MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: Further work on the soft deletes

pull/1125/head
Iglocska 2016-05-10 10:31:56 +02:00
parent 08b4c7eed5
commit 4020628df4
12 changed files with 164 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/AttributesController.php
View File

@ -888,7 +888,7 @@ class AttributesController extends AppController {
'fields' => array('id', 'event_id'),
));
$this->set('event_id', $attribute['Attribute']['event_id']);
$this->render('ajax/attributeConfirmationForm');
$this->render('ajax/attributeRestorationForm');
}
} else {
if (!$this->request->is('post') && !$this->_isRest()) throw new MethodNotAllowedException();

9
app/Controller/EventsController.php
View File

@ -661,7 +661,9 @@ class EventsController extends AppController {
}
public function viewEventAttributes($id, $all = false) {
$results = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $id));
$conditions = array('eventid' => $id);
if (isset($this->params['named']['deleted']) && $this->params['named']['deleted']) $conditions['deleted'] = true;
$results = $this->Event->fetchEvent($this->Auth->user(), $conditions);
if (empty($results)) throw new NotFoundException('Invalid event');
$event = &$results[0];
$params = $this->Event->rearrangeEventForView($event, $this->passedArgs, $all);
@ -683,7 +685,9 @@ class EventsController extends AppController {
$modules = $this->Server->getEnabledModules();
$this->set('modules', $modules);
}
$this->set('deleted', (isset($this->params['named']['deleted']) && $this->params['named']['deleted']) ? true : false);
$this->set('typeGroups', array_keys($this->Event->Attribute->typeGroupings));
$this->set('attributeFilter', isset($this->params['named']['attributeFilter']) ? $this->params['named']['attributeFilter'] : 'all');
$this->disableCache();
$this->layout = 'ajax';
$this->set('currentUri', $this->params->here);
@ -796,13 +800,14 @@ class EventsController extends AppController {
} else {
$conditions['includeAttachments'] = true;
}
if (isset($this->request->query['deleted']) && $this->request->query['deleted']) $conditions['deleted'] = true;
if (isset($this->params['named']['deleted']) && $this->params['named']['deleted']) $conditions['deleted'] = true;
$results = $this->Event->fetchEvent($this->Auth->user(), $conditions);
if (empty($results)) throw new NotFoundException('Invalid event');
$event = &$results[0];
if ($this->_isRest()) {
$this->set('event', $event);
}
$this->set('deleted', isset($this->params['named']['deleted']) && $this->params['named']['deleted']);
if (!$this->_isRest()) $this->__viewUI($event, $continue, $fromEvent);
}

1
app/Controller/ModulesController.php Normal file
View File

@ -0,0 +1 @@
<?php

4
app/Model/Event.php
View File

@ -692,7 +692,7 @@ class Event extends AppModel {
public function uploadEventToServer($event, $server, $HttpSocket = null) {
$this->Server = ClassRegistry::init('Server');
$push = $this->Server->checkVersionCompatibility($server['Server']['id'])['canPush'];
if ($push !== true) {
if (!isset($push['canPush']) || !$push['canPush']) {
if ($push === 'mangle' && $event['Event']['distribution'] != 4) {
$event['Event']['orgc'] = $event['Orgc']['name'];
$event['mangle'] = true;
@ -1078,7 +1078,7 @@ class Event extends AppModel {
)
);
if (!$proposalDownload) {
$uri = $url . '/events/' . $eventId . '?deleted=true';
$uri = $url . '/events/' . $eventId . '/deleted:true';
} else {
$uri = $url . '/shadow_attributes/getProposalsByUuid/' . $eventId;
}

3
app/Model/Log.php
View File

@ -44,7 +44,8 @@ class Log extends AppModel {
'disable',
'accept_delegation',
'request_delegation',
'merge'
'merge',
'undelete'
)),
'message' => 'Options : ...'
)

68
app/Model/Module.php Normal file
View File

@ -0,0 +1,68 @@
<?php
App::uses('AppModel', 'Model');
class Module extends AppModel {
public $useTable = false;
public function getEnrichmentModules() {
if (!Configure::read('Plugin.Enrichment_services_enable')) return 'Enrichment service not enabled.';
$url = Configure::read('Plugin.Enrichment_services_url') ? Configure::read('Plugin.Enrichment_services_url') : $this->serverSettings['Plugin']['Enrichment_services_url']['value'];
$port = Configure::read('Plugin.Enrichment_services_port') ? Configure::read('Plugin.Enrichment_services_port') : $this->serverSettings['Plugin']['Enrichment_services_port']['value'];
App::uses('HttpSocket', 'Network/Http');
$httpSocket = new HttpSocket();
try {
$response = $httpSocket->get($url . ':' . $port . '/modules');
} catch (Exception $e) {
return 'Enrichment service not reachable.';
}
$modules = json_decode($response->body, true);
if (!empty($modules)) {
$result = array('modules' => $modules);
foreach ($modules as &$module) {
if ($module['type'] !== 'expansion') continue;
foreach ($module['mispattributes']['input'] as $attribute) {
$result['types'][$attribute][] = $module['name'];
}
}
return $result;
} else return 'The enrichment service reports that it found no enrichment modules.';
}
public function getEnabledModules() {
$modules = $this->getEnrichmentModules();
if (is_array($modules)) {
foreach ($modules['modules'] as $k => &$module) {
if (!Configure::read('Plugin.Enrichment_' . $module['name'] . '_enabled')) {
unset($modules['modules'][$k]);
}
}
}
if (!isset($modules) || empty($modules)) $modules = array();
if (isset($modules['modules']) && !empty($modules['modules'])) $modules['modules'] = array_values($modules['modules']);
$types = array();
$hover_types = array();
if (!is_array($modules)) return array();
foreach ($modules['modules'] as $temp) {
foreach ($temp['mispattributes']['input'] as $input) {
if (!isset($temp['meta']['module-type']) || in_array('expansion', $temp['meta']['module-type'])) $types[$input][] = $temp['name'];
if (isset($temp['meta']['module-type']) && in_array('hover', $temp['meta']['module-type'])) $hover_types[$input][] = $temp['name'];
}
}
$modules['types'] = $types;
$modules['hover_type'] = $hover_types;
return $modules;
}
public function sendRequest() {
}
public function queryModule() {
}
private function queryModule() {
}
}

4
app/Model/Server.php
View File

@ -1479,7 +1479,7 @@ class Server extends AppModel {
$this->read(null, $id);
$url = $this->data['Server']['url'];
$push = $this->checkVersionCompatibility($id, $user)['canPush'];
if (!$push) {
if (!isset($push['canPush']) || !$push['canPush']) {
if ($jobId) {
$job->id = $jobId;
$job->saveField('progress', 100);
@ -2305,7 +2305,7 @@ class Server extends AppModel {
'title' => ucfirst($issueLevel) . ': ' . $response,
));
}
return array('success' => $success, 'response' => $response, 'canPush' => $canPush);
return array('success' => $success, 'response' => $response, 'canPush' => $canPush, 'version' => $remoteVersion);
}
public function isJson($string) {

4
app/Plugin/SysLogLogable/Model/Behavior/SysLogLogableBehavior.php
View File

@ -51,6 +51,10 @@ class SysLogLogableBehavior extends LogableBehavior {
$logData['Log']['action'] = 'delete';
unset($this->schema['change']);
}
if ($Model->alias === 'Attribute' && isset($Model->data[$Model->alias]['deleted']) && !$Model->data[$Model->alias]['deleted'] && $this->old[$Model->alias]['deleted']) {
$logData['Log']['action'] = 'undelete';
unset($this->schema['change']);
}
}
}

6
app/View/Attributes/ajax/attributeConfirmationForm.ctp
View File

@ -2,13 +2,13 @@
<?php
echo $this->Form->create('Attribute', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
?>
<legend>Attribute Restoration</legend>
<legend>Attribute Deletion</legend>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<p>Are you sure you want to restore Attribute #<?php echo $id?>?</p>
<p>Are you sure you want to delete Attribute #<?php echo $id?>?</p>
<table>
<tr>
<td style="vertical-align:top">
<span id="PromptYesButton" class="btn btn-primary" onClick="submitDeletion(<?php echo $event_id; ?>, 'restore', 'attributes', <?php echo $id;?>)">Yes</span>
<span id="PromptYesButton" class="btn btn-primary" onClick="submitDeletion(<?php echo $event_id; ?>, 'delete', 'attributes', <?php echo $id;?>)">Yes</span>
</td>
<td style="width:540px;">
</td>

6
app/View/Attributes/ajax/attributeRestorationForm.ctp
View File

@ -2,13 +2,13 @@
<?php
echo $this->Form->create('Attribute', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
?>
<legend>Attribute Deletion</legend>
<legend>Attribute Restoration</legend>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<p>Are you sure you want to delete Attribute #<?php echo $id?>?</p>
<p>Are you sure you want to undelete Attribute #<?php echo $id?>?</p>
<table>
<tr>
<td style="vertical-align:top">
<span id="PromptYesButton" class="btn btn-primary" onClick="submitDeletion(<?php echo $event_id; ?>, 'delete', 'attributes', <?php echo $id;?>)">Yes</span>
<span id="PromptYesButton" class="btn btn-primary" onClick="submitDeletion(<?php echo $event_id; ?>, 'restore', 'attributes', <?php echo $id;?>)">Yes</span>
</td>
<td style="width:540px;">
</td>

78
app/View/Elements/eventattribute.ctp
View File

@ -48,19 +48,20 @@
}
?>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'url' => array('controller' => 'events', 'action' => 'viewEventAttributes', $event['Event']['id']),
'update' => '#attributes_div',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<ul>
<?php
$url = array_merge(array('controller' => 'events', 'action' => 'viewEventAttributes', $event['Event']['id']), $this->request->named);
$this->Paginator->options(array(
'url' => $url,
'update' => '#attributes_div',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<li class="all <?php if ($all) echo 'disabled'; ?>">
<?php
if ($all):
@ -72,8 +73,8 @@
endif;
?>
</li>
</ul>
</div>
</ul>
</div>
<br />
<div id="edit_object_div">
<?php
@ -105,6 +106,7 @@
'label' => false,
));
echo $this->Form->end();
if (!isset($attributeFilter)) $attributeFilter = 'all';
?>
</div>
<div id="attributeList" class="attributeListContainer">
@ -126,14 +128,18 @@
</div>
<div class="tabMenu tabMenuFiltersBlock noPrint" style="padding-right:0px !important;">
<span id="filter_header" class="attribute_filter_header">Filters: </span>
<div id="filter_all" title="Show all attributes" class="attribute_filter_text_active" onClick="filterAttributes('all', '<?php echo h($event['Event']['id']); ?>');">All</div>
<div id="filter_all" title="Show all attributes" class="attribute_filter_text<?php if ($attributeFilter == 'all') echo '_active'; ?>" onClick="filterAttributes('all', '<?php echo h($event['Event']['id']); ?>');">All</div>
<?php foreach ($typeGroups as $group): ?>
<div id="filter_<?php echo $group; ?>" title="Only show <?php echo $group; ?> related attributes" class="attribute_filter_text" onClick="filterAttributes('<?php echo $group; ?>', '<?php echo h($event['Event']['id']); ?>');"><?php echo ucfirst($group); ?></div>
<div id="filter_<?php echo $group; ?>" title="Only show <?php echo $group; ?> related attributes" class="attribute_filter_text<?php if ($attributeFilter == $group) echo '_active'; ?>" onClick="filterAttributes('<?php echo $group; ?>', '<?php echo h($event['Event']['id']); ?>');"><?php echo ucfirst($group); ?></div>
<?php endforeach; ?>
<div id="filter_proposal" title="Only show proposals" class="attribute_filter_text" onClick="filterAttributes('proposal', '<?php echo h($event['Event']['id']); ?>');">Proposal</div>
<div id="filter_correlation" title="Only show correlating attributes" class="attribute_filter_text" onClick="filterAttributes('correlation', '<?php echo h($event['Event']['id']); ?>');">Correlation</div>
<div id="filter_warning" title="Only show potentially false positive attributes" class="attribute_filter_text" onClick="filterAttributes('warning', '<?php echo h($event['Event']['id']); ?>');">Warnings</div>
<div id="filter_proposal" title="Only show proposals" class="attribute_filter_text<?php if ($attributeFilter == 'proposal') echo '_active'; ?>" onClick="filterAttributes('proposal', '<?php echo h($event['Event']['id']); ?>');">Proposal</div>
<div id="filter_correlation" title="Only show correlating attributes" class="attribute_filter_text<?php if ($attributeFilter == 'correlation') echo '_active'; ?>" onClick="filterAttributes('correlation', '<?php echo h($event['Event']['id']); ?>');">Correlation</div>
<div id="filter_warning" title="Only show potentially false positive attributes" class="attribute_filter_text<?php if ($attributeFilter == 'warning') echo '_active'; ?>" onClick="filterAttributes('warning', '<?php echo h($event['Event']['id']); ?>');">Warnings</div>
<?php if ($me['Role']['perm_sync']): ?>
<div id="filter_deleted" title="Include deleted attributes" class="attribute_filter_text<?php if ($deleted) echo '_active'; ?>" onClick="toggleDeletedAttributes('<?php echo Router::url( $this->here, true );?>');">Include deleted attributes</div>
<?php endif; ?>
</div>
<table class="table table-striped table-condensed">
<tr>
<?php if ($mayModify && !empty($event['objects'])): ?>
@ -454,19 +460,20 @@
</table>
</div>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'url' => array('controller' => 'events', 'action' => 'viewEventAttributes', $event['Event']['id']),
'update' => '#attributes_div',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<ul>
<?php
$url = array_merge(array('controller' => 'events', 'action' => 'viewEventAttributes', $event['Event']['id']), $this->request->named);
$this->Paginator->options(array(
'url' => $url,
'update' => '#attributes_div',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<li class="all <?php if ($all) echo 'disabled'; ?>">
<?php
if ($all):
@ -478,11 +485,12 @@
endif;
?>
</li>
</ul>
</div>
</ul>
</div>
<script type="text/javascript">
var currentUri = "<?php echo isset($currentUri) ? h($currentUri) : '/events/viewEventAttributes/' . h($event['Event']['id']); ?>";
var ajaxResults = [];
var deleted = <?php echo (isset($deleted) && $deleted) ? 'true' : 'false';?>;
$(document).ready(function(){
popoverStartup();
$('input:checkbox').removeAttr('checked');

33
app/webroot/js/misp2.4.42.js
View File

@ -5,8 +5,8 @@ String.prototype.ucfirst = function() {
function deleteObject(type, action, id, event) {
var destination = 'attributes';
if (type == 'shadow_attributes') destination = 'shadow_attributes';
if (type == 'template_elements') destination = 'template_elements';
$.get( "/" + destination + "/" + action + "/" + id, function(data) {
else if (type == 'template_elements') destination = 'template_elements';
$.get( "/" + destination + "/" + action + "/" + id + parameters, function(data) {
$("#confirmation_box").fadeIn();
$("#gray_out").fadeIn();
$("#confirmation_box").html(data);
@ -2292,16 +2292,39 @@ function syncUserSelected() {
}
function filterAttributes(filter, id) {
url = "/events/viewEventAttributes/" + id + "/attributeFilter:" + filter;
if (deleted) url += '/deleted:true';
$.ajax({
type:"get",
url:"/events/viewEventAttributes/" + id + "/attributeFilter:" + filter,
url:url,
beforeSend: function (XMLHttpRequest) {
$(".loading").show();
},
success:function (data) {
$("#attributes_div").html(data);
$(".loading").hide();
},
error:function() {
showMessage('fail', 'Something went wrong - could not fetch attributes.');
}
});
}
function toggleDeletedAttributes(url) {
url = url.replace(/view\//i, 'viewEventAttributes/');
if (url.indexOf('deleted:') > -1) {
url = url.replace(/\/deleted:[^\/]*/i, '');
} else {
url = url + '/deleted:true'
}
$.ajax({
type:"get",
url:url,
beforeSend: function (XMLHttpRequest) {
$(".loading").show();
},
success:function (data) {
$("#attributes_div").html(data);
$(".attribute_filter_text_active").removeClass("attribute_filter_text_active").addClass("attribute_filter_text");
$("#filter_" + filter).removeClass("attribute_filter_text").addClass("attribute_filter_text_active");
$(".loading").hide();
},
error:function() {