mirror of https://github.com/MISP/MISP
new: [internal / API] new component added to handle repeatable code across all controllers (toolbox controller)
- added UUID -> ID lookup function and integrated it across several functions - fixes #4990 - fixes #4999 - fixes #4993 - fixes #4991 - fixes #4989 - fixes #4987pull/5005/head
parent
bbd881d4f7
commit
519e110f9f
|
@ -90,7 +90,8 @@ class AppController extends Controller
|
|||
'Security',
|
||||
'ACL',
|
||||
'RestResponse',
|
||||
'Flash'
|
||||
'Flash',
|
||||
'Toolbox'
|
||||
//,'DebugKit.Toolbar'
|
||||
);
|
||||
|
||||
|
|
|
@ -0,0 +1,32 @@
|
|||
<?php
|
||||
|
||||
class ToolboxComponent extends Component
|
||||
{
|
||||
public function findIdByUuid($model, $id, $allowEmpty = false) {
|
||||
if (empty($id) && $allowEmpty) {
|
||||
return $id;
|
||||
}
|
||||
if (Validation::uuid($id)) {
|
||||
$data = $model->find('first', array(
|
||||
'conditions' => array($model->name . '.uuid' => $id),
|
||||
'recursive' => -1,
|
||||
'fields' => array($model->name . '.id')
|
||||
));
|
||||
return $data[$model->name]['id'];
|
||||
} else {
|
||||
if (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid %s.', $model->name));
|
||||
}
|
||||
$data = $model->find('first', array(
|
||||
'conditions' => array($model->name . '.id' => $id),
|
||||
'recursive' => -1,
|
||||
'fields' => array($model->name . '.id')
|
||||
));
|
||||
if (empty($data)) {
|
||||
throw new NotFoundException(__('Invalid %s.', $model->name));
|
||||
} else {
|
||||
return $id;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1517,20 +1517,7 @@ class EventsController extends AppController
|
|||
public function view($id = null, $continue=false, $fromEvent=null)
|
||||
{
|
||||
// find the id of the event, change $id to it and proceed to read the event as if the ID was entered.
|
||||
if (Validation::uuid($id)) {
|
||||
$this->Event->recursive = -1;
|
||||
$temp = $this->Event->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array('Event.uuid' => $id),
|
||||
'fields' => array('Event.id', 'Event.uuid')
|
||||
));
|
||||
if ($temp == null) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
}
|
||||
$id = $temp['Event']['id'];
|
||||
} elseif (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
}
|
||||
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
|
||||
$this->Event->id = $id;
|
||||
if (!$this->Event->exists()) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
@ -2426,6 +2413,7 @@ class EventsController extends AppController
|
|||
|
||||
public function unpublish($id = null)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
|
||||
$this->Event->id = $id;
|
||||
if (!$this->Event->exists()) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
@ -2475,6 +2463,7 @@ class EventsController extends AppController
|
|||
// Publishes the event without sending an alert email
|
||||
public function publish($id = null)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
|
||||
$this->Event->id = $id;
|
||||
if (!$this->Event->exists()) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
@ -2545,6 +2534,7 @@ class EventsController extends AppController
|
|||
// Users with a GnuPG key will get the mail encrypted, other users will get the mail unencrypted
|
||||
public function alert($id = null)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
|
||||
$this->Event->id = $id;
|
||||
$this->Event->recursive = 0;
|
||||
if (!$this->Event->exists()) {
|
||||
|
@ -5585,6 +5575,7 @@ class EventsController extends AppController
|
|||
// #TODO i18n
|
||||
public function pushEventToZMQ($id)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
|
||||
if ($this->request->is('Post')) {
|
||||
if (Configure::read('Plugin.ZeroMQ_enable')) {
|
||||
$pubSubTool = $this->Event->getPubSubTool();
|
||||
|
|
|
@ -266,6 +266,7 @@ class FeedsController extends AppController
|
|||
|
||||
public function edit($feedId)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->Feed, $id);
|
||||
$this->Feed->id = $feedId;
|
||||
if (!$this->Feed->exists()) {
|
||||
throw new NotFoundException(__('Invalid feed.'));
|
||||
|
|
|
@ -49,22 +49,15 @@ class GalaxiesController extends AppController
|
|||
|
||||
public function view($id)
|
||||
{
|
||||
if (!is_numeric($id) && !Validation::uuid($id)) {
|
||||
throw new NotFoundException('Invalid galaxy.');
|
||||
}
|
||||
$id = $this->Toolbox->findIdByUuid($this->Galaxy, $id);
|
||||
if (isset($this->params['named']['searchall']) && strlen($this->params['named']['searchall']) > 0) {
|
||||
$this->set('passedArgsArray', array('all' => $this->params['named']['searchall']));
|
||||
}
|
||||
if (Validation::uuid($id)) {
|
||||
$conditions = array('Galaxy.uuid' => $id);
|
||||
} else {
|
||||
$conditions = array('Galaxy.id' => $id);
|
||||
}
|
||||
if ($this->_isRest()) {
|
||||
$galaxy = $this->Galaxy->find('first', array(
|
||||
'contain' => array('GalaxyCluster' => array('GalaxyElement'/*, 'GalaxyReference'*/)),
|
||||
'recursive' => -1,
|
||||
'conditions' => $conditions
|
||||
'conditions' => array('Galaxy.id' => $id)
|
||||
));
|
||||
if (empty($galaxy)) {
|
||||
throw new NotFoundException('Galaxy not found.');
|
||||
|
@ -73,7 +66,7 @@ class GalaxiesController extends AppController
|
|||
} else {
|
||||
$galaxy = $this->Galaxy->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => $conditions
|
||||
'conditions' => array('Galaxy.id' => $id)
|
||||
));
|
||||
if (empty($galaxy)) {
|
||||
throw new NotFoundException('Galaxy not found.');
|
||||
|
|
|
@ -602,19 +602,10 @@ class ObjectsController extends AppController
|
|||
|
||||
public function delete($id, $hard = false)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
|
||||
if (!$this->userRole['perm_modify']) {
|
||||
throw new MethodNotAllowedException(__('You don\'t have permissions to delete objects.'));
|
||||
}
|
||||
if (Validation::uuid($id)) {
|
||||
$this->MispObject->recursive = -1;
|
||||
$temp = $this->MispObject->findByUuid($id);
|
||||
if ($temp == null) {
|
||||
throw new NotFoundException('Invalid object.');
|
||||
}
|
||||
$id = $temp['Object']['id'];
|
||||
} elseif (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid object.'));
|
||||
}
|
||||
$object = $this->MispObject->find('first', array(
|
||||
'recursive' => -1,
|
||||
'fields' => array('Object.id', 'Object.event_id', 'Event.id', 'Event.uuid', 'Event.orgc_id'),
|
||||
|
@ -784,13 +775,9 @@ class ObjectsController extends AppController
|
|||
|
||||
public function view($id)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->Event, $id);
|
||||
if ($this->_isRest()) {
|
||||
if (Validation::uuid($id)) {
|
||||
$conditions = array('Object.uuid' => $id);
|
||||
} else {
|
||||
$conditions = array('Object.id' => $id);
|
||||
}
|
||||
$objects = $this->MispObject->fetchObjects($this->Auth->user(), array('conditions' => $conditions));
|
||||
$objects = $this->MispObject->fetchObjects($this->Auth->user(), array('conditions' => array('Object.id' => $id)));
|
||||
if (!empty($objects)) {
|
||||
$object = $objects[0];
|
||||
if (!empty($object['Event'])) {
|
||||
|
|
|
@ -670,6 +670,7 @@ class ShadowAttributesController extends AppController
|
|||
// if any of these fields is set, it will create a proposal
|
||||
public function edit($id = null)
|
||||
{
|
||||
$id = $this->Toolbox->findIdByUuid($this->ShadowAttribute->Event->Attribute, $id);
|
||||
$existingAttribute = $this->ShadowAttribute->Event->Attribute->fetchAttributes($this->Auth->user(), array(
|
||||
'contain' => array('Event' => array('fields' => array('Event.id', 'Event.orgc_id', 'Event.org_id', 'Event.distribution', 'Event.uuid'))),
|
||||
'conditions' => array('Attribute.id' => $id),
|
||||
|
@ -922,18 +923,10 @@ class ShadowAttributesController extends AppController
|
|||
} else {
|
||||
$all = 1;
|
||||
}
|
||||
$eventId = $this->Toolbox->findIdByUuid($this->ShadowAttribute->Event, $eventId, true);
|
||||
if ($eventId && is_numeric($eventId)) {
|
||||
$conditions['ShadowAttribute.event_id'] = $eventId;
|
||||
}
|
||||
if (Validation::uuid($eventId)) {
|
||||
$temp = $this->ShadowAttribute->Event->find('first', array('recursive' => -1, 'fields' => array('Event.id'), 'conditions' => array('Event.uuid' => $eventId)));
|
||||
if (empty($temp)) {
|
||||
$id = -1;
|
||||
} else {
|
||||
$id = $temp['Event']['id'];
|
||||
}
|
||||
$conditions['ShadowAttribute.event_id'] = $id;
|
||||
}
|
||||
$temp = $this->ShadowAttribute->buildConditions($this->Auth->user());
|
||||
if (!empty($temp)) {
|
||||
$conditions['AND'][] = $temp;
|
||||
|
|
|
@ -228,11 +228,8 @@ class SightingsController extends AppController
|
|||
if (!$this->request->is('post')) {
|
||||
throw new MethodNotAllowedException('This action can only be accessed via a post request.');
|
||||
}
|
||||
if (Validation::uuid($id)) {
|
||||
$conditions = array('Sighting.uuid' => $id);
|
||||
} else {
|
||||
$conditions = array('Sighting.id' => $id);
|
||||
}
|
||||
$id = $this->Toolbox->findIdByUuid($this->Sighting, $id);
|
||||
$conditions = array('Sighting.id' => $id);
|
||||
$sighting = $this->Sighting->find('first', array('conditions' => $conditions, 'recursive' => -1));
|
||||
if (empty($sighting)) {
|
||||
throw new NotFoundException('Invalid sighting.');
|
||||
|
|
Loading…
Reference in New Issue