mirror of https://github.com/MISP/MISP
Send E-mail notifications for new posts in discussion and event threads
parent
e89e5ebe4a
commit
506e1fcb0d
|
@ -297,6 +297,21 @@ class EventShell extends AppShell
|
||||||
$this->Job->saveField('progress', '100');
|
$this->Job->saveField('progress', '100');
|
||||||
if ($result != true) $this->Job->saveField('message', 'Job done.');
|
if ($result != true) $this->Job->saveField('message', 'Job done.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function postsemail() {
|
||||||
|
$user_id = $this->args[0];
|
||||||
|
$post_id = $this->args[1];
|
||||||
|
$event_id = $this->args[2];
|
||||||
|
$title = $this->args[3];
|
||||||
|
$message = $this->args[4];
|
||||||
|
$processId = $this->args[5];
|
||||||
|
$this->Job->id = $processId;
|
||||||
|
$user = $this->User->read(null, $user_id);
|
||||||
|
$eventId = $this->args[2];
|
||||||
|
$result = $this->Post->sendPostsEmail($user_id, $post_id, $event_id, $title, $message);
|
||||||
|
$this->Job->saveField('progress', '100');
|
||||||
|
if ($result != true) $this->Job->saveField('message', 'Job done.');
|
||||||
|
}
|
||||||
|
|
||||||
public function enqueueCaching() {
|
public function enqueueCaching() {
|
||||||
$timestamp = $this->args[0];
|
$timestamp = $this->args[0];
|
||||||
|
|
|
@ -151,6 +151,7 @@ class PostsController extends AppController {
|
||||||
$this->Thread->updateAfterPostChange(true);
|
$this->Thread->updateAfterPostChange(true);
|
||||||
$this->Session->setFlash(__('Post added'));
|
$this->Session->setFlash(__('Post added'));
|
||||||
$this->redirect(array('action' => 'view', $this->Post->getId()));
|
$this->redirect(array('action' => 'view', $this->Post->getId()));
|
||||||
|
$this->Post->sendPostsEmailRouter($this->Auth->user('id'), $post_id, $event_id, $title, $this->request->data['Post']['message']);
|
||||||
} else {
|
} else {
|
||||||
$this->Session->setFlash('The post could not be added.');
|
$this->Session->setFlash('The post could not be added.');
|
||||||
}
|
}
|
||||||
|
@ -277,4 +278,4 @@ class PostsController extends AppController {
|
||||||
|
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
App::uses('AppModel', 'Model');
|
App::uses('AppModel', 'Model');
|
||||||
|
App::uses('CakeEmail', 'Network/Email');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Post Model
|
* Post Model
|
||||||
|
@ -16,4 +17,128 @@ class Post extends AppModel {
|
||||||
|
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
public function sendPostsEmailRouter($user_id, $post_id, $event_id, $title, $message, $JobId = false) {
|
||||||
|
if (Configure::read('MISP.background_jobs')) {
|
||||||
|
$user = $this->User->findById($user_id);
|
||||||
|
$job = ClassRegistry::init('Job');
|
||||||
|
$job->create();
|
||||||
|
$data = array(
|
||||||
|
'worker' => 'default',
|
||||||
|
'job_type' => 'posts_alert',
|
||||||
|
'job_input' => 'Thread: ' . $thread_id,
|
||||||
|
'status' => 0,
|
||||||
|
'retries' => 0,
|
||||||
|
'org' => $user['User']['org'],
|
||||||
|
'message' => 'Sending..',
|
||||||
|
);
|
||||||
|
$job->save($data);
|
||||||
|
$jobId = $job->id;
|
||||||
|
$process_id = CakeResque::enqueue(
|
||||||
|
'default',
|
||||||
|
'EventShell',
|
||||||
|
array('postsemail', $user_id, $post_id, $event_id, $title, $message, $jobId)
|
||||||
|
);
|
||||||
|
$job->saveField('process_id', $process_id);
|
||||||
|
return true;
|
||||||
|
} else {
|
||||||
|
$result = $this->sendPostsEmail($user_id, $post_id, $event_id, $title, $message);
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function sendPostsEmail($user_id, $post_id, $event_id, $title, $message) {
|
||||||
|
// fetch the post
|
||||||
|
$post = $this->read(null, $post_id);
|
||||||
|
$this->User = ClassRegistry::init('User');
|
||||||
|
|
||||||
|
// If the post belongs to an event, E-mail all users in the org that have contactalert set
|
||||||
|
if ($event_id) {
|
||||||
|
$event = $this->Event->read(null, $event_id);
|
||||||
|
//Insert extra field here: alertOrg or something, then foreach all the org members
|
||||||
|
//limit this array to users with contactalerts turned on!
|
||||||
|
$orgMembers = array();
|
||||||
|
$this->User->recursive = 0;
|
||||||
|
$temp = $this->User->findAllByOrg($event['Event']['org'], array('email', 'gpgkey', 'contactalert', 'id'));
|
||||||
|
foreach ($temp as $tempElement) {
|
||||||
|
if ($tempElement['User']['id'] != $user_id && ($tempElement['User']['contactalert'] || $tempElement['User']['id'] == $event['Event']['user_id'])) {
|
||||||
|
array_push($orgMembers, $tempElement);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// Not an event: E-mail the user that started the thread
|
||||||
|
$thread = $this->Thread->read(null, $post['Post']['thread_id']);
|
||||||
|
if ($thread['Thread']['user_id'] == $user_id ) {
|
||||||
|
$orgMembers = array();
|
||||||
|
} else {
|
||||||
|
$orgMembers = $this->User->findAllById($thread['Thread']['user_id'], array('email', 'gpgkey', 'contactalert', 'id'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Add all users who posted in this thread
|
||||||
|
$temp = $this->Post->findAllByThreadId($post['Post']['thread_id'],array('user_id'));
|
||||||
|
foreach ($temp as $tempElement) {
|
||||||
|
$user = $this->User->findById($tempElement['Post']['user_id'], array('email', 'gpgkey', 'contactalert', 'id'));
|
||||||
|
if(!empty($user) && $user['User']['id'] != $user_id && !in_array($user, $orgMembers)) {
|
||||||
|
array_push($orgMembers, $user);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// The mail body, h() is NOT needed as we are sending plain-text mails.
|
||||||
|
$body = "";
|
||||||
|
$body .= "Hello, \n";
|
||||||
|
$body .= "\n";
|
||||||
|
$body .= "Someone just posted to a MISP discussion you participated in with title:\n";
|
||||||
|
$body .= $title . "\n";
|
||||||
|
$body .= "\n";
|
||||||
|
$body .= "The full discussion can be found at: \n";
|
||||||
|
$body .= Configure::read('MISP.baseurl') . '/posts/view/' . $post['Post']['id'] . "\n";
|
||||||
|
$body .= "\n";
|
||||||
|
$body .= "The following message was added: \n";
|
||||||
|
$body .= "\n";
|
||||||
|
$body .= $message . "\n";
|
||||||
|
|
||||||
|
// LATER place event-to-email-layout in a function
|
||||||
|
$Email = new CakeEmail();
|
||||||
|
// sign the body
|
||||||
|
require_once 'Crypt/GPG.php';
|
||||||
|
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'))); // , 'debug' => true
|
||||||
|
$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
|
||||||
|
$bodySigned = $gpg->sign($body,Crypt_GPG::SIGN_MODE_CLEAR);
|
||||||
|
foreach ($orgMembers as &$recipient) {
|
||||||
|
if (!empty($recipient['User']['gpgkey'])) {
|
||||||
|
// import the key of the user into the keyring
|
||||||
|
// this isn't really necessary, but it gives it the fingerprint necessary for the next step
|
||||||
|
$keyImportOutput = $gpg->importKey($recipient['User']['gpgkey']);
|
||||||
|
// say what key should be used to encrypt
|
||||||
|
try {
|
||||||
|
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));
|
||||||
|
$gpg->addEncryptKey($keyImportOutput['fingerprint']); // use the key that was given in the import
|
||||||
|
|
||||||
|
$bodyEncSig = $gpg->encrypt($bodySigned, true);
|
||||||
|
} catch (Exception $e){
|
||||||
|
// catch errors like expired PGP keys
|
||||||
|
$this->log($e->getMessage());
|
||||||
|
// no need to return here, as we want to send out mails to the other users if GPG encryption fails for a single user
|
||||||
|
}
|
||||||
|
} elseif (Configure::read('GnuPG.onlyencrypted')) {
|
||||||
|
continue;
|
||||||
|
} else {
|
||||||
|
$bodyEncSig = $bodySigned;
|
||||||
|
}
|
||||||
|
$Email->from(Configure::read('MISP.email'));
|
||||||
|
$Email->to($recipient['User']['email']);
|
||||||
|
$Email->subject("[" . Configure::read('MISP.org') . " MISP] New post in discussion " . $post['Post']['thread_id'] . " - TLP Amber");
|
||||||
|
//$this->Email->delivery = 'debug'; // do not really send out mails, only display it on the screen
|
||||||
|
$Email->emailFormat('text'); // both text or html
|
||||||
|
|
||||||
|
// send it
|
||||||
|
$result = $Email->send($bodyEncSig);
|
||||||
|
// If you wish to send multiple emails using a loop, you'll need
|
||||||
|
// to reset the email fields using the reset method of the Email component.
|
||||||
|
$Email->reset();
|
||||||
|
}
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue