MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #6093 from JakubOnderka/shadow-attribute-unused 

fix: [security] Remove ShadowAttributesController::{fetchEditForm,editField}
pull/6095/head
Andras Iklody 2020-07-06 12:18:12 +02:00 committed by GitHub
parent f0c0fc3a71 df6916a312
commit 64195c418a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 2 additions and 346 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/Component/ACLComponent.php
View File

@ -437,8 +437,6 @@ class ACLComponent extends Component
'discardSelected' => array('perm_add'),
'download' => array('*'),
'edit' => array('perm_add'),
'editField' => array('perm_add'),
'fetchEditForm' => array('perm_add'),
'generateCorrelation' => array(),
'getProposalsByUuid' => array('perm_sync'),
'getProposalsByUuidList' => array('perm_sync'),

105
app/Controller/ShadowAttributesController.php
View File

@ -1046,111 +1046,6 @@ class ShadowAttributesController extends AppController
return $this->RestResponse->viewData(array());
}
public function fetchEditForm($id, $field = null)
{
$validFields = array('value', 'comment', 'type', 'category', 'to_ids');
if (!isset($field) || !in_array($field, $validFields)) {
throw new MethodNotAllowedException(__('Invalid field requested.'));
}
$this->loadModel('Attribute');
$this->Attribute->id = $id;
if (!$this->Attribute->exists()) {
throw new NotFoundException(__('Invalid attribute'));
}
$fields = array('id', 'distribution', 'event_id');
if ($field == 'category' || $field == 'type') {
$fields[] = 'type';
$fields[] = 'category';
} else {
$fields[] = $field;
}
$attribute = $this->Attribute->find('first', array(
'recursive' => -1,
'conditions' => array('Attribute.id' => $id),
'fields' => $fields,
'contain' => array(
'Event' => array(
'fields' => array('distribution', 'id', 'user_id', 'orgc_id', 'org_id'),
)
)
));
if (!$this->_isSiteAdmin()) {
if ($attribute['Event']['orgc_id'] != $this->Auth->user('org_id') && ($attribute['Event']['org_id'] == $this->Auth->user('org_id') || $attribute['Event']['distribution'] > 0)) {
// Allow the edit
} else {
throw new NotFoundException(__('Invalid attribute'));
}
}
$this->layout = 'ajax';
if ($field == 'distribution') {
$this->set('distributionLevels', $this->Attribute->distributionLevels);
}
if ($field == 'category') {
$typeCategory = array();
foreach ($this->Attribute->categoryDefinitions as $k => $category) {
foreach ($category['types'] as $type) {
$typeCategory[$type][] = $k;
}
}
$this->set('typeCategory', $typeCategory);
}
if ($field == 'type') {
$this->set('categoryDefinitions', $this->Attribute->categoryDefinitions);
}
$this->set('object', $attribute['Attribute']);
$fieldURL = ucfirst($field);
$this->render('ajax/attributeEdit' . $fieldURL . 'Form');
}
// ajax edit - post a single edited field and this method will attempt to create a proposal and return a json with the validation errors if they occur.
public function editField($id)
{
if ((!$this->request->is('post') && !$this->request->is('put')) || !$this->request->is('ajax')) {
throw new MethodNotAllowedException();
}
$this->loadModel('Attribute');
$this->Attribute->id = $id;
if (!$this->Attribute->exists()) {
throw new NotFoundException(__('Invalid attribute'));
}
$this->Attribute->recursive = -1;
$this->Attribute->contain('Event');
$attribute = $this->Attribute->read();
if (!$this->_isSiteAdmin()) {
if ($attribute['Event']['orgc_id'] != $this->Auth->user('org_id') && ($attribute['Event']['org_id'] == $this->Auth->user('org_id') || $attribute['Event']['distribution'] > 0)) {
// Allow the edit
} else {
throw new NotFoundException(__('Invalid attribute'));
}
}
$keys = array_flip(array('uuid', 'event_id', 'value', 'type', 'category', 'to_ids', 'first_seen', 'last_seen'));
$proposal = array_intersect_key($attribute['Attribute'], $keys);
$proposal['email'] = $this->Auth->user('email');
$proposal['org_id'] = $this->Auth->user('org_id');
$proposal['event_uuid'] = $attribute['Event']['uuid'];
$proposal['event_org_id'] = $attribute['Event']['orgc_id'];
$proposal['old_id'] = $attribute['Attribute']['id'];
foreach ($this->request->data['ShadowAttribute'] as $changedKey => $changedField) {
if ($proposal[$changedKey] == $changedField) {
$this->autoRender = false;
return new CakeResponse(array('body'=> json_encode('nochange'), 'status'=>200, 'type' => 'json'));
}
$proposal[$changedKey] = $changedField;
}
if ($this->ShadowAttribute->save($proposal)) {
$this->autoRender = false;
return new CakeResponse(array('body'=> json_encode(array('saved' => true)), 'status'=>200, 'type' => 'json'));
} else {
$this->autoRender = false;
return new CakeResponse(array('body'=> json_encode(array('fail' => false, 'errors' => $this->ShadowAttribute->validationErrors)), 'status'=>200, 'type' => 'json'));
}
}
public function discardSelected($id)
{
if (!$this->request->is('post') || !$this->request->is('ajax')) {

19
app/View/ShadowAttributes/ajax/attributeEditCategoryForm.ctp
View File

@ -1,19 +0,0 @@
<?php
echo $this->Form->create('ShadowAttribute', array('class' => 'inline-form inline-field-form', 'id' => 'ShadowAttribute_' . $object['id'] . '_category_form', 'url' => '/shadow_attributes/editField/' . $object['id']));
?>
<div class='inline-input inline-input-container'>
<div class="inline-input-accept inline-input-button inline-input-passive"><span class = "icon-ok" title="<?php echo __('Accept');?>" role="button" tabindex="0" aria-label="<?php echo __('Accept');?>"></span></div>
<div class="inline-input-decline inline-input-button inline-input-passive"><span class = "icon-remove" title="<?php echo __('Discard');?>" role="button" tabindex="0" aria-label="<?php echo __('Discard');?>"></span></div>
<?php
echo $this->Form->input('category', array(
'options' => array(array_combine($typeCategory[$object['type']], $typeCategory[$object['type']])),
'label' => false,
'selected' => $object['category'],
'error' => array('escape' => false),
'class' => 'inline-input',
'id' => 'ShadowAttribute_' . $object['id'] . '_category_field',
'div' => false
));
echo $this->Form->end();
?>
</div>

22
app/View/ShadowAttributes/ajax/attributeEditCommentForm.ctp
View File

@ -1,22 +0,0 @@
<?php
echo $this->Form->create('ShadowAttribute', array('class' => 'inline-form inline-field-form', 'id' => 'ShadowAttribute_' . $object['id'] . '_comment_form', 'url' => '/shadow_attributes/editField/' . $object['id']));
?>
<div class='inline-input inline-input-container'>
<div class="inline-input-accept inline-input-button inline-input-passive"><span class = "icon-ok" title="<?php echo __('Accept');?>" role="button" tabindex="0" aria-label="<?php echo __('Accept');?>"></span></div>
<div class="inline-input-decline inline-input-button inline-input-passive"><span class = "icon-remove" title="<?php echo __('Discard');?>" role="button" tabindex="0" aria-label="<?php echo __('Discard');?>"></span></div>
<?php
echo $this->Form->input('comment', array(
'type' => 'textarea',
'label' => false,
'value' => $object['comment'],
'error' => array('escape' => false),
'class' => 'inline-input',
'id' => 'ShadowAttribute' . '_' . $object['id'] . '_comment_field',
'div' => false
));
echo $this->Form->end();
?>
</div>
<?php
echo $this->Form->end();
?>

20
app/View/ShadowAttributes/ajax/attributeEditTo_idsForm.ctp
View File

@ -1,20 +0,0 @@
<?php
echo $this->Form->create('ShadowAttribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute' . '_' . $object['id'] . '_to_ids_form', 'url' => '/shadow_attributes/editField/' . $object['id']));
?>
<div class='inline-input inline-input-container'>
<div class="inline-input-accept inline-input-button inline-input-passive"><span class = "icon-ok" title="<?php echo __('Accept');?>" role="button" tabindex="0" aria-label="<?php echo __('Accept');?>"></span></div>
<div class="inline-input-decline inline-input-button inline-input-passive"><span class = "icon-remove" title="<?php echo __('Discard');?>" role="button" tabindex="0" aria-label="<?php echo __('Discard');?>"></span></div>
<?php
$current = 0;
if ($object['to_ids']) $current = 1;
echo $this->Form->input('to_ids', array(
'options' => array(0 => 'No', 1 => 'Yes'),
'label' => false,
'selected' => $current,
'class' => 'inline-input',
'id' => 'ShadowAttribute' . '_' . $object['id'] . '_to_ids_field',
'div' => false
));
echo $this->Form->end();
?>
</div>

19
app/View/ShadowAttributes/ajax/attributeEditTypeForm.ctp
View File

@ -1,19 +0,0 @@
<?php
echo $this->Form->create('ShadowAttribute', array('class' => 'inline-form inline-field-form', 'id' => 'ShadowAttribute_' . $object['id'] . '_type_form', 'url' => '/shadow_attributes/editField/' . $object['id']));
?>
<div class='inline-input inline-input-container'>
<div class="inline-input-accept inline-input-button inline-input-passive"><span class = "icon-ok" title="<?php echo __('Accept');?>" role="button" tabindex="0" aria-label="<?php echo __('Accept');?>"></span></div>
<div class="inline-input-decline inline-input-button inline-input-passive"><span class = "icon-remove" title="<?php echo __('Discard');?>" role="button" tabindex="0" aria-label="<?php echo __('Discard');?>"></span></div>
<?php
echo $this->Form->input('type', array(
'options' => array(array_combine($categoryDefinitions[$object['category']]['types'], $categoryDefinitions[$object['category']]['types'])),
'label' => false,
'selected' => $object['type'],
'error' => array('escape' => false),
'class' => 'inline-input',
'id' => 'ShadowAttribute_' . $object['id'] . '_type_field',
'div' => false
));
echo $this->Form->end();
?>
</div>

21
app/View/ShadowAttributes/ajax/attributeEditValueForm.ctp
View File

@ -1,21 +0,0 @@
<?php
echo $this->Form->create('ShadowAttribute', array('class' => 'inline-form inline-field-form', 'id' => 'ShadowAttribute_' . $object['id'] . '_value_form', 'url' => '/shadow_attributes/editField/' . $object['id'], 'default' => false));
?>
<div class='inline-input inline-input-container'>
<div class="inline-input-accept inline-input-button inline-input-passive"><span class = "icon-ok" title="<?php echo __('Accept');?>" role="button" tabindex="0" aria-label="<?php echo __('Accept');?>"></span></div>
<div class="inline-input-decline inline-input-button inline-input-passive"><span class = "icon-remove" title="<?php echo __('Discard');?>" role="button" tabindex="0" aria-label="<?php echo __('Discard');?>"></span></div>
<?php
echo $this->Form->input('value', array(
'type' => 'textarea',
'label' => false,
'value' => $object['value'],
'error' => array('escape' => false),
'class' => 'inline-input',
'id' => 'ShadowAttribute_' . $object['id'] . '_value_field',
'div' => false
));
?>
</div>
<?php
echo $this->Form->end();
?>

132
app/View/ShadowAttributes/edit.ctp
View File

@ -1,132 +0,0 @@
<div class="shadow_attributes <?php if (!isset($ajax) || !$ajax) echo 'form';?>">
<?php echo $this->Form->create('ShadowAttribute');?>
<fieldset>
<legend><?php echo __('Add Proposal'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('category', array(
'empty' => __('(choose one)'),
'div' => 'input',
'label' => __('Category ') . $this->element('formInfo', array('type' => 'category')),
));
$typeInputData = array(
'empty' => __('(first choose category)'),
'label' => __('Type ') . $this->element('formInfo', array('type' => 'type')),
);
if ($objectAttribute) {
$typeInputData[] = 'disabled';
}
if (!$attachment) {
echo $this->Form->input('type', $typeInputData);
}
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
'class' => 'input-xxlarge clear'
));
echo $this->Form->input('comment', array(
'type' => 'text',
'label' => __('Contextual Comment'),
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('to_ids', array(
'label' => __('IDS Signature?'),
));
echo $this->Form->input('first_seen', array(
'type' => 'text',
'div' => 'input hidden',
'required' => false,
));
echo $this->Form->input('last_seen', array(
'type' => 'text',
'div' => 'input hidden',
'required' => false,
));
?>
<div id="bothSeenSliderContainer"></div>
</fieldset>
<p style="color:red;font-weight:bold;display:none;<?php if (isset($ajax) && $ajax) echo "text-align:center;"?>" id="warning-message"><?php echo __('Warning: You are about to share data that is of a sensitive nature (Attribution / targeting data). Make sure that you are authorised to share this.');?></p>
<?php if (isset($ajax) && $ajax): ?>
<div class="overlay_spacing">
<table>
<tr>
<td style="vertical-align:top">
<span role="button" tabindex="0" aria-label="<?php echo __('Propose');?>" title="<?php echo __('Propose');?>" id="submitButton" class="btn btn-primary" onClick="submitPopoverForm('<?php echo $event_id;?>', 'propose')"><?php echo __('Propose');?></span>
</td>
<td style="width:540px;">
<p style="color:red;font-weight:bold;display:none;<?php if (isset($ajax) && $ajax) echo "text-align:center;"?>" id="warning-message"><?php echo __('Warning: You are about to share data that is of a sensitive nature (Attribution / targeting data). Make sure that you are authorised to share this.');?></p>
</td>
<td style="vertical-align:top;">
<span class="btn btn-inverse" id="cancel_attribute_add"><?php echo __('Cancel');?></span>
</td>
</tr>
</table>
</div>
<?php
else:
echo $this->Form->button('Propose', array('class' => 'btn btn-primary'));
endif;
echo $this->Form->end();
?>
</div>
<?php
$event['Event']['id'] = $this->request->data['ShadowAttribute']['event_id'];
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event', 'menuItem' => 'proposeAttribute', 'event' => $event));
echo $this->element('form_seen_input');
?>
<script type="text/javascript">
<?php
$formInfoTypes = array('category' => 'Category', 'type' => 'Type');
echo 'var formInfoFields = ' . json_encode($formInfoTypes) . PHP_EOL;
foreach ($formInfoTypes as $formInfoType => $humanisedName) {
echo 'var ' . $formInfoType . 'FormInfoValues = {' . PHP_EOL;
foreach ($info[$formInfoType] as $key => $formInfoData) {
echo '"' . $key . '": "<span class=\"blue bold\">' . h($formInfoData['key']) . '</span>: ' . h($formInfoData['desc']) . '<br />",' . PHP_EOL;
}
echo '}' . PHP_EOL;
}
?>
//
//Generate Category / Type filtering array
//
var category_type_mapping = new Array();
<?php
foreach ($categoryDefinitions as $category => $def) {
echo "category_type_mapping['" . addslashes($category) . "'] = {";
$first = true;
foreach ($def['types'] as $type) {
if ($first) $first = false;
else echo ', ';
echo "'" . addslashes($type) . "' : '" . addslashes($type) . "'";
}
echo "}; \n";
}
?>
$(document).ready(function() {
initPopoverContent('ShadowAttribute');
$("#ShadowAttributeCategory").on('change', function(e) {
formCategoryChanged('ShadowAttribute');
if ($(this).val() === 'Attribution' || $(this).val() === 'Targeting data') {
$("#warning-message").show();
} else {
$("#warning-message").hide();
}
});
$("#ShadowAttributeCategory, #ShadowAttributeType").change(function() {
initPopoverContent('ShadowAttribute');
});
});
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

8
app/webroot/js/misp.js
View File

@ -480,9 +480,7 @@ function activateField(type, id, field, event) {
if (type == 'denyForm') return;
var objectType = 'attributes';
var containerName = 'Attribute';
if (type == 'ShadowAttribute') {
objectType = 'shadow_attributes';
} else if (type == 'Object') {
if (type == 'Object') {
objectType = 'objects';
containerName = 'Object';
}
@ -623,9 +621,7 @@ function submitForm(type, id, field, context) {
var object_type = 'attributes';
var action = "editField";
var name = '#' + type + '_' + id + '_' + field;
if (type == 'ShadowAttribute') {
object_type = 'shadow_attributes';
} else if (type == 'Object') {
if (type == 'Object') {
object_type = 'objects';
}
$.ajax({