MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #2934 from cvandeplas/fix/modules-api 

fix - allows upload of files using the misp-modules API
pull/2962/head
Andras Iklody 2018-02-18 10:07:21 +01:00 committed by GitHub
parent 924a39a369 637a500c1e
commit 297fe776fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 148 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
app/Controller/EventsController.php
View File

@ -3487,21 +3487,8 @@ class EventsController extends AppController {
}
}
public function __pushFreetext($resultArray, $eventId, $distribution = false, $sg = false, $adhereToWarninglists = false) {
if ($adhereToWarninglists) {
$this->Warninglist = ClassRegistry::init('Warninglist');
$warninglists = $this->Warninglist->fetchForEventView();
}
foreach ($resultArray as $k => $result) {
$result['type'] = $result['default_type'];
unset($result['default_type']);
unset($result['types']);
if (isset($result['default_category'])) {
$result['category'] = $result['default_category'];
unset($result['default_category']);
} else {
$result['category'] = $this->Event->Attribute->defaultCategories[$result['type']];
}
public function __pushFreetext($attributes, $id, $distribution = false, $sg = false, $adhereToWarninglists = false) {
if ($distribution === false) {
if (Configure::read('MISP.default_attribute_distribution') != null) {
if (Configure::read('MISP.default_attribute_distribution') == 'event') {
@ -3513,47 +3500,45 @@ class EventsController extends AppController {
$distribution = 0;
}
}
$result['distribution'] = $distribution;
$result['event_id'] = $eventId;
$resultArray[$k] = $result;
if ($adhereToWarninglists) {
if (!$this->Warninglist->filterWarninglistAttributes($warninglists, $result)) {
if ($adhereToWarninglists == 'soft') {
$result['to_ids'] = 0;
// prepare the default choices
foreach ($attributes as $k => $attribute) {
$attribute['type'] = $attribute['default_type'];
unset($attribute['default_type']);
unset($attribute['types']);
if (isset($attribute['default_category'])) {
$attribute['category'] = $attribute['default_category'];
unset($attribute['default_category']);
} else {
unset($resultArray[$k]);
continue;
$attribute['category'] = $this->Event->Attribute->defaultCategories[$attribute['type']];
}
$attribute['distribution'] = $distribution;
$attribute['event_id'] = $id;
$attributes[$k] = $attribute;
}
}
$this->Event->Attribute->create();
if (!$this->Event->Attribute->save($result)) {
unset($resultArray[$k]);
}
}
$resultArray = array_values($resultArray);
return $this->RestResponse->viewData($resultArray, $this->response->type());
// actually save the attribute now
$this->__processFreeTextData($attributes, $id, '', false, $adhereToWarninglists);
// FIXME $attributes does not contain the onteflyattributes
$attributes = array_values($attributes);
return $this->RestResponse->viewData($attributes, $this->response->type());
}
public function saveFreeText($id) {
if (!$this->userRole['perm_add']) {
throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
}
if ($this->request->is('post')) {
if (!$this->Event->checkIfAuthorised($this->Auth->user(), $id)) {
throw new MethodNotAllowedException('Invalid event.');
}
private function __processFreeTextData($attributes, $id, $default_comment = '', $force = false, $adhereToWarninglists = false) {
$event = $this->Event->find('first', array(
'conditions' => array('id' => $id),
'recursive' => -1,
'fields' => array('orgc_id', 'id', 'distribution', 'published', 'uuid'),
));
if (!$this->_isSiteAdmin() && !empty($event) && $event['Event']['orgc_id'] != $this->Auth->user('org_id')) $objectType = 'ShadowAttribute';
else if ($this->_isSiteAdmin() && isset($this->request->data['Attribute']['force']) && $this->request->data['Attribute']['force']) $objectType = 'ShadowAttribute';
else if ($this->_isSiteAdmin() && isset($force) && $force) $objectType = 'ShadowAttribute';
else $objectType = 'Attribute';
if ($adhereToWarninglists) {
$this->Warninglist = ClassRegistry::init('Warninglist');
$warninglists = $this->Warninglist->fetchForEventView();
}
$saved = 0;
$failed = 0;
$attributes = json_decode($this->request->data['Attribute']['JsonObject'], true);
$attributeSources = array('attributes', 'ontheflyattributes');
$ontheflyattributes = array();
foreach ($attributeSources as $source) {
@ -3588,7 +3573,7 @@ class EventsController extends AppController {
foreach ($types as $type) {
$this->Event->$objectType->create();
$attribute['type'] = $type;
if (empty($attribute['comment'])) $attribute['comment'] = $this->request->data['Attribute']['default_comment'];
if (empty($attribute['comment'])) $attribute['comment'] = $default_comment;
$attribute['event_id'] = $id;
if ($objectType == 'ShadowAttribute') {
$attribute['org_id'] = $this->Auth->user('org_id');
@ -3596,6 +3581,17 @@ class EventsController extends AppController {
$attribute['email'] = $this->Auth->user('email');
$attribute['event_uuid'] = $event['Event']['uuid'];
}
// adhere to the warninglist
if ($adhereToWarninglists) {
if (!$this->Warninglist->filterWarninglistAttributes($warninglists, $attribute)) {
if ($adhereToWarninglists == 'soft') {
$attribute['to_ids'] = 0;
} else {
// just ignore the attribute
continue;
}
}
}
$AttributSave = $this->Event->$objectType->save($attribute);
if ($AttributSave) {
// If Tags, attache each tags to attribut
@ -3637,10 +3633,28 @@ class EventsController extends AppController {
}
}
if ($failed > 0) {
$this->Session->setFlash($saved . ' ' . $messageScope . ' created' . $emailResult . '. ' . $failed . ' ' . $messageScope . ' could not be saved. This may be due to attributes with similar values already existing.');
$flashMessage = $saved . ' ' . $messageScope . ' created' . $emailResult . '. ' . $failed . ' ' . $messageScope . ' could not be saved. This may be due to attributes with similar values already existing.';
} else {
$this->Session->setFlash($saved . ' ' . $messageScope . ' created' . $emailResult . '.');
$flashMessage = $saved . ' ' . $messageScope . ' created' . $emailResult . '.';
}
return $flashMessage;
}
public function saveFreeText($id) {
if (!$this->userRole['perm_add']) {
throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
}
if ($this->request->is('post')) {
if (!$this->Event->checkIfAuthorised($this->Auth->user(), $id)) {
throw new MethodNotAllowedException('Invalid event.');
}
$attributes = json_decode($this->request->data['Attribute']['JsonObject'], true);
$default_comment = $this->request->data['Attribute']['default_comment'];
$force = $this->request->data['Attribute']['force'];
$flashMessage = $this->__processFreeTextData($attributes, $id, $default_comment, $force);
$this->Session->setFlash($flashMessage);
$this->redirect(array('controller' => 'events', 'action' => 'view', $id));
} else {
throw new MethodNotAllowedException();
@ -4470,7 +4484,7 @@ class EventsController extends AppController {
$eventId,
false,
false,
false
'soft'
);
}
if (isset($result['comment'])) {

2
app/Model/Attribute.php
View File

@ -337,6 +337,7 @@ class Attribute extends AppModel {
)
);
// FIXME we need a better way to list the defaultCategories knowing that new attribute types will continue to appear in the future. We should generate this dynamically or use a function using the default_category of the $typeDefinitions
public $defaultCategories = array(
'md5' => 'Payload delivery',
'sha1' => 'Payload delivery',
@ -357,6 +358,7 @@ class Attribute extends AppModel {
'filename' => 'Payload delivery',
'ip-src' => 'Network activity',
'ip-dst' => 'Network activity',
'ip-dst|port' => 'Network activity',
'mac-address' => 'Network activity',
'mac-eui-64' => 'Network activity',
'hostname' => 'Network activity',