mirror of https://github.com/MISP/MISP
fix: [API] proposals overriding attributes wasn't always working as expected, fixes #4032
- until now it was bound to the to_ids setting (badly) which caused nothing but headache - moved the new configuration to instead use the non-permissive nature of the given export formats - non-permissive export: if the proposal block is enabled, override attributes - permissive export types: ignore the proposals The reasoning is simple: we use the permissive export types for types that can express additional structures such as proposals, IDS flags, publish flags etc (meaning the MISP JSON/XML formats for example)pull/5239/head
parent
480e3b2969
commit
8168cc79db
|
@ -3104,8 +3104,7 @@ class Attribute extends AppModel
|
|||
}
|
||||
if (
|
||||
Configure::read('MISP.proposals_block_attributes') &&
|
||||
isset($options['conditions']['AND']['Attribute.to_ids']) &&
|
||||
array($options['conditions']['AND']['Attribute.to_ids'] == 1, in_array(1, $options['conditions']['AND']['Attribute.to_ids']))
|
||||
!empty($options['allow_proposal_blocking'])
|
||||
) {
|
||||
$this->bindModel(array('hasMany' => array('ShadowAttribute' => array('foreignKey' => 'old_id'))));
|
||||
$proposalRestriction = array(
|
||||
|
@ -4239,6 +4238,7 @@ class Attribute extends AppModel
|
|||
if (!isset($filters['published'])) {
|
||||
$filters['published'] = 1;
|
||||
}
|
||||
$filters['allow_proposal_blocking'] = 1;
|
||||
}
|
||||
if (!empty($filters['quickFilter'])) {
|
||||
$filters['searchall'] = $filters['quickFilter'];
|
||||
|
@ -4273,7 +4273,8 @@ class Attribute extends AppModel
|
|||
'includeSightings' => !empty($filters['includeSightings']) ? $filters['includeSightings'] : 0,
|
||||
'includeCorrelations' => !empty($filters['includeCorrelations']) ? $filters['includeCorrelations'] : 0,
|
||||
'includeDecayScore' => !empty($filters['includeDecayScore']) ? $filters['includeDecayScore'] : 0,
|
||||
'includeFullModel' => !empty($filters['includeFullModel']) ? $filters['includeFullModel'] : 0
|
||||
'includeFullModel' => !empty($filters['includeFullModel']) ? $filters['includeFullModel'] : 0,
|
||||
'allow_proposal_blocking' => !empty($filters['allow_proposal_blocking']) ? $filters['allow_proposal_blocking'] : 0
|
||||
);
|
||||
if (!empty($filters['attackGalaxy'])) {
|
||||
$params['attackGalaxy'] = $filters['attackGalaxy'];
|
||||
|
|
|
@ -2211,7 +2211,10 @@ class Event extends AppModel
|
|||
}
|
||||
}
|
||||
}
|
||||
if (Configure::read('MISP.proposals_block_attributes') && isset($options['to_ids']) && $options['to_ids']) {
|
||||
if (
|
||||
Configure::read('MISP.proposals_block_attributes') &&
|
||||
!empty($options['allow_proposal_blocking'])
|
||||
) {
|
||||
foreach ($results[$eventKey]['Attribute'][$key]['ShadowAttribute'] as $sa) {
|
||||
if ($sa['proposal_to_delete'] || $sa['to_ids'] == 0) {
|
||||
unset($results[$eventKey]['Attribute'][$key]);
|
||||
|
@ -6712,6 +6715,7 @@ class Event extends AppModel
|
|||
if (!isset($filters['published'])) {
|
||||
$filters['published'] = 1;
|
||||
}
|
||||
$filters['allow_proposal_blocking'] = 1;
|
||||
}
|
||||
|
||||
if (!empty($exportTool->renderView)) {
|
||||
|
|
Loading…
Reference in New Issue