mirror of https://github.com/MISP/MISP
Migration to CakePHP 2.1.
Most of the functionality migrated, Q&A review required.pull/61/head
parent
6da66f61b6
commit
865a24d0bd
|
@ -1,6 +1,8 @@
|
||||||
/app/tmp
|
|
||||||
/plugins
|
/plugins
|
||||||
/vendors
|
/vendors
|
||||||
|
/lib
|
||||||
|
/build.properties
|
||||||
|
/build.xml
|
||||||
/.project
|
/.project
|
||||||
/.settings
|
/.settings
|
||||||
/.buildpath
|
/.buildpath
|
||||||
|
@ -10,3 +12,4 @@
|
||||||
/index.php
|
/index.php
|
||||||
/README
|
/README
|
||||||
/app/tmp/sessions/sess_*
|
/app/tmp/sessions/sess_*
|
||||||
|
/app/tmp/logs/*.log
|
||||||
|
|
|
@ -2,4 +2,4 @@
|
||||||
RewriteEngine on
|
RewriteEngine on
|
||||||
RewriteRule ^$ webroot/ [L]
|
RewriteRule ^$ webroot/ [L]
|
||||||
RewriteRule (.*) webroot/$1 [L]
|
RewriteRule (.*) webroot/$1 [L]
|
||||||
</IfModule>
|
</IfModule>
|
|
@ -1,11 +1,12 @@
|
||||||
<?php
|
<?php
|
||||||
/*DbAcl schema generated on: 2007-11-24 15:11:13 : 1195945453*/
|
/*DbAcl schema generated on: 2007-11-24 15:11:13 : 1195945453*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This is Acl Schema file
|
* This is Acl Schema file
|
||||||
*
|
*
|
||||||
* Use it to configure database for ACL
|
* Use it to configure database for ACL
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP 5
|
||||||
*
|
*
|
||||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
@ -15,11 +16,11 @@
|
||||||
*
|
*
|
||||||
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
* @link http://cakephp.org CakePHP(tm) Project
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
* @package cake
|
* @package app.Config.Schema
|
||||||
* @subpackage cake.app.config.sql
|
|
||||||
* @since CakePHP(tm) v 0.2.9
|
* @since CakePHP(tm) v 0.2.9
|
||||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
*
|
*
|
||||||
* Using the Schema command line utility
|
* Using the Schema command line utility
|
||||||
|
@ -28,16 +29,16 @@
|
||||||
*/
|
*/
|
||||||
class DbAclSchema extends CakeSchema {
|
class DbAclSchema extends CakeSchema {
|
||||||
|
|
||||||
var $name = 'DbAcl';
|
public $name = 'DbAcl';
|
||||||
|
|
||||||
function before($event = array()) {
|
public function before($event = array()) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
function after($event = array()) {
|
public function after($event = array()) {
|
||||||
}
|
}
|
||||||
|
|
||||||
var $acos = array(
|
public $acos = array(
|
||||||
'id' => array('type'=>'integer', 'null' => false, 'default' => NULL, 'length' => 10, 'key' => 'primary'),
|
'id' => array('type'=>'integer', 'null' => false, 'default' => NULL, 'length' => 10, 'key' => 'primary'),
|
||||||
'parent_id' => array('type'=>'integer', 'null' => true, 'default' => NULL, 'length' => 10),
|
'parent_id' => array('type'=>'integer', 'null' => true, 'default' => NULL, 'length' => 10),
|
||||||
'model' => array('type'=>'string', 'null' => true),
|
'model' => array('type'=>'string', 'null' => true),
|
||||||
|
@ -48,7 +49,7 @@ class DbAclSchema extends CakeSchema {
|
||||||
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1))
|
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1))
|
||||||
);
|
);
|
||||||
|
|
||||||
var $aros = array(
|
public $aros = array(
|
||||||
'id' => array('type'=>'integer', 'null' => false, 'default' => NULL, 'length' => 10, 'key' => 'primary'),
|
'id' => array('type'=>'integer', 'null' => false, 'default' => NULL, 'length' => 10, 'key' => 'primary'),
|
||||||
'parent_id' => array('type'=>'integer', 'null' => true, 'default' => NULL, 'length' => 10),
|
'parent_id' => array('type'=>'integer', 'null' => true, 'default' => NULL, 'length' => 10),
|
||||||
'model' => array('type'=>'string', 'null' => true),
|
'model' => array('type'=>'string', 'null' => true),
|
||||||
|
@ -59,7 +60,7 @@ class DbAclSchema extends CakeSchema {
|
||||||
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1))
|
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1))
|
||||||
);
|
);
|
||||||
|
|
||||||
var $aros_acos = array(
|
public $aros_acos = array(
|
||||||
'id' => array('type'=>'integer', 'null' => false, 'default' => NULL, 'length' => 10, 'key' => 'primary'),
|
'id' => array('type'=>'integer', 'null' => false, 'default' => NULL, 'length' => 10, 'key' => 'primary'),
|
||||||
'aro_id' => array('type'=>'integer', 'null' => false, 'length' => 10, 'key' => 'index'),
|
'aro_id' => array('type'=>'integer', 'null' => false, 'length' => 10, 'key' => 'index'),
|
||||||
'aco_id' => array('type'=>'integer', 'null' => false, 'length' => 10),
|
'aco_id' => array('type'=>'integer', 'null' => false, 'length' => 10),
|
|
@ -0,0 +1,40 @@
|
||||||
|
# $Id$
|
||||||
|
#
|
||||||
|
# Copyright 2005-2011, Cake Software Foundation, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under The MIT License
|
||||||
|
# Redistributions of files must retain the above copyright notice.
|
||||||
|
# MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
|
||||||
|
CREATE TABLE acos (
|
||||||
|
id INTEGER(10) UNSIGNED NOT NULL AUTO_INCREMENT,
|
||||||
|
parent_id INTEGER(10) DEFAULT NULL,
|
||||||
|
model VARCHAR(255) DEFAULT '',
|
||||||
|
foreign_key INTEGER(10) UNSIGNED DEFAULT NULL,
|
||||||
|
alias VARCHAR(255) DEFAULT '',
|
||||||
|
lft INTEGER(10) DEFAULT NULL,
|
||||||
|
rght INTEGER(10) DEFAULT NULL,
|
||||||
|
PRIMARY KEY (id)
|
||||||
|
);
|
||||||
|
|
||||||
|
CREATE TABLE aros_acos (
|
||||||
|
id INTEGER(10) UNSIGNED NOT NULL AUTO_INCREMENT,
|
||||||
|
aro_id INTEGER(10) UNSIGNED NOT NULL,
|
||||||
|
aco_id INTEGER(10) UNSIGNED NOT NULL,
|
||||||
|
_create CHAR(2) NOT NULL DEFAULT 0,
|
||||||
|
_read CHAR(2) NOT NULL DEFAULT 0,
|
||||||
|
_update CHAR(2) NOT NULL DEFAULT 0,
|
||||||
|
_delete CHAR(2) NOT NULL DEFAULT 0,
|
||||||
|
PRIMARY KEY(id)
|
||||||
|
);
|
||||||
|
|
||||||
|
CREATE TABLE aros (
|
||||||
|
id INTEGER(10) UNSIGNED NOT NULL AUTO_INCREMENT,
|
||||||
|
parent_id INTEGER(10) DEFAULT NULL,
|
||||||
|
model VARCHAR(255) DEFAULT '',
|
||||||
|
foreign_key INTEGER(10) UNSIGNED DEFAULT NULL,
|
||||||
|
alias VARCHAR(255) DEFAULT '',
|
||||||
|
lft INTEGER(10) DEFAULT NULL,
|
||||||
|
rght INTEGER(10) DEFAULT NULL,
|
||||||
|
PRIMARY KEY (id)
|
||||||
|
);
|
|
@ -1,11 +1,12 @@
|
||||||
<?php
|
<?php
|
||||||
/*i18n schema generated on: 2007-11-25 07:11:25 : 1196004805*/
|
/*i18n schema generated on: 2007-11-25 07:11:25 : 1196004805*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This is i18n Schema file
|
* This is i18n Schema file
|
||||||
*
|
*
|
||||||
* Use it to configure database for i18n
|
* Use it to configure database for i18n
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP 5
|
||||||
*
|
*
|
||||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
@ -15,11 +16,11 @@
|
||||||
*
|
*
|
||||||
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
* @link http://cakephp.org CakePHP(tm) Project
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
* @package cake
|
* @package app.Config.Schema
|
||||||
* @subpackage cake.app.config.sql
|
|
||||||
* @since CakePHP(tm) v 0.2.9
|
* @since CakePHP(tm) v 0.2.9
|
||||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
*
|
*
|
||||||
* Using the Schema command line utility
|
* Using the Schema command line utility
|
||||||
|
@ -28,16 +29,16 @@
|
||||||
*/
|
*/
|
||||||
class i18nSchema extends CakeSchema {
|
class i18nSchema extends CakeSchema {
|
||||||
|
|
||||||
var $name = 'i18n';
|
public $name = 'i18n';
|
||||||
|
|
||||||
function before($event = array()) {
|
public function before($event = array()) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
function after($event = array()) {
|
public function after($event = array()) {
|
||||||
}
|
}
|
||||||
|
|
||||||
var $i18n = array(
|
public $i18n = array(
|
||||||
'id' => array('type'=>'integer', 'null' => false, 'default' => NULL, 'length' => 10, 'key' => 'primary'),
|
'id' => array('type'=>'integer', 'null' => false, 'default' => NULL, 'length' => 10, 'key' => 'primary'),
|
||||||
'locale' => array('type'=>'string', 'null' => false, 'length' => 6, 'key' => 'index'),
|
'locale' => array('type'=>'string', 'null' => false, 'length' => 6, 'key' => 'index'),
|
||||||
'model' => array('type'=>'string', 'null' => false, 'key' => 'index'),
|
'model' => array('type'=>'string', 'null' => false, 'key' => 'index'),
|
|
@ -0,0 +1,26 @@
|
||||||
|
# $Id$
|
||||||
|
#
|
||||||
|
# Copyright 2005-2011, Cake Software Foundation, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under The MIT License
|
||||||
|
# Redistributions of files must retain the above copyright notice.
|
||||||
|
# MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
|
||||||
|
CREATE TABLE i18n (
|
||||||
|
id int(10) NOT NULL auto_increment,
|
||||||
|
locale varchar(6) NOT NULL,
|
||||||
|
model varchar(255) NOT NULL,
|
||||||
|
foreign_key int(10) NOT NULL,
|
||||||
|
field varchar(255) NOT NULL,
|
||||||
|
content mediumtext,
|
||||||
|
PRIMARY KEY (id),
|
||||||
|
# UNIQUE INDEX I18N_LOCALE_FIELD(locale, model, foreign_key, field),
|
||||||
|
# INDEX I18N_LOCALE_ROW(locale, model, foreign_key),
|
||||||
|
# INDEX I18N_LOCALE_MODEL(locale, model),
|
||||||
|
# INDEX I18N_FIELD(model, foreign_key, field),
|
||||||
|
# INDEX I18N_ROW(model, foreign_key),
|
||||||
|
INDEX locale (locale),
|
||||||
|
INDEX model (model),
|
||||||
|
INDEX row_id (foreign_key),
|
||||||
|
INDEX field (field)
|
||||||
|
);
|
|
@ -1,11 +1,12 @@
|
||||||
<?php
|
<?php
|
||||||
/*Sessions schema generated on: 2007-11-25 07:11:54 : 1196004714*/
|
/*Sessions schema generated on: 2007-11-25 07:11:54 : 1196004714*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This is Sessions Schema file
|
* This is Sessions Schema file
|
||||||
*
|
*
|
||||||
* Use it to configure database for Sessions
|
* Use it to configure database for Sessions
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP 5
|
||||||
*
|
*
|
||||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
@ -15,11 +16,11 @@
|
||||||
*
|
*
|
||||||
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
* @link http://cakephp.org CakePHP(tm) Project
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
* @package cake
|
* @package app.Config.Schema
|
||||||
* @subpackage cake.app.config.sql
|
|
||||||
* @since CakePHP(tm) v 0.2.9
|
* @since CakePHP(tm) v 0.2.9
|
||||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
*
|
*
|
||||||
* Using the Schema command line utility
|
* Using the Schema command line utility
|
||||||
|
@ -28,16 +29,16 @@
|
||||||
*/
|
*/
|
||||||
class SessionsSchema extends CakeSchema {
|
class SessionsSchema extends CakeSchema {
|
||||||
|
|
||||||
var $name = 'Sessions';
|
public $name = 'Sessions';
|
||||||
|
|
||||||
function before($event = array()) {
|
public function before($event = array()) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
function after($event = array()) {
|
public function after($event = array()) {
|
||||||
}
|
}
|
||||||
|
|
||||||
var $cake_sessions = array(
|
public $cake_sessions = array(
|
||||||
'id' => array('type'=>'string', 'null' => false, 'key' => 'primary'),
|
'id' => array('type'=>'string', 'null' => false, 'key' => 'primary'),
|
||||||
'data' => array('type'=>'text', 'null' => true, 'default' => NULL),
|
'data' => array('type'=>'text', 'null' => true, 'default' => NULL),
|
||||||
'expires' => array('type'=>'integer', 'null' => true, 'default' => NULL),
|
'expires' => array('type'=>'integer', 'null' => true, 'default' => NULL),
|
|
@ -0,0 +1,16 @@
|
||||||
|
# $Id$
|
||||||
|
#
|
||||||
|
# Copyright 2005-2011, Cake Software Foundation, Inc.
|
||||||
|
# 1785 E. Sahara Avenue, Suite 490-204
|
||||||
|
# Las Vegas, Nevada 89104
|
||||||
|
#
|
||||||
|
# Licensed under The MIT License
|
||||||
|
# Redistributions of files must retain the above copyright notice.
|
||||||
|
# MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
|
||||||
|
CREATE TABLE cake_sessions (
|
||||||
|
id varchar(255) NOT NULL default '',
|
||||||
|
data text,
|
||||||
|
expires int(11) default NULL,
|
||||||
|
PRIMARY KEY (id)
|
||||||
|
);
|
|
@ -1,12 +1,11 @@
|
||||||
;<?php die() ?>
|
;<?php exit() ?>
|
||||||
; SVN FILE: $Id$
|
|
||||||
;/**
|
;/**
|
||||||
; * ACL configuration
|
; * ACL Configuration
|
||||||
; *
|
; *
|
||||||
; *
|
; *
|
||||||
; * PHP versions 4 and 5
|
; * PHP 5
|
||||||
; *
|
; *
|
||||||
; * CakePHP(tm) : Rapid Development Framework http://cakephp.org
|
; * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
; * Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
; * Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
; *
|
; *
|
||||||
; * Licensed under The MIT License
|
; * Licensed under The MIT License
|
||||||
|
@ -14,8 +13,7 @@
|
||||||
; *
|
; *
|
||||||
; * @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
; * @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
; * @link http://cakephp.org CakePHP(tm) Project
|
; * @link http://cakephp.org CakePHP(tm) Project
|
||||||
; * @package cake
|
; * @package app.Config
|
||||||
; * @subpackage cake.app.config
|
|
||||||
; * @since CakePHP(tm) v 0.10.0.1076
|
; * @since CakePHP(tm) v 0.10.0.1076
|
||||||
; * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
; * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
; */
|
; */
|
||||||
|
@ -67,4 +65,4 @@ allow = aco3, aco4
|
||||||
|
|
||||||
[groupname-goes-here]
|
[groupname-goes-here]
|
||||||
deny = aco5, aco6
|
deny = aco5, aco6
|
||||||
allow = aco7, aco8
|
allow = aco7, aco8
|
|
@ -0,0 +1,134 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* This is the PHP base ACL configuration file.
|
||||||
|
*
|
||||||
|
* Use it to configure access control of your Cake application.
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package app.Config
|
||||||
|
* @since CakePHP(tm) v 2.1
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Example
|
||||||
|
* -------
|
||||||
|
*
|
||||||
|
* Assumptions:
|
||||||
|
*
|
||||||
|
* 1. In your application you created a User model with the following properties:
|
||||||
|
* username, group_id, password, email, firstname, lastname and so on.
|
||||||
|
* 2. You configured AuthComponent to authorize actions via
|
||||||
|
* $this->Auth->authorize = array('Actions' => array('actionPath' => 'controllers/'),...)
|
||||||
|
*
|
||||||
|
* Now, when a user (i.e. jeff) authenticates successfully and requests a controller action (i.e. /invoices/delete)
|
||||||
|
* that is not allowed by default (e.g. via $this->Auth->allow('edit') in the Invoices controller) then AuthComponent
|
||||||
|
* will ask the configured ACL interface if access is granted. Under the assumptions 1. and 2. this will be
|
||||||
|
* done via a call to Acl->check() with
|
||||||
|
*
|
||||||
|
* array('User' => array('username' => 'jeff', 'group_id' => 4, ...))
|
||||||
|
*
|
||||||
|
* as ARO and
|
||||||
|
*
|
||||||
|
* '/controllers/invoices/delete'
|
||||||
|
*
|
||||||
|
* as ACO.
|
||||||
|
*
|
||||||
|
* If the configured map looks like
|
||||||
|
*
|
||||||
|
* $config['map'] = array(
|
||||||
|
* 'User' => 'User/username',
|
||||||
|
* 'Role' => 'User/group_id',
|
||||||
|
* );
|
||||||
|
*
|
||||||
|
* then PhpAcl will lookup if we defined a role like User/jeff. If that role is not found, PhpAcl will try to
|
||||||
|
* find a definition for Role/4. If the definition isn't found then a default role (Role/default) will be used to
|
||||||
|
* check rules for the given ACO. The search can be expanded by defining aliases in the alias configuration.
|
||||||
|
* E.g. if you want to use a more readable name than Role/4 in your definitions you can define an alias like
|
||||||
|
*
|
||||||
|
* $config['alias'] = array(
|
||||||
|
* 'Role/4' => 'Role/editor',
|
||||||
|
* );
|
||||||
|
*
|
||||||
|
* In the roles configuration you can define roles on the lhs and inherited roles on the rhs:
|
||||||
|
*
|
||||||
|
* $config['roles'] = array(
|
||||||
|
* 'Role/admin' => null,
|
||||||
|
* 'Role/accountant' => null,
|
||||||
|
* 'Role/editor' => null,
|
||||||
|
* 'Role/manager' => 'Role/editor, Role/accountant',
|
||||||
|
* 'User/jeff' => 'Role/manager',
|
||||||
|
* );
|
||||||
|
*
|
||||||
|
* In this example manager inherits all rules from editor and accountant. Role/admin doesn't inherit from any role.
|
||||||
|
* Lets define some rules:
|
||||||
|
*
|
||||||
|
* $config['rules'] = array(
|
||||||
|
* 'allow' => array(
|
||||||
|
* '*' => 'Role/admin',
|
||||||
|
* 'controllers/users/(dashboard|profile)' => 'Role/default',
|
||||||
|
* 'controllers/invoices/*' => 'Role/accountant',
|
||||||
|
* 'controllers/articles/*' => 'Role/editor',
|
||||||
|
* 'controllers/users/*' => 'Role/manager',
|
||||||
|
* 'controllers/invoices/delete' => 'Role/manager',
|
||||||
|
* ),
|
||||||
|
* 'deny' => array(
|
||||||
|
* 'controllers/invoices/delete' => 'Role/accountant, User/jeff',
|
||||||
|
* 'controllers/articles/(delete|publish)' => 'Role/editor',
|
||||||
|
* ),
|
||||||
|
* );
|
||||||
|
*
|
||||||
|
* Ok, so as jeff inherits from Role/manager he's matched every rule that references User/jeff, Role/manager,
|
||||||
|
* Role/editor, Role/accountant and Role/default. However, for jeff, rules for User/jeff are more specific than
|
||||||
|
* rules for Role/manager, rules for Role/manager are more specific than rules for Role/editor and so on.
|
||||||
|
* This is important when allow and deny rules match for a role. E.g. Role/accountant is allowed
|
||||||
|
* controllers/invoices/* but at the same time controllers/invoices/delete is denied. But there is a more
|
||||||
|
* specific rule defined for Role/manager which is allowed controllers/invoices/delete. However, the most specific
|
||||||
|
* rule denies access to the delete action explicitly for User/jeff, so he'll be denied access to the resource.
|
||||||
|
*
|
||||||
|
* If we would remove the role definition for User/jeff, then jeff would be granted access as he would be resolved
|
||||||
|
* to Role/manager and Role/manager has an allow rule.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The role map defines how to resolve the user record from your application
|
||||||
|
* to the roles you defined in the roles configuration.
|
||||||
|
*/
|
||||||
|
$config['map'] = array(
|
||||||
|
'User' => 'User/username',
|
||||||
|
'Role' => 'User/group_id',
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* define aliases to map your model information to
|
||||||
|
* the roles defined in your role configuration.
|
||||||
|
*/
|
||||||
|
$config['alias'] = array(
|
||||||
|
'Role/4' => 'Role/editor',
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* role configuration
|
||||||
|
*/
|
||||||
|
$config['roles'] = array(
|
||||||
|
'Role/admin' => null,
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* rule configuration
|
||||||
|
*/
|
||||||
|
$config['rules'] = array(
|
||||||
|
'allow' => array(
|
||||||
|
'*' => 'Role/admin',
|
||||||
|
),
|
||||||
|
'deny' => array(),
|
||||||
|
);
|
|
@ -0,0 +1,139 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* This file is loaded automatically by the app/webroot/index.php file after core.php
|
||||||
|
*
|
||||||
|
* This file should load/create any application wide configuration settings, such as
|
||||||
|
* Caching, Logging, loading additional configuration files.
|
||||||
|
*
|
||||||
|
* You should also use this file to include any files that provide global functions/constants
|
||||||
|
* that your application uses.
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package app.Config
|
||||||
|
* @since CakePHP(tm) v 0.10.8.2117
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Cache Engine Configuration
|
||||||
|
* Default settings provided below
|
||||||
|
*
|
||||||
|
* File storage engine.
|
||||||
|
*
|
||||||
|
* Cache::config('default', array(
|
||||||
|
* 'engine' => 'File', //[required]
|
||||||
|
* 'duration'=> 3600, //[optional]
|
||||||
|
* 'probability'=> 100, //[optional]
|
||||||
|
* 'path' => CACHE, //[optional] use system tmp directory - remember to use absolute path
|
||||||
|
* 'prefix' => 'cake_', //[optional] prefix every cache file with this string
|
||||||
|
* 'lock' => false, //[optional] use file locking
|
||||||
|
* 'serialize' => true, // [optional]
|
||||||
|
* 'mask' => 0666, // [optional] permission mask to use when creating cache files
|
||||||
|
* ));
|
||||||
|
*
|
||||||
|
* APC (http://pecl.php.net/package/APC)
|
||||||
|
*
|
||||||
|
* Cache::config('default', array(
|
||||||
|
* 'engine' => 'Apc', //[required]
|
||||||
|
* 'duration'=> 3600, //[optional]
|
||||||
|
* 'probability'=> 100, //[optional]
|
||||||
|
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||||
|
* ));
|
||||||
|
*
|
||||||
|
* Xcache (http://xcache.lighttpd.net/)
|
||||||
|
*
|
||||||
|
* Cache::config('default', array(
|
||||||
|
* 'engine' => 'Xcache', //[required]
|
||||||
|
* 'duration'=> 3600, //[optional]
|
||||||
|
* 'probability'=> 100, //[optional]
|
||||||
|
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||||
|
* 'user' => 'user', //user from xcache.admin.user settings
|
||||||
|
* 'password' => 'password', //plaintext password (xcache.admin.pass)
|
||||||
|
* ));
|
||||||
|
*
|
||||||
|
* Memcache (http://memcached.org/)
|
||||||
|
*
|
||||||
|
* Cache::config('default', array(
|
||||||
|
* 'engine' => 'Memcache', //[required]
|
||||||
|
* 'duration'=> 3600, //[optional]
|
||||||
|
* 'probability'=> 100, //[optional]
|
||||||
|
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||||
|
* 'servers' => array(
|
||||||
|
* '127.0.0.1:11211' // localhost, default port 11211
|
||||||
|
* ), //[optional]
|
||||||
|
* 'persistent' => true, // [optional] set this to false for non-persistent connections
|
||||||
|
* 'compress' => false, // [optional] compress data in Memcache (slower, but uses less memory)
|
||||||
|
* ));
|
||||||
|
*
|
||||||
|
* Wincache (http://php.net/wincache)
|
||||||
|
*
|
||||||
|
* Cache::config('default', array(
|
||||||
|
* 'engine' => 'Wincache', //[required]
|
||||||
|
* 'duration'=> 3600, //[optional]
|
||||||
|
* 'probability'=> 100, //[optional]
|
||||||
|
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||||
|
* ));
|
||||||
|
*/
|
||||||
|
Cache::config('default', array('engine' => 'File'));
|
||||||
|
|
||||||
|
//Configure::write('CyDefSIG.baseurl', 'https://sig.cyber-defence.be');
|
||||||
|
Configure::write('CyDefSIG.baseurl', 'http://localhost:8888');
|
||||||
|
|
||||||
|
Configure::write('CyDefSIG.showorg', 'false'); // show the name of the organisation that uploaded the data
|
||||||
|
Configure::write('CyDefSIG.email', 'no-reply@sig.mil.be'); // email from for all the mails
|
||||||
|
|
||||||
|
Configure::write('GnuPG.onlyencrypted', 'true'); // only allow encrypted email, do not allow plaintext mails
|
||||||
|
Configure::write('GnuPG.email', 'no-reply@sig.mil.be');
|
||||||
|
Configure::write('GnuPG.password', 'ii3naxoK|o2a');
|
||||||
|
Configure::write('GnuPG.homedir', '/Users/chri/Documents/Work/Projects/201107-CyDefSIG/.gnupg/');
|
||||||
|
|
||||||
|
Configure::write('Recaptcha.publicKey', '6LdzJsYSAAAAAFCn4Ju7pnmKQ8yhiDbXT-b1eJtN');
|
||||||
|
Configure::write('Recaptcha.privateKey', '6LdzJsYSAAAAAD2IwnWwp16gIclZYVKynhsZEMZh');
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The settings below can be used to set additional paths to models, views and controllers.
|
||||||
|
*
|
||||||
|
* App::build(array(
|
||||||
|
* 'Plugin' => array('/full/path/to/plugins/', '/next/full/path/to/plugins/'),
|
||||||
|
* 'Model' => array('/full/path/to/models/', '/next/full/path/to/models/'),
|
||||||
|
* 'View' => array('/full/path/to/views/', '/next/full/path/to/views/'),
|
||||||
|
* 'Controller' => array('/full/path/to/controllers/', '/next/full/path/to/controllers/'),
|
||||||
|
* 'Model/Datasource' => array('/full/path/to/datasources/', '/next/full/path/to/datasources/'),
|
||||||
|
* 'Model/Behavior' => array('/full/path/to/behaviors/', '/next/full/path/to/behaviors/'),
|
||||||
|
* 'Controller/Component' => array('/full/path/to/components/', '/next/full/path/to/components/'),
|
||||||
|
* 'View/Helper' => array('/full/path/to/helpers/', '/next/full/path/to/helpers/'),
|
||||||
|
* 'Vendor' => array('/full/path/to/vendors/', '/next/full/path/to/vendors/'),
|
||||||
|
* 'Console/Command' => array('/full/path/to/shells/', '/next/full/path/to/shells/'),
|
||||||
|
* 'Locale' => array('/full/path/to/locale/', '/next/full/path/to/locale/')
|
||||||
|
* ));
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Custom Inflector rules, can be set to correctly pluralize or singularize table, model, controller names or whatever other
|
||||||
|
* string is passed to the inflection functions
|
||||||
|
*
|
||||||
|
* Inflector::rules('singular', array('rules' => array(), 'irregular' => array(), 'uninflected' => array()));
|
||||||
|
* Inflector::rules('plural', array('rules' => array(), 'irregular' => array(), 'uninflected' => array()));
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Plugins need to be loaded manually, you can either load them one by one or all of them in a single call
|
||||||
|
* Uncomment one of the lines below, as you need. make sure you read the documentation on CakePlugin to use more
|
||||||
|
* advanced ways of loading plugins
|
||||||
|
*
|
||||||
|
* CakePlugin::loadAll(); // Loads all plugins at once
|
||||||
|
* CakePlugin::load('DebugKit'); //Loads a single plugin named DebugKit
|
||||||
|
*
|
||||||
|
*/
|
|
@ -0,0 +1,278 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* This is core configuration file.
|
||||||
|
*
|
||||||
|
* Use it to configure core behavior of Cake.
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package app.Config
|
||||||
|
* @since CakePHP(tm) v 0.2.9
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* CakePHP Debug Level:
|
||||||
|
*
|
||||||
|
* Production Mode:
|
||||||
|
* 0: No error messages, errors, or warnings shown. Flash messages redirect.
|
||||||
|
*
|
||||||
|
* Development Mode:
|
||||||
|
* 1: Errors and warnings shown, model caches refreshed, flash messages halted.
|
||||||
|
* 2: As in 1, but also with full debug messages and SQL output.
|
||||||
|
*
|
||||||
|
* In production mode, flash messages redirect after a time interval.
|
||||||
|
* In development mode, you need to click the flash message to continue.
|
||||||
|
*/
|
||||||
|
Configure::write('debug', 2);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Configure the Error handler used to handle errors for your application. By default
|
||||||
|
* ErrorHandler::handleError() is used. It will display errors using Debugger, when debug > 0
|
||||||
|
* and log errors with CakeLog when debug = 0.
|
||||||
|
*
|
||||||
|
* Options:
|
||||||
|
*
|
||||||
|
* - `handler` - callback - The callback to handle errors. You can set this to any callback type,
|
||||||
|
* including anonymous functions.
|
||||||
|
* - `level` - int - The level of errors you are interested in capturing.
|
||||||
|
* - `trace` - boolean - Include stack traces for errors in log files.
|
||||||
|
*
|
||||||
|
* @see ErrorHandler for more information on error handling and configuration.
|
||||||
|
*/
|
||||||
|
Configure::write('Error', array(
|
||||||
|
'handler' => 'ErrorHandler::handleError',
|
||||||
|
'level' => E_ALL & ~E_DEPRECATED,
|
||||||
|
'trace' => true
|
||||||
|
));
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Configure the Exception handler used for uncaught exceptions. By default,
|
||||||
|
* ErrorHandler::handleException() is used. It will display a HTML page for the exception, and
|
||||||
|
* while debug > 0, framework errors like Missing Controller will be displayed. When debug = 0,
|
||||||
|
* framework errors will be coerced into generic HTTP errors.
|
||||||
|
*
|
||||||
|
* Options:
|
||||||
|
*
|
||||||
|
* - `handler` - callback - The callback to handle exceptions. You can set this to any callback type,
|
||||||
|
* including anonymous functions.
|
||||||
|
* - `renderer` - string - The class responsible for rendering uncaught exceptions. If you choose a custom class you
|
||||||
|
* should place the file for that class in app/Lib/Error. This class needs to implement a render method.
|
||||||
|
* - `log` - boolean - Should Exceptions be logged?
|
||||||
|
*
|
||||||
|
* @see ErrorHandler for more information on exception handling and configuration.
|
||||||
|
*/
|
||||||
|
Configure::write('Exception', array(
|
||||||
|
'handler' => 'ErrorHandler::handleException',
|
||||||
|
'renderer' => 'ExceptionRenderer',
|
||||||
|
'log' => true
|
||||||
|
));
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application wide charset encoding
|
||||||
|
*/
|
||||||
|
Configure::write('App.encoding', 'UTF-8');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* To configure CakePHP *not* to use mod_rewrite and to
|
||||||
|
* use CakePHP pretty URLs, remove these .htaccess
|
||||||
|
* files:
|
||||||
|
*
|
||||||
|
* /.htaccess
|
||||||
|
* /app/.htaccess
|
||||||
|
* /app/webroot/.htaccess
|
||||||
|
*
|
||||||
|
* And uncomment the App.baseUrl below:
|
||||||
|
*/
|
||||||
|
//Configure::write('App.baseUrl', env('SCRIPT_NAME'));
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Uncomment the define below to use CakePHP prefix routes.
|
||||||
|
*
|
||||||
|
* The value of the define determines the names of the routes
|
||||||
|
* and their associated controller actions:
|
||||||
|
*
|
||||||
|
* Set to an array of prefixes you want to use in your application. Use for
|
||||||
|
* admin or other prefixed routes.
|
||||||
|
*
|
||||||
|
* Routing.prefixes = array('admin', 'manager');
|
||||||
|
*
|
||||||
|
* Enables:
|
||||||
|
* `admin_index()` and `/admin/controller/index`
|
||||||
|
* `manager_index()` and `/manager/controller/index`
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
Configure::write('Routing.prefixes', array('admin'));
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Turn off all caching application-wide.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
Configure::write('Cache.disable', true);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Enable cache checking.
|
||||||
|
*
|
||||||
|
* If set to true, for view caching you must still use the controller
|
||||||
|
* public $cacheAction inside your controllers to define caching settings.
|
||||||
|
* You can either set it controller-wide by setting public $cacheAction = true,
|
||||||
|
* or in each action using $this->cacheAction = true.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
//Configure::write('Cache.check', true);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Defines the default error type when using the log() function. Used for
|
||||||
|
* differentiating error logging and debugging. Currently PHP supports LOG_DEBUG.
|
||||||
|
*/
|
||||||
|
define('LOG_ERROR', 2);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Session configuration.
|
||||||
|
*
|
||||||
|
* Contains an array of settings to use for session configuration. The defaults key is
|
||||||
|
* used to define a default preset to use for sessions, any settings declared here will override
|
||||||
|
* the settings of the default config.
|
||||||
|
*
|
||||||
|
* ## Options
|
||||||
|
*
|
||||||
|
* - `Session.cookie` - The name of the cookie to use. Defaults to 'CAKEPHP'
|
||||||
|
* - `Session.timeout` - The number of minutes you want sessions to live for. This timeout is handled by CakePHP
|
||||||
|
* - `Session.cookieTimeout` - The number of minutes you want session cookies to live for.
|
||||||
|
* - `Session.checkAgent` - Do you want the user agent to be checked when starting sessions? You might want to set the
|
||||||
|
* value to false, when dealing with older versions of IE, Chrome Frame or certain web-browsing devices and AJAX
|
||||||
|
* - `Session.defaults` - The default configuration set to use as a basis for your session.
|
||||||
|
* There are four builtins: php, cake, cache, database.
|
||||||
|
* - `Session.handler` - Can be used to enable a custom session handler. Expects an array of of callables,
|
||||||
|
* that can be used with `session_save_handler`. Using this option will automatically add `session.save_handler`
|
||||||
|
* to the ini array.
|
||||||
|
* - `Session.autoRegenerate` - Enabling this setting, turns on automatic renewal of sessions, and
|
||||||
|
* sessionids that change frequently. See CakeSession::$requestCountdown.
|
||||||
|
* - `Session.ini` - An associative array of additional ini values to set.
|
||||||
|
*
|
||||||
|
* The built in defaults are:
|
||||||
|
*
|
||||||
|
* - 'php' - Uses settings defined in your php.ini.
|
||||||
|
* - 'cake' - Saves session files in CakePHP's /tmp directory.
|
||||||
|
* - 'database' - Uses CakePHP's database sessions.
|
||||||
|
* - 'cache' - Use the Cache class to save sessions.
|
||||||
|
*
|
||||||
|
* To define a custom session handler, save it at /app/Model/Datasource/Session/<name>.php.
|
||||||
|
* Make sure the class implements `CakeSessionHandlerInterface` and set Session.handler to <name>
|
||||||
|
*
|
||||||
|
* To use database sessions, run the app/Config/Schema/sessions.php schema using
|
||||||
|
* the cake shell command: cake schema create Sessions
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
Configure::write('Session', array(
|
||||||
|
'defaults' => 'php'
|
||||||
|
));
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The level of CakePHP security.
|
||||||
|
*/
|
||||||
|
Configure::write('Security.level', 'medium');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A random string used in security hashing methods.
|
||||||
|
*/
|
||||||
|
Configure::write('Security.salt', 'Rooraenietu8Eeyo<Qu2eeNfterd-dd+');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A random numeric string (digits only) used to encrypt/decrypt strings.
|
||||||
|
*/
|
||||||
|
Configure::write('Security.cipherSeed', '395786739573056621429506834955');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Apply timestamps with the last modified time to static assets (js, css, images).
|
||||||
|
* Will append a querystring parameter containing the time the file was modified. This is
|
||||||
|
* useful for invalidating browser caches.
|
||||||
|
*
|
||||||
|
* Set to `true` to apply timestamps when debug > 0. Set to 'force' to always enable
|
||||||
|
* timestamping regardless of debug value.
|
||||||
|
*/
|
||||||
|
//Configure::write('Asset.timestamp', true);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Compress CSS output by removing comments, whitespace, repeating tags, etc.
|
||||||
|
* This requires a/var/cache directory to be writable by the web server for caching.
|
||||||
|
* and /vendors/csspp/csspp.php
|
||||||
|
*
|
||||||
|
* To use, prefix the CSS link URL with '/ccss/' instead of '/css/' or use HtmlHelper::css().
|
||||||
|
*/
|
||||||
|
//Configure::write('Asset.filter.css', 'css.php');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Plug in your own custom JavaScript compressor by dropping a script in your webroot to handle the
|
||||||
|
* output, and setting the config below to the name of the script.
|
||||||
|
*
|
||||||
|
* To use, prefix your JavaScript link URLs with '/cjs/' instead of '/js/' or use JavaScriptHelper::link().
|
||||||
|
*/
|
||||||
|
//Configure::write('Asset.filter.js', 'custom_javascript_output_filter.php');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The classname and database used in CakePHP's
|
||||||
|
* access control lists.
|
||||||
|
*/
|
||||||
|
Configure::write('Acl.classname', 'DbAcl');
|
||||||
|
Configure::write('Acl.database', 'default');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Uncomment this line and correct your server timezone to fix
|
||||||
|
* any date & time related errors.
|
||||||
|
*/
|
||||||
|
//date_default_timezone_set('UTC');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Pick the caching engine to use. If APC is enabled use it.
|
||||||
|
* If running via cli - apc is disabled by default. ensure it's available and enabled in this case
|
||||||
|
*
|
||||||
|
* Note: 'default' and other application caches should be configured in app/Config/bootstrap.php.
|
||||||
|
* Please check the comments in boostrap.php for more info on the cache engines available
|
||||||
|
* and their setttings.
|
||||||
|
*/
|
||||||
|
$engine = 'File';
|
||||||
|
if (extension_loaded('apc') && function_exists('apc_dec') && (php_sapi_name() !== 'cli' || ini_get('apc.enable_cli'))) {
|
||||||
|
$engine = 'Apc';
|
||||||
|
}
|
||||||
|
|
||||||
|
// In development mode, caches should expire quickly.
|
||||||
|
$duration = '+999 days';
|
||||||
|
if (Configure::read('debug') >= 1) {
|
||||||
|
$duration = '+10 seconds';
|
||||||
|
}
|
||||||
|
|
||||||
|
// Prefix each application on the same server with a different string, to avoid Memcache and APC conflicts.
|
||||||
|
$prefix = 'myapp_';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Configure the cache used for general framework caching. Path information,
|
||||||
|
* object listings, and translation cache files are stored with this configuration.
|
||||||
|
*/
|
||||||
|
Cache::config('_cake_core_', array(
|
||||||
|
'engine' => $engine,
|
||||||
|
'prefix' => $prefix . 'cake_core_',
|
||||||
|
'path' => CACHE . 'persistent' . DS,
|
||||||
|
'serialize' => ($engine === 'File'),
|
||||||
|
'duration' => $duration
|
||||||
|
));
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Configure the cache for model and datasource caches. This cache configuration
|
||||||
|
* is used to store schema descriptions, and table listings in connections.
|
||||||
|
*/
|
||||||
|
Cache::config('_cake_model_', array(
|
||||||
|
'engine' => $engine,
|
||||||
|
'prefix' => $prefix . 'cake_model_',
|
||||||
|
'path' => CACHE . 'models' . DS,
|
||||||
|
'serialize' => ($engine === 'File'),
|
||||||
|
'duration' => $duration
|
||||||
|
));
|
|
@ -0,0 +1,17 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
class DATABASE_CONFIG {
|
||||||
|
|
||||||
|
public $default = array(
|
||||||
|
'datasource' => 'Database/Mysql',
|
||||||
|
'persistent' => false,
|
||||||
|
'host' => '127.0.0.1',
|
||||||
|
'login' => 'cyberdefence',
|
||||||
|
'port' => 8889,
|
||||||
|
'password' => 'PhwaxFJbNhnRGfZ8',
|
||||||
|
'database' => 'cyberdefence_sig',
|
||||||
|
'prefix' => '',
|
||||||
|
//'encoding' => 'utf8',
|
||||||
|
);
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,12 @@
|
||||||
|
<?php
|
||||||
|
class EmailConfig {
|
||||||
|
|
||||||
|
public $default = array(
|
||||||
|
'transport' => 'Mail',
|
||||||
|
//'from' => 'you@localhost',
|
||||||
|
'charset' => 'utf-8',
|
||||||
|
//'headerCharset' => 'utf-8',
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -6,30 +6,35 @@
|
||||||
* Routes are very important mechanism that allows you to freely connect
|
* Routes are very important mechanism that allows you to freely connect
|
||||||
* different urls to chosen controllers and their actions (functions).
|
* different urls to chosen controllers and their actions (functions).
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP 5
|
||||||
*
|
*
|
||||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
* Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
*
|
*
|
||||||
* Licensed under The MIT License
|
* Licensed under The MIT License
|
||||||
* Redistributions of files must retain the above copyright notice.
|
* Redistributions of files must retain the above copyright notice.
|
||||||
*
|
*
|
||||||
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
* @link http://cakephp.org CakePHP(tm) Project
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
* @package cake
|
* @package app.Config
|
||||||
* @subpackage cake.app.config
|
|
||||||
* @since CakePHP(tm) v 0.2.9
|
* @since CakePHP(tm) v 0.2.9
|
||||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
*/
|
*/
|
||||||
/**
|
/**
|
||||||
* Here, we are connecting '/' (base path) to controller called 'Pages',
|
* Here, we are connecting '/' (base path) to controller called 'Pages',
|
||||||
* its action called 'display', and we pass a param to select the view file
|
* its action called 'display', and we pass a param to select the view file
|
||||||
* to use (in this case, /app/views/pages/home.ctp)...
|
* to use (in this case, /app/View/Pages/home.ctp)...
|
||||||
*/
|
*/
|
||||||
// Router::connect('/', array('controller' => 'pages', 'action' => 'display', 'home'));
|
Router::connect('/', array('controller' => 'events', 'action' => 'index'));
|
||||||
/**
|
|
||||||
* ...and connect the rest of 'Pages' controller's urls.
|
|
||||||
*/
|
|
||||||
// Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display'));
|
|
||||||
|
|
||||||
Router::connect('/', array('controller' => 'events', 'action' => 'index'));
|
/**
|
||||||
|
* Load all plugin routes. See the CakePlugin documentation on
|
||||||
|
* how to customize the loading of plugin routes.
|
||||||
|
*/
|
||||||
|
CakePlugin::routes();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Load the CakePHP default routes. Remove this if you do not want to use
|
||||||
|
* the built-in default routes.
|
||||||
|
*/
|
||||||
|
require CAKE . 'Config' . DS . 'routes.php';
|
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* AppShell file
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @since CakePHP(tm) v 2.0
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
|
||||||
|
App::uses('Shell', 'Console');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application Shell
|
||||||
|
*
|
||||||
|
* Add your application-wide methods in the class below, your shells
|
||||||
|
* will inherit them.
|
||||||
|
*
|
||||||
|
* @package app.Console.Command
|
||||||
|
*/
|
||||||
|
class AppShell extends Shell {
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,33 @@
|
||||||
|
#!/bin/bash
|
||||||
|
################################################################################
|
||||||
|
#
|
||||||
|
# Bake is a shell script for running CakePHP bake script
|
||||||
|
# PHP 5
|
||||||
|
#
|
||||||
|
# CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
# Copyright 2005-2011, Cake Software Foundation, Inc.
|
||||||
|
#
|
||||||
|
# Licensed under The MIT License
|
||||||
|
# Redistributions of files must retain the above copyright notice.
|
||||||
|
#
|
||||||
|
# @copyright Copyright 2005-2011, Cake Software Foundation, Inc.
|
||||||
|
# @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
# @package app.Console
|
||||||
|
# @since CakePHP(tm) v 2.0
|
||||||
|
# @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
#
|
||||||
|
################################################################################
|
||||||
|
LIB=$(cd -P -- "$(dirname -- "$0")" && pwd -P) && LIB=$LIB/$(basename -- "$0")
|
||||||
|
|
||||||
|
while [ -h "$LIB" ]; do
|
||||||
|
DIR=$(dirname -- "$LIB")
|
||||||
|
SYM=$(readlink "$LIB")
|
||||||
|
LIB=$(cd "$DIR" && cd $(dirname -- "$SYM") && pwd)/$(basename -- "$SYM")
|
||||||
|
done
|
||||||
|
|
||||||
|
LIB=$(dirname -- "$LIB")/
|
||||||
|
APP=`pwd`
|
||||||
|
|
||||||
|
exec php -q "$LIB"cake.php -working "$APP" "$@"
|
||||||
|
|
||||||
|
exit;
|
|
@ -0,0 +1,32 @@
|
||||||
|
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
|
||||||
|
::
|
||||||
|
:: Bake is a shell script for running CakePHP bake script
|
||||||
|
:: PHP 5
|
||||||
|
::
|
||||||
|
:: CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
:: Copyright 2005-2011, Cake Software Foundation, Inc.
|
||||||
|
::
|
||||||
|
:: Licensed under The MIT License
|
||||||
|
:: Redistributions of files must retain the above copyright notice.
|
||||||
|
::
|
||||||
|
:: @copyright Copyright 2005-2011, Cake Software Foundation, Inc.
|
||||||
|
:: @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
:: @package app.Console
|
||||||
|
:: @since CakePHP(tm) v 2.0
|
||||||
|
:: @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
::
|
||||||
|
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
|
||||||
|
|
||||||
|
:: In order for this script to work as intended, the cake\console\ folder must be in your PATH
|
||||||
|
|
||||||
|
@echo.
|
||||||
|
@echo off
|
||||||
|
|
||||||
|
SET app=%0
|
||||||
|
SET lib=%~dp0
|
||||||
|
|
||||||
|
php -q "%lib%cake.php" -working "%CD% " %*
|
||||||
|
|
||||||
|
echo.
|
||||||
|
|
||||||
|
exit /B %ERRORLEVEL%
|
|
@ -0,0 +1,33 @@
|
||||||
|
#!/usr/bin/php -q
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Command-line code generation utility to automate programmer chores.
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc.
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package app.Console
|
||||||
|
* @since CakePHP(tm) v 2.0
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
$ds = DIRECTORY_SEPARATOR;
|
||||||
|
$dispatcher = 'Cake' . $ds . 'Console' . $ds . 'ShellDispatcher.php';
|
||||||
|
|
||||||
|
if (function_exists('ini_set')) {
|
||||||
|
$root = dirname(dirname(dirname(__FILE__)));
|
||||||
|
ini_set('include_path', $root . $ds. 'lib' . PATH_SEPARATOR . ini_get('include_path'));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!include($dispatcher)) {
|
||||||
|
trigger_error('Could not locate CakePHP core files.', E_USER_ERROR);
|
||||||
|
}
|
||||||
|
unset($paths, $path, $dispatcher, $root, $ds);
|
||||||
|
|
||||||
|
return ShellDispatcher::run($argv);
|
|
@ -0,0 +1,107 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Application level Controller
|
||||||
|
*
|
||||||
|
* This file is application-wide controller file. You can put all
|
||||||
|
* application-wide controller-related methods here.
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package app.Controller
|
||||||
|
* @since CakePHP(tm) v 0.2.9
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
|
||||||
|
App::uses('Controller', 'Controller');
|
||||||
|
App::uses('Sanitize', 'Utility');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application Controller
|
||||||
|
*
|
||||||
|
* Add your application-wide methods in the class below, your controllers
|
||||||
|
* will inherit them.
|
||||||
|
*
|
||||||
|
* @package app.Controller
|
||||||
|
* @link http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
|
||||||
|
*/
|
||||||
|
class AppController extends Controller {
|
||||||
|
|
||||||
|
public $components = array(
|
||||||
|
'Session',
|
||||||
|
'Auth' => array(
|
||||||
|
'authenticate' => array(
|
||||||
|
'Form' => array(
|
||||||
|
'fields' => array('username' => 'email')
|
||||||
|
)
|
||||||
|
),
|
||||||
|
'loginRedirect' => array('controller' => 'users', 'action' => 'routeafterlogin'),
|
||||||
|
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
|
||||||
|
'authorize' => array('Controller') // Added this line
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
|
public function isAuthorized($user) {
|
||||||
|
if (isset($user['org']) && $user['org'] === 'admin') {
|
||||||
|
return true; // admin can access every action
|
||||||
|
}
|
||||||
|
elseif ($this->Auth->loggedIn()) {
|
||||||
|
return true; // logged users
|
||||||
|
}
|
||||||
|
return false; // The rest don't
|
||||||
|
}
|
||||||
|
|
||||||
|
function beforeFilter() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Convert an array to the same array but with the values also as index instead of an interface_exists
|
||||||
|
*/
|
||||||
|
function _arrayToValuesIndexArray($old_array) {
|
||||||
|
$new_array = Array();
|
||||||
|
foreach ($old_array as $value)
|
||||||
|
$new_array[$value] = $value;
|
||||||
|
return $new_array;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* checks if the currently logged user is an administrator
|
||||||
|
*/
|
||||||
|
public function _isAdmin() {
|
||||||
|
$user = $this->Auth->user();
|
||||||
|
if (isset($user['org']) && $user['org'] === 'admin') {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Refreshes the Auth session with new/updated data
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
function _refreshAuth() {
|
||||||
|
if (isset($this->User)) {
|
||||||
|
$user = $this->User->read(false, $this->Auth->user('id'));
|
||||||
|
} else {
|
||||||
|
$user= ClassRegistry::init('User')->findById($this->Auth->user('id'));
|
||||||
|
}
|
||||||
|
$this->Auth->login($user['User']);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,808 @@
|
||||||
|
<?php
|
||||||
|
App::uses('AppController', 'Controller');
|
||||||
|
App::uses('Xml', 'Utility');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Events Controller
|
||||||
|
*
|
||||||
|
* @property Event $Event
|
||||||
|
*/
|
||||||
|
class EventsController extends AppController {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Components
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
|
||||||
|
public $components = array('Security', 'Email');
|
||||||
|
public $paginate = array(
|
||||||
|
'limit' => 50,
|
||||||
|
'order' => array(
|
||||||
|
'Event.date' => 'DESC'
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
|
function beforeFilter() {
|
||||||
|
|
||||||
|
$this->Auth->allow('xml');
|
||||||
|
$this->Auth->allow('nids');
|
||||||
|
$this->Auth->allow('text');
|
||||||
|
|
||||||
|
// These variables are required for every view
|
||||||
|
$this->set('me', $this->Auth->user());
|
||||||
|
$this->set('isAdmin', $this->_isAdmin());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* index method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
function index() {
|
||||||
|
// list the events
|
||||||
|
$this->Event->recursive = 0;
|
||||||
|
$this->set('events', $this->paginate());
|
||||||
|
|
||||||
|
if (!$this->Auth->user('gpgkey')) {
|
||||||
|
$this->Session->setFlash('No GPG key set in your profile. To receive emails, submit your public key in your profile.');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* view method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function view($id = null) {
|
||||||
|
$this->Event->id = $id;
|
||||||
|
if (!$this->Event->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid event'));
|
||||||
|
}
|
||||||
|
$this->set('event', $this->Event->read(null, $id));
|
||||||
|
$this->set('relatedEvents', $this->Event->getRelatedEvents());
|
||||||
|
|
||||||
|
$related_signatures = array();
|
||||||
|
$this->loadModel('Signature');
|
||||||
|
foreach ($this->Event->data['Signature'] as $signature) {
|
||||||
|
$related_signatures[$signature['id']] = $this->Signature->getRelatedSignatures($signature);
|
||||||
|
}
|
||||||
|
$this->set('relatedSignatures', $related_signatures);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* add method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function add() {
|
||||||
|
if ($this->request->is('post')) {
|
||||||
|
// force check userid and orgname to be from yourself
|
||||||
|
$this->request->data['Event']['user_id'] = $this->Auth->user('id');
|
||||||
|
$this->request->data['Event']['org'] = $this->Auth->user('org');
|
||||||
|
$this->Event->create();
|
||||||
|
if ($this->Event->save($this->request->data)) {
|
||||||
|
$this->Session->setFlash(__('The event has been saved'));
|
||||||
|
$this->redirect(array('action' => 'view', $this->Event->getId()));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('The event could not be saved. Please, try again.'), 'default', array(), 'error');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// combobox for risks
|
||||||
|
$risks = $this->Event->validate['risk']['rule'][1];
|
||||||
|
$risks = $this->_arrayToValuesIndexArray($risks);
|
||||||
|
$this->set('risks',compact('risks'));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* edit method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function edit($id = null) {
|
||||||
|
$this->Event->id = $id;
|
||||||
|
if (!$this->Event->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid event'));
|
||||||
|
}
|
||||||
|
// only edit own events
|
||||||
|
$old_event = $this->Event->read(null, $id);
|
||||||
|
if (!$this->_isAdmin() && $this->Auth->user('org') != $old_event['Event']['org']) {
|
||||||
|
throw new UnauthorizedException('You are only allowed to edit events of your own organisation.');
|
||||||
|
}
|
||||||
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
|
// always force the user and org, but do not force it for admins
|
||||||
|
if (!$this->_isAdmin()) {
|
||||||
|
$this->request->data['Event']['user_id'] = $this->Auth->user('id');
|
||||||
|
$this->request->data['Event']['org'] = $this->Auth->user('org');
|
||||||
|
} else {
|
||||||
|
$this->request->data['Event']['user_id'] = $old_event['Event']['id'];
|
||||||
|
$this->request->data['Event']['org'] = $old_event['Event']['org'];
|
||||||
|
}
|
||||||
|
// we probably also want to remove the alerted flag
|
||||||
|
$this->request->data['Event']['alerted'] = 0;
|
||||||
|
|
||||||
|
// say what fields are to be updated
|
||||||
|
$fieldList=array('user_id', 'org', 'date', 'risk', 'info', 'alerted');
|
||||||
|
if ($this->Event->save($this->request->data, true, $fieldList)) {
|
||||||
|
$this->Session->setFlash(__('The event has been saved'));
|
||||||
|
$this->redirect(array('action' => 'view', $id));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('The event could not be saved. Please, try again.'));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$this->request->data = $this->Event->read(null, $id);
|
||||||
|
}
|
||||||
|
|
||||||
|
// combobox for types
|
||||||
|
$risks = $this->Event->validate['risk']['rule'][1];
|
||||||
|
$risks = $this->_arrayToValuesIndexArray($risks);
|
||||||
|
$this->set('risks',compact('risks'));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* delete method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function delete($id = null) {
|
||||||
|
if (!$this->request->is('post')) {
|
||||||
|
throw new MethodNotAllowedException();
|
||||||
|
}
|
||||||
|
$this->Event->id = $id;
|
||||||
|
if (!$this->Event->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid event'));
|
||||||
|
}
|
||||||
|
// only edit own events
|
||||||
|
$this->Event->read();
|
||||||
|
if (!$this->_isAdmin() && $this->Auth->user('org') != $this->Event->data['Event']['org']) {
|
||||||
|
throw new UnauthorizedException('You are only allowed to edit your own events.');
|
||||||
|
}
|
||||||
|
if ($this->Event->delete()) {
|
||||||
|
$this->Session->setFlash(__('Event deleted'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
}
|
||||||
|
$this->Session->setFlash(__('Event was not deleted'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Send out an alert email to all the users that wanted to be notified.
|
||||||
|
* Users with a GPG key will get the mail encrypted, other users will get the mail unencrypted
|
||||||
|
*/
|
||||||
|
function alert($id = null) {
|
||||||
|
$this->Event->id = $id;
|
||||||
|
if (!$this->Event->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid event'));
|
||||||
|
}
|
||||||
|
|
||||||
|
// only allow form submit CSRF protection.
|
||||||
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
|
// only allow alert for own events or admins
|
||||||
|
$this->Event->id = $id;
|
||||||
|
$this->Event->read();
|
||||||
|
|
||||||
|
if (!$this->_isAdmin() && $this->Auth->user('org') != $this->Event->data['Event']['org']) {
|
||||||
|
throw new UnauthorizedException('You are only allowed to finish events of your own organisation.');
|
||||||
|
}
|
||||||
|
|
||||||
|
// fetch the event and build the body
|
||||||
|
if (1 == $this->Event->data['Event']['alerted']) {
|
||||||
|
$this->Session->setFlash(__('Everyone has already been alerted for this event. To alert again, first edit this event.', true), 'default', array(), 'error');
|
||||||
|
$this->redirect(array('action' => 'view', $id));
|
||||||
|
}
|
||||||
|
|
||||||
|
// The mail body, Sanitize::html() is NOT needed as we are sending plain-text mails.
|
||||||
|
$body = "";
|
||||||
|
$appendlen = 20;
|
||||||
|
$body .= 'URL : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$this->Event->data['Event']['id']."\n";
|
||||||
|
$body .= 'Event : '.$this->Event->data['Event']['id']."\n";
|
||||||
|
$body .= 'Date : '.$this->Event->data['Event']['date']."\n";
|
||||||
|
if ('true' == Configure::read('CyDefSIG.showorg')) {
|
||||||
|
$body .= 'Reported by : '.$this->Event->data['Event']['org']."\n";
|
||||||
|
}
|
||||||
|
$body .= 'Risk : '.$this->Event->data['Event']['risk']."\n";
|
||||||
|
$relatedEvents = $this->Event->getRelatedEvents($id);
|
||||||
|
if (!empty($relatedEvents)) {
|
||||||
|
foreach ($relatedEvents as $relatedEvent){
|
||||||
|
$body .= 'Related to : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$relatedEvent['Event']['id'].' ('.$relatedEvent['Event']['date'].')'."\n" ;
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$body .= 'Info : '."\n";
|
||||||
|
$body .= $this->Event->data['Event']['info']."\n";
|
||||||
|
$body .= "\n";
|
||||||
|
$body .= 'Signatures :'."\n";
|
||||||
|
$body_temp_other = "";
|
||||||
|
|
||||||
|
if (isset($this->Event->data['Signature'])) {
|
||||||
|
foreach ($this->Event->data['Signature'] as $signature){
|
||||||
|
$line = '- '.$signature['type'].str_repeat(' ', $appendlen - 2 - strlen( $signature['type'])).': '.$signature['value']."\n";
|
||||||
|
if ('other' == $signature['type']) // append the 'other' signature types to the bottom.
|
||||||
|
$body_temp_other .= $line;
|
||||||
|
else $body .= $line;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$body .= "\n";
|
||||||
|
$body .= $body_temp_other; // append the 'other' signature types to the bottom.
|
||||||
|
|
||||||
|
// sign the body
|
||||||
|
require_once 'Crypt/GPG.php';
|
||||||
|
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));
|
||||||
|
$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
|
||||||
|
$body_signed = $gpg->sign($body, Crypt_GPG::SIGN_MODE_CLEAR);
|
||||||
|
|
||||||
|
$this->loadModel('User');
|
||||||
|
|
||||||
|
//
|
||||||
|
// Build a list of the recipients that get a non-encrypted mail
|
||||||
|
// But only do this if it is allowed in the bootstrap.php file.
|
||||||
|
//
|
||||||
|
if ('false' == Configure::read('GnuPG.onlyencrypted')) {
|
||||||
|
$alert_users = $this->User->find('all', array(
|
||||||
|
'conditions' => array('User.autoalert' => 1,
|
||||||
|
'User.gpgkey =' => ""),
|
||||||
|
'recursive' => 0,
|
||||||
|
) );
|
||||||
|
$alert_emails = Array();
|
||||||
|
foreach ($alert_users as $user) {
|
||||||
|
$alert_emails[] = $user['User']['email'];
|
||||||
|
}
|
||||||
|
// prepare the the unencrypted email
|
||||||
|
$this->Email->from = Configure::read('CyDefSIG.email');
|
||||||
|
//$this->Email->to = "CyDefSIG <sig@cyber-defence.be>"; TODO check if it doesn't break things to not set a to , like being spammed away
|
||||||
|
$this->Email->bcc = $alert_emails;
|
||||||
|
$this->Email->subject = "[CyDefSIG] Event ".$id." - ".$this->Event->data['Event']['risk']." - TLP Amber";
|
||||||
|
$this->Email->template = 'body';
|
||||||
|
$this->Email->sendAs = 'text'; // both text or html
|
||||||
|
$this->set('body', $body_signed);
|
||||||
|
// send it
|
||||||
|
$this->Email->send();
|
||||||
|
// If you wish to send multiple emails using a loop, you'll need
|
||||||
|
// to reset the email fields using the reset method of the Email component.
|
||||||
|
$this->Email->reset();
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Build a list of the recipients that wish to receive encrypted mails.
|
||||||
|
//
|
||||||
|
$alert_users = $this->User->find('all', array(
|
||||||
|
'conditions' => array( 'User.autoalert' => 1,
|
||||||
|
'User.gpgkey !=' => ""),
|
||||||
|
'recursive' => 0,
|
||||||
|
)
|
||||||
|
);
|
||||||
|
// encrypt the mail for each user and send it separately
|
||||||
|
foreach ($alert_users as $user) {
|
||||||
|
// send the email
|
||||||
|
$this->Email->from = Configure::read('CyDefSIG.email');
|
||||||
|
$this->Email->to = $user['User']['email'];
|
||||||
|
$this->Email->subject = "[CyDefSIG] Event ".$id." - ".$this->Event->data['Event']['risk']." - TLP Amber";
|
||||||
|
$this->Email->template = 'body';
|
||||||
|
$this->Email->sendAs = 'text'; // both text or html
|
||||||
|
|
||||||
|
// import the key of the user into the keyring
|
||||||
|
// this is not really necessary, but it enables us to find
|
||||||
|
// the correct key-id even if it is not the same as the emailaddress
|
||||||
|
$key_import_output = $gpg->importKey($user['User']['gpgkey']);
|
||||||
|
// say what key should be used to encrypt
|
||||||
|
$gpg = new Crypt_GPG();
|
||||||
|
$gpg->addEncryptKey($key_import_output['fingerprint']); // use the key that was given in the import
|
||||||
|
|
||||||
|
$body_enc_sig = $gpg->encrypt($body_signed, true);
|
||||||
|
|
||||||
|
$this->set('body', $body_enc_sig);
|
||||||
|
$this->Email->send();
|
||||||
|
// If you wish to send multiple emails using a loop, you'll need
|
||||||
|
// to reset the email fields using the reset method of the Email component.
|
||||||
|
$this->Email->reset();
|
||||||
|
}
|
||||||
|
|
||||||
|
// update the DB to set the alerted flag
|
||||||
|
$this->Event->saveField('alerted', 1);
|
||||||
|
|
||||||
|
// redirect to the view event page
|
||||||
|
$this->Session->setFlash(__('Email sent to all participants.', true));
|
||||||
|
$this->redirect(array('action' => 'view', $id));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Send out an contact email to the person who posted the event.
|
||||||
|
* Users with a GPG key will get the mail encrypted, other users will get the mail unencrypted
|
||||||
|
* @todo allow the user to enter a comment in the contact email.
|
||||||
|
*/
|
||||||
|
public function contact($id = null) {
|
||||||
|
$this->Event->id = $id;
|
||||||
|
if (!$this->Event->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid event'));
|
||||||
|
}
|
||||||
|
|
||||||
|
// User has filled in his contact form, send out the email.
|
||||||
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
|
$message = $this->request->data['Event']['message'];
|
||||||
|
if ($this->_sendContactEmail($id, $message)) {
|
||||||
|
// redirect to the view event page
|
||||||
|
$this->Session->setFlash(__('Email sent to the reporter.', true));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('Sending of email failed', true), 'default', array(), 'error');
|
||||||
|
}
|
||||||
|
$this->redirect(array('action' => 'view', $id));
|
||||||
|
}
|
||||||
|
// User didn't see the contact form yet. Present it to him.
|
||||||
|
if (empty($this->data)) {
|
||||||
|
$this->data = $this->Event->read(null, $id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* Sends out an email with the request to be contacted about a specific event.
|
||||||
|
* @todo move _sendContactEmail($id, $message) to a better place. (components?)
|
||||||
|
*
|
||||||
|
* @param unknown_type $id The id of the event for wich you want to contact the person.
|
||||||
|
* @param unknown_type $message The custom message that will be appended to the email.
|
||||||
|
* @return True if success, False if error
|
||||||
|
*/
|
||||||
|
private function _sendContactEmail($id, $message) {
|
||||||
|
// fetch the event
|
||||||
|
$event = $this->Event->read(null, $id);
|
||||||
|
$reporter = $event['User']; // email, gpgkey
|
||||||
|
|
||||||
|
// The mail body, Sanitize::html() is NOT needed as we are sending plain-text mails.
|
||||||
|
$body = "";
|
||||||
|
$body .="Hello, \n";
|
||||||
|
$body .="\n";
|
||||||
|
$body .="Someone wants to get in touch with you concerning a CyDefSIG event. \n";
|
||||||
|
$body .="\n";
|
||||||
|
$body .="You can reach him at ".$this->Auth->user('email')."\n";
|
||||||
|
if (!$this->Auth->user('gpgkey'))
|
||||||
|
$body .="His GPG/PGP key is added as attachment to this email. \n";
|
||||||
|
$body .="\n";
|
||||||
|
$body .="He wrote the following message: \n";
|
||||||
|
$body .=$message."\n";
|
||||||
|
$body .="\n";
|
||||||
|
$body .="\n";
|
||||||
|
$body .="The event is the following: \n";
|
||||||
|
|
||||||
|
// print the event in mail-format
|
||||||
|
// LATER place event-to-email-layout in a function
|
||||||
|
$appendlen = 20;
|
||||||
|
$body .= 'URL : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$event['Event']['id']."\n";
|
||||||
|
$body .= 'Event : '.$event['Event']['id']."\n";
|
||||||
|
$body .= 'Date : '.$event['Event']['date']."\n";
|
||||||
|
if ('true' == Configure::read('CyDefSIG.showorg')) {
|
||||||
|
$body .= 'Reported by : '.$event['Event']['org']."\n";
|
||||||
|
}
|
||||||
|
$body .= 'Risk : '.$event['Event']['risk']."\n";
|
||||||
|
$relatedEvents = $this->Event->getRelatedEvents($id);
|
||||||
|
if (!empty($relatedEvents)) {
|
||||||
|
foreach ($relatedEvents as $relatedEvent){
|
||||||
|
$body .= 'Related to : '.Configure::read('CyDefSIG.baseurl').'/events/view/'.$relatedEvent['Event']['id'].' ('.$relatedEvent['Event']['date'].')'."\n" ;
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$body .= 'Info : '."\n";
|
||||||
|
$body .= $event['Event']['info']."\n";
|
||||||
|
$body .= "\n";
|
||||||
|
$body .= 'Signatures :'."\n";
|
||||||
|
$body_temp_other = "";
|
||||||
|
if (!empty($event['Signature'])) {
|
||||||
|
foreach ($event['Signature'] as $signature){
|
||||||
|
$line = '- '.$signature['type'].str_repeat(' ', $appendlen - 2 - strlen( $signature['type'])).': '.$signature['value']."\n";
|
||||||
|
if ('other' == $signature['type']) // append the 'other' signature types to the bottom.
|
||||||
|
$body_temp_other .= $line;
|
||||||
|
else $body .= $line;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$body .= "\n";
|
||||||
|
$body .= $body_temp_other; // append the 'other' signature types to the bottom.
|
||||||
|
|
||||||
|
// sign the body
|
||||||
|
require_once 'Crypt/GPG.php';
|
||||||
|
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));
|
||||||
|
$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
|
||||||
|
$body_signed = $gpg->sign($body, Crypt_GPG::SIGN_MODE_CLEAR);
|
||||||
|
|
||||||
|
if (!empty($reporter['gpgkey'])) {
|
||||||
|
// import the key of the user into the keyring
|
||||||
|
// this isn't really necessary, but it gives it the fingerprint necessary for the next step
|
||||||
|
$key_import_output = $gpg->importKey($reporter['gpgkey']);
|
||||||
|
// say what key should be used to encrypt
|
||||||
|
$gpg = new Crypt_GPG();
|
||||||
|
$gpg->addEncryptKey($key_import_output['fingerprint']); // use the key that was given in the import
|
||||||
|
|
||||||
|
$body_enc_sig = $gpg->encrypt($body_signed, true);
|
||||||
|
} else {
|
||||||
|
$body_enc_sig = $body_signed;
|
||||||
|
// FIXME should I allow sending unencrypted "contact" mails to people if they didn't import they GPG key?
|
||||||
|
}
|
||||||
|
|
||||||
|
// prepare the email
|
||||||
|
$this->Email->from = Configure::read('CyDefSIG.email');
|
||||||
|
$this->Email->to = $reporter['email'];
|
||||||
|
$this->Email->subject = "[CyDefSIG] Need info about event ".$id." - TLP Amber";
|
||||||
|
//$this->Email->delivery = 'debug'; // do not really send out mails, only display it on the screen
|
||||||
|
$this->Email->template = 'body';
|
||||||
|
$this->Email->sendAs = 'text'; // both text or html
|
||||||
|
$this->set('body', $body_enc_sig);
|
||||||
|
|
||||||
|
// Add the GPG key of the user as attachment
|
||||||
|
// LATER sign the attached GPG key
|
||||||
|
if (!empty($me_user['gpgkey'])) {
|
||||||
|
// save the gpg key to a temporary file
|
||||||
|
$tmpfname = tempnam(TMP, "GPGkey");
|
||||||
|
$handle = fopen($tmpfname, "w");
|
||||||
|
fwrite($handle, $me_user['gpgkey']);
|
||||||
|
fclose($handle);
|
||||||
|
// attach it
|
||||||
|
$this->Email->attachments = array(
|
||||||
|
'gpgkey.asc' => $tmpfname
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
// send it
|
||||||
|
$result = $this->Email->send();
|
||||||
|
|
||||||
|
// remove the temporary gpg file
|
||||||
|
if (!empty($me_user['gpgkey']))
|
||||||
|
unlink($tmpfname);
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function export() {
|
||||||
|
// Simply display a static view
|
||||||
|
|
||||||
|
// generate the list of signature types
|
||||||
|
$this->loadModel('Signature');
|
||||||
|
$this->set('sig_types', $this->Signature->validate['type']['rule'][1]);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function xml($key) {
|
||||||
|
// FIXME implement XML output
|
||||||
|
// check if the key is valid -> search for users based on key
|
||||||
|
$this->loadModel('User');
|
||||||
|
// no input sanitization necessary, it's done by model
|
||||||
|
$user = $this->User->findByAuthkey($key);
|
||||||
|
if (empty($user)) {
|
||||||
|
throw new UnauthorizedException('Incorrect authentication key');
|
||||||
|
}
|
||||||
|
// display the full xml
|
||||||
|
$this->header('Content-Type: text/xml'); // set the content type
|
||||||
|
$this->layout = 'xml/default';
|
||||||
|
// $this->header('Content-Disposition: attachment; filename="cydefsig.xml"');
|
||||||
|
|
||||||
|
$conditions = array("Event.alerted" => 1);
|
||||||
|
$fields = array('Event.id', 'Event.date', 'Event.risk', 'Event.info');
|
||||||
|
if ('true' == Configure::read('CyDefSIG.showorg')) {
|
||||||
|
$fields[] = 'Event.org';
|
||||||
|
}
|
||||||
|
// $this->Event->Behaviors->attach('Containable');
|
||||||
|
// $contain = array('Signature.id', 'Signature.type', 'Signature.value', 'Signature.to_snort');
|
||||||
|
$params = array('conditions' => $conditions,
|
||||||
|
'recursive' => 1,
|
||||||
|
'fields' => $fields,
|
||||||
|
// 'contain' => $contain
|
||||||
|
);
|
||||||
|
$results = $this->Event->find('all', $params);
|
||||||
|
|
||||||
|
|
||||||
|
/* $xml = Xml::build('<?xml version="1.0" encoding="UTF-8" ?><CyDefSIG></CyDefSIG>'); */
|
||||||
|
|
||||||
|
$myXmlOriginal = '<?xml version="1.0"?><root><child>value</child></root>';
|
||||||
|
$xml = Xml::build($myXmlOriginal);
|
||||||
|
$xml->root->addChild('young', 'new value');
|
||||||
|
|
||||||
|
// foreach ($results as $result) {
|
||||||
|
// debug($result);
|
||||||
|
// $xml->CyDefSIG->addChild('f', 'b');
|
||||||
|
// debug($xml);
|
||||||
|
// }
|
||||||
|
// debug($results);
|
||||||
|
// $xml= Xml::fromArray(array('event' =>$results), array('format' => 'tags', 'return' => 'domdocument'));
|
||||||
|
// debug($xml->saveXML());
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function nids($key) {
|
||||||
|
// check if the key is valid -> search for users based on key
|
||||||
|
$this->loadModel('User');
|
||||||
|
// no input sanitization necessary, it's done by model
|
||||||
|
$user = $this->User->findByAuthkey($key);
|
||||||
|
if (empty($user)) {
|
||||||
|
throw new UnauthorizedException('Incorrect authentication key');
|
||||||
|
}
|
||||||
|
// display the full snort rulebase
|
||||||
|
$this->header('Content-Type: text/plain'); // set the content type
|
||||||
|
$this->header('Content-Disposition: attachment; filename="cydefsig.rules"');
|
||||||
|
$this->layout = 'text/default';
|
||||||
|
|
||||||
|
$rules= array();
|
||||||
|
|
||||||
|
// find events that are finished
|
||||||
|
$events = $this->Event->findAllByAlerted(1);
|
||||||
|
$classtype = 'targeted-attack';
|
||||||
|
|
||||||
|
foreach ($events as $event) {
|
||||||
|
# proto src_ip src_port direction dst_ip dst_port msg rule_content tag sid rev
|
||||||
|
$rule_format_msg = 'msg: "CyDefSIG %s, Event '.$event['Event']['id'].', '.$event['Event']['risk'].'"';
|
||||||
|
$rule_format_reference = 'reference:url,'.Configure::read('CyDefSIG.baseurl').'/events/view/'.$event['Event']['id'];
|
||||||
|
$rule_format = 'alert %s %s %s %s %s %s ('.$rule_format_msg.'; %s %s classtype:'.$classtype.'; sid:%d; rev:%d; '.$rule_format_reference.';) ';
|
||||||
|
|
||||||
|
$sid = $user['User']['nids_sid']+($event['Event']['id']*100); // LATER this will cause issues with events containing more than 99 signatures
|
||||||
|
//debug($event);
|
||||||
|
foreach ($event['Signature'] as $signature) {
|
||||||
|
if (0 == $signature['to_ids']) continue; // signature is not to be exported to IDS. // LATER filter out to_ids=0 in the query
|
||||||
|
|
||||||
|
$sid++;
|
||||||
|
switch ($signature['type']) {
|
||||||
|
// LATER test all the snort signatures
|
||||||
|
// LATER add the tag keyword in the rules to capture network traffic
|
||||||
|
// LATER sanitize every $signature['value'] to not conflict with snort
|
||||||
|
case 'ip-dst':
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'ip', // proto
|
||||||
|
'$HOME_NET', // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'->', // direction
|
||||||
|
$signature['value'], // dst_ip
|
||||||
|
'any', // dst_port
|
||||||
|
'Outgoing To Bad IP', // msg
|
||||||
|
'', // rule_content
|
||||||
|
'', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
break;
|
||||||
|
case 'ip-src':
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'ip', // proto
|
||||||
|
$signature['value'], // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'->', // direction
|
||||||
|
'$HOME_NET', // dst_ip
|
||||||
|
'any', // dst_port
|
||||||
|
'Incoming From Bad IP', // msg
|
||||||
|
'', // rule_content
|
||||||
|
'', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
break;
|
||||||
|
case 'email-src':
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'tcp', // proto
|
||||||
|
'$EXTERNAL_NET', // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'<>', // direction
|
||||||
|
'$SMTP_SERVERS', // dst_ip
|
||||||
|
'25', // dst_port
|
||||||
|
'Bad Source Email Address', // msg
|
||||||
|
'flow:established,to_server; content:"MAIL FROM|3a|"; nocase; content:"'.$signature['value'].'"; nocase;', // rule_content
|
||||||
|
'tag:session,600,seconds;', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
break;
|
||||||
|
case 'email-dst':
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'tcp', // proto
|
||||||
|
'$EXTERNAL_NET', // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'<>', // direction
|
||||||
|
'$SMTP_SERVERS', // dst_ip
|
||||||
|
'25', // dst_port
|
||||||
|
'Bad Destination Email Address',// msg
|
||||||
|
'flow:established,to_server; content:"RCPT TO|3a|"; nocase; content:"'.$signature['value'].'"; nocase;', // rule_content
|
||||||
|
'tag:session,600,seconds;', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
break;
|
||||||
|
case 'email-subject':
|
||||||
|
// LATER email-subject rule might not match because of line-wrapping
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'tcp', // proto
|
||||||
|
'$EXTERNAL_NET', // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'<>', // direction
|
||||||
|
'$SMTP_SERVERS', // dst_ip
|
||||||
|
'25', // dst_port
|
||||||
|
'Bad Email Subject', // msg
|
||||||
|
'flow:established,to_server; content:"Subject|3a|"; nocase; content:"'.$signature['value'].'"; nocase;', // rule_content
|
||||||
|
'tag:session,600,seconds;', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
break;
|
||||||
|
case 'email-attachment':
|
||||||
|
// LATER email-attachment rule might not match because of line-wrapping
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'tcp', // proto
|
||||||
|
'$EXTERNAL_NET', // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'<>', // direction
|
||||||
|
'$SMTP_SERVERS', // dst_ip
|
||||||
|
'25', // dst_port
|
||||||
|
'Bad Email Attachment', // msg
|
||||||
|
'flow:established,to_server; content:"Content-Disposition: attachment|3b| filename=|22|"; content:"'.$signature['value'].'|22|";', // rule_content // LATER test and finetune this snort rule https://secure.wikimedia.org/wikipedia/en/wiki/MIME#Content-Disposition
|
||||||
|
'tag:session,600,seconds;', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
break;
|
||||||
|
case 'domain':
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'udp', // proto
|
||||||
|
'any', // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'->', // direction
|
||||||
|
'any', // dst_ip
|
||||||
|
'53', // dst_port
|
||||||
|
'Lookup Of Bad Domain', // msg
|
||||||
|
'content:"'.$this->_dnsNameToRawFormat($signature['value']).'"; nocase;', // rule_content
|
||||||
|
'', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
$sid++;
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'tcp', // proto
|
||||||
|
'any', // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'->', // direction
|
||||||
|
'any', // dst_ip
|
||||||
|
'53', // dst_port
|
||||||
|
'Lookup Of Bad Domain', // msg
|
||||||
|
'content:"'.$this->_dnsNameToRawFormat($signature['value']).'"; nocase;', // rule_content
|
||||||
|
'', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
$sid++;
|
||||||
|
//break; // domain should also detect the domain name in a url
|
||||||
|
case 'url':
|
||||||
|
$rules[] = sprintf($rule_format,
|
||||||
|
'tcp', // proto
|
||||||
|
'$HOME_NET', // src_ip
|
||||||
|
'any', // src_port
|
||||||
|
'->', // direction
|
||||||
|
'$EXTERNAL_NET', // dst_ip
|
||||||
|
'$HTTP_PORTS', // dst_port
|
||||||
|
'Outgoing Bad HTTP URL', // msg
|
||||||
|
'flow:to_server,established; uricontent:"'.$signature['value'].'"; nocase;', // rule_content
|
||||||
|
'tag:session,600,seconds;', // tag
|
||||||
|
$sid, // sid
|
||||||
|
1 // rev
|
||||||
|
);
|
||||||
|
break;
|
||||||
|
case 'user-agent':
|
||||||
|
$rules[] = "";
|
||||||
|
// TODO write snort user-agent rule
|
||||||
|
break;
|
||||||
|
case 'snort':
|
||||||
|
$tmp_rule = $signature['value'];
|
||||||
|
|
||||||
|
// rebuild the rule by overwriting the different keywords using preg_replace()
|
||||||
|
// sid - '/sid\s*:\s*[0-9]+\s*;/'
|
||||||
|
// rev - '/rev\s*:\s*[0-9]+\s*;/'
|
||||||
|
// classtype - '/classtype:[a-zA-Z_-]+;/'
|
||||||
|
// msg - '/msg\s*:\s*".*"\s*;/'
|
||||||
|
// reference - '/reference\s*:\s*.+;/'
|
||||||
|
$replace_count=array();
|
||||||
|
$tmp_rule = preg_replace('/sid\s*:\s*[0-9]+\s*;/', 'sid:'.$sid.';', $tmp_rule, -1, $replace_count['sid']);
|
||||||
|
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||||
|
$tmp_rule = preg_replace('/rev\s*:\s*[0-9]+\s*;/', 'rev:1;', $tmp_rule, -1, $replace_count['rev']);
|
||||||
|
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||||
|
$tmp_rule = preg_replace('/classtype:[a-zA-Z_-]+;/', 'classtype:'.$classtype.';', $tmp_rule, -1, $replace_count['classtype']);
|
||||||
|
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||||
|
$tmp_message = sprintf($rule_format_msg, 'snort-rule');
|
||||||
|
$tmp_rule = preg_replace('/msg\s*:\s*".*"\s*;/', $tmp_message.';', $tmp_rule, -1, $replace_count['msg']);
|
||||||
|
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||||
|
$tmp_rule = preg_replace('/reference\s*:\s*.+;/', $rule_format_reference.';', $tmp_rule, -1, $replace_count['reference']);
|
||||||
|
if (null == $tmp_rule ) break; // don't output the rule on error with the regex
|
||||||
|
|
||||||
|
// some values were not replaced, so we need to add them ourselves, and insert them in the rule
|
||||||
|
$extra_for_rule="";
|
||||||
|
if (0 == $replace_count['sid']) {
|
||||||
|
$extra_for_rule .= 'sid:'.$sid.';';
|
||||||
|
} if (0 == $replace_count['rev']) {
|
||||||
|
$extra_for_rule .= 'rev:1;';
|
||||||
|
} if (0 == $replace_count['classtype']) {
|
||||||
|
$extra_for_rule .= 'classtype:'.$classtype.';';
|
||||||
|
} if (0 == $replace_count['msg']) {
|
||||||
|
$extra_for_rule .= $tmp_message.';';
|
||||||
|
} if (0 == $replace_count['reference']) {
|
||||||
|
$extra_for_rule .= $rule_format_reference.';';
|
||||||
|
}
|
||||||
|
$tmp_rule = preg_replace('/;\s*\)/', '; '.$extra_for_rule.')', $tmp_rule);
|
||||||
|
|
||||||
|
// finally the rule is cleaned up and can be outputed
|
||||||
|
$rules[] = $tmp_rule;
|
||||||
|
|
||||||
|
// TODO test using lots of snort rules.
|
||||||
|
default:
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
print ("#<h1>This part is not finished and might be buggy. Please report any issues.</h1>\n");
|
||||||
|
|
||||||
|
print "#<pre> \n";
|
||||||
|
foreach ($rules as $rule)
|
||||||
|
print $rule."\n";
|
||||||
|
print "#</pre>\n";
|
||||||
|
|
||||||
|
$this->set('rules', $rules);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function text($key, $type="") {
|
||||||
|
// check if the key is valid -> search for users based on key
|
||||||
|
$this->loadModel('User');
|
||||||
|
// no input sanitization necessary, it's done by model
|
||||||
|
$user = $this->User->findByAuthkey($key);
|
||||||
|
if (empty($user)) {
|
||||||
|
throw new UnauthorizedException('Incorrect authentication key');
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->header('Content-Type: text/plain'); // set the content type
|
||||||
|
$this->layout = 'text/default';
|
||||||
|
|
||||||
|
$this->loadModel('Signature');
|
||||||
|
$params = array(
|
||||||
|
'conditions' => array('Signature.type' => $type), //array of conditions
|
||||||
|
'recursive' => 0, //int
|
||||||
|
'fields' => array('Signature.value'), //array of field names
|
||||||
|
'order' => array('Signature.value'), //string or array defining order
|
||||||
|
'group' => array('Signature.value'), //fields to GROUP BY
|
||||||
|
);
|
||||||
|
$signatures = $this->Signature->find('all', $params);
|
||||||
|
|
||||||
|
$this->set('signatures', $signatures);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* // LATER move _dnsNameToRawFormat($name) function to a better place
|
||||||
|
* Converts a DNS name to a raw format usable in NIDS like Snort.
|
||||||
|
* example: foobar.com becomes |06|foobar|03|com|00|
|
||||||
|
* @param string $name dns name to be converted
|
||||||
|
* @return string raw snort compatible format of the dns name
|
||||||
|
*/
|
||||||
|
private function _dnsNameToRawFormat($name) {
|
||||||
|
$rawName = "";
|
||||||
|
// explode using the dot
|
||||||
|
$explodedNames = explode('.', $name);
|
||||||
|
// for each part
|
||||||
|
foreach ($explodedNames as $explodedName) {
|
||||||
|
// count the lenght of the part, and add |length| before
|
||||||
|
$length = strlen($explodedName);
|
||||||
|
if ($length > 255) exit('ERROR: dns name is to long for RFC'); // LATER log correctly without dying
|
||||||
|
$hexLength = dechex($length);
|
||||||
|
if (1 == strlen($hexLength)) $hexLength = '0'.$hexLength;
|
||||||
|
$rawName .= '|'.$hexLength.'|'.$explodedName;
|
||||||
|
}
|
||||||
|
// put all together
|
||||||
|
$rawName .= '|00|';
|
||||||
|
// and append |00| to terminate the name
|
||||||
|
return $rawName;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,82 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Static content controller.
|
||||||
|
*
|
||||||
|
* This file will render views from views/pages/
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package app.Controller
|
||||||
|
* @since CakePHP(tm) v 0.2.9
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
|
||||||
|
App::uses('AppController', 'Controller');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Static content controller
|
||||||
|
*
|
||||||
|
* Override this controller by placing a copy in controllers directory of an application
|
||||||
|
*
|
||||||
|
* @package app.Controller
|
||||||
|
* @link http://book.cakephp.org/2.0/en/controllers/pages-controller.html
|
||||||
|
*/
|
||||||
|
class PagesController extends AppController {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Controller name
|
||||||
|
*
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
|
public $name = 'Pages';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default helper
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $helpers = array('Html', 'Session');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This controller does not use a model
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $uses = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Displays a view
|
||||||
|
*
|
||||||
|
* @param mixed What page to display
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function display() {
|
||||||
|
$path = func_get_args();
|
||||||
|
|
||||||
|
$count = count($path);
|
||||||
|
if (!$count) {
|
||||||
|
$this->redirect('/');
|
||||||
|
}
|
||||||
|
$page = $subpage = $title_for_layout = null;
|
||||||
|
|
||||||
|
if (!empty($path[0])) {
|
||||||
|
$page = $path[0];
|
||||||
|
}
|
||||||
|
if (!empty($path[1])) {
|
||||||
|
$subpage = $path[1];
|
||||||
|
}
|
||||||
|
if (!empty($path[$count - 1])) {
|
||||||
|
$title_for_layout = Inflector::humanize($path[$count - 1]);
|
||||||
|
}
|
||||||
|
$this->set(compact('page', 'subpage', 'title_for_layout'));
|
||||||
|
$this->render(implode('/', $path));
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,189 @@
|
||||||
|
<?php
|
||||||
|
App::uses('AppController', 'Controller');
|
||||||
|
/**
|
||||||
|
* Signatures Controller
|
||||||
|
*
|
||||||
|
* @property Signature $Signature
|
||||||
|
*/
|
||||||
|
class SignaturesController extends AppController {
|
||||||
|
|
||||||
|
public $components = array('Security');
|
||||||
|
|
||||||
|
function beforeFilter() {
|
||||||
|
// These variables are required for every view
|
||||||
|
$this->set('me', $this->Auth->user());
|
||||||
|
$this->set('isAdmin', $this->_isAdmin());
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* index method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function index() {
|
||||||
|
$this->Signature->recursive = 0;
|
||||||
|
$this->set('signatures', $this->paginate());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* add method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function add($event_id = null) {
|
||||||
|
if ($this->request->is('post')) {
|
||||||
|
$this->loadModel('Event');
|
||||||
|
// only own signatures
|
||||||
|
$this->Event->recursive = 0;
|
||||||
|
$event = $this->Event->findById($this->request->data['Signature']['event_id']);
|
||||||
|
if (!$this->_isAdmin() && $this->Auth->user('org') != $event['Event']['org']) {
|
||||||
|
throw new UnauthorizedException('You can only add signatures for your own organisation.');
|
||||||
|
}
|
||||||
|
|
||||||
|
// remove the alerted flag from the event
|
||||||
|
$this->Event->id = $this->request->data['Signature']['event_id'];
|
||||||
|
$this->Event->saveField('alerted', 0);
|
||||||
|
|
||||||
|
//
|
||||||
|
// multiple signatures in batch import
|
||||||
|
//
|
||||||
|
if ($this->data['Signature']['batch_import'] == 1) {
|
||||||
|
// make array from value field
|
||||||
|
$signatures = explode("\n", $this->request->data['Signature']['value']);
|
||||||
|
|
||||||
|
$fails = ""; // will be used to keep a list of the lines that failed or succeeded
|
||||||
|
$successes = "";
|
||||||
|
foreach ($signatures as $key => $signature) {
|
||||||
|
$signature = trim($signature);
|
||||||
|
if (strlen($signature) == 0 )
|
||||||
|
continue; // don't do anything for empty lines
|
||||||
|
|
||||||
|
$this->Signature->create();
|
||||||
|
$this->request->data['Signature']['value'] = $signature; // set the value as the content of the single line
|
||||||
|
|
||||||
|
if ($this->Signature->save($this->request->data)) {
|
||||||
|
$successes .= " ".($key+1);
|
||||||
|
} else {
|
||||||
|
$fails .= " ".($key+1);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
// we added all the signatures,
|
||||||
|
if ($fails) {
|
||||||
|
// list the ones that failed
|
||||||
|
$this->Session->setFlash(__('The lines'.$fails.' could not be saved. Please, try again.', true), 'default', array(), 'error');
|
||||||
|
}
|
||||||
|
if ($successes) {
|
||||||
|
// list the ones that succeeded
|
||||||
|
$this->Session->setFlash(__('The lines'.$successes.' have been saved', true));
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Signature']['event_id']));
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
else {
|
||||||
|
//
|
||||||
|
// single signature
|
||||||
|
//
|
||||||
|
// create the signature
|
||||||
|
$this->Signature->create();
|
||||||
|
if ($this->Signature->save($this->request->data)) {
|
||||||
|
// inform the user and redirect
|
||||||
|
$this->Session->setFlash(__('The signature has been saved'));
|
||||||
|
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Signature']['event_id']));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('The signature could not be saved. Please, try again.'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// set the event_id in the form
|
||||||
|
$this->request->data['Signature']['event_id'] = $event_id;
|
||||||
|
}
|
||||||
|
|
||||||
|
// combobox for types
|
||||||
|
$types = $this->Signature->validate['type']['rule'][1];
|
||||||
|
$types = $this->_arrayToValuesIndexArray($types);
|
||||||
|
$this->set('types',compact('types'));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* edit method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function edit($id = null) {
|
||||||
|
$this->Signature->id = $id;
|
||||||
|
if (!$this->Signature->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid signature'));
|
||||||
|
}
|
||||||
|
// only own signatures
|
||||||
|
$this->Signature->read();
|
||||||
|
if (!$this->_isAdmin() && $this->Auth->user('org') != $this->Signature->data['Event']['org']) {
|
||||||
|
throw new UnauthorizedException('You can only edit signatures from your own organisation.');
|
||||||
|
}
|
||||||
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
|
|
||||||
|
if ($this->Signature->save($this->request->data)) {
|
||||||
|
$this->Session->setFlash(__('The signature has been saved'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('The signature could not be saved. Please, try again.'));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$this->request->data = $this->Signature->read(null, $id);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* delete method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function delete($id = null) {
|
||||||
|
if (!$this->request->is('post')) {
|
||||||
|
throw new MethodNotAllowedException();
|
||||||
|
}
|
||||||
|
$this->Signature->id = $id;
|
||||||
|
if (!$this->Signature->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid signature'));
|
||||||
|
}
|
||||||
|
|
||||||
|
// only own signatures
|
||||||
|
$this->Signature->read();
|
||||||
|
if (!$this->_isAdmin() && $this->Auth->user('org') != $this->Signature->data['Event']['org']) {
|
||||||
|
throw new UnauthorizedException('You can only delete signatures from your own organisation.');
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->Signature->delete()) {
|
||||||
|
$this->Session->setFlash(__('Signature deleted'));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('Signature was not deleted'));
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->redirect($this->referer());
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
public function search() {
|
||||||
|
if ($this->request->is('post')) {
|
||||||
|
$keyword = $this->request->data['Signature']['keyword'];
|
||||||
|
|
||||||
|
// search the db
|
||||||
|
$this->Signature->recursive = 0;
|
||||||
|
$this->paginate = array(
|
||||||
|
'conditions' => array('Signature.value LIKE' => '%'.$keyword.'%'),
|
||||||
|
);
|
||||||
|
$this->set('signatures', $this->paginate());
|
||||||
|
|
||||||
|
// set the same view as the index page
|
||||||
|
$this->render('index');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,309 @@
|
||||||
|
<?php
|
||||||
|
App::uses('AppController', 'Controller');
|
||||||
|
/**
|
||||||
|
* Users Controller
|
||||||
|
*
|
||||||
|
* @property User $User
|
||||||
|
*/
|
||||||
|
class UsersController extends AppController {
|
||||||
|
|
||||||
|
|
||||||
|
public $components = array('Security');
|
||||||
|
|
||||||
|
function beforeFilter() {
|
||||||
|
parent::beforeFilter();
|
||||||
|
|
||||||
|
// what pages are allowed for everyone
|
||||||
|
$this->Auth->allow('login', 'logout');
|
||||||
|
|
||||||
|
// These variables are required for every view
|
||||||
|
$this->set('me', $this->Auth->user());
|
||||||
|
$this->set('isAdmin', $this->_isAdmin());
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* view method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function view($id = null) {
|
||||||
|
if ("me" == $id) $id = $this->Auth->user('id');
|
||||||
|
$this->User->id = $id;
|
||||||
|
if (!$this->User->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid user'));
|
||||||
|
}
|
||||||
|
// Only own profile
|
||||||
|
if ($this->Auth->user('id') != $id) {
|
||||||
|
throw new ForbiddenException('You are not authorized to access this profile.');
|
||||||
|
}
|
||||||
|
$this->set('user', $this->User->read(null, $id));
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* edit method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function edit($id = null) {
|
||||||
|
if ("me" == $id) $id = $this->Auth->user('id');
|
||||||
|
$this->User->id = $id;
|
||||||
|
if (!$this->User->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid user'));
|
||||||
|
}
|
||||||
|
// Only own profile
|
||||||
|
if ($this->Auth->user('id') != $id) {
|
||||||
|
throw new ForbiddenException('You are not authorized to edit this profile.');
|
||||||
|
}
|
||||||
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
|
// What fields should be saved (allowed to be saved)
|
||||||
|
$fieldList=array('email', 'autoalert', 'gpgkey', 'nids_sid' );
|
||||||
|
if ("" != $this->data['User']['password'])
|
||||||
|
$fieldList[] = 'password';
|
||||||
|
// Save the data
|
||||||
|
if ($this->User->save($this->request->data, true ,$fieldList)) {
|
||||||
|
$this->Session->setFlash(__('The profile has been updated'));
|
||||||
|
$this->redirect(array('action' => 'view', $id));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('The profile could not be updated. Please, try again.'));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$this->User->recursive=0;
|
||||||
|
$this->User->read(null, $id);
|
||||||
|
$this->User->set('password', '');
|
||||||
|
$this->request->data = $this->User->data;
|
||||||
|
}
|
||||||
|
$this->request->data['User']['org']=$this->Auth->user('org');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* delete method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function delete($id = null) {
|
||||||
|
if ("me" == $id) $id = $this->Auth->user('id');
|
||||||
|
if (!$this->request->is('post')) {
|
||||||
|
throw new MethodNotAllowedException();
|
||||||
|
}
|
||||||
|
$this->User->id = $id;
|
||||||
|
if (!$this->User->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid user'));
|
||||||
|
}
|
||||||
|
// Only own profile
|
||||||
|
if ($this->Auth->user('id') != $id) {
|
||||||
|
throw new ForbiddenException('You are not authorized to delete this profile.');
|
||||||
|
}
|
||||||
|
if ($this->User->delete()) {
|
||||||
|
$this->Session->setFlash(__('User deleted'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
}
|
||||||
|
$this->Session->setFlash(__('User was not deleted'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* admin_index method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function admin_index() {
|
||||||
|
$this->User->recursive = 0;
|
||||||
|
$this->set('users', $this->paginate());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* admin_view method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function admin_view($id = null) {
|
||||||
|
$this->User->id = $id;
|
||||||
|
if (!$this->User->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid user'));
|
||||||
|
}
|
||||||
|
$this->set('user', $this->User->read(null, $id));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* admin_add method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function admin_add() {
|
||||||
|
if ($this->request->is('post')) {
|
||||||
|
$this->User->create();
|
||||||
|
if ($this->User->save($this->request->data)) {
|
||||||
|
$this->Session->setFlash(__('The user has been saved'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* admin_edit method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function admin_edit($id = null) {
|
||||||
|
$this->User->id = $id;
|
||||||
|
if (!$this->User->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid user'));
|
||||||
|
}
|
||||||
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
|
if ($this->User->save($this->request->data)) {
|
||||||
|
$this->Session->setFlash(__('The user has been saved'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$this->request->data = $this->User->read(null, $id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* admin_delete method
|
||||||
|
*
|
||||||
|
* @param string $id
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function admin_delete($id = null) {
|
||||||
|
if (!$this->request->is('post')) {
|
||||||
|
throw new MethodNotAllowedException();
|
||||||
|
}
|
||||||
|
$this->User->id = $id;
|
||||||
|
if (!$this->User->exists()) {
|
||||||
|
throw new NotFoundException(__('Invalid user'));
|
||||||
|
}
|
||||||
|
if ($this->User->delete()) {
|
||||||
|
$this->Session->setFlash(__('User deleted'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
}
|
||||||
|
$this->Session->setFlash(__('User was not deleted'));
|
||||||
|
$this->redirect(array('action' => 'index'));
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function login() {
|
||||||
|
// FIXME implement authentication brute-force protection
|
||||||
|
if ($this->Auth->login()) {
|
||||||
|
$this->redirect($this->Auth->redirect());
|
||||||
|
} else {
|
||||||
|
$this->Session->setFlash(__('Invalid username or password, try again'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function routeafterlogin() {
|
||||||
|
// Terms and Conditions Page
|
||||||
|
if (!$this->Auth->user('termsaccepted')) {
|
||||||
|
$this->redirect(array('action' => 'terms'));
|
||||||
|
}
|
||||||
|
|
||||||
|
// News page
|
||||||
|
$new_newsdate = new DateTime("2012-03-15");
|
||||||
|
$newsdate = new DateTime($this->Auth->user('newsread'));
|
||||||
|
if ($new_newsdate > $newsdate) {
|
||||||
|
$this->redirect(array('action' => 'news'));
|
||||||
|
}
|
||||||
|
|
||||||
|
// Events list
|
||||||
|
$this->redirect(array('controller' => 'events', 'action' => 'index'));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function logout() {
|
||||||
|
$this->Session->setFlash('Good-Bye');
|
||||||
|
$this->redirect($this->Auth->logout());
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public function resetauthkey($id = null) {
|
||||||
|
if (!$id) {
|
||||||
|
$this->Session->setFlash(__('Invalid id for user', true), 'default', array(), 'error');
|
||||||
|
$this->redirect(array('action'=>'index'));
|
||||||
|
}
|
||||||
|
if ('me' == $id ) $id = $this->Auth->user('id');
|
||||||
|
|
||||||
|
// only allow reset key for own account, except for admins
|
||||||
|
if (!$this->_isAdmin() && $id != $this->Auth->user('id')) {
|
||||||
|
throw new ForbiddenException('Not authorized to reset the key for this user');
|
||||||
|
}
|
||||||
|
|
||||||
|
// reset the key
|
||||||
|
$this->User->id = $id;
|
||||||
|
$newkey = $this->User->generateAuthKey();
|
||||||
|
$this->User->saveField('authkey', $newkey);
|
||||||
|
$this->Session->setFlash(__('New authkey generated.', true));
|
||||||
|
$this->redirect($this->referer());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function memberslist() {
|
||||||
|
$this->loadModel('Signature');
|
||||||
|
$this->loadModel('Event');
|
||||||
|
|
||||||
|
// Orglist
|
||||||
|
$fields = array('User.org', 'count(User.id) as `num_members`');
|
||||||
|
$params = array('recursive' => 0,
|
||||||
|
'fields' => $fields,
|
||||||
|
'group' => array('User.org'),
|
||||||
|
'order' => array('User.org'),
|
||||||
|
);
|
||||||
|
$orgs = $this->User->find('all', $params);
|
||||||
|
$this->set('orgs', $orgs);
|
||||||
|
|
||||||
|
// $fields = array('User.org', 'count(User.id) as `num_members`', 'count(Event.id) as `num_events`');
|
||||||
|
// $params = array('recursive' => 0,
|
||||||
|
// 'fields' => $fields,
|
||||||
|
// 'group' => array('User.org'),
|
||||||
|
// 'order' => array('User.org'),
|
||||||
|
// );
|
||||||
|
// $orgs = $this->Event->find('all', $params);
|
||||||
|
// $this->set('orgs', $orgs);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
// What org posted what type of signature
|
||||||
|
// LATER beautify types_histogram
|
||||||
|
$this->loadModel('Signature');
|
||||||
|
$fields = array('Event.org', 'Signature.type', 'count(Signature.type) as `num_types`');
|
||||||
|
$params = array('recursive' => 0,
|
||||||
|
'fields' => $fields,
|
||||||
|
'group' => array('Signature.type', 'Event.org'),
|
||||||
|
'order' => array('Event.org', 'num_types DESC'),
|
||||||
|
);
|
||||||
|
$types_histogram = $this->Signature->find('all', $params);
|
||||||
|
$this->set('types_histogram', $types_histogram);
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public function terms() {
|
||||||
|
if ($this->request->is('post') || $this->request->is('put')) {
|
||||||
|
$this->User->id = $this->Auth->user('id');
|
||||||
|
$this->User->saveField('termsaccepted', true);
|
||||||
|
|
||||||
|
$this->_refreshAuth(); // refresh auth info
|
||||||
|
$this->Session->setFlash(__('You accepted the Terms and Conditions.'));
|
||||||
|
$this->redirect(array('action' => 'routeafterlogin'));
|
||||||
|
}
|
||||||
|
$this->set('termsaccepted', $this->Auth->user('termsaccepted'));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function news() {
|
||||||
|
$this->User->id = $this->Auth->user('id');
|
||||||
|
$this->User->saveField('newsread', date("Y-m-d"));
|
||||||
|
$this->_refreshAuth(); // refresh auth info
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,34 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Application model for Cake.
|
||||||
|
*
|
||||||
|
* This file is application-wide model file. You can put all
|
||||||
|
* application-wide model-related methods here.
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package app.Model
|
||||||
|
* @since CakePHP(tm) v 0.2.9
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
|
||||||
|
App::uses('Model', 'Model');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application model for Cake.
|
||||||
|
*
|
||||||
|
* Add your application-wide methods in the class below, your models
|
||||||
|
* will inherit them.
|
||||||
|
*
|
||||||
|
* @package app.Model
|
||||||
|
*/
|
||||||
|
class AppModel extends Model {
|
||||||
|
}
|
|
@ -0,0 +1,155 @@
|
||||||
|
<?php
|
||||||
|
App::uses('AppModel', 'Model');
|
||||||
|
/**
|
||||||
|
* Event Model
|
||||||
|
*
|
||||||
|
* @property User $User
|
||||||
|
* @property Signature $Signature
|
||||||
|
*/
|
||||||
|
class Event extends AppModel {
|
||||||
|
/**
|
||||||
|
* Display field
|
||||||
|
*
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
|
public $displayField = 'id';
|
||||||
|
/**
|
||||||
|
* Validation rules
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $validate = array(
|
||||||
|
'org' => array(
|
||||||
|
'notempty' => array(
|
||||||
|
'rule' => array('notempty'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'date' => array(
|
||||||
|
'date' => array(
|
||||||
|
'rule' => array('date'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
'required' => true,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'risk' => array(
|
||||||
|
'rule' => array('inList', array('Undefined', 'Low','Medium','High')),
|
||||||
|
'message' => 'Options : Undefined, Low, Medium, High',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
'required' => true,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
'info' => array(
|
||||||
|
'notempty' => array(
|
||||||
|
'rule' => array('notempty'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'user_id' => array(
|
||||||
|
'numeric' => array(
|
||||||
|
'rule' => array('numeric'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'alerted' => array(
|
||||||
|
'boolean' => array(
|
||||||
|
'rule' => array('boolean'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'uuid' => array(
|
||||||
|
'uuid' => array(
|
||||||
|
'rule' => array('uuid'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
//The Associations below have been created with all possible keys, those that are not needed can be removed
|
||||||
|
|
||||||
|
/**
|
||||||
|
* belongsTo associations
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $belongsTo = array(
|
||||||
|
'User' => array(
|
||||||
|
'className' => 'User',
|
||||||
|
'foreignKey' => 'user_id',
|
||||||
|
'conditions' => '',
|
||||||
|
'fields' => '',
|
||||||
|
'order' => ''
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* hasMany associations
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $hasMany = array(
|
||||||
|
'Signature' => array(
|
||||||
|
'className' => 'Signature',
|
||||||
|
'foreignKey' => 'event_id',
|
||||||
|
'dependent' => true, // cascade deletes
|
||||||
|
'conditions' => '',
|
||||||
|
'fields' => '',
|
||||||
|
'order' => 'Signature.type ASC',
|
||||||
|
'limit' => '',
|
||||||
|
'offset' => '',
|
||||||
|
'exclusive' => '',
|
||||||
|
'finderQuery' => '',
|
||||||
|
'counterQuery' => ''
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
function getRelatedEvents() {
|
||||||
|
// first get a list of related event_ids
|
||||||
|
// then do a single query to search for all the events with that id
|
||||||
|
$relatedEventIds = Array();
|
||||||
|
foreach ($this->data['Signature'] as $signature ) {
|
||||||
|
if ($signature['type'] == 'other')
|
||||||
|
continue; // sigs of type 'other' should not be matched against the others
|
||||||
|
$conditions = array('Signature.value =' => $signature['value'], 'Signature.type =' => $signature['type']);
|
||||||
|
$similar_signatures = $this->Signature->find('all',array('conditions' => $conditions));
|
||||||
|
foreach ($similar_signatures as $similar_signature) {
|
||||||
|
if ($this->id == $similar_signature['Signature']['event_id'])
|
||||||
|
continue; // same as this event, not needed in the list
|
||||||
|
$relatedEventIds[] = $similar_signature['Signature']['event_id'];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$conditions = array("Event.id" => $relatedEventIds);
|
||||||
|
$relatedEvents= $this->find('all',
|
||||||
|
array('conditions' => $conditions,
|
||||||
|
'recursive' => 0,
|
||||||
|
'order' => 'Event.date DESC',
|
||||||
|
'fields' => 'Event.*'
|
||||||
|
)
|
||||||
|
);
|
||||||
|
return $relatedEvents;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,249 @@
|
||||||
|
<?php
|
||||||
|
App::uses('AppModel', 'Model');
|
||||||
|
/**
|
||||||
|
* Signature Model
|
||||||
|
*
|
||||||
|
* @property Event $Event
|
||||||
|
*/
|
||||||
|
class Signature extends AppModel {
|
||||||
|
/**
|
||||||
|
* Display field
|
||||||
|
*
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
|
public $displayField = 'value';
|
||||||
|
|
||||||
|
var $order = array("Signature.event_id" => "DESC", "Signature.type" => "ASC");
|
||||||
|
/**
|
||||||
|
* Validation rules
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $validate = array(
|
||||||
|
'event_id' => array(
|
||||||
|
'numeric' => array(
|
||||||
|
'rule' => array('numeric'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'type' => array(
|
||||||
|
'rule' => array('inList', array('md5','sha1',
|
||||||
|
'filename',
|
||||||
|
'ip-src',
|
||||||
|
'ip-dst',
|
||||||
|
'domain',
|
||||||
|
'email-src',
|
||||||
|
'email-dst',
|
||||||
|
'email-subject',
|
||||||
|
'email-attachment',
|
||||||
|
'url',
|
||||||
|
'user-agent',
|
||||||
|
'regkey',
|
||||||
|
'AS',
|
||||||
|
'snort',
|
||||||
|
'pattern-in-file',
|
||||||
|
'other')),
|
||||||
|
'message' => 'Options : md5, sha1, filename, ip, domain, email, url, regkey, AS, other, ...',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
'required' => true,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
|
||||||
|
),
|
||||||
|
'value' => array(
|
||||||
|
'notempty' => array(
|
||||||
|
'rule' => array('notempty'),
|
||||||
|
'message' => 'Please fill in this field',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
'userdefined' => array(
|
||||||
|
'rule' => array('validateSignatureValue'),
|
||||||
|
'message' => 'Value not in the right type/format. Please double check the value or select "other" for a type.',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => true,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'to_ids' => array(
|
||||||
|
'boolean' => array(
|
||||||
|
'rule' => array('boolean'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'uuid' => array(
|
||||||
|
'uuid' => array(
|
||||||
|
'rule' => array('uuid'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
//The Associations below have been created with all possible keys, those that are not needed can be removed
|
||||||
|
|
||||||
|
/**
|
||||||
|
* belongsTo associations
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $belongsTo = array(
|
||||||
|
'Event' => array(
|
||||||
|
'className' => 'Event',
|
||||||
|
'foreignKey' => 'event_id',
|
||||||
|
'conditions' => '',
|
||||||
|
'fields' => '',
|
||||||
|
'order' => ''
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
function validateSignatureValue ($fields) {
|
||||||
|
$value = $fields['value'];
|
||||||
|
$event_id = $this->data['Signature']['event_id'];
|
||||||
|
$type = $this->data['Signature']['type'];
|
||||||
|
|
||||||
|
// check if the signature already exists in the same event
|
||||||
|
$params = array('recursive' => 0,
|
||||||
|
'conditions' => array('Signature.event_id' => $event_id,
|
||||||
|
'Signature.type' => $type,
|
||||||
|
'Signature.value' => $value),
|
||||||
|
);
|
||||||
|
if (0 != $this->find('count', $params) )
|
||||||
|
return 'Signature already exists for this event.';
|
||||||
|
|
||||||
|
|
||||||
|
// check data validation
|
||||||
|
switch($this->data['Signature']['type']) {
|
||||||
|
case 'md5':
|
||||||
|
if (preg_match("#^[0-9a-f]{32}$#i", $value))
|
||||||
|
return true;
|
||||||
|
return 'Checksum has invalid lenght or format. Please double check the value or select "other" for a type.';
|
||||||
|
break;
|
||||||
|
case 'sha1':
|
||||||
|
if (preg_match("#^[0-9a-f]{40}$#i", $value))
|
||||||
|
return true;
|
||||||
|
return 'Checksum has invalid lenght or format. Please double check the value or select "other" for a type.';
|
||||||
|
break;
|
||||||
|
case 'filename':
|
||||||
|
// no newline
|
||||||
|
if (!preg_match("#\n#", $value))
|
||||||
|
return true;
|
||||||
|
break;
|
||||||
|
case 'ip-src':
|
||||||
|
$parts = explode("/", $value);
|
||||||
|
// [0] = the ip
|
||||||
|
// [1] = the network address
|
||||||
|
if (count($parts) <= 2 ) {
|
||||||
|
// ipv4 and ipv6 matching
|
||||||
|
if (filter_var($parts[0],FILTER_VALIDATE_IP)) {
|
||||||
|
// ip is validated, now check if we have a valid network mask
|
||||||
|
if (empty($parts[1]))
|
||||||
|
return true;
|
||||||
|
else if(is_numeric($parts[1]) && $parts[1] < 129)
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 'IP address has invalid format. Please double check the value or select "other" for a type.';
|
||||||
|
break;
|
||||||
|
case 'ip-dst':
|
||||||
|
$parts = explode("/", $value);
|
||||||
|
// [0] = the ip
|
||||||
|
// [1] = the network address
|
||||||
|
if (count($parts) <= 2 ) {
|
||||||
|
// ipv4 and ipv6 matching
|
||||||
|
if (filter_var($parts[0],FILTER_VALIDATE_IP)) {
|
||||||
|
// ip is validated, now check if we have a valid network mask
|
||||||
|
if (empty($parts[1]))
|
||||||
|
return true;
|
||||||
|
else if(is_numeric($parts[1]) && $parts[1] < 129)
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 'IP address has invalid format. Please double check the value or select "other" for a type.';
|
||||||
|
break;
|
||||||
|
case 'domain':
|
||||||
|
if(preg_match("#^[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
|
||||||
|
return true;
|
||||||
|
return 'Domain name has invalid format. Please double check the value or select "other" for a type.';
|
||||||
|
break;
|
||||||
|
case 'email-src':
|
||||||
|
// we don't use the native function to prevent issues with partial email addresses
|
||||||
|
if(preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
|
||||||
|
return true;
|
||||||
|
return 'Email address has invalid format. Please double check the value or select "other" for a type.';
|
||||||
|
break;
|
||||||
|
case 'email-dst':
|
||||||
|
// we don't use the native function to prevent issues with partial email addresses
|
||||||
|
if(preg_match("#^[A-Z0-9._%+-]*@[A-Z0-9.-]+\.[A-Z]{2,4}$#i", $value))
|
||||||
|
return true;
|
||||||
|
return 'Email address has invalid format. Please double check the value or select "other" for a type.';
|
||||||
|
break;
|
||||||
|
case 'email-subject':
|
||||||
|
// no newline
|
||||||
|
if (!preg_match("#\n#", $value))
|
||||||
|
return true;
|
||||||
|
break;
|
||||||
|
case 'email-attachment':
|
||||||
|
// no newline
|
||||||
|
if (!preg_match("#\n#", $value))
|
||||||
|
return true;
|
||||||
|
break;
|
||||||
|
case 'url':
|
||||||
|
// no newline
|
||||||
|
if (!preg_match("#\n#", $value))
|
||||||
|
return true;
|
||||||
|
break;
|
||||||
|
case 'user-agent':
|
||||||
|
// no newline
|
||||||
|
if (!preg_match("#\n#", $value))
|
||||||
|
return true;
|
||||||
|
break;
|
||||||
|
case 'regkey':
|
||||||
|
// no newline
|
||||||
|
if (!preg_match("#\n#", $value))
|
||||||
|
return true;
|
||||||
|
break;
|
||||||
|
case 'snort':
|
||||||
|
// no validation yet. TODO implement data validation on snort signature type
|
||||||
|
case 'other':
|
||||||
|
return true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
// default action is to return false
|
||||||
|
return true;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
function getRelatedSignatures($signature) {
|
||||||
|
// LATER getRelatedSignatures($signature) this might become a performance bottleneck
|
||||||
|
$conditions = array('Signature.value =' => $signature['value'],
|
||||||
|
'Signature.id !=' => $signature['id'],
|
||||||
|
'Signature.type =' => $signature['type'], );
|
||||||
|
// $fields = array('Event.*');
|
||||||
|
$fields = array('Signature.*');
|
||||||
|
|
||||||
|
$similar_events = $this->find('all',array('conditions' => $conditions,
|
||||||
|
'fields' => $fields,
|
||||||
|
'order' => 'Signature.event_id DESC', )
|
||||||
|
);
|
||||||
|
return $similar_events;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,244 @@
|
||||||
|
<?php
|
||||||
|
App::uses('AppModel', 'Model');
|
||||||
|
App::uses('AuthComponent', 'Controller/Component');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User Model
|
||||||
|
*
|
||||||
|
* @property Group $Group
|
||||||
|
* @property Event $Event
|
||||||
|
*/
|
||||||
|
class User extends AppModel {
|
||||||
|
/**
|
||||||
|
* Display field
|
||||||
|
*
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
|
public $displayField = 'email';
|
||||||
|
/**
|
||||||
|
* Validation rules
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $validate = array(
|
||||||
|
'group_id' => array(
|
||||||
|
'numeric' => array(
|
||||||
|
'rule' => array('numeric'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'password' => array(
|
||||||
|
'minlength' => array(
|
||||||
|
'rule' => array('minlength', 6),
|
||||||
|
'message' => 'A password of a minimum length of 6 is required.',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
'required' => true,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
'complexity' => array(
|
||||||
|
'rule' => array('complexPassword'),
|
||||||
|
'message' => 'The password must contain at least one upper-case, one lower-case, one (digits or special character).', // TODO password strength requirements
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => true,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'org' => array(
|
||||||
|
'notempty' => array(
|
||||||
|
'rule' => array('notempty'),
|
||||||
|
'message' => 'Please specify the organisation where you are working.',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'email' => array(
|
||||||
|
'email' => array(
|
||||||
|
'rule' => array('email'),
|
||||||
|
'message' => 'Please enter a valid email address.',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
'required' => true,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
'unique' => array(
|
||||||
|
'rule' => 'isUnique',
|
||||||
|
'message' => 'An account with this email address already exists.'
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'autoalert' => array(
|
||||||
|
'boolean' => array(
|
||||||
|
'rule' => array('boolean'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'authkey' => array(
|
||||||
|
'notempty' => array(
|
||||||
|
'rule' => array('notempty'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'invited_by' => array(
|
||||||
|
'numeric' => array(
|
||||||
|
'rule' => array('numeric'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'gpgkey' => array(
|
||||||
|
'notempty' => array(
|
||||||
|
'rule' => array('validateGpgkey'),
|
||||||
|
'message' => 'GPG key not valid, please enter a valid key.',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'nids_sid' => array(
|
||||||
|
'numeric' => array(
|
||||||
|
'rule' => array('numeric'),
|
||||||
|
'message' => 'A SID should be an integer.',
|
||||||
|
'allowEmpty' => false,
|
||||||
|
'required' => true,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'termsaccepted' => array(
|
||||||
|
'boolean' => array(
|
||||||
|
'rule' => array('boolean'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'newsread' => array(
|
||||||
|
'date' => array(
|
||||||
|
'rule' => array('date'),
|
||||||
|
//'message' => 'Your custom message here',
|
||||||
|
//'allowEmpty' => false,
|
||||||
|
//'required' => false,
|
||||||
|
//'last' => false, // Stop validation after this rule
|
||||||
|
//'on' => 'create', // Limit validation to 'create' or 'update' operations
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
//The Associations below have been created with all possible keys, those that are not needed can be removed
|
||||||
|
|
||||||
|
/**
|
||||||
|
* hasMany associations
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $hasMany = array(
|
||||||
|
'Event' => array(
|
||||||
|
'className' => 'Event',
|
||||||
|
'foreignKey' => 'user_id',
|
||||||
|
'dependent' => false,
|
||||||
|
'conditions' => '',
|
||||||
|
'fields' => '',
|
||||||
|
'order' => '',
|
||||||
|
'limit' => '',
|
||||||
|
'offset' => '',
|
||||||
|
'exclusive' => '',
|
||||||
|
'finderQuery' => '',
|
||||||
|
'counterQuery' => ''
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
// var $actsAs = array('Acl' => array('type' => 'requester'));
|
||||||
|
//
|
||||||
|
// public function beforeValidate() {
|
||||||
|
// // Fix issue with an empty password being automagically hashed
|
||||||
|
// App::import('Core', 'Security'); // not sure whether this is necessary
|
||||||
|
// if ($this->data['User']['password'] == Security::hash('', null, true)) {
|
||||||
|
// $this->data['User']['password'] = '';
|
||||||
|
// }
|
||||||
|
// return true;
|
||||||
|
// }
|
||||||
|
|
||||||
|
public function beforeSave() {
|
||||||
|
if (isset($this->data[$this->alias]['password'])) {
|
||||||
|
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks if the GPG key is a valid key
|
||||||
|
* But also import it in the keychain.
|
||||||
|
*/
|
||||||
|
function validateGpgkey($check) {
|
||||||
|
// LATER first remove the old gpgkey from the keychain
|
||||||
|
|
||||||
|
// empty value
|
||||||
|
if (empty($check['gpgkey']))
|
||||||
|
return true;
|
||||||
|
|
||||||
|
// key is entered
|
||||||
|
require_once 'Crypt/GPG.php';
|
||||||
|
$gpg = new Crypt_GPG();
|
||||||
|
try {
|
||||||
|
$key_import_output = $gpg->importKey($check['gpgkey']);
|
||||||
|
if (!empty($key_import_output['fingerprint'])) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
} catch (Exception $e) {
|
||||||
|
debug($e);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
function complexPassword($check) {
|
||||||
|
/*
|
||||||
|
6 characters minimum
|
||||||
|
1 or more upper-case letters
|
||||||
|
1 or more lower-case letters
|
||||||
|
1 or more digits or special characters
|
||||||
|
example: "EasyPeasy34"
|
||||||
|
*/
|
||||||
|
$value = array_values($check);
|
||||||
|
$value = $value[0];
|
||||||
|
return preg_match('/((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/', $value);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Generates an authentication key for each user
|
||||||
|
*/
|
||||||
|
function generateAuthKey() {
|
||||||
|
//$key = sha1(mt_rand(30, 30).time());
|
||||||
|
$length = 40;
|
||||||
|
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
||||||
|
$char_len = strlen($characters)-1;
|
||||||
|
$key = '';
|
||||||
|
for ($p = 0; $p < $length; $p++) {
|
||||||
|
$key .= $characters[rand(0, $char_len)];
|
||||||
|
}
|
||||||
|
|
||||||
|
return $key;
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,21 +1,16 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
TODOs
|
TODOs
|
||||||
-----
|
-----
|
||||||
|
|
||||||
Auth
|
Auth
|
||||||
- Use captcha authentication
|
- Prevent bruteforce auth attempts
|
||||||
- cleanup ACL and do it using the CakePHP concept
|
|
||||||
- password strength requirements
|
|
||||||
|
|
||||||
implement auditing/logging system
|
implement auditing/logging system
|
||||||
- add / edit events and signatures
|
- add / edit events and signatures
|
||||||
- failed / success logins (with source IP, headers,...)
|
- failed / success logins (with source IP, headers,...)
|
||||||
|
|
||||||
Security
|
Security
|
||||||
- apply CSRF checks on the delete parameters by enabling security modules and rewriting some parts
|
|
||||||
- force cookie reset after login
|
- force cookie reset after login
|
||||||
|
|
||||||
|
|
||||||
|
@ -26,10 +21,10 @@ Download CyDefSIG using git in the /var/www/ directory.
|
||||||
cd /var/www/
|
cd /var/www/
|
||||||
git clone git@code.lab.modiss.be:cydefsig.git
|
git clone git@code.lab.modiss.be:cydefsig.git
|
||||||
|
|
||||||
Download and extract CakePHP 1.3 to the web root directory:
|
Download and extract CakePHP 2.x to the web root directory:
|
||||||
|
|
||||||
cd /tmp/
|
cd /tmp/
|
||||||
wget https://nodeload.github.com/cakephp/cakephp/tarball/1.3
|
wget https://nodeload.github.com/cakephp/cakephp/tarball/2.1
|
||||||
tar zxvf cakephp-cakephp-<version>.tar.gz
|
tar zxvf cakephp-cakephp-<version>.tar.gz
|
||||||
cd cakephp-cakephp-*
|
cd cakephp-cakephp-*
|
||||||
|
|
||||||
|
|
0
app/tests/cases/controllers/empty → app/Test/Case/Controller/Component/empty
Executable file → Normal file
0
app/tests/cases/controllers/empty → app/Test/Case/Controller/Component/empty
Executable file → Normal file
|
@ -0,0 +1,142 @@
|
||||||
|
<?php
|
||||||
|
App::uses('EventsController', 'Controller');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* TestEventsController *
|
||||||
|
*/
|
||||||
|
class TestEventsController extends EventsController {
|
||||||
|
/**
|
||||||
|
* Auto render
|
||||||
|
*
|
||||||
|
* @var boolean
|
||||||
|
*/
|
||||||
|
public $autoRender = false;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Redirect action
|
||||||
|
*
|
||||||
|
* @param mixed $url
|
||||||
|
* @param mixed $status
|
||||||
|
* @param boolean $exit
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function redirect($url, $status = null, $exit = true) {
|
||||||
|
$this->redirectUrl = $url;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* EventsController Test Case
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class EventsControllerTestCase extends CakeTestCase {
|
||||||
|
/**
|
||||||
|
* Fixtures
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fixtures = array('app.event', 'app.user', 'app.group', 'app.signature');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* setUp method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
$this->Events = new TestEventsController();
|
||||||
|
$this->Events->constructClasses();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tearDown method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function tearDown() {
|
||||||
|
unset($this->Events);
|
||||||
|
|
||||||
|
parent::tearDown();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* testIndex method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testIndex() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testView method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testView() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdd method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdd() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testEdit method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testEdit() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testDelete method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testDelete() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminIndex method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminIndex() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminView method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminView() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminAdd method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminAdd() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminEdit method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminEdit() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminDelete method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminDelete() {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,142 @@
|
||||||
|
<?php
|
||||||
|
App::uses('SignaturesController', 'Controller');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* TestSignaturesController *
|
||||||
|
*/
|
||||||
|
class TestSignaturesController extends SignaturesController {
|
||||||
|
/**
|
||||||
|
* Auto render
|
||||||
|
*
|
||||||
|
* @var boolean
|
||||||
|
*/
|
||||||
|
public $autoRender = false;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Redirect action
|
||||||
|
*
|
||||||
|
* @param mixed $url
|
||||||
|
* @param mixed $status
|
||||||
|
* @param boolean $exit
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function redirect($url, $status = null, $exit = true) {
|
||||||
|
$this->redirectUrl = $url;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* SignaturesController Test Case
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class SignaturesControllerTestCase extends CakeTestCase {
|
||||||
|
/**
|
||||||
|
* Fixtures
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fixtures = array('app.signature', 'app.event', 'app.user', 'app.group');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* setUp method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
$this->Signatures = new TestSignaturesController();
|
||||||
|
$this->Signatures->constructClasses();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tearDown method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function tearDown() {
|
||||||
|
unset($this->Signatures);
|
||||||
|
|
||||||
|
parent::tearDown();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* testIndex method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testIndex() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testView method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testView() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdd method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdd() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testEdit method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testEdit() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testDelete method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testDelete() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminIndex method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminIndex() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminView method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminView() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminAdd method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminAdd() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminEdit method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminEdit() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminDelete method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminDelete() {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,142 @@
|
||||||
|
<?php
|
||||||
|
App::uses('UsersController', 'Controller');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* TestUsersController *
|
||||||
|
*/
|
||||||
|
class TestUsersController extends UsersController {
|
||||||
|
/**
|
||||||
|
* Auto render
|
||||||
|
*
|
||||||
|
* @var boolean
|
||||||
|
*/
|
||||||
|
public $autoRender = false;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Redirect action
|
||||||
|
*
|
||||||
|
* @param mixed $url
|
||||||
|
* @param mixed $status
|
||||||
|
* @param boolean $exit
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function redirect($url, $status = null, $exit = true) {
|
||||||
|
$this->redirectUrl = $url;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* UsersController Test Case
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class UsersControllerTestCase extends CakeTestCase {
|
||||||
|
/**
|
||||||
|
* Fixtures
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fixtures = array('app.user', 'app.group', 'app.event', 'app.signature');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* setUp method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
$this->Users = new TestUsersController();
|
||||||
|
$this->Users->constructClasses();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tearDown method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function tearDown() {
|
||||||
|
unset($this->Users);
|
||||||
|
|
||||||
|
parent::tearDown();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* testIndex method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testIndex() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testView method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testView() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdd method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdd() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testEdit method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testEdit() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testDelete method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testDelete() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminIndex method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminIndex() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminView method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminView() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminAdd method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminAdd() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminEdit method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminEdit() {
|
||||||
|
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* testAdminDelete method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function testAdminDelete() {
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
<?php
|
||||||
|
App::uses('Event', 'Model');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Event Test Case
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class EventTestCase extends CakeTestCase {
|
||||||
|
/**
|
||||||
|
* Fixtures
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fixtures = array('app.event', 'app.user', 'app.group', 'app.signature');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* setUp method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
$this->Event = ClassRegistry::init('Event');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tearDown method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function tearDown() {
|
||||||
|
unset($this->Event);
|
||||||
|
|
||||||
|
parent::tearDown();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
<?php
|
||||||
|
App::uses('Group', 'Model');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Group Test Case
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class GroupTestCase extends CakeTestCase {
|
||||||
|
/**
|
||||||
|
* Fixtures
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fixtures = array('app.group', 'app.user', 'app.event');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* setUp method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
$this->Group = ClassRegistry::init('Group');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tearDown method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function tearDown() {
|
||||||
|
unset($this->Group);
|
||||||
|
|
||||||
|
parent::tearDown();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
<?php
|
||||||
|
App::uses('Signature', 'Model');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Signature Test Case
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class SignatureTestCase extends CakeTestCase {
|
||||||
|
/**
|
||||||
|
* Fixtures
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fixtures = array('app.signature', 'app.event');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* setUp method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
$this->Signature = ClassRegistry::init('Signature');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tearDown method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function tearDown() {
|
||||||
|
unset($this->Signature);
|
||||||
|
|
||||||
|
parent::tearDown();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
<?php
|
||||||
|
App::uses('User', 'Model');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User Test Case
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class UserTestCase extends CakeTestCase {
|
||||||
|
/**
|
||||||
|
* Fixtures
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fixtures = array('app.user', 'app.group', 'app.event');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* setUp method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
$this->User = ClassRegistry::init('User');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* tearDown method
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function tearDown() {
|
||||||
|
unset($this->User);
|
||||||
|
|
||||||
|
parent::tearDown();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,41 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* EventFixture
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class EventFixture extends CakeTestFixture {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fields
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fields = array(
|
||||||
|
'id' => array('type' => 'integer', 'null' => false, 'default' => NULL, 'key' => 'primary'),
|
||||||
|
'org' => array('type' => 'string', 'null' => false, 'default' => NULL, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'date' => array('type' => 'date', 'null' => false, 'default' => NULL),
|
||||||
|
'info' => array('type' => 'text', 'null' => false, 'default' => NULL, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
|
||||||
|
'user_id' => array('type' => 'integer', 'null' => false, 'default' => NULL),
|
||||||
|
'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
|
||||||
|
'uuid' => array('type' => 'string', 'null' => false, 'default' => NULL, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'info' => array('column' => 'info', 'unique' => 0)),
|
||||||
|
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Records
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $records = array(
|
||||||
|
array(
|
||||||
|
'id' => 1,
|
||||||
|
'org' => 'Lorem ipsum dolor sit amet',
|
||||||
|
'date' => '2012-03-13',
|
||||||
|
'info' => 'Lorem ipsum dolor sit amet, aliquet feugiat. Convallis morbi fringilla gravida, phasellus feugiat dapibus velit nunc, pulvinar eget sollicitudin venenatis cum nullam, vivamus ut a sed, mollitia lectus. Nulla vestibulum massa neque ut et, id hendrerit sit, feugiat in taciti enim proin nibh, tempor dignissim, rhoncus duis vestibulum nunc mattis convallis.',
|
||||||
|
'user_id' => 1,
|
||||||
|
'alerted' => 1,
|
||||||
|
'uuid' => 'Lorem ipsum dolor sit amet'
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* GroupFixture
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class GroupFixture extends CakeTestFixture {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fields
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fields = array(
|
||||||
|
'id' => array('type' => 'integer', 'null' => false, 'default' => NULL, 'key' => 'primary'),
|
||||||
|
'name' => array('type' => 'string', 'null' => false, 'default' => NULL, 'length' => 100, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
|
||||||
|
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Records
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $records = array(
|
||||||
|
array(
|
||||||
|
'id' => 1,
|
||||||
|
'name' => 'Lorem ipsum dolor sit amet'
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
|
@ -0,0 +1,39 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* SignatureFixture
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class SignatureFixture extends CakeTestFixture {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fields
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fields = array(
|
||||||
|
'id' => array('type' => 'integer', 'null' => false, 'default' => NULL, 'key' => 'primary'),
|
||||||
|
'event_id' => array('type' => 'integer', 'null' => false, 'default' => NULL, 'key' => 'index'),
|
||||||
|
'type' => array('type' => 'string', 'null' => false, 'default' => NULL, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
|
||||||
|
'value' => array('type' => 'text', 'null' => false, 'default' => NULL, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
|
||||||
|
'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
|
||||||
|
'uuid' => array('type' => 'string', 'null' => false, 'default' => NULL, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0)),
|
||||||
|
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Records
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $records = array(
|
||||||
|
array(
|
||||||
|
'id' => 1,
|
||||||
|
'event_id' => 1,
|
||||||
|
'type' => 'Lorem ipsum dolor sit amet',
|
||||||
|
'value' => 'Lorem ipsum dolor sit amet, aliquet feugiat. Convallis morbi fringilla gravida, phasellus feugiat dapibus velit nunc, pulvinar eget sollicitudin venenatis cum nullam, vivamus ut a sed, mollitia lectus. Nulla vestibulum massa neque ut et, id hendrerit sit, feugiat in taciti enim proin nibh, tempor dignissim, rhoncus duis vestibulum nunc mattis convallis.',
|
||||||
|
'to_ids' => 1,
|
||||||
|
'uuid' => 'Lorem ipsum dolor sit amet'
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
|
@ -0,0 +1,51 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* UserFixture
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
class UserFixture extends CakeTestFixture {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Fields
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $fields = array(
|
||||||
|
'id' => array('type' => 'integer', 'null' => false, 'default' => NULL, 'key' => 'primary'),
|
||||||
|
'group_id' => array('type' => 'integer', 'null' => false, 'default' => NULL),
|
||||||
|
'password' => array('type' => 'string', 'null' => false, 'default' => NULL, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'org' => array('type' => 'string', 'null' => false, 'default' => NULL, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'email' => array('type' => 'string', 'null' => false, 'default' => NULL, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => NULL),
|
||||||
|
'authkey' => array('type' => 'string', 'null' => false, 'default' => NULL, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'invited_by' => array('type' => 'integer', 'null' => false, 'default' => NULL),
|
||||||
|
'gpgkey' => array('type' => 'text', 'null' => false, 'default' => NULL, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
|
||||||
|
'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => NULL, 'length' => 15),
|
||||||
|
'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => NULL),
|
||||||
|
'newsread' => array('type' => 'date', 'null' => false, 'default' => NULL),
|
||||||
|
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
|
||||||
|
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
|
||||||
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Records
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public $records = array(
|
||||||
|
array(
|
||||||
|
'id' => 1,
|
||||||
|
'group_id' => 1,
|
||||||
|
'password' => 'Lorem ipsum dolor sit amet',
|
||||||
|
'org' => 'Lorem ipsum dolor sit amet',
|
||||||
|
'email' => 'Lorem ipsum dolor sit amet',
|
||||||
|
'autoalert' => 1,
|
||||||
|
'authkey' => 'Lorem ipsum dolor sit amet',
|
||||||
|
'invited_by' => 1,
|
||||||
|
'gpgkey' => 'Lorem ipsum dolor sit amet, aliquet feugiat. Convallis morbi fringilla gravida, phasellus feugiat dapibus velit nunc, pulvinar eget sollicitudin venenatis cum nullam, vivamus ut a sed, mollitia lectus. Nulla vestibulum massa neque ut et, id hendrerit sit, feugiat in taciti enim proin nibh, tempor dignissim, rhoncus duis vestibulum nunc mattis convallis.',
|
||||||
|
'nids_sid' => 1,
|
||||||
|
'termsaccepted' => 1,
|
||||||
|
'newsread' => '2012-03-13'
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
|
@ -0,0 +1,25 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package Cake.View.Emails.html
|
||||||
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
?>
|
||||||
|
<?php
|
||||||
|
$content = explode("\n", $content);
|
||||||
|
|
||||||
|
foreach ($content as $line):
|
||||||
|
echo '<p> ' . $line . "</p>\n";
|
||||||
|
endforeach;
|
||||||
|
?>
|
|
@ -0,0 +1,19 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package Cake.View.Emails.text
|
||||||
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
?>
|
||||||
|
<?php echo $content; ?>
|
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package Cake.View.Errors
|
||||||
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
?>
|
||||||
|
<h2><?php echo $name; ?></h2>
|
||||||
|
<p class="error">
|
||||||
|
<strong><?php echo __d('cake', 'Error'); ?>: </strong>
|
||||||
|
<?php printf(
|
||||||
|
__d('cake', 'The requested address %s was not found on this server.'),
|
||||||
|
"<strong>'{$url}'</strong>"
|
||||||
|
); ?>
|
||||||
|
</p>
|
||||||
|
<?php
|
||||||
|
if (Configure::read('debug') > 0 ):
|
||||||
|
echo $this->element('exception_stack_trace');
|
||||||
|
endif;
|
||||||
|
?>
|
|
@ -0,0 +1,28 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package Cake.View.Errors
|
||||||
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
?>
|
||||||
|
<h2><?php echo $name; ?></h2>
|
||||||
|
<p class="error">
|
||||||
|
<strong><?php echo __d('cake', 'Error'); ?>: </strong>
|
||||||
|
<?php echo __d('cake', 'An Internal Error Has Occurred.'); ?>
|
||||||
|
</p>
|
||||||
|
<?php
|
||||||
|
if (Configure::read('debug') > 0 ):
|
||||||
|
echo $this->element('exception_stack_trace');
|
||||||
|
endif;
|
||||||
|
?>
|
|
@ -3,8 +3,6 @@
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<legend><?php __('Add Event'); ?></legend>
|
<legend><?php __('Add Event'); ?></legend>
|
||||||
<?php
|
<?php
|
||||||
echo $this->Form->hidden('user_id');
|
|
||||||
echo $this->Form->hidden('org');
|
|
||||||
echo $this->Form->input('date');
|
echo $this->Form->input('date');
|
||||||
echo $this->Form->input('risk');
|
echo $this->Form->input('risk');
|
||||||
echo $this->Form->input('info');
|
echo $this->Form->input('info');
|
|
@ -2,7 +2,7 @@
|
||||||
<?php echo $this->Form->create('Event');?>
|
<?php echo $this->Form->create('Event');?>
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<legend><?php echo 'Contact reporter of event '.$this->Form->value('Event.id'); ?></legend>
|
<legend><?php echo 'Contact reporter of event '.$this->Form->value('Event.id'); ?></legend>
|
||||||
<p>You are about to contact the person who reported event <?php echo $this->Form->value('Event.id'); ?>.</br>
|
<p>You are about to contact the person who reported event <?php echo $this->Form->value('Event.id'); ?>.<br/>
|
||||||
Feel free to add a custom message that will be sent to the reporter. <br/>
|
Feel free to add a custom message that will be sent to the reporter. <br/>
|
||||||
Your email address and details about the event will be added automagically to the message.</p>
|
Your email address and details about the event will be added automagically to the message.</p>
|
||||||
<?php
|
<?php
|
||||||
|
@ -13,7 +13,6 @@
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
<h3><?php __('Actions'); ?></h3>
|
|
||||||
<ul>
|
<ul>
|
||||||
<?php echo $this->element('actions_menu'); ?>
|
<?php echo $this->element('actions_menu'); ?>
|
||||||
|
|
|
@ -4,8 +4,6 @@
|
||||||
<legend><?php __('Edit Event'); ?></legend>
|
<legend><?php __('Edit Event'); ?></legend>
|
||||||
<?php
|
<?php
|
||||||
echo $this->Form->input('id');
|
echo $this->Form->input('id');
|
||||||
echo $this->Form->hidden('user_id');
|
|
||||||
echo $this->Form->hidden('org');
|
|
||||||
echo $this->Form->input('date');
|
echo $this->Form->input('date');
|
||||||
echo $this->Form->input('risk');
|
echo $this->Form->input('risk');
|
||||||
echo $this->Form->input('info');
|
echo $this->Form->input('info');
|
|
@ -9,13 +9,13 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
|
||||||
<h3>XML Export</h3>
|
<h3>XML Export</h3>
|
||||||
<p>An automatic export of all events and signatures is available under a custom XML format.</p>
|
<p>An automatic export of all events and signatures is available under a custom XML format.</p>
|
||||||
<p>You can configure your tools to automatically download the following following file:</p>
|
<p>You can configure your tools to automatically download the following following file:</p>
|
||||||
<pre>https://sig.cyber-defence.be/events/xml/<?php echo $me['authkey']; ?></pre>
|
<pre><?php echo Configure::read('CyDefSIG.baseurl');?>/events/xml/<?php echo $me['authkey']; ?></pre>
|
||||||
<p></p>
|
<p></p>
|
||||||
|
|
||||||
<h3>NIDS Export</h3>
|
<h3>NIDS Export</h3>
|
||||||
<p>An automatic export of all network related signatures is available under the Snort rule format. Only signatures marked as <u>to IDS</u> are exported.</p>
|
<p>An automatic export of all network related signatures is available under the Snort rule format. Only signatures marked as <u>to IDS</u> are exported.</p>
|
||||||
<p>You can configure your tools to automatically download the following following file:</p>
|
<p>You can configure your tools to automatically download the following following file:</p>
|
||||||
<pre>https://sig.cyber-defence.be/events/nids/<?php echo $me['authkey']; ?></pre>
|
<pre><?php echo Configure::read('CyDefSIG.baseurl');?>/events/nids/<?php echo $me['authkey']; ?></pre>
|
||||||
<p></p>
|
<p></p>
|
||||||
|
|
||||||
<h3>Text Export</h3>
|
<h3>Text Export</h3>
|
||||||
|
@ -23,7 +23,7 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
|
||||||
<p>You can configure your tools to automatically download the following following files:</p>
|
<p>You can configure your tools to automatically download the following following files:</p>
|
||||||
<pre>
|
<pre>
|
||||||
<?php foreach ($sig_types as $sig_type):?>
|
<?php foreach ($sig_types as $sig_type):?>
|
||||||
https://sig.cyber-defence.be/events/text/<?php echo $me['authkey']; ?>/<?php echo $sig_type."\n";?>
|
<?php echo Configure::read('CyDefSIG.baseurl');?>/events/text/<?php echo $me['authkey']; ?>/<?php echo $sig_type."\n";?>
|
||||||
<?php endforeach;?>
|
<?php endforeach;?>
|
||||||
</pre>
|
</pre>
|
||||||
<p></p>
|
<p></p>
|
|
@ -9,33 +9,33 @@
|
||||||
<th><?php echo $this->Paginator->sort('date');?></th>
|
<th><?php echo $this->Paginator->sort('date');?></th>
|
||||||
<th><?php echo $this->Paginator->sort('risk');?></th>
|
<th><?php echo $this->Paginator->sort('risk');?></th>
|
||||||
<th><?php echo $this->Paginator->sort('info');?></th>
|
<th><?php echo $this->Paginator->sort('info');?></th>
|
||||||
<th class="actions"><?php __('Actions');?></th>
|
<th class="actions"><?php echo __('Actions');?></th>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
$i = 0;
|
foreach ($events as $event):
|
||||||
foreach ($events as $event):
|
// FIXME reactivate the onclick without breaking the delete form submit
|
||||||
$class = null;
|
|
||||||
if ($i++ % 2 == 0) {
|
|
||||||
$class = ' class="altrow"';
|
|
||||||
}
|
|
||||||
?>
|
?>
|
||||||
<tr<?php echo $class;?> onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';">
|
<!-- <tr onclick="document.location ='<?php echo $this->Html->url(array('action' => 'view', $event['Event']['id']), true) ;?>';" > -->
|
||||||
<td style="white-space: nowrap"><?php echo $event['Event']['id']; ?> </td>
|
<tr>
|
||||||
|
<td style="white-space: nowrap">
|
||||||
|
<?php echo $this->Html->link($event['Event']['id'], array('controller' => 'events', 'action' => 'view', $event['Event']['id'])); ?>
|
||||||
|
</td>
|
||||||
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
||||||
<td style="white-space: nowrap"><?php echo Sanitize::html($event['Event']['org']); ?> </td>
|
<td style="white-space: nowrap"><?php echo Sanitize::html($event['Event']['org']); ?> </td>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<td style="white-space: nowrap"><?php echo $event['Event']['date']; ?> </td>
|
<td style="white-space: nowrap"><?php echo $event['Event']['date']; ?> </td>
|
||||||
<td style="white-space: nowrap"><?php echo $event['Event']['risk']; ?> </td>
|
<td style="white-space: nowrap"><?php echo $event['Event']['risk']; ?> </td>
|
||||||
<td><?php echo nl2br(Sanitize::html($event['Event']['info'])); ?> </td>
|
<td><?php echo nl2br(Sanitize::html($event['Event']['info'])); ?> </td>
|
||||||
<td class="actions" style="text-align:right;">
|
<td class="actions">
|
||||||
<?php
|
<?php
|
||||||
if (0 == $event['Event']['alerted'] && ($isAdmin || $event['Event']['org'] == $me['org'])) echo $this->Html->link(__('Finish Edit', true), array('action' => 'alert', $event['Event']['id']), array(), 'Are you sure this event is complete and everyone should be alerted?');
|
if (0 == $event['Event']['alerted'] && ($isAdmin || $event['Event']['org'] == $me['org']))
|
||||||
|
echo $this->Form->postLink('Finish Edit', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be alerted?');
|
||||||
elseif (0 == $event['Event']['alerted']) echo 'Not finished editing';
|
elseif (0 == $event['Event']['alerted']) echo 'Not finished editing';
|
||||||
?>
|
?>
|
||||||
<?php
|
<?php
|
||||||
if ($isAdmin || $event['Event']['org'] == $me['org']) {
|
if ($isAdmin || $event['Event']['org'] == $me['org']) {
|
||||||
echo $this->Html->link(__('Edit', true), array('action' => 'edit', $event['Event']['id']));
|
echo $this->Html->link(__('Edit', true), array('action' => 'edit', $event['Event']['id']));
|
||||||
echo $this->Html->link(__('Delete', true), array('action' => 'delete', $event['Event']['id']), null, sprintf(__('Are you sure you want to delete # %s?', true), $event['Event']['id']));
|
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id']));
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
<?php echo $this->Html->link(__('View', true), array('action' => 'view', $event['Event']['id'])); ?>
|
<?php echo $this->Html->link(__('View', true), array('action' => 'view', $event['Event']['id'])); ?>
|
||||||
|
@ -46,7 +46,7 @@
|
||||||
<p>
|
<p>
|
||||||
<?php
|
<?php
|
||||||
echo $this->Paginator->counter(array(
|
echo $this->Paginator->counter(array(
|
||||||
'format' => __('Page %page% of %pages%, showing %current% records out of %count% total, starting on record %start%, ending on %end%', true)
|
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
|
||||||
));
|
));
|
||||||
?> </p>
|
?> </p>
|
||||||
|
|
||||||
|
@ -58,7 +58,6 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
<h3><?php __('Actions'); ?></h3>
|
|
||||||
<ul>
|
<ul>
|
||||||
<?php echo $this->element('actions_menu'); ?>
|
<?php echo $this->element('actions_menu'); ?>
|
||||||
|
|
|
@ -3,7 +3,9 @@
|
||||||
<?php if ( 0 == $event['Event']['alerted'] && ($isAdmin || $event['Event']['org'] == $me['org'])):
|
<?php if ( 0 == $event['Event']['alerted'] && ($isAdmin || $event['Event']['org'] == $me['org'])):
|
||||||
// only show button if alert has not been sent // LATER show the ALERT button in red-ish
|
// only show button if alert has not been sent // LATER show the ALERT button in red-ish
|
||||||
?>
|
?>
|
||||||
<ul><li><?php echo $this->Html->link(__('Finish Edit', true), array('action' => 'alert', $event['Event']['id']), array(), 'Are you sure this event is complete and everyone should be alerted?'); ?> </li></ul>
|
<ul><li><?php
|
||||||
|
echo $this->Form->postLink('Finish Edit', array('action' => 'alert', $event['Event']['id']), null, 'Are you sure this event is complete and everyone should be alerted?');
|
||||||
|
?> </li></ul>
|
||||||
<?php elseif (0 == $event['Event']['alerted']): ?>
|
<?php elseif (0 == $event['Event']['alerted']): ?>
|
||||||
<ul><li>Not finished editing</li></ul>
|
<ul><li>Not finished editing</li></ul>
|
||||||
<?php else: ?>
|
<?php else: ?>
|
||||||
|
@ -14,39 +16,39 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<h2><?php __('Event');?></h2>
|
<h2>Event</h2>
|
||||||
<dl><?php $i = 0; $class = ' class="altrow"';?>
|
<dl>
|
||||||
<dt<?php if ($i % 2 == 0) echo $class;?>><?php __('Id'); ?></dt>
|
<dt>ID</dt>
|
||||||
<dd<?php if ($i++ % 2 == 0) echo $class;?>>
|
<dd>
|
||||||
<?php echo Sanitize::html($event['Event']['id']); ?>
|
<?php echo Sanitize::html($event['Event']['id']); ?>
|
||||||
|
|
||||||
</dd>
|
</dd>
|
||||||
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
<?php if ('true' == Configure::read('CyDefSIG.showorg') || $isAdmin): ?>
|
||||||
<dt<?php if ($i % 2 == 0) echo $class;?>><?php __('Org'); ?></dt>
|
<dt>Org</dt>
|
||||||
<dd<?php if ($i++ % 2 == 0) echo $class;?>>
|
<dd>
|
||||||
<?php echo Sanitize::html($event['Event']['org']); ?>
|
<?php echo Sanitize::html($event['Event']['org']); ?>
|
||||||
|
|
||||||
</dd>
|
</dd>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<dt<?php if ($i % 2 == 0) echo $class;?>><?php __('Date'); ?></dt>
|
<dt>Date</dt>
|
||||||
<dd<?php if ($i++ % 2 == 0) echo $class;?>>
|
<dd>
|
||||||
<?php echo Sanitize::html($event['Event']['date']); ?>
|
<?php echo Sanitize::html($event['Event']['date']); ?>
|
||||||
|
|
||||||
</dd>
|
</dd>
|
||||||
<dt<?php if ($i % 2 == 0) echo $class;?>><?php __('Risk'); ?></dt>
|
<dt>Risk</dt>
|
||||||
<dd<?php if ($i++ % 2 == 0) echo $class;?>>
|
<dd>
|
||||||
<?php echo $event['Event']['risk']; ?>
|
<?php echo $event['Event']['risk']; ?>
|
||||||
|
|
||||||
</dd>
|
</dd>
|
||||||
<dt<?php if ($i % 2 == 0) echo $class;?>><?php __('Info'); ?></dt>
|
<dt>Info</dt>
|
||||||
<dd<?php if ($i++ % 2 == 0) echo $class;?>>
|
<dd>
|
||||||
<?php echo nl2br(Sanitize::html($event['Event']['info'])); ?>
|
<?php echo nl2br(Sanitize::html($event['Event']['info'])); ?>
|
||||||
|
|
||||||
</dd>
|
</dd>
|
||||||
</dl>
|
</dl>
|
||||||
<?php if (!empty($relatedEvents)):?>
|
<?php if (!empty($relatedEvents)):?>
|
||||||
<div class="related">
|
<div class="related">
|
||||||
<h3><?php __('Related Events');?></h3>
|
<h3>Related Events</h3>
|
||||||
<ul>
|
<ul>
|
||||||
<?php foreach ($relatedEvents as $relatedEvent): ?>
|
<?php foreach ($relatedEvents as $relatedEvent): ?>
|
||||||
<li><?php
|
<li><?php
|
||||||
|
@ -58,7 +60,7 @@
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
|
||||||
<div class="related">
|
<div class="related">
|
||||||
<h3><?php __('Signatures');?></h3>
|
<h3>Signatures</h3>
|
||||||
<?php if (!empty($event['Signature'])):?>
|
<?php if (!empty($event['Signature'])):?>
|
||||||
<table cellpadding = "0" cellspacing = "0">
|
<table cellpadding = "0" cellspacing = "0">
|
||||||
<tr>
|
<tr>
|
||||||
|
@ -66,17 +68,12 @@
|
||||||
<th>Value</th>
|
<th>Value</th>
|
||||||
<th>Related Events</th>
|
<th>Related Events</th>
|
||||||
<th>To IDS</th>
|
<th>To IDS</th>
|
||||||
<th class="actions">Actions</th>
|
<th class="actions" style="text-align:right;">Actions</th>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
$i = 0;
|
|
||||||
foreach ($event['Signature'] as $signature):
|
foreach ($event['Signature'] as $signature):
|
||||||
$class = null;
|
|
||||||
if ($i++ % 2 == 0) {
|
|
||||||
$class = ' class="altrow"';
|
|
||||||
}
|
|
||||||
?>
|
?>
|
||||||
<tr<?php echo $class;?>>
|
<tr>
|
||||||
<td><?php echo $signature['type'];?></td>
|
<td><?php echo $signature['type'];?></td>
|
||||||
<td><?php echo nl2br(Sanitize::html($signature['value']));?></td>
|
<td><?php echo nl2br(Sanitize::html($signature['value']));?></td>
|
||||||
<td>
|
<td>
|
||||||
|
@ -94,7 +91,7 @@
|
||||||
<?php
|
<?php
|
||||||
if ($isAdmin || $event['Event']['org'] == $me['org']) {
|
if ($isAdmin || $event['Event']['org'] == $me['org']) {
|
||||||
echo $this->Html->link(__('Edit', true), array('controller' => 'signatures', 'action' => 'edit', $signature['id']));
|
echo $this->Html->link(__('Edit', true), array('controller' => 'signatures', 'action' => 'edit', $signature['id']));
|
||||||
echo $this->Html->link(__('Delete', true), array('controller' => 'signatures', 'action' => 'delete', $signature['id']), null, sprintf(__('Are you sure you want to delete # %s?', true), $signature['id']));
|
echo $this->Form->postLink(__('Delete'), array('controller' => 'signatures', 'action' => 'delete', $signature['id']), null, __('Are you sure you want to delete this signature?'));
|
||||||
} ?>
|
} ?>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
@ -104,7 +101,7 @@
|
||||||
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
<ul>
|
<ul>
|
||||||
<li><?php echo $this->Html->link(__('New Signature', true), array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
|
<li><?php echo $this->Html->link('New Signature', array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
@ -113,12 +110,11 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
<h3><?php __('Actions'); ?></h3>
|
|
||||||
<ul>
|
<ul>
|
||||||
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||||
<li><?php echo $this->Html->link(__('New Signature', true), array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
|
<li><?php echo $this->Html->link(__('New Signature', true), array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||||
<li><?php echo $this->Html->link(__('Edit Event', true), array('action' => 'edit', $event['Event']['id'])); ?> </li>
|
<li><?php echo $this->Html->link(__('Edit Event', true), array('action' => 'edit', $event['Event']['id'])); ?> </li>
|
||||||
<li><?php echo $this->Html->link(__('Delete Event', true), array('action' => 'delete', $event['Event']['id']), null, sprintf(__('Are you sure you want to delete # %s?', true), $event['Event']['id'])); ?> </li>
|
<li><?php echo $this->Form->postLink(__('Delete Event'), array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
|
||||||
<li> </li>
|
<li> </li>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<?php echo $this->element('actions_menu'); ?>
|
<?php echo $this->element('actions_menu'); ?>
|
|
@ -0,0 +1,8 @@
|
||||||
|
<?php
|
||||||
|
// $xml = Xml::build($events);
|
||||||
|
//echo $this->Xml->header();
|
||||||
|
?>
|
||||||
|
<CyDefSIG>
|
||||||
|
<?php // echo $this->Xml->serialize($events, array('format' => 'tags')); ?>
|
||||||
|
<?php // echo Xml::fromArray($events, array('format' => 'tags')); ?>
|
||||||
|
</CyDefSIG>
|
|
@ -0,0 +1,34 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Application level View Helper
|
||||||
|
*
|
||||||
|
* This file is application-wide helper file. You can put all
|
||||||
|
* application-wide helper-related methods here.
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package app.View.Helper
|
||||||
|
* @since CakePHP(tm) v 0.2.9
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
|
||||||
|
App::uses('Helper', 'View');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application helper
|
||||||
|
*
|
||||||
|
* Add your application-wide methods in the class below, your helpers
|
||||||
|
* will inherit them.
|
||||||
|
*
|
||||||
|
* @package app.View.Helper
|
||||||
|
*/
|
||||||
|
class AppHelper extends Helper {
|
||||||
|
}
|
15
app/views/layouts/email/html/default.ctp → app/View/Layouts/Emails/html/default.ctp
Executable file → Normal file
15
app/views/layouts/email/html/default.ctp → app/View/Layouts/Emails/html/default.ctp
Executable file → Normal file
|
@ -1,18 +1,17 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP 5
|
||||||
*
|
*
|
||||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
* Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
*
|
*
|
||||||
* Licensed under The MIT License
|
* Licensed under The MIT License
|
||||||
* Redistributions of files must retain the above copyright notice.
|
* Redistributions of files must retain the above copyright notice.
|
||||||
*
|
*
|
||||||
* @copyright Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
* @link http://cakephp.org CakePHP(tm) Project
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
* @package cake
|
* @package Cake.View.Layouts.Emails.html
|
||||||
* @subpackage cake.cake.libs.view.templates.elements.email.html
|
|
||||||
* @since CakePHP(tm) v 0.10.0.1076
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
*/
|
*/
|
||||||
|
@ -20,10 +19,10 @@
|
||||||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
<title><?php echo $title_for_layout;?></title>
|
<title><?php echo $title_for_layout;?></title>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<?php echo $content_for_layout;?>
|
<?php echo $content_for_layout;?>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
9
app/views/layouts/email/text/default.ctp → app/View/Layouts/Emails/text/default.ctp
Executable file → Normal file
9
app/views/layouts/email/text/default.ctp → app/View/Layouts/Emails/text/default.ctp
Executable file → Normal file
|
@ -1,18 +1,17 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP 5
|
||||||
*
|
*
|
||||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
* Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
*
|
*
|
||||||
* Licensed under The MIT License
|
* Licensed under The MIT License
|
||||||
* Redistributions of files must retain the above copyright notice.
|
* Redistributions of files must retain the above copyright notice.
|
||||||
*
|
*
|
||||||
* @copyright Copyright 2005-2010, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
* @link http://cakephp.org CakePHP(tm) Project
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
* @package cake
|
* @package Cake.View.Layouts.Emails.text
|
||||||
* @subpackage cake.cake.libs.view.templates.elements.email.text
|
|
||||||
* @since CakePHP(tm) v 0.10.0.1076
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
*/
|
*/
|
|
@ -0,0 +1,19 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package Cake.View.Layouts
|
||||||
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
?>
|
||||||
|
<?php echo $content_for_layout; ?>
|
|
@ -1,7 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP 5
|
||||||
*
|
*
|
||||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
@ -11,18 +11,19 @@
|
||||||
*
|
*
|
||||||
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
* @link http://cakephp.org CakePHP(tm) Project
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
* @package cake
|
* @package Cake.View.Layouts
|
||||||
* @subpackage cake.cake.libs.view.templates.layouts
|
|
||||||
* @since CakePHP(tm) v 0.10.0.1076
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
$cakeDescription = __d('cake_dev', 'CakePHP: the rapid development php framework');
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||||
<head>
|
<head>
|
||||||
<?php echo $this->Html->charset(); ?>
|
<?php echo $this->Html->charset(); ?>
|
||||||
<title>
|
<title>
|
||||||
CyDefSIG -
|
<?php echo $cakeDescription ?>:
|
||||||
<?php echo $title_for_layout; ?>
|
<?php echo $title_for_layout; ?>
|
||||||
</title>
|
</title>
|
||||||
<?php
|
<?php
|
||||||
|
@ -30,40 +31,25 @@
|
||||||
|
|
||||||
echo $this->Html->css('cake.generic');
|
echo $this->Html->css('cake.generic');
|
||||||
|
|
||||||
echo $scripts_for_layout;
|
echo $this->fetch('meta');
|
||||||
|
echo $this->fetch('css');
|
||||||
|
echo $this->fetch('script');
|
||||||
?>
|
?>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<div id="container">
|
<div id="container">
|
||||||
<div id="header">
|
<div id="header">
|
||||||
<h1><?php echo $this->Html->link(__('CyDefSIG: Cyber-Defence Signatures: sharing detection patterns', true), array('controller' => 'events', 'action' => 'index')); ?></h1>
|
<h1><?php echo $this->Html->link(__('CyDefSIG: Cyber-Defence Signatures: sharing detection patterns', true), array('controller' => 'events', 'action' => 'index')); ?></h1>
|
||||||
<div style="float:right;">
|
|
||||||
<?php
|
|
||||||
/* echo $this->Form->create('Signature', array(
|
|
||||||
'controller' => 'signatures',
|
|
||||||
'action' => 'search',
|
|
||||||
'inputDefaults' => array(
|
|
||||||
'label' => false,
|
|
||||||
'div' => false,
|
|
||||||
),
|
|
||||||
));
|
|
||||||
echo $this->Form->input('keyword');
|
|
||||||
echo $this->Form->end(__('Search', true));
|
|
||||||
*/ ?>
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
<div id="content">
|
<div id="content">
|
||||||
<?php echo $this->Session->flash('auth'); ?>
|
<?php echo $this->Session->flash('auth'); ?>
|
||||||
<?php echo $this->Session->flash('error'); ?>
|
<?php echo $this->Session->flash('error'); ?>
|
||||||
|
|
||||||
<?php echo $this->Session->flash('gpg'); ?>
|
<?php echo $this->Session->flash('gpg'); ?>
|
||||||
<?php echo $this->Session->flash(); ?>
|
<?php echo $this->Session->flash(); ?>
|
||||||
<?php echo $this->Session->flash('email'); ?>
|
<?php echo $this->Session->flash('email'); ?>
|
||||||
|
|
||||||
|
|
||||||
<?php echo $content_for_layout; ?>
|
<?php echo $this->fetch('content'); ?>
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
<div id="footer">
|
<div id="footer">
|
||||||
<h1 style="float:left;">Download: <?php echo $this->Html->link('PGP/GPG key', '/gpg.asc');?></h1>
|
<h1 style="float:left;">Download: <?php echo $this->Html->link('PGP/GPG key', '/gpg.asc');?></h1>
|
||||||
|
@ -73,7 +59,5 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<?php echo $this->element('sql_dump'); ?>
|
<?php echo $this->element('sql_dump'); ?>
|
||||||
|
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
|
@ -0,0 +1,37 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package Cake.View.Layouts
|
||||||
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
?>
|
||||||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||||
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||||
|
<head>
|
||||||
|
<?php echo $this->Html->charset(); ?>
|
||||||
|
<title><?php echo $page_title; ?></title>
|
||||||
|
|
||||||
|
<?php if (Configure::read('debug') == 0) { ?>
|
||||||
|
<meta http-equiv="Refresh" content="<?php echo $pause; ?>;url=<?php echo $url; ?>"/>
|
||||||
|
<?php } ?>
|
||||||
|
<style><!--
|
||||||
|
P { text-align:center; font:bold 1.1em sans-serif }
|
||||||
|
A { color:#444; text-decoration:none }
|
||||||
|
A:HOVER { text-decoration: underline; color:#44E }
|
||||||
|
--></style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<p><a href="<?php echo $url; ?>"><?php echo $message; ?></a></p>
|
||||||
|
</body>
|
||||||
|
</html>
|
|
@ -0,0 +1,2 @@
|
||||||
|
<?php echo $scripts_for_layout; ?>
|
||||||
|
<script type="text/javascript"><?php echo $content_for_layout; ?></script>
|
|
@ -0,0 +1,14 @@
|
||||||
|
<?php
|
||||||
|
if (!isset($channel)) {
|
||||||
|
$channel = array();
|
||||||
|
}
|
||||||
|
if (!isset($channel['title'])) {
|
||||||
|
$channel['title'] = $title_for_layout;
|
||||||
|
}
|
||||||
|
|
||||||
|
echo $this->Rss->document(
|
||||||
|
$this->Rss->channel(
|
||||||
|
array(), $channel, $content_for_layout
|
||||||
|
)
|
||||||
|
);
|
||||||
|
?>
|
|
@ -0,0 +1 @@
|
||||||
|
<?php echo $content_for_layout; ?>
|
|
@ -0,0 +1,188 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* PHP 5
|
||||||
|
*
|
||||||
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||||
|
* Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
*
|
||||||
|
* Licensed under The MIT License
|
||||||
|
* Redistributions of files must retain the above copyright notice.
|
||||||
|
*
|
||||||
|
* @copyright Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||||
|
* @link http://cakephp.org CakePHP(tm) Project
|
||||||
|
* @package Cake.View.Pages
|
||||||
|
* @since CakePHP(tm) v 0.10.0.1076
|
||||||
|
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||||
|
*/
|
||||||
|
if (Configure::read('debug') == 0):
|
||||||
|
throw new NotFoundException();
|
||||||
|
endif;
|
||||||
|
App::uses('Debugger', 'Utility');
|
||||||
|
?>
|
||||||
|
<iframe src="http://cakephp.org/bake-banner" width="830" height="160" style="overflow:hidden; border:none;">
|
||||||
|
<p>For updates and important announcements, visit http://cakefest.org</p>
|
||||||
|
</iframe>
|
||||||
|
<h2><?php echo __d('cake_dev', 'Release Notes for CakePHP %s.', Configure::version()); ?></h2>
|
||||||
|
<a href="http://cakephp.org/changelogs/<?php echo Configure::version(); ?>"><?php echo __d('cake_dev', 'Read the changelog'); ?> </a>
|
||||||
|
<?php
|
||||||
|
if (Configure::read('debug') > 0):
|
||||||
|
Debugger::checkSecurityKeys();
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
<p id="url-rewriting-warning" style="background-color:#e32; color:#fff;">
|
||||||
|
<?php echo __d('cake_dev', 'URL rewriting is not properly configured on your server.'); ?>
|
||||||
|
1) <a target="_blank" href="http://book.cakephp.org/2.0/en/installation/advanced-installation.html#apache-and-mod-rewrite-and-htaccess" style="color:#fff;">Help me configure it</a>
|
||||||
|
2) <a target="_blank" href="http://book.cakephp.org/2.0/en/development/configuration.html#cakephp-core-configuration" style="color:#fff;">I don't / can't use URL rewriting</a>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
if (version_compare(PHP_VERSION, '5.2.8', '>=')):
|
||||||
|
echo '<span class="notice success">';
|
||||||
|
echo __d('cake_dev', 'Your version of PHP is 5.2.8 or higher.');
|
||||||
|
echo '</span>';
|
||||||
|
else:
|
||||||
|
echo '<span class="notice">';
|
||||||
|
echo __d('cake_dev', 'Your version of PHP is too low. You need PHP 5.2.8 or higher to use CakePHP.');
|
||||||
|
echo '</span>';
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
if (is_writable(TMP)):
|
||||||
|
echo '<span class="notice success">';
|
||||||
|
echo __d('cake_dev', 'Your tmp directory is writable.');
|
||||||
|
echo '</span>';
|
||||||
|
else:
|
||||||
|
echo '<span class="notice">';
|
||||||
|
echo __d('cake_dev', 'Your tmp directory is NOT writable.');
|
||||||
|
echo '</span>';
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
$settings = Cache::settings();
|
||||||
|
if (!empty($settings)):
|
||||||
|
echo '<span class="notice success">';
|
||||||
|
echo __d('cake_dev', 'The %s is being used for core caching. To change the config edit APP/Config/core.php ', '<em>'. $settings['engine'] . 'Engine</em>');
|
||||||
|
echo '</span>';
|
||||||
|
else:
|
||||||
|
echo '<span class="notice">';
|
||||||
|
echo __d('cake_dev', 'Your cache is NOT working. Please check the settings in APP/Config/core.php');
|
||||||
|
echo '</span>';
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
$filePresent = null;
|
||||||
|
if (file_exists(APP . 'Config' . DS . 'database.php')):
|
||||||
|
echo '<span class="notice success">';
|
||||||
|
echo __d('cake_dev', 'Your database configuration file is present.');
|
||||||
|
$filePresent = true;
|
||||||
|
echo '</span>';
|
||||||
|
else:
|
||||||
|
echo '<span class="notice">';
|
||||||
|
echo __d('cake_dev', 'Your database configuration file is NOT present.');
|
||||||
|
echo '<br/>';
|
||||||
|
echo __d('cake_dev', 'Rename APP/Config/database.php.default to APP/Config/database.php');
|
||||||
|
echo '</span>';
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
</p>
|
||||||
|
<?php
|
||||||
|
if (isset($filePresent)):
|
||||||
|
App::uses('ConnectionManager', 'Model');
|
||||||
|
try {
|
||||||
|
$connected = ConnectionManager::getDataSource('default');
|
||||||
|
} catch (Exception $connectionError) {
|
||||||
|
$connected = false;
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
if ($connected && $connected->isConnected()):
|
||||||
|
echo '<span class="notice success">';
|
||||||
|
echo __d('cake_dev', 'Cake is able to connect to the database.');
|
||||||
|
echo '</span>';
|
||||||
|
else:
|
||||||
|
echo '<span class="notice">';
|
||||||
|
echo __d('cake_dev', 'Cake is NOT able to connect to the database.');
|
||||||
|
echo '<br /><br />';
|
||||||
|
echo $connectionError->getMessage();
|
||||||
|
echo '</span>';
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
</p>
|
||||||
|
<?php endif;?>
|
||||||
|
<?php
|
||||||
|
App::uses('Validation', 'Utility');
|
||||||
|
if (!Validation::alphaNumeric('cakephp')) {
|
||||||
|
echo '<p><span class="notice">';
|
||||||
|
echo __d('cake_dev', 'PCRE has not been compiled with Unicode support.');
|
||||||
|
echo '<br/>';
|
||||||
|
echo __d('cake_dev', 'Recompile PCRE with Unicode support by adding <code>--enable-unicode-properties</code> when configuring');
|
||||||
|
echo '</span></p>';
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
<h3><?php echo __d('cake_dev', 'Editing this Page'); ?></h3>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
echo __d('cake_dev', 'To change the content of this page, create: APP/View/Pages/home.ctp.<br />
|
||||||
|
To change its layout, create: APP/View/Layouts/default.ctp.<br />
|
||||||
|
You can also add some CSS styles for your pages at: APP/webroot/css.');
|
||||||
|
?>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<h3><?php echo __d('cake_dev', 'Getting Started'); ?></h3>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
echo $this->Html->link(
|
||||||
|
sprintf('<strong>%s</strong> %s', __d('cake_dev', 'New'), __d('cake_dev', 'CakePHP 2.0 Docs')),
|
||||||
|
'http://book.cakephp.org/2.0/en/',
|
||||||
|
array('target' => '_blank', 'escape' => false)
|
||||||
|
);
|
||||||
|
?>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
echo $this->Html->link(
|
||||||
|
__d('cake_dev', 'The 15 min Blog Tutorial'),
|
||||||
|
'http://book.cakephp.org/2.0/en/tutorials-and-examples/blog/blog.html',
|
||||||
|
array('target' => '_blank', 'escape' => false)
|
||||||
|
);
|
||||||
|
?>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<h3><?php echo __d('cake_dev', 'More about Cake'); ?></h3>
|
||||||
|
<p>
|
||||||
|
<?php echo __d('cake_dev', 'CakePHP is a rapid development framework for PHP which uses commonly known design patterns like Active Record, Association Data Mapping, Front Controller and MVC.'); ?>
|
||||||
|
</p>
|
||||||
|
<p>
|
||||||
|
<?php echo __d('cake_dev', 'Our primary goal is to provide a structured framework that enables PHP users at all levels to rapidly develop robust web applications, without any loss to flexibility.'); ?>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li><a href="http://cakefoundation.org/"><?php echo __d('cake_dev', 'Cake Software Foundation'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'Promoting development related to CakePHP'); ?></li></ul></li>
|
||||||
|
<li><a href="http://www.cakephp.org"><?php echo __d('cake_dev', 'CakePHP'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'The Rapid Development Framework'); ?></li></ul></li>
|
||||||
|
<li><a href="http://book.cakephp.org"><?php echo __d('cake_dev', 'CakePHP Documentation'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'Your Rapid Development Cookbook'); ?></li></ul></li>
|
||||||
|
<li><a href="http://api20.cakephp.org"><?php echo __d('cake_dev', 'CakePHP API'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'Quick Reference'); ?></li></ul></li>
|
||||||
|
<li><a href="http://bakery.cakephp.org"><?php echo __d('cake_dev', 'The Bakery'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'Everything CakePHP'); ?></li></ul></li>
|
||||||
|
<li><a href="http://live.cakephp.org"><?php echo __d('cake_dev', 'The Show'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'The Show is a live and archived internet radio broadcast CakePHP-related topics and answer questions live via IRC, Skype, and telephone.'); ?></li></ul></li>
|
||||||
|
<li><a href="http://groups.google.com/group/cake-php"><?php echo __d('cake_dev', 'CakePHP Google Group'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'Community mailing list'); ?></li></ul></li>
|
||||||
|
<li><a href="irc://irc.freenode.net/cakephp">irc.freenode.net #cakephp</a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'Live chat about CakePHP'); ?></li></ul></li>
|
||||||
|
<li><a href="http://github.com/cakephp/"><?php echo __d('cake_dev', 'CakePHP Code'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'For the Development of CakePHP Git repository, Downloads'); ?></li></ul></li>
|
||||||
|
<li><a href="http://cakephp.lighthouseapp.com/"><?php echo __d('cake_dev', 'CakePHP Lighthouse'); ?> </a>
|
||||||
|
<ul><li><?php echo __d('cake_dev', 'CakePHP Tickets, Wiki pages, Roadmap'); ?></li></ul></li>
|
||||||
|
</ul>
|
|
@ -1,28 +1,27 @@
|
||||||
<div class="signatures form">
|
<div class="signatures form">
|
||||||
<?php echo $this->Form->create('Signature');?>
|
<?php echo $this->Form->create('Signature');?>
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<legend><?php __('Add Signature'); ?></legend>
|
<legend><?php echo __('Add Signature'); ?></legend>
|
||||||
<?php
|
<?php
|
||||||
echo $this->Form->hidden('event_id');
|
echo $this->Form->hidden('event_id');
|
||||||
echo $this->Form->input('type');
|
echo $this->Form->input('type');
|
||||||
echo $this->Form->input('to_ids', array(
|
echo $this->Form->input('to_ids', array(
|
||||||
'checked' => true,
|
'checked' => true,
|
||||||
'after' => ' <i>Is this signature specific enough to be exported to IDS systems?</i>',
|
'after' => ' <i>Is this signature specific enough to be exported to IDS systems?</i>',
|
||||||
));
|
));
|
||||||
echo $this->Form->input('value', array(
|
echo $this->Form->input('value', array(
|
||||||
'error' => array('escape' => false),
|
'error' => array('escape' => false),
|
||||||
));
|
));
|
||||||
echo $this->Form->input('batch_import', array(
|
echo $this->Form->input('batch_import', array(
|
||||||
'type' => 'checkbox',
|
'type' => 'checkbox',
|
||||||
'after' => ' <i>When selected each line in the value field will be a signature.</i>',
|
'after' => ' <i>When selected each line in the value field will be a signature.</i>',
|
||||||
));
|
));
|
||||||
?>
|
?>
|
||||||
</fieldset>
|
</fieldset>
|
||||||
<?php echo $this->Form->end(__('Submit', true));?>
|
<?php echo $this->Form->end(__('Submit'));?>
|
||||||
</div>
|
</div>
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
<h3><?php __('Actions'); ?></h3>
|
|
||||||
<ul>
|
<ul>
|
||||||
<?php echo $this->element('actions_menu'); ?>
|
<?php echo $this->element('actions_menu'); ?>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
|
@ -0,0 +1,25 @@
|
||||||
|
<div class="signatures form">
|
||||||
|
<?php echo $this->Form->create('Signature');?>
|
||||||
|
<fieldset>
|
||||||
|
<legend><?php echo __('Edit Signature'); ?></legend>
|
||||||
|
<?php
|
||||||
|
echo $this->Form->input('id');
|
||||||
|
echo $this->Form->input('event_id');
|
||||||
|
echo $this->Form->input('type');
|
||||||
|
echo $this->Form->input('value');
|
||||||
|
echo $this->Form->input('to_ids');
|
||||||
|
echo $this->Form->input('uuid');
|
||||||
|
?>
|
||||||
|
</fieldset>
|
||||||
|
<?php echo $this->Form->end(__('Submit'));?>
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<h3><?php echo __('Actions'); ?></h3>
|
||||||
|
<ul>
|
||||||
|
|
||||||
|
<li><?php echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $this->Form->value('Signature.id')), null, __('Are you sure you want to delete # %s?', $this->Form->value('Signature.id'))); ?></li>
|
||||||
|
<li><?php echo $this->Html->link(__('List Signatures'), array('action' => 'index'));?></li>
|
||||||
|
<li><?php echo $this->Html->link(__('List Events'), array('controller' => 'events', 'action' => 'index')); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('New Event'), array('controller' => 'events', 'action' => 'add')); ?> </li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
|
@ -0,0 +1,52 @@
|
||||||
|
<div class="signatures index">
|
||||||
|
<h2><?php echo __('Signatures');?></h2>
|
||||||
|
<table cellpadding="0" cellspacing="0">
|
||||||
|
<tr>
|
||||||
|
<th><?php echo $this->Paginator->sort('event_id');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('type');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('value');?></th>
|
||||||
|
<th>To IDS</th>
|
||||||
|
<th class="actions"><?php echo __('Actions');?></th>
|
||||||
|
</tr>
|
||||||
|
<?php
|
||||||
|
foreach ($signatures as $signature): ?>
|
||||||
|
<!-- <tr onclick="document.location ='<?php echo $this->Html->url(array('controller' => 'events', 'action' => 'view', $signature['Signature']['event_id']), true) ; // FIXME activate link onclick ?>';"> -->
|
||||||
|
<tr>
|
||||||
|
<td>
|
||||||
|
<?php echo $this->Html->link($signature['Event']['id'], array('controller' => 'events', 'action' => 'view', $signature['Event']['id'])); ?>
|
||||||
|
</td>
|
||||||
|
<td><?php echo h($signature['Signature']['type']); ?> </td>
|
||||||
|
<td><?php echo nl2br(Sanitize::html($signature['Signature']['value'])); ?> </td>
|
||||||
|
<td><?php echo $signature['Signature']['to_ids'] ? 'Yes' : 'No'; ?> </td>
|
||||||
|
<td class="actions"><?php
|
||||||
|
if ($isAdmin || $signature['Event']['org'] == $me['org']) {
|
||||||
|
echo $this->Html->link(__('Edit'), array('action' => 'edit', $signature['Signature']['id']));
|
||||||
|
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $signature['Signature']['id']), null, __('Are you sure you want to delete this signature?'));
|
||||||
|
}
|
||||||
|
echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $signature['Signature']['event_id']));
|
||||||
|
?>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</table>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
echo $this->Paginator->counter(array(
|
||||||
|
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
|
||||||
|
));
|
||||||
|
?> </p>
|
||||||
|
|
||||||
|
<div class="paging">
|
||||||
|
<?php
|
||||||
|
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
|
||||||
|
echo $this->Paginator->numbers(array('separator' => ''));
|
||||||
|
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
|
||||||
|
?>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<h3><?php echo __('Actions'); ?></h3>
|
||||||
|
<ul>
|
||||||
|
<?php echo $this->element('actions_menu'); ?>
|
||||||
|
</ul>
|
||||||
|
</div>
|
|
@ -1,7 +1,7 @@
|
||||||
<div class="signatures form">
|
<div class="signatures form">
|
||||||
<?php echo $this->Form->create('Signature');?>
|
<?php echo $this->Form->create('Signature');?>
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<legend><?php __('Search Signature'); ?></legend>
|
<legend><?php echo __('Search Signature'); ?></legend>
|
||||||
<?php
|
<?php
|
||||||
echo $this->Form->input('keyword');
|
echo $this->Form->input('keyword');
|
||||||
?>
|
?>
|
||||||
|
@ -9,7 +9,6 @@
|
||||||
<?php echo $this->Form->end(__('Search', true));?>
|
<?php echo $this->Form->end(__('Search', true));?>
|
||||||
</div>
|
</div>
|
||||||
<div class="actions">
|
<div class="actions">
|
||||||
<h3><?php __('Actions'); ?></h3>
|
|
||||||
<ul>
|
<ul>
|
||||||
<?php echo $this->element('actions_menu'); ?>
|
<?php echo $this->element('actions_menu'); ?>
|
||||||
</ul>
|
</ul>
|
|
@ -8,7 +8,7 @@
|
||||||
echo $this->Form->input('password');
|
echo $this->Form->input('password');
|
||||||
echo $this->Form->input('org');
|
echo $this->Form->input('org');
|
||||||
echo $this->Form->input('autoalert');
|
echo $this->Form->input('autoalert');
|
||||||
echo $this->Form->input('snort_sid');
|
echo $this->Form->input('nids_sid');
|
||||||
echo $this->Form->input('gpgkey');
|
echo $this->Form->input('gpgkey');
|
||||||
?>
|
?>
|
||||||
</fieldset>
|
</fieldset>
|
|
@ -0,0 +1,28 @@
|
||||||
|
<div class="users form">
|
||||||
|
<?php echo $this->Form->create('User');?>
|
||||||
|
<fieldset>
|
||||||
|
<legend><?php echo __('Admin Add User'); ?></legend>
|
||||||
|
<?php
|
||||||
|
echo $this->Form->input('password');
|
||||||
|
echo $this->Form->input('org');
|
||||||
|
echo $this->Form->input('email');
|
||||||
|
echo $this->Form->input('autoalert');
|
||||||
|
echo $this->Form->input('authkey');
|
||||||
|
echo $this->Form->input('invited_by');
|
||||||
|
echo $this->Form->input('gpgkey');
|
||||||
|
echo $this->Form->input('nids_sid');
|
||||||
|
echo $this->Form->input('termsaccepted');
|
||||||
|
echo $this->Form->input('newsread');
|
||||||
|
?>
|
||||||
|
</fieldset>
|
||||||
|
<?php echo $this->Form->end(__('Submit'));?>
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<h3><?php echo __('Actions'); ?></h3>
|
||||||
|
<ul>
|
||||||
|
|
||||||
|
<li><?php echo $this->Html->link(__('List Users'), array('action' => 'index'));?></li>
|
||||||
|
<li><?php echo $this->Html->link(__('List Events'), array('controller' => 'events', 'action' => 'index')); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('New Event'), array('controller' => 'events', 'action' => 'add')); ?> </li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
|
@ -0,0 +1,30 @@
|
||||||
|
<div class="users form">
|
||||||
|
<?php echo $this->Form->create('User');?>
|
||||||
|
<fieldset>
|
||||||
|
<legend><?php echo __('Admin Edit User'); ?></legend>
|
||||||
|
<?php
|
||||||
|
echo $this->Form->input('id');
|
||||||
|
echo $this->Form->input('password');
|
||||||
|
echo $this->Form->input('org');
|
||||||
|
echo $this->Form->input('email');
|
||||||
|
echo $this->Form->input('autoalert');
|
||||||
|
echo $this->Form->input('authkey');
|
||||||
|
echo $this->Form->input('invited_by');
|
||||||
|
echo $this->Form->input('gpgkey');
|
||||||
|
echo $this->Form->input('nids_sid');
|
||||||
|
echo $this->Form->input('termsaccepted');
|
||||||
|
echo $this->Form->input('newsread');
|
||||||
|
?>
|
||||||
|
</fieldset>
|
||||||
|
<?php echo $this->Form->end(__('Submit'));?>
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<h3><?php echo __('Actions'); ?></h3>
|
||||||
|
<ul>
|
||||||
|
|
||||||
|
<li><?php echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $this->Form->value('User.id')), null, __('Are you sure you want to delete # %s?', $this->Form->value('User.id'))); ?></li>
|
||||||
|
<li><?php echo $this->Html->link(__('List Users'), array('action' => 'index'));?></li>
|
||||||
|
<li><?php echo $this->Html->link(__('List Events'), array('controller' => 'events', 'action' => 'index')); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('New Event'), array('controller' => 'events', 'action' => 'add')); ?> </li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
|
@ -0,0 +1,62 @@
|
||||||
|
<div class="users index">
|
||||||
|
<h2><?php echo __('Users');?></h2>
|
||||||
|
<table cellpadding="0" cellspacing="0">
|
||||||
|
<tr>
|
||||||
|
<th><?php echo $this->Paginator->sort('id');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('password');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('org');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('email');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('autoalert');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('authkey');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('invited_by');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('gpgkey');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('nids_sid');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('termsaccepted');?></th>
|
||||||
|
<th><?php echo $this->Paginator->sort('newsread');?></th>
|
||||||
|
<th class="actions"><?php echo __('Actions');?></th>
|
||||||
|
</tr>
|
||||||
|
<?php
|
||||||
|
foreach ($users as $user): ?>
|
||||||
|
<tr>
|
||||||
|
<td><?php echo h($user['User']['id']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['password']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['org']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['email']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['autoalert']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['authkey']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['invited_by']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['gpgkey']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['nids_sid']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['termsaccepted']); ?> </td>
|
||||||
|
<td><?php echo h($user['User']['newsread']); ?> </td>
|
||||||
|
<td class="actions">
|
||||||
|
<?php echo $this->Html->link(__('View'), array('action' => 'view', $user['User']['id'])); ?>
|
||||||
|
<?php echo $this->Html->link(__('Edit'), array('action' => 'edit', $user['User']['id'])); ?>
|
||||||
|
<?php echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $user['User']['id']), null, __('Are you sure you want to delete # %s?', $user['User']['id'])); ?>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</table>
|
||||||
|
<p>
|
||||||
|
<?php
|
||||||
|
echo $this->Paginator->counter(array(
|
||||||
|
'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
|
||||||
|
));
|
||||||
|
?> </p>
|
||||||
|
|
||||||
|
<div class="paging">
|
||||||
|
<?php
|
||||||
|
echo $this->Paginator->prev('< ' . __('previous'), array(), null, array('class' => 'prev disabled'));
|
||||||
|
echo $this->Paginator->numbers(array('separator' => ''));
|
||||||
|
echo $this->Paginator->next(__('next') . ' >', array(), null, array('class' => 'next disabled'));
|
||||||
|
?>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<h3><?php echo __('Actions'); ?></h3>
|
||||||
|
<ul>
|
||||||
|
<li><?php echo $this->Html->link(__('New User'), array('action' => 'add')); ?></li>
|
||||||
|
<li><?php echo $this->Html->link(__('List Events'), array('controller' => 'events', 'action' => 'index')); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('New Event'), array('controller' => 'events', 'action' => 'add')); ?> </li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
|
@ -0,0 +1,117 @@
|
||||||
|
<div class="users view">
|
||||||
|
<div class="actions" style="float:right;">
|
||||||
|
<ul><li><?php echo $this->Html->link(__('Edit Profile', true), array('action' => 'edit', $user['User']['id'])); ?> </li></ul>
|
||||||
|
</div>
|
||||||
|
<h2><?php echo __('User');?></h2>
|
||||||
|
<dl>
|
||||||
|
<dt><?php echo __('Id'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['id']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Password'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['password']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Org'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['org']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Email'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['email']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Autoalert'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['autoalert']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Authkey'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['authkey']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Invited By'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['invited_by']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Gpgkey'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['gpgkey']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Nids Sid'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['nids_sid']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Termsaccepted'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['termsaccepted']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Newsread'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['newsread']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
</dl>
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<h3><?php echo __('Actions'); ?></h3>
|
||||||
|
<ul>
|
||||||
|
<li><?php echo $this->Html->link(__('Edit User'), array('action' => 'edit', $user['User']['id'])); ?> </li>
|
||||||
|
<li><?php echo $this->Form->postLink(__('Delete User'), array('action' => 'delete', $user['User']['id']), null, __('Are you sure you want to delete # %s?', $user['User']['id'])); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('List Users'), array('action' => 'index')); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('New User'), array('action' => 'add')); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('List Events'), array('controller' => 'events', 'action' => 'index')); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('New Event'), array('controller' => 'events', 'action' => 'add')); ?> </li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
<div class="related">
|
||||||
|
<h3><?php echo __('Related Events');?></h3>
|
||||||
|
<?php if (!empty($user['Event'])):?>
|
||||||
|
<table cellpadding = "0" cellspacing = "0">
|
||||||
|
<tr>
|
||||||
|
<th><?php echo __('Id'); ?></th>
|
||||||
|
<th><?php echo __('Org'); ?></th>
|
||||||
|
<th><?php echo __('Date'); ?></th>
|
||||||
|
<th><?php echo __('Risk'); ?></th>
|
||||||
|
<th><?php echo __('Info'); ?></th>
|
||||||
|
<th><?php echo __('User Id'); ?></th>
|
||||||
|
<th><?php echo __('Alerted'); ?></th>
|
||||||
|
<th><?php echo __('Uuid'); ?></th>
|
||||||
|
<th class="actions"><?php echo __('Actions');?></th>
|
||||||
|
</tr>
|
||||||
|
<?php
|
||||||
|
$i = 0;
|
||||||
|
foreach ($user['Event'] as $event): ?>
|
||||||
|
<tr>
|
||||||
|
<td><?php echo $event['id'];?></td>
|
||||||
|
<td><?php echo $event['org'];?></td>
|
||||||
|
<td><?php echo $event['date'];?></td>
|
||||||
|
<td><?php echo $event['risk'];?></td>
|
||||||
|
<td><?php echo $event['info'];?></td>
|
||||||
|
<td><?php echo $event['user_id'];?></td>
|
||||||
|
<td><?php echo $event['alerted'];?></td>
|
||||||
|
<td><?php echo $event['uuid'];?></td>
|
||||||
|
<td class="actions">
|
||||||
|
<?php echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $event['id'])); ?>
|
||||||
|
<?php echo $this->Html->link(__('Edit'), array('controller' => 'events', 'action' => 'edit', $event['id'])); ?>
|
||||||
|
<?php echo $this->Form->postLink(__('Delete'), array('controller' => 'events', 'action' => 'delete', $event['id']), null, __('Are you sure you want to delete # %s?', $event['id'])); ?>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</table>
|
||||||
|
<?php endif; ?>
|
||||||
|
|
||||||
|
<div class="actions">
|
||||||
|
<ul>
|
||||||
|
<li><?php echo $this->Html->link(__('New Event'), array('controller' => 'events', 'action' => 'add'));?> </li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</div>
|
|
@ -4,7 +4,6 @@
|
||||||
<legend><?php __('Edit User'); ?></legend>
|
<legend><?php __('Edit User'); ?></legend>
|
||||||
<?php
|
<?php
|
||||||
echo $this->Form->input('id');
|
echo $this->Form->input('id');
|
||||||
if ($isAdmin) echo $this->Form->input('group_id');
|
|
||||||
echo $this->Form->input('email');
|
echo $this->Form->input('email');
|
||||||
echo $this->Form->input('password');
|
echo $this->Form->input('password');
|
||||||
if ($isAdmin) echo $this->Form->input('org');
|
if ($isAdmin) echo $this->Form->input('org');
|
|
@ -1,19 +1,14 @@
|
||||||
<div class="users index">
|
<div class="users index">
|
||||||
<h2><?php __('Members');?></h2>
|
<h2>Members</h2>
|
||||||
<table cellpadding="0" cellspacing="0" style="width:300px;">
|
<table cellpadding="0" cellspacing="0" style="width:300px;">
|
||||||
<tr>
|
<tr>
|
||||||
<th>Organisation</th>
|
<th>Organisation</th>
|
||||||
<th># of members</th>
|
<th># of members</th>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
$i = 0;
|
|
||||||
foreach ($orgs as $org):
|
foreach ($orgs as $org):
|
||||||
$class = null;
|
|
||||||
if ($i++ % 2 == 0) {
|
|
||||||
$class = ' class="altrow"';
|
|
||||||
}
|
|
||||||
?>
|
?>
|
||||||
<tr<?php echo $class;?>>
|
<tr>
|
||||||
<td><?php echo $org['User']['org']; ?> </td>
|
<td><?php echo $org['User']['org']; ?> </td>
|
||||||
<td><?php echo $org[0]['num_members']; ?> </td>
|
<td><?php echo $org[0]['num_members']; ?> </td>
|
||||||
|
|
||||||
|
@ -30,15 +25,9 @@
|
||||||
<th>Amount</th>
|
<th>Amount</th>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
// LATER beautify types_histogram
|
|
||||||
$i = 0;
|
|
||||||
foreach ($types_histogram as $item):
|
foreach ($types_histogram as $item):
|
||||||
$class = null;
|
|
||||||
if ($i++ % 2 == 0) {
|
|
||||||
$class = ' class="altrow"';
|
|
||||||
}
|
|
||||||
?>
|
?>
|
||||||
<tr<?php echo $class;?>>
|
<tr>
|
||||||
<td><?php echo $item['Event']['org']; ?> </td>
|
<td><?php echo $item['Event']['org']; ?> </td>
|
||||||
<td><?php echo $item['Signature']['type']; ?> </td>
|
<td><?php echo $item['Signature']['type']; ?> </td>
|
||||||
<td><?php echo $item['0']['num_types']; ?> </td>
|
<td><?php echo $item['0']['num_types']; ?> </td>
|
|
@ -1,6 +1,12 @@
|
||||||
<div class="news view">
|
<div class="news view">
|
||||||
<h2>News</h2>
|
<h2>News</h2>
|
||||||
<h3>March 2012</h3>
|
<h3>March 2012</h3>
|
||||||
|
<p><b>Backend rewrite + security</b><br/>
|
||||||
|
Complete rewrite of the backend code to migrate to CakePHP 2.x (from CakePHP 1.3). <br/>
|
||||||
|
During this rewrite the code was cleaned up, CSRF protection should now be present on all the important actions.<br/>
|
||||||
|
Password strength validation, anti-bruteforce has been implemented.<br/>
|
||||||
|
Some intermittent bugs might have slipped in during the (manual) conversion. Please contact me <a href="mailto:user1088@qet.be">user1088@qet.be</a> to report any issues.
|
||||||
|
</p>
|
||||||
<p><b>Terms and News</b><br/>
|
<p><b>Terms and News</b><br/>
|
||||||
Terms and conditions have been enabled. You should only see this page once.<br/>
|
Terms and conditions have been enabled. You should only see this page once.<br/>
|
||||||
When new software updates of CyDefSIG are installed you will see the news page.</p>
|
When new software updates of CyDefSIG are installed you will see the news page.</p>
|
|
@ -43,7 +43,7 @@ holder or other party has been advised of the possibility of such damages.</li>
|
||||||
|
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
if (0 == $termsaccepted) {
|
if (!isset($termsaccepted)) {
|
||||||
echo $this->Form->create('User');
|
echo $this->Form->create('User');
|
||||||
echo $this->Form->hidden('termsaccepted', array('default'=> '1'));
|
echo $this->Form->hidden('termsaccepted', array('default'=> '1'));
|
||||||
echo $this->Form->end(__('Accept Terms', true));
|
echo $this->Form->end(__('Accept Terms', true));
|
|
@ -0,0 +1,58 @@
|
||||||
|
<div class="users view">
|
||||||
|
<div class="actions" style="float:right;">
|
||||||
|
<ul><li><?php echo $this->Html->link(__('Edit Profile', true), array('action' => 'edit', $user['User']['id'])); ?> </li></ul>
|
||||||
|
</div>
|
||||||
|
<h2><?php echo __('User');?></h2>
|
||||||
|
<dl>
|
||||||
|
<dt><?php echo __('Id'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['id']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Email'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['email']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Org'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['org']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Autoalert'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h(0 == ($user['User']['autoalert'])) ? 'no' : 'yes'; ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Authkey'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['authkey']); ?>
|
||||||
|
(<?php echo $this->Html->link('reset', array('controller' => 'users', 'action' => 'resetauthkey', $user['User']['id']));?>)
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('NIDS Start SID'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h($user['User']['nids_sid']); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('Termsaccepted'); ?></dt>
|
||||||
|
<dd>
|
||||||
|
<?php echo h((0 == $user['User']['termsaccepted'])? 'no' : 'yes'); ?>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
<dt><?php echo __('GPG Key'); ?></dt>
|
||||||
|
<dd style="font-size: 10px; line-height:100%;">
|
||||||
|
<code><?php echo nl2br(h($user['User']['gpgkey'])); ?></code>
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
</dl>
|
||||||
|
</div>
|
||||||
|
<div class="actions">
|
||||||
|
<h3><?php __('Actions'); ?></h3>
|
||||||
|
<ul>
|
||||||
|
<li><?php echo $this->Html->link(__('Edit User', true), array('action' => 'edit', $user['User']['id'])); ?> </li>
|
||||||
|
<li><?php echo $this->Html->link(__('Delete User', true), array('action' => 'delete', $user['User']['id']), null, sprintf(__('Are you sure you want to delete # %s?', true), $user['User']['id'])); ?> </li>
|
||||||
|
<li> </li>
|
||||||
|
<?php echo $this->element('actions_menu'); ?>
|
||||||
|
</ul>
|
||||||
|
</div>
|
|
@ -1,272 +0,0 @@
|
||||||
<?php
|
|
||||||
App::import('Sanitize');
|
|
||||||
class AppController extends Controller {
|
|
||||||
var $components = array('Acl', 'Auth', 'Session');
|
|
||||||
var $helpers = array('Html', 'Form', 'Session');
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// TODO convert things to form submits to prevent CSRF
|
|
||||||
|
|
||||||
function beforeFilter() {
|
|
||||||
//Configure AuthComponent
|
|
||||||
$this->Auth->authorize = 'actions';
|
|
||||||
$this->Auth->userModel = 'User';
|
|
||||||
$this->Auth->fields = array('username' => 'email', 'password' => 'password');
|
|
||||||
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
|
|
||||||
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'routeafterlogin');
|
|
||||||
$this->Auth->loginRedirect = array('controller' => 'events', 'action' => 'index');
|
|
||||||
|
|
||||||
$this->Auth->actionPath = 'controllers/';
|
|
||||||
|
|
||||||
$this->Auth->allowedActions = array('build_acl', 'initDB'); // FIXME remove build_acl
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Convert an array to the same array but with the values also as index instead of an interface_exists
|
|
||||||
*/
|
|
||||||
function _arrayToValuesIndexArray($old_array) {
|
|
||||||
$new_array = Array();
|
|
||||||
foreach ($old_array as $value)
|
|
||||||
$new_array[$value] = $value;
|
|
||||||
return $new_array;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* checks if the currently logged user is an administrator
|
|
||||||
*/
|
|
||||||
function isAdmin() {
|
|
||||||
// TODO group membership should be checked correctly.
|
|
||||||
// but as quick workaround I check if the group_id = 1 = admin
|
|
||||||
$user = $this->Auth->user();
|
|
||||||
|
|
||||||
if (1 == $user['User']['group_id'])
|
|
||||||
return true;
|
|
||||||
else
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* These functions will look at every controller in your application.
|
|
||||||
* It will add any non-private, non Controller methods to the Acl table,
|
|
||||||
* nicely nested underneath the owning controller. You can add and run this
|
|
||||||
* in your AppController or any controller for that matter, just be sure to
|
|
||||||
* remove it before putting your application into production.
|
|
||||||
* Now run the action in your browser, eg. http://localhost/groups/build_acl,
|
|
||||||
* This will build your ACO table.
|
|
||||||
*/
|
|
||||||
|
|
||||||
function build_acl() {
|
|
||||||
if (!Configure::read('debug')) {
|
|
||||||
return $this->_stop();
|
|
||||||
}
|
|
||||||
$log = array();
|
|
||||||
|
|
||||||
$aco =& $this->Acl->Aco;
|
|
||||||
$root = $aco->node('controllers');
|
|
||||||
if (!$root) {
|
|
||||||
$aco->create(array('parent_id' => null, 'model' => null, 'alias' => 'controllers'));
|
|
||||||
$root = $aco->save();
|
|
||||||
$root['Aco']['id'] = $aco->id;
|
|
||||||
$log[] = 'Created Aco node for controllers';
|
|
||||||
} else {
|
|
||||||
$root = $root[0];
|
|
||||||
}
|
|
||||||
|
|
||||||
App::import('Core', 'File');
|
|
||||||
$Controllers = App::objects('controller');
|
|
||||||
$appIndex = array_search('App', $Controllers);
|
|
||||||
if ($appIndex !== false ) {
|
|
||||||
unset($Controllers[$appIndex]);
|
|
||||||
}
|
|
||||||
$baseMethods = get_class_methods('Controller');
|
|
||||||
$baseMethods[] = 'build_acl';
|
|
||||||
|
|
||||||
$Plugins = $this->_getPluginControllerNames();
|
|
||||||
$Controllers = array_merge($Controllers, $Plugins);
|
|
||||||
|
|
||||||
// look at each controller in app/controllers
|
|
||||||
foreach ($Controllers as $ctrlName) {
|
|
||||||
$methods = $this->_getClassMethods($this->_getPluginControllerPath($ctrlName));
|
|
||||||
|
|
||||||
// Do all Plugins First
|
|
||||||
if ($this->_isPlugin($ctrlName)){
|
|
||||||
$pluginNode = $aco->node('controllers/'.$this->_getPluginName($ctrlName));
|
|
||||||
if (!$pluginNode) {
|
|
||||||
$aco->create(array('parent_id' => $root['Aco']['id'], 'model' => null, 'alias' => $this->_getPluginName($ctrlName)));
|
|
||||||
$pluginNode = $aco->save();
|
|
||||||
$pluginNode['Aco']['id'] = $aco->id;
|
|
||||||
$log[] = 'Created Aco node for ' . $this->_getPluginName($ctrlName) . ' Plugin';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// find / make controller node
|
|
||||||
$controllerNode = $aco->node('controllers/'.$ctrlName);
|
|
||||||
if (!$controllerNode) {
|
|
||||||
if ($this->_isPlugin($ctrlName)){
|
|
||||||
$pluginNode = $aco->node('controllers/' . $this->_getPluginName($ctrlName));
|
|
||||||
$aco->create(array('parent_id' => $pluginNode['0']['Aco']['id'], 'model' => null, 'alias' => $this->_getPluginControllerName($ctrlName)));
|
|
||||||
$controllerNode = $aco->save();
|
|
||||||
$controllerNode['Aco']['id'] = $aco->id;
|
|
||||||
$log[] = 'Created Aco node for ' . $this->_getPluginControllerName($ctrlName) . ' ' . $this->_getPluginName($ctrlName) . ' Plugin Controller';
|
|
||||||
} else {
|
|
||||||
$aco->create(array('parent_id' => $root['Aco']['id'], 'model' => null, 'alias' => $ctrlName));
|
|
||||||
$controllerNode = $aco->save();
|
|
||||||
$controllerNode['Aco']['id'] = $aco->id;
|
|
||||||
$log[] = 'Created Aco node for ' . $ctrlName;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$controllerNode = $controllerNode[0];
|
|
||||||
}
|
|
||||||
|
|
||||||
//clean the methods. to remove those in Controller and private actions.
|
|
||||||
foreach ($methods as $k => $method) {
|
|
||||||
if (strpos($method, '_', 0) === 0) {
|
|
||||||
unset($methods[$k]);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if (in_array($method, $baseMethods)) {
|
|
||||||
unset($methods[$k]);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
$methodNode = $aco->node('controllers/'.$ctrlName.'/'.$method);
|
|
||||||
if (!$methodNode) {
|
|
||||||
$aco->create(array('parent_id' => $controllerNode['Aco']['id'], 'model' => null, 'alias' => $method));
|
|
||||||
$methodNode = $aco->save();
|
|
||||||
$log[] = 'Created Aco node for '. $method;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if(count($log)>0) {
|
|
||||||
debug($log);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function _getClassMethods($ctrlName = null) {
|
|
||||||
App::import('Controller', $ctrlName);
|
|
||||||
if (strlen(strstr($ctrlName, '.')) > 0) {
|
|
||||||
// plugin's controller
|
|
||||||
$num = strpos($ctrlName, '.');
|
|
||||||
$ctrlName = substr($ctrlName, $num+1);
|
|
||||||
}
|
|
||||||
$ctrlclass = $ctrlName . 'Controller';
|
|
||||||
$methods = get_class_methods($ctrlclass);
|
|
||||||
|
|
||||||
// Add scaffold defaults if scaffolds are being used
|
|
||||||
$properties = get_class_vars($ctrlclass);
|
|
||||||
if (array_key_exists('scaffold',$properties)) {
|
|
||||||
if($properties['scaffold'] == 'admin') {
|
|
||||||
$methods = array_merge($methods, array('admin_add', 'admin_edit', 'admin_index', 'admin_view', 'admin_delete'));
|
|
||||||
} else {
|
|
||||||
$methods = array_merge($methods, array('add', 'edit', 'index', 'view', 'delete'));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return $methods;
|
|
||||||
}
|
|
||||||
|
|
||||||
function _isPlugin($ctrlName = null) {
|
|
||||||
$arr = String::tokenize($ctrlName, '/');
|
|
||||||
if (count($arr) > 1) {
|
|
||||||
return true;
|
|
||||||
} else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function _getPluginControllerPath($ctrlName = null) {
|
|
||||||
$arr = String::tokenize($ctrlName, '/');
|
|
||||||
if (count($arr) == 2) {
|
|
||||||
return $arr[0] . '.' . $arr[1];
|
|
||||||
} else {
|
|
||||||
return $arr[0];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function _getPluginName($ctrlName = null) {
|
|
||||||
$arr = String::tokenize($ctrlName, '/');
|
|
||||||
if (count($arr) == 2) {
|
|
||||||
return $arr[0];
|
|
||||||
} else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function _getPluginControllerName($ctrlName = null) {
|
|
||||||
$arr = String::tokenize($ctrlName, '/');
|
|
||||||
if (count($arr) == 2) {
|
|
||||||
return $arr[1];
|
|
||||||
} else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the names of the plugin controllers ...
|
|
||||||
*
|
|
||||||
* This function will get an array of the plugin controller names, and
|
|
||||||
* also makes sure the controllers are available for us to get the
|
|
||||||
* method names by doing an App::import for each plugin controller.
|
|
||||||
*
|
|
||||||
* @return array of plugin names.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
function _getPluginControllerNames() {
|
|
||||||
App::import('Core', 'File', 'Folder');
|
|
||||||
$paths = Configure::getInstance();
|
|
||||||
$folder =& new Folder();
|
|
||||||
$folder->cd(APP . 'plugins');
|
|
||||||
|
|
||||||
// Get the list of plugins
|
|
||||||
$Plugins = $folder->read();
|
|
||||||
$Plugins = $Plugins[0];
|
|
||||||
$arr = array();
|
|
||||||
|
|
||||||
// Loop through the plugins
|
|
||||||
foreach($Plugins as $pluginName) {
|
|
||||||
// Change directory to the plugin
|
|
||||||
$didCD = $folder->cd(APP . 'plugins'. DS . $pluginName . DS . 'controllers');
|
|
||||||
// Get a list of the files that have a file name that ends
|
|
||||||
// with controller.php
|
|
||||||
$files = $folder->findRecursive('.*_controller\.php');
|
|
||||||
|
|
||||||
// Loop through the controllers we found in the plugins directory
|
|
||||||
foreach($files as $fileName) {
|
|
||||||
// Get the base file name
|
|
||||||
$file = basename($fileName);
|
|
||||||
|
|
||||||
// Get the controller name
|
|
||||||
$file = Inflector::camelize(substr($file, 0, strlen($file)-strlen('_controller.php')));
|
|
||||||
if (!preg_match('/^'. Inflector::humanize($pluginName). 'App/', $file)) {
|
|
||||||
if (!App::import('Controller', $pluginName.'.'.$file)) {
|
|
||||||
debug('Error importing '.$file.' for plugin '.$pluginName);
|
|
||||||
} else {
|
|
||||||
/// Now prepend the Plugin name ...
|
|
||||||
// This is required to allow us to fetch the method names.
|
|
||||||
$arr[] = Inflector::humanize($pluginName) . "/" . $file;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return $arr;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
?>
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue