diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index edfba526c..ca6fc5f07 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -966,9 +966,9 @@ class AppController extends Controller )); $counter = 0; - // load this so we can remove the blacklist item that will be created, this is the one case when we do not want it. - if (Configure::read('MISP.enableEventBlacklisting') !== false) { - $this->EventBlacklist = ClassRegistry::init('EventBlacklist'); + // load this so we can remove the blocklist item that will be created, this is the one case when we do not want it. + if (Configure::read('MISP.enableEventBlocklisting') !== false) { + $this->EventBlocklist = ClassRegistry::init('EventBlocklist'); } foreach ($duplicates as $duplicate) { @@ -981,10 +981,10 @@ class AppController extends Controller $uuid = $event['Event']['uuid']; $this->Event->delete($event['Event']['id']); $counter++; - // remove the blacklist entry that we just created with the event deletion, if the feature is enabled + // remove the blocklist entry that we just created with the event deletion, if the feature is enabled // We do not want to block the UUID, since we just deleted a copy - if (Configure::read('MISP.enableEventBlacklisting') !== false) { - $this->EventBlacklist->deleteAll(array('EventBlacklist.event_uuid' => $uuid)); + if (Configure::read('MISP.enableEventBlocklisting') !== false) { + $this->EventBlocklist->deleteAll(array('EventBlocklist.event_uuid' => $uuid)); } } } diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index 9fbc3540b..6639239aa 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -111,7 +111,7 @@ class ACLComponent extends Component 'requestAccess' => array(), 'view' => array() ), - 'eventBlacklists' => array( + 'eventBlocklists' => array( 'add' => [ 'AND' => [ 'host_org_user', @@ -349,7 +349,7 @@ class ACLComponent extends Component 'objectTemplateElements' => array( 'viewElements' => array('*') ), - 'orgBlacklists' => array( + 'orgBlocklists' => array( 'add' => array(), 'delete' => array(), 'edit' => array(), diff --git a/app/Controller/Component/BlackListComponent.php b/app/Controller/Component/BlockListComponent.php similarity index 89% rename from app/Controller/Component/BlackListComponent.php rename to app/Controller/Component/BlockListComponent.php index 0f3e72d79..afdc20e9c 100644 --- a/app/Controller/Component/BlackListComponent.php +++ b/app/Controller/Component/BlockListComponent.php @@ -4,7 +4,7 @@ * create, read, update and delete (CRUD) */ -class BlackListComponent extends Component +class BlocklistComponent extends Component { public $settings = array(); public $defaultModel = ''; @@ -17,12 +17,12 @@ class BlackListComponent extends Component $this->controller->paginate['conditions'] = $filters; } if ($rest) { - $blackList = $this->controller->paginate(); - $blacklist= array(); - foreach ($blackList as $item) { - $blacklist[] = $item[$this->controller->defaultModel]; + $blocklist = $this->controller->paginate(); + $blocklist= array(); + foreach ($blocklist as $item) { + $blocklist[] = $item[$this->controller->defaultModel]; } - return $this->RestResponse->viewData($blacklist); + return $this->RestResponse->viewData($blocklist); } else { $this->controller->set('response', $this->controller->paginate()); } @@ -62,8 +62,8 @@ class BlackListComponent extends Component if (strlen($uuid) == 36) { $this->controller->{$this->controller->defaultModel}->create(); $object = array(); - foreach ($this->controller->{$this->controller->defaultModel}->blacklistFields as $f) { - if ($f === $this->controller->{$this->controller->defaultModel}->blacklistTarget . '_uuid') { + foreach ($this->controller->{$this->controller->defaultModel}->blocklistFields as $f) { + if ($f === $this->controller->{$this->controller->defaultModel}->blocklistTarget . '_uuid') { $object[$f] = $uuid; } else { $object[$f] = !empty($data[$this->controller->defaultModel][$f]) ? $data[$this->controller->defaultModel][$f] : ''; @@ -78,7 +78,7 @@ class BlackListComponent extends Component $fails[] = $uuid; } } - $message = sprintf(__('Done. Added %d new entries to the blacklist. %d entries could not be saved.'), count($successes), count($fails)); + $message = sprintf(__('Done. Added %d new entries to the blocklist. %d entries could not be saved.'), count($successes), count($fails)); if ($rest) { $result = [ 'result' => [ @@ -100,14 +100,14 @@ class BlackListComponent extends Component if (Validation::uuid($id)) { $blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', [ 'conditions' => array( - $this->controller->{$this->controller->defaultModel}->blacklistTarget . '_uuid' => $id + $this->controller->{$this->controller->defaultModel}->blocklistTarget . '_uuid' => $id ) ]); } else { $blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', array('conditions' => array('id' => $id))); } if (empty($blockEntry)) { - throw new NotFoundException('Blacklist item not found.'); + throw new NotFoundException('Blocklist item not found.'); } $this->controller->set('blockEntry', $blockEntry); if ($this->controller->request->is('post')) { @@ -127,7 +127,7 @@ class BlackListComponent extends Component } else { $data = $this->controller->request->data; } - $fields = $this->controller->{$this->controller->defaultModel}->blacklistFields; + $fields = $this->controller->{$this->controller->defaultModel}->blocklistFields; foreach ($fields as $f) { if ($f == 'uuid') { continue; @@ -147,14 +147,14 @@ class BlackListComponent extends Component ]) ); } else { - $this->controller->Session->setFlash(__('Blacklist item added.')); + $this->controller->Session->setFlash(__('Blocklist item added.')); $this->controller->redirect(array('action' => 'index')); } } else { if ($rest) { - throw new MethodNotAllowedException('Could not save the blacklist item.'); + throw new MethodNotAllowedException('Could not save the blocklist item.'); } else { - $this->controller->Session->setFlash(__('Could not save the blacklist item')); + $this->controller->Session->setFlash(__('Could not save the blocklist item')); $this->controller->redirect(array('action' => 'index')); } } @@ -166,24 +166,24 @@ class BlackListComponent extends Component if (Validation::uuid($id)) { $blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', [ 'conditions' => array( - $this->controller->{$this->controller->defaultModel}->blacklistTarget . '_uuid' => $id + $this->controller->{$this->controller->defaultModel}->blocklistTarget . '_uuid' => $id ) ]); } else { $blockEntry = $this->controller->{$this->controller->defaultModel}->find('first', array('conditions' => array('id' => $id))); } if (empty($blockEntry)) { - throw new NotFoundException(__('Invalid blacklist entry')); + throw new NotFoundException(__('Invalid blocklist entry')); } if ($this->controller->{$this->controller->defaultModel}->delete($blockEntry[$this->controller->defaultModel]['id'])) { - $message = __('Blacklist entry removed'); + $message = __('Blocklist entry removed'); if ($rest) { return $this->RestResponse->saveSuccessResponse($this->controller->defaultModel, 'delete', $id, false, $message); } $this->controller->Flash->success($message); } else { - $message = __('Could not remove the blacklist entry'); + $message = __('Could not remove the blocklist entry'); if ($rest) { return $this->RestResponse->saveFailResponse($this->controller->defaultModel, 'delete', $id, $message); } diff --git a/app/Controller/Component/RestResponseComponent.php b/app/Controller/Component/RestResponseComponent.php index a19f5e90b..190de0954 100644 --- a/app/Controller/Component/RestResponseComponent.php +++ b/app/Controller/Component/RestResponseComponent.php @@ -1099,7 +1099,7 @@ class RestResponseComponent extends Component 'input' => 'select', 'type' => 'string', 'operators' => array('equal'), - 'values' => array('Attribute', 'Event', 'EventBlacklist', 'EventTag', 'MispObject', 'Organisation', 'Post', 'Regexp', 'Role', 'Server', 'ShadowAttribute', 'SharingGroup', 'Tag', 'Task', 'Taxonomy', 'Template', 'Thread', 'User', 'Whitelist'), + 'values' => array('Attribute', 'Event', 'EventBlocklist', 'EventTag', 'MispObject', 'Organisation', 'Post', 'Regexp', 'Role', 'Server', 'ShadowAttribute', 'SharingGroup', 'Tag', 'Task', 'Taxonomy', 'Template', 'Thread', 'User', 'Whitelist'), ), 'model_id' => array( 'input' => 'number', diff --git a/app/Controller/EventBlacklistsController.php b/app/Controller/EventBlocklistsController.php similarity index 70% rename from app/Controller/EventBlacklistsController.php rename to app/Controller/EventBlocklistsController.php index b4a3a3cdb..1027b0d97 100644 --- a/app/Controller/EventBlacklistsController.php +++ b/app/Controller/EventBlocklistsController.php @@ -1,15 +1,15 @@ Flash->info(__('Event Blacklisting is not currently enabled on this instance.')); + if (false === Configure::read('MISP.enableEventBlocklisting')) { + $this->Flash->info(__('Event Blocklisting is not currently enabled on this instance.')); $this->redirect('/'); } } @@ -18,7 +18,7 @@ class EventBlacklistsController extends AppController 'limit' => 60, 'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page. 'order' => array( - 'EventBlacklist.created' => 'DESC' + 'EventBlocklist.created' => 'DESC' ), ); @@ -43,50 +43,50 @@ class EventBlacklistsController extends AppController } $this->set('passedArgs', json_encode($passedArgs)); $this->set('passedArgsArray', $passedArgsArray); - return $this->BlackList->index($this->_isRest(), $params); + return $this->BlockList->index($this->_isRest(), $params); } public function add() { - return $this->BlackList->add($this->_isRest()); + return $this->BlockList->add($this->_isRest()); } public function edit($id) { - return $this->BlackList->edit($this->_isRest(), $id); + return $this->BlockList->edit($this->_isRest(), $id); } public function delete($id) { - return $this->BlackList->delete($this->_isRest(), $id); + return $this->BlockList->delete($this->_isRest(), $id); } public function massDelete() { if ($this->request->is('post') || $this->request->is('put')) { - if (!isset($this->request->data['EventBlacklist'])) { - $this->request->data = array('EventBlacklist' => $this->request->data); + if (!isset($this->request->data['EventBlocklist'])) { + $this->request->data = array('EventBlocklist' => $this->request->data); } - $ids = $this->request->data['EventBlacklist']['ids']; + $ids = $this->request->data['EventBlocklist']['ids']; $event_ids = json_decode($ids, true); if (empty($event_ids)) { throw new NotFoundException(__('Invalid event IDs.')); } - $result = $this->EventBlacklist->deleteAll(array('EventBlacklist.id' => $event_ids)); + $result = $this->EventBlocklist->deleteAll(array('EventBlocklist.id' => $event_ids)); if ($result) { if ($this->_isRest()) { - return $this->RestResponse->saveSuccessResponse('EventBlacklist', 'Deleted', $ids, $this->response->type()); + return $this->RestResponse->saveSuccessResponse('EventBlocklist', 'Deleted', $ids, $this->response->type()); } else { - $this->Flash->success('Blacklist entry removed'); - $this->redirect(array('controller' => 'eventBlacklists', 'action' => 'index')); + $this->Flash->success('Blocklist entry removed'); + $this->redirect(array('controller' => 'eventBlocklists', 'action' => 'index')); } } else { - $error = __('Failed to delete Event from EventBlacklist. Error: ') . PHP_EOL . h($result); + $error = __('Failed to delete Event from EventBlocklist. Error: ') . PHP_EOL . h($result); if ($this->_isRest()) { - return $this->RestResponse->saveFailResponse('EventBlacklist', 'Deleted', false, $error, $this->response->type()); + return $this->RestResponse->saveFailResponse('EventBlocklist', 'Deleted', false, $error, $this->response->type()); } else { $this->Flash->error($error); - $this->redirect(array('controller' => 'eventBlacklists', 'action' => 'index')); + $this->redirect(array('controller' => 'eventBlocklists', 'action' => 'index')); } } } else { diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index def0fc5f5..5bd3d2de9 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1963,7 +1963,7 @@ class EventsController extends AppController if ($add === true && !is_numeric($add)) { if ($this->_isRest()) { if ($add === 'blocked') { - throw new ForbiddenException(__('Event blocked by local blacklist.')); + throw new ForbiddenException(__('Event blocked by local blocklist.')); } // REST users want to see the newly created event $results = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $created_id)); @@ -1990,7 +1990,7 @@ class EventsController extends AppController return $this->RestResponse->saveFailResponse('Events', 'add', false, $validationErrors, $this->response->type()); } else { if ($add === 'blocked') { - $this->Flash->error(__('A blacklist entry is blocking you from creating any events. Please contact the administration team of this instance') . (Configure::read('MISP.contact') ? ' at ' . Configure::read('MISP.contact') : '') . '.'); + $this->Flash->error(__('A blocklist entry is blocking you from creating any events. Please contact the administration team of this instance') . (Configure::read('MISP.contact') ? ' at ' . Configure::read('MISP.contact') : '') . '.'); } else { $this->Flash->error(__('The event could not be saved. Please, try again.'), 'default', array(), 'error'); } @@ -5626,7 +5626,7 @@ class EventsController extends AppController 'recursive' => -1 )); $count = 0; - $this->Event->skipBlacklist = true; + $this->Event->skipBlocklist = true; foreach ($eventIds as $eventId => $eventUuid) { $result = $this->Event->Attribute->find('first', array( 'conditions' => array('Attribute.event_id' => $eventId), @@ -5638,7 +5638,7 @@ class EventsController extends AppController $count++; } } - $this->Event->skipBlacklist = null; + $this->Event->skipBlocklist = null; $message = __('%s event(s) deleted.', $count); if ($this->_isRest()) { return $this->RestResponse->viewData($message, $this->response->type()); diff --git a/app/Controller/LogsController.php b/app/Controller/LogsController.php index b80de5eb1..2524abcf3 100644 --- a/app/Controller/LogsController.php +++ b/app/Controller/LogsController.php @@ -404,7 +404,7 @@ class LogsController extends AppController $this->set('actions', $actions); // combobox for models - $models = array('Attribute', 'Event', 'EventBlacklist', 'EventTag', 'Feed', 'DecayingModel', 'MispObject', 'Organisation', 'Post', 'Regexp', 'Role', 'Server', 'ShadowAttribute', 'SharingGroup', 'Tag', 'Task', 'Taxonomy', 'Template', 'Thread', 'User', 'Whitelist'); + $models = array('Attribute', 'Event', 'EventBlocklist', 'EventTag', 'Feed', 'DecayingModel', 'MispObject', 'Organisation', 'Post', 'Regexp', 'Role', 'Server', 'ShadowAttribute', 'SharingGroup', 'Tag', 'Task', 'Taxonomy', 'Template', 'Thread', 'User', 'Whitelist'); $models = array('' => 'ALL') + $this->_arrayToValuesIndexArray($models); $this->set('models', $models); $this->set('actionDefinitions', $this->{$this->defaultModel}->actionDefinitions); diff --git a/app/Controller/OrgBlacklistsController.php b/app/Controller/OrgBlocklistsController.php similarity index 55% rename from app/Controller/OrgBlacklistsController.php rename to app/Controller/OrgBlocklistsController.php index ec198f679..ea1eee30e 100644 --- a/app/Controller/OrgBlacklistsController.php +++ b/app/Controller/OrgBlocklistsController.php @@ -1,9 +1,9 @@ _isSiteAdmin()) { $this->redirect('/'); } - if (Configure::check('MISP.enableOrgBlacklisting') && !Configure::read('MISP.enableOrgBlacklisting') !== false) { - $this->Flash->info(__('Organisation Blacklisting is not currently enabled on this instance.')); + if (Configure::check('MISP.enableOrgBlocklisting') && !Configure::read('MISP.enableOrgBlocklisting') !== false) { + $this->Flash->info(__('Organisation BlockListing is not currently enabled on this instance.')); $this->redirect('/'); } } @@ -21,27 +21,27 @@ class OrgBlacklistsController extends AppController 'limit' => 60, 'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page. 'order' => array( - 'OrgBlacklist.created' => 'DESC' + 'OrgBlocklist.created' => 'DESC' ), ); public function index() { - return $this->BlackList->index($this->_isRest()); + return $this->BlockList->index($this->_isRest()); } public function add() { - return $this->BlackList->add($this->_isRest()); + return $this->BlockList->add($this->_isRest()); } public function edit($id) { - return $this->BlackList->edit($this->_isRest(), $id); + return $this->BlockList->edit($this->_isRest(), $id); } public function delete($id) { - return $this->BlackList->delete($this->_isRest(), $id); + return $this->BlockList->delete($this->_isRest(), $id); } } diff --git a/app/Controller/UsersController.php b/app/Controller/UsersController.php index 7a568d65b..4bccd7bfe 100644 --- a/app/Controller/UsersController.php +++ b/app/Controller/UsersController.php @@ -1104,7 +1104,7 @@ class UsersController extends AppController if ($this->request->is('post') || $this->request->is('put')) { $this->Bruteforce = ClassRegistry::init('Bruteforce'); if (!empty($this->request->data['User']['email'])) { - if ($this->Bruteforce->isBlacklisted($_SERVER['REMOTE_ADDR'], $this->request->data['User']['email'])) { + if ($this->Bruteforce->isBlocklisted($_SERVER['REMOTE_ADDR'], $this->request->data['User']['email'])) { $expire = Configure::check('SecureAuth.expire') ? Configure::read('SecureAuth.expire') : 300; throw new ForbiddenException('You have reached the maximum number of login attempts. Please wait ' . Configure::read('SecureAuth.expire') . ' seconds and try again.'); } diff --git a/app/Lib/Dashboard/OrgsContributorsGeneric.php b/app/Lib/Dashboard/OrgsContributorsGeneric.php index 8b93dc1cf..36ab36feb 100644 --- a/app/Lib/Dashboard/OrgsContributorsGeneric.php +++ b/app/Lib/Dashboard/OrgsContributorsGeneric.php @@ -7,12 +7,12 @@ class OrgsContributorsGeneric public $cacheLifetime = 3600; public $autoRefreshDelay = false; public $params = array ( - 'blacklist_orgs' => 'A list of organisation names to filter out', + 'blocklist_orgs' => 'A list of organisation names to filter out', 'timeframe' => 'Number of days considered for the query (30 by default)' ); public $placeholder = '{ - "blacklist_orgs": ["Orgs to filter"], + "blocklist_orgs": ["Orgs to filter"], "timeframe": "30" }'; @@ -35,7 +35,7 @@ class OrgsContributorsGeneric $orgs = $this->Org->find('all', array( 'conditions' => array('Organisation.local' => 1))); $result = array(); foreach($orgs as $org) { - if(!empty($options['blacklist_orgs']) && in_array($org['Organisation']['name'], $options['blacklist_orgs'])) { + if(!empty($options['blocklist_orgs']) && in_array($org['Organisation']['name'], $options['blocklist_orgs'])) { continue; } if ($this->filter($user, $org, $start_timestamp)) { diff --git a/app/Lib/Dashboard/SharingGraphWidget.php b/app/Lib/Dashboard/SharingGraphWidget.php index fbdc434dd..fd0176a9c 100644 --- a/app/Lib/Dashboard/SharingGraphWidget.php +++ b/app/Lib/Dashboard/SharingGraphWidget.php @@ -15,13 +15,13 @@ class SharingGraphWidget public $cacheLifetime = 10; public $autoRefreshDelay = false; public $params = array ( - 'blacklist_orgs' => 'A list of organisation names to filter out', + 'blocklist_orgs' => 'A list of organisation names to filter out', 'months' => 'Number of past months to consider for the graph' ); public $placeholder = '{ - "blacklist_orgs": ["Orgs to filter"], + "blocklist_orgs": ["Orgs to filter"], "months": "6" }'; @@ -117,8 +117,8 @@ class SharingGraphWidget $ghost_orgs = array(); // track orgs without any contribution // We start by putting all orgs_id in there: foreach($orgs as $org) { - // We check for blacklisted orgs - if(!empty($options['blacklist_orgs']) && in_array($org['Organisation']['name'], $options['blacklist_orgs'])) { + // We check for blocklisted orgs + if(!empty($options['blocklist_orgs']) && in_array($org['Organisation']['name'], $options['blocklist_orgs'])) { unset($orgs[$offset]); } else { $ghost_orgs[$org['Organisation']['name']] = true; diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index f8086b10e..cf1c96676 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -85,7 +85,7 @@ class AppModel extends Model 33 => false, 34 => false, 35 => false, 36 => false, 37 => false, 38 => false, 39 => false, 40 => false, 41 => false, 42 => false, 43 => false, 44 => false, 45 => false, 46 => false, 47 => false, 48 => false, 49 => false, 50 => false, - 51 => false, 52 => false, 53 => false, 54 => false, 55 => false, + 51 => false, 52 => false, 53 => false, 54 => false, 55 => false, 56 => false, ); public $advanced_updates_description = array( @@ -196,16 +196,16 @@ class AppModel extends Model $this->Sighting->deleteAll(array('NOT' => array('Sighting.type' => array(0, 1, 2)))); break; case '2.4.71': - $this->OrgBlacklist = Classregistry::init('OrgBlacklist'); + $this->OrgBlocklist = Classregistry::init('OrgBlocklist'); $values = array( array('org_uuid' => '58d38339-7b24-4386-b4b4-4c0f950d210f', 'org_name' => 'Setec Astrononomy', 'comment' => 'default example'), array('org_uuid' => '58d38326-eda8-443a-9fa8-4e12950d210f', 'org_name' => 'Acme Finance', 'comment' => 'default example') ); foreach ($values as $value) { - $found = $this->OrgBlacklist->find('first', array('conditions' => array('org_uuid' => $value['org_uuid']), 'recursive' => -1)); + $found = $this->OrgBlocklist->find('first', array('conditions' => array('org_uuid' => $value['org_uuid']), 'recursive' => -1)); if (empty($found)) { - $this->OrgBlacklist->create(); - $this->OrgBlacklist->save($value); + $this->OrgBlocklist->create(); + $this->OrgBlocklist->save($value); } } $dbUpdateSuccess = $this->updateDatabase($command); @@ -1407,6 +1407,11 @@ class AppModel extends Model $this->__dropIndex('correlations', 'sharing_group_id'); $this->__dropIndex('correlations', 'a_sharing_group_id'); break; + case 56: + //rename tables + $sqlArray[] = "RENAME TABLE `org_blacklists` TO `org_blocklists`;"; + $sqlArray[] = "RENAME TABLE `event_blacklists` TO `event_blocklists`;"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/Behavior/RegexpBehavior.php b/app/Model/Behavior/RegexpBehavior.php index 11dbd1fbe..1d81726b1 100644 --- a/app/Model/Behavior/RegexpBehavior.php +++ b/app/Model/Behavior/RegexpBehavior.php @@ -12,7 +12,7 @@ class RegexpBehavior extends ModelBehavior public $excluded_types = array('sigma', 'float'); /** - * replace the current value according to the regexp rules, or block blacklisted regular expressions + * replace the current value according to the regexp rules, or block blocklisted regular expressions * * @param Model $Model * @param string $type diff --git a/app/Model/Bruteforce.php b/app/Model/Bruteforce.php index 8f214dce2..23c815528 100644 --- a/app/Model/Bruteforce.php +++ b/app/Model/Bruteforce.php @@ -20,8 +20,8 @@ class Bruteforce extends AppModel ); $this->save($bruteforceEntry); $title = 'Failed login attempt using username ' . $username . ' from IP: ' . $_SERVER['REMOTE_ADDR'] . '.'; - if ($this->isBlacklisted($ip, $username)) { - $title .= 'This has tripped the bruteforce protection after ' . $amount . ' failed attempts. The user is now blacklisted for ' . $expire . ' seconds.'; + if ($this->isBlocklisted($ip, $username)) { + $title .= 'This has tripped the bruteforce protection after ' . $amount . ' failed attempts. The user is now blocklisted for ' . $expire . ' seconds.'; } $log = array( 'org' => 'SYSTEM', @@ -47,7 +47,7 @@ class Bruteforce extends AppModel $this->query($sql); } - public function isBlacklisted($ip, $username) + public function isBlocklisted($ip, $username) { // first remove old expired rows $this->clean(); diff --git a/app/Model/Event.php b/app/Model/Event.php index 44143b986..3757d807e 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -492,12 +492,12 @@ class Event extends AppModel public function beforeDelete($cascade = true) { - // blacklist the event UUID if the feature is enabled - if (Configure::read('MISP.enableEventBlacklisting') !== false && empty($this->skipBlacklist)) { - $this->EventBlacklist = ClassRegistry::init('EventBlacklist'); - $this->EventBlacklist->create(); + // blocklist the event UUID if the feature is enabled + if (Configure::read('MISP.enableEventBlocklisting') !== false && empty($this->skipBlocklist)) { + $this->EventBlocklist = ClassRegistry::init('EventBlocklist'); + $this->EventBlocklist->create(); $orgc = $this->Orgc->find('first', array('conditions' => array('Orgc.id' => $this->data['Event']['orgc_id']), 'recursive' => -1, 'fields' => array('Orgc.name'))); - $this->EventBlacklist->save(array('event_uuid' => $this->data['Event']['uuid'], 'event_info' => $this->data['Event']['info'], 'event_orgc' => $orgc['Orgc']['name'])); + $this->EventBlocklist->save(array('event_uuid' => $this->data['Event']['uuid'], 'event_info' => $this->data['Event']['info'], 'event_orgc' => $orgc['Orgc']['name'])); if (!empty($this->data['Event']['id'])) { if (Configure::read('Plugin.ZeroMQ_enable') && Configure::read('Plugin.ZeroMQ_event_notifications_enable')) { $pubSubTool = $this->getPubSubTool(); @@ -3449,11 +3449,11 @@ class Event extends AppModel if ($jobId) { App::uses('AuthComponent', 'Controller/Component'); } - if (Configure::read('MISP.enableEventBlacklisting') !== false && isset($data['Event']['uuid'])) { - $this->EventBlacklist = ClassRegistry::init('EventBlacklist'); - $r = $this->EventBlacklist->find('first', array('conditions' => array('event_uuid' => $data['Event']['uuid']))); + if (Configure::read('MISP.enableEventBlocklisting') !== false && isset($data['Event']['uuid'])) { + $this->EventBlocklist = ClassRegistry::init('EventBlocklist'); + $r = $this->EventBlocklist->find('first', array('conditions' => array('event_uuid' => $data['Event']['uuid']))); if (!empty($r)) { - return 'Blocked by blacklist'; + return 'Blocked by blocklist'; } } if (!$this->checkEventBlockRules($data)) { @@ -3505,14 +3505,14 @@ class Event extends AppModel throw new MethodNotAllowedException('Event cannot be created as you are not a member of the creator organisation.'); } } - if (!Configure::check('MISP.enableOrgBlacklisting') || Configure::read('MISP.enableOrgBlacklisting') !== false) { - $this->OrgBlacklist = ClassRegistry::init('OrgBlacklist'); + if (!Configure::check('MISP.enableOrgBlocklisting') || Configure::read('MISP.enableOrgBlocklisting') !== false) { + $this->OrgBlocklist = ClassRegistry::init('OrgBlocklist'); if (!isset($data['Event']['Orgc']['uuid'])) { $orgc = $this->Orgc->find('first', array('conditions' => array('Orgc.id' => $data['Event']['orgc_id']), 'fields' => array('Orgc.uuid'), 'recursive' => -1)); } else { $orgc = array('Orgc' => array('uuid' => $data['Event']['Orgc']['uuid'])); } - if ($this->OrgBlacklist->hasAny(array('OrgBlacklist.org_uuid' => $orgc['Orgc']['uuid']))) { + if ($this->OrgBlocklist->hasAny(array('OrgBlocklist.org_uuid' => $orgc['Orgc']['uuid']))) { return 'blocked'; } } diff --git a/app/Model/EventBlacklist.php b/app/Model/EventBlocklist.php similarity index 64% rename from app/Model/EventBlacklist.php rename to app/Model/EventBlocklist.php index 8565a80df..9287cf2e6 100644 --- a/app/Model/EventBlacklist.php +++ b/app/Model/EventBlocklist.php @@ -1,8 +1,8 @@ array( 'unique' => array( 'rule' => 'isUnique', - 'message' => 'Event already blacklisted.' + 'message' => 'Event already blocklisted.' ), 'uuid' => array( 'rule' => array('uuid'), @@ -36,14 +36,14 @@ class EventBlacklist extends AppModel parent::beforeValidate(); $schema = $this->schema(); if (!isset($schema['event_info'])) { - $this->updateDatabase('addEventBlacklistsContext'); + $this->updateDatabase('addEventBlocklistsContext'); } $date = date('Y-m-d H:i:s'); - if (empty($this->data['EventBlacklist']['id'])) { - $this->data['EventBlacklist']['date_created'] = $date; + if (empty($this->data['EventBlocklist']['id'])) { + $this->data['EventBlocklist']['date_created'] = $date; } - if (empty($this->data['EventBlacklist']['comment'])) { - $this->data['EventBlacklist']['comment'] = ''; + if (empty($this->data['EventBlocklist']['comment'])) { + $this->data['EventBlocklist']['comment'] = ''; } return true; } diff --git a/app/Model/Log.php b/app/Model/Log.php index 537029dbb..38b9a9dc9 100644 --- a/app/Model/Log.php +++ b/app/Model/Log.php @@ -26,7 +26,7 @@ class Log extends AppModel 'admin_email', 'auth', 'auth_fail', - 'blacklisted', + 'blocklisted', 'change_pw', 'delete', 'disable', diff --git a/app/Model/OrgBlacklist.php b/app/Model/OrgBlocklist.php similarity index 76% rename from app/Model/OrgBlacklist.php rename to app/Model/OrgBlocklist.php index 28fda2519..ecdab27fd 100644 --- a/app/Model/OrgBlacklist.php +++ b/app/Model/OrgBlocklist.php @@ -1,8 +1,8 @@ 'full'), 'Containable', ); - public $blacklistFields = array('org_uuid', 'comment', 'org_name'); + public $blocklistFields = array('org_uuid', 'comment', 'org_name'); - public $blacklistTarget = 'org'; + public $blocklistTarget = 'org'; public $validate = array( 'org_uuid' => array( 'unique' => array( 'rule' => 'isUnique', - 'message' => 'Organisation already blacklisted.' + 'message' => 'Organisation already blocklisted.' ), 'uuid' => array( 'rule' => array('custom', '/^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$/'), @@ -33,8 +33,8 @@ class OrgBlacklist extends AppModel public function beforeValidate($options = array()) { parent::beforeValidate(); - if (empty($this->data['OrgBlacklist']['id'])) { - $this->data['OrgBlacklist']['date_created'] = date('Y-m-d H:i:s'); + if (empty($this->data['OrgBlocklist']['id'])) { + $this->data['OrgBlocklist']['date_created'] = date('Y-m-d H:i:s'); } return true; } diff --git a/app/Model/Regexp.php b/app/Model/Regexp.php index d100bc396..f29b7043d 100644 --- a/app/Model/Regexp.php +++ b/app/Model/Regexp.php @@ -63,7 +63,7 @@ class Regexp extends AppModel } // if we found the original, let's try to find all of the regexp values that match the original in the regexp and replacement fields. // We should get a list of all the IDs (and their respective types) of regular expression entries that are duplicates created for various types. - // ip-src /127.0.0.1/ -> '' and ip-dst /127.0.0.1/ -> '' (entries that blacklists the ip-source and ip-destination addresses 127.0.0.1) will be returned when editing + // ip-src /127.0.0.1/ -> '' and ip-dst /127.0.0.1/ -> '' (entries that blocklists the ip-source and ip-destination addresses 127.0.0.1) will be returned when editing // ip-src /127.0.0.1/ -> '', but other /127.0.0.1/ -> 'localhost' will not if ($original != null) { foreach ($allRegexp as $k => $v) { diff --git a/app/Model/Server.php b/app/Model/Server.php index c394a932c..05e57f9e2 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -767,16 +767,16 @@ class Server extends AppModel 'test' => 'testPasswordResetText', 'type' => 'string' ), - 'enableEventBlacklisting' => array( + 'enableEventBlocklisting' => array( 'level' => 1, - 'description' => __('Since version 2.3.107 you can start blacklisting event UUIDs to prevent them from being pushed to your instance. This functionality will also happen silently whenever an event is deleted, preventing a deleted event from being pushed back from another instance.'), + 'description' => __('Since version 2.3.107 you can start blocklisting event UUIDs to prevent them from being pushed to your instance. This functionality will also happen silently whenever an event is deleted, preventing a deleted event from being pushed back from another instance.'), 'value' => true, 'type' => 'boolean', 'test' => 'testBool' ), - 'enableOrgBlacklisting' => array( + 'enableOrgBlocklisting' => array( 'level' => 1, - 'description' => __('Blacklisting organisation UUIDs to prevent the creation of any event created by the blacklisted organisation.'), + 'description' => __('Blocklisting organisation UUIDs to prevent the creation of any event created by the blocklisted organisation.'), 'value' => true, 'type' => 'boolean', 'test' => 'testBool' @@ -2453,9 +2453,9 @@ class Server extends AppModel private function __checkIfEventIsBlockedBeforePull($event) { - if (Configure::read('MISP.enableEventBlacklisting') !== false) { - $this->EventBlacklist = ClassRegistry::init('EventBlacklist'); - $r = $this->EventBlacklist->find('first', array('conditions' => array('event_uuid' => $event['Event']['uuid']))); + if (Configure::read('MISP.enableEventBlocklisting') !== false) { + $this->EventBlocklist = ClassRegistry::init('EventBlocklist'); + $r = $this->EventBlocklist->find('first', array('conditions' => array('event_uuid' => $event['Event']['uuid']))); if (!empty($r)) { return true; } @@ -2847,29 +2847,29 @@ class Server extends AppModel $eventUuids = array_column($eventArray, 'uuid'); } } else { - if (Configure::read('MISP.enableEventBlacklisting') !== false) { - $this->EventBlacklist = ClassRegistry::init('EventBlacklist'); - $blacklistHits = $this->EventBlacklist->find('list', array( + if (Configure::read('MISP.enableEventBlocklisting') !== false) { + $this->EventBlocklist = ClassRegistry::init('EventBlocklist'); + $blocklistHits = $this->EventBlocklist->find('list', array( 'recursive' => -1, - 'conditions' => array('EventBlacklist.event_uuid' => array_column($eventArray, 'uuid')), - 'fields' => array('EventBlacklist.event_uuid', 'EventBlacklist.event_uuid'), + 'conditions' => array('EventBlocklist.event_uuid' => array_column($eventArray, 'uuid')), + 'fields' => array('EventBlocklist.event_uuid', 'EventBlocklist.event_uuid'), )); foreach ($eventArray as $k => $event) { - if (isset($blacklistHits[$event['uuid']])) { + if (isset($blocklistHits[$event['uuid']])) { unset($eventArray[$k]); } } } - if (Configure::read('MISP.enableOrgBlacklisting') !== false) { - $this->OrgBlacklist = ClassRegistry::init('OrgBlacklist'); - $blacklistHits = $this->OrgBlacklist->find('list', array( + if (Configure::read('MISP.enableOrgBlocklisting') !== false) { + $this->OrgBlocklist = ClassRegistry::init('OrgBlocklist'); + $blocklistHits = $this->OrgBlocklist->find('list', array( 'recursive' => -1, - 'conditions' => array('OrgBlacklist.org_uuid' => array_unique(array_column($eventArray, 'orgc_uuid'))), - 'fields' => array('OrgBlacklist.org_uuid', 'OrgBlacklist.org_uuid'), + 'conditions' => array('OrgBlocklist.org_uuid' => array_unique(array_column($eventArray, 'orgc_uuid'))), + 'fields' => array('OrgBlocklist.org_uuid', 'OrgBlocklist.org_uuid'), )); foreach ($eventArray as $k => $event) { - if (isset($blacklistHits[$event['orgc_uuid']])) { + if (isset($blocklistHits[$event['orgc_uuid']])) { unset($eventArray[$k]); } } diff --git a/app/View/Elements/genericElements/SideMenu/side_menu.ctp b/app/View/Elements/genericElements/SideMenu/side_menu.ctp index 6c22f8b8e..dd7a5b271 100644 --- a/app/View/Elements/genericElements/SideMenu/side_menu.ctp +++ b/app/View/Elements/genericElements/SideMenu/side_menu.ctp @@ -380,16 +380,16 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider'); } if (!$isSiteAdmin && (int)$me['org_id'] === Configure::read('MISP.host_org_id')) { echo $divider; - if (Configure::read('MISP.enableEventBlacklisting') !== false) { + if (Configure::read('MISP.enableEventBlocklisting') !== false) { echo $this->element('/genericElements/SideMenu/side_menu_link', array( - 'element_id' => 'eventBlacklistsAdd', - 'url' => $baseurl . '/eventBlacklists/add', - 'text' => __('Blacklists Event') + 'element_id' => 'eventBlocklistsAdd', + 'url' => $baseurl . '/eventBlocklists/add', + 'text' => __('Blocklists Event') )); echo $this->element('/genericElements/SideMenu/side_menu_link', array( - 'element_id' => 'eventBlacklists', - 'url' => $baseurl . '/eventBlacklists', - 'text' => __('Manage Event Blacklists') + 'element_id' => 'eventBlocklists', + 'url' => $baseurl . '/eventBlocklists', + 'text' => __('Manage Event Blocklists') )); } } @@ -867,28 +867,28 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider'); 'url' => $baseurl . '/servers/eventBlockRule', 'text' => __('Event Block Rules') )); - if (Configure::read('MISP.enableEventBlacklisting') !== false) { + if (Configure::read('MISP.enableEventBlocklisting') !== false) { echo $this->element('/genericElements/SideMenu/side_menu_link', array( - 'element_id' => 'eventBlacklistsAdd', - 'url' => $baseurl . '/eventBlacklists/add', - 'text' => __('Blacklists Event') + 'element_id' => 'eventBlocklistsAdd', + 'url' => $baseurl . '/eventBlocklists/add', + 'text' => __('Blocklists Event') )); echo $this->element('/genericElements/SideMenu/side_menu_link', array( - 'element_id' => 'eventBlacklists', - 'url' => $baseurl . '/eventBlacklists', - 'text' => __('Manage Event Blacklists') + 'element_id' => 'eventBlocklists', + 'url' => $baseurl . '/eventBlocklists', + 'text' => __('Manage Event Blocklists') )); } - if (!Configure::check('MISP.enableOrgBlacklisting') || Configure::read('MISP.enableOrgBlacklisting') !== false) { + if (!Configure::check('MISP.enableOrgBlocklisting') || Configure::read('MISP.enableOrgBlocklisting') !== false) { echo $this->element('/genericElements/SideMenu/side_menu_link', array( - 'element_id' => 'orgBlacklistsAdd', - 'url' => $baseurl . '/orgBlacklists/add', - 'text' => __('Blacklists Organisation') + 'element_id' => 'orgBlocklistsAdd', + 'url' => $baseurl . '/orgBlocklists/add', + 'text' => __('Blocklists Organisation') )); echo $this->element('/genericElements/SideMenu/side_menu_link', array( - 'element_id' => 'orgBlacklists', - 'url' => $baseurl . '/orgBlacklists', - 'text' => __('Manage Org Blacklists') + 'element_id' => 'orgBlocklists', + 'url' => $baseurl . '/orgBlocklists', + 'text' => __('Manage Org Blocklists') )); } } diff --git a/app/View/Elements/global_menu.ctp b/app/View/Elements/global_menu.ctp index 138c67294..0188b0d37 100755 --- a/app/View/Elements/global_menu.ctp +++ b/app/View/Elements/global_menu.ctp @@ -90,23 +90,23 @@ array( 'type' => 'separator', 'requirement' => - Configure::read('MISP.enableEventBlacklisting') !== false && + Configure::read('MISP.enableEventBlocklisting') !== false && !$isSiteAdmin && (int)$me['org_id'] === (int)Configure::read('MISP.host_org_id') ), array( - 'text' => __('Blacklist Event'), - 'url' => $baseurl . '/eventBlacklists/add', + 'text' => __('Blocklist Event'), + 'url' => $baseurl . '/eventBlocklists/add', 'requirement' => - Configure::read('MISP.enableEventBlacklisting') !== false && + Configure::read('MISP.enableEventBlocklisting') !== false && !$isSiteAdmin && (int)$me['org_id'] === (int)Configure::read('MISP.host_org_id') ), array( - 'text' => __('Manage Event Blacklists'), - 'url' => $baseurl . '/eventBlacklists', + 'text' => __('Manage Event Blocklists'), + 'url' => $baseurl . '/eventBlocklists', 'requirement' => - Configure::read('MISP.enableEventBlacklisting') !== false && + Configure::read('MISP.enableEventBlocklisting') !== false && !$isSiteAdmin && (int)$me['org_id'] === (int)Configure::read('MISP.host_org_id') ), @@ -392,31 +392,31 @@ ), array( 'type' => 'separator', - 'requirement' => Configure::read('MISP.enableEventBlacklisting') !== false && $isSiteAdmin + 'requirement' => Configure::read('MISP.enableEventBlocklisting') !== false && $isSiteAdmin ), array( - 'text' => __('Blacklist Event'), - 'url' => $baseurl . '/eventBlacklists/add', - 'requirement' => Configure::read('MISP.enableEventBlacklisting') !== false && $isSiteAdmin + 'text' => __('Blocklist Event'), + 'url' => $baseurl . '/eventBlocklists/add', + 'requirement' => Configure::read('MISP.enableEventBlocklisting') !== false && $isSiteAdmin ), array( - 'text' => __('Manage Event Blacklists'), - 'url' => $baseurl . '/eventBlacklists', - 'requirement' => Configure::read('MISP.enableEventBlacklisting') !== false && $isSiteAdmin + 'text' => __('Manage Event Blocklists'), + 'url' => $baseurl . '/eventBlocklists', + 'requirement' => Configure::read('MISP.enableEventBlocklisting') !== false && $isSiteAdmin ), array( 'type' => 'separator', - 'requirement' => Configure::read('MISP.enableEventBlacklisting') !== false && $isSiteAdmin + 'requirement' => Configure::read('MISP.enableEventBlocklisting') !== false && $isSiteAdmin ), array( - 'text' => __('Blacklist Organisation'), - 'url' => $baseurl . '/orgBlacklists/add', - 'requirement' => Configure::read('MISP.enableOrgBlacklisting') !== false && $isSiteAdmin + 'text' => __('Blocklist Organisation'), + 'url' => $baseurl . '/orgBlocklists/add', + 'requirement' => Configure::read('MISP.enableOrgBlocklisting') !== false && $isSiteAdmin ), array( - 'text' => __('Manage Org Blacklists'), - 'url' => $baseurl . '/orgBlacklists', - 'requirement' => Configure::read('MISP.enableOrgBlacklisting') !== false && $isSiteAdmin + 'text' => __('Manage Org Blocklists'), + 'url' => $baseurl . '/orgBlocklists', + 'requirement' => Configure::read('MISP.enableOrgBlocklisting') !== false && $isSiteAdmin ), ) ), diff --git a/app/View/EventBlacklists/add.ctp b/app/View/EventBlocklists/add.ctp similarity index 88% rename from app/View/EventBlacklists/add.ctp rename to app/View/EventBlocklists/add.ctp index 6c36fe418..8fe93df9c 100644 --- a/app/View/EventBlacklists/add.ctp +++ b/app/View/EventBlocklists/add.ctp @@ -1,7 +1,7 @@ -
-Form->create('EventBlacklist');?> +
+Form->create('EventBlocklist');?>
- +

Form->input('uuids', array( @@ -39,8 +39,8 @@ echo $this->Form->end();
element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlacklistsAdd')); + echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlocklistsAdd')); } else { - echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlacklistsAdd')); + echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlocklistsAdd')); } ?> diff --git a/app/View/EventBlacklists/edit.ctp b/app/View/EventBlocklists/edit.ctp similarity index 74% rename from app/View/EventBlacklists/edit.ctp rename to app/View/EventBlocklists/edit.ctp index a304803b5..4fb732b7c 100644 --- a/app/View/EventBlacklists/edit.ctp +++ b/app/View/EventBlocklists/edit.ctp @@ -1,7 +1,7 @@ -
-Form->create('EventBlacklist');?> +
+Form->create('EventBlocklist');?>
- +

Form->input('uuids', array( @@ -10,26 +10,26 @@ 'div' => 'input clear', 'class' => 'input-xxlarge', 'disabled' => 'disabled', - 'default' => $blockEntry['EventBlacklist']['event_uuid'] + 'default' => $blockEntry['EventBlocklist']['event_uuid'] )); echo $this->Form->input('event_orgc', array( 'div' => 'input clear', 'class' => 'input-xxlarge', 'label' => __('Creating organisation'), - 'default' => $blockEntry['EventBlacklist']['event_orgc'], + 'default' => $blockEntry['EventBlocklist']['event_orgc'], )); echo $this->Form->input('event_info', array( 'type' => 'textarea', 'div' => 'input clear', 'class' => 'input-xxlarge', 'label' => __('Event info'), - 'default' => $blockEntry['EventBlacklist']['event_info'], + 'default' => $blockEntry['EventBlocklist']['event_info'], )); echo $this->Form->input('comment', array( 'type' => 'textarea', 'div' => 'input clear', 'class' => 'input-xxlarge', - 'default' => $blockEntry['EventBlacklist']['comment'], + 'default' => $blockEntry['EventBlocklist']['comment'], )); ?>
@@ -40,8 +40,8 @@ echo $this->Form->end();
element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlacklistsAdd')); + echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlocklistsAdd')); } else { - echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlacklistsAdd')); + echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'eventBlocklistsAdd')); } ?> diff --git a/app/View/EventBlacklists/index.ctp b/app/View/EventBlocklists/index.ctp similarity index 78% rename from app/View/EventBlacklists/index.ctp rename to app/View/EventBlocklists/index.ctp index 4d867137d..85b8884aa 100644 --- a/app/View/EventBlacklists/index.ctp +++ b/app/View/EventBlocklists/index.ctp @@ -1,5 +1,5 @@ -
-

+
+