MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

cleanup of comments and todos 

minor memory performance improvement
pull/61/head
Christophe Vandeplas 2012-06-11 11:01:58 +02:00
parent cd5d53b22b
commit 2d335f5dbe
5 changed files with 24 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/Controller/AttributesController.php
View File

@ -74,7 +74,7 @@ class AttributesController extends AppController {
// only own attributes verified by isAuthorized
// Give error if someone tried to submit a attribute with attachment or malware-sample type.
// FIXME this is bad ... it should rather by a messagebox or should be filtered out on the view level
// TODO change behavior attachment options - this is bad ... it should rather by a messagebox or should be filtered out on the view level
if($this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
$this->Session->setFlash(__('Attribute has not been added: attachments are added by "Add attachment" button', true), 'default', array(), 'error');
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
@ -218,14 +218,15 @@ class AttributesController extends AppController {
$this->Attribute->create();
if($this->request->data['Attribute']['malware']) {
$this->request->data['Attribute']['type'] = "malware-sample";
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
}
else {
$this->request->data['Attribute']['type'] = "attachment";
$this->request->data['Attribute']['value'] = $filename;
$this->request->data['Attribute']['value'] = $filename;
$this->request->data['Attribute']['to_ids'] = 0;
}
$this->request->data['Attribute']['uuid'] = String::uuid();
$this->request->data['Attribute']['to_ids'] = 0; // LATER permit user to send this to IDS
$this->request->data['Attribute']['batch_import'] = 0;
if ($this->Attribute->save($this->request->data)) {
@ -316,7 +317,7 @@ class AttributesController extends AppController {
if('attachment' == $this->Attribute->data['Attribute']['type'] ||
'malware-sample'== $this->Attribute->data['Attribute']['type'] ) {
$this->set('attachment', true);
// FIXME we should ensure value cannot be changed here and not only on a view level (because of the associated file)
// TODO we should ensure 'value' cannot be changed here and not only on a view level (because of the associated file)
// $this->Session->setFlash(__('You cannot edit attachment attributes.', true), 'default', array(), 'error');
// $this->redirect(array('controller' => 'events', 'action' => 'view', $old_attribute['Event']['id']));
} else {

29
app/Controller/EventsController.php
View File

@ -85,13 +85,13 @@ class EventsController extends AppController {
$relatedAttributes = array();
$this->loadModel('Attribute');
$fields = array('Attribute.id', 'Attribute.event_id', 'Attribute.uuid');
foreach ($this->Event->data['Attribute'] as $key => $attribute) {
foreach ($this->Event->data['Attribute'] as &$attribute) {
$relatedAttributes[$attribute['id']] = $this->Attribute->getRelatedAttributes($attribute, $fields);
// for REST requests also add the encoded attachment
if ($this->_isRest() && $this->Attribute->typeIsAttachment($attribute['type'])) {
// LATER check if this has a serious performance impact on XML conversion and memory usage
$encoded_file = $this->Attribute->base64EncodeAttachment($attribute);
$this->Event->data['Attribute'][$key]['data'] = $encoded_file;
$attribute['data'] = $encoded_file;
}
}
$this->set('relatedAttributes', $relatedAttributes);
@ -231,8 +231,8 @@ class EventsController extends AppController {
$fieldList=array('date', 'risk', 'info', 'published', 'private');
// always force the org, but do not force it for admins
if ($this->_isAdmin()) {
$this->Event->read(); // FIXME URGENT this should be deleted? delete and test
$fieldList[]='org';
// set the same org as existed before
$this->Event->read();
$this->request->data['Event']['org'] = $this->Event->data['Event']['org'];
}
// we probably also want to remove the published flag
@ -509,8 +509,6 @@ class EventsController extends AppController {
if ($this->request->is('post') || $this->request->is('put')) {
$message = $this->request->data['Event']['message'];
if ($this->_sendContactEmail($id, $message)) {
// LATER when a user is deleted this will create problems.
// LATER send the email to all the people who are in the org that created the event
// redirect to the view event page
$this->Session->setFlash(__('Email sent to the reporter.', true));
} else {
@ -528,7 +526,7 @@ class EventsController extends AppController {
/**
*
* Sends out an email to all people within the same group
* Sends out an email to all people within the same org
* with the request to be contacted about a specific event.
* @todo move _sendContactEmail($id, $message) to a better place. (components?)
*
@ -709,7 +707,7 @@ class EventsController extends AppController {
// check if the key is valid -> search for users based on key
$this->loadModel('User');
// no input sanitization necessary, it's done by model
// TODO do not fetch recursive
// do not fetch recursive
$this->User->recursive=0;
$user = $this->User->findByAuthkey($key);
if (empty($user)) {
@ -742,9 +740,9 @@ class EventsController extends AppController {
$sid++;
switch ($attribute['type']) {
// LATER test all the snort attributes
// LATER add the tag keyword in the rules to capture network traffic
// LATER sanitize every $attribute['value'] to not conflict with snort
// LATER nids - test all the snort attributes
// LATER nids - add the tag keyword in the rules to capture network traffic
// LATER nids - sanitize every $attribute['value'] to not conflict with snort
case 'ip-dst':
$rules[] = sprintf($rule_format,
'ip', // proto
@ -806,7 +804,7 @@ class EventsController extends AppController {
);
break;
case 'email-subject':
// LATER email-subject rule might not match because of line-wrapping
// LATER nids - email-subject rule might not match because of line-wrapping
$rules[] = sprintf($rule_format,
'tcp', // proto
'$EXTERNAL_NET', // src_ip
@ -822,7 +820,7 @@ class EventsController extends AppController {
);
break;
case 'email-attachment':
// LATER email-attachment rule might not match because of line-wrapping
// LATER nids - email-attachment rule might not match because of line-wrapping
$rules[] = sprintf($rule_format,
'tcp', // proto
'$EXTERNAL_NET', // src_ip
@ -884,7 +882,7 @@ class EventsController extends AppController {
break;
case 'user-agent':
$rules[] = "";
// TODO write snort user-agent rule
// TODO nids - write snort user-agent rule
break;
case 'snort':
$tmp_rule = $attribute['value'];
@ -926,7 +924,7 @@ class EventsController extends AppController {
// finally the rule is cleaned up and can be outputed
$rules[] = $tmp_rule;
// TODO test using lots of snort rules.
// LATER nids - test using lots of snort rules.
default:
break;
@ -977,7 +975,6 @@ class EventsController extends AppController {
// // check if the key is valid -> search for users based on key
// $this->loadModel('User');
// // no input sanitization necessary, it's done by model
// // TODO do not fetch recursive
// $this->User->recursive=0;
// $user = $this->User->findByAuthkey($key);
// if (empty($user)) {

1
app/Controller/UsersController.php
View File

@ -224,7 +224,6 @@ class UsersController extends AppController {
public function login() {
// FIXME implement authentication brute-force protection
if ($this->Auth->login()) {
$this->redirect($this->Auth->redirect());
} else {

8
app/Model/Attribute.php
View File

@ -33,7 +33,7 @@ class Attribute extends AppModel {
'private' => array('desc' => 'Prevents upload of this single Attribute to other CyDefSIG servers', 'formdesc' => 'Prevents upload of <em>this single Attribute</em> to other CyDefSIG servers.<br/>Used only when the Event is NOT set as Private')
);
// these are definition of possible types + their descriptions and maybe LATER other behaviors
// these are definition of possible types + their descriptions and maybe later other behaviors
// e.g. if the attribute should be correlated with others or not
public $type_definitions = array(
@ -297,8 +297,8 @@ class Attribute extends AppModel {
$filepath = APP."files/".$this->data['Attribute']['event_id']."/".$this->data['Attribute']['id'];
$file = new File ($filepath);
if($file->exists()) {
if (!$file->delete()) {
$this->Session->setFlash(__('Delete failed. Please report to administrator', true), 'default', array(), 'error'); // TODO change this message. Throw an internal error
if (!$file->delete()) {
throw new InternalErrorException('Delete of file attachment failed. Please report to administrator.');
}
}
}
@ -517,7 +517,7 @@ class Attribute extends AppModel {
// prepare the conditions
$conditions = array(
'Attribute.event_id !=' => $attribute['event_id'],
// 'Attribute.type' => $attribute['type'], // LATER also filter on type
// 'Attribute.type' => $attribute['type'], // do not filter on type
);
if (empty($attribute['value1'])) // prevent issues with empty fields
return null;

2
app/Model/Server.php
View File

@ -17,7 +17,7 @@ class Server extends AppModel {
* @var array
*/
public $validate = array(
'url' => array( // TODO add extra validation to refuse multiple urls from the same org
'url' => array( // TODO add extra validation to refuse multiple time the same url from the same org
'url' => array(
'rule' => array('url'),
'message' => 'Please enter a valid base-url.',