MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: Unpublish events when tagging/removing tags 

- same for galaxy clusters
- also, new ajax way of showing/hiding published status
pull/1784/head
iglocska 2016-12-22 17:30:27 +01:00
parent e8e248dd42
commit 4aec4e4beb
6 changed files with 81 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
app/Controller/EventsController.php
View File

@ -2898,7 +2898,7 @@ class EventsController extends AppController {
$tag_id = $tag['Tag']['id'];
}
$this->Event->recursive = -1;
$event = $this->Event->read(array('id', 'org_id', 'orgc_id', 'distribution', 'sharing_group_id'), $id);
$event = $this->Event->read(array(), $id);
if (!$this->_isSiteAdmin() && !$this->userRole['perm_sync']) {
if (!$this->userRole['perm_tagger'] || ($this->Auth->user('org_id') !== $event['Event']['org_id'] && $this->Auth->user('org_id') !== $event['Event']['orgc_id'])) {
@ -2925,9 +2925,13 @@ class EventsController extends AppController {
if (!empty($found)) return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Tag is already attached to this event.')), 'status'=>200));
$this->Event->EventTag->create();
if ($this->Event->EventTag->save(array('event_id' => $id, 'tag_id' => $tag_id))) {
$event['Event']['published'] = 0;
$date = new DateTime();
$event['Event']['timestamp'] = $date->getTimestamp();
$this->Event->save($event);
$log = ClassRegistry::init('Log');
$log->createLogEntry($this->Auth->user(), 'tag', 'Event', $id, 'Attached tag (' . $tag_id . ') "' . $tag['Tag']['name'] . '" to event (' . $id . ')', 'Event (' . $id . ') tagged as Tag (' . $tag_id . ')');
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Tag added.')), 'status'=>200));
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Tag added.', 'check_publish' => true)), 'status'=>200));
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Tag could not be added.')),'status'=>200));
}
@ -2956,7 +2960,7 @@ class EventsController extends AppController {
}
if (!is_numeric($id)) $id = $this->request->data['Event']['id'];
$this->Event->recursive = -1;
$event = $this->Event->read(array('id', 'org_id', 'orgc_id', 'distribution'), $id);
$event = $this->Event->read(array(), $id);
// org should allow to tag too, so that an event that gets pushed can be tagged locally by the owning org
if ((($this->Auth->user('org_id') !== $event['Event']['org_id'] && $this->Auth->user('org_id') !== $event['Event']['orgc_id']) || (!$this->userRole['perm_tagger'])) && !$this->_isSiteAdmin()) {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'You don\'t have permission to do that.')),'status'=>200));
@ -2976,9 +2980,13 @@ class EventsController extends AppController {
'fields' => array('Tag.name')
));
if ($this->Event->EventTag->delete($eventTag['EventTag']['id'])) {
$event['Event']['published'] = 0;
$date = new DateTime();
$event['Event']['timestamp'] = $date->getTimestamp();
$this->Event->save($event);
$log = ClassRegistry::init('Log');
$log->createLogEntry($this->Auth->user(), 'tag', 'Event', $id, 'Removed tag (' . $tag_id . ') "' . $tag['Tag']['name'] . '" from event (' . $id . ')', 'Event (' . $id . ') untagged of Tag (' . $tag_id . ')');
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => ($galaxy ? 'Galaxy' : 'Tag') . ' removed.')), 'status'=>200));
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => ($galaxy ? 'Galaxy' : 'Tag') . ' removed.', 'check_publish' => true)), 'status'=>200));
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => ($galaxy ? 'Galaxy' : 'Tag') . ' could not be removed.')),'status'=>200));
}
@ -4111,4 +4119,13 @@ class EventsController extends AppController {
$this->render('ajax/toggle_correlation');
}
}
public function checkPublishedStatus($id) {
$event = $this->Event->fetchEvent($this->Auth->user(), array('metadata' => 1, 'event_id' => $id));
if (empty($event)) {
throw new NotFoundException('Invalid event');
}
$this->set('current_event_published', $event[0]['Event']['published'] ? 1 : 0);
$this->set('_serialize', 'current_event_published');
}
}

9
app/Controller/GalaxiesController.php
View File

@ -101,6 +101,11 @@ class GalaxiesController extends AppController {
$cluster_id = $this->request->data['Galaxy']['target_id'];
$cluster = $this->Galaxy->GalaxyCluster->find('first', array('recursive' => -1, 'conditions' => array('id' => $cluster_id), 'fields' => array('tag_name')));
$this->loadModel('Tag');
$event = $this->Tag->EventTag->Event->fetchEvent($this->Auth->user(), array('eventid' => $event_id, 'metadata' => 1));
if (empty($event)) {
throw new NotFoundException('Invalid event.');
}
$event = $event[0];
$tag_id = $this->Tag->captureTag(array('name' => $cluster['GalaxyCluster']['tag_name'], 'colour' => '#0088cc', 'exportable' => 1), $this->Auth->user());
if ($tag_id === false) {
throw new MethodNotAllowedException('Could not attach cluster.');
@ -113,6 +118,10 @@ class GalaxiesController extends AppController {
}
$result = $this->Tag->EventTag->save(array('event_id' => $event_id, 'tag_id' => $tag_id));
if ($result) {
$event['Event']['published'] = 0;
$date = new DateTime();
$event['Event']['timestamp'] = $date->getTimestamp();
$this->Tag->EventTag->Event->save($event);
$this->Session->setFlash('Cluster attached');
$this->redirect($this->referer());
} else {

20
app/Controller/GalaxyClustersController.php
View File

@ -44,7 +44,7 @@ class GalaxyClustersController extends AppController {
$this->render('ajax/index');
}
}
public function view($id) {
$cluster = $this->GalaxyCluster->find('first', array(
'recursive' => -1,
@ -65,16 +65,16 @@ class GalaxyClustersController extends AppController {
if (!empty($tag)) {
$cluster['GalaxyCluster']['tag_count'] = count($tag['EventTag']);
$cluster['GalaxyCluster']['tag_id'] = $tag['Tag']['id'];
}
}
}
$this->set('cluster', $cluster);
}
public function attachToEvent($event_id, $tag_name) {
$this->loadModel('Event');
$this->Event->id = $event_id;
$this->Event->recursive = -1;
$event = $this->Event->read(array('id', 'org_id', 'orgc_id', 'distribution', 'sharing_group_id'), $event_id);
$event = $this->Event->read(array(), $event_id);
if (empty($event)) {
throw new MethodNotAllowedException('Invalid Event.');
}
@ -95,18 +95,22 @@ class GalaxyClustersController extends AppController {
if (empty($existingEventTag)) {
$this->Event->EventTag->create();
$this->Event->EventTag->save(array('EventTag.tag_id' => $tag_id, 'EventTag.event_id' => $event_id));
$event['Event']['published'] = 0;
$date = new DateTime();
$event['Event']['timestamp'] = $date->getTimestamp();
$this->Event->save($event);
$this->Session->setFlash('Galaxy attached.');
} else {
$this->Session->setFlash('Galaxy already attached.');
}
$this->redirect($this->referer());
}
public function detachFromEvent($event_id, $tag_id) {
$this->loadModel('Event');
$this->Event->id = $event_id;
$this->Event->recursive = -1;
$event = $this->Event->read(array('id', 'org_id', 'orgc_id', 'distribution', 'sharing_group_id'), $event_id);
$event = $this->Event->read(array(), $event_id);
if (empty($event)) {
throw new MethodNotAllowedException('Invalid Event.');
}
@ -120,6 +124,10 @@ class GalaxyClustersController extends AppController {
$this->Session->setFlash('Galaxy not attached.');
} else {
$this->Event->EventTag->delete($existingEventTag['EventTag']['id']);
$event['Event']['published'] = 0;
$date = new DateTime();
$event['Event']['timestamp'] = $date->getTimestamp();
$this->Event->save($event);
$this->Session->setFlash('Galaxy successfully detached.');
}
$this->redirect($this->referer());

21
app/View/Elements/side_menu.ctp
View File

@ -3,6 +3,9 @@
<?php
switch ($menuList) {
case 'event':
?>
<div id="hiddenSideMenuData" class="hidden" data-event-id="<?php echo isset($event['Event']['id']) ? $event['Event']['id'] : 0; ?>"></div>
<?php
if ($menuItem === 'addAttribute' ||
$menuItem === 'addAttachment' ||
$menuItem === 'addIOC' ||
@ -321,7 +324,7 @@
case 'news': ?>
<li id='liindex'><a href="<?php echo $baseurl;?>/news/index">View News</a></li>
<?php
if ($isSiteAdmin):
if ($isSiteAdmin):
?>
<li id='liadd'><a href="<?php echo $baseurl;?>/news/add">Add News Item</a></li>
<?php if ($menuItem === 'edit'): ?>
@ -329,25 +332,25 @@
<?php endif;
endif;
break;
case 'galaxies':
case 'galaxies':
?>
<li id='liindex'><a href="<?php echo $baseurl;?>/galaxies/index">List Galaxies</a></li>
<?php
if ($isSiteAdmin):
if ($isSiteAdmin):
?>
<li><?php echo $this->Form->postLink('Update Galaxies', array('controller' => 'galaxies', 'action' => 'update'), null, __('Are you sure you want to reimport all galaxies from the submodule?')); ?></li>
<?php
endif;
if ($menuItem === 'view'):
<?php
endif;
if ($menuItem === 'view'):
?>
<li class="active"><a href="#">View Galaxy</a></li>
<?php
endif;
if ($menuItem === 'view_cluster'):
if ($menuItem === 'view_cluster'):
?>
<li class="active"><a href="#">View Cluster</a></li>
<?php
<?php
endif;
break;
}

7
app/View/Events/view.ctp
View File

@ -158,8 +158,11 @@
<?php echo nl2br(h($event['Event']['info'])); ?>
&nbsp;
</dd>
<dt class="<?php echo ($event['Event']['published'] == 0) ? (($isAclPublish && $me['org_id'] == $event['Event']['orgc_id']) ? 'background-red bold' : 'bold') : 'bold'; ?>">Published</dt>
<dd class="<?php echo ($event['Event']['published'] == 0) ? (($isAclPublish && $me['org_id'] == $event['Event']['orgc_id']) ? 'background-red bold' : 'red bold') : 'green bold'; ?>"><?php echo ($event['Event']['published'] == 0) ? 'No' : 'Yes'; ?></dd>
<dt class="hidden"></dt><dd class="hidden"></dd>
<dt class="background-red bold not-published <?php echo ($event['Event']['published'] == 0) ? '' : 'hidden'; ?>">Published</dt>
<dd class="background-red bold not-published <?php echo ($event['Event']['published'] == 0) ? '' : 'hidden'; ?>">No</dd>
<dt class="bold published <?php echo ($event['Event']['published'] == 0) ? 'hidden' : ''; ?>">Published</dt>
<dd class="green bold published <?php echo ($event['Event']['published'] == 0) ? 'hidden' : ''; ?>">Yes</dd>
<?php if (Configure::read('Plugin.Sightings_enable') !== false): ?>
<dt>Sightings</dt>
<dd style="word-wrap: break-word;">

21
app/webroot/js/misp2.4.58.js
View File

@ -442,6 +442,9 @@ function handleAjaxEditResponse(data, name, type, id, field, event) {
if (type == 'ShadowAttribute') {
updateIndex(event, 'event');
}
if ('undefined' != responseArray['check_publish']) {
checkAndSetPublishedInfo();
}
}
function handleGenericAjaxResponse(data) {
@ -452,6 +455,9 @@ function handleGenericAjaxResponse(data) {
}
if (responseArray.saved) {
showMessage('success', responseArray.success);
if ('undefined' != responseArray['check_publish']) {
checkAndSetPublishedInfo();
}
return true;
} else {
showMessage('fail', responseArray.errors);
@ -1006,7 +1012,7 @@ function getPopup(id, context, target, admin, popupType) {
if (context != '') url += "/" + context;
if (target != '') url += "/" + target;
if (id != '') url += "/" + id;
if (popupType == '') popupType = '#popover_form';
if (popupType == '' || typeof popupType == 'undefined') popupType = '#popover_form';
$.ajax({
beforeSend: function (XMLHttpRequest) {
$(".loading").show();
@ -2712,3 +2718,16 @@ function quickSubmitGalaxyForm(event_id, cluster_id) {
$('#GalaxySelectClusterForm').submit();
return false;
}
function checkAndSetPublishedInfo() {
var id = $('#hiddenSideMenuData').data('event-id');
$.get( "/events/checkPublishedStatus/" + id + '.json', function(data) {
if (data == 1) {
$('.published').show();
$('.not-published').hide();
} else {
$('.published').hide();
$('.not-published').show();
}
});
}