chg: [workflow:matchingItems] Improved any_value and any_value_from for IF::Generic and Filter::Generic

2023-07-12 14:03:14 -04:00 · 2023-07-12 14:03:14 -04:00 · 44e031d6e6
parent 774040bdf0
commit 44e031d6e6
4 changed files with 57 additions and 10 deletions
--- a/app/Model/WorkflowModules/WorkflowBaseModule.php
+++ b/app/Model/WorkflowModules/WorkflowBaseModule.php
@ -217,7 +217,7 @@ class WorkflowBaseModule
            if (in_array($operator, ['equals', 'not_equals'])) {
                $subItem = !empty($subItem) ? $subItem[0] : $subItem;
            }
-            if ($operator == 'any_value_in' && !empty($subItem)) {
+            if ($operator == 'any_value' && !empty($subItem)) {
                continue;
            } else if (!$this->evaluateCondition($subItem, $operator, $value)) {
                unset($items[$i]);
@ -310,12 +310,16 @@ class WorkflowBaseActionModule extends WorkflowBaseModule

    protected function _buildFastLookupForRoamingData($rData): void
    {
-        foreach ($rData['Event']['Attribute'] as $i => $attribute) {
-            $this->fastLookupArrayMispFormat[$attribute['id']] = $i;
+        if (!empty($rData['Event']['Attribute'])) {
+            foreach ($rData['Event']['Attribute'] as $i => $attribute) {
+                $this->fastLookupArrayMispFormat[$attribute['id']] = $i;
+            }
        }
-        foreach ($rData['Event']['Object'] as $j => $object) {
-            foreach ($object['Attribute'] as $i => $attribute) {
-                $this->fastLookupArrayMispFormat[$attribute['id']] = [$j, $i];
+        if (!empty($rData['Event']['Object'])) {
+            foreach ($rData['Event']['Object'] as $j => $object) {
+                foreach ($object['Attribute'] as $i => $attribute) {
+                    $this->fastLookupArrayMispFormat[$attribute['id']] = [$j, $i];
+                }
            }
        }
        foreach ($rData['Event']['_AttributeFlattened'] as $i => $attribute) {
--- a/app/Model/WorkflowModules/logic/Module_generic_filter_data.php
+++ b/app/Model/WorkflowModules/logic/Module_generic_filter_data.php
@ -16,7 +16,8 @@ class Module_generic_filter_data extends WorkflowFilteringLogicModule
        'not_in' => 'Not in',
        'equals' => 'Equals',
        'not_equals' => 'Not equals',
-        'any_value_in' => 'Any value in',
+        'any_value' => 'Any value',
+        'in_or' => 'Any value from',
    ];

    public function __construct()
@ -41,6 +42,18 @@ class Module_generic_filter_data extends WorkflowFilteringLogicModule
                'label' => __('Value'),
                'type' => 'input',
                'placeholder' => 'tlp:red',
+                'display_on' => [
+                    'operator' => ['in', 'not_in', 'equals', 'not_equals',],
+                ],
+            ],
+            [
+                'id' => 'value_list',
+                'label' => __('Value list'),
+                'type' => 'input',
+                'placeholder' => '[\'ip-src\', \'ip-dst\']',
+                'display_on' => [
+                    'operator' => 'in_or',
+                ],
            ],
            [
                'id' => 'operator',
@ -66,6 +79,8 @@ class Module_generic_filter_data extends WorkflowFilteringLogicModule
        $path = $params['hash_path']['value'];
        $operator = $params['operator']['value'];
        $value = $params['value']['value'];
+        $value_list = $params['value_list']['value'];
+        $valueToEvaluate = $operator == 'in_or' ? $value_list : $value;
        $filteringLabel = $params['filtering-label']['value'];
        $rData = $roamingData->getData();

@ -77,7 +92,7 @@ class Module_generic_filter_data extends WorkflowFilteringLogicModule
            'selector' => $selector,
            'path' => $path,
            'operator' => $operator,
-            'value' => $value,
+            'value' => $valueToEvaluate,
        ];

        $roamingData->setData($newRData);
--- a/app/Model/WorkflowModules/logic/Module_generic_if.php
+++ b/app/Model/WorkflowModules/logic/Module_generic_if.php
@ -17,6 +17,8 @@ class Module_generic_if extends WorkflowBaseLogicModule
        'not_in' => 'Not in',
        'equals' => 'Equals',
        'not_equals' => 'Not equals',
+        'any_value' => 'Any value',
+        'in_or' => 'Any value from',
    ];

    public function __construct()
@ -28,6 +30,19 @@ class Module_generic_if extends WorkflowBaseLogicModule
                'label' => 'Value',
                'type' => 'input',
                'placeholder' => 'tlp:red',
+                'display_on' => [
+                    'operator' => ['in', 'not_in', 'equals', 'not_equals',],
+                ],
+            ],
+            [
+                'id' => 'value_list',
+                'label' => __('Value list'),
+                'type' => 'picker',
+                'picker_create_new' => true,
+                'placeholder' => '[\'ip-src\', \'ip-dst\']',
+                'display_on' => [
+                    'operator' => 'in_or',
+                ],
            ],
            [
                'id' => 'operator',
@ -52,6 +67,8 @@ class Module_generic_if extends WorkflowBaseLogicModule
        $path = $params['hash_path']['value'];
        $operator = $params['operator']['value'];
        $value = $params['value']['value'];
+        $value_list = $params['value_list']['value'];
+        $valueToEvaluate = $operator == 'in_or' ? $value_list : $value;
        $data = $roamingData->getData();
        $extracted = [];
        if ($operator == 'equals' || $operator == 'not_equals') {
@ -59,7 +76,10 @@ class Module_generic_if extends WorkflowBaseLogicModule
        } else {
            $extracted = Hash::extract($data, $path);
        }
-        $eval = $this->evaluateCondition($extracted, $operator, $value);
+        if ($operator == 'any_value' && !empty($extracted)) {
+            return true;
+        }
+        $eval = $this->evaluateCondition($extracted, $operator, $valueToEvaluate);
        return !empty($eval);
    }
 }
--- a/app/webroot/js/workflows-editor/workflows-editor.js
+++ b/app/webroot/js/workflows-editor/workflows-editor.js
@ -1473,10 +1473,18 @@ function genSelect(options, forNode = true) {
        $select.attr('size', 1)
    }
    if (options.picker_create_new) {
+        options.multiple = true
        $select.attr('picker_create_new', 1)
+        $select.prop('multiple', true)
        if (!options.options) {
            options.options = []
-            $select.prop('multiple', true)
+        }
+        if (options.value) {
+            if (Array.isArray(options.value)) {
+                options.options = options.options.concat(options.value)
+            } else {
+                options.options.push(options.value)
+            }
        }
    }
    var selectOptions = options.options