mirror of https://github.com/MISP/MISP
Export distribution
- Export didn't take into account distribution rules, should be fixed - Fixed a bug with editing attributespull/63/head
parent
a0616558e9
commit
8e6852e037
|
@ -552,7 +552,7 @@ class AttributesController extends AppController {
|
|||
$this->request->data['Attribute']['id'] = $existingAttribute['Attribute']['id'];
|
||||
}
|
||||
|
||||
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private', 'cluster');
|
||||
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private', 'cluster', 'value');
|
||||
if ("i" == Configure::read('CyDefSIG.rest')) {
|
||||
unset($this->request->data['Event']);
|
||||
$this->Attribute->unbindModel(array('belongsTo' => array('Event')));
|
||||
|
@ -572,13 +572,12 @@ class AttributesController extends AppController {
|
|||
} else {
|
||||
$this->set('canEditDist', false);
|
||||
}
|
||||
if ($this->request->data['Attribute']['distribution'] != $existingAttribute['Attribute']['distribution']) {
|
||||
if (isset($this->request->data['Attribute']['distribution']) && $this->request->data['Attribute']['distribution'] != $existingAttribute['Attribute']['distribution']) {
|
||||
$this->request->data['Attribute']['dist_change'] = 1 + $existingAttribute['Attribute']['dist_change'];
|
||||
}
|
||||
}
|
||||
if ($this->Attribute->save($this->request->data)) {
|
||||
$this->Session->setFlash(__('The attribute has been saved'));
|
||||
|
||||
// remove the published flag from the event
|
||||
$this->Event->saveField('published', 0);
|
||||
|
||||
|
@ -734,8 +733,8 @@ class AttributesController extends AppController {
|
|||
$this->Session->write('paginate_conditions',array());
|
||||
|
||||
if ($this->request->is('post') && ($this->request->here == $fullAddress)) {
|
||||
$keyword = Sanitize::clean($this->request->data['Attribute']['keyword']);
|
||||
$keyword2 = Sanitize::clean($this->request->data['Attribute']['keyword2']);
|
||||
$keyword = $this->request->data['Attribute']['keyword'];
|
||||
$keyword2 = $this->request->data['Attribute']['keyword2'];
|
||||
$type = $this->request->data['Attribute']['type'];
|
||||
$category = $this->request->data['Attribute']['category'];
|
||||
$this->set('keywordSearch', $keyword);
|
||||
|
@ -747,7 +746,7 @@ class AttributesController extends AppController {
|
|||
// search the db
|
||||
$conditions = array();
|
||||
if (isset($keyword)) {
|
||||
$keywordArray = explode("\n", $keyword);
|
||||
$keywordArray = preg_split("/\r\n|\n|\r/", $keyword);
|
||||
$i = 1;
|
||||
$temp = array();
|
||||
foreach ($keywordArray as $keywordArrayElement) {
|
||||
|
@ -769,7 +768,7 @@ class AttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
if (isset($keyword2)) {
|
||||
$keywordArray2 = explode("\n", $keyword2);
|
||||
$keywordArray2 = preg_split("/\r\n|\n|\r/", $keyword2);
|
||||
$i = 1;
|
||||
$temp = array();
|
||||
foreach ($keywordArray2 as $keywordArrayElement) {
|
||||
|
@ -784,7 +783,7 @@ class AttributesController extends AppController {
|
|||
$this->set('keywordSearch2', $keyWordText2);
|
||||
if (!empty($temp)){
|
||||
if (count($temp) == 1) {
|
||||
$conditions['Attribute.event_id'] = $keyWordText2;
|
||||
$conditions['Attribute.event_id !='] = $keyWordText2;
|
||||
} else {
|
||||
$conditions['AND'] = $temp;
|
||||
}
|
||||
|
|
|
@ -1243,17 +1243,43 @@ class EventsController extends AppController {
|
|||
} else {
|
||||
$conditions = array();
|
||||
}
|
||||
//restricting to non-private or same org if the user is not a site-admin.
|
||||
if (!$this->isSiteAdmin()) {
|
||||
$temp = array();
|
||||
$temp2 = array();
|
||||
$org = $this->_checkOrg();
|
||||
$distribution = array();
|
||||
array_push($distribution, array('Event.private =' => 0));
|
||||
array_push($distribution, array('Event.cluster =' => 1));
|
||||
array_push($temp, array('OR' => $distribution));
|
||||
array_push($temp, array('Event.org LIKE' => $org));
|
||||
$conditions['OR'] = $temp;
|
||||
$distribution2 = array();
|
||||
array_push($distribution2, array('Attribute.private =' => 0));
|
||||
array_push($distribution2, array('Attribute.cluster =' => 1));
|
||||
array_push($temp2, array('OR' => $distribution2));
|
||||
array_push($temp2, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $org));
|
||||
$conditionsAttributes['OR'] = $temp2;
|
||||
}
|
||||
|
||||
// do not expose all the data ...
|
||||
$fields = array('Event.id', 'Event.date', 'Event.risk', 'Event.analysis', 'Event.info', 'Event.published', 'Event.uuid');
|
||||
$fieldsAtt = array('Attribute.id', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.uuid', 'Attribute.event_id');
|
||||
if ('true' == Configure::read('CyDefSIG.showorg')) {
|
||||
$fields[] = 'Event.org';
|
||||
}
|
||||
|
||||
$params = array('conditions' => $conditions,
|
||||
'recursive' => 1,
|
||||
'fields' => $fields,
|
||||
);
|
||||
'contain' =>array(
|
||||
'Attribute' => array(
|
||||
'fields' => $fieldsAtt,
|
||||
'conditions' => $conditionsAttributes,
|
||||
),
|
||||
)
|
||||
);
|
||||
$results = $this->Event->find('all', $params);
|
||||
|
||||
$this->set('results', Sanitize::clean($results));
|
||||
}
|
||||
|
||||
|
@ -1277,8 +1303,20 @@ class EventsController extends AppController {
|
|||
|
||||
$this->loadModel('Attribute');
|
||||
|
||||
//restricting to non-private or same org if the user is not a site-admin.
|
||||
$conditions['AND'] = array('Attribute.to_ids' => 1, "Event.published" => 1);
|
||||
if (!$this->isSiteAdmin()) {
|
||||
$temp = array();
|
||||
$distribution = array();
|
||||
array_push($distribution, array('Attribute.private =' => 0));
|
||||
array_push($distribution, array('Attribute.cluster =' => 1));
|
||||
array_push($temp, array('OR' => $distribution));
|
||||
array_push($temp, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $this->_checkOrg()));
|
||||
$conditions['OR'] = $temp;
|
||||
}
|
||||
|
||||
$params = array(
|
||||
'conditions' => array( "AND" => array ('Attribute.to_ids' => 1, "Event.published" => 1)), //array of conditions
|
||||
'conditions' => $conditions, //array of conditions
|
||||
'recursive' => 0, //int
|
||||
'group' => array('Attribute.type', 'Attribute.value1'), //fields to GROUP BY
|
||||
);
|
||||
|
@ -1315,8 +1353,20 @@ class EventsController extends AppController {
|
|||
|
||||
$this->loadModel('Attribute');
|
||||
|
||||
//restricting to non-private or same org if the user is not a site-admin.
|
||||
$conditions['AND'] = array('Attribute.to_ids' => 1, "Event.published" => 1);
|
||||
if (!$this->isSiteAdmin()) {
|
||||
$temp = array();
|
||||
$distribution = array();
|
||||
array_push($distribution, array('Attribute.private =' => 0));
|
||||
array_push($distribution, array('Attribute.cluster =' => 1));
|
||||
array_push($temp, array('OR' => $distribution));
|
||||
array_push($temp, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $this->_checkOrg()));
|
||||
$conditions['OR'] = $temp;
|
||||
}
|
||||
|
||||
$params = array(
|
||||
'conditions' => array('Attribute.to_ids' => 1), //array of conditions
|
||||
'conditions' => $conditions, //array of conditions
|
||||
'recursive' => 0, //int
|
||||
'group' => array('Attribute.type', 'Attribute.value1'), //fields to GROUP BY
|
||||
);
|
||||
|
@ -1358,8 +1408,20 @@ class EventsController extends AppController {
|
|||
|
||||
$this->loadModel('Attribute');
|
||||
|
||||
//restricting to non-private or same org if the user is not a site-admin.
|
||||
$conditions['AND'] = array('Attribute.to_ids' => 1, "Event.published" => 1);
|
||||
if (!$this->isSiteAdmin()) {
|
||||
$temp = array();
|
||||
$distribution = array();
|
||||
array_push($distribution, array('Attribute.private =' => 0));
|
||||
array_push($distribution, array('Attribute.cluster =' => 1));
|
||||
array_push($temp, array('OR' => $distribution));
|
||||
array_push($temp, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $this->_checkOrg()));
|
||||
$conditions['OR'] = $temp;
|
||||
}
|
||||
|
||||
$params = array(
|
||||
'conditions' => array('Attribute.to_ids' => 1), //array of conditions
|
||||
'conditions' => $conditions, //array of conditions
|
||||
'recursive' => 0, //int
|
||||
'group' => array('Attribute.type', 'Attribute.value1'), //fields to GROUP BY
|
||||
);
|
||||
|
@ -1398,8 +1460,23 @@ class EventsController extends AppController {
|
|||
$this->layout = 'text/default';
|
||||
|
||||
$this->loadModel('Attribute');
|
||||
|
||||
|
||||
//restricting to non-private or same org if the user is not a site-admin.
|
||||
$conditions['AND'] = array('Attribute.type' => $type);
|
||||
if (!$this->isSiteAdmin()) {
|
||||
$temp = array();
|
||||
$distribution = array();
|
||||
array_push($distribution, array('Attribute.private =' => 0));
|
||||
array_push($distribution, array('Attribute.cluster =' => 1));
|
||||
array_push($temp, array('OR' => $distribution));
|
||||
array_push($temp, array('(SELECT EVENTS.ORG FROM EVENTS WHERE EVENTS.ID = Attribute.event_id) LIKE' => $this->_checkOrg()));
|
||||
$conditions['OR'] = $temp;
|
||||
}
|
||||
|
||||
|
||||
$params = array(
|
||||
'conditions' => array('Attribute.type' => $type), //array of conditions
|
||||
'conditions' => $conditions, //array of conditions
|
||||
'recursive' => 0, //int
|
||||
'fields' => array('Attribute.value'), //array of field names
|
||||
'order' => array('Attribute.value'), //string or array defining order
|
||||
|
|
|
@ -21,6 +21,7 @@ class Attribute extends AppModel {
|
|||
'userKey' => 'user_id',
|
||||
'change' => 'full'),
|
||||
'Trim',
|
||||
'Containable',
|
||||
'Regexp' => array('fields' => array('value', 'value2')),
|
||||
'Blacklist' => array('fields' => array('value'))
|
||||
);
|
||||
|
@ -369,7 +370,7 @@ class Attribute extends AppModel {
|
|||
if (!empty($this->data['Attribute']['type'])) {
|
||||
$compositeTypes = $this->getCompositeTypes();
|
||||
// explode composite types in value1 and value2
|
||||
if (!isset($this->data['Attribute']['value1'])) {
|
||||
//if (!isset($this->data['Attribute']['value1'])) {
|
||||
$pieces = explode('|', $this->data['Attribute']['value']);
|
||||
if (in_array($this->data['Attribute']['type'], $compositeTypes)) {
|
||||
if (2 != count($pieces)) {
|
||||
|
@ -382,7 +383,7 @@ class Attribute extends AppModel {
|
|||
$this->data['Attribute']['value1'] = $total;
|
||||
$this->data['Attribute']['value2'] = '';
|
||||
}
|
||||
}
|
||||
//}
|
||||
}
|
||||
// always return true after a beforeSave()
|
||||
return true;
|
||||
|
@ -424,6 +425,7 @@ class Attribute extends AppModel {
|
|||
}
|
||||
|
||||
public function massageData(&$data) {
|
||||
if(!isset($data['Attribute']['distribution'])) return $data;
|
||||
switch ($data['Attribute']['distribution']) {
|
||||
case 'Your organization only':
|
||||
$data['Attribute']['private'] = true;
|
||||
|
|
|
@ -16,8 +16,9 @@ class Event extends AppModel {
|
|||
'userKey' => 'user_id',
|
||||
'change' => 'full'),
|
||||
'Trim',
|
||||
//'Regexp' => array('fields' => array('info')),
|
||||
//'Blacklist' => array('fields' => array('info')),
|
||||
'Containable',
|
||||
'Regexp' => array('fields' => array('info')),
|
||||
'Blacklist' => array('fields' => array('info')),
|
||||
);
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in New Issue