mirror of https://github.com/MISP/MISP
chg: [analystdata wip]
iglocska
parent
22c413059f
commit
2ab819f3cb
|
|
@ -25,6 +25,7 @@ class CRUDComponent extends Component
|
|||
}
|
||||
$options['filters'][] = 'quickFilter';
|
||||
}
|
||||
$this->Controller->includeAnalystData->{$this->Controller->modelClass}->includeAnalystData = true;
|
||||
$params = $this->Controller->IndexFilter->harvestParameters(empty($options['filters']) ? [] : $options['filters']);
|
||||
$query = [];
|
||||
$query = $this->setFilters($params, $query);
|
||||
|
|
@ -231,6 +232,7 @@ class CRUDComponent extends Component
|
|||
if (empty($id)) {
|
||||
throw new NotFoundException(__('Invalid %s.', $modelName));
|
||||
}
|
||||
$this->Controller->{$modelName}->includeAnalystData = true;
|
||||
$query = [
|
||||
'recursive' => -1,
|
||||
'conditions' => [$modelName . '.id' => $id],
|
||||
|
|
|
|||
|
|
@ -755,7 +755,7 @@ class EventsController extends AppController
|
|||
if ($nothing) {
|
||||
$this->paginate['conditions']['AND'][] = ['Event.id' => -1]; // do not fetch any event
|
||||
}
|
||||
|
||||
$this->Event->includeAnalystData = true;
|
||||
$events = $this->paginate();
|
||||
|
||||
if (count($events) === 1 && isset($this->passedArgs['searchall'])) {
|
||||
|
|
@ -1695,7 +1695,7 @@ class EventsController extends AppController
|
|||
}
|
||||
|
||||
$namedParams = $this->request->params['named'];
|
||||
|
||||
$this->Event->includeAnalystData = true;
|
||||
if ($this->_isRest()) {
|
||||
$conditions['includeAttachments'] = isset($namedParams['includeAttachments']) ? $namedParams['includeAttachments'] : true;
|
||||
} else {
|
||||
|
|
@ -1790,7 +1790,6 @@ class EventsController extends AppController
|
|||
} else {
|
||||
$user = $this->Auth->user();
|
||||
}
|
||||
|
||||
$results = $this->Event->fetchEvent($user, $conditions);
|
||||
if (empty($results)) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
|
|
|||
|
|
@ -47,6 +47,8 @@ class AppModel extends Model
|
|||
/** @var Workflow|null */
|
||||
private $Workflow;
|
||||
|
||||
public $includeAnalystData;
|
||||
|
||||
// deprecated, use $db_changes
|
||||
// major -> minor -> hotfix -> requires_logout
|
||||
const OLD_DB_CHANGES = array(
|
||||
|
|
|
|||
|
|
@ -5,9 +5,41 @@
|
|||
*/
|
||||
class AnalystDataBehavior extends ModelBehavior
|
||||
{
|
||||
public function fetchForUuid()
|
||||
{
|
||||
public $SharingGroup;
|
||||
|
||||
private $__current_type = null;
|
||||
|
||||
public function setup(Model $Model, $settings = array()) {
|
||||
// We want to know whether we're a Note, Opinion or Relationship
|
||||
$this->__current_type = $Model->alias;
|
||||
}
|
||||
|
||||
// Return the analystData of the current type for a given UUID (this only checks the ACL of the analystData, NOT of the parent.)
|
||||
public function fetchForUuid(Model $Model, $uuid, $user)
|
||||
{
|
||||
$conditions = [
|
||||
'object_uuid' => $uuid
|
||||
];
|
||||
$type = $this->__current_type;
|
||||
if (empty($user['Role']['perm_site_admin'])) {
|
||||
$this->SharingGroup = ClassRegistry::init('SharingGroup');
|
||||
$validSharingGroups = $this->SharingGroup->authorizedIds($user, true);
|
||||
$conditions['AND'][] = [
|
||||
'OR' => [
|
||||
$type . '.orgc_id' => $user['org_id'],
|
||||
$type . '.org_id' => $user['org_id'],
|
||||
$type . '.distribution IN' => [1, 2, 3],
|
||||
'AND' => [
|
||||
$type . '.distribution' => 4,
|
||||
$type . '.sharing_group_id IN' => $validSharingGroups
|
||||
]
|
||||
]
|
||||
];
|
||||
}
|
||||
return $Model->find('all', [
|
||||
'recursive' => -1,
|
||||
'conditions' => $conditions
|
||||
]);
|
||||
}
|
||||
|
||||
public function checkACL()
|
||||
|
|
|
|||
|
|
@ -0,0 +1,51 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Common functions for the 3 analyst objects
|
||||
*/
|
||||
class AnalystDataParentBehavior extends ModelBehavior
|
||||
{
|
||||
private $__currentUser = null;
|
||||
|
||||
public $User;
|
||||
|
||||
|
||||
|
||||
public function attachAnalystData(array $object, array $types = ['Note', 'Opinion', 'Relationship'])
|
||||
{
|
||||
// No uuid, nothing to attach
|
||||
if (empty($object['uuid'])) {
|
||||
return $object;
|
||||
}
|
||||
if (empty($this->__currentUser)) {
|
||||
$user_id = Configure::read('CurrentUserId');
|
||||
$this->User = ClassRegistry::init('User');
|
||||
if ($user_id) {
|
||||
$this->__currentUser = $this->User->getAuthUser($user_id);
|
||||
}
|
||||
}
|
||||
$data = [];
|
||||
foreach ($types as $type) {
|
||||
$this->{$type} = ClassRegistry::init($type);
|
||||
$temp = $this->{$type}->fetchForUuid($object['uuid'], $this->__currentUser);
|
||||
if (!empty($temp)) {
|
||||
foreach ($temp as $k => $temp_element) {
|
||||
$data[$type][] = $temp_element[$type];
|
||||
}
|
||||
}
|
||||
}
|
||||
return $data;
|
||||
}
|
||||
|
||||
public function afterFind(Model $model, $results, $primary = false)
|
||||
{
|
||||
if (!empty($model->includeAnalystData)) {
|
||||
foreach ($results as $k => $item) {
|
||||
if (isset($item[$model->alias])) {
|
||||
$results[$k] = array_merge($results[$k], $this->attachAnalystData($item[$model->alias]));
|
||||
}
|
||||
}
|
||||
}
|
||||
return $results;
|
||||
}
|
||||
}
|
||||
|
|
@ -40,7 +40,8 @@ class Event extends AppModel
|
|||
'change' => 'full'),
|
||||
'Trim',
|
||||
'Containable',
|
||||
'EventWarning'
|
||||
'EventWarning',
|
||||
'AnalystDataParent'
|
||||
);
|
||||
|
||||
public $displayField = 'id';
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
App::uses('AppModel', 'Model');
|
||||
class Opinion extends AppModel
|
||||
class Opinion extends AnalystData
|
||||
{
|
||||
|
||||
public $recursive = -1;
|
||||
|
|
|
|||
Loading…
Reference in New Issue