diff --git a/PyMISP b/PyMISP index 05beec393..492cfba2d 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit 05beec393c5613c352dafdaeaf5dcf983bfb2d51 +Subproject commit 492cfba2d2ad015d3fcda6e16c221fdefd93eca2 diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 59afa2732..c7828fdce 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -34,7 +34,7 @@ class AppController extends Controller public $helpers = array('OrgImg', 'FontAwesome', 'UserName'); private $__queryVersion = '159'; - public $pyMispVersion = '2.4.184'; + public $pyMispVersion = '2.4.185'; public $phpmin = '7.2'; public $phprec = '7.4'; public $phptoonew = '8.0'; diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index ea9ba304c..99830885d 100644 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -2403,11 +2403,15 @@ class Attribute extends AppModel $timestamp[0] = $timestamp[1]; $timestamp[1] = $temp; } - $conditions['AND'][] = array($scope . ' >=' => $timestamp[0]); + if ($timestamp[0] != 0) { + $conditions['AND'][] = array($scope . ' >=' => $timestamp[0]); + } $conditions['AND'][] = array($scope . ' <=' => $timestamp[1]); } else { $timestamp = $this->resolveTimeDelta($timestamp); - $conditions['AND'][] = array($scope . ' >=' => $timestamp); + if ($timestamp !== 0) { + $conditions['AND'][] = array($scope . ' >=' => $timestamp); + } } if ($returnRaw) { return $timestamp; diff --git a/app/Model/Sighting.php b/app/Model/Sighting.php index 7384869b9..6f91868ba 100644 --- a/app/Model/Sighting.php +++ b/app/Model/Sighting.php @@ -1102,8 +1102,12 @@ class Sighting extends AppModel $conditions['Attribute.uuid'] = $filters['uuid']; $contain[] = 'Attribute'; } elseif ($filters['context'] === 'event') { - $conditions['Event.uuid'] = $filters['uuid']; - $contain[] = 'Event'; + $temp = $this->Event->find('column', [ + 'recursive' => -1, + 'fields' => ['Event.id'], + 'conditions' => ['Event.uuid IN' => $filters['uuid']] + ]); + $conditions['Sighting.event_id'] = empty($temp) ? -1 : $temp; } } @@ -1131,15 +1135,30 @@ class Sighting extends AppModel $tmpfile = new TmpFileTool(); $tmpfile->write($exportTool->header($exportToolParams)); $separator = $exportTool->separator($exportToolParams); - + // fetch sightings matching the query without ACL checks - $sightingIds = $this->find('column', [ - 'conditions' => $conditions, - 'fields' => ['Sighting.id'], - 'contain' => $contain, - 'order' => 'Sighting.id', - ]); - + if (!empty($conditions['Sighting.event_id']) && is_array($conditions['Sighting.event_id'])) { + $conditions_copy = $conditions; + $sightingIds = []; + foreach ($conditions['Sighting.event_id'] as $e_id) { + $conditions_copy['Sighting.event_id'] = $e_id; + $tempIds = $this->find('column', [ + 'conditions' => $conditions, + 'fields' => ['Sighting.id'], + 'contain' => $contain + ]); + if (!empty($tempIds)) { + $sightingIds = array_merge($sightingIds, $tempIds); + } + } + } else { + $sightingIds = $this->find('column', [ + 'conditions' => $conditions, + 'fields' => ['Sighting.id'], + 'contain' => $contain + ]); + } + foreach (array_chunk($sightingIds, 500) as $chunk) { // fetch sightings with ACL checks and sighting policies $sightings = $this->getSightings($user, $chunk, $includeEvent, $includeAttribute, $includeUuid); diff --git a/db_schema.json b/db_schema.json index e474a4f03..eddfd6cba 100644 --- a/db_schema.json +++ b/db_schema.json @@ -10548,4 +10548,4 @@ } }, "db_version": "122" -} \ No newline at end of file +} diff --git a/requirements.txt b/requirements.txt index 5953ff55d..1fbc05deb 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,7 @@ misp-lib-stix2>=3.0.1.1 mixbox>=1.0.5 plyara>=2.1.1 pydeep2>=0.5.1 -pymisp==2.4.184 +pymisp==2.4.185 python-magic>=0.4.27 pyzmq>=25.1.1 redis>=5.0.1