MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [internal] Using blocklist instead of blacklist

pull/6267/head
Golbark 2020-09-01 12:56:35 +02:00
parent 0d5d1d28d3
commit 3fb47d1cce
31 changed files with 233 additions and 228 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/Controller/AppController.php
View File

@ -966,9 +966,9 @@ class AppController extends Controller
));
$counter = 0;
// load this so we can remove the blacklist item that will be created, this is the one case when we do not want it.
if (Configure::read('MISP.enableEventBlacklisting') !== false) {
$this->EventBlacklist = ClassRegistry::init('EventBlacklist');
// load this so we can remove the blocklist item that will be created, this is the one case when we do not want it.
if (Configure::read('MISP.enableEventBlocklisting') !== false) {
$this->EventBlocklist = ClassRegistry::init('EventBlocklist');
}
foreach ($duplicates as $duplicate) {
@ -981,10 +981,10 @@ class AppController extends Controller
$uuid = $event['Event']['uuid'];
$this->Event->delete($event['Event']['id']);
$counter++;
// remove the blacklist entry that we just created with the event deletion, if the feature is enabled
// remove the blocklist entry that we just created with the event deletion, if the feature is enabled
// We do not want to block the UUID, since we just deleted a copy
if (Configure::read('MISP.enableEventBlacklisting') !== false) {
$this->EventBlacklist->deleteAll(array('EventBlacklist.event_uuid' => $uuid));
if (Configure::read('MISP.enableEventBlocklisting') !== false) {
$this->EventBlocklist->deleteAll(array('EventBlocklist.event_uuid' => $uuid));
}
}
}

4
app/Controller/Component/ACLComponent.php
View File

@ -111,7 +111,7 @@ class ACLComponent extends Component
'requestAccess' => array(),
'view' => array()
),
'eventBlacklists' => array(
'eventBlocklists' => array(
'add' => [
'AND' => [
'host_org_user',
@ -349,7 +349,7 @@ class ACLComponent extends Component
'objectTemplateElements' => array(
'viewElements' => array('*')
),
'orgBlacklists' => array(
'orgBlocklists' => array(
'add' => array(),
'delete' => array(),
'edit' => array(),

38
app/Controller/Component/BlackListComponent.php → app/Controller/Component/BlockListComponent.php
View File

@ -4,7 +4,7 @@
* create, read, update and delete (CRUD)
*/
class BlackListComponent extends Component
class BlocklistComponent extends Component
{
public $settings = array();
public $defaultModel = '';
@ -17,12 +17,12 @@ class BlackListComponent extends Component
$this->controller->paginate['conditions'] = $filters;
}
if ($rest) {
$blackList = $this->controller->paginate();
$blacklist= array();
foreach ($blackList as $item) {
$blacklist[] = $item[$this->controller->defaultModel];
$blocklist = $this->controller->paginate();
$blocklist= array();
foreach ($blocklist as $item) {
$blocklist[] = $item[$this->controller->defaultModel];
}
return $this->RestResponse->viewData($blacklist);
return $this->RestResponse->viewData($blocklist);
} else {
$this->controller->set('response', $this->controller->paginate());
}
@ -62,8 +62,8 @@ class BlackListComponent extends Component
if (strlen($uuid) == 36) {
$this->controller->{$this->controller->defaultModel}->create();
$object = array();
foreach ($this->controller->{$this->controller->defaultModel}->blacklistFields as $f) {
if ($f === $this->controller->{$this->controller->defaultModel}->blacklistTarget . '_uuid') {
foreach ($this->controller->{$this->controller->defaultModel}->blocklistFields as $f) {
if ($f === $this->controller->{$this->controller->defaultModel}->blocklistTarget . '_uuid') {
$object[$f] = $uuid;
} else {
$object[$f] = !empty($data[$this->controller->defaultModel][$f]) ? $data[$this->controller->defaultModel][$f] : '';
@ -78,7 +78,7 @@ class BlackListComponent extends Component
$fails[] = $uuid;
}
}
$message = sprintf(__('Done. Added %d new entries to the blacklist. %d entries could not be saved.'), count($successes), count($fails));
$message = sprintf(__('Done. Added %d new entries to the blocklist. %d entries could not be saved.'), count($successes), count($fails));
if ($rest) {
$result = [
'result' => [
@ -100,14 +100,14 @@ class BlackListComponent extends Component
if (Validation::uuid($id)) {
$blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', [
'conditions' => array(
$this->controller->{$this->controller->defaultModel}->blacklistTarget . '_uuid' => $id
$this->controller->{$this->controller->defaultModel}->blocklistTarget . '_uuid' => $id
)
]);
} else {
$blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', array('conditions' => array('id' => $id)));
}
if (empty($blockEntry)) {
throw new NotFoundException('Blacklist item not found.');
throw new NotFoundException('Blocklist item not found.');
}
$this->controller->set('blockEntry', $blockEntry);
if ($this->controller->request->is('post')) {
@ -127,7 +127,7 @@ class BlackListComponent extends Component
} else {
$data = $this->controller->request->data;
}
$fields = $this->controller->{$this->controller->defaultModel}->blacklistFields;
$fields = $this->controller->{$this->controller->defaultModel}->blocklistFields;
foreach ($fields as $f) {
if ($f == 'uuid') {
continue;
@ -147,14 +147,14 @@ class BlackListComponent extends Component
])
);
} else {
$this->controller->Session->setFlash(__('Blacklist item added.'));
$this->controller->Session->setFlash(__('Blocklist item added.'));
$this->controller->redirect(array('action' => 'index'));
}
} else {
if ($rest) {
throw new MethodNotAllowedException('Could not save the blacklist item.');
throw new MethodNotAllowedException('Could not save the blocklist item.');
} else {
$this->controller->Session->setFlash(__('Could not save the blacklist item'));
$this->controller->Session->setFlash(__('Could not save the blocklist item'));
$this->controller->redirect(array('action' => 'index'));
}
}
@ -166,24 +166,24 @@ class BlackListComponent extends Component
if (Validation::uuid($id)) {
$blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', [
'conditions' => array(
$this->controller->{$this->controller->defaultModel}->blacklistTarget . '_uuid' => $id
$this->controller->{$this->controller->defaultModel}->blocklistTarget . '_uuid' => $id
)
]);
} else {
$blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', array('conditions' => array('id' => $id)));
}
if (empty($blockEntry)) {
throw new NotFoundException(__('Invalid blacklist entry'));
throw new NotFoundException(__('Invalid blocklist entry'));
}
if ($this->controller->{$this->controller->defaultModel}->delete($blockEntry[$this->controller->defaultModel]['id'])) {
$message = __('Blacklist entry removed');
$message = __('Blocklist entry removed');
if ($rest) {
return $this->RestResponse->saveSuccessResponse($this->controller->defaultModel, 'delete', $id, false, $message);
}
$this->controller->Flash->success($message);
} else {
$message = __('Could not remove the blacklist entry');
$message = __('Could not remove the blocklist entry');
if ($rest) {
return $this->RestResponse->saveFailResponse($this->controller->defaultModel, 'delete', $id, $message);
}

2
app/Controller/Component/RestResponseComponent.php
View File

@ -1099,7 +1099,7 @@ class RestResponseComponent extends Component
'input' => 'select',
'type' => 'string',
'operators' => array('equal'),
'values' => array('Attribute', 'Event', 'EventBlacklist', 'EventTag', 'MispObject', 'Organisation', 'Post', 'Regexp', 'Role', 'Server', 'ShadowAttribute', 'SharingGroup', 'Tag', 'Task', 'Taxonomy', 'Template', 'Thread', 'User', 'Whitelist'),
'values' => array('Attribute', 'Event', 'EventBlocklist', 'EventTag', 'MispObject', 'Organisation', 'Post', 'Regexp', 'Role', 'Server', 'ShadowAttribute', 'SharingGroup', 'Tag', 'Task', 'Taxonomy', 'Template', 'Thread', 'User', 'Whitelist'),
),
'model_id' => array(
'input' => 'number',

38
app/Controller/EventBlacklistsController.php → app/Controller/EventBlocklistsController.php
View File

@ -1,15 +1,15 @@
<?php
App::uses('AppController', 'Controller');
class EventBlacklistsController extends AppController
class EventBlocklistsController extends AppController
{
public $components = array('Session', 'RequestHandler', 'BlackList');
public $components = array('Session', 'RequestHandler', 'BlockList');
public function beforeFilter()
{
parent::beforeFilter();
if (false === Configure::read('MISP.enableEventBlacklisting')) {
$this->Flash->info(__('Event Blacklisting is not currently enabled on this instance.'));
if (false === Configure::read('MISP.enableEventBlocklisting')) {
$this->Flash->info(__('Event Blocklisting is not currently enabled on this instance.'));
$this->redirect('/');
}
}
@ -18,7 +18,7 @@ class EventBlacklistsController extends AppController
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
'order' => array(
'EventBlacklist.created' => 'DESC'
'EventBlocklist.created' => 'DESC'
),
);
@ -43,50 +43,50 @@ class EventBlacklistsController extends AppController
}
$this->set('passedArgs', json_encode($passedArgs));
$this->set('passedArgsArray', $passedArgsArray);
return $this->BlackList->index($this->_isRest(), $params);
return $this->BlockList->index($this->_isRest(), $params);
}
public function add()
{
return $this->BlackList->add($this->_isRest());
return $this->BlockList->add($this->_isRest());
}
public function edit($id)
{
return $this->BlackList->edit($this->_isRest(), $id);
return $this->BlockList->edit($this->_isRest(), $id);
}
public function delete($id)
{
return $this->BlackList->delete($this->_isRest(), $id);
return $this->BlockList->delete($this->_isRest(), $id);
}
public function massDelete()
{
if ($this->request->is('post') || $this->request->is('put')) {
if (!isset($this->request->data['EventBlacklist'])) {
$this->request->data = array('EventBlacklist' => $this->request->data);
if (!isset($this->request->data['EventBlocklist'])) {
$this->request->data = array('EventBlocklist' => $this->request->data);
}
$ids = $this->request->data['EventBlacklist']['ids'];
$ids = $this->request->data['EventBlocklist']['ids'];
$event_ids = json_decode($ids, true);
if (empty($event_ids)) {
throw new NotFoundException(__('Invalid event IDs.'));
}
$result = $this->EventBlacklist->deleteAll(array('EventBlacklist.id' => $event_ids));
$result = $this->EventBlocklist->deleteAll(array('EventBlocklist.id' => $event_ids));
if ($result) {
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('EventBlacklist', 'Deleted', $ids, $this->response->type());
return $this->RestResponse->saveSuccessResponse('EventBlocklist', 'Deleted', $ids, $this->response->type());
} else {
$this->Flash->success('Blacklist entry removed');
$this->redirect(array('controller' => 'eventBlacklists', 'action' => 'index'));
$this->Flash->success('Blocklist entry removed');
$this->redirect(array('controller' => 'eventBlocklists', 'action' => 'index'));
}
} else {
$error = __('Failed to delete Event from EventBlacklist. Error: ') . PHP_EOL . h($result);
$error = __('Failed to delete Event from EventBlocklist. Error: ') . PHP_EOL . h($result);
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('EventBlacklist', 'Deleted', false, $error, $this->response->type());
return $this->RestResponse->saveFailResponse('EventBlocklist', 'Deleted', false, $error, $this->response->type());
} else {
$this->Flash->error($error);
$this->redirect(array('controller' => 'eventBlacklists', 'action' => 'index'));
$this->redirect(array('controller' => 'eventBlocklists', 'action' => 'index'));
}
}
} else {

8
app/Controller/EventsController.php
View File

@ -1963,7 +1963,7 @@ class EventsController extends AppController
if ($add === true && !is_numeric($add)) {
if ($this->_isRest()) {
if ($add === 'blocked') {
throw new ForbiddenException(__('Event blocked by local blacklist.'));
throw new ForbiddenException(__('Event blocked by local blocklist.'));
}
// REST users want to see the newly created event
$results = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $created_id));
@ -1990,7 +1990,7 @@ class EventsController extends AppController
return $this->RestResponse->saveFailResponse('Events', 'add', false, $validationErrors, $this->response->type());
} else {
if ($add === 'blocked') {
$this->Flash->error(__('A blacklist entry is blocking you from creating any events. Please contact the administration team of this instance') . (Configure::read('MISP.contact') ? ' at ' . Configure::read('MISP.contact') : '') . '.');
$this->Flash->error(__('A blocklist entry is blocking you from creating any events. Please contact the administration team of this instance') . (Configure::read('MISP.contact') ? ' at ' . Configure::read('MISP.contact') : '') . '.');
} else {
$this->Flash->error(__('The event could not be saved. Please, try again.'), 'default', array(), 'error');
}
@ -5626,7 +5626,7 @@ class EventsController extends AppController
'recursive' => -1
));
$count = 0;
$this->Event->skipBlacklist = true;
$this->Event->skipBlocklist = true;
foreach ($eventIds as $eventId => $eventUuid) {
$result = $this->Event->Attribute->find('first', array(
'conditions' => array('Attribute.event_id' => $eventId),
@ -5638,7 +5638,7 @@ class EventsController extends AppController
$count++;
}
}
$this->Event->skipBlacklist = null;
$this->Event->skipBlocklist = null;
$message = __('%s event(s) deleted.', $count);
if ($this->_isRest()) {
return $this->RestResponse->viewData($message, $this->response->type());

2
app/Controller/LogsController.php
View File

@ -404,7 +404,7 @@ class LogsController extends AppController
$this->set('actions', $actions);
// combobox for models
$models = array('Attribute', 'Event', 'EventBlacklist', 'EventTag', 'Feed', 'DecayingModel', 'MispObject', 'Organisation', 'Post', 'Regexp', 'Role', 'Server', 'ShadowAttribute', 'SharingGroup', 'Tag', 'Task', 'Taxonomy', 'Template', 'Thread', 'User', 'Whitelist');
$models = array('Attribute', 'Event', 'EventBlocklist', 'EventTag', 'Feed', 'DecayingModel', 'MispObject', 'Organisation', 'Post', 'Regexp', 'Role', 'Server', 'ShadowAttribute', 'SharingGroup', 'Tag', 'Task', 'Taxonomy', 'Template', 'Thread', 'User', 'Whitelist');
$models = array('' => 'ALL') + $this->_arrayToValuesIndexArray($models);
$this->set('models', $models);
$this->set('actionDefinitions', $this->{$this->defaultModel}->actionDefinitions);

18
app/Controller/OrgBlacklistsController.php → app/Controller/OrgBlocklistsController.php
View File

@ -1,9 +1,9 @@
<?php
App::uses('AppController', 'Controller');
class OrgBlacklistsController extends AppController
class OrgBlocklistsController extends AppController
{
public $components = array('Session', 'RequestHandler', 'BlackList');
public $components = array('Session', 'RequestHandler', 'BlockList');
public function beforeFilter()
{
@ -11,8 +11,8 @@ class OrgBlacklistsController extends AppController
if (!$this->_isSiteAdmin()) {
$this->redirect('/');
}
if (Configure::check('MISP.enableOrgBlacklisting') && !Configure::read('MISP.enableOrgBlacklisting') !== false) {
$this->Flash->info(__('Organisation Blacklisting is not currently enabled on this instance.'));
if (Configure::check('MISP.enableOrgBlocklisting') && !Configure::read('MISP.enableOrgBlocklisting') !== false) {
$this->Flash->info(__('Organisation BlockListing is not currently enabled on this instance.'));
$this->redirect('/');
}
}
@ -21,27 +21,27 @@ class OrgBlacklistsController extends AppController
'limit' => 60,
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
'order' => array(
'OrgBlacklist.created' => 'DESC'
'OrgBlocklist.created' => 'DESC'
),
);
public function index()
{
return $this->BlackList->index($this->_isRest());
return $this->BlockList->index($this->_isRest());
}
public function add()
{
return $this->BlackList->add($this->_isRest());
return $this->BlockList->add($this->_isRest());
}
public function edit($id)
{
return $this->BlackList->edit($this->_isRest(), $id);
return $this->BlockList->edit($this->_isRest(), $id);
}
public function delete($id)
{
return $this->BlackList->delete($this->_isRest(), $id);
return $this->BlockList->delete($this->_isRest(), $id);
}
}

2
app/Controller/UsersController.php
View File

@ -1104,7 +1104,7 @@ class UsersController extends AppController
if ($this->request->is('post') || $this->request->is('put')) {
$this->Bruteforce = ClassRegistry::init('Bruteforce');
if (!empty($this->request->data['User']['email'])) {
if ($this->Bruteforce->isBlacklisted($_SERVER['REMOTE_ADDR'], $this->request->data['User']['email'])) {
if ($this->Bruteforce->isBlocklisted($_SERVER['REMOTE_ADDR'], $this->request->data['User']['email'])) {
$expire = Configure::check('SecureAuth.expire') ? Configure::read('SecureAuth.expire') : 300;
throw new ForbiddenException('You have reached the maximum number of login attempts. Please wait ' . Configure::read('SecureAuth.expire') . ' seconds and try again.');
}

6
app/Lib/Dashboard/OrgsContributorsGeneric.php
View File

@ -7,12 +7,12 @@ class OrgsContributorsGeneric
public $cacheLifetime = 3600;
public $autoRefreshDelay = false;
public $params = array (
'blacklist_orgs' => 'A list of organisation names to filter out',
'blocklist_orgs' => 'A list of organisation names to filter out',
'timeframe' => 'Number of days considered for the query (30 by default)'
);
public $placeholder =
'{
"blacklist_orgs": ["Orgs to filter"],
"blocklist_orgs": ["Orgs to filter"],
"timeframe": "30"
}';
@ -35,7 +35,7 @@ class OrgsContributorsGeneric
$orgs = $this->Org->find('all', array( 'conditions' => array('Organisation.local' => 1)));
$result = array();
foreach($orgs as $org) {
if(!empty($options['blacklist_orgs']) && in_array($org['Organisation']['name'], $options['blacklist_orgs'])) {
if(!empty($options['blocklist_orgs']) && in_array($org['Organisation']['name'], $options['blocklist_orgs'])) {
continue;
}
if ($this->filter($user, $org, $start_timestamp)) {

8
app/Lib/Dashboard/SharingGraphWidget.php
View File

@ -15,13 +15,13 @@ class SharingGraphWidget
public $cacheLifetime = 10;
public $autoRefreshDelay = false;
public $params = array (
'blacklist_orgs' => 'A list of organisation names to filter out',
'blocklist_orgs' => 'A list of organisation names to filter out',
'months' => 'Number of past months to consider for the graph'
);
public $placeholder =
'{
"blacklist_orgs": ["Orgs to filter"],
"blocklist_orgs": ["Orgs to filter"],
"months": "6"
}';
@ -117,8 +117,8 @@ class SharingGraphWidget
$ghost_orgs = array(); // track orgs without any contribution
// We start by putting all orgs_id in there:
foreach($orgs as $org) {
// We check for blacklisted orgs
if(!empty($options['blacklist_orgs']) && in_array($org['Organisation']['name'], $options['blacklist_orgs'])) {
// We check for blocklisted orgs
if(!empty($options['blocklist_orgs']) && in_array($org['Organisation']['name'], $options['blocklist_orgs'])) {
unset($orgs[$offset]);
} else {
$ghost_orgs[$org['Organisation']['name']] = true;

15
app/Model/AppModel.php
View File

@ -85,7 +85,7 @@ class AppModel extends Model
33 => false, 34 => false, 35 => false, 36 => false, 37 => false, 38 => false,
39 => false, 40 => false, 41 => false, 42 => false, 43 => false, 44 => false,
45 => false, 46 => false, 47 => false, 48 => false, 49 => false, 50 => false,
51 => false, 52 => false, 53 => false, 54 => false, 55 => false,
51 => false, 52 => false, 53 => false, 54 => false, 55 => false, 56 => false,
);
public $advanced_updates_description = array(
@ -196,16 +196,16 @@ class AppModel extends Model
$this->Sighting->deleteAll(array('NOT' => array('Sighting.type' => array(0, 1, 2))));
break;
case '2.4.71':
$this->OrgBlacklist = Classregistry::init('OrgBlacklist');
$this->OrgBlocklist = Classregistry::init('OrgBlocklist');
$values = array(
array('org_uuid' => '58d38339-7b24-4386-b4b4-4c0f950d210f', 'org_name' => 'Setec Astrononomy', 'comment' => 'default example'),
array('org_uuid' => '58d38326-eda8-443a-9fa8-4e12950d210f', 'org_name' => 'Acme Finance', 'comment' => 'default example')
);
foreach ($values as $value) {
$found = $this->OrgBlacklist->find('first', array('conditions' => array('org_uuid' => $value['org_uuid']), 'recursive' => -1));
$found = $this->OrgBlocklist->find('first', array('conditions' => array('org_uuid' => $value['org_uuid']), 'recursive' => -1));
if (empty($found)) {
$this->OrgBlacklist->create();
$this->OrgBlacklist->save($value);
$this->OrgBlocklist->create();
$this->OrgBlocklist->save($value);
}
}
$dbUpdateSuccess = $this->updateDatabase($command);
@ -1407,6 +1407,11 @@ class AppModel extends Model
$this->__dropIndex('correlations', 'sharing_group_id');
$this->__dropIndex('correlations', 'a_sharing_group_id');
break;
case 56:
//rename tables
$sqlArray[] = "RENAME TABLE `org_blacklists` TO `org_blocklists`;";
$sqlArray[] = "RENAME TABLE `event_blacklists` TO `event_blocklists`;";
break;
case 'fixNonEmptySharingGroupID':
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';

2
app/Model/Behavior/RegexpBehavior.php
View File

@ -12,7 +12,7 @@ class RegexpBehavior extends ModelBehavior
public $excluded_types = array('sigma', 'float');
/**
* replace the current value according to the regexp rules, or block blacklisted regular expressions
* replace the current value according to the regexp rules, or block blocklisted regular expressions
*
* @param Model $Model
* @param string $type

6
app/Model/Bruteforce.php
View File

@ -20,8 +20,8 @@ class Bruteforce extends AppModel
);
$this->save($bruteforceEntry);
$title = 'Failed login attempt using username ' . $username . ' from IP: ' . $_SERVER['REMOTE_ADDR'] . '.';
if ($this->isBlacklisted($ip, $username)) {
$title .= 'This has tripped the bruteforce protection after ' . $amount . ' failed attempts. The user is now blacklisted for ' . $expire . ' seconds.';
if ($this->isBlocklisted($ip, $username)) {
$title .= 'This has tripped the bruteforce protection after ' . $amount . ' failed attempts. The user is now blocklisted for ' . $expire . ' seconds.';
}
$log = array(
'org' => 'SYSTEM',
@ -47,7 +47,7 @@ class Bruteforce extends AppModel
$this->query($sql);
}
public function isBlacklisted($ip, $username)
public function isBlocklisted($ip, $username)
{
// first remove old expired rows
$this->clean();

24
app/Model/Event.php
View File

@ -492,12 +492,12 @@ class Event extends AppModel
public function beforeDelete($cascade = true)
{
// blacklist the event UUID if the feature is enabled
if (Configure::read('MISP.enableEventBlacklisting') !== false && empty($this->skipBlacklist)) {
$this->EventBlacklist = ClassRegistry::init('EventBlacklist');
$this->EventBlacklist->create();
// blocklist the event UUID if the feature is enabled
if (Configure::read('MISP.enableEventBlocklisting') !== false && empty($this->skipBlocklist)) {
$this->EventBlocklist = ClassRegistry::init('EventBlocklist');
$this->EventBlocklist->create();
$orgc = $this->Orgc->find('first', array('conditions' => array('Orgc.id' => $this->data['Event']['orgc_id']), 'recursive' => -1, 'fields' => array('Orgc.name')));
$this->EventBlacklist->save(array('event_uuid' => $this->data['Event']['uuid'], 'event_info' => $this->data['Event']['info'], 'event_orgc' => $orgc['Orgc']['name']));
$this->EventBlocklist->save(array('event_uuid' => $this->data['Event']['uuid'], 'event_info' => $this->data['Event']['info'], 'event_orgc' => $orgc['Orgc']['name']));
if (!empty($this->data['Event']['id'])) {
if (Configure::read('Plugin.ZeroMQ_enable') && Configure::read('Plugin.ZeroMQ_event_notifications_enable')) {
$pubSubTool = $this->getPubSubTool();
@ -3449,11 +3449,11 @@ class Event extends AppModel
if ($jobId) {
App::uses('AuthComponent', 'Controller/Component');
}
if (Configure::read('MISP.enableEventBlacklisting') !== false && isset($data['Event']['uuid'])) {
$this->EventBlacklist = ClassRegistry::init('EventBlacklist');
$r = $this->EventBlacklist->find('first', array('conditions' => array('event_uuid' => $data['Event']['uuid'])));
if (Configure::read('MISP.enableEventBlocklisting') !== false && isset($data['Event']['uuid'])) {
$this->EventBlocklist = ClassRegistry::init('EventBlocklist');
$r = $this->EventBlocklist->find('first', array('conditions' => array('event_uuid' => $data['Event']['uuid'])));
if (!empty($r)) {
return 'Blocked by blacklist';
return 'Blocked by blocklist';
}
}
if (!$this->checkEventBlockRules($data)) {
@ -3505,14 +3505,14 @@ class Event extends AppModel
throw new MethodNotAllowedException('Event cannot be created as you are not a member of the creator organisation.');
}
}
if (!Configure::check('MISP.enableOrgBlacklisting') || Configure::read('MISP.enableOrgBlacklisting') !== false) {
$this->OrgBlacklist = ClassRegistry::init('OrgBlacklist');
if (!Configure::check('MISP.enableOrgBlocklisting') || Configure::read('MISP.enableOrgBlocklisting') !== false) {
$this->OrgBlocklist = ClassRegistry::init('OrgBlocklist');
if (!isset($data['Event']['Orgc']['uuid'])) {
$orgc = $this->Orgc->find('first', array('conditions' => array('Orgc.id' => $data['Event']['orgc_id']), 'fields' => array('Orgc.uuid'), 'recursive' => -1));
} else {
$orgc = array('Orgc' => array('uuid' => $data['Event']['Orgc']['uuid']));
}
if ($this->OrgBlacklist->hasAny(array('OrgBlacklist.org_uuid' => $orgc['Orgc']['uuid']))) {
if ($this->OrgBlocklist->hasAny(array('OrgBlocklist.org_uuid' => $orgc['Orgc']['uuid']))) {
return 'blocked';
}
}

20
app/Model/EventBlacklist.php → app/Model/EventBlocklist.php
View File

@ -1,8 +1,8 @@
<?php
App::uses('AppModel', 'Model');
class EventBlacklist extends AppModel
class EventBlocklist extends AppModel
{
public $useTable = 'event_blacklists';
public $useTable = 'event_blocklists';
public $recursive = -1;
@ -14,15 +14,15 @@ class EventBlacklist extends AppModel
'Containable',
);
public $blacklistFields = array('event_uuid', 'comment', 'event_info', 'event_orgc');
public $blocklistFields = array('event_uuid', 'comment', 'event_info', 'event_orgc');
public $blacklistTarget = 'event';
public $blocklistTarget = 'event';
public $validate = array(
'event_uuid' => array(
'unique' => array(
'rule' => 'isUnique',
'message' => 'Event already blacklisted.'
'message' => 'Event already blocklisted.'
),
'uuid' => array(
'rule' => array('uuid'),
@ -36,14 +36,14 @@ class EventBlacklist extends AppModel
parent::beforeValidate();
$schema = $this->schema();
if (!isset($schema['event_info'])) {
$this->updateDatabase('addEventBlacklistsContext');
$this->updateDatabase('addEventBlocklistsContext');
}
$date = date('Y-m-d H:i:s');
if (empty($this->data['EventBlacklist']['id'])) {
$this->data['EventBlacklist']['date_created'] = $date;
if (empty($this->data['EventBlocklist']['id'])) {
$this->data['EventBlocklist']['date_created'] = $date;
}
if (empty($this->data['EventBlacklist']['comment'])) {
$this->data['EventBlacklist']['comment'] = '';
if (empty($this->data['EventBlocklist']['comment'])) {
$this->data['EventBlocklist']['comment'] = '';
}
return true;
}

2
app/Model/Log.php
View File

@ -26,7 +26,7 @@ class Log extends AppModel
'admin_email',
'auth',
'auth_fail',
'blacklisted',
'blocklisted',
'change_pw',
'delete',
'disable',

14
app/Model/OrgBlacklist.php → app/Model/OrgBlocklist.php
View File

@ -1,8 +1,8 @@
<?php
App::uses('AppModel', 'Model');
class OrgBlacklist extends AppModel
class OrgBlocklist extends AppModel
{
public $useTable = 'org_blacklists';
public $useTable = 'org_blocklists';
public $recursive = -1;
@ -13,15 +13,15 @@ class OrgBlacklist extends AppModel
'change' => 'full'),
'Containable',
);
public $blacklistFields = array('org_uuid', 'comment', 'org_name');
public $blocklistFields = array('org_uuid', 'comment', 'org_name');
public $blacklistTarget = 'org';
public $blocklistTarget = 'org';
public $validate = array(
'org_uuid' => array(
'unique' => array(
'rule' => 'isUnique',
'message' => 'Organisation already blacklisted.'
'message' => 'Organisation already blocklisted.'
),
'uuid' => array(
'rule' => array('custom', '/^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$/'),
@ -33,8 +33,8 @@ class OrgBlacklist extends AppModel
public function beforeValidate($options = array())
{
parent::beforeValidate();
if (empty($this->data['OrgBlacklist']['id'])) {
$this->data['OrgBlacklist']['date_created'] = date('Y-m-d H:i:s');
if (empty($this->data['OrgBlocklist']['id'])) {
$this->data['OrgBlocklist']['date_created'] = date('Y-m-d H:i:s');
}
return true;
}

2
app/Model/Regexp.php
View File

@ -63,7 +63,7 @@ class Regexp extends AppModel
}
// if we found the original, let's try to find all of the regexp values that match the original in the regexp and replacement fields.
// We should get a list of all the IDs (and their respective types) of regular expression entries that are duplicates created for various types.
// ip-src /127.0.0.1/ -> '' and ip-dst /127.0.0.1/ -> '' (entries that blacklists the ip-source and ip-destination addresses 127.0.0.1) will be returned when editing
// ip-src /127.0.0.1/ -> '' and ip-dst /127.0.0.1/ -> '' (entries that blocklists the ip-source and ip-destination addresses 127.0.0.1) will be returned when editing
// ip-src /127.0.0.1/ -> '', but other /127.0.0.1/ -> 'localhost' will not
if ($original != null) {
foreach ($allRegexp as $k => $v) {

38
app/Model/Server.php
View File

@ -767,16 +767,16 @@ class Server extends AppModel
'test' => 'testPasswordResetText',
'type' => 'string'
),
'enableEventBlacklisting' => array(
'enableEventBlocklisting' => array(
'level' => 1,
'description' => __('Since version 2.3.107 you can start blacklisting event UUIDs to prevent them from being pushed to your instance. This functionality will also happen silently whenever an event is deleted, preventing a deleted event from being pushed back from another instance.'),
'description' => __('Since version 2.3.107 you can start blocklisting event UUIDs to prevent them from being pushed to your instance. This functionality will also happen silently whenever an event is deleted, preventing a deleted event from being pushed back from another instance.'),
'value' => true,
'type' => 'boolean',
'test' => 'testBool'
),
'enableOrgBlacklisting' => array(
'enableOrgBlocklisting' => array(
'level' => 1,
'description' => __('Blacklisting organisation UUIDs to prevent the creation of any event created by the blacklisted organisation.'),
'description' => __('Blocklisting organisation UUIDs to prevent the creation of any event created by the blocklisted organisation.'),
'value' => true,
'type' => 'boolean',
'test' => 'testBool'
@ -2453,9 +2453,9 @@ class Server extends AppModel
private function __checkIfEventIsBlockedBeforePull($event)
{
if (Configure::read('MISP.enableEventBlacklisting') !== false) {
$this->EventBlacklist = ClassRegistry::init('EventBlacklist');
$r = $this->EventBlacklist->find('first', array('conditions' => array('event_uuid' => $event['Event']['uuid'])));
if (Configure::read('MISP.enableEventBlocklisting') !== false) {
$this->EventBlocklist = ClassRegistry::init('EventBlocklist');
$r = $this->EventBlocklist->find('first', array('conditions' => array('event_uuid' => $event['Event']['uuid'])));
if (!empty($r)) {
return true;
}
@ -2847,29 +2847,29 @@ class Server extends AppModel
$eventUuids = array_column($eventArray, 'uuid');
}
} else {
if (Configure::read('MISP.enableEventBlacklisting') !== false) {
$this->EventBlacklist = ClassRegistry::init('EventBlacklist');
$blacklistHits = $this->EventBlacklist->find('list', array(
if (Configure::read('MISP.enableEventBlocklisting') !== false) {
$this->EventBlocklist = ClassRegistry::init('EventBlocklist');
$blocklistHits = $this->EventBlocklist->find('list', array(
'recursive' => -1,
'conditions' => array('EventBlacklist.event_uuid' => array_column($eventArray, 'uuid')),
'fields' => array('EventBlacklist.event_uuid', 'EventBlacklist.event_uuid'),
'conditions' => array('EventBlocklist.event_uuid' => array_column($eventArray, 'uuid')),
'fields' => array('EventBlocklist.event_uuid', 'EventBlocklist.event_uuid'),
));
foreach ($eventArray as $k => $event) {
if (isset($blacklistHits[$event['uuid']])) {
if (isset($blocklistHits[$event['uuid']])) {
unset($eventArray[$k]);
}
}
}
if (Configure::read('MISP.enableOrgBlacklisting') !== false) {
$this->OrgBlacklist = ClassRegistry::init('OrgBlacklist');
$blacklistHits = $this->OrgBlacklist->find('list', array(
if (Configure::read('MISP.enableOrgBlocklisting') !== false) {
$this->OrgBlocklist = ClassRegistry::init('OrgBlocklist');
$blocklistHits = $this->OrgBlocklist->find('list', array(
'recursive' => -1,
'conditions' => array('OrgBlacklist.org_uuid' => array_unique(array_column($eventArray, 'orgc_uuid'))),
'fields' => array('OrgBlacklist.org_uuid', 'OrgBlacklist.org_uuid'),
'conditions' => array('OrgBlocklist.org_uuid' => array_unique(array_column($eventArray, 'orgc_uuid'))),
'fields' => array('OrgBlocklist.org_uuid', 'OrgBlocklist.org_uuid'),
));
foreach ($eventArray as $k => $event) {
if (isset($blacklistHits[$event['orgc_uuid']])) {
if (isset($blocklistHits[$event['orgc_uuid']])) {
unset($eventArray[$k]);
}
}

42
app/View/Elements/genericElements/SideMenu/side_menu.ctp
View File

@ -380,16 +380,16 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
}
if (!$isSiteAdmin && (int)$me['org_id'] === Configure::read('MISP.host_org_id')) {
echo $divider;
if (Configure::read('MISP.enableEventBlacklisting') !== false) {
if (Configure::read('MISP.enableEventBlocklisting') !== false) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'eventBlacklistsAdd',
'url' => $baseurl . '/eventBlacklists/add',
'text' => __('Blacklists Event')
'element_id' => 'eventBlocklistsAdd',
'url' => $baseurl . '/eventBlocklists/add',
'text' => __('Blocklists Event')
));
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'eventBlacklists',
'url' => $baseurl . '/eventBlacklists',
'text' => __('Manage Event Blacklists')
'element_id' => 'eventBlocklists',
'url' => $baseurl . '/eventBlocklists',
'text' => __('Manage Event Blocklists')
));
}
}
@ -867,28 +867,28 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
'url' => $baseurl . '/servers/eventBlockRule',
'text' => __('Event Block Rules')
));
if (Configure::read('MISP.enableEventBlacklisting') !== false) {
if (Configure::read('MISP.enableEventBlocklisting') !== false) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'eventBlacklistsAdd',
'url' => $baseurl . '/eventBlacklists/add',
'text' => __('Blacklists Event')
'element_id' => 'eventBlocklistsAdd',
'url' => $baseurl . '/eventBlocklists/add',
'text' => __('Blocklists Event')
));
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'eventBlacklists',
'url' => $baseurl . '/eventBlacklists',
'text' => __('Manage Event Blacklists')
'element_id' => 'eventBlocklists',
'url' => $baseurl . '/eventBlocklists',
'text' => __('Manage Event Blocklists')
));
}
if (!Configure::check('MISP.enableOrgBlacklisting') || Configure::read('MISP.enableOrgBlacklisting') !== false) {
if (!Configure::check('MISP.enableOrgBlocklisting') || Configure::read('MISP.enableOrgBlocklisting') !== false) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'orgBlacklistsAdd',
'url' => $baseurl . '/orgBlacklists/add',
'text' => __('Blacklists Organisation')
'element_id' => 'orgBlocklistsAdd',
'url' => $baseurl . '/orgBlocklists/add',
'text' => __('Blocklists Organisation')
));
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'orgBlacklists',
'url' => $baseurl . '/orgBlacklists',
'text' => __('Manage Org Blacklists')
'element_id' => 'orgBlocklists',
'url' => $baseurl . '/orgBlocklists',
'text' => __('Manage Org Blocklists')
));
}
}

42
app/View/Elements/global_menu.ctp
View File

@ -90,23 +90,23 @@
array(
'type' => 'separator',
'requirement' =>
Configure::read('MISP.enableEventBlacklisting') !== false &&
Configure::read('MISP.enableEventBlocklisting') !== false &&
!$isSiteAdmin &&
(int)$me['org_id'] === (int)Configure::read('MISP.host_org_id')
),
array(
'text' => __('Blacklist Event'),
'url' => $baseurl . '/eventBlacklists/add',
'text' => __('Blocklist Event'),
'url' => $baseurl . '/eventBlocklists/add',
'requirement' =>
Configure::read('MISP.enableEventBlacklisting') !== false &&
Configure::read('MISP.enableEventBlocklisting') !== false &&
!$isSiteAdmin &&
(int)$me['org_id'] === (int)Configure::read('MISP.host_org_id')
),
array(
'text' => __('Manage Event Blacklists'),
'url' => $baseurl . '/eventBlacklists',
'text' => __('Manage Event Blocklists'),
'url' => $baseurl . '/eventBlocklists',
'requirement' =>
Configure::read('MISP.enableEventBlacklisting') !== false &&
Configure::read('MISP.enableEventBlocklisting') !== false &&
!$isSiteAdmin &&
(int)$me['org_id'] === (int)Configure::read('MISP.host_org_id')
),
@ -392,31 +392,31 @@
),
array(
'type' => 'separator',
'requirement' => Configure::read('MISP.enableEventBlacklisting') !== false && $isSiteAdmin
'requirement' => Configure::read('MISP.enableEventBlocklisting') !== false && $isSiteAdmin
),
array(
'text' => __('Blacklist Event'),
'url' => $baseurl . '/eventBlacklists/add',
'requirement' => Configure::read('MISP.enableEventBlacklisting') !== false && $isSiteAdmin
'text' => __('Blocklist Event'),
'url' => $baseurl . '/eventBlocklists/add',
'requirement' => Configure::read('MISP.enableEventBlocklisting') !== false && $isSiteAdmin
),
array(
'text' => __('Manage Event Blacklists'),
'url' => $baseurl . '/eventBlacklists',
'requirement' => Configure::read('MISP.enableEventBlacklisting') !== false && $isSiteAdmin
'text' => __('Manage Event Blocklists'),
'url' => $baseurl . '/eventBlocklists',
'requirement' => Configure::read('MISP.enableEventBlocklisting') !== false && $isSiteAdmin
),
array(
'type' => 'separator',
'requirement' => Configure::read('MISP.enableEventBlacklisting') !== false && $isSiteAdmin
'requirement' => Configure::read('MISP.enableEventBlocklisting') !== false && $isSiteAdmin
),
array(
'text' => __('Blacklist Organisation'),
'url' => $baseurl . '/orgBlacklists/add',
'requirement' => Configure::read('MISP.enableOrgBlacklisting') !== false && $isSiteAdmin
'text' => __('Blocklist Organisation'),
'url' => $baseurl . '/orgBlocklists/add',
'requirement' => Configure::read('MISP.enableOrgBlocklisting') !== false && $isSiteAdmin
),
array(
'text' => __('Manage Org Blacklists'),
'url' => $baseurl . '/orgBlacklists',
'requirement' => Configure::read('MISP.enableOrgBlacklisting') !== false && $isSiteAdmin
'text' => __('Manage Org Blocklists'),
'url' => $baseurl . '/orgBlocklists',
'requirement' => Configure::read('MISP.enableOrgBlocklisting') !== false && $isSiteAdmin
),
)
),

10
app/View/EventBlacklists/add.ctp → app/View/EventBlocklists/add.ctp
View File

@ -1,7 +1,7 @@
<div class="eventBlacklist form">
<?php echo $this->Form->create('EventBlacklist');?>
<div class="eventBlocklist form">
<?php echo $this->Form->create('EventBlocklist');?>
<fieldset>
<legend><?php echo __('Add Event Blacklist Entries');?></legend>
<legend><?php echo __('Add Event Blocklist Entries');?></legend>
<p><?php echo __('Simply paste a list of all the event UUIDs that you wish to block from being entered.');?></p>
<?php
echo $this->Form->input('uuids', array(
@ -39,8 +39,8 @@ echo $this->Form->end();
</div>
<?php
if ($isSiteAdmin) {
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlacklistsAdd'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlocklistsAdd'));
} else {
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlacklistsAdd'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlocklistsAdd'));
}
?>

18
app/View/EventBlacklists/edit.ctp → app/View/EventBlocklists/edit.ctp
View File

@ -1,7 +1,7 @@
<div class="eventBlacklist form">
<?php echo $this->Form->create('EventBlacklist');?>
<div class="eventBlocklist form">
<?php echo $this->Form->create('EventBlocklist');?>
<fieldset>
<legend><?php echo __('Edit Event Blacklist Entries');?></legend>
<legend><?php echo __('Edit Event Blocklist Entries');?></legend>
<p><?php echo __('List of all the event UUIDs that you wish to block from being entered.');?></p>
<?php
echo $this->Form->input('uuids', array(
@ -10,26 +10,26 @@
'div' => 'input clear',
'class' => 'input-xxlarge',
'disabled' => 'disabled',
'default' => $blockEntry['EventBlacklist']['event_uuid']
'default' => $blockEntry['EventBlocklist']['event_uuid']
));
echo $this->Form->input('event_orgc', array(
'div' => 'input clear',
'class' => 'input-xxlarge',
'label' => __('Creating organisation'),
'default' => $blockEntry['EventBlacklist']['event_orgc'],
'default' => $blockEntry['EventBlocklist']['event_orgc'],
));
echo $this->Form->input('event_info', array(
'type' => 'textarea',
'div' => 'input clear',
'class' => 'input-xxlarge',
'label' => __('Event info'),
'default' => $blockEntry['EventBlacklist']['event_info'],
'default' => $blockEntry['EventBlocklist']['event_info'],
));
echo $this->Form->input('comment', array(
'type' => 'textarea',
'div' => 'input clear',
'class' => 'input-xxlarge',
'default' => $blockEntry['EventBlacklist']['comment'],
'default' => $blockEntry['EventBlocklist']['comment'],
));
?>
</fieldset>
@ -40,8 +40,8 @@ echo $this->Form->end();
</div>
<?php
if ($isSiteAdmin) {
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlacklistsAdd'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlocklistsAdd'));
} else {
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlacklistsAdd'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlocklistsAdd'));
}
?>

28
app/View/EventBlacklists/index.ctp → app/View/EventBlocklists/index.ctp
View File

@ -1,5 +1,5 @@
<div class="eventBlacklists index">
<h2><?php echo __('Event Blacklists');?></h2>
<div class="eventBlocklists index">
<h2><?php echo __('Event Blocklists');?></h2>
<div class="pagination">
<ul>
<?php
@ -25,7 +25,7 @@
array(
'class' => 'hidden mass-select',
'fa-icon' => 'trash',
'onClick' => "multiSelectDeleteEventBlacklist",
'onClick' => "multiSelectDeleteEventBlocklist",
'onClickParams' => array('1', '0')
)
)
@ -57,17 +57,17 @@
foreach ($response as $item): ?>
<tr>
<td style="width:10px;">
<input class="select" type="checkbox" data-id="<?php echo h($item['EventBlacklist']['id']); ?>" aria-label="select <?php echo h($item['EventBlacklist']['id'])?>" />
<input class="select" type="checkbox" data-id="<?php echo h($item['EventBlocklist']['id']); ?>" aria-label="select <?php echo h($item['EventBlocklist']['id'])?>" />
</td>
<td class="short"><?php echo h($item['EventBlacklist']['id']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['EventBlacklist']['event_orgc']) ? h($item['EventBlacklist']['event_orgc']) : '&nbsp;'); ?></td>
<td class="short"><?php echo h($item['EventBlacklist']['event_uuid']); ?>&nbsp;</td>
<td><?php echo h($item['EventBlacklist']['created']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['EventBlacklist']['event_info']) ? h($item['EventBlacklist']['event_info']) : '&nbsp;'); ?></td>
<td class="short"><?php echo (isset($item['EventBlacklist']['comment']) ? h($item['EventBlacklist']['comment']) : '&nbsp;'); ?></td>
<td class="short"><?php echo h($item['EventBlocklist']['id']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['EventBlocklist']['event_orgc']) ? h($item['EventBlocklist']['event_orgc']) : '&nbsp;'); ?></td>
<td class="short"><?php echo h($item['EventBlocklist']['event_uuid']); ?>&nbsp;</td>
<td><?php echo h($item['EventBlocklist']['created']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['EventBlocklist']['event_info']) ? h($item['EventBlocklist']['event_info']) : '&nbsp;'); ?></td>
<td class="short"><?php echo (isset($item['EventBlocklist']['comment']) ? h($item['EventBlocklist']['comment']) : '&nbsp;'); ?></td>
<td class="short action-links">
<a href="<?php echo $baseurl;?>/eventBlacklists/edit/<?php echo h($item['EventBlacklist']['id']); ?>"><span class="fa fa-edit black" title=<?php echo __('Edit')?> role="button" tabindex="0" aria-label="Edit blacklist entry">&nbsp;</span></a>
<?php echo $this->Form->postLink('', array('action' => 'delete', h($item['EventBlacklist']['id'])), array('class' => 'fa fa-trash', 'title' => __('Delete'), 'aria-label' => __('Delete')), __('Are you sure you want to delete the blacklist entry for the event UUID %s?', h($item['EventBlacklist']['event_uuid']))); ?>
<a href="<?php echo $baseurl;?>/eventBlocklists/edit/<?php echo h($item['EventBlocklist']['id']); ?>"><span class="fa fa-edit block" title=<?php echo __('Edit')?> role="button" tabindex="0" aria-label="Edit blocklist entry">&nbsp;</span></a>
<?php echo $this->Form->postLink('', array('action' => 'delete', h($item['EventBlocklist']['id'])), array('class' => 'fa fa-trash', 'title' => __('Delete'), 'aria-label' => __('Delete')), __('Are you sure you want to delete the blocklist entry for the event UUID %s?', h($item['EventBlocklist']['event_uuid']))); ?>
</td>
</tr><?php
endforeach; ?>
@ -111,8 +111,8 @@ endforeach; ?>
</script>
<?php
if ($isSiteAdmin) {
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlacklists'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlocklists'));
} else {
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlacklists'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlocklists'));
}
?>

6
app/View/EventBlacklists/mass_delete.ctp → app/View/EventBlocklists/mass_delete.ctp
View File

@ -1,15 +1,15 @@
<div class="confirmation">
<?php
echo $this->Form->create('EventBlacklist', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
echo $this->Form->create('EventBlocklist', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
echo $this->Form->input('ids', array(
'type' => 'hidden',
'div' => 'hidden',
'value' => json_encode($event_ids)
));
?>
<legend><?php echo __('Delete blacklisted events'); ?></legend>
<legend><?php echo __('Delete blocklisted events'); ?></legend>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<p><?php echo __('Are you sure you want to delete from the blacklist the selected events?'); ?></p>
<p><?php echo __('Are you sure you want to delete from the blocklist the selected events?'); ?></p>
<table>
<tr>
<td style="vertical-align:top">

8
app/View/OrgBlacklists/add.ctp → app/View/OrgBlocklists/add.ctp
View File

@ -1,7 +1,7 @@
<div class="orgBlacklist form">
<?php echo $this->Form->create('OrgBlacklist');?>
<div class="orgBlocklist form">
<?php echo $this->Form->create('OrgBlocklist');?>
<fieldset>
<legend><?php echo __('Add Organisation Blacklist Entries');?></legend>
<legend><?php echo __('Add Organisation Blocklist Entries');?></legend>
<p><?php echo __('Simply paste a list of all the organisation UUIDs that you wish to block from being entered.');?></p>
<?php
echo $this->Form->input('uuids', array(
@ -31,5 +31,5 @@ echo $this->Form->end();
?>
</div>
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlacklistsAdd'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlocklistsAdd'));
?>

14
app/View/OrgBlacklists/edit.ctp → app/View/OrgBlocklists/edit.ctp
View File

@ -1,7 +1,7 @@
<div class="orgBlacklist form">
<?php echo $this->Form->create('OrgBlacklist');?>
<div class="orgBlocklist form">
<?php echo $this->Form->create('OrgBlocklist');?>
<fieldset>
<legend><?php echo __('Edit Event Blacklist Entries');?></legend>
<legend><?php echo __('Edit Event Blocklist Entries');?></legend>
<p><?php echo __('List of all the event UUIDs that you wish to block from being entered.');?></p>
<?php
echo $this->Form->input('uuids', array(
@ -10,19 +10,19 @@
'div' => 'input clear',
'class' => 'input-xxlarge',
'disabled' => 'disabled',
'default' => $blockEntry['OrgBlacklist']['org_uuid']
'default' => $blockEntry['OrgBlocklist']['org_uuid']
));
echo $this->Form->input('org_name', array(
'div' => 'input clear',
'class' => 'input-xxlarge',
'label' => __('Creating organisation'),
'default' => $blockEntry['OrgBlacklist']['org_name'],
'default' => $blockEntry['OrgBlocklist']['org_name'],
));
echo $this->Form->input('comment', array(
'type' => 'textarea',
'div' => 'input clear',
'class' => 'input-xxlarge',
'default' => $blockEntry['OrgBlacklist']['comment'],
'default' => $blockEntry['OrgBlocklist']['comment'],
));
?>
</fieldset>
@ -32,5 +32,5 @@ echo $this->Form->end();
?>
</div>
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlacklistsAdd'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlocklistsAdd'));
?>

20
app/View/OrgBlacklists/index.ctp → app/View/OrgBlocklists/index.ctp
View File

@ -1,5 +1,5 @@
<div class="orgBlacklists index">
<h2><?php echo __('Organisation Blacklists');?></h2>
<div class="orgBlocklists index">
<h2><?php echo __('Organisation Blocklists');?></h2>
<div class="pagination">
<ul>
<?php
@ -27,14 +27,14 @@
</tr><?php
foreach ($response as $item): ?>
<tr>
<td class="short"><?php echo h($item['OrgBlacklist']['id']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['OrgBlacklist']['org_name']) ? h($item['OrgBlacklist']['org_name']) : '&nbsp;'); ?></td>
<td class="short"><?php echo h($item['OrgBlacklist']['org_uuid']); ?>&nbsp;</td>
<td><?php echo h($item['OrgBlacklist']['created']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['OrgBlacklist']['comment']) ? h($item['OrgBlacklist']['comment']) : '&nbsp;'); ?></td>
<td class="short"><?php echo h($item['OrgBlocklist']['id']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['OrgBlocklist']['org_name']) ? h($item['OrgBlocklist']['org_name']) : '&nbsp;'); ?></td>
<td class="short"><?php echo h($item['OrgBlocklist']['org_uuid']); ?>&nbsp;</td>
<td><?php echo h($item['OrgBlocklist']['created']); ?>&nbsp;</td>
<td class="short"><?php echo (isset($item['OrgBlocklist']['comment']) ? h($item['OrgBlocklist']['comment']) : '&nbsp;'); ?></td>
<td class="short action-links">
<a href="<?php echo $baseurl;?>/orgBlacklists/edit/<?php echo h($item['OrgBlacklist']['id']); ?>" aria-label="<?php echo __('Edit');?>"><span class="fa fa-edit" title="<?php echo __('Edit');?>">&nbsp;</span></a>
<?php echo $this->Form->postLink('', array('action' => 'delete', h($item['OrgBlacklist']['id'])), array('class' => 'fa fa-trash', 'title' => __('Delete'), 'aria-label' => __('Delete')), __('Are you sure you want to delete the blacklist entry for the organisation UUID %s?', h($item['OrgBlacklist']['org_uuid']))); ?>
<a href="<?php echo $baseurl;?>/orgBlocklists/edit/<?php echo h($item['OrgBlocklist']['id']); ?>" aria-label="<?php echo __('Edit');?>"><span class="fa fa-edit" title="<?php echo __('Edit');?>">&nbsp;</span></a>
<?php echo $this->Form->postLink('', array('action' => 'delete', h($item['OrgBlocklist']['id'])), array('class' => 'fa fa-trash', 'title' => __('Delete'), 'aria-label' => __('Delete')), __('Are you sure you want to delete the blocklist entry for the organisation UUID %s?', h($item['OrgBlocklist']['org_uuid']))); ?>
</td>
</tr><?php
endforeach; ?>
@ -58,4 +58,4 @@ endforeach; ?>
</div>
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlacklists'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'orgBlocklists'));

10
app/View/Pages/doc/administration.ctp
View File

@ -8,7 +8,7 @@
<li class="active"><?php echo $this->Html->link(__('Administration'), array('controller' => 'pages', 'action' => 'display', 'doc', 'administration')); ?>
<ul class="nav nav-list">
<li><a href="#diagnostics"><?php echo __('Settings and Diagnostics');?></a></li>
<li><a href="#blacklist"><?php echo __('Blacklist');?></a></li>
<li><a href="#blocklist"><?php echo __('Blocklist');?></a></li>
<li><a href="#regexp"><?php echo __('Import Regexp');?></a></li>
<li><a href="#whitelist"><?php echo __('Signature Whitelist');?></a></li>
<li><a href="#user"><?php echo __('User Management');?></a></li>
@ -56,10 +56,10 @@
<li><b><?php echo __('Status');?></b>: <?php echo __('Displays OK if the worker is running. If the _schdlr_ worker is the only one not running make sure that you copy the config file into the cakeresque directory as described in the INSTALL.txt documentation.');?></li>
</ul>
<hr />
<h2><a id="blacklist"></a><?php echo __('Import Blacklist');?></h2>
<?php echo __('It is possible to ban certain values from ever being entered into the system via an event info field or an attribute value. This is done by blacklisting the value in this section.');?><br />
<h2><a id="blocklist"></a><?php echo __('Import Blocklist');?></h2>
<?php echo __('It is possible to ban certain values from ever being entered into the system via an event info field or an attribute value. This is done by blocklisting the value in this section.');?><br />
<h3><?php echo __('Adding and modifying entries');?></h3>
<?php echo __('Administrators can add, edit or delete blacklisted items by using the appropriate functions in the list\'s action menu and the menu on the left.');?><br />
<?php echo __('Administrators can add, edit or delete blocklisted items by using the appropriate functions in the list\'s action menu and the menu on the left.');?><br />
<hr />
<h2><a id="regexp"></a><?php echo __('Import Regexp');?></h2>
<?php echo __('The system allows administrators to set up rules for regular expressions that will automatically alter newly entered or imported events.');?><br />
@ -168,7 +168,7 @@
<li><b><?php echo __('Attribute');?>:</b> <?php echo __('Creation, deletion, modification');?><br /></li>
<li><b><?php echo __('ShadowAttribute');?>:</b> <?php echo __('Creation, deletion, Accept, Discard');?><br /></li>
<li><b><?php echo __('Roles');?>:</b> <?php echo __('Creation, deletion, modification');?><br /></li>
<li><b><?php echo __('Blacklist');?>:</b> <?php echo __('Creation, deletion, modification');?><br /></li>
<li><b><?php echo __('Blocklist');?>:</b> <?php echo __('Creation, deletion, modification');?><br /></li>
<li><b><?php echo __('Whitelist');?>:</b> <?php echo __('Creation, deletion, modification');?><br /></li>
<li><b><?php echo __('Regexp');?>:</b> <?php echo __('Creation, deletion, modification');?></li>
</ul>

2
app/View/Pages/doc/user_management.ctp
View File

@ -66,7 +66,7 @@
<a id="filters"></a><h3><?php echo __('Inspecting the input filters');?>:</h3>
<?php echo __('All the events and attributes that get entered into MISP will be run through a series of input filters. These are defined by the site administrators or users with special privileges to edit the filters, but every user can take a look at the currently active lists.');?><br><br>
<ul>
<li><b><?php echo __('Import Regexp');?>:</b> <?php echo __('All Attribute value and Event info fields will be parsed for a set of regular expressions and replaced based on the replacement values contained in this section. This has many uses, such as unifying similar data for better correlation, removing personal data from file-paths or simply for clarity. It is also possible to blacklist data by not defining a replacement for a regular expression.');?> <br /><br /></li>
<li><b><?php echo __('Import Regexp');?>:</b> <?php echo __('All Attribute value and Event info fields will be parsed for a set of regular expressions and replaced based on the replacement values contained in this section. This has many uses, such as unifying similar data for better correlation, removing personal data from file-paths or simply for clarity. It is also possible to blocklist data by not defining a replacement for a regular expression.');?> <br /><br /></li>
<li><b><?php echo __('Signature Whitelist');?>:</b> <?php echo __('This list (can) contain a set of addresses that are allowed to be entered as attribute values but will be blocked from being exported to NIDS-es.');?><br /><br /> </li>
</ul>
</div>