MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'develop' of https://github.com/MISP/MISP into feature/sync/timestamp 

Conflicts:
	app/View/Attributes/index.ctp
	app/View/Events/add.ctp
	app/View/Events/edit.ctp
pull/217/head
Christophe Vandeplas 2013-06-10 23:00:37 +02:00
parent b74179bc84 128725cb36
commit 68c2fd09fe
22 changed files with 796 additions and 450 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Config/bootstrap.default.php
View File

@ -98,7 +98,6 @@
*/
Cache::config('default', array('engine' => 'File'));
//Configure::write('CyDefSIG.baseurl', 'https://sig.cyber-defence.be');
Configure::write('CyDefSIG.baseurl', 'http://localhost:8888');
if (!Configure::read('CyDefSIG.baseurl')) {
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) {
@ -108,8 +107,8 @@ if (!Configure::read('CyDefSIG.baseurl')) {
}
}
Configure::write('CyDefSIG.name', 'MISP');
Configure::write('CyDefSIG.version', '2.0');
Configure::write('CyDefSIG.header', 'CyDefSIG: Cyber Defence Signature Sharing Platform');
Configure::write('CyDefSIG.version', 'devel2.1');
Configure::write('CyDefSIG.header', 'MISP: Malware Information Sharing Platform');
Configure::write('CyDefSIG.footerpart1', 'Powered by MISP');
Configure::write('CyDefSIG.footerpart2', '© Belgian Defense CERT & NCIRC');
Configure::write('CyDefSIG.footer', Configure::read('CyDefSIG.footerpart1') . ' ' . Configure::read('CyDefSIG.footerpart2'));
@ -186,6 +185,7 @@ CakePlugin::load('SysLog');
CakePlugin::load('Assets'); // having Logable
CakePlugin::load('SysLogLogable');
CakePlugin::load('MagicTools'); // having OrphansProtectable
CakePlugin::load('UrlCache');
/**
* You can attach event listeners to the request lifecyle as Dispatcher Filter . By Default CakePHP bundles two filters:

10
app/Controller/AppController.php
View File

@ -186,13 +186,9 @@ class AppController extends Controller {
* @return void
*/
protected function _refreshAuth() {
if (isset($this->User)) {
$user = $this->User->read(false, $this->Auth->user('id'));
} else {
$this->loadModel('User');
$this->User->recursive = -1;
$user = $this->User->findById($this->Auth->user('id'));
}
$this->loadModel('User');
$this->User->recursive = -1;
$user = $this->User->findById($this->Auth->user('id'));
$this->Auth->login($user['User']);
}

3
app/Controller/EventsController.php
View File

@ -85,6 +85,9 @@ class EventsController extends AppController {
public function index() {
// list the events
// TODO information exposure vulnerability - as we don't limit the filter depending on the CyDefSIG.showorg parameter
// this filter will work if showorg=false and users will be able to perform the filtering and see what events were posted by what org.
// same goes for orgc in all cases
//transform POST into GET
if($this->request->is("post")) {
$url = array('action'=>'index');

2
app/Model/Attribute.php
View File

@ -181,7 +181,7 @@ class Attribute extends AppModel {
)
);
public $order = array("Attribute.event_id" => "DESC", "Attribute.type" => "ASC");
public $order = array("Attribute.event_id" => "DESC");
/**
* Validation rules

158
app/Plugin/UrlCache/Lib/Routing/UrlCacheManager.php Executable file
View File

@ -0,0 +1,158 @@
<?php
/**
* This class will statically hold in memory url's indexed by a custom hash
*
* @licence MIT
* @modified Mark Scherer
* - now easier to integrate
* - optimization for `pageFiles` (still stores urls with only controller/action keys in global file)
* - can handle legacy `prefix` urls
*
* 2012-02-13 ms
*/
class UrlCacheManager {
/**
* Holds all generated urls so far by the application indexed by a custom hash
*
*/
public static $cache = array();
/**
* Holds all generated urls so far by the application indexed by a custom hash
*
*/
public static $cachePage = array();
/**
* Holds all generated urls so far by the application indexed by a custom hash
*
*/
public static $extras = array();
/**
* type for the current set (triggered by last get)
*/
public static $type = 'cache';
/**
* key for current get/set
*/
public static $key = null;
/**
* cache key for pageFiles
*/
public static $cacheKey = 'url_map';
/**
* cache key for pageFiles
*/
public static $cachePageKey = null;
/**
* params that will always be present and will determine the global cache if pageFiles is used
*/
public static $paramFields = array('controller', 'plugin', 'action', 'prefix');
/**
* should be called in beforeRender()
*
*/
public static function init(View $View) {
$params = $View->request->params;
if (Configure::read('UrlCache.pageFiles')) {
$cachePageKey = '_misc';
if (is_object($View)) {
$path = $View->request->here;
if ($path == '/') {
$path = 'uc_homepage';
} else {
$path = strtolower(Inflector::slug($path));
}
if (empty($path)) {
$path = 'uc_error';
}
$cachePageKey = '_' . $path;
}
self::$cachePageKey = self::$cacheKey . $cachePageKey;
self::$cachePage = Cache::read(self::$cachePageKey, '_cake_core_');
}
self::$cache = Cache::read(self::$cacheKey, '_cake_core_');
# still old "prefix true/false" syntax?
if (Configure::read('UrlCache.verbosePrefixes')) {
unset(self::$paramFields[3]);
self::$paramFields = array_merge(self::$paramFields, (array) Configure::read('Routing.prefixes'));
}
self::$extras = array_intersect_key($params, array_combine(self::$paramFields, self::$paramFields));
$defaults = array();
foreach (self::$paramFields as $field) {
$defaults[$field] = '';
}
self::$extras = array_merge($defaults, self::$extras);
}
/**
* should be called in afterLayout()
*
*/
public static function finalize() {
Cache::write(self::$cacheKey, self::$cache, '_cake_core_');
if (Configure::read('UrlCache.pageFiles') && !empty(self::$cachePage)) {
Cache::write(self::$cachePageKey, self::$cachePage, '_cake_core_');
}
}
/**
* Returns the stored url if it was already generated, false otherwise
*
* @param string $key
* @return mixed
*/
public static function get($url, $full) {
$keyUrl = $url;
if (is_array($keyUrl)) {
$keyUrl += self::$extras;
# prevent different hashs on different orders
ksort($keyUrl, SORT_STRING);
# prevent different hashs on different types (int/string/bool)
foreach ($keyUrl as $key => $val) {
$keyUrl[$key] = (String) $val;
}
}
self::$key = md5(serialize($keyUrl) . $full);
if (Configure::read('UrlCache.pageFiles')) {
self::$type = 'cachePage';
if (is_array($keyUrl)) {
$res = array_diff_key($keyUrl, self::$extras);
if (empty($res)) {
self::$type = 'cache';
}
}
if (self::$type === 'cachePage') {
return isset(self::$cachePage[self::$key]) ? self::$cachePage[self::$key] : false;
}
}
return isset(self::$cache[self::$key]) ? self::$cache[self::$key] : false;
}
/**
* Stores a ney key in memory cache
*
* @param string $key
* @param mixed data to be stored
* @return void
*/
public static function set($data) {
if (Configure::read('UrlCache.pageFiles') && self::$type === 'cachePage') {
self::$cachePage[self::$key] = $data;
} else {
self::$cache[self::$key] = $data;
}
}
}

74
app/Plugin/UrlCache/View/Helper/UrlCacheAppHelper.php Executable file
View File

@ -0,0 +1,74 @@
<?php
/*
* App Helper url caching
* Copyright (c) 2009 Matt Curry
* www.PseudoCoder.com
* http://github.com/mcurry/cakephp/tree/master/snippets/app_helper_url
* http://www.pseudocoder.com/archives/2009/02/27/how-to-save-half-a-second-on-every-cakephp-requestand-maintain-reverse-routing
*
* @author Matt Curry <matt@pseudocoder.com>
* @author José Lorenzo Rodríguez
* @license MIT
*
* @modified Mark Scherer
*/
App::uses('Helper', 'View');
App::uses('Inflector', 'Utility');
App::uses('UrlCacheManager', 'UrlCache.Routing');
class UrlCacheAppHelper extends Helper {
/**
* This function is responsible for setting up the Url cache before the application starts generating urls in views
*
* @return void
*/
function beforeRender($viewFile) {
if (!Configure::read('UrlCache.active') || Configure::read('UrlCache.runtime.beforeRender')) {
return;
}
# todo: maybe lazy load with HtmlHelper::url()?
UrlCacheManager::init($this->_View);
Configure::write('UrlCache.runtime.beforeRender', true);
}
/**
* This method will store the current generated urls into a persistent cache for next use
*
* @return void
*/
function afterLayout($layoutFile = null) {
if (!Configure::read('UrlCache.active') || Configure::read('UrlCache.runtime.afterLayout')) {
return;
}
UrlCacheManager::finalize();
Configure::write('UrlCache.runtime.afterLayout', true);
}
/**
* Intercepts the parent url function to first look if the cache was already generated for the same params
*
* @param mixed $url url to generate using cakephp array syntax
* @param boolean $full wheter to generate a full url or not (http scheme)
* @return string
* @see Helper::url()
*/
function url($url = null, $full = false) {
if (Configure::read('UrlCache.active')) {
if ($cachedUrl = UrlCacheManager::get($url, $full)) {
return $cachedUrl;
}
}
$routerUrl = h(Router::url($url, $full));
if (Configure::read('UrlCache.active')) {
UrlCacheManager::set($routerUrl);
}
return $routerUrl;
}
}

94
app/View/Attributes/add.ctp
View File

@ -5,11 +5,9 @@
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv')),
'empty' => '(choose one)'
));
echo $this->Form->input('type', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv')),
'empty' => '(first choose category)'
));
if ('true' == Configure::read('CyDefSIG.sync')) {
@ -17,7 +15,6 @@
'options' => array($distributionLevels),
'label' => 'Distribution',
'selected' => $maxDist,
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv'))
));
}
echo $this->Form->input('value', array(
@ -31,18 +28,16 @@
<?php
echo $this->Form->input('to_ids', array(
'checked' => true,
'after' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
'label' => 'IDS Signature?',
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
'data-content' => 'Create multiple attributes one per line',
));
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeDistribution')->event('change', 'showFormInfo("#AttributeDistribution")');
?>
</fieldset>
<?php
@ -52,26 +47,21 @@ echo $this->Form->end();
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); ?> </li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
<li class="divider"></li>
<li class="active"><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Attribute']['event_id']));?> </li>
<?php else: ?>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
<?php endif; ?>
<li class="active"><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Attribute']['event_id'])); ?></li>
<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
@ -95,7 +85,6 @@ foreach ($categoryDefinitions as $category => $def) {
?>
function formCategoryChanged(id) {
showFormInfo(id); // display the tooltip
// fill in the types
var options = $('#AttributeType').prop('options');
$('option', $('#AttributeType')).remove();
@ -126,23 +115,52 @@ foreach ($distributionDescriptions as $type => $def) {
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
$(document).ready(function() {
// show it again
$(idDiv).fadeIn('slow');
}
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
$("input, label").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("input, label").on('mouseover', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
}).popover('show');
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
// hide the formInfo things
$('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
$('#AttributeType').prop('disabled', true);
$('#AttributeDistributionDiv').hide();
</script>

25
app/View/Attributes/add_attachment.ctp
View File

@ -42,26 +42,21 @@ echo $this->Form->end();
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); ?> </li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
<li class="active"><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Attribute']['event_id']));?> </li>
<?php else: ?>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
<?php endif; ?>
<li><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
<li class="active"><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Attribute']['event_id'])); ?></li>
<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>

111
app/View/Attributes/edit.ctp
View File

@ -1,6 +1,3 @@
<?php
$mayModify = (($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org']));
?>
<div class="attributes form">
<?php echo $this->Form->create('Attribute');?>
<fieldset>
@ -8,19 +5,16 @@ $mayModify = (($isAclModify && $attribute['Event']['user_id'] == $me['id']) || (
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv')),
'empty' => '(choose one)'
));
echo $this->Form->input('type', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv')),
'empty' => '(first choose category)'
));
if ('true' == Configure::read('CyDefSIG.sync')) {
if ('true' == Configure::read('CyDefSIG.sync') && $canEditDist) {
echo $this->Form->input('distribution', array(
'options' => array($distributionLevels),
'label' => 'Distribution',
'selected' => $maxDist,
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv'))
));
}
echo $this->Form->input('value', array(
@ -34,18 +28,16 @@ $mayModify = (($isAclModify && $attribute['Event']['user_id'] == $me['id']) || (
<?php
echo $this->Form->input('to_ids', array(
'checked' => true,
'after' => $this->Html->div('forminfo', isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc']),
'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
'label' => 'IDS Signature?',
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'after' => $this->Html->div('forminfo', 'Create multiple attributes one per line'),
'data-content' => 'Create multiple attributes one per line',
));
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
$this->Js->get('#AttributeDistribution')->event('change', 'showFormInfo("#AttributeDistribution")');
?>
</fieldset>
<?php
@ -55,26 +47,21 @@ echo $this->Form->end();
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id'])); ?> </li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><a href="/events/view/<?php echo $this->request->data['Attribute']['event_id']; ?>">View Event</a></li>
<li><a href="/events/edit/<?php echo $this->request->data['Attribute']['event_id']; ?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Attribute']['event_id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Attribute']['event_id'])); ?></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Attribute']['event_id']));?> </li>
<?php else: ?>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Attribute']['event_id']));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Attribute']['event_id']));?> </li>
<?php endif; ?>
<li><a href="/attributes/add/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Attribute']['event_id']; ?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $this->request->data['Attribute']['event_id']; ?>">Populate from IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Attribute']['event_id'])); ?></li>
<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['Attribute']['event_id'])); ?> </li>
<li><a href="/events/contact/<?php echo $this->request->data['Attribute']['event_id']; ?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Attribute']['event_id']; ?>">Download as IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
@ -97,7 +84,6 @@ foreach ($categoryDefinitions as $category => $def) {
?>
function formCategoryChanged(id) {
showFormInfo(id); // display the tooltip
// fill in the types
var options = $('#AttributeType').prop('options');
$('option', $('#AttributeType')).remove();
@ -122,32 +108,61 @@ foreach ($categoryDefinitions as $category => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($category) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
if ($canEditDist) {
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
$(document).ready(function() {
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
$("input, label").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("input, label").on('mouseover', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
}).popover('show');
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#AttributeType, #AttributeCategory, #Attribute, #AttributeDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
// show it again
$(idDiv).fadeIn('slow');
}
//hide the formInfo things
$('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
$('#AttributeDistributionDiv').hide();
// fix the select box based on what was selected
var type_value = $('#AttributeType').val();
formCategoryChanged("#AttributeCategory");
$('#AttributeType').val(type_value);
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

59
app/View/Attributes/index.ctp
View File

@ -53,45 +53,47 @@ foreach ($attributes as $attribute):
<tr>
<td class="short">
<div id="<?php echo $attribute['Attribute']['id']?>" title="<?php echo h($attribute['Event']['info'])?>"
onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php
if ($attribute['Event']['orgc'] == $me['org']) {
echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id']), array('class' => 'SameOrgLink'));
$class='class="SameOrgLink"';
} else {
echo $this->Html->link($attribute['Event']['id'], array('controller' => 'events', 'action' => 'view', $attribute['Event']['id']));
$class='';
}
$currentCount++;
?>
<a href="/events/view/<?php echo $attribute['Event']['id'];?>" <?php echo $class;?>><?php echo $attribute['Event']['id'];?></a>
</div>
</td>
<td title="<?php echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo h($attribute['Attribute']['category']); ?>&nbsp;</td>
<td title="<?php echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo h($attribute['Attribute']['type']); ?>&nbsp;</td>
<td onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<td title="<?php echo $categoryDefinitions[$attribute['Attribute']['category']]['desc'];?>" class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php echo $attribute['Attribute']['category']; ?>&nbsp;</td>
<td title="<?php echo $typeDefinitions[$attribute['Attribute']['type']]['desc'];?>" class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php echo $attribute['Attribute']['type']; ?>&nbsp;</td>
<td class="short" onclick="document.location='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php
$sigDisplay = nl2br(h($attribute['Attribute']['value']));
if ($isSearch == 1 && !empty($replacePairs)) {
// highlight the keywords if there are any
$sigDisplay = nl2br($this->Highlight->highlighter($sigDisplay, $replacePairs));
$sigDisplay = $this->Highlight->highlighter($sigDisplay, $replacePairs);
}
if ('attachment' == $attribute['Attribute']['type'] || 'malware-sample' == $attribute['Attribute']['type']) {
echo $this->Html->link($sigDisplay, array('controller' => 'attributes', 'action' => 'download', $attribute['Attribute']['id']), array('escape' => FALSE));
?><a href="/attributes/download/<?php echo $attribute['Attribute']['id'];?>"><?php echo $sigDisplay; ?></a><?php
} elseif ('link' == $attribute['Attribute']['type']) {
echo $this->Html->link($sigDisplay, nl2br(h($attribute['Attribute']['value'])), array('escape' => FALSE));
?><a href="<?php echo nl2br(h($attribute['Attribute']['value']));?>"><?php echo $sigDisplay; ?></a><?php
} else {
echo $sigDisplay;
}
?>&nbsp;</td>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), true);?>';">
<?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No'; ?>&nbsp;</td>
<td class="short" onclick="document.location ='document.location ='/events/view/<?php echo $attribute['Event']['id'];?>';">
<?php echo $attribute['Attribute']['to_ids'] ? 'Yes' : 'No'; ?>&nbsp;
</td>
<td class="short action-links"><?php
if ($isAdmin || ($isAclModify && $attribute['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $attribute['Event']['org'] == $me['org'])) {
echo $this->Html->link('', array('action' => 'edit', $attribute['Attribute']['id']), array('class' => 'icon-edit', 'title' => 'Edit'));
?><a href="/attributes/edit/<?php echo $attribute['Attribute']['id'];?>" class="icon-edit" title="Edit"></a><?php
echo $this->Form->postLink('',array('action' => 'delete', $attribute['Attribute']['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this attribute?'));
}
echo $this->Html->link('', array('controller' => 'events', 'action' => 'view', $attribute['Attribute']['event_id']), array('class' => 'icon-list-alt', 'title' => 'View'));
?>
<a href="/events/view/<?php echo $attribute['Attribute']['event_id'];?>" class="icon-list-alt" title="View"></a>
</td>
</tr>
<?php
@ -119,9 +121,9 @@ endforeach;
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php
@ -133,16 +135,27 @@ endforeach;
$listClass = 'class="active"';
}
?>
<li <?php echo $listClass;?>><?php echo $this->Html->link('List Attributes', array('admin' => false, 'controller' => 'attributes', 'action' => 'index'));?></li>
<li <?php echo $searchClass;?>><?php echo $this->Html->link('Search Attributes', array('admin' => false, 'controller' => 'attributes', 'action' => 'search'));?></li>
<li <?php echo $listClass;?>><a href="/attributes/index">List Attributes</a></li>
<li <?php echo $searchClass;?>><a href="/attributes/search">Search Attributes</a></li>
<?php if ($isSearch == 1): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link(__('Download results as XML'), array('admin' => false, 'controller' => 'events', 'action' => 'downloadSearchResult'));?></li>
<li><a href="/events/downloadSearchResult">Download results as XML</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>
</div>
<script type="text/javascript">
// tooltips
$(document).ready(function () {
$("td, div").tooltip({
'placement': 'top',
'container' : 'body',
delay: { show: 500, hide: 100 }
});
});
</script>

79
app/View/Attributes/search.ctp
View File

@ -16,9 +16,9 @@
<?php
echo $this->Form->input('type', array(
'div' => 'input clear',
'after' => $this->Html->div('forminfo', '', array('id' => 'AttributeTypeDiv'))
));
echo $this->Form->input('category', array('after' => $this->Html->div('forminfo', '', array('id' => 'AttributeCategoryDiv'))));
echo $this->Form->input('category', array(
));
?>
</fieldset>
<?php
@ -99,7 +99,6 @@ foreach ($typeDefinitions as $type => $def) {
function formCategoryChanged(id) {
var alreadySelected = $('#AttributeType').val();
showFormInfo(id); // display the tooltip
// empty the types
document.getElementById("AttributeType").options.length = 1;
// add new items to options
@ -112,15 +111,10 @@ function formCategoryChanged(id) {
});
// enable the form element
$('#AttributeType').prop('disabled', false);
if ("ALL" == $('#AttributeCategory').val()) {
//alert($('#AttributeCategory').val());
$('#AttributeCategoryDiv').hide();
}
}
function formTypeChanged(id) {
var alreadySelected = $('#AttributeCategory').val();
showFormInfo(id); // display the tooltip
// empty the categories
document.getElementById("AttributeCategory").options.length = 2;
// add new items to options
@ -133,10 +127,6 @@ function formTypeChanged(id) {
});
// enable the form element
$('#AttributeCategory').prop('disabled', false);
if ("ALL" == $('#AttributeType').val()) {
//alert($('#AttributeType').val());
$('#AttributeTypeDiv').hide();
}
}
var formInfoValues = new Array();
@ -151,49 +141,64 @@ foreach ($categoryDefinitions as $category => $def) {
echo "formInfoValues['$category'] = \"$info\";\n";
}
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
$this->Js->get('#AttributeCategory')->event('change', 'showFormInfo("#AttributeCategory")');
$this->Js->get('#AttributeType')->event('change', 'formTypeChanged("#AttributeType")');
$this->Js->get('#AttributeType')->event('change', 'showFormInfo("#AttributeType")');
?>
formInfoValues['ALL'] = '';
formInfoValues[''] = '';
function showFormInfo(id) {
idDiv = id+'Div';
if (("ALL" != $(id).val()) && ("" != $(id).val())) {
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
} else {
$(idDiv).hide();
}
}
$(document).ready(function() {
$("#AttributeType, #AttributeCategory").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#AttributeType, #AttributeCategory").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#AttributeType, #AttributeCategory").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
// hide the formInfo things
$('#AttributeTypeDiv').hide();
$('#AttributeCategoryDiv').hide();
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts ?>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li class="active"><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><a href="/attributes/index">List Attributes</a></li>
<li class="active"><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>

58
app/View/Elements/global_menu.ctp
View File

@ -4,7 +4,7 @@
<?php if ($me != false ):?>
<div class="nav-collapse collapse">
<ul class="nav">
<li class="active"><?php echo $this->Html->link('home', '/');?></li>
<li class="active"><a href="/">home</a></li>
<li class="dropdown">
@ -13,17 +13,17 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
@ -36,14 +36,14 @@
</a>
<ul class="dropdown-menu">
<?php if ($isSiteAdmin): ?>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index', 'admin' => true)); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index', 'admin' => true)); ?> </li>
<li><a href="/admin/blacklists/index">Import Blacklist</a></li>
<li><a href="/admin/regexp/index">Import Regexp</a></li>
<li><a href="/admin/whitelists/index">Signature Whitelist</a></li>
<?php endif;?>
<?php if (!$isSiteAdmin): ?>
<li><?php echo $this->Html->link(__('Import Blacklist', true), array('controller' => 'blacklists', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Import Regexp', true), array('controller' => 'regexp', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Signature Whitelist', true), array('controller' => 'whitelists', 'action' => 'index')); ?> </li>
<li><a href="/blacklists/index">Import Blacklist</a></li>
<li><a href="/regexp/index">Import Regexp</a></li>
<li><a href="/whitelists/index">Signature Whitelist</a></li>
<?php endif;?>
</ul>
</li>
@ -54,13 +54,13 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><?php echo $this->Html->link(__('News', true), array('controller' => 'users', 'action' => 'news', 'plugin' => false)); ?> </li>
<li><?php echo $this->Html->link(__('My Profile', true), array('controller' => 'users', 'action' => 'view', 'me', 'plugin' => false)); ?> </li>
<li><?php echo $this->Html->link(__('Members List', true), array('controller' => 'users', 'action' => 'memberslist', 'plugin' => false)); ?> </li>
<li><?php echo $this->Html->link(__('User Guide', true), array('controller' => 'pages', 'action' => 'display', 'documentation', 'plugin' => false)); ?> </li>
<li><?php echo $this->Html->link(__('Terms & Conditions', true), array('controller' => 'users', 'action' => 'terms', 'plugin' => false)); ?> </li>
<li><a href="/users/news">News</a></li>
<li><a href="/users/view/me">My Profile</a></li>
<li><a href="/users/memberslist">Members List</a></li>
<li><a href="/pages/display/documentation">User Guide</a></li>
<li><a href="/users/terms">Terms &amp; Conditions</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout', 'plugin' => false)); ?> </li>
<li><a href="/users/logout">Log out</a></li>
</ul>
</li>
@ -71,7 +71,7 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><?php echo $this->Html->link(__('List Servers'), array('controller' => 'servers', 'action' => 'index', 'plugin' => false));?></li>
<li><a href="/servers/index">List Servers</a></li>
</ul>
</li>
<?php endif;?>
@ -83,16 +83,16 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><?php echo $this->Html->link(__('New User', true), array('controller' => 'users', 'action' => 'add', 'admin' => true, 'plugin' => false)); ?> </li>
<li><?php echo $this->Html->link(__('List Users', true), array('controller' => 'users', 'action' => 'index', 'admin' => true, 'plugin' => false)); ?> </li>
<li><a href="/admin/users/add">New User</a></li>
<li><a href="/admin/users/index">List Users</a></li>
<li class="divider"></li>
<?php if($isSiteAdmin): ?>
<li><?php echo $this->Html->link(__('New Role', true), array('controller' => 'roles', 'action' => 'add', 'admin' => true, 'plugin' => false)); ?> </li>
<li><a href="/admin/roles/add">New Role</a></li>
<?php endif; ?>
<li><?php echo $this->Html->link(__('List Roles', true), array('controller' => 'roles', 'action' => 'index', 'admin' => true, 'plugin' => false)); ?> </li>
<li><a href="/admin/roles/index">List Roles</a></li>
<?php if($isSiteAdmin): ?>
<li class="divider"></li>
<li><?php echo $this->Html->link(__('Contact users', true), array('controller' => 'users', 'action' => 'email', 'admin' => true, 'plugin' => false)); ?> </li>
<li><a href="/admin/users/email">Contact Users</a></li>
<?php endif; ?>
</ul>
</li>
@ -105,17 +105,17 @@
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><?php echo $this->Html->link(__('List Logs', true), array('controller' => 'logs', 'action' => 'index', 'admin' => true, 'plugin' => false)); ?> </li>
<li><?php echo $this->Html->link(__('Search Logs', true), array('controller' => 'logs', 'action' => 'admin_search', 'admin' => true, 'plugin' => false)); ?> </li>
<li><a href="/admin/logs/index">List Logs</a></li>
<li><a href="/admin/logs/search">Search Logs</a></li>
</ul>
</li>
<?php endif;?>
</ul>
</div>
<div class="nav-collapse collapse" style="float:right">
<div class="nav-collapse collapse pull-right">
<ul class="nav">
<li><?php echo $this->Html->link(__('Log out', true), array('controller' => 'users', 'action' => 'logout', 'plugin' => false)); ?> </li>
<li><a href="/users/logout">Log out</a></li>
</ul>
</div>
<?php endif;?>

67
app/View/Events/add.ctp
View File

@ -11,17 +11,14 @@
echo $this->Form->input('distribution', array(
'options' => array($distributionLevels),
'label' => 'Distribution',
'selected' => '3',
'after' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')),
'selected' => '3'
));
}
echo $this->Form->input('risk', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')),
'div' => 'input clear'
));
echo $this->Form->input('analysis', array(
'options' => array($analysisLevels),
'after' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
));
echo $this->Form->input('info', array(
'div' => 'clear',
@ -30,13 +27,8 @@
echo $this->Form->input('Event.submittedgfi', array(
'label' => '<b>GFI sandbox</b>',
'type' => 'file',
// 'between' => $this->Html->div('forminfo', isset($eventDescriptions['submittedgfi']['formdesc']) ? $eventDescriptions['submittedgfi']['formdesc'] : $eventDescriptions['submittedgfi']['desc']),
'div' => 'clear'
));
// link an onchange event to the form elements
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
?>
</fieldset>
<?php
@ -47,17 +39,17 @@ echo $this->Form->end();
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li class="active"><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li class="active"><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>
@ -82,20 +74,37 @@ foreach ($analysisDescriptions as $type => $def) {
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
}
$(document).ready(function() {
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
});
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
});
});
// hide the formInfo things
$('#EventDistributionDiv').hide();
$('#EventRiskDiv').hide();
$('#EventAnalysisDiv').hide();
</script>
<?php echo $this->Js->writeBuffer();

32
app/View/Events/add_i_o_c.ctp
View File

@ -16,26 +16,32 @@ echo $this->Form->end();
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $id)); ?> </li>
<li><a href="/events/view/<?php echo $this->request->data['Event']['id'];?>">View Event</a></li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $id)); ?> </li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $id), null, __('Are you sure you want to delete # %s?', $id)); ?></li>
<li><a href="/events/edit/<?php echo $this->request->data['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $id));?> </li>
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $id));?> </li>
<li class="active"><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $id));?> </li>
<li><a href="/attributes/add/<?php echo $this->request->data['Event']['id'];?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Add Attachment</a></li>
<li class="active"><a href="/events/addIOC/<?php echo $this->request->data['Event']['id'];?>">Populate from IOC</a></li>
<?php else: ?>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $id));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $id));?> </li>
<li><a href="/shadow_attributes/add/<?php echo $this->request->data['Event']['id'];?>">Propose Attribute</a></li>
<li><a href="/shadow_attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $id)); ?> </li>
<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $id)); ?></li>
<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $id)); ?> </li>
<?php if ( 0 == $this->request->data['Event']['published'] && ($isAdmin || $mayPublish)): ?>
<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $this->request->data['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $this->request->data['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
<?php else: ?>
<!-- ul><li>Alert already sent</li></ul -->
<?php endif; ?>
<li><a href="/events/contact/<?php echo $this->request->data['Event']['id'];?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Event']['id'];?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Event']['id'];?>">Download as IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>

12
app/View/Events/automation.ctp
View File

@ -58,17 +58,17 @@ This would enable you to export:</p>
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li class="active"><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
<li class="active"><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>

34
app/View/Events/contact.ctp
View File

@ -35,26 +35,32 @@ $mayPublish = ($isAclPublish && $this->request->data['Event']['orgc'] == $me['or
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('controller' => 'events', 'action' => 'view', $this->request->data['Event']['id'])); ?> </li>
<li><a href="/events/view/<?php echo $event['Event']['id'];?>">View Event</a></li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><?php echo $this->Html->link('Edit Event', array('controller' => 'events', 'action' => 'edit', $this->request->data['Event']['id'])); ?> </li>
<li><?php echo $this->Form->postLink('Delete Event', array('controller' => 'events', 'action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
<li><a href="/events/edit/<?php echo $event['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Event']['id']));?> </li>
<li><a href="/attributes/add/<?php echo $event['Event']['id'];?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $event['Event']['id'];?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $event['Event']['id'];?>">Populate from IOC</a></li>
<?php else: ?>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
<li><a href="/shadow_attributes/add/<?php echo $event['Event']['id'];?>">Propose Attribute</a></li>
<li><a href="/shadow_attributes/add_attachment/<?php echo $event['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<li class="active"><?php echo $this->Html->link(__('Contact reporter', true), array('controller' => 'events', 'action' => 'contact', $this->request->data['Event']['id'])); ?> </li>
<li><?php echo $this->Html->link(__('Download as XML', true), array('controller' => 'events', 'action' => 'xml', 'download', $this->request->data['Event']['id'])); ?></li>
<li><?php echo $this->Html->link(__('Download as IOC', true), array('controller' => 'events', 'action' => 'downloadOpenIOCEvent', $this->request->data['Event']['id'])); ?> </li>
<?php if ( 0 == $event['Event']['published'] && ($isAdmin || $mayPublish)): ?>
<li><?php echo $this->Form->postLink('Publish Event', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be informed?'); ?></li>
<li><?php echo $this->Form->postLink('Publish (no email)', array('action' => 'publish', $event['Event']['id']), null, 'Publish but do NOT send alert email? Only for minor changes!'); ?></li>
<?php else: ?>
<!-- ul><li>Alert already sent</li></ul -->
<?php endif; ?>
<li class="active"><a href="/events/contact/<?php echo $event['Event']['id'];?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $event['Event']['id'];?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $event['Event']['id'];?>">Download as IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
</div>

65
app/View/Events/edit.ctp
View File

@ -13,26 +13,19 @@ if ('true' == Configure::read('CyDefSIG.sync')) {
'options' => array($distributionLevels),
'label' => 'Distribution',
'selected' => '3',
'after' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')),
));
}
echo $this->Form->input('risk', array(
'after' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')),
'div' => 'input clear'
));
echo $this->Form->input('analysis', array(
'options' => array($analysisLevels),
'after' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv'))
));
echo $this->Form->input('info', array(
'div' => 'clear',
'class' => 'input-xxlarge'
));
// link an onchange event to the form elements
$this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")');
$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")');
$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")');
?>
</fieldset>
<?php
@ -42,17 +35,17 @@ echo $this->Form->end();
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('View Event', array('action' => 'view', $this->request->data['Event']['id'])); ?> </li>
<li><a href="/events/view/<?php echo $this->request->data['Event']['id'];?>">View Event</a></li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li class="active"><?php echo $this->Html->link('Edit Event', array('action' => 'edit', $this->request->data['Event']['id'])); ?> </li>
<li class="active"><a href="/events/edit/<?php echo $this->request->data['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $this->request->data['Event']['id']), null, __('Are you sure you want to delete # %s?', $this->request->data['Event']['id'])); ?></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $this->request->data['Event']['id']));?> </li>
<li><a href="/attributes/add/<?php echo $this->request->data['Event']['id'];?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $this->request->data['Event']['id'];?>">Populate from IOC</a></li>
<?php else: ?>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $this->request->data['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $this->request->data['Event']['id']));?> </li>
<li><a href="/shadow_attributes/add/<?php echo $this->request->data['Event']['id'];?>">Propose Attribute</a></li>
<li><a href="/shadow_attributes/add_attachment/<?php echo $this->request->data['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php if ( 0 == $this->request->data['Event']['published'] && ($isAdmin || $mayPublish)): ?>
@ -63,14 +56,13 @@ echo $this->Form->end();
<?php else: ?>
<!-- ul><li>Alert already sent</li></ul -->
<?php endif; ?>
<li><?php echo $this->Html->link(__('Contact reporter', true), array('action' => 'contact', $this->request->data['Event']['id'])); ?> </li>
<li><?php echo $this->Html->link(__('Download as XML', true), array('action' => 'xml', 'download', $this->request->data['Event']['id'])); ?></li>
<li><?php echo $this->Html->link(__('Download as IOC', true), array('action' => 'downloadOpenIOCEvent', $this->request->data['Event']['id'])); ?> </li>
<li><a href="/events/contact/<?php echo $this->request->data['Event']['id'];?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $this->request->data['Event']['id'];?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $this->request->data['Event']['id'];?>">Download as IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
@ -81,10 +73,13 @@ echo $this->Form->end();
//
var formInfoValues = new Array();
<?php
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
if ('true' == $canEditDist) {
foreach ($distributionDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
}
foreach ($riskDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
@ -95,15 +90,21 @@ foreach ($analysisDescriptions as $type => $def) {
}
?>
function showFormInfo(id) {
idDiv = id+'Div';
// LATER use nice animations
//$(idDiv).hide('fast');
// change the content
var value = $(id).val(); // get the selected value
$(idDiv).html(formInfoValues[value]); // search in a lookup table
// show it again
$(idDiv).fadeIn('slow');
$(document).ready(function() {
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
placement: 'right',
content: formInfoValues[$e.val()],
}).popover('show');
}
// hide the formInfo things

12
app/View/Events/export.ctp
View File

@ -51,17 +51,17 @@
</div>
<div class="actions">
<ul class="nav nav-list">
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li class="active"><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
<li class="active"><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>

258
app/View/Events/index.ctp
View File

@ -7,130 +7,169 @@
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
$this->Paginator->options(array(
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<?php echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px')); ?>
<div class="input-prepend input-append" style="margin-bottom:0px;">
<div id = "searchcancel" class="add-on span" style="margin-left:0px; margin-top:25px">
<div><a href=# onClick='resetForm()'><div class="icon-remove" style = "margin-top:3px"></div></a></div>
</div>
<div id = "searchinfo" class="span" style="width:220px; margin-left:0px">
<?php
echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'label' => 'Info'));
?>
</div><div id = "searchorgc" class="span" style="margin-left:0px; width:220px">
<?php
echo $this->Form->input('searchorgc', array('value' => $this->passedArgs['searchorgc'], 'label' => 'Org'));
?>
</div><div id = "searchpublished" class="span" style="margin-left:0px; width:220px">
<?php
echo $this->Form->input('searchpublished', array('options' => array('0' => 'No', '1' => 'Yes', '2' => 'Any'), 'default' => 2, 'label' => 'Published'));
?>
</div><div id = "searchfrom" class="span" style="margin-left:0px; width:110px">
<?php
echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'label' => 'From', 'style' => 'width:96px; margin-top: 0px;', 'class' => 'datepicker'));
?>
</div><div id = "searchuntil" class="span" style="margin-left:0px; width:110px">
<?php
echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'label' => 'Until', 'style' => 'width:96px; margin-top: 0px;', 'class' => 'datepicker'));
?>
</div><div id = "searchbutton" class="span" style="margin-left:0px; margin-top:25px">
<?php
echo $this->Form->button('Go', array('class' => 'btn'));
?>
</div>
</div>
<?php
echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
// Let's output a small label of each filter
$count = 0;
?>
<table><tr>
<?php
foreach ($this->passedArgs as $k => $v) {
if ((substr($k, 0, 6) === 'search')) {
$searchTerm = substr($k, 6);
if ($searchTerm === 'published') {
switch ($v) {
case '0' :
$value = 'No';
break;
case '1' :
$value = 'Yes';
break;
case '2' :
continue 2;
break;
}
} else {
if (!$v) {
continue;
}
$value = $v;
}
?>
<td class="<?php echo (($count < 1) ? 'searchLabelFirst' : 'searchLabel');?>"><?php echo $searchTerm; ?> : <?php echo $value; ?></td>
<table>
<tr>
<?php
$count++;
foreach ($this->passedArgs as $k => $v) {
if ((substr($k, 0, 6) === 'search')) {
$searchTerm = substr($k, 6);
if ($searchTerm === 'published') {
switch ($v) {
case '0' :
$value = 'No';
break;
case '1' :
$value = 'Yes';
break;
case '2' :
continue 2;
break;
}
} else {
if (!$v) {
continue;
}
$value = $v;
}
?>
<td class="<?php echo (($count < 1) ? 'searchLabelFirst' : 'searchLabel');?>">
<?php echo $searchTerm; ?> : <?php echo $value; ?>
</td>
<?php
$count++;
}
}
}
if ($count > 0) {
?>
<td class="searchLabelCancel"><?php echo $this->Html->link('', array('controller' => 'events', 'action' => 'index'), array('class' => 'icon-remove', 'title' => 'Remove filters'));?></td>
<?php
}
?>
</tr></table>
<?php
echo $this->Form->end();
?>
if ($count > 0) {
?>
<td class="searchLabelCancel">
<?php echo $this->Html->link('', array('controller' => 'events', 'action' => 'index'), array('class' => 'icon-remove', 'title' => 'Remove filters'));?>
</td>
<?php
}
?>
</tr>
</table>
<input type="submit" style="visibility:collapse;" />
<table class="table table-striped table-hover table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('published', 'Valid.');?><a href=# onClick='enableField("searchpublished")'><br /><div class="icon-search"></div></a></th>
<th class="filter">
<?php echo $this->Paginator->sort('published', 'Valid.');?>
<a onclick="$('#searchpublished').toggle();" class="icon-search"></a>
<span id="searchpublished"><br/>
<?php
// on change jquery will submit the form
echo $this->Form->input('searchpublished', array(
'options' => array('0' => 'No', '1' => 'Yes', '2' => 'Any'),
'default' => 2,
'label' => '',
'class' => 'input-mini',
'onchange' => "$('#EventIndexForm').submit()"
));
?>
</span>
</th>
<?php
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin) {
if ($isSiteAdmin) { ?>
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin) {
if ($isSiteAdmin) { ?>
<th><?php echo $this->Paginator->sort('org'); ?></th>
<?php
} else { ?>
<th><?php echo $this->Paginator->sort('org'); ?><a href=# onClick='enableField("searchorgc")'><br /><div class="icon-search"></div></a></th></th>
<th class="filter"><?php echo $this->Paginator->sort('org'); ?>
<a onclick="toggleField('#searchorg')" class="icon-search"></a>
</th>
<?php
}
}
?>
<?php if ($isSiteAdmin): ?>
<th><?php echo $this->Paginator->sort('owner org');?><a href=# onClick='enableField("searchorgc")'><br /><div class="icon-search"></div></a></th>
<th class="filter">
<?php echo $this->Paginator->sort('owner org');?>
<a onclick="toggleField('#searchorgc')" class="icon-search"></a>
<span id="searchorgc"><br/>
<?php
echo $this->Form->input('searchorgc', array(
'value' => $this->passedArgs['searchorgc'],
'label' => '',
'class' => 'input-mini'));
?>
</span>
</th>
<?php endif; ?>
<th><?php echo $this->Paginator->sort('id');?></th>
<th><?php echo $this->Paginator->sort('attribute_count', '#Attr.');?></th>
<?php if ($isAdmin): ?>
<th><?php echo $this->Paginator->sort('user_id', 'Email');?></th>
<?php endif; ?>
<th><?php echo $this->Paginator->sort('date');?><a href=# onClick='enableDate()'><br /><div class="icon-search"></div></a></th>
<th class="filter">
<?php echo $this->Paginator->sort('date');?>
<a onclick="toggleField('#searchdate')" class="icon-search"></a>
<br/>
<div id="searchdate" class="input-append input-prepend">
<?php
echo $this->Form->input('searchDatefrom', array(
'value' => $this->passedArgs['searchDatefrom'],
'label' => false,
'div' => false,
'class' => 'span1 datepicker',
));
?>
<input type="submit" class="btn" value="&gt;"/>
<?php
echo $this->Form->input('searchDateuntil', array(
'value' => $this->passedArgs['searchDateuntil'],
'label' => false,
'class' => 'span1 datepicker',
'div' => false
));
?>
</div>
</th>
<th title="<?php echo $eventDescriptions['risk']['desc'];?>">
<?php echo $this->Paginator->sort('risk');?>
</th>
<th title="<?php echo $eventDescriptions['analysis']['desc'];?>">
<?php echo $this->Paginator->sort('analysis');?>
</th>
<th><?php echo $this->Paginator->sort('info');?><a href=# onClick='enableField("searchinfo")'><br /><div class="icon-search"></div></a></th>
<th class="filter">
<?php echo $this->Paginator->sort('info');?>
<a onclick="toggleField('#searchinfo')" class="icon-search"></a>
<span id="searchinfo"><br/>
<?php
echo $this->Form->input('searchinfo', array(
'value' => $this->passedArgs['searchinfo'],
'label' => '',
'class' => 'input-large'));
?>
</span>
</th>
<?php if ('true' == Configure::read('CyDefSIG.sync')): ?>
<th title="<?php echo $eventDescriptions['distribution']['desc'];?>">
<?php echo $this->Paginator->sort('distribution');?>
</th>
<?php endif; ?>
<th class="actions"><?php echo __('Actions');?></th>
<th class="actions">Actions</th>
</tr>
<?php
echo $this->Form->end();
?>
<?php foreach ($events as $event):?>
<tr>
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true);?>';">
@ -224,52 +263,35 @@
</div>
<div class="actions">
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li class="active"><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Attributes', array('controller' => 'attributes', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link('Search Attributes', array('controller' => 'attributes', 'action' => 'search')); ?> </li>
<li><a href="/attributes/index">List Attributes</a></li>
<li><a href="/attributes/search">Search Attributes</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Export', array('controller' => 'events', 'action' => 'export')); ?> </li>
<li><a href="/events/export">Export</a></li>
<?php if ($isAclAuth): ?>
<li><?php echo $this->Html->link('Automation', array('controller' => 'events', 'action' => 'automation')); ?></li>
<li><a href="/events/automation">Automation</a></li>
<?php endif;?>
</ul>
</div>
<script>
$(document).ready(disableAll());
$(document).ready( function () {
// onload hide all buttons
$('#searchinfo').hide();
$('#searchorgc').hide();
$('#searchdate').hide();
$('#searchpublished').hide();
function resetForm() {
document.getElementById('EventSearchinfo').value=null;
document.getElementById('EventSearchorgc').value=null;
document.getElementById('EventSearchpublished').value=2;
disableAll();
});
function toggleField(field) {
$(field).toggle();
$(field +" input").focus();
}
function disableAll() {
disableField('searchinfo');
disableField('searchorgc');
disableField('searchfrom');
disableField('searchuntil');
disableField('searchpublished');
disableField('searchbutton');
disableField('searchcancel');
}
function disableField(field) {
document.getElementById(field).style.display="none";
}
function enableField(field) {
document.getElementById(field).style.display="";
document.getElementById('searchbutton').style.display="";
document.getElementById('searchcancel').style.display="";
}
function enableDate() {
enableField('searchfrom');
enableField('searchuntil');
}
</script>

71
app/View/Events/view.ctp
View File

@ -2,19 +2,19 @@
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['orgc'] == $me['org']));
$mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
?>
<div class="actions" style="width:12%">
<div class="actions">
<ul class="nav nav-list">
<li class="active"><?php echo $this->Html->link('View Event', array('action' => 'view', $event['Event']['id'])); ?> </li>
<li class="active"><a href="/events/view/<?php echo $event['Event']['id'];?>">View Event</a></li>
<?php if ($isSiteAdmin || $mayModify): ?>
<li><?php echo $this->Html->link('Edit Event', array('action' => 'edit', $event['Event']['id'])); ?> </li>
<li><a href="/events/edit/<?php echo $event['Event']['id'];?>">Edit Event</a></li>
<li><?php echo $this->Form->postLink('Delete Event', array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('Add Attribute', array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Add Attachment', array('controller' => 'attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Populate event from IOC', array('controller' => 'events', 'action' => 'addIOC', $event['Event']['id']));?> </li>
<li><a href="/attributes/add/<?php echo $event['Event']['id'];?>">Add Attribute</a></li>
<li><a href="/attributes/add_attachment/<?php echo $event['Event']['id'];?>">Add Attachment</a></li>
<li><a href="/events/addIOC/<?php echo $event['Event']['id'];?>">Populate from IOC</a></li>
<?php else: ?>
<li><?php echo $this->Html->link('Propose Attribute', array('controller' => 'shadow_attributes', 'action' => 'add', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link('Propose Attachment', array('controller' => 'shadow_attributes', 'action' => 'add_attachment', $event['Event']['id']));?> </li>
<li><a href="/shadow_attributes/add/<?php echo $event['Event']['id'];?>">Propose Attribute</a></li>
<li><a href="/shadow_attributes/add_attachment/<?php echo $event['Event']['id'];?>">Propose Attachment</a></li>
<?php endif; ?>
<li class="divider"></li>
<?php if ( 0 == $event['Event']['published'] && ($isAdmin || $mayPublish)): ?>
@ -23,21 +23,19 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
<?php else: ?>
<!-- ul><li>Alert already sent</li></ul -->
<?php endif; ?>
<li><?php echo $this->Html->link(__('Contact reporter', true), array('action' => 'contact', $event['Event']['id'])); ?> </li>
<li><?php echo $this->Html->link(__('Download as XML', true), array('action' => 'xml', 'download', $event['Event']['id'])); ?></li>
<li><?php echo $this->Html->link(__('Download as IOC', true), array('action' => 'downloadOpenIOCEvent', $event['Event']['id'])); ?> </li>
<li><a href="/events/contact/<?php echo $event['Event']['id'];?>">Contact Reporter</a></li>
<li><a href="/events/xml/download/<?php echo $event['Event']['id'];?>">Download as XML</a></li>
<li><a href="/events/downloadOpenIOCEvent/<?php echo $event['Event']['id'];?>">Download as IOC</a></li>
<li class="divider"></li>
<li><?php echo $this->Html->link('List Events', array('controller' => 'events', 'action' => 'index')); ?></li>
<li><a href="/events/index">List Events</a></li>
<?php if ($isAclAdd): ?>
<li><?php echo $this->Html->link('Add Event', array('controller' => 'events', 'action' => 'add')); ?></li>
<li><a href="/events/add">Add Event</a></li>
<?php endif; ?>
</ul>
</div>
<div class="events view" style="width:83%">
<div class="events view">
<?php
if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin) {
@ -84,12 +82,12 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
<?php echo h($event['Event']['date']); ?>
&nbsp;
</dd>
<dt<?php echo ' title="' . $eventDescriptions['risk']['desc'] . '"';?>>Risk</dt>
<dt title="<?php echo $eventDescriptions['risk']['desc'];?>">Risk</dt>
<dd>
<?php echo h($event['Event']['risk']); ?>
&nbsp;
</dd>
<dt<?php echo ' title="' . $eventDescriptions['analysis']['desc'] . '"';?>>Analysis</dt>
<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>">Analysis</dt>
<dd>
<?php echo h($analysisLevels[$event['Event']['analysis']]); ?>
&nbsp;
@ -105,7 +103,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
&nbsp;
</dd>
<dt>Published</dt>
<dd style = "color: red;">
<dd style="color: red;">
<b><?php echo ($event['Event']['published'] == 1 ? 'Yes' : 'No'); ?></b>
&nbsp;
</dd>
@ -155,16 +153,23 @@ if (!empty($event['Attribute'])):?>
if (count($attribute['ShadowAttribute'])) $extra .= 'highlight1';
?>
<tr>
<td class= "short <?php echo $extra; ?>" title="<?php if('' != $attribute['category']) echo $categoryDefinitions[$attribute['category']]['desc'];?>"><?php
if ($first) {
<?php if($first): ?>
<td class= "short <?php echo $extra; ?>" title="<?php if('' != $attribute['category']) echo $categoryDefinitions[$attribute['category']]['desc'];?>">
<?php
if ('' == $attribute['category']) echo '(no category)';
echo h($attribute['category']);
} else {
echo '&nbsp;';
}?></td>
<td class="short <?php echo $extra; ?>" title="<?php
echo $typeDefinitions[$attribute['type']]['desc'];?>"><?php
echo h($attribute['type']);?></td>
else echo h($attribute['category']);
?>
</td>
<?php else: ?>
<td class= "short <?php echo $extra; ?>">
&nbsp;
</td>
<?php endif; ?>
<td class="short <?php echo $extra; ?>" title="<?php echo $typeDefinitions[$attribute['type']]['desc'];?>">
<?php echo h($attribute['type']);?>
</td>
<td class="<?php echo $extra; ?>"><?php
$sigDisplay = $attribute['value'];
if ('attachment' == $attribute['type'] || 'malware-sample' == $attribute['type'] ) {
@ -371,3 +376,13 @@ if (!empty($event['Attribute'])):?>
endif; ?>
</div>
</div>
<script type="text/javascript">
// tooltips
$(document).ready(function () {
$("th, td, dt, div, span").tooltip({
'placement': 'top',
'container' : 'body',
delay: { show: 500, hide: 100 }
});
});
</script>

9
app/View/Helper/AppHelper.php
View File

@ -20,7 +20,9 @@
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
*/
App::uses('Helper', 'View');
App::uses('UrlCacheAppHelper', 'UrlCache.View/Helper');
/**
* Application helper
@ -30,12 +32,13 @@ App::uses('Helper', 'View');
*
* @package app.View.Helper
*/
class AppHelper extends Helper {
class AppHelper extends UrlCacheAppHelper {
public function url($url = null, $full = false) {
if (is_array($url) && !isset($url['admin'])) {
$url['admin'] = false;
}
return parent::url($url, $full);
return parent::url($url, $full);
}
}

7
app/webroot/css/main.css
View File

@ -83,6 +83,13 @@ ul.nav li.dropdown:hover ul.dropdown-menu{
display: block;
}
th.filter {
white-space:nowrap;
}
th.filter a {
cursor: pointer;
}
td.searchLabel{
opacity: 50;
height: 20px;