MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Sync. 

get the user and org correct,
given authkey them are known to the system.
pull/61/head
noud 2012-09-03 10:26:13 +02:00
parent 35e1a455cd
commit 8a021ba82d
1 changed files with 6 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/Controller/EventsController.php
View File

@ -234,14 +234,12 @@ class EventsController extends AppController {
*/
public function _add(&$data, &$auth, $fromXml, $or='') {
// force check userid and orgname to be from yourself
if (!$fromXml) $data['Event']['user_id'] = $auth->user('id');
else $data['Event']['user_id'] = '0';
if (!$fromXml) $data['Event']['org'] = $auth->user('org');
if (strlen($or)) $data['Event']['org'] = $or;
$data['Event']['user_id'] = $auth->user('id');
$data['Event']['org'] = strlen($or) ? $or : $auth->user('org');
unset ($data['Event']['id']);
$this->Event->create();
if ($fromXml) {
if ($fromXml) {
// Workaround for different structure in XML/array than what CakePHP expects
$this->Event->cleanupEventArrayFromXML($data);
@ -278,14 +276,10 @@ class EventsController extends AppController {
}
}
if ($fromXml) $fieldList = array(
'Event' => array('org', 'date', 'risk', 'info', 'published', 'uuid', 'private'),
$fieldList = array(
'Event' => array('org', 'date', 'risk', 'info', 'user_id', 'published', 'uuid', 'private'),
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private')
);
else $fieldList = array(
'Event' => array('org', 'date', 'risk', 'info', 'user_id', 'published', 'uuid', 'private'),
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private')
);
// this saveAssociated() function will save not only the event, but also the attributes
// from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute
if ($this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList))) {
@ -578,7 +572,7 @@ class EventsController extends AppController {
// sign the body
require_once 'Crypt/GPG.php';
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir')));
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'))); // , 'debug' => true
$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
$body_signed = $gpg->sign($body, Crypt_GPG::SIGN_MODE_CLEAR);