fix: [AttackMatrix] picking Att&ck tactic correctly redirect on the

matrix
2018-06-12 14:25:43 +00:00 · 2018-06-12 14:25:43 +00:00 · 95e694f054
parent 6c8bdeaff6
commit 95e694f054
5 changed files with 62 additions and 37 deletions
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@ -4560,7 +4560,7 @@ class EventsController extends AppController {
 		return new CakeResponse(array('body' => json_encode($json), 'status' => 200, 'type' => 'json'));
 	}

-	public function viewMitreAttackMatrix($eventId, $itemType='attribute', $itemId=false, $galaxyId=false) {
+	public function viewMitreAttackMatrix($eventId, $itemType='attribute', $itemId=false) {
 		if (!$this->request->is('ajax')) {
 			throw new MethodNotAllowedException('Invalid method.');
 		}
@ -4620,7 +4620,7 @@ class EventsController extends AppController {
 		$this->set('colours', $colours);

 		// picking mode
-		if ($itemId !== false && $galaxyId == $attackGalaxyId) {
+		if ($itemId !== false) {
 			$this->set('pickingMode', true);
 			$this->set('target_id', $itemId);
 		} else {
--- a/app/Controller/GalaxiesController.php
+++ b/app/Controller/GalaxiesController.php
@ -65,11 +65,31 @@ class GalaxiesController extends AppController {
 	}

 	public function selectGalaxy($target_id, $target_type='event', $namespace='misp') {
+		$expectedDescription = 'ATT&CK Tactic';
 		$conditions = $namespace == '0' ? array() : array('namespace' => $namespace);
+		if ($namespace == 'mitre-attack') {
+			$conditions[] = array('description !=' => $expectedDescription);
+			$conditions2 = array('namespace' => $namespace);
+			$conditions2[] = array('description' => $expectedDescription);
+		}
 		$galaxies = $this->Galaxy->find('all', array(
 			'recursive' => -1,
 			'conditions' => $conditions,
 		));
+		$tacticGalaxies = $this->Galaxy->find('all', array(
+			'recursive' => -1,
+			'conditions' => $conditions2,
+		));
+		if (count($tacticGalaxies) > 0) {
+			$galaxies[] = array('Galaxy' => array(
+				'id' => '-1',
+				'uuid' => '-1',
+				'name' => $expectedDescription,
+				'type' => '-1',
+				'icon' => '/img/mitre-attack-icon.ico',
+				'namespace' => 'mitre-attack'
+			));
+		}
 		$this->set('galaxies', $galaxies);
 		$this->set('target_id', $target_id);
 		$this->set('target_type', $target_type);
--- a/app/View/Galaxies/ajax/galaxy_choice.ctp
+++ b/app/View/Galaxies/ajax/galaxy_choice.ctp
@ -7,7 +7,14 @@
 			</tr>
 		<?php foreach ($galaxies as $galaxy): ?>
 			<tr style="border-bottom:1px solid black;" class="templateChoiceButton">
-				<td role="button" tabindex="0" aria-label="<?php echo h($galaxy['Galaxy']['name']); ?>" title="<?php echo h($galaxy['Galaxy']['name']); ?>" style="padding-left:10px;padding-right:10px; text-align:center;width:100%;" onClick="getPopup('<?php echo h($target_id) . "/" . h($target_type); ?>/<?php echo h($galaxy['Galaxy']['id']);?>', 'galaxies', 'selectCluster');">Galaxy: <?php echo h($galaxy['Galaxy']['name']); ?></td>
+				<?php if ($galaxy['Galaxy']['id'] != -1): ?>
+					<td role="button" tabindex="0" aria-label="<?php echo h($galaxy['Galaxy']['name']); ?>" title="<?php echo h($galaxy['Galaxy']['name']); ?>" style="padding-left:10px;padding-right:10px; text-align:center;width:100%;" onClick="getPopup('<?php echo h($target_id) . "/" . h($target_type); ?>/<?php echo h($galaxy['Galaxy']['id']);?>', 'galaxies', 'selectCluster');">Galaxy: <?php echo h($galaxy['Galaxy']['name']); ?></td>
+				<?php else: ?>
+					<td role="button" tabindex="0" aria-label="<?php echo h($galaxy['Galaxy']['name']); ?>" title="<?php echo h($galaxy['Galaxy']['name']); ?>" style="padding-left:10px;padding-right:10px; text-align:center;width:100%;" onClick="getMitreMatrixPopup('<?php echo h($target_id) . "/" . h($target_type); ?>');">
+						<img src="<?php echo h($galaxy['Galaxy']['icon']); ?>" style="margin-right: 8px; height: 25px;"/>
+						<?php echo h($galaxy['Galaxy']['name']); ?>
+					</td>
+				<?php endif; ?>
 			</tr>
 		<?php endforeach; ?>
 		</table>
--- a/app/webroot/img/mitre-attack-icon.ico
+++ b/app/webroot/img/mitre-attack-icon.ico
--- a/app/webroot/js/misp.js
+++ b/app/webroot/js/misp.js
@ -1242,42 +1242,40 @@ function openPopup(id) {
 	$(id).fadeIn();
 }

+function getMitreMatrixPopup(id) {
+	cancelPopoverForm();
+	getPopup(scope_id + '/' + id, 'events', 'viewMitreAttackMatrix', '', '#popover_form_large');
+}
+
 function getPopup(id, context, target, admin, popupType) {
-	var attackClusterID = $('#attackmatrix_div').data('mitre-attack-galaxy-id');
-	var clusterID = id.split('/').pop();
-	if (context == 'galaxies' && target == 'selectCluster' && clusterID == attackClusterID) { // overwrite default popup behavior for galaxyCluster picking
-		cancelPopoverForm();
-		getPopup(scope_id + '/' + id, 'events', 'viewMitreAttackMatrix', '', '#popover_form_large');
-	} else {
-		$("#gray_out").fadeIn();
-		var url = "";
-		if (typeof admin !== 'undefined' && admin != '') url+= "/admin";
-		if (context != '') {
-			url += "/" + context;
-		}
-		if (target != '') url += "/" + target;
-		if (id != '') url += "/" + id;
-		if (popupType == '' || typeof popupType == 'undefined') popupType = '#popover_form';
-		$.ajax({
-			beforeSend: function (XMLHttpRequest) {
-				$(".loading").show();
-			},
-			dataType:"html",
-			async: true,
-			cache: false,
-			success:function (data, textStatus) {
-				$(".loading").hide();
-				$(popupType).html(data);
-				openPopup(popupType);
-			},
-			error:function() {
-				$(".loading").hide();
-				$("#gray_out").fadeOut();
-				showMessage('fail', 'Something went wrong - the queried function returned an exception. Contact your administrator for further details (the exception has been logged).');
-			},
-			url: url
-		});
+	$("#gray_out").fadeIn();
+	var url = "";
+	if (typeof admin !== 'undefined' && admin != '') url+= "/admin";
+	if (context != '') {
+		url += "/" + context;
 	}
+	if (target != '') url += "/" + target;
+	if (id != '') url += "/" + id;
+	if (popupType == '' || typeof popupType == 'undefined') popupType = '#popover_form';
+	$.ajax({
+		beforeSend: function (XMLHttpRequest) {
+			$(".loading").show();
+		},
+		dataType:"html",
+		async: true,
+		cache: false,
+		success:function (data, textStatus) {
+			$(".loading").hide();
+			$(popupType).html(data);
+			openPopup(popupType);
+		},
+		error:function() {
+			$(".loading").hide();
+			$("#gray_out").fadeOut();
+			showMessage('fail', 'Something went wrong - the queried function returned an exception. Contact your administrator for further details (the exception has been logged).');
+		},
+		url: url
+	});
 }

 function simplePopup(url) {