MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

First commit of the event view ajaxification 

- pagination of the attribute index within the event view
- add attributes in a pop-up window
- instantly refresh attributes
pull/274/head
iglocska 2014-03-24 16:33:40 +01:00
parent 13552eb203
commit 705964a556
9 changed files with 405 additions and 359 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Config/routes.php
View File

@ -55,6 +55,9 @@
Router::mapResources(array('events', 'attributes'));
Router::parseExtensions('xml', 'json');
Router::connectNamed(
array('attributesPage' => array('controller' => 'events', 'action' => 'view'))
);
/**
* Load all plugin routes. See the CakePlugin documentation on
* how to customize the loading of plugin routes.

6
app/Console/Command/EventShell.php
View File

@ -136,11 +136,13 @@ class EventShell extends AppShell
$id = $this->args[2];
$this->Job->id = $id;
$extra = $this->args[3];
if ($extra == 'csv_all') $ignore = 1;
else $ignore = 0;
$eventIds = $this->Event->fetchEventIds($org, $isSiteAdmin);
$eventCount = count($eventIds);
$attributes[] = array();
foreach ($eventIds as $k => $eventId) {
$attributes = array_merge($this->Event->csv($org, $isSiteAdmin, $eventId['Event']['id'], $extra), $attributes);
$attributes = array_merge($this->Event->csv($org, $isSiteAdmin, $eventId['Event']['id'], $ignore), $attributes);
if ($k % 10 == 0) {
$this->Job->saveField('progress', $k / $eventCount * 80);
}
@ -160,7 +162,7 @@ class EventShell extends AppShell
$file = new File($dir->pwd() . DS . 'misp.' . $extra . '.' . $org . '.csv');
}
$file->write('');
foreach ($final as $line) {
foreach ($final as $k => $line) {
$file->append($line . PHP_EOL);
}
$file->close();

13
app/Controller/AttributesController.php
View File

@ -25,6 +25,7 @@ class AttributesController extends AppController {
$this->Auth->allow('restSearch');
$this->Auth->allow('returnAttributes');
$this->Auth->allow('downloadAttachment');
$this->Auth->allow('text');
// permit reuse of CSRF tokens on the search page.
if ('search' == $this->request->params['action']) {
@ -99,7 +100,10 @@ class AttributesController extends AppController {
if (!$this->userRole['perm_add']) {
throw new MethodNotAllowedException('You don\'t have permissions to create attributes');
}
if ($this->request->is('ajax')) $this->set('ajax', true);
else $this->set('ajax', false);
if ($this->request->is('post')) {
if ($this->request->is('ajax')) $this->autoRender = false;
$this->loadModel('Event');
$date = new DateTime();
// Give error if someone tried to submit a attribute with attachment or malware-sample type.
@ -204,6 +208,9 @@ class AttributesController extends AppController {
// REST users want to see the newly created attribute
$this->view($this->Attribute->getId());
$this->render('view');
} elseif ($this->request->is('ajax')) {
$this->autoRender = false;
return new CakeResponse(array('body'=> json_encode('saved'),'status'=>200));
} else {
// inform the user and redirect
$this->Session->setFlash(__('The attribute has been saved'));
@ -214,6 +221,9 @@ class AttributesController extends AppController {
// REST users want to see the failed attribute
$this->view($savedId);
$this->render('view');
} elseif ($this->request->is('ajax')) {
$this->autoRender = false;
return new CakeResponse(array('body'=> json_encode($this->Attribute->validationErrors),'status'=>200));
} else {
if (!CakeSession::read('Message.flash')) {
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
@ -237,6 +247,7 @@ class AttributesController extends AppController {
$this->set('categories', compact('categories'));
$this->loadModel('Event');
$events = $this->Event->findById($eventId);
$this->set('event_id', $events['Event']['id']);
// combobox for distribution
$this->set('distributionLevels', $this->Attribute->distributionLevels);
$this->set('currentDist', $events['Event']['distribution']); // TODO default distribution
@ -1228,7 +1239,7 @@ class AttributesController extends AppController {
array_push($conditions['AND'], $subcondition);
}
// If we sent any tags along, load the associated tag names for each attribute
if ($tags !== '') {
if ($tags) {
$args = $this->Attribute->dissectArgs($tags);
$this->loadModel('Tag');
$tagArray = $this->Tag->fetchEventTagIds($args[0], $args[1]);

70
app/Controller/EventsController.php
View File

@ -202,6 +202,14 @@ class EventsController extends AppController {
*/
public function view($id = null, $continue=false, $fromEvent=null) {
if (isset($this->params['named']['attributesPage'])) $page = $this->params['named']['attributesPage'];
else {
if ($this->_isRest()) {
$page = 'all';
} else {
$page = 1;
}
}
// If the length of the id provided is 36 then it is most likely a Uuid - find the id of the event, change $id to it and proceed to read the event as if the ID was entered.
$perm_publish = $this->userRole['perm_publish'];
if (strlen($id) == 36) {
@ -226,7 +234,6 @@ class EventsController extends AppController {
}
}
}
$this->loadModel('Log');
$logEntries = $this->Log->find('all', array(
'conditions' => array('title LIKE' => '%Event (' . $id . ')%', 'org !=' => $results[0]['Event']['orgc'], 'model LIKE' => '%ShadowAttribute%'),
@ -255,13 +262,44 @@ class EventsController extends AppController {
$this->set('eventDescriptions', $this->Event->fieldDescriptions);
$this->set('attrDescriptions', $this->Attribute->fieldDescriptions);
$this->set('event', $result);
if (!$this->_isRest()) {
// modify event for attribute pagination
$eventArray = array();
$shadowAttributeTemp = array();
foreach ($this->Attribute->validate['category']['rule'][1] as $category) {
foreach ($result['Attribute'] as $attribute) {
if ($attribute['category'] == $category) {
$shadowAttributeTemp = $attribute['ShadowAttribute'];
$attribute['ShadowAttribute'] = null;
$attribute['objectType'] = 0;
$attribute['hasChildren'] = 0;
$eventArray[] = $attribute;
$current = count($eventArray)-1;
foreach ($shadowAttributeTemp as $shadowAttribute) {
$shadowAttribute['objectType'] = 1;
$eventArray[] = $shadowAttribute;
$eventArray[$current]['hasChildren'] = 1;
}
}
}
}
foreach ($result['ShadowAttribute'] as $shadowAttribute) {
$shadowAttribute['objectType'] = 2;
$eventArray[] = $shadowAttribute;
}
$this->set('objectCount', count($eventArray));
if ($page == 'all') $this->set('eventArray', $eventArray);
else {
$this->set('eventArray', array_splice($eventArray, (($page-1)*50), 50));
}
}
if(isset($result['ShadowAttribute'])) {
$this->set('remaining', $result['ShadowAttribute']);
}
$this->set('relatedEvents', $result['RelatedEvent']);
$this->set('categories', $this->Attribute->validate['category']['rule'][1]);
// passing type and category definitions (explanations)
$this->set('typeDefinitions', $this->Attribute->typeDefinitions);
$this->set('categoryDefinitions', $this->Attribute->categoryDefinitions);
@ -292,6 +330,19 @@ class EventsController extends AppController {
$this->set('currentEvent', $id);
$this->set('allPivots', $this->Session->read('pivot_thread'));
// set the types + categories for the attribute add/edit ajax overlays
$categories = $this->Attribute->validate['category']['rule'][1];
array_pop($categories);
$categories = $this->_arrayToValuesIndexArray($categories);
$this->set('categories', compact('categories'));
$types = array_keys($this->Attribute->typeDefinitions);
$types = $this->_arrayToValuesIndexArray($types);
$this->set('types', $types);
$this->set('categoryDefinitions', $this->Event->Attribute->categoryDefinitions);
$this->request->data['Attribute']['event_id'] = $id;
// Show the discussion
$this->loadModel('Thread');
$params = array('conditions' => array('event_id' => $id),
@ -339,7 +390,14 @@ class EventsController extends AppController {
if ($this->request->is('ajax')) {
$this->disableCache();
$this->layout = 'ajax';
$this->render('/Elements/eventdiscussion');
if (!isset($this->params['named']['attributesPage'])) {
$this->render('/Elements/eventdiscussion');
} else {
$this->set('page', $this->params['named']['attributesPage']);
$this->render('/Elements/eventattribute');
}
} else {
$this->set('page', $page);
}
$pivot = $this->Session->read('pivot_thread');
$this->__arrangePivotVertical($pivot);
@ -367,6 +425,10 @@ class EventsController extends AppController {
}
$this->set('currentEvent', $id);
}
private function __view() {
}
private function __startPivoting($id, $info, $date){
$this->Session->write('pivot_thread', null);

2
app/Model/Event.php
View File

@ -994,7 +994,7 @@ class Event extends AppModel {
}
//restricting to non-private or same org if the user is not a site-admin.
if ($ignore == 0) {
$conditions['AND'][] = array('Attribute.to_ids =' => 1);
$conditions['AND'][] = array('Attribute.to_ids' => 1);
}
if ($type!=null) {

281
app/View/Attributes/add.ctp
View File

@ -1,69 +1,146 @@
<div class="attributes form">
<?php echo $this->Form->create('Attribute');?>
<div class="attributes <? if (!$ajax) echo 'form';?>">
<?php echo $this->Form->create('Attribute', array('id'));?>
<fieldset>
<legend><?php echo __('Add Attribute'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'empty' => '(choose one)'
));
echo $this->Form->input('type', array(
'empty' => '(first choose category)'
));
if ('true' == Configure::read('MISP.sync')) {
$initialDistribution = 3;
if (Configure::read('MISP.default_attribute_distribution') != null) {
if (Configure::read('MISP.default_attribute_distribution') === 'event') {
$initialDistribution = $currentDist;
} else {
$initialDistribution = Configure::read('MISP.default_attribute_distribution');
<div class="add_attribute_fields">
<div style="width:200px" id="formError"></div>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('category', array(
'empty' => '(choose one)'
));
echo $this->Form->input('type', array(
'empty' => '(first choose category)'
));
if ('true' == Configure::read('MISP.sync')) {
$initialDistribution = 3;
if (Configure::read('MISP.default_attribute_distribution') != null) {
if (Configure::read('MISP.default_attribute_distribution') === 'event') {
$initialDistribution = $currentDist;
} else {
$initialDistribution = Configure::read('MISP.default_attribute_distribution');
}
}
echo $this->Form->input('distribution', array(
'options' => array($distributionLevels),
'label' => 'Distribution',
'selected' => $initialDistribution,
));
}
echo $this->Form->input('distribution', array(
'options' => array($distributionLevels),
'label' => 'Distribution',
'selected' => $initialDistribution,
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
}
echo $this->Form->input('value', array(
'type' => 'textarea',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
echo $this->Form->input('comment', array(
'type' => 'text',
'label' => 'Contextual Comment',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('to_ids', array(
'checked' => false,
'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
'label' => 'for Intrusion Detection System',
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'data-content' => 'Create multiple attributes one per line',
));
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
echo $this->Form->input('comment', array(
'type' => 'text',
'label' => 'Contextual Comment',
'error' => array('escape' => false),
'div' => 'input clear',
'class' => 'input-xxlarge'
));
?>
<div class="input clear"></div>
<?php
echo $this->Form->input('to_ids', array(
'checked' => false,
'data-content' => isset($attrDescriptions['signature']['formdesc']) ? $attrDescriptions['signature']['formdesc'] : $attrDescriptions['signature']['desc'],
'label' => 'for Intrusion Detection System',
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'data-content' => 'Create multiple attributes one per line',
));
// link an onchange event to the form elements
$this->Js->get('#AttributeCategory')->event('change', 'formCategoryChanged("#AttributeCategory")');
?>
</div>
</fieldset>
<p style="color:red;font-weight:bold;display:none;" id="warning-message">Warning: You are about to share data that is of a classified nature (Attribution / targeting data). Make sure that you are authorised to share this.</p>
<?php
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
<?php if ($ajax): ?>
<div class="overlay_spacing">
<table>
<tr>
<td style="vertical-align:top">
<span id="submitButton" class="btn btn-primary" onClick="submitForm()">Submit</span>
<?php
//echo $this->Form->button('Submit', array('class' => 'btn btn-primary', 'id' => 'submit-button'));
//($this->Js->get('#attributes_add_form')->serializeForm(array('isForm' => true, 'inline' => true)));
/*
echo $this->Js->submit('Submit', array(
'class'=>'btn btn-primary',
'url' => '/attributes/add/' . $event_id,
'success' => "handleAjaxResponse(data);",
'complete' => $this->Js->request(
array(
'controller' => 'events',
'action' => 'view',
$event_id,
'attributesPage:1'
),
array(
'update' => '#attributes_div',
'before' => '$(".loading").show();',
'success' => '$(".loading").hide();',
)
),
)
);
*/
/*
echo $this->Js->submit('Submit', array(
'complete'=> $this->Js->request(
array('controller' => 'events', 'action' => 'view', $event_id, 'attributesPage:1'),
array(
'update' => '#attributes_div',
'before' => '$(".loading").show();',
'success' => '$(".loading").hide();',
{
$("#gray_out").hide();
$("#attribute_add_form").hide();
$(".loading").hide();
}',
//'success' => 'ajaxResponse(data);',
)
),
'class'=>'btn btn-primary',
//'success' => 'submitResponse(data);',
'success' => "function(data) {
alert(data);
}",
'url' => '/attributes/add/' . $event_id,
//'update' => '#attribute_add_form'
));
*/
?>
</td>
<td style="width:540px;">
<p style="color:red;font-weight:bold;display:none;text-align:center" id="warning-message">Warning: You are about to share data that is of a classified nature (Attribution / targeting data). Make sure that you are authorised to share this.</p>
</td>
<td style="vertical-align:top;">
<span class="btn btn-inverse" id="cancel_attribute_add">Cancel</span>
</td>
</tr>
</table>
</div>
<?php
else:
echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
endif;
echo $this->Form->end();
?>
</div>
<?php
$event['Event']['id'] = $this->request->data['Attribute']['event_id'];
$event['Event']['published'] = $published;
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'addAttribute', 'event' => $event));
if(!$ajax) {
$event['Event']['id'] = $this->request->data['Attribute']['event_id'];
$event['Event']['published'] = $published;
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'addAttribute', 'event' => $event));
}
?>
<script type="text/javascript">
@ -100,6 +177,7 @@ function formCategoryChanged(id) {
// Generate tooltip information
//
var formInfoValues = new Array();
var fieldsArrayAttribute = new Array('AttributeCategory', 'AttributeType', 'AttributeDistribution', 'AttributeValue', 'AttributeComment', 'AttributeToIds', 'AttributeBatchImport');
<?php
foreach ($typeDefinitions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
@ -122,8 +200,9 @@ $(document).ready(function() {
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({
trigger: 'manual',
trigger: 'focus',
placement: 'right',
container: 'body',
content: formInfoValues[$e.val()],
}).popover('show');
}
@ -139,6 +218,7 @@ $(document).ready(function() {
$('#'+e.currentTarget.id).popover({
trigger: 'focus',
placement: 'right',
container: 'body',
}).popover('show');
// $('#'+e.currentTarget.id).on('mouseleave', $('#'+e.currentTarget.id).popover('destroy');
//$('#'+e.currentTarget.id).on('mouseout', $('#'+e.currentTarget.id).popover('destroy'));
@ -162,9 +242,96 @@ $(document).ready(function() {
$('#'+e.currentTarget.id).popover({
trigger: 'focus',
placement: 'right',
container: 'body',
content: formInfoValues[$e.val()],
}).popover('show');
});
<?php if ($ajax): ?>
$('#cancel_attribute_add').click(function() {
$('#gray_out').hide();
$('#attribute_add_form').hide();
});
<?php endif; ?>
});
// Submit button should post the form results to the add action and check the response
function submitForm() {
$.ajax({
data: $("#submitButton").closest("form").serialize(),
success:function (data, textStatus) {
handleAjaxResponse(data);
},
type:"post",
url:"/attributes/add/<?php echo $event_id; ?>"
});
};
function handleAjaxResponse(response) {
if (response === "\"saved\"") {
$("#gray_out").hide();
$("#attribute_add_form").hide();
updateAttributeIndexOnSuccess();
} else {
var savedArray = saveValuesForPersistance();
$.ajax({
async:true,
dataType:"html",
success:function (data, textStatus) {
$("#attribute_add_form").html(data);
responseArray = JSON.parse(response);
handleValidationErrors(responseArray);
//$("#formError").html(responseArray['value']);
recoverValuesFromPersistance(savedArray);
},
url:"/attributes/add/<?php echo $event_id; ?>"
});
//$.get("/attributes/add/<?php //echo $event_id; ?>", function(data) {
//$("#attribute_add_form").html(data);
//responseArray = JSON.parse(response);
//});
}
}
function updateAttributeIndexOnSuccess() {
$.ajax({
beforeSend: function (XMLHttpRequest) {
$(".loading").show();
},
dataType:"html",
success:function (data, textStatus) {
$(".loading").hide();
$("#attributes_div").html(data);
},
url:"/events/view/<?php echo $event_id; ?>/attributesPage:1"
});
}
// before we update the form (in case the action failed), we want to retrieve the data from every field, so that we can set the fields in the new form that we fetch
function saveValuesForPersistance() {
var formPersistanceArray = new Array();
for (i = 0; i < fieldsArrayAttribute.length; i++) {
formPersistanceArray[fieldsArrayAttribute[i]] = document.getElementById(fieldsArrayAttribute[i]).value;
}
return formPersistanceArray;
}
function recoverValuesFromPersistance(formPersistanceArray) {
for (i = 0; i < fieldsArrayAttribute.length; i++) {
document.getElementById(fieldsArrayAttribute[i]).value = formPersistanceArray[fieldsArrayAttribute[i]];
}
}
function handleValidationErrors(responseArray) {
for (var k in responseArray) {
var elementName = k.charAt(0).toUpperCase() + k.slice(1);
$("#Attribute" + elementName).parent().addClass("error");
$("#Attribute" + elementName).parent().append("<div class=\"error-message\">" + responseArray[k] + "</div>");
}
}
</script>
<?php echo $this->Js->writeBuffer(); // Write cached scripts

323
app/View/Events/view.ctp
View File

@ -5,7 +5,6 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
<?php
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'viewEvent', 'mayModify' => $mayModify, 'mayPublish' => $mayPublish));
?>
<div class="events view">
<?php
if ('true' == Configure::read('MISP.showorg') || $isAdmin) {
@ -201,298 +200,36 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
<div id="pivots_div">
<?php if (sizeOf($allPivots) > 1) echo $this->element('pivot'); ?>
</div>
<div id="attributes_div">
<?php
if (!empty($event['Attribute']) || !empty($remaining)):?>
<table class="table table-striped table-condensed">
<tr>
<th>Date</th>
<th>Category</th>
<th>Type</th>
<th>Value</th>
<th>Comment</th>
<th>Related Events</th>
<th title="<?php echo $attrDescriptions['signature']['desc'];?>">IDS</th>
<th title="<?php echo $attrDescriptions['distribution']['desc'];?>">Distribution</th>
<th class="actions">Actions</th>
</tr><?php
foreach ($categories as $category):
$first = 1;
foreach ($event['Attribute'] as $attribute):
$extra = "";
if ($attribute['category'] != $category) continue;
if (count($attribute['ShadowAttribute'])) $extra .= 'highlight1';
<div id="create_object_div">
<button id="create-button" class="btn btn-inverse">Add Attribute</button>
<?php
$this->Js->get('#create-button')->event(
'click',
$this->Js->request(
array('controller' => 'attributes', 'action' => 'add', $event['Event']['id']),
array(
'before' => '$("#gray_out").show();$("#attribute_add_form").show();',
'update' => '#attribute_add_form',
'async' => true,
)));
?>
<tr>
<td class= "short <?php echo $extra; ?>">
<?php
if (isset($attribute['timestamp'])) echo date('Y-m-d', $attribute['timestamp']);
else echo '&nbsp';
?>
</td>
<?php if($first): ?>
<td class= "short <?php echo $extra; ?>" title="<?php if('' != $attribute['category']) echo $categoryDefinitions[$attribute['category']]['desc'];?>">
<?php
if ('' == $attribute['category']) echo '(no category)';
else echo h($attribute['category']);
?>
</td>
<?php else: ?>
<td class= "short <?php echo $extra; ?>">
&nbsp;
</td>
<?php endif; ?>
<td class="short <?php echo $extra; ?>" title="<?php echo $typeDefinitions[$attribute['type']]['desc'];?>">
<?php echo h($attribute['type']);?>
</td>
<td class="showspaces <?php echo $extra; ?>"><?php $sigDisplay = $attribute['value'];
if ('attachment' == $attribute['type'] || 'malware-sample' == $attribute['type'] ) {
$filenameHash = explode('|', nl2br(h($attribute['value'])));
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo h($filepath);
echo $this->Html->link($filename, array('controller' => 'attributes', 'action' => 'download', $attribute['id']));
} else {
echo $this->Html->link($filenameHash[0], array('controller' => 'attributes', 'action' => 'download', $attribute['id']));
}
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif (strpos($attribute['type'], '|') !== false) {
$filenameHash = explode('|', $attribute['value']);
echo h($filenameHash[0]);
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif ('vulnerability' == $attribute['type']) {
if (! is_null(Configure::read('MISP.cveurl'))) {
$cveUrl = Configure::read('MISP.cveurl');
} else {
$cveUrl = "http://www.google.com/search?q=";
}
echo $this->Html->link(h($sigDisplay), h($cveUrl) . h($sigDisplay), array('target' => '_blank'));
} elseif ('link' == $attribute['type']) {
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
} else {
$sigDisplay = str_replace("\r", '', $sigDisplay);
echo nl2br(h($sigDisplay));
}
?>
</td>
<td class="showspaces bitwider <?php echo $extra; ?>"><?php echo h($attribute['comment']); ?></td>
<td class="shortish <?php echo $extra; ?>">
<?php
$first = 0;
?>
<ul class="inline" style="margin:0px;">
<?php
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
foreach ($relatedAttributes[$attribute['id']] as $relatedAttribute) {
echo '<li style="padding-right: 0px; padding-left:0px;" title ="' . h($relatedAttribute['info']) . '"><span>';
if ($relatedAttribute['org'] == $me['org']) {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array ('style' => 'color:red;'));
} else {
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']));
}
echo "</span></li>";
echo ' ';
}
}
?>
</ul>
</td>
<td class="short <?php echo $extra; ?>"><?php echo $attribute['to_ids'] ? 'Yes' : 'No';?></td>
<td class="short
<?php
echo $extra;
if ($attribute['distribution'] == 0) echo 'privateRedText';
?>
">
<?php echo $attribute['distribution'] != 3 ? $distributionLevels[$attribute['distribution']] : 'All';?>
</td>
<td class="short action-links
<?php echo $extra;?>
">
<?php
if ($isSiteAdmin || $mayModify) {
echo $this->Html->link('', array('controller' => 'attributes', 'action' => 'edit', $attribute['id']), array('class' => 'icon-edit', 'title' => 'Edit'));
echo $this->Form->postLink('', array('controller' => 'attributes', 'action' => 'delete', $attribute['id']), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this attribute? Keep in mind that this will also delete this attribute on remote MISP instances.'));
} else {
echo $this->Html->link('', array('controller' => 'shadow_attributes', 'action' => 'edit', $attribute['id']), array('class' => 'icon-edit', 'title' => 'Propose Edit'));
}
?>
</td>
</tr>
<?php
// Create an entry for each shadow attribute right below the attribute that it proposes to edit
// $extra is used for extra style code added to cells that have a highlighting border around them.
$extra = null;
$extra = 'highlight2';
foreach ($attribute['ShadowAttribute'] as $shadowAttribute): ?>
<tr class="highlight2">
<td class= "short <?php echo $extra; ?>">&nbsp</td>
<td class="short highlight2" title="
<?php if('' != $shadowAttribute['category']) echo $categoryDefinitions[$shadowAttribute['category']]['desc'];?>
">
<?php
if ($shadowAttribute['category'] != $attribute['category']) echo h($shadowAttribute['category']);
?>
</td>
<td class="short highlight2" title="
<?php
echo $typeDefinitions[$shadowAttribute['type']]['desc'];
?>
">
<?php
if ($shadowAttribute['type'] != $attribute['type']) echo h($shadowAttribute['type']);
?>
</td>
<td class="showspaces highlight2"><?php
if ($shadowAttribute['value'] != $attribute['value']) {
$sigDisplay = $shadowAttribute['value'];
if ('attachment' == $shadowAttribute['type'] || 'malware-sample' == $shadowAttribute['type'] ) {
$filenameHash = explode('|', $shadowAttribute['value']);
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo $filepath;
echo $this->Html->link($filename, array('controller' => 'attributes', 'action' => 'download', $shadowAttribute['id']));
} else {
echo $this->Html->link($filenameHash[0], array('controller' => 'attributes', 'action' => 'download', $shadowAttribute['id']));
}
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif (strpos($shadowAttribute['type'], '|') !== false) {
$filenameHash = explode('|', $shadowAttribute['value']);
echo h($filenameHash[0]);
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif ('vulnerability' == $shadowAttribute['type']) {
echo $this->Html->link(h($sigDisplay), 'http://www.google.com/search?q=' . h($sigDisplay), array('target' => '_blank'));
} elseif ('link' == $shadowAttribute['type']) {
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
} else {
echo nl2br(h($sigDisplay));
}
}
?></td>
<td class="short highlight2">
<?php
echo h($shadowAttribute['comment']);
?>
</td>
<td class="short highlight2">
</td>
<td class="short highlight2">
<?php
if ($shadowAttribute['to_ids'] != $attribute['to_ids']) echo $shadowAttribute['to_ids'] ? 'Yes' : 'No';
?>
</td>
<td class="short highlight2"></td>
<td class="short action-links highlight2">
<?php
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin) {
echo $this->Form->postLink('', array('controller' => 'shadow_attributes', 'action' => 'accept', $shadowAttribute['id']), array('class' => 'icon-ok', 'title' => 'Accept'), 'Are you sure you want to accept this proposal?');
}
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin || ($shadowAttribute['org'] == $me['org'])) {
echo $this->Form->postLink('', array('controller' => 'shadow_attributes', 'action' => 'discard', $shadowAttribute['id']), array('class' => 'icon-trash', 'title' => 'Discard'), 'Are you sure you want to discard this proposal?');
}
?>
</td>
</tr>
<?php
endforeach;
endforeach;
endforeach;
// As a last step, attributes that have been proposed by users of other organisations to be added to an event are listed at the end
$first = true;
if (isset($remaining)):
foreach ($remaining as $remain):
$extra = 'highlight2';
if ($first) {
//$extra .= ' highlightTop';
$first = false;
}
//if ($remain === end($remaining)) $extra .= ' highlightBottom';
?>
<tr class="highlight2">
<td class= "short <?php echo $extra; ?>">
<?php
echo '&nbsp';
?>
</td>
<td class="highlight2" title="<?php if('' != $remain['category']) echo $categoryDefinitions[$remain['category']]['desc'];?>">
<?php
echo h($remain['category']);
?>
</td>
<td class="short highlight2" title="
<?php
echo $typeDefinitions[$remain['type']]['desc'];
?>
">
<?php
echo h($remain['type']);
?>
</td>
<td class="showspaces highlight2"><?php
$sigDisplay = nl2br(h($remain['value']));
if ('attachment' == $remain['type'] || 'malware-sample' == $remain['type'] ) {
$filenameHash = explode('|', $remain['value']);
if (strrpos($filenameHash[0], '\\')) {
$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
echo $filepath;
echo $this->Html->link($filename, array('controller' => 'shadow_attributes', 'action' => 'download', $remain['id']));
} else {
echo $this->Html->link($filenameHash[0], array('controller' => 'shadow_attributes', 'action' => 'download', $remain['id']));
}
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif (strpos($remain['type'], '|') !== false) {
$filenameHash = explode('|', $remain['value']);
echo h($filenameHash[0]);
if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
} elseif ('vulnerability' == $remain['type']) {
echo $this->Html->link(h($sigDisplay), 'http://www.google.com/search?q=' . h($sigDisplay), array('target' => '_blank'));
} elseif ('link' == $remain['type']) {
echo $this->Html->link(h($sigDisplay), h($sigDisplay));
} else {
echo nl2br(h($sigDisplay));
}
?></td>
<td class="short highlight2">
<?php
echo h($remain['comment']);
?>
</td>
<td class="short highlight2">
</td>
<td class="short highlight2">
<?php
echo $remain['to_ids'] ? 'Yes' : 'No';
?></td>
<td class="short highlight2"></td>
<td class="short action-links highlight2">
<?php
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin) {
echo $this->Form->postLink('', array('controller' => 'shadow_attributes', 'action' => 'accept', $remain['id']), array('class' => 'icon-ok', 'title' => 'Accept'), 'Are you sure you want to accept this proposal?');
}
if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin || ($remain['org'] == $me['org'])) {
echo $this->Form->postLink('', array('controller' => 'shadow_attributes', 'action' => 'discard', $remain['id']), array('class' => 'icon-trash', 'title' => 'Discard'), 'Are you sure you want to discard this proposal?');
}
?>
</td>
</tr>
<?php
endforeach;
endif;
?>
</table>
<?php
endif; ?>
</div>
<div id="discussions_div">
<?php
echo $this->element('eventdiscussion');
?>
</div>
</div>
<div id="attribute_add_form" class="attribute_add_form"></div>
<div id="attribute_creation_div" style="display:none;">
<?php
echo $this->element('eventattributecreation');
?>
</div>
<div id="attributes_div">
<?php
echo $this->element('eventattribute');
?>
</div>
<div id="discussions_div">
<?php
echo $this->element('eventdiscussion');
?>
</div>
</div>
<script type="text/javascript">
// tooltips
@ -539,6 +276,4 @@ $(document).ready(function () {
});
});
</script>

1
app/View/Layouts/default.ctp
View File

@ -30,6 +30,7 @@
<!--?php echo $scripts_for_layout; ?-->
</head>
<body>
<div id="gray_out" class="gray_out" style="display:none;"></div>
<div id="container">
<?php echo $this->element('global_menu');
if ($debugMode == 'debugOff') {

65
app/webroot/css/main.css
View File

@ -582,6 +582,7 @@ dd {
animation: rotation .6s infinite linear;
border:6px solid rgba(0,174,239,.15);
border-radius:100%;
z-index:15;
}
.spinner:before {
@ -597,6 +598,7 @@ dd {
border-bottom:6px solid transparent;
border-right:6px solid transparent;
border-radius:100%;
z-index:15;
}
.qet {
@ -675,6 +677,69 @@ a.proposal_link_red:hover {
padding-top:100px;
}
.attribute_creation {
width: 700px;
height: 420px;
top:150px;
left:calc(50% - 350px);
position: fixed;
background-color:#f4f4f4;
border-radius: 11px 11px 10px 10px;
box-shadow: 4px 4px 4px #333;
z-index:5;
}
.attribute_add_form {
display:none;
width: 700px;
top:150px;
left:calc(50% - 350px);
position: fixed;
background-color:#f4f4f4;
border-radius: 11px 11px 10px 10px;
box-shadow: 4px 4px 4px #333;
z-index:5;
}
.attribute_add_form legend {
border-radius: 10px 10px 0px 0px;
padding-left:10px;
width:690px;
background-color:black;
color:white;
}
.attribute_add_form form {
margin: 0 0 5px;
}
.overlay_spacing {
padding-left:10px !important;
}
.attribute_add_form .input-xxlarge {
width:665px;
}
.attribute_add_form textarea {
height:120px !important;
}
.attribute_add_form .add_attribute_fields {
padding-left:10px;
}
.gray_out {
display:none;
width: 100%;
height: 100%;
position: fixed;
opacity: 0.5;
filter: alpha(opacity=50);
background-color: #000;
z-index:4;
}
@-webkit-keyframes rotation {
from {-webkit-transform: rotate(0deg);}
to {-webkit-transform: rotate(359deg);}