mirror of https://github.com/MISP/MISP
Import Whitelist
if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex.pull/63/head
noud
parent
9a7f160ec4
commit
98a2df0280
|
|
@ -109,4 +109,65 @@ class RegexController extends AppController {
|
|||
$this->Session->setFlash(__('Regex was not deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public function admin_clean() {
|
||||
// Attributes.value
|
||||
$deletableAttributes = array();
|
||||
$this->loadModel('Attribute');
|
||||
$attributes = $this->Attribute->find('all', array('recursive' => 0));
|
||||
foreach ($attributes as $attribute) {
|
||||
$result = $this->replaceSpecific(&$attribute['Attribute']['value']);
|
||||
if (!$result) {
|
||||
$deletableAttributes[] = $attribute['Attribute']['id'];
|
||||
} else {
|
||||
$this->Attribute->save($attribute);
|
||||
}
|
||||
}
|
||||
if (count($deletableAttributes)) {
|
||||
foreach ($deletableAttributes as $event) {
|
||||
$this->Attribute->delete($event);
|
||||
}
|
||||
}
|
||||
|
||||
// Event.info
|
||||
$deletableEvents = array();
|
||||
$this->loadModel('Event');
|
||||
$events = $this->Event->find('all', array('recursive' => 0));
|
||||
foreach ($events as $event) {
|
||||
$result = $this->replaceSpecific(&$event['Event']['info']);
|
||||
if (!$result) {
|
||||
$deletableEvents[] = $event['Event']['id'];
|
||||
} else {
|
||||
$this->Event->save($event);
|
||||
}
|
||||
}
|
||||
if (count($deletableEvents)) {
|
||||
foreach ($deletableEvents as $event) {
|
||||
$this->Event->delete($event);
|
||||
}
|
||||
}
|
||||
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
|
||||
public function replaceSpecific($origString) {
|
||||
$returnValue = true;
|
||||
$regex = new Regex();
|
||||
$allRegex = $regex->getAll();
|
||||
foreach($allRegex as $regex) {
|
||||
if (strlen($regex['Regex']['replacement'])) {
|
||||
$origString = preg_replace($regex['Regex']['regex'], $regex['Regex']['replacement'], $origString);
|
||||
}
|
||||
if (!strlen($regex['Regex']['replacement']) && preg_match($regex['Regex']['regex'], $origString)) {
|
||||
App::uses('SessionComponent', 'Controller/Component');
|
||||
SessionComponent::setFlash('Blacklisted value!');
|
||||
$returnValue = false;
|
||||
}
|
||||
}
|
||||
return $returnValue;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -47,7 +47,7 @@ class RegexBehavior extends ModelBehavior {
|
|||
$returnValue = true;
|
||||
foreach ($Model->data[$Model->name] as $key => &$field) {
|
||||
if (in_array($key, $this->settings[$Model->alias]['fields']) && is_string($field)) {
|
||||
$returnValue = $this->replaceWindowsSpecific($field);
|
||||
$returnValue = $this->replaceWindowsSpecific($Model, &$field);
|
||||
// if (!$returnValue) {
|
||||
// $Model->blacklistErrors[] = array($key, $field);
|
||||
// }
|
||||
|
|
@ -63,7 +63,7 @@ class RegexBehavior extends ModelBehavior {
|
|||
*
|
||||
* @return string
|
||||
*/
|
||||
public function replaceWindowsSpecific(&$string) {
|
||||
public function replaceWindowsSpecific(Model $Model, $string) {
|
||||
$returnValue = true;
|
||||
$regex = new Regex();
|
||||
$allRegex = $regex->getAll();
|
||||
|
|
|
|||
|
|
@ -13,6 +13,8 @@ class Regex extends AppModel {
|
|||
*/
|
||||
public $useTable = 'regex';
|
||||
|
||||
public $actsAs = array('Regex' => array('fields' => array('info', 'value')));
|
||||
|
||||
public function getAll() {
|
||||
return $this->find('all');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -183,6 +183,8 @@ class SysLogLogableBehavior extends LogableBehavior {
|
|||
$title = 'User ('. $Model->data[$Model->alias]['id'].') '. $Model->data[$Model->alias]['email'];
|
||||
break;
|
||||
case "Event":
|
||||
App::uses('EventsController', 'Controller');
|
||||
App::build(array('Controller' => array(APP . DS . 'Controller'), 'EventsController'));
|
||||
$this->Events = new EventsController();
|
||||
$this->Events->constructClasses();
|
||||
$title = 'Event ('. $Model->data[$Model->alias]['id'].'): '.$this->Events->getName($Model->data[$Model->alias]['id']);
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
<div class="whitelists form">
|
||||
<?php echo $this->Form->create('Regex');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Add Regex'); ?></legend>
|
||||
<legend><?php echo __('Add Import Whitelist'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('regex');
|
||||
echo $this->Form->input('replacement');
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
<div class="whitelists form">
|
||||
<?php echo $this->Form->create('Regex');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Edit Regex'); ?></legend>
|
||||
<legend><?php echo __('Edit Import Whitelist'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('id');
|
||||
echo $this->Form->input('regex');
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
<div class="logs index">
|
||||
<h2><?php echo __('Regex');?></h2>
|
||||
<h2><?php echo __('Import Whitelist');?></h2>
|
||||
<table cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<th><?php echo $this->Paginator->sort('id');?></th>
|
||||
|
|
@ -37,6 +37,7 @@
|
|||
</div>
|
||||
<div class="actions">
|
||||
<ul>
|
||||
<li><?php echo $this->Html->link(__('Perform on existing data'), array('admin' => true, 'action' => 'clean')); ?></li>
|
||||
<li><?php echo $this->Html->link(__('New Regex'), array('admin' => true, 'action' => 'add')); ?></li>
|
||||
<li> </li>
|
||||
<?php echo $this->element('actions_menu'); ?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue