attribute is private and non exportable"; + return; + } // get a list of the servers $this->loadModel('Server'); @@ -710,23 +734,60 @@ class AttributesController extends AppController { if ($this->request->is('post') && ($this->request->here == $fullAddress)) { $keyword = $this->request->data['Attribute']['keyword']; + $keyword2 = $this->request->data['Attribute']['keyword2']; $type = $this->request->data['Attribute']['type']; $category = $this->request->data['Attribute']['category']; $this->set('keywordSearch', $keyword); + $keyWordText = null; + $keyWordText2 = null; $this->set('typeSearch', $type); $this->set('isSearch', 1); $this->set('categorySearch', $category); // search the db $conditions = array(); - if ($keyword) { - $keywordArray = explode("\n", $keyword); - $i = 0; + if (isset($keyword)) { + $keywordArray = preg_split("/\r\n|\n|\r/", $keyword); + $i = 1; $temp = array(); foreach ($keywordArray as $keywordArrayElement) { - $keywordArrayElement = '%' . trim($keywordArrayElement) . '%'; - if ($keywordArrayElement != '%%') array_push($temp, array('Attribute.value LIKE' => $keywordArrayElement)); + $saveWord = trim($keywordArrayElement); + $keywordArrayElement = '%' . trim($keywordArrayElement) . '%'; + if ($keywordArrayElement != '%%') array_push($temp, array('Attribute.value LIKE' => $keywordArrayElement)); + if ($i == 1 && $saveWord != '') $keyWordText = $saveWord; + else if (($i > 1 && $i < 10) && $saveWord != '') $keyWordText = $keyWordText .', '. $saveWord; + else if ($i == 10 && $saveWord != '') $keyWordText = $keyWordText . ' and several other keywords'; + $i++; + } + $this->set('keywordSearch', $keyWordText); + if (!empty($temp)){ + if (count($temp) == 1) { + $conditions['Attribute.value LIKE'] = '%'.$keyWordText.'%'; + } else { + $conditions['OR'] = $temp; + } + } + } + if (isset($keyword2)) { + $keywordArray2 = preg_split("/\r\n|\n|\r/", $keyword2); + $i = 1; + $temp = array(); + foreach ($keywordArray2 as $keywordArrayElement) { + $saveWord = trim($keywordArrayElement); + if (!is_numeric($saveWord) || $saveWord < 1) continue; + array_push($temp, array('Attribute.event_id !=' => $keywordArrayElement)); + if ($i == 1 && $saveWord != '') $keyWordText2 = $saveWord; + else if (($i > 1 && $i < 10) && $saveWord != '') $keyWordText2 = $keyWordText2 .', '. $saveWord; + else if ($i == 10 && $saveWord != '') $keyWordText2 = $keyWordText2 . ' and several other events'; + $i++; + } + $this->set('keywordSearch2', $keyWordText2); + if (!empty($temp)){ + if (count($temp) == 1) { + $conditions['Attribute.event_id !='] = $keyWordText2; + } else { + $conditions['AND'] = $temp; + } } - $conditions['OR'] = $temp; } if ($type != 'ALL') { $conditions['Attribute.type ='] = $type; @@ -757,6 +818,12 @@ class AttributesController extends AppController { $attributes = Sanitize::clean($this->paginate(), array('remove' => true, 'remove_html' => true, 'encode' => true, 'newline' => true)); foreach ($attributes as &$attribute) { $attribute['Attribute']['value'] = str_replace('\n', chr(10), $attribute['Attribute']['value']); + foreach ($keywordArray as $keywordArrayElement) { + $keywordArrayElement = trim($keywordArrayElement); + if ($attribute['Attribute']['type'] != 'malware-sample' && $attribute['Attribute']['type'] != 'link' && $attribute['Attribute']['type'] != 'attachment') { + $attribute['Attribute']['value'] = preg_replace('%'.$keywordArrayElement.'%', ''.$keywordArrayElement.'', $attribute['Attribute']['value']); + } + } } $this->set('attributes', $attributes); diff --git a/app/Controller/Component/NidsExportComponent.php b/app/Controller/Component/NidsExportComponent.php index f6f7d5731..ff3abf133 100755 --- a/app/Controller/Component/NidsExportComponent.php +++ b/app/Controller/Component/NidsExportComponent.php @@ -46,7 +46,7 @@ class NidsExportComponent extends Component { $ruleFormatReference = 'reference:url,' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $item['Event']['id']; $ruleFormat = '%salert %s %s %s %s %s %s (' . $ruleFormatMsg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $priority . '; ' . $ruleFormatReference . ';) '; - $sid = $startSid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type + $sid = $startSid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type $attribute = &$item['Attribute']; $sid++; @@ -99,17 +99,17 @@ class NidsExportComponent extends Component { $overruled = in_array($attribute['value'], $this->whitelist); $this->rules[] = sprintf($ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'ip', // proto + 'ip', // proto '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction + 'any', // src_port + '->', // direction $attribute['value'], // dst_ip - 'any', // dst_port - 'Outgoing To IP: ' . $attribute['value'], // msg - '', // rule_content - '', // tag - $sid, // sid - 1 // rev + 'any', // dst_port + 'Outgoing To IP: ' . $attribute['value'], // msg + '', // rule_content + '', // tag + $sid, // sid + 1 // rev ); } @@ -117,17 +117,17 @@ class NidsExportComponent extends Component { $overruled = in_array($attribute['value'], $this->whitelist); $this->rules[] = sprintf($ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'ip', // proto + 'ip', // proto $attribute['value'], // src_ip - 'any', // src_port - '->', // direction + 'any', // src_port + '->', // direction '$HOME_NET', // dst_ip - 'any', // dst_port - 'Incoming From IP: ' . $attribute['value'], // msg - '', // rule_content - '', // tag - $sid, // sid - 1 // rev + 'any', // dst_port + 'Incoming From IP: ' . $attribute['value'], // msg + '', // rule_content + '', // tag + $sid, // sid + 1 // rev ); } @@ -135,17 +135,17 @@ class NidsExportComponent extends Component { $content = 'flow:established,to_server; content:"MAIL FROM|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;'; $this->rules[] = sprintf($ruleFormat, (false) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto + 'tcp', // proto '$EXTERNAL_NET', // src_ip - 'any', // src_port - '<>', // direction + 'any', // src_port + '<>', // direction '$SMTP_SERVERS', // dst_ip - '25', // dst_port - 'Source Email Address: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + '25', // dst_port + 'Source Email Address: ' . $attribute['value'], // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -153,17 +153,17 @@ class NidsExportComponent extends Component { $content = 'flow:established,to_server; content:"RCPT TO|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;'; $this->rules[] = sprintf($ruleFormat, (false) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto + 'tcp', // proto '$EXTERNAL_NET', // src_ip - 'any', // src_port - '<>', // direction + 'any', // src_port + '<>', // direction '$SMTP_SERVERS', // dst_ip - '25', // dst_port - 'Destination Email Address: ' . $attribute['value'],// msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + '25', // dst_port + 'Destination Email Address: ' . $attribute['value'], // msg + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -172,17 +172,17 @@ class NidsExportComponent extends Component { $content = 'flow:established,to_server; content:"Subject|3a|"; nocase; content:"' . $attribute['value'] . '"; nocase;'; $this->rules[] = sprintf($ruleFormat, (false) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto + 'tcp', // proto '$EXTERNAL_NET', // src_ip - 'any', // src_port - '<>', // direction + 'any', // src_port + '<>', // direction '$SMTP_SERVERS', // dst_ip - '25', // dst_port + '25', // dst_port 'Bad Email Subject', // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -191,17 +191,17 @@ class NidsExportComponent extends Component { $content = 'flow:established,to_server; content:"Content-Disposition: attachment|3b| filename=|22|"; content:"' . $attribute['value'] . '|22|";'; $this->rules[] = sprintf($ruleFormat, (false) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto + 'tcp', // proto '$EXTERNAL_NET', // src_ip - 'any', // src_port - '<>', // direction + 'any', // src_port + '<>', // direction '$SMTP_SERVERS', // dst_ip - '25', // dst_port - 'Bad Email Attachment', // msg - $content, // rule_content // LATER nids - test and finetune this snort rule https://secure.wikimedia.org/wikipedia/en/wiki/MIME#Content-Disposition - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + '25', // dst_port + 'Bad Email Attachment', // msg + $content, // rule_content // LATER nids - test and finetune this snort rule https://secure.wikimedia.org/wikipedia/en/wiki/MIME#Content-Disposition + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -210,32 +210,32 @@ class NidsExportComponent extends Component { $content = 'content:"' . $this->dnsNameToRawFormat($attribute['value'], 'hostname') . '"; nocase;'; $this->rules[] = sprintf($ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'udp', // proto - 'any', // src_ip - 'any', // src_port - '->', // direction - 'any', // dst_ip - '53', // dst_port - 'Hostname: ' . $attribute['value'], // msg - $content, // rule_content - '', // tag - $sid, // sid - 1 // rev + 'udp', // proto + 'any', // src_ip + 'any', // src_port + '->', // direction + 'any', // dst_ip + '53', // dst_port + 'Hostname: ' . $attribute['value'], // msg + $content, // rule_content + '', // tag + $sid, // sid + 1 // rev ); $sid++; $this->rules[] = sprintf($ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - 'any', // src_ip - 'any', // src_port - '->', // direction - 'any', // dst_ip - '53', // dst_port - 'Hostname: ' . $attribute['value'], // msg - $content, // rule_content - '', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + 'any', // src_ip + 'any', // src_port + '->', // direction + 'any', // dst_ip + '53', // dst_port + 'Hostname: ' . $attribute['value'], // msg + $content, // rule_content + '', // tag + $sid, // sid + 1 // rev ); $sid++; // also do http requests @@ -243,17 +243,17 @@ class NidsExportComponent extends Component { $content = 'flow:to_server,established; content: "Host: ' . $attribute['value'] . '"; nocase; http_header; pcre: "/[^A-Za-z0-9-]' . preg_quote($attribute['value']) . '[^A-Za-z0-9-]/";'; $this->rules[] = sprintf($ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'http', // proto + 'http', // proto '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction + 'any', // src_port + '->', // direction '$EXTERNAL_NET', // dst_ip - 'any', // dst_port + 'any', // dst_port 'Outgoing HTTP Hostname: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -262,32 +262,32 @@ class NidsExportComponent extends Component { $content = 'content:"' . $this->dnsNameToRawFormat($attribute['value']) . '"; nocase;'; $this->rules[] = sprintf($ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'udp', // proto - 'any', // src_ip - 'any', // src_port - '->', // direction - 'any', // dst_ip - '53', // dst_port - 'Domain: ' . $attribute['value'], // msg - $content, // rule_content - '', // tag - $sid, // sid - 1 // rev + 'udp', // proto + 'any', // src_ip + 'any', // src_port + '->', // direction + 'any', // dst_ip + '53', // dst_port + 'Domain: ' . $attribute['value'], // msg + $content, // rule_content + '', // tag + $sid, // sid + 1 // rev ); $sid++; $this->rules[] = sprintf($ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'tcp', // proto - 'any', // src_ip - 'any', // src_port - '->', // direction - 'any', // dst_ip - '53', // dst_port - 'Domain: ' . $attribute['value'], // msg - $content, // rule_content - '', // tag - $sid, // sid - 1 // rev + 'tcp', // proto + 'any', // src_ip + 'any', // src_port + '->', // direction + 'any', // dst_ip + '53', // dst_port + 'Domain: ' . $attribute['value'], // msg + $content, // rule_content + '', // tag + $sid, // sid + 1 // rev ); $sid++; // also do http requests, @@ -295,17 +295,17 @@ class NidsExportComponent extends Component { $content = 'flow:to_server,established; content: "Host:"; nocase; http_header; content:"' . $attribute['value'] . '"; nocase; http_header; pcre: "/[^A-Za-z0-9-]' . preg_quote($attribute['value']) . '[^A-Za-z0-9-]/";'; $this->rules[] = sprintf($ruleFormat, ($overruled) ? '#OVERRULED BY WHITELIST# ' : '', - 'http', // proto + 'http', // proto '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction + 'any', // src_port + '->', // direction '$EXTERNAL_NET', // dst_ip - 'any', // dst_port + 'any', // dst_port 'Outgoing HTTP Domain: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -317,17 +317,17 @@ class NidsExportComponent extends Component { $content = 'flow:to_server,established; content:"' . $attribute['value'] . '"; nocase; http_uri;'; $this->rules[] = sprintf($ruleFormat, (false) ? '#OVERRULED BY WHITELIST# ' : '', - 'http', // proto + 'http', // proto '$HOME_NET', // src_ip - 'any', // src_port - '->', // direction + 'any', // src_port + '->', // direction '$EXTERNAL_NET', // dst_ip - 'any', // dst_port + 'any', // dst_port 'Outgoing HTTP URL: ' . $attribute['value'], // msg - $content, // rule_content - 'tag:session,600,seconds;', // tag - $sid, // sid - 1 // rev + $content, // rule_content + 'tag:session,600,seconds;', // tag + $sid, // sid + 1 // rev ); } @@ -348,18 +348,18 @@ class NidsExportComponent extends Component { // tag - '/tag\s*:\s*.+?;/' $replaceCount = array(); $tmpRule = preg_replace('/sid\s*:\s*[0-9]+\s*;/', 'sid:' . $sid . ';', $tmpRule, -1, $replaceCount['sid']); - if (null == $tmpRule ) break; // don't output the rule on error with the regex + if (null == $tmpRule ) break; // don't output the rule on error with the regex $tmpRule = preg_replace('/rev\s*:\s*[0-9]+\s*;/', 'rev:1;', $tmpRule, -1, $replaceCount['rev']); - if (null == $tmpRule ) break; // don't output the rule on error with the regex + if (null == $tmpRule ) break; // don't output the rule on error with the regex $tmpRule = preg_replace('/classtype:[a-zA-Z_-]+;/', 'classtype:' . $this->classtype . ';', $tmpRule, -1, $replaceCount['classtype']); - if (null == $tmpRule ) break; // don't output the rule on error with the regex + if (null == $tmpRule ) break; // don't output the rule on error with the regex $tmpMessage = sprintf($ruleFormatMsg, 'snort-rule'); $tmpRule = preg_replace('/msg\s*:\s*".*?"\s*;/', $tmpMessage . ';', $tmpRule, -1, $replaceCount['msg']); - if (null == $tmpRule ) break; // don't output the rule on error with the regex + if (null == $tmpRule ) break; // don't output the rule on error with the regex $tmpRule = preg_replace('/reference\s*:\s*.+?;/', $ruleFormatReference . ';', $tmpRule, -1, $replaceCount['reference']); - if (null == $tmpRule ) break; // don't output the rule on error with the regex + if (null == $tmpRule ) break; // don't output the rule on error with the regex $tmpRule = preg_replace('/reference\s*:\s*.+?;/', $ruleFormatReference . ';', $tmpRule, -1, $replaceCount['reference']); - if (null == $tmpRule ) break; // don't output the rule on error with the regex + if (null == $tmpRule ) break; // don't output the rule on error with the regex // FIXME nids - implement priority overwriting // some values were not replaced, so we need to add them ourselves, and insert them in the rule diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index ab5657e5a..35075523d 100755 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -26,7 +26,7 @@ class EventsController extends AppController { public $paginate = array( 'limit' => 60, - 'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events + 'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page. 'order' => array( 'Event.id' => 'DESC' ) @@ -299,13 +299,17 @@ class EventsController extends AppController { // Sanitize::clean $this->Event->data['Event']['info'] = $this->beforeSanitizeClean($this->Event->data['Event']['info']); - foreach ($this->Event->data['Attribute'] as &$attribute) { - $attribute['value'] = $this->beforeSanitizeClean($attribute['value']); + if (isset($this->Event->data['Attribute'])) { + foreach ($this->Event->data['Attribute'] as &$attribute) { + $attribute['value'] = $this->beforeSanitizeClean($attribute['value']); + } } $event = Sanitize::clean($this->Event->data, array('remove' => true, 'remove_html' => true, 'encode' => true, 'newline' => true)); $event['Event']['info'] = $this->counterSanitizeClean($event['Event']['info']); - foreach ($event['Attribute'] as &$attribute) { - $attribute['value'] = $this->counterSanitizeClean($attribute['value']); + if (isset($event['Attribute'])) { + foreach ($event['Attribute'] as &$attribute) { + $attribute['value'] = $this->counterSanitizeClean($attribute['value']); + } } $this->set('event', $event); @@ -423,7 +427,11 @@ class EventsController extends AppController { public function _add(&$data, &$auth, $fromXml, $or='', $passAlong = null, $fromPull = false) { // force check userid and orgname to be from yourself $data['Event']['user_id'] = $auth->user('id'); - $data['Event']['org'] = strlen($or) ? $or : $auth->user('org'); // FIXME security - org problem + $data['Event']['org'] = $auth->user('org'); + //$data['Event']['org'] = strlen($or) ? $or : $auth->user('org'); // FIXME security - org problem + if (!$fromXml) { + $data['Event']['orgc'] = $data['Event']['org']; + } unset ($data['Event']['id']); $this->Event->create(); //$this->Event->data = $data; @@ -444,7 +452,7 @@ class EventsController extends AppController { $existingEventCount = $this->Event->find('count', array('conditions' => array('Event.uuid' => $data['Event']['uuid']))); if ($existingEventCount > 0) { // TODO RESTfull, set responce location header..so client can find right URL to edit - if($fromPull)return false; + if ($fromPull) return false; $existingEvent = $this->Event->find('first', array('conditions' => array('Event.uuid' => $data['Event']['uuid']))); $this->response->header('Location', Configure::read('CyDefSIG.baseurl') . '/events/' . $existingEvent['Event']['id']); $this->response->send(); @@ -454,13 +462,13 @@ class EventsController extends AppController { if ($upstream) { $fieldList = array( - 'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid'), + 'Event' => array('orgc', 'date', 'risk', 'analysis', 'info', 'published', 'uuid'), 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision') ); } else { $fieldList = array( - 'Event' => array('org', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'private', 'cluster', 'communitie', 'hop_count'), - 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'cluster', 'communitie') + 'Event' => array('org', 'orgc', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'private', 'cluster', 'communitie', 'hop_count', 'dist_change', 'from'), + 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'cluster', 'communitie', 'dist_change') ); } @@ -478,7 +486,7 @@ class EventsController extends AppController { $saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList)); } if ($saveResult) { - if (!empty($data['Event']['published']) && 1 == $data['Event']['published']) { + if (!empty($data['Event']['published']) && 1 == $data['Event']['published'] && $data['Event']['private'] == false) { // do the necessary actions to publish the event (email, upload,...) $this->__publish($this->Event->getId(), $passAlong); } @@ -506,13 +514,28 @@ class EventsController extends AppController { //if ('true' == Configure::read('CyDefSIG.private')) { // if (!$this->_IsAdmin()) { $this->Event->read(null, $id); - // // check for non-private and re-read - // if (($this->Event->data['Event']['org'] != $this->Auth->user('org')) || (($this->Event->data['Event']['org'] == $this->Auth->user('org')) && ($this->Event->data['Event']['user_id'] != $this->Auth->user('id')) && (!$this->checkAcl('edit') || !$this->checkRole() || !$this->checkAcl('publish')))) { - // $this->Session->setFlash(__('Invalid event.')); - // $this->redirect(array('controller' => 'users', 'action' => 'terms')); - // } - // } + // // check for if private and user not authorised to edit, go away + if (!$this->isSiteAdmin() && !$this->checkAction('perm_sync') && $this->Event->data['Event']['distribution'] == 'Your organization only') { + if (($this->Event->data['Event']['org'] != $this->_checkOrg()) || !($this->checkAction('perm_modify'))) { + $this->Session->setFlash(__('You are not authorised to do that.')); + $this->redirect(array('controller' => 'events', 'action' => 'index')); + } + } + //if (!$this->Event->data['Event']['org'] == $this->_checkOrg()){ + //throw new MethodNotAllowedException(); + //$this->Session->setFlash(__('Invalid event.')); + //$this->redirect(array('controller' => 'users', 'action' => 'terms')); + //} //} + + // check if the user is of the creating org, if not, don't let him/her change the distribution. + $canEditDist = false; + if ($this->Event->data['Event']['orgc'] == $this->_checkOrg()) { + $canEditDist = true; + $this->set('canEditDist', true); + } else { + $this->set('canEditDist', false); + } if ($this->request->is('post') || $this->request->is('put')) { if ($this->_isRest()) { // Workaround for different structure in XML/array than what CakePHP expects @@ -533,6 +556,17 @@ class EventsController extends AppController { if (count($existingEvent)) { $this->request->data['Event']['id'] = $existingEvent['Event']['id']; } + if ($existingEvent['Event']['orgc'] == $this->_checkOrg()) { + $this->set('canEditDist', true); + } else { + $this->set('canEditDist', false); + } + + $fieldList = array( + 'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid', 'dist_change', 'from'), + 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'communitie', 'cluster', 'dist_change') + ); + if ("ii" == Configure::read('CyDefSIG.rest')) { // reposition to get the attribute.id with given uuid $c = 0; @@ -541,16 +575,20 @@ class EventsController extends AppController { $existingAttribute = $this->Event->Attribute->findByUuid($attribute['uuid']); if (count($existingAttribute)) { $this->request->data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id']; + if (!($this->request->data['Attribute'][$c]['dist_change'] > $existingAttribute['Attribute']['dist_change'])) { + unset($this->request->data['Attribute'][$c]['private']); + unset($this->request->data['Attribute'][$c]['cluster']); + unset($this->request->data['Attribute'][$c]['communitie']); + } } $c++; } } } - $fieldList = array( - 'Event' => array('org', 'date', 'risk', 'analysis', 'info', 'published', 'uuid', 'private', 'communitie'), - 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'communitie') - ); + if ($this->request->data['Event']['dist_change'] > $existingEvent['Event']['dist_change']) { + array_push($fieldList['Event'], 'private', 'communitie', 'cluster'); + } if ("i" == Configure::read('CyDefSIG.rest')) { // this saveAssociated() function will save not only the event, but also the attributes // from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute @@ -568,6 +606,11 @@ class EventsController extends AppController { $message = 'Saved'; $this->set('event', Sanitize::clean($this->Event->data)); + //if published -> do the actual publishing + if ((!empty($this->request->data['Event']['published']) && 1 == $this->request->data['Event']['published'])) { + // do the necessary actions to publish the event (email, upload,...) + $this->__publish($existingEvent['Event']['id']); + } // REST users want to see the newly created event $this->view($this->Event->getId()); @@ -581,18 +624,26 @@ class EventsController extends AppController { return false; } } - // say what fields are to be updated - $fieldList = array('date', 'risk', 'analysis', 'info', 'published', 'private', 'cluster', 'communitie'); + $fieldList = array('date', 'risk', 'analysis', 'info', 'published', 'private', 'cluster', 'communitie', 'dist_change'); + + //Moved this out of (if ($this->_isAdmin()) to use for the dist_change + $this->Event->read(); + // always force the org, but do not force it for admins if ($this->_isAdmin()) { // set the same org as existed before - $this->Event->read(); $this->request->data['Event']['org'] = Sanitize::clean($this->Event->data['Event']['org']); } // we probably also want to remove the published flag $this->request->data['Event']['published'] = 0; + // If the distribution has changed, up the dist_change count + if ($canEditDist) { + if ($this->request->data['Event']['distribution'] != $this->Event->data['Event']['distribution']) { + $this->request->data['Event']['dist_change'] = 1 + $this->Event->data['Event']['dist_change']; + } + } if ('true' == Configure::read('CyDefSIG.private')) { $this->request->data = $this->Event->massageData($this->request->data); } @@ -612,6 +663,7 @@ class EventsController extends AppController { $distributions = array_keys($this->Event->distributionDescriptions); $distributions = $this->_arrayToValuesIndexArray($distributions); $this->set('distributions', $distributions); + // tooltip for distribution $this->set('distributionDescriptions', $this->Event->distributionDescriptions); @@ -619,6 +671,7 @@ class EventsController extends AppController { $risks = $this->Event->validate['risk']['rule'][1]; $risks = $this->_arrayToValuesIndexArray($risks); $this->set('risks',$risks); + // tooltip for risk $this->set('riskDescriptions', $this->Event->riskDescriptions); @@ -626,6 +679,7 @@ class EventsController extends AppController { $analysiss = $this->Event->validate['analysis']['rule'][1]; $analysiss = $this->_arrayToValuesIndexArray($analysiss); $this->set('analysiss',$analysiss); + // tooltip for analysis $this->set('analysisDescriptions', $this->Event->analysisDescriptions); $this->set('analysisLevels', $this->Event->analysisLevels); @@ -641,6 +695,7 @@ class EventsController extends AppController { * @throws MethodNotAllowedException * @throws NotFoundException */ + public function delete($id = null) { if (!$this->request->is('post') && !$this->_isRest()) { throw new MethodNotAllowedException(); @@ -657,6 +712,12 @@ class EventsController extends AppController { $uuid = $result['Event']['uuid']; } + if (!$this->_isSiteAdmin()) { + if (!$this->Event->data['Event']['org'] == $this->_checkOrg()) { + throw new MethodNotAllowedException(); + } + } + if ($this->Event->delete()) { // delete the event from remote servers @@ -683,12 +744,14 @@ class EventsController extends AppController { $this->Event->recursive = 1; $this->Event->read(); + //Save the from field of the event to know where it came from originally and then set the event's from field to the current server's host org + $from = $this->Event->data['Event']['from']; + $this->Event->data['Event']['from'] = Configure::read('CyDefSIG.org'); // get a list of the servers $this->loadModel('Server'); $servers = $this->Server->find('all', array( 'conditions' => array('Server.push' => true) )); - // iterate over the servers and upload the event if(empty($servers)) return; @@ -698,7 +761,8 @@ class EventsController extends AppController { App::uses('HttpSocket', 'Network/Http'); $HttpSocket = new HttpSocket(); foreach ($servers as &$server) { - if (($passAlong != $server)) { + //Skip servers where the event has come from. + if (($passAlong != $server && $server['Server']['organization'] != $from)) { $thisUploaded = $this->Event->uploadEventToServer($this->Event->data, $server, $HttpSocket); if (!$thisUploaded) { $uploaded = !$uploaded ? $uploaded : $thisUploaded; @@ -706,7 +770,7 @@ class EventsController extends AppController { } } } - + $this->Event->data['Event']['from'] = Configure::read('CyDefSIG.org'); if (!$uploaded) { return $failedServers; } else { @@ -744,14 +808,13 @@ class EventsController extends AppController { private function __publish($id, $passAlong = null) { $this->Event->id = $id; $this->Event->recursive = 0; - //$this->Event->read(); + $event = $this->Event->read(null, $id); // update the DB to set the published flag $this->Event->saveField('published', 1); - + $event['Event']['from'] = Configure::read('CyDefSIG.sync'); $uploaded = false; - - // upload the event to remote servers + //if ($event['Event']['distribution'] == 'Your organization only' || $event['Event']['distribution'] == 'This server-only') return true; if ('true' == Configure::read('CyDefSIG.sync')) { $uploaded = $this->__uploadEventToServers($id, $passAlong); if ((is_bool($uploaded) && !$uploaded) || (is_array($uploaded))) { // TODO remove bool @@ -771,6 +834,7 @@ class EventsController extends AppController { if (!$this->Event->exists()) { throw new NotFoundException(__('Invalid event')); } + $this->Event->saveField('from', Configure::read('CyDefSIG.org')); // only allow publish for own events verified by isAuthorized @@ -802,7 +866,7 @@ class EventsController extends AppController { if (!$this->Event->exists()) { throw new NotFoundException(__('Invalid event')); } - + $this->Event->saveField('from', Configure::read('CyDefSIG.org')); // only allow alert for own events verified by isAuthorized // only allow form submit CSRF protection. @@ -1179,17 +1243,43 @@ class EventsController extends AppController { } else { $conditions = array(); } + //restricting to non-private or same org if the user is not a site-admin. + if (!$this->isSiteAdmin()) { + $temp = array(); + $temp2 = array(); + $org = $this->_checkOrg(); + $distribution = array(); + array_push($distribution, array('Event.private =' => 0)); + array_push($distribution, array('Event.cluster =' => 1)); + array_push($temp, array('OR' => $distribution)); + array_push($temp, array('Event.org LIKE' => $org)); + $conditions['OR'] = $temp; + $distribution2 = array(); + array_push($distribution2, array('Attribute.private =' => 0)); + array_push($distribution2, array('Attribute.cluster =' => 1)); + array_push($temp2, array('OR' => $distribution2)); + array_push($temp2, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $org)); + $conditionsAttributes['OR'] = $temp2; + } + // do not expose all the data ... $fields = array('Event.id', 'Event.date', 'Event.risk', 'Event.analysis', 'Event.info', 'Event.published', 'Event.uuid'); + $fieldsAtt = array('Attribute.id', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.uuid', 'Attribute.event_id'); if ('true' == Configure::read('CyDefSIG.showorg')) { $fields[] = 'Event.org'; } + $params = array('conditions' => $conditions, 'recursive' => 1, 'fields' => $fields, - ); + 'contain' =>array( + 'Attribute' => array( + 'fields' => $fieldsAtt, + 'conditions' => $conditionsAttributes, + ), + ) + ); $results = $this->Event->find('all', $params); - $this->set('results', Sanitize::clean($results)); } @@ -1213,8 +1303,20 @@ class EventsController extends AppController { $this->loadModel('Attribute'); + //restricting to non-private or same org if the user is not a site-admin. + $conditions['AND'] = array('Attribute.to_ids' => 1, "Event.published" => 1); + if (!$this->isSiteAdmin()) { + $temp = array(); + $distribution = array(); + array_push($distribution, array('Attribute.private =' => 0)); + array_push($distribution, array('Attribute.cluster =' => 1)); + array_push($temp, array('OR' => $distribution)); + array_push($temp, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $this->_checkOrg())); + $conditions['OR'] = $temp; + } + $params = array( - 'conditions' => array( "AND" => array ('Attribute.to_ids' => 1, "Event.published" => 1)), //array of conditions + 'conditions' => $conditions, //array of conditions 'recursive' => 0, //int 'group' => array('Attribute.type', 'Attribute.value1'), //fields to GROUP BY ); @@ -1251,8 +1353,20 @@ class EventsController extends AppController { $this->loadModel('Attribute'); + //restricting to non-private or same org if the user is not a site-admin. + $conditions['AND'] = array('Attribute.to_ids' => 1, "Event.published" => 1); + if (!$this->isSiteAdmin()) { + $temp = array(); + $distribution = array(); + array_push($distribution, array('Attribute.private =' => 0)); + array_push($distribution, array('Attribute.cluster =' => 1)); + array_push($temp, array('OR' => $distribution)); + array_push($temp, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $this->_checkOrg())); + $conditions['OR'] = $temp; + } + $params = array( - 'conditions' => array('Attribute.to_ids' => 1), //array of conditions + 'conditions' => $conditions, //array of conditions 'recursive' => 0, //int 'group' => array('Attribute.type', 'Attribute.value1'), //fields to GROUP BY ); @@ -1294,8 +1408,20 @@ class EventsController extends AppController { $this->loadModel('Attribute'); + //restricting to non-private or same org if the user is not a site-admin. + $conditions['AND'] = array('Attribute.to_ids' => 1, "Event.published" => 1); + if (!$this->isSiteAdmin()) { + $temp = array(); + $distribution = array(); + array_push($distribution, array('Attribute.private =' => 0)); + array_push($distribution, array('Attribute.cluster =' => 1)); + array_push($temp, array('OR' => $distribution)); + array_push($temp, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $this->_checkOrg())); + $conditions['OR'] = $temp; + } + $params = array( - 'conditions' => array('Attribute.to_ids' => 1), //array of conditions + 'conditions' => $conditions, //array of conditions 'recursive' => 0, //int 'group' => array('Attribute.type', 'Attribute.value1'), //fields to GROUP BY ); @@ -1334,8 +1460,23 @@ class EventsController extends AppController { $this->layout = 'text/default'; $this->loadModel('Attribute'); + + + //restricting to non-private or same org if the user is not a site-admin. + $conditions['AND'] = array('Attribute.type' => $type); + if (!$this->isSiteAdmin()) { + $temp = array(); + $distribution = array(); + array_push($distribution, array('Attribute.private =' => 0)); + array_push($distribution, array('Attribute.cluster =' => 1)); + array_push($temp, array('OR' => $distribution)); + array_push($temp, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $this->_checkOrg())); + $conditions['OR'] = $temp; + } + + $params = array( - 'conditions' => array('Attribute.type' => $type), //array of conditions + 'conditions' => $conditions, //array of conditions 'recursive' => 0, //int 'fields' => array('Attribute.value'), //array of field names 'order' => array('Attribute.value'), //string or array defining order diff --git a/app/Controller/PagesController.php b/app/Controller/PagesController.php index 4b68d200c..f337c23b3 100755 --- a/app/Controller/PagesController.php +++ b/app/Controller/PagesController.php @@ -46,7 +46,7 @@ class PagesController extends AppController { public $uses = array(); public function isAuthorized($user) { - return true; + return true; } /** * Displays a view diff --git a/app/Controller/RolesController.php b/app/Controller/RolesController.php index 6a5f00da7..ebc06704f 100755 --- a/app/Controller/RolesController.php +++ b/app/Controller/RolesController.php @@ -65,7 +65,6 @@ class RolesController extends AppController { $this->Session->setFlash(__(sprintf('The Role has been saved.'))); $this->set('options', $this->options); $passAlong = $this->Role->read(null, $this->Role->getInsertID()); - debug($passAlong); $this->generateACL($passAlong); $this->redirect(array('action' => 'index')); } else { @@ -99,6 +98,8 @@ class RolesController extends AppController { public function admin_edit($id = null) { if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'roles', 'action' => 'index', 'admin' => false)); $this->AdminCrud->adminEdit($id); + $passAlong = $this->Role->read(null, $id); + $this->generateACL($passAlong); $this->set('options', $this->options); } diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index fd0374d94..cbb23e0bb 100755 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -65,7 +65,7 @@ class ServersController extends AppController { ); } else { if (!$this->checkAction('perm_sync')) $this->redirect(array('controller' => 'events', 'action' => 'index')); - $conditions['Server.organization LIKE'] = $this->Auth->user('org'); + $conditions['Server.org LIKE'] = $this->Auth->user('org'); $this->paginate = array( 'conditions' => array($conditions), ); @@ -79,7 +79,7 @@ class ServersController extends AppController { * @return void */ public function add() { - if (($this->Auth->user('org') != 'ADMIN') && !($this->Server->id == $this->Auth->user('org') && $this->checkAction('perm_sync'))) $this->redirect(array('controller' => 'servers', 'action' => 'index')); + if (($this->Auth->user('org') != 'ADMIN') && !($this->Server->organization == $this->Auth->user('org') && $this->checkAction('perm_sync'))) $this->redirect(array('controller' => 'servers', 'action' => 'index')); if ($this->request->is('post')) { // force check userid and orgname to be from yourself $this->request->data['Server']['org'] = $this->Auth->user('org'); @@ -102,7 +102,7 @@ class ServersController extends AppController { * @throws NotFoundException */ public function edit($id = null) { - if($this->Auth->user('org') != 'ADMIN' && $this->Server->id != $this->Auth->user('org')) $this->redirect(array('controller' => 'servers', 'action' => 'index')); + if ($this->Auth->user('org') != 'ADMIN' && !($this->Server->organization == $this->Auth->user('org') && $this->checkAction('perm_sync'))) $this->redirect(array('controller' => 'servers', 'action' => 'index')); $this->Server->id = $id; if (!$this->Server->exists()) { throw new NotFoundException(__('Invalid server')); @@ -155,7 +155,7 @@ class ServersController extends AppController { public function pull($id = null, $full=false) { // TODO should we de-activate data validation for type and category / and or mapping? Maybe other instances have other configurations that are incompatible. - if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'servers', 'action' => 'index')); + if ($this->Auth->user('org') != 'ADMIN' && !($this->Server->organization == $this->Auth->user('org') && $this->checkAction('perm_sync'))) $this->redirect(array('controller' => 'servers', 'action' => 'index')); if (!$this->request->is('post')) { throw new MethodNotAllowedException(); } @@ -310,7 +310,7 @@ class ServersController extends AppController { } public function push($id = null, $full=false) { - if($this->Auth->User('org') != 'ADMIN') $this->redirect(array('controller' => 'servers', 'action' => 'index')); + if ($this->Auth->user('org') != 'ADMIN' && !($this->Server->organization == $this->Auth->user('org') && $this->checkAction('perm_sync'))) $this->redirect(array('controller' => 'servers', 'action' => 'index')); if (!$this->request->is('post')) { throw new MethodNotAllowedException(); } diff --git a/app/MYSQL.dist_change.sql b/app/MYSQL.dist_change.sql new file mode 100644 index 000000000..9407bfbf2 --- /dev/null +++ b/app/MYSQL.dist_change.sql @@ -0,0 +1,2 @@ +ALTER TABLE `events` ADD `dist_change` INT NOT NULL DEFAULT '0' +ALTER TABLE `attributes` ADD `dist_change` INT NOT NULL DEFAULT '0' \ No newline at end of file diff --git a/app/MYSQL.from.sql b/app/MYSQL.from.sql new file mode 100644 index 000000000..62ffc124e --- /dev/null +++ b/app/MYSQL.from.sql @@ -0,0 +1 @@ +ALTER TABLE `events` ADD `from` VARCHAR( 10 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL \ No newline at end of file diff --git a/app/MYSQL.migrate.sql b/app/MYSQL.migrate.sql new file mode 100644 index 000000000..09fde1b39 --- /dev/null +++ b/app/MYSQL.migrate.sql @@ -0,0 +1,149 @@ +-- +-- Update to attributes +-- + +ALTER TABLE `attributes` ADD `cluster` tinyint(1) DEFAULT '0'; +ALTER TABLE `attributes` ADD `communitie` tinyint(1) DEFAULT '0'; +ALTER TABLE `attributes` ADD `dist_change` int(11) DEFAULT '0'; +-- -------------------------------------------------------- + +-- +-- Create blacklist +-- + +CREATE TABLE `blacklist` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `name` varchar(254) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; +-- -------------------------------------------------------- + +-- +-- Create correlations +-- + +DROP TABLE IF EXISTS `correlations`; +CREATE TABLE `correlations` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `1_event_id` int(11) NOT NULL, + `1_attribute_id` int(11) NOT NULL, + `1_private` tinyint(1) NOT NULL, + `event_id` int(11) NOT NULL, + `attribute_id` int(11) NOT NULL, + `org` varchar(255) COLLATE utf8_bin NOT NULL, + `private` tinyint(1) NOT NULL, + `cluster` tinyint(1) NOT NULL, + `date` date NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM AUTO_INCREMENT=118 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; +-- -------------------------------------------------------- + +-- +-- Update to events +-- + +ALTER TABLE `events` ADD `cluster` tinyint(1) NOT NULL; +ALTER TABLE `events` ADD `communitie` tinyint(1) NOT NULL; +ALTER TABLE `events` ADD `analysis` tinyint(4) NOT NULL; +ALTER TABLE `events` ADD `attribute_count` int(11) UNSIGNED DEFAULT NULL; +ALTER TABLE `events` ADD `hop_count` int(11) UNSIGNED DEFAULT NULL; +ALTER TABLE `events` ADD `dist_change` int(11) NOT NULL DEFAULT 0; +ALTER TABLE `events` ADD `orgc` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL; +UPDATE TABLE `events` SET `orgc` = `org` WHERE `orgc` = NULL; +-- -------------------------------------------------------- + +-- +-- Table structure for table `logs` +-- + +CREATE TABLE `logs` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `title` varchar(255) COLLATE utf8_bin NOT NULL, + `created` datetime NOT NULL, + `model` varchar(20) COLLATE utf8_bin NOT NULL, + `model_id` int(11) NOT NULL, + `action` varchar(20) COLLATE utf8_bin NOT NULL, + `user_id` int(11) NOT NULL, + `change` varchar(255) COLLATE utf8_bin, + `email` varchar(255) COLLATE utf8_bin NOT NULL, + `org` varchar(255) COLLATE utf8_bin NOT NULL, + `description` varchar(255) COLLATE utf8_bin NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; +-- -------------------------------------------------------- + +-- +-- Table structure for table `regexp` +-- + +CREATE TABLE `regexp` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `regexp` varchar(255) COLLATE utf8_bin NOT NULL, + `replacement` varchar(255) COLLATE utf8_bin NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM AUTO_INCREMENT=16 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; +-- -------------------------------------------------------- + +-- +-- Create table roles +-- + +DROP TABLE IF EXISTS `roles`; +CREATE TABLE `roles` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `name` varchar(100) COLLATE utf8_bin NOT NULL, + `created` datetime NOT NULL, + `modified` datetime NOT NULL, + `perm_add` tinyint(1) NOT NULL, + `perm_modify` tinyint(1) NOT NULL, + `perm_modify_org` tinyint(1) NOT NULL, + `perm_publish` tinyint(1) NOT NULL, + `perm_sync` tinyint(1) NOT NULL, + `perm_full` tinyint(1) NOT NULL, + `perm_auth` tinyint(1) NOT NULL, + `perm_audit` tinyint(1) NOT NULL, + `perm_admin` tinyint(1) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; +-- -------------------------------------------------------- + +-- +-- Creating initial roles +-- +-- 1. Admin - has full access +-- 2. Org Admin - read/write/publish/audit/admin/sync/auth +-- 3. User - User - Read / Write, no other permissions (default) +-- 4. Sync user - read/write/publish/sync/auth +-- + +INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`) +VALUES ('1', 'admin', NOW() , NOW() , '1', '1', '1', '1', '1', '1', '1', '1', '1'); + +INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`) +VALUES ('2', 'Org Admin', NOW() , NOW() , '1', '1', '0' , '1', '1', '1', '1', '0' , '1'); + +INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`) +VALUES ('3', 'User', NOW() , NOW() , '1', '1', '0' , '0' , '0' , '0' , '0' , '0' , '0'); + +INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`) +VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1'); +-- -------------------------------------------------------- + +-- +-- Update servers +-- + +ALTER TABLE `servers` DROP `logo`; +-- -------------------------------------------------------- + +-- +-- Update users +-- Collate changed for email - fixes case sensitivity of user names +-- + +ALTER TABLE `users` ADD `role_id` int(11) NOT NULL; +ALTER TABLE `users` ADD `change_pw` tinyint(1) NOT NULL; +ALTER TABLE `users` CHANGE `email` `email` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL +UPDATE TABLE `users` SET `role_id` = '3'; +UPDATE TABLE `users` SET `role_id` = '1' WHERE `org` = 'ADMIN'; +-- -------------------------------------------------------- diff --git a/app/MYSQL.orgc.sql b/app/MYSQL.orgc.sql new file mode 100644 index 000000000..c20155b6c --- /dev/null +++ b/app/MYSQL.orgc.sql @@ -0,0 +1 @@ +ALTER TABLE `events` ADD `orgc` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL \ No newline at end of file diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index 40533682d..1e3c8c732 100755 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -21,8 +21,9 @@ class Attribute extends AppModel { 'userKey' => 'user_id', 'change' => 'full'), 'Trim', - //'Regexp' => array('fields' => array('value', 'value2')), - //'Blacklist' => array('fields' => array('value')) + 'Containable', + 'Regexp' => array('fields' => array('value', 'value2')), + 'Blacklist' => array('fields' => array('value')) ); /** @@ -369,20 +370,21 @@ class Attribute extends AppModel { if (!empty($this->data['Attribute']['type'])) { $compositeTypes = $this->getCompositeTypes(); // explode composite types in value1 and value2 - $pieces = explode('|', $this->data['Attribute']['value']); - if (in_array($this->data['Attribute']['type'], $compositeTypes)) { - if (2 != count($pieces)) { - throw new InternalErrorException('Composite type, but value not explodable'); + //if (!isset($this->data['Attribute']['value1'])) { + $pieces = explode('|', $this->data['Attribute']['value']); + if (in_array($this->data['Attribute']['type'], $compositeTypes)) { + if (2 != count($pieces)) { + throw new InternalErrorException('Composite type, but value not explodable'); + } + $this->data['Attribute']['value1'] = $pieces[0]; + $this->data['Attribute']['value2'] = $pieces[1]; + } else { + $total = implode('|', $pieces); + $this->data['Attribute']['value1'] = $total; + $this->data['Attribute']['value2'] = ''; } - $this->data['Attribute']['value1'] = $pieces[0]; - $this->data['Attribute']['value2'] = $pieces[1]; - } else { - $total = implode('|', $pieces); - $this->data['Attribute']['value1'] = $total; - $this->data['Attribute']['value2'] = ''; - } + //} } - // always return true after a beforeSave() return true; } @@ -423,6 +425,7 @@ class Attribute extends AppModel { } public function massageData(&$data) { + if(!isset($data['Attribute']['distribution'])) return $data; switch ($data['Attribute']['distribution']) { case 'Your organization only': $data['Attribute']['private'] = true; @@ -682,7 +685,6 @@ class Attribute extends AppModel { break; case 'link': if (preg_match('#^(http|ftp)(s)?\:\/\/((([a-z|0-9|\-]{1,25})(\.)?){2,7})($|/.*$)#i', $value) && !preg_match("#\n#", $value)) { - debug('here'); $returnValue = true; } break; diff --git a/app/Model/Behavior/RegexpBehavior.php b/app/Model/Behavior/RegexpBehavior.php index 7c16f932b..eda60b798 100755 --- a/app/Model/Behavior/RegexpBehavior.php +++ b/app/Model/Behavior/RegexpBehavior.php @@ -33,7 +33,6 @@ class RegexpBehavior extends ModelBehavior { $returnValue = true; // process some.. $returnValue = $this->regexpStringFields($Model); - return $returnValue; } @@ -48,9 +47,7 @@ class RegexpBehavior extends ModelBehavior { foreach ($Model->data[$Model->name] as $key => $field) { if (in_array($key, $this->settings[$Model->alias]['fields']) && is_string($field)) { $returnValue = $this->replaceWindowsSpecific($Model, $field); - //if (!$returnValue) { - // $Model->blacklistErrors[] = array($key, $field); - //} + $Model->data[$Model->name][$key] = $returnValue; } } return $returnValue; @@ -70,11 +67,12 @@ class RegexpBehavior extends ModelBehavior { foreach ($allRegexp as $regexp) { if (strlen($regexp['Regexp']['replacement'] && strlen($regexp['Regexp']['regexp']))) { $string = preg_replace($regexp['Regexp']['regexp'], $regexp['Regexp']['replacement'], $string); + $returnValue = $string; } if (!strlen($regexp['Regexp']['replacement']) && preg_match($regexp['Regexp']['regexp'], $string)) { App::uses('SessionComponent', 'Controller/Component'); SessionComponent::setFlash('Blacklisted value!'); - $returnValue = false; + return false; } } return $returnValue; diff --git a/app/Model/Event.php b/app/Model/Event.php index 19306fa49..a78766c76 100644 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -16,8 +16,9 @@ class Event extends AppModel { 'userKey' => 'user_id', 'change' => 'full'), 'Trim', - //'Regexp' => array('fields' => array('info')), - //'Blacklist' => array('fields' => array('info')), + 'Containable', + 'Regexp' => array('fields' => array('info')), + 'Blacklist' => array('fields' => array('info')), ); /** @@ -83,6 +84,16 @@ class Event extends AppModel { //'on' => 'create', // Limit validation to 'create' or 'update' operations ), ), + 'orgc' => array( + 'notempty' => array( + 'rule' => array('notempty'), + //'message' => 'Your custom message here', + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), 'date' => array( 'date' => array( 'rule' => array('date'), @@ -529,16 +540,24 @@ class Event extends AppModel { $encodedFile = $this->Attribute->base64EncodeAttachment($attribute); $attribute['data'] = $encodedFile; } + // Passing the attribute ID together with the attribute could cause the deletion of attributes after a publish/push + // Basically, if the attribute count differed between two instances, and the instance with the lower attribute + // count pushed, the old attributes with the same ID got overwritten. Unsetting the ID before pushing it + // solves the issue and a new attribute is always created. + unset($attribute['id']); } // Distribution, correct Community to Org only in Event if ($event['Event']['cluster'] && !$event['Event']['private']) { $event['Event']['private'] = true; $event['Event']['cluster'] = false; + //$event['Event']['communitie'] = false; $event['Event']['distribution'] = 'Your organization only'; } // Distribution, correct All to Community in Event + // Potential problem here -> setting cluster gives 0-1-1 (pr/cl/co) settings that don't exist. Adding switch from comm true to false if (!$event['Event']['cluster'] && !$event['Event']['private'] && $event['Event']['communitie']) { $event['Event']['cluster'] = true; + $event['Event']['communitie'] = false; $event['Event']['distribution'] = 'This Community-only'; } // up the hop count diff --git a/app/Model/User.php b/app/Model/User.php index ce28874d7..d7b963cce 100755 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -1,367 +1,367 @@ - array( - 'numeric' => array( - 'rule' => array('numeric'), - //'message' => 'Your custom message here', - //'allowEmpty' => false, - //'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'password' => array( - 'minlength' => array( - 'rule' => array('minlength', 6), - 'message' => 'A password of a minimum length of 6 is required.', - //'allowEmpty' => false, - 'required' => true, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - 'complexity' => array( - 'rule' => array('complexPassword'), - 'message' => 'The password must contain at least one upper-case, one lower-case, one (digits or special character).', - //'allowEmpty' => false, - //'required' => true, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - 'identical' => array( - 'rule' => array('identicalFieldValues', 'confirm_password'), - 'message' => 'Please re-enter your password twice so that the values match.', - //'allowEmpty' => false, - //'required' => true, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'org' => array( - 'notempty' => array( - 'rule' => array('notempty'), - 'message' => 'Please specify the organisation where you are working.', - //'allowEmpty' => false, - //'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'org_id' => array( - 'notempty' => array( - 'rule' => array('notempty'), - 'message' => 'Please specify the organisation ID where you are working.', // TODO ACL, org_id in Users - //'allowEmpty' => false, - //'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'email' => array( - 'email' => array( - 'rule' => array('email'), - 'message' => 'Please enter a valid email address.', - //'allowEmpty' => false, - 'required' => true, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - 'unique' => array( - 'rule' => 'isUnique', - 'message' => 'An account with this email address already exists.' - ), - ), - 'autoalert' => array( - 'boolean' => array( - 'rule' => array('boolean'), - //'message' => 'Your custom message here', - 'allowEmpty' => true, - 'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'authkey' => array( - 'minlength' => array( - 'rule' => array('minlength', 40), - 'message' => 'A authkey of a minimum length of 40 is required.', - 'required' => true, - ), - 'notempty' => array( - 'rule' => array('notempty'), - //'message' => 'Your custom message here', - //'allowEmpty' => false, - //'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'invited_by' => array( - 'numeric' => array( - 'rule' => array('numeric'), - //'message' => 'Your custom message here', - //'allowEmpty' => false, - //'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'change_pw' => array( - 'numeric' => array( - 'rule' => array('numeric'), - //'message' => 'Your custom message here', - 'allowEmpty' => true, - 'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'gpgkey' => array( - 'notempty' => array( - 'rule' => array('validateGpgkey'), - 'message' => 'GPG key not valid, please enter a valid key.', - //'allowEmpty' => false, - //'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'nids_sid' => array( - 'numeric' => array( - 'rule' => array('numeric'), - 'message' => 'A SID should be an integer.', - 'allowEmpty' => false, - 'required' => true, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'termsaccepted' => array( - 'boolean' => array( - 'rule' => array('boolean'), - //'message' => 'Your custom message here', - //'allowEmpty' => false, - //'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - 'newsread' => array( - 'date' => array( - 'rule' => array('date'), - //'message' => 'Your custom message here', - //'allowEmpty' => false, - //'required' => false, - //'last' => false, // Stop validation after this rule - //'on' => 'create', // Limit validation to 'create' or 'update' operations - ), - ), - ); - - //The Associations below have been created with all possible keys, those that are not needed can be removed - -/** - * belongsTo associations - * - * @var array - */ - public $belongsTo = array( - 'Role' => array( - 'className' => 'Role', - 'foreignKey' => 'role_id', - 'conditions' => '', - 'fields' => '', - 'order' => '' - ) - ); - -/** - * hasMany associations - * - * @var array - */ - public $hasMany = array( - 'Event' => array( - 'className' => 'Event', - 'foreignKey' => 'user_id', - 'dependent' => false, - 'conditions' => '', - 'fields' => '', - 'order' => '', - 'limit' => '', - 'offset' => '', - 'exclusive' => '', - 'finderQuery' => '', - 'counterQuery' => '' - ) - ); - -/** - * TODO ACL: 1: be requester to CakePHP ACL system - */ - public $actsAs = array( - 'Acl' => array( // TODO ACL, + 'enabled' => false - 'type' => 'requester', - 'enabled' => false - ), - 'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable - 'userModel' => 'User', - 'userKey' => 'user_id', - 'change' => 'full' - ), - 'Trim', - //'RemoveNewline' => array('fields' => array('gpgkey')), - ); - -/** - * TODO ACL: 2: hook User into CakePHP ACL system (so link to aros) - */ - public function parentNode() { - if (!$this->id && empty($this->data)) { - return null; - } - if (isset($this->data['User']['role_id'])) { - $roleId = $this->data['User']['role_id']; - } else { - $roleId = $this->field('role_id'); - } - if (!$roleId) { - return null; - } else { - return array('Role' => array('id' => $roleId)); - } - } - -/** - * TODO ACL: 3: rights on Roles: http://stackoverflow.com/questions/6154285/aros-table-in-cakephp-is-still-including-users-even-after-bindnode - */ - public function bindNode($user) { - // return array('model' => 'Group', 'foreign_key' => $user['User']['role_id']); - return array('Role' => array('id' => $user['User']['role_id'])); - } - - public function beforeSave() { - if (isset($this->data[$this->alias]['password'])) { - $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']); - } - return true; - - // only accept add and edit in own org - //if ($this->data[$this->alias]['org'] != "TEST") { - // return false; - //} - //return true; - } - -/** - * Checks if the GPG key is a valid key - * But also import it in the keychain. - */ - public function validateGpgkey($check) { - // LATER first remove the old gpgkey from the keychain - - // empty value - if (empty($check['gpgkey'])) { - return true; - } - - // we have a clean, hopefull public, key here - - // key is entered - require_once 'Crypt/GPG.php'; - try { - $gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'))); - try { - $keyImportOutput = $gpg->importKey($check['gpgkey']); - if (!empty($keyImportOutput['fingerprint'])) { - return true; - } - } catch (Exception $e) { - //debug($e); - return false; - } - } catch (Exception $e) { - //debug($e); - return true; // TODO was false - } - } - - public function complexPassword($check) { - /* - 6 characters minimum - 1 or more upper-case letters - 1 or more lower-case letters - 1 or more digits or special characters - example: "EasyPeasy34" - */ - $value = array_values($check); - $value = $value[0]; - return preg_match('/((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/', $value); - } - - public function identicalFieldValues($field=array(), $compareField=null) { - foreach ($field as $key => $value) { - $v1 = $value; - $v2 = $this->data[$this->name][$compareField]; - if ($v1 !== $v2) { - return false; - } else { - continue; - } - } - return true; - } - -/** - * Generates an authentication key for each user - */ - public function generateAuthKey() { - //$key = sha1(mt_rand(30, 30).time()); - $length = 40; - $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; - $charLen = strlen($characters) - 1; - $key = ''; - for ($p = 0; $p < $length; $p++) { - $key .= $characters[rand(0, $charLen)]; - } - - return $key; - } - - public function checkAndCorrectPgps() { - $fails = array(); - $users = $this->find('all', array('recursive' => 0)); - - foreach ($users as $user) { - if (strlen($user['User']['gpgkey']) && strpos($user['User']['gpgkey'], "\n")) { - $fails[] = $user['User']['id'] . ':' . $user['User']['id']; - //$check['gpgkey'] = trim(preg_replace('/\n', '', $check['gpgkey'])); - } - } - return $fails; - } -} + array( + 'numeric' => array( + 'rule' => array('numeric'), + //'message' => 'Your custom message here', + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'password' => array( + 'minlength' => array( + 'rule' => array('minlength', 6), + 'message' => 'A password of a minimum length of 6 is required.', + //'allowEmpty' => false, + 'required' => true, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + 'complexity' => array( + 'rule' => array('complexPassword'), + 'message' => 'The password must contain at least one upper-case, one lower-case, one (digits or special character).', + //'allowEmpty' => false, + //'required' => true, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + 'identical' => array( + 'rule' => array('identicalFieldValues', 'confirm_password'), + 'message' => 'Please re-enter your password twice so that the values match.', + //'allowEmpty' => false, + //'required' => true, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'org' => array( + 'notempty' => array( + 'rule' => array('notempty'), + 'message' => 'Please specify the organisation where you are working.', + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'org_id' => array( + 'notempty' => array( + 'rule' => array('notempty'), + 'message' => 'Please specify the organisation ID where you are working.', // TODO ACL, org_id in Users + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'email' => array( + 'email' => array( + 'rule' => array('email'), + 'message' => 'Please enter a valid email address.', + //'allowEmpty' => false, + 'required' => true, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + 'unique' => array( + 'rule' => 'isUnique', + 'message' => 'An account with this email address already exists.' + ), + ), + 'autoalert' => array( + 'boolean' => array( + 'rule' => array('boolean'), + //'message' => 'Your custom message here', + 'allowEmpty' => true, + 'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'authkey' => array( + 'minlength' => array( + 'rule' => array('minlength', 40), + 'message' => 'A authkey of a minimum length of 40 is required.', + 'required' => true, + ), + 'notempty' => array( + 'rule' => array('notempty'), + //'message' => 'Your custom message here', + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'invited_by' => array( + 'numeric' => array( + 'rule' => array('numeric'), + //'message' => 'Your custom message here', + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'change_pw' => array( + 'numeric' => array( + 'rule' => array('numeric'), + //'message' => 'Your custom message here', + 'allowEmpty' => true, + 'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'gpgkey' => array( + 'notempty' => array( + 'rule' => array('validateGpgkey'), + 'message' => 'GPG key not valid, please enter a valid key.', + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'nids_sid' => array( + 'numeric' => array( + 'rule' => array('numeric'), + 'message' => 'A SID should be an integer.', + 'allowEmpty' => false, + 'required' => true, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'termsaccepted' => array( + 'boolean' => array( + 'rule' => array('boolean'), + //'message' => 'Your custom message here', + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + 'newsread' => array( + 'date' => array( + 'rule' => array('date'), + //'message' => 'Your custom message here', + //'allowEmpty' => false, + //'required' => false, + //'last' => false, // Stop validation after this rule + //'on' => 'create', // Limit validation to 'create' or 'update' operations + ), + ), + ); + + //The Associations below have been created with all possible keys, those that are not needed can be removed + +/** + * belongsTo associations + * + * @var array + */ + public $belongsTo = array( + 'Role' => array( + 'className' => 'Role', + 'foreignKey' => 'role_id', + 'conditions' => '', + 'fields' => '', + 'order' => '' + ) + ); + +/** + * hasMany associations + * + * @var array + */ + public $hasMany = array( + 'Event' => array( + 'className' => 'Event', + 'foreignKey' => 'user_id', + 'dependent' => false, + 'conditions' => '', + 'fields' => '', + 'order' => '', + 'limit' => '', + 'offset' => '', + 'exclusive' => '', + 'finderQuery' => '', + 'counterQuery' => '' + ) + ); + +/** + * TODO ACL: 1: be requester to CakePHP ACL system + */ + public $actsAs = array( + 'Acl' => array( // TODO ACL, + 'enabled' => false + 'type' => 'requester', + 'enabled' => false + ), + 'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable + 'userModel' => 'User', + 'userKey' => 'user_id', + 'change' => 'full' + ), + 'Trim', + //'RemoveNewline' => array('fields' => array('gpgkey')), + ); + +/** + * TODO ACL: 2: hook User into CakePHP ACL system (so link to aros) + */ + public function parentNode() { + if (!$this->id && empty($this->data)) { + return null; + } + if (isset($this->data['User']['role_id'])) { + $roleId = $this->data['User']['role_id']; + } else { + $roleId = $this->field('role_id'); + } + if (!$roleId) { + return null; + } else { + return array('Role' => array('id' => $roleId)); + } + } + +/** + * TODO ACL: 3: rights on Roles: http://stackoverflow.com/questions/6154285/aros-table-in-cakephp-is-still-including-users-even-after-bindnode + */ + public function bindNode($user) { + // return array('model' => 'Group', 'foreign_key' => $user['User']['role_id']); + return array('Role' => array('id' => $user['User']['role_id'])); + } + + public function beforeSave() { + if (isset($this->data[$this->alias]['password'])) { + $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']); + } + return true; + + // only accept add and edit in own org + //if ($this->data[$this->alias]['org'] != "TEST") { + // return false; + //} + //return true; + } + +/** + * Checks if the GPG key is a valid key + * But also import it in the keychain. + */ + public function validateGpgkey($check) { + // LATER first remove the old gpgkey from the keychain + + // empty value + if (empty($check['gpgkey'])) { + return true; + } + + // we have a clean, hopefull public, key here + + // key is entered + require_once 'Crypt/GPG.php'; + try { + $gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'))); + try { + $keyImportOutput = $gpg->importKey($check['gpgkey']); + if (!empty($keyImportOutput['fingerprint'])) { + return true; + } + } catch (Exception $e) { + //debug($e); + return false; + } + } catch (Exception $e) { + //debug($e); + return true; // TODO was false + } + } + + public function complexPassword($check) { + /* + 6 characters minimum + 1 or more upper-case letters + 1 or more lower-case letters + 1 or more digits or special characters + example: "EasyPeasy34" + */ + $value = array_values($check); + $value = $value[0]; + return preg_match('/((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/', $value); + } + + public function identicalFieldValues($field=array(), $compareField=null) { + foreach ($field as $key => $value) { + $v1 = $value; + $v2 = $this->data[$this->name][$compareField]; + if ($v1 !== $v2) { + return false; + } else { + continue; + } + } + return true; + } + +/** + * Generates an authentication key for each user + */ + public function generateAuthKey() { + //$key = sha1(mt_rand(30, 30).time()); + $length = 40; + $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; + $charLen = strlen($characters) - 1; + $key = ''; + for ($p = 0; $p < $length; $p++) { + $key .= $characters[rand(0, $charLen)]; + } + + return $key; + } + + public function checkAndCorrectPgps() { + $fails = array(); + $users = $this->find('all', array('recursive' => 0)); + + foreach ($users as $user) { + if (strlen($user['User']['gpgkey']) && strpos($user['User']['gpgkey'], "\n")) { + $fails[] = $user['User']['id'] . ':' . $user['User']['id']; + //$check['gpgkey'] = trim(preg_replace('/\n', '', $check['gpgkey'])); + } + } + return $fails; + } +} diff --git a/app/View/Attributes/add.ctp b/app/View/Attributes/add.ctp index ff10e3f44..1b718d85b 100755 --- a/app/View/Attributes/add.ctp +++ b/app/View/Attributes/add.ctp @@ -89,7 +89,7 @@ var formInfoValues = new Array(); $def) { $info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc']; - echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes + echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes } foreach ($categoryDefinitions as $category => $def) { $info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc']; @@ -97,7 +97,7 @@ foreach ($categoryDefinitions as $category => $def) { } foreach ($distributionDescriptions as $type => $def) { $info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc']; - echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes + echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes } ?> diff --git a/app/View/Attributes/add_attachment.ctp b/app/View/Attributes/add_attachment.ctp index d0c99049e..fe30ee2cf 100755 --- a/app/View/Attributes/add_attachment.ctp +++ b/app/View/Attributes/add_attachment.ctp @@ -47,7 +47,7 @@ foreach ($categoryDefinitions as $category => $def) { } foreach ($distributionDescriptions as $type => $def) { $info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc']; - echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes + echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes } ?> diff --git a/app/View/Attributes/edit.ctp b/app/View/Attributes/edit.ctp index 4b5fc3f57..12abad25e 100755 --- a/app/View/Attributes/edit.ctp +++ b/app/View/Attributes/edit.ctp @@ -1,127 +1,130 @@ - -