MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [events:export] Make setting `MISP.disable_cached_exports` enabled by default 

Since the /events/export has been marked deprecated for a years started
the process to phase it out by first disabling the endpoint by default.
pull/9538/head
Sami Mokaddem 2024-01-31 14:26:22 +01:00
parent 0ac2468c28
commit 51840a0697
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
4 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Controller/EventsController.php
View File

@ -3331,7 +3331,7 @@ class EventsController extends AppController
$this->Flash->info(__('Warning, you are logged in as a site admin, any export that you generate will contain the FULL UNRESTRICTED data-set. If you would like to generate an export for your own organisation, please log in with a different user.'));
}
// Check if the background jobs are enabled - if not, fall back to old export page.
if (Configure::read('MISP.background_jobs') && !Configure::read('MISP.disable_cached_exports')) {
if (Configure::read('MISP.background_jobs') && !Configure::read('MISP.disable_cached_exports', true)) {
$now = time();
// as a site admin we'll use the ADMIN identifier, not to overwrite the cached files of our own org with a file that includes too much data.
@ -3418,7 +3418,7 @@ class EventsController extends AppController
public function downloadExport($type, $extra = null)
{
if (Configure::read('MISP.disable_cached_exports')) {
if (Configure::read('MISP.disable_cached_exports', true)) {
throw new MethodNotAllowedException(__('This feature is currently disabled'));
}
if ($this->_isSiteAdmin()) {

2
app/Controller/JobsController.php
View File

@ -151,7 +151,7 @@ class JobsController extends AppController
public function cache($type)
{
if (Configure::read('MISP.disable_cached_exports')) {
if (Configure::read('MISP.disable_cached_exports', true)) {
throw new MethodNotAllowedException('This feature is currently disabled');
}
if (!$this->request->is('post')) {

6
app/Model/Server.php
View File

@ -5173,9 +5173,9 @@ class Server extends AppModel
'type' => 'string',
),
'disable_cached_exports' => array(
'level' => 1,
'description' => __('Cached exports can take up a considerable amount of space and can be disabled instance wide using this setting. Disabling the cached exports is not recommended as it\'s a valuable feature, however, if your server is having free space issues it might make sense to take this step.'),
'value' => false,
'level' => 2,
'description' => __('Cached exports can take up a considerable amount of space and can be disabled instance wide using this setting. Even tough the feature is deprecated and will be removed in the future, you can still decide to enable it.'),
'value' => true,
'null' => true,
'test' => 'testDisableCache',
'type' => 'boolean',

4
app/View/Events/export.ctp
View File

@ -3,6 +3,10 @@
<p><?php echo __('Export functionality is designed to automatically generate signatures for intrusion detection systems. To enable signature generation for a given attribute, Signature field of this attribute must be set to Yes.
Note that not all attribute types are applicable for signature generation, currently we only support NIDS signature generation for IP, domains, host names, user agents etc., and hash list generation for MD5/SHA1 values of file artifacts. Support for more attribute types is planned.');?>
<br/>
<?php if (Configure::read('MISP.disable_cached_exports', true)): ?>
<div class="alert alert-error"><p><?= __('This feature is disabled') ?></p></div>
<?php return ?>
<?php endif; ?>
<p><?php echo __('Simply click on any of the following buttons to download the appropriate data.');?></p>
<?php $i = 0;?>
<script type="text/javascript">