MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Preview Event implemented

pull/1050/head
Iglocska 2016-03-07 02:23:37 +01:00
parent 03e19f6db0
commit 7a20704f36
6 changed files with 355 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
app/Controller/FeedsController.php
View File

@ -145,25 +145,29 @@ class FeedsController extends AppController {
if (!$this->Feed->exists()) throw new NotFoundException('Invalid feed.');
$this->Feed->read();
$event = $this->Feed->downloadEventFromFeed($this->Feed->data, $eventUuid, $this->Auth->user());
$this->loadModel('Event');
$params = $this->Event->rearrangeEventForView($event, $this->passedArgs, $all);
$this->params->params['paging'] = array('Feed' => $params);
$this->set('event', $event);
$this->set('feed', $this->Feed->data);
$this->loadModel('Event');
$dataForView = array(
'Attribute' => array('attrDescriptions' => 'fieldDescriptions', 'distributionDescriptions' => 'distributionDescriptions', 'distributionLevels' => 'distributionLevels'),
'Event' => array('eventDescriptions' => 'fieldDescriptions', 'analysisLevels' => 'analysisLevels')
);
foreach ($dataForView as $m => $variables) {
if ($m === 'Event') $currentModel = $this->Event;
else if ($m === 'Attribute') $currentModel = $this->Event->Attribute;
foreach ($variables as $alias => $variable) {
$this->set($alias, $currentModel->{$variable});
if (is_array($event)) {
$this->loadModel('Event');
$params = $this->Event->rearrangeEventForView($event, $this->passedArgs, $all);
$this->params->params['paging'] = array('Feed' => $params);
$this->set('event', $event);
$this->set('feed', $this->Feed->data);
$this->loadModel('Event');
$dataForView = array(
'Attribute' => array('attrDescriptions' => 'fieldDescriptions', 'distributionDescriptions' => 'distributionDescriptions', 'distributionLevels' => 'distributionLevels'),
'Event' => array('eventDescriptions' => 'fieldDescriptions', 'analysisLevels' => 'analysisLevels')
);
foreach ($dataForView as $m => $variables) {
if ($m === 'Event') $currentModel = $this->Event;
else if ($m === 'Attribute') $currentModel = $this->Event->Attribute;
foreach ($variables as $alias => $variable) {
$this->set($alias, $currentModel->{$variable});
}
}
$threat_levels = $this->Event->ThreatLevel->find('all');
$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
} else {
if ($event === 'blocked') throw new MethodNotAllowedException('This event is blocked by the Feed filters.');
else throw new NotFoundException('Could not download the selected Event');
}
$threat_levels = $this->Event->ThreatLevel->find('all');
$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
$this->render('/Servers/preview_event');
}
}

14
app/Model/Event.php
View File

@ -2633,7 +2633,7 @@ class Event extends AppModel {
$correlatedShadowAttributes = isset($event['RelatedShadowAttribute']) ? array_keys($event['RelatedShadowAttribute']) : array();
foreach ($event['Attribute'] as $attribute) {
if ($filterType && $filterType !== 'proposal' && $filterType !== 'correlation') if (!in_array($attribute['type'], $this->Attribute->typeGroupings[$filterType])) continue;
if ($attribute['distribution'] != 4) unset ($attribute['SharingGroup']);
if (isset($attribute['distribution']) && $attribute['distribution'] != 4) unset ($attribute['SharingGroup']);
$attribute['objectType'] = 0;
if (!empty($attribute['ShadowAttribute'])) $attribute['hasChildren'] = 1;
else $attribute['hasChildren'] = 0;
@ -2643,11 +2643,13 @@ class Event extends AppModel {
$current = count($eventArray)-1;
}
unset($event['Attribute']);
foreach ($event['ShadowAttribute'] as $shadowAttribute) {
if ($filterType === 'correlation' && !in_array($shadowAttribute['id'], $correlatedShadowAttributes)) continue;
if ($filterType && $filterType !== 'proposal' && $filterType !== 'correlation') if (!in_array($attribute['type'], $this->Attribute->typeGroupings[$filterType])) continue;
$shadowAttribute['objectType'] = 2;
$eventArray[] = $shadowAttribute;
if (isset($event['ShadowAttribute'])) {
foreach ($event['ShadowAttribute'] as $shadowAttribute) {
if ($filterType === 'correlation' && !in_array($shadowAttribute['id'], $correlatedShadowAttributes)) continue;
if ($filterType && $filterType !== 'proposal' && $filterType !== 'correlation') if (!in_array($attribute['type'], $this->Attribute->typeGroupings[$filterType])) continue;
$shadowAttribute['objectType'] = 2;
$eventArray[] = $shadowAttribute;
}
}
unset($event['ShadowAttribute']);
App::uses('CustomPaginationTool', 'Tools');

48
app/Model/Feed.php
View File

@ -64,7 +64,13 @@ class Feed extends AppModel {
$request = $this->__createFeedRequest();
$uri = $feed['Feed']['url'] . '/manifest.json';
$response = $HttpSocket->get($uri, '', $request);
return json_decode($response->body, true);
try {
$events = json_decode($response->body, true);
} catch (Exception $e) {
return false;
}
$events = $this->__filterEventsIndex($events, $feed);
return $events;
}
public function downloadFromFeed($actions, $feed, $HttpSocket, $user) {
@ -135,6 +141,46 @@ class Feed extends AppModel {
return true;
}
private function __filterEventsIndex($events, $feed) {
$filterRules = array();
if (isset($feed['Feed']['rules']) && !empty($feed['Feed']['rules'])) {
$filterRules = json_decode($feed['Feed']['rules'], true);
}
foreach ($events as $k => &$event) {
if (isset($filterRules['orgs']['OR']) && !empty($filterRules['orgs']['OR']) && !in_array($event['Orgc']['name'], $filterRules['orgs']['OR'])) {
unset($events[$k]);
continue;
}
if (isset($filterRules['orgs']['NO']) && !empty($filterRules['orgs']['NOT']) && in_array($event['Orgc']['name'], $filterRules['orgs']['OR'])) {
unset($events[$k]);
continue;
}
if (isset($filterRules['tags']['OR']) && !empty($filterRules['tags']['OR'])) {
if (!isset($event['Tag']) || empty($event['Tag'])) unset($events[$k]);
$found = false;
foreach ($event['Tag'] as &$tag) {
foreach ($filterRules['tags']['OR'] as $filterTag) if (strpos(strtolower($filterTag), $tag)) $found = true;
}
if (!$found) {
unset($k);
continue;
}
}
if (isset($filterRules['tags']['NOT']) && !empty($filterRules['tags']['NOT'])) {
if (isset($event['Tag']) && !empty($event['Tag'])) {
$found = false;
foreach ($event['Tag'] as &$tag) {
foreach ($filterRules['tags']['NOT'] as $filterTag) if (strpos(strtolower($filterTag), $tag)) $found = true;
}
if ($found) {
unset($k);
}
}
}
}
return $events;
}
public function downloadEventFromFeed($feed, $uuid, $user) {
$HttpSocket = $this->__setupHttpSocket($feed);
$request = $this->__createFeedRequest();

6
app/View/Elements/side_menu.ctp
View File

@ -299,7 +299,11 @@
<li id='liadd'><a href="<?php echo $baseurl;?>/feeds/add">Add Feed</a></li>
<?php if ($menuItem === 'edit'): ?>
<li class="active"><a href="#">Edit Feed</a></li>
<?php endif;
<?php elseif ($menuItem === 'previewIndex'): ?>
<li id='lipreviewIndex'><a href="<?php echo $baseurl;?>/feeds/previewIndex/<?php echo h($feed['Feed']['id']); ?>">PreviewIndex</a></li>
<?php elseif ($menuItem === 'previewEvent'): ?>
<li id='lipreviewEvent'><a href="<?php echo $baseurl;?>/feeds/previewEvent/<?php echo h($feed['Feed']['id']); ?>/<?php echo h($id);?>">PreviewEvent</a></li>
<?php endif;
break;
}
?>

184
app/View/Feeds/preview_event.ctp Normal file
View File

@ -0,0 +1,184 @@
<div class="events view">
<?php
$title = $event['Event']['info'];
if (strlen($title) > 58) $title = substr($title, 0, 55) . '...';
?>
<h4 class="visibleDL notPublished" >You are currently viewing an event from a feed (<?php echo h($feed['Feed']['name']); ?> by <?php echo h($feed['Feed']['provider']); ?>)</h4>
<div class="row-fluid">
<div class="span8">
<h2><?php echo nl2br(h($title)); ?></h2>
<dl>
<dt>Uuid</dt>
<dd><?php echo h($event['Event']['uuid']); ?></dd>
<dt><?php echo Configure::read('MISP.showorgalternate') ? 'Source Organisation' : 'Org'?></dt>
<dd><?php echo h($event['Orgc']['name']); ?></dd>
<?php if (Configure::read('MISP.tagging')): ?>
<dt>Tags</dt>
<dd class="eventTagContainer">
<?php if (!empty($event['Tag'])) foreach ($event['Tag'] as $tag): ?>
<span style="padding-right:0px;">
<a href="#" class="tagFirstHalf" style="background-color:<?php echo h($tag['colour']); ?>"><?php echo h($tag['name']); ?></a>
</span>
<?php endforeach; ?>&nbsp;
</dd>
<?php endif; ?>
<dt>Date</dt>
<dd>
<?php echo h($event['Event']['date']); ?>
&nbsp;
</dd>
<dt title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>">Threat Level</dt>
<dd>
<?php
echo h($threatLevels[$event['Event']['threat_level_id']]);
?>
&nbsp;
</dd>
<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>">Analysis</dt>
<dd>
<?php echo h($analysisLevels[$event['Event']['analysis']]); ?>
&nbsp;
</dd>
<dt>Description</dt>
<dd style="word-wrap: break-word;">
<?php echo nl2br(h($event['Event']['info'])); ?>
&nbsp;
</dd>
<?php
$published = '';
$notPublished = 'style="display:none;"';
if ($event['Event']['published'] == 0) {
$published = 'style="display:none;"';
$notPublished = '';
}
?>
<dt class="published" <?php echo $published;?>>Published</dt>
<dd class="published green" <?php echo $published;?>>Yes</dd>
<?php
if ($isAclPublish) :
?>
<dt class="visibleDL notPublished" <?php echo $notPublished;?>>Published</dt>
<dd class="visibleDL notPublished" <?php echo $notPublished;?>>No</dd>
<?php
else:
?>
<dt class="notPublished" <?php echo $notPublished;?>>Published</dt>
<dd class="notPublished red" <?php echo $notPublished;?>>No</dd>
<?php endif; ?>
</dl>
</div>
<?php if (!empty($event['RelatedEvent'])):?>
<div class="related span4">
<h3>Related Events</h3>
<ul class="inline">
<?php foreach ($event['RelatedEvent'] as $relatedEvent): ?>
<li>
<div title="<?php echo h($relatedEvent['Event'][0]['info']); ?>">
<a href = "<?php echo '/servers/previewEvent/' . $server['Server']['id'] . '/' . $relatedEvent['Event'][0]['id']; ?>"><?php echo h($relatedEvent['Event'][0]['date']) . ' (' . h($relatedEvent['Event'][0]['id']) . ')'; ?></a>
</div></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
</div>
<br />
<div id="attributes_div">
<?php
$all = false;
if (isset($this->params->params['paging']['Event']['page']) && $this->params->params['paging']['Event']['page'] == 0) $all = true;
?>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'url' => array($feed['Feed']['id'], $event['Event']['uuid']),
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<li class="all <?php if ($all) echo 'disabled'; ?>">
<?php
if ($all):
?>
<span class="red">view all</span>
<?php
else:
echo $this->Paginator->link(__('view all'), 'all');
endif;
?>
</li>
</ul>
</div>
<div id="attributeList" class="attributeListContainer">
<table class="table table-striped table-condensed">
<tr>
<th><?php echo $this->Paginator->sort('date');?></th>
<th><?php echo $this->Paginator->sort('category');?></th>
<th><?php echo $this->Paginator->sort('type');?></th>
<th><?php echo $this->Paginator->sort('value');?></th>
<th><?php echo $this->Paginator->sort('comment');?></th>
<th title="<?php echo $attrDescriptions['signature']['desc'];?>"><?php echo $this->Paginator->sort('to_ids', 'IDS');?></th>
</tr>
<?php
foreach($event['objects'] as $k => $object):
?>
<tr id = "<?php echo 'Attribute_' . $object['uuid'] . '_tr'; ?>">
<td class="short"><?php echo (isset($object['timestamp'])) ? date('Y-m-d', $object['timestamp']) : '&nbsp'; ?></td>
<td class="shortish"><?php echo h($object['category']); ?></td>
<td class="shortish"><?php echo h($object['type']); ?></td>
<td class="shortish"><?php echo h($object['value']); ?></td>
<td class="shortish"><?php echo h($object['comment']); ?></td>
<td class="shortish"><?php echo ($object['to_ids']) ? 'Yes' : 'No'; ?></td>
</tr>
<?php
endforeach;
?>
</table>
</div>
<div class="pagination">
<ul>
<?php
$this->Paginator->options(array(
'url' => array($feed['Feed']['id'], $event['Event']['uuid']),
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 60, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
<li class="all <?php if ($all) echo 'disabled'; ?>">
<?php
if ($all):
?>
<span class="red">view all</span>
<?php
else:
echo $this->Paginator->link(__('view all'), 'all');
endif;
?>
</li>
</ul>
</div>
</div>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'feeds', 'menuItem' => 'previewEvent', 'id' => $event['Event']['uuid']));
?>
<script type="text/javascript">
// tooltips
$(document).ready(function () {
//loadEventTags("<?php echo $event['Event']['id']; ?>");
$("th, td, dt, div, span, li").tooltip({
'placement': 'top',
'container' : 'body',
delay: { show: 500, hide: 100 }
});
});
</script>

89
app/View/Feeds/preview_index.ctp Normal file
View File

@ -0,0 +1,89 @@
<div class="events index">
<h4 class="visibleDL notPublished" >You are currently viewing the event index of a feed (<?php echo h($feed['Feed']['name']); ?> by <?php echo h($feed['Feed']['provider']); ?>).</h4>
<div class="pagination">
<ul>
<?php
$eventViewURL = '/feeds/previewEvent/' . h($id) . '/';
$this->Paginator->options(array(
'url' => $id,
'update' => '.span12',
'evalScripts' => true,
'before' => '$(".progress").show()',
'complete' => '$(".progress").hide()',
));
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
<?php
$tab = "Center";
$filtered = false;
if (count($passedArgsArray) > 0) {
$tab = "Left";
$filtered = true;
}
?>
<table class="table table-striped table-hover table-condensed">
<tr>
<th class="filter"><?php echo $this->Paginator->sort('Org', 'org'); ?></th>
<th class="filter">Tags</th>
<th class="filter"><?php echo $this->Paginator->sort('date');?></th>
<th class="filter" title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>"><?php echo $this->Paginator->sort('threat_level_id');?></th>
<th title="<?php echo $eventDescriptions['analysis']['desc'];?>"><?php echo $this->Paginator->sort('analysis');?></th>
<th class="filter"><?php echo $this->Paginator->sort('info');?></th>
<th class="actions">Actions</th>
</tr>
<?php if (!empty($events)) foreach ($events as $uuid => $event): ?>
<tr>
<td class="short" ondblclick="document.location.href ='<?php echo $eventViewURL . h($uuid);?>'"><?php echo h($event['Orgc']['name']); ?></td>
<td style = "max-width: 200px;width:10px;">
<?php foreach ($event['Tag'] as $tag): ?>
<span class=tag style="margin-bottom:3px;background-color:<?php echo h($tag['colour']);?>;color:<?php echo $this->TextColour->getTextColour($tag['colour']);?>;" title="<?php echo h($tag['name']); ?>"><?php echo h($tag['name']); ?></span>
<?php endforeach; ?>
</td>
<td class="short" ondblclick="document.location.href ='<?php echo $eventViewURL . h($uuid);?>'">
<?php echo $event['date']; ?>&nbsp;
</td>
<td class="short" ondblclick="document.location.href ='<?php echo $eventViewURL . h($uuid);?>'">
<?php
echo h($threatLevels[$event['threat_level_id']]);
?>&nbsp;
</td>
<td class="short" ondblclick="document.location.href ='<?php echo $eventViewURL . h($uuid);?>'">
<?php echo $analysisLevels[$event['analysis']]; ?>&nbsp;
</td>
<td ondblclick="document.location.href ='<?php echo $eventViewURL . h($uuid);?>'">
<?php echo nl2br(h($event['info'])); ?>&nbsp;
</td>
<td class="short action-links">
<?php echo $this->Form->postLink('', '/feeds/getEvent/' . $id . '/' . $uuid, array('class' => 'icon-download'), __('Are you sure you want to fetch and save this event on your instance?', $this->Form->value('Feed.id'))); ?>
<a href='<?php echo $eventViewURL . h($uuid);?>' class = "icon-list-alt" title = "View"></a>
</td>
</tr>
<?php endforeach; ?>
</table>
<p>
<?php
echo $this->Paginator->counter(array(
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}'),
'model' => 'Feed',
));
?>
</p>
<div class="pagination">
<ul>
<?php
echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'red', 'currentTag' => 'span'));
echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
?>
</ul>
</div>
</div>
<?php
echo $this->element('side_menu', array('menuList' => 'feeds', 'menuItem' => 'previewIndex', 'id' => $id));
?>