MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Sync. 

Sync worked, but we did not know what to do with user_id and org.
Now, on sync, anonymize the user_id, get the Server.organization and put
that into Event.org.
And, display owning flag if Event.user_id or get the Server.logo
belonging to Event.org (=Server.organization) when Event.user_id is
empty (=0).

To this there is organization name and logo in bootstrap and
other organizations names and logos in Servers.
pull/61/head
noud 2012-08-28 15:36:14 +02:00
parent 6b874a6aff
commit 4ae71fc963
9 changed files with 73 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Config/bootstrap.php
View File

@ -91,6 +91,8 @@ Configure::write('CyDefSIG.name', 'CyDefSIG');
Configure::write('CyDefSIG.header', 'CyDefSIG: Cyber Defence Signature Sharing Platform');
Configure::write('CyDefSIG.footer', 'Powered by CyDefSIG © Belgian Defense CERT & NCIRC');
//Configure::write('CyDefSIG.logo', '/img/logo_big.gif');
Configure::write('CyDefSIG.org', 'BE MOD'); // if sync this will be Event.org content on the peer side
Configure::write('CyDefSIG.logo', 'logo_defense.jpg'); // used in Events::index for owned events
Configure::write('CyDefSIG.showorg', 'false'); // show the name of the organisation that uploaded the data

17
app/Controller/EventsController.php
View File

@ -72,6 +72,10 @@ class EventsController extends AppController {
$this->Session->setFlash('No GPG key set in your profile. To receive emails, submit your public key in your profile.');
}
$this->set('event_descriptions', $this->Event->field_descriptions);
$this->set('logo', Configure::read('CyDefSIG.logo'));
$this->set('logo_alt', Configure::read('CyDefSIG.org'));
$this->set('logos', ClassRegistry::init('Server')->getLogos());
}
/**
@ -204,7 +208,7 @@ class EventsController extends AppController {
*/
public function add() {
if ($this->request->is('post')) {
if ($this->_add($this->request->data, $this->Auth, $this->_isRest())) {
if ($this->_add($this->request->data, $this->Auth, $this->_isRest(),'')) {
if ($this->_isRest()) {
// REST users want to see the newly created event
$this->view($this->Event->getId());
@ -232,10 +236,12 @@ class EventsController extends AppController {
*
* @return bool true if success
*/
public function _add(&$data, &$auth, $fromXml) {
public function _add(&$data, &$auth, $fromXml, $or='') {
// force check userid and orgname to be from yourself
if (!$fromXml) $data['Event']['user_id'] = $auth->user('id');
$data['Event']['org'] = $auth->user('org');
else $data['Event']['user_id'] = '0';
if (!$fromXml) $data['Event']['org'] = $auth->user('org');
if (strlen($or)) $data['Event']['org'] = $or;
unset ($data['Event']['id']);
$this->Event->create();
@ -253,12 +259,13 @@ class EventsController extends AppController {
$data['Event']['private'] = true;
}
if (isset($data['Event']['uuid'])) {
if (isset($data['Event']['uuid'])) { // TODO here we should start RESTful dialog
// check if the uuid already exists
$existingEventCount = $this->Event->find('count', array('conditions' => array('Event.uuid'=>$data['Event']['uuid'])));
if ($existingEventCount > 0) {
$existingEvent = $this->Event->find('first', array('conditions' => array('Event.uuid'=>$data['Event']['uuid'])));
$data['Event']['id'] = $existingEvent['Event']['id'];
$data['Event']['org'] = $existingEvent['Event']['org'];
// attributes..
$c = 0;
if (isset($data['Attribute'])) {
@ -406,7 +413,7 @@ class EventsController extends AppController {
if ($this->Event->delete()) {
// delete the event from remote servers
if ('true' == Configure::read('CyDefSIG.sync')) {
if ('true' == Configure::read('CyDefSIG.sync')) { // TODO test..(!$this->_isRest()) &&
$this->_deleteEventFromServers($uuid);
}

4
app/Controller/ServersController.php
View File

@ -98,7 +98,7 @@ class ServersController extends AppController {
if ($this->request->is('post') || $this->request->is('put')) {
// say what fields are to be updated
$fieldList=array('url', 'push', 'pull');
$fieldList=array('url', 'push', 'pull', 'organization','logo');
if ("" != $this->request->data['Server']['authkey'])
$fieldList[] = 'authkey';
// Save the data
@ -177,7 +177,7 @@ class ServersController extends AppController {
$event['Event']['info'] .= "\n Imported from ".$this->Server->data['Server']['url'];
$eventsController = new EventsController();
try {
$result = $eventsController->_add($event, $this->Auth, $fromXml=true);
$result = $eventsController->_add($event, $this->Auth, $fromXml=true, $this->Server->data['Server']['organization']);
} catch (MethodNotAllowedException $e) {
if ($e->getMessage() == 'Event already exists') {
//$successes[] = $event_id; // commented given it's in a catch..

37
app/Model/Event.php
View File

@ -265,7 +265,7 @@ class Event extends AppModel {
unset($event['Attribute']);
// cleanup the array from things we do not want to expose
unset($event['Event']['org']);
//unset($event['Event']['org']);
// remove value1 and value2 from the output
foreach($event['Event']['Attribute'] as $key => &$attribute) {
// do not keep attributes that are private
@ -286,6 +286,7 @@ class Event extends AppModel {
// add the 'Imported from' conform ServersController.php:177
// no need to remove lateron cause on pushing server Event is already saved.
$event['Event']['info'] .= "\n Published from ".Configure::read('CyDefSIG.baseurl');
if ($event['Event']['user_id'] != '0') $event['Event']['org'] = Configure::read('CyDefSIG.org'); // TODO
// display the XML to the user
$xmlArray['Event'][] = $event['Event'];
@ -299,21 +300,23 @@ class Event extends AppModel {
// TODO NETWORK for now do not know how to catch the following..
// TODO NETWORK No route to host
$response = $HttpSocket->post($uri, $data, $request);
if ($response->isOk()) {
return true;
}
else {
try {
// parse the XML response and keep the reason why it failed
$xml_array = Xml::toArray(Xml::build($response->body));
} catch (XmlException $e) {
return true;
}
if (strpos($xml_array['response']['name'],"Event already exists")) { // strpos, so i can piggyback some value if needed.
return true;
} else {
return $xml_array['response']['name'];
}
if ($response->code == '200') { // 200 (OK) + entity-action-result
if ($response->isOk()) {
return true;
}
else {
try {
// parse the XML response and keep the reason why it failed
$xml_array = Xml::toArray(Xml::build($response->body));
} catch (XmlException $e) {
return true;
}
if (strpos($xml_array['response']['name'],"Event already exists")) { // strpos, so i can piggyback some value if needed.
return true;
} else {
return $xml_array['response']['name'];
}
}
}
}
}
@ -349,7 +352,7 @@ class Event extends AppModel {
// TODO NETWORK for now do not know how to catch the following..
// TODO NETWORK No route to host
$response = $HttpSocket->delete($uri, array(), $request);
// TODO REST, DELETE, no responce needed
// TODO REST, DELETE, some responce needed
}
}

11
app/Model/Server.php
View File

@ -94,5 +94,16 @@ class Server extends AppModel {
return $this->field('id', array('id' => $serverid, 'org' => $org)) === $serverid;
}
public function getLogos() {
$logos = array();
$results = $this->find('all',
array('recursive' => 0,
'fields' => 'Server.organization,Server.logo'
));
foreach ($results as $result ) {
$logos[$result['Server']['organization']] = $result['Server']['logo'];
}
return $logos;
}
}

5
app/View/Events/index.ctp
View File

@ -2,6 +2,7 @@
<h2>Events</h2>
<table cellpadding="0" cellspacing="0">
<tr>
<th></th>
<th><?php echo $this->Paginator->sort('id');?></th>
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
<th><?php echo $this->Paginator->sort('org');?></th>
@ -19,6 +20,10 @@
foreach ($events as $event):
?>
<tr>
<td class="short"><?php
if ($event['User']['email']) echo $this->Html->image($logo, array('alt' => $logo_alt,'width'=>'50','hight'=>'38'));
else echo $this->Html->image($logos[$event['Event']['org']], array('alt' => $event['Event']['org'],'width'=>'50','hight'=>'38'));
?></td>
<td class="short">
<?php echo $this->Html->link($event['Event']['id'], array('controller' => 'events', 'action' => 'view', $event['Event']['id'])); ?>
&nbsp;</td>

8
app/View/Servers/add.ctp Normal file → Executable file
View File

@ -7,6 +7,14 @@
'label' => 'Base URL',
'before' => $this->Html->div('forminfo', 'The base-url to the external server you want to sync with.<br/>Example: <i>https://foo.sig.mil.be</i>'),
));
echo $this->Form->input('organization', array(
'label' => 'Organization',
'before' => $this->Html->div('forminfo', 'The organization having the external server you want to sync with.<br/>Example: <i>BE</i>'),
));
echo $this->Form->input('logo', array(
'label' => 'Logo',
'before' => $this->Html->div('forminfo', 'The logo of the organization having the external server you want to sync with.<br/>Example: <i>jaune.jpg</i>'),
));
echo $this->Form->input('authkey', array(
'before' => $this->Html->div('forminfo', 'You can find the authentication key on your profile on the external server.'),
));

8
app/View/Servers/edit.ctp Normal file → Executable file
View File

@ -8,6 +8,14 @@
'label' => 'Base URL',
'before' => $this->Html->div('forminfo', 'The base-url to the external server you want to sync with.<br/>Example: <i>https://foo.sig.mil.be</i>'),
));
echo $this->Form->input('organization', array(
'label' => 'Organization',
'before' => $this->Html->div('forminfo', 'The organization having the external server you want to sync with.<br/>Example: <i>https://foo.sig.mil.be</i>'),
));
echo $this->Form->input('logo', array(
'label' => 'Logo',
'before' => $this->Html->div('forminfo', 'The logo of the organization having the external server you want to sync with.<br/>Example: <i>jaune.jpg</i>'),
));
echo $this->Form->input('authkey', array(
'before' => $this->Html->div('forminfo', 'You can find the authentication key on your profile on the external server.<br/><i>Leave empty if you don\'t want to change it</i>.'),
));

4
app/View/Servers/index.ctp
View File

@ -5,6 +5,8 @@
<th><?php echo $this->Paginator->sort('push');?></th>
<th><?php echo $this->Paginator->sort('pull');?></th>
<th><?php echo $this->Paginator->sort('url');?></th>
<th>From</th>
<th>Logo</th>
<?php if ($isAdmin): ?>
<th><?php echo $this->Paginator->sort('org');?></th>
<?php endif; ?>
@ -18,6 +20,8 @@
<td class="short" style="text-align: center;"><?php echo ($server['Server']['push'])? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="short" style="text-align: center;"><?php echo ($server['Server']['pull'])? 'Yes' : 'No'; ?>&nbsp;</td>
<td><?php echo h($server['Server']['url']); ?>&nbsp;</td>
<td><?php echo h($server['Server']['organization']); ?>&nbsp;</td>
<td><?php echo h($server['Server']['logo']); ?>&nbsp;</td>
<?php if ($isAdmin): ?>
<td class="short"><?php echo h($server['Server']['org']); ?>&nbsp;</td>
<?php endif; ?>