MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'objects_wip' into 2.4

pull/2489/head
iglocska 2017-09-18 17:37:42 +02:00
parent 535421fee5 f61fb8190e
commit 5c07fc3e68
76 changed files with 6486 additions and 1147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -29,6 +29,8 @@
!/app/files/warninglists/*
!/app/files/misp-galaxy
!/app/files/misp-galaxy/*
!/app/files/misp-objects
!/app/files/misp-objects/*
/app/files/scripts/python-stix/
/app/files/scripts/python-cybox/
/app/files/scripts/mixbox/

4
.gitmodules vendored
View File

@ -21,6 +21,10 @@
[submodule "app/files/misp-galaxy"]
path = app/files/misp-galaxy
url = https://github.com/MISP/misp-galaxy
[submodule "app/files/misp-objects"]
path = app/files/misp-objects
url = https://github.com/MISP/misp-objects
[submodule "misp-vagrant"]
path = misp-vagrant
url = https://github.com/MISP/misp-vagrant.git

154
INSTALL/MYSQL.sql
View File

@ -20,6 +20,8 @@ CREATE TABLE IF NOT EXISTS `admin_settings` (
CREATE TABLE IF NOT EXISTS `attributes` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`event_id` int(11) NOT NULL,
`object_id` int(11) NOT NULL DEFAULT 0,
`object_relation` varchar(255) COLLATE utf8_bin,
`category` varchar(255) COLLATE utf8_bin NOT NULL,
`type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`value1` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
@ -34,6 +36,8 @@ CREATE TABLE IF NOT EXISTS `attributes` (
`disable_correlation` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
INDEX `event_id` (`event_id`),
INDEX `object_id` (`object_id`),
INDEX `object_relation` (`object_relation`),
INDEX `value1` (`value1`(255)),
INDEX `value2` (`value2`(255)),
INDEX `type` (`type`),
@ -418,6 +422,131 @@ CREATE TABLE IF NOT EXISTS `org_blacklists` (
-- --------------------------------------------------------
--
-- Table structure for table `objects`
--
CREATE TABLE IF NOT EXISTS objects (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`meta-category` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`description` text CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`template_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`template_version` int(11) NOT NULL,
`event_id` int(11) NOT NULL,
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`timestamp` int(11) NOT NULL DEFAULT 0,
`distribution` tinyint(4) NOT NULL DEFAULT 0,
`sharing_group_id` int(11),
`comment` text COLLATE utf8_bin NOT NULL,
`deleted` TINYINT NOT NULL DEFAULT 0,
PRIMARY KEY (id),
INDEX `name` (`name`),
INDEX `template_uuid` (`template_uuid`),
INDEX `template_version` (`template_version`),
INDEX `meta-category` (`meta-category`),
INDEX `event_id` (`event_id`),
INDEX `uuid` (`uuid`),
INDEX `timestamp` (`timestamp`),
INDEX `distribution` (`distribution`),
INDEX `sharing_group_id` (`sharing_group_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `object_object_references`
--
CREATE TABLE IF NOT EXISTS object_references (
`id` int(11) NOT NULL AUTO_INCREMENT,
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`timestamp` int(11) NOT NULL DEFAULT 0,
`object_id` int(11) NOT NULL,
`event_id` int(11) NOT NULL,
`source_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`referenced_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`referenced_id` int(11) NOT NULL,
`referenced_type` int(11) NOT NULL DEFAULT 0,
`relationship_type` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`comment` text COLLATE utf8_bin NOT NULL,
`deleted` TINYINT NOT NULL DEFAULT 0,
PRIMARY KEY (id),
INDEX `source_uuid` (`source_uuid`),
INDEX `referenced_uuid` (`referenced_uuid`),
INDEX `timestamp` (`timestamp`),
INDEX `object_id` (`object_id`),
INDEX `referenced_id` (`referenced_id`),
INDEX `relationship_type` (`relationship_type`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `object_relationships`
--
CREATE TABLE IF NOT EXISTS object_relationships (
`id` int(11) NOT NULL AUTO_INCREMENT,
`version` int(11) NOT NULL,
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`description` text COLLATE utf8_bin NOT NULL,
`format` text COLLATE utf8_bin NOT NULL,
PRIMARY KEY (id),
INDEX `name` (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `object_templates`
--
CREATE TABLE IF NOT EXISTS object_templates (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`org_id` int(11) NOT NULL,
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`meta-category` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`description` text COLLATE utf8_bin,
`version` int(11) NOT NULL,
`requirements` text COLLATE utf8_bin,
`fixed` tinyint(1) NOT NULL DEFAULT 0,
`active` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (id),
INDEX `user_id` (`user_id`),
INDEX `org_id` (`org_id`),
INDEX `uuid` (`uuid`),
INDEX `name` (`name`),
INDEX `meta-category` (`meta-category`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `object_template_elements`
--
CREATE TABLE IF NOT EXISTS object_template_elements (
`id` int(11) NOT NULL AUTO_INCREMENT,
`object_template_id` int(11) NOT NULL,
`object_relation` varchar(255) CHARACTER SET utf8 COLLATE utf8_bin,
`type` varchar(255) CHARACTER SET utf8 COLLATE utf8_bin,
`ui-priority` int(11) NOT NULL,
`categories` text COLLATE utf8_bin,
`sane_default` text COLLATE utf8_bin,
`values_list` text COLLATE utf8_bin,
`description` text COLLATE utf8_bin,
`disable_correlations` tinyint(1) NOT NULL DEFAULT 0,
`multiple` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (id),
INDEX `object_relation` (`object_relation`),
INDEX `type` (`type`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
--
-- Table structure for table `organisations`
--
@ -513,6 +642,7 @@ CREATE TABLE IF NOT EXISTS `roles` (
`perm_sharing_group` tinyint(1) NOT NULL DEFAULT 0,
`perm_tag_editor` tinyint(1) NOT NULL DEFAULT 0,
`perm_sighting` tinyint(1) NOT NULL DEFAULT 0,
`perm_object_template` tinyint(1) NOT NULL DEFAULT 0,
`default_role` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
@ -1061,23 +1191,23 @@ INSERT INTO `feeds` (`id`, `provider`, `name`, `url`, `distribution`, `default`,
-- 7. Read Only - read
--
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `default_role`)
VALUES (1, 'admin', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `default_role`)
VALUES (1, 'admin', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `default_role`)
VALUES (2, 'Org Admin', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `default_role`)
VALUES (2, 'Org Admin', NOW(), NOW(), 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `default_role`)
VALUES (3, 'User', NOW(), NOW(), 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `default_role`)
VALUES (3, 'User', NOW(), NOW(), 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `default_role`)
VALUES (4, 'Publisher', NOW(), NOW(), 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `default_role`)
VALUES (4, 'Publisher', NOW(), NOW(), 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `default_role`)
VALUES (5, 'Sync user', NOW(), NOW(), 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 1, 1, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `default_role`)
VALUES (5, 'Sync user', NOW(), NOW(), 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `default_role`)
VALUES (6, 'Read Only', NOW(), NOW(), 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0);
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`, `perm_regexp_access`, `perm_tagger`, `perm_site_admin`, `perm_template`, `perm_sharing_group`, `perm_tag_editor`, `perm_delegate`, `perm_sighting`, `perm_object_template`, `default_role`)
VALUES (6, 'Read Only', NOW(), NOW(), 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
-- --------------------------------------------------------

2
PyMISP

@ -1 +1 @@
Subproject commit bfa5b67c1d17467ae18b29cb1e328a19698a3146
Subproject commit 6eb807381dfa3d2a9dd2a42fdd219d6f3cdfd1ff

2
VERSION.json
View File

@ -1 +1 @@
{"major":2, "minor":4, "hotfix":79}
{"major":2, "minor":4, "hotfix":80}

120
app/Controller/AttributesController.php
View File

@ -345,7 +345,6 @@ class AttributesController extends AppController {
$success = 0;
foreach ($this->request->data['Attribute']['values'] as $k => $value) {
// Check if there were problems with the file upload
// only keep the last part of the filename, this should prevent directory attacks
$filename = basename($value['name']);
@ -361,36 +360,39 @@ class AttributesController extends AppController {
}
if ($this->request->data['Attribute']['malware']) {
$result = $this->Event->Attribute->handleMaliciousBase64($this->request->data['Attribute']['event_id'], $filename, base64_encode($tmpfile->read()), array_keys($hashes));
if (!$result['success']) {
$this->Session->setFlash(__('There was a problem to upload the file.', true), 'default', array(), 'error');
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
}
foreach ($hashes as $hash => $typeName) {
if (!$result[$hash]) continue;
$attribute = array(
'Attribute' => array(
'value' => $filename . '|' . $result[$hash],
'category' => $this->request->data['Attribute']['category'],
'type' => $typeName,
'event_id' => $this->request->data['Attribute']['event_id'],
'comment' => $this->request->data['Attribute']['comment'],
'to_ids' => 1,
'distribution' => $this->request->data['Attribute']['distribution'],
'sharing_group_id' => isset($this->request->data['Attribute']['sharing_group_id']) ? $this->request->data['Attribute']['sharing_group_id'] : 0,
)
if ($this->request->data['Attribute']['advanced']) {
$result = $this->Attribute->advancedAddMalwareSample($tmpfile);
if ($result) $success++;
else $fails[] = $filename;
} else {
$result = $this->Attribute->simpleAddMalwareSample(
$eventId,
$this->request->data['Attribute']['category'],
$this->request->data['Attribute']['distribution'],
$this->request->data['Attribute']['distribution'] == 4 ? $this->request->data['Attribute']['sharing_group_id'] : 0,
$this->request->data['Attribute']['comment'],
$filename,
$tmpfile
);
if ($hash == 'md5') $attribute['Attribute']['data'] = $result['data'];
$this->Attribute->create();
$r = $this->Attribute->save($attribute);
if ($r == false) {
if ($hash == 'md5') {
$fails[] = $filename;
} else {
$partialFails[] = '[' . $typeName . ']' . $filename;
if ($result) $success++;
else $fails[] = $filename;
}
if (!empty($result)) {
foreach ($result['Object'] as $object) {
$object['distribution'] = $this->request->data['Attribute']['distribution'];
$object['sharing_group_id'] = isset($this->request->data['Attribute']['distribution']) ? $this->request->data['Attribute']['distribution'] : 0;
if (!empty($object['Attribute'])) {
foreach ($object['Attribute'] as $k => $attribute) {
if ($attribute['value'] == $tmpfile->name) $object['Attribute'][$k]['value'] = $value['name'];
}
}
$this->loadModel('MispObject');
$this->MispObject->captureObject(array('Object' => $object), $eventId, $this->Auth->user());
}
if (!empty($result['ObjectReference'])) {
foreach ($result['ObjectReference'] as $reference) {
$this->MispObject->ObjectReference->smartSave($reference, $eventId);
}
} else {
if ($hash == 'md5') $success++;
}
}
} else {
@ -413,9 +415,8 @@ class AttributesController extends AppController {
else $success++;
}
}
$message = 'The attachment(s) have been uploaded.';
if (!empty($partialFails)) $message .= ' Some of the hashes however could not be generated.';
if (!empty($partialFails)) $message .= ' Some of the attributes however could not be created.';
if (!empty($fails)) $message = 'Some of the attachments failed to upload. The failed files were: ' . implode(', ', $fails) . ' - This can be caused by the attachments already existing in the event.';
if (empty($success)) {
if (empty($fails)) $message = 'The attachment(s) could not be saved. please contact your administrator.';
@ -729,12 +730,29 @@ class AttributesController extends AppController {
// enabling / disabling the distribution field in the edit view based on whether user's org == orgc in the event
$this->Event->read();
if ($this->Attribute->save($this->request->data)) {
if ($this->Attribute->data['Attribute']['object_id']) {
$result = $this->Attribute->save($this->request->data, array('Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.comment', 'Attribute.distribution', 'Attribute.sharing_group_id'));
$this->Attribute->Object->updateTimestamp($id);
} else {
$result = $this->Attribute->save($this->request->data);
}
if ($result) {
$this->Session->setFlash(__('The attribute has been saved'));
// remove the published flag from the event
$this->Event->unpublishEvent($eventId);
$this->Event->set('timestamp', $date->getTimestamp());
$this->Event->set('published', 0);
$this->Event->save($this->Event->data, array('fieldList' => array('published', 'timestamp', 'info')));
if (!empty($this->Attribute->data['Attribute']['object_id'])) {
$object = $this->Attribute->Object->find('first', array(
'recursive' => -1,
'conditions' => array('Object.id' => $this->Attribute->data['Attribute']['object_id'])
));
if (!empty($object)) {
$object['Object']['timestamp'] = $date->getTimestamp();
$this->Attribute->Object->save($object);
}
}
if ($this->_isRest() || $this->response->type() === 'application/json') {
$saved_attribute = $this->Attribute->find('first', array(
'conditions' => array('id' => $this->Attribute->id),
@ -760,7 +778,11 @@ class AttributesController extends AppController {
$this->request->data = $this->Attribute->read(null, $id);
}
$this->set('attribute', $this->request->data);
if ($this->request->data['Attribute']['object_id']) {
$this->set('objectAttribute', true);
} else {
$this->set('objectAttribute', false);
}
// enabling / disabling the distribution field in the edit view based on whether user's org == orgc in the event
$this->loadModel('Event');
$this->Event->id = $eventId;
@ -777,9 +799,6 @@ class AttributesController extends AppController {
$types = $this->_arrayToValuesIndexArray($types);
$this->set('types', $types);
// combobox for categories
$categories = array_keys($this->Attribute->categoryDefinitions);
$categories = $this->_arrayToValuesIndexArray($categories);
$this->set('categories', $categories);
$this->set('currentDist', $this->Event->data['Event']['distribution']);
$this->loadModel('SharingGroup');
@ -802,7 +821,23 @@ class AttributesController extends AppController {
$this->set('info', $info);
$this->set('attrDescriptions', $this->Attribute->fieldDescriptions);
$this->set('typeDefinitions', $this->Attribute->typeDefinitions);
$this->set('categoryDefinitions', $this->Attribute->categoryDefinitions);
$categoryDefinitions = $this->Attribute->categoryDefinitions;
$categories = array_keys($this->Attribute->categoryDefinitions);
$categories = $this->_arrayToValuesIndexArray($categories);
if ($this->request->data['Attribute']['object_id']) {
foreach ($categoryDefinitions as $k => $v) {
if (!in_array($this->request->data['Attribute']['type'], $v['types'])) {
unset($categoryDefinitions[$k]);
}
}
foreach ($categories as $k => $v) {
if (!isset($categoryDefinitions[$k])) {
unset($categories[$k]);
}
}
}
$this->set('categories', $categories);
$this->set('categoryDefinitions', $categoryDefinitions);
}
// ajax edit - post a single edited field and this method will attempt to save it and return a json with the validation errors if they occur.
@ -1041,6 +1076,17 @@ class AttributesController extends AppController {
$result['Attribute']['deleted'] = 1;
$result['Attribute']['timestamp'] = $date->getTimestamp();
$save = $this->Attribute->save($result);
$object_refs = $this->Attribute->Object->ObjectReference->find('all', array(
'conditions' => array(
'ObjectReference.referenced_type' => 0,
'ObjectReference.referenced_id' => $id,
),
'recursive' => -1
));
foreach ($object_refs as $ref) {
$ref['ObjectReference']['deleted'] = 1;
$this->Attribute->Object->ObjectReference->save($ref);
}
}
// attachment will be deleted with the beforeDelete() function in the Model
if ($save) {

33
app/Controller/Component/ACLComponent.php
View File

@ -105,9 +105,11 @@ class ACLComponent extends Component {
'freeTextImport' => array('perm_add'),
'hids' => array('*'),
'index' => array('*'),
'massDelete' => array('perm_site_admin'),
'nids' => array('*'),
'proposalEventIndex' => array('*'),
'publish' => array('perm_publish'),
'pushEventToZMQ' => array('perm_site_admin'),
'pushProposals' => array('perm_sync'),
'queryEnrichment' => array('perm_add'),
'removePivot' => array('*'),
@ -189,6 +191,35 @@ class ACLComponent extends Component {
'delete' => array(),
'index' => array('*'),
),
'objects' => array(
'add' => array('perm_add'),
'addValueField' => array('perm_add'),
'delete' => array('perm_add'),
'edit' => array('perm_add'),
'get_row' => array('perm_add'),
'revise_object' => array('perm_add'),
'view' => array('*'),
),
'objectReferences' => array(
'add' => array('perm_add'),
'delete' => array('perm_add'),
'view' => array('*'),
),
'objectTemplates' => array(
'activate' => array(),
'add' => array('perm_object_template'),
'edit' => array('perm_object_template'),
'delete' => array('perm_object_template'),
'getToggleField' => array(),
'objectChoice' => array('*'),
'view' => array('*'),
'viewElements' => array('*'),
'index' => array('*'),
'update' => array('perm_site_admin')
),
'objectTemplateElements' => array(
'viewElements' => array('*')
),
'orgBlacklists' => array(
'add' => array(),
'delete' => array(),
@ -215,6 +246,7 @@ class ACLComponent extends Component {
'add' => array('*'),
'delete' => array('*'),
'edit' => array('*'),
'pushMessageToZMQ' => array('perm_site_admin')
),
'regexp' => array(
'admin_add' => array('perm_regexp_access'),
@ -243,6 +275,7 @@ class ACLComponent extends Component {
'fetchServersForSG' => array('*'),
'filterEventIndex' => array(),
'getGit' => array(),
'getInstanceUUID' => array('perm_sync'),
'getPyMISPVersion' => array('*'),
'getVersion' => array('*'),
'index' => array('OR' => array('perm_sync', 'perm_admin')),

24
app/Controller/EventsController.php
View File

@ -715,6 +715,9 @@ class EventsController extends AppController {
}
public function viewEventAttributes($id, $all = false) {
if (isset($this->params['named']['focus'])) {
$this->set('focus', $this->params['named']['focus']);
}
$conditions = array('eventid' => $id);
if (isset($this->params['named']['deleted']) && $this->params['named']['deleted']) {
$conditions['deleted'] = 1;
@ -722,7 +725,7 @@ class EventsController extends AppController {
$results = $this->Event->fetchEvent($this->Auth->user(), $conditions);
if (empty($results)) throw new NotFoundException('Invalid event');
$event = $results[0];
$emptyEvent = (!isset($event['Attribute']) || empty($event['Attribute']));
$emptyEvent = (empty($event['Object']) && empty($event['Attribute']));
$this->set('emptyEvent', $emptyEvent);
$params = $this->Event->rearrangeEventForView($event, $this->passedArgs, $all);
$this->params->params['paging'] = array($this->modelClass => $params);
@ -773,13 +776,23 @@ class EventsController extends AppController {
$this->disableCache();
$this->layout = 'ajax';
$this->loadModel('Sighting');
$uriArray = explode('/', $this->params->here);
foreach ($uriArray as $k => $v) {
if (strpos($v, ':')) {
$temp = explode(':', $v);
if ($temp[0] == 'focus') {
unset($uriArray[$k]);
}
}
$this->params->here = implode('/', $uriArray);
}
$this->set('sightingTypes', $this->Sighting->type);
$this->set('currentUri', $this->params->here);
$this->render('/Elements/eventattribute');
}
private function __viewUI($event, $continue, $fromEvent) {
$emptyEvent = (!isset($event['Attribute']) || empty($event['Attribute']));
$emptyEvent = (empty($event['Object']) && empty($event['Attribute']));
$this->set('emptyEvent', $emptyEvent);
$attributeCount = isset($event['Attribute']) ? count($event['Attribute']) : 0;
$this->set('attribute_count', $attributeCount);
@ -893,6 +906,13 @@ class EventsController extends AppController {
$this->set('typeGroups', array_keys($this->Event->Attribute->typeGroupings));
$this->loadModel('Sighting');
$this->set('sightingTypes', $this->Sighting->type);
$attributeUri = '/events/viewEventAttributes/' . $event['Event']['id'];
foreach ($this->params->named as $k => $v) {
if (!is_numeric($k)) {
$attributeUri .= '/' . $v;
}
}
$this->set('currentUri', $attributeUri);
}
public function view($id = null, $continue=false, $fromEvent=null) {

217
app/Controller/ObjectReferencesController.php Normal file
View File

@ -0,0 +1,217 @@
<?php
App::uses('AppController', 'Controller');
class ObjectReferencesController extends AppController {
public $components = array('Security' ,'RequestHandler', 'Session');
public $paginate = array(
'limit' => 20,
'order' => array(
'ObjectReference.id' => 'desc'
),
);
public function add($objectId) {
if (Validation::uuid($objectId)) {
$temp = $this->ObjectReference->Object->find('first', array(
'recursive' => -1,
'fields' => array('Object.id'),
'conditions' => array('Object.uuid' => $objectId)
));
if (empty($temp)) throw new NotFoundException('Invalid Object');
$objectId = $temp['Object']['id'];
} else if (!is_numeric($objectId)) {
throw new NotFoundException(__('Invalid object'));
}
$object = $this->ObjectReference->Object->find('first', array(
'conditions' => array('Object.id' => $objectId),
'recursive' => -1,
'contain' => array(
'Event' => array(
'fields' => array('Event.id', 'Event.orgc_id')
)
)
));
if (!$this->userRole['perm_add']) {
throw new MethodNotAllowedException('You don\'t have the required permissions to add object reference.');
}
if (empty($object) || (!$this->_isSiteAdmin() && $object['Event']['orgc_id'] != $this->Auth->user('orgc_id'))) {
throw new MethodNotAllowedException('Invalid object.');
}
$this->set('objectId', $objectId);
if ($this->request->is('post')) {
$data = array();
if (!isset($this->request->data['ObjectReference'])) {
$this->request->data['ObjectReference'] = $this->request->data;
}
$referenced_type = 1;
$target_object = $this->ObjectReference->Object->find('first', array(
'conditions' => array('Object.uuid' => $this->request->data['ObjectReference']['uuid']),
'recursive' => -1,
'fields' => array('Object.id', 'Object.uuid', 'Object.event_id')
));
if (!empty($target_object)) {
$referenced_id = $target_object['Object']['id'];
$referenced_uuid = $target_object['Object']['uuid'];
if ($target_object['Object']['event_id'] != $object['Event']['id']) {
throw new NotFoundException('Invalid target. Target has to be within the same event.');
}
} else {
$target_attribute = $this->ObjectReference->Object->Attribute->find('first', array(
'conditions' => array('Attribute.uuid' => $this->request->data['ObjectReference']['uuid']),
'recursive' => -1,
'fields' => array('Attribute.id', 'Attribute.uuid', 'Attribute.event_id')
));
if (empty($target_attribute)) {
throw new NotFoundException('Invalid target.');
}
if ($target_attribute['Attribute']['event_id'] != $object['Event']['id']) {
throw new NotFoundException('Invalid target. Target has to be within the same event.');
}
$referenced_id = $target_attribute['Attribute']['id'];
$referenced_uuid = $target_attribute['Attribute']['uuid'];
$referenced_type = 0;
}
$relationship_type = empty($this->request->data['ObjectReference']['relationship_type']) ? '' : $this->request->data['ObjectReference']['relationship_type'];
if (!empty($this->request->data['ObjectReference']['relationship_type_select']) && $this->request->data['ObjectReference']['relationship_type_select'] !== 'custom') {
$relationship_type = $this->request->data['ObjectReference']['relationship_type_select'];
}
$data = array(
'referenced_type' => $referenced_type,
'referenced_id' => $referenced_id,
'referenced_uuid' => $referenced_uuid,
'relationship_type' => $relationship_type,
'comment' => !empty($this->request->data['ObjectReference']['comment']) ? $this->request->data['ObjectReference']['comment'] : '',
'event_id' => $object['Event']['id'],
'object_uuid' => $object['Object']['uuid'],
'object_id' => $objectId,
'referenced_type' => $referenced_type,
'uuid' => CakeText::uuid()
);
$this->ObjectReference->create();
$result = $this->ObjectReference->save(array('ObjectReference' => $data));
if ($result) {
$this->ObjectReference->updateTimestamps($this->id, $data);
if ($this->_isRest()) {
$object = $this->ObjectReference->find("first", array(
'recursive' => -1,
'conditions' => array('ObjectReference.id' => $this->ObjectReference->id)
));
return $this->RestResponse->viewData($object, $this->response->type());
} else if ($this->request->is('ajax')) {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Object reference added.')),'status'=>200, 'type' => 'json'));
}
} else {
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('ObjectReferences', 'add', false, $this->ObjectReference->validationErrors, $this->response->type());
} else if ($this->request->is('ajax')) {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Object reference could not be added.')),'status'=>200, 'type' => 'json'));
}
}
} else {
if ($this->_isRest()) {
return $this->RestResponse->describe('ObjectReferences', 'add', false, $this->response->type());
} else {
$event = $this->ObjectReference->Object->Event->find('first', array(
'conditions' => array('Event.id' => $object['Event']['id']),
'recursive' => -1,
'fields' => array('Event.id'),
'contain' => array(
'Attribute' => array(
'conditions' => array('Attribute.deleted' => 0, 'Attribute.object_id' => 0),
'fields' => array('Attribute.id', 'Attribute.uuid', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids')
),
'Object' => array(
'conditions' => array('Object.deleted' => 0),
'conditions' => array('NOT' => array('Object.id' => $objectId)),
'fields' => array('Object.id', 'Object.uuid', 'Object.name', 'Object.meta-category'),
'Attribute' => array(
'conditions' => array('Attribute.deleted' => 0),
'fields' => array('Attribute.id', 'Attribute.uuid', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids')
)
)
)
));
$toRearrange = array('Attribute', 'Object');
foreach ($toRearrange as $d) {
if (!empty($event[$d])) {
$temp = array();
foreach ($event[$d] as $data) {
$temp[$data['uuid']] = $data;
}
$event[$d] = $temp;
}
}
$this->loadModel('ObjectRelationship');
$relationshipsTemp = $this->ObjectRelationship->find('all', array(
'recursive' => -1
));
$relationships = array();
$relationshipMetadata = array();
foreach ($relationshipsTemp as $k => $v) {
$relationshipMetadata[$v['ObjectRelationship']['name']] = $v;
$relationships[$v['ObjectRelationship']['name']] = $v['ObjectRelationship']['name'];
}
$relationships['custom'] = 'custom';
$this->set('relationships', $relationships);
$this->set('event', $event);
$this->set('objectId', $objectId);
$this->layout = 'ajax';
$this->render('ajax/add');
}
}
}
public function delete($id, $hard = false) {
if (Validation::uuid($id)) {
$temp = $this->ObjectReference->find('first', array(
'recursive' => -1,
'fields' => array('ObjectReference.id'),
'conditions' => array('ObjectReference.uuid' => $id)
));
if (empty($temp)) throw new NotFoundException('Invalid object reference');
$id = $temp['ObjectReference']['id'];
} else if (!is_numeric($id)) {
throw new NotFoundException(__('Invalid object reference'));
}
$objectReference = $this->ObjectReference->find('first', array(
'conditions' => array('ObjectReference.id' => $id),
'recursive' => -1,
'contain' => array('Object' => array('Event'))
));
if (empty($objectReference)) {
throw new MethodNotAllowedException('Invalid object reference.');
}
if (!$this->_isSiteAdmin() && $this->Auth->user('org_id') != $objectReference['Object']['Event']['orgc_id']) {
throw new MethodNotAllowedException('Invalid object reference.');
}
if ($this->request->is('post') || $this->request->is('put') || $this->request->is('delete')) {
$result = $this->ObjectReference->smartDelete($objectReference['ObjectReference']['id'], $hard);
if ($result === true) {
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('ObjectReferences', 'delete', $id, $this->response->type());
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Object reference deleted.')), 'status'=>200, 'type' => 'json'));
}
} else {
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('ObjectReferences', 'delete', $id, $result, $this->response->type());
} else {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Object reference was not deleted.')), 'status'=>200, 'type' => 'json'));
}
}
} else {
$this->set('hard', $hard);
$this->set('id', $id);
$this->set('event_id', $objectReference['Object']['Event']['id']);
$this->render('ajax/delete');
}
}
public function view($id) {
}
}

23
app/Controller/ObjectTemplateElementsController.php Normal file
View File

@ -0,0 +1,23 @@
<?php
App::uses('AppController', 'Controller');
class ObjectTemplateElementsController extends AppController {
public $components = array('Security' ,'RequestHandler', 'Session');
public $paginate = array(
'limit' => 60,
'order' => array(
'ObjectTemplateElement.id' => 'desc'
),
'recursive' => -1
);
public function viewElements($id, $context = 'all') {
$this->paginate['conditions'] = array('ObjectTemplateElement.object_template_id' => $id);
$elements = $this->paginate();
$this->set('list', $elements);
$this->layout = 'ajax';
$this->render('ajax/view_elements');
}
}

202
app/Controller/ObjectTemplatesController.php Normal file
View File

@ -0,0 +1,202 @@
<?php
App::uses('AppController', 'Controller');
class ObjectTemplatesController extends AppController {
public $components = array('Security' ,'RequestHandler', 'Session');
public $paginate = array(
'limit' => 60,
'order' => array(
'Object.id' => 'desc'
),
'contain' => array(
'Organisation' => array('fields' => array('Organisation.id', 'Organisation.name', 'Organisation.uuid'))
),
'recursive' => -1
);
public function objectChoice($event_id) {
$this->ObjectTemplate->populateIfEmpty($this->Auth->user());
$templates_raw = $this->ObjectTemplate->find('all', array(
'recursive' => -1,
'conditions' => array('ObjectTemplate.active' => 1),
'fields' => array('id', 'meta-category', 'name', 'description', 'org_id'),
'contain' => array('Organisation.name'),
'sort' => array('ObjectTemplate.name asc')
));
$templates = array('all' => array());
foreach ($templates_raw as $k => $template) {
unset($template['ObjectTemplate']['meta-category']);
$template['ObjectTemplate']['org_name'] = $template['Organisation']['name'];
$templates[$templates_raw[$k]['ObjectTemplate']['meta-category']][] = $template['ObjectTemplate'];
$templates['all'][] = $template['ObjectTemplate'];
}
foreach ($templates as $category => $template_list) {
$templates[$category] = Hash::sort($templates[$category], '{n}.name');
}
$template_categories = array_keys($templates);
$this->layout = false;
$this->set('template_categories', $template_categories);
$this->set('eventId', $event_id);
$this->set('templates', $templates);
$this->render('ajax/object_choice');
}
public function view($id) {
$params = array(
'recursive' => -1,
'contain' => array(
'Organisation' => array('fields' => array('Organisation.id', 'Organisation.name', 'Organisation.uuid'))
),
'conditions' => array('ObjectTemplate.id' => $id)
);
if ($this->_isSiteAdmin()) {
$params['contain']['User']= array('fields' => array('User.id', 'User.email'));
}
$objectTemplate = $this->ObjectTemplate->find('first', $params);
if (empty($objectTemplate)) {
throw new NotFoundException('Invalid object template');
}
if ($this->_isRest()) {
return $this->RestResponse->viewData($objectTemplate, $this->response->type());
} else {
$this->set('id', $id);
$this->set('template', $objectTemplate);
}
}
public function delete($id) {
if (!$this->request->is('post') && !$this->request->is('put') && !$this->request->is('delete')) {
throw new MethodNotAllowedException();
}
$this->ObjectTemplate->id = $id;
if (!$this->ObjectTemplate->exists()) {
throw new NotFoundException('Invalid ObjectTemplate');
}
if ($this->ObjectTemplate->delete()) {
if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse('ObjectTemplates', 'admin_delete', $id, $this->response->type());
} else {
$this->Session->setFlash(__('ObjectTemplate deleted'));
}
}
if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse('ObjectTemplates', 'admin_delete', $id, $this->ObjectTemplate->validationErrors, $this->response->type());
} else {
$this->Session->setFlash('ObjectTemplate could not be deleted');
}
$this->redirect($this->referer());
}
public function viewElements($id, $context = 'all') {
$elements = $this->ObjectTemplate->ObjectTemplateElement->find('all', array(
'conditions' => array('ObjectTemplateElement.object_template_id' => $id)
));
$this->set('list', $elements);
$this->layout = 'ajax';
$this->render('ajax/view_elements');
}
public function index($all = false) {
if (!$all || !$this->_isSiteAdmin()) {
$this->paginate['conditions'][] = array('ObjectTemplate.active' => 1);
$this->set('all', false);
} else {
$this->set('all', true);
}
if ($this->_isRest()) {
$rules = $this->paginate;
unset($rules['limit']);
unset($rules['order']);
$objectTemplates = $this->ObjectTemplate->find('all', $rules);
return $this->RestResponse->viewData($objectTemplates, $this->response->type());
} else {
$this->paginate['order'] = array('ObjectTemplate.name' => 'ASC');
$objectTemplates = $this->paginate();
$this->set('list', $objectTemplates);
}
}
public function update() {
$result = $this->ObjectTemplate->update($this->Auth->user());
$this->loadModel('ObjectRelationship');
$result2 = $this->ObjectRelationship->update();
$this->Log = ClassRegistry::init('Log');
$fails = 0;
$successes = 0;
if (!empty($result)) {
if (isset($result['success'])) {
foreach ($result['success'] as $id => $success) {
if (isset($success['old'])) $change = $success['name'] . ': updated from v' . $success['old'] . ' to v' . $success['new'];
else $change = $success['name'] . ' v' . $success['new'] . ' installed';
$this->Log->create();
$this->Log->save(array(
'org' => $this->Auth->user('Organisation')['name'],
'model' => 'ObjectTemplate',
'model_id' => $id,
'email' => $this->Auth->user('email'),
'action' => 'update',
'user_id' => $this->Auth->user('id'),
'title' => 'Object template updated',
'change' => $change,
));
$successes++;
}
}
if (isset($result['fails'])) {
foreach ($result['fails'] as $id => $fail) {
$this->Log->create();
$this->Log->save(array(
'org' => $this->Auth->user('Organisation')['name'],
'model' => 'ObjectTemplate',
'model_id' => $id,
'email' => $this->Auth->user('email'),
'action' => 'update',
'user_id' => $this->Auth->user('id'),
'title' => 'Object template failed to update',
'change' => $fail['name'] . ' could not be installed/updated. Error: ' . $fail['fail'],
));
$fails++;
}
}
} else {
$this->Log->create();
$this->Log->save(array(
'org' => $this->Auth->user('Organisation')['name'],
'model' => 'ObjectTemplate',
'model_id' => 0,
'email' => $this->Auth->user('email'),
'action' => 'update',
'user_id' => $this->Auth->user('id'),
'title' => 'Object template update (nothing to update)',
'change' => 'Executed an update of the Object Template library, but there was nothing to update.',
));
}
if ($successes == 0 && $fails == 0) $this->Session->setFlash('All object templates are up to date already.');
else if ($successes == 0) $this->Session->setFlash('Could not update any of the object templates');
else {
$message = 'Successfully updated ' . $successes . ' object templates.';
if ($fails != 0) $message .= ' However, could not update ' . $fails . ' object templates.';
$this->Session->setFlash($message);
}
$this->redirect(array('controller' => 'ObjectTemplates', 'action' => 'index'));
}
public function activate() {
$id = $this->request->data['ObjectTemplate']['data'];
if (!is_numeric($id)) return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Template not found.')), 'status' => 200, 'type' => 'json'));
$result = $this->ObjectTemplate->setActive($id);
if ($result === false) {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Template\'s state could not be toggeled.')), 'status' => 200, 'type' => 'json'));
}
$message = (($result == 1) ? 'activated' : 'disabled');
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Template ' . $message . '.')), 'status' => 200, 'type' => 'json'));
}
public function getToggleField() {
if (!$this->request->is('ajax')) throw new MethodNotAllowedException('This action is available via AJAX only.');
$this->layout = 'ajax';
$this->render('ajax/getToggleField');
}
}

518
app/Controller/ObjectsController.php Normal file
View File

@ -0,0 +1,518 @@
<?php
App::uses('AppController', 'Controller');
class ObjectsController extends AppController {
var $uses = 'MispObject';
public $components = array('Security' ,'RequestHandler', 'Session');
public $paginate = array(
'limit' => 20,
'order' => array(
'Object.id' => 'desc'
),
);
public function beforeFilter() {
parent::beforeFilter();
$this->Security->unlockedActions = array('revise_object', 'get_row');
}
public function revise_object($action, $event_id, $template_id, $object_id = false) {
if (!$this->request->is('post') && !$this->request->is('put')) {
throw new MethodNotAllowedException('This action can only be reached via POST requests');
}
$this->request->data = $this->MispObject->attributeCleanup($this->request->data);
$eventFindParams = array(
'recursive' => -1,
'fields' => array('Event.id', 'Event.uuid', 'Event.orgc_id'),
'conditions' => array('Event.id' => $event_id)
);
$template = $this->MispObject->ObjectTemplate->find('first', array(
'conditions' => array('ObjectTemplate.id' => $template_id),
'recursive' => -1,
'contain' => array(
'ObjectTemplateElement'
)
));
$event = $this->MispObject->Event->find('first', $eventFindParams);
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
throw new NotFoundException('Invalid event.');
}
if ($this->request->data['Object']['distribution'] == 4) {
$sg = $this->MispObject->SharingGroup->find('first', array(
'conditions' => array('SharingGroup.id' => $this->request->data['Object']['sharing_group_id']),
'recursive' => -1,
'fields' => array('SharingGroup.id', 'SharingGroup.name'),
'order' => false
));
if (empty($sg)) throw new NotFoundException('Invalid sharing group.');
$this->set('sg', $sg);
}
$this->set('distributionLevels', $this->MispObject->Attribute->distributionLevels);
$this->set('action', $action);
$this->set('template', $template);
$this->set('object_id', $object_id);
$this->set('event', $event);
$this->set('data', $this->request->data);
}
/**
* Create an object using a template
* POSTing will take the input and validate it against the template
* GETing will return the template
*/
public function add($eventId, $templateId = false) {
if (!$this->userRole['perm_modify']) {
throw new MethodNotAllowedException('You don\'t have permissions to create objects.');
}
$eventFindParams = array(
'recursive' => -1,
'fields' => array('Event.id', 'Event.uuid', 'Event.orgc_id'),
'conditions' => array('Event.id' => $eventId)
);
// Find the event that is to be updated
if (Validation::uuid($eventId)) {
$eventFindParams['conditions']['Event.uuid'] = $eventId;
} else if (is_numeric($eventId)) {
$eventFindParams['conditions']['Event.id'] = $eventId;
} else {
throw new NotFoundException('Invalid event.');
}
$event = $this->MispObject->Event->find('first', $eventFindParams);
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
throw new NotFoundException('Invalid event.');
}
$eventId = $event['Event']['id'];
$templates = $this->MispObject->ObjectTemplate->find('all', array(
'conditions' => array('ObjectTemplate.id' => $templateId),
'recursive' => -1,
'contain' => array(
'ObjectTemplateElement'
)
));
$template_version = false;
$template = false;
foreach ($templates as $temp) {
if (!empty($template_version)) {
if (intval($template['ObjectTemplate']['version']) > intval($template_version)) {
$template = $temp;
}
} else {
$template = $temp;
}
}
$error = false;
if (empty($template)) {
$error = 'No valid template found to edit the object.';
}
// If we have received a POST request
if ($this->request->is('post')) {
if (isset($this->request->data['request'])) {
$this->request->data = $this->request->data['request'];
}
if (isset($this->request->data['Object']['data'])) {
$this->request->data = json_decode($this->request->data['Object']['data'], true);
}
if (!isset($this->request->data['Attribute'])) {
$this->request->data = array('Attribute' => $this->request->data);
}
if (!isset($this->request->data['Object'])) {
$attributeTemp = $this->request->data['Attribute'];
unset($this->request->data['Attribute']);
$this->request->data = array('Object' => $this->request->data);
$this->request->data['Attribute'] = $attributeTemp;
unset($attributeTemp);
}
$object = $this->MispObject->attributeCleanup($this->request->data);
// we pre-validate the attributes before we create an object at this point
// This allows us to stop the process and return an error (API) or return
// to the add form
if (empty($object['Attribute'])) {
$error = 'Could not save the object as no attributes were set.';
} else {
foreach ($object['Attribute'] as $k => $attribute) {
$object['Attribute'][$k]['event_id'] = $eventId;
$this->MispObject->Event->Attribute->set($attribute);
if (!$this->MispObject->Event->Attribute->validates()) {
$error = 'Could not save object as at least one attribute has failed validation (' . $attribute['object_relation'] . '). ' . json_encode($this->MispObject->Event->Attribute->validationErrors);
}
}
}
if (empty($error)) {
$error = $this->MispObject->ObjectTemplate->checkTemplateConformity($template, $object);
if ($error === true) {
$result = $this->MispObject->saveObject($object, $eventId, $template, $this->Auth->user(), $errorBehaviour = 'halt');
if ($result) $this->MispObject->Event->unpublishEvent($eventId);
} else {
$result = false;
}
if ($this->_isRest()) {
if (is_numeric($result)) {
$object = $this->MispObject->find('first', array(
'recursive' => -1,
'conditions' => array('Object.id' => $result),
'contain' => array('Attribute')
));
return $this->RestResponse->viewData($object, $this->response->type());
} else {
return $this->RestResponse->saveFailResponse('Objects', 'add', false, $error, $this->response->type());
}
} else {
if (is_numeric($result)) {
$this->Session->setFlash('Object saved.');
$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
}
}
}
}
// In the case of a GET request or if the object could not be validated, show the form / the requirement
if ($this->_isRest()) {
if ($error) {
} else {
return $this->RestResponse->viewData($orgs, $this->response->type());
}
} else {
if (!empty($error)) {
$this->Session->setFlash($error);
}
$template = $this->MispObject->prepareTemplate($template, $this->request->data);
$enabledRows = array_keys($template['ObjectTemplateElement']);
$this->set('enabledRows', $enabledRows);
$distributionData = $this->MispObject->Event->Attribute->fetchDistributionData($this->Auth->user());
$this->set('distributionData', $distributionData);
$this->set('event', $event);
$this->set('ajax', false);
$this->set('action', 'add');
$this->set('template', $template);
}
}
public function get_row($template_id, $object_relation, $k) {
$template = $this->MispObject->ObjectTemplate->find('first', array(
'conditions' => array('ObjectTemplate.id' => $template_id),
'recursive' => -1,
'contain' => array(
'ObjectTemplateElement'
)
));
$template = $this->MispObject->prepareTemplate($template);
$element = array();
foreach ($template['ObjectTemplateElement'] as $templateElement) {
if ($templateElement['object_relation'] == $object_relation) {
$element = $templateElement;
}
}
$distributionData = $this->MispObject->Event->Attribute->fetchDistributionData($this->Auth->user());
$this->layout = false;
$this->set('distributionData', $distributionData);
$this->set('k', $k);
$this->set('element', $element);
}
public function edit($id) {
if (!$this->userRole['perm_modify']) {
throw new MethodNotAllowedException('You don\'t have permissions to edit objects.');
}
$object = $this->MispObject->find('first', array(
'conditions' => array('Object.id' => $id),
'recursive' => -1,
'contain' => array(
'Attribute' => array(
'conditions' => array(
'Attribute.deleted' => 0
)
)
)
));
if (empty($object)) {
throw new NotFoundException('Invalid object.');
}
$eventFindParams = array(
'recursive' => -1,
'fields' => array('Event.id', 'Event.uuid', 'Event.orgc_id'),
'conditions' => array('Event.id' => $object['Object']['event_id'])
);
$event = $this->MispObject->Event->find('first', $eventFindParams);
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
throw new NotFoundException('Invalid object.');
}
$template = $this->MispObject->ObjectTemplate->find('first', array(
'conditions' => array(
'ObjectTemplate.uuid' => $object['Object']['template_uuid'],
'ObjectTemplate.version' => $object['Object']['template_version'],
),
'recursive' => -1,
'contain' => array(
'ObjectTemplateElement'
)
));
if (empty($template)) {
$this->Session->setFlash('Object cannot be edited, no valid template found.');
$this->redirect(array('controller' => 'events', 'action' => 'view', $object['Object']['event_id']));
}
$template = $this->MispObject->prepareTemplate($template, $object);
$enabledRows = false;
if ($this->request->is('post') || $this->request->is('put')) {
if (isset($this->request->data['request'])) {
$this->request->data = $this->request->data['request'];
}
if (isset($this->request->data['Object']['data'])) {
$this->request->data = json_decode($this->request->data['Object']['data'], true);
}
if (!isset($this->request->data['Attribute'])) {
$this->request->data = array('Attribute' => $this->request->data);
}
$objectToSave = $this->MispObject->attributeCleanup($this->request->data);
$objectToSave = $this->MispObject->deltaMerge($object, $objectToSave);
// we pre-validate the attributes before we create an object at this point
// This allows us to stop the process and return an error (API) or return
// to the add form
if (empty($error)) {
if ($this->_isRest()) {
if (is_numeric($objectToSave)) {
$objectToSave = $this->MispObject->find('first', array(
'recursive' => -1,
'conditions' => array('Object.id' => $result),
'contain' => array('Attribute')
));
$this->MispObject->Event->unpublishEvent($object['Object']['event_id']);
return $this->RestResponse->viewData($objectToSave, $this->response->type());
} else {
return $this->RestResponse->saveFailResponse('Objects', 'add', false, $result, $this->response->type());
}
} else {
$this->MispObject->Event->unpublishEvent($object['Object']['event_id']);
$this->Session->setFlash('Object saved.');
$this->redirect(array('controller' => 'events', 'action' => 'view', $object['Object']['event_id']));
}
}
} else {
$enabledRows = array();
$this->request->data['Object'] = $object['Object'];
foreach ($template['ObjectTemplateElement'] as $k => $element) {
foreach ($object['Attribute'] as $k2 => $attribute) {
if ($attribute['object_relation'] == $element['object_relation']) {
$enabledRows[] = $k;
$this->request->data['Attribute'][$k] = $attribute;
if (!empty($element['values_list'])) {
$this->request->data['Attribute'][$k]['value_select'] = $attribute['value'];
} else {
if (!empty($element['sane_default'])) {
if (in_array($attribute['value'], $element['sane_default'])) {
$this->request->data['Attribute'][$k]['value_select'] = $attribute['value'];
} else {
$this->request->data['Attribute'][$k]['value_select'] = 'Enter value manually';
}
}
}
}
}
}
}
$this->set('enabledRows', $enabledRows);
$distributionData = $this->MispObject->Event->Attribute->fetchDistributionData($this->Auth->user());
$this->set('distributionData', $distributionData);
$this->set('event', $event);
$this->set('ajax', false);
$this->set('template', $template);
$this->set('action', 'edit');
$this->set('object', $object);
$this->render('add');
}
public function addValueField() {
}
public function delete($id, $hard = false) {
if (!$this->userRole['perm_modify']) {
throw new MethodNotAllowedException('You don\'t have permissions to delete objects.');
}
if (Validation::uuid($id)) {
$lookupField = 'uuid';
} else if (!is_numeric($id)) {
$lookupField = 'id';
throw new NotFoundException('Invalid object.');
}
$object = $this->MispObject->find('first', array(
'recursive' => -1,
'fields' => array('Object.id', 'Object.event_id', 'Event.id', 'Event.uuid', 'Event.orgc_id'),
'conditions' => array('Object.id' => $id),
'contain' => array(
'Event'
)
));
if (empty($object)) {
throw new NotFoundException('Invalid event.');
}
$eventId = $object['Event']['id'];
if (!$this->_isSiteAdmin() && ($object['Event']['orgc_id'] != $this->Auth->user('org_id') || !$this->userRole['perm_modify'])) {
throw new UnauthorizedException('You do not have permission to do that.');
}
if ($this->request->is('post')) {
if ($this->__delete($id, $hard)) {
$message = 'Object deleted.';
if ($this->request->is('ajax')) {
return new CakeResponse(
array(
'body'=> json_encode(
array(
'saved' => true,
'success' => $message
)
),
'status'=>200,
'type' => 'json'
)
);
} else if ($this->_isRest()) {
return $this->RestResponse->saveSuccessResponse(
'Objects',
'delete',
$id,
$this->response->type()
);
} else {
$this->Session->setFlash($message);
$this->redirect(array('controller' => 'events', 'action' => 'view', $object['Event']['id']));
}
} else {
$message = 'Object could not be deleted.';
if ($this->request->is('ajax')) {
return new CakeResponse(
array(
'body'=> json_encode(
array(
'saved' => false,
'errors' => $message
)
),
'status'=>200,
'type' => 'json'
)
);
} else if ($this->_isRest()) {
return $this->RestResponse->saveFailResponse(
'Objects',
'delete',
false,
$this->MispObject->validationErrors,
$this->response->type()
);
} else {
$this->Session->setFlash($message);
$this->redirect(array('controller' => 'events', 'action' => 'view', $object['Event']['id']));
}
}
} else {
if ($this->request->is('ajax') && $this->request->is('get')) {
$this->set('hard', $hard);
$this->set('id', $id);
$this->set('event_id', $object['Event']['id']);
$this->render('ajax/delete');
}
}
}
private function __delete($id, $hard) {
$this->MispObject->id = $id;
if (!$this->MispObject->exists()) {
return false;
}
$object = $this->MispObject->find('first', array(
'conditions' => array('Object.id' => $id),
'fields' => array('Object.*'),
'contain' => array(
'Event' => array(
'fields' => array('Event.*')
),
'Attribute' => array(
'fields' => array('Attribute.*')
)
),
));
if (empty($object)) throw new MethodNotAllowedException('Object not found or not authorised.');
// check for permissions
if (!$this->_isSiteAdmin()) {
if ($object['Event']['locked']) {
if ($this->Auth->user('org_id') != $object['Event']['org_id'] || !$this->userRole['perm_sync']) {
throw new MethodNotAllowedException('Object not found or not authorised.');
}
} else {
if ($this->Auth->user('org_id') != $object['Event']['orgc_id']) {
throw new MethodNotAllowedException('Object not found or not authorised.');
}
}
}
$date = new DateTime();
if ($hard) {
// For a hard delete, simply run the delete, it will cascade
$this->MispObject->delete($id);
return true;
} else {
// For soft deletes, sanitise the object first if the setting is enabled
if (Configure::read('Security.sanitise_attribute_on_delete')) {
$object['Object']['name'] = 'N/A';
$object['Object']['category'] = 'N/A';
$object['Object']['description'] = 'N/A';
$object['Object']['template_uuid'] = 'N/A';
$object['Object']['template_version'] = 0;
$object['Object']['comment'] = '';
}
$object['Object']['deleted'] = 1;
$object['Object']['timestamp'] = $date->getTimestamp();
$this->MispObject->save($object);
foreach ($object['Attribute'] as $attribute) {
if (Configure::read('Security.sanitise_attribute_on_delete')) {
$attribute['category'] = 'Other';
$attribute['type'] = 'comment';
$attribute['value'] = 'deleted';
$attribute['comment'] = '';
$attribute['to_ids'] = 0;
}
$attribute['deleted'] = 1;
$attribute['timestamp'] = $date->getTimestamp();
$this->MispObject->Attribute->save(array('Attribute' => $attribute));
$this->MispObject->Event->ShadowAttribute->deleteAll(
array('ShadowAttribute.old_id' => $attribute['id']),
false
);
}
$object['Event']['timestamp'] = $date->getTimestamp();
$object['Event']['published'] = 0;
$this->MispObject->Event->save($object, array('fieldList' => array('published', 'timestamp', 'info')));
$object_refs = $this->MispObject->ObjectReference->find('all', array(
'conditions' => array(
'ObjectReference.referenced_type' => 1,
'ObjectReference.referenced_id' => $id,
),
'recursive' => -1
));
foreach ($object_refs as $ref) {
$ref['ObjectReference']['deleted'] = 1;
$this->MispObject->ObjectReference->save($ref);
}
return true;
}
}
public function view($id) {
if ($this->_isRest()) {
$objects = $this->MispObject->fetchObjects($this->Auth->user(), array('conditions' => array('Object.id' => $id)));
if (!empty($objects)) {
return $this->RestResponse->viewData($objects, $this->response->type());
}
}
}
}

11
app/Controller/ServersController.php
View File

@ -123,11 +123,13 @@ class ServersController extends AppController {
$this->loadModel('Event');
$dataForView = array(
'Attribute' => array('attrDescriptions' => 'fieldDescriptions', 'distributionDescriptions' => 'distributionDescriptions', 'distributionLevels' => 'distributionLevels'),
'Event' => array('eventDescriptions' => 'fieldDescriptions', 'analysisLevels' => 'analysisLevels')
'Event' => array('eventDescriptions' => 'fieldDescriptions', 'analysisLevels' => 'analysisLevels'),
'Object' => array()
);
foreach ($dataForView as $m => $variables) {
if ($m === 'Event') $currentModel = $this->Event;
else if ($m === 'Attribute') $currentModel = $this->Event->Attribute;
else if ($m === 'Object') $currentModel = $this->Event->Object;
foreach ($variables as $alias => $variable) {
$this->set($alias, $currentModel->{$variable});
}
@ -762,6 +764,13 @@ class ServersController extends AppController {
if ($tab == 'diagnostics' || $tab == 'download') {
$php_ini = php_ini_loaded_file();
$this->set('php_ini', $php_ini);
$advanced_attachments = shell_exec('python ' . APP . 'files/scripts/generate_file_objects.py -c');
try {
$advanced_attachments = json_decode($advanced_attachments, true);
} catch (Exception $e) {
$advanced_attachments = false;
}
$this->set('advanced_attachments', $advanced_attachments);
// check if the current version of MISP is outdated or not
$version = $this->__checkVersion();
$this->set('version', $version);

24
app/Controller/ShadowAttributesController.php
View File

@ -662,6 +662,10 @@ class ShadowAttributesController extends AppController {
'static' => array('old_id' => 'Attribute.id', 'uuid' => 'Attribute.uuid', 'event_id' => 'Attribute.event_id', 'event_uuid' => 'Event.uuid', 'event_org_id' => 'Event.orgc_id'),
'optional' => array('category', 'type', 'value', 'to_ids', 'comment')
);
if ($existingAttribute['Attribute']['object_id']) {
unset($fields['optional']['type']);
$fields['static']['type'] = 'Attribute.type';
}
}
foreach ($fields['static'] as $k => $v) {
$v = explode('.', $v);
@ -724,18 +728,36 @@ class ShadowAttributesController extends AppController {
unset($types[$key]);
}
}
if ($existingAttribute['Attribute']['object_id']) {
$this->set('objectAttribute', true);
} else {
$this->set('objectAttribute', false);
}
$types = $this->_arrayToValuesIndexArray($types);
$this->set('types', $types);
// combobox for categories
$categories = $this->_arrayToValuesIndexArray(array_keys($this->ShadowAttribute->Event->Attribute->categoryDefinitions));
$categories = $this->_arrayToValuesIndexArray($categories);
$this->set('categories', $categories);
foreach ($this->ShadowAttribute->Event->Attribute->categoryDefinitions as $key => $value) {
$info['category'][$key] = array('key' => $key, 'desc' => isset($value['formdesc'])? $value['formdesc'] : $value['desc']);
}
foreach ($this->ShadowAttribute->Event->Attribute->typeDefinitions as $key => $value) {
$info['type'][$key] = array('key' => $key, 'desc' => isset($value['formdesc'])? $value['formdesc'] : $value['desc']);
}
$categoryDefinitions = $this->ShadowAttribute->Event->Attribute->categoryDefinitions;
if ($existingAttribute['Attribute']['object_id']) {
foreach ($categoryDefinitions as $k => $v) {
if (!in_array($existingAttribute['Attribute']['type'], $v['types'])) {
unset($categoryDefinitions[$k]);
}
}
foreach ($categories as $k => $v) {
if (!isset($categoryDefinitions[$k])) {
unset($categories[$k]);
}
}
}
$this->set('categories', $categories);
$this->set('info', $info);
$this->set('attrDescriptions', $this->ShadowAttribute->fieldDescriptions);
$this->set('typeDefinitions', $this->ShadowAttribute->typeDefinitions);

29
app/Lib/Tools/CustomPaginationTool.php
View File

@ -1,7 +1,7 @@
<?php
class CustomPaginationTool {
function createPaginationRules($items, $options, $model, $sort = 'id') {
function createPaginationRules($items, $options, $model, $sort = 'id', $focusKey = 'uuid') {
$params = array(
'model' => $model,
'current' => 1,
@ -16,7 +16,7 @@ class CustomPaginationTool {
'options' => array(
),
);
$validOptions = array('sort', 'direction', 'page');
$validOptions = array('sort', 'direction', 'page', 'focus');
if ($model == 'events') $validOptions[] = 'attributeFilter';
foreach ($validOptions as $v) {
if (isset($options[$v])) {
@ -43,20 +43,35 @@ class CustomPaginationTool {
$items = array_slice($items, $params['current'] - 1, $params['limit']);
}
function applyRulesOnArray(&$items, $options, $model, $sort = 'id') {
$params = $this->createPaginationRules($items, $options, $model, $sort);
function applyRulesOnArray(&$items, $options, $model, $sort = 'id', $focusKey = 'uuid') {
$params = $this->createPaginationRules($items, $options, $model, $sort, $focusKey);
if (isset($params['sort'])) {
$sortArray = array();
foreach ($items as $k => $item) {
$sortArray[$k] = $item[$params['sort']];
$sortArray[$k] = empty($item[$params['sort']]) ? '' : $item[$params['sort']];
}
asort($sortArray);
if (empty($params['options']['direction']) || $params['options']['direction'] == 'asc') {
asort($sortArray);
} else {
arsort($sortArray);
}
foreach ($sortArray as $k => $sortedElement) {
$sortArray[$k] = $items[$k];
}
$items = array();
$items = $sortArray;
//$items = Set::sort($items, '{n}.' . $params['sort'], $params['direction']);
}
$items = array_values($items);
if (!empty($params['options']['focus'])) {
foreach ($items as $k => $item) {
if ($item[$focusKey] == $params['options']['focus']) {
$params['page'] = 1 + intval(floor($k / $params['limit']));
$params['current'] = 1 + ($params['page'] - 1) * 60;
continue;
}
}
unset($params['options']['focus']);
}
array_unshift($items, 'dummy');
unset($items[0]);

67
app/Lib/Tools/JSONConverterTool.php
View File

@ -10,7 +10,7 @@ class JSONConverterTool {
}
public function convert($event, $isSiteAdmin=false) {
$toRearrange = array('Org', 'Orgc', 'SharingGroup', 'Attribute', 'ShadowAttribute', 'RelatedAttribute', 'RelatedEvent', 'Galaxy');
$toRearrange = array('Org', 'Orgc', 'SharingGroup', 'Attribute', 'ShadowAttribute', 'RelatedAttribute', 'RelatedEvent', 'Galaxy', 'Object');
foreach ($toRearrange as $object) {
if (isset($event[$object])) {
$event['Event'][$object] = $event[$object];
@ -49,29 +49,12 @@ class JSONConverterTool {
}
if (isset($event['Event']['Attribute'])) {
// remove value1 and value2 from the output and remove invalid utf8 characters for the xml parser
foreach ($event['Event']['Attribute'] as $key => $value) {
if (isset($value['SharingGroup']) && empty($value['SharingGroup'])) {
unset($event['Event']['Attribute'][$key]['SharingGroup']);
}
unset($event['Event']['Attribute'][$key]['value1']);
unset($event['Event']['Attribute'][$key]['value2']);
unset($event['Event']['Attribute'][$key]['category_order']);
if (isset($event['RelatedAttribute'][$value['id']])) {
$event['Event']['Attribute'][$key]['RelatedAttribute'] = $event['Event']['RelatedAttribute'][$value['id']];
foreach ($event['Event']['Attribute'][$key]['RelatedAttribute'] as &$ra) {
$ra = array('Attribute' => $ra);
}
}
if (isset($event['Event']['Attribute'][$key]['AttributeTag'])) {
foreach ($event['Event']['Attribute'][$key]['AttributeTag'] as $atk => $tag) {
unset($tag['Tag']['org_id']);
$event['Event']['Attribute'][$key]['Tag'][$atk] = $tag['Tag'];
}
unset($event['Event']['Attribute'][$key]['AttributeTag']);
}
}
$event['Event']['Attribute'] = $this->__cleanAttributes($event['Event']['Attribute']);
}
if (isset($event['Event']['Object'])) {
$event['Event']['Object'] = $this->__cleanObjects($event['Event']['Object']);
}
unset($event['Event']['RelatedAttribute']);
if (isset($event['Event']['RelatedEvent'])) {
foreach ($event['Event']['RelatedEvent'] as $key => $value) {
@ -87,6 +70,44 @@ class JSONConverterTool {
return json_encode($result, JSON_PRETTY_PRINT);
}
private function __cleanAttributes($attributes) {
// remove value1 and value2 from the output and remove invalid utf8 characters for the xml parser
foreach ($attributes as $key => $value) {
if (isset($value['SharingGroup']) && empty($value['SharingGroup'])) {
unset($attributes[$key]['SharingGroup']);
}
unset($attributes[$key]['value1']);
unset($attributes[$key]['value2']);
unset($attributes[$key]['category_order']);
if (isset($event['RelatedAttribute'][$value['id']])) {
$attributes[$key]['RelatedAttribute'] = $event['Event']['RelatedAttribute'][$value['id']];
foreach ($attributes[$key]['RelatedAttribute'] as &$ra) {
$ra = array('Attribute' => $ra);
}
}
if (isset($attributes[$key]['AttributeTag'])) {
foreach ($attributes[$key]['AttributeTag'] as $atk => $tag) {
unset($tag['Tag']['org_id']);
$attributes[$key]['Tag'][$atk] = $tag['Tag'];
}
unset($attributes[$key]['AttributeTag']);
}
}
return $attributes;
}
private function __cleanObjects($objects) {
foreach ($objects as $k => $object) {
if (!empty($object['Attribute'])) {
$objects[$k]['Attribute'] = $this->__cleanAttributes($object['Attribute']);
} else {
unset($objects[$k]);
}
}
$objects = array_values($objects);
return $objects;
}
public function arrayPrinter($array, $root = true) {
if (is_array($array)) {
$resultArray = array();

132
app/Lib/Tools/XMLConverterTool.php
View File

@ -35,6 +35,65 @@ class XMLConverterTool {
return $text;
}
private function __rearrange($data, $model, $container) {
if (isset($data[$model])) {
$data[$container][$model] = $data[$model];
unset($data[$model]);
}
return $data;
}
private function __rearrangeAttributes($attributes) {
foreach ($attributes as $key => $value) {
$this->__sanitizeField($attributes[$key]['value']);
$this->__sanitizeField($attributes[$key]['comment']);
unset($attributes[$key]['value1'], $attributes[$key]['value2'], $attributes[$key]['category_order']);
if (isset($event['Event']['RelatedAttribute']) && isset($event['Event']['RelatedAttribute'][$value['id']])) {
$attributes[$key]['RelatedAttribute'] = $event['Event']['RelatedAttribute'][$value['id']];
foreach ($attributes[$key]['RelatedAttribute'] as &$ra) {
$ra = array('Attribute' => array(0 => $ra));
}
}
if (!empty($attributes[$key]['Feed'])) {
foreach ($attributes[$key]['Feed'] as $fKey => $feed) {
$this->__sanitizeField($attributes[$key]['Feed'][$fKey]['name']);
$this->__sanitizeField($attributes[$key]['Feed'][$fKey]['url']);
$this->__sanitizeField($attributes[$key]['Feed'][$fKey]['provider']);
}
}
if (isset($attributes[$key]['ShadowAttribute'])) {
foreach ($attributes[$key]['ShadowAttribute'] as $skey => $svalue) {
$this->__sanitizeField($attributes[$key]['ShadowAttribute'][$skey]['value']);
$this->__sanitizeField($attributes[$key]['ShadowAttribute'][$skey]['comment']);
$attributes[$key]['ShadowAttribute'][$skey]['Org'] = array(0 => $attributes[$key]['ShadowAttribute'][$skey]['Org']);
if (isset($attributes[$key]['ShadowAttribute'][$skey]['EventOrg'])) $attributes[$key]['ShadowAttribute'][$skey]['EventOrg'] = array(0 => $attributes[$key]['ShadowAttribute'][$skey]['EventOrg']);
}
}
if (isset($attributes[$key]['SharingGroup']['SharingGroupOrg'])) {
foreach ($attributes[$key]['SharingGroup']['SharingGroupOrg'] as $k => $sgo) {
$attributes[$key]['SharingGroup']['SharingGroupOrg'][$k]['Organisation'] = array(0 => $attributes[$key]['SharingGroup']['SharingGroupOrg'][$k]['Organisation']);
}
}
if (isset($attributes[$key]['SharingGroup']['SharingGroupServer'])) {
foreach ($attributes[$key]['SharingGroup']['SharingGroupServer'] as $k => $sgs) {
$attributes[$key]['SharingGroup']['SharingGroupServer'][$k]['Server'] = array(0 => $attributes[$key]['SharingGroup']['SharingGroupServer'][$k]['Server']);
}
}
if (isset($attributes[$key]['SharingGroup'])) {
$attributes[$key]['SharingGroup'][0] = $attributes[$key]['SharingGroup'];
unset($attributes[$key]['SharingGroup']);
}
if (isset($attributes[$key]['AttributeTag'])) {
foreach ($attributes[$key]['AttributeTag'] as $atk => $tag) {
unset($tag['Tag']['org_id']);
$attributes[$key]['Tag'][$atk] = $tag['Tag'];
}
unset($attributes[$key]['AttributeTag']);
}
}
return $attributes;
}
public function convertArray($event, $isSiteAdmin=false) {
$event['Event']['Org'][0] = $event['Org'];
$event['Event']['Orgc'][0] = $event['Orgc'];
@ -51,12 +110,11 @@ class XMLConverterTool {
if (isset($event['SharingGroup'])) {
$event['Event']['SharingGroup'][0] = $event['SharingGroup'];
}
if (isset($event['Attribute'])) $event['Event']['Attribute'] = $event['Attribute'];
if (isset($event['ShadowAttribute'])) {
$event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
unset($event['ShadowAttribute']);
}
if (isset($event['RelatedEvent'])) if (isset($event['RelatedEvent'])) $event['Event']['RelatedEvent'] = $event['RelatedEvent'];
$event = $this->__rearrange($event, 'Attribute', 'Event');
$event = $this->__rearrange($event, 'Object', 'Event');
$event = $this->__rearrange($event, 'ShadowAttribute', 'Event');
$event = $this->__rearrange($event, 'RelatedEvent', 'Event');
$event = $this->__rearrange($event, 'RelatedAttribute', 'Event');
// legacy
unset($event['Event']['org']);
@ -68,12 +126,6 @@ class XMLConverterTool {
$event['Event']['Tag'][$k] = $tag['Tag'];
}
}
$this->__sanitizeField($event['Event']['info']);
if (isset($event['RelatedAttribute'])) {
$event['Event']['RelatedAttribute'] = $event['RelatedAttribute'];
unset($event['RelatedAttribute']);
}
else $event['Event']['RelatedAttribute'] = array();
foreach ($event['Event']['RelatedAttribute'] as &$attribute_w_relation) {
foreach ($attribute_w_relation as &$relation) {
$this->__sanitizeField($relation['info']);
@ -91,55 +143,13 @@ class XMLConverterTool {
if (isset($event['Event']['Attribute'])) {
// remove value1 and value2 from the output and remove invalid utf8 characters for the xml parser
foreach ($event['Event']['Attribute'] as $key => $value) {
$this->__sanitizeField($event['Event']['Attribute'][$key]['value']);
$this->__sanitizeField($event['Event']['Attribute'][$key]['comment']);
unset($event['Event']['Attribute'][$key]['value1'], $event['Event']['Attribute'][$key]['value2'], $event['Event']['Attribute'][$key]['category_order']);
if (isset($event['Event']['RelatedAttribute']) && isset($event['Event']['RelatedAttribute'][$value['id']])) {
$event['Event']['Attribute'][$key]['RelatedAttribute'] = $event['Event']['RelatedAttribute'][$value['id']];
foreach ($event['Event']['Attribute'][$key]['RelatedAttribute'] as &$ra) {
$ra = array('Attribute' => array(0 => $ra));
}
}
if (!empty($event['Event']['Attribute'][$key]['Feed'])) {
foreach ($event['Event']['Attribute'][$key]['Feed'] as $fKey => $feed) {
$this->__sanitizeField($event['Event']['Attribute'][$key]['Feed'][$fKey]['name']);
$this->__sanitizeField($event['Event']['Attribute'][$key]['Feed'][$fKey]['url']);
$this->__sanitizeField($event['Event']['Attribute'][$key]['Feed'][$fKey]['provider']);
}
}
if (isset($event['Event']['Attribute'][$key]['ShadowAttribute'])) {
foreach ($event['Event']['Attribute'][$key]['ShadowAttribute'] as $skey => $svalue) {
$this->__sanitizeField($event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['value']);
$this->__sanitizeField($event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment']);
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['Org'] = array(0 => $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['Org']);
if (isset($event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['EventOrg'])) $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['EventOrg'] = array(0 => $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['EventOrg']);
}
}
if (isset($event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupOrg'])) {
foreach ($event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupOrg'] as $k => $sgo) {
$event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupOrg'][$k]['Organisation'] = array(0 => $event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupOrg'][$k]['Organisation']);
}
}
if (isset($event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupServer'])) {
foreach ($event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupServer'] as $k => $sgs) {
$event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupServer'][$k]['Server'] = array(0 => $event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupServer'][$k]['Server']);
}
}
if (isset($event['Event']['Attribute'][$key]['SharingGroup'])) {
$event['Event']['Attribute'][$key]['SharingGroup'][0] = $event['Event']['Attribute'][$key]['SharingGroup'];
unset($event['Event']['Attribute'][$key]['SharingGroup']);
}
if (isset($event['Event']['Attribute'][$key]['AttributeTag'])) {
foreach ($event['Event']['Attribute'][$key]['AttributeTag'] as $atk => $tag) {
unset($tag['Tag']['org_id']);
$event['Event']['Attribute'][$key]['Tag'][$atk] = $tag['Tag'];
}
unset($event['Event']['Attribute'][$key]['AttributeTag']);
}
$event['Event']['Attribute'] = $this->__rearrangeAttributes($event['Event']['Attribute']);
}
if (!empty($event['Event']['Object'])) {
foreach ($event['Event']['Object'] as $k => $v) {
$event['Event']['Object'][$k]['Attribute'] = $this->__rearrangeAttributes($event['Event']['Object'][$k]['Attribute']);
}
}
unset($event['Event']['RelatedAttribute']);
if (isset($event['Event']['ShadowAttribute'])) {
// remove invalid utf8 characters for the xml parser
foreach ($event['Event']['ShadowAttribute'] as $key => $value) {
@ -189,4 +199,8 @@ class XMLConverterTool {
if ($mispVersion) $result .= '<xml_version>' . $mispVersion . '</xml_version>';
return $result . '</response>' . PHP_EOL;
}
private function __prepareAttributes($attributes) {
return $attributes;
}
}

2
app/Lib/cakephp

@ -1 +1 @@
Subproject commit cfcbd6ea31cd6b6216fb14ecf47b166a19a6c703
Subproject commit c3a612aa94d30a4c51653f40f55ce07177300307

111
app/Model/AppModel.php
View File

@ -47,7 +47,7 @@ class AppModel extends Model {
58 => false, 59 => false, 60 => false, 61 => false, 62 => false,
63 => false, 64 => false, 65 => false, 66 => false, 67 => true,
68 => false, 69 => false, 71 => false, 72 => false, 73 => false,
75 => false, 77 => false, 78 => false
75 => false, 77 => false, 78 => false, 79 => false, 80 => false
)
)
);
@ -708,6 +708,115 @@ class AppModel extends Model {
$this->__addIndex('galaxy_clusters', 'galaxy_id');
$this->__addIndex('galaxy_elements', 'galaxy_cluster_id');
break;
case '2.4.80':
$sqlArray[] = "CREATE TABLE IF NOT EXISTS objects (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`meta-category` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`description` text CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`template_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`template_version` int(11) NOT NULL,
`event_id` int(11) NOT NULL,
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`timestamp` int(11) NOT NULL DEFAULT 0,
`distribution` tinyint(4) NOT NULL DEFAULT 0,
`sharing_group_id` int(11),
`comment` text COLLATE utf8_bin NOT NULL,
`deleted` TINYINT(1) NOT NULL DEFAULT 0,
PRIMARY KEY (id),
INDEX `name` (`name`),
INDEX `template_uuid` (`template_uuid`),
INDEX `template_version` (`template_version`),
INDEX `meta-category` (`meta-category`),
INDEX `event_id` (`event_id`),
INDEX `uuid` (`uuid`),
INDEX `timestamp` (`timestamp`),
INDEX `distribution` (`distribution`),
INDEX `sharing_group_id` (`sharing_group_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
$sqlArray[] = "CREATE TABLE IF NOT EXISTS object_references (
`id` int(11) NOT NULL AUTO_INCREMENT,
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`timestamp` int(11) NOT NULL DEFAULT 0,
`object_id` int(11) NOT NULL,
`event_id` int(11) NOT NULL,
`object_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`referenced_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`referenced_id` int(11) NOT NULL,
`referenced_type` int(11) NOT NULL DEFAULT 0,
`relationship_type` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`comment` text COLLATE utf8_bin NOT NULL,
`deleted` TINYINT(1) NOT NULL DEFAULT 0,
PRIMARY KEY (id),
INDEX `object_uuid` (`object_uuid`),
INDEX `referenced_uuid` (`referenced_uuid`),
INDEX `timestamp` (`timestamp`),
INDEX `object_id` (`object_id`),
INDEX `referenced_id` (`referenced_id`),
INDEX `relationship_type` (`relationship_type`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
$sqlArray[] = "CREATE TABLE IF NOT EXISTS object_relationships (
`id` int(11) NOT NULL AUTO_INCREMENT,
`version` int(11) NOT NULL,
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`description` text COLLATE utf8_bin NOT NULL,
`format` text COLLATE utf8_bin NOT NULL,
PRIMARY KEY (id),
INDEX `name` (`name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
$sqlArray[] = "CREATE TABLE IF NOT EXISTS object_templates (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`org_id` int(11) NOT NULL,
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`meta-category` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`description` text COLLATE utf8_bin,
`version` int(11) NOT NULL,
`requirements` text COLLATE utf8_bin,
`fixed` tinyint(1) NOT NULL DEFAULT 0,
`active` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (id),
INDEX `user_id` (`user_id`),
INDEX `org_id` (`org_id`),
INDEX `uuid` (`uuid`),
INDEX `name` (`name`),
INDEX `meta-category` (`meta-category`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
$sqlArray[] = "CREATE TABLE IF NOT EXISTS object_template_elements (
`id` int(11) NOT NULL AUTO_INCREMENT,
`object_template_id` int(11) NOT NULL,
`object_relation` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`type` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
`ui-priority` int(11) NOT NULL,
`categories` text COLLATE utf8_bin,
`sane_default` text COLLATE utf8_bin,
`values_list` text COLLATE utf8_bin,
`description` text COLLATE utf8_bin,
`disable_correlations` tinyint(1) NOT NULL DEFAULT 0,
`multiple` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (id),
INDEX `object_relation` (`object_relation`),
INDEX `type` (`type`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
$sqlArray[] = 'ALTER TABLE `logs` CHANGE `model` `model` VARCHAR(80) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL;';
$sqlArray[] = 'ALTER TABLE `logs` CHANGE `action` `action` VARCHAR(80) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL;';
$sqlArray[] = 'ALTER TABLE attributes ADD object_id int(11) NOT NULL DEFAULT 0;';
$sqlArray[] = 'ALTER TABLE attributes ADD object_relation varchar(255) COLLATE utf8_bin;';
$sqlArray[] = "ALTER TABLE `roles` ADD `perm_object_template` tinyint(1) NOT NULL DEFAULT 0;";
$sqlArray[] = 'UPDATE `roles` SET `perm_object_template` = 1 WHERE `perm_site_admin` = 1;';
$indexArray[] = array('attributes', 'object_id');
$indexArray[] = array('attributes', 'object_relation');
break;
case 'fixNonEmptySharingGroupID':
$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';

366
app/Model/Attribute.php
View File

@ -488,6 +488,10 @@ class Attribute extends AppModel {
'SharingGroup' => array(
'className' => 'SharingGroup',
'foreignKey' => 'sharing_group_id'
),
'Object' => array(
'className' => 'MispObject',
'foreignKey' => 'object_id'
)
);
@ -538,8 +542,6 @@ class Attribute extends AppModel {
}
}
if ($this->data['Attribute']['distribution'] != 4) $this->data['Attribute']['sharing_group_id'] = 0;
// update correlation... (only needed here if there's an update)
if ($this->id || !empty($this->data['Attribute']['id'])) {
$this->__beforeSaveCorrelation($this->data['Attribute']);
@ -596,6 +598,15 @@ class Attribute extends AppModel {
if (Configure::read('MISP.enable_advanced_correlations') && in_array($this->data['Attribute']['type'], array('ip-src', 'ip-dst', 'domain-ip')) && strpos($this->data['Attribute']['value'], '/')) {
$this->setCIDRList();
}
if (!empty($this->data['Attribute']['id'])) {
$this->Object->ObjectReference->deleteAll(
array(
'ObjectReference.referenced_type' => 0,
'ObjectReference.referenced_id' => $this->data['Attribute']['id'],
),
false
);
}
}
public function beforeValidate($options = array()) {
@ -635,9 +646,24 @@ class Attribute extends AppModel {
$this->data['Attribute']['value'] = $result;
}
// TODO: add explanatory comment
if (!isset($this->data['Attribute']['distribution']) || $this->data['Attribute']['distribution'] != 4) $this->data['Attribute']['sharing_group_id'] = 0;
if (!isset($this->data['Attribute']['distribution'])) $this->data['Attribute']['distribution'] = 5;
// Set defaults for when some of the mandatory fields don't have defaults
// These fields all have sane defaults either based on another field, or due to server settings
if (!isset($this->data['Attribute']['distribution'])) {
$this->data['Attribute']['distribution'] = Configure::read('MISP.default_attribute_distribution');
if ($this->data['Attribute']['distribution'] == 'event') {
$this->data['Attribute']['distribution'] = 5;
}
}
if (!empty($this->data['Attribute']['type']) && empty($this->data['Attribute']['category'])) {
$this->data['Attribute']['category'] = $this->typeDefinitions[$this->data['Attribute']['type']]['default_category'];
}
if (!isset($this->data['Attribute']['to_ids'])) {
$this->data['Attribute']['to_ids'] = $this->typeDefinitions[$this->data['Attribute']['type']]['to_ids'];
}
if ($this->data['Attribute']['distribution'] != 4) $this->data['Attribute']['sharing_group_id'] = 0;
// return true, otherwise the object cannot be saved
return true;
@ -651,6 +677,10 @@ class Attribute extends AppModel {
public function valueIsUnique ($fields) {
if (isset($this->data['Attribute']['deleted']) && $this->data['Attribute']['deleted']) return true;
// We escape this rule for objects as we can have the same category/type/value combination in different objects
if (!empty($this->data['Attribute']['object_relation'])) {
return true;
}
$value = $fields['value'];
if (strpos($value, '|')) {
$value = explode('|', $value);
@ -1640,7 +1670,8 @@ class Attribute extends AppModel {
$options = array(
'conditions' => $conditions,
'group' => array('Attribute.type', 'Attribute.value1'),
'enforceWarninglist' => $enforceWarninglist
'enforceWarninglist' => $enforceWarninglist,
'flatten' => true
);
$items = $this->fetchAttributes($user, $options);
if (empty($items)) continue;
@ -1701,7 +1732,8 @@ class Attribute extends AppModel {
'contain' => array('Event'=> array('fields' => array('Event.id', 'Event.threat_level_id'))),
'group' => array('Attribute.type', 'Attribute.value1'), // fields to GROUP BY
'enforceWarninglist' => $enforceWarninglist,
'includeAllTags' => $includeAllTags
'includeAllTags' => $includeAllTags,
'flatten' => true
);
$items = $this->fetchAttributes($user, $params);
if (empty($items)) continue;
@ -2226,6 +2258,28 @@ class Attribute extends AppModel {
return $this->find('list', $params);
}
public function fetchAttributesSimple($user, $options = array()) {
$params = array(
'conditions' => $this->buildConditions($user),
'fields' => array(),
'recursive' => -1
);
if (isset($options['conditions'])) {
$params['conditions']['AND'][] = $options['conditions'];
}
if (isset($options['fields'])) {
$params['fields'] = $options['fields'];
}
$results = $this->find('all', array(
'conditions' => $params['conditions'],
'recursive' => -1,
'fields' => $params['fields'],
'sort' => false
));
return $results;
}
// Method that fetches all attributes for the various exports
// very flexible, it's basically a replacement for find, with the addition that it restricts access based on user
// options:
@ -2242,7 +2296,7 @@ class Attribute extends AppModel {
'Event' => array(
'fields' => array('id', 'info', 'org_id', 'orgc_id', 'uuid'),
),
),
)
);
$params['contain']['AttributeTag'] = array('Tag' => array('conditions' => array()));
if (empty($options['includeAllTags'])) $params['contain']['AttributeTag']['Tag']['conditions']['exportable'] = 1;
@ -2268,12 +2322,13 @@ class Attribute extends AppModel {
}
if (isset($options['fields'])) $params['fields'] = $options['fields'];
if (isset($options['conditions'])) $params['conditions']['AND'][] = $options['conditions'];
if (empty($options['flatten'])) $params['conditions']['AND'][] = array('Attribute.object_id' => 0);
if (isset($options['order'])) $params['order'] = $options['order'];
if (!isset($options['withAttachments'])) $options['withAttachments'] = false;
else ($params['order'] = array());
if (!isset($options['enforceWarninglist'])) $options['enforceWarninglist'] = false;
if (!$user['Role']['perm_sync'] || !isset($options['deleted']) || !$options['deleted']) $params['conditions']['AND']['Attribute.deleted'] = 0;
if (isset($options['group'])) $params['group'] = array_merge(array('Attribute.id'), $options['group']);
if (isset($options['group'])) $params['group'] = empty($options['group']) ? $options['group'] : false;
if (Configure::read('MISP.unpublishedprivate')) $params['conditions']['AND'][] = array('OR' => array('Event.published' => 1, 'Event.orgc_id' => $user['org_id']));
if (!empty($options['list'])) {
if (!empty($options['event_ids'])) {
@ -2283,7 +2338,6 @@ class Attribute extends AppModel {
$fields = array('Attribute.event_id');
$group = false;
}
$start = microtime(true);
$results = $this->find('list', array(
'conditions' => $params['conditions'],
'recursive' => -1,
@ -2425,7 +2479,21 @@ class Attribute extends AppModel {
else return 'Could not save changes.';
}
public function saveAndEncryptAttribute($attribute, $user) {
public function saveAttributes($attributes) {
foreach ($attributes as $k => $attribute) {
if (!empty($attribute['encrypt']) && $attribute['encrypt']) {
$result = $this->handleMaliciousBase64($attribute['event_id'], $attribute['value'], $attribute['data'], array('md5'));
$attribute['data'] = $result['data'];
$attribute['value'] = $attribute['value'] . '|' . $result['md5'];
}
unset($attribute['Attachment']);
$this->create();
$this->save($attribute);
}
return true;
}
public function saveAndEncryptAttribute($attribute, $user = false) {
$hashes = array('md5' => 'malware-sample', 'sha1' => 'filename|sha1', 'sha256' => 'filename|sha256');
if ($attribute['encrypt']) {
$result = $this->handleMaliciousBase64($attribute['event_id'], $attribute['value'], $attribute['data'], array_keys($hashes));
@ -2603,4 +2671,280 @@ class Attribute extends AppModel {
}
return $cidrList;
}
public function fetchDistributionData($user) {
$initialDistribution = 5;
if (Configure::read('MISP.default_attribute_distribution') != null) {
if (Configure::read('MISP.default_attribute_distribution') === 'event') {
$initialDistribution = 5;
} else {
$initialDistribution = Configure::read('MISP.default_attribute_distribution');
}
}
$sgs = $this->SharingGroup->fetchAllAuthorised($user, 'name', 1);
$this->set('sharingGroups', $sgs);
$distributionLevels = $this->distributionLevels;
if (empty($sgs)) {
unset($distributionLevels[4]);
}
return array('sgs' => $sgs, 'levels' => $distributionLevels, 'initial' => $initialDistribution);
}
public function simpleAddMalwareSample($event_id, $category, $distribution, $sharing_group_id, $comment, $filename, $tmpfile) {
$attributes = array(
'malware-sample' => array('type' => 'malware-sample', 'data' => 1, 'category' => '', 'to_ids' => 1, 'disable_correlation' => 0, 'object_relation' => 'malware-sample'),
'filename' => array('type' => 'filename', 'category' => '', 'to_ids' => 0, 'disable_correlation' => 0, 'object_relation' => 'filename'),
'md5' => array('type' => 'md5', 'category' => '', 'to_ids' => 1, 'disable_correlation' => 0, 'object_relation' => 'md5'),
'sha1' => array('type' => 'sha1', 'category' => '', 'to_ids' => 1, 'disable_correlation' => 0, 'object_relation' => 'sha1'),
'sha256' => array('type' => 'sha256', 'category' => '', 'to_ids' => 1, 'disable_correlation' => 0, 'object_relation' => 'sha256'),
'size-in-bytes' => array('type' => 'size-in-bytes', 'category' => 'Other', 'to_ids' => 0, 'disable_correlation' => 1, 'object_relation' => 'filesize')
);
$hashes = array('md5', 'sha1', 'sha256');
$this->Object = ClassRegistry::init('Object');
$this->ObjectTemplate = ClassRegistry::init('ObjectTemplate');
$object_template = $this->ObjectTemplate->find('first', array(
'conditions' => array(
'ObjectTemplate.uuid' => '688c46fb-5edb-40a3-8273-1af7923e2215'
),
'recursive' => -1
));
if (empty($object_template)) {
$object_template = array(
'ObjectTemplate' => array(
'meta-category' => 'file',
'name' => 'file',
'template_uuid' => '688c46fb-5edb-40a3-8273-1af7923e2215',
'version' => 1,
'description' => 'File object describing a file with meta-information'
)
);
}
$object = array(
'distribution' => $distribution,
'sharing_group_id' => $sharing_group_id,
'meta-category' => $object_template['ObjectTemplate']['meta-category'],
'name' => $object_template['ObjectTemplate']['name'],
'template_version' => $object_template['ObjectTemplate']['version'],
'description' => $object_template['ObjectTemplate']['description'],
'template_uuid' => $object_template['ObjectTemplate']['uuid'],
'event_id' => $event_id,
'comment' => $comment
);
$result = $this->Event->Attribute->handleMaliciousBase64($event_id, $filename, base64_encode($tmpfile->read()), $hashes);
foreach ($attributes as $k => $v) {
$attribute = array(
'distribution' => 5,
'category' => empty($v['category']) ? $category : $v['category'],
'type' => $v['type'],
'to_ids' => $v['to_ids'],
'disable_correlation' => $v['disable_correlation'],
'object_id' => $this->Object->id,
'event_id' => $event_id,
'object_relation' => $v['object_relation']
);
if (isset($v['data'])) {
$attribute['data'] = $result['data'];
}
if ($k == 'malware-sample') {
$attribute['value'] = $filename . '|' . $result['md5'];
} else if ($k == 'size-in-bytes') {
$attribute['value'] = $tmpfile->size();
} else if ($k == 'filename') {
$attribute['value'] = $filename;
} else {
$attribute['value'] = $result[$v['type']];
}
$object['Attribute'][] = $attribute;
}
return array('Object' => array($object));
}
public function advancedAddMalwareSample($tmpfile) {
$execRetval = '';
$execOutput = array();
$result = shell_exec('python ' . APP . 'files/scripts/generate_file_objects.py -p ' . $tmpfile->path);
if (!empty($result)) {
$result = json_decode($result, true);
if (isset($result['objects'])) {
$result['Object'] = $result['objects'];
unset($result['objects']);
}
if (isset($result['references'])) {
$result['ObjectReference'] = $result['references'];
unset($result['references']);
}
}
return $result;
}
// gets an attribute, saves it
// handles encryption, attaching to event/object, logging of issues, tag capturing
public function captureAttribute($attribute, $eventId, $user, $objectId = false, $log = false) {
if ($log == false) {
$log = ClassRegistry::init('Log');
}
$attribute['event_id'] = $eventId;
$attribute['object_id'] = $objectId ? $objectId : 0;
unset($attribute['id']);
if (isset($attribute['encrypt'])) {
$result = $this->handleMaliciousBase64($eventId, $attribute['value'], $attribute['data'], array('md5'));
}
$fieldList = array(
'event_id',
'category',
'type',
'value',
'value1',
'value2',
'to_ids',
'uuid',
'timestamp',
'distribution',
'comment',
'sharing_group_id',
'deleted',
'disable_correlation',
'object_id',
'object_relation'
);
$this->create();
if (!$this->save($attribute, array('fieldList' => $fieldList))) {
$attribute_short = (isset($attribute['category']) ? $attribute['category'] : 'N/A') . '/' . (isset($attribute['type']) ? $attribute['type'] : 'N/A') . ' ' . (isset($attribute['value']) ? $attribute['value'] : 'N/A');
$log->create();
$log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Attribute',
'model_id' => 0,
'email' => $user['email'],
'action' => 'add',
'user_id' => $user['id'],
'title' => 'Attribute dropped due to validation for Event ' . $eventId . ' failed: ' . $attribute_short,
'change' => 'Validation errors: ' . json_encode($this->validationErrors) . ' Full Attribute: ' . json_encode($attribute),
));
} else {
if (isset($attribute['AttributeTag'])) {
foreach ($attribute['AttributeTag'] as $at) {
unset($at['id']);
$this->AttributeTag->create();
$at['attribute_id'] = $this->id;
$at['event_id'] = $eventId;
$this->AttributeTag->save($at);
}
}
}
return $attribute;
}
public function editAttribute($attribute, $eventId, $user, $objectId, $log = false) {
$attribute['event_id'] = $eventId;
$attribute['object_id'] = $objectId;
if (isset($attribute['encrypt'])) {
$result = $this->handleMaliciousBase64($eventId, $attribute['value'], $attribute['data'], array('md5'));
$attribute['data'] = $result['data'];
$attribute['value'] = $attribute['value'] . '|' . $result['md5'];
}
if (isset($attribute['uuid'])) {
$existingAttribute = $this->find('first', array(
'conditions' => array('Attribute.uuid' => $attribute['uuid']),
'recursive' => -1
));
if (count($existingAttribute)) {
if ($existingAttribute['Attribute']['event_id'] != $eventId || $existingAttribute['Attribute']['object_id'] != $objectId) {
$result = $this->Log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Attribute',
'model_id' => 0,
'email' => $user['email'],
'action' => 'edit',
'user_id' => $user['id'],
'title' => 'Duplicate UUID found in attribute',
'change' => 'An attribute was blocked from being saved due to a duplicate UUID. The uuid in question is: ' . $attribute['uuid'] . '. This can also be due to the same attribute (or an attribute with the same UUID) existing in a different event / object)',
));
return true;
}
// If a field is not set in the request, just reuse the old value
$recoverFields = array('value', 'to_ids', 'distribution', 'category', 'type', 'comment', 'sharing_group_id', 'object_id', 'object_relation');
foreach ($recoverFields as $rF) if (!isset($attribute[$rF])) $attribute[$rF] = $existingAttribute['Attribute'][$rF];
$attribute['id'] = $existingAttribute['Attribute']['id'];
// Check if the attribute's timestamp is bigger than the one that already exists.
// If yes, it means that it's newer, so insert it. If no, it means that it's the same attribute or older - don't insert it, insert the old attribute.
// Alternatively, we could unset this attribute from the request, but that could lead with issues if we decide that we want to start deleting attributes that don't exist in a pushed event.
if (isset($attribute['timestamp'])) {
if ($attribute['timestamp'] <= $existingAttribute['Attribute']['timestamp']) {
return true;
}
} else {
$attribute['timestamp'] = $date;
}
} else {
$this->create();
}
} else {
$this->create();
}
$attribute['event_id'] = $eventId;
if ($attribute['distribution'] == 4) {
$attribute['sharing_group_id'] = $this->SharingGroup->captureSG($attribute['SharingGroup'], $user);
}
$fieldList = array(
'event_id',
'category',
'type',
'value',
'value1',
'value2',
'to_ids',
'uuid',
'revision',
'distribution',
'timestamp',
'comment',
'sharing_group_id',
'deleted',
'disable_correlation'
);
if (!$this->save($attribute, array('fieldList' => $fieldList))) {
$attribute_short = (isset($attribute['category']) ? $attribute['category'] : 'N/A') . '/' . (isset($attribute['type']) ? $attribute['type'] : 'N/A') . ' ' . (isset($attribute['value']) ? $attribute['value'] : 'N/A');
$this->Log->create();
$this->Log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Attribute',
'model_id' => 0,
'email' => $user['email'],
'action' => 'edit',
'user_id' => $user['id'],
'title' => 'Attribute dropped due to validation for Event ' . $eventId . ' failed: ' . $attribute_short,
'change' => 'Validation errors: ' . json_encode($this->validationErrors) . ' Full Attribute: ' . json_encode($attribute),
));
return $this->validationErrors;
} else {
if (isset($attribute['Tag']) && $user['Role']['perm_tagger']) {
foreach ($attribute['Tag'] as $tag) {
$tag_id = $this->AttributeTag->Tag->captureTag($tag, $user);
if ($tag_id) {
// fix the IDs here
$this->AttributeTag->attachTagToAttribute($this->id, $this->id, $tag_id);
} else {
// If we couldn't attach the tag it is most likely because we couldn't create it - which could have many reasons
// However, if a tag couldn't be added, it could also be that the user is a tagger but not a tag editor
// In which case if no matching tag is found, no tag ID is returned. Logging these is pointless as it is the correct behaviour.
if ($user['Role']['perm_tag_editor']) {
$this->Log->create();
$this->Log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Attrubute',
'model_id' => $this->id,
'email' => $user['email'],
'action' => 'edit',
'user_id' => $user['id'],
'title' => 'Failed create or attach Tag ' . $tag['name'] . ' to the attribute.',
'change' => ''
));
}
}
}
}
}
return true;
}
}

1067
app/Model/Event.php
View File

File diff suppressed because it is too large Load Diff

556
app/Model/MispObject.php Normal file
View File

@ -0,0 +1,556 @@
<?php
App::uses('AppModel', 'Model');
class MispObject extends AppModel {
public $name = 'Object';
public $alias = 'Object';
public $useTable = 'objects';
public $actsAs = array(
'Containable',
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
'userModel' => 'User',
'userKey' => 'user_id',
'change' => 'full'),
);
public $belongsTo = array(
'Event' => array(
'className' => 'Event',
'foreignKey' => 'event_id'
),
'SharingGroup' => array(
'className' => 'SharingGroup',
'foreignKey' => 'sharing_group_id'
),
'ObjectTemplate' => array(
'className' => 'ObjectTemplate',
'foreignKey' => false,
'dependent' => false,
'conditions' => array('MispObject.template_uuid' => 'ObjectTemplate.uuid')
)
);
public $hasMany = array(
'Attribute' => array(
'className' => 'Attribute',
'dependent' => true,
),
'ObjectReference' => array(
'className' => 'ObjectReference',
'dependent' => true,
'foreignKey' => 'object_id'
),
);
public $validate = array(
);
public function beforeValidate($options = array()) {
parent::beforeValidate();
if (empty($this->data[$this->alias]['comment'])) {
$this->data[$this->alias]['comment'] = "";
}
// generate UUID if it doesn't exist
if (empty($this->data[$this->alias]['uuid'])) {
$this->data[$this->alias]['uuid'] = CakeText::uuid();
}
// generate timestamp if it doesn't exist
if (empty($this->data[$this->alias]['timestamp'])) {
$date = new DateTime();
$this->data[$this->alias]['timestamp'] = $date->getTimestamp();
}
if (empty($this->data[$this->alias]['template_version'])) {
$this->data[$this->alias]['template_version'] = 1;
}
if (isset($this->data[$this->alias]['deleted']) && empty($this->data[$this->alias]['deleted'])) {
$this->data[$this->alias]['deleted'] = 0;
}
if (!isset($this->data[$this->alias]['distribution']) || $this->data['Object']['distribution'] != 4) $this->data['Object']['sharing_group_id'] = 0;
if (!isset($this->data[$this->alias]['distribution'])) $this->data['Object']['distribution'] = 5;
return true;
}
public function afterDelete() {
if (!empty($this->data[$this->alias]['id'])) {
$this->ObjectReference->deleteAll(
array(
'ObjectReference.referenced_type' => 1,
'ObjectReference.referenced_id' => $this->data[$this->alias]['id'],
),
false
);
}
}
public function saveObject($object, $eventId, $template, $user, $errorBehaviour = 'drop') {
$this->create();
$templateFields = array(
'name' => 'name',
'meta-category' => 'meta-category',
'description' => 'description',
'template_version' => 'version',
'template_uuid' => 'uuid'
);
foreach ($templateFields as $k => $v) {
$object['Object'][$k] = $template['ObjectTemplate'][$v];
}
$object['Object']['event_id'] = $eventId;
$result = false;
if ($this->save($object)) {
$id = $this->id;
foreach ($object['Attribute'] as $k => $attribute) {
$object['Attribute'][$k]['object_id'] = $id;
}
$result = $this->Attribute->saveAttributes($object['Attribute']);
} else {
$result = $this->validationErrors;
}
return $id;
}
public function buildEventConditions($user, $sgids = false) {
if ($user['Role']['perm_site_admin']) return array();
if ($sgids == false) {
$sgsids = $this->SharingGroup->fetchAllAuthorised($user);
}
return array(
'OR' => array(
array(
'AND' => array(
'Event.distribution >' => 0,
'Event.distribution <' => 4,
Configure::read('MISP.unpublishedprivate') ? array('Event.published' => 1) : array(),
),
),
array(
'AND' => array(
'Event.sharing_group_id' => $sgids,
'Event.distribution' => 4,
Configure::read('MISP.unpublishedprivate') ? array('Event.published' => 1) : array(),
)
)
)
);
}
public function buildConditions($user, $sgids = false) {
$conditions = array();
if (!$user['Role']['perm_site_admin']) {
if ($sgids === false) {
$sgsids = $this->SharingGroup->fetchAllAuthorised($user);
}
$conditions = array(
'AND' => array(
'OR' => array(
array(
'AND' => array(
'Event.org_id' => $user['org_id'],
)
),
array(
'AND' => array(
$this->buildEventConditions($user, $sgids),
'OR' => array(
'Object.distribution' => array('1', '2', '3', '5'),
'AND '=> array(
'Object.distribution' => 4,
'Object.sharing_group_id' => $sgsids,
)
)
)
)
)
)
);
}
return $conditions;
}
// Method that fetches all objects
// very flexible, it's basically a replacement for find, with the addition that it restricts access based on user
// options:
// fields
// contain
// conditions
// order
// group
public function fetchObjects($user, $options = array()) {
$sgsids = $this->SharingGroup->fetchAllAuthorised($user);
$params = array(
'conditions' => $this->buildConditions($user),
'recursive' => -1,
'contain' => array(
'Event' => array(
'fields' => array('id', 'info', 'org_id', 'orgc_id'),
),
'Attribute' => array(
'conditions' => array(
'OR' => array(
array(
'Event.org_id' => $user['org_id'],
),
array(
'OR' => array(
'Attribute.distribution' => array(1, 2, 3, 5),
array(
'Attribute.distribution' => 4,
'Attribute.sharing_group_id' => $sgids
)
)
)
)
),
'ShadowAttribute',
'AttributeTag' => array(
'Tag'
)
)
)
);
if (empty($options['includeAllTags'])) $params['contain']['Attribute']['AttributeTag']['Tag']['conditions']['exportable'] = 1;
if (isset($options['contain'])) $params['contain'] = array_merge_recursive($params['contain'], $options['contain']);
else $option['contain']['Event']['fields'] = array('id', 'info', 'org_id', 'orgc_id');
if (Configure::read('MISP.proposals_block_attributes') && isset($options['conditions']['AND']['Attribute.to_ids']) && $options['conditions']['AND']['Attribute.to_ids'] == 1) {
$this->Attribute->bindModel(array('hasMany' => array('ShadowAttribute' => array('foreignKey' => 'old_id'))));
$proposalRestriction = array(
'ShadowAttribute' => array(
'conditions' => array(
'AND' => array(
'ShadowAttribute.deleted' => 0,
'OR' => array(
'ShadowAttribute.proposal_to_delete' => 1,
'ShadowAttribute.to_ids' => 0
)
)
),
'fields' => array('ShadowAttribute.id')
)
);
$params['contain'] = array_merge($params['contain']['Attribute'], $proposalRestriction);
}
if (isset($options['fields'])) $params['fields'] = $options['fields'];
if (isset($options['conditions'])) $params['conditions']['AND'][] = $options['conditions'];
if (isset($options['order'])) $params['order'] = $options['order'];
if (!isset($options['withAttachments'])) $options['withAttachments'] = false;
else ($params['order'] = array());
if (!isset($options['enforceWarninglist'])) $options['enforceWarninglist'] = false;
if (!$user['Role']['perm_sync'] || !isset($options['deleted']) || !$options['deleted']) $params['contain']['Attribute']['conditions']['AND']['Attribute.deleted'] = 0;
if (isset($options['group'])) {
$params['group'] = array_merge(array('Object.id'), $options['group']);
}
if (Configure::read('MISP.unpublishedprivate')) $params['conditions']['AND'][] = array('OR' => array('Event.published' => 1, 'Event.orgc_id' => $user['org_id']));
$results = $this->find('all', $params);
if ($options['enforceWarninglist']) {
$this->Warninglist = ClassRegistry::init('Warninglist');
$warninglists = $this->Warninglist->fetchForEventView();
}
$results = array_values($results);
$proposals_block_attributes = Configure::read('MISP.proposals_block_attributes');
foreach ($results as $key => $objects) {
foreach ($objects as $key2 => $attribute) {
if ($options['enforceWarninglist'] && !$this->Warninglist->filterWarninglistAttributes($warninglists, $attribute['Attribute'], $this->Warninglist)) {
unset($results[$key][$key2]);
continue;
}
if ($proposals_block_attributes) {
if (!empty($attribute['ShadowAttribute'])) {
unset($results[$key][$key2]);
} else {
unset($results[$key][$key2]['ShadowAttribute']);
}
}
if ($options['withAttachments']) {
if ($this->typeIsAttachment($attribute['Attribute']['type'])) {
$encodedFile = $this->base64EncodeAttachment($attribute['Attribute']);
$results[$key][$key2]['Attribute']['data'] = $encodedFile;
}
}
}
}
return $results;
}
/*
* Prepare the template form view's data, setting defaults, sorting elements
*/
public function prepareTemplate($template, $request = array()) {
$temp = array();
usort($template['ObjectTemplateElement'], function($a, $b) {
return $a['ui-priority'] < $b['ui-priority'];
});
$request_rearranged = array();
$template_object_elements = $template['ObjectTemplateElement'];
unset($template['ObjectTemplateElement']);
if (!empty($request['Attribute'])) {
foreach ($request['Attribute'] as $attribute) {
$request_rearranged[$attribute['object_relation']][] = $attribute;
}
}
foreach ($template_object_elements as $k => $v) {
if (empty($request_rearranged[$v['object_relation']])) {
if (isset($this->Event->Attribute->typeDefinitions[$v['type']])) {
$v['default_category'] = $this->Event->Attribute->typeDefinitions[$v['type']]['default_category'];
$v['to_ids'] = $this->Event->Attribute->typeDefinitions[$v['type']]['to_ids'];
if (empty($v['categories'])) {
$v['categories'] = array();
foreach ($this->Event->Attribute->categoryDefinitions as $catk => $catv) {
if (in_array($v['type'], $catv['types'])) {
$v['categories'][] = $catk;
}
}
}
$template['ObjectTemplateElement'][] = $v;
} else {
$template['warnings'][] = 'Missing attribute type "' . $v['type'] . '" found. Omitted template element ("' . $template_object_elements[$k]['object_relation'] . '") that would not pass validation due to this.';
}
} else {
foreach($request_rearranged[$v['object_relation']] as $request_item) {
if (isset($this->Event->Attribute->typeDefinitions[$v['type']])) {
$v['default_category'] = $request_item['category'];
$v['value'] = $request_item['value'];
$v['to_ids'] = $request_item['to_ids'];
$v['comment'] = $request_item['comment'];
if (!empty($request_item['uuid'])) $v['uuid'] = $request_item['uuid'];
if (isset($request_item['data'])) $v['data'] = $request_item['data'];
if (empty($v['categories'])) {
$v['categories'] = array();
foreach ($this->Event->Attribute->categoryDefinitions as $catk => $catv) {
if (in_array($v['type'], $catv['types'])) {
$v['categories'][] = $catk;
}
}
}
$template['ObjectTemplateElement'][] = $v;
} else {
$template['warnings'][] = 'Missing attribute type "' . $v['type'] . '" found. Omitted template element ("' . $template_object_elements[$k]['object_relation'] . '") that would not pass validation due to this.';
}
}
}
}
return $template;
}
/*
* Clean the attribute list up from artifacts introduced by the object form
*/
public function attributeCleanup($attributes) {
if (empty($attributes['Attribute'])) return 'No attribute data found';
foreach ($attributes['Attribute'] as $k => $attribute) {
if (isset($attribute['save']) && $attribute['save'] == 0) {
unset($attributes['Attribute'][$k]);
continue;
}
if (isset($attribute['value_select'])) {
if ($attribute['value_select'] !== 'Enter value manually') {
$attributes['Attribute'][$k]['value'] = $attribute['value_select'];
}
unset($attributes['Attribute'][$k]['value_select']);
}
if (isset($attribute['Attachment'])) {
// Check if there were problems with the file upload
// only keep the last part of the filename, this should prevent directory attacks
$filename = basename($attribute['Attachment']['name']);
$tmpfile = new File($attribute['Attachment']['tmp_name']);
if ((isset($attribute['Attachment']['error']) && $attribute['Attachment']['error'] == 0) ||
(!empty($attribute['Attachment']['tmp_name']) && $attribute['Attachment']['tmp_name'] != 'none')
) {
if (!is_uploaded_file($tmpfile->path))
throw new InternalErrorException('PHP says file was not uploaded. Are you attacking me?');
} else {
return 'Issues with the file attachment for the ' . $attribute['object_relation'] . ' attribute. The error code returned is ' . $attribute['Attachment']['error'];
}
$attributes['Attribute'][$k]['value'] = $attribute['Attachment']['name'];
unset($attributes['Attribute'][$k]['Attachment']);
$attributes['Attribute'][$k]['encrypt'] = $attribute['type'] == 'malware-sample' ? 1 : 0;
$attributes['Attribute'][$k]['data'] = base64_encode($tmpfile->read());
$tmpfile->delete();
$tmpfile->close();
}
unset($attributes['Attribute'][$k]['save']);
}
return $attributes;
}
public function deltaMerge($object, $objectToSave) {
$object['Object']['comment'] = $objectToSave['Object']['comment'];
$object['Object']['distribution'] = $objectToSave['Object']['distribution'];
if ($object['Object']['distribution'] == 4) {
$object['Object']['sharing_group_id'] = $objectToSave['Object']['sharing_group_id'];
}
$date = new DateTime();
$object['Object']['timestamp'] = $date->getTimestamp();
$this->save($object);
$checkFields = array('category', 'value', 'to_ids', 'distribution', 'sharing_group_id', 'comment');
foreach ($objectToSave['Attribute'] as $newKey => $newAttribute) {
foreach ($object['Attribute'] as $origKey => $originalAttribute) {
if (!empty($newAttribute['uuid'])) {
if ($newAttribute['uuid'] == $originalAttribute['uuid']) {
$different = false;
foreach ($checkFields as $f) {
if ($f == 'sharing_group_id' && empty($newAttribute[$f])) {
$newAttribute[$f] = 0;
}
if ($newAttribute[$f] != $originalAttribute[$f]) $different = true;
}
if ($different) {
$newAttribute['id'] = $originalAttribute['id'];
$newAttribute['event_id'] = $object['Object']['event_id'];
$newAttribute['object_id'] = $object['Object']['id'];
$newAttribute['timestamp'] = $date->getTimestamp();
$result = $this->Event->Attribute->save(array('Attribute' => $newAttribute), array(
'category',
'value',
'to_ids',
'distribution',
'sharing_group_id',
'comment',
'timestamp',
'object_id',
'event_id'
));
}
unset($object['Attribute'][$origKey]);
continue 2;
}
}
}
$this->Event->Attribute->create();
$newAttribute['event_id'] = $object['Object']['event_id'];
$newAttribute['object_id'] = $object['Object']['id'];
$this->Event->Attribute->save($newAttribute);
$attributeArrays['add'][] = $newAttribute;
unset($objectToSave['Attribute'][$newKey]);
}
foreach ($object['Attribute'] as $origKey => $originalAttribute) {
$originalAttribute['deleted'] = 1;
$this->Event->Attribute->save($originalAttribute);
}
return $this->id;
}
public function captureObject($object, $eventId, $user, $log = false) {
$this->create();
if (!isset($object['Object'])) {
$object = array('Object' => $object);
}
if (empty($log)) {
$log = ClassRegistry::init('Log');
}
$object['Object']['event_id'] = $eventId;
if ($this->save($object)) {
$this->Event->unpublishEvent($eventId);
$objectId = $this->id;
$partialFails = array();
foreach ($object['Object']['Attribute'] as $attribute) {
$this->Attribute->captureAttribute($attribute, $eventId, $user, $objectId, $log);
}
return true;
} else {
$log->create();
$log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Object',
'model_id' => 0,
'email' => $user['email'],
'action' => 'add',
'user_id' => $user['id'],
'title' => 'Object dropped due to validation for Event ' . $eventId . ' failed: ' . $object['Object']['name'],
'change' => 'Validation errors: ' . json_encode($this->validationErrors) . ' Full Object: ' . json_encode($attribute),
));
}
return 'fail';
}
public function editObject($object, $eventId, $user, $log) {
$object['event_id'] = $eventId;
if (isset($object['uuid'])) {
$existingObject = $this->find('first', array(
'recursive' => -1,
'conditions' => array('Object.uuid' => $object['uuid'])
));
if ($existingObject['Object']['event_id'] != $eventId) {
$this->Log->create();
$this->Log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Object',
'model_id' => 0,
'email' => $user['email'],
'action' => 'edit',
'user_id' => $user['id'],
'title' => 'Duplicate UUID found in object',
'change' => 'An object was blocked from being saved due to a duplicate UUID. The uuid in question is: ' . $object['uuid'] . '. This can also be due to the same object (or an object with the same UUID) existing in a different event)',
));
return true;
}
if (empty($existingObject)) {
return $this->captureObject($object, $eventId, $user, $log);
} else {
if (isset($object['timestamp'])) {
if ($existingObject['Object']['timestamp'] >= $object['timestamp']) {
return true;
}
} else {
$object['timestamp'] = $dateObj->getTimestamp();
}
}
} else {
return $this->captureObject($object, $eventId, $user, $log);
}
// At this point we have an existingObject that we can edit
$recoverFields = array(
'name',
'meta-category',
'description',
'template_uuid',
'template_version',
'distribution',
'sharing_group_id',
'comment',
'deleted'
);
foreach ($recoverFields as $rF) if (!isset($object[$rF])) $object[$rF] = $existingObject['Object'][$rF];
$object['id'] = $existingObject['Object']['id'];
$object['uuid'] = $existingObject['Object']['uuid'];
$object['event_id'] = $eventId;
if ($object['distribution'] == 4) {
$object['sharing_group_id'] = $this->SharingGroup->captureSG($object['SharingGroup'], $user);
}
if (!$this->save($object)) {
$this->Log->create();
$this->Log->save(array(
'org' => $user['Organisation']['name'],
'model' => 'Object',
'model_id' => 0,
'email' => $user['email'],
'action' => 'edit',
'user_id' => $user['id'],
'title' => 'Attribute dropped due to validation for Event ' . $eventId . ' failed: ' . $object['Object']['name'],
'change' => 'Validation errors: ' . json_encode($this->validationErrors) . ' Full Object: ' . json_encode($attribute),
));
return $this->validationErrors;
} else {
$this->Event->unpublishEvent($eventId);
}
if (!empty($object['Attribute'])) {
foreach ($object['Attribute'] as $attribute) {
$result = $this->Attribute->editAttribute($attribute, $eventId, $user, $this->id, $log);
}
}
}
public function updateTimestamp($id) {
$date = new DateTime();
$object = $this->find('first', array(
'recursive' => -1,
'conditions' => array('Object.id' => $id)
));
$object['Object']['timestamp'] = $date->getTimestamp();
$result = $this->save($object);
return $result;
}
}

216
app/Model/ObjectReference.php Normal file
View File

@ -0,0 +1,216 @@
<?php
App::uses('AppModel', 'Model');
class ObjectReference extends AppModel {
public $actsAs = array(
'Containable',
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
'userModel' => 'User',
'userKey' => 'user_id',
'change' => 'full'),
);
public $belongsTo = array(
'Object' => array(
'className' => 'MispObject',
'foreignKey' => 'object_id'
),
'ReferencedObject' => array(
'className' => 'MispObject',
'foreignKey' => false,
'conditions' => array(
'ReferencedObject.id' => 'ObjectReference.referenced_id',
1 => 'ObjectReference.referenced_type'
),
),
'ReferencedAttribute' => array(
'className' => 'Attribute',
'foreignKey' => false,
'conditions' => array(
'ReferencedAttribute.id' => 'ObjectReference.referenced_id',
0 => 'ObjectReference.referenced_type'
),
)
);
public $validate = array(
);
public function beforeValidate($options = array()) {
parent::beforeValidate();
if (empty($this->data['ObjectReference']['uuid'])) {
$this->data['ObjectReference']['uuid'] = CakeText::uuid();
}
$date = new DateTime();
$this->data['ObjectReference']['timestamp'] = $date->getTimestamp();
return true;
}
public function updateTimestamps($id, $objectReference = false) {
if (!$objectReference) {
$objectReference = $this->find('first', array(
'recursive' => -1,
'conditions' => array('ObjectReference.id' => $id),
'fields' => array('event_id', 'object_id')
));
}
if (empty($objectReference)) return false;
if (!isset($objectReference['ObjectReference'])) {
$objectReference = array('ObjectReference' => $objectReference);
}
$this->Object->updateTimestamp($objectReference['ObjectReference']['object_id']);
$this->Object->Event->unpublishEvent($objectReference['ObjectReference']['event_id']);
}
public function smartDelete($id, $hard = false) {
if ($hard) {
$result = $this->delete($id);
if ($result) {
$this->updateTimestamps($id);
}
return $result;
} else {
$reference = $this->find('first', array(
'conditions' => array('ObjectReference.id' => $id),
'recursive' => -1
));
if (empty($reference)) return array('Invalid object reference.');
$reference['ObjectReference']['deleted'] = 1;
$result = $this->save($reference);
if ($result) {
$this->updateTimestamps($id);
return true;
}
return $this->validationErrors;
}
}
public function smartSave($objectReference, $eventId) {
$sides = array('object', 'referenced');
$data = array();
foreach ($sides as $side) {
$data[$side] = $this->Object->find('first', array(
'conditions' => array(
'Object.uuid' => $objectReference[$side . '_uuid'],
'Object.event_id' => $eventId
),
'recursive' => -1,
'fields' => array('Object.id')
));
if (empty($data[$side]) && $side == 'referenced') {
$data[$side] = $this->Attribute->find('first', array(
'conditions' => array(
'Attribute.uuid' => $objectReference[$side . '_uuid'],
'Attribute.event_id' => $eventId
),
'recursive' => -1,
'fields' => array('Attribute.id')
));
$referenced_id = $data[$side]['Attribute']['id'];
$referenced_type = 0;
} else if (!empty($data[$side]) && $side == 'referenced') {
$referenced_id = $data[$side]['Object']['id'];
$referenced_type = 1;
} else if (!empty($data[$side]) && $side = 'object') {
$object_id = $data[$side]['Object']['id'];
} else {
return 'Invalid ' . $side . ' uuid';
}
}
$this->create();
$objectReference['referenced_type'] = $referenced_type;
$objectReference['referenced_id'] = $referenced_id;
$objectReference['object_id'] = $object_id;
$objectReference['event_id'] = $eventId;
$result = $this->save(array('ObjectReference' => $objectReference));
if (!$result) {
return $this->validationErrors;
} else {
$this->updateTimestamps($this->id, $objectReference);
}
return true;
}
public function captureReference($reference, $eventId, $user, $log = false) {
if ($log == false) {
$log = ClassRegistry::init('Log');
}
if (isset($reference['uuid'])) {
$existingReference = $this->find('first', array(
'conditions' => array('ObjectReference.uuid' => $reference['uuid']),
'recursive' => -1
));
if (!empty($existingReference)) {
// ObjectReference not newer than existing one
if (isset($reference['timestamp']) && $reference['timestamp'] <= $existingReference['ObjectReference']['timestamp']) {
return true;
}
$fieldsToUpdate = array('timestamp', 'relationship_type', 'comment', 'deleted');
foreach ($fieldsToUpdate as $field) {
if (isset($reference[$field])) $existingReference['ObjectReference'][$field] = $reference[$field];
}
$result = $this->save($existingReference);
if ($result) {
return true;
} else {
return $this->validationErrors;
}
}
}
if (isset($reference['object_uuid'])) {
$conditions = array('Object.uuid' => $reference['object_uuid']);
} else if (isset($reference['object_id'])) {
$conditions = array('Object.id' => $reference['object_id']);
} else {
return true;
}
$sourceObject = $this->Object->find('first', array(
'recursive' => -1,
'conditions' => $conditions
));
if (isset($reference['referenced_uuid'])) {
$conditions[0] = array('Attribute.uuid' => $reference['referenced_uuid']);
$conditions[1] = array('Object.uuid' => $reference['referenced_uuid']);
} else if (isset($reference['object_id'])) {
if ($reference['referenced_type'] == 1) {
$conditions[0] = array('Attribute.id' => $reference['referenced_id']);
$conditions[1] = array('Object.id' => $reference['referenced_id']);
} else {
$conditions = false;
}
} else {
return true;
}
if ($conditions) {
$referencedObject = $this->Object->find('first', array(
'recursive' => -1,
'conditions' => $conditions[1]
));
}
if (!isset($referencedObject)) {
$referencedObject = $this->Attribute->find('first', array(
'recursive' => -1,
'conditions' => $conditions[0]
));
if (empty($referencedObject)) return true;
$referenced_type = 0;
} else {
$referenced_type = 1;
}
$objectTypes = array('Attribute', 'Object');
if ($sourceObject['Object']['event_id'] != $eventId) return true;
if ($referencedObject[$objectTypes[$referenced_type]]['event_id'] != $eventId) return true;
$this->create();
unset($reference['id']);
$reference['referenced_type'] = $referenced_type;
$reference['object_id'] = $sourceObject['Object']['id'];
$reference['referenced_id'] = $referencedObject[$objectTypes[$referenced_type]]['id'];
$reference['referenced_uuid'] = $referencedObject[$objectTypes[$referenced_type]]['uuid'];
$reference['object_uuid'] = $sourceObject['Object']['uuid'];
$reference['event_id'] = $eventId;
$this->save(array('ObjectReference' => $reference));
return true;
}
}

57
app/Model/ObjectRelationship.php Normal file
View File

@ -0,0 +1,57 @@
<?php
App::uses('AppModel', 'Model');
class ObjectRelationship extends AppModel {
public $actsAs = array(
'Containable',
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
'userModel' => 'User',
'userKey' => 'user_id',
'change' => 'full'),
);
public $validate = array(
'name' => array(
'unique' => array(
'rule' => 'isUnique',
'message' => 'A relationship with this name already exists.'
),
'valueNotEmpty' => array(
'rule' => array('valueNotEmpty'),
),
),
);
public function beforeValidate($options = array()) {
parent::beforeValidate();
return true;
}
public function afterFind($results, $primary = false) {
foreach ($results as $k => $result) {
if (!empty($results[$k]['ObjectRelationship']['format'])) {
$results[$k]['ObjectRelationship']['format'] = json_decode($results[$k]['ObjectRelationship']['format'], true);
}
}
return $results;
}
public function update() {
$relationsFile = APP . 'files/misp-objects/relationships/definition.json';
if (file_exists($relationsFile)) {
$file = new File($relationsFile);
$relations = json_decode($file->read(), true);
if (!isset($relations['version'])) $relations['version'] = 1;
$this->deleteAll(array('version <' => $relations['version']));
foreach ($relations['values'] as $k => $relation) {
$relation['format'] = json_encode($relation['format'], true);
$relation['version'] = $relations['version'];
$this->create();
$this->save($relation);
}
}
return true;
}
}

222
app/Model/ObjectTemplate.php Normal file
View File

@ -0,0 +1,222 @@
<?php
App::uses('AppModel', 'Model');
class ObjectTemplate extends AppModel {
public $actsAs = array(
'Containable',
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
'userModel' => 'User',
'userKey' => 'user_id',
'change' => 'full'),
);
public $belongsTo = array(
'User' => array(
'className' => 'User',
'foreignKey' => 'user_id'
),
'Organisation' => array(
'className' => 'Organisation',
'foreignKey' => 'org_id'
)
);
public $hasMany = array(
'ObjectTemplateElement' => array(
'className' => 'ObjectTemplateElement',
'dependent' => true,
)
);
public $validate = array(
);
public function afterFind($results, $primary = false) {
foreach ($results as $k => $result) {
if (isset($results[$k]['ObjectTemplate']['requirements'])) {
$results[$k]['ObjectTemplate']['requirements'] = json_decode($results[$k]['ObjectTemplate']['requirements'], true);
}
}
return $results;
}
public function beforeSave($options = array()) {
$this->data['ObjectTemplate']['requirements'] = empty($this->data['ObjectTemplate']['requirements']) ? '[]' : json_encode($this->data['ObjectTemplate']['requirements']);
return true;
}
public function update($user) {
$objectsDir = APP . 'files/misp-objects/objects';
$directories = glob($objectsDir . '/*', GLOB_ONLYDIR);
foreach ($directories as $k => $dir) {
$dir = str_replace($objectsDir, '', $dir);
$directories[$k] = $dir;
}
$updated = array();
foreach ($directories as $dir) {
if (!file_exists($objectsDir . DS . $dir . DS . 'definition.json')) {
continue;
}
$file = new File($objectsDir . DS . $dir . DS . 'definition.json');
$template = json_decode($file->read(), true);
$file->close();
if (!isset($template['version'])) $template['version'] = 1;
$current = $this->find('first', array(
'fields' => array('MAX(version) AS version', 'uuid'),
'conditions' => array('uuid' => $template['uuid']),
'recursive' => -1,
'group' => array('uuid')
));
if (!empty($current)) $current['ObjectTemplate']['version'] = $current[0]['version'];
if (empty($current) || $template['version'] > $current['ObjectTemplate']['version']) {
$result = $this->__updateObjectTemplate($template, $current, $user);
if ($result === true) {
$temp = array('name' => $template['name'], 'new' => $template['version']);
if (!empty($current)) $temp['old'] = $current['ObjectTemplate']['version'];
$updated['success'][] = $temp;
} else {
$updated['fails'][] = array('name' => $template['name'], 'fail' => json_encode($result));
}
}
}
return $updated;
}
private function __updateObjectTemplate($template, $current, $user) {
$success = false;
$template['requirements'] = array();
$requirementFields = array('required', 'requiredOneOf');
foreach ($requirementFields as $field) {
if (isset($template[$field])) {
$template['requirements'][$field] = $template[$field];
}
}
$template['user_id'] = $user['id'];
$template['org_id'] = $user['org_id'];
$template['fixed'] = 1;
$this->create();
$result = $this->save($template);
if (!$result) {
return $this->validationErrors;
}
$id = $this->id;
$this->setActive($id);
$fieldsToCompare = array('object_relation', 'type', 'ui-priority', 'categories', 'sane_default', 'values_list', 'multiple');
foreach ($template['attributes'] as $k => $attribute) {
$attribute['object_relation'] = $k;
$attribute = $this->__convertJSONToElement($attribute);
$this->ObjectTemplateElement->create();
$attribute['object_template_id'] = $id;
$result = $this->ObjectTemplateElement->save(array('ObjectTemplateElement' => $attribute));
}
return true;
}
private function __convertJSONToElement($attribute) {
$result = array();
$translation_table = array(
'misp-usage-frequency' => 'frequency',
'misp-attribute' => 'type',
'description' => 'description',
'ui-priority' => 'ui-priority',
'type' => 'type',
'disable_correlation' => 'disable_correlation',
'object_relation' => 'object_relation',
'categories' => 'categories',
'sane_default' => 'sane_default',
'values_list' => 'values_list',
'multiple' => 'multiple'
);
foreach ($translation_table as $from => $to) {
if (isset($attribute[$from])) {
$result[$to] = $attribute[$from];
}
}
return $result;
}
public function checkTemplateConformity($template, $attributes) {
if (!empty($template['ObjectTemplate']['requirements'])) {
// check for all required attributes
if (!empty($template['ObjectTemplate']['requirements']['required'])) {
foreach ($template['ObjectTemplate']['requirements']['required'] as $requiredField) {
$found = false;
foreach ($attributes['Attribute'] as $attribute) {
if ($attribute['object_relation'] == $requiredField) {
$found = true;
}
}
if (!$found) return 'Could not save the object as a required attribute is not set (' . $requiredField . ')';
}
}
// check for all required one of attributes
if (!empty($template['ObjectTemplate']['requirements']['requiredOneOf'])) {
$found = false;
foreach ($template['ObjectTemplate']['requirements']['requiredOneOf'] as $requiredField) {
foreach ($attributes['Attribute'] as $attribute) {
if ($attribute['object_relation'] == $requiredField) {
$found = true;
}
}
}
if (!$found) return 'Could not save the object as it requires at least one of the following attributes to be set: ' . implode(', ', $template['ObjectTemplate']['requirements']['requiredOneOf']);
}
}
// check the multiple flag is adhered to
foreach ($template['ObjectTemplateElement'] as $template_attribute) {
if ($template_attribute['multiple'] !== true) {
$found_relations = array();
foreach ($attributes['Attribute'] as $attribute) {
if ($attribute['object_relation'] == $template_attribute['object_relation']) {
if (!isset($found_relations[$attribute['object_relation']])) {
$found_relations[$attribute['object_relation']] = true;
} else {
return 'Could not save the object as a unique relationship within the object was assigned to more than one attribute. This is only allowed if the multiple flag is set in the object template.';
}
}
}
}
}
return true;
}
// simple test to see if there are any object templates - if not trigger update
public function populateIfEmpty($user) {
$result = $this->find('first', array(
'recursive' => -1,
'fields' => array('ObjectTemplate.id')
));
if (empty($result)) {
$this->update($user);
}
return true;
}
public function setActive($id) {
$template = $this->find('first', array(
'recursive' => -1,
'conditions' => array('ObjectTemplate.id' => $id)
));
if (empty($template)) return false;
if ($template['ObjectTemplate']['active']) {
$template['ObjectTemplate']['active'] = 0;
$this->save($template);
return 0;
}
$similar_templates = $this->find('all', array(
'recursive' => -1,
'conditions' => array(
'ObjectTemplate.uuid' => $template['ObjectTemplate']['uuid'],
'NOT' => array(
'ObjectTemplate.id' => $template['ObjectTemplate']['id']
)
)
));
$template['ObjectTemplate']['active'] = 1;
$this->save($template);
foreach ($similar_templates as $st) {
$st['ObjectTemplate']['active'] = 0;
$this->save($st);
}
return 1;
}
}

45
app/Model/ObjectTemplateElement.php Normal file
View File

@ -0,0 +1,45 @@
<?php
App::uses('AppModel', 'Model');
class ObjectTemplateElement extends AppModel {
public $actsAs = array(
'Containable',
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
'userModel' => 'User',
'userKey' => 'user_id',
'change' => 'full'),
);
public $belongsTo = array(
);
public $validate = array(
);
public function afterFind($results, $primary = false) {
foreach ($results as $k => $result) {
if (isset($results[$k]['ObjectTemplateElement']['categories'])) {
$results[$k]['ObjectTemplateElement']['categories'] = json_decode($results[$k]['ObjectTemplateElement']['categories'], true);
}
if (isset($results[$k]['ObjectTemplateElement']['values_list'])) {
$results[$k]['ObjectTemplateElement']['values_list'] = json_decode($results[$k]['ObjectTemplateElement']['values_list'], true);
}
if (isset($results[$k]['ObjectTemplateElement']['sane_default'])) {
$results[$k]['ObjectTemplateElement']['sane_default'] = json_decode($results[$k]['ObjectTemplateElement']['sane_default'], true);
}
}
return $results;
}
public function beforeSave($options = array()) {
if (empty($this->data['ObjectTemplateElement']['description'])) {
$this->data['ObjectTemplateElement']['description'] = '';
}
$json_fields = array('categories', 'values_list', 'sane_default');
foreach ($json_fields as $field) {
$this->data['ObjectTemplateElement'][$field] = empty($this->data['ObjectTemplateElement'][$field]) ? '[]' : json_encode($this->data['ObjectTemplateElement'][$field]);
}
return true;
}
}

3
app/Model/Role.php
View File

@ -66,7 +66,8 @@ class Role extends AppModel {
'perm_template' => array('id' => 'RolePermTemplate', 'text' => 'Template Editor', 'readonlyenabled' => false),
'perm_sharing_group' => array('id' => 'RolePermSharingGroup', 'text' => 'Sharing Group Editor', 'readonlyenabled' => false),
'perm_delegate' => array('id' => 'RolePermDelegate', 'text' => 'Delegations Access', 'readonlyenabled' => false),
'perm_sighting' => array('id' => 'RolePermSighting', 'text' => 'Sighting Creator', 'readonlyenabled' => true)
'perm_sighting' => array('id' => 'RolePermSighting', 'text' => 'Sighting Creator', 'readonlyenabled' => true),
'perm_object_template' => array('id' => 'RolePermObjectTemplate', 'text' => 'Object Template Editor', 'readonlyenabled' => false),
);
public $premissionLevelName = array('Read Only', 'Manage Own Events', 'Manage Organisation Events', 'Manage and Publish Organisation Events');

9
app/Model/Server.php
View File

@ -137,6 +137,15 @@ class Server extends AppModel {
'type' => 'boolean',
'null' => true
),
'max_correlations_per_event' => array(
'level' => 1,
'description' => 'Sets the maximum number of correlations that can be fetched with a single event. For extreme edge cases this can prevent memory issues. The default value is 5k.',
'value' => 5000,
'errorMessage' => '',
'test' => 'testForNumeric',
'type' => 'numeric',
'null' => true
),
'maintenance_message' => array(
'level' => 2,
'description' => 'The message that users will see if the instance is not live.',

17
app/Model/Warninglist.php
View File

@ -232,6 +232,23 @@ class Warninglist extends AppModel{
return $warninglists;
}
public function checkForWarning($object, &$eventWarnings, $warningLists) {
if ($object['to_ids']) {
foreach ($warningLists as $list) {
if (in_array('ALL', $list['types']) || in_array($object['type'], $list['types'])) {
$result = $this->__checkValue($list['values'], $object['value'], $object['type'], $list['Warninglist']['type']);
if (!empty($result)) {
$object['warnings'][$result][] = $list['Warninglist']['name'];
if (!in_array($list['Warninglist']['name'], $eventWarnings)) {
$eventWarnings[$list['Warninglist']['id']] = $list['Warninglist']['name'];
}
}
}
}
}
return $object;
}
public function setWarnings(&$event, &$warninglists) {
if (empty($event['objects'])) return $event;
$eventWarnings = array();

3
app/Plugin/SysLogLogable/Model/Behavior/SysLogLogableBehavior.php
View File

@ -65,6 +65,9 @@ class SysLogLogableBehavior extends LogableBehavior {
foreach ( $Model->data[$Model->alias] as $key => $value ) {
if (isset($Model->data[$Model->alias][$Model->primaryKey]) && !empty($this->old) && isset($this->old[$Model->alias][$key])) {
$old = $this->old[$Model->alias][$key];
if (is_array($old)) {
$old = json_encode($old, true);
}
} else {
$old = '';
}

13
app/View/Attributes/add_attachment.ctp
View File

@ -61,9 +61,16 @@
'type' => 'checkbox',
'checked' => false,
'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
'label' => 'IDS (encrypt and hash)',
// 'after' => $this->Html->div('forminfo', 'Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"', ''),
//'after' => '<br>Tick this box to neutralize the sample. Every malware sample will be zipped with the password "infected"',
'label' => 'IDS (encrypt and hash)'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('advanced', array(
'type' => 'checkbox',
'checked' => false,
'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
'label' => 'Advanced extraction (if installed)',
));
?>
</fieldset>

48
app/View/Attributes/edit.ctp
View File

@ -8,10 +8,14 @@
'empty' => '(choose one)',
'label' => 'Category ' . $this->element('formInfo', array('type' => 'category'))
));
echo $this->Form->input('type', array(
$typeInputData = array(
'empty' => '(first choose category)',
'label' => 'Type ' . $this->element('formInfo', array('type' => 'type'))
));
'label' => 'Type ' . $this->element('formInfo', array('type' => 'type')),
);
if ($objectAttribute) {
$typeInputData[] = 'disabled';
}
echo $this->Form->input('type', $typeInputData);
?>
<div class="input clear"></div>
<?php
@ -50,9 +54,11 @@
echo $this->Form->input('to_ids', array(
'label' => 'for Intrusion Detection System',
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
));
if (!$objectAttribute) {
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
));
}
?>
</fieldset>
<p style="color:red;font-weight:bold;display:none;<?php if (isset($ajax) && $ajax) echo "text-align:center;";?> " id="warning-message">Warning: You are about to share data that is of a sensitive nature (Attribution / targeting data). Make sure that you are authorised to share this.</p>
@ -103,18 +109,24 @@ $(document).ready(function() {
else $('#SGContainer').hide();
});
$("#AttributeCategory").on('change', function(e) {
formCategoryChanged('Attribute');
if ($(this).val() === 'Attribution' || $(this).val() === 'Targeting data') {
$("#warning-message").show();
} else {
$("#warning-message").hide();
}
if ($(this).val() === 'Internal reference') {
$("#AttributeDistribution").val('0');
$('#SGContainer').hide();
}
});
<?php
if (!$objectAttribute):
?>
$("#AttributeCategory").on('change', function(e) {
formCategoryChanged('Attribute');
if ($(this).val() === 'Attribution' || $(this).val() === 'Targeting data') {
$("#warning-message").show();
} else {
$("#warning-message").hide();
}
if ($(this).val() === 'Internal reference') {
$("#AttributeDistribution").val('0');
$('#SGContainer').hide();
}
});
<?php
endif;
?>
$("#AttributeCategory, #AttributeType, #AttributeDistribution").change(function() {
initPopoverContent('Attribute');

267
app/View/Elements/Events/View/row_attribute.ctp Normal file
View File

@ -0,0 +1,267 @@
<?php
$tr_class = '';
$linkClass = 'blue';
$otherColour = 'blue';
if (!empty($child)) {
if ($child === 'last' && empty($object['ShadowAttribute'])) {
$tr_class .= ' tableHighlightBorderBottom borderBlue';
} else {
$tr_class .= ' tableHighlightBorderCenter borderBlue';
}
if (!empty($object['ShadowAttribute'])) {
$tr_class .= ' tableInsetOrangeFirst';
}
} else {
$child = false;
if (!empty($object['ShadowAttribute'])) {
$tr_class .= ' tableHighlightBorderTop borderOrange';
}
}
if (!empty($object['deleted'])) {
$tr_class .= ' deleted-attribute';
}
if (!empty($k)) {
$tr_class .= ' row_' . h($k);
}
?>
<tr id = "Attribute_<?php echo h($object['id']); ?>_tr" class="<?php echo $tr_class; ?>" tabindex="0">
<?php
if ($mayModify):
?>
<td style="width:10px;" data-position="<?php echo h($object['objectType']) . '_' . h($object['id']); ?>">
<input id = "select_<?php echo $object['id']; ?>" class="select_attribute row_checkbox" type="checkbox" data-id="<?php echo $object['id'];?>" />
</td>
<?php
endif;
?>
<td class="short context hidden">
<?php echo h($object['id']); ?>
</td>
<td class="short context hidden">
<?php echo h($object['uuid']); ?>
</td>
<td class="short">
<?php echo date('Y-m-d', $object['timestamp']); ?>
</td>
<td class="short">
&nbsp;
</td>
<td class="short">
<div id = "Attribute_<?php echo $object['id']; ?>_category_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_category_solid" class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'category', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['category']); ?>
</div>
</td>
<td class="short">
<?php
if (isset($object['object_relation'])):
?>
<div class="bold"><?php echo h($object['object_relation']); ?>:</div>
<?php
endif;
?>
<div></div>
<div id = "Attribute_<?php echo $object['id']; ?>_type_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_type_solid" class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'type', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['type']); ?>
</div>
</td>
<td id="Attribute_<?php echo h($object['id']); ?>_container" class="showspaces limitedWidth shortish">
<div id="Attribute_<?php echo $object['id']; ?>_value_placeholder" class="inline-field-placeholder"></div>
<?php
if ('attachment' !== $object['type'] && 'malware-sample' !== $object['type']) $editable = ' ondblclick="activateField(\'Attribute\', \'' . $object['id'] . '\', \'value\', \'' . $event['Event']['id'] . '\');"';
else $editable = '';
?>
<div id = "Attribute_<?php echo $object['id']; ?>_value_solid" class="inline-field-solid" <?php echo $editable; ?>>
<span <?php if (Configure::read('Plugin.Enrichment_hover_enable') && isset($modules) && isset($modules['hover_type'][$object['type']])) echo 'class="eventViewAttributeHover" data-object-type="Attribute" data-object-id="' . h($object['id']) . '"'?>>
<?php
echo $this->element('/Events/View/value_field', array('object' => $object, 'linkClass' => $linkClass));
?>
</span>
<?php
if (isset($object['warnings'])) {
$temp = '';
$components = array(1 => 0, 2 => 1);
$valueParts = explode('|', $object['value']);
foreach ($components as $component => $valuePart) {
if (isset($object['warnings'][$component]) && isset($valueParts[$valuePart])) {
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
}
}
echo ' <span class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover">&nbsp;</span>';
}
?>
</div>
</td>
<td class="shortish">
<div class="attributeTagContainer" id="#Attribute_<?php echo h($object['id']);?>_tr .attributeTagContainer">
<?php echo $this->element('ajaxAttributeTags', array('attributeId' => $object['id'], 'attributeTags' => $object['AttributeTag'], 'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id']) )); ?>
</div>
</td>
<td class="showspaces bitwider">
<div id = "Attribute_<?php echo $object['id']; ?>_comment_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_comment_solid" class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'comment', <?php echo $event['Event']['id'];?>);">
<?php echo nl2br(h($object['comment'])); ?>&nbsp;
</div>
</td>
<?php
if ($mayChangeCorrelation && !$event['Event']['disable_correlation']):
?>
<td class="short" style="padding-top:3px;">
<input id="correlation_toggle_<?php echo h($object['id']); ?>" class="correlation-toggle" type="checkbox" data-attribute-id="<?php echo h($object['id']); ?>" <?php echo $object['disable_correlation'] ? '' : 'checked'; ?>>
</td>
<?php
endif;
?>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
$relatedObject = 'Attribute';
if (!empty($event['Related' . $relatedObject][$object['id']])) {
foreach ($event['Related' . $relatedObject][$object['id']] as $relatedAttribute) {
$relatedData = array('Event info' => $relatedAttribute['info'], 'Correlating Value' => $relatedAttribute['value'], 'date' => isset($relatedAttribute['date']) ? $relatedAttribute['date'] : 'N/A');
$popover = '';
foreach ($relatedData as $k => $v) {
$popover .= '<span class=\'bold black\'>' . h($k) . '</span>: <span class="blue">' . h($v) . '</span><br />';
}
echo '<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="' . h($popover) . '" data-trigger="hover"><span>';
if ($relatedAttribute['org_id'] == $me['org_id']) {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array('class' => 'red'));
} else {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array('class' => $otherColour));
}
echo "</span></li>";
echo ' ';
}
}
?>
</ul>
</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
if (!empty($object['Feed'])):
foreach ($object['Feed'] as $feed):
$popover = '';
foreach ($feed as $k => $v):
if ($k == 'id') continue;
$popover .= '<span class=\'bold black\'>' . Inflector::humanize(h($k)) . '</span>: <span class="blue">' . h($v) . '</span><br />';
endforeach;
?>
<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="<?php echo h($popover);?>" data-trigger="hover"><span>
<?php
if ($isSiteAdmin):
echo $this->Html->link($feed['id'], array('controller' => 'feeds', 'action' => 'previewIndex', $feed['id']), array('style' => 'margin-right:3px;'));
else:
?>
<span style="margin-right:3px;"><?php echo h($feed['id']);?></span>
<?php
endif;
endforeach;
?>
</li>
<?php
endif;
?>
</ul>
</td>
<td class="short">
<div id = "Attribute_<?php echo $object['id']; ?>_to_ids_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_to_ids_solid" class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'to_ids', <?php echo $event['Event']['id'];?>);">
<?php echo $object['to_ids'] ? 'Yes' : 'No'; ?>
</div>
</td>
<td class="shortish">
<?php
$turnRed = '';
if ($object['distribution'] == 0) $turnRed = 'style="color:red"';
?>
<div id = "Attribute_<?php echo $object['id']; ?>_distribution_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_distribution_solid" <?php echo $turnRed; ?> class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'distribution', <?php echo $event['Event']['id'];?>);">
<?php
if ($object['distribution'] == 4):
?>
<a href="/sharing_groups/view/<?php echo h($object['sharing_group_id']); ?>"><?php echo h($object['SharingGroup']['name']);?></a>
<?php
else:
echo h($shortDist[$object['distribution']]);
endif;
?>
</div>
</td>
<?php
if (Configure::read('Plugin.Sightings_enable') !== false):
echo $this->element('/Events/View/sighting_field', array(
'object' => $object,
'tr_class' => $tr_class,
'page' => $page
));
endif;
?>
<td class="short action-links">
<?php
if ($object['deleted']):
if ($isSiteAdmin || $mayModify):
?>
<span class="icon-repeat useCursorPointer" title="Restore attribute" role="button" tabindex="0" aria-label="Restore attribute" onClick="deleteObject('attributes', 'restore', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<span class="icon-trash useCursorPointer" title="Delete attribute" role="button" tabindex="0" aria-label="Permanently delete attribute" onClick="deleteObject('attributes', 'delete', '<?php echo h($object['id']) . '/true'; ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
endif;
else:
if ($isSiteAdmin || !$mayModify):
if (isset($modules) && isset($modules['types'][$object['type']])):
?>
<span class="icon-asterisk useCursorPointer" title="Query enrichment" role="button" tabindex="0" aria-label="Query enrichment" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/ShadowAttribute');" title="Propose enrichment">&nbsp;</span>
<?php
endif;
if (isset($cortex_modules) && isset($cortex_modules['types'][$object['type']])):
?>
<span class="icon-eye-open useCursorPointer" title="Query Cortex" role="button" tabindex="0" aria-label="Query Cortex" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/ShadowAttribute/Cortex');" title="Propose enrichment through Cortex"></span>
<?php
endif;
?>
<a href="<?php echo $baseurl;?>/shadow_attributes/edit/<?php echo $object['id']; ?>" title="Propose Edit" class="icon-share useCursorPointer"></a>
<span class="icon-trash useCursorPointer" title="Propose Deletion" role="button" tabindex="0" aria-label="Propose deletion" onClick="deleteObject('shadow_attributes', 'delete', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
if ($isSiteAdmin):
?>
<span class="verticalSeparator">&nbsp;</span>
<?php endif;
endif;
if ($isSiteAdmin || $mayModify):
if (isset($modules) && isset($modules['types'][$object['type']])):
?>
<span class="icon-asterisk useCursorPointer" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/Attribute');" title="Add enrichment" role="button" tabindex="0" aria-label="Add enrichment">&nbsp;</span>
<?php
endif;
if (isset($cortex_modules) && isset($cortex_modules['types'][$object['type']])):
?>
<span class="icon-eye-open useCursorPointer" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/Attribute/Cortex');" title="Add enrichment" role="button" tabindex="0" aria-label="Add enrichment via Cortex">C</span>
<?php
endif;
?>
<a href="<?php echo $baseurl;?>/attributes/edit/<?php echo $object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
<span class="icon-trash useCursorPointer" title="Delete attribute" role="button" tabindex="0" aria-label="Delete attribute" onClick="deleteObject('attributes', 'delete', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
endif;
endif;
?>
</td>
</tr>
<?php
if (!empty($object['ShadowAttribute'])) {
end($object['ShadowAttribute']);
$lastElement = key($object['ShadowAttribute']);
foreach ($object['ShadowAttribute'] as $propKey => $proposal) {
echo $this->element('/Events/View/row_' . $proposal['objectType'], array(
'object' => $proposal,
'mayModify' => $mayModify,
'mayChangeCorrelation' => $mayChangeCorrelation,
'page' => $page,
'fieldCount' => $fieldCount,
'child' => $propKey == $lastElement ? 'last' : true,
'objectContainer' => $child
));
}
}
?>

105
app/View/Elements/Events/View/row_object.ctp Normal file
View File

@ -0,0 +1,105 @@
<?php
$tr_class = '';
$linkClass = 'white';
$currentType = 'denyForm';
$tr_class = 'tableHighlightBorderTop borderBlue';
if ($object['deleted']) $tr_class .= ' lightBlueRow';
else $tr_class .= ' blueRow';
if (!empty($k)) {
$tr_class .= ' row_' . h($k);
}
?>
<tr id = "Object_<?php echo $object['id']; ?>_tr" class="<?php echo $tr_class; ?>" tabindex="0">
<?php
if ($mayModify):
?>
<td style="width:10px;" data-position="<?php echo h($object['objectType']) . '_' . h($object['id']); ?>">
<input id = "select_object_<?php echo $object['id']; ?>" class="select_object row_checkbox" type="checkbox" data-id="<?php echo $object['id'];?>" />
</td>
<?php
endif;
?>
<td class="short context hidden">
<?php echo h($object['id']); ?>
</td>
<td class="short context hidden">
<?php echo h($object['uuid']); ?>
</td>
<td class="short" colspan="2">
<?php echo date('Y-m-d', $object['timestamp']); ?>
</td>
<td colspan="<?php echo $fieldCount -5;?>">
<span class="bold">Name: </span><?php echo h($object['name']);?>
<span class="fa fa-expand useCursorPointer" title="Expand or Collapse" role="button" tabindex="0" aria-label="Expand or Collapse" data-toggle="collapse" data-target="#Object_<?php echo h($object['id']); ?>_collapsible"></span>
<br />
<div id="Object_<?php echo $object['id']; ?>_collapsible" class="collapse">
<span class="bold">Meta-category: </span><?php echo h($object['meta-category']);?><br />
<span class="bold">Description: </span><?php echo h($object['description']);?><br />
<span class="bold">Template: </span><?php echo h($object['name']) . ' v' . h($object['template_version']) . ' (' . h($object['template_uuid']) . ')'; ?>
</div>
<?php
echo $this->element('/Events/View/row_object_reference', array(
'deleted' => $deleted,
'object' => $object
));
if (!empty($object['referenced_by'])) {
echo $this->element('/Events/View/row_object_referenced_by', array(
'deleted' => $deleted,
'object' => $object
));
}
?>
</td>
<td class="shortish">
<?php
$turnRed = '';
if ($object['objectType'] == 0 && $object['distribution'] == 0) $turnRed = 'style="color:red"';
?>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_distribution_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_distribution_solid'; ?>" <?php echo $turnRed; ?> class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'distribution', <?php echo $event['Event']['id'];?>);">
<?php
if ($object['objectType'] == 0) {
if ($object['distribution'] == 4):
?>
<a href="/sharing_groups/view/<?php echo h($object['sharing_group_id']); ?>"><?php echo h($object['SharingGroup']['name']);?></a>
<?php
else:
echo h($shortDist[$object['distribution']]);
endif;
}
?>&nbsp;
</div>
</td>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td class="short action-links">
<?php
if ($mayModify && empty($object['deleted'])):
?>
<a href="<?php echo $baseurl;?>/objects/edit/<?php echo $object['id']; ?>" title="Edit" class="icon-edit icon-white useCursorPointer"></a>
<span class="icon-trash icon-white useCursorPointer" title="Delete object" role="button" tabindex="0" aria-label="Delete attribute" onClick="deleteObject('objects', 'delete', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
elseif ($mayModify):
?>
<span class="icon-trash icon-white useCursorPointer" title="Delete object" role="button" tabindex="0" aria-label="Delete attribute" onClick="deleteObject('objects', 'delete', '<?php echo h($object['id']) . '/true'; ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
endif;
?>
</td>
</tr>
<?php
if (!empty($object['Attribute'])) {
end($object['Attribute']);
$lastElement = key($object['Attribute']);
foreach ($object['Attribute'] as $attrKey => $attribute) {
echo $this->element('/Events/View/row_' . $attribute['objectType'], array(
'object' => $attribute,
'mayModify' => $mayModify,
'mayChangeCorrelation' => $mayChangeCorrelation,
'page' => $page,
'fieldCount' => $fieldCount,
'child' => $attrKey == $lastElement ? 'last' : true
));
}
}
?>

50
app/View/Elements/Events/View/row_object_reference.ctp Normal file
View File

@ -0,0 +1,50 @@
<span class="bold">References: </span>
<?php
$refCount = count($object['ObjectReference']);
if ($deleted) {
$temp = array(0, 0);
foreach ($object['ObjectReference'] as $objectRef) {
if ($objectRef['deleted']) {
$temp[1]++;
} else {
$temp[0]++;
}
}
$refCount = $temp[0];
if ($temp[1] != 0) {
$refCount .= ' <span class="strikethrough">' . $temp[1] . '</span>';
}
}
echo $refCount . ' ';
if (!empty($object['ObjectReference'])):
?>
<span class="fa fa-expand useCursorPointer" title="Expand or Collapse" role="button" tabindex="0" aria-label="Expand or Collapse" data-toggle="collapse" data-target="#Object_<?php echo h($object['id']); ?>_references_collapsible"></span>
<?php
endif;
?>
<span class="fa fa-plus-square useCursorPointer" title="Add reference" role="button" tabindex="0" aria-label="Add reference" onClick="genericPopup('<?php echo '/objectReferences/add/' . h($object['id']);?>', '#popover_form');"></span>
<div id="Object_<?php echo $object['id']; ?>_references_collapsible" class="collapse">
<?php
foreach ($object['ObjectReference'] as $reference):
if (!empty($reference['Object'])) {
$uuid = $reference['Object']['uuid'];
$output = ' (' . $reference['Object']['name'] . ': ' . $reference['Object']['name'] . ')';
$objectType = 'Object';
} else {
$uuid = $reference['Attribute']['uuid'];
$output = ' (' . $reference['Attribute']['category'] . '/' . $reference['Attribute']['type'] . ': "' . $reference['Attribute']['value'] . '")';
$objectType = 'Attribute';
}
$uuid = empty($reference['Object']) ? $reference['Attribute']['uuid'] : $reference['Object']['uuid'];
$idref = $reference['deleted'] ? $reference['id'] . '/1' : $reference['id'];
?>
&nbsp;&nbsp;
<a class="bold white useCursorPointer <?php echo $reference['deleted'] ? 'strikethrough' : ''; ?>" onClick="pivotObjectReferences('<?php echo h($currentUri); ?>', '<?php echo $uuid; ?>')">
<?php echo h($reference['relationship_type']) . ' ' . $objectType . ' ' . $reference['referenced_id'] . h($output);?>
</a>
<span class="icon-trash icon-white useCursorPointer" title="Delete object reference" role="button" tabindex="0" aria-label="Delete object reference" onClick="deleteObject('object_references', 'delete', '<?php echo h($idref); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<br />
<?php
endforeach;
?>
</div>

32
app/View/Elements/Events/View/row_object_referenced_by.ctp Normal file
View File

@ -0,0 +1,32 @@
<span class="bold">Referenced by: </span>
<?php
$refCount = count($object['referenced_by']['object']);
echo $refCount;
if (!empty($object['referenced_by']['object'])):
?>
<span class="fa fa-expand useCursorPointer" title="Expand or Collapse" role="button" tabindex="0" aria-label="Expand or Collapse" data-toggle="collapse" data-target="#Object_<?php echo h($object['id']); ?>_referenced_by_collapsible"></span>
<?php
endif;
?>
<div id="Object_<?php echo $object['id']; ?>_referenced_by_collapsible" class="collapse">
<?php
foreach ($object['referenced_by'] as $type => $reference):
foreach ($reference as $ref):
if ($type == 'object') {
$uuid = $ref['uuid'];
$output = ' (' . $ref['meta-category'] . ': ' . $ref['name'] . ')';
} else {
$uuid = $ref['uuid'];
$output = ' (' . $ref['category'] . '/' . $ref['type'] . ': "' . $ref['value'] . '")';
}
?>
&nbsp;&nbsp;
<a class="bold white useCursorPointer" onClick="pivotObjectReferences('<?php echo h($currentUri); ?>', '<?php echo $uuid; ?>')">
<?php echo h($ref['relationship_type']) . ' ' . ucfirst($type) . ' ' . h($ref['id']) . h($output);?>
</a>
<br />
<?php
endforeach;
endforeach;
?>
</div>

212
app/View/Elements/Events/View/row_proposal.ctp Normal file
View File

@ -0,0 +1,212 @@
<?php
$tr_class = 'darkOrangeRow';
$linkClass = 'white';
$currentType = 'denyForm';
if (!empty($objectContainer)) {
if (!empty($child)) {
if ($child === 'last') {
$tr_class .= ' tableInsetOrangeLast';
} else {
$tr_class .= ' tableInsetOrangeMiddle';
}
} else {
$tr_class .= ' tableInsetOrange';
}
if ($child === 'last') {
$tr_class .= ' tableHighlightBorderBottom borderBlue';
} else {
$tr_class .= ' tableHighlightBorderCenter borderBlue';
}
} else {
if (!empty($child)) {
if ($child === 'last') {
$tr_class .= ' tableHighlightBorderBottom borderOrange';
} else {
$tr_class .= ' tableHighlightBorderCenter borderOrange';
}
} else {
$tr_class .= ' tableHighlightBorder borderOrange';
}
}
$identifier = (empty($k)) ? '' : ' id="row_' . h($k) . '" tabindex="0"';
?>
<tr id = "proposal<?php echo '_' . $object['id'] . '_tr'; ?>" class="<?php echo $tr_class; ?>" <?php echo $identifier; ?>>
<?php if ($mayModify): ?>
<td style="width:10px;" data-position="<?php echo h($object['objectType']) . '_' . h($object['id']); ?>">
<input id = "select_proposal_<?php echo $object['id']; ?>" class="select_proposal row_checkbox" type="checkbox" data-id="<?php echo $object['id'];?>" />
</td>
<?php endif; ?>
<td class="short context hidden">
<?php
echo $object['objectType'] == 0 ? h($object['id']) : '&nbsp;';
?>
</td>
<td class="short context hidden">
<?php echo $object['objectType'] == 0 ? h($object['uuid']) : '&nbsp;'; ?>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_timestamp_solid'; ?>">
<?php
if (isset($object['timestamp'])) echo date('Y-m-d', $object['timestamp']);
else echo '&nbsp';
?>
</div>
</td>
<td class="short">
<?php
if ($object['objectType'] != 0) {
if (isset($object['Org']['name'])) {
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS . h($object['Org']['name']) . '.png';
if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($object['Org']['name']) . '.png', array('alt' => h($object['Org']['name']), 'title' => h($object['Org']['name']), 'style' => 'width:24px; height:24px'));
else echo h($object['Org']['name']);
}
} else { ?>
&nbsp;
<?php
}
?>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'category', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['category']); ?>
</div>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'type', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['type']); ?>
</div>
</td>
<td id="<?php echo h($currentType) . '_' . h($object['id']) . '_container'; ?>" class="showspaces limitedWidth shortish">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_placeholder'; ?>" class = "inline-field-placeholder"></div>
<?php
if ('attachment' !== $object['type'] && 'malware-sample' !== $object['type']) $editable = ' ondblclick="activateField(\'' . $currentType . '\', \'' . $object['id'] . '\', \'value\', \'' . $event['Event']['id'] . '\');"';
else $editable = '';
?>
<div id = "<?php echo $currentType; ?>_<?php echo $object['id']; ?>_value_solid" class="inline-field-solid" <?php echo $editable; ?>>
<span <?php if (Configure::read('Plugin.Enrichment_hover_enable') && isset($modules) && isset($modules['hover_type'][$object['type']])) echo 'class="eventViewAttributeHover" data-object-type="' . h($currentType) . '" data-object-id="' . h($object['id']) . '"'?>>
<?php
echo $this->element('/Events/View/value_field', array('object' => $object, 'linkClass' => $linkClass));
?>
</span>
<?php
if (isset($object['warnings'])) {
$temp = '';
$components = array(1 => 0, 2 => 1);
$valueParts = explode('|', $object['value']);
foreach ($components as $component => $valuePart) {
if (isset($object['warnings'][$component]) && isset($valueParts[$valuePart])) {
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
}
}
echo ' <span class="icon-warning-sign icon-white" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover">&nbsp;</span>';
}
?>
</div>
</td>
<td class="shortish">
<?php
if ($object['objectType'] == 0):
?>
<div class="attributeTagContainer">
&nbsp;
</div>
<?php
else:
?>
&nbsp;
<?php
endif;
?>
</td>
<td class="showspaces bitwider">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'comment', <?php echo $event['Event']['id'];?>);">
<?php echo nl2br(h($object['comment'])); ?>&nbsp;
</div>
</td>
<td class="short" style="padding-top:3px;">&nbsp;</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
if (!empty($event['RelatedShadowAttribute'][$object['id']])) {
foreach ($event['RelatedShadowAttribute'][$object['id']] as $relatedAttribute) {
$relatedData = array('Event info' => $relatedAttribute['info'], 'Correlating Value' => $relatedAttribute['value'], 'date' => isset($relatedAttribute['date']) ? $relatedAttribute['date'] : 'N/A');
$popover = '';
foreach ($relatedData as $k => $v) {
$popover .= '<span class=\'bold black\'>' . h($k) . '</span>: <span class="blue">' . h($v) . '</span><br />';
}
echo '<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="' . h($popover) . '" data-trigger="hover"><span>';
$correlationClass = 'white' . ($relatedAttribute['org_id'] == $me['org_id'] ? ' bold' : '');
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array('class' => $correlationClass));
echo "</span></li>";
echo ' ';
}
}
?>
</ul>
</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
if (!empty($object['Feed'])):
foreach ($object['Feed'] as $feed):
$popover = '';
foreach ($feed as $k => $v):
if ($k == 'id') continue;
$popover .= '<span class=\'bold black\'>' . Inflector::humanize(h($k)) . '</span>: <span class="blue">' . h($v) . '</span><br />';
endforeach;
?>
<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="<?php echo h($popover);?>" data-trigger="hover"><span>
<?php
if ($isSiteAdmin):
echo $this->Html->link($feed['id'], array('controller' => 'feeds', 'action' => 'previewIndex', $feed['id']), array('style' => 'margin-right:3px;'));
else:
?>
<span style="margin-right:3px;"><?php echo h($feed['id']);?></span>
<?php
endif;
endforeach;
?>
</li>
<?php
endif;
?>
</ul>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'to_ids', <?php echo $event['Event']['id'];?>);">
<?php
if ($object['to_ids']) echo 'Yes';
else echo 'No';
?>
</div>
</td>
<td class="shortish">&nbsp;</td>
<?php
if (Configure::read('Plugin.Sightings_enable') !== false):
?>
<td class="shortish">&nbsp;</td>
<td class="short">&nbsp;</td>
<?php
endif;
?>
<td class="short action-links">
<?php
if (($event['Orgc']['id'] == $me['org_id'] && $mayModify) || $isSiteAdmin) {
echo $this->Form->create('Shadow_Attribute', array('id' => 'ShadowAttribute_' . $object['id'] . '_accept', 'url' => '/shadow_attributes/accept/' . $object['id'], 'style' => 'display:none;'));
echo $this->Form->end();
?>
<span class="icon-ok icon-white useCursorPointer" title="Accept Proposal" role="button" tabindex="0" aria-label="Accept proposal" onClick="acceptObject('shadow_attributes', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}
if (($event['Orgc']['id'] == $me['org_id'] && $mayModify) || $isSiteAdmin || ($object['org_id'] == $me['org_id'])) {
?>
<span class="icon-trash icon-white useCursorPointer" title="Discard proposal" role="button" tabindex="0" aria-label="Discard proposal" onClick="deleteObject('shadow_attributes', 'discard' ,'<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}
?>
</td>
</tr>

70
app/View/Elements/Events/View/row_proposal_delete.ctp Normal file
View File

@ -0,0 +1,70 @@
<?php
$tr_class = 'redRow';
$linkClass = 'white';
$currentType = 'denyForm';
if (!empty($objectContainer)) {
if (!empty($child)) {
if ($child === 'last') {
$tr_class .= ' tableInsetOrangeLast';
} else {
$tr_class .= ' tableInsetOrangeMiddle';
}
} else {
$tr_class .= ' tableInsetOrange';
}
if ($child === 'last') {
$tr_class .= ' tableHighlightBorderBottom borderBlue';
} else {
$tr_class .= ' tableHighlightBorderCenter borderBlue';
}
} else {
if (!empty($child)) {
if ($child === 'last') {
$tr_class .= ' tableHighlightBorderBottom borderOrange';
} else {
$tr_class .= ' tableHighlightBorderCenter borderOrange';
}
} else {
$tr_class .= ' tableHighlightBorder borderOrange';
}
}
$identifier = (empty($k)) ? '' : ' id="row_' . h($k) . '" tabindex="0"';
?>
<tr id = "<?php echo $currentType . '_' . $object['id'] . '_tr'; ?>" class="<?php echo $tr_class; ?>" <?php echo $identifier; ?>>
<?php
if ($mayModify):
?>
<td style="width:10px;" data-position="<?php echo h($object['objectType']) . '_' . h($object['id']); ?>">
<?php if ($object['objectType'] == 0): ?>
<input id = "select_<?php echo $object['id']; ?>" class="select_attribute row_checkbox" type="checkbox" data-id="<?php echo $object['id'];?>" />
<?php else: ?>
<input id = "select_proposal_<?php echo $object['id']; ?>" class="select_proposal row_checkbox" type="checkbox" data-id="<?php echo $object['id'];?>" />
<?php endif; ?>
</td>
<?php
endif;
?>
<td class="short context hidden">
<?php echo h($object['id']); ?>
</td>
<td class="short context hidden">
<?php echo h($object['uuid']); ?>
</td>
<td colspan="<?php echo $fieldCount; ?>" style="font-weight:bold;text-align:left;width:100%;">DELETE</td>
<td class="short action-links">
<?php
if (($event['Orgc']['id'] == $me['org_id'] && $mayModify) || $isSiteAdmin) {
echo $this->Form->create('Shadow_Attribute', array('id' => 'ShadowAttribute_' . $object['id'] . '_accept', 'url' => '/shadow_attributes/accept/' . $object['id'], 'style' => 'display:none;'));
echo $this->Form->end();
?>
<span class="icon-ok icon-white useCursorPointer" title="Accept Proposal" role="button" tabindex="0" aria-label="Accept proposal" onClick="acceptObject('shadow_attributes', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}
if (($event['Orgc']['id'] == $me['org_id'] && $mayModify) || $isSiteAdmin || ($object['org_id'] == $me['org_id'])) {
?>
<span class="icon-trash icon-white useCursorPointer" title="Discard proposal" role="button" tabindex="0" aria-label="Discard proposal" onClick="deleteObject('shadow_attributes', 'discard' ,'<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}
?>
</td>
</tr>

35
app/View/Elements/Events/View/sighting_field.ctp Normal file
View File

@ -0,0 +1,35 @@
<td class="shortish">
<span id="sightingForm_<?php echo h($object['id']);?>">
<?php
echo $this->Form->create('Sighting', array('id' => 'Sighting_' . $object['id'], 'url' => '/sightings/add/' . $object['id'], 'style' => 'display:none;'));
echo $this->Form->input('type', array('label' => false, 'id' => 'Sighting_' . $object['id'] . '_type'));
echo $this->Form->end();
?>
</span>
<?php
$temp = array();
if (isset($sightingsData['csv'][$object['id']])) {
$temp = $sightingsData['csv'][$object['id']];
}
?>
<span class="icon-thumbs-up useCursorPointer" title="Add sighting" role="button" tabindex="0" aria-label="Add sighting" onClick="addSighting('0', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']);?>', '<?php echo h($page); ?>');">&nbsp;</span>
<span class="icon-thumbs-down useCursorPointer" title="Mark as false-positive" role="button" tabindex="0" aria-label="Mark as false-positive" onClick="addSighting('1', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']);?>', '<?php echo h($page); ?>');">&nbsp;</span>
<span class="icon-wrench useCursorPointer sightings_advanced_add" title="Advanced sightings" role="button" tabindex="0" aria-label="Advanced sightings" data-object-id="<?php echo h($object['id']); ?>" data-object-context="attribute">&nbsp;</span>
<span id="sightingCount_<?php echo h($object['id']); ?>" class="bold sightingsCounter_<?php echo h($object['id']); ?>" data-placement="top" data-toggle="popover" data-trigger="hover" data-content="<?php echo isset($sightingsData['data'][$object['id']]['html']) ? $sightingsData['data'][$object['id']]['html'] : ''; ?>">
<?php
$s = (!empty($sightingsData['data'][$object['id']]['sighting']['count']) ? $sightingsData['data'][$object['id']]['sighting']['count'] : 0);
$f = (!empty($sightingsData['data'][$object['id']]['false-positive']['count']) ? $sightingsData['data'][$object['id']]['false-positive']['count'] : 0);
$e = (!empty($sightingsData['data'][$object['id']]['expiration']['count']) ? $sightingsData['data'][$object['id']]['expiration']['count'] : 0);
?>
</span>
<span id="ownSightingCount_<?php echo h($object['id']); ?>" class="bold sightingsCounter_<?php echo h($object['id']); ?>" data-placement="top" data-toggle="popover" data-trigger="hover" data-content="<?php echo isset($sightingsData['data'][$object['id']]['html']) ? $sightingsData['data'][$object['id']]['html'] : ''; ?>">
<?php echo '(<span class="green">' . h($s) . '</span>/<span class="red">' . h($f) . '</span>/<span class="orange">' . h($e) . '</span>)'; ?>
</span>
</td>
<td class="short">
<?php
if (!empty($temp)) {
echo $this->element('sparkline', array('id' => $object['id'], 'csv' => $temp));
}
?>
</td>

49
app/View/Elements/Events/View/value_field.ctp Normal file
View File

@ -0,0 +1,49 @@
<?php
$sigDisplay = $object['value'];
if ('attachment' == $object['type'] || 'malware-sample' == $object['type'] ) {
if ($object['type'] == 'attachment' && isset($object['image'])) {
$extension = explode('.', $object['value']);
$extension = end($extension);
$uri = 'data:image/' . strtolower(h($extension)) . ';base64,' . h($object['image']);
echo '<img class="screenshot screenshot-collapsed useCursorPointer" src="' . $uri . '" title="' . h($object['value']) . '" />';
} else {
$filenameHash = explode('|', nl2br(h($object['value'])));
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo h($filepath);
echo '<a href="' . $baseurl . '/attributes/download/' . h($object['id']) . '" class="' . $linkClass . '">' . h($filename) . '</a>';
} else {
echo '<a href="' . $baseurl . '/attributes/download/' . h($object['id']) . '" class="' . $linkClass . '">' . h($filenameHash[0]) . '</a>';
}
if (isset($filenameHash[1])) echo '<br />' . $filenameHash[1];
}
} else if (strpos($object['type'], '|') !== false) {
$separator = in_array($object['type'], array('ip-dst|port', 'ip-src|port')) ? ':' : '<br />';
$separator_pos = strpos('|', $object['value']);
$final_value = h($object['value']);
echo substr_replace(h($object['value']), $separator, $separator_pos, strlen($separator));
} else if ('vulnerability' == $object['type']) {
$cveUrl = (is_null(Configure::read('MISP.cveurl'))) ? "http://www.google.com/search?q=" : Configure::read('MISP.cveurl');
echo $this->Html->link($sigDisplay, $cveUrl . $sigDisplay, array('target' => '_blank', 'class' => $linkClass));
} else if ('link' == $object['type']) {
echo $this->Html->link($sigDisplay, $sigDisplay, array('class' => $linkClass));
} else if ('cortex' == $object['type']) {
echo '<div class="cortex-json" data-cortex-json="' . h($object['value']) . '">Cortex object</div>';
} else if ('text' == $object['type']) {
if ($object['category'] == 'External analysis' && preg_match('/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/i', $object['value'])) {
echo '<a href="' . $baseurl . '/events/view/' . h($object['value']) . '" class="' . $linkClass . '">' . h($object['value']) . '</a>';
} else {
$sigDisplay = str_replace("\r", '', h($sigDisplay));
$sigDisplay = str_replace(" ", '&nbsp;', $sigDisplay);
echo nl2br($sigDisplay);
}
} else if ('hex' == $object['type']) {
$sigDisplay = str_replace("\r", '', $sigDisplay);
echo '<span class="hex-value" title="Hexadecimal representation">' . nl2br(h($sigDisplay)) . '</span>&nbsp;<span role="button" tabindex="0" aria-label="Switch to binary representation" class="icon-repeat hex-value-convert useCursorPointer" title="Switch to binary representation"></span>';
} else {
$sigDisplay = str_replace("\r", '', $sigDisplay);
echo nl2br(h($sigDisplay));
}
if (isset($object['validationIssue'])) echo ' <span class="icon-warning-sign" title="Warning, this doesn\'t seem to be a legitimage ' . strtoupper(h($object['type'])) . ' value">&nbsp;</span>';
?>

2
app/View/Elements/Events/eventIndexTable.ctp
View File

@ -69,7 +69,7 @@
<?php
if ($isSiteAdmin || ($event['Event']['orgc_id'] == $me['org_id'])):
?>
<td data-id="<?php echo h($event['Event']['id']); ?>">
<td style="width:10px;" data-id="<?php echo h($event['Event']['id']); ?>">
<input class="select" type="checkbox" data-id="<?php echo $event['Event']['id'];?>" />
</td>
<?php

117
app/View/Elements/Objects/object_add_attributes.ctp Normal file
View File

@ -0,0 +1,117 @@
<tr id="row_<?php echo h($k); ?>" class="attribute_row">
<td>
<?php
if (empty($enabledRows)) $enabledRows = array();
if (empty($action)) $action = 'add';
echo $this->Form->input('Attribute.' . $k . '.save', array(
'type' => 'checkbox',
'checked' => in_array($k, $enabledRows),
'label' => false,
'div' => false
));
?>
</td>
<td class="short" title="<?php echo h($element['description']); ?>">
<?php
$formSettings = array(
'type' => 'hidden',
'value' => $element['object_relation'],
'label' => false,
'div' => false
);
echo $this->Form->input('Attribute.' . $k . '.object_relation', $formSettings);
if ($action == 'edit') {
echo $this->Form->input('Attribute.' . $k . '.uuid', array(
'type' => 'hidden',
'label' => false,
'div' => false,
'value' => !empty($element['uuid']) ? $element['uuid'] : ''
));
}
$formSettings = array(
'type' => 'hidden',
'value' => $element['type'],
'label' => false,
'div' => false
);
echo $this->Form->input('Attribute.' . $k . '.type', $formSettings);
echo '<span class="bold">' . Inflector::humanize(h($element['object_relation'])) . '</span>';
if (!empty($template['ObjectTemplate']['requirements']['required']) && in_array($element['object_relation'], $template['ObjectTemplate']['requirements']['required'])) {
echo '<span class="bold red">' . '(*)' . '</span>';
}
echo ' :: ' . h($element['type']) . '';
?>
</td>
<td>
<?php echo h($element['description']); ?>
</td>
<td class="short">
<?php
$formSettings = array(
'options' => array_combine($element['categories'], $element['categories']),
'default' => $element['default_category'],
'style' => 'margin-bottom:0px;',
'label' => false,
'div' => false
);
echo $this->Form->input('Attribute.' . $k . '.category', $formSettings);
?>
</td>
<td class="short">
<?php
echo $this->element(
'Objects/object_value_field',
array(
'element' => $element,
'k' => $k
)
);
?>
</td>
<td>
<?php
echo $this->Form->input('Attribute.' . $k . '.to_ids', array(
'type' => 'checkbox',
'checked' => $element['to_ids'],
'label' => false,
'div' => false
));
?>
</td>
<td class="short">
<?php
echo $this->Form->input('Attribute.' . $k . '.distribution', array(
'class' => 'Attribute_distribution_select',
'options' => $distributionData['levels'],
'default' => !empty($element['distribution']) ? $element['distribution'] : $distributionData['initial'],
'style' => 'margin-bottom:0px;',
'label' => false,
'div' => false
));
?>
<br />
<?php
echo $this->Form->input('Attribute.' . $k . '.sharing_group_id', array(
'class' => 'Attribute_sharing_group_id_select',
'options' => $distributionData['sgs'],
'default' => !empty($element['sharing_group_id']) ? $element['sharing_group_id'] : false,
'label' => false,
'div' => false,
'style' => 'display:none;margin-bottom:0px;',
));
?>
</td>
<td class="short">
<?php
echo $this->Form->input('Attribute.' . $k . '.comment', array(
'type' => 'textarea',
'style' => 'height:20px;width:400px;',
'required' => false,
'allowEmpty' => true,
'label' => false,
'div' => false,
'value' => empty($element['comment']) ? '' : $element['comment']
));
?>
</td>
</tr>

56
app/View/Elements/Objects/object_value_field.ctp Normal file
View File

@ -0,0 +1,56 @@
<div class="object_value_field">
<?php
if ($element['type'] == 'malware-sample' || $element['type'] == 'attachment'):
echo $this->Form->file('Attribute.' . $k . '.Attachment', array(
'class' => 'Attribute_attachment'
));
else:
if (empty($element['values_list']) && empty($element['sane_default'])):
echo $this->Form->input('Attribute.' . $k . '.value', array(
'type' => 'textarea',
'required' => false,
'allowEmpty' => true,
'style' => 'height:20px;width:400px;',
'label' => false,
'div' => false,
'value' => empty($element['value']) ? '' : $element['value']
));
else:
if (empty($element['values_list'])) {
$list = $element['sane_default'];
$list[] = 'Enter value manually';
} else {
$list = $element['values_list'];
}
$list = array_combine($list, $list);
?>
<div class="value_select_with_manual_entry">
<?php
echo $this->Form->input('Attribute.' . $k . '.value_select', array(
'class' => 'Attribute_value_select',
'style' => 'width:414px;margin-bottom:0px;',
'options' => array_combine($list, $list),
'label' => false,
'div' => false,
'value' => empty($element['value']) ? '' : $element['value']
));
?>
<br />
<?php
echo $this->Form->input('Attribute.' . $k . '.value', array(
'class' => 'Attribute_value',
'type' => 'textarea',
'required' => false,
'allowEmpty' => true,
'style' => 'height:20px;width:400px;display:none;',
'label' => false,
'div' => false,
'value' => empty($element['value']) ? '' : $element['value']
));
?>
</div>
<?php
endif;
endif;
?>
</div>

146
app/View/Elements/Servers/View/row_attribute.ctp Normal file
View File

@ -0,0 +1,146 @@
<?php
if ($object['value'] == 'MERGE') debug($object);
$tr_class = '';
$linkClass = 'blue';
$otherColour = 'blue';
if (!empty($child)) {
if ($child === 'last') {
$tr_class .= ' tableHighlightBorderBottom borderBlue';
} else {
$tr_class .= ' tableHighlightBorderCenter borderBlue';
}
} else {
$child = false;
}
if (!empty($object['deleted'])) {
$tr_class .= ' deleted-attribute';
}
if (!empty($k)) {
$tr_class .= ' row_' . h($k);
}
?>
<tr id = "Attribute_<?php echo h($object['id']); ?>_tr" class="<?php echo $tr_class; ?>" tabindex="0">
<td class="short">
<?php echo date('Y-m-d', $object['timestamp']); ?>
</td>
<td class="short">
<div id = "Attribute_<?php echo $object['id']; ?>_category_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_category_solid" class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'category', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['category']); ?>
</div>
</td>
<td class="short">
<?php
if (isset($object['object_relation'])):
?>
<div class="bold"><?php echo h($object['object_relation']); ?>:</div>
<?php
endif;
?>
<div></div>
<div id = "Attribute_<?php echo $object['id']; ?>_type_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_type_solid" class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'type', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['type']); ?>
</div>
</td>
<td id="Attribute_<?php echo h($object['id']); ?>_container" class="showspaces limitedWidth shortish">
<div id="Attribute_<?php echo $object['id']; ?>_value_placeholder" class="inline-field-placeholder"></div>
<?php
if ('attachment' !== $object['type'] && 'malware-sample' !== $object['type']) $editable = ' ondblclick="activateField(\'Attribute\', \'' . $object['id'] . '\', \'value\', \'' . $event['Event']['id'] . '\');"';
else $editable = '';
?>
<div id = "Attribute_<?php echo $object['id']; ?>_value_solid" class="inline-field-solid" <?php echo $editable; ?>>
<span <?php if (Configure::read('Plugin.Enrichment_hover_enable') && isset($modules) && isset($modules['hover_type'][$object['type']])) echo 'class="eventViewAttributeHover" data-object-type="Attribute" data-object-id="' . h($object['id']) . '"'?>>
<?php
echo $this->element('/Events/View/value_field', array('object' => $object, 'linkClass' => $linkClass));
?>
</span>
<?php
if (isset($object['warnings'])) {
$temp = '';
$components = array(1 => 0, 2 => 1);
$valueParts = explode('|', $object['value']);
foreach ($components as $component => $valuePart) {
if (isset($object['warnings'][$component]) && isset($valueParts[$valuePart])) {
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
}
}
echo ' <span class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover">&nbsp;</span>';
}
?>
</div>
</td>
<td class="shortish">
<div class="attributeTagContainer">
<?php
if (empty($object['Tag'])) echo "&nbsp;";
else echo $this->element('ajaxAttributeTags', array('attributeId' => $object['id'], 'attributeTags' => $object['Tag'], 'tagAccess' => false));
?>
</div>
</td>
<td class="showspaces bitwider">
<div id = "Attribute_<?php echo $object['id']; ?>_comment_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_comment_solid" class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'comment', <?php echo $event['Event']['id'];?>);">
<?php echo nl2br(h($object['comment'])); ?>&nbsp;
</div>
</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
$relatedObject = 'Attribute';
if (!empty($event['Related' . $relatedObject][$object['id']])) {
foreach ($event['Related' . $relatedObject][$object['id']] as $relatedAttribute) {
$relatedData = array('Event info' => $relatedAttribute['info'], 'Correlating Value' => $relatedAttribute['value'], 'date' => isset($relatedAttribute['date']) ? $relatedAttribute['date'] : 'N/A');
$popover = '';
foreach ($relatedData as $k => $v) {
$popover .= '<span class=\'bold black\'>' . h($k) . '</span>: <span class="blue">' . h($v) . '</span><br />';
}
echo '<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="' . h($popover) . '" data-trigger="hover"><span>';
if ($relatedAttribute['org_id'] == $me['org_id']) {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array('class' => 'red'));
} else {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array('class' => $otherColour));
}
echo "</span></li>";
echo ' ';
}
}
?>
</ul>
</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
if (!empty($object['Feed'])):
foreach ($object['Feed'] as $feed):
$popover = '';
foreach ($feed as $k => $v):
if ($k == 'id') continue;
$popover .= '<span class=\'bold black\'>' . Inflector::humanize(h($k)) . '</span>: <span class="blue">' . h($v) . '</span><br />';
endforeach;
?>
<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="<?php echo h($popover);?>" data-trigger="hover"><span>
<?php
if ($isSiteAdmin):
echo $this->Html->link($feed['id'], array('controller' => 'feeds', 'action' => 'previewIndex', $feed['id']), array('style' => 'margin-right:3px;'));
else:
?>
<span style="margin-right:3px;"><?php echo h($feed['id']);?></span>
<?php
endif;
endforeach;
?>
</li>
<?php
endif;
?>
</ul>
</td>
<td class="short">
<div id = "Attribute_<?php echo $object['id']; ?>_to_ids_placeholder" class = "inline-field-placeholder"></div>
<div id = "Attribute_<?php echo $object['id']; ?>_to_ids_solid" class="inline-field-solid" ondblclick="activateField('Attribute', '<?php echo $object['id']; ?>', 'to_ids', <?php echo $event['Event']['id'];?>);">
<?php echo $object['to_ids'] ? 'Yes' : 'No'; ?>
</div>
</td>
</td>
</tr>

51
app/View/Elements/Servers/View/row_object.ctp Normal file
View File

@ -0,0 +1,51 @@
<?php
$tr_class = '';
$linkClass = 'white';
$currentType = 'denyForm';
$tr_class = 'tableHighlightBorderTop borderBlue';
$tr_class .= ' blueRow';
if (!empty($k)) {
$tr_class .= ' row_' . h($k);
}
?>
<tr id = "Object_<?php echo $object['id']; ?>_tr" class="<?php echo $tr_class; ?>" tabindex="0">
<td class="short">
<?php echo date('Y-m-d', $object['timestamp']); ?>
</td>
<td colspan="<?php echo $fieldCount -2;?>">
<span class="bold">Name: </span><?php echo h($object['name']);?>
<span class="fa fa-expand useCursorPointer" title="Expand or Collapse" role="button" tabindex="0" aria-label="Expand or Collapse" data-toggle="collapse" data-target="#Object_<?php echo h($object['id']); ?>_collapsible"></span>
<br />
<div id="Object_<?php echo $object['id']; ?>_collapsible" class="collapse">
<span class="bold">Meta-category: </span><?php echo h($object['meta-category']);?><br />
<span class="bold">Description: </span><?php echo h($object['description']);?><br />
<span class="bold">Template: </span><?php echo h($object['name']) . ' v' . h($object['template_version']) . ' (' . h($object['template_uuid']) . ')'; ?>
</div>
<?php
echo $this->element('/Servers/View/row_object_reference', array(
'object' => $object
));
if (!empty($object['referenced_by'])) {
echo $this->element('/Servers/View/row_object_referenced_by', array(
'object' => $object
));
}
?>
</td>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
<?php
if (!empty($object['Attribute'])) {
end($object['Attribute']);
$lastElement = key($object['Attribute']);
foreach ($object['Attribute'] as $attrKey => $attribute) {
echo $this->element('/Servers/View/row_' . $attribute['objectType'], array(
'object' => $attribute,
'page' => $page,
'fieldCount' => $fieldCount,
'child' => $attrKey == $lastElement ? 'last' : true
));
}
}
?>

35
app/View/Elements/Servers/View/row_object_reference.ctp Normal file
View File

@ -0,0 +1,35 @@
<span class="bold">References: </span>
<?php
$refCount = count($object['ObjectReference']);
echo $refCount . ' ';
if (!empty($object['ObjectReference'])):
?>
<span class="fa fa-expand useCursorPointer" title="Expand or Collapse" role="button" tabindex="0" aria-label="Expand or Collapse" data-toggle="collapse" data-target="#Object_<?php echo h($object['id']); ?>_references_collapsible"></span>
<?php
endif;
?>
<span class="fa fa-plus-square useCursorPointer" title="Add reference" role="button" tabindex="0" aria-label="Add reference" onClick="genericPopup('<?php echo '/objectReferences/add/' . h($object['id']);?>', '#popover_form');"></span>
<div id="Object_<?php echo $object['id']; ?>_references_collapsible" class="collapse">
<?php
foreach ($object['ObjectReference'] as $reference):
if (!empty($reference['Object'])) {
$uuid = $reference['Object']['uuid'];
$output = ' (' . $reference['Object']['name'] . ': ' . $reference['Object']['name'] . ')';
$objectType = 'Object';
} else {
$uuid = $reference['Attribute']['uuid'];
$output = ' (' . $reference['Attribute']['category'] . '/' . $reference['Attribute']['type'] . ': "' . $reference['Attribute']['value'] . '")';
$objectType = 'Attribute';
}
$uuid = empty($reference['Object']) ? $reference['Attribute']['uuid'] : $reference['Object']['uuid'];
$idref = $reference['id'];
?>
&nbsp;&nbsp;
<a class="bold white useCursorPointer" onClick="pivotObjectReferences('<?php echo h($currentUri); ?>', '<?php echo $uuid; ?>')">
<?php echo h($reference['relationship_type']) . ' ' . $objectType . ' ' . $reference['referenced_id'] . h($output);?>
</a>
<br />
<?php
endforeach;
?>
</div>

32
app/View/Elements/Servers/View/row_object_referenced_by.ctp Normal file
View File

@ -0,0 +1,32 @@
<span class="bold">Referenced by: </span>
<?php
$refCount = count($object['referenced_by']);
echo $refCount;
if (!empty($object['referenced_by'])):
?>
<span class="fa fa-expand useCursorPointer" title="Expand or Collapse" role="button" tabindex="0" aria-label="Expand or Collapse" data-toggle="collapse" data-target="#Object_<?php echo h($object['id']); ?>_referenced_by_collapsible"></span>
<?php
endif;
?>
<div id="Object_<?php echo $object['id']; ?>_referenced_by_collapsible" class="collapse">
<?php
foreach ($object['referenced_by'] as $type => $reference):
foreach ($reference as $ref):
if ($type == 'object') {
$uuid = $ref['uuid'];
$output = ' (' . $ref['meta-category'] . ': ' . $ref['name'] . ')';
} else {
$uuid = $ref['uuid'];
$output = ' (' . $ref['category'] . '/' . $ref['type'] . ': "' . $ref['value'] . '")';
}
?>
&nbsp;&nbsp;
<a class="bold white useCursorPointer" onClick="pivotObjectReferences('<?php echo h($currentUri); ?>', '<?php echo $uuid; ?>')">
<?php echo h($ref['relationship_type']) . ' ' . ucfirst($type) . ' ' . h($ref['id']) . h($output);?>
</a>
<br />
<?php
endforeach;
endforeach;
?>
</div>

49
app/View/Elements/Servers/View/value_field.ctp Normal file
View File

@ -0,0 +1,49 @@
<?php
$sigDisplay = $object['value'];
if ('attachment' == $object['type'] || 'malware-sample' == $object['type'] ) {
if ($object['type'] == 'attachment' && isset($object['image'])) {
$extension = explode('.', $object['value']);
$extension = end($extension);
$uri = 'data:image/' . strtolower(h($extension)) . ';base64,' . h($object['image']);
echo '<img class="screenshot screenshot-collapsed useCursorPointer" src="' . $uri . '" title="' . h($object['value']) . '" />';
} else {
$filenameHash = explode('|', nl2br(h($object['value'])));
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo h($filepath);
echo '<a href="' . $baseurl . '/attributes/download/' . h($object['id']) . '" class="' . $linkClass . '">' . h($filename) . '</a>';
} else {
echo '<a href="' . $baseurl . '/attributes/download/' . h($object['id']) . '" class="' . $linkClass . '">' . h($filenameHash[0]) . '</a>';
}
if (isset($filenameHash[1])) echo '<br />' . $filenameHash[1];
}
} else if (strpos($object['type'], '|') !== false) {
$separator = in_array($object['type'], array('ip-dst|port', 'ip-src|port')) ? ':' : '<br />';
$separator_pos = strpos('|', $object['value']);
$final_value = h($object['value']);
echo substr_replace(h($object['value']), $separator, $separator_pos, strlen($separator));
} else if ('vulnerability' == $object['type']) {
$cveUrl = (is_null(Configure::read('MISP.cveurl'))) ? "http://www.google.com/search?q=" : Configure::read('MISP.cveurl');
echo $this->Html->link($sigDisplay, $cveUrl . $sigDisplay, array('target' => '_blank', 'class' => $linkClass));
} else if ('link' == $object['type']) {
echo $this->Html->link($sigDisplay, $sigDisplay, array('class' => $linkClass));
} else if ('cortex' == $object['type']) {
echo '<div class="cortex-json" data-cortex-json="' . h($object['value']) . '">Cortex object</div>';
} else if ('text' == $object['type']) {
if ($object['category'] == 'External analysis' && preg_match('/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/i', $object['value'])) {
echo '<a href="' . $baseurl . '/events/view/' . h($object['value']) . '" class="' . $linkClass . '">' . h($object['value']) . '</a>';
} else {
$sigDisplay = str_replace("\r", '', h($sigDisplay));
$sigDisplay = str_replace(" ", '&nbsp;', $sigDisplay);
echo nl2br($sigDisplay);
}
} else if ('hex' == $object['type']) {
$sigDisplay = str_replace("\r", '', $sigDisplay);
echo '<span class="hex-value" title="Hexadecimal representation">' . nl2br(h($sigDisplay)) . '</span>&nbsp;<span role="button" tabindex="0" aria-label="Switch to binary representation" class="icon-repeat hex-value-convert useCursorPointer" title="Switch to binary representation"></span>';
} else {
$sigDisplay = str_replace("\r", '', $sigDisplay);
echo nl2br(h($sigDisplay));
}
if (isset($object['validationIssue'])) echo ' <span class="icon-warning-sign" title="Warning, this doesn\'t seem to be a legitimage ' . strtoupper(h($object['type'])) . ' value">&nbsp;</span>';
?>

148
app/View/Elements/Servers/eventattribute.ctp Normal file
View File

@ -0,0 +1,148 @@
<?php
$all = false;
if (isset($this->params->params['paging']['Event']['page'])) {
if ($this->params->params['paging']['Event']['page'] == 0) $all = true;
$page = $this->params->params['paging']['Event']['page'];
} else {
$page = 0;
}
$fieldCount = 8;
?>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'url' => array($server['Server']['id'], $event['Event']['id']),
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<li class="all <?php if ($all) echo 'disabled'; ?>">
<?php
if ($all):
?>
<span class="red">view all</span>
<?php
else:
echo $this->Paginator->link(__('view all'), 'all');
endif;
?>
</li>
</ul>
</div>
<br />
<div id="attributeList" class="attributeListContainer">
<table class="table table-striped table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('timestamp', 'Date');?></th>
<th><?php echo $this->Paginator->sort('category');?></th>
<th><?php echo $this->Paginator->sort('type');?></th>
<th><?php echo $this->Paginator->sort('value');?></th>
<th>Tags</th>
<th><?php echo $this->Paginator->sort('comment');?></th>
<th>Related Events</th>
<th>Feed hits</th>
<th title="<?php echo $attrDescriptions['signature']['desc'];?>"><?php echo $this->Paginator->sort('to_ids', 'IDS');?></th>
</tr>
<?php
$elements = array(
0 => 'attribute',
3 => 'object'
);
$focusedRow = false;
foreach ($event['objects'] as $k => $object):
$insertBlank = false;
echo $this->element('/Servers/View/row_' . $object['objectType'], array(
'object' => $object,
'k' => $k,
'page' => $page,
'fieldCount' => $fieldCount
));
if (!empty($focus) && ($object['objectType'] == 'object' || $object['objectType'] == 'attribute') && $object['uuid'] == $focus) {
$focusedRow = $k;
}
if ($object['objectType'] == 'object'):
?>
<tr class="blank_table_row"><td colspan="<?php echo $fieldCount; ?>"></td></tr>
<?php
endif;
endforeach;
?>
</table>
</div>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'url' => array($server['Server']['id'], $event['Event']['id']),
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<li class="all <?php if ($all) echo 'disabled'; ?>">
<?php
if ($all):
?>
<span class="red">view all</span>
<?php
else:
echo $this->Paginator->link(__('view all'), 'all');
endif;
?>
</li>
</ul>
</div>
<script type="text/javascript">
var currentUri = "<?php echo isset($currentUri) ? h($currentUri) : '/servers/previewEvent/' . h($server['Server']['id']) . '/' . h($event['Event']['id']); ?>";
var lastSelected = false;
var deleted = <?php echo (isset($deleted) && $deleted) ? 'true' : 'false';?>;
$(document).ready(function() {
<?php
if ($focusedRow !== false):
?>
$('.row_' + '<?php echo h($focusedRow); ?>').focus();
<?php
endif;
?>
$('.screenshot').click(function() {
screenshotPopup($(this).attr('src'), $(this).attr('title'));
});
});
$('.hex-value-convert').click(function() {
var val = $(this).parent().children(':first-child').text();
if ($(this).parent().children(':first-child').attr('data-original-title') == 'Hexadecimal representation') {
var bin = [];
var temp;
val.split('').forEach(function(entry) {
temp = parseInt(entry, 16).toString(2);
bin.push(Array(5 - (temp.length)).join('0') + temp);
});
bin = bin.join(' ');
$(this).parent().children(':first-child').text(bin);
$(this).parent().children(':first-child').attr('data-original-title', 'Binary representation');
$(this).parent().children(':nth-child(2)').attr('data-original-title', 'Switch to hexadecimal representation');
$(this).parent().children(':nth-child(2)').attr('aria-label', 'Switch to hexadecimal representation');
} else {
val = val.split(' ');
hex = '';
val.forEach(function(entry) {
hex += parseInt(entry , 2).toString(16).toUpperCase();
});
$(this).parent().children(':first-child').text(hex);
$(this).parent().children(':first-child').attr('data-original-title', 'Hexadecimal representation');
$(this).parent().children(':nth-child(2)').attr('data-original-title', 'Switch to binary representation');
$(this).parent().children(':nth-child(2)').attr('aria-label', 'Switch to binary representation');
}
});
</script>
<?php
echo $this->Js->writeBuffer();
?>

21
app/View/Elements/ajaxAttributeTags.ctp
View File

@ -2,13 +2,26 @@
<?php
$full = $isAclTagger && $tagAccess;
foreach ($attributeTags as $tag):
if (!isset($tag['Tag'])) $tag = array('Tag' => $tag);
$tagClass = $full ? 'tagFirstHalf' : 'tag';
?>
<div style="padding:1px; overflow:hidden; white-space:nowrap; display:flex; float:left; margin-right:2px;">
<a href="<?php echo $baseurl;?>/attributes/search/attributetag:<?php echo h($tag['Tag']['id']); ?>" class="<?php echo $tagClass; ?>" style="display:inline-block; background-color:<?php echo h($tag['Tag']['colour']);?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
<?php if ($full): ?>
<div class="tagSecondHalf useCursorPointer noPrint" title="Remove tag" role="button" tabindex="0" aria-label="Remove tag" onClick="removeObjectTagPopup('attribute', '<?php echo h($attributeId); ?>', '<?php echo h($tag['Tag']['id']); ?>');">x</div>
<?php endif;?>
<?php
if (!empty($server)):
?>
<a href="<?php echo $baseurl;?>/servers/previewIndex/<?php echo h($server['Server']['id']); ?>/searchtag:<?php echo h($tag['Tag']['id']); ?>" class="<?php echo $tagClass; ?>" style="display:inline-block; background-color:<?php echo h($tag['Tag']['colour']);?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
<?php
else:
?>
<a href="<?php echo $baseurl;?>/attributes/search/attributetag:<?php echo h($tag['Tag']['id']); ?>" class="<?php echo $tagClass; ?>" style="display:inline-block; background-color:<?php echo h($tag['Tag']['colour']);?>;color:<?php echo $this->TextColour->getTextColour($tag['Tag']['colour']);?>"><?php echo h($tag['Tag']['name']); ?></a>
<?php
endif;
if ($full):
?>
<div class="tagSecondHalf useCursorPointer noPrint" title="Remove tag" role="button" tabindex="0" aria-label="Remove tag" onClick="removeObjectTagPopup('attribute', '<?php echo h($attributeId); ?>', '<?php echo h($tag['Tag']['id']); ?>');">x</div>
<?php
endif;
?>
</div>
<?php
endforeach;

2
app/View/Elements/ajaxTags.ctp
View File

@ -1,4 +1,4 @@
<div style="width:100%;display:inline-block;">
<div style="display:inline-block;">
<?php
$full = $isAclTagger && $tagAccess;
foreach ($tags as $tag):

457
app/View/Elements/eventattribute.ctp
View File

@ -13,6 +13,7 @@
}
$fieldCount = 8;
if (Configure::read('Plugin.Sightings_enable') !== false) {
$fieldCount += 2;
if (!empty($event['Sighting'])) {
foreach ($sightingsData['data'] as $aid => $data) {
$sightingsData['data'][$aid]['html'] = '';
@ -36,7 +37,9 @@
<div class="pagination">
<ul>
<?php
$url = array_merge(array('controller' => 'events', 'action' => 'viewEventAttributes', $event['Event']['id']), $this->request->named);
$params = $this->request->named;
unset($params['focus']);
$url = array_merge(array('controller' => 'events', 'action' => 'viewEventAttributes', $event['Event']['id']), $params);
$this->Paginator->options(array(
'url' => $url,
'update' => '#attributes_div',
@ -118,7 +121,7 @@
</div>
<div class="tabMenu tabMenuFiltersBlock noPrint" style="padding-right:0px !important;">
<span id="filter_header" class="attribute_filter_header">Filters: </span>
<div id="filter_all" title="Show all attributes" role="button" tabindex="0" aria-label="Show all attributes" class="attribute_filter_text<?php if ($attributeFilter == 'all') echo '_active'; ?>" onClick="filterAttributes('all', '<?php echo h($event['Event']['id']); ?>');">All (<?php echo h($this->Paginator->params()['total_elements']); ?>)</div>
<div id="filter_all" title="Show all attributes" role="button" tabindex="0" aria-label="Show all attributes" class="attribute_filter_text<?php if ($attributeFilter == 'all') echo '_active'; ?>" onClick="filterAttributes('all', '<?php echo h($event['Event']['id']); ?>');">All</div>
<?php foreach ($typeGroups as $group): ?>
<div id="filter_<?php echo h($group); ?>" title="Only show <?php echo $group; ?> related attributes" role="button" tabindex="0" aria-label="Only show <?php echo h($group); ?> related attributes" class="attribute_filter_text<?php if ($attributeFilter == $group) echo '_active'; ?>" onClick="filterAttributes('<?php echo $group; ?>', '<?php echo h($event['Event']['id']); ?>');"><?php echo ucfirst($group); ?></div>
<?php endforeach; ?>
@ -174,419 +177,35 @@
<th class="actions">Actions</th>
</tr>
<?php
foreach ($event['objects'] as $k => $object):
$extra = '';
$extra2 = '';
$extra3 = '';
$linkClass = 'white';
$currentType = 'denyForm';
if ($object['objectType'] == 0 ) {
$currentType = 'Attribute';
if ($object['hasChildren'] == 1) {
$extra = 'highlight1';
$extra3 = 'highlightBlueSides highlightBlueTop';
} else {
$linkClass = '';
}
if (!$mayModify) $currentType = 'ShadowAttribute';
} else {
if (isset($object['proposal_to_delete']) && $object['proposal_to_delete']) {
$extra = 'highlight3';
unset($object['type']);
} else $extra = 'highlight2';
$elements = array(
0 => 'attribute',
1 => 'proposal',
2 => 'proposal_delete',
3 => 'object'
);
$focusedRow = false;
foreach ($event['objects'] as $k => $object) {
$insertBlank = false;
echo $this->element('/Events/View/row_' . $object['objectType'], array(
'object' => $object,
'k' => $k,
'mayModify' => $mayModify,
'mayChangeCorrelation' => $mayChangeCorrelation,
'page' => $page,
'fieldCount' => $fieldCount
));
if (!empty($focus) && ($object['objectType'] == 'object' || $object['objectType'] == 'attribute') && $object['uuid'] == $focus) {
$focusedRow = $k;
}
if ($object['objectType'] == 1) {
$extra2 = '1';
$extra3 = 'highlightBlueSides';
if (isset($object['firstChild'])) {
$extra3 .= ' highlightBlueTop';
}
if (isset($object['lastChild'])) {
$extra3 .= ' highlightBlueBottom';
}
}
if (isset($object['deleted']) && $object['deleted']) {
$extra .= ' background-light-red';
}
$extra .= (isset($object['deleted']) && $object['deleted']) ? ' background-light-red' : '';
?>
<tr id = "<?php echo $currentType . '_' . $object['id'] . '_tr'; ?>" class="<?php echo $extra3; ?>">
<?php if ($mayModify): ?>
<td class="<?php echo $extra; ?>" style="width:10px;" data-position="<?php echo h($k); ?>">
<?php if ($object['objectType'] == 0): ?>
<input id = "select_<?php echo $object['id']; ?>" class="select_attribute row_checkbox" type="checkbox" data-id="<?php echo $object['id'];?>" />
<?php else: ?>
<input id = "select_proposal_<?php echo $object['id']; ?>" class="select_proposal row_checkbox" type="checkbox" data-id="<?php echo $object['id'];?>" />
<?php endif; ?>
</td>
<?php endif;
if (isset($object['proposal_to_delete']) && $object['proposal_to_delete']):
for ($i = 0; $i < $fieldCount; $i++):
?>
<td class="<?php echo $extra; ?>" style="font-weight:bold;"><?php echo ($i == 0 ? 'DELETE' : '&nbsp;'); ?></td>
<?php
endfor;
else:
?>
<td class="short context hidden <?php echo $extra; ?>"><?php echo $object['objectType'] == 0 ? h($object['id']) : '&nbsp;'; ?></td>
<td class="short context hidden <?php echo $extra; ?>"><?php echo $object['objectType'] == 0 ? h($object['uuid']) : '&nbsp;'; ?></td>
<td class="short <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_timestamp_solid'; ?>">
<?php
if (isset($object['timestamp'])) echo date('Y-m-d', $object['timestamp']);
else echo '&nbsp';
?>
</div>
</td>
<td class="short <?php echo $extra; ?>">
<?php
if ($object['objectType'] != 0) {
if (isset($object['Org']['name'])) {
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS . h($object['Org']['name']) . '.png';
if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($object['Org']['name']) . '.png', array('alt' => h($object['Org']['name']), 'title' => h($object['Org']['name']), 'style' => 'width:24px; height:24px'));
else echo h($object['Org']['name']);
}
} else { ?>
&nbsp;
<?php
}
?>
</td>
<td class="short <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'category', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['category']); ?>
</div>
</td>
<td class="short <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'type', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['type']); ?>
</div>
</td>
<td id="<?php echo h($currentType) . '_' . h($object['id']) . '_container'; ?>" class="showspaces <?php echo $extra; ?> limitedWidth shortish">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_placeholder'; ?>" class = "inline-field-placeholder"></div>
<?php
if ('attachment' !== $object['type'] && 'malware-sample' !== $object['type']) $editable = ' ondblclick="activateField(\'' . $currentType . '\', \'' . $object['id'] . '\', \'value\', \'' . $event['Event']['id'] . '\');"';
else $editable = '';
?>
<div id = "<?php echo $currentType; ?>_<?php echo $object['id']; ?>_value_solid" class="inline-field-solid" <?php echo $editable; ?>>
<span <?php if (Configure::read('Plugin.Enrichment_hover_enable') && isset($modules) && isset($modules['hover_type'][$object['type']])) echo 'class="eventViewAttributeHover" data-object-type="' . h($currentType) . '" data-object-id="' . h($object['id']) . '"'?>>
<?php
$sigDisplay = $object['value'];
if ('attachment' == $object['type'] || 'malware-sample' == $object['type'] ) {
if ($object['type'] == 'attachment' && isset($object['image'])) {
$extension = explode('.', $object['value']);
$extension = end($extension);
$uri = 'data:image/' . strtolower(h($extension)) . ';base64,' . h($object['image']);
echo '<img class="screenshot screenshot-collapsed useCursorPointer" src="' . $uri . '" title="' . h($object['value']) . '" />';
} else {
$t = ($object['objectType'] == 0 ? 'attributes' : 'shadow_attributes');
$filenameHash = explode('|', nl2br(h($object['value'])));
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo h($filepath);
echo '<a href="' . $baseurl . '/' . h($t) . '/download/' . h($object['id']) . '" class="' . $linkClass . '">' . h($filename) . '</a>';
} else {
echo '<a href="' . $baseurl . '/' . h($t) . '/download/' . h($object['id']) . '" class="' . $linkClass . '">' . h($filenameHash[0]) . '</a>';
}
if (isset($filenameHash[1])) echo '<br />' . $filenameHash[1];
}
} else if (strpos($object['type'], '|') !== false) {
$filenameHash = explode('|', $object['value']);
echo h($filenameHash[0]);
if (isset($filenameHash[1])) {
$separator = '<br />';
if (in_array($object['type'], array('ip-dst|port', 'ip-src|port'))) {
$separator = ':';
}
echo $separator . h($filenameHash[1]);
}
} else if ('vulnerability' == $object['type']) {
if (! is_null(Configure::read('MISP.cveurl'))) {
$cveUrl = Configure::read('MISP.cveurl');
} else {
$cveUrl = "http://www.google.com/search?q=";
}
echo $this->Html->link($sigDisplay, $cveUrl . $sigDisplay, array('target' => '_blank', 'class' => $linkClass));
} else if ('link' == $object['type']) {
echo $this->Html->link($sigDisplay, $sigDisplay, array('class' => $linkClass));
} else if ('cortex' == $object['type']) {
echo '<div class="cortex-json" data-cortex-json="' . h($object['value']) . '">Cortex object</div>';
} else if ('text' == $object['type']) {
if ($object['category'] == 'External analysis' && preg_match('/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/i', $object['value'])) {
echo '<a href="' . $baseurl . '/events/view/' . h($object['value']) . '" class="' . $linkClass . '">' . h($object['value']) . '</a>';
} else {
$sigDisplay = str_replace("\r", '', h($sigDisplay));
$sigDisplay = str_replace(" ", '&nbsp;', $sigDisplay);
echo nl2br($sigDisplay);
}
} else if ('hex' == $object['type']) {
$sigDisplay = str_replace("\r", '', $sigDisplay);
echo '<span class="hex-value" title="Hexadecimal representation">' . nl2br(h($sigDisplay)) . '</span>&nbsp;<span role="button" tabindex="0" aria-label="Switch to binary representation" class="icon-repeat hex-value-convert useCursorPointer" title="Switch to binary representation"></span>';
} else {
$sigDisplay = str_replace("\r", '', $sigDisplay);
echo nl2br(h($sigDisplay));
}
if (isset($object['validationIssue'])) echo ' <span class="icon-warning-sign" title="Warning, this doesn\'t seem to be a legitimage ' . strtoupper(h($object['type'])) . ' value">&nbsp;</span>';
?>
</span>
<?php
if (isset($object['warnings'])) {
$temp = '';
$components = array(1 => 0, 2 => 1);
$valueParts = explode('|', $object['value']);
foreach ($components as $component => $valuePart) {
if (isset($object['warnings'][$component]) && isset($valueParts[$valuePart])) {
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
}
}
echo ' <span class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover">&nbsp;</span>';
}
?>
</div>
</td>
<td class="shortish <?php echo $extra; ?>">
<?php
if ($object['objectType'] == 0):
?>
<div class="attributeTagContainer">
<?php echo $this->element('ajaxAttributeTags', array('attributeId' => $object['id'], 'attributeTags' => $object['AttributeTag'], 'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id']) )); ?>
</div>
<?php
else:
?>
&nbsp;
<?php
endif;
?>
</td>
<td class="showspaces bitwider <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'comment', <?php echo $event['Event']['id'];?>);">
<?php echo nl2br(h($object['comment'])); ?>&nbsp;
</div>
</td>
<?php
if ($mayChangeCorrelation && !$event['Event']['disable_correlation']):
if ($object['objectType'] == 0):
?>
<td class="short <?php echo $extra; ?>" style="padding-top:3px;">
<input id="correlation_toggle_<?php echo h($object['id']); ?>" class="correlation-toggle" type="checkbox" data-attribute-id="<?php echo h($object['id']); ?>" <?php echo $object['disable_correlation'] ? '' : 'checked'; ?>>
</td>
<?php
else:
?>
<td class="short <?php echo $extra; ?>" style="padding-top:3px;">&nbsp;</td>
<?php
endif;
endif;
?>
<td class="shortish <?php echo $extra; ?>">
<ul class="inline" style="margin:0px;">
<?php
if ($object['objectType'] == 0) {
$relatedObject = 'Attribute';
$otherColour = $object['hasChildren'] == 0 ? 'blue' : 'white';
} else {
$relatedObject = 'ShadowAttribute';
$otherColour = 'white';
}
$relatedObject = $object['objectType'] == 0 ? 'Attribute' : 'ShadowAttribute';
if (isset($event['Related' . $relatedObject][$object['id']]) && (null != $event['Related' . $relatedObject][$object['id']])) {
foreach ($event['Related' . $relatedObject][$object['id']] as $relatedAttribute) {
$relatedData = array('Event info' => $relatedAttribute['info'], 'Correlating Value' => $relatedAttribute['value'], 'date' => isset($relatedAttribute['date']) ? $relatedAttribute['date'] : 'N/A');
$popover = '';
foreach ($relatedData as $k => $v) {
$popover .= '<span class=\'bold black\'>' . h($k) . '</span>: <span class="blue">' . h($v) . '</span><br />';
}
echo '<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="' . h($popover) . '" data-trigger="hover"><span>';
if ($relatedAttribute['org_id'] == $me['org_id']) {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array ('class' => 'red'));
} else {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array ('class' => $otherColour));
}
echo "</span></li>";
echo ' ';
}
}
?>
</ul>
</td>
<td class="shortish <?php echo $extra; ?>">
<ul class="inline" style="margin:0px;">
<?php
if (!empty($object['Feed'])):
foreach ($object['Feed'] as $feed):
$popover = '';
foreach ($feed as $k => $v):
if ($k == 'id') continue;
$popover .= '<span class=\'bold black\'>' . Inflector::humanize(h($k)) . '</span>: <span class="blue">' . h($v) . '</span><br />';
endforeach;
?>
<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="<?php echo h($popover);?>" data-trigger="hover"><span>
<?php
if ($isSiteAdmin):
echo $this->Html->link($feed['id'], array('controller' => 'feeds', 'action' => 'previewIndex', $feed['id']), array('style' => 'margin-right:3px;'));
else:
?>
<span style="margin-right:3px;"><?php echo h($feed['id']);?></span>
<?php
endif;
endforeach;
?>
</li>
<?php
endif;
?>
</ul>
</td>
<td class="short <?php echo $extra; ?>">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'to_ids', <?php echo $event['Event']['id'];?>);">
<?php
if ($object['to_ids']) echo 'Yes';
else echo 'No';
?>
</div>
</td>
<td class="shortish <?php echo $extra; ?>">
<?php
$turnRed = '';
if ($object['objectType'] == 0 && $object['distribution'] == 0) $turnRed = 'style="color:red"';
?>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_distribution_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_distribution_solid'; ?>" <?php echo $turnRed; ?> class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'distribution', <?php echo $event['Event']['id'];?>);">
<?php
if ($object['objectType'] == 0) {
if ($object['distribution'] == 4):
?>
<a href="/sharing_groups/view/<?php echo h($object['sharing_group_id']); ?>"><?php echo h($object['SharingGroup']['name']);?></a>
<?php
else:
echo h($shortDist[$object['distribution']]);
endif;
}
?>&nbsp;
</div>
</td>
<?php
endif;
if (Configure::read('Plugin.Sightings_enable') !== false):
?>
<td class="shortish <?php echo $extra;?>">
<span id="sightingForm_<?php echo h($object['id']);?>">
<?php
if ($object['objectType'] == 0):
echo $this->Form->create('Sighting', array('id' => 'Sighting_' . $object['id'], 'url' => '/sightings/add/' . $object['id'], 'style' => 'display:none;'));
echo $this->Form->input('type', array('label' => false, 'id' => 'Sighting_' . $object['id'] . '_type'));
echo $this->Form->end();
?>
</span>
<?php
$temp = array();
if (isset($sightingsData['csv'][$object['id']])) {
$temp = $sightingsData['csv'][$object['id']];
}
?>
<span class="icon-thumbs-up useCursorPointer" title="Add sighting" role="button" tabindex="0" aria-label="Add sighting" onClick="addSighting('0', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']);?>', '<?php echo h($page); ?>');">&nbsp;</span>
<span class="icon-thumbs-down useCursorPointer" title="Mark as false-positive" role="button" tabindex="0" aria-label="Mark as false-positive" onClick="addSighting('1', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']);?>', '<?php echo h($page); ?>');">&nbsp;</span>
<span class="icon-wrench useCursorPointer sightings_advanced_add" title="Advanced sightings" role="button" tabindex="0" aria-label="Advanced sightings" data-object-id="<?php echo h($object['id']); ?>" data-object-context="attribute">&nbsp;</span>
<span id="sightingCount_<?php echo h($object['id']); ?>" class="bold sightingsCounter_<?php echo h($object['id']); ?>" data-placement="top" data-toggle="popover" data-trigger="hover" data-content="<?php echo isset($sightingsData['data'][$object['id']]['html']) ? $sightingsData['data'][$object['id']]['html'] : ''; ?>">
<?php
$s = (!empty($sightingsData['data'][$object['id']]['sighting']['count']) ? $sightingsData['data'][$object['id']]['sighting']['count'] : 0);
$f = (!empty($sightingsData['data'][$object['id']]['false-positive']['count']) ? $sightingsData['data'][$object['id']]['false-positive']['count'] : 0);
$e = (!empty($sightingsData['data'][$object['id']]['expiration']['count']) ? $sightingsData['data'][$object['id']]['expiration']['count'] : 0);
?>
</span>
<span id="ownSightingCount_<?php echo h($object['id']); ?>" class="bold sightingsCounter_<?php echo h($object['id']); ?>" data-placement="top" data-toggle="popover" data-trigger="hover" data-content="<?php echo isset($sightingsData['data'][$object['id']]['html']) ? $sightingsData['data'][$object['id']]['html'] : ''; ?>">
<?php echo '(<span class="green">' . h($s) . '</span>/<span class="red">' . h($f) . '</span>/<span class="orange">' . h($e) . '</span>)'; ?>
</span>
<?php
endif;
?>
</td>
<td class="short <?php echo $extra; ?>">
<?php
if ($object['objectType'] == 0 && !empty($temp)) {
echo $this->element('sparkline', array('id' => $object['id'], 'csv' => $temp));
}
?>
</td>
<?php
endif;
?>
<td class="short action-links <?php echo $extra;?>">
<?php
if ($object['objectType'] == 0) {
if ($object['deleted']):
if ($isSiteAdmin || $mayModify):
?>
<span class="icon-repeat useCursorPointer" title="Restore attribute" role="button" tabindex="0" aria-label="Restore attribute" onClick="deleteObject('attributes', 'restore', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<span class="icon-trash useCursorPointer" title="Delete attribute" role="button" tabindex="0" aria-label="Permanently delete attribute" onClick="deleteObject('attributes', 'delete', '<?php echo h($object['id']) . '/true'; ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
endif;
else:
if ($isSiteAdmin || !$mayModify):
if (isset($modules) && isset($modules['types'][$object['type']])):
?>
<span class="icon-asterisk useCursorPointer" title="Query enrichment" role="button" tabindex="0" aria-label="Query enrichment" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/ShadowAttribute');" title="Propose enrichment">&nbsp;</span>
<?php
endif;
if (isset($cortex_modules) && isset($cortex_modules['types'][$object['type']])):
?>
<span class="icon-eye-open useCursorPointer" title="Query Cortex" role="button" tabindex="0" aria-label="Query Cortex" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/ShadowAttribute/Cortex');" title="Propose enrichment through Cortex"></span>
<?php
endif;
?>
<a href="<?php echo $baseurl;?>/shadow_attributes/edit/<?php echo $object['id']; ?>" title="Propose Edit" class="icon-share useCursorPointer"></a>
<span class="icon-trash useCursorPointer" title="Propose Deletion" role="button" tabindex="0" aria-label="Propose deletion" onClick="deleteObject('shadow_attributes', 'delete', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
if ($isSiteAdmin):
?>
<span class="verticalSeparator">&nbsp;</span>
<?php endif;
endif;
if ($isSiteAdmin || $mayModify) {
if (isset($modules) && isset($modules['types'][$object['type']])):
?>
<span class="icon-asterisk useCursorPointer" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/Attribute');" title="Add enrichment" role="button" tabindex="0" aria-label="Add enrichment">&nbsp;</span>
<?php
endif;
if (isset($cortex_modules) && isset($cortex_modules['types'][$object['type']])):
?>
<span class="icon-eye-open useCursorPointer" onClick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?php echo h($object['id']);?>/Attribute/Cortex');" title="Add enrichment" role="button" tabindex="0" aria-label="Add enrichment via Cortex">C</span>
<?php
endif;
?>
<a href="<?php echo $baseurl;?>/attributes/edit/<?php echo $object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
<span class="icon-trash useCursorPointer" title="Delete attribute" role="button" tabindex="0" aria-label="Delete attribute" onClick="deleteObject('attributes', 'delete', '<?php echo h($object['id']); ?>', '<?php echo h($event['Event']['id']); ?>');"></span>
<?php
}
endif;
} else {
if (($event['Orgc']['id'] == $me['org_id'] && $mayModify) || $isSiteAdmin) {
echo $this->Form->create('Shadow_Attribute', array('id' => 'ShadowAttribute_' . $object['id'] . '_accept', 'url' => '/shadow_attributes/accept/' . $object['id'], 'style' => 'display:none;'));
echo $this->Form->end();
?>
<span class="icon-ok useCursorPointer" title="Accept Proposal" role="button" tabindex="0" aria-label="Accept proposal" onClick="acceptObject('shadow_attributes', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}
if (($event['Orgc']['id'] == $me['org_id'] && $mayModify) || $isSiteAdmin || ($object['org_id'] == $me['org_id'])) {
?>
<span class="icon-trash useCursorPointer" title="Discard proposal" role="button" tabindex="0" aria-label="Discard proposal" onClick="deleteObject('shadow_attributes', 'discard' ,'<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
<?php
}
}
?>
</td>
</tr>
if (
($object['objectType'] == 'attribute' && !empty($object['ShadowAttribute'])) ||
$object['objectType'] == 'object'
):
?>
<tr class="blank_table_row"><td colspan="<?php echo $fieldCount; ?>"></td></tr>
<?php
endforeach;
endif;
}
?>
</table>
</div>
@ -608,7 +227,6 @@ attributes or the appropriate distribution level. If you think there is a mistak
<div class="pagination">
<ul>
<?php
$url = array_merge(array('controller' => 'events', 'action' => 'viewEventAttributes', $event['Event']['id']), $this->request->named);
$this->Paginator->options(array(
'url' => $url,
'update' => '#attributes_div',
@ -640,6 +258,17 @@ attributes or the appropriate distribution level. If you think there is a mistak
var lastSelected = false;
var deleted = <?php echo (isset($deleted) && $deleted) ? 'true' : 'false';?>;
$(document).ready(function() {
<?php
if ($focusedRow !== false):
?>
//window.location.hash = '.row_' + '<?php echo h($focusedRow); ?>';
console.log('.row_' + '<?php echo h($focusedRow); ?>');
//$.scrollTo('#row_' + '<?php echo h($k); ?>', 800, {easing:'elasout'});
//$('html,body').animate({scrollTop: $('#row_' + '<?php echo h($k); ?>').offset().top}, 'slow');
$('.row_' + '<?php echo h($focusedRow); ?>').focus();
<?php
endif;
?>
setContextFields();
popoverStartup();
$('.select_attribute').removeAttr('checked');

2
app/View/Elements/global_menu.ctp
View File

@ -91,6 +91,8 @@
<li><a href="<?php echo $baseurl;?>/organisations/index">Organisations</a></li>
<li><a href="<?php echo $baseurl;?>/roles/index">Role Permissions</a></li>
<li class="divider"></li>
<li><a href="<?php echo $baseurl;?>/objectTemplates/index">List Object Templates</a></li>
<li class="divider"></li>
<li><a href="<?php echo $baseurl;?>/sharing_groups/index">List Sharing Groups</a></li>
<?php if ($isAclSharingGroup): ?>
<li><a href="<?php echo $baseurl;?>/sharing_groups/add">Add Sharing Group</a></li>

20
app/View/Elements/healthElements/diagnostics.ctp
View File

@ -180,6 +180,26 @@
<?php
endforeach;
?>
<h3>
Advanced attachment handler
</h3>
The advanced attachment tools are used by the add attachment functionality to extract additional data about the uploaded sample.
<div style="background-color:#f7f7f9;width:400px;">
<?php
if (empty($advanced_attachments)):
?>
<b>PyMISP</b>:..... <span class="red bold">Not installed or version outdated.</span><br />
<?php
endif;
if (!empty($advanced_attachments)):
foreach ($advanced_attachments as $k => $v):
?>
<b><?php echo h($k); ?></b>:..... <?php echo $v === false ? '<span class="green bold">OK</span>' : '<span class="red bold">' . h($v) . '</span>'; ?><br />
<?php
endforeach;
endif;
?>
</div>
<h3>
STIX and Cybox libraries
</h3>

20
app/View/Elements/side_menu.ctp
View File

@ -6,7 +6,9 @@
?>
<div id="hiddenSideMenuData" class="hidden" data-event-id="<?php echo isset($event['Event']['id']) ? h($event['Event']['id']) : 0; ?>"></div>
<?php
if ($menuItem === 'addAttribute' ||
if (
$menuItem === 'addAttribute' ||
$menuItem === 'addObject' ||
$menuItem === 'addAttachment' ||
$menuItem === 'addIOC' ||
$menuItem === 'addThreatConnect' ||
@ -34,6 +36,7 @@
<li id='lieditEvent'><a href="<?php echo $baseurl;?>/events/edit/<?php echo h($event['Event']['id']);?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', h($event['Event']['id'])), null, __('Are you sure you want to delete # %s?', h($event['Event']['id']))); ?></li>
<li id='liaddAttribute'><a href="<?php echo $baseurl;?>/attributes/add/<?php echo h($event['Event']['id']);?>">Add Attribute</a></li>
<li><a onClick="getPopup('<?php echo h($event['Event']['id']); ?>', 'objectTemplates', 'objectChoice');" style="cursor:pointer;">Add Object</a></li>
<li id='liaddAttachment'><a href="<?php echo $baseurl;?>/attributes/add_attachment/<?php echo h($event['Event']['id']);?>">Add Attachment</a></li>
<li id='import'><a onClick="getPopup('<?php echo h($event['Event']['id']); ?>', 'events', 'importChoice');" style="cursor:pointer;">Populate from...</a></li>
<?php if ($menuItem === 'populateFromtemplate'): ?>
@ -358,6 +361,21 @@
<?php
endif;
break;
case 'objectTemplates':
?>
<li id='liindex'><a href="<?php echo $baseurl;?>/objectTemplates/index">List Object Templates</a></li>
<?php
if ($isSiteAdmin):
?>
<li><?php echo $this->Form->postLink('Update Objects', '/objectTemplates/update'); ?></li>
<?php
endif;
if ($menuItem === 'view'):
?>
<li class="active"><a href="#">View Object Template</a></li>
<?php
endif;
break;
}
?>
</ul>

2
app/View/Events/view.ctp
View File

@ -177,7 +177,7 @@
<dt>Activity</dt>
<dd>
<?php
if (!empty($sightingsData['data'])) {
if (!empty($sightingsData['csv']['event'])) {
echo $this->element('sparkline', array('id' => $event['Event']['id'], 'csv' => $sightingsData['csv']['event']));
} else {
echo '&nbsp';

6
app/View/Feeds/index.ctp
View File

@ -75,10 +75,10 @@ foreach ($feeds as $item):
<?php
echo h($item['Feed']['name']);
if ($item['Feed']['default']):
?>
?>
<img src="<?php echo $baseurl;?>/img/orgs/MISP.png" width="24" height="24" style="padding-bottom:3px;" />
<?php
endif;
<?php
endif;
?>
</td>
<td><?php echo $feed_types[$item['Feed']['source_format']]['name']; ?>&nbsp;</td>

108
app/View/ObjectReferences/ajax/add.ctp Normal file
View File

@ -0,0 +1,108 @@
<div class="popover_choice">
<?php echo $this->Form->create('ObjectReference', array('url' => '/objectReferences/add/' + $objectId));?>
<fieldset>
<legend><?php echo __('Add Object Reference'); ?></legend>
<div class="overlay_spacing">
<div class="row-fluid">
<div class="span6">
<?php
echo $this->Form->input('relationship_type_select', array(
'label' => 'Relationship type',
'options' => $relationships,
'style' => 'width:334px;',
'div' => false
));
?>
<div id="" class="hidden">
<label for="ObjectReferenceRelationshipTypeSelect">Relationship type</label>
<?php
echo $this->Form->input('relationship_type', array(
'label' => false,
'style' => 'width:320px;',
'div' => false
));
?>
</div>
</div>
<div class="span6">
<?php
echo $this->Form->input('comment', array(
'label' => 'Comment',
'rows' => 1,
'style' => 'width:320px;height:20px !important;'
));
?>
</div>
</div>
<div class="input clear"></div>
<div class="row-fluid">
<div class="span6">
<?php
echo $this->Form->input('uuid', array(
'label' => 'Target UUID',
'div' => false,
'style' => 'width:320px;'
));
?>
<br />
<select id="targetSelect" size="10" style="width:100%;height:200px;">
<?php
if (!empty($event['Object'])):
foreach ($event['Object'] as $object):
?>
<option class="selectOption" value="<?php echo h($object['uuid']);?>" data-type="Object">Object: <?php echo h($object['meta-category']) . '/' . h($object['name']); ?></option>
<?php
endforeach;
endif;
if (!empty($event['Attribute'])):
foreach ($event['Attribute'] as $attribute):
?>
<option class="selectOption" value="<?php echo h($attribute['uuid']);?>" data-type="Attribute">Attribute: <?php echo h($attribute['category']) . '/' . h($attribute['type']); ?></option>
<?php
endforeach;
endif;
?>
</select>
</div>
<div class="span6">
<label for="selectedData">Target Details</label>
<div class="redHighlightedBlock" id="targetData">
&nbsp;
</div>
</div>
</div>
<div>
<table style="margin-bottom:5px;">
<tr>
<td>
<span id="submitButton" class="btn btn-primary" title="Submit" role="button" tabindex="0" aria-label="Submit" onClick="submitPopoverForm('<?php echo h($objectId); ?>', 'addObjectReference')">Submit</span>
</td>
<td style="width:100%;">&nbsp;</td>
<td>
<span class="btn btn-inverse" title="Cancel" role="button" tabindex="0" aria-label="Cancel" onClick="cancelPopoverForm();">Cancel</span>
</td>
</tr>
</table>
</div>
<?php
echo $this->Form->end();
?>
</div>
</fieldset>
</div>
</div>
<script type="text/javascript">
var targetEvent = <?php echo json_encode($event); ?>;
$(document).ready(function() {
$('#ObjectReferenceUuid').on('input', function() {
objectReferenceInput();
});
$(".selectOption").click(function() {
changeObjectReferenceSelectOption();
});
$("#ObjectReferenceRelationshipTypeSelect").change(function() {
objectReferenceCheckForCustomRelationship();
});
});
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

29
app/View/ObjectReferences/ajax/delete.ctp Normal file
View File

@ -0,0 +1,29 @@
<div class="confirmation">
<?php
$url = '/object_references/delete/' . $id;
if ($hard) {
$url .= '/true';
}
echo $this->Form->create('ObjectReference', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => $url));
if ($hard) $hard = '/true';
?>
<legend>Object reference Deletion</legend>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<p>Are you sure you want to <?php if ($hard) echo 'hard-'; ?>delete Object reference #<?php echo $id?>?<?php if ($hard) echo ' The Attribute will be permanently deleted and unrecoverable. Also, this will prevent the deletion to be propagated to other instances.'; ?></p>
<table>
<tr>
<td style="vertical-align:top">
<span id="PromptYesButton" title="Delete" role="button" tabindex="0" aria-label="Delete" class="btn btn-primary" onClick="submitDeletion(<?php echo $event_id; ?>, 'delete', 'object_references', '<?php echo $id . $hard;?>')">Yes</span>
</td>
<td style="width:540px;">
</td>
<td style="vertical-align:top;">
<span class="btn btn-inverse" title="Cancel" role="button" tabindex="0" aria-label="Cancel" id="PromptNoButton" onClick="cancelPrompt();">No</span>
</td>
</tr>
</table>
</div>
<?php
echo $this->Form->end();
?>
</div>

81
app/View/ObjectTemplateElements/ajax/view_elements.ctp Normal file
View File

@ -0,0 +1,81 @@
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '#clusters_div',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('object_relation');?></th>
<th><?php echo $this->Paginator->sort('type');?></th>
<th><?php echo $this->Paginator->sort('multiple');?></th>
<th><?php echo $this->Paginator->sort('ui-priority', 'UI-priority');?></th>
<th><?php echo $this->Paginator->sort('description');?></th>
<th>Categories</th>
<th>Sane defaults</th>
<th>List of valid Values</th>
<th class="actions"><?php echo __('Actions');?></th>
</tr>
<?php
$listItems = array('category', 'sane_default', 'values_list');
foreach ($list as $k => $item):
?>
<tr>
<td class="short bold"><?php echo h($item['ObjectTemplateElement']['object_relation']); ?>&nbsp;</td>
<td class="short"><?php echo h($item['ObjectTemplateElement']['type']); ?>&nbsp;</td>
<td class="short"><span class="icon-<?php echo $item['ObjectTemplateElement']['multiple'] ? 'ok' : 'remove'; ?>"></span></td>
<td class="short"><?php echo h($item['ObjectTemplateElement']['ui-priority']); ?>&nbsp;</td>
<td><?php echo h($item['ObjectTemplateElement']['description']); ?>&nbsp;</td>
<?php
foreach ($listItems as $listItem):
?>
<td class="short">
<?php
if (!empty($item['ObjectTemplateElement'][$listItem])) {
foreach ($item['ObjectTemplateElement'][$listItem] as $value) {
echo h($value) . '</br>';
}
}
?>
</td>
<?php
endforeach;
?>
<td class="short action-links">
&nbsp;
</td>
</tr>
<?php
endforeach;
?>
</table>
<p>
<?php
echo $this->Paginator->counter(array('format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<script type="text/javascript">
$(document).ready(function(){
});
</script>
<?php echo $this->Js->writeBuffer(); ?>

4
app/View/ObjectTemplates/ajax/getToggleField.ctp Normal file
View File

@ -0,0 +1,4 @@
<?php
echo $this->Form->create('ObjectTemplate', array('url' => '/ObjectTemplates/activate', 'id' => 'ObjectTemplateIndexForm'));
echo $this->Form->input('data', array('label' => false, 'style' => 'display:none;'));
echo $this->Form->end();

57
app/View/ObjectTemplates/ajax/object_choice.ctp Normal file
View File

@ -0,0 +1,57 @@
<div class="popover_choice">
<legend>Select Object Category</legend>
<div class="popover_choice_main" id ="popover_choice_main">
<table style="width:100%;" id="MainTable">
<tr style="border-bottom:1px solid black;" class="templateChoiceButton">
<td role="button" tabindex="0" aria-label="All meta-categories" title="All Objects" style="padding-left:10px;padding-right:10px; text-align:center;width:100%;" onClick="objectChoiceSelect('all');">All Objects</td>
</tr>
</table>
</div>
<div role="button" tabindex="0" aria-label="Cancel" title="Cancel" class="templateChoiceButton templateChoiceButtonLast" onClick="cancelPopoverForm();">Cancel</div>
</div>
<script type="text/javascript">
var choice = "categories";
var eventId = "<?php echo h($eventId);?>";
var templates = <?php echo json_encode($templates); ?>;
var template_categories = <?php echo json_encode($template_categories); ?>;
$(document).ready(function() {
resizePopoverBody();
populateObjectChoiceList(choice);
});
$(window).resize(function() {
resizePopoverBody();
});
function populateObjectChoiceList(choice) {
$("#MainTable").empty();
if (choice == "categories") {
template_categories.forEach(function(category) {
$("#MainTable").append(createObjectChoiceRowCategories(category));
});
} else {
templates[choice].forEach(function(element) {
$("#MainTable").append(createObjectChoiceRow(eventId, element));
});
$("#MainTable").append(createObjectChoiceRowCategories('categories'));
}
}
function createObjectChoiceRow(eventId, data) {
var html = '<tr style="border-bottom:1px solid black;" class="templateChoiceButton">';
var html = html + '<td role="button" tabindex="0" aria-label="' + data["description"] + '" title="' + data["description"] + '" style="padding-left:10px;padding-right:10px; text-align:center;width:100%;" onClick="window.location=\'/objects/add/' + eventId + '/' + data["id"] + '\';">' + data["name"].charAt(0).toUpperCase() + data["name"].slice(1) + '</td>';
var html = html + '</tr>';
return html;
}
function createObjectChoiceRowCategories(data) {
var text = data;
if (text == 'categories') {
text = 'Back to categories';
}
var html = '<tr style="border-bottom:1px solid black;" class="templateChoiceButton">';
var html = html + '<td role="button" tabindex="0" aria-label="' + (text[0].toUpperCase() + text.slice(1)) + '" title="' + (text[0].toUpperCase() + text.slice(1)) + '" style="padding-left:10px;padding-right:10px; text-align:center;width:100%;" onClick="populateObjectChoiceList(\'' + data + '\');">' + (text[0].toUpperCase() + text.slice(1)) + '</td>';
var html = html + '</tr>';
return html;
}
</script>

0
app/View/ObjectTemplates/ajax/selectObject.ctp Normal file
View File

133
app/View/ObjectTemplates/index.ctp Normal file
View File

@ -0,0 +1,133 @@
<div class="objectTemplates index">
<h2>Object Template index</h2>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<div id="hiddenFormDiv">
<?php
if ($isSiteAdmin) {
echo $this->Form->create('ObjectTemplate', array('url' => '/ObjectTemplates/activate'));
echo $this->Form->input('data', array('label' => false, 'style' => 'display:none;'));
echo $this->Form->end();
}
?>
</div>
<div class="tabMenuFixedContainer" style="display:inline-block;">
<?php
if ($isSiteAdmin):
?>
<span role="button" tabindex="0" aria-label="Enabled" title="Enabled" class="tabMenuFixed tabMenuFixedCenter tabMenuSides useCursorPointer <?php if (!$all) echo 'tabMenuActive';?>" onClick="window.location='/objectTemplates/index'">Enabled</span>
<span role="button" tabindex="0" aria-label="All" title="All" class="tabMenuFixed tabMenuFixedCenter tabMenuSides useCursorPointer <?php if ($all) echo 'tabMenuActive';?>" onClick="window.location='/objectTemplates/index/all'">All</span>
<?php
endif;
?>
</div>
<table class="table table-striped table-hover table-condensed">
<tr>
<?php
if ($isSiteAdmin):
?>
<th><?php echo $this->Paginator->sort('active');?></th>
<?php
endif;
?>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('name');?></th>
<th><?php echo $this->Paginator->sort('uuid');?></th>
<th><?php echo $this->Paginator->sort('org_id', 'Organisation');?></th>
<th><?php echo $this->Paginator->sort('version');?></th>
<th><?php echo $this->Paginator->sort('meta-category');?></th>
<th><?php echo $this->Paginator->sort('description');?></th>
<th>Requirements</th>
<th class="actions">Actions</th>
</tr>
<?php
foreach ($list as $template):
$td_attributes = 'ondblclick="document.location.href =\'/objectTemplates/view/' . h($template['ObjectTemplate']['id']) . '\'"';
?>
<tr>
<?php
if ($isSiteAdmin):
?>
<td class="short" <?php echo $td_attributes; ?>>
<input id="checkBox_<?php echo h($template['ObjectTemplate']['id']); ?>" type="checkbox" onClick="toggleSetting(event, 'activate_object_template', '<?php echo h($template['ObjectTemplate']['id']); ?>')" <?php echo $template['ObjectTemplate']['active'] ? 'checked' : ''; ?>/>
</td>
<?php
endif;
?>
<td class="short" <?php echo $td_attributes; ?>><?php echo h($template['ObjectTemplate']['id']); ?></td>
<td class="shortish" <?php echo $td_attributes; ?>>
<?php
if ($template['ObjectTemplate']['fixed']):
?>
<img src="<?php echo $baseurl;?>/img/orgs/MISP.png" width="24" height="24" style="padding-bottom:3px;" />
<?php
endif;
?>
<span class="bold"><?php echo h($template['ObjectTemplate']['name']); ?></span>
</td>
<td class="short" <?php echo $td_attributes; ?>><?php echo h($template['ObjectTemplate']['uuid']); ?></td>
<td class="short" <?php echo $td_attributes; ?>><?php echo h($template['Organisation']['name']); ?></td>
<td class="short" <?php echo $td_attributes; ?>><?php echo h($template['ObjectTemplate']['version']); ?></td>
<td class="short" <?php echo $td_attributes; ?>><?php echo h($template['ObjectTemplate']['meta-category']); ?></td>
<td <?php echo $td_attributes; ?>><?php echo h($template['ObjectTemplate']['description']); ?></td>
<td <?php echo $td_attributes; ?>>
<?php
if (!empty($template['ObjectTemplate']['requirements'])):
foreach ($template['ObjectTemplate']['requirements'] as $group => $requirements):
?>
<span class="bold"><?php echo h($group); ?></span><br />
<?php
foreach ($requirements as $requirement):
?>
<span>&nbsp;&nbsp;<?php echo h($requirement); ?></span><br />
<?php
endforeach;
endforeach;
endif;
?>
</td>
<td class="short action-links">
<a href='/objectTemplates/view/<?php echo $template['ObjectTemplate']['id']; ?>' class = "icon-list-alt" title = "View"></a>
<?php
if ($isSiteAdmin):
echo $this->Form->postLink('', array('action' => 'delete', $template['ObjectTemplate']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete template # %s?', $template['ObjectTemplate']['id']));
endif;
?>
</td>
</tr>
<?php
endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'objectTemplates', 'menuItem' => 'index'));

52
app/View/ObjectTemplates/view.ctp Normal file
View File

@ -0,0 +1,52 @@
<?php
echo $this->element('side_menu', array('menuList' => 'objectTemplates', 'menuItem' => 'view'));
?>
<div class="object_template view">
<div class="row-fluid">
<div class="span8">
<h2><?php echo h(ucfirst($template['ObjectTemplate']['name'])); ?> Object Template</h2>
<dl>
<dt>Object Template ID</dt>
<dd><?php echo h($template['ObjectTemplate']['id']); ?></dd>
<dt>Name</dt>
<dd><?php echo $template['ObjectTemplate']['name'] ? h($template['ObjectTemplate']['name']) : h($template['ObjectTemplate']['type']); ?></dd>
<dt>Organisation</dt>
<dd><?php echo h($template['Organisation']['name']); ?></dd>
<dt>Uuid</dt>
<dd><?php echo h($template['ObjectTemplate']['uuid']); ?></dd>
<dt>Version</dt>
<dd><?php echo h($template['ObjectTemplate']['version']); ?></dd>
<dt>Meta-category</dt>
<dd><?php echo h($template['ObjectTemplate']['meta-category']); ?></dd>
<dt>Description</dt>
<dd><?php echo h($template['ObjectTemplate']['description']); ?></dd>
<dt>Requirements</dt>
<dd>
<?php
if (!empty($template['ObjectTemplate']['requirements'])):
foreach ($template['ObjectTemplate']['requirements'] as $group => $requirements):
?>
<span class="bold"><?php echo h($group); ?></span><br />
<?php
foreach ($requirements as $requirement):
?>
<span>&nbsp;&nbsp;<?php echo h($requirement); ?></span><br />
<?php
endforeach;
endforeach;
endif;
?>
</dd>
</dl>
</div>
</div>
<div id="ajaxContent" style="width:100%;"></div>
</div>
<script type="text/javascript">
<?php
$startingTab = 'all';
?>
$(document).ready(function () {
objectTemplateViewContent('<?php echo $startingTab; ?>', '<?php echo h($id);?>');
});
</script>

196
app/View/Objects/add.ctp Normal file
View File

@ -0,0 +1,196 @@
<div class="<?php if (!isset($ajax) || !$ajax) echo 'form';?>">
<?php
$url = ($action == 'add') ? '/objects/revise_object/add/' . $event['Event']['id'] . '/' . $template['ObjectTemplate']['id'] : '/objects/revise_object/edit/' . $event['Event']['id'] . '/' . $template['ObjectTemplate']['id'] . '/' . $object['Object']['id'];
echo $this->Form->create('Object', array('id', 'url' => $url, 'enctype' => 'multipart/form-data'));
?>
<h3><?php echo ucfirst($action) . ' ' . Inflector::humanize(h($template['ObjectTemplate']['name'])) . ' Object'; ?></h3>
<div class="row-fluid" style="margin-bottom:10px;">
<dl class="span8">
<dt>Object Template</dt>
<dd>
<?php
echo Inflector::humanize(h($template['ObjectTemplate']['name'])) . ' v' . h($template['ObjectTemplate']['version']);
?>
&nbsp;
</dd>
<dt>Description</dt>
<dd>
<?php echo h($template['ObjectTemplate']['description']); ?>&nbsp;
</dd>
<?php
if (!empty($template['ObjectTemplate']['requirements']['required']) || !empty($template['ObjectTemplate']['requirements']['requiredOneOf'])):
?>
<dt>Requirements</dt>
<dd>
<?php
if (!empty($template['ObjectTemplate']['requirements']['required'])) {
echo '<span class="bold">Required</span>: ' . h(implode(', ', $template['ObjectTemplate']['requirements']['required'])) . '<br />';
}
if (!empty($template['ObjectTemplate']['requirements']['requiredOneOf'])) {
echo '<span class="bold">Required one of</span>: ' . h(implode(', ', $template['ObjectTemplate']['requirements']['requiredOneOf']));
}
?>
</dd>
<?php
endif;
?>
<dt>Meta category</dt>
<dd>
<?php echo Inflector::humanize(h($template['ObjectTemplate']['meta-category'])); ?>&nbsp;
</dd>
<dt>Distribution</dt>
<dd>
<?php
echo $this->Form->input('Object.distribution', array(
'class' => 'Object_distribution_select',
'options' => $distributionData['levels'],
'default' => $distributionData['initial'],
'label' => false,
'style' => 'margin-bottom:5px;',
'div' => false
));
echo $this->Form->input('Object.sharing_group_id', array(
'class' => 'Object_sharing_group_id_select',
'options' => $distributionData['sgs'],
'label' => false,
'div' => false,
'style' => 'display:none;margin-bottom:5px;'
));
?>
</dd>
<dt>Comment</dt>
<dd>
<?php
echo $this->Form->input('Object.comment', array(
'type' => 'textarea',
'style' => 'height:20px;width:400px;',
'required' => false,
'allowEmpty' => true,
'label' => false,
'div' => false,
'value' => empty($template['Object']['comment']) ? '' : $template['Object']['comment']
));
?>
</dd>
</dl>
</div>
<?php
if (!empty($template['warnings'])):
?>
<span class="red bold">Warning, issues found with the template:</span>
<div class="red">
<?php
foreach ($template['warnings'] as $warning) {
echo h($warning) . '<br />';
}
?>
</div>
<?php
endif;
?>
<table class="table table-striped table-condensed">
<tr>
<th>Save</th>
<th>Name :: type</th>
<th>Description</th>
<th>Category</th>
<th>Value</th>
<th>IDS</th>
<th>Distribution</th>
<th>Comment</th>
</tr>
<?php
$row_list = array();
foreach ($template['ObjectTemplateElement'] as $k => $element):
$row_list[] = $k;
echo $this->element(
'Objects/object_add_attributes',
array(
'element' => $element,
'k' => $k,
'action' => $action,
'enabledRows' => $enabledRows
)
);
if ($element['multiple']):
$lastOfType = true;
$lookAheadArray = array_slice($template['ObjectTemplateElement'], $k, count($template['ObjectTemplateElement']), true);
if (count($lookAheadArray) > 1) {
foreach ($lookAheadArray as $k2 => $temp) {
if ($k2 == $k) continue;
if ($temp['object_relation'] == $element['object_relation']) {
$lastOfType = false;
}
}
}
if ($lastOfType):
?>
<tr id="row_<?php echo h($element['object_relation']); ?>_expand">
<td class="down-expand-button add_object_attribute_row" colspan="7" data-template-id="<?php echo h($template['ObjectTemplate']['id']);?>" data-target-row="<?php echo h($k); ?>" data-object-relation="<?php echo h($element['object_relation']); ?>">
<span class="fa fa-angle-double-down" ></span>
</td>
</tr>
<?php
endif;
endif;
?>
<?php
endforeach;
?>
</table>
<div id="last-row" class="hidden" data-last-row="<?php echo h($k); ?>"></div>
<?php if ($ajax): ?>
<div class="overlay_spacing">
<table>
<tr>
<td style="vertical-align:bottom">
<span id="submitButton" class="btn btn-primary" title="Submit" role="button" tabindex="0" aria-label="Submit" onClick="submitPopoverForm('<?php echo $event_id;?>', 'add')">Submit</span>
</td>
<td style="width:540px;margin-bottom:0px;">
<p style="color:red;font-weight:bold;display:none;text-align:center;margin-bottom:0px;" id="warning-message">Warning: You are about to share data that is of a classified nature. Make sure that you are authorised to share this.</p>
</td>
<td style="vertical-align:bottom;">
<span class="btn btn-inverse" title="Cancel" role="button" tabindex="0" aria-label="Cancel" id="cancel_attribute_add">Cancel</span>
</td>
</tr>
</table>
</div>
<?php
else:
?>
<p style="color:red;font-weight:bold;display:none;" id="warning-message">Warning: You are about to share data that is of a classified nature. Make sure that you are authorised to share this.</p>
<?php
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
endif;
echo $this->Form->end();
?>
</div>
<?php
if (!$ajax) {
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'addObject', 'event' => $event));
}
?>
<script type="text/javascript">
var rows = <?php echo json_encode($row_list, true); ?>;
$(document).ready(function() {
enableDisableObjectRows(rows);
$(".Attribute_value_select").each(function() {
checkAndEnable($(this).parent().find('.Attribute_value'), $(this).val() == 'Enter value manually');
});
$(".Attribute_distribution_select").change(function() {
checkAndEnable($(this).parent().find('.Attribute_sharing_group_id_select'), $(this).val() == 4);
});
$(".Object_distribution_select").change(function() {
checkAndEnable($(this).parent().find('.Object_sharing_group_id_select'), $(this).val() == 4);
});
$(".Attribute_value_select").change(function() {
checkAndEnable($(this).parent().find('.Attribute_value'), $(this).val() == 'Enter value manually');
});
$('.add_attribute_row').click(function() {
var selector = $(this).data('target');
var count = $(this).parent().children(selector).length;
$(this).parent().children(selector).first().clone().appendTo($(this).parent()).insertBefore($('.add_unlocked_field'));
});
});
</script>

25
app/View/Objects/ajax/delete.ctp Normal file
View File

@ -0,0 +1,25 @@
<div class="confirmation">
<?php
echo $this->Form->create('Object', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
if ($hard) $hard = '/true';
?>
<legend>Object Deletion</legend>
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
<p>Are you sure you want to <?php if ($hard) echo 'hard-'; ?>delete Object #<?php echo $id?>?<?php if ($hard) echo ' The Object will be permanently deleted and unrecoverable. Also, this will prevent the deletion to be propagated to other instances.'; ?></p>
<table>
<tr>
<td style="vertical-align:top">
<span id="PromptYesButton" title="Delete" role="button" tabindex="0" aria-label="Delete" class="btn btn-primary" onClick="submitDeletion(<?php echo $event_id; ?>, 'delete', 'objects', '<?php echo $id . $hard;?>')">Yes</span>
</td>
<td style="width:540px;">
</td>
<td style="vertical-align:top;">
<span class="btn btn-inverse" title="Cancel" role="button" tabindex="0" aria-label="Cancel" id="PromptNoButton" onClick="cancelPrompt();">No</span>
</td>
</tr>
</table>
</div>
<?php
echo $this->Form->end();
?>
</div>

10
app/View/Objects/get_row.ctp Normal file
View File

@ -0,0 +1,10 @@
<?php
echo $this->element(
'Objects/object_add_attributes',
array(
'element' => $element,
'k' => $k,
'appendValue' => '0'
)
);
?>

56
app/View/Objects/revise_object.ctp Normal file
View File

@ -0,0 +1,56 @@
<div class="form">
<h3>Object pre-save review</h3>
<p>Make sure that the below Object reflects your expectation before submiting it.</p>
<?php
$url = ($action == 'add') ? '/objects/add/' . $event['Event']['id'] . '/' . $template['ObjectTemplate']['id'] : '/objects/edit/' . $object_id;
echo $this->Form->create('Object', array('id', 'url' => $url));
$formSettings = array(
'type' => 'hidden',
'value' => json_encode($data, true),
'label' => false,
'div' => false
);
echo $this->Form->input('data', $formSettings);
?>
<div style="margin-bottom:20px;">
<span class="bold">Name</span>: <?php echo h($template['ObjectTemplate']['name']); ?><br />
<span class="bold">Meta-category</span>: <?php echo h($template['ObjectTemplate']['meta-category']); ?><br />
<span class="bold">Distribution</span>:
<?php
if ($data['Object']['distribution'] != 4) {
echo $distributionLevels[$data['Object']['distribution']];
} else {
echo h($sg['SharingGroup']['name']);
}
?><br />
<span class="bold">Comment</span>: <?php echo h($data['Object']['comment']); ?><br />
<span class="bold">Attributes</span>:<br />
<?php
$attributeFields = array('category', 'type', 'value', 'to_ids' , 'comment', 'uuid', 'distribution', 'sharing_group_id');
if (!empty($data['Attribute'])):
foreach ($data['Attribute'] as $attribute):
echo '<span class="bold" style="margin-left:2em;">' . h($attribute['object_relation']) . ':</span><br />';
foreach ($attributeFields as $field):
if ($field == 'to_ids') $attribute[$field] = $attribute[$field] ? 'Yes' : 'No';
if (isset($attribute[$field])):
?>
<span class="bold" style="margin-left:4em;"><?php echo Inflector::humanize($field);?></span>: <?php echo h($attribute[$field]); ?><br />
<?php
endif;
endforeach;
endforeach;
endif;
?>
</div>
<?php
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
?>
<a href="<?php echo $baseurl . '/events/view/' . h($event['Event']['id']); ?>" style="margin-left:10px;" class="btn btn-inverse">Cancel</a>
<?php
echo $this->Form->end();
?>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'addObject', 'event' => $event));
?>

140
app/View/Servers/preview_event.ctp
View File

@ -108,145 +108,7 @@
</div>
<br />
<div id="attributes_div">
<?php
$all = false;
if (isset($this->params->params['paging']['Event']['page']) && $this->params->params['paging']['Event']['page'] == 0) $all = true;
?>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'url' => array($server['Server']['id'], $event['Event']['id']),
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<li class="all <?php if ($all) echo 'disabled'; ?>">
<?php
if ($all):
?>
<span class="red">view all</span>
<?php
else:
echo $this->Paginator->link(__('view all'), 'all');
endif;
?>
</li>
</ul>
</div>
<div id="attributeList" class="attributeListContainer">
<table class="table table-striped table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('date');?></th>
<th><?php echo $this->Paginator->sort('category');?></th>
<th><?php echo $this->Paginator->sort('type');?></th>
<th><?php echo $this->Paginator->sort('value');?></th>
<?php if (Configure::read('MISP.attribute_tagging')): ?>
<th>Tags</th>
<?php endif; ?>
<th><?php echo $this->Paginator->sort('comment');?></th>
<th>Related Events</th>
<th title="<?php echo $attrDescriptions['signature']['desc'];?>"><?php echo $this->Paginator->sort('to_ids', 'IDS');?></th>
<th title="<?php echo $attrDescriptions['distribution']['desc'];?>"><?php echo $this->Paginator->sort('distribution');?></th>
</tr>
<?php
foreach ($event['objects'] as $k => $object):
$extra = $extra2 = $extra3 = '';
$currentType = 'denyForm';
if ($object['objectType'] == 0 ) {
$currentType = 'Attribute';
if ($object['hasChildren'] == 1) {
$extra = 'highlight1';
$extra3 = 'highlightBlueSides highlightBlueTop';
}
} else $extra = 'highlight2';
if ($object['objectType'] == 1) {
$extra2 = '1';
$extra3 = 'highlightBlueSides';
if (isset($object['firstChild'])) {
$extra3 .= ' highlightBlueTop';
}
if (isset($object['lastChild'])) {
$extra3 .= ' highlightBlueBottom';
}
}
?>
<tr id = "<?php echo $currentType . '_' . $object['id'] . '_tr'; ?>" class="<?php echo $extra3; ?>">
<td class="short <?php echo $extra; ?>"><?php echo (isset($object['timestamp'])) ? date('Y-m-d', $object['timestamp']) : '&nbsp'; ?></td>
<td class="shortish <?php echo $extra; ?>"><?php echo h($object['category']); ?></td>
<td class="shortish <?php echo $extra; ?>"><?php echo h($object['type']); ?></td>
<td class="shortish <?php echo $extra; ?>"><?php echo h($object['value']); ?></td>
<?php if (Configure::read('MISP.attribute_tagging')): ?>
<td class="shortish <?php echo $extra; ?>">
<?php if (!empty($object['Tag'])) foreach ($object['Tag'] as $tag): ?>
<span class="tag" style="background-color:<?php echo h($tag['colour']); ?>;color:<?php echo $this->TextColour->getTextColour($tag['colour']);?>">
<?php echo h($tag['name']); ?>
</span>
<?php endforeach; ?>&nbsp;
</td>
<?php endif; ?>
<td class="shortish <?php echo $extra; ?>"><?php echo h($object['comment']); ?></td>
<td class="shortish <?php echo $extra; ?>">
<ul class="inline" style="margin:0px;">
<?php
if (isset($event['RelatedAttribute']) && !empty ($event['RelatedAttribute'])):
foreach ($event['RelatedAttribute'] as $relatedAttribute):
?>
<li style="padding-right: 0px; padding-left:0px;" title ="' . h($relatedAttribute['info']) . '"><span><a href="/servers/previewEvent/<?php echo h($server['Server']['id']); ?>/<?php echo h($event['Event']['id']); ?>"><?php echo h($event['Event']['id']); ?></a></span>
<?php
endforeach;
endif;
?>
</ul>
</td>
<td class="shortish <?php echo $extra; ?>"><?php echo ($object['to_ids']) ? 'Yes' : 'No'; ?></td>
<td class="shortish <?php echo $extra; ?>">
<?php
if ($object['objectType'] == 0) {
if ($object['distribution'] == 4):
echo h($object['SharingGroup']['name']);
else:
echo h($distributionLevels[$object['distribution']]);
endif;
}
?>&nbsp;
</td>
</tr>
<?php
endforeach;
?>
</table>
</div>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'url' => array($server['Server']['id'], $event['Event']['id']),
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<li class="all <?php if ($all) echo 'disabled'; ?>">
<?php
if ($all):
?>
<span class="red">view all</span>
<?php
else:
echo $this->Paginator->link(__('view all'), 'all');
endif;
?>
</li>
</ul>
</div>
<?php echo $this->element('Servers/eventattribute'); ?>
</div>
</div>
<?php

12
app/View/ShadowAttributes/edit.ctp
View File

@ -9,11 +9,15 @@
'div' => 'input',
'label' => 'Category ' . $this->element('formInfo', array('type' => 'category')),
));
$typeInputData = array(
'empty' => '(first choose category)',
'label' => 'Type ' . $this->element('formInfo', array('type' => 'type')),
);
if ($objectAttribute) {
$typeInputData[] = 'disabled';
}
if (!$attachment) {
echo $this->Form->input('type', array(
'empty' => '(first choose category)',
'label' => 'Type ' . $this->element('formInfo', array('type' => 'type')),
));
echo $this->Form->input('type', $typeInputData);
}
?>
<div class="input clear"></div>

1
app/files/misp-objects Submodule

@ -0,0 +1 @@
Subproject commit 10b21c6aacb536e7646158f950e6ad972293c830

67
app/files/scripts/generate_file_objects.py Normal file
View File

@ -0,0 +1,67 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import argparse
import json
try:
from pymisp import MISPEncode
from pymisp.tools import make_binary_objects
except ImportError:
pass
def check():
missing_dependencies = {'pydeep': False, 'lief': False, 'magic': False, 'pymisp': False}
try:
import pymisp # noqa
except ImportError:
missing_dependencies['pymisp'] = 'Please install pydeep: pip install pymisp'
try:
import pydeep # noqa
except ImportError:
missing_dependencies['pydeep'] = 'Please install pydeep: pip install git+https://github.com/kbandla/pydeep.git'
try:
import lief # noqa
except ImportError:
missing_dependencies['lief'] = 'Please install lief, documentation here: https://github.com/lief-project/LIEF'
try:
import magic # noqa
except ImportError:
missing_dependencies['magic'] = 'Please install python-magic: pip install python-magic.'
return json.dumps(missing_dependencies)
def make_objects(path):
to_return = {'objects': [], 'references': []}
fo, peo, seos = make_binary_objects(path)
if seos:
for s in seos:
to_return['objects'].append(s)
if s.ObjectReference:
to_return['references'] += s.ObjectReference
if peo:
to_return['objects'].append(peo)
if peo.ObjectReference:
to_return['references'] += peo.ObjectReference
if fo:
to_return['objects'].append(fo)
if fo.ObjectReference:
to_return['references'] += fo.ObjectReference
return json.dumps(to_return, cls=MISPEncode)
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Extract indicators out of binaries and returns MISP objects.')
group = parser.add_mutually_exclusive_group()
group.add_argument("-p", "--path", help="Path to process.")
group.add_argument("-c", "--check", action='store_true', help="Check the dependencies.")
args = parser.parse_args()
if args.check:
print(check())
if args.path:
obj = make_objects(args.path)
print(obj)

2
app/files/taxonomies

@ -1 +1 @@
Subproject commit 6a6168b4a5235ce74053a3319a4e30c0ded54c61
Subproject commit e89715212ce7dfa2e29df07aa28a679bcdff64dd

202
app/webroot/css/main.css
View File

@ -1,5 +1,5 @@
/* bootstrap changes */
body{
body {
font-size: 12px;
}
@ -7,11 +7,11 @@ input, button, select, textarea{
}
input[type="file"]{
input[type="file"] {
margin-bottom: 10px;
}
button .full-width{
button .full-width {
width:100%;
}
@ -272,7 +272,6 @@ td.highlight1 {
td.highlight2 {
background-color: #747170 !important;
color: #ffffff !important;
}
td.highlight3 {
@ -1512,6 +1511,10 @@ a.proposal_link_red:hover {
color: white !important;
}
tr.deleted-attribute td {
background-color: #d3d7cf !important;
}
.background-deleted {
background: repeating-linear-gradient(
45deg,
@ -1607,6 +1610,21 @@ a.discrete {
border-radius:5px;
}
.redHighlightedBlock {
border:1px solid red;
background-color:white;
padding:5px;
border-radius:5px;
height:228px;
width:320px;
overflow-y:scroll;
line-height:12px;
}
.indent {
text-indent: 2em;
}
.tooltip-inner {
white-space:pre-wrap !important;
}
@ -1714,6 +1732,182 @@ table.table.table-striped tr.deleted_row td {
background-color:#f4f4f4;
}
tr.tableInsetOrangeFirst td:first-child {
box-shadow:
inset 0px 2px 0px 0px #f57900,
inset 3px 0px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrangeFirst td {
box-shadow:
inset 0px 2px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrangeFirst td:last-child {
box-shadow:
inset 0px 2px 0px 0px #f57900,
inset -2px 0px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrangeMiddle td:first-child {
box-shadow:
inset 3px 0px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrangeMiddle td:last-child {
box-shadow:
inset -3px 0px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrangeLast td:first-child {
box-shadow:
inset 0px -3px 0px 0px #f57900,
inset 3px 0px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrangeLast td {
box-shadow:
inset 0px -3px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrangeLast td:last-child {
box-shadow:
inset 0px -3px 0px 0px #f57900,
inset -3px 0px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrange td:first-child {
box-shadow:
inset 0px 2px 0px 0px #f57900,
inset 0px -3px 0px 0px #f57900,
inset 2px 0px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrange td {
box-shadow:
inset 0px 2px 0px 0px #f57900,
inset 0px -3px 0px 0px #f57900;
border-top:0px !important;
}
tr.tableInsetOrange td:last-child {
box-shadow:
inset 0px 2px 0px 0px #f57900,
inset 0px -3px 0px 0px #f57900,
inset -2px 0px 0px 0px #f57900;
border-top:0px !important;
}
.tableHighlightBorder {
border-radius: 3px !important;
border-width: 3px;
border-style: solid;
}
.tableHighlightBorderTop {
border-radius: 3px !important;
border-width: 3px;
border-style: solid;
border-bottom: 0px;
}
.tableHighlightBorderCenter {
border-radius: 3px !important;
border-width: 3px;
border-style: solid;
border-bottom: 0px;
border-top: 0px;
}
.tableHighlightBorderBottom {
border-radius: 3px !important;
border-width: 3px;
border-style:solid;
border-top: 0px;
}
tr.tableHighlightBorderBottom td {
border-top:0px !important;
margin-bottom:10px;
}
.borderRed {
border-color:#cc0000;
}
.borderOrange {
border-color:#f57900;
}
.borderBlue {
border-color:#3465a4;
}
tr.darkOrangeRow td, .darkOrangeElement {
background-color: #ce5c00 !important;
color: #ffffff;
border-top:0px !important;
}
tr.blueRow td, .blueElement {
background-color: #3465a4 !important;
color: #ffffff;
border-top:0px !important;
}
tr.lightBlueRow td, .lightBlueElement {
background-color: #729fcf !important;
border-top:0px !important;
}
tr.redRow td, .redElement {
background-color: #cc0000 !important;
color: #ffffff;
border-top:0px !important;
}
.blank_table_row {
height: 10px;
}
tr.blank_table_row td {
background-color: #ffffff !important;
}
.down-expand-button {
text-align:center !important;
border:0px;
padding:0px !important;
width:100%;
cursor: pointer;
cursor: hand;
}
table tr:hover .down-expand-button {
background: rgb(221, 221, 221) !important;
}
.wrap-text {
word-wrap: break-word;
}
.nowrap {
word-wrap:nowrap;
}
.strikethrough {
text-decoration: line-through;
}
@-webkit-keyframes rotation {
from {-webkit-transform: rotate(0deg);}
to {-webkit-transform: rotate(359deg);}

173
app/webroot/js/misp.js
View File

@ -4,8 +4,9 @@ String.prototype.ucfirst = function() {
function deleteObject(type, action, id, event) {
var destination = 'attributes';
var alternateDestinations = ['shadow_attributes', 'template_elements', 'taxonomies'];
var alternateDestinations = ['shadow_attributes', 'template_elements', 'taxonomies', 'objects', 'object_references'];
if (alternateDestinations.indexOf(type) > -1) destination = type;
else destination = type;
url = "/" + destination + "/" + action + "/" + id;
$.get(url, function(data) {
openPopup("#confirmation_box");
@ -161,6 +162,12 @@ function toggleSetting(e, setting, id) {
replacementForm = '/favourite_tags/getToggleField/';
searchString = 'Adding';
break;
case 'activate_object_template':
formID = '#ObjectTemplateIndexForm';
dataDiv = '#ObjectTemplateData';
replacementForm = '/ObjectTemplates/getToggleField/';
searchString = 'activated';
break;
}
$(dataDiv).val(id);
var formData = $(formID).serialize();
@ -776,7 +783,7 @@ function loadAttributeTags(id) {
dataType:"html",
cache: false,
success:function (data, textStatus) {
$("#ShadowAttribute_"+id+"_tr .attributeTagContainer").html(data);
$("#Attribute_"+id+"_tr .attributeTagContainer").html(data);
},
url:"/tags/showAttributeTag/" + id
});
@ -877,6 +884,9 @@ function submitPopoverForm(context_id, referer, update_context_id) {
url = "/sightings/add/" + context_id;
closePopover = false;
break;
case 'addObjectReference':
url = "/objectReferences/add/" + context_id;
break;
}
if (url !== null) {
$.ajax({
@ -902,7 +912,7 @@ function submitPopoverForm(context_id, referer, update_context_id) {
$('#sightingsListAllToggle').removeClass('btn-inverse');
$('#sightingsListAllToggle').addClass('btn-primary');
}
if (context == 'event' && (referer == 'add' || referer == 'massEdit' || referer == 'replaceAttributes')) eventUnpublish();
if (context == 'event' && (referer == 'add' || referer == 'massEdit' || referer == 'replaceAttributes' || referer == 'addObjectReference')) eventUnpublish();
$(".loading").hide();
},
type:"post",
@ -1939,6 +1949,27 @@ function freetextImportResultsSubmit(id, count) {
});
}
function objectTemplateViewContent(context, id) {
var url = "/objectTemplateElements/viewElements/" + id + "/" + context;
$.ajax({
url: url,
type:'GET',
beforeSend: function (XMLHttpRequest) {
$(".loading").show();
},
error: function(){
$('#ajaxContent').html('An error has occured, please reload the page.');
},
success: function(response){
$('#ajaxContent').html(response);
},
complete: function() {
$(".loading").hide();
},
});
}
function organisationViewContent(context, id) {
organisationViewButtonHighlight(context);
var action = "/organisations/landingpage/";
@ -2544,6 +2575,25 @@ function filterAttributes(filter, id) {
});
}
function pivotObjectReferences(url, uuid) {
url += '/focus:' + uuid;
console.log(url);
$.ajax({
type:"get",
url:url,
beforeSend: function (XMLHttpRequest) {
$(".loading").show();
},
success:function (data) {
$("#attributes_div").html(data);
$(".loading").hide();
},
error:function() {
showMessage('fail', 'Something went wrong - could not fetch attributes.');
}
});
}
function toggleDeletedAttributes(url) {
url = url.replace(/view\//i, 'viewEventAttributes/');
if (url.indexOf('deleted:') > -1) {
@ -3054,6 +3104,123 @@ $(".cortex-json").click(function() {
$("#gray_out").fadeIn();
});
// Show $(id) if the enable parameter evaluates to true. Hide it otherwise
function checkAndEnable(id, enable) {
if (enable) {
$(id).show();
} else {
$(id).hide();
}
}
// Show and enable checkbox $(id) if the enable parameter evaluates to true. Hide and disable it otherwise.
function checkAndEnableCheckbox(id, enable) {
if (enable) {
$(id).removeAttr("disabled");
$(id).prop('checked', true);
} else {
$(id).prop('checked', false);
$(id).attr("disabled", true);
}
}
function enableDisableObjectRows(rows) {
rows.forEach(function(i) {
if ($("#Attribute" + i + "ValueSelect").length != 0) {
checkAndEnableCheckbox("#Attribute" + i + "Save", true);
} else if ($("#Attribute" + i + "Attachment").length != 0) {
checkAndEnableCheckbox("#Attribute" + i + "Save", $("#Attribute" + i + "Attachment").val() != "");
} else {
checkAndEnableCheckbox("#Attribute" + i + "Save", $("#Attribute" + i + "Value").val() != "");
}
$("#Attribute" + i + "Value").bind('input propertychange', function() {
checkAndEnableCheckbox("#Attribute" + i + "Save", $(this).val() != "");
});
$("#Attribute" + i + "Attachment").on('change', function() {
checkAndEnableCheckbox("#Attribute" + i + "Save", $("#Attribute" + i + "Attachment").val() != "");
});
});
}
function objectReferenceInput() {
var types = ["Attribute", "Object"];
for (var type in types) {
for (var k in targetEvent[types[type]]) {
if (targetEvent[types[type]][k]['uuid'] == $('#ObjectReferenceUuid').val()) {
$('#targetSelect').val($('#ObjectReferenceUuid').val());
changeObjectReferenceSelectOption();
}
}
}
}
function objectReferenceCheckForCustomRelationship() {
var relationship_type_field = $('#ObjectReferenceRelationshipTypeSelect option:selected');
var relationship_type = $(relationship_type_field).val();
if (relationship_type == 'custom') {
$('#ObjectReferenceRelationshipType').parent().removeClass('hidden');
} else {
$('#ObjectReferenceRelationshipType').parent().addClass('hidden');
}
}
function changeObjectReferenceSelectOption() {
var object = $('#targetSelect option:selected');
var uuid = $(object).val();
$('#ObjectReferenceUuid').val(uuid);
var type = $(object).data('type');
if (type == "Attribute") {
$('#targetData').html("");
for (var k in targetEvent[type][uuid]) {
if ($.inArray(k, ['uuid', 'category', 'type', 'value', 'to_ids']) !== -1) {
$('#targetData').append('<div><span id="' + uuid + '_' + k + '_key" class="bold"></span>: <span id="' + uuid + '_' + k + '_data"></span></div>');
$('#' + uuid + '_' + k + '_key').text(k);
$('#' + uuid + '_' + k + '_data').text(targetEvent[type][uuid][k]);
}
}
} else {
$('#targetData').html("");
for (var k in targetEvent[type][uuid]) {
if (k == 'Attribute') {
$('#targetData').append('<br /><div><span id="header" class="bold">Attributes:</span>');
for (attribute in targetEvent[type][uuid]['Attribute']) {
for (k2 in targetEvent[type][uuid]['Attribute'][attribute]) {
if ($.inArray(k2, ['category', 'type', 'value', 'to_ids']) !== -1) {
$('#targetData').append('<div class="indent"><span id="' + targetEvent[type][uuid]['Attribute'][attribute]['uuid'] + '_' + k2 + '_key" class="bold"></span>: <span id="' + targetEvent[type][uuid]['Attribute'][attribute]['uuid'] + '_' + k2 + '_data"></span></div>');
$('#' + targetEvent[type][uuid]['Attribute'][attribute]['uuid'] + '_' + k2 + '_key').text(k2);
$('#' + targetEvent[type][uuid]['Attribute'][attribute]['uuid'] + '_' + k2 + '_data').text(targetEvent[type][uuid]['Attribute'][attribute][k2]);
}
}
$('#targetData').append('<br />');
}
} else {
if ($.inArray(k, ['name', 'uuid', 'meta-category']) !== -1) {
$('#targetData').append('<div><span id="' + uuid + '_' + k + '_key" class="bold"></span>: <span id="' + uuid + '_' + k + '_data"></span></div>');
$('#' + uuid + '_' + k + '_key').text(k);
$('#' + uuid + '_' + k + '_data').text(targetEvent[type][uuid][k]);
}
}
}
}
}
$('.add_object_attribute_row').click(function() {
var template_id = $(this).data('template-id');
var object_relation = $(this).data('object-relation');
var k = $('#last-row').data('last-row');
var k = k+1;
$('#last-row').data('last-row', k);
url = "/objects/get_row/" + template_id + "/" + object_relation + "/" + k;
$.get(url, function(data) {
$('#row_' + object_relation + '_expand').before($(data).fadeIn()).html();
});
});
$('.quickToggleCheckbox').toggle(function() {
var url = $(this).data('checkbox-url');
});
(function(){
"use strict";
$(".datepicker").datepicker({