From 221e35827f3c6790e4c136a4aac05bdafae3e05e Mon Sep 17 00:00:00 2001
From: Alexandru Ciobanu <iscandr@gmail.com>
Date: Mon, 11 Nov 2013 23:18:13 +0100
Subject: [PATCH 1/8] First kick at Travis

---
 .travis.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 .travis.yml

diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 000000000..76154f4b2
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,5 @@
+language: php
+php:
+    - 5.5
+    - 5.4
+    - 5.3

From 7f6c8425ae63477b48bd60724630c7aa1ce8628c Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Tue, 12 Nov 2013 15:11:59 +0100
Subject: [PATCH 2/8] Fix to users with auth key access not being able to reset
 their authkey

---
 app/Controller/UsersController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Controller/UsersController.php b/app/Controller/UsersController.php
index 387ca8c78..abfd1a380 100755
--- a/app/Controller/UsersController.php
+++ b/app/Controller/UsersController.php
@@ -407,7 +407,7 @@ class UsersController extends AppController {
 		}
 		$this->User->read();
 		if ('me' == $id ) $id = $this->Auth->user('id');
-		else if (!$this->_isSiteAdmin() && !($this->_isAdmin() && $this->Auth->user('org') == $this->User->data['User']['org'])) throw new MethodNotAllowedException();
+		else if (!$this->_isSiteAdmin() && !($this->_isAdmin() && $this->Auth->user('org') == $this->User->data['User']['org']) && ($this->Auth->user('id') != $id)) throw new MethodNotAllowedException();
 		$newkey = $this->User->generateAuthKey();
 		$this->User->saveField('authkey', $newkey);
 		$this->Session->setFlash(__('New authkey generated.', true));

From fca87bf491a463f6f214218a0343a07f28646d1d Mon Sep 17 00:00:00 2001
From: Alexandru Ciobanu <iscandr@gmail.com>
Date: Tue, 12 Nov 2013 16:23:37 +0100
Subject: [PATCH 3/8] Initial JSON REST

Some small travins changes too.
FYI there's an automated travis build available at
https://travis-ci.org/MISP/MISP
We don't have unit testing and travis setup is subpar so everything will fail
for now.
---
 .travis.yml                             | 11 +++++
 app/Config/routes.php                   |  2 +-
 app/Controller/AppController.php        | 14 ++++--
 app/Controller/AttributesController.php | 62 ++++++++++++-------------
 app/Controller/EventsController.php     | 28 +++++------
 app/View/Events/json/index.ctp          | 17 +++++++
 app/View/Events/json/view.ctp           | 36 ++++++++++++++
 7 files changed, 119 insertions(+), 51 deletions(-)
 create mode 100644 app/View/Events/json/index.ctp
 create mode 100644 app/View/Events/json/view.ctp

diff --git a/.travis.yml b/.travis.yml
index 76154f4b2..41af9bde9 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,3 +3,14 @@ php:
     - 5.5
     - 5.4
     - 5.3
+
+env:
+    - DB=mysql
+
+matrix:
+    allow_failures:
+        - php: 5.5
+
+before_script:
+    - pecl install Crypt_GPG
+    - pecl install Net_GeoIP
diff --git a/app/Config/routes.php b/app/Config/routes.php
index 0b52e108f..3d7779295 100755
--- a/app/Config/routes.php
+++ b/app/Config/routes.php
@@ -53,7 +53,7 @@
 
 	// Activate REST
 	Router::mapResources(array('events', 'attributes'));
-	Router::parseExtensions('xml');
+	Router::parseExtensions('xml', 'json');
 
 /**
  * Load all plugin routes.  See the CakePlugin documentation on
diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php
index 16e9b5abc..39d5f06f1 100755
--- a/app/Controller/AppController.php
+++ b/app/Controller/AppController.php
@@ -70,7 +70,7 @@ class AppController extends Controller {
 
 	public function beforeFilter() {
 		// REST authentication
-		if ($this->_isRest()) {
+		if ($this->_isRest() || $this->isJson()) {
 			// disable CSRF for REST access
 			if (array_key_exists('Security', $this->components))
 				$this->Security->csrfCheck = false;
@@ -142,6 +142,10 @@ class AppController extends Controller {
 
 	public $userRole = null;
 
+	public function isJson(){
+		return $this->request->header('Accept') === 'application/json';
+	}
+
 	//public function blackhole($type) {
 	//	// handle errors.
 	//	throw new Exception(__d('cake_dev', 'The request has been black-holed'));
@@ -211,7 +215,7 @@ class AppController extends Controller {
 		$this->Session->setFlash(__('All done.'));
 		$this->redirect(array('controller' => 'events', 'action' => 'index', 'admin' => false));
 	}
-	
+
 	public function generateLocked() {
 		if (!self::_isSiteAdmin()) throw new NotFoundException();
 		$this->loadModel('User');
@@ -222,7 +226,7 @@ class AppController extends Controller {
 		foreach ($orgs as $k => $org) {
 			$orgs[$k]['User']['count'] = $this->User->find('count', array(
 							'conditions' => array(
-									'org =' => $orgs[$k]['User']['org'], 
+									'org =' => $orgs[$k]['User']['org'],
 			)));
 			if ($orgs[$k]['User']['count'] > 1) {
 				$localOrgs[] = $orgs[$k]['User']['org'];
@@ -231,7 +235,7 @@ class AppController extends Controller {
 				// If we only have a single user for an org, check if that user is a sync user. If not, then it is a valid local org and the events created by him/her should be unlocked.
 				$this->User->recursive = 1;
 				$user = ($this->User->find('first', array(
-						'fields' => array('id', 'role_id'), 
+						'fields' => array('id', 'role_id'),
 						'conditions' => array('org' => $org['User']['org']),
 						'contain' => array('Role' => array(
 								'fields' => array('id', 'perm_sync'),
@@ -250,7 +254,7 @@ class AppController extends Controller {
 				'conditions' => $conditions
 		));
 		$this->Event->updateAll(
-				array('Event.locked' => 1), 
+				array('Event.locked' => 1),
 				$conditions
 		);
 		$this->Session->setFlash('Events updated, '. $toBeUpdated . ' record(s) altered.');
diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php
index e2ab2fb39..cd170da9d 100755
--- a/app/Controller/AttributesController.php
+++ b/app/Controller/AttributesController.php
@@ -21,7 +21,7 @@ class AttributesController extends AppController {
 
 	public function beforeFilter() {
 		parent::beforeFilter();
-		
+
 		$this->Auth->allow('restSearch');
 		$this->Auth->allow('returnAttributes');
 		$this->Auth->allow('downloadAttachment');
@@ -251,10 +251,10 @@ class AttributesController extends AppController {
 			throw new NotFoundException(__('Invalid attribute'));
 		}
 		$this->Attribute->read();
-		if (!$this->_isSiteAdmin() && 
-			$this->Auth->user('org') != 
-			$this->Attribute->data['Event']['org'] && 
-			($this->Attribute->data['Event']['distribution'] == 0 || 
+		if (!$this->_isSiteAdmin() &&
+			$this->Auth->user('org') !=
+			$this->Attribute->data['Event']['org'] &&
+			($this->Attribute->data['Event']['distribution'] == 0 ||
 				$this->Attribute->data['Attribute']['distribution'] == 0
 			)) {
 			throw new UnauthorizedException('You do not have the permission to view this event.');
@@ -532,7 +532,7 @@ class AttributesController extends AppController {
 						$attribute['distribution'] = $this->Event->data['Event']['distribution'];
 					} else {
 						$attribute['distribution'] = Configure::read('MISP.default_attribute_distribution');
-					} 
+					}
 				}
 				switch($entry['Type']) {
 					case 'Address':
@@ -644,9 +644,9 @@ class AttributesController extends AppController {
 			$uuid = $this->Attribute->data['Attribute']['uuid'];
 		}
 		if (!$this->_isSiteAdmin()) {
-			// 
+			//
 			if ($this->Attribute->data['Event']['orgc'] == $this->Auth->user('org')
-				&& (($this->userRole['perm_modify'] && $this->Attribute->data['Event']['user_id'] != $this->Auth->user('id')) 
+				&& (($this->userRole['perm_modify'] && $this->Attribute->data['Event']['user_id'] != $this->Auth->user('id'))
 					|| $this->userRole['perm_modify_org'])) {
 				// Allow the edit
 			} else {
@@ -785,10 +785,10 @@ class AttributesController extends AppController {
 			} else {
 				if ($this->_checkOrg() != $this->Attribute->data['Event']['orgc']) {
 					throw new MethodNotAllowedException();
-				}	
+				}
 			}
 		}
-			
+
 		// attachment will be deleted with the beforeDelete() function in the Model
 		if ($this->Attribute->delete()) {
 			// delete the attribute from remote servers
@@ -796,7 +796,7 @@ class AttributesController extends AppController {
 				// find the uuid
 				$this->__deleteAttributeFromServers($uuid);
 			}
-			
+
 			// We have just deleted the attribute, let's also check if there are any shadow attributes that were attached to it and delete them
 			$this->loadModel('ShadowAttribute');
 			$this->ShadowAttribute->deleteAll(array('ShadowAttribute.old_id' => $id), false);
@@ -1074,7 +1074,7 @@ class AttributesController extends AppController {
 
 		$this->set('fails', $this->Attribute->checkComposites());
 	}
-	
+
 	// Use the rest interface to search for attributes. Usage:
 	// MISP-base-url/attributes/restSearch/[api-key]/[value]/[type]/[category]/[orgc]
 	// value, type, category, orgc are optional
@@ -1095,7 +1095,7 @@ class AttributesController extends AppController {
 		// add the values as specified in the 2nd parameter to the conditions
 		$values = explode('&&', $value);
 		$parameters = array('value', 'type', 'category', 'org');
-	
+
 		foreach ($parameters as $k => $param) {
 			if (isset(${$parameters[$k]})) {
 				$elements = explode('&&', ${$parameters[$k]});
@@ -1110,9 +1110,9 @@ class AttributesController extends AppController {
 				$subcondition = array();
 			}
 		}
-	
+
 		// If we are looking for an attribute, we want to retrieve some extra data about the event to be able to check for the permissions.
-		
+
 		if (!$user['User']['siteAdmin']) {
 			$temp = array();
 			$temp['AND'] = array('Event.distribution >' => 0, 'Attribute.distribution >' => 0);
@@ -1120,23 +1120,23 @@ class AttributesController extends AppController {
 			$subcondition['OR'][] = array('Event.org' => $user['User']['org']);
 			array_push($conditions['AND'], $subcondition);
 		}
-		
+
 		// change the fields here for the attribute export!!!! Don't forget to check for the permissions, since you are not going through fetchevent. Maybe create fetchattribute?
-	
+
 		$params = array(
 				'conditions' => $conditions,
 				'fields' => array('Attribute.*', 'Event.org', 'Event.distribution'),
 				'contain' => 'Event'
 		);
-	
+
 		$results = $this->Attribute->find('all', $params);
 		$this->loadModel('Whitelist');
 		$results = $this->Whitelist->removeWhitelistedFromArray($results, false);
 		if (empty($results)) throw new NotFoundException('No matches.');
 		$this->set('results', $results);
 	}
-	
-	// returns an XML with attributes that belong to an event. The type of attributes to be returned can be restricted by type using the 3rd parameter. 
+
+	// returns an XML with attributes that belong to an event. The type of attributes to be returned can be restricted by type using the 3rd parameter.
 	// Similar to the restSearch, this parameter can be chained with '&&' and negations are accepted too. For example filename&&!filename|md5 would return all filenames that don't have an md5
 	// The usage of returnAttributes is the following: [MISP-url]/attributes/returnAttributes/<API-key>/<type>/<signature flag>
 	// The signature flag is off by default, enabling it will only return attribugtes that have the to_ids flag set to true.
@@ -1153,11 +1153,11 @@ class AttributesController extends AppController {
 		if ($user['User']['siteAdmin'] || $this->Event->data['Event']['org'] == $user['User']['org']) {
 			$myEventOrAdmin = true;
 		}
-		
+
 		if (!$myEventOrAdmin) {
 			if ($this->Event->data['Event']['distribution'] == 0) {
 				throw new UnauthorizedException('You don\'t have access to that event.');
-			} 
+			}
 		}
 		$this->response->type('xml');	// set the content type
 		$this->layout = 'xml/default';
@@ -1178,7 +1178,7 @@ class AttributesController extends AppController {
 				}
 			}
 		}
-		
+
 		// check each attribute
 		foreach($this->Event->data['Attribute'] as $k => $attribute) {
 			$contained = false;
@@ -1199,8 +1199,8 @@ class AttributesController extends AppController {
 				foreach ($exclude as $exc) {
 					if (strpos($attribute['type'], $exc) !== false) {
 						$contained = false;
-						continue 2;	
-					}							
+						continue 2;
+					}
 				}
 			}
 			// If we still didn't throw the attribute away, let's check if the user requesting the attributes is of the owning organisation of the event
@@ -1208,19 +1208,19 @@ class AttributesController extends AppController {
 			if ($contained && !$myEventOrAdmin && $attribute['distribution'] == 0) {
 				$contained = false;
 			}
-			
+
 			// If we have set the sigOnly parameter and the attribute has to_ids set to false, discard it!
 			if ($contained && $sigOnly === 'true' && !$attribute['to_ids']) {
 				$contained = false;
 			}
-			
+
 			// If after all of this $contained is still true, let's add the attribute to the array
 			if ($contained) $attributes[] = $attribute;
 		}
 		if (empty($attributes)) throw new NotFoundException('No matches.');
 		$this->set('results', $attributes);
 	}
-	
+
 	public function downloadAttachment($key, $id) {
 		$user = $this->checkAuthUser($key);
 		// if the user is authorised to use the api key then user will be populated with the user's account
@@ -1233,9 +1233,9 @@ class AttributesController extends AppController {
 			throw new NotFoundException('Invalid attribute or no authorisation to view it.');
 		}
 		$this->Attribute->read(null, $id);
-		if (!$user['User']['siteAdmin'] && 
-			$user['User']['org'] != $this->Attribute->data['Event']['org'] && 
-			($this->Attribute->data['Event']['distribution'] == 0 || 
+		if (!$user['User']['siteAdmin'] &&
+			$user['User']['org'] != $this->Attribute->data['Event']['org'] &&
+			($this->Attribute->data['Event']['distribution'] == 0 ||
 				$this->Attribute->data['Attribute']['distribution'] == 0
 			)) {
 			throw new NotFoundException('Invalid attribute or no authorisation to view it.');
diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php
index 6e6fcab92..3246aa1c9 100755
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@@ -531,7 +531,7 @@ class EventsController extends AppController {
 					$this->Session->setFlash(__('You may only upload OpenIOC ioc files.'));
 				}
 				if (isset($this->data['Event']['submittedxml'])) $this->_addXMLFile();
-	
+
 				// redirect to the view of the newly created event
 				if (!CakeSession::read('Message.flash')) {
 					$this->Session->setFlash(__('The event has been saved'));
@@ -542,8 +542,8 @@ class EventsController extends AppController {
 			}
 		}
 	}
-	
-	
+
+
 	/**
 	 * Low level function to add an Event based on an Event $data array
 	 *
@@ -816,7 +816,7 @@ class EventsController extends AppController {
 		$this->set('analysisLevels', $this->Event->analysisLevels);
 
 		$this->set('eventDescriptions', $this->Event->fieldDescriptions);
-		
+
 		$this->set('event', $this->Event->data);
 	}
 
@@ -1969,17 +1969,17 @@ class EventsController extends AppController {
 					$this->data['Event']['submittedxml']['size']);
 			App::uses('Xml', 'Utility');
 			$xmlArray = Xml::toArray(Xml::build($xmlData));
-			
-			// In case we receive an event that is not encapsulated in a response. This should never happen (unless it's a copy+paste fail), 
+
+			// In case we receive an event that is not encapsulated in a response. This should never happen (unless it's a copy+paste fail),
 			// but just in case, let's clean it up anyway.
 			if (isset($xmlArray['Event'])) {
 				$xmlArray['response']['Event'] = $xmlArray['Event'];
 				unset($xmlArray['Event']);
 			}
-			
+
 			if (!isset($xmlArray['response']) || !isset($xmlArray['response']['Event'])) {
 				throw new Exception('This is not a valid MISP XML file.');
-			} 
+			}
 			if (isset($xmlArray['response']['Event'][0])) {
 				foreach ($xmlArray['response']['Event'] as $event) {
 					$temp['Event'] = $event;
@@ -1991,7 +1991,7 @@ class EventsController extends AppController {
 			}
 		}
 	}
-	
+
 	public function _readGfiXML($data, $id) {
 		$this->loadModel('Attribute');
 
@@ -2281,7 +2281,7 @@ class EventsController extends AppController {
 		$final = $this->IOCExport->buildAll($event, $isMyEvent, $isSiteAdmin);
 		$this->set('final', $final);
 	}
-	
+
 	public function create_dummy_event() {
 		if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException('You don\'t have the privileges to access this.');
 		$date = new DateTime();
@@ -2289,7 +2289,7 @@ class EventsController extends AppController {
 		$data['Event']['date'] = '2013-10-09';
 		$data['Event']['risk'] = 'Undefined';
 		$data['Event']['analysis'] = '0';
-		$data['Event']['distribution'] = '0';	
+		$data['Event']['distribution'] = '0';
 
 		$defaultValues = array(
 				'md5' => '098f6bcd4621d373cade4e832627b4f6',
@@ -2336,11 +2336,11 @@ class EventsController extends AppController {
 					'type' => $type,
 					'value' => $defaultValues[$type],
 					'to_ids' => '0',
-					'distribution' => '0',						
+					'distribution' => '0',
 				);
 			}
 		}
-		$this->_add($data, false);	
+		$this->_add($data, false);
 	}
-	
+
 }
diff --git a/app/View/Events/json/index.ctp b/app/View/Events/json/index.ctp
new file mode 100644
index 000000000..7ff58911a
--- /dev/null
+++ b/app/View/Events/json/index.ctp
@@ -0,0 +1,17 @@
+<?php
+foreach ($events as $key => &$event) {
+    // rearrange things to be compatible with the Xml::fromArray()
+    $events[$key] = $events[$key]['Event'];
+    unset($events[$key]['Event']);
+
+    // cleanup the array from things we do not want to expose
+    unset($events[$key]['user_id']);
+    // hide the org field is we are not in showorg mode
+    if ('true' != Configure::read('CyDefSIG.showorg') && !$isAdmin) {
+        unset($events[$key]['org']);
+        unset($events[$key]['orgc']);
+        unset($events[$key]['from']);
+    }
+
+}
+echo json_encode($events);
\ No newline at end of file
diff --git a/app/View/Events/json/view.ctp b/app/View/Events/json/view.ctp
new file mode 100644
index 000000000..e593295d9
--- /dev/null
+++ b/app/View/Events/json/view.ctp
@@ -0,0 +1,36 @@
+<?php
+$event['Event']['Attribute'] = $event['Attribute'];
+unset($event['Attribute']);
+$event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
+unset($event['ShadowAttribute']);
+
+unset($event['Event']['user_id']);
+// hide the org field is we are not in showorg mode
+if ('true' != Configure::read('CyDefSIG.showorg') && !$isAdmin) {
+    unset($event['Event']['org']);
+    unset($event['Event']['orgc']);
+    unset($event['Event']['from']);
+}
+
+// remove value1 and value2 from the output
+foreach ($event['Event']['Attribute'] as $key => $value) {
+    unset($event['Event']['Attribute'][$key]['value1']);
+    unset($event['Event']['Attribute'][$key]['value2']);
+    unset($event['Event']['Attribute'][$key]['category_order']);
+}
+if (isset($event['Event']['RelatedEvent'])) {
+    foreach ($event['Event']['RelatedEvent'] as $key => $value) {
+        unset($event['Event']['RelatedEvent'][$key]['user_id']);
+        if ('true' != Configure::read('CyDefSIG.showorg') && !$isAdmin) {
+            unset($event['Event']['RelatedEvent'][$key]['org']);
+            unset($event['Event']['RelatedEvent'][$key]['orgc']);
+        }
+    }
+}
+
+if (isset($relatedEvents)) {
+    foreach ($relatedEvents as $relatedEvent) {
+        $event['Event']['RelatedEvent'][] = $relatedEvent['Event'];
+    }
+}
+echo json_encode($event);
\ No newline at end of file

From 6e3363825f178365aaf4a0410a391095aaa12db7 Mon Sep 17 00:00:00 2001
From: Alexandru Ciobanu <iscandr@gmail.com>
Date: Tue, 12 Nov 2013 16:46:17 +0100
Subject: [PATCH 4/8] PHP 5.4 E_STRICT fix

---
 plugins/Assets/models/behaviors/LogableBehavior.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plugins/Assets/models/behaviors/LogableBehavior.php b/plugins/Assets/models/behaviors/LogableBehavior.php
index 0d5afa94a..0c7171ff5 100644
--- a/plugins/Assets/models/behaviors/LogableBehavior.php
+++ b/plugins/Assets/models/behaviors/LogableBehavior.php
@@ -364,7 +364,7 @@ class LogableBehavior extends ModelBehavior {
 		$this->_saveLog($Model, $logData);
 	}
 
-	function beforeSave(Model $Model) {
+	function beforeSave(Model $Model, $options = array()) {
 
 		if (isset($this->schema['change']) && $Model->id) {
 			$this->old = $Model->find('first', array(
@@ -375,7 +375,7 @@ class LogableBehavior extends ModelBehavior {
 		return true;
 	}
 
-	function afterSave(Model $Model, $created) {
+	function afterSave(Model $Model, $created, $options = array()) {
 
 		if (!$this->settings[$Model->alias]['enabled']) {
 			return true;

From 67eb13880076cf0de0cd9c249a734822969e6f47 Mon Sep 17 00:00:00 2001
From: Alexandru Ciobanu <iscandr@gmail.com>
Date: Wed, 13 Nov 2013 17:22:24 +0100
Subject: [PATCH 5/8] Display footer notice of missing PGP/GPG key

---
 app/View/Elements/footer.ctp | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/View/Elements/footer.ctp b/app/View/Elements/footer.ctp
index 26827dfe9..855e14844 100644
--- a/app/View/Elements/footer.ctp
+++ b/app/View/Elements/footer.ctp
@@ -2,7 +2,13 @@
 	<div class="navbar navbar-inverse" style="padding-left:20px;">
 		<div class="navbar-inner row">
 			<div class="pull-left footerText" style="float:left;position:absolute;padding-top:12px;z-index:2;">
-				<span>Download: <?php echo $this->Html->link('PGP/GPG key', '/gpg.asc');?></span>
+				<?php
+				$gpgpath = ROOT.DS.APP_DIR.DS.WEBROOT_DIR.DS.'gpg.asc';
+				if(file_exists($gpgpath) && is_file($gpgpath)){ ?>
+					<span>Download: <?php echo $this->Html->link('PGP/GPG key', $this->webroot.'gpg.asc');?></span>
+				<?php }else{ ?>
+					<span>Could not locate the PGP/GPG public key.</span>
+				<?php } ?>
 			</div>
 			<div class = "footerText footerCenterText">
 				<span> <?php if (isset($me)) echo Configure::read('CyDefSIG.footerversion'); else echo Configure::read('CyDefSIG.footer')?></span>

From 233a30b9fd2ec0d93c051acc98d969ceb7616c3c Mon Sep 17 00:00:00 2001
From: Alexandru Ciobanu <iscandr@gmail.com>
Date: Thu, 14 Nov 2013 12:43:31 +0100
Subject: [PATCH 6/8] Basic JSON API CRUD [ci skip]     - adds JSON example to
 shell scripts     - adds sample JSON event     - ??? for some redundant
 Attribute model conditions     - updates travis with CakePHP installation

---
 .travis.yml                         | 21 ++++++++-
 app/Controller/AppController.php    |  2 +-
 app/Controller/EventsController.php |  4 +-
 app/Model/Attribute.php             |  8 ++--
 tools/curl/addEvent.sh              |  3 ++
 tools/curl/editEvent.sh             |  3 ++
 tools/curl/indexEvents.sh           |  3 ++
 tools/curl/input/event.json         | 66 +++++++++++++++++++++++++++++
 tools/curl/viewEvent.sh             |  3 ++
 9 files changed, 107 insertions(+), 6 deletions(-)
 create mode 100644 tools/curl/input/event.json

diff --git a/.travis.yml b/.travis.yml
index 41af9bde9..f72812f87 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -5,7 +5,8 @@ php:
     - 5.3
 
 env:
-    - DB=mysql
+    - CAKE_VERSION=2.4.2 DB=mysql
+    - CAKE_VERSION=master DB=mysql
 
 matrix:
     allow_failures:
@@ -14,3 +15,21 @@ matrix:
 before_script:
     - pecl install Crypt_GPG
     - pecl install Net_GeoIP
+    - phpenv rehash
+    - sh -c "if [ '$DB' = 'mysql' ]; then mysql -e 'CREATE DATABASE misp_test;'; fi"
+    - git clone git://github.com/cakephp/cakephp ../cakephp && cd ../cakephp && git checkout $CAKE_VERSION
+    - chmod -R 777 ../cakephp/app/tmp
+    - echo "<?php
+        class DATABASE_CONFIG {
+        public \$test = array(
+          'datasource' => 'Database/Mysql',
+          'database' => 'misp_test',
+          'host' => '0.0.0.0',
+          'login' => 'travis',
+          'host' => '',
+          'persistent' => false
+        );
+        }" > app/Config/database.php
+
+script:
+    - ./lib/Cake/Console/cake test app AllTests --stderr
diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php
index 39d5f06f1..df63da29e 100755
--- a/app/Controller/AppController.php
+++ b/app/Controller/AppController.php
@@ -153,7 +153,7 @@ class AppController extends Controller {
 	//}
 
 	protected function _isRest() {
-		return (isset($this->RequestHandler) && $this->RequestHandler->isXml());
+		return (isset($this->RequestHandler) && ($this->RequestHandler->isXml() || $this->isJson()));
 	}
 
 /**
diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php
index 3246aa1c9..7ec4e4964 100755
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@@ -593,7 +593,9 @@ class EventsController extends AppController {
 				'Event' => array('org', 'orgc', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'timestamp', 'distribution', 'locked'),
 				'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'timestamp', 'distribution')
 		);
-		$saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList));
+
+		$saveResult = $this->Event->saveAssociated($data, array('validate' => false, 'fieldList' => $fieldList,
+			'atomic' => true));
 		// FIXME chri: check if output of $saveResult is what we expect when data not valid, see issue #104
 		if ($saveResult) {
 			if (!empty($data['Event']['published']) && 1 == $data['Event']['published']) {
diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php
index 911f822ae..ebb14796c 100755
--- a/app/Model/Attribute.php
+++ b/app/Model/Attribute.php
@@ -819,6 +819,7 @@ class Attribute extends AppModel {
 			if ($fromGFI) $this->data['Attribute']['comment'] = 'GFI import';
 		}
 
+		//???
 		if ($this->save($this->data)) {
 			// attribute saved correctly in the db
 		} else {
@@ -828,6 +829,7 @@ class Attribute extends AppModel {
 		// no errors in file upload, entry already in db, now move the file where needed and zip it if required.
 		// no sanitization is required on the filename, path or type as we save
 		// create directory structure
+		// ???
 		if (PHP_OS == 'WINNT') {
 			$rootDir = APP . "files" . DS . $eventId;
 		} else {
@@ -878,11 +880,11 @@ class Attribute extends AppModel {
 			$this->Correlation = ClassRegistry::init('Correlation');
 			// When we add/update an attribute we need to
 			// - (beforeSave) (update-only) clean up the relation of the old value: remove the existing relations related to that attribute, we DO have a reference, the id
-	
+
 			// - remove the existing relations for that value1 or value2, we do NOT have an id reference, but we have a value1/value2 field to search for
 			// ==> DELETE FROM correlations WHERE value = $value1 OR value = $value2 */
 			$dummy = $this->Correlation->deleteAll(array('Correlation.value' => array($a['value1'], $a['value2'])));
-	
+
 			// now build a correlation array of things that will need to be added in the db
 			// we do this twice, once for value1 and once for value2
 			$correlations = array();   // init variable
@@ -898,7 +900,7 @@ class Attribute extends AppModel {
 			            	),
 			            	'AND' => array(
 			            		'Attribute.type !=' => 'vulnerability',
-			            		'Attribute.type !=' => 'comment',			            				
+			            		'Attribute.type !=' => 'comment',
 						)),
 			            'recursive' => 0,
 			            //'fields' => '', // we want to have the Attribute AND Event, so do not filter here
diff --git a/tools/curl/addEvent.sh b/tools/curl/addEvent.sh
index e2cd80ba3..b0c90a994 100755
--- a/tools/curl/addEvent.sh
+++ b/tools/curl/addEvent.sh
@@ -1,2 +1,5 @@
 curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 --data "@input/event.xml" -X POST http://localhost/events
+
+#curl -i -H "Accept: application/json" -H "content-type: text/json" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
+#--data "@input/event.json" -X POST http://localhost/events
\ No newline at end of file
diff --git a/tools/curl/editEvent.sh b/tools/curl/editEvent.sh
index a88beb3e7..666d0579b 100755
--- a/tools/curl/editEvent.sh
+++ b/tools/curl/editEvent.sh
@@ -4,3 +4,6 @@
 # POST can be used as well..
 curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 --data "@input/event.xml" -X POST http://localhost/events/$1
+
+#curl -i -H "Accept: application/json" -H "content-type: text/json" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
+#--data "@input/event.json" -X POST http://localhost/events/$1
\ No newline at end of file
diff --git a/tools/curl/indexEvents.sh b/tools/curl/indexEvents.sh
index 4deb43dc1..f417f638d 100755
--- a/tools/curl/indexEvents.sh
+++ b/tools/curl/indexEvents.sh
@@ -1,2 +1,5 @@
 curl -H "Accept: application/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
 -X GET http://localhost/events
+
+#curl -H "Accept: application/json" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
+#-X GET http://localhost/events
diff --git a/tools/curl/input/event.json b/tools/curl/input/event.json
new file mode 100644
index 000000000..f0c6619db
--- /dev/null
+++ b/tools/curl/input/event.json
@@ -0,0 +1,66 @@
+{
+  "Event": {
+    "id": "15",
+    "org": "ORG",
+    "date": "2012-04-12",
+    "risk": "Medium",
+    "info": "info",
+    "user_id": "1",
+    "uuid": "4f8c2c4e-00dc-42c9-83ad-76e9ff32448e",
+    "distribution": "0",
+    "analysis": "0",
+    "timestamp": "1",
+    "Attribute": [
+      {
+        "id": "116",
+        "event_id": "14",
+        "type": "ip-dst",
+        "category": "Network activity",
+        "to_ids": "1",
+        "uuid": "4f8c2cc3-0410-4bf0-8559-5b9dff32448e",
+        "distribution": "0",
+        "value": "1.1.1.111",
+        "timestamp": "0"
+      },
+      {
+        "id": "117",
+        "event_id": "14",
+        "type": "malware-sample",
+        "category": "Payload delivery",
+        "to_ids": "0",
+        "uuid": "4f8c2d08-7e6c-4648-8730-50a7ff32448e",
+        "distribution": "0",
+        "value": "A.doc|3f6f1aaab6171925c81de9b34a8fcf8e",
+        "timestamp": "0"
+      },
+      {
+        "id": "115",
+        "event_id": "14",
+        "type": "vulnerability",
+        "category": "Payload delivery",
+        "to_ids": "1",
+        "uuid": "4f8c2c69-9bf8-4279-8d03-2138ff32448e",
+        "distribution": "0",
+        "value": "CVE-XXXX-XXXX",
+        "timestamp": "0"
+      }
+    ],
+    "RelatedEvent": [
+      {
+        "id": "11",
+        "date": "2011-01-03",
+        "uuid": "4f8812ff-ded0-4592-9227-0615ff32448e"
+      },
+      {
+        "id": "9",
+        "date": "2011-02-02",
+        "uuid": "4f85981e-d044-4b16-bc16-0a35ff32448e"
+      },
+      {
+        "id": "6",
+        "date": "2011-03-01",
+        "uuid": "4f7a9faa-91d4-4c91-8ec6-0878ff32448e"
+      }
+    ]
+  }
+}
\ No newline at end of file
diff --git a/tools/curl/viewEvent.sh b/tools/curl/viewEvent.sh
index 38f3f6491..2bff21d8e 100755
--- a/tools/curl/viewEvent.sh
+++ b/tools/curl/viewEvent.sh
@@ -1,2 +1,5 @@
 curl -H "Accept: application/xml" -H "Authorization: 3xoBdRRCjr3dLS0WyqETzWZrMhmpK5iNCGpQxgsR" \
 -X GET http://localhost:8888/events/$1
+
+#curl -H "Accept: application/json" -H "Authorization: 3xoBdRRCjr3dLS0WyqETzWZrMhmpK5iNCGpQxgsR" \
+#-X GET http://localhost:8888/events/$1

From f36cc43955a56d23ec8c8b67000d3893e994a0c2 Mon Sep 17 00:00:00 2001
From: Alexandru Ciobanu <iscandr@gmail.com>
Date: Sun, 17 Nov 2013 17:54:15 +0100
Subject: [PATCH 7/8] replace Risk with ThreatLevel [skip ci]     - Event.risk
 has been replaced by Event.threat_level_id.       all functionality remains
 the same and users should not see       any difference.       ENUM() used for
 Event.risk is vendor specific and requires       too many hacks to play
 nicely with bake.     - Added default schema file, SQL dumps should be
 avoided since       they make updating/upgrading a pain.     - Removed old
 unused schemas

---
 INSTALL/MYSQL.sql                             |  71 +++++--
 app/Config/Schema/db_correlation.php          |  27 ---
 app/Config/Schema/db_log.php                  |  28 ---
 app/Config/Schema/db_log.sql                  |  21 --
 app/Config/Schema/db_regexp.php               |  20 --
 app/Config/Schema/db_role.php                 |  49 -----
 app/Config/Schema/db_role.sql                 |  32 ---
 app/Config/Schema/db_whitelist.php            |  19 --
 .../Schema/{schema_0.2.3.php => schema.php}   | 183 +++++++++++++-----
 app/Config/Schema/schema_0.2.1.1.php          |  77 --------
 app/Config/Schema/schema_0.2.2.1.php          | 126 ------------
 app/Config/Schema/schema_0.2.2.php            |  79 --------
 .../Component/NidsExportComponent.php         |   6 +-
 app/Controller/EventsController.php           |  45 +++--
 app/Model/Event.php                           |  26 +--
 app/Model/ThreatLevel.php                     |  39 ++++
 app/Test/Case/Model/ThreatLevelTest.php       |  47 +++++
 app/Test/Fixture/ThreatLevelFixture.php       |  56 ++++++
 app/View/Events/add.ctp                       |  15 +-
 app/View/Events/edit.ctp                      |  15 +-
 app/View/Events/index.ctp                     |  50 ++---
 app/View/Events/view.ctp                      |  10 +-
 app/View/Users/admin_view.ctp                 |   4 +-
 23 files changed, 413 insertions(+), 632 deletions(-)
 mode change 100755 => 100644 INSTALL/MYSQL.sql
 delete mode 100755 app/Config/Schema/db_correlation.php
 delete mode 100755 app/Config/Schema/db_log.php
 delete mode 100755 app/Config/Schema/db_log.sql
 delete mode 100755 app/Config/Schema/db_regexp.php
 delete mode 100755 app/Config/Schema/db_role.php
 delete mode 100755 app/Config/Schema/db_role.sql
 delete mode 100755 app/Config/Schema/db_whitelist.php
 rename app/Config/Schema/{schema_0.2.3.php => schema.php} (53%)
 mode change 100755 => 100644
 delete mode 100755 app/Config/Schema/schema_0.2.1.1.php
 delete mode 100755 app/Config/Schema/schema_0.2.2.1.php
 delete mode 100755 app/Config/Schema/schema_0.2.2.php
 create mode 100644 app/Model/ThreatLevel.php
 create mode 100644 app/Test/Case/Model/ThreatLevelTest.php
 create mode 100644 app/Test/Fixture/ThreatLevelFixture.php

diff --git a/INSTALL/MYSQL.sql b/INSTALL/MYSQL.sql
old mode 100755
new mode 100644
index 7babccd53..738866c56
--- a/INSTALL/MYSQL.sql
+++ b/INSTALL/MYSQL.sql
@@ -13,13 +13,13 @@ CREATE TABLE IF NOT EXISTS `attributes` (
   `value2` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
   `to_ids` tinyint(1) NOT NULL DEFAULT '1',
   `uuid` varchar(40) COLLATE utf8_bin NOT NULL,
-  `timestamp` int(11) NOT NULL DEFAULT '0',
+  `timestamp` int(11) DEFAULT '0',
   `distribution` tinyint(4) NOT NULL DEFAULT '0',
-  `comment` text COLLATE utf8_bin NOT NULL,
+  `comment` text COLLATE utf8_bin,
   PRIMARY KEY (`id`),
   KEY `event_id` (`event_id`),
   KEY `uuid` (`uuid`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 
 -- --------------------------------------------------------
 
@@ -68,7 +68,8 @@ CREATE TABLE IF NOT EXISTS `correlations` (
   KEY `1_event_id` (`1_event_id`),
   KEY `1_attribute_id` (`1_attribute_id`),
   KEY `attribute_id` (`attribute_id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
+
 -- --------------------------------------------------------
 
 --
@@ -77,9 +78,9 @@ CREATE TABLE IF NOT EXISTS `correlations` (
 
 CREATE TABLE IF NOT EXISTS `events` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
+  `threat_level_id` int(11) DEFAULT NULL,
   `org` varchar(255) COLLATE utf8_bin NOT NULL,
   `date` date NOT NULL,
-  `risk` enum('Undefined','Low','Medium','High') COLLATE utf8_bin NOT NULL,
   `info` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
   `user_id` int(11) NOT NULL,
   `published` tinyint(1) NOT NULL DEFAULT '0',
@@ -94,7 +95,7 @@ CREATE TABLE IF NOT EXISTS `events` (
   PRIMARY KEY (`id`),
   KEY `uuid` (`uuid`),
   FULLTEXT KEY `info` (`info`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 
 -- --------------------------------------------------------
 
@@ -115,13 +116,14 @@ CREATE TABLE IF NOT EXISTS `logs` (
   `org` varchar(255) COLLATE utf8_bin DEFAULT NULL,
   `description` varchar(255) COLLATE utf8_bin DEFAULT NULL,
   PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 
 -- --------------------------------------------------------
 
 --
 -- Table structure for table `posts`
 --
+
 CREATE TABLE IF NOT EXISTS `posts` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
   `date_created` datetime NOT NULL,
@@ -131,7 +133,7 @@ CREATE TABLE IF NOT EXISTS `posts` (
   `post_id` int(11) NOT NULL DEFAULT '0',
   `thread_id` int(11) NOT NULL DEFAULT '0',
   PRIMARY KEY (`id`)
-) ENGINE=InnoDB  DEFAULT CHARSET=latin1 ;
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
 
 -- --------------------------------------------------------
 
@@ -145,7 +147,7 @@ CREATE TABLE IF NOT EXISTS `regexp` (
   `replacement` varchar(255) COLLATE utf8_bin NOT NULL,
   `type` varchar(100) COLLATE utf8_bin NOT NULL DEFAULT 'ALL',
   PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 
 -- --------------------------------------------------------
 
@@ -167,10 +169,10 @@ CREATE TABLE IF NOT EXISTS `roles` (
   `perm_audit` tinyint(1) DEFAULT NULL,
   `perm_full` tinyint(1) DEFAULT NULL,
   `perm_auth` tinyint(1) NOT NULL DEFAULT '0',
-  `perm_regexp_access` TINYINT( 1 ) NOT NULL DEFAULT  '0',
-  `perm_site_admin` TINYINT( 1 ) NOT NULL DEFAULT  '0',
+  `perm_regexp_access` tinyint(1) NOT NULL DEFAULT '0',
+  `perm_site_admin` tinyint(1) NOT NULL DEFAULT '0',
   PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=5 ;
 
 -- --------------------------------------------------------
 
@@ -189,7 +191,7 @@ CREATE TABLE IF NOT EXISTS `servers` (
   `lastpulledid` int(11) NOT NULL,
   `lastpushedid` int(11) NOT NULL,
   PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 
 -- --------------------------------------------------------
 
@@ -213,12 +215,14 @@ CREATE TABLE IF NOT EXISTS `shadow_attributes` (
   KEY `event_id` (`event_id`),
   KEY `uuid` (`uuid`),
   KEY `old_id` (`old_id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
+
 -- --------------------------------------------------------
 
 --
 -- Table structure for table `threads`
 --
+
 CREATE TABLE IF NOT EXISTS `threads` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
   `date_created` datetime NOT NULL,
@@ -230,7 +234,22 @@ CREATE TABLE IF NOT EXISTS `threads` (
   `title` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
   `org` varchar(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
   PRIMARY KEY (`id`)
-) ENGINE=InnoDB  DEFAULT CHARSET=latin1 ;
+) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `threat_levels`
+--
+
+CREATE TABLE IF NOT EXISTS `threat_levels` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` varchar(50) NOT NULL,
+  `description` varchar(255) DEFAULT NULL,
+  `form_description` varchar(255) NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+
 -- --------------------------------------------------------
 
 --
@@ -255,7 +274,7 @@ CREATE TABLE IF NOT EXISTS `users` (
   PRIMARY KEY (`id`),
   KEY `email` (`email`),
   KEY `password` (`password`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ;
 
 -- --------------------------------------------------------
 
@@ -267,7 +286,7 @@ CREATE TABLE IF NOT EXISTS `whitelist` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
   `name` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
   PRIMARY KEY (`id`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
 
 -- --------------------------------------------------------
 
@@ -275,9 +294,9 @@ CREATE TABLE IF NOT EXISTS `whitelist` (
 -- Default values for initial installation
 --
 
-INSERT INTO `regexp` 
+INSERT INTO `regexp`
   (`regexp`, `replacement`)
-VALUES 
+VALUES
   ('/.:.ProgramData./i','%ALLUSERSPROFILE%\\\\'),
   ('/.:.Documents and Settings.All Users./i','%ALLUSERSPROFILE%\\\\'),
   ('/.:.Program Files.Common Files./i','%COMMONPROGRAMFILES%\\\\'),
@@ -328,3 +347,17 @@ INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modi
 VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1');
 
 -- --------------------------------------------------------
+
+--
+-- Initial threat levels
+--
+
+
+INSERT INTO `threat_levels` (`id`, `name`, `description`, `form_description`)
+VALUES
+  (1,'High','*high* means sophisticated APT malware or 0-day attack','Sophisticated APT malware or 0-day attack'),
+  (2,'Medium','*medium* means APT malware','APT malware'),
+  (3,'Low','*low* means mass-malware','Mass-malware'),
+  (4,'Undefined','*undefined* no risk','No risk');
+
+-- --------------------------------------------------------
\ No newline at end of file
diff --git a/app/Config/Schema/db_correlation.php b/app/Config/Schema/db_correlation.php
deleted file mode 100755
index ba04fd751..000000000
--- a/app/Config/Schema/db_correlation.php
+++ /dev/null
@@ -1,27 +0,0 @@
-<?php
-class DbCorrelationSchema extends CakeSchema {
-
-	public $name = 'DbCorrelation';
-
-	public function before($event = array()) {
-		return true;
-	}
-
-	public function after($event = array()) {
-	}
-
-	public $correlations = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'date' => array('type' => 'date', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-}
\ No newline at end of file
diff --git a/app/Config/Schema/db_log.php b/app/Config/Schema/db_log.php
deleted file mode 100755
index 23b9e6ce2..000000000
--- a/app/Config/Schema/db_log.php
+++ /dev/null
@@ -1,28 +0,0 @@
-<?php 
-class DbLogSchema extends CakeSchema {
-
-	public $name = 'DbLog';
-
-	public function before($event = array()) {
-		return true;
-	}
-
-	public function after($event = array()) {
-	}
-
-	public $logs = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'title' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
-		'model' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'model_id' => array('type' => 'integer', 'null' => true, 'default' => null),
-		'action' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'user_id' => array('type' => 'integer', 'null' => true, 'default' => null),
-		'change' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'email' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'org' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-}
\ No newline at end of file
diff --git a/app/Config/Schema/db_log.sql b/app/Config/Schema/db_log.sql
deleted file mode 100755
index 226717d72..000000000
--- a/app/Config/Schema/db_log.sql
+++ /dev/null
@@ -1,21 +0,0 @@
--- Audit, log table
--- works in conjunction with:
--- https://github.com/alkemann/CakePHP-Assets/wiki
--- also described at:
--- http://bakery.cakephp.org/articles/alkemann/2008/10/21/logablebehavior
-
-DROP TABLE logs;
-CREATE TABLE logs (
-  id int(11) NOT NULL AUTO_INCREMENT,
-  title varchar(255),
-  created DATETIME,
-  description varchar(255),
-  model varchar(20),
-  model_id int(11),
-  action varchar(20),
-  user_id  int(11),
-  `change` varchar(255),
-  email  varchar(255),
-  org varchar(255) COLLATE utf8_bin,
-  PRIMARY KEY (id)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ;
\ No newline at end of file
diff --git a/app/Config/Schema/db_regexp.php b/app/Config/Schema/db_regexp.php
deleted file mode 100755
index 39f01ee51..000000000
--- a/app/Config/Schema/db_regexp.php
+++ /dev/null
@@ -1,20 +0,0 @@
-<?php
-class DbRegexpSchema extends CakeSchema {
-
-	public $name = 'DbRegexp';
-
-	public function before($event = array()) {
-		return true;
-	}
-
-	public function after($event = array()) {
-	}
-
-	public $regexp = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
-		'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-}
\ No newline at end of file
diff --git a/app/Config/Schema/db_role.php b/app/Config/Schema/db_role.php
deleted file mode 100755
index 2ac7075e9..000000000
--- a/app/Config/Schema/db_role.php
+++ /dev/null
@@ -1,49 +0,0 @@
-<?php
-class DbRoleSchema extends CakeSchema {
-
-	public $name = 'DbRole';
-
-	public function before($event = array()) {
-		return true;
-	}
-
-	public function after($event = array()) {
-		if (isset($event['create'])) {
-			switch ($event['create']) {
-				case 'roles':
-					// populate roles
-					//$roles = ClassRegistry::init('Role');
-					//$roles->create();
-					//$roles->save(array('Role' => array('name' => 'malware analyst', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => false, 'perm_full' => false)));
-					//$roles->create();
-					//$roles->save(array('Role' => array('name' => 'admin', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => true, 'perm_full' => true)));
-					//$roles->create();
-					//$roles->save(array('Role' => array('name' => 'IDS analyst', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => true, 'perm_full' => false)));
-					//$roles->create();
-					//$roles->save(array('Role' => array('name' => 'guest', 'perm_add' => false, 'perm_modify' => false, 'perm_publish' => false, 'perm_full' => false)));
-					// populate Users.role_id
-					//$users = ClassRegistry::init('User');
-					//$user = $users->read(null, '1');
-					//$users->saveField('role_id', '2');	// $user['User']['role_id'] = '2';
-					break;
-			}
-		}
-	}
-
-	public $roles = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
-		'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
-		'modified' => array('type' => 'datetime', 'null' => true, 'default' => null),
-		'perm_add' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_modify' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_modify_org' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_publish' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_sync' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_admin' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_audit' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_full' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
-	);
-}
\ No newline at end of file
diff --git a/app/Config/Schema/db_role.sql b/app/Config/Schema/db_role.sql
deleted file mode 100755
index 4c3a271bd..000000000
--- a/app/Config/Schema/db_role.sql
+++ /dev/null
@@ -1,32 +0,0 @@
--- ACL, role table
--- works in conjunction with: CakePHP AclComponent
-
-CREATE TABLE roles (
-    id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,
-    name VARCHAR(100) NOT NULL,
-    perm_add boolean,
-    perm_modify boolean,
-    perm_modify_org boolean,
-    perm_publish boolean,
-    perm_full boolean,
-    created DATETIME,
-    modified DATETIME
-);
-
--- ALTER TABLE users ADD COLUMN role_id INT(11);
-
--- data of Roles
--- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('malware analyst',true,true,false,false);
--- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('admin',true,true,true,true);
--- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('IDS analyst',true,true,true,false);
--- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('guest',false,false,false,false);
-
--- CakePHP AclComponent acor & aros tables
-
--- aros table (should be auto generated on role create)
--- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',1,1,2);
--- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',2,3,4);
--- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',3,5,6);
--- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',4,7,8);
-
--- aros_acos
diff --git a/app/Config/Schema/db_whitelist.php b/app/Config/Schema/db_whitelist.php
deleted file mode 100755
index 15b537c9d..000000000
--- a/app/Config/Schema/db_whitelist.php
+++ /dev/null
@@ -1,19 +0,0 @@
-<?php
-class DbWhitelistSchema extends CakeSchema {
-
-	public $name = 'DbWhitelist';
-
-	public function before($event = array()) {
-		return true;
-	}
-
-	public function after($event = array()) {
-	}
-
-	public $whitelist = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-}
diff --git a/app/Config/Schema/schema_0.2.3.php b/app/Config/Schema/schema.php
old mode 100755
new mode 100644
similarity index 53%
rename from app/Config/Schema/schema_0.2.3.php
rename to app/Config/Schema/schema.php
index 68e48ca56..d8956cb24
--- a/app/Config/Schema/schema_0.2.3.php
+++ b/app/Config/Schema/schema.php
@@ -1,8 +1,6 @@
-<?php
+<?php 
 class AppSchema extends CakeSchema {
 
-	public $file = 'schema_0.2.3.php';
-
 	public function before($event = array()) {
 		return true;
 	}
@@ -13,17 +11,20 @@ class AppSchema extends CakeSchema {
 	public $attributes = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
+		'value1' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
+		'value2' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
 		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
+		'timestamp' => array('type' => 'integer', 'null' => true, 'default' => '0'),
+		'distribution' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 4),
+		'comment' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1),
+			'event_id' => array('column' => 'event_id', 'unique' => 0),
+			'uuid' => array('column' => 'uuid', 'unique' => 0)
+		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 
@@ -31,41 +32,33 @@ class AppSchema extends CakeSchema {
 		'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
-		'indexes' => array(),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $correlations = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
+		'indexes' => array(
+			
+		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 
 	public $events = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
+		'threat_level_id' => array('type' => 'integer', 'null' => true, 'default' => null),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'date' => array('type' => 'date', 'null' => false, 'default' => null),
-		//'risk' ENUM
 		'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
-		//'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'revision' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 11),
-		'hop_count' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 11),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
+		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null),
+		'analysis' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
+		'orgc' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'timestamp' => array('type' => 'integer', 'null' => false, 'default' => '0'),
+		'distribution' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 4),
+		'proposal_email_lock' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
+		'locked' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1),
+			'uuid' => array('column' => 'uuid', 'unique' => 0),
+			'info' => array('column' => 'info', 'type' => 'fulltext')
+		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 
@@ -81,30 +74,57 @@ class AppSchema extends CakeSchema {
 		'email' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 
-	public $regex = array(
+	public $posts = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'regex' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'date_created' => array('type' => 'datetime', 'null' => false, 'default' => null),
+		'date_modified' => array('type' => 'datetime', 'null' => false, 'default' => null),
+		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
+		'contents' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
+		'post_id' => array('type' => 'integer', 'null' => false, 'default' => '0'),
+		'thread_id' => array('type' => 'integer', 'null' => false, 'default' => '0'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
+		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
+	);
+
+	public $regexp = array(
+		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
+		'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'type' => array('type' => 'string', 'null' => false, 'default' => 'ALL', 'length' => 100, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 
 	public $roles = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
+		'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
 		'modified' => array('type' => 'datetime', 'null' => true, 'default' => null),
 		'perm_add' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_modify' => array('type' => 'boolean', 'null' => true, 'default' => null),
+		'perm_modify_org' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_publish' => array('type' => 'boolean', 'null' => true, 'default' => null),
+		'perm_sync' => array('type' => 'boolean', 'null' => true, 'default' => null),
+		'perm_admin' => array('type' => 'boolean', 'null' => true, 'default' => null),
+		'perm_audit' => array('type' => 'boolean', 'null' => true, 'default' => null),
 		'perm_full' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'perm_auth' => array('type' => 'boolean', 'null' => true, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
+		'perm_auth' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
+		'perm_regexp_access' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
+		'perm_site_admin' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
+		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 
 	public $servers = array(
@@ -117,15 +137,65 @@ class AppSchema extends CakeSchema {
 		'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
 		'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 
+	public $shadow_attributes = array(
+		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
+		'old_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
+		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
+		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
+		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
+		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1),
+			'event_id' => array('column' => 'event_id', 'unique' => 0),
+			'uuid' => array('column' => 'uuid', 'unique' => 0),
+			'old_id' => array('column' => 'old_id', 'unique' => 0)
+		),
+		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
+	);
+
+	public $threads = array(
+		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
+		'date_created' => array('type' => 'datetime', 'null' => false, 'default' => null),
+		'date_modified' => array('type' => 'datetime', 'null' => false, 'default' => null),
+		'distribution' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
+		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
+		'post_count' => array('type' => 'integer', 'null' => false, 'default' => null),
+		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null),
+		'title' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
+		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
+		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
+	);
+
+	public $threat_levels = array(
+		'id' => array('type' => 'boolean', 'null' => false, 'default' => null, 'key' => 'primary'),
+		'name' => array('type' => 'string', 'null' => false, 'length' => 50, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'form_description' => array('type' => 'string', 'null' => false, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
+		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
+	);
+
 	public $users = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
 		'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
 		'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
 		'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
@@ -133,15 +203,24 @@ class AppSchema extends CakeSchema {
 		'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
 		'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
 		'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
-		'role_id' => array('type' => 'integer', 'null' => true, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
+		'role_id' => array('type' => 'integer', 'null' => false, 'default' => null),
+		'change_pw' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
+		'contactalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1),
+			'email' => array('column' => 'email', 'unique' => 0),
+			'password' => array('column' => 'password', 'unique' => 0)
+		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
 
-	public $whitelists = array(
+	public $whitelist = array(
 		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
+		'name' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
 		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
 	);
+
 }
diff --git a/app/Config/Schema/schema_0.2.1.1.php b/app/Config/Schema/schema_0.2.1.1.php
deleted file mode 100755
index 3b6d3bd0a..000000000
--- a/app/Config/Schema/schema_0.2.1.1.php
+++ /dev/null
@@ -1,77 +0,0 @@
-<?php
-class AppSchema extends CakeSchema {
-
-	public $file = 'schema_0.2.1.1.php';
-
-	public function before($event = array()) {
-		return true;
-	}
-
-	public function after($event = array()) {
-	}
-
-	public $attributes = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
-		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $bruteforces = array(
-		'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
-		'indexes' => array(),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $events = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'date' => array('type' => 'date', 'null' => false, 'default' => null),
-		'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $servers = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'lastfetchedid' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $users = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
-		'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-}
\ No newline at end of file
diff --git a/app/Config/Schema/schema_0.2.2.1.php b/app/Config/Schema/schema_0.2.2.1.php
deleted file mode 100755
index 0ea1bc187..000000000
--- a/app/Config/Schema/schema_0.2.2.1.php
+++ /dev/null
@@ -1,126 +0,0 @@
-<?php
-class AppSchema extends CakeSchema {
-
-	public $file = 'schema_0.2.2.1.php';
-
-	public function before($event = array()) {
-		return true;
-	}
-
-	public function after($event = array()) {
-		if (isset($event['update'])) {
-			switch ($event['update']) {
-				case 'users':
-					// TDDO Schema,Users.role_id is not here
-					break;
-			}
-		}
-	}
-
-	public $attributes = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
-		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $bruteforces = array(
-		'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
-		'indexes' => array(),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $correlations = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $events = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'date' => array('type' => 'date', 'null' => false, 'default' => null),
-		//'risk' ENUM
-		'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
-		//'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'revision' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 11),
-		'hop_count' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 11),
-		'analysis' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $regexp = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $servers = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'organization' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 10, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $users = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
-		'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
-		'role_id' => array('type' => 'integer', 'null' => true, 'default' => null),
-		'change_pw' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 1),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $whitelists = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-}
diff --git a/app/Config/Schema/schema_0.2.2.php b/app/Config/Schema/schema_0.2.2.php
deleted file mode 100755
index 217958cbe..000000000
--- a/app/Config/Schema/schema_0.2.2.php
+++ /dev/null
@@ -1,79 +0,0 @@
-<?php
-class AppSchema extends CakeSchema {
-
-	public $file = 'schema_0.2.2.php';
-
-	public function before($event = array()) {
-		return true;
-	}
-
-	public function after($event = array()) {
-	}
-
-	public $attributes = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
-		'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
-		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $bruteforces = array(
-		'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
-		'indexes' => array(),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $events = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'date' => array('type' => 'date', 'null' => false, 'default' => null),
-		//'risk' ENUM
-		'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
-		'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $servers = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-
-	public $users = array(
-		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
-		'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
-		'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
-		'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
-		'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
-		'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
-		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
-		'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
-	);
-}
\ No newline at end of file
diff --git a/app/Controller/Component/NidsExportComponent.php b/app/Controller/Component/NidsExportComponent.php
index bf6f9c557..967cda5f2 100755
--- a/app/Controller/Component/NidsExportComponent.php
+++ b/app/Controller/Component/NidsExportComponent.php
@@ -33,7 +33,7 @@ class NidsExportComponent extends Component {
 		$this->explain();
 		// generate the rules
 		foreach ($items as &$item) {
-			switch ($item['Event']['risk']) {
+			/*switch ($item['Event']['risk']) {
 				case 'Undefined':
 					$priority = '4';
 					break;
@@ -48,12 +48,12 @@ class NidsExportComponent extends Component {
 					break;
 				default:
 					$priority = '4';
-			}
+			}*/
 
 			# proto src_ip src_port direction dst_ip dst_port msg rule_content tag sid rev
 			$ruleFormatMsg = 'msg: "' . Configure::read('CyDefSIG.name') . ' e' . $item['Event']['id'] . ' %s"';
 			$ruleFormatReference = 'reference:url,' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $item['Event']['id'];
-			$ruleFormat = '%salert %s %s %s %s %s %s (' . $ruleFormatMsg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $priority . '; ' . $ruleFormatReference . ';) ';
+			$ruleFormat = '%salert %s %s %s %s %s %s (' . $ruleFormatMsg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $item['Event']['threat_level_id'] . '; ' . $ruleFormatReference . ';) ';
 
 			$sid = $startSid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type
 			$attribute = &$item['Attribute'];
diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php
index 7ec4e4964..0d10fbb79 100755
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@@ -149,6 +149,11 @@ class EventsController extends AppController {
 				}
 			}
 		}
+		$this->paginate = array('contain' => array(
+			'ThreatLevel' => array(
+				'fields' => array(
+					'ThreatLevel.name'))
+		));
 		$this->set('events', $this->paginate());
 		if (!$this->Auth->user('gpgkey')) {
 			$this->Session->setFlash(__('No GPG key set in your profile. To receive emails, submit your public key in your profile.'));
@@ -462,11 +467,9 @@ class EventsController extends AppController {
 		$this->set('distributionLevels', $this->Event->distributionLevels);
 
 		// combobox for risks
-		$risks = $this->Event->validate['risk']['rule'][1];
-		$risks = $this->_arrayToValuesIndexArray($risks);
-		$this->set('risks',$risks);
-		// tooltip for risk
-		$this->set('riskDescriptions', $this->Event->riskDescriptions);
+		$threat_levels = $this->Event->ThreatLevel->find('all');
+		$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
+		$this->set('riskDescriptions', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.form_description'));
 
 		// combobox for analysis
 		$analysiss = $this->Event->validate['analysis']['rule'][1];
@@ -590,7 +593,7 @@ class EventsController extends AppController {
 		}
 		// FIXME chri: validatebut  the necessity for all these fields...impact on security !
 		$fieldList = array(
-				'Event' => array('org', 'orgc', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'timestamp', 'distribution', 'locked'),
+				'Event' => array('org', 'orgc', 'date', 'threat_level_id', 'analysis', 'info', 'user_id', 'published', 'uuid', 'timestamp', 'distribution', 'locked'),
 				'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'timestamp', 'distribution')
 		);
 
@@ -624,7 +627,7 @@ class EventsController extends AppController {
 			return 'Event originated on this instance, any changes to it have to be done locally.';
 		}
 		$fieldList = array(
-				'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
+				'Event' => array('date', 'threat_level_id', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
 				'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'distribution', 'timestamp')
 		);
 		$data['Event']['id'] = $this->Event->data['Event']['id'];
@@ -715,7 +718,7 @@ class EventsController extends AppController {
 					}
 				}
 				$fieldList = array(
-						'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
+						'Event' => array('date', 'threat_level_id', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
 						'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'distribution', 'timestamp')
 				);
 
@@ -768,7 +771,7 @@ class EventsController extends AppController {
 				}
 			}
 			// say what fields are to be updated
-			$fieldList = array('date', 'risk', 'analysis', 'info', 'published', 'distribution', 'timestamp');
+			$fieldList = array('date', 'threat_level_id', 'analysis', 'info', 'published', 'distribution', 'timestamp');
 
 			$this->Event->read();
 			// always force the org, but do not force it for admins
@@ -801,12 +804,9 @@ class EventsController extends AppController {
 		$this->set('distributionLevels', $this->Event->distributionLevels);
 
 		// combobox for types
-		$risks = $this->Event->validate['risk']['rule'][1];
-		$risks = $this->_arrayToValuesIndexArray($risks);
-		$this->set('risks',$risks);
-
-		// tooltip for risk
-		$this->set('riskDescriptions', $this->Event->riskDescriptions);
+		$threat_levels = $this->Event->ThreatLevel->find('all');
+		$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
+		$this->set('riskDescriptions', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.form_description'));
 
 		// combobox for analysis
 		$analysiss = $this->Event->validate['analysis']['rule'][1];
@@ -1057,7 +1057,7 @@ class EventsController extends AppController {
 		if ('true' == Configure::read('CyDefSIG.showorg')) {
 			$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
 		}
-		$body .= 'Risk        : ' . $event['Event']['risk'] . "\n";
+		$body .= 'Risk        : ' . $event['ThreatLevel']['name'] . "\n";
 		$body .= 'Analysis    : ' . $this->Event->analysisLevels[$event['Event']['analysis']] . "\n";
 		$body .= 'Info  : ' . "\n";
 		$body .= $event['Event']['info'] . "\n";
@@ -1119,7 +1119,7 @@ class EventsController extends AppController {
 					// prepare the the unencrypted email
 					$this->Email->from = Configure::read('CyDefSIG.email');
 					$this->Email->to = $user['User']['email'];
-					$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
+					$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['ThreatLevel']['name'] . " - TLP Amber";
 					$this->Email->template = 'body';
 					$this->Email->sendAs = 'text';	// both text or html
 					$this->set('body', $bodySigned);
@@ -1148,7 +1148,7 @@ class EventsController extends AppController {
 				// send the email
 				$this->Email->from = Configure::read('CyDefSIG.email');
 				$this->Email->to = $user['User']['email'];
-				$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
+				$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['ThreatLevel']['name'] . " - TLP Amber";
 				$this->Email->template = 'body';
 				$this->Email->sendAs = 'text';		// both text or html
 
@@ -1274,7 +1274,7 @@ class EventsController extends AppController {
 		if ('true' == Configure::read('CyDefSIG.showorg')) {
 			$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
 		}
-		$body .= 'Risk		: ' . $event['Event']['risk'] . "\n";
+		$body .= 'Risk		: ' . $event['ThreatLevel']['name'] . "\n";
 		$body .= 'Analysis  : ' . $event['Event']['analysis'] . "\n";
 		$relatedEvents = $this->Event->getRelatedEvents($this->Auth->user(), $this->_isSiteAdmin());
 		if (!empty($relatedEvents)) {
@@ -1481,7 +1481,7 @@ class EventsController extends AppController {
 		// $conditions['AND'][] = array('Event.published =' => 1);
 
 		// do not expose all the data ...
-		$fields = array('Event.id', 'Event.org', 'Event.date', 'Event.risk', 'Event.info', 'Event.published', 'Event.uuid', 'Event.attribute_count', 'Event.analysis', 'Event.timestamp', 'Event.distribution', 'Event.proposal_email_lock', 'Event.orgc', 'Event.user_id', 'Event.locked');
+		$fields = array('Event.id', 'Event.org', 'Event.date','Event.info', 'Event.published', 'Event.uuid', 'Event.attribute_count', 'Event.analysis', 'Event.timestamp', 'Event.distribution', 'Event.proposal_email_lock', 'Event.orgc', 'Event.user_id', 'Event.locked');
 		$fieldsAtt = array('Attribute.id', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.uuid', 'Attribute.event_id', 'Attribute.distribution', 'Attribute.timestamp', 'Attribute.comment');
 		$fieldsShadowAtt = array('ShadowAttribute.id', 'ShadowAttribute.type', 'ShadowAttribute.category', 'ShadowAttribute.value', 'ShadowAttribute.to_ids', 'ShadowAttribute.uuid', 'ShadowAttribute.event_id', 'ShadowAttribute.old_id');
 
@@ -1489,6 +1489,9 @@ class EventsController extends AppController {
 				'recursive' => 0,
 				'fields' => $fields,
 				'contain' => array(
+						'ThreatLevel' => array(
+							'fields' => array('ThreatLevel.name')
+						),
 						'Attribute' => array(
 								'fields' => $fieldsAtt,
 								'conditions' => $conditionsAttributes,
@@ -2289,7 +2292,7 @@ class EventsController extends AppController {
 		$date = new DateTime();
 		$data['Event']['info'] = 'Test event showing every category-type combination';
 		$data['Event']['date'] = '2013-10-09';
-		$data['Event']['risk'] = 'Undefined';
+		$data['Event']['threat_level_id'] = 4; //'Undefined'
 		$data['Event']['analysis'] = '0';
 		$data['Event']['distribution'] = '0';
 
diff --git a/app/Model/Event.php b/app/Model/Event.php
index 9ba033e25..96b9a183d 100644
--- a/app/Model/Event.php
+++ b/app/Model/Event.php
@@ -34,7 +34,7 @@ class Event extends AppModel {
  * @var array
  */
 	public $fieldDescriptions = array(
-		'risk' => array('desc' => 'Risk levels: *low* means mass-malware, *medium* means APT malware, *high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Risk levels: low: mass-malware medium: APT malware high: sophisticated APT malware or 0-day attack'),
+		'threat_level_id' => array('desc' => 'Risk levels: *low* means mass-malware, *medium* means APT malware, *high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Risk levels: low: mass-malware medium: APT malware high: sophisticated APT malware or 0-day attack'),
 		'classification' => array('desc' => 'Set the Traffic Light Protocol classification. <ol><li><em>TLP:AMBER</em>- Share only within the organization on a need-to-know basis</li><li><em>TLP:GREEN:NeedToKnow</em>- Share within your constituency on the need-to-know basis.</li><li><em>TLP:GREEN</em>- Share within your constituency.</li></ol>'),
 		'submittedgfi' => array('desc' => 'GFI sandbox: export upload', 'formdesc' => 'GFI sandbox: export upload'),
 		'submittedioc' => array('desc' => '', 'formdesc' => ''),
@@ -42,12 +42,12 @@ class Event extends AppModel {
 		'distribution' => array('desc' => 'Describes who will have access to the event.')
 	);
 
-	public $riskDescriptions = array(
+	/*public $riskDescriptions = array(
 		'Undefined' => array('desc' => '*undefined* no risk', 'formdesc' => 'No risk'),
 		'Low' => array('desc' => '*low* means mass-malware', 'formdesc' => 'Mass-malware'),
 		'Medium' => array('desc' => '*medium* means APT malware', 'formdesc' => 'APT malware'),
 		'High' => array('desc' => '*high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Sophisticated APT malware or 0-day attack')
-	);
+	);*/
 
 	public $analysisDescriptions = array(
 		0 => array('desc' => '*Initial* means the event has just been created', 'formdesc' => 'Creation started'),
@@ -106,14 +106,14 @@ class Event extends AppModel {
 				//'on' => 'create', // Limit validation to 'create' or 'update' operations
 			),
 		),
-		'risk' => array(
-				'rule' => array('inList', array('Undefined', 'Low','Medium','High')),
-				'message' => 'Options : Undefined, Low, Medium, High',
-				//'allowEmpty' => false,
-				'required' => true,
-				//'last' => false, // Stop validation after this rule
-				//'on' => 'create', // Limit validation to 'create' or 'update' operations
+		'threat_level_id' => array(
+			'notempty' => array(
+				'rule' => array('notempty'),
+				//'message' => 'Please specify threat level',
+				'required' => true
+			),
 		),
+
 		'distribution' => array(
 			'rule' => array('inList', array('0', '1', '2', '3')),
 			'message' => 'Options : Your organisation only, This community only, Connected communities, All communities',
@@ -219,6 +219,10 @@ class Event extends AppModel {
 			'conditions' => '',
 			'fields' => '',
 			'order' => ''
+		),
+		'ThreatLevel' => array(
+			'className' => 'ThreatLevel',
+			'foreignKey' => 'threat_level_id'
 		)
 	);
 
@@ -574,7 +578,7 @@ class Event extends AppModel {
 					$newTextBody = $response->body();
 					return 404;
 					break;
-				case '405': 
+				case '405':
 					return 405;
 					break;
 				case '403': // Not authorised
diff --git a/app/Model/ThreatLevel.php b/app/Model/ThreatLevel.php
new file mode 100644
index 000000000..f098d9e6c
--- /dev/null
+++ b/app/Model/ThreatLevel.php
@@ -0,0 +1,39 @@
+<?php
+App::uses('AppModel', 'Model');
+
+class ThreatLevel extends AppModel {
+
+	public $validate = array(
+		'name' => array(
+			'notEmpty' => array(
+				'rule' => array('notEmpty'),
+				'required' => true
+			),
+		),
+		'description' => array(
+			'notEmpty' => array(
+				'rule' => array('notEmpty'),
+			),
+		),
+		'form_description' => array(
+			'notEmpty' => array(
+				'rule' => array('notEmpty'),
+				'required' => true
+			),
+		),
+	);
+
+/**
+ * hasMany associations
+ *
+ * @var array
+ */
+	/*public $hasMany = array(
+		'Event' => array(
+			'className' => 'Event',
+			'foreignKey' => 'threat_level_id',
+			'dependent' => false,
+		)
+	);*/
+
+}
diff --git a/app/Test/Case/Model/ThreatLevelTest.php b/app/Test/Case/Model/ThreatLevelTest.php
new file mode 100644
index 000000000..86c9f9b3e
--- /dev/null
+++ b/app/Test/Case/Model/ThreatLevelTest.php
@@ -0,0 +1,47 @@
+<?php
+App::uses('ThreatLevel', 'Model');
+
+/**
+ * ThreatLevel Test Case
+ *
+ */
+class ThreatLevelTest extends CakeTestCase {
+
+/**
+ * Fixtures
+ *
+ * @var array
+ */
+	public $fixtures = array(
+		'app.threat_level',
+		'app.event',
+		'app.user',
+		'app.role',
+		'app.post',
+		'app.thread',
+		'app.attribute',
+		'app.shadow_attribute'
+	);
+
+/**
+ * setUp method
+ *
+ * @return void
+ */
+	public function setUp() {
+		parent::setUp();
+		$this->ThreatLevel = ClassRegistry::init('ThreatLevel');
+	}
+
+/**
+ * tearDown method
+ *
+ * @return void
+ */
+	public function tearDown() {
+		unset($this->ThreatLevel);
+
+		parent::tearDown();
+	}
+
+}
diff --git a/app/Test/Fixture/ThreatLevelFixture.php b/app/Test/Fixture/ThreatLevelFixture.php
new file mode 100644
index 000000000..f13d331e9
--- /dev/null
+++ b/app/Test/Fixture/ThreatLevelFixture.php
@@ -0,0 +1,56 @@
+<?php
+/**
+ * ThreatLevelFixture
+ *
+ */
+class ThreatLevelFixture extends CakeTestFixture {
+
+/**
+ * Fields
+ *
+ * @var array
+ */
+	public $fields = array(
+		'id' => array('type' => 'boolean', 'null' => false, 'default' => null, 'key' => 'primary'),
+		'name' => array('type' => 'string', 'null' => false, 'length' => 50, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'form_description' => array('type' => 'string', 'null' => false, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
+		'indexes' => array(
+			'PRIMARY' => array('column' => 'id', 'unique' => 1)
+		),
+		'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
+	);
+
+/**
+ * Records
+ *
+ * @var array
+ */
+	public $records = array(
+		array(
+			'id' => 1,
+			'name' => 'High',
+			'description' => '*high* means sophisticated APT malware or 0-day attack',
+			'form_description' => 'Sophisticated APT malware or 0-day attack'
+		),
+		array(
+			'id' => 2,
+			'name' => 'Medium',
+			'description' => '*medium* means APT malware',
+			'form_description' => 'APT malware'
+		),
+		array(
+			'id' => 3,
+			'name' => 'Low',
+			'description' => '*low* means mass-malware',
+			'form_description' => 'Mass-malware'
+		),
+		array(
+			'id' => 4,
+			'name' => 'Undefined',
+			'description' => '*undefined* no risk',
+			'form_description' => 'No risk'
+		),
+	);
+
+}
diff --git a/app/View/Events/add.ctp b/app/View/Events/add.ctp
index e5d87e114..0774dfd78 100755
--- a/app/View/Events/add.ctp
+++ b/app/View/Events/add.ctp
@@ -18,7 +18,7 @@
 					'selected' => $initialDistribution,
 					));
 		}
-		echo $this->Form->input('risk', array(
+		echo $this->Form->input('threat_level_id', array(
 				'div' => 'input clear'
 				));
 		echo $this->Form->input('analysis', array(
@@ -41,7 +41,7 @@ echo $this->Form->end();
 ?>
 </div>
 
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'event-collection', 'menuItem' => 'add'));
 ?>
 
@@ -51,7 +51,7 @@ echo $this->Form->end();
 //
 var formInfoValues = {
 		'EventDistribution' : new Array(),
-		'EventRisk' : new Array(),
+		'EventThreatLevelId' : new Array(),
 		'EventAnalysis' : new Array()
 };
 
@@ -61,8 +61,7 @@ foreach ($distributionDescriptions as $type => $def) {
 	echo "formInfoValues['EventDistribution']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";	// as we output JS code we need to add slashes
 }
 foreach ($riskDescriptions as $type => $def) {
-	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
-	echo "formInfoValues['EventRisk']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";	// as we output JS code we need to add slashes
+	echo "formInfoValues['EventThreatLevelId']['" . addslashes($type) . "'] = \"" . addslashes($def) . "\";\n";	// as we output JS code we need to add slashes
 }
 foreach ($analysisDescriptions as $type => $def) {
 	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
@@ -72,11 +71,11 @@ foreach ($analysisDescriptions as $type => $def) {
 
 $(document).ready(function() {
 
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseleave', function(e) {
 	    $('#'+e.currentTarget.id).popover('destroy');
 	});
 
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseover', function(e) {
 	    var $e = $(e.target);
 	    if ($e.is('option')) {
 	        $('#'+e.currentTarget.id).popover('destroy');
@@ -91,7 +90,7 @@ $(document).ready(function() {
 	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
 	// disadvangate is that user needs to click on the item to see the tooltip.
 	// no solutions exist, except to generate the select completely using html.
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('change', function(e) {
 		var $e = $(e.target);
         $('#'+e.currentTarget.id).popover('destroy');
         $('#'+e.currentTarget.id).popover({
diff --git a/app/View/Events/edit.ctp b/app/View/Events/edit.ctp
index 7039b52ae..9e475d4c9 100755
--- a/app/View/Events/edit.ctp
+++ b/app/View/Events/edit.ctp
@@ -14,7 +14,7 @@ if ('true' == Configure::read('CyDefSIG.sync')) {
 		'label' => 'Distribution',
 	));
 }
-	echo $this->Form->input('risk', array(
+	echo $this->Form->input('threat_level_id', array(
 			'div' => 'input clear'
 			));
 	echo $this->Form->input('analysis', array(
@@ -32,7 +32,7 @@ echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
 echo $this->Form->end();
 ?>
 </div>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'editEvent'));
 ?>
 
@@ -42,7 +42,7 @@ echo $this->Form->end();
 //
 var formInfoValues = {
 		'EventDistribution' : new Array(),
-		'EventRisk' : new Array(),
+		'EventThreatLevelId' : new Array(),
 		'EventAnalysis' : new Array()
 };
 
@@ -52,8 +52,7 @@ foreach ($distributionDescriptions as $type => $def) {
 	echo "formInfoValues['EventDistribution']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";	// as we output JS code we need to add slashes
 }
 foreach ($riskDescriptions as $type => $def) {
-	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
-	echo "formInfoValues['EventRisk']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n";	// as we output JS code we need to add slashes
+	echo "formInfoValues['EventThreatLevelId']['" . addslashes($type) . "'] = \"" . addslashes($def) . "\";\n";	// as we output JS code we need to add slashes
 }
 foreach ($analysisDescriptions as $type => $def) {
 	$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
@@ -63,11 +62,11 @@ foreach ($analysisDescriptions as $type => $def) {
 
 $(document).ready(function() {
 
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseleave', function(e) {
 	    $('#'+e.currentTarget.id).popover('destroy');
 	});
 
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseover', function(e) {
 	    var $e = $(e.target);
 	    if ($e.is('option')) {
 	        $('#'+e.currentTarget.id).popover('destroy');
@@ -82,7 +81,7 @@ $(document).ready(function() {
 	// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
 	// disadvangate is that user needs to click on the item to see the tooltip.
 	// no solutions exist, except to generate the select completely using html.
-	$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
+	$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('change', function(e) {
 		var $e = $(e.target);
         $('#'+e.currentTarget.id).popover('destroy');
         $('#'+e.currentTarget.id).popover({
diff --git a/app/View/Events/index.ctp b/app/View/Events/index.ctp
index 5a19b10d6..b3af55000 100755
--- a/app/View/Events/index.ctp
+++ b/app/View/Events/index.ctp
@@ -100,18 +100,18 @@
 				<span id="searchorg"><br/>
 				<?php
 				echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
-				echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
-				echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
-				echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
-				echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
+				echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
+				echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
+				echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
+				echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
 				echo $this->Form->input('searchorg', array(
 					'value' => $this->passedArgs['searchorg'],
 					'label' => '',
 					'class' => 'input-mini'));
-				?>
-					<input type="submit" style="visibility:collapse;" />
-				<?php
-					echo $this->Form->end();
+				?>
+					<input type="submit" style="visibility:collapse;" />
+				<?php
+					echo $this->Form->end();
 				?>
 				</span>
 			</th>
@@ -135,8 +135,8 @@
 				<div id="searchdate" class="input-append input-prepend">
 							<?php
 							echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
-							echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
-							echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
+							echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
+							echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
 							echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
 							echo $this->Form->input('searchDatefrom', array(
 									'value' => $this->passedArgs['searchDatefrom'],
@@ -153,15 +153,15 @@
 									'class' => 'span1 datepicker',
 									'div' => false
 									));
-							?>
-								<input type="submit" style="visibility:collapse;" />
-							<?php
-								echo $this->Form->end();
+							?>
+								<input type="submit" style="visibility:collapse;" />
+							<?php
+								echo $this->Form->end();
 							?>
 				</div>
 			</th>
-			<th title="<?php echo $eventDescriptions['risk']['desc'];?>">
-				<?php echo $this->Paginator->sort('risk');?>
+			<th title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>">
+				<?php echo $this->Paginator->sort('threat_level_id');?>
 			</th>
 			<th title="<?php echo $eventDescriptions['analysis']['desc'];?>">
 				<?php echo $this->Paginator->sort('analysis');?>
@@ -172,18 +172,18 @@
 				<span id="searchinfo"><br/>
 				<?php
 					echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
-					echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
-					echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
-					echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
+					echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
+					echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
+					echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
 					echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
 					echo $this->Form->input('searchinfo', array(
 							'value' => $this->passedArgs['searchinfo'],
 							'label' => '',
 							'class' => 'input-large'));
-				?>
-					<input type="submit" style="visibility:collapse;" />
-				<?php
-					echo $this->Form->end();
+				?>
+					<input type="submit" style="visibility:collapse;" />
+				<?php
+					echo $this->Form->end();
 				?>
 				</span>
 			</th>
@@ -246,7 +246,7 @@
 				<?php echo $event['Event']['date']; ?>&nbsp;
 			</td>
 			<td class="short" onclick="location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
-				<?php echo $event['Event']['risk']; ?>&nbsp;
+				<?php echo $event['ThreatLevel']['name']; ?>&nbsp;
 			</td>
 			<td class="short" onclick="location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
 				<?php echo $analysisLevels[$event['Event']['analysis']]; ?>&nbsp;
@@ -294,7 +294,7 @@
         </ul>
     </div>
 </div>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'event-collection', 'menuItem' => 'index'));
 ?>
 
diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp
index cfdcb9fc5..dfc59c98e 100755
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@@ -2,7 +2,7 @@
 $mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['orgc'] == $me['org']));
 $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 ?>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'viewEvent'));
 ?>
 
@@ -54,9 +54,9 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 					<?php echo h($event['Event']['date']); ?>
 					&nbsp;
 				</dd>
-				<dt title="<?php echo $eventDescriptions['risk']['desc'];?>">Risk</dt>
+				<dt title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>">Risk</dt>
 				<dd>
-					<?php echo h($event['Event']['risk']); ?>
+					<?php echo h($event['ThreatLevel']['name']); ?>
 					&nbsp;
 				</dd>
 				<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>">Analysis</dt>
@@ -203,7 +203,7 @@ if (!empty($event['Attribute'])):?>
 			$first = 0;
 			?>
 				<ul class="inline" style="margin:0px;">
-			<?php 
+			<?php
 			if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
 				foreach ($relatedAttributes[$attribute['id']] as $relatedAttribute) {
 					echo '<li style="padding-right: 0px; padding-left:0px;" title ="' . h($relatedAttribute['info']) . '"><span>';
@@ -394,7 +394,7 @@ if (!empty($event['Attribute'])):?>
 				endif; ?>
 		</div>
 		<div id="discussions_div">
-			<?php 
+			<?php
 				echo $this->element('eventdiscussion');
 			?>
 		</div>
diff --git a/app/View/Users/admin_view.ctp b/app/View/Users/admin_view.ctp
index f32eec03f..2eb97ccdb 100755
--- a/app/View/Users/admin_view.ctp
+++ b/app/View/Users/admin_view.ctp
@@ -112,7 +112,7 @@ if (h($user['User']['change_pw']) == 1) {
 				</td>
 				<td><?php echo h($event['id']);?></td>
 				<td><?php echo h($event['date']);?></td>
-				<td><?php echo h($event['risk']);?></td>
+				<td><?php echo h($event['threat_level_id']);?></td>
 				<td><?php echo h($event['info']);?></td>
 				<td><?php echo h($event['uuid']);?></td>
 				<td><?php echo h($event['distribution']);?></td>
@@ -131,6 +131,6 @@ if (h($user['User']['change_pw']) == 1) {
 	endif; ?>
 	</div>
 </div>
-<?php 
+<?php
 	echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'viewUser'));
 ?>
\ No newline at end of file

From 5f155f47ccf9a074df7e60eadef22555c69d9b48 Mon Sep 17 00:00:00 2001
From: Alexandru Ciobanu <iscandr@gmail.com>
Date: Mon, 18 Nov 2013 16:36:18 +0100
Subject: [PATCH 8/8] Fixed validation on Event::_add() Try atomic save for
 events Add threat level to JSON sample

---
 app/Controller/EventsController.php | 2 +-
 tools/curl/input/event.json         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php
index 0d10fbb79..21efd62fc 100755
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@@ -597,7 +597,7 @@ class EventsController extends AppController {
 				'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'timestamp', 'distribution')
 		);
 
-		$saveResult = $this->Event->saveAssociated($data, array('validate' => false, 'fieldList' => $fieldList,
+		$saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList,
 			'atomic' => true));
 		// FIXME chri: check if output of $saveResult is what we expect when data not valid, see issue #104
 		if ($saveResult) {
diff --git a/tools/curl/input/event.json b/tools/curl/input/event.json
index f0c6619db..5dbe07233 100644
--- a/tools/curl/input/event.json
+++ b/tools/curl/input/event.json
@@ -3,7 +3,7 @@
     "id": "15",
     "org": "ORG",
     "date": "2012-04-12",
-    "risk": "Medium",
+    "threat_level_id": "4",
     "info": "info",
     "user_id": "1",
     "uuid": "4f8c2c4e-00dc-42c9-83ad-76e9ff32448e",