MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Add support to export an OpenIOC file via API 

(Change spaces to tabs)
pull/1448/head
Nick Driver 2016-08-17 14:34:31 -04:00
parent 06aa741a0e
commit 4d32a16da8
2 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/AppController.php
View File

@ -52,7 +52,7 @@ class AppController extends Controller {
// Used for _isAutomation(), a check that returns true if the controller & action combo matches an action that is a non-xml and non-json automation method
// This is used to allow authentication via headers for methods not covered by _isRest() - as that only checks for JSON and XML formats
public $automationArray = array(
'events' => array('csv', 'nids', 'hids', 'xml', 'restSearch', 'stix', 'updateGraph'),
'events' => array('csv', 'nids', 'hids', 'xml', 'restSearch', 'stix', 'updateGraph', 'downloadOpenIOCEvent'),
'attributes' => array('text', 'downloadAttachment', 'returnAttributes', 'restSearch', 'rpz'),
);

15
app/Controller/EventsController.php
View File

@ -2492,7 +2492,7 @@ class EventsController extends AppController {
return $this->response;
}
public function downloadOpenIOCEvent($eventid) {
public function downloadOpenIOCEvent($key, $eventid) {
// return a downloadable text file called misp.openIOC.<eventId>.ioc for individual events
// TODO implement mass download of all events - maybe in a zip file?
$this->response->type('text'); // set the content type
@ -2502,6 +2502,17 @@ class EventsController extends AppController {
$this->header('Content-Disposition: download; filename="misp.openIOC' . $eventid . '.ioc"');
}
$this->layout = 'text/default';
if ($key != 'download'){
$user = $this->checkAuthUser($key);
if (!$user){
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
}
} else {
if (!$this->Auth->user('id')){
throw new UnauthorizedException('You have to be logged in to do that.');
}
}
// get the event if it exists and load it together with its attributes
$this->Event->id = $eventid;
@ -3139,7 +3150,7 @@ class EventsController extends AppController {
'checkbox_default' => true
),
'openIOC' => array(
'url' => '/events/downloadOpenIOCEvent/' . $id,
'url' => '/events/downloadOpenIOCEvent/download/' . $id,
'text' => 'OpenIOC (all indicators marked to IDS)',
'requiresPublished' => true,
'checkbox' => false,