mirror of https://github.com/MISP/MISP
chg: [internal] Code cleanup for UserLoginProfile
parent
120997d42e
commit
8d4ff03a53
|
@ -127,7 +127,7 @@ class UserLoginProfile extends AppModel
|
||||||
$data = array_merge($data, JsonTool::decode($logEntry['change']) ?? []);
|
$data = array_merge($data, JsonTool::decode($logEntry['change']) ?? []);
|
||||||
$data['ip'] = $logEntry['ip'];
|
$data['ip'] = $logEntry['ip'];
|
||||||
$data['timestamp'] = $logEntry['created'];
|
$data['timestamp'] = $logEntry['created'];
|
||||||
if ($data['user_agent'] == "") {
|
if ($data['user_agent'] === "") {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
return $data;
|
return $data;
|
||||||
|
@ -141,48 +141,48 @@ class UserLoginProfile extends AppModel
|
||||||
if (!$a['ua_browser'])
|
if (!$a['ua_browser'])
|
||||||
return false;
|
return false;
|
||||||
// really similar session, from same browser, region, but different IP
|
// really similar session, from same browser, region, but different IP
|
||||||
if ($a['ua_browser'] == $b['ua_browser'] &&
|
if ($a['ua_browser'] === $b['ua_browser'] &&
|
||||||
$a['ua_platform'] == $b['ua_platform'] &&
|
$a['ua_platform'] === $b['ua_platform'] &&
|
||||||
$a['accept_lang'] == $b['accept_lang'] &&
|
$a['accept_lang'] === $b['accept_lang'] &&
|
||||||
$a['geoip'] == $b['geoip']) {
|
$a['geoip'] === $b['geoip']) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
// similar browser pattern, OS and region
|
// similar browser pattern, OS and region
|
||||||
if ($a['ua_pattern'] == $b['ua_pattern'] &&
|
if ($a['ua_pattern'] === $b['ua_pattern'] &&
|
||||||
$a['ua_platform'] == $b['ua_platform'] &&
|
$a['ua_platform'] === $b['ua_platform'] &&
|
||||||
$a['accept_lang'] == $b['accept_lang'] &&
|
$a['accept_lang'] === $b['accept_lang'] &&
|
||||||
$a['geoip'] == $b['geoip']) {
|
$a['geoip'] === $b['geoip']) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function _isIdentical($a, $b)
|
public function _isIdentical(array $a, array $b)
|
||||||
{
|
{
|
||||||
if ($a['ip'] == $b['ip'] &&
|
if ($a['ip'] === $b['ip'] &&
|
||||||
$a['ua_browser'] == $b['ua_browser'] &&
|
$a['ua_browser'] === $b['ua_browser'] &&
|
||||||
$a['ua_platform'] == $b['ua_platform'] &&
|
$a['ua_platform'] === $b['ua_platform'] &&
|
||||||
$a['accept_lang'] == $b['accept_lang'] &&
|
$a['accept_lang'] === $b['accept_lang'] &&
|
||||||
$a['geoip'] == $b['geoip']) {
|
$a['geoip'] === $b['geoip']) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function _getTrustStatus($userProfileToCheck, $user_id = null)
|
public function _getTrustStatus(array $userProfileToCheck, $userId = null)
|
||||||
{
|
{
|
||||||
if (!$user_id) {
|
if (!$userId) {
|
||||||
$user_id = AuthComponent::user('id');
|
$userId = AuthComponent::user('id');
|
||||||
}
|
}
|
||||||
// load Singleton / caching
|
// load Singleton / caching
|
||||||
if (!isset($this->knownUserProfiles[$user_id])) {
|
if (!isset($this->knownUserProfiles[$userId])) {
|
||||||
$this->knownUserProfiles[$user_id] = $this->find('all', [
|
$this->knownUserProfiles[$userId] = $this->find('all', [
|
||||||
'conditions' => ['UserLoginProfile.user_id' => $user_id],
|
'conditions' => ['UserLoginProfile.user_id' => $userId],
|
||||||
'recursive' => 0]
|
'recursive' => 0
|
||||||
);
|
]);
|
||||||
}
|
}
|
||||||
// perform check on all entries, and stop when check OK
|
// perform check on all entries, and stop when check OK
|
||||||
foreach ($this->knownUserProfiles[$user_id] as $knownUserProfile) {
|
foreach ($this->knownUserProfiles[$userId] as $knownUserProfile) {
|
||||||
// when it is the same
|
// when it is the same
|
||||||
if ($this->_isIdentical($knownUserProfile['UserLoginProfile'], $userProfileToCheck)) {
|
if ($this->_isIdentical($knownUserProfile['UserLoginProfile'], $userProfileToCheck)) {
|
||||||
return $knownUserProfile['UserLoginProfile']['status'];
|
return $knownUserProfile['UserLoginProfile']['status'];
|
||||||
|
@ -240,12 +240,7 @@ class UserLoginProfile extends AppModel
|
||||||
$body->set('misp_org', Configure::read('MISP.org'));
|
$body->set('misp_org', Configure::read('MISP.org'));
|
||||||
$body->set('date_time', $date_time);
|
$body->set('date_time', $date_time);
|
||||||
// Fetch user that contains also PGP or S/MIME keys for e-mail encryption
|
// Fetch user that contains also PGP or S/MIME keys for e-mail encryption
|
||||||
$result = $this->User->sendEmail($user, $body, false, "[" . Configure::read('MISP.org') . " MISP] New sign in.");
|
$this->User->sendEmail($user, $body, false, "[" . Configure::read('MISP.org') . " MISP] New sign in.");
|
||||||
if ($result) {
|
|
||||||
// all is well, email sent to user
|
|
||||||
} else {
|
|
||||||
// email flow system already logs errors
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -262,17 +257,12 @@ class UserLoginProfile extends AppModel
|
||||||
$org_admins = $this->User->getOrgAdminsForOrg($user['User']['org_id']);
|
$org_admins = $this->User->getOrgAdminsForOrg($user['User']['org_id']);
|
||||||
$admins = $this->User->getSiteAdmins();
|
$admins = $this->User->getSiteAdmins();
|
||||||
$all_admins = array_unique(array_merge($org_admins, $admins));
|
$all_admins = array_unique(array_merge($org_admins, $admins));
|
||||||
foreach($all_admins as $admin_email) {
|
foreach ($all_admins as $admin_email) {
|
||||||
$admin = $this->User->find('first', array(
|
$admin = $this->User->find('first', array(
|
||||||
'recursive' => -1,
|
'recursive' => -1,
|
||||||
'conditions' => ['User.email' => $admin_email]
|
'conditions' => ['User.email' => $admin_email]
|
||||||
));
|
));
|
||||||
$result = $this->User->sendEmail($admin, $body, false, "[" . Configure::read('MISP.org') . " MISP] Suspicious login reported.");
|
$this->User->sendEmail($admin, $body, false, "[" . Configure::read('MISP.org') . " MISP] Suspicious login reported.");
|
||||||
if ($result) {
|
|
||||||
// all is well, email sent to user
|
|
||||||
} else {
|
|
||||||
// email flow system already logs errors
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -289,12 +279,8 @@ class UserLoginProfile extends AppModel
|
||||||
$body->set('date_time', $date_time);
|
$body->set('date_time', $date_time);
|
||||||
$body->set('suspiciousness_reason', $suspiciousness_reason);
|
$body->set('suspiciousness_reason', $suspiciousness_reason);
|
||||||
// inform the user
|
// inform the user
|
||||||
$result = $this->User->sendEmail($user, $body, false, "[" . Configure::read('MISP.org') . " MISP] Suspicious login with your account.");
|
$this->User->sendEmail($user, $body, false, "[" . Configure::read('MISP.org') . " MISP] Suspicious login with your account.");
|
||||||
if ($result) {
|
|
||||||
// all is well, email sent to user
|
|
||||||
} else {
|
|
||||||
// email flow system already logs errors
|
|
||||||
}
|
|
||||||
// inform the org admin
|
// inform the org admin
|
||||||
$body = new SendEmailTemplate('userloginprofile_suspicious_orgadmin');
|
$body = new SendEmailTemplate('userloginprofile_suspicious_orgadmin');
|
||||||
$body->set('userLoginProfile', $this->_getUserProfile());
|
$body->set('userLoginProfile', $this->_getUserProfile());
|
||||||
|
@ -303,18 +289,14 @@ class UserLoginProfile extends AppModel
|
||||||
$body->set('misp_org', Configure::read('MISP.org'));
|
$body->set('misp_org', Configure::read('MISP.org'));
|
||||||
$body->set('date_time', $date_time);
|
$body->set('date_time', $date_time);
|
||||||
$body->set('suspiciousness_reason', $suspiciousness_reason);
|
$body->set('suspiciousness_reason', $suspiciousness_reason);
|
||||||
|
|
||||||
$org_admins = $this->User->getOrgAdminsForOrg($user['User']['org_id']);
|
$org_admins = $this->User->getOrgAdminsForOrg($user['User']['org_id']);
|
||||||
foreach($org_admins as $org_admin_email) {
|
foreach ($org_admins as $org_admin_email) {
|
||||||
$org_admin = $this->User->find('first', array(
|
$org_admin = $this->User->find('first', array(
|
||||||
'recursive' => -1,
|
'recursive' => -1,
|
||||||
'conditions' => ['User.email' => $org_admin_email]
|
'conditions' => ['User.email' => $org_admin_email]
|
||||||
));
|
));
|
||||||
$result = $this->User->sendEmail($org_admin, $body, false, "[" . Configure::read('MISP.org') . " MISP] Suspicious login detected.");
|
$this->User->sendEmail($org_admin, $body, false, "[" . Configure::read('MISP.org') . " MISP] Suspicious login detected.");
|
||||||
if ($result) {
|
|
||||||
// all is well, email sent to user
|
|
||||||
} else {
|
|
||||||
// email flow system already logs errors
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue