mirror of https://github.com/MISP/MISP
parent
cd5d53b22b
commit
2d335f5dbe
|
@ -74,7 +74,7 @@ class AttributesController extends AppController {
|
|||
// only own attributes verified by isAuthorized
|
||||
|
||||
// Give error if someone tried to submit a attribute with attachment or malware-sample type.
|
||||
// FIXME this is bad ... it should rather by a messagebox or should be filtered out on the view level
|
||||
// TODO change behavior attachment options - this is bad ... it should rather by a messagebox or should be filtered out on the view level
|
||||
if($this->Attribute->typeIsAttachment($this->request->data['Attribute']['type'])) {
|
||||
$this->Session->setFlash(__('Attribute has not been added: attachments are added by "Add attachment" button', true), 'default', array(), 'error');
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
|
||||
|
@ -218,14 +218,15 @@ class AttributesController extends AppController {
|
|||
$this->Attribute->create();
|
||||
if($this->request->data['Attribute']['malware']) {
|
||||
$this->request->data['Attribute']['type'] = "malware-sample";
|
||||
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
|
||||
$this->request->data['Attribute']['value'] = $filename.'|'.$tmpfile->md5(); // TODO gives problems with bigger files
|
||||
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
|
||||
}
|
||||
else {
|
||||
$this->request->data['Attribute']['type'] = "attachment";
|
||||
$this->request->data['Attribute']['value'] = $filename;
|
||||
$this->request->data['Attribute']['value'] = $filename;
|
||||
$this->request->data['Attribute']['to_ids'] = 0;
|
||||
}
|
||||
$this->request->data['Attribute']['uuid'] = String::uuid();
|
||||
$this->request->data['Attribute']['to_ids'] = 0; // LATER permit user to send this to IDS
|
||||
$this->request->data['Attribute']['batch_import'] = 0;
|
||||
|
||||
if ($this->Attribute->save($this->request->data)) {
|
||||
|
@ -316,7 +317,7 @@ class AttributesController extends AppController {
|
|||
if('attachment' == $this->Attribute->data['Attribute']['type'] ||
|
||||
'malware-sample'== $this->Attribute->data['Attribute']['type'] ) {
|
||||
$this->set('attachment', true);
|
||||
// FIXME we should ensure value cannot be changed here and not only on a view level (because of the associated file)
|
||||
// TODO we should ensure 'value' cannot be changed here and not only on a view level (because of the associated file)
|
||||
// $this->Session->setFlash(__('You cannot edit attachment attributes.', true), 'default', array(), 'error');
|
||||
// $this->redirect(array('controller' => 'events', 'action' => 'view', $old_attribute['Event']['id']));
|
||||
} else {
|
||||
|
|
|
@ -85,13 +85,13 @@ class EventsController extends AppController {
|
|||
$relatedAttributes = array();
|
||||
$this->loadModel('Attribute');
|
||||
$fields = array('Attribute.id', 'Attribute.event_id', 'Attribute.uuid');
|
||||
foreach ($this->Event->data['Attribute'] as $key => $attribute) {
|
||||
foreach ($this->Event->data['Attribute'] as &$attribute) {
|
||||
$relatedAttributes[$attribute['id']] = $this->Attribute->getRelatedAttributes($attribute, $fields);
|
||||
// for REST requests also add the encoded attachment
|
||||
if ($this->_isRest() && $this->Attribute->typeIsAttachment($attribute['type'])) {
|
||||
// LATER check if this has a serious performance impact on XML conversion and memory usage
|
||||
$encoded_file = $this->Attribute->base64EncodeAttachment($attribute);
|
||||
$this->Event->data['Attribute'][$key]['data'] = $encoded_file;
|
||||
$attribute['data'] = $encoded_file;
|
||||
}
|
||||
}
|
||||
$this->set('relatedAttributes', $relatedAttributes);
|
||||
|
@ -231,8 +231,8 @@ class EventsController extends AppController {
|
|||
$fieldList=array('date', 'risk', 'info', 'published', 'private');
|
||||
// always force the org, but do not force it for admins
|
||||
if ($this->_isAdmin()) {
|
||||
$this->Event->read(); // FIXME URGENT this should be deleted? delete and test
|
||||
$fieldList[]='org';
|
||||
// set the same org as existed before
|
||||
$this->Event->read();
|
||||
$this->request->data['Event']['org'] = $this->Event->data['Event']['org'];
|
||||
}
|
||||
// we probably also want to remove the published flag
|
||||
|
@ -509,8 +509,6 @@ class EventsController extends AppController {
|
|||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
$message = $this->request->data['Event']['message'];
|
||||
if ($this->_sendContactEmail($id, $message)) {
|
||||
// LATER when a user is deleted this will create problems.
|
||||
// LATER send the email to all the people who are in the org that created the event
|
||||
// redirect to the view event page
|
||||
$this->Session->setFlash(__('Email sent to the reporter.', true));
|
||||
} else {
|
||||
|
@ -528,7 +526,7 @@ class EventsController extends AppController {
|
|||
|
||||
/**
|
||||
*
|
||||
* Sends out an email to all people within the same group
|
||||
* Sends out an email to all people within the same org
|
||||
* with the request to be contacted about a specific event.
|
||||
* @todo move _sendContactEmail($id, $message) to a better place. (components?)
|
||||
*
|
||||
|
@ -709,7 +707,7 @@ class EventsController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$this->loadModel('User');
|
||||
// no input sanitization necessary, it's done by model
|
||||
// TODO do not fetch recursive
|
||||
// do not fetch recursive
|
||||
$this->User->recursive=0;
|
||||
$user = $this->User->findByAuthkey($key);
|
||||
if (empty($user)) {
|
||||
|
@ -742,9 +740,9 @@ class EventsController extends AppController {
|
|||
|
||||
$sid++;
|
||||
switch ($attribute['type']) {
|
||||
// LATER test all the snort attributes
|
||||
// LATER add the tag keyword in the rules to capture network traffic
|
||||
// LATER sanitize every $attribute['value'] to not conflict with snort
|
||||
// LATER nids - test all the snort attributes
|
||||
// LATER nids - add the tag keyword in the rules to capture network traffic
|
||||
// LATER nids - sanitize every $attribute['value'] to not conflict with snort
|
||||
case 'ip-dst':
|
||||
$rules[] = sprintf($rule_format,
|
||||
'ip', // proto
|
||||
|
@ -806,7 +804,7 @@ class EventsController extends AppController {
|
|||
);
|
||||
break;
|
||||
case 'email-subject':
|
||||
// LATER email-subject rule might not match because of line-wrapping
|
||||
// LATER nids - email-subject rule might not match because of line-wrapping
|
||||
$rules[] = sprintf($rule_format,
|
||||
'tcp', // proto
|
||||
'$EXTERNAL_NET', // src_ip
|
||||
|
@ -822,7 +820,7 @@ class EventsController extends AppController {
|
|||
);
|
||||
break;
|
||||
case 'email-attachment':
|
||||
// LATER email-attachment rule might not match because of line-wrapping
|
||||
// LATER nids - email-attachment rule might not match because of line-wrapping
|
||||
$rules[] = sprintf($rule_format,
|
||||
'tcp', // proto
|
||||
'$EXTERNAL_NET', // src_ip
|
||||
|
@ -884,7 +882,7 @@ class EventsController extends AppController {
|
|||
break;
|
||||
case 'user-agent':
|
||||
$rules[] = "";
|
||||
// TODO write snort user-agent rule
|
||||
// TODO nids - write snort user-agent rule
|
||||
break;
|
||||
case 'snort':
|
||||
$tmp_rule = $attribute['value'];
|
||||
|
@ -926,7 +924,7 @@ class EventsController extends AppController {
|
|||
// finally the rule is cleaned up and can be outputed
|
||||
$rules[] = $tmp_rule;
|
||||
|
||||
// TODO test using lots of snort rules.
|
||||
// LATER nids - test using lots of snort rules.
|
||||
default:
|
||||
break;
|
||||
|
||||
|
@ -977,7 +975,6 @@ class EventsController extends AppController {
|
|||
// // check if the key is valid -> search for users based on key
|
||||
// $this->loadModel('User');
|
||||
// // no input sanitization necessary, it's done by model
|
||||
// // TODO do not fetch recursive
|
||||
// $this->User->recursive=0;
|
||||
// $user = $this->User->findByAuthkey($key);
|
||||
// if (empty($user)) {
|
||||
|
|
|
@ -224,7 +224,6 @@ class UsersController extends AppController {
|
|||
|
||||
|
||||
public function login() {
|
||||
// FIXME implement authentication brute-force protection
|
||||
if ($this->Auth->login()) {
|
||||
$this->redirect($this->Auth->redirect());
|
||||
} else {
|
||||
|
|
|
@ -33,7 +33,7 @@ class Attribute extends AppModel {
|
|||
'private' => array('desc' => 'Prevents upload of this single Attribute to other CyDefSIG servers', 'formdesc' => 'Prevents upload of <em>this single Attribute</em> to other CyDefSIG servers.<br/>Used only when the Event is NOT set as Private')
|
||||
);
|
||||
|
||||
// these are definition of possible types + their descriptions and maybe LATER other behaviors
|
||||
// these are definition of possible types + their descriptions and maybe later other behaviors
|
||||
// e.g. if the attribute should be correlated with others or not
|
||||
|
||||
public $type_definitions = array(
|
||||
|
@ -297,8 +297,8 @@ class Attribute extends AppModel {
|
|||
$filepath = APP."files/".$this->data['Attribute']['event_id']."/".$this->data['Attribute']['id'];
|
||||
$file = new File ($filepath);
|
||||
if($file->exists()) {
|
||||
if (!$file->delete()) {
|
||||
$this->Session->setFlash(__('Delete failed. Please report to administrator', true), 'default', array(), 'error'); // TODO change this message. Throw an internal error
|
||||
if (!$file->delete()) {
|
||||
throw new InternalErrorException('Delete of file attachment failed. Please report to administrator.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -517,7 +517,7 @@ class Attribute extends AppModel {
|
|||
// prepare the conditions
|
||||
$conditions = array(
|
||||
'Attribute.event_id !=' => $attribute['event_id'],
|
||||
// 'Attribute.type' => $attribute['type'], // LATER also filter on type
|
||||
// 'Attribute.type' => $attribute['type'], // do not filter on type
|
||||
);
|
||||
if (empty($attribute['value1'])) // prevent issues with empty fields
|
||||
return null;
|
||||
|
|
|
@ -17,7 +17,7 @@ class Server extends AppModel {
|
|||
* @var array
|
||||
*/
|
||||
public $validate = array(
|
||||
'url' => array( // TODO add extra validation to refuse multiple urls from the same org
|
||||
'url' => array( // TODO add extra validation to refuse multiple time the same url from the same org
|
||||
'url' => array(
|
||||
'rule' => array('url'),
|
||||
'message' => 'Please enter a valid base-url.',
|
||||
|
|
Loading…
Reference in New Issue