MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Attribute types validation is now a separate function that uses the 

Attribute->type_definitions variable
pull/61/head
Christophe Vandeplas 2012-05-31 17:12:26 +02:00
parent ba75b24bb4
commit 39fb9bca1d
7 changed files with 28 additions and 161 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Config/core.php
View File

@ -116,7 +116,7 @@
* Turn off all caching application-wide.
*
*/
Configure::write('Cache.disable', true);
Configure::write('Cache.disable', false);
/**
* Enable cache checking.

25
app/Controller/AttributesController.php
View File

@ -56,11 +56,11 @@ class AttributesController extends AppController {
$this->Attribute->recursive = 0;
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
$this->set('attributes', $this->paginate());
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
$this->set('type_definitions', $this->Attribute->type_definitions);
$this->set('category_definitions', $this->Attribute->category_definitions);
}
/**
@ -143,14 +143,14 @@ class AttributesController extends AppController {
}
// combobox for types
$types = $this->Attribute->validate['type']['rule'][1];
$types = array_keys($this->Attribute->type_definitions);
$types = $this->_arrayToValuesIndexArray($types);
$this->set('types',compact('types'));
// combobos for categories
$categories = $this->Attribute->validate['category']['rule'][1];
$categories = $this->_arrayToValuesIndexArray($categories);
$this->set('categories',compact('categories'));
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
$this->set('type_definitions', $this->Attribute->type_definitions);
$this->set('category_definitions', $this->Attribute->category_definitions);
@ -291,11 +291,11 @@ class AttributesController extends AppController {
$categories = $this->Attribute->validate['category']['rule'][1];
$categories = $this->_arrayToValuesIndexArray($categories);
$this->set('categories',compact('categories'));
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
$this->set('type_definitions', $this->Attribute->type_definitions);
$this->set('category_definitions', $this->Attribute->category_definitions);
}
/**
@ -344,7 +344,7 @@ class AttributesController extends AppController {
}
// combobox for types
$types = $this->Attribute->validate['type']['rule'][1];
$types = $types = array_keys($this->Attribute->type_definitions);
$types = $this->_arrayToValuesIndexArray($types);
$this->set('types',compact('types'));
// combobox for categories
@ -387,6 +387,11 @@ class AttributesController extends AppController {
public function search() {
$this->set('attr_descriptions', $this->Attribute->field_descriptions);
$this->set('type_definitions', $this->Attribute->type_definitions);
$this->set('category_definitions', $this->Attribute->category_definitions);
if ($this->request->is('post')) {
$keyword = $this->request->data['Attribute']['keyword'];
$type = $this->request->data['Attribute']['type'];
@ -417,7 +422,7 @@ class AttributesController extends AppController {
// adding filtering by category and type
// combobox for types
$types = array('ALL');
$types = array_merge($types, $this->Attribute->validate['type']['rule'][1]);
$types = array_merge($types, array_keys($this->Attribute->type_definitions));
$types = $this->_arrayToValuesIndexArray($types);
$this->set('types',compact('types'));
@ -426,11 +431,7 @@ class AttributesController extends AppController {
$categories = array_merge($categories, $this->Attribute->validate['category']['rule'][1]);
$categories = $this->_arrayToValuesIndexArray($categories);
$this->set('categories',compact('categories'));
$this->set('type_definitions', $this->Attribute->type_definitions);
$this->set('category_definitions', $this->Attribute->category_definitions);
}
}
}

5
app/Controller/EventsController.php
View File

@ -531,7 +531,8 @@ class EventsController extends AppController {
/**
*
* Sends out an email with the request to be contacted about a specific event.
* @todo move _sendContactEmail($id, $message) to a better place. (components?)
* @todo move _sendContactEmail($id, $message) to a better place. (components?)
* FIXME this _sendContactEmail() gives bugs when a user is deleted. Maybe we should send emails to everyone?
*
* @param unknown_type $id The id of the event for wich you want to contact the person.
* @param unknown_type $message The custom message that will be appended to the email.
@ -650,7 +651,7 @@ class EventsController extends AppController {
// generate the list of Attribute types
$this->loadModel('Attribute');
$this->set('sig_types', $this->Attribute->validate['type']['rule'][1]);
$this->set('sig_types', array_keys($this->Attribute->type_definitions));
}

114
app/Controller/ServersController.php
View File

@ -156,9 +156,6 @@ class ServersController extends AppController {
}
if ("full"==$full) {
// pull everything
//$this->_import($this->Server->data['Server']['url'], $this->Server->data['Server']['authkey']);
// get a list of the event_ids on the server
$event_ids = $this->Event->getEventIdsFromServer($this->Server->data);
@ -288,115 +285,4 @@ class ServersController extends AppController {
}
private function _import($url, $key, $eventid=null) {
$this->response->type('txt'); // set the content type
$this->header('Content-Disposition: inline; filename="import.txt"');
$this->layout = 'text/default';
if(null != $eventid) {
$xmlurl = $url."/events/xml/".$key."/".$eventid;
} else {
$xmlurl = $url."/events/xml/".$key;
}
print 'Importing data from '.$xmlurl."\n";
$this->loadModel('Event');
$this->loadModel('Attribute');
$xml = Xml::build($xmlurl);
foreach ($xml as $eventElement) {
$eventArray = Xml::toArray($eventElement);
// check if the event already exists :
// if it doesn't => create the event and all the signatures
$params = array(
'conditions' => array('Event.uuid' => $eventArray['Event']['uuid']),
'recursive' => 0,
'fields' => array('Event.id'),
);
$db_event = $this->Event->find('first', $params);
if ($db_event) {
print 'Event '. $eventArray['Event']['uuid'].' already exists.'."\n";
// FIXME if event it exists, iterate over the attributes and import the new ones
} else {
// create a new event
//print 'Event '. $eventArray['Event']['uuid'].' doesn\'t exist yet.'."\n";
$this->Event->create();
$this->Event->data['Event'] = $eventArray['Event'];
debug($this->Event->data['Event']);
// force check userid and orgname to be from yourself
$this->Event->data['Event']['user_id'] = 0;
$this->Event->data['Event']['org'] = 'imported';
$this->Event->data['Event']['private'] = true;
// check if the uuid already exists
$existingEventCount = $this->Event->find('count', array('conditions' => array('Event.uuid'=>$this->Event->data['Event']['uuid'])));
if ($existingEventCount > 0) {
throw new MethodNotAllowedException('Event already exists'); // LATER throw errors a clean way using XML
} // TODO update the event if there are changes
// Workaround for different structure in XML/array than what CakePHP expects
if (is_array($this->Event->data['Event']['Attribute'])) {
if (is_numeric(implode(array_keys($this->Event->data['Event']['Attribute']), ''))) {
// normal array of multiple Attributes
$this->Event->data['Attribute'] = $this->Event->data['Event']['Attribute'];
} else {
// single attribute
$this->Event->data['Attribute'][0] = $this->Event->data['Event']['Attribute'];
}
}
unset($this->Event->data['Event']['Attribute']);
unset($this->Event->data['Event']['id']);
// the event_id field is not set (normal) so make sure no validation errors are thrown
unset($this->Event->Attribute->validate['event_id']);
unset($this->Event->Attribute->validate['value']['unique']); // otherwise gives bugs because event_id is not set
if ($this->Event->save($this->Event->data)) {
print 'Event '.$eventArray['Event']['uuid'].' saved'."\n";
} else {
debug($eventArray['Event']);
debug($this->Event->validationErrors);
print 'ERROR Event NOT saved: '.$eventArray['Event']['uuid']."\n";
// ignore this event and continue to the next one
continue;
}
// when an event has only one attribute, the $eventArray['Event']['Attribute']
// is not an array containing the Attribute values, so we need a little workaround
if (isset($eventArray['Event']['Attribute']['id'])) {
$attribute = $eventArray['Event']['Attribute'];
unset($eventArray['Event']['Attribute']);
$eventArray['Event']['Attribute'] = array($attribute);
}
// iterate over the array containing attributes
// LATER change to saveMany()
foreach ($eventArray['Event']['Attribute'] as $id => $attribute) {
$this->Attribute->create();
$this->Attribute->data['Attribute'] = $attribute;
unset($this->Attribute->data['Attribute']['id']);
$this->Attribute->data['Attribute']['event_id'] = $this->Event->id;
if ($this->Attribute->save($this->Attribute->data)) {
print 'Event '.$eventArray['Event']['uuid'].' Attribute saved: '.$eventArray['Event']['Attribute'][$id]['uuid']."\n";
} else {
debug($attribute);
debug($this->Attribute->validationErrors);
print 'ERROR Event '.$eventArray['Event']['uuid'].' Attribute NOT saved: '.$eventArray['Event']['Attribute'][$id]['uuid']."\n";
}
}
}
// TODO check if we want to send out email to alert that there is a new event
// FIXME also import the file-attachments
}
}
}

2
app/Controller/UsersController.php
View File

@ -306,7 +306,7 @@ class UsersController extends AppController {
// Nice graphical histogram
$this->loadModel('Attribute');
$sig_types = $this->Attribute->validate['type']['rule'][1];
$sig_types = array_keys($this->Attribute->type_definitions);
$graph_fields = '';
foreach ($sig_types as $sig_type) {

39
app/Model/Attribute.php
View File

@ -145,34 +145,8 @@ class Attribute extends AppModel {
'type' => array(
// FIXME inList should be initialized from keys and mapping of $type_definitions but I don't know how to do it now
// currently when adding a new attribute type we need to change it in both places
'rule' => array('inList', array('md5','sha1',
'filename',
'filename|md5',
'filename|sha1',
'ip-src',
'ip-dst',
'domain',
'email-src',
'email-dst',
'email-subject',
'email-attachment',
'url',
'user-agent',
'regkey',
'regkey|value',
'AS',
'snort',
'pattern-in-file',
'pattern-in-traffic',
'pattern-in-memory',
'vulnerability',
'attachment',
'malware-sample',
'link',
'comment',
'text',
'other')),
'message' => 'Options : md5, sha1, filename, ip, domain, email, url, regkey, AS, other, ...',
'rule' => array('validateTypeValue'),
'message' => 'Options depend on the selected category.',
//'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
@ -380,6 +354,11 @@ class Attribute extends AppModel {
return true;
}
function validateTypeValue($fields) {
$category = $this->data['Attribute']['category'];
return in_array($fields['type'], $this->category_definitions[$category]['types']);
}
function validateAttributeValue ($fields) {
$value = $fields['value'];
@ -508,8 +487,8 @@ class Attribute extends AppModel {
// build the list of composite Attribute.type dynamically by checking if type contains a |
// default composite types
$composite_types = array('malware-sample');
// dynamically generated list
foreach ($this->validate['type']['rule'][1] as $type) {
// dynamically generated list
foreach (array_keys($this->type_definitions) as $type) {
$pieces = explode('|', $type);
if (2 == sizeof($pieces)) $composite_types[] = $type;
}

2
app/View/Users/memberslist.ctp
View File

@ -35,7 +35,7 @@
});
var panel1 = Ext.create('widget.panel', {
width: 800,
height: 500,
height: 800,
//title: 'Attributes by Organisation',
renderTo: 'graph',
layout: 'fit',