mirror of https://github.com/MISP/MISP
parent
3ad7d4b441
commit
656a391223
|
@ -114,6 +114,7 @@ class ServersController extends AppController {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!$fail) {
|
if (!$fail) {
|
||||||
|
$this->request->data['Server']['org_id'] = $this->Auth->user('org_id');
|
||||||
if ($this->Server->save($this->request->data)) {
|
if ($this->Server->save($this->request->data)) {
|
||||||
if (isset($this->request->data['Server']['submitted_cert']) && $this->request->data['Server']['submitted_cert']['size'] != 0) {
|
if (isset($this->request->data['Server']['submitted_cert']) && $this->request->data['Server']['submitted_cert']['size'] != 0) {
|
||||||
$this->__saveCert($this->request->data, $this->Server->id);
|
$this->__saveCert($this->request->data, $this->Server->id);
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
<?php
|
<?php
|
||||||
class XMLConverterTool {
|
class XMLConverterTool {
|
||||||
public function recursiveEcho($array) {
|
public function recursiveEcho($array) {
|
||||||
//debug($array);
|
|
||||||
$text = "";
|
$text = "";
|
||||||
foreach ($array as $k => $v) {
|
if (is_array($array)) foreach ($array as $k => $v) {
|
||||||
if (is_array($v)) {
|
if (is_array($v)) {
|
||||||
if (empty($v)) $text .= '<' . $k . '/>';
|
if (empty($v)) $text .= '<' . $k . '/>';
|
||||||
else {
|
else {
|
||||||
|
@ -43,7 +42,10 @@ class XMLConverterTool {
|
||||||
$event['Event']['SharingGroup'][0] = $event['SharingGroup'];
|
$event['Event']['SharingGroup'][0] = $event['SharingGroup'];
|
||||||
}
|
}
|
||||||
if (isset($event['Attribute'])) $event['Event']['Attribute'] = $event['Attribute'];
|
if (isset($event['Attribute'])) $event['Event']['Attribute'] = $event['Attribute'];
|
||||||
if (isset($event['ShadowAttribute'])) $event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
|
if (isset($event['ShadowAttribute'])) {
|
||||||
|
$event['Event']['ShadowAttribute'] = $event['ShadowAttribute'];
|
||||||
|
unset($event['ShadowAttribute']);
|
||||||
|
}
|
||||||
if (isset($event['RelatedEvent'])) if (isset($event['RelatedEvent'])) $event['Event']['RelatedEvent'] = $event['RelatedEvent'];
|
if (isset($event['RelatedEvent'])) if (isset($event['RelatedEvent'])) $event['Event']['RelatedEvent'] = $event['RelatedEvent'];
|
||||||
|
|
||||||
// legacy
|
// legacy
|
||||||
|
@ -81,6 +83,8 @@ class XMLConverterTool {
|
||||||
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['value'] = str_replace($toEscape, $escapeWith, $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['value']);
|
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['value'] = str_replace($toEscape, $escapeWith, $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['value']);
|
||||||
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment']);
|
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment']);
|
||||||
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment'] = str_replace($toEscape, $escapeWith, $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment']);
|
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment'] = str_replace($toEscape, $escapeWith, $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['comment']);
|
||||||
|
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['Org'] = array(0 => $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['Org']);
|
||||||
|
$event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['EventOrg'] = array(0 => $event['Event']['Attribute'][$key]['ShadowAttribute'][$skey]['EventOrg']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (isset($event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupOrg'])) {
|
if (isset($event['Event']['Attribute'][$key]['SharingGroup']['SharingGroupOrg'])) {
|
||||||
|
@ -107,6 +111,8 @@ class XMLConverterTool {
|
||||||
$event['Event']['ShadowAttribute'][$key]['value'] = str_replace($toEscape, $escapeWith, $event['Event']['ShadowAttribute'][$key]['value']);
|
$event['Event']['ShadowAttribute'][$key]['value'] = str_replace($toEscape, $escapeWith, $event['Event']['ShadowAttribute'][$key]['value']);
|
||||||
$event['Event']['ShadowAttribute'][$key]['comment'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $event['Event']['ShadowAttribute'][$key]['comment']);
|
$event['Event']['ShadowAttribute'][$key]['comment'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $event['Event']['ShadowAttribute'][$key]['comment']);
|
||||||
$event['Event']['ShadowAttribute'][$key]['comment'] = str_replace($toEscape, $escapeWith, $event['Event']['ShadowAttribute'][$key]['comment']);
|
$event['Event']['ShadowAttribute'][$key]['comment'] = str_replace($toEscape, $escapeWith, $event['Event']['ShadowAttribute'][$key]['comment']);
|
||||||
|
$event['Event']['ShadowAttribute'][$key]['Org'] = array(0 => $event['Event']['ShadowAttribute'][$key]['Org']);
|
||||||
|
$event['Event']['ShadowAttribute'][$key]['EventOrg'] = array(0 => $event['Event']['ShadowAttribute'][$key]['EventOrg']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -302,7 +302,7 @@ class Event extends AppModel {
|
||||||
),
|
),
|
||||||
'Orgc' => array(
|
'Orgc' => array(
|
||||||
'className' => 'Organisation',
|
'className' => 'Organisation',
|
||||||
'foreignKey' => 'org_id'
|
'foreignKey' => 'orgc_id'
|
||||||
),
|
),
|
||||||
'SharingGroup' => array(
|
'SharingGroup' => array(
|
||||||
'className' => 'SharingGroup',
|
'className' => 'SharingGroup',
|
||||||
|
@ -1270,6 +1270,8 @@ class Event extends AppModel {
|
||||||
'ShadowAttribute' => array(
|
'ShadowAttribute' => array(
|
||||||
'fields' => $fieldsShadowAtt,
|
'fields' => $fieldsShadowAtt,
|
||||||
'conditions' => array('deleted' => 0),
|
'conditions' => array('deleted' => 0),
|
||||||
|
'Org' => array('fields' => $fieldsOrg),
|
||||||
|
'EventOrg' => array('fields' => $fieldsOrg)
|
||||||
),
|
),
|
||||||
'SharingGroup' => $fieldsSharingGroup[(($user['Role']['perm_site_admin'] || $user['Role']['perm_sync']) ? 1 : 0)],
|
'SharingGroup' => $fieldsSharingGroup[(($user['Role']['perm_site_admin'] || $user['Role']['perm_sync']) ? 1 : 0)],
|
||||||
'EventTag' => array(
|
'EventTag' => array(
|
||||||
|
@ -1688,9 +1690,14 @@ class Event extends AppModel {
|
||||||
// When we receive an event via REST, we might end up with organisations, sharing groups, tags that we do not know
|
// When we receive an event via REST, we might end up with organisations, sharing groups, tags that we do not know
|
||||||
// or which we need to update. All of that is controller in this method.
|
// or which we need to update. All of that is controller in this method.
|
||||||
private function __captureObjects($data, $user) {
|
private function __captureObjects($data, $user) {
|
||||||
|
// first we want to see how the creator organisation is encoded
|
||||||
|
// The options here are either by passing an organisation object along or simply passing a string along
|
||||||
if (isset($data['Event']['Orgc'])) {
|
if (isset($data['Event']['Orgc'])) {
|
||||||
$data['Event']['orgc_id'] = $this->Orgc->captureOrg($data['Event']['Orgc'], $user);
|
$data['Event']['orgc_id'] = $this->Orgc->captureOrg($data['Event']['Orgc'], $user);
|
||||||
unset ($data['Event']['Orgc']);
|
unset ($data['Event']['Orgc']);
|
||||||
|
} else if (isset($data['Event']['orgc'])) {
|
||||||
|
$data['Event']['orgc_id'] = $this->Orgc->captureOrg($data['Event']['orgc'], $user);
|
||||||
|
unset($data['Event']['orgc']);
|
||||||
}
|
}
|
||||||
if (isset($data['Event']['EventTag'])) {
|
if (isset($data['Event']['EventTag'])) {
|
||||||
if (isset($data['Event']['EventTag']['id'])) {
|
if (isset($data['Event']['EventTag']['id'])) {
|
||||||
|
@ -1743,7 +1750,9 @@ class Event extends AppModel {
|
||||||
}
|
}
|
||||||
// set these fields if the event is freshly created and not pushed from another instance.
|
// set these fields if the event is freshly created and not pushed from another instance.
|
||||||
// Moved out of if (!$fromXML), since we might get a restful event without the orgc/timestamp set
|
// Moved out of if (!$fromXML), since we might get a restful event without the orgc/timestamp set
|
||||||
if (!isset ($data['Event']['orgc_id'])) $data['Event']['orgc_id'] = $data['Event']['org_id'];
|
if (!isset($data['Event']['orgc_id']) && !isset($data['Event']['orgc'])) {
|
||||||
|
$data['Event']['orgc_id'] = $data['Event']['org_id'];
|
||||||
|
}
|
||||||
if ($fromXml) {
|
if ($fromXml) {
|
||||||
// Workaround for different structure in XML/array than what CakePHP expects
|
// Workaround for different structure in XML/array than what CakePHP expects
|
||||||
$data = $this->cleanupEventArrayFromXML($data);
|
$data = $this->cleanupEventArrayFromXML($data);
|
||||||
|
@ -1800,7 +1809,7 @@ class Event extends AppModel {
|
||||||
App::import('Component','Auth');
|
App::import('Component','Auth');
|
||||||
}
|
}
|
||||||
$localEvent = $this->find('first', array('conditions' => array('Event.id' => $id), 'recursive' => -1, 'contain' => array('Attribute', 'ThreatLevel', 'ShadowAttribute')));
|
$localEvent = $this->find('first', array('conditions' => array('Event.id' => $id), 'recursive' => -1, 'contain' => array('Attribute', 'ThreatLevel', 'ShadowAttribute')));
|
||||||
if (!isset ($data['Event']['orgc_id'])) $data['Event']['orgc_id'] = $data['Event']['org_id'];
|
if (!isset($data['Event']['orgc_id']) && !isset($data['Event']['orgc'])) $data['Event']['orgc_id'] = $data['Event']['org_id'];
|
||||||
if ($localEvent['Event']['timestamp'] < $data['Event']['timestamp']) {
|
if ($localEvent['Event']['timestamp'] < $data['Event']['timestamp']) {
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -85,15 +85,26 @@ class Organisation extends AppModel{
|
||||||
}
|
}
|
||||||
|
|
||||||
public function captureOrg($org, $user) {
|
public function captureOrg($org, $user) {
|
||||||
|
if (is_array($org)) {
|
||||||
|
$conditions = array('uuid' => $org['uuid']);
|
||||||
|
$uuid = $org['uuid'];
|
||||||
|
$name = $org['name'];
|
||||||
|
} else {
|
||||||
|
$conditions = array('name' => $org);
|
||||||
|
$uuid = String::uuid();
|
||||||
|
$name = $org;
|
||||||
|
}
|
||||||
|
|
||||||
$existingOrg = $this->find('first', array(
|
$existingOrg = $this->find('first', array(
|
||||||
'recursive' => -1,
|
'recursive' => -1,
|
||||||
'conditions' => array('uuid' => $org['uuid'])
|
'conditions' => $conditions,
|
||||||
));
|
));
|
||||||
|
|
||||||
if (empty($existingOrg)) {
|
if (empty($existingOrg)) {
|
||||||
$this->create();
|
$this->create();
|
||||||
$organisation = array(
|
$organisation = array(
|
||||||
'uuid' => $org['uuid'],
|
'uuid' => $uuid,
|
||||||
'name' => $org['name'],
|
'name' => $name,
|
||||||
'local' => 0,
|
'local' => 0,
|
||||||
'created_by' => $user['id']
|
'created_by' => $user['id']
|
||||||
);
|
);
|
||||||
|
|
|
@ -950,6 +950,15 @@ class Server extends AppModel {
|
||||||
if ($oldAttribute) $proposal['old_id'] = $oldAttribute['Attribute']['id'];
|
if ($oldAttribute) $proposal['old_id'] = $oldAttribute['Attribute']['id'];
|
||||||
else $proposal['old_id'] = 0;
|
else $proposal['old_id'] = 0;
|
||||||
}
|
}
|
||||||
|
// check if this is a proposal from an old MISP instance
|
||||||
|
if (!isset($proposal['org_id']) && isset($proposal['org'])) {
|
||||||
|
$proposal['Org'] = $proposal['org'];
|
||||||
|
$proposal['EventOrg'] = $proposal['event_org'];
|
||||||
|
}
|
||||||
|
$proposal['org_id'] = $this->Organisation->captureOrg($proposal['Org'], $user);
|
||||||
|
$proposal['event_org_id'] = $this->Organisation->captureOrg($proposal['EventOrg'], $user);
|
||||||
|
unset($proposal['Org']);
|
||||||
|
unset($proposal['EventOrg']);
|
||||||
$shadowAttribute->create();
|
$shadowAttribute->create();
|
||||||
$shadowAttribute->save($proposal);
|
$shadowAttribute->save($proposal);
|
||||||
}
|
}
|
||||||
|
|
|
@ -38,7 +38,15 @@ class ShadowAttribute extends AppModel {
|
||||||
'fields' => '',
|
'fields' => '',
|
||||||
'order' => '',
|
'order' => '',
|
||||||
'counterCache' => true
|
'counterCache' => true
|
||||||
)
|
),
|
||||||
|
'Org' => array(
|
||||||
|
'className' => 'Organisation',
|
||||||
|
'foreignKey' => 'org_id'
|
||||||
|
),
|
||||||
|
'EventOrg' => array(
|
||||||
|
'className' => 'Organisation',
|
||||||
|
'foreignKey' => 'event_org_id'
|
||||||
|
),
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -173,7 +173,7 @@ class SharingGroup extends AppModel {
|
||||||
'SharingGroupServer' => array('fields' => array('id', 'server_id', 'all_orgs')),
|
'SharingGroupServer' => array('fields' => array('id', 'server_id', 'all_orgs')),
|
||||||
)
|
)
|
||||||
));
|
));
|
||||||
|
if (empty($sg)) return array();
|
||||||
// if the current server is marked as "all orgs" in the sharing group, just return true
|
// if the current server is marked as "all orgs" in the sharing group, just return true
|
||||||
foreach ($sg['SharingGroupServer'] as $sgs) {
|
foreach ($sg['SharingGroupServer'] as $sgs) {
|
||||||
if ($sgs['server_id'] == 0) {
|
if ($sgs['server_id'] == 0) {
|
||||||
|
|
|
@ -28,7 +28,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
|
||||||
<th><?php echo $this->Paginator->sort('title');?></th>
|
<th><?php echo $this->Paginator->sort('title');?></th>
|
||||||
<th><?php echo $this->Paginator->sort('created');?></th>
|
<th><?php echo $this->Paginator->sort('created');?></th>
|
||||||
</tr>
|
</tr>
|
||||||
<?php foreach ($list as $item): debug($item);?>
|
<?php foreach ($list as $item): ?>
|
||||||
<tr>
|
<tr>
|
||||||
<td class="short">
|
<td class="short">
|
||||||
<?php
|
<?php
|
||||||
|
|
Loading…
Reference in New Issue