mirror of https://github.com/MISP/MISP
Merge branch '2.4' of github.com:MISP/MISP into eventFiltering
commit
965184da24
|
@ -0,0 +1,5 @@
|
|||
# MISP logos
|
||||
|
||||
MISP logos are licensed under [CC-BY](https://creativecommons.org/licenses/by/4.0/).
|
||||
|
||||
If you are using the MISP logo, don't hesitate to contact us if you have any question.
|
2
PyMISP
2
PyMISP
|
@ -1 +1 @@
|
|||
Subproject commit 2c877f2aec11b7f5d2f23dfc5ce7398b2ce33b48
|
||||
Subproject commit ec604424916d931a12ae06ddc00c9af9ee5060a3
|
|
@ -134,6 +134,7 @@ $config = array(
|
|||
'apacheEnv' => 'REMOTE_USER', // If proxy variable = HTTP_REMOTE_USER
|
||||
'ldapServer' => 'ldap://example.com', // FQDN or IP
|
||||
'ldapProtocol' => 3,
|
||||
'ldapNetworkTimeout' => -1, // use -1 for unlimited network timeout
|
||||
'ldapReaderUser' => 'cn=userWithReadAccess,ou=users,dc=example,dc=com', // DN ou RDN LDAP with reader user right
|
||||
'ldapReaderPassword' => 'UserPassword', // the LDAP reader user password
|
||||
'ldapDN' => 'dc=example,dc=com',
|
||||
|
|
|
@ -184,6 +184,12 @@ class AdminShell extends AppShell
|
|||
}
|
||||
}
|
||||
|
||||
public function updateDatabase() {
|
||||
echo 'Executing all updates to bring the database up to date with the current version.' . PHP_EOL;
|
||||
$this->Server->runUpdates(true);
|
||||
echo 'All updates completed.' . PHP_EOL;
|
||||
}
|
||||
|
||||
public function getAuthkey() {
|
||||
if (empty($this->args[0])) {
|
||||
echo 'Invalid parameters. Usage: ' . APP . 'Console/cake Admin getAuthkey [user_email]' . PHP_EOL;
|
||||
|
|
|
@ -46,7 +46,7 @@ class AppController extends Controller
|
|||
|
||||
public $helpers = array('Utility', 'OrgImg');
|
||||
|
||||
private $__queryVersion = '54';
|
||||
private $__queryVersion = '57';
|
||||
public $pyMispVersion = '2.4.102';
|
||||
public $phpmin = '7.0.16';
|
||||
public $phprec = '7.0.16';
|
||||
|
|
|
@ -105,7 +105,7 @@ class ACLComponent extends Component
|
|||
'enrichEvent' => array('perm_add'),
|
||||
'export' => array('*'),
|
||||
'exportChoice' => array('*'),
|
||||
'exportModule' => array('*'),
|
||||
'exportModule' => array('*'),
|
||||
'filterEventIdsForPush' => array('perm_sync'),
|
||||
'filterEventIndex' => array('*'),
|
||||
'freeTextImport' => array('perm_add'),
|
||||
|
@ -120,10 +120,10 @@ class ACLComponent extends Component
|
|||
'getObjectTemplate' => array('*'),
|
||||
'hids' => array('*'),
|
||||
'index' => array('*'),
|
||||
'importChoice' => array('*'),
|
||||
'importModule' => array('*'),
|
||||
'importChoice' => array('*'),
|
||||
'importModule' => array('*'),
|
||||
'massDelete' => array('perm_site_admin'),
|
||||
'merge' => array('perm_modify'),
|
||||
'merge' => array('perm_modify'),
|
||||
'nids' => array('*'),
|
||||
'proposalEventIndex' => array('*'),
|
||||
'publish' => array('perm_publish'),
|
||||
|
@ -141,14 +141,14 @@ class ACLComponent extends Component
|
|||
'toggleCorrelation' => array('perm_add'),
|
||||
'unpublish' => array('perm_modify'),
|
||||
'updateGraph' => array('*'),
|
||||
'upload_analysis_file' => array('perm_add'),
|
||||
'upload_analysis_file' => array('perm_add'),
|
||||
'upload_sample' => array('AND' => array('perm_auth', 'perm_add')),
|
||||
'upload_stix' => array('perm_add'),
|
||||
'view' => array('*'),
|
||||
'viewEventAttributes' => array('*'),
|
||||
'viewEventGraph' => array('*'),
|
||||
'viewGraph' => array('*'),
|
||||
'viewMitreAttackMatrix' => array('*'),
|
||||
'viewMitreAttackMatrix' => array('*'),
|
||||
'xml' => array('*')
|
||||
),
|
||||
'favouriteTags' => array(
|
||||
|
@ -405,6 +405,7 @@ class ACLComponent extends Component
|
|||
'index' => array('*'),
|
||||
'quickAdd' => array('perm_tag_editor'),
|
||||
'removeTagFromObject' => array('perm_tagger'),
|
||||
'search' => array('*'),
|
||||
'selectTag' => array('perm_tagger'),
|
||||
'selectTaxonomy' => array('perm_tagger'),
|
||||
'showEventTag' => array('*'),
|
||||
|
|
|
@ -51,7 +51,9 @@ class ApacheAuthenticate extends BaseAuthenticate
|
|||
$ldaprdn = Configure::read('ApacheSecureAuth.ldapReaderUser'); // DN ou RDN LDAP
|
||||
$ldappass = Configure::read('ApacheSecureAuth.ldapReaderPassword');
|
||||
$ldapSearchFilter = Configure::read('ApacheSecureAuth.ldapSearchFilter');
|
||||
|
||||
// LDAP connection
|
||||
ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, Configure::read('ApacheSecureAuth.ldapNetworkTimeout', -1));
|
||||
$ldapconn = ldap_connect(Configure::read('ApacheSecureAuth.ldapServer'))
|
||||
or die('LDAP server connection failed');
|
||||
|
||||
|
|
|
@ -31,21 +31,21 @@ class RestResponseComponent extends Component
|
|||
),
|
||||
'deleteSelected' => array(
|
||||
'description' => "POST a list of attribute IDs in JSON format to this API
|
||||
to delete the given attributes. This API also expects an event ID passed via
|
||||
the URL or via the event_id key. The id key also takes 'all' as a parameter
|
||||
for a wildcard search to mass delete attributes. If you want the function to
|
||||
also hard-delete already soft-deleted attributes, pass the allow_hard_delete
|
||||
key.",
|
||||
to delete the given attributes. This API also expects an event ID passed via
|
||||
the URL or via the event_id key. The id key also takes 'all' as a parameter
|
||||
for a wildcard search to mass delete attributes. If you want the function to
|
||||
also hard-delete already soft-deleted attributes, pass the allow_hard_delete
|
||||
key.",
|
||||
'mandatory' => array('id'),
|
||||
'optional' => array('event_id', 'allow_hard_delete'),
|
||||
'params' => array('event_id')
|
||||
),
|
||||
'restSearch' => array(
|
||||
'description' => "Search MISP using a list of filter parameters and return the data
|
||||
in the selected format. The search is available on an event and an attribute level,
|
||||
just select the scope via the URL (/events/restSearch vs /attributes/restSearch).
|
||||
Besides the parameters listed, other, format specific ones can be passed along (for example: requested_attributes and includeContext for the CSV export).
|
||||
This API allows pagination via the page and limit parameters.",
|
||||
in the selected format. The search is available on an event and an attribute level,
|
||||
just select the scope via the URL (/events/restSearch vs /attributes/restSearch).
|
||||
Besides the parameters listed, other, format specific ones can be passed along (for example: requested_attributes and includeContext for the CSV export).
|
||||
This API allows pagination via the page and limit parameters.",
|
||||
'mandatory' => array('returnFormat'),
|
||||
'optional' => array('page', 'limit', 'value' , 'type', 'category', 'org', 'tags', 'from', 'to', 'last', 'eventid', 'withAttachments', 'uuid', 'publish_timestamp', 'timestamp', 'enforceWarninglist', 'to_ids', 'deleted', 'includeEventUuid', 'includeEventTags', 'event_timestamp', 'threat_level_id', 'eventinfo', 'includeProposals'),
|
||||
'params' => array()
|
||||
|
@ -70,10 +70,10 @@ class RestResponseComponent extends Component
|
|||
),
|
||||
'restSearch' => array(
|
||||
'description' => "Search MISP using a list of filter parameters and return the data
|
||||
in the selected format. The search is available on an event and an attribute level,
|
||||
just select the scope via the URL (/events/restSearch vs /attributes/restSearch).
|
||||
Besides the parameters listed, other, format specific ones can be passed along (for example: requested_attributes and includeContext for the CSV export).
|
||||
This API allows pagination via the page and limit parameters.",
|
||||
in the selected format. The search is available on an event and an attribute level,
|
||||
just select the scope via the URL (/events/restSearch vs /attributes/restSearch).
|
||||
Besides the parameters listed, other, format specific ones can be passed along (for example: requested_attributes and includeContext for the CSV export).
|
||||
This API allows pagination via the page and limit parameters.",
|
||||
'mandatory' => array('returnFormat'),
|
||||
'optional' => array('page', 'limit', 'value', 'type', 'category', 'org', 'tag', 'tags', 'searchall', 'from', 'to', 'last', 'eventid', 'withAttachments', 'metadata', 'uuid', 'published', 'publish_timestamp', 'timestamp', 'enforceWarninglist', 'sgReferenceOnly', 'eventinfo'),
|
||||
'params' => array()
|
||||
|
@ -243,11 +243,11 @@ class RestResponseComponent extends Component
|
|||
'description' => "POST a body and a subject in a JSON to send an e-mail through MISP to the user ID given in the URL",
|
||||
'mandatory' => array('subject', 'body')
|
||||
),
|
||||
'statistics' => array(
|
||||
'description' => 'Simply GET the url endpoint to view the API output of the statistics API. Additional statistics are available via the following tab-options similar to the UI: data, orgs, users, tags, attributehistogram, sightings, attackMatrix',
|
||||
'params' => array('tab'),
|
||||
'http_method' => 'GET'
|
||||
)
|
||||
'statistics' => array(
|
||||
'description' => 'Simply GET the url endpoint to view the API output of the statistics API. Additional statistics are available via the following tab-options similar to the UI: data, orgs, users, tags, attributehistogram, sightings, attackMatrix',
|
||||
'params' => array('tab'),
|
||||
'http_method' => 'GET'
|
||||
)
|
||||
),
|
||||
'Warninglist' => array(
|
||||
'checkValue' => array(
|
||||
|
|
|
@ -19,7 +19,7 @@ class EventBlacklistsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'EventBlacklist.created' => 'DESC'
|
||||
),
|
||||
|
|
|
@ -7,7 +7,7 @@ class EventDelegationsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'EventDelegations.id' => 'DESC'
|
||||
),
|
||||
|
|
|
@ -14,7 +14,7 @@ class EventsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'Event.timestamp' => 'DESC'
|
||||
),
|
||||
|
@ -1260,16 +1260,36 @@ class EventsController extends AppController
|
|||
unset($event['EventTag'][$k]);
|
||||
}
|
||||
}
|
||||
$startDate = null;
|
||||
$modificationMap = array();
|
||||
foreach ($event['Attribute'] as $k => $attribute) {
|
||||
if ($startDate === null || $attribute['timestamp'] < $startDate) {
|
||||
$startDate = $attribute['timestamp'];
|
||||
}
|
||||
$modDate = date("Y-m-d", $attribute['timestamp']);
|
||||
$modificationMap[$modDate] = empty($modificationMap[$modDate])? 1 : $modificationMap[date("Y-m-d", $attribute['timestamp'])] + 1;
|
||||
foreach ($attribute['AttributeTag'] as $k2 => $attributeTag) {
|
||||
if (in_array($attributeTag['Tag']['name'], $cluster_names)) {
|
||||
unset($event['Attribute'][$k]['AttributeTag'][$k2]);
|
||||
}
|
||||
}
|
||||
}
|
||||
$startDate = $event['Event']['timestamp'];
|
||||
$modDate = date("Y-m-d", $event['Event']['timestamp']);
|
||||
$modificationMap[$modDate] = 1;
|
||||
foreach ($event['Object'] as $k => $object) {
|
||||
if ($startDate === null || $object['timestamp'] < $startDate) {
|
||||
$startDate = $object['timestamp'];
|
||||
}
|
||||
$modDate = date("Y-m-d", $object['timestamp']);
|
||||
$modificationMap[$modDate] = empty($modificationMap[$modDate])? 1 : $modificationMap[date("Y-m-d", $object['timestamp'])] + 1;
|
||||
if (!empty($object['Attribute'])) {
|
||||
foreach ($object['Attribute'] as $k2 => $attribute) {
|
||||
if ($startDate === null || $attribute['timestamp'] < $startDate) {
|
||||
$startDate = $attribute['timestamp'];
|
||||
}
|
||||
$modDate = date("Y-m-d", $attribute['timestamp']);
|
||||
$modificationMap[$modDate] = empty($modificationMap[$modDate])? 1 : $modificationMap[date("Y-m-d", $attribute['timestamp'])] + 1;
|
||||
foreach ($attribute['AttributeTag'] as $k3 => $attributeTag) {
|
||||
if (in_array($attributeTag['Tag']['name'], $cluster_names)) {
|
||||
unset($event['Object'][$k]['Attribute'][$k2]['AttributeTag'][$k3]);
|
||||
|
@ -1287,7 +1307,25 @@ class EventsController extends AppController
|
|||
$temp = implode('|', $filters['distribution']);
|
||||
$this->__applyQueryString($event, $temp, 'distribution');
|
||||
}
|
||||
$modificationMapCSV = 'Date,Close\n';
|
||||
$startDate = array_keys($modificationMap);
|
||||
sort($startDate);
|
||||
$startDate = $startDate[0];
|
||||
$this->set('startDate', $startDate);
|
||||
$to = date('Y-m-d', time());
|
||||
if ((strtotime($to) - 172800) > $startDate) {
|
||||
$startDate = date('Y-m-d', strtotime($to) - 172800);
|
||||
}
|
||||
for ($date = $startDate; strtotime($date) <= strtotime($to); $date = date('Y-m-d', strtotime("+1 day", strtotime($date)))) {
|
||||
if (isset($modificationMap[$date])) {
|
||||
$modificationMapCSV .= $date . ',' . $modificationMap[$date] . '\n';
|
||||
} else {
|
||||
$modificationMapCSV .= $date . ',0\n';
|
||||
}
|
||||
}
|
||||
unset($modificationMap);
|
||||
$params = $this->Event->rearrangeEventForView($event, $filters);
|
||||
|
||||
$this->params->params['paging'] = array($this->modelClass => $params);
|
||||
$this->set('event', $event);
|
||||
$dataForView = array(
|
||||
|
@ -1370,6 +1408,7 @@ class EventsController extends AppController
|
|||
$this->set('advancedFilteringActive', $advancedFiltering['active'] ? 1 : 0);
|
||||
$this->set('advancedFilteringActiveRules', $advancedFiltering['activeRules']);
|
||||
$this->set('mitreAttackGalaxyId', $this->Event->GalaxyCluster->Galaxy->getMitreAttackGalaxyId());
|
||||
$this->set('modificationMapCSV', $modificationMapCSV);
|
||||
}
|
||||
|
||||
public function view($id = null, $continue=false, $fromEvent=null)
|
||||
|
@ -1451,9 +1490,9 @@ class EventsController extends AppController
|
|||
$this->set('deleted', isset($this->params['named']['deleted']) ? ($this->params['named']['deleted'] == 2 ? 0 : 1) : 0);
|
||||
$this->set('includeRelatedTags', (!empty($this->params['named']['includeRelatedTags'])) ? 1 : 0);
|
||||
if (!$this->_isRest()) {
|
||||
if ($this->_isSiteAdmin() && $results[0]['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
|
||||
$this->Flash->info(__('You are currently logged in as a site administrator and editing an event not belonging to your organisation, which goes against the sharing model of MISP. Please only use this as a last resort and use normal user account for day to day work.'));
|
||||
}
|
||||
if ($this->_isSiteAdmin() && $results[0]['Event']['orgc_id'] !== $this->Auth->user('org_id')) {
|
||||
$this->Flash->info(__('You are currently logged in as a site administrator and editing an event not belonging to your organisation, which goes against the sharing model of MISP. Please only use this as a last resort and use normal user account for day to day work.'));
|
||||
}
|
||||
$this->__viewUI($event, $continue, $fromEvent);
|
||||
}
|
||||
}
|
||||
|
@ -1770,12 +1809,7 @@ class EventsController extends AppController
|
|||
throw new NotFoundException(__('Event already exists, if you would like to edit it, use the url in the location header.'));
|
||||
}
|
||||
// # TODO i18n?
|
||||
$this->set('name', 'Add event failed.');
|
||||
$this->set('message', 'The event could not be saved.');
|
||||
$this->set('errors', $validationErrors);
|
||||
$this->set('url', '/events/add');
|
||||
$this->set('_serialize', array('name', 'message', 'url', 'errors'));
|
||||
return false;
|
||||
return $this->RestResponse->saveFailResponse('Events', 'add', false, $validationErrors, $this->response->type());
|
||||
} else {
|
||||
if ($add === 'blocked') {
|
||||
$this->Flash->error(__('A blacklist entry is blocking you from creating any events. Please contact the administration team of this instance') . (Configure::read('MISP.contact') ? ' at ' . Configure::read('MISP.contact') : '') . '.');
|
||||
|
@ -1819,9 +1853,9 @@ class EventsController extends AppController
|
|||
foreach ($this->Event->analysisLevels as $key => $value) {
|
||||
$info['analysis'][$key] = array('key' => $value, 'desc' => $this->Event->analysisDescriptions[$key]['formdesc']);
|
||||
}
|
||||
if (!$this->_isRest()) {
|
||||
$this->Flash->info(__('The event created will be visible to the organisations having an account on this platform, but not synchronised to other MISP instances until it is published.'));
|
||||
}
|
||||
if (!$this->_isRest()) {
|
||||
$this->Flash->info(__('The event created will be visible to the organisations having an account on this platform, but not synchronised to other MISP instances until it is published.'));
|
||||
}
|
||||
$this->set('info', $info);
|
||||
$this->set('analysisDescriptions', $this->Event->analysisDescriptions);
|
||||
$this->set('analysisLevels', $this->Event->analysisLevels);
|
||||
|
@ -2081,15 +2115,11 @@ class EventsController extends AppController
|
|||
if (isset($result['error'])) {
|
||||
$errors = $result['error'];
|
||||
} else {
|
||||
$errors = $converter->arrayPrinter($result);
|
||||
$errors = $result;
|
||||
}
|
||||
$this->set('name', 'Edit event failed.');
|
||||
$this->set('message', $message);
|
||||
$this->set('errors', $errors);
|
||||
$this->set('url', '/events/edit/' . $id);
|
||||
$this->set('_serialize', array('name', 'message', 'url', 'errors'));
|
||||
return $this->RestResponse->saveFailResponse('Events', 'edit', $id, $errors, $this->response->type());
|
||||
} else {
|
||||
$this->set(array('message' => $message,'_serialize' => array('message'))); // $this->Event->validationErrors
|
||||
$this->set(array('message' => $message,'_serialize' => array('message'))); // $this->Event->validationErrors
|
||||
$this->render('edit');
|
||||
}
|
||||
return false;
|
||||
|
@ -2154,7 +2184,7 @@ class EventsController extends AppController
|
|||
foreach ($this->Event->analysisLevels as $key => $value) {
|
||||
$info['analysis'][$key] = array('key' => $value, 'desc' => $this->Event->analysisDescriptions[$key]['formdesc']);
|
||||
}
|
||||
$this->set('analysisLevels', $this->Event->analysisLevels);
|
||||
$this->set('analysisLevels', $this->Event->analysisLevels);
|
||||
|
||||
$this->set('info', $info);
|
||||
$this->set('eventDescriptions', $this->Event->fieldDescriptions);
|
||||
|
@ -2782,7 +2812,7 @@ class EventsController extends AppController
|
|||
if ($format != 'snort' && $format != 'suricata') {
|
||||
$format = 'suricata'; // default format
|
||||
}
|
||||
$this->response->type('txt'); // set the content type
|
||||
$this->response->type('txt'); // set the content type
|
||||
$filename = 'misp.' . $format . '.rules';
|
||||
if ($id) {
|
||||
$filename = 'misp.' . $format . '.event' . $id . '.rules';
|
||||
|
@ -2848,7 +2878,7 @@ class EventsController extends AppController
|
|||
if ($last) {
|
||||
$last = $this->Event->resolveTimeDelta($last);
|
||||
}
|
||||
$this->response->type('txt'); // set the content type
|
||||
$this->response->type('txt'); // set the content type
|
||||
$this->header('Content-Disposition: download; filename="misp.' . $type . '.rules"');
|
||||
$this->layout = 'text/default';
|
||||
if ($key != 'download') {
|
||||
|
@ -2944,12 +2974,12 @@ class EventsController extends AppController
|
|||
$fileAccessTool = new FileAccessTool();
|
||||
$iocData = $fileAccessTool->readFromFile($this->data['Event']['submittedioc']['tmp_name'], $this->data['Event']['submittedioc']['size']);
|
||||
|
||||
// write
|
||||
$attachments_dir = Configure::read('MISP.attachments_dir');
|
||||
// write
|
||||
$attachments_dir = Configure::read('MISP.attachments_dir');
|
||||
if (empty($attachments_dir)) {
|
||||
$attachments_dir = $this->Event->getDefaultAttachments_dir();
|
||||
}
|
||||
$rootDir = $attachments_dir . DS . $id . DS;
|
||||
$attachments_dir = $this->Event->getDefaultAttachments_dir();
|
||||
}
|
||||
$rootDir = $attachments_dir . DS . $id . DS;
|
||||
App::uses('Folder', 'Utility');
|
||||
$dir = new Folder($rootDir . 'ioc', true);
|
||||
$destPath = $rootDir . 'ioc';
|
||||
|
@ -3183,9 +3213,12 @@ class EventsController extends AppController
|
|||
if ($user === false) {
|
||||
return $exception;
|
||||
}
|
||||
if (!empty($filters['returnFormat'])) {
|
||||
if (isset($filters['returnFormat'])) {
|
||||
$returnFormat = $filters['returnFormat'];
|
||||
} else if (empty($filters['returnFormat']) || $filters['returnFormat'] === 'download'){
|
||||
} else {
|
||||
$returnFormat = 'json';
|
||||
}
|
||||
if ($returnFormat === 'download') {
|
||||
$returnFormat = 'json';
|
||||
}
|
||||
$elementCounter = 0;
|
||||
|
@ -3198,7 +3231,7 @@ class EventsController extends AppController
|
|||
{
|
||||
// return a downloadable text file called misp.openIOC.<eventId>.ioc for individual events
|
||||
// TODO implement mass download of all events - maybe in a zip file?
|
||||
$this->response->type('text'); // set the content type
|
||||
$this->response->type('text'); // set the content type
|
||||
if ($eventid == null) {
|
||||
throw new Exception(__('Not yet implemented'));
|
||||
}
|
||||
|
@ -3938,7 +3971,7 @@ class EventsController extends AppController
|
|||
$returnType = 'json';
|
||||
} else {
|
||||
$returnType = 'xml';
|
||||
$this->response->type('xml'); // set the content type
|
||||
$this->response->type('xml'); // set the content type
|
||||
$this->layout = 'xml/default';
|
||||
}
|
||||
$result = $this->Event->stix($id, $tags, $withAttachments, $this->Auth->user(), $returnType, $from, $to, $last);
|
||||
|
@ -4805,7 +4838,7 @@ class EventsController extends AppController
|
|||
$this->set('tags', $tagNames);
|
||||
$this->paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'Event.timestamp' => 'DESC'
|
||||
),
|
||||
|
@ -5396,7 +5429,7 @@ class EventsController extends AppController
|
|||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$event = $this->Event->find('first', $eventFindParams);
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$eventId = $event['Event']['id'];
|
||||
|
@ -5404,8 +5437,8 @@ class EventsController extends AppController
|
|||
$fileName = $this->request['data']['SelectedData']['mactime_file_name'];
|
||||
$fileData = $this->request['data']['SelectedData']['mactime_file_content'];
|
||||
$object = array();
|
||||
$data = json_decode($this->request['data']['SelectedData']['mactime_data'], true);
|
||||
$firstObject = 1;
|
||||
$data = json_decode($this->request['data']['SelectedData']['mactime_data'], true);
|
||||
$firstObject = 1;
|
||||
foreach ($data as $objectData) {
|
||||
$object['Object'] = array(
|
||||
'name' => 'mactime-timeline-analysis',
|
||||
|
|
|
@ -7,7 +7,7 @@ class FavouriteTagsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'FavouriteTag.id' => 'DESC'
|
||||
),
|
||||
|
|
|
@ -4,7 +4,7 @@ App::uses('Xml', 'Utility');
|
|||
|
||||
class FeedsController extends AppController
|
||||
{
|
||||
public $components = array('Security' ,'RequestHandler'); // XXX ACL component
|
||||
public $components = array('Security' ,'RequestHandler'); // XXX ACL component
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
|
@ -22,7 +22,7 @@ class FeedsController extends AppController
|
|||
public function beforeFilter()
|
||||
{
|
||||
parent::beforeFilter();
|
||||
$this->Security->unlockedActions = array('previewIndex');
|
||||
$this->Security->unlockedActions[] = 'previewIndex';
|
||||
if (!$this->_isSiteAdmin() && $this->Auth->user('org_id') != Configure::read('MISP.host_org_id')) {
|
||||
throw new MethodNotAllowedException(__('You don\'t have the required privileges to do that.'));
|
||||
}
|
||||
|
@ -159,6 +159,9 @@ class FeedsController extends AppController
|
|||
$this->request->data['Feed']['sharing_group_id'] = 0;
|
||||
}
|
||||
$this->request->data['Feed']['default'] = 0;
|
||||
if (!isset($this->request->data['Feed']['source_format'])) {
|
||||
$this->request->data['Feed']['source_format'] = 'freetext';
|
||||
}
|
||||
if ($this->request->data['Feed']['source_format'] == 'freetext') {
|
||||
if ($this->request->data['Feed']['fixed_event'] == 1) {
|
||||
if (!empty($this->request->data['Feed']['target_event']) && is_numeric($this->request->data['Feed']['target_event'])) {
|
||||
|
|
|
@ -7,7 +7,7 @@ class GalaxiesController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'contain' => array(
|
||||
|
||||
),
|
||||
|
|
|
@ -7,7 +7,7 @@ class GalaxyClustersController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'recursive' => -1,
|
||||
'order' => array(
|
||||
'GalaxyCluster.value' => 'ASC'
|
||||
|
|
|
@ -7,7 +7,7 @@ class GalaxyElementsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 20,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'recursive' => -1,
|
||||
'order' => array(
|
||||
'GalaxyElement.key' => 'ASC'
|
||||
|
|
|
@ -78,8 +78,29 @@ class LogsController extends AppController
|
|||
}
|
||||
$conditions = array();
|
||||
foreach ($filters as $filter => $data) {
|
||||
$data = array('OR' => $data);
|
||||
$conditions = $this->Log->generic_add_filter($conditions, $data, 'Log.' . $filter);
|
||||
if ($filter === 'created') {
|
||||
$tempData = $data;
|
||||
if (!is_array($data)) {
|
||||
$tempData = array($data);
|
||||
}
|
||||
foreach ($tempData as $k => $v) {
|
||||
$tempData[$k] = $this->Log->resolveTimeDelta($v);
|
||||
}
|
||||
if (count($tempData) == 1) {
|
||||
$conditions['AND']['created >='] = date("Y-m-d H:i:s", $tempData[0]);
|
||||
} else {
|
||||
if ($tempData[0] < $tempData[1]) {
|
||||
$temp = $tempData[1];
|
||||
$tempData[1] = $tempData[0];
|
||||
$tempData[0] = $temp;
|
||||
}
|
||||
$conditions['AND'][] = array('created <= ' => date("Y-m-d H:i:s", $tempData[0]));
|
||||
$conditions['AND'][] = array('created >= ' => date("Y-m-d H:i:s", $tempData[1]));
|
||||
}
|
||||
} else {
|
||||
$data = array('OR' => $data);
|
||||
$conditions = $this->Log->generic_add_filter($conditions, $data, 'Log.' . $filter);
|
||||
}
|
||||
}
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$orgRestriction = $this->Auth->user('Organisation')['name'];
|
||||
|
|
|
@ -7,7 +7,7 @@ class NewsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 5,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'News.id' => 'DESC'
|
||||
),
|
||||
|
|
|
@ -42,7 +42,7 @@ class ObjectsController extends AppController
|
|||
)
|
||||
));
|
||||
$event = $this->MispObject->Event->find('first', $eventFindParams);
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$sharing_groups = array();
|
||||
|
@ -140,7 +140,7 @@ class ObjectsController extends AppController
|
|||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$event = $this->MispObject->Event->find('first', $eventFindParams);
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$eventId = $event['Event']['id'];
|
||||
|
@ -236,10 +236,10 @@ class ObjectsController extends AppController
|
|||
'conditions' => array('Object.id' => $result),
|
||||
'contain' => array('Attribute')
|
||||
));
|
||||
if (!empty($object)) {
|
||||
$object['Object']['Attribute'] = $object['Attribute'];
|
||||
unset($object['Attribute']);
|
||||
}
|
||||
if (!empty($object)) {
|
||||
$object['Object']['Attribute'] = $object['Attribute'];
|
||||
unset($object['Attribute']);
|
||||
}
|
||||
return $this->RestResponse->viewData($object, $this->response->type());
|
||||
} else {
|
||||
return $this->RestResponse->saveFailResponse('Objects', 'add', false, $error, $this->response->type());
|
||||
|
@ -330,7 +330,7 @@ class ObjectsController extends AppController
|
|||
);
|
||||
|
||||
$event = $this->MispObject->Event->find('first', $eventFindParams);
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
throw new NotFoundException(__('Invalid object.'));
|
||||
}
|
||||
if (!$this->_isRest()) {
|
||||
|
@ -376,10 +376,10 @@ class ObjectsController extends AppController
|
|||
'conditions' => array('Object.id' => $id),
|
||||
'contain' => array('Attribute')
|
||||
));
|
||||
if (!empty($objectToSave)) {
|
||||
$objectToSave['Object']['Attribute'] = $objectToSave['Attribute'];
|
||||
unset($objectToSave['Attribute']);
|
||||
}
|
||||
if (!empty($objectToSave)) {
|
||||
$objectToSave['Object']['Attribute'] = $objectToSave['Attribute'];
|
||||
unset($objectToSave['Attribute']);
|
||||
}
|
||||
$this->MispObject->Event->unpublishEvent($object['Object']['event_id']);
|
||||
return $this->RestResponse->viewData($objectToSave, $this->response->type());
|
||||
} else {
|
||||
|
|
|
@ -19,7 +19,7 @@ class OrgBlacklistsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'OrgBlacklist.created' => 'DESC'
|
||||
),
|
||||
|
|
|
@ -15,10 +15,10 @@ class OrganisationsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => 'LOWER(Organisation.name)'
|
||||
//'order' => array(
|
||||
// 'Organisation.name' => 'ASC'
|
||||
// 'Organisation.name' => 'ASC'
|
||||
//),
|
||||
);
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ App::uses('Xml', 'Utility');
|
|||
|
||||
class ServersController extends AppController
|
||||
{
|
||||
public $components = array('Security' ,'RequestHandler'); // XXX ACL component
|
||||
public $components = array('Security' ,'RequestHandler'); // XXX ACL component
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
|
@ -602,9 +602,9 @@ class ServersController extends AppController
|
|||
/**
|
||||
* Pull one or more events with attributes from a remote instance.
|
||||
* Set $technique to
|
||||
* full - download everything
|
||||
* incremental - only new events
|
||||
* <int> - specific id of the event to pull
|
||||
* full - download everything
|
||||
* incremental - only new events
|
||||
* <int> - specific id of the event to pull
|
||||
*/
|
||||
public function pull($id = null, $technique='full')
|
||||
{
|
||||
|
@ -868,10 +868,11 @@ class ServersController extends AppController
|
|||
$zmqErrors = array(0 => 'OK', 1 => 'not enabled (so not tested)', 2 => 'Python ZeroMQ library not installed correctly.', 3 => 'ZeroMQ script not running.');
|
||||
$stixOperational = array(0 => 'Some of the libraries related to STIX are not installed. Make sure that all libraries listed below are correctly installed.', 1 => 'OK');
|
||||
$stixVersion = array(0 => 'Incorrect STIX version installed, found $current, expecting $expected', 1 => 'OK');
|
||||
$stix2Version = array(0 => 'Incorrect STIX2 version installed, found $current, expecting $expected', 1 => 'OK');
|
||||
$cyboxVersion = array(0 => 'Incorrect CyBox version installed, found $current, expecting $expected', 1 => 'OK');
|
||||
$mixboxVersion = array(0 => 'Incorrect mixbox version installed, found $current, expecting $expected', 1 => 'OK');
|
||||
$maecVersion = array(0 => 'Incorrect maec version installed, found $current, expecting $expected', 1 => 'OK');
|
||||
$pymispVersion = array(0 => 'Incorrect pymisp version installed, found $current, expecting $expected', 1 => 'OK');
|
||||
$pymispVersion = array(0 => 'Incorrect PyMISP version installed, found $current, expecting $expected', 1 => 'OK');
|
||||
$sessionErrors = array(0 => 'OK', 1 => 'High', 2 => 'Alternative setting used', 3 => 'Test failed');
|
||||
$moduleErrors = array(0 => 'OK', 1 => 'System not enabled', 2 => 'No modules found');
|
||||
|
||||
|
@ -991,7 +992,7 @@ class ServersController extends AppController
|
|||
}
|
||||
|
||||
// check if the STIX and Cybox libraries are working and the correct version using the test script stixtest.py
|
||||
$stix = $this->Server->stixDiagnostics($diagnostic_errors, $stixVersion, $cyboxVersion, $mixboxVersion, $maecVersion, $pymispVersion);
|
||||
$stix = $this->Server->stixDiagnostics($diagnostic_errors, $stixVersion, $cyboxVersion, $mixboxVersion, $maecVersion, $stix2Version, $pymispVersion);
|
||||
|
||||
// if GnuPG is set up in the settings, try to encrypt a test message
|
||||
$gpgStatus = $this->Server->gpgDiagnostics($diagnostic_errors);
|
||||
|
@ -1012,7 +1013,7 @@ class ServersController extends AppController
|
|||
$sessionStatus = $this->Server->sessionDiagnostics($diagnostic_errors, $sessionCount);
|
||||
$this->set('sessionCount', $sessionCount);
|
||||
|
||||
$additionalViewVars = array('gpgStatus', 'sessionErrors', 'proxyStatus', 'sessionStatus', 'zmqStatus', 'stixVersion', 'cyboxVersion', 'mixboxVersion', 'maecVersion', 'pymispVersion', 'moduleStatus', 'gpgErrors', 'proxyErrors', 'zmqErrors', 'stixOperational', 'stix', 'moduleErrors', 'moduleTypes');
|
||||
$additionalViewVars = array('gpgStatus', 'sessionErrors', 'proxyStatus', 'sessionStatus', 'zmqStatus', 'stixVersion', 'cyboxVersion', 'mixboxVersion', 'maecVersion', 'stix2Version', 'pymispVersion', 'moduleStatus', 'gpgErrors', 'proxyErrors', 'zmqErrors', 'stixOperational', 'stix', 'moduleErrors', 'moduleTypes');
|
||||
}
|
||||
// check whether the files are writeable
|
||||
$writeableDirs = $this->Server->writeableDirsDiagnostics($diagnostic_errors);
|
||||
|
|
|
@ -347,7 +347,7 @@ class ShadowAttributesController extends AppController
|
|||
if (!$this->_isRest() && (isset($this->request->data['ShadowAttribute']['batch_import']) && $this->request->data['ShadowAttribute']['batch_import'] == 1)) {
|
||||
// make array from value field
|
||||
$attributes = explode("\n", $this->request->data['ShadowAttribute']['value']);
|
||||
$fails = ""; // will be used to keep a list of the lines that failed or succeeded
|
||||
$fails = ""; // will be used to keep a list of the lines that failed or succeeded
|
||||
$successes = "";
|
||||
// TODO loopholes
|
||||
// the value null value thing
|
||||
|
|
|
@ -17,7 +17,7 @@ class SharingGroupsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array(
|
||||
'SharingGroup.name' => 'ASC'
|
||||
),
|
||||
|
|
|
@ -12,7 +12,7 @@ class SightingsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'order' => array('Sighting.date_sighting' => 'DESC'),
|
||||
);
|
||||
|
||||
|
|
|
@ -293,7 +293,7 @@ class TagsController extends AppController
|
|||
if ($this->Tag->save($this->request->data)) {
|
||||
if ($this->_isRest()) {
|
||||
$tag = $this->Tag->find('first', array(
|
||||
'contidions' => array(
|
||||
'conditions' => array(
|
||||
'Tag.id' => $id
|
||||
),
|
||||
'recursive' => -1
|
||||
|
@ -1034,4 +1034,55 @@ class TagsController extends AppController
|
|||
$this->set('id', $id);
|
||||
$this->render('/Events/view_graph');
|
||||
}
|
||||
|
||||
public function search($tag = false)
|
||||
{
|
||||
if (isset($this->request->data['Tag'])) {
|
||||
$this->request->data = $this->request->data['Tag'];
|
||||
}
|
||||
if (!empty($this->request->data['tag'])) {
|
||||
$tag = $this->request->data['tag'];
|
||||
} else if (!empty($this->request->data)) {
|
||||
$tag = $this->request->data;
|
||||
}
|
||||
if (!is_array($tag)) {
|
||||
$tag = array($tag);
|
||||
}
|
||||
foreach ($tag as $k => $t) {
|
||||
$tag[$k] = strtolower($t);
|
||||
}
|
||||
$this->loadModel('GalaxyCluster');
|
||||
$conditions = array('GalaxyElement.key' => 'synonyms', 'OR' => array());
|
||||
foreach ($tag as $k => $t) {
|
||||
$conditions['OR'][] = array('LOWER(GalaxyElement.value) LIKE' => $t);
|
||||
}
|
||||
$elements = $this->GalaxyCluster->GalaxyElement->find('all', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => $conditions,
|
||||
'contain' => array('GalaxyCluster.tag_name')
|
||||
));
|
||||
foreach ($elements as $element) {
|
||||
$tag[] = strtolower($element['GalaxyCluster']['tag_name']);
|
||||
}
|
||||
$conditions = array();
|
||||
foreach ($tag as $k => $t) {
|
||||
$conditions['OR'][] = array('LOWER(Tag.name) LIKE' => $t);
|
||||
}
|
||||
$tags = $this->Tag->find('all', array(
|
||||
'conditions' => $conditions,
|
||||
'recursive' => -1
|
||||
));
|
||||
$this->loadModel('Taxonomy');
|
||||
foreach ($tags as $k => $t) {
|
||||
$taxonomy = $this->Taxonomy->getTaxonomyForTag($t['Tag']['name'], true);
|
||||
if (!empty($taxonomy)) {
|
||||
$tags[$k]['Taxonomy'] = $taxonomy['Taxonomy'];
|
||||
}
|
||||
$cluster = $this->GalaxyCluster->getCluster($t['Tag']['name']);
|
||||
if (!empty($cluster)) {
|
||||
$tags[$k]['GalaxyCluster'] = $cluster['GalaxyCluster'];
|
||||
}
|
||||
}
|
||||
return $this->RestResponse->viewData($tags, $this->response->type());
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ class TaxonomiesController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'contain' => array(
|
||||
'TaxonomyPredicate' => array(
|
||||
'fields' => array('TaxonomyPredicate.id'),
|
||||
|
|
|
@ -7,7 +7,7 @@ class WarninglistsController extends AppController
|
|||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
||||
'contain' => array(
|
||||
'WarninglistType'
|
||||
),
|
||||
|
|
|
@ -229,16 +229,16 @@ class AppModel extends Model
|
|||
break;
|
||||
case 'addSightings':
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS sightings (
|
||||
id int(11) NOT NULL AUTO_INCREMENT,
|
||||
attribute_id int(11) NOT NULL,
|
||||
event_id int(11) NOT NULL,
|
||||
org_id int(11) NOT NULL,
|
||||
date_sighting bigint(20) NOT NULL,
|
||||
PRIMARY KEY (id),
|
||||
INDEX attribute_id (attribute_id),
|
||||
INDEX event_id (event_id),
|
||||
INDEX org_id (org_id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
id int(11) NOT NULL AUTO_INCREMENT,
|
||||
attribute_id int(11) NOT NULL,
|
||||
event_id int(11) NOT NULL,
|
||||
org_id int(11) NOT NULL,
|
||||
date_sighting bigint(20) NOT NULL,
|
||||
PRIMARY KEY (id),
|
||||
INDEX attribute_id (attribute_id),
|
||||
INDEX event_id (event_id),
|
||||
INDEX org_id (org_id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
break;
|
||||
case 'makeAttributeUUIDsUnique':
|
||||
$this->__dropIndex('attributes', 'uuid');
|
||||
|
@ -270,31 +270,31 @@ class AppModel extends Model
|
|||
$sqlArray[] = 'ALTER TABLE `logs` MODIFY `change` text COLLATE utf8_bin NOT NULL;';
|
||||
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `taxonomies` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`namespace` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`version` int(11) NOT NULL,
|
||||
`enabled` tinyint(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`namespace` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`version` int(11) NOT NULL,
|
||||
`enabled` tinyint(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `taxonomy_entries` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`taxonomy_predicate_id` int(11) NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
`expanded` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `taxonomy_predicate_id` (`taxonomy_predicate_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`taxonomy_predicate_id` int(11) NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
`expanded` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `taxonomy_predicate_id` (`taxonomy_predicate_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `taxonomy_predicates` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`taxonomy_id` int(11) NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
`expanded` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `taxonomy_id` (`taxonomy_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`taxonomy_id` int(11) NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
`expanded` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `taxonomy_id` (`taxonomy_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
$sqlArray[] = 'ALTER TABLE `jobs` ADD `org` text COLLATE utf8_bin NOT NULL;';
|
||||
|
||||
|
@ -358,70 +358,70 @@ class AppModel extends Model
|
|||
break;
|
||||
case 'adminTable':
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `admin_settings` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`setting` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`setting` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
$sqlArray[] = "INSERT INTO `admin_settings` (`setting`, `value`) VALUES ('db_version', '2.4.0');";
|
||||
break;
|
||||
case '2.4.18':
|
||||
$sqlArray[] = "ALTER TABLE `users` ADD `current_login` INT(11) DEFAULT 0;";
|
||||
$sqlArray[] = "ALTER TABLE `users` ADD `last_login` INT(11) DEFAULT 0;";
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `event_delegations` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`requester_org_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`message` text,
|
||||
`distribution` tinyint(4) NOT NULL DEFAULT '-1',
|
||||
`sharing_group_id` int(11),
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `org_id` (`org_id`),
|
||||
KEY `event_id` (`event_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`requester_org_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`message` text,
|
||||
`distribution` tinyint(4) NOT NULL DEFAULT '-1',
|
||||
`sharing_group_id` int(11),
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `org_id` (`org_id`),
|
||||
KEY `event_id` (`event_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case '2.4.19':
|
||||
$sqlArray[] = "DELETE FROM `shadow_attributes` WHERE `event_uuid` = '';";
|
||||
break;
|
||||
case '2.4.20':
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `shadow_attribute_correlations` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`value` text NOT NULL,
|
||||
`distribution` tinyint(4) NOT NULL,
|
||||
`a_distribution` tinyint(4) NOT NULL,
|
||||
`sharing_group_id` int(11),
|
||||
`a_sharing_group_id` int(11),
|
||||
`attribute_id` int(11) NOT NULL,
|
||||
`1_shadow_attribute_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`1_event_id` int(11) NOT NULL,
|
||||
`info` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `org_id` (`org_id`),
|
||||
KEY `attribute_id` (`attribute_id`),
|
||||
KEY `a_sharing_group_id` (`a_sharing_group_id`),
|
||||
KEY `event_id` (`event_id`),
|
||||
KEY `1_event_id` (`event_id`),
|
||||
KEY `sharing_group_id` (`sharing_group_id`),
|
||||
KEY `1_shadow_attribute_id` (`1_shadow_attribute_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`value` text NOT NULL,
|
||||
`distribution` tinyint(4) NOT NULL,
|
||||
`a_distribution` tinyint(4) NOT NULL,
|
||||
`sharing_group_id` int(11),
|
||||
`a_sharing_group_id` int(11),
|
||||
`attribute_id` int(11) NOT NULL,
|
||||
`1_shadow_attribute_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`1_event_id` int(11) NOT NULL,
|
||||
`info` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `org_id` (`org_id`),
|
||||
KEY `attribute_id` (`attribute_id`),
|
||||
KEY `a_sharing_group_id` (`a_sharing_group_id`),
|
||||
KEY `event_id` (`event_id`),
|
||||
KEY `1_event_id` (`event_id`),
|
||||
KEY `sharing_group_id` (`sharing_group_id`),
|
||||
KEY `1_shadow_attribute_id` (`1_shadow_attribute_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case '2.4.25':
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `feeds` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`provider` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`url` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`rules` text COLLATE utf8_bin NOT NULL,
|
||||
`enabled` BOOLEAN NOT NULL,
|
||||
`distribution` tinyint(4) NOT NULL,
|
||||
`sharing_group_id` int(11) NOT NULL,
|
||||
`tag_id` int(11) NOT NULL,
|
||||
`default` tinyint(1) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`provider` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`url` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`rules` text COLLATE utf8_bin NOT NULL,
|
||||
`enabled` BOOLEAN NOT NULL,
|
||||
`distribution` tinyint(4) NOT NULL,
|
||||
`sharing_group_id` int(11) NOT NULL,
|
||||
`tag_id` int(11) NOT NULL,
|
||||
`default` tinyint(1) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case '2.4.32':
|
||||
$sqlArray[] = "ALTER TABLE `roles` ADD `perm_tag_editor` tinyint(1) NOT NULL DEFAULT 0;";
|
||||
|
@ -432,27 +432,27 @@ class AppModel extends Model
|
|||
break;
|
||||
case '2.4.38':
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `warninglists` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`type` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT 'string',
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`version` int(11) NOT NULL DEFAULT 1,
|
||||
`enabled` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`warninglist_entry_count` int(11) unsigned DEFAULT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`type` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT 'string',
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`version` int(11) NOT NULL DEFAULT 1,
|
||||
`enabled` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`warninglist_entry_count` int(11) unsigned DEFAULT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `warninglist_entries` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`value` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
|
||||
`warninglist_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`value` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
|
||||
`warninglist_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `warninglist_types` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`type` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`warninglist_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`type` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`warninglist_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case '2.4.39':
|
||||
$sqlArray[] = "ALTER TABLE `users` ADD `certif_public` longtext COLLATE utf8_bin AFTER `gpgkey`;";
|
||||
|
@ -460,13 +460,13 @@ class AppModel extends Model
|
|||
break;
|
||||
case '2.4.40':
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `favourite_tags` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`tag_id` int(11) NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `tag_id` (`tag_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`tag_id` int(11) NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `tag_id` (`tag_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case '2.4.42':
|
||||
$sqlArray[] = "ALTER TABLE `attributes` ADD `deleted` tinyint(1) NOT NULL DEFAULT 0;";
|
||||
|
@ -478,13 +478,13 @@ class AppModel extends Model
|
|||
$sqlArray[] = 'ALTER TABLE `users` CHANGE `newsread` `newsread` int(11) unsigned;';
|
||||
$sqlArray[] = 'UPDATE `users` SET `newsread` = 0;';
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `news` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`message` text COLLATE utf8_bin NOT NULL,
|
||||
`title` text COLLATE utf8_bin NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`date_created` int(11) unsigned NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`message` text COLLATE utf8_bin NOT NULL,
|
||||
`title` text COLLATE utf8_bin NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`date_created` int(11) unsigned NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case '2.4.49':
|
||||
// table: users
|
||||
|
@ -557,14 +557,14 @@ class AppModel extends Model
|
|||
case '2.4.56':
|
||||
$sqlArray[] =
|
||||
"CREATE TABLE IF NOT EXISTS galaxies (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`uuid` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`name` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
|
||||
`type` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`version` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`uuid` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`name` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
|
||||
`type` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`version` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
$this->__addIndex('galaxies', 'name');
|
||||
$this->__addIndex('galaxies', 'uuid');
|
||||
|
@ -572,17 +572,17 @@ class AppModel extends Model
|
|||
|
||||
$sqlArray[] =
|
||||
"CREATE TABLE IF NOT EXISTS galaxy_clusters (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`uuid` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`type` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
`tag_name` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`galaxy_id` int(11) NOT NULL,
|
||||
`source` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
|
||||
`authors` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`uuid` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`type` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
`tag_name` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`galaxy_id` int(11) NOT NULL,
|
||||
`source` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
|
||||
`authors` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
$this->__addIndex('galaxy_clusters', 'value', 255);
|
||||
$this->__addIndex('galaxy_clusters', 'tag_name');
|
||||
|
@ -591,26 +591,26 @@ class AppModel extends Model
|
|||
|
||||
$sqlArray[] =
|
||||
"CREATE TABLE IF NOT EXISTS galaxy_elements (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`galaxy_cluster_id` int(11) NOT NULL,
|
||||
`key` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`galaxy_cluster_id` int(11) NOT NULL,
|
||||
`key` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '',
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
$this->__addIndex('galaxy_elements', 'key');
|
||||
$this->__addIndex('galaxy_elements', 'value', 255);
|
||||
|
||||
$sqlArray[] =
|
||||
"CREATE TABLE IF NOT EXISTS galaxy_reference (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`galaxy_cluster_id` int(11) NOT NULL,
|
||||
`referenced_galaxy_cluster_id` int(11) NOT NULL,
|
||||
`referenced_galaxy_cluster_uuid` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`referenced_galaxy_cluster_type` text COLLATE utf8_bin NOT NULL,
|
||||
`referenced_galaxy_cluster_value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`galaxy_cluster_id` int(11) NOT NULL,
|
||||
`referenced_galaxy_cluster_id` int(11) NOT NULL,
|
||||
`referenced_galaxy_cluster_uuid` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`referenced_galaxy_cluster_type` text COLLATE utf8_bin NOT NULL,
|
||||
`referenced_galaxy_cluster_value` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;";
|
||||
|
||||
$this->__addIndex('galaxy_reference', 'galaxy_cluster_id');
|
||||
$this->__addIndex('galaxy_reference', 'referenced_galaxy_cluster_id');
|
||||
|
@ -636,23 +636,23 @@ class AppModel extends Model
|
|||
case '2.4.60':
|
||||
if ($dataSource == 'Database/Mysql') {
|
||||
$sqlArray[] = 'CREATE TABLE IF NOT EXISTS `attribute_tags` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`attribute_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`tag_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;';
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`attribute_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`tag_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;';
|
||||
$sqlArray[] = 'ALTER TABLE `attribute_tags` ADD INDEX `attribute_id` (`attribute_id`);';
|
||||
$sqlArray[] = 'ALTER TABLE `attribute_tags` ADD INDEX `event_id` (`event_id`);';
|
||||
$sqlArray[] = 'ALTER TABLE `attribute_tags` ADD INDEX `tag_id` (`tag_id`);';
|
||||
} elseif ($dataSource == 'Database/Postgres') {
|
||||
$sqlArray[] = 'CREATE TABLE IF NOT EXISTS attribute_tags (
|
||||
id bigserial NOT NULL,
|
||||
attribute_id bigint NOT NULL,
|
||||
event_id bigint NOT NULL,
|
||||
tag_id bigint NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
);';
|
||||
id bigserial NOT NULL,
|
||||
attribute_id bigint NOT NULL,
|
||||
event_id bigint NOT NULL,
|
||||
tag_id bigint NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
);';
|
||||
$sqlArray[] = 'CREATE INDEX idx_attribute_tags_attribute_id ON attribute_tags (attribute_id);';
|
||||
$sqlArray[] = 'CREATE INDEX idx_attribute_tags_event_id ON attribute_tags (event_id);';
|
||||
$sqlArray[] = 'CREATE INDEX idx_attribute_tags_tag_id ON attribute_tags (tag_id);';
|
||||
|
@ -718,26 +718,26 @@ class AppModel extends Model
|
|||
case '2.4.68':
|
||||
$sqlArray[] = 'ALTER TABLE events CHANGE attribute_count attribute_count int(11) unsigned DEFAULT 0;';
|
||||
$sqlArray[] = 'CREATE TABLE IF NOT EXISTS `event_blacklists` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_uuid` varchar(40) COLLATE utf8_bin NOT NULL,
|
||||
`created` datetime NOT NULL,
|
||||
`event_info` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
|
||||
`comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`event_orgc` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;';
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_uuid` varchar(40) COLLATE utf8_bin NOT NULL,
|
||||
`created` datetime NOT NULL,
|
||||
`event_info` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
|
||||
`comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`event_orgc` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;';
|
||||
$indexArray[] = array('event_blacklists', 'event_uuid');
|
||||
$indexArray[] = array('event_blacklists', 'event_orgc');
|
||||
$sqlArray[] = 'CREATE TABLE IF NOT EXISTS `org_blacklists` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`org_uuid` varchar(40) COLLATE utf8_bin NOT NULL,
|
||||
`created` datetime NOT NULL,
|
||||
`org_name` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
PRIMARY KEY (`id`),
|
||||
INDEX `org_uuid` (`org_uuid`),
|
||||
INDEX `org_name` (`org_name`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;';
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`org_uuid` varchar(40) COLLATE utf8_bin NOT NULL,
|
||||
`created` datetime NOT NULL,
|
||||
`org_name` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`comment` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
PRIMARY KEY (`id`),
|
||||
INDEX `org_uuid` (`org_uuid`),
|
||||
INDEX `org_name` (`org_name`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;';
|
||||
$indexArray[] = array('org_blacklists', 'org_uuid');
|
||||
$indexArray[] = array('org_blacklists', 'org_name');
|
||||
$sqlArray[] = "ALTER TABLE shadow_attributes CHANGE proposal_to_delete proposal_to_delete BOOLEAN DEFAULT 0";
|
||||
|
@ -777,100 +777,100 @@ class AppModel extends Model
|
|||
break;
|
||||
case '2.4.80':
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS objects (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`meta-category` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`description` text CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`template_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`template_version` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
`distribution` tinyint(4) NOT NULL DEFAULT 0,
|
||||
`sharing_group_id` int(11),
|
||||
`comment` text COLLATE utf8_bin NOT NULL,
|
||||
`deleted` TINYINT(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `name` (`name`),
|
||||
INDEX `template_uuid` (`template_uuid`),
|
||||
INDEX `template_version` (`template_version`),
|
||||
INDEX `meta-category` (`meta-category`),
|
||||
INDEX `event_id` (`event_id`),
|
||||
INDEX `uuid` (`uuid`),
|
||||
INDEX `timestamp` (`timestamp`),
|
||||
INDEX `distribution` (`distribution`),
|
||||
INDEX `sharing_group_id` (`sharing_group_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`meta-category` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`description` text CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`template_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`template_version` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
`distribution` tinyint(4) NOT NULL DEFAULT 0,
|
||||
`sharing_group_id` int(11),
|
||||
`comment` text COLLATE utf8_bin NOT NULL,
|
||||
`deleted` TINYINT(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `name` (`name`),
|
||||
INDEX `template_uuid` (`template_uuid`),
|
||||
INDEX `template_version` (`template_version`),
|
||||
INDEX `meta-category` (`meta-category`),
|
||||
INDEX `event_id` (`event_id`),
|
||||
INDEX `uuid` (`uuid`),
|
||||
INDEX `timestamp` (`timestamp`),
|
||||
INDEX `distribution` (`distribution`),
|
||||
INDEX `sharing_group_id` (`sharing_group_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS object_references (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
`object_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`object_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`referenced_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`referenced_id` int(11) NOT NULL,
|
||||
`referenced_type` int(11) NOT NULL DEFAULT 0,
|
||||
`relationship_type` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`comment` text COLLATE utf8_bin NOT NULL,
|
||||
`deleted` TINYINT(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `object_uuid` (`object_uuid`),
|
||||
INDEX `referenced_uuid` (`referenced_uuid`),
|
||||
INDEX `timestamp` (`timestamp`),
|
||||
INDEX `object_id` (`object_id`),
|
||||
INDEX `referenced_id` (`referenced_id`),
|
||||
INDEX `relationship_type` (`relationship_type`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
`object_id` int(11) NOT NULL,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`object_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`referenced_uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`referenced_id` int(11) NOT NULL,
|
||||
`referenced_type` int(11) NOT NULL DEFAULT 0,
|
||||
`relationship_type` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`comment` text COLLATE utf8_bin NOT NULL,
|
||||
`deleted` TINYINT(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `object_uuid` (`object_uuid`),
|
||||
INDEX `referenced_uuid` (`referenced_uuid`),
|
||||
INDEX `timestamp` (`timestamp`),
|
||||
INDEX `object_id` (`object_id`),
|
||||
INDEX `referenced_id` (`referenced_id`),
|
||||
INDEX `relationship_type` (`relationship_type`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS object_relationships (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`version` int(11) NOT NULL,
|
||||
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`format` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `name` (`name`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`version` int(11) NOT NULL,
|
||||
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`description` text COLLATE utf8_bin NOT NULL,
|
||||
`format` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `name` (`name`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
|
||||
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS object_templates (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`meta-category` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`description` text COLLATE utf8_bin,
|
||||
`version` int(11) NOT NULL,
|
||||
`requirements` text COLLATE utf8_bin,
|
||||
`fixed` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`active` tinyint(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `org_id` (`org_id`),
|
||||
INDEX `uuid` (`uuid`),
|
||||
INDEX `name` (`name`),
|
||||
INDEX `meta-category` (`meta-category`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`uuid` varchar(40) COLLATE utf8_bin DEFAULT NULL,
|
||||
`name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`meta-category` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`description` text COLLATE utf8_bin,
|
||||
`version` int(11) NOT NULL,
|
||||
`requirements` text COLLATE utf8_bin,
|
||||
`fixed` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`active` tinyint(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `org_id` (`org_id`),
|
||||
INDEX `uuid` (`uuid`),
|
||||
INDEX `name` (`name`),
|
||||
INDEX `meta-category` (`meta-category`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS object_template_elements (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`object_template_id` int(11) NOT NULL,
|
||||
`object_relation` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`type` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`ui-priority` int(11) NOT NULL,
|
||||
`categories` text COLLATE utf8_bin,
|
||||
`sane_default` text COLLATE utf8_bin,
|
||||
`values_list` text COLLATE utf8_bin,
|
||||
`description` text COLLATE utf8_bin,
|
||||
`disable_correlation` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`multiple` tinyint(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `object_relation` (`object_relation`),
|
||||
INDEX `type` (`type`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`object_template_id` int(11) NOT NULL,
|
||||
`object_relation` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`type` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`ui-priority` int(11) NOT NULL,
|
||||
`categories` text COLLATE utf8_bin,
|
||||
`sane_default` text COLLATE utf8_bin,
|
||||
`values_list` text COLLATE utf8_bin,
|
||||
`description` text COLLATE utf8_bin,
|
||||
`disable_correlation` tinyint(1) NOT NULL DEFAULT 0,
|
||||
`multiple` tinyint(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `object_relation` (`object_relation`),
|
||||
INDEX `type` (`type`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
|
||||
$sqlArray[] = 'ALTER TABLE `logs` CHANGE `model` `model` VARCHAR(80) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL;';
|
||||
$sqlArray[] = 'ALTER TABLE `logs` CHANGE `action` `action` VARCHAR(80) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL;';
|
||||
|
@ -921,11 +921,11 @@ class AppModel extends Model
|
|||
break;
|
||||
case 3:
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `fuzzy_correlate_ssdeep` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`chunk` varchar(12) NOT NULL,
|
||||
`attribute_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`chunk` varchar(12) NOT NULL,
|
||||
`attribute_id` int(11) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
$this->__addIndex('fuzzy_correlate_ssdeep', 'chunk');
|
||||
$this->__addIndex('fuzzy_correlate_ssdeep', 'attribute_id');
|
||||
break;
|
||||
|
@ -943,24 +943,24 @@ class AppModel extends Model
|
|||
break;
|
||||
case 7:
|
||||
$sqlArray[] = 'CREATE TABLE IF NOT EXISTS `noticelists` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
|
||||
`expanded_name` text COLLATE utf8_unicode_ci NOT NULL,
|
||||
`ref` text COLLATE utf8_unicode_ci,
|
||||
`geographical_area` varchar(255) COLLATE utf8_unicode_ci,
|
||||
`version` int(11) NOT NULL DEFAULT 1,
|
||||
`enabled` tinyint(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (`id`),
|
||||
INDEX `name` (`name`),
|
||||
INDEX `geographical_area` (`geographical_area`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;';
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
|
||||
`expanded_name` text COLLATE utf8_unicode_ci NOT NULL,
|
||||
`ref` text COLLATE utf8_unicode_ci,
|
||||
`geographical_area` varchar(255) COLLATE utf8_unicode_ci,
|
||||
`version` int(11) NOT NULL DEFAULT 1,
|
||||
`enabled` tinyint(1) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (`id`),
|
||||
INDEX `name` (`name`),
|
||||
INDEX `geographical_area` (`geographical_area`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;';
|
||||
$sqlArray[] = 'CREATE TABLE IF NOT EXISTS `noticelist_entries` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`noticelist_id` int(11) NOT NULL,
|
||||
`data` text COLLATE utf8_unicode_ci NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
INDEX `noticelist_id` (`noticelist_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;';
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`noticelist_id` int(11) NOT NULL,
|
||||
`data` text COLLATE utf8_unicode_ci NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
INDEX `noticelist_id` (`noticelist_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;';
|
||||
break;
|
||||
case 9:
|
||||
$sqlArray[] = 'ALTER TABLE galaxies ADD namespace varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT "misp";';
|
||||
|
@ -971,63 +971,63 @@ class AppModel extends Model
|
|||
break;
|
||||
case 11:
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS event_locks (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `event_id` (`event_id`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `timestamp` (`timestamp`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `event_id` (`event_id`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `timestamp` (`timestamp`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case 12:
|
||||
$sqlArray[] = "ALTER TABLE `servers` ADD `skip_proxy` tinyint(1) NOT NULL DEFAULT 0;";
|
||||
break;
|
||||
case 13:
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS event_graph (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
`network_name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`network_json` MEDIUMTEXT NOT NULL,
|
||||
`preview_img` MEDIUMTEXT,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `event_id` (`event_id`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `org_id` (`org_id`),
|
||||
INDEX `timestamp` (`timestamp`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
`network_name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`network_json` MEDIUMTEXT NOT NULL,
|
||||
`preview_img` MEDIUMTEXT,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `event_id` (`event_id`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `org_id` (`org_id`),
|
||||
INDEX `timestamp` (`timestamp`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case 14:
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS `user_settings` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`setting` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
INDEX `setting` (`setting`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`setting` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`value` text COLLATE utf8_bin NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
INDEX `setting` (`setting`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case 15:
|
||||
$sqlArray[] = "CREATE TABLE IF NOT EXISTS event_graph (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
`network_name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`network_json` MEDIUMTEXT NOT NULL,
|
||||
`preview_img` MEDIUMTEXT,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `event_id` (`event_id`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `org_id` (`org_id`),
|
||||
INDEX `timestamp` (`timestamp`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`org_id` int(11) NOT NULL,
|
||||
`timestamp` int(11) NOT NULL DEFAULT 0,
|
||||
`network_name` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci,
|
||||
`network_json` MEDIUMTEXT NOT NULL,
|
||||
`preview_img` MEDIUMTEXT,
|
||||
PRIMARY KEY (id),
|
||||
INDEX `event_id` (`event_id`),
|
||||
INDEX `user_id` (`user_id`),
|
||||
INDEX `org_id` (`org_id`),
|
||||
INDEX `timestamp` (`timestamp`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
|
||||
break;
|
||||
case 18:
|
||||
$sqlArray[] = 'ALTER TABLE `taxonomy_predicates` ADD COLUMN description text CHARACTER SET UTF8 collate utf8_bin;';
|
||||
|
@ -1305,7 +1305,7 @@ class AppModel extends Model
|
|||
return true;
|
||||
}
|
||||
|
||||
public function runUpdates()
|
||||
public function runUpdates($verbose = false)
|
||||
{
|
||||
$this->AdminSetting = ClassRegistry::init('AdminSetting');
|
||||
$db = ConnectionManager::getDataSource('default');
|
||||
|
@ -1330,12 +1330,18 @@ class AppModel extends Model
|
|||
$updates = $this->__findUpgrades($db_version['AdminSetting']['value']);
|
||||
if (!empty($updates)) {
|
||||
foreach ($updates as $update => $temp) {
|
||||
if ($verbose) {
|
||||
echo str_pad('Executing ' . $update, 30, '.');
|
||||
}
|
||||
$this->updateMISP($update);
|
||||
if ($temp) {
|
||||
$requiresLogout = true;
|
||||
}
|
||||
$db_version['AdminSetting']['value'] = $update;
|
||||
$this->AdminSetting->save($db_version);
|
||||
if ($verbose) {
|
||||
echo "\033[32mDone\033[0m" . PHP_EOL;
|
||||
}
|
||||
}
|
||||
$this->__queueCleanDB();
|
||||
}
|
||||
|
@ -1926,8 +1932,33 @@ class AppModel extends Model
|
|||
return true;
|
||||
}
|
||||
|
||||
public function generateRandomFileName()
|
||||
{
|
||||
return (new RandomTool())->random_str(false, 12);
|
||||
}
|
||||
public function generateRandomFileName()
|
||||
{
|
||||
return (new RandomTool())->random_str(false, 12);
|
||||
}
|
||||
|
||||
public function resolveTimeDelta($delta)
|
||||
{
|
||||
if (is_numeric($delta)) {
|
||||
return $delta;
|
||||
}
|
||||
$multiplierArray = array('d' => 86400, 'h' => 3600, 'm' => 60, 's' => 1);
|
||||
$multiplier = $multiplierArray['d'];
|
||||
$lastChar = strtolower(substr($delta, -1));
|
||||
if (!is_numeric($lastChar) && array_key_exists($lastChar, $multiplierArray)) {
|
||||
$multiplier = $multiplierArray[$lastChar];
|
||||
$delta = substr($delta, 0, -1);
|
||||
} else if(strtotime($delta) !== false) {
|
||||
debug(strtotime($delta));
|
||||
return strtotime($delta);
|
||||
} else {
|
||||
// invalid filter, make sure we don't return anything
|
||||
return time() + 1;
|
||||
}
|
||||
if (!is_numeric($delta)) {
|
||||
// Same here. (returning false dumps the whole database)
|
||||
return time() + 1;
|
||||
}
|
||||
return time() - ($delta * $multiplier);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -10,10 +10,10 @@ class Attribute extends AppModel
|
|||
{
|
||||
public $combinedKeys = array('event_id', 'category', 'type');
|
||||
|
||||
public $name = 'Attribute'; // TODO general
|
||||
public $name = 'Attribute'; // TODO general
|
||||
|
||||
public $actsAs = array(
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'userModel' => 'User',
|
||||
'userKey' => 'user_id',
|
||||
'change' => 'full'),
|
||||
|
@ -1466,7 +1466,7 @@ class Attribute extends AppModel
|
|||
{
|
||||
// build the list of composite Attribute.type dynamically by checking if type contains a |
|
||||
// default composite types
|
||||
$compositeTypes = array('malware-sample'); // TODO hardcoded composite
|
||||
$compositeTypes = array('malware-sample'); // TODO hardcoded composite
|
||||
// dynamically generated list
|
||||
foreach (array_keys($this->typeDefinitions) as $type) {
|
||||
$pieces = explode('|', $type);
|
||||
|
@ -1601,11 +1601,11 @@ class Attribute extends AppModel
|
|||
} else {
|
||||
// Plebian filesystem operations
|
||||
$rootDir = $attachments_dir . DS . $attribute['event_id'];
|
||||
$dir = new Folder($rootDir, true); // create directory structure
|
||||
$dir = new Folder($rootDir, true); // create directory structure
|
||||
$destpath = $rootDir . DS . $attribute['id'];
|
||||
$file = new File($destpath, true); // create the file
|
||||
$decodedData = base64_decode($attribute['data']); // decode
|
||||
if ($file->write($decodedData)) { // save the data
|
||||
$file = new File($destpath, true); // create the file
|
||||
$decodedData = base64_decode($attribute['data']); // decode
|
||||
if ($file->write($decodedData)) { // save the data
|
||||
return true;
|
||||
} else {
|
||||
// error
|
||||
|
@ -3666,11 +3666,11 @@ class Attribute extends AppModel
|
|||
return 'Invalid sharing group choice.';
|
||||
}
|
||||
} else if (!isset($attribute['distribution'])) {
|
||||
$attribute['distribution'] = Configure::read('MISP.default_attribute_distribution');
|
||||
if ($attribute['distribution'] == 'event') {
|
||||
$attribute['distribution'] = 5;
|
||||
}
|
||||
}
|
||||
$attribute['distribution'] = Configure::read('MISP.default_attribute_distribution');
|
||||
if ($attribute['distribution'] == 'event') {
|
||||
$attribute['distribution'] = 5;
|
||||
}
|
||||
}
|
||||
$fieldList = array(
|
||||
'event_id',
|
||||
'category',
|
||||
|
|
|
@ -299,7 +299,7 @@ class Event extends AppModel
|
|||
'Attribute' => array(
|
||||
'className' => 'Attribute',
|
||||
'foreignKey' => 'event_id',
|
||||
'dependent' => true, // cascade deletes
|
||||
'dependent' => true, // cascade deletes
|
||||
'conditions' => '',
|
||||
'fields' => '',
|
||||
'order' => array('Attribute.category ASC', 'Attribute.type ASC'),
|
||||
|
@ -312,7 +312,7 @@ class Event extends AppModel
|
|||
'ShadowAttribute' => array(
|
||||
'className' => 'ShadowAttribute',
|
||||
'foreignKey' => 'event_id',
|
||||
'dependent' => true, // cascade deletes
|
||||
'dependent' => true, // cascade deletes
|
||||
'conditions' => '',
|
||||
'fields' => '',
|
||||
'order' => array('ShadowAttribute.old_id DESC', 'ShadowAttribute.old_id DESC'),
|
||||
|
@ -982,7 +982,7 @@ class Event extends AppModel
|
|||
private function __handleRestfulEventToServerResponse($response, &$newLocation, &$newTextBody)
|
||||
{
|
||||
switch ($response->code) {
|
||||
case '200': // 200 (OK) + entity-action-result
|
||||
case '200': // 200 (OK) + entity-action-result
|
||||
if ($response->isOk()) {
|
||||
$newTextBody = $response->body();
|
||||
return true;
|
||||
|
@ -1253,7 +1253,7 @@ class Event extends AppModel
|
|||
)
|
||||
);
|
||||
if ($thread_id) {
|
||||
$relations[] = array(
|
||||
$relations[] = array(
|
||||
'table' => 'posts',
|
||||
'foreign_key' => 'thread_id',
|
||||
'value' => $thread_id
|
||||
|
@ -2801,7 +2801,7 @@ class Event extends AppModel
|
|||
if (!empty($bodyTempOther)) {
|
||||
$body .= "\n";
|
||||
}
|
||||
$body .= $bodyTempOther; // append the 'other' attribute types to the bottom.
|
||||
$body .= $bodyTempOther; // append the 'other' attribute types to the bottom.
|
||||
$body .= '==============================================' . "\n";
|
||||
return $body;
|
||||
}
|
||||
|
@ -2919,7 +2919,7 @@ class Event extends AppModel
|
|||
}
|
||||
}
|
||||
$bodyevent .= "\n";
|
||||
$bodyevent .= $bodyTempOther; // append the 'other' attribute types to the bottom.
|
||||
$bodyevent .= $bodyTempOther; // append the 'other' attribute types to the bottom.
|
||||
return array($bodyevent, $body);
|
||||
}
|
||||
|
||||
|
@ -3127,7 +3127,7 @@ class Event extends AppModel
|
|||
// Workaround for different structure in XML/array than what CakePHP expects
|
||||
$data = $this->cleanupEventArrayFromXML($data);
|
||||
// the event_id field is not set (normal) so make sure no validation errors are thrown
|
||||
// LATER do this with $this->validator()->remove('event_id');
|
||||
// LATER do this with $this->validator()->remove('event_id');
|
||||
unset($this->Attribute->validate['event_id']); // otherwise gives bugs because event_id is not set
|
||||
unset($this->Attribute->validate['value']['uniqueValue']); // unset this - we are saving a new event, there are no values to compare against and event_id is not set in the attributes
|
||||
}
|
||||
|
@ -3515,49 +3515,49 @@ class Event extends AppModel
|
|||
}
|
||||
// if published -> do the actual publishing
|
||||
if ((!empty($data['Event']['published']) && 1 == $data['Event']['published'])) {
|
||||
// The edited event is from a remote server ?
|
||||
if ($passAlong) {
|
||||
$this->Server = ClassRegistry::init('Server');
|
||||
$server = $this->Server->find('first', array(
|
||||
'conditions' => array(
|
||||
'Server.id' => $passAlong
|
||||
),
|
||||
'recursive' => -1,
|
||||
'fields' => array(
|
||||
'Server.name',
|
||||
'Server.id',
|
||||
'Server.unpublish_event',
|
||||
'Server.publish_without_email'
|
||||
)
|
||||
));
|
||||
if ($server['Server']['publish_without_email'] == 0) {
|
||||
$st = "enabled";
|
||||
} else {
|
||||
$st = "disabled";
|
||||
}
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $user['Organisation']['name'],
|
||||
'model' => 'Event',
|
||||
'model_id' => $saveResult['Event']['id'],
|
||||
'email' => $user['email'],
|
||||
'action' => 'add',
|
||||
'user_id' => $user['id'],
|
||||
'title' => 'Event edited from Server(' . $server['Server']['id'] . ') - "' . $server['Server']['name'] . '" - Notification by mail ' . $st,
|
||||
'change' => ''
|
||||
// The edited event is from a remote server ?
|
||||
if ($passAlong) {
|
||||
$this->Server = ClassRegistry::init('Server');
|
||||
$server = $this->Server->find('first', array(
|
||||
'conditions' => array(
|
||||
'Server.id' => $passAlong
|
||||
),
|
||||
'recursive' => -1,
|
||||
'fields' => array(
|
||||
'Server.name',
|
||||
'Server.id',
|
||||
'Server.unpublish_event',
|
||||
'Server.publish_without_email'
|
||||
)
|
||||
));
|
||||
if ($server['Server']['publish_without_email'] == 0) {
|
||||
$st = "enabled";
|
||||
} else {
|
||||
$st = "disabled";
|
||||
}
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $user['Organisation']['name'],
|
||||
'model' => 'Event',
|
||||
'model_id' => $saveResult['Event']['id'],
|
||||
'email' => $user['email'],
|
||||
'action' => 'add',
|
||||
'user_id' => $user['id'],
|
||||
'title' => 'Event edited from Server(' . $server['Server']['id'] . ') - "' . $server['Server']['name'] . '" - Notification by mail ' . $st,
|
||||
'change' => ''
|
||||
));
|
||||
} else {
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $user['Organisation']['name'],
|
||||
'model' => 'Event',
|
||||
'model_id' => $saveResult['Event']['id'],
|
||||
'email' => $user['email'],
|
||||
'action' => 'add',
|
||||
'user_id' => $user['id'],
|
||||
'title' => 'Event edited (locally)',
|
||||
'change' => ''
|
||||
));
|
||||
} else {
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $user['Organisation']['name'],
|
||||
'model' => 'Event',
|
||||
'model_id' => $saveResult['Event']['id'],
|
||||
'email' => $user['email'],
|
||||
'action' => 'add',
|
||||
'user_id' => $user['id'],
|
||||
'title' => 'Event edited (locally)',
|
||||
'change' => ''
|
||||
));
|
||||
}
|
||||
// do the necessary actions to publish the event (email, upload,...)
|
||||
if ((true != Configure::read('MISP.disablerestalert')) && (empty($server) || $server['Server']['publish_without_email'] == 0)) {
|
||||
|
@ -4336,28 +4336,6 @@ class Event extends AppModel
|
|||
return (preg_match('/^[0-9]{4}-(0[1-9]|1[012])-(0[1-9]|1[0-9]|2[0-9]|3[01])$/', $date)) ? $date : false;
|
||||
}
|
||||
|
||||
public function resolveTimeDelta($delta)
|
||||
{
|
||||
if (is_numeric($delta)) {
|
||||
return $delta;
|
||||
}
|
||||
$multiplierArray = array('d' => 86400, 'h' => 3600, 'm' => 60, 's' => 1);
|
||||
$multiplier = $multiplierArray['d'];
|
||||
$lastChar = strtolower(substr($delta, -1));
|
||||
if (!is_numeric($lastChar) && array_key_exists($lastChar, $multiplierArray)) {
|
||||
$multiplier = $multiplierArray[$lastChar];
|
||||
$delta = substr($delta, 0, -1);
|
||||
} else {
|
||||
// invalid filter, make sure we don't return anything
|
||||
return time() + 1;
|
||||
}
|
||||
if (!is_numeric($delta)) {
|
||||
// Same here. (returning false dumps the whole database)
|
||||
return time() + 1;
|
||||
}
|
||||
return time() - ($delta * $multiplier);
|
||||
}
|
||||
|
||||
private function __prepareAttributeForView(
|
||||
$attribute,
|
||||
$correlatedAttributes,
|
||||
|
@ -5425,7 +5403,9 @@ class Event extends AppModel
|
|||
unset($temp['GalaxyCluster']['Galaxy']);
|
||||
$data['Galaxy'][count($data['Galaxy']) - 1]['GalaxyCluster'][] = $temp['GalaxyCluster'];
|
||||
}
|
||||
unset($data[$dataType . 'Tag'][$k]);
|
||||
if ($cullGalaxyTags) {
|
||||
unset($data[$dataType . 'Tag'][$k]);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ class EventBlacklist extends AppModel
|
|||
public $recursive = -1;
|
||||
|
||||
public $actsAs = array(
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'userModel' => 'User',
|
||||
'userKey' => 'user_id',
|
||||
'change' => 'full'),
|
||||
|
|
|
@ -28,7 +28,7 @@ class GalaxyCluster extends AppModel
|
|||
|
||||
public $hasMany = array(
|
||||
'GalaxyElement' => array('dependent' => true),
|
||||
// 'GalaxyReference'
|
||||
// 'GalaxyReference'
|
||||
);
|
||||
|
||||
public function beforeValidate($options = array())
|
||||
|
|
|
@ -149,11 +149,11 @@ class Log extends AppModel
|
|||
$condOrg = '';
|
||||
}
|
||||
$sql = 'SELECT DISTINCT EXTRACT(EPOCH FROM CAST(created AS DATE)) AS "Date",
|
||||
COUNT(id) AS count
|
||||
FROM logs
|
||||
WHERE action NOT IN (' . $condnotinaction . ')
|
||||
' . $condOrg . '
|
||||
GROUP BY "Date" ORDER BY "Date"';
|
||||
COUNT(id) AS count
|
||||
FROM logs
|
||||
WHERE action NOT IN (' . $condnotinaction . ')
|
||||
' . $condOrg . '
|
||||
GROUP BY "Date" ORDER BY "Date"';
|
||||
$validDates = $this->query($sql);
|
||||
}
|
||||
$data = array();
|
||||
|
|
|
@ -11,7 +11,7 @@ class MispObject extends AppModel
|
|||
|
||||
public $actsAs = array(
|
||||
'Containable',
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'userModel' => 'User',
|
||||
'userKey' => 'user_id',
|
||||
'change' => 'full'),
|
||||
|
@ -539,12 +539,12 @@ class MispObject extends AppModel
|
|||
$this->Event->Attribute->create();
|
||||
$newAttribute['event_id'] = $object['Object']['event_id'];
|
||||
$newAttribute['object_id'] = $object['Object']['id'];
|
||||
if (!isset($newAttribute['timestamp'])) {
|
||||
$newAttribute['distribution'] = Configure::read('MISP.default_attribute_distribution');
|
||||
if ($newAttribute['distribution'] == 'event') {
|
||||
$newAttribute['distribution'] = 5;
|
||||
}
|
||||
}
|
||||
if (!isset($newAttribute['timestamp'])) {
|
||||
$newAttribute['distribution'] = Configure::read('MISP.default_attribute_distribution');
|
||||
if ($newAttribute['distribution'] == 'event') {
|
||||
$newAttribute['distribution'] = 5;
|
||||
}
|
||||
}
|
||||
$this->Event->Attribute->save($newAttribute);
|
||||
$attributeArrays['add'][] = $newAttribute;
|
||||
unset($objectToSave['Attribute'][$newKey]);
|
||||
|
|
|
@ -7,7 +7,7 @@ class OrgBlacklist extends AppModel
|
|||
public $recursive = -1;
|
||||
|
||||
public $actsAs = array(
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'userModel' => 'User',
|
||||
'userKey' => 'user_id',
|
||||
'change' => 'full'),
|
||||
|
|
|
@ -7,7 +7,7 @@ class Post extends AppModel
|
|||
{
|
||||
public $actsAs = array(
|
||||
'Containable',
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'roleModel' => 'Post',
|
||||
'roleKey' => 'post_id',
|
||||
'change' => 'full'
|
||||
|
|
|
@ -9,7 +9,7 @@ App::uses('AppModel', 'Model');
|
|||
class Regexp extends AppModel
|
||||
{
|
||||
public $actsAs = array(
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'roleModel' => 'Role',
|
||||
'roleKey' => 'role_id',
|
||||
'change' => 'full'
|
||||
|
|
|
@ -36,7 +36,7 @@ class Role extends AppModel
|
|||
|
||||
public $actsAs = array(
|
||||
'Trim',
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'roleModel' => 'Role',
|
||||
'roleKey' => 'role_id',
|
||||
'change' => 'full'
|
||||
|
|
|
@ -110,7 +110,8 @@ class Server extends AppModel
|
|||
'getAuthkey' => 'MISP/app/Console/cake Admin getAuthkey [email]',
|
||||
'setBaseurl' => 'MISP/app/Console/cake Baseurl [baseurl]',
|
||||
'changePassword' => 'MISP/app/Console/cake Password [email] [new_password]',
|
||||
'clearBruteforce' => 'MISP/app/Console/cake Admin clearBruteforce [user_email]',
|
||||
'clearBruteforce' => 'MISP/app/Console/cake Admin clearBruteforce [user_email]',
|
||||
'updateDatabase' => 'MISP/app/Console/cake Admin updateDatabase',
|
||||
'updateGalaxies' => 'MISP/app/Console/cake Admin updateGalaxies',
|
||||
'updateTaxonomies' => 'MISP/app/Console/cake Admin updateTaxonomies',
|
||||
'updateWarningLists' => 'MISP/app/Console/cake Admin updateWarningLists',
|
||||
|
@ -3328,7 +3329,7 @@ class Server extends AppModel
|
|||
));
|
||||
return false;
|
||||
}
|
||||
copy(APP . 'Config' . DS . 'config.php', APP . 'Config' . DS . 'config.php.bk');
|
||||
copy(APP . 'Config' . DS . 'config.php', APP . 'Config' . DS . 'config.php.bk');
|
||||
$settingObject = $this->getCurrentServerSettings();
|
||||
foreach ($settingObject as $branchName => $branch) {
|
||||
if (!isset($branch['level'])) {
|
||||
|
@ -3374,14 +3375,14 @@ class Server extends AppModel
|
|||
if (function_exists('opcache_reset')) {
|
||||
opcache_reset();
|
||||
}
|
||||
$randomFilename = $this->generateRandomFileName();
|
||||
// To protect us from 2 admin users having a concurent file write to the config file, solar flares and the bogeyman
|
||||
$randomFilename = $this->generateRandomFileName();
|
||||
// To protect us from 2 admin users having a concurent file write to the config file, solar flares and the bogeyman
|
||||
file_put_contents(APP . 'Config' . DS . $randomFilename, $settingsString);
|
||||
rename(APP . 'Config' . DS . $randomFilename, APP . 'Config' . DS . 'config.php');
|
||||
$config_saved = file_get_contents(APP . 'Config' . DS . 'config.php');
|
||||
// if the saved config file is empty, restore the backup.
|
||||
if (strlen($config_saved) < 20) {
|
||||
copy(APP . 'Config' . DS . 'config.php.bk', APP . 'Config' . DS . 'config.php');
|
||||
rename(APP . 'Config' . DS . $randomFilename, APP . 'Config' . DS . 'config.php');
|
||||
$config_saved = file_get_contents(APP . 'Config' . DS . 'config.php');
|
||||
// if the saved config file is empty, restore the backup.
|
||||
if (strlen($config_saved) < 20) {
|
||||
copy(APP . 'Config' . DS . 'config.php.bk', APP . 'Config' . DS . 'config.php');
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
|
@ -3393,9 +3394,9 @@ class Server extends AppModel
|
|||
'user_id' => 0,
|
||||
'title' => 'Error: Something went wrong saving the config file, reverted to backup file.',
|
||||
));
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public function checkVersion($newest)
|
||||
|
@ -3777,15 +3778,15 @@ class Server extends AppModel
|
|||
return $readableFiles;
|
||||
}
|
||||
|
||||
public function stixDiagnostics(&$diagnostic_errors, &$stixVersion, &$cyboxVersion, &$mixboxVersion, &$maecVersion, &$pymispVersion)
|
||||
public function stixDiagnostics(&$diagnostic_errors, &$stixVersion, &$cyboxVersion, &$mixboxVersion, &$maecVersion, &$stix2Version, &$pymispVersion)
|
||||
{
|
||||
$result = array();
|
||||
$expected = array('stix' => '1.2.0.6', 'cybox' => '2.1.0.18.dev0', 'mixbox' => '1.0.3', 'maec' => '4.1.0.14', 'pymisp' => '>2.4.93');
|
||||
$expected = array('stix' => '1.2.0.6', 'cybox' => '2.1.0.18.dev0', 'mixbox' => '1.0.3', 'maec' => '4.1.0.14', 'stix2' => '1.1.1', 'pymisp' => '>2.4.93');
|
||||
// check if the STIX and Cybox libraries are working using the test script stixtest.py
|
||||
$scriptResult = shell_exec($this->getPythonVersion() . ' ' . APP . 'files' . DS . 'scripts' . DS . 'stixtest.py');
|
||||
$scriptResult = json_decode($scriptResult, true);
|
||||
if ($scriptResult == null) {
|
||||
return array('operational' => 0, 'stix' => array('expected' => $expected['stix']), 'cybox' => array('expected' => $expected['cybox']), 'mixbox' => array('expected' => $expected['mixbox']), 'maec' => array('expected' => $expected['maec']), 'pymisp' => array('expected' => $expected['pymisp']));
|
||||
return array('operational' => 0, 'stix' => array('expected' => $expected['stix']), 'cybox' => array('expected' => $expected['cybox']), 'mixbox' => array('expected' => $expected['mixbox']), 'maec' => array('expected' => $expected['maec']), 'stix2' => array('expected' => $expected['stix2']), 'pymisp' => array('expected' => $expected['pymisp']));
|
||||
}
|
||||
$scriptResult['operational'] = $scriptResult['success'];
|
||||
if ($scriptResult['operational'] == 0) {
|
||||
|
@ -3893,7 +3894,7 @@ class Server extends AppModel
|
|||
$syncTool = new SyncTool();
|
||||
try {
|
||||
$HttpSocket = $syncTool->setupHttpSocket();
|
||||
$proxyResponse = $HttpSocket->get('http://www.example.com/');
|
||||
$proxyResponse = $HttpSocket->get('https://www.github.com/');
|
||||
} catch (Exception $e) {
|
||||
$proxyStatus = 2;
|
||||
}
|
||||
|
|
|
@ -8,10 +8,10 @@ class ShadowAttribute extends AppModel
|
|||
{
|
||||
public $combinedKeys = array('event_id', 'category', 'type');
|
||||
|
||||
public $name = 'ShadowAttribute'; // TODO general
|
||||
public $name = 'ShadowAttribute'; // TODO general
|
||||
|
||||
public $actsAs = array(
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'userModel' => 'User',
|
||||
'userKey' => 'user_id',
|
||||
'change' => 'full'),
|
||||
|
@ -368,7 +368,7 @@ class ShadowAttribute extends AppModel
|
|||
{
|
||||
// build the list of composite Attribute.type dynamically by checking if type contains a |
|
||||
// default composite types
|
||||
$compositeTypes = array('malware-sample'); // TODO hardcoded composite
|
||||
$compositeTypes = array('malware-sample'); // TODO hardcoded composite
|
||||
// dynamically generated list
|
||||
foreach (array_keys($this->typeDefinitions) as $type) {
|
||||
$pieces = explode('|', $type);
|
||||
|
@ -433,11 +433,11 @@ class ShadowAttribute extends AppModel
|
|||
return true;
|
||||
} else {
|
||||
$rootDir = $attachments_dir . DS . 'shadow' . DS . $attribute['event_id'];
|
||||
$dir = new Folder($rootDir, true); // create directory structure
|
||||
$dir = new Folder($rootDir, true); // create directory structure
|
||||
$destpath = $rootDir . DS . $attribute['id'];
|
||||
$file = new File($destpath, true); // create the file
|
||||
$decodedData = base64_decode($attribute['data']); // decode
|
||||
if ($file->write($decodedData)) { // save the data
|
||||
$file = new File($destpath, true); // create the file
|
||||
$decodedData = base64_decode($attribute['data']); // decode
|
||||
if ($file->write($decodedData)) { // save the data
|
||||
return true;
|
||||
} else {
|
||||
// error
|
||||
|
|
|
@ -5,7 +5,7 @@ class SharingGroup extends AppModel
|
|||
{
|
||||
public $actsAs = array(
|
||||
'Containable',
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'roleModel' => 'SharingGroup',
|
||||
'roleKey' => 'sharing_group_id',
|
||||
'change' => 'full'
|
||||
|
@ -34,12 +34,12 @@ class SharingGroup extends AppModel
|
|||
'SharingGroupOrg' => array(
|
||||
'className' => 'SharingGroupOrg',
|
||||
'foreignKey' => 'sharing_group_id',
|
||||
'dependent' => true, // cascade deletes
|
||||
'dependent' => true, // cascade deletes
|
||||
),
|
||||
'SharingGroupServer' => array(
|
||||
'className' => 'SharingGroupServer',
|
||||
'foreignKey' => 'sharing_group_id',
|
||||
'dependent' => true, // cascade deletes
|
||||
'dependent' => true, // cascade deletes
|
||||
),
|
||||
'Event',
|
||||
'Attribute',
|
||||
|
@ -577,7 +577,7 @@ class SharingGroup extends AppModel
|
|||
if ($force) {
|
||||
$sgids = $existingSG['SharingGroup']['id'];
|
||||
$editedSG = $existingSG['SharingGroup'];
|
||||
$attributes = array('name', 'releasability', 'description', 'created', 'modified', 'active');
|
||||
$attributes = array('name', 'releasability', 'description', 'created', 'modified', 'active');
|
||||
foreach ($attributes as $a) {
|
||||
if (isset($sg[$a])) {
|
||||
$editedSG[$a] = $sg[$a];
|
||||
|
|
|
@ -8,7 +8,7 @@ class Tag extends AppModel
|
|||
public $displayField = 'name';
|
||||
|
||||
public $actsAs = array(
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'roleModel' => 'Tag',
|
||||
'roleKey' => 'tag_id',
|
||||
'change' => 'full'
|
||||
|
|
|
@ -380,7 +380,7 @@ class Taxonomy extends AppModel
|
|||
return $taxonomies;
|
||||
}
|
||||
|
||||
public function getTaxonomyForTag($tagName)
|
||||
public function getTaxonomyForTag($tagName, $metaOnly = false)
|
||||
{
|
||||
if (preg_match('/^[^:="]+:[^:="]+="[^:="]+"$/i', $tagName)) {
|
||||
$temp = explode(':', $tagName);
|
||||
|
@ -402,6 +402,9 @@ class Taxonomy extends AppModel
|
|||
)
|
||||
)
|
||||
));
|
||||
if ($metaOnly && !empty($taxonomy)) {
|
||||
return array('Taxonomy' => $taxonomy['Taxonomy']);
|
||||
}
|
||||
return $taxonomy;
|
||||
} elseif (preg_match('/^[^:="]+:[^:="]+$/i', $tagName)) {
|
||||
$pieces = explode(':', $tagName);
|
||||
|
@ -416,6 +419,9 @@ class Taxonomy extends AppModel
|
|||
)
|
||||
)
|
||||
));
|
||||
if ($metaOnly && !empty($taxonomy)) {
|
||||
return array('Taxonomy' => $taxonomy['Taxonomy']);
|
||||
}
|
||||
return $taxonomy;
|
||||
} else {
|
||||
return false;
|
||||
|
|
|
@ -6,7 +6,7 @@ class Thread extends AppModel
|
|||
{
|
||||
public $actsAs = array(
|
||||
'Containable',
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'roleModel' => 'Thread',
|
||||
'roleKey' => 'thread_id',
|
||||
'change' => 'full'
|
||||
|
|
|
@ -853,7 +853,7 @@ class User extends AppModel
|
|||
// Sign the body
|
||||
require_once 'Crypt/GPG.php';
|
||||
try {
|
||||
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'), 'gpgconf' => Configure::read('GnuPG.gpgconf'), 'binary' => (Configure::read('GnuPG.binary') ? Configure::read('GnuPG.binary') : '/usr/bin/gpg'), 'debug')); // , 'debug' => true
|
||||
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'), 'gpgconf' => Configure::read('GnuPG.gpgconf'), 'binary' => (Configure::read('GnuPG.binary') ? Configure::read('GnuPG.binary') : '/usr/bin/gpg'), 'debug')); // , 'debug' => true
|
||||
if (Configure::read('GnuPG.sign')) {
|
||||
$gpg->addSignKey(Configure::read('GnuPG.email'), Configure::read('GnuPG.password'));
|
||||
$body = $gpg->sign($body, Crypt_GPG::SIGN_MODE_CLEAR);
|
||||
|
|
|
@ -10,7 +10,7 @@ class Whitelist extends AppModel
|
|||
|
||||
public $actsAs = array(
|
||||
'Trim',
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'SysLogLogable.SysLogLogable' => array( // TODO Audit, logable
|
||||
'roleModel' => 'Role',
|
||||
'roleKey' => 'role_id',
|
||||
'change' => 'full'
|
||||
|
@ -26,7 +26,7 @@ class Whitelist extends AppModel
|
|||
),
|
||||
'userdefined' => array(
|
||||
'rule' => array('validateValue'),
|
||||
'message' => 'Name not in the right format. Whitelist entries have to be enclosed by a valid php delimiter (which can be most non-alphanumeric / non-whitespace character). Format: "/8.8.8.8/" Please double check the name.', //'allowEmpty' => false,
|
||||
'message' => 'Name not in the right format. Whitelist entries have to be enclosed by a valid php delimiter (which can be most non-alphanumeric / non-whitespace character). Format: "/8.8.8.8/" Please double check the name.', //'allowEmpty' => false,
|
||||
//'allowEmpty' => false,
|
||||
//'required' => true,
|
||||
//'last' => false, // Stop validation after this rule
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
<?php
|
||||
echo sprintf(
|
||||
'%s (%s) %s %s',
|
||||
sprintf(
|
||||
'<span id="eventSightingCount" class="bold sightingsCounter" data-toggle="popover" data-trigger="hover" data-content="%s">%s</span>',
|
||||
$sightingPopover,
|
||||
count($event['Sighting'])
|
||||
),
|
||||
sprintf(
|
||||
'<span id="eventOwnSightingCount" class="green bold sightingsCounter" data-toggle="popover" data-trigger="hover" data-content="%s">%s</span>',
|
||||
$sightingPopover,
|
||||
isset($ownSightings) ? count($ownSightings) : 0
|
||||
),
|
||||
(Configure::read('Plugin.Sightings_policy')) ? '' : __('- restricted to own organisation only.'),
|
||||
sprintf(
|
||||
'<span class="icon-wrench useCursorPointer sightings_advanced_add" title="%s" role="button" tabindex="0" aria-label="%s" data-object-id="%s" data-object-context="event"> </span>',
|
||||
__('Advanced Sightings'),
|
||||
__('Advanced Sightings'),
|
||||
h($event['Event']['id'])
|
||||
)
|
||||
);
|
|
@ -140,7 +140,7 @@
|
|||
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
|
||||
}
|
||||
}
|
||||
echo ' <span class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover" data-placement="right"> </span>';
|
||||
echo ' <span aria-label="' . __('warning') . '" role="img" tabindex="0" class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover" data-placement="right"> </span>';
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
|
|
|
@ -107,7 +107,7 @@
|
|||
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
|
||||
}
|
||||
}
|
||||
echo ' <span class="icon-warning-sign icon-white" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover"> </span>';
|
||||
echo ' <span aria-label="' . __('warning') . '" role="img" tabindex="0" class="icon-warning-sign icon-white" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover"> </span>';
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
|
|
|
@ -58,7 +58,7 @@ if ($object['value'] == 'MERGE') debug($object);
|
|||
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
|
||||
}
|
||||
}
|
||||
echo ' <span class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover"> </span>';
|
||||
echo ' <span aria-label="' . __('warning') . '" role="img" tabindex="0" class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover"> </span>';
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
|
|
|
@ -65,7 +65,7 @@ if ($object['value'] == 'MERGE') debug($object);
|
|||
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
|
||||
}
|
||||
}
|
||||
echo ' <span class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover"> </span>';
|
||||
echo ' <span aria-label="' . __('warning') . '" role="img" tabindex="0" class="icon-warning-sign" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover"> </span>';
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
|
|
|
@ -0,0 +1,60 @@
|
|||
<?php
|
||||
/*
|
||||
UI tool to build meta-field key-value tables for views (such as the event view, org view, etc)
|
||||
Use the following input for the element, defined as "table_data" in the input
|
||||
$table_data = array(
|
||||
array(
|
||||
'key' => 'key to use',
|
||||
'key_title' => 'title for hover-descriptions',
|
||||
'value' => 'raw value to use',
|
||||
'html' => 'raw html to echo - needs to be pre-sanitised',
|
||||
'boolean' => 'pass a value to evaluate as empty() and subsequently use a simple yes/no boolean field'
|
||||
'element' => 'element name to use as value',
|
||||
'element_params' => array(parameters to be passed to the element),
|
||||
'class' => 'classes appended to both the key and value',
|
||||
'key_class' => 'classes appended to the key',
|
||||
'value_class' => 'classes appended to the value'
|
||||
),
|
||||
...
|
||||
);
|
||||
*/
|
||||
$rows = array();
|
||||
foreach ($table_data as $row) {
|
||||
$element = false;
|
||||
if (!empty($row['element'])) {
|
||||
$element = $this->element($row['element'], empty($row['element_params']) ? array() : $row['element_params']);
|
||||
}
|
||||
$rows[] = sprintf(
|
||||
'<tr><td class="%s" title="%s">%s</td><td class="%s">%s</td></tr>',
|
||||
sprintf(
|
||||
'meta_table_key %s %s',
|
||||
empty($row['class']) ? '' : h($row['class']),
|
||||
empty($row['key_class']) ? '' : h($row['key_class'])
|
||||
),
|
||||
empty($row['key_title']) ? '' : h($row['key_title']),
|
||||
empty($row['key']) ? 'Undefined' : h($row['key']),
|
||||
sprintf(
|
||||
'meta_table_value %s %s',
|
||||
empty($row['class']) ? '' : h($row['class']),
|
||||
empty($row['value_class']) ? '' : h($row['value_class'])
|
||||
),
|
||||
sprintf(
|
||||
'%s%s%s%s',
|
||||
!isset($row['boolean']) ? '' : sprintf(
|
||||
'<span class="%s">%s</span>',
|
||||
(empty($row['class']) && empty($row['value_class'])) ?
|
||||
(empty($row['boolean']) ? 'bold red' : 'bold green') : '',
|
||||
empty($row['boolean']) ? 'No' : 'Yes'
|
||||
),
|
||||
empty($row['value']) ? '' : h($row['value']),
|
||||
empty($row['html']) ? '' : $row['html'],
|
||||
empty($element) ? '' : $element
|
||||
)
|
||||
);
|
||||
}
|
||||
$rows = implode(PHP_EOL, $rows);
|
||||
echo sprintf(
|
||||
'<table class="%s">%s</table>',
|
||||
'meta_table table table-striped table-condensed',
|
||||
$rows
|
||||
);
|
|
@ -203,6 +203,7 @@
|
|||
<b>CyBox</b>: <?php echo $stix['cybox']['expected'];?><br />
|
||||
<b>mixbox</b>: <?php echo $stix['mixbox']['expected'];?><br />
|
||||
<b>maec</b>: <?php echo $stix['maec']['expected'];?><br />
|
||||
<b>STIX2</b>: <?php echo $stix['stix2']['expected'];?><br />
|
||||
<b>PyMISP</b>: <?php echo $stix['pymisp']['expected'];?><br />
|
||||
<?php echo __('Other versions might work but are not tested / recommended.');?></p>
|
||||
<div style="background-color:#f7f7f9;width:400px;">
|
||||
|
@ -221,7 +222,7 @@
|
|||
if (!$testReadError) {
|
||||
$error_count = 0;
|
||||
$libraries = '';
|
||||
foreach (array('stix', 'cybox', 'mixbox', 'maec', 'pymisp') as $package) {
|
||||
foreach (array('stix', 'cybox', 'mixbox', 'maec', 'stix2', 'pymisp') as $package) {
|
||||
$lib_colour = 'green';
|
||||
if ($stix[$package]['status'] == 0) {
|
||||
$lib_colour = 'red';
|
||||
|
|
|
@ -48,227 +48,261 @@
|
|||
endif;
|
||||
$title = h($event['Event']['info']);
|
||||
if (strlen($title) > 58) $title = substr($title, 0, 55) . '...';
|
||||
$table_data = array();
|
||||
$table_data[] = array('key' => __('Event ID'), 'value' => $event['Event']['id']);
|
||||
$table_data[] = array('key' => 'UUID', 'value' => $event['Event']['uuid']);
|
||||
if (Configure::read('MISP.showorgalternate')) {
|
||||
$table_data[] = array(
|
||||
'key' => __('Source Organisation'),
|
||||
'html' => sprintf(
|
||||
'<a href="%s/organisations/view/%s">%s</a>',
|
||||
$baseurl,
|
||||
h($event['Orgc']['id']),
|
||||
h($event['Orgc']['name'])
|
||||
)
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Member Organisation'),
|
||||
'html' => sprintf(
|
||||
'<a href="%s/organisations/view/%s">%s</a>',
|
||||
$baseurl,
|
||||
h($event['Org']['id']),
|
||||
h($event['Org']['name'])
|
||||
)
|
||||
);
|
||||
} else {
|
||||
$table_data[] = array(
|
||||
'key' => __('Creator org'),
|
||||
'html' => sprintf(
|
||||
'<a href="%s/organisations/view/%s">%s</a>',
|
||||
$baseurl,
|
||||
h($event['Orgc']['id']),
|
||||
h($event['Orgc']['name'])
|
||||
)
|
||||
);
|
||||
if ($isSiteAdmin) {
|
||||
$table_data[] = array(
|
||||
'key' => __('Owner org'),
|
||||
'html' => sprintf(
|
||||
'<a href="%s/organisations/view/%s">%s</a>',
|
||||
$baseurl,
|
||||
h($event['Org']['id']),
|
||||
h($event['Org']['name'])
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
if (!empty($contributors)) {
|
||||
$contributorsContent = '';
|
||||
foreach ($contributors as $k => $entry) {
|
||||
$contributorsContent .= sprintf(
|
||||
'<a href="%s" style="margin-right:2px;text-decoration: none;">%s</a>',
|
||||
$baseurl."/logs/event_index/".$event['Event']['id'].'/'.h($entry),
|
||||
$this->element('img', array('id' => $entry, 'imgSize' => 24, 'imgStyle' => true))
|
||||
);
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => __('Contributors'),
|
||||
'html' => $contributorsContent
|
||||
);
|
||||
}
|
||||
if (isset($event['User']['email']) && ($isSiteAdmin || ($isAdmin && $me['org_id'] == $event['Event']['org_id']))) {
|
||||
$table_data[] = array(
|
||||
'key' => __('Email'),
|
||||
'value' => h($event['User']['email'])
|
||||
);
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => __('Tags'),
|
||||
'html' => sprintf(
|
||||
'<span class="eventTagContainer">%s</span>',
|
||||
$this->element(
|
||||
'ajaxTags',
|
||||
array(
|
||||
'event' => $event,
|
||||
'tags' => $event['EventTag'],
|
||||
'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['orgc_id'])
|
||||
)
|
||||
)
|
||||
)
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Date'),
|
||||
'value' => $event['Event']['date']
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Threat Level'),
|
||||
'key_title' => $eventDescriptions['threat_level_id']['desc'],
|
||||
'value' => $event['ThreatLevel']['name']
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Analysis'),
|
||||
'key_title' => $eventDescriptions['analysis']['desc'],
|
||||
'value' => $analysisLevels[$event['Event']['analysis']]
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Distribution'),
|
||||
'value_class' => ($event['Event']['distribution'] == 0) ? 'privateRedText' : '',
|
||||
'html' => sprintf(
|
||||
'%s %s',
|
||||
($event['Event']['distribution'] == 4) ?
|
||||
sprintf('<a href="%s%s">%s</a>', $baseurl . '/sharing_groups/view/', h($event['SharingGroup']['id']), h($event['SharingGroup']['name'])) :
|
||||
h($distributionLevels[$event['Event']['distribution']]),
|
||||
sprintf(
|
||||
'<span class="%s" data-object-id="%s" data-object-context="event" data-shown="false"></span><div style="display: none">%s</div>',
|
||||
'useCursorPointer fa fa-info-circle distribution_graph',
|
||||
h($event['Event']['id']),
|
||||
$this->element('view_event_distribution_graph')
|
||||
)
|
||||
)
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Info'),
|
||||
'value' => $event['Event']['info']
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Published'),
|
||||
'class' => ($event['Event']['published'] == 0) ? 'background-red bold not-published' : 'published',
|
||||
'class_value' => ($event['Event']['published'] == 0) ? '' : 'green',
|
||||
'html' => ($event['Event']['published'] == 0) ? 'No' : '<span class="green bold">Yes</span>' . ((empty($event['Event']['publish_timestamp'])) ? 'N/A' : ' (' . date('Y-m-d H:i:s', ($event['Event']['publish_timestamp'])) . ')')
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('#Attributes'),
|
||||
'value' => $attribute_count
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('First recorded change'),
|
||||
'value' => date('Y-m-d H:i:s', $event['Event']['timestamp'])
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Last change'),
|
||||
'value' => date('Y-m-d H:i:s', $event['Event']['timestamp'])
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Modification map'),
|
||||
'element' => 'sparkline',
|
||||
'element_params' => array('scope' => 'modification', 'id' => $event['Event']['id'], 'csv' => $modificationMapCSV)
|
||||
);
|
||||
if (!empty($extendedEvent) || !empty($event['Event']['extends_uuid'])) {
|
||||
$table_data[] = array(
|
||||
'key' => __('Extends'),
|
||||
'value_class' => 'break-word',
|
||||
'html' => (!empty($extendedEvent) && is_array($extendedEvent)) ?
|
||||
sprintf(
|
||||
'<span>%s (<a href="%s">%s</a>): %s</span>',
|
||||
__('Event'),
|
||||
$baseurl . '/events/view/' . h($extendedEvent[0]['Event']['id']),
|
||||
h($extendedEvent[0]['Event']['id']),
|
||||
h($extendedEvent[0]['Event']['info'])
|
||||
) :
|
||||
h($event['Event']['extends_uuid'])
|
||||
);
|
||||
}
|
||||
$extended_by = '';
|
||||
if (!empty($extensions)) {
|
||||
foreach ($extensions as $extension) {
|
||||
$extended_by .= sprintf('<span>%s (<a href="%s">%s</a>): %s</span>', __('Event'), $baseurl . '/events/view/' . h($extension['Event']['id']), h($extension['Event']['id']), h($extension['Event']['info'])) . '<br />';
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => __('Extended by'),
|
||||
'value_class' => 'break-word',
|
||||
'html' => sprintf(
|
||||
'%s %s %s %s',
|
||||
$extended_by,
|
||||
sprintf(
|
||||
'Currently in %s view.',
|
||||
$extended ? __('extended') : __('atomic')
|
||||
),
|
||||
sprintf(
|
||||
'<a href="%s/events/view/%s%s"><span class="icon-refresh"></span></a>',
|
||||
$baseurl,
|
||||
$event['Event']['id'],
|
||||
$extended ? '' : '/extended:1'
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => __('Sightings'),
|
||||
'element' => '/Events/View/eventSightingValue',
|
||||
'element_params' => array(
|
||||
'sightingPopover' => $sightingPopover,
|
||||
'event' => $event,
|
||||
'ownSightings' => empty($ownSightings) ? array() : $ownSightings
|
||||
)
|
||||
);
|
||||
if (!empty($sightingsData['csv']['event'])) {
|
||||
$table_data[] = array(
|
||||
'key' => __('Activity'),
|
||||
'element' => 'sparkline',
|
||||
'element_params' => array('scope' => 'event', 'id' => $event['Event']['id'], 'csv' => $sightingsData['csv']['event'])
|
||||
);
|
||||
}
|
||||
if (!empty($delegationRequest)) {
|
||||
if ($isSiteAdmin || $me['org_id'] == $delegationRequest['EventDelegation']['org_id']) {
|
||||
if ($isSiteAdmin) {
|
||||
$message = sprintf(
|
||||
'%s has requested that %s take over this event.',
|
||||
h($delegationRequest['RequesterOrg']['name']),
|
||||
h($delegationRequest['Org']['name'])
|
||||
);
|
||||
} else {
|
||||
$message = sprintf(
|
||||
'%s has requested that you take over this event.',
|
||||
h($delegationRequest['RequesterOrg']['name'])
|
||||
);
|
||||
}
|
||||
} else {
|
||||
$message = sprintf(
|
||||
'You have requested that %s take over this event.',
|
||||
h($delegationRequest['Org']['name'])
|
||||
);
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => __('Delegation request'),
|
||||
'class' => 'background-red bold',
|
||||
'html' => sprintf(
|
||||
'%s (%s)',
|
||||
$message,
|
||||
sprintf (
|
||||
'<a href="#" style="color:white;" onClick="genericPopup(%s);">%s</a>',
|
||||
sprintf(
|
||||
"'%s/eventDelegations/view/%s', '#confirmation_box'",
|
||||
$baseurl,
|
||||
h($delegationRequest['EventDelegation']['id'])
|
||||
),
|
||||
__('View request details')
|
||||
)
|
||||
)
|
||||
);
|
||||
if (!Configure::read('MISP.completely_disable_correlation') && Configure::read('MISP.allow_disabling_correlation')) {
|
||||
$table_data[] = array(
|
||||
'key' => __('Correlation'),
|
||||
'class' => $event['Event']['disable_correlation'] ? 'background-red bold' : '',
|
||||
'html' => sprintf(
|
||||
'%s%s',
|
||||
$event['Event']['disable_correlation'] ? __('Disabled') : __('Enabled'),
|
||||
(!$mayModify && !$isSiteAdmin) ? '' : sprintf(
|
||||
sprintf(
|
||||
' (<a onClick="getPopup(%s);" style="%scursor:pointer;font-weight:normal;">%s</a>)',
|
||||
sprintf(
|
||||
"'%s', 'events', 'toggleCorrelation', '', '#confirmation_box'",
|
||||
h($event['Event']['id'])
|
||||
),
|
||||
$event['Event']['disable_correlation'] ? 'color:white;' : '',
|
||||
$event['Event']['disable_correlation'] ? __('enable') : __('disable')
|
||||
)
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
<div class="row-fluid">
|
||||
<div class="span8">
|
||||
<h2><?php echo ($extended ? '[' . __('Extended view') . '] ' : '') . nl2br($title); ?></h2>
|
||||
<dl>
|
||||
<dt><?php echo __('Event ID');?></dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['id']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Uuid');?></dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['uuid']); ?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
if (Configure::read('MISP.showorgalternate') && (Configure::read('MISP.showorg') || $isAdmin)): ?>
|
||||
<dt><?php echo __('Source Organisation');?></dt>
|
||||
<dd>
|
||||
<a href="/organisations/view/<?php echo h($event['Orgc']['id']); ?>"><?php echo h($event['Orgc']['name']); ?></a>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Member Organisation');?></dt>
|
||||
<dd>
|
||||
<a href="/organisations/view/<?php echo h($event['Org']['id']); ?>"><?php echo h($event['Org']['name']); ?></a>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
else:
|
||||
if (Configure::read('MISP.showorg') || $isAdmin): ?>
|
||||
<dt>Org</dt>
|
||||
<dd>
|
||||
<a href="/organisations/view/<?php echo h($event['Orgc']['id']); ?>"><?php echo h($event['Orgc']['name']); ?></a>
|
||||
|
||||
</dd>
|
||||
<?php endif; ?>
|
||||
<?php if ($isSiteAdmin): ?>
|
||||
<dt><?php echo __('Owner org');?></dt>
|
||||
<dd>
|
||||
<a href="/organisations/view/<?php echo h($event['Org']['id']); ?>"><?php echo h($event['Org']['name']); ?></a>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
endif;
|
||||
endif;
|
||||
|
||||
?>
|
||||
<dt><?php echo __('Contributors');?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
foreach ($contributors as $k => $entry) {
|
||||
if (Configure::read('MISP.showorg') || $isAdmin) {
|
||||
?>
|
||||
<a href="<?php echo $baseurl."/logs/event_index/".$event['Event']['id'].'/'.h($entry);?>" style="margin-right:2px;text-decoration: none;">
|
||||
<?php
|
||||
echo $this->element('img', array('id' => $entry, 'imgSize' => 24, 'imgStyle' => true));
|
||||
?>
|
||||
</a>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
if (isset($event['User']['email']) && ($isSiteAdmin || ($isAdmin && $me['org_id'] == $event['Event']['org_id']))):
|
||||
?>
|
||||
<dt><?php echo __('Email');?></dt>
|
||||
<dd>
|
||||
<?php echo h($event['User']['email']); ?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
endif;
|
||||
if (Configure::read('MISP.tagging')): ?>
|
||||
<dt><?php echo __('Tags');?></dt>
|
||||
<dd class="eventTagContainer">
|
||||
<?php echo $this->element('ajaxTags', array('event' => $event, 'tags' => $event['EventTag'], 'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['orgc_id']) )); ?>
|
||||
</dd>
|
||||
<?php endif; ?>
|
||||
<dt><?php echo __('Date');?></dt>
|
||||
<dd>
|
||||
<?php echo h($event['Event']['date']); ?>
|
||||
|
||||
</dd>
|
||||
<dt title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>"><?php echo __('Threat Level');?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
if ($event['ThreatLevel']['name']) echo h($event['ThreatLevel']['name']);
|
||||
else echo h($event['Event']['threat_level_id']);
|
||||
?>
|
||||
|
||||
</dd>
|
||||
<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>"><?php echo __('Analysis');?></dt>
|
||||
<dd>
|
||||
<?php echo h($analysisLevels[$event['Event']['analysis']]); ?>
|
||||
</dd>
|
||||
<dt><?php echo __('Distribution');?></dt>
|
||||
<dd <?php if ($event['Event']['distribution'] == 0) echo 'class = "privateRedText"';?> title = "<?php echo h($distributionDescriptions[$event['Event']['distribution']]['formdesc'])?>">
|
||||
<?php
|
||||
if ($event['Event']['distribution'] == 4):
|
||||
?>
|
||||
<a href="/sharing_groups/view/<?php echo h($event['SharingGroup']['id']); ?>"><?php echo h($event['SharingGroup']['name']); ?></a>
|
||||
<?php
|
||||
else:
|
||||
echo h($distributionLevels[$event['Event']['distribution']]);
|
||||
endif;
|
||||
?>
|
||||
<span class="useCursorPointer fa fa-info-circle distribution_graph" data-object-id="<?php echo h($event['Event']['id']); ?>" data-object-context="event" data-shown="false"></span>
|
||||
<div style="display: none">
|
||||
<?php echo $this->element('view_event_distribution_graph'); ?>
|
||||
</div>
|
||||
</dd>
|
||||
<dt><?php echo __('Info');?></dt>
|
||||
<dd style="word-wrap: break-word;">
|
||||
<?php echo nl2br(h($event['Event']['info'])); ?>
|
||||
|
||||
</dd>
|
||||
<dt class="hidden"></dt><dd class="hidden"></dd>
|
||||
<dt class="background-red bold not-published <?php echo ($event['Event']['published'] == 0) ? '' : 'hidden'; ?>"><?php echo __('Published');?></dt>
|
||||
<dd class="background-red bold not-published <?php echo ($event['Event']['published'] == 0) ? '' : 'hidden'; ?>"><?php echo __('No');?></dd>
|
||||
<?php
|
||||
$publish_status_class = ($event['Event']['published'] == 0) ? 'hidden' : '';
|
||||
echo sprintf(
|
||||
'<dt class="bold published %s">%s</dt><dd class="published %s"><span class="green bold">%s</span> (%s)</dd>',
|
||||
$publish_status_class,
|
||||
__('Published'),
|
||||
$publish_status_class,
|
||||
__('Yes'),
|
||||
(empty($event['Event']['publish_timestamp'])) ? 'N/A' : date('Y-m-d H:i:s', ($event['Event']['publish_timestamp']))
|
||||
);
|
||||
?>
|
||||
<dt><?php echo __('#Attributes');?></dt>
|
||||
<dd><?php echo h($attribute_count);?></dd>
|
||||
<dt><?php echo __('Last change');?></dt>
|
||||
<dd>
|
||||
<?php echo date('Y-m-d H:i:s', $event['Event']['timestamp']);; ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Extends');?></dt>
|
||||
<dd style="word-wrap: break-word;">
|
||||
<?php
|
||||
if (!empty($extendedEvent) && is_array($extendedEvent)) {
|
||||
echo sprintf('<span>%s (<a href="%s">%s</a>): %s</span>', __('Event'), $baseurl . '/events/view/' . h($extendedEvent[0]['Event']['id']), h($extendedEvent[0]['Event']['id']), h($extendedEvent[0]['Event']['info']));
|
||||
echo ' <a href="' . $baseurl . '/events/view/' . $extendedEvent[0]['Event']['id'] . '/extended:1"><span class="icon-search"></span></a>';
|
||||
} else {
|
||||
echo h($event['Event']['extends_uuid']);
|
||||
}
|
||||
?>
|
||||
</dd>
|
||||
<dt><?php echo __('Extended by');?></dt>
|
||||
<dd style="word-wrap: break-word;">
|
||||
<?php
|
||||
foreach ($extensions as $extension) {
|
||||
echo sprintf('<span>%s (<a href="%s">%s</a>): %s</span>', __('Event'), $baseurl . '/events/view/' . h($extension['Event']['id']), h($extension['Event']['id']), h($extension['Event']['info'])) . '<br />';
|
||||
}
|
||||
if (!empty($extensions)) {
|
||||
echo __('Currently in ' . ($extended ? 'extended' : 'atomic') . ' view.') . ' <a href="' . $baseurl . '/events/view/' . $event['Event']['id'] . ($extended ? '' : '/extended:1') . '"><span class="icon-refresh"></span></a>';
|
||||
}
|
||||
?>
|
||||
</dd>
|
||||
<dt><?php echo __('Sightings');?></dt>
|
||||
<dd style="word-wrap: break-word;">
|
||||
<span id="eventSightingCount" class="bold sightingsCounter" data-toggle="popover" data-trigger="hover" data-content="<?php echo $sightingPopover; ?>"><?php echo count($event['Sighting']); ?></span>
|
||||
(<span id="eventOwnSightingCount" class="green bold sightingsCounter" data-toggle="popover" data-trigger="hover" data-content="<?php echo $sightingPopover; ?>"><?php echo isset($ownSightings) ? count($ownSightings) : 0; ?></span>)
|
||||
<?php if (!Configure::read('Plugin.Sightings_policy')) echo __('- restricted to own organisation only.'); ?>
|
||||
<span class="icon-wrench useCursorPointer sightings_advanced_add" title="<?php echo __('Advanced Sightings');?>" role="button" tabindex="0" aria-label="<?php echo __('Advanced sightings');?>" data-object-id="<?php echo h($event['Event']['id']); ?>" data-object-context="event"> </span>
|
||||
</dd>
|
||||
<dt><?php echo __('Activity');?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
if (!empty($sightingsData['csv']['event'])) {
|
||||
echo $this->element('sparkline', array('scope' => 'event', 'id' => $event['Event']['id'], 'csv' => $sightingsData['csv']['event']));
|
||||
} else {
|
||||
echo ' ';
|
||||
}
|
||||
?>
|
||||
</dd>
|
||||
<?php
|
||||
if (!empty($delegationRequest)):
|
||||
if ($isSiteAdmin || $me['org_id'] == $delegationRequest['EventDelegation']['org_id']) {
|
||||
// /!\ This is not ideal for i18n not every language has a plural
|
||||
$target = $isSiteAdmin ? $delegationRequest['Org']['name'] : __('you');
|
||||
$subject = $delegationRequest['RequesterOrg']['name'] . __(' has');
|
||||
} else {
|
||||
$target = $delegationRequest['Org']['name'];
|
||||
$subject = __('You have');
|
||||
}
|
||||
?>
|
||||
<dt class="background-red bold"><?php echo __('Delegation request');?></dt>
|
||||
<dd class="background-red bold"><?php echo __('%s requested that %s take over this event.', h($subject), h($target));?> (<a href="#" style="color:white;" onClick="genericPopup('<?php echo $baseurl;?>/eventDelegations/view/<?php echo h($delegationRequest['EventDelegation']['id']);?>', '#confirmation_box');"><?php echo __('View request details');?></a>)</dd>
|
||||
<?php endif;?>
|
||||
<?php
|
||||
if (!Configure::read('MISP.completely_disable_correlation') && Configure::read('MISP.allow_disabling_correlation')):
|
||||
?>
|
||||
<dt <?php echo $event['Event']['disable_correlation'] ? 'class="background-red bold"' : '';?>><?php echo __('Correlation');?></dt>
|
||||
<dd <?php echo $event['Event']['disable_correlation'] ? 'class="background-red bold"' : '';?>>
|
||||
<?php
|
||||
if ($mayModify || $isSiteAdmin):
|
||||
if ($event['Event']['disable_correlation']):
|
||||
?>
|
||||
<?php echo __('Disabled');?> (<a onClick="getPopup('<?php echo h($event['Event']['id']); ?>', 'events', 'toggleCorrelation', '', '#confirmation_box');" style="color:white;cursor:pointer;font-weight:normal;"><?php echo __('enable');?></a>)
|
||||
<?php
|
||||
else:
|
||||
?>
|
||||
<?php echo __('Enabled');?> (<a onClick="getPopup('<?php echo h($event['Event']['id']); ?>', 'events', 'toggleCorrelation', '', '#confirmation_box');" style="cursor:pointer;font-weight:normal;"><?php echo __('disable');?></a>)
|
||||
<?php
|
||||
endif;
|
||||
else:
|
||||
if ($event['Event']['disable_correlation']):
|
||||
echo __('Disabled');
|
||||
else:
|
||||
echo __('Enabled');
|
||||
endif;
|
||||
endif;
|
||||
?>
|
||||
</dd>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
</dl>
|
||||
<?php echo $this->element('genericElements/viewMetaTable', array('table_data' => $table_data)); ?>
|
||||
</div>
|
||||
<div class="related span4">
|
||||
<?php
|
||||
|
|
|
@ -2,38 +2,43 @@
|
|||
App::uses('AppHelper', 'View/Helper');
|
||||
|
||||
// Helper to retrieve org images with the given parameters
|
||||
class OrgImgHelper extends AppHelper {
|
||||
public function getOrgImg($options) {
|
||||
$imgPath = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS;
|
||||
$imgOptions = array();
|
||||
$possibleFields = array('id', 'name');
|
||||
$size = !empty($options['size']) ? $options['size'] : 48;
|
||||
foreach ($possibleFields as $field) {
|
||||
if (isset($options[$field]) && file_exists($imgPath . $options[$field] . '.png')) {
|
||||
$imgOptions[$field] = $options[$field] . '.png';
|
||||
break;
|
||||
class OrgImgHelper extends AppHelper {
|
||||
public function getOrgImg($options, $returnData = false) {
|
||||
$imgPath = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS;
|
||||
$imgOptions = array();
|
||||
$possibleFields = array('id', 'name');
|
||||
$size = !empty($options['size']) ? $options['size'] : 48;
|
||||
foreach ($possibleFields as $field) {
|
||||
if (isset($options[$field]) && file_exists($imgPath . $options[$field] . '.png')) {
|
||||
$imgOptions[$field] = $options[$field] . '.png';
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (!empty($imgOptions)) {
|
||||
foreach ($imgOptions as $field => $imgOption) {
|
||||
$result = sprintf(
|
||||
'<a href="/organisations/view/%s"><img src="/img/orgs/%s" title = "%s" style = "width: %spx; height: %spx;"/>
|
||||
</a>',
|
||||
(empty($options['id']) ? h($options['name']) : h($options['id'])),
|
||||
$imgOption,
|
||||
isset($options['name']) ? h($options['name']) : h($options['id']),
|
||||
h($size),
|
||||
h($size)
|
||||
);
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
$result = sprintf(
|
||||
'<a href="/organisations/view/%s"><span class="welcome" style="float:left">%s</span></a>',
|
||||
(empty($options['id']) ? h($options['name']) : h($options['id'])),
|
||||
h($options['name'])
|
||||
);
|
||||
}
|
||||
if ($returnData) {
|
||||
return $result;
|
||||
} else {
|
||||
echo $result;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!empty($imgOptions)) {
|
||||
foreach ($imgOptions as $field => $imgOption) {
|
||||
?>
|
||||
<a href="/organisations/view/<?php echo empty($options['id']) ? h($options['name']) : h($options['id']); ?>">
|
||||
<img
|
||||
src="/img/orgs/<?php echo $imgOption; ?>"
|
||||
title = "<?php echo isset($imgOptions['name']) ? h($imgOptions['name']) : h($imgOptions['id']); ?>"
|
||||
style = "<?php echo 'width:' . h($size) . 'px; height:' . h($size) . 'px'; ?>"
|
||||
/>
|
||||
</a>
|
||||
<?php
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
?>
|
||||
<a href="/organisations/view/<?php echo empty($options['id']) ? h($options['name']) : h($options['id']); ?>">
|
||||
<span class="welcome" style="float:left"><?php echo h($options['name']); ?></span>
|
||||
</a>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
|
@ -1,47 +1,43 @@
|
|||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'objectTemplates', 'menuItem' => 'view'));
|
||||
$table_data = array();
|
||||
$table_data[] = array('key' => __('Id'), 'value' => $template['ObjectTemplate']['id']);
|
||||
$table_data[] = array('key' => __('Name'), 'value' => $template['ObjectTemplate']['name'] ? $template['ObjectTemplate']['name'] : $template['ObjectTemplate']['type']);
|
||||
$table_data[] = array('key' => __('Organisation'), 'value' => $template['Organisation']['name']);
|
||||
$table_data[] = array('key' => __('UUID'), 'value' => $template['ObjectTemplate']['uuid']);
|
||||
$table_data[] = array('key' => __('Version'), 'value' => $template['ObjectTemplate']['version']);
|
||||
$table_data[] = array('key' => __('Meta-category'), 'value' => $template['ObjectTemplate']['meta-category']);
|
||||
$table_data[] = array('key' => __('Description'), 'value' => $template['ObjectTemplate']['description']);
|
||||
if (!empty($template['ObjectTemplate']['requirements'])) {
|
||||
$requirements_contents = array();
|
||||
foreach ($template['ObjectTemplate']['requirements'] as $group => $requirements) {
|
||||
$requirements_contents[] = sprintf(
|
||||
'<span class="bold">%s</span>',
|
||||
h($group)
|
||||
);
|
||||
foreach ($requirements as $requirement) {
|
||||
sprintf(
|
||||
$requirements_contents[] = sprintf(
|
||||
'<span> %s</span>',
|
||||
h($requirement)
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
$table_data[] = array('key' => __('Requirements'), 'html' => implode('<br />', $requirements_contents));
|
||||
}
|
||||
echo sprintf(
|
||||
'<div class="roles view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s</div>%s',
|
||||
sprintf(
|
||||
'<h2>%s %s</h2>%s',
|
||||
h(ucfirst($template['ObjectTemplate']['name'])),
|
||||
__(' Object Template'),
|
||||
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
|
||||
),
|
||||
'<div id="ajaxContent" style="width:100%;"></div>',
|
||||
$this->element('side_menu', array('menuList' => 'objectTemplates', 'menuItem' => 'view'))
|
||||
);
|
||||
|
||||
?>
|
||||
<div class="object_template view">
|
||||
<div class="row-fluid">
|
||||
<div class="span8">
|
||||
<h2><?php echo h(ucfirst($template['ObjectTemplate']['name'])); ?><?php echo __(' Object Template');?></h2>
|
||||
<dl>
|
||||
<dt><?php echo __('Object Template ID');?></dt>
|
||||
<dd><?php echo h($template['ObjectTemplate']['id']); ?></dd>
|
||||
<dt><?php echo __('Name');?></dt>
|
||||
<dd><?php echo $template['ObjectTemplate']['name'] ? h($template['ObjectTemplate']['name']) : h($template['ObjectTemplate']['type']); ?></dd>
|
||||
<dt><?php echo __('Organisation');?></dt>
|
||||
<dd><?php echo h($template['Organisation']['name']); ?></dd>
|
||||
<dt><?php echo __('Uuid');?></dt>
|
||||
<dd><?php echo h($template['ObjectTemplate']['uuid']); ?></dd>
|
||||
<dt><?php echo __('Version');?></dt>
|
||||
<dd><?php echo h($template['ObjectTemplate']['version']); ?></dd>
|
||||
<dt><?php echo __('Meta-category');?></dt>
|
||||
<dd><?php echo h($template['ObjectTemplate']['meta-category']); ?></dd>
|
||||
<dt><?php echo __('Description');?></dt>
|
||||
<dd><?php echo h($template['ObjectTemplate']['description']); ?></dd>
|
||||
<dt><?php echo __('Requirements');?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
if (!empty($template['ObjectTemplate']['requirements'])):
|
||||
foreach ($template['ObjectTemplate']['requirements'] as $group => $requirements):
|
||||
?>
|
||||
<span class="bold"><?php echo h($group); ?></span><br />
|
||||
<?php
|
||||
foreach ($requirements as $requirement):
|
||||
?>
|
||||
<span> <?php echo h($requirement); ?></span><br />
|
||||
<?php
|
||||
endforeach;
|
||||
endforeach;
|
||||
endif;
|
||||
?>
|
||||
</dd>
|
||||
</dl>
|
||||
</div>
|
||||
</div>
|
||||
<div id="ajaxContent" style="width:100%;"></div>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
<?php
|
||||
$startingTab = 'all';
|
||||
|
|
|
@ -1,93 +1,58 @@
|
|||
<div class="organisations view">
|
||||
<div class="row-fluid">
|
||||
<div class="span10"><h2><?php echo __('Organisation ') . h($org['Organisation']['name']);?></h2></div>
|
||||
<div class="span2"><div style="float:right;"><?php echo $this->OrgImg->getOrgImg(array('name' => $org['Organisation']['name'], 'id' => $org['Organisation']['id'], 'size' => 48)); ?></div></div>
|
||||
<div class="row-fluid">
|
||||
<?php
|
||||
$table_data = array();
|
||||
$table_data[] = array('key' => __('Id'), 'value' => $org['Organisation']['id']);
|
||||
$table_data[] = array('key' => __('Organisation name'), 'value' => $org['Organisation']['name']);
|
||||
$table_data[] = array(
|
||||
'key' => __('Local or remote'),
|
||||
'html' => sprintf(
|
||||
'<dd><span class="%s bold">%s</span></dd>',
|
||||
$org['Organisation']['local'] ? 'green' : 'red',
|
||||
$org['Organisation']['local'] ? __('Local') : __('Remote')
|
||||
)
|
||||
);
|
||||
$table_data[] = array('key' => __('Description'), 'value' => $org['Organisation']['description']);
|
||||
if (!empty($org['Organisation']['restricted_to_domain'])) {
|
||||
$domains = $org['Organisation']['restricted_to_domain'];
|
||||
foreach ($domains as $k => $domain) {
|
||||
$domains[$k] = h($domain);
|
||||
}
|
||||
$domains = implode("<br />", $domains);
|
||||
$table_data[] = array('key' => __('Domain restrictions'), 'value' => $domains);
|
||||
}
|
||||
$table_data[] = array('key' => __('UUID'), 'value' => !empty(trim($org['Organisation']['uuid'])) ? $org['Organisation']['uuid'] : '');
|
||||
if ($isSiteAdmin) {
|
||||
$table_data[] = array('key' => __('Created by'), 'value' => isset($org['Organisation']['created_by_email']) ? $org['Organisation']['created_by_email'] : __("Unknown"));
|
||||
$table_data[] = array('key' => __('Creation time'), 'value' => $org['Organisation']['date_created']);
|
||||
$table_data[] = array('key' => __('Last modified'), 'value' => $org['Organisation']['date_modified']);
|
||||
}
|
||||
foreach (array('sector' => 'Sector', 'nationality' => 'Nationality', 'type' => 'Organisation type', 'contacts' => 'Contact information') as $k => $field) {
|
||||
if (!empty(trim($org['Organisation'][$k]))) {
|
||||
$table_data[] = array('key' => $field, 'value' => trim(h($org['Organisation'][$k])));
|
||||
}
|
||||
}
|
||||
echo sprintf(
|
||||
'<div class="span8" style="margin:0px;">%s</div><div class="span4" style="horizontal-align:right;">%s</div>',
|
||||
sprintf(
|
||||
'<h2>%s</h2>%s',
|
||||
__('Organisation ') . h($org['Organisation']['name']),
|
||||
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
|
||||
),
|
||||
sprintf(
|
||||
'<div style="float:right;">%s</div>',
|
||||
$this->OrgImg->getOrgImg(
|
||||
array(
|
||||
'name' => $org['Organisation']['name'],
|
||||
'id' => $org['Organisation']['id'],
|
||||
'size' => 48
|
||||
),
|
||||
true
|
||||
)
|
||||
)
|
||||
);
|
||||
?>
|
||||
</div>
|
||||
<dl style="width:600px;">
|
||||
<dt><?php echo __('Id'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($org['Organisation']['id']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo 'Organisation name'; ?></dt>
|
||||
<dd>
|
||||
<?php echo h($org['Organisation']['name']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Local or remote'); ?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
if ($org['Organisation']['local']):
|
||||
?>
|
||||
<span class="green bold"><?php echo __('Local');?></span>
|
||||
<?php
|
||||
else:
|
||||
?>
|
||||
<span class="red bold"><?php echo __('Remote');?></span>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Description'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($org['Organisation']['description']); ?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
if (!empty($org['Organisation']['restricted_to_domain'])):
|
||||
?>
|
||||
<dt><?php echo __('E-mail domain restrictions'); ?></dt>
|
||||
<dd style="min-height:40px;">
|
||||
<?php
|
||||
$domains = $org['Organisation']['restricted_to_domain'];
|
||||
foreach ($domains as $k => $domain):
|
||||
$domains[$k] = h($domain);
|
||||
endforeach;
|
||||
$domains = implode("<br />", $domains);
|
||||
echo $domains;
|
||||
?>
|
||||
</dd>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
<dt><?php echo __('Uuid'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($org['Organisation']['uuid']); ?>
|
||||
|
||||
</dd>
|
||||
<?php if ($isSiteAdmin): ?>
|
||||
<dt><?php echo __('Created by'); ?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
if (isset($org['Organisation']['created_by_email'])) {
|
||||
echo h($org['Organisation']['created_by_email']);
|
||||
} else {
|
||||
echo __("Unknown");
|
||||
}
|
||||
?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Creation time'); ?></dt>
|
||||
<dd><?php echo h($org['Organisation']['date_created']); ?></dd>
|
||||
<dt><?php echo __('Last modified'); ?></dt>
|
||||
<dd><?php echo h($org['Organisation']['date_modified']); ?></dd>
|
||||
<?php endif;?>
|
||||
<?php
|
||||
$optionalFields = array('sector' => 'Sector', 'nationality' => 'Nationality', 'type' => 'Organisation type', 'contacts' => 'Contact information');
|
||||
foreach ($optionalFields as $k => $field):
|
||||
if (!empty($org['Organisation'][$k])):
|
||||
?>
|
||||
<dt><?php echo $field; ?></dt>
|
||||
<dd>
|
||||
<?php echo h($org['Organisation'][$k]); ?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
endif;
|
||||
endforeach;
|
||||
?>
|
||||
</dl>
|
||||
<br />
|
||||
<?php if ($local): ?>
|
||||
<button id="button_description" class="btn btn-inverse toggle-left qet orgViewButton" onClick="organisationViewContent('description', '<?php echo $id;?>');"><?php echo __('Description');?></button>
|
||||
|
|
|
@ -1,44 +1,29 @@
|
|||
<div class="roles view">
|
||||
<h2><?php echo __('Role');?></h2>
|
||||
<dl>
|
||||
<dt><?php echo __('Id'); ?></dt>
|
||||
<dd>
|
||||
<?php echo $role['Role']['id']; ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Name'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($role['Role']['name']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Permission level'); ?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
echo h($premissionLevelName[$role['Role']['permission']]);
|
||||
?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
foreach ($role['Role'] as $k => $item):
|
||||
if (substr($k, 0, 5) === 'perm_' && !in_array($k, array('perm_add', 'perm_modify', 'perm_modify_org', 'perm_publish', 'perm_full'))):
|
||||
$nameParts = explode('_', $k);
|
||||
unset($nameParts[0]);
|
||||
foreach ($nameParts as &$p) $p = ucfirst($p);
|
||||
$name = implode(' ', $nameParts);
|
||||
?>
|
||||
<dt><?php echo $name; ?></dt>
|
||||
<dd class="<?php echo $role['Role'][$k] ? 'green' : 'red';?>">
|
||||
<?php echo $role['Role'][$k] ? 'Yes' : 'No'; ?>
|
||||
|
||||
</dd>
|
||||
<?php
|
||||
endif;
|
||||
|
||||
endforeach;
|
||||
|
||||
?>
|
||||
</dl>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'globalActions', 'menuItem' => 'roles'));
|
||||
$table_data = array();
|
||||
$table_data[] = array('key' => __('Id'), 'value' => $role['Role']['id']);
|
||||
$table_data[] = array('key' => __('Name'), 'value' => $role['Role']['name']);
|
||||
$table_data[] = array('key' => __('Permission level'), 'value' => $premissionLevelName[$role['Role']['permission']]);
|
||||
foreach ($role['Role'] as $k => $item) {
|
||||
if (substr($k, 0, 5) === 'perm_' && !in_array($k, array('perm_add', 'perm_modify', 'perm_modify_org', 'perm_publish', 'perm_full'))) {
|
||||
$name = substr($k, 5);
|
||||
if (in_array($name, array('add', 'modify', 'modify_org', 'publish', 'full'))) {
|
||||
continue;
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => Inflector::humanize(h($name)),
|
||||
'value_class' => $role['Role'][$k] ? 'green' : 'red',
|
||||
'value' => $role['Role'][$k] ? 'Granted' : 'Denied'
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
echo sprintf(
|
||||
'<div class="roles view row-fluid"><div class="span8" style="margin:0px;">%s</div></div>%s',
|
||||
sprintf(
|
||||
'<h2>%s</h2>%s',
|
||||
__('Role'),
|
||||
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
|
||||
),
|
||||
$this->element('side_menu', array('menuList' => 'globalActions', 'menuItem' => 'roles'))
|
||||
);
|
||||
?>
|
||||
|
|
|
@ -2,139 +2,109 @@
|
|||
$buttonAddStatus = $isAclAdd ? 'button_on':'button_off';
|
||||
$mayModify = ($isSiteAdmin || ($isAdmin && ($user['User']['org_id'] == $me['org_id'])));
|
||||
$buttonModifyStatus = $mayModify ? 'button_on':'button_off';
|
||||
?>
|
||||
<div class="users view">
|
||||
<h2><?php echo __('User');?></h2>
|
||||
<dl style="width:800px;">
|
||||
<dt><?php echo __('Id'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($user['User']['id']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Org'); ?></dt>
|
||||
<dd>
|
||||
<a href="<?php echo $baseurl?>/organisations/view/<?php echo h($user['Organisation']['id']); ?>"><?php echo h($user['Organisation']['name']); ?></a>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Role'); ?></dt>
|
||||
<dd>
|
||||
<?php echo $this->Html->link($user['Role']['name'], array('controller' => 'roles', 'action' => 'view', $user['Role']['id'])); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Email'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($user['User']['email']); ?> <a class="icon-envelope" href="<?php echo $baseurl; ?>/admin/users/quickEmail/<?php echo h($user['User']['id']); ?>"></a>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Autoalert'); ?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
echo (h($user['User']['autoalert']) == 0)? __('No') : __('Yes'); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Contactalert'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h(0 == ($user['User']['contactalert'])) ? __('No') : __('Yes'); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Authkey'); ?></dt>
|
||||
<dd>
|
||||
<span class="quickSelect"><?php echo h($user['User']['authkey']); ?></span>
|
||||
(<?php echo $this->Html->link('reset', array('controller' => 'users', 'action' => 'resetauthkey', $user['User']['id']));?>)
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Invited By'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($user2['User']['email']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Org admin');?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
|
||||
foreach ($user['User']['orgAdmins'] as $orgAdminId => $orgAdminEmail):
|
||||
?>
|
||||
<a href="<?php echo $baseurl; ?>/admin/users/view/<?php echo h($orgAdminId); ?>"><?php echo h($orgAdminEmail); ?></a>
|
||||
<a class="icon-envelope" href="<?php echo $baseurl; ?>/admin/users/quickEmail/<?php echo h($orgAdminId); ?>"></a>
|
||||
<?php
|
||||
if ($orgAdminEmail !== end($user['User']['orgAdmins'])) {
|
||||
echo '<br />';
|
||||
}
|
||||
endforeach;
|
||||
?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('GnuPG key'); ?></dt>
|
||||
<dd class="quickSelect <?php echo $user['User']['gpgkey'] ? 'green' : 'bold red'; ?>">
|
||||
<?php echo $user['User']['gpgkey'] ? nl2br(h($user['User']['gpgkey'])) : "N/A"; ?>
|
||||
</dd>
|
||||
<?php
|
||||
if (!empty($user['User']['gpgkey'])):
|
||||
?>
|
||||
<dt><?php echo __('GnuPG fingerprint');?></dt>
|
||||
<dd class="quickSelect bold <?php echo $user['User']['fingerprint'] ? 'green': 'red'; ?>">
|
||||
<?php
|
||||
echo $user['User']['fingerprint'] ? chunk_split(h($user['User']['fingerprint']), 4, ' ') : 'N/A';
|
||||
?>
|
||||
</dd>
|
||||
<dt><?php echo __('GnuPG status');?></dt>
|
||||
<dd class="bold <?php echo (empty($user['User']['pgp_status']) || $user['User']['pgp_status'] != __('OK')) ? 'red': 'green'; ?>">
|
||||
<?php
|
||||
echo !empty($user['User']['pgp_status']) ? h($user['User']['pgp_status']) : __('N/A');
|
||||
?>
|
||||
</dd>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
<?php if (Configure::read('SMIME.enabled')): ?>
|
||||
<dt><?php echo __('SMIME Public certificate'); ?></dt>
|
||||
<dd class="quickSelect red">
|
||||
<?php echo (h($user['User']['certif_public'])) ? $this->Utility->space2nbsp(nl2br(h($user['User']['certif_public']))) : __("N/A"); ?>
|
||||
</dd>
|
||||
<?php endif; ?>
|
||||
<dt><?php echo __('Nids Sid'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($user['User']['nids_sid']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Termsaccepted'); ?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
if (h($user['User']['termsaccepted']) == 1) {
|
||||
echo __("Yes");
|
||||
} else {
|
||||
echo __("No");
|
||||
}?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Password change'); ?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
if (h($user['User']['change_pw']) == 1) {
|
||||
echo __("Yes");
|
||||
} else {
|
||||
echo __("No");
|
||||
}?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Newsread'); ?></dt>
|
||||
<dd>
|
||||
<?php echo $user['User']['newsread'] ? date('Y/m/d H:i:s', h($user['User']['newsread'])) : __('N/A'); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Disabled'); ?></dt>
|
||||
<dd <?php if ($user['User']['disabled']) echo 'class="visibleDL notPublished"';?>>
|
||||
<?php echo $user['User']['disabled'] ? __('Yes') : __('No'); ?>
|
||||
|
||||
</dd>
|
||||
</dl>
|
||||
<br />
|
||||
<a href="<?php echo $baseurl . '/admin/users/view/' . h($user['User']['id']) . '.json'; ?>" class="btn btn-inverse" download>Download user profile for data portability</a>
|
||||
<br />
|
||||
<div id="userEvents"></div>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'viewUser'));
|
||||
$table_data = array();
|
||||
$table_data[] = array('key' => __('Id'), 'value' => $user['User']['id']);
|
||||
$table_data[] = array(
|
||||
'key' => __('Email'),
|
||||
'html' => sprintf(
|
||||
'%s <a class="icon-envelope" href="%s/admin/users/quickEmail/%s"></a>',
|
||||
h($user['User']['email']),
|
||||
$baseurl,
|
||||
h($user['User']['id'])
|
||||
)
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Organisation'),
|
||||
'html' => sprintf(
|
||||
'<a href="%s/organisations/view/%s">%s</a>',
|
||||
$baseurl,
|
||||
h($user['Organisation']['id']),
|
||||
h($user['Organisation']['name'])
|
||||
)
|
||||
);
|
||||
$table_data[] = array('key' => __('Role'), 'html' => $this->Html->link($user['Role']['name'], array('controller' => 'roles', 'action' => 'view', $user['Role']['id'])));
|
||||
$table_data[] = array('key' => __('Autoalert'), 'boolean' => $user['User']['autoalert']);
|
||||
$table_data[] = array('key' => __('Contactalert'), 'boolean' => $user['User']['contactalert']);
|
||||
$authkey_data = sprintf(
|
||||
'<a onclick="requestAPIAccess();" style="cursor:pointer;"></a>',
|
||||
__('Request API access')
|
||||
);
|
||||
$authkey_data = sprintf(
|
||||
'<span class="quickSelect">%s</span>%s',
|
||||
h($user['User']['authkey']),
|
||||
sprintf(
|
||||
' (%s)',
|
||||
$this->Html->link('reset', array('controller' => 'users', 'action' => 'resetauthkey', $user['User']['id']))
|
||||
)
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('Authkey'),
|
||||
'html' => $authkey_data
|
||||
);
|
||||
$table_data[] = array('key' => __('Invited By'), 'value' => $user2['User']['email']);
|
||||
$org_admin_data = array();
|
||||
foreach ($user['User']['orgAdmins'] as $orgAdminId => $orgAdminEmail) {
|
||||
$org_admin_data[] = sprintf(
|
||||
'<a href="%s/admin/users/view/%s">%s</a><a class="icon-envelope" href="%s/admin/users/quickEmail/%s"></a><br />',
|
||||
$baseurl,
|
||||
h($orgAdminId),
|
||||
h($orgAdminEmail),
|
||||
$baseurl,
|
||||
h($orgAdminId)
|
||||
);
|
||||
}
|
||||
$table_data[] = array('key' => __('Org_admin'), 'html' => implode('<br />', $org_admin_data));
|
||||
$table_data[] = array('key' => __('NIDS Start SID'), 'value' => $user['User']['nids_sid']);
|
||||
$table_data[] = array('key' => __('Terms accepted'), 'boolean' => $user['User']['termsaccepted']);
|
||||
$table_data[] = array('key' => __('Password change'), 'boolean' => $user['User']['change_pw']);
|
||||
$table_data[] = array(
|
||||
'key' => __('GnuPG key'),
|
||||
'class_value' => "quickSelect " . $user['User']['gpgkey'] ? 'green' : 'bold red',
|
||||
'html' => $user['User']['gpgkey'] ? nl2br(h($user['User']['gpgkey'])) : __("N/A")
|
||||
);
|
||||
if (!empty($user['User']['gpgkey'])) {
|
||||
$table_data[] = array(
|
||||
'key' => __('GnuPG fingerprint'),
|
||||
'class_value' => "quickSelect bold " . $user['User']['gpgkey'] ? 'green' : 'bold red',
|
||||
'html' => $user['User']['fingerprint'] ? chunk_split(h($user['User']['fingerprint']), 4, ' ') : 'N/A'
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('GnuPG status'),
|
||||
'class_value' => "bold" . (empty($user['User']['pgp_status']) || $user['User']['pgp_status'] != 'OK') ? 'red': 'green',
|
||||
'html' => !empty($user['User']['pgp_status']) ? h($user['User']['pgp_status']) : 'N/A'
|
||||
);
|
||||
}
|
||||
if (Configure::read('SMIME.enabled')) {
|
||||
$table_data[] = array(
|
||||
'key' => __('SMIME Public certificate'),
|
||||
'class_value' => "red quickSelect",
|
||||
'html' => (h($user['User']['certif_public'])) ? $this->Utility->space2nbsp(nl2br(h($user['User']['certif_public']))) : "N/A"
|
||||
);
|
||||
}
|
||||
$table_data[] = array('key' => __('Newsread'), 'html' => $user['User']['newsread'] ? date('Y/m/d H:i:s', h($user['User']['newsread'])) : __('N/A'));
|
||||
$table_data[] = array(
|
||||
'key' => __('Disabled'),
|
||||
'class' => empty($user['User']['disabled']) ? '' : 'background-red',
|
||||
'boolean' => $user['User']['disabled']
|
||||
);
|
||||
echo sprintf(
|
||||
'<div class="users view row-fluid"><div class="span8" style="margin:0px;">%s%s</div>%s</div>%s',
|
||||
sprintf(
|
||||
'<h2>%s</h2>%s',
|
||||
__('User'),
|
||||
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
|
||||
),
|
||||
sprintf(
|
||||
'<br /><a href="%s" class="btn btn-inverse" download>Download user profile for data portability</a>',
|
||||
sprintf(
|
||||
'%s/users/view/%s.json',
|
||||
$baseurl,
|
||||
h($user['User']['id'])
|
||||
)
|
||||
),
|
||||
'<div id="userEvents"></div>',
|
||||
$this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'viewUser'))
|
||||
);
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
$(document).ready(function () {
|
||||
|
|
|
@ -1,94 +1,67 @@
|
|||
<div class="users view">
|
||||
<h2><?php echo __('User');?></h2>
|
||||
<dl style="width:700px;">
|
||||
<dt><?php echo __('Id'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($user['User']['id']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Email'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($user['User']['email']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Org'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($user['Organisation']['name']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Role'); ?></dt>
|
||||
<dd>
|
||||
<?php echo $this->Html->link($user['Role']['name'], array('controller' => 'roles', 'action' => 'view', $user['Role']['id'])); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Autoalert'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h(0 == ($user['User']['autoalert'])) ? 'No' : 'Yes'; ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Contactalert'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h(0 == ($user['User']['contactalert'])) ? 'No' : 'Yes'; ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Authkey'); ?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
if ($user['Role']['perm_auth']):
|
||||
?>
|
||||
<span class="quickSelect"><?php echo h($user['User']['authkey']); ?></span>
|
||||
<?php
|
||||
if (!Configure::read('MISP.disableUserSelfManagement') || $isAdmin):
|
||||
echo ' (' . $this->Html->link('reset', array('controller' => 'users', 'action' => 'resetauthkey', $user['User']['id'])) . ')';
|
||||
endif;
|
||||
else:
|
||||
echo "<a onclick=\"requestAPIAccess();\" style=\"cursor:pointer;\">". __('Request API access') . "</a>";
|
||||
endif;
|
||||
?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('NIDS Start SID'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h($user['User']['nids_sid']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Termsaccepted'); ?></dt>
|
||||
<dd>
|
||||
<?php echo h((0 == $user['User']['termsaccepted'])? __('No') : __('Yes')); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('GnuPG key'); ?></dt>
|
||||
<dd class="quickSelect <?php echo $user['User']['gpgkey'] ? 'green' : 'bold red'; ?>">
|
||||
<?php echo $user['User']['gpgkey'] ? nl2br(h($user['User']['gpgkey'])) : __("N/A"); ?>
|
||||
</dd>
|
||||
<?php
|
||||
if (!empty($user['User']['gpgkey'])):
|
||||
?>
|
||||
<dt><?php echo __('GnuPG fingerprint');?></dt>
|
||||
<dd class="quickSelect bold <?php echo $user['User']['fingerprint'] ? 'green': 'red'; ?>">
|
||||
<?php
|
||||
echo $user['User']['fingerprint'] ? chunk_split(h($user['User']['fingerprint']), 4, ' ') : 'N/A';
|
||||
?>
|
||||
</dd>
|
||||
<dt><?php echo __('GnuPG status');?></dt>
|
||||
<dd class="bold <?php echo (empty($user['User']['pgp_status']) || $user['User']['pgp_status'] != 'OK') ? 'red': 'green'; ?>">
|
||||
<?php
|
||||
echo !empty($user['User']['pgp_status']) ? h($user['User']['pgp_status']) : 'N/A';
|
||||
?>
|
||||
</dd>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
<?php if (Configure::read('SMIME.enabled')): ?>
|
||||
<dt><?php echo __('SMIME Public certificate'); ?></dt>
|
||||
<dd class="red quickSelect">
|
||||
<?php echo (h($user['User']['certif_public'])) ? $this->Utility->space2nbsp(nl2br(h($user['User']['certif_public']))) : "N/A"; ?>
|
||||
</dd>
|
||||
<?php endif; ?>
|
||||
</dl>
|
||||
<br />
|
||||
<a href="<?php echo $baseurl . '/users/view/me.json'; ?>" class="btn btn-inverse" download>Download user profile for data portability</a>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'globalActions', 'menuItem' => 'view'));
|
||||
$table_data = array();
|
||||
$table_data[] = array('key' => __('Id'), 'value' => $user['User']['id']);
|
||||
$table_data[] = array('key' => __('Email'), 'value' => $user['User']['email']);
|
||||
$table_data[] = array('key' => __('Organisation'), 'value' => $user['Organisation']['name']);
|
||||
$table_data[] = array('key' => __('Role'), 'html' => $this->Html->link($user['Role']['name'], array('controller' => 'roles', 'action' => 'view', $user['Role']['id'])));
|
||||
$table_data[] = array('key' => __('Autoalert'), 'boolean' => $user['User']['autoalert']);
|
||||
$table_data[] = array('key' => __('Contactalert'), 'boolean' => $user['User']['contactalert']);
|
||||
$authkey_data = sprintf(
|
||||
'<a onclick="requestAPIAccess();" style="cursor:pointer;"></a>',
|
||||
__('Request API access')
|
||||
);
|
||||
if ($user['Role']['perm_auth']) {
|
||||
$authkey_data = sprintf(
|
||||
'<span class="quickSelect">%s</span>%s',
|
||||
h($user['User']['authkey']),
|
||||
(Configure::read('MISP.disableUserSelfManagement') && !$isAdmin) ? '' :
|
||||
sprintf(
|
||||
' (%s)',
|
||||
$this->Html->link('reset', array('controller' => 'users', 'action' => 'resetauthkey', $user['User']['id']))
|
||||
)
|
||||
);
|
||||
}
|
||||
$table_data[] = array(
|
||||
'key' => __('Authkey'),
|
||||
'html' => $authkey_data
|
||||
);
|
||||
$table_data[] = array('key' => __('NIDS Start SID'), 'value' => $user['User']['nids_sid']);
|
||||
$table_data[] = array('key' => __('Terms accepted'), 'boolean' => $user['User']['termsaccepted']);
|
||||
$table_data[] = array(
|
||||
'key' => __('GnuPG key'),
|
||||
'class_value' => "quickSelect " . $user['User']['gpgkey'] ? 'green' : 'bold red',
|
||||
'html' => $user['User']['gpgkey'] ? nl2br(h($user['User']['gpgkey'])) : __("N/A")
|
||||
);
|
||||
if (!empty($user['User']['gpgkey'])) {
|
||||
$table_data[] = array(
|
||||
'key' => __('GnuPG fingerprint'),
|
||||
'class_value' => "quickSelect bold " . $user['User']['gpgkey'] ? 'green' : 'bold red',
|
||||
'html' => $user['User']['fingerprint'] ? chunk_split(h($user['User']['fingerprint']), 4, ' ') : 'N/A'
|
||||
);
|
||||
$table_data[] = array(
|
||||
'key' => __('GnuPG status'),
|
||||
'class_value' => "bold" . (empty($user['User']['pgp_status']) || $user['User']['pgp_status'] != 'OK') ? 'red': 'green',
|
||||
'html' => !empty($user['User']['pgp_status']) ? h($user['User']['pgp_status']) : 'N/A'
|
||||
);
|
||||
}
|
||||
if (Configure::read('SMIME.enabled')) {
|
||||
$table_data[] = array(
|
||||
'key' => __('SMIME Public certificate'),
|
||||
'class_value' => "red quickSelect",
|
||||
'html' => (h($user['User']['certif_public'])) ? $this->Utility->space2nbsp(nl2br(h($user['User']['certif_public']))) : "N/A"
|
||||
);
|
||||
}
|
||||
echo sprintf(
|
||||
'<div class="users view row-fluid"><div class="span8" style="margin:0px;">%s</div>%s</div>%s',
|
||||
sprintf(
|
||||
'<h2>%s</h2>%s',
|
||||
__('User'),
|
||||
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
|
||||
),
|
||||
sprintf(
|
||||
'<br /><a href="%s" class="btn btn-inverse" download>Download user profile for data portability</a>',
|
||||
$baseurl . '/users/view/me.json'
|
||||
),
|
||||
$this->element('side_menu', array('menuList' => 'globalActions', 'menuItem' => 'view'))
|
||||
);
|
||||
?>
|
||||
|
|
|
@ -1,61 +1,43 @@
|
|||
<div class="warninglist view">
|
||||
<h2><?php echo h(strtoupper($warninglist['Warninglist']['name'])); ?></h2>
|
||||
<dl>
|
||||
<dt><?php echo __('Id');?></dt>
|
||||
<dd>
|
||||
<?php echo h($warninglist['Warninglist']['id']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Name');?></dt>
|
||||
<dd>
|
||||
<?php echo h($warninglist['Warninglist']['name']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Description');?></dt>
|
||||
<dd>
|
||||
<?php echo h($warninglist['Warninglist']['description']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Version');?></dt>
|
||||
<dd>
|
||||
<?php echo h($warninglist['Warninglist']['version']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Type');?></dt>
|
||||
<dd>
|
||||
<?php echo h($warninglist['Warninglist']['type']); ?>
|
||||
|
||||
</dd>
|
||||
<dt><?php echo __('Accepted attribute types');?></dt>
|
||||
<dd>
|
||||
<?php
|
||||
$text = array();
|
||||
foreach ($warninglist['WarninglistType'] as $temp) $text[] = $temp['type'];
|
||||
$text = implode(', ', $text);
|
||||
echo h($text);
|
||||
?>
|
||||
</dd>
|
||||
<dt><?php echo __('Enabled');?></dt>
|
||||
<dd>
|
||||
<?php echo $warninglist['Warninglist']['enabled'] ? '<span class="green">Yes</span> ' : '<span class="red">No</span> ';
|
||||
if ($isSiteAdmin) {
|
||||
if ($warninglist['Warninglist']['enabled']) {
|
||||
echo $this->Form->postLink('(disable)', array('action' => 'enableWarninglist', h($warninglist['Warninglist']['id'])), array('title' => 'Disable'));
|
||||
} else {
|
||||
echo $this->Form->postLink('(enable)', array('action' => 'enableWarninglist', h($warninglist['Warninglist']['id']), 'true') ,array('title' => 'Enable'));
|
||||
}
|
||||
}
|
||||
?>
|
||||
<?php
|
||||
$data = $warninglist['Warninglist'];
|
||||
$text = array();
|
||||
foreach ($warninglist['WarninglistType'] as $temp) {
|
||||
$text[] = $temp['type'];
|
||||
}
|
||||
$text = implode(', ', $text);
|
||||
$table_data = array(
|
||||
array('key' => __('Id'), 'value' => $data['id']),
|
||||
array('key' => __('Name'), 'value' => $data['name']),
|
||||
array('key' => __('Description'), 'value' => $data['description']),
|
||||
array('key' => __('Version'), 'value' => $data['version']),
|
||||
array('key' => __('Type'), 'value' => $data['type']),
|
||||
array('key' => __('Accepted attribute types'), 'value' => $text),
|
||||
array(
|
||||
'key' => __('Accepted attribute types'),
|
||||
'boolean' => $data['enabled'],
|
||||
'html' => sprintf(
|
||||
'(<a href="%s/warninglists/enableWarninglist/%s%s" title="%s">%s</a>)',
|
||||
$baseurl,
|
||||
h($warninglist['Warninglist']['id']),
|
||||
$data['enabled'] ? '' : '/1',
|
||||
$data['enabled'] ? __('Disable') : __('Enable'),
|
||||
$data['enabled'] ? __('disable') : __('enable')
|
||||
)
|
||||
),
|
||||
);
|
||||
echo sprintf(
|
||||
'<div class="warninglist view"><div class="row-fluid"><div class="span8" style="margin:0px;">%s</div></div><h4>%s</h4>%s</div>%s',
|
||||
sprintf(
|
||||
'<h2>%s</h2>%s',
|
||||
h(strtoupper($warninglist['Warninglist']['name'])),
|
||||
$this->element('genericElements/viewMetaTable', array('table_data' => $table_data))
|
||||
),
|
||||
__('Values'),
|
||||
implode('<br />', array_column($warninglist['WarninglistEntry'], 'value')),
|
||||
$this->element('side_menu', array('menuList' => 'warninglist', 'menuItem' => 'view'))
|
||||
);
|
||||
|
||||
|
||||
</dd>
|
||||
</dl>
|
||||
<br />
|
||||
<h3><?php echo __('Values');?></h3>
|
||||
<div><?php
|
||||
foreach ($warninglist['WarninglistEntry'] as $entry) echo h($entry['value']) . '<br />';
|
||||
?></div>
|
||||
</div>
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
$(document).ready(function(){
|
||||
$('input:checkbox').removeAttr('checked');
|
||||
|
@ -65,6 +47,3 @@
|
|||
});
|
||||
});
|
||||
</script>
|
||||
<?php
|
||||
echo $this->element('side_menu', array('menuList' => 'warninglist', 'menuItem' => 'view'));
|
||||
?>
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit 75ae30f44df997280255eec60b981b9f376c5ac4
|
||||
Subproject commit f9bb8bfa9bfe0eb3813df4dc5efa355bece53ce7
|
|
@ -822,9 +822,9 @@ class StixBuilder(object):
|
|||
filename, md5 = malware_sample['value'].split('|')
|
||||
artifact_object = self.create_artifact_object(malware_sample['data'])
|
||||
artifact_object.hashes = HashList(Hash(hash_value=md5, exact=True))
|
||||
artifact_object.parent.id_ = f"{self.namespace_prefix}:ArtifactObject-{malware_sample['uuid']}"
|
||||
artifact_object.parent.id_ = "{}:ArtifactObject-{}".format(self.namespace_prefix, malware_sample['uuid'])
|
||||
artifact_observable = Observable(artifact_object)
|
||||
artifact_observable.id_ = f"{self.namespace_prefix}:Artifact-{malware_sample['uuid']}"
|
||||
artifact_observable.id_ = "{}:Artifact-{}".format(self.namespace_prefix, malware_sample['uuid'])
|
||||
artifact_observable.title = filename
|
||||
file_observable = self.create_file_observable(attributes_dict, uuid)
|
||||
return to_ids, self.create_observable_composition([artifact_observable, file_observable], uuid, 'file')
|
||||
|
@ -1387,9 +1387,9 @@ class StixBuilder(object):
|
|||
def create_file_observable(self, attributes_dict, uuid):
|
||||
file_object = File()
|
||||
self.fill_file_object(file_object, attributes_dict)
|
||||
file_object.parent.id_ = f"{self.namespace_prefix}:FileObject-{uuid}"
|
||||
file_object.parent.id_ = "{}:FileObject-{}".format(self.namespace_prefix, uuid)
|
||||
file_observable = Observable(file_object)
|
||||
file_observable.id_ = f"{self.namespace_prefix}:File-{uuid}"
|
||||
file_observable.id_ = "{}:File-{}".format(self.namespace_prefix, uuid)
|
||||
return file_observable
|
||||
|
||||
def create_hostname_observable(self, value, uuid):
|
||||
|
|
|
@ -25,16 +25,20 @@ import io
|
|||
import re
|
||||
import stix2
|
||||
from base64 import b64encode
|
||||
from pymisp import MISPEvent, MISPObject, MISPAttribute, __path__
|
||||
from pymisp.exceptions import PyMISPInvalidFormat
|
||||
from stix2misp_mapping import *
|
||||
from collections import defaultdict
|
||||
|
||||
_MISP_dir = "/".join([p for p in os.path.dirname(os.path.realpath(__file__)).split('/')[:-4]])
|
||||
_PyMISP_dir = '{_MISP_dir}/PyMISP/pymisp'.format(_MISP_dir=_MISP_dir)
|
||||
_MISP_objects_path = '{_MISP_dir}/app/files/misp-objects/objects'.format(_MISP_dir=_MISP_dir)
|
||||
sys.path.append(_PyMISP_dir)
|
||||
from pymisp.mispevent import MISPEvent, MISPObject, MISPAttribute
|
||||
from pymisp.exceptions import PyMISPInvalidFormat
|
||||
TAG_REGEX = re.compile(r"\(.+\) .+ = .+")
|
||||
special_parsing = ('relationship', 'report', 'galaxy', 'marking-definition')
|
||||
galaxy_types = {'attack-pattern': 'Attack Pattern', 'intrusion-set': 'Intrusion Set',
|
||||
'malware': 'Malware', 'threat-actor': 'Threat Actor', 'tool': 'Tool'}
|
||||
with open(os.path.join(__path__[0], 'data/describeTypes.json'), 'r') as f:
|
||||
with open('{_PyMISP_dir}/data/describeTypes.json'.format(_PyMISP_dir=_PyMISP_dir), 'r') as f:
|
||||
misp_types = json.loads(f.read())['result'].get('types')
|
||||
|
||||
class StixParser():
|
||||
|
@ -359,7 +363,7 @@ class StixParser():
|
|||
return attributes, message
|
||||
|
||||
def parse_course_of_action(self, o):
|
||||
misp_object = MISPObject('course-of-action')
|
||||
misp_object = MISPObject('course-of-action', misp_objects_path_custom=_MISP_objects_path)
|
||||
if 'name' in o:
|
||||
attribute = {'type': 'text', 'object_relation': 'name', 'value': o.get('name')}
|
||||
misp_object.add_attribute(**attribute)
|
||||
|
@ -383,12 +387,12 @@ class StixParser():
|
|||
return attributes
|
||||
|
||||
def parse_pe(self, extension):
|
||||
pe = MISPObject('pe')
|
||||
pe = MISPObject('pe', misp_objects_path_custom=_MISP_objects_path)
|
||||
pe_uuid = str(uuid.uuid4())
|
||||
pe.uuid = pe_uuid
|
||||
self.fill_object_attributes_observable(pe, pe_mapping, extension)
|
||||
for section in extension['sections']:
|
||||
pe_section = MISPObject('pe-section')
|
||||
pe_section = MISPObject('pe-section', misp_objects_path_custom=_MISP_objects_path)
|
||||
if 'hashes' in section:
|
||||
for h_type, h_value in section['hashes'].items():
|
||||
h_type = h_type.lower().replace('-', '')
|
||||
|
@ -489,7 +493,7 @@ class StixFromMISPParser(StixParser):
|
|||
|
||||
def parse_custom_object(self, o, labels):
|
||||
name = o['type'].split('x-misp-object-')[1]
|
||||
misp_object = MISPObject(name)
|
||||
misp_object = MISPObject(name, misp_objects_path_custom=_MISP_objects_path)
|
||||
misp_object.timestamp = self.getTimestampfromDate(o['x_misp_timestamp'])
|
||||
misp_object.uuid = o['id'].split('--')[1]
|
||||
try:
|
||||
|
@ -521,7 +525,7 @@ class StixFromMISPParser(StixParser):
|
|||
name = 'file' if object_type == 'WindowsPEBinaryFile' else object_type
|
||||
object_category = self.get_misp_category(labels)
|
||||
stix_type = o._type
|
||||
misp_object = MISPObject(name)
|
||||
misp_object = MISPObject(name, misp_objects_path_custom=_MISP_objects_path)
|
||||
uuid = o.id.split('--')[1]
|
||||
misp_object.uuid = uuid
|
||||
misp_object['meta-category'] = object_category
|
||||
|
@ -679,7 +683,7 @@ class StixFromMISPParser(StixParser):
|
|||
def pattern_pe(self, pattern):
|
||||
attributes = []
|
||||
sections = defaultdict(dict)
|
||||
pe = MISPObject('pe')
|
||||
pe = MISPObject('pe', misp_objects_path_custom=_MISP_objects_path)
|
||||
pe_uuid = str(uuid.uuid4())
|
||||
pe.uuid = pe_uuid
|
||||
for p in pattern:
|
||||
|
@ -717,7 +721,7 @@ class StixFromMISPParser(StixParser):
|
|||
attributes.append({'type': attribute_type, 'object_relation': relation,
|
||||
'value': p_value, 'to_ids': True})
|
||||
for _, section in sections.items():
|
||||
pe_section = MISPObject('pe-section')
|
||||
pe_section = MISPObject('pe-section', misp_objects_path_custom=_MISP_objects_path)
|
||||
for stix_type, value in section.items():
|
||||
if 'hashes.' in stix_type:
|
||||
h_type = stix_type.split('.')[1]
|
||||
|
@ -1305,7 +1309,7 @@ class ExternalStixParser(StixParser):
|
|||
|
||||
@staticmethod
|
||||
def create_misp_object(attributes, name, uuid=None):
|
||||
misp_object = MISPObject(name)
|
||||
misp_object = MISPObject(name, misp_objects_path_custom=_MISP_objects_path)
|
||||
if uuid is not None:
|
||||
misp_object.uuid = uuid
|
||||
for attribute in attributes:
|
||||
|
|
|
@ -24,10 +24,15 @@ import base64
|
|||
import stix2misp_mapping
|
||||
import stix.extensions.marking.ais
|
||||
from operator import attrgetter
|
||||
from pymisp import MISPEvent, MISPObject, MISPAttribute, __path__
|
||||
from stix.core import STIXPackage
|
||||
from collections import defaultdict
|
||||
|
||||
_MISP_dir = "/".join([p for p in os.path.dirname(os.path.realpath(__file__)).split('/')[:-3]])
|
||||
_PyMISP_dir = '{_MISP_dir}/PyMISP/pymisp'.format(_MISP_dir=_MISP_dir)
|
||||
_MISP_objects_path = '{_MISP_dir}/app/files/misp-objects/objects'.format(_MISP_dir=_MISP_dir)
|
||||
sys.path.append(_PyMISP_dir)
|
||||
from pymisp.mispevent import MISPEvent, MISPObject, MISPAttribute
|
||||
|
||||
cybox_to_misp_object = {"Account": "credential", "AutonomousSystem": "asn",
|
||||
"EmailMessage": "email", "NetworkConnection": "network-connection",
|
||||
"NetworkSocket": "network-socket", "Process": "process",
|
||||
|
@ -35,8 +40,7 @@ cybox_to_misp_object = {"Account": "credential", "AutonomousSystem": "asn",
|
|||
|
||||
threat_level_mapping = {'High': '1', 'Medium': '2', 'Low': '3', 'Undefined': '4'}
|
||||
|
||||
descFilename = os.path.join(__path__[0], 'data/describeTypes.json')
|
||||
with open(descFilename, 'r') as f:
|
||||
with open("{_PyMISP_dir}/data/describeTypes.json".format(_PyMISP_dir=_PyMISP_dir), 'r') as f:
|
||||
categories = json.loads(f.read())['result'].get('categories')
|
||||
|
||||
class StixParser():
|
||||
|
@ -421,7 +425,7 @@ class StixParser():
|
|||
for connection in properties.network_connection_list:
|
||||
object_name, object_attributes, _ = self.handle_network_connection(connection)
|
||||
object_uuid = str(uuid.uuid4())
|
||||
misp_object = MISPObject(object_name)
|
||||
misp_object = MISPObject(object_name, misp_objects_path_custom=_MISP_objects_path)
|
||||
misp_object.uuid = object_uuid
|
||||
for attribute in object_attributes:
|
||||
misp_object.add_attribute(**attribute)
|
||||
|
@ -559,13 +563,13 @@ class StixParser():
|
|||
# Parse attributes of a portable executable, create the corresponding object,
|
||||
# and return its uuid to build the reference for the file object generated at the same time
|
||||
def parse_pe(self, properties):
|
||||
misp_object = MISPObject('pe')
|
||||
misp_object = MISPObject('pe', misp_objects_path_custom=_MISP_objects_path)
|
||||
filename = properties.file_name.value
|
||||
for attr in ('internal-filename', 'original-filename'):
|
||||
misp_object.add_attribute(**dict(zip(('type', 'value', 'object_relation'),('filename', filename, attr))))
|
||||
if properties.headers:
|
||||
headers = properties.headers
|
||||
header_object = MISPObject('pe-section')
|
||||
header_object = MISPObject('pe-section', misp_objects_path_custom=_MISP_objects_path)
|
||||
if headers.entropy:
|
||||
header_object.add_attribute(**{"type": "float", "object_relation": "entropy",
|
||||
"value": headers.entropy.value.value})
|
||||
|
@ -590,7 +594,7 @@ class StixParser():
|
|||
# Parse attributes of a portable executable section, create the corresponding object,
|
||||
# and return its uuid to build the reference for the pe object generated at the same time
|
||||
def parse_pe_section(self, section):
|
||||
section_object = MISPObject('pe-section')
|
||||
section_object = MISPObject('pe-section', misp_objects_path_custom=_MISP_objects_path)
|
||||
header_hashes = section.header_hashes
|
||||
for h in header_hashes:
|
||||
hash_type, hash_value, hash_relation = self.handle_hashes_attribute(h)
|
||||
|
@ -656,7 +660,7 @@ class StixParser():
|
|||
# The value returned by the indicators or observables parser is a list of dictionaries
|
||||
# These dictionaries are the attributes we add in an object, itself added in the MISP event
|
||||
def handle_object_case(self, attribute_type, attribute_value, compl_data, to_ids=False, object_uuid=None):
|
||||
misp_object = MISPObject(attribute_type)
|
||||
misp_object = MISPObject(attribute_type, misp_objects_path_custom=_MISP_objects_path)
|
||||
if object_uuid:
|
||||
misp_object.uuid = object_uuid
|
||||
for attribute in attribute_value:
|
||||
|
@ -886,9 +890,9 @@ class StixFromMISPParser(StixParser):
|
|||
# Create a MISP object, its attributes, and add it in the MISP event
|
||||
def fill_misp_object(self, item, name, to_ids=False):
|
||||
uuid = self.fetch_uuid(item.id_)
|
||||
if any(((hasattr(item, 'observable') and hasattr(item.observable, 'observable_composition')),
|
||||
if any(((hasattr(item, 'observable') and hasattr(item.observable, 'observable_composition') and item.observable.observable_composition),
|
||||
(hasattr(item, 'observable_composition') and item.observable_composition))):
|
||||
misp_object = MISPObject(name)
|
||||
misp_object = MISPObject(name, misp_objects_path_custom=_MISP_objects_path)
|
||||
misp_object.uuid = uuid
|
||||
if to_ids:
|
||||
observables = item.observable.observable_composition.observables
|
||||
|
@ -1021,7 +1025,7 @@ class ExternalStixParser(StixParser):
|
|||
# Parse the courses of action field of an external STIX document
|
||||
def parse_coa(self, courses_of_action):
|
||||
for coa in courses_of_action:
|
||||
misp_object = MISPObject('course-of-action')
|
||||
misp_object = MISPObject('course-of-action', misp_objects_path_custom=_MISP_objects_path)
|
||||
if coa.title:
|
||||
attribute = {'type': 'text', 'object_relation': 'name',
|
||||
'value': coa.title}
|
||||
|
@ -1151,7 +1155,7 @@ class ExternalStixParser(StixParser):
|
|||
ip_reference = domain_dict['related']
|
||||
domain_attribute = domain_dict['data']
|
||||
if ip_reference in self.dns_objects['ip']:
|
||||
misp_object = MISPObject('passive-dns')
|
||||
misp_object = MISPObject('passive-dns', misp_objects_path_custom=_MISP_objects_path)
|
||||
domain_attribute['object_relation'] = "rrname"
|
||||
misp_object.add_attribute(**domain_attribute)
|
||||
ip = self.dns_objects['ip'][ip_reference]['value']
|
||||
|
|
|
@ -8,6 +8,7 @@ results = {
|
|||
'cybox': 0,
|
||||
'mixbox': 0,
|
||||
'maec': 0,
|
||||
'stix2': 0,
|
||||
'pymisp': 0
|
||||
}
|
||||
try:
|
||||
|
@ -40,12 +41,19 @@ try:
|
|||
except Exception:
|
||||
results['success'] = 0
|
||||
|
||||
try:
|
||||
import stix2
|
||||
results['stix2'] = stix2.__version__
|
||||
except Exception:
|
||||
results['success'] = 0
|
||||
|
||||
print(json.dumps({
|
||||
'success': results['success'],
|
||||
'stix': results['stix'],
|
||||
'cybox': results['cybox'],
|
||||
'mixbox': results['mixbox'],
|
||||
'maec': results['maec'],
|
||||
'stix2': results['stix2'],
|
||||
'pymisp': results['pymisp']
|
||||
}))
|
||||
sys.exit(1)
|
||||
sys.exit(0)
|
||||
|
|
|
@ -370,7 +370,7 @@ dt {
|
|||
dd {
|
||||
float:left;
|
||||
vertical-align: top;
|
||||
width: calc(100% - 150px);
|
||||
width: calc(100% - 151px);
|
||||
padding: 0;
|
||||
margin: 0;
|
||||
}
|
||||
|
@ -2218,3 +2218,26 @@ table tr:hover .down-expand-button {
|
|||
position: relative;
|
||||
bottom: 4px;
|
||||
}
|
||||
|
||||
.meta_table {
|
||||
table-layout: fixed;
|
||||
padding: 0;
|
||||
margin: 0;
|
||||
}
|
||||
|
||||
.meta_table_key {
|
||||
width: 150px;
|
||||
font-weight: bold;
|
||||
padding: 0;
|
||||
margin: 0;
|
||||
text-align: left;
|
||||
}
|
||||
.meta_table_value {
|
||||
padding: 0;
|
||||
margin: 0;
|
||||
text-align: left;
|
||||
}
|
||||
|
||||
.break-word {
|
||||
word-wrap: break-word;
|
||||
}
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit 407f346eb8118d57b43035ef0da47e2ff77ed00e
|
||||
Subproject commit 469d17bceeed65373da3ac3b4f96600dfea8ca68
|
|
@ -25,7 +25,7 @@ The following assumptions with regard to this installation have been made.
|
|||
|
||||
## 1.2/ Configure system hostname
|
||||
```bash
|
||||
sudo hostnamectl set-hostname misp # You're choice, in a production environment, it's best to use a FQDN
|
||||
sudo hostnamectl set-hostname misp # Your choice, in a production environment, it's best to use a FQDN
|
||||
```
|
||||
|
||||
## 1.3/ Register the system for updates with Red Hat Subscription Manager
|
||||
|
@ -38,8 +38,7 @@ sudo subscription-manager register --auto-attach # register your system to an ac
|
|||
sudo subscription-manager refresh
|
||||
sudo subscription-manager repos --enable rhel-7-server-optional-rpms
|
||||
sudo subscription-manager repos --enable rhel-7-server-extras-rpms
|
||||
# This fails on a Trial subscription, it seems.
|
||||
##sudo subscription-manager repos --enable rhel-server-rhscl-7-rpms
|
||||
sudo subscription-manager repos --enable rhel-server-rhscl-7-rpms
|
||||
```
|
||||
|
||||
### 1.5a/ OPTIONAL: Install the deltarpm package to help reduce download size when installing updates
|
||||
|
@ -64,11 +63,6 @@ yum update -y
|
|||
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm -y
|
||||
```
|
||||
|
||||
## 1.7/ Install the SCL repo
|
||||
```bash
|
||||
yum install centos-release-scl
|
||||
```
|
||||
|
||||
# 2/ Install Dependencies
|
||||
Once the system is installed and updated, the following steps can be performed as root
|
||||
|
||||
|
@ -84,8 +78,7 @@ yum install rh-mariadb102
|
|||
|
||||
## 2.03/ Start the MariaDB service and enable it to start on boot
|
||||
```bash
|
||||
systemctl start rh-mariadb102-mariadb.service
|
||||
systemctl enable rh-mariadb102-mariadb.service
|
||||
systemctl enable --now rh-mariadb102-mariadb.service
|
||||
```
|
||||
|
||||
!!! note
|
||||
|
@ -93,7 +86,7 @@ systemctl enable rh-mariadb102-mariadb.service
|
|||
This guide installs PHP 7.1 from SCL
|
||||
|
||||
!!! warning
|
||||
[PHP 5.6 will be EOL in December 2018](https://secure.php.net/supported-versions.php). Please update accordingly. In future only PHP7 will be supported.
|
||||
[PHP 5.6 and 7.0 aren't supported since December 2018](https://secure.php.net/supported-versions.php). Please update accordingly. In the future only PHP7 will be supported.
|
||||
|
||||
## 2.04/ Install PHP 7.1 from SCL
|
||||
```bash
|
||||
|
@ -105,8 +98,7 @@ yum install rh-php71 rh-php71-php-fpm rh-php71-php-devel rh-php71-php-mysqlnd rh
|
|||
|
||||
## 2.05/ Start the PHP FPM service and enable to start on boot
|
||||
```bash
|
||||
systemctl start rh-php71-php-fpm.service
|
||||
systemctl enable rh-php71-php-fpm.service
|
||||
systemctl enable --now rh-php71-php-fpm.service
|
||||
```
|
||||
|
||||
## 2.06/ Install redis 3.2 from SCL
|
||||
|
@ -116,22 +108,17 @@ yum install rh-redis32
|
|||
|
||||
## 2.07/ Start redis service and enable to start on boot
|
||||
```bash
|
||||
systemctl start rh-redis32-redis.service
|
||||
systemctl enable rh-redis32-redis.service
|
||||
```
|
||||
|
||||
## 2.08/ Start a SCL shell with rh-mariadb102 rh-php71 and rh-redis32 enabled
|
||||
```bash
|
||||
scl enable rh-mariadb102 rh-php71 rh-redis32 bash
|
||||
systemctl enable --now rh-redis32-redis.service
|
||||
```
|
||||
|
||||
## 2.08/ Secure the MariaDB installation, run the following command and follow the prompts
|
||||
```bash
|
||||
mysql_secure_installation
|
||||
scl enable rh-mariadb102 'mysql_secure_installation'
|
||||
```
|
||||
|
||||
## 2.10/ Update the PHP extension repository and install required package
|
||||
```bash
|
||||
scl enable rh-php71 rh-redis32 bash
|
||||
pear channel-update pear.php.net
|
||||
pear install Crypt_GPG
|
||||
```
|
||||
|
@ -139,8 +126,7 @@ pear install Crypt_GPG
|
|||
## 2.11/ Install haveged and enable to start on boot to provide entropy for GPG
|
||||
```bash
|
||||
yum install haveged
|
||||
systemctl start haveged
|
||||
systemctl enable haveged
|
||||
systemctl enable --now haveged
|
||||
```
|
||||
|
||||
## 2.12/ Install Python 3.6 from SCL
|
||||
|
@ -159,6 +145,9 @@ git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
|||
# example: git checkout tags/v2.4.XY
|
||||
# the message regarding a "detached HEAD state" is expected behaviour
|
||||
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
|
||||
git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
git submodule foreach --recursive git config core.filemode false
|
||||
```
|
||||
|
||||
## 3.02/ Make git ignore filesystem permission differences
|
||||
|
@ -166,9 +155,8 @@ git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
|||
git config core.filemode false
|
||||
```
|
||||
|
||||
## 3.03/ Install Mitre's STIX and its dependencies by running the following commands
|
||||
## 3.03/ Install Mitre's STIX, STIX2 and their dependencies by running the following commands
|
||||
```bash
|
||||
pip install importlib
|
||||
yum install python-six
|
||||
cd /var/www/MISP/app/files/scripts
|
||||
git clone https://github.com/CybOXProject/python-cybox.git
|
||||
|
@ -182,8 +170,11 @@ scl enable rh-python36 'python3 setup.py install'
|
|||
cd /var/www/MISP/app/files/scripts/python-stix
|
||||
git config core.filemode false
|
||||
scl enable rh-python36 'python3 setup.py install'
|
||||
cd /var/www/MISP/cti-python-stix2
|
||||
scl enable rh-python36 'python3 setup.py install'
|
||||
```
|
||||
|
||||
|
||||
## 3.04/ Install mixbox to accommodate the new STIX dependencies
|
||||
```bash
|
||||
cd /var/www/MISP/app/files/scripts/
|
||||
|
@ -202,23 +193,7 @@ systemctl restart rh-php71-php-fpm.service
|
|||
```
|
||||
|
||||
# 4/ CakePHP
|
||||
|
||||
## 4.01/ CakePHP is now included as a submodule of MISP
|
||||
|
||||
!!! note
|
||||
Execute the following commands to let git fetch it ignore this
|
||||
```
|
||||
message: No submodule mapping found in .gitmodules for path 'app/Plugin/CakeResque'
|
||||
```
|
||||
|
||||
```bash
|
||||
cd /var/www/MISP
|
||||
git submodule update --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
git submodule foreach --recursive git config core.filemode false
|
||||
```
|
||||
|
||||
## 4.02/ Install CakeResque along with its dependencies if you intend to use the built in background jobs
|
||||
## 4.01/ Install CakeResque along with its dependencies if you intend to use the built in background jobs
|
||||
```bash
|
||||
cd /var/www/MISP/app
|
||||
php composer.phar require kamisama/cake-resque:4.1.2
|
||||
|
@ -226,26 +201,26 @@ php composer.phar config vendor-dir Vendor
|
|||
php composer.phar install
|
||||
```
|
||||
|
||||
## 4.03/ Install and configure php redis connector through pecl
|
||||
## 4.02/ Install and configure php redis connector through pecl
|
||||
```bash
|
||||
pecl install redis
|
||||
scl enable rh-php71 'pecl install redis'
|
||||
echo "extension=redis.so" > /etc/opt/rh/rh-php71/php-fpm.d/redis.ini
|
||||
ln -s ../php-fpm.d/redis.ini /etc/opt/rh/rh-php71/php.d/99-redis.ini
|
||||
systemctl restart rh-php71-php-fpm.service
|
||||
```
|
||||
|
||||
## 4.04/ Set a timezone in php.ini
|
||||
## 4.03/ Set a timezone in php.ini
|
||||
```bash
|
||||
echo 'date.timezone = "Australia/Sydney"' > /etc/opt/rh/rh-php71/php-fpm.d/timezone.ini
|
||||
ln -s ../php-fpm.d/timezone.ini /etc/opt/rh/rh-php71/php.d/99-timezone.ini
|
||||
```
|
||||
|
||||
## 4.05/ To use the scheduler worker for scheduled tasks, do the following:
|
||||
## 4.04/ To use the scheduler worker for scheduled tasks, do the following:
|
||||
```bash
|
||||
cp -fa /var/www/MISP/INSTALL/setup/config.php /var/www/MISP/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
## 4.06/ Install Crypt_GPG and Console_CommandLine
|
||||
## 4.05/ Install Crypt_GPG and Console_CommandLine
|
||||
```bash
|
||||
sudo -H -u www-data pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
|
||||
sudo -H -u www-data pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
|
||||
|
@ -274,9 +249,9 @@ echo bind-address=127.0.0.1 >> /etc/opt/rh/rh-mariadb102/my.cnf.d/bind-address.c
|
|||
systemctl restart rh-mariadb102-mariadb
|
||||
```
|
||||
|
||||
## 6.02/ Start MariaDB shell and create database
|
||||
## 6.02/ Start a MariaDB shell and create the database
|
||||
```bash
|
||||
mysql -u root -p
|
||||
scl enable rh-mariadb102 'mysql -u root -p'
|
||||
```
|
||||
|
||||
```
|
||||
|
@ -316,8 +291,7 @@ setsebool -P httpd_can_network_connect on
|
|||
|
||||
## 7.03/ Enable and start the httpd service
|
||||
```bash
|
||||
systemctl enable httpd.service
|
||||
systemctl start httpd.service
|
||||
systemctl enable --now httpd.service
|
||||
```
|
||||
|
||||
## 7.04/ Open a hole in the firewalld service
|
||||
|
@ -332,6 +306,7 @@ firewall-cmd --reload
|
|||
Check out the apache.misp.ssl file for an example
|
||||
|
||||
# 8/ Log Rotation
|
||||
## 8.01/ Enable log rotation
|
||||
MISP saves the stdout and stderr of it's workers in /var/www/MISP/app/tmp/logs
|
||||
To rotate these logs install the supplied logrotate script:
|
||||
```
|
||||
|
@ -339,13 +314,13 @@ cp INSTALL/misp.logrotate /etc/logrotate.d/misp
|
|||
chmod 0640 /etc/logrotate.d/misp
|
||||
```
|
||||
|
||||
## 8.01/ Allow logrotate to work under SELinux and modify the log files
|
||||
## 8.02/ Allow logrotate to work under SELinux and modify the log files
|
||||
```bash
|
||||
semanage fcontext -a -t httpd_log_t "/var/www/MISP/app/tmp/logs(/.*)?"
|
||||
chcon -R -t httpd_log_t /var/www/MISP/app/tmp/logs
|
||||
```
|
||||
|
||||
## 8.02/ Allow logrotate to read /var/www
|
||||
## 8.03/ Allow logrotate to read /var/www
|
||||
```bash
|
||||
checkmodule -M -m -o /tmp/misplogrotate.mod INSTALL/misplogrotate.te
|
||||
semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
|
||||
|
@ -412,30 +387,40 @@ chcon -R -t httpd_sys_rw_content_t /var/www/MISP/.gnupg
|
|||
The email address should match the one set in the config.php configuration file
|
||||
Make sure that you use the same settings in the MISP Server Settings tool
|
||||
|
||||
## 9.05/ export the public key to the webroot
|
||||
## 9.05/ Export the public key to the webroot
|
||||
```bash
|
||||
sudo -u apache gpg --homedir /var/www/MISP/.gnupg --export --armor YOUR-EMAIL > /var/www/MISP/app/webroot/gpg.asc
|
||||
```
|
||||
|
||||
## 9.06/ Start the workers to enable background jobs
|
||||
## 9.06/ Use MISP's background workers
|
||||
### 9.06a/ Create a systemd unit for the workers
|
||||
Create the following file :
|
||||
`/etc/systemd/system/misp-workers.service`
|
||||
```
|
||||
[Unit]
|
||||
Description=MISP's background workers
|
||||
After=rh-mariadb102-mariadb.service rh-redis32-redis.service rh-php71-php-fpm.service
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
User=apache
|
||||
Group=apache
|
||||
ExecStart=/usr/bin/scl enable rh-php71 rh-redis32 rh-mariadb102 /var/www/MISP/app/Console/worker/start.sh
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
```
|
||||
Make the workers' script executable and reload the systemd units :
|
||||
```bash
|
||||
chmod +x /var/www/MISP/app/Console/worker/start.sh
|
||||
su -s /bin/bash apache -c 'scl enable rh-php71 rh-redis32 rh-mariadb102 /var/www/MISP/app/Console/worker/start.sh'
|
||||
systemctl daemon-reload
|
||||
```
|
||||
|
||||
## 9.07a/ To make the background workers start on boot
|
||||
### 9.06b/ Start the workers and enable them on boot
|
||||
```bash
|
||||
vi /etc/rc.local
|
||||
```
|
||||
|
||||
## 9.07b/ Add the following line at the end
|
||||
```bash
|
||||
su -s /bin/bash apache -c 'scl enable rh-php71 rh-redis32 rh-mariadb102 /var/www/MISP/app/Console/worker/start.sh'
|
||||
```
|
||||
|
||||
## 9.07c/ and make sure it will execute
|
||||
```bash
|
||||
chmod +x /etc/rc.local
|
||||
systemctl enable --now misp-workers.service
|
||||
```
|
||||
|
||||
{!generic/INSTALL.done.md!}
|
||||
|
@ -467,15 +452,9 @@ post_max_size = 50M
|
|||
systemctl restart rh-php71-php-fpm
|
||||
```
|
||||
|
||||
## 10.04/ Install pymisp and pydeep for Advanced Attachment handler
|
||||
## 10.04/ Install pydeep and pymisp
|
||||
```bash
|
||||
pip install pymisp
|
||||
pip install git+https://github.com/kbandla/pydeep.git
|
||||
```
|
||||
|
||||
## 10.05/ Install pymisp also in Python 3
|
||||
```bash
|
||||
scl enable rh-python36 pip3 install pymisp
|
||||
scl enable rh-python36 'python3 -m pip install pymisp git+https://github.com/kbandla/pydeep.git'
|
||||
```
|
||||
|
||||
# 11/ LIEF Installation
|
||||
|
@ -486,46 +465,34 @@ scl enable rh-python36 pip3 install pymisp
|
|||
yum install devtoolset-7 cmake3
|
||||
```
|
||||
|
||||
## 11.02/ Enable devtoolset-7
|
||||
## 11.02/ Create the directory and download the source code
|
||||
```bash
|
||||
scl enable devtoolset-7 bash
|
||||
cd /var/www/MISP/app/files/scripts
|
||||
git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
|
||||
```
|
||||
|
||||
## 11.03/ Set env variable, create directories and download source code
|
||||
## 11.03/ Compile lief and install it
|
||||
```bash
|
||||
mkdir -p /tmp/LIEF
|
||||
mkdir -p /tmp/LIEF_INSTALL
|
||||
export LIEF_TMP=/tmp/LIEF
|
||||
export LIEF_INSTALL=/tmp/LIEF_INSTALL
|
||||
export LIEF_BRANCH=master
|
||||
cd $LIEF_TMP
|
||||
git clone --branch $LIEF_BRANCH --single-branch https://github.com/lief-project/LIEF.git LIEF
|
||||
```
|
||||
|
||||
## 11.04/ Compile lief and install
|
||||
```bash
|
||||
cd $LIEF_TMP/LIEF
|
||||
mkdir -p build
|
||||
cd /var/www/MISP/app/files/scripts/lief
|
||||
mkdir build
|
||||
cd build
|
||||
scl enable devtoolset-7 'bash -c "cmake3 \
|
||||
scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
|
||||
-DLIEF_PYTHON_API=on \
|
||||
-DLIEF_DOC=off \
|
||||
-DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
|
||||
-DCMAKE_BUILD_TYPE=Release \
|
||||
-DPYTHON_VERSION=2.7 \
|
||||
-DPYTHON_VERSION=3.6 \
|
||||
.."'
|
||||
make -j3
|
||||
cd api/python
|
||||
scl enable rh-python36 python3 setup.py install || :
|
||||
# you can ignore the error about finding suitable distribution
|
||||
cd $LIEF_TMP/LIEF/build
|
||||
make install
|
||||
make package
|
||||
scl enable rh-python36 'python3 setup.py install || :'
|
||||
# when running setup.py, pip will download and install remote LIEF packages that will prevent MISP from detecting the packages that you compiled ; remove them
|
||||
find /opt/rh/rh-python36/root/ -name "*lief*" -exec rm -rf {} \;
|
||||
```
|
||||
|
||||
## 11.05/ Test lief installation, if no error, package installed
|
||||
## 11.04/ Test lief installation, if no error, package installed
|
||||
```bash
|
||||
python
|
||||
scl enable rh-python36 python3
|
||||
>> import lief
|
||||
```
|
||||
|
||||
|
|
|
@ -1,3 +1,8 @@
|
|||
**Important Note**
|
||||
|
||||
It is **very strongly recommended** to upgrade MISP via the web interface. This documentation may not always be up-to-date and will require you to fix permissions if you want to use the web interface to run the updates in the future.
|
||||
|
||||
|
||||
# Point release updates
|
||||
!!! notice
|
||||
In general, updating MISP between point releases (for exampe 2.4.50 -> 2.4.53) happens with one of the following two options (both are to be executed as root).
|
||||
|
|
|
@ -371,6 +371,9 @@ sudo chcon -R -t httpd_sys_rw_content_t /var/www/MISP/app/tmp
|
|||
# Allow httpd to connect to the redis server and php-fpm over tcp/ip
|
||||
sudo setsebool -P httpd_can_network_connect on
|
||||
|
||||
# Allow httpd to send emails from php
|
||||
sudo setsebool -P httpd_can_sendmail on
|
||||
|
||||
# Enable and start the httpd service
|
||||
sudo systemctl enable httpd.service
|
||||
sudo systemctl start httpd.service
|
||||
|
|
Loading…
Reference in New Issue