mirror of https://github.com/MISP/MISP
new: allow user to enrich objects
parent
f125630c1c
commit
2c661b565f
|
@ -5210,42 +5210,82 @@ class EventsController extends AppController
|
|||
$this->render('index');
|
||||
}
|
||||
|
||||
// expects an attribute ID and the module to be used
|
||||
public function queryEnrichment($attribute_id, $module = false, $type = 'Enrichment')
|
||||
// expects a model ID, model type, the module to be used (optional) and the type of enrichment (optional)
|
||||
public function queryEnrichment($id, $module = false, $type = 'Enrichment', $model = 'Attribute')
|
||||
{
|
||||
if (!Configure::read('Plugin.' . $type . '_services_enable')) {
|
||||
throw new MethodNotAllowedException(__('%s services are not enabled.', $type));
|
||||
}
|
||||
$attribute = $this->Event->Attribute->fetchAttributes($this->Auth->user(), [
|
||||
'conditions' => [
|
||||
'Attribute.id' => $attribute_id
|
||||
],
|
||||
'flatten' => 1,
|
||||
'includeEventTags' => 1,
|
||||
'contain' => ['Event' => ['fields' => ['distribution', 'sharing_group_id']]],
|
||||
]);
|
||||
if (empty($attribute)) {
|
||||
throw new MethodNotAllowedException(__('Attribute not found or you are not authorised to see it.'));
|
||||
|
||||
if (!in_array($model, array('Attribute', 'ShadowAttribute', 'Object', 'Event'))) {
|
||||
throw new MethodNotAllowedException(__('Invalid model.'));
|
||||
}
|
||||
|
||||
$this->loadModel('Module');
|
||||
$enabledModules = $this->Module->getEnabledModules($this->Auth->user(), false, $type);
|
||||
|
||||
if (!is_array($enabledModules) || empty($enabledModules)) {
|
||||
throw new MethodNotAllowedException(__('No valid %s options found for this attribute.', $type));
|
||||
throw new MethodNotAllowedException(__('No valid %s options found for this %s.', $type, strtolower($model)));
|
||||
}
|
||||
|
||||
if ($model === 'Attribute' || $model === 'ShadowAttribute') {
|
||||
$attribute = $this->Event->Attribute->fetchAttributes($this->Auth->user(), [
|
||||
'conditions' => [
|
||||
'Attribute.id' => $id
|
||||
],
|
||||
'flatten' => 1,
|
||||
'includeEventTags' => 1,
|
||||
'contain' => ['Event' => ['fields' => ['distribution', 'sharing_group_id']]],
|
||||
]);
|
||||
if (empty($attribute)) {
|
||||
throw new MethodNotAllowedException(__('Attribute not found or you are not authorised to see it.'));
|
||||
}
|
||||
}
|
||||
|
||||
if ($model === 'Object') {
|
||||
$object = $this->Event->Object->fetchObjects($this->Auth->user(), [
|
||||
'conditions' => [
|
||||
'Object.id' => $id
|
||||
],
|
||||
'flatten' => 1,
|
||||
'includeEventTags' => 1,
|
||||
'contain' => ['Event' => ['fields' => ['distribution', 'sharing_group_id']]],
|
||||
]);
|
||||
if (empty($object)) {
|
||||
throw new MethodNotAllowedException(__('Object not found or you are not authorised to see it.'));
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->request->is('ajax')) {
|
||||
$modules = array();
|
||||
foreach ($enabledModules['modules'] as $module) {
|
||||
if (in_array($attribute[0]['Attribute']['type'], $module['mispattributes']['input'])) {
|
||||
$modules[] = array('name' => $module['name'], 'description' => $module['meta']['description']);
|
||||
$modules = [];
|
||||
|
||||
if ($model === 'Attribute' || $model === 'ShadowAttribute') {
|
||||
foreach ($enabledModules['modules'] as $module) {
|
||||
if (in_array($attribute[0]['Attribute']['type'], $module['mispattributes']['input'])) {
|
||||
$modules[] = array('name' => $module['name'], 'description' => $module['meta']['description']);
|
||||
}
|
||||
}
|
||||
}
|
||||
foreach (array('attribute_id', 'modules') as $viewVar) {
|
||||
$this->set($viewVar, $$viewVar);
|
||||
|
||||
if ($model === 'Object') {
|
||||
foreach ($enabledModules['modules'] as $module) {
|
||||
if (
|
||||
in_array($object[0]['Object']['name'], $module['mispattributes']['input']) ||
|
||||
in_array($object[0]['Object']['uuid'], $module['mispattributes']['input'])
|
||||
) {
|
||||
$modules[] = array('name' => $module['name'], 'description' => $module['meta']['description']);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$this->set('id', $id);
|
||||
$this->set('modules', $modules);
|
||||
$this->set('type', $type);
|
||||
$this->set('model', $model);
|
||||
$this->render('ajax/enrichmentChoice');
|
||||
} else {
|
||||
$options = array();
|
||||
$options = [];
|
||||
$format = 'simplified';
|
||||
foreach ($enabledModules['modules'] as $temp) {
|
||||
if ($temp['name'] == $module) {
|
||||
$format = !empty($temp['mispattributes']['format']) ? $temp['mispattributes']['format'] : 'simplified';
|
||||
|
@ -5267,7 +5307,13 @@ class EventsController extends AppController
|
|||
$this->set('title_for_layout', __('Enrichment Results'));
|
||||
$this->set('title', __('Enrichment Results'));
|
||||
if ($format == 'misp_standard') {
|
||||
$this->__queryEnrichment($attribute, $module, $options, $type);
|
||||
if ($model === 'Attribute' || $model === 'ShadowAttribute') {
|
||||
$this->__queryEnrichment($attribute, $module, $options, $type);
|
||||
}
|
||||
|
||||
if ($model === 'Object') {
|
||||
$this->__queryObjectEnrichment($object, $module, $options, $type);
|
||||
}
|
||||
} else {
|
||||
$this->__queryOldEnrichment($attribute, $module, $options, $type);
|
||||
}
|
||||
|
@ -5321,6 +5367,57 @@ class EventsController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
private function __queryObjectEnrichment($object, $module, $options, $type)
|
||||
{
|
||||
$object[0]['Object']['Attribute'] = $object[0]['Attribute'];
|
||||
foreach($object[0]['Object']['Attribute'] as &$attribute) {
|
||||
if ($this->Event->Attribute->typeIsAttachment($attribute['type'])) {
|
||||
$attribute['data'] = $this->Event->Attribute->base64EncodeAttachment($attribute);
|
||||
}
|
||||
}
|
||||
|
||||
$event_id = $object[0]['Event']['id'];
|
||||
$data = array('module' => $module, 'object' => $object[0]['Object'], 'event_id' => $event_id);
|
||||
if (!empty($options)) {
|
||||
$data['config'] = $options;
|
||||
}
|
||||
$result = $this->Module->queryModuleServer($data, false, $type, false, $object[0]);
|
||||
if (!$result) {
|
||||
throw new InternalErrorException(__('%s service not reachable.', $type));
|
||||
}
|
||||
if (isset($result['error'])) {
|
||||
$this->Flash->error($result['error']);
|
||||
}
|
||||
if (!is_array($result)) {
|
||||
throw new Exception($result);
|
||||
}
|
||||
$event = $this->Event->handleMispFormatFromModuleResult($result);
|
||||
if (empty($event['Attribute']) && empty($event['Object'])) {
|
||||
throw new NotImplementedException(__('No Attribute or Object returned by the module.'));
|
||||
} else {
|
||||
$importComment = !empty($result['comment']) ? $result['comment'] : $object[0]['Object']['value'] . __(': Enriched via the ') . $module . ($type != 'Enrichment' ? ' ' . $type : '') . ' module';
|
||||
$this->set('importComment', $importComment);
|
||||
$event['Event'] = $object[0]['Event'];
|
||||
$org_name = $this->Event->Orgc->find('first', array(
|
||||
'conditions' => array('Orgc.id' => $event['Event']['orgc_id']),
|
||||
'fields' => array('Orgc.name')
|
||||
));
|
||||
$event['Event']['orgc_name'] = $org_name['Orgc']['name'];
|
||||
if ($attribute[0]['Object']['id']) {
|
||||
$object_id = $attribute[0]['Object']['id'];
|
||||
$initial_object = $this->Event->fetchInitialObject($event_id, $object_id);
|
||||
if (!empty($initial_object)) {
|
||||
$event['initialObject'] = $initial_object;
|
||||
}
|
||||
}
|
||||
$this->set('event', $event);
|
||||
$this->set('menuItem', 'enrichmentResults');
|
||||
$this->set('title_for_layout', __('Enrichment Results'));
|
||||
$this->set('title', __('Enrichment Results'));
|
||||
$this->render('resolved_misp_format');
|
||||
}
|
||||
}
|
||||
|
||||
private function __queryOldEnrichment($attribute, $module, $options, $type)
|
||||
{
|
||||
$data = array('module' => $module, $attribute[0]['Attribute']['type'] => $attribute[0]['Attribute']['value'], 'event_id' => $attribute[0]['Attribute']['event_id'], 'attribute_uuid' => $attribute[0]['Attribute']['uuid']);
|
||||
|
|
|
@ -158,7 +158,7 @@ echo $this->element('/genericElements/IndexTable/index_table', [
|
|||
[
|
||||
'title' => __('Propose enrichment'),
|
||||
'icon' => 'asterisk',
|
||||
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/ShadowAttribute\');',
|
||||
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Enrichment/ShadowAttribute\');',
|
||||
'onclick_params_data_path' => 'Attribute.id',
|
||||
'complex_requirement' => [
|
||||
'function' => function ($object) use ($modules, $isSiteAdmin, $me) {
|
||||
|
@ -178,7 +178,7 @@ echo $this->element('/genericElements/IndexTable/index_table', [
|
|||
[
|
||||
'title' => __('Propose enrichment through Cortex'),
|
||||
'icon' => 'eye',
|
||||
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/ShadowAttribute/Cortex\');',
|
||||
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Enrichment/ShadowAttribute/Cortex\');',
|
||||
'onclick_params_data_path' => 'Attribute.id',
|
||||
'complex_requirement' => [
|
||||
'function' => function ($object) use ($cortex_modules, $isSiteAdmin, $me) {
|
||||
|
@ -202,7 +202,7 @@ echo $this->element('/genericElements/IndexTable/index_table', [
|
|||
[
|
||||
'title' => __('Add enrichment'),
|
||||
'icon' => 'asterisk',
|
||||
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Attribute\');',
|
||||
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Enrichment/Attribute\');',
|
||||
'onclick_params_data_path' => 'Attribute.id',
|
||||
'complex_requirement' => function ($object) use ($modules) {
|
||||
return $this->Acl->canModifyEvent($object) &&
|
||||
|
@ -213,7 +213,7 @@ echo $this->element('/genericElements/IndexTable/index_table', [
|
|||
[
|
||||
'title' => __('Add enrichment via Cortex'),
|
||||
'icon' => 'eye',
|
||||
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Attribute/Cortex\');',
|
||||
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Enrichment/Attribute/Cortex\');',
|
||||
'onclick_params_data_path' => 'Attribute.id',
|
||||
'complex_requirement' => function ($object) use ($cortex_modules) {
|
||||
return $this->Acl->canModifyEvent($object) &&
|
||||
|
|
|
@ -338,12 +338,12 @@
|
|||
if ($isAclAdd && ($isSiteAdmin || !$mayModify)):
|
||||
if (isset($modules) && isset($modules['types'][$object['type']])):
|
||||
?>
|
||||
<span class="fas fa-asterisk useCursorPointer" role="button" tabindex="0" aria-label="<?php echo __('Query enrichment');?>" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/ShadowAttribute');" title="<?php echo __('Propose enrichment');?>"> </span>
|
||||
<span class="fas fa-asterisk useCursorPointer" role="button" tabindex="0" aria-label="<?php echo __('Query enrichment');?>" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Enrichment/ShadowAttribute');" title="<?php echo __('Propose enrichment');?>"> </span>
|
||||
<?php
|
||||
endif;
|
||||
if (isset($cortex_modules) && isset($cortex_modules['types'][$object['type']])):
|
||||
?>
|
||||
<span class="icon-eye-open useCursorPointer" role="button" tabindex="0" aria-label="<?php echo __('Query Cortex');?>" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/ShadowAttribute/Cortex');" title="<?php echo __('Propose enrichment through Cortex');?>"></span>
|
||||
<span class="icon-eye-open useCursorPointer" role="button" tabindex="0" aria-label="<?php echo __('Query Cortex');?>" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Enrichment/ShadowAttribute/Cortex');" title="<?php echo __('Propose enrichment through Cortex');?>"></span>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
|
@ -358,12 +358,12 @@
|
|||
if ($isSiteAdmin || $mayModify):
|
||||
if (isset($modules) && isset($modules['types'][$object['type']])):
|
||||
?>
|
||||
<span class="fas fa-asterisk useCursorPointer" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Attribute');" title="<?php echo __('Add enrichment');?>" role="button" tabindex="0" aria-label="<?php echo __('Add enrichment');?>"> </span>
|
||||
<span class="fas fa-asterisk useCursorPointer" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Enrichment/Attribute');" title="<?php echo __('Add enrichment');?>" role="button" tabindex="0" aria-label="<?php echo __('Add enrichment');?>"> </span>
|
||||
<?php
|
||||
endif;
|
||||
if (isset($cortex_modules) && isset($cortex_modules['types'][$object['type']])):
|
||||
?>
|
||||
<span class="icon-eye-open useCursorPointer" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Attribute/Cortex');" title="<?php echo __('Add enrichment');?>" role="button" tabindex="0" aria-label="<?php echo __('Add enrichment via Cortex');?>"></span>
|
||||
<span class="icon-eye-open useCursorPointer" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Enrichment/Attribute/Cortex');" title="<?php echo __('Add enrichment');?>" role="button" tabindex="0" aria-label="<?php echo __('Add enrichment via Cortex');?>"></span>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
|
|
|
@ -111,6 +111,17 @@ $objectId = intval($object['id']);
|
|||
<td class="short action-links">
|
||||
<?php
|
||||
if ($mayModify) {
|
||||
if (Configure::read('Plugin.Enrichment_services_enable')) {
|
||||
echo sprintf(
|
||||
'<span class="fa fa-asterisk white useCursorPointer" title="%1$s" role="button" tabindex="0" aria-label="%1$s" onclick="%2$s"></span> ',
|
||||
__('Add enrichment'),
|
||||
sprintf(
|
||||
'simplePopup(\'%s/events/queryEnrichment/%s/0/Enrichment/Object\');',
|
||||
$baseurl, $objectId
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
if (empty($object['deleted'])) {
|
||||
echo sprintf(
|
||||
'<a href="%s/objects/edit/%s" title="%s" aria-label="%s" class="fa fa-edit white"></a> ',
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
sprintf(
|
||||
"window.location='%s/events/queryEnrichment/%s';",
|
||||
$baseurl,
|
||||
implode('/', array(h($attribute_id), h($module['name']), h($type)))
|
||||
implode('/', array(h($id), h($module['name']), h($type), h($model)))
|
||||
),
|
||||
h($module['description']),
|
||||
__('Enrich using the %s module', h($module['name'])),
|
||||
|
|
Loading…
Reference in New Issue