From f0a1a07592c0528ba37c772decf16deada08c490 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Wed, 25 Nov 2020 08:19:23 +0100 Subject: [PATCH 001/437] chg: [galaxyElement] Added draft of element flattening and unflattening --- app/Controller/GalaxyElementsController.php | 11 +++++ app/Lib/Tools/ArrayFlattenerTool.php | 55 +++++++++++++++++++++ app/View/GalaxyElements/ajax/index.ctp | 2 + 3 files changed, 68 insertions(+) create mode 100644 app/Lib/Tools/ArrayFlattenerTool.php diff --git a/app/Controller/GalaxyElementsController.php b/app/Controller/GalaxyElementsController.php index 68c3759c6..e60003aae 100644 --- a/app/Controller/GalaxyElementsController.php +++ b/app/Controller/GalaxyElementsController.php @@ -26,4 +26,15 @@ class GalaxyElementsController extends AppController $this->render('ajax/index'); } } + + public function indexTree($clusterId) + { + $elements = $this->GalaxyElement->fetchElements($this->Auth->user(), $clusterId); + $keyedValue = []; + foreach ($elements as $i => $element) { + $keyedValue[$element['key']][] = $element['value']; + } + $expanded = Hash::expand($keyedValue); + return $this->RestResponse->viewData($expanded); + } } diff --git a/app/Lib/Tools/ArrayFlattenerTool.php b/app/Lib/Tools/ArrayFlattenerTool.php new file mode 100644 index 000000000..a7b321459 --- /dev/null +++ b/app/Lib/Tools/ArrayFlattenerTool.php @@ -0,0 +1,55 @@ +array_flatten($array); + } + + public function unflatten($array) + { + return $this->array_unflatten($array); + } + + /** + * array_flatten Perform a DFS while flattening the array + */ + private function array_flatten($toFlatten, $prefix='', $separator='.') + { + $result = array(); + foreach ($toFlatten as $k => $v) + { + $new_key = $prefix . (empty($prefix) ? '' : '.') . $k; + if (is_array($v)) { + $result = array_merge($result, $this->array_flatten($v, $new_key, $separator)); + } else { + $result[$new_key] = $v; + } + } + return $result; + } + + private function array_unflatten($toUnflatten, $separator='.') + { + $result = array(); + foreach ($toUnflatten as $k => $v) + { + $decomposedKey = explode($separator, $k); + $result = $this->buildMultiDimensionalArrayFromKeypath($decomposedKey, $result, $v); + } + return $result; + } + + private function buildMultiDimensionalArrayFromKeypath($keypath, $result, $value) + { + if (empty($keypath)) { + $result = $value; + } else { + foreach ($keypath as $key) { + array_shift($keypath); + $result[$key] = $this->buildMultiDimensionalArrayFromKeypath($keypath, $result, $value); + } + } + return $result; + } +} diff --git a/app/View/GalaxyElements/ajax/index.ctp b/app/View/GalaxyElements/ajax/index.ctp index de3307d62..532052ecb 100755 --- a/app/View/GalaxyElements/ajax/index.ctp +++ b/app/View/GalaxyElements/ajax/index.ctp @@ -1,4 +1,6 @@ - diff --git a/app/View/Events/index.ctp b/app/View/Events/index.ctp index cacdfb804..f54efefbe 100644 --- a/app/View/Events/index.ctp +++ b/app/View/Events/index.ctp @@ -127,6 +127,5 @@ echo $this->Html->css('distribution-graph'); echo $this->Html->script('network-distribution-graph'); ?> - element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'index')); diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp index f604f344d..06be58a8c 100644 --- a/app/View/Events/view.ctp +++ b/app/View/Events/view.ctp @@ -561,4 +561,3 @@ $(function () { }); }); - diff --git a/app/View/Layouts/default.ctp b/app/View/Layouts/default.ctp index 3b79002e4..572ff527f 100644 --- a/app/View/Layouts/default.ctp +++ b/app/View/Layouts/default.ctp @@ -33,7 +33,7 @@ )); ?> - +
@@ -71,7 +71,8 @@ 'bootstrap-datepicker', 'bootstrap-colorpicker', 'misp', - 'keyboard-shortcuts' + 'keyboard-shortcuts-definition', + 'keyboard-shortcuts', ) )); echo $this->element('footer'); diff --git a/app/webroot/js/keyboard-shortcuts-definition.js b/app/webroot/js/keyboard-shortcuts-definition.js new file mode 100644 index 000000000..bd6acbe3f --- /dev/null +++ b/app/webroot/js/keyboard-shortcuts-definition.js @@ -0,0 +1,61 @@ +function getShortcutsDefinition() { + var shortcuts = [ + { + "key": "l", + "description": "Go to event list", + "action": function () { + document.location.href = baseurl + '/events/index'; + } + }, + { + "key": "e", + "description": "Go to add event page", + "action": function () { + document.location.href = baseurl + '/events/add'; + } + } + ]; + + var $body = $(document.body); + if ($body.data('controller') === 'events' && $body.data('action') === 'view') { + shortcuts.push({ + "key": "t", + "description": "Open the tag selection modal", + "action": function () { + $('.addTagButton').first().click(); + } + }); + shortcuts.push({ + "key": "f", + "description": "Open the freetext import modal", + "action": function () { + $('#freetext-button').click(); + } + }); + shortcuts.push({ + "key": "a", + "description": "Add an attribute", + "action": function () { + $('#create-button').click(); + } + }); + shortcuts.push({ + "key": "s", + "description": "Focus the filter attribute bar", + "action": function () { + $('#quickFilterField').focus(); + } + }); + } + + if ($body.data('controller') === 'events' && $body.data('action') === 'index') { + shortcuts.push({ + "key": "s", + "description": "Focus the filter events bar", + "action": function () { + $('#quickFilterField').focus(); + } + }); + } + return shortcuts; +} diff --git a/app/webroot/js/keyboard-shortcuts.js b/app/webroot/js/keyboard-shortcuts.js index 1895bf0b0..0375a15ec 100644 --- a/app/webroot/js/keyboard-shortcuts.js +++ b/app/webroot/js/keyboard-shortcuts.js @@ -21,13 +21,7 @@ let keyboardShortcutsManager = { init() { /* Codacy comment to notify that baseurl is a read-only global variable. */ /* global baseurl */ - let shortcutURIs = []; - for(let keyboardShortcutElement of $('.keyboardShortcutsConfig')) { - shortcutURIs.push(keyboardShortcutElement.value); - this.ajaxGet(baseurl + keyboardShortcutElement.value).then((response) => { - this.mapKeyboardShortcuts(JSON.parse(response)); - }); - } + this.mapKeyboardShortcuts(getShortcutsDefinition()); this.setKeyboardListener(); }, @@ -61,7 +55,7 @@ let keyboardShortcutsManager = { * @param {} config The shortcut JSON list: [{key: string, description: string, action: string(eval-able JS code)}] */ mapKeyboardShortcuts(config) { - for(let shortcut of config.shortcuts) { + for(let shortcut of config) { this.shortcutKeys.set(shortcut.key, shortcut); } this.addShortcutListToHTML(); @@ -76,39 +70,14 @@ let keyboardShortcutsManager = { window.onkeyup = (keyboardEvent) => { if(this.shortcutKeys.has(keyboardEvent.key)) { let activeElement = document.activeElement.tagName; - if( !this.ESCAPED_TAG_NAMES.includes(activeElement)) { - eval(this.shortcutKeys.get(keyboardEvent.key).action); + if(!this.ESCAPED_TAG_NAMES.includes(activeElement)) { + this.shortcutKeys.get(keyboardEvent.key).action(); } } else if(this.NAVIGATION_KEYS.includes(keyboardEvent.key)) { window.dispatchEvent(new CustomEvent(this.EVENTS[keyboardEvent.key], {detail: keyboardEvent})); } } }, - - /** - * Queries the given URL with a GET request and returns a Promise - * that resolves when the response arrives. - * @param string url The URL to fetch. - */ - ajaxGet(url) { - return new Promise(function(resolve, reject) { - let req = new XMLHttpRequest(); - req.open("GET", url); - req.onload = function() { - if (req.status === 200) { - resolve(req.response); - } else { - reject(new Error(req.statusText)); - } - }; - - req.onerror = function() { - reject(new Error("Network error")); - }; - - req.send(); - }); - } } // Inits the keyboard shortcut manager's main routine. diff --git a/app/webroot/shortcuts/event_index.json b/app/webroot/shortcuts/event_index.json deleted file mode 100644 index 15e6fa1cb..000000000 --- a/app/webroot/shortcuts/event_index.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "shortcuts": [ - { - "key": "s", - "description": "Focus the filter events bar", - "action": "$('#quickFilterField').focus()" - } - ] -} \ No newline at end of file diff --git a/app/webroot/shortcuts/event_view.json b/app/webroot/shortcuts/event_view.json deleted file mode 100644 index c411c8802..000000000 --- a/app/webroot/shortcuts/event_view.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "shortcuts": [ - { - "key": "t", - "description": "Open the tag selection modal", - "action": "$('.addTagButton').first().click()" - }, - { - "key": "f", - "description": "Open the freetext import modal", - "action": "$('#freetext-button').click()" - }, - { - "key": "a", - "description": "Add an attribute", - "action": "$('#create-button').click()" - }, - { - "key": "s", - "description": "Focus the filter attribute bar", - "action": "$('#quickFilterField').focus()" - } - ] -} diff --git a/app/webroot/shortcuts/global_menu.json b/app/webroot/shortcuts/global_menu.json deleted file mode 100644 index 6ee3ca893..000000000 --- a/app/webroot/shortcuts/global_menu.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "shortcuts": [ - { - "key": "l", - "description": "Go to event list", - "action": "document.location.href = baseurl + '/events/index'" - }, - { - "key": "e", - "description": "Go to add event page", - "action": "document.location.href = baseurl + '/events/add'" - } - ] -} - From d16172ca61a010d2e2b6995be53a2affe8f59110 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Tue, 2 Mar 2021 12:42:37 +0100 Subject: [PATCH 259/437] chg: Bump PyMISP --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index 2ceb38c74..4a2367ec9 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit 2ceb38c741f9432432114998d0c0f8fa36686083 +Subproject commit 4a2367ec965d70d84a0091ea3a6978916a7df25a From 66e371a19c36c2d1e860cc3943153b5922357453 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 2 Mar 2021 13:03:54 +0100 Subject: [PATCH 260/437] fix: [comments] updated for two recent changes in the code --- app/Model/Event.php | 1 + app/Model/SharingGroupServer.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index eae81f0a7..ed9fbcead 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -2190,6 +2190,7 @@ class Event extends AppModel foreach ($results as $eventKey => &$event) { /* + // REMOVING THIS FOR NOW - users should see data they own, even if they're not in the sharing group. if ($event['Event']['distribution'] == 4 && !in_array($event['Event']['sharing_group_id'], $sgids)) { $this->Log = ClassRegistry::init('Log'); $this->Log->create(); diff --git a/app/Model/SharingGroupServer.php b/app/Model/SharingGroupServer.php index 18a7f334f..6a1e56e51 100644 --- a/app/Model/SharingGroupServer.php +++ b/app/Model/SharingGroupServer.php @@ -94,7 +94,7 @@ class SharingGroupServer extends AppModel return $sgs; } - // pass a sharing group ID, returns true if it has an attached server object with "all_orgs" ticked + // pass a sharing group ID, returns true if it has the local server object attached with "all_orgs" set public function checkIfAuthorised($id) { $sg = $this->find('first', array( From 62537961f0f1caafe171d977b5af2643137726e4 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 2 Mar 2021 14:44:41 +0100 Subject: [PATCH 261/437] fix: [internal] Undefined index when importing from module --- app/Controller/AppController.php | 4 ++-- app/Controller/EventsController.php | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index c2fa205d3..63c388cb1 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -1453,10 +1453,10 @@ class AppController extends Controller if ($this->userRole['perm_site_admin']) { return true; } - if ($this->userRole['perm_modify_org'] && $event['Event']['orgc_id'] == $this->Auth->user('org_id')) { + if ($this->userRole['perm_modify_org'] && $event['Event']['orgc_id'] == $this->Auth->user()['org_id']) { return true; } - if ($this->userRole['perm_modify'] && $event['Event']['user_id'] == $this->Auth->user('id')) { + if ($this->userRole['perm_modify'] && $event['Event']['user_id'] == $this->Auth->user()['id']) { return true; } return false; diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 3a64d2f49..829853d94 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -4938,6 +4938,7 @@ class EventsController extends AppController if (!$event) { throw new NotFoundException(__('Invalid event.')); } + $mayModify = $this->__canModifyEvent($event); $eventId = $event['Event']['id']; $this->loadModel('Module'); @@ -5108,7 +5109,7 @@ class EventsController extends AppController $this->set('module', $module); $this->set('eventId', $eventId); $this->set('event', $event); - $this->set('mayModify', $this->__canModifyEvent($event)); + $this->set('mayModify', $mayModify); } public function exportModule($module, $id, $standard = false) From c8533ead788ad08aa5995c1bb84eaeb31e3d5198 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 2 Mar 2021 18:04:49 +0100 Subject: [PATCH 262/437] chg: [internal] Cleanup code that is resposible for fetching server setting --- app/Model/Server.php | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/app/Model/Server.php b/app/Model/Server.php index f9d07cc92..554addd56 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -4,6 +4,7 @@ App::uses('GpgTool', 'Tools'); /** * @property-read array $serverSettings + * @property Organisation $Organisation */ class Server extends AppModel { @@ -1235,16 +1236,23 @@ class Server extends AppModel return true; } + /** + * @return array + */ public function getCurrentServerSettings() { - $this->Module = ClassRegistry::init('Module'); $serverSettings = $this->serverSettings; $moduleTypes = array('Enrichment', 'Import', 'Export', 'Cortex'); $serverSettings = $this->readModuleSettings($serverSettings, $moduleTypes); return $serverSettings; } - private function readModuleSettings($serverSettings, $moduleTypes) + /** + * @param array $serverSettings + * @param array $moduleTypes + * @return array + */ + private function readModuleSettings(array $serverSettings, array $moduleTypes) { $this->Module = ClassRegistry::init('Module'); foreach ($moduleTypes as $moduleType) { @@ -1253,12 +1261,12 @@ class Server extends AppModel foreach ($results as $module => $data) { foreach ($data as $result) { $setting = array('level' => 1, 'errorMessage' => ''); - if ($result['type'] == 'boolean') { + if ($result['type'] === 'boolean') { $setting['test'] = 'testBool'; $setting['type'] = 'boolean'; $setting['description'] = __('Enable or disable the %s module.', $module); $setting['value'] = false; - } elseif ($result['type'] == 'orgs') { + } elseif ($result['type'] === 'orgs') { $setting['description'] = __('Restrict the %s module to the given organisation.', $module); $setting['value'] = 0; $setting['test'] = 'testLocalOrg'; @@ -1335,15 +1343,11 @@ class Server extends AppModel public function serverSettingsRead($unsorted = false) { - $this->Module = ClassRegistry::init('Module'); $serverSettings = $this->getCurrentServerSettings(); $currentSettings = Configure::read(); - if (Configure::read('Plugin.Enrichment_services_enable')) { - $this->readModuleSettings($serverSettings, array('Enrichment')); - } $finalSettingsUnsorted = $this->__serverSettingsRead($serverSettings, $currentSettings); foreach ($finalSettingsUnsorted as $key => $temp) { - if (in_array($temp['tab'], array_keys($this->__settingTabMergeRules))) { + if (isset($this->__settingTabMergeRules[$temp['tab']])) { $finalSettingsUnsorted[$key]['tab'] = $this->__settingTabMergeRules[$temp['tab']]; } } From 7431beefa12bff1807dee5351dae9e6586e2c5a9 Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Tue, 2 Mar 2021 22:03:05 +0000 Subject: [PATCH 263/437] chg: [UI] fix keyboard shortcut manager popup triangle --- app/View/Elements/footer.ctp | 2 +- app/webroot/js/keyboard-shortcuts.js | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/app/View/Elements/footer.ctp b/app/View/Elements/footer.ctp index 387c8d56f..dacd6c010 100644 --- a/app/View/Elements/footer.ctp +++ b/app/View/Elements/footer.ctp @@ -1,5 +1,5 @@
-
+
:
diff --git a/app/webroot/js/keyboard-shortcuts.js b/app/webroot/js/keyboard-shortcuts.js index 1895bf0b0..56db0de2d 100644 --- a/app/webroot/js/keyboard-shortcuts.js +++ b/app/webroot/js/keyboard-shortcuts.js @@ -111,9 +111,9 @@ let keyboardShortcutsManager = { } } -// Inits the keyboard shortcut manager's main routine. -$(document).ready(() => keyboardShortcutsManager.init()); - -// Inits the click event on the keyboard shortcut triangle at the bottom of the screen. -$('#triangle').click(keyboardShortcutsManager.onTriangleClick); +// Inits the keyboard shortcut manager's main routine and the click event on the keyboard shortcut triangle at the bottom of the screen. +$(document).ready(function(){ + keyboardShortcutsManager.init(); + $('#triangle').click(keyboardShortcutsManager.onTriangleClick); +}); From f83fc6ca248f8c2ba49d704b8eb4993a1502fc04 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 2 Mar 2021 23:42:54 +0100 Subject: [PATCH 264/437] fix: [sharing groups] fixed regression with updating local sharing groups --- app/Model/SharingGroup.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/app/Model/SharingGroup.php b/app/Model/SharingGroup.php index ea89684af..d00288d06 100644 --- a/app/Model/SharingGroup.php +++ b/app/Model/SharingGroup.php @@ -649,10 +649,12 @@ class SharingGroup extends AppModel return false; } if (empty($sg['modified']) || $sg['modified'] > $existingSG['SharingGroup']['modified']) { - $isLocalSync = $user['Role']['perm_sync'] && !empty($existingSG['SharingGroup']['local']); + // consider the local field being set to be equivalent to an event's locked == 0 state + $isUpdatableBySync = $user['Role']['perm_sync'] && empty($existingSG['SharingGroup']['local']); + // TODO: reconsider this, org admins will be blocked from legitimate edits if they have sync permissions. + // We need a mechanism to check whether we're in sync context. $isSGOwner = !$user['Role']['perm_sync'] && $existingSG['org_id'] == $user['org_id']; - if ($isLocalSync || $isSGOwner || $user['Role']['perm_site_admin']) { - $sg_id = (int)$existingSG['SharingGroup']['id']; + if ($isUpdatableBySync || $isSGOwner || $user['Role']['perm_site_admin']) { $editedSG = $existingSG['SharingGroup']; $attributes = ['name', 'releasability', 'description', 'created', 'modified', 'active', 'roaming']; foreach ($attributes as $a) { @@ -679,7 +681,7 @@ class SharingGroup extends AppModel * @return int || false */ public function captureSGNew($user, $sg, $syncLocal) - { + { // check if current user is contained in the SG and we are in a local sync setup if (!empty($sg['uuid'])) { if (isset($this->__sgAuthorisationCache['save'][boolval($syncLocal)][$sg['uuid']])) { From 7f9afb84e758652e37dd004fa9aba33e1c70f9da Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 3 Mar 2021 00:19:46 +0100 Subject: [PATCH 265/437] fix: [Sharing groups] capturing a sharing group correctly ignores the incoming data's active flag when editing - based on PR #7101 by @lfortemps --- app/Model/SharingGroup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Model/SharingGroup.php b/app/Model/SharingGroup.php index d00288d06..e150bf197 100644 --- a/app/Model/SharingGroup.php +++ b/app/Model/SharingGroup.php @@ -656,7 +656,7 @@ class SharingGroup extends AppModel $isSGOwner = !$user['Role']['perm_sync'] && $existingSG['org_id'] == $user['org_id']; if ($isUpdatableBySync || $isSGOwner || $user['Role']['perm_site_admin']) { $editedSG = $existingSG['SharingGroup']; - $attributes = ['name', 'releasability', 'description', 'created', 'modified', 'active', 'roaming']; + $attributes = ['name', 'releasability', 'description', 'created', 'modified', 'roaming']; foreach ($attributes as $a) { if (isset($sg[$a])) { $editedSG[$a] = $sg[$a]; From 78a48ddc8789fde1c9af445158a52043d976b763 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 3 Mar 2021 00:29:57 +0100 Subject: [PATCH 266/437] new: [server shell] list servers, fixes #7115 - simple human readable listing - kept the old weird JSON producing listServers intact --- app/Console/Command/ServerShell.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/app/Console/Command/ServerShell.php b/app/Console/Command/ServerShell.php index 870672625..05ac12536 100644 --- a/app/Console/Command/ServerShell.php +++ b/app/Console/Command/ServerShell.php @@ -14,6 +14,26 @@ class ServerShell extends AppShell public $uses = array('Server', 'Task', 'Job', 'User', 'Feed'); public $tasks = array('ConfigLoad'); + public function list() + { + $this->ConfigLoad->execute(); + $res = ['servers'=>[]]; + $servers = $this->Server->find('all', [ + 'fields' => ['Server.id', 'Server.name', 'Server.url'], + 'recursive' => 0 + ]); + foreach ($servers as $server) { + echo sprintf( + '%sServer #%s :: %s :: %s', + PHP_EOL, + $server['Server']['id'], + $server['Server']['name'], + $server['Server']['url'] + ); + } + echo PHP_EOL; + } + public function listServers() { $this->ConfigLoad->execute(); From 98ecf68541a1534419daf7da8249644f434a6e01 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 3 Mar 2021 01:18:34 +0100 Subject: [PATCH 267/437] chg: [version] bump --- VERSION.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION.json b/VERSION.json index 01c07ad57..5d3d5ea23 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1 +1 @@ -{"major":2, "minor":4, "hotfix":139} +{"major":2, "minor":4, "hotfix":140} From 2e4ff3837783ed71c4c15cf05414e72801928df4 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 3 Mar 2021 07:45:06 +0100 Subject: [PATCH 268/437] chg: [misp-objects] updated to the latest version --- app/files/misp-objects | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/files/misp-objects b/app/files/misp-objects index e764ed698..e1f01f674 160000 --- a/app/files/misp-objects +++ b/app/files/misp-objects @@ -1 +1 @@ -Subproject commit e764ed6983bac3a3171fe1a649176224d1abbf0a +Subproject commit e1f01f674fbaeb5f5af13b15f9b87ede9bcc1291 From 874ec66c9bcaa702013f390eb638b4fd679212c2 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 22 Feb 2021 10:33:16 +0100 Subject: [PATCH 269/437] chg: [schema] Convert GalaxyCluster tag name to case insensitive --- INSTALL/MYSQL.sql | 2 +- app/Model/AppModel.php | 3 +++ app/Model/GalaxyCluster.php | 8 ++++---- db_schema.json | 2 +- 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/INSTALL/MYSQL.sql b/INSTALL/MYSQL.sql index 4c0dee91e..8ffd9e0dc 100644 --- a/INSTALL/MYSQL.sql +++ b/INSTALL/MYSQL.sql @@ -455,7 +455,7 @@ CREATE TABLE IF NOT EXISTS `galaxy_clusters` ( `collection_uuid` varchar(255) COLLATE utf8_bin NOT NULL, `type` varchar(255) COLLATE utf8_bin NOT NULL, `value` text COLLATE utf8_bin NOT NULL, - `tag_name` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '', + `tag_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '', `description` text COLLATE utf8_bin NOT NULL, `galaxy_id` int(11) NOT NULL, `source` varchar(255) COLLATE utf8_bin NOT NULL DEFAULT '', diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 3348e9ecc..6c7f225b1 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -1568,6 +1568,9 @@ class AppModel extends Model INDEX `value` (`value`(255)) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;"; break; + case 66: + $sqlArray[] = "ALTER TABLE `galaxy_clusters` MODIFY COLUMN `tag_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '';"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/GalaxyCluster.php b/app/Model/GalaxyCluster.php index 18960ca15..0fb8d4d30 100644 --- a/app/Model/GalaxyCluster.php +++ b/app/Model/GalaxyCluster.php @@ -915,7 +915,7 @@ class GalaxyCluster extends AppModel if (!$isGalaxyTag) { return null; } - $conditions = array('LOWER(GalaxyCluster.tag_name)' => strtolower($name)); + $conditions = array('GalaxyCluster.tag_name' => $name); } $cluster = $this->fetchGalaxyClusters($user, array( 'conditions' => $conditions, @@ -943,7 +943,7 @@ class GalaxyCluster extends AppModel if (count(array_filter($namesOrIds, 'is_numeric')) === count($namesOrIds)) { // all elements are numeric $conditions = array('GalaxyCluster.id' => $namesOrIds); } else { - $conditions = array('LOWER(GalaxyCluster.tag_name)' => array_map('strtolower', $namesOrIds)); + $conditions = array('GalaxyCluster.tag_name' => $namesOrIds); } $options = ['conditions' => $conditions]; @@ -1470,7 +1470,7 @@ class GalaxyCluster extends AppModel foreach ($events as $event) { foreach ($event['EventTag'] as $eventTag) { if ($eventTag['Tag']['is_galaxy']) { - $clusterTagNames[$eventTag['Tag']['id']] = strtolower($eventTag['Tag']['name']); + $clusterTagNames[$eventTag['Tag']['id']] = $eventTag['Tag']['name']; } } } @@ -1480,7 +1480,7 @@ class GalaxyCluster extends AppModel } $options = [ - 'conditions' => ['LOWER(GalaxyCluster.tag_name)' => $clusterTagNames], + 'conditions' => ['GalaxyCluster.tag_name' => $clusterTagNames], 'contain' => ['Galaxy', 'GalaxyElement'], ]; $clusters = $this->fetchGalaxyClusters($user, $options); diff --git a/db_schema.json b/db_schema.json index f2427a0c0..86641ec5f 100644 --- a/db_schema.json +++ b/db_schema.json @@ -2356,7 +2356,7 @@ "data_type": "varchar", "character_maximum_length": "255", "numeric_precision": null, - "collation_name": "utf8_bin", + "collation_name": "utf8_unicode_ci", "column_type": "varchar(255)", "column_default": "", "extra": "" From e3b2a0a40cf62485d80015e567764c4ebab331c4 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 22 Feb 2021 13:56:30 +0100 Subject: [PATCH 270/437] chg: [schema] Add index for EventReport.event_id --- INSTALL/MYSQL.sql | 3 ++- app/Model/AppModel.php | 12 +++++++----- db_schema.json | 3 ++- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/INSTALL/MYSQL.sql b/INSTALL/MYSQL.sql index 8ffd9e0dc..284128120 100644 --- a/INSTALL/MYSQL.sql +++ b/INSTALL/MYSQL.sql @@ -243,7 +243,8 @@ CREATE TABLE IF NOT EXISTS event_reports ( `deleted` tinyint(1) NOT NULL DEFAULT 0, PRIMARY KEY (id), CONSTRAINT u_uuid UNIQUE (uuid), - INDEX `name` (`name`) + INDEX `name` (`name`), + INDEX `event_id` (`event_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; -- -------------------------------------------------------- diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 6c7f225b1..60c220c87 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -1570,6 +1570,7 @@ class AppModel extends Model break; case 66: $sqlArray[] = "ALTER TABLE `galaxy_clusters` MODIFY COLUMN `tag_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '';"; + $indexArray[] = ['event_reports', 'event_id']; break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; @@ -1824,18 +1825,19 @@ class AppModel extends Model } } - private function __addIndex($table, $field, $length = false) + private function __addIndex($table, $field, $length = null, $unique = false) { $dataSourceConfig = ConnectionManager::getDataSource('default')->config; $dataSource = $dataSourceConfig['datasource']; $this->Log = ClassRegistry::init('Log'); + $index = $unique ? 'UNIQUE INDEX' : 'INDEX'; if ($dataSource == 'Database/Postgres') { - $addIndex = "CREATE INDEX idx_" . $table . "_" . $field . " ON " . $table . " (" . $field . ");"; + $addIndex = "CREATE $index idx_" . $table . "_" . $field . " ON " . $table . " (" . $field . ");"; } else { if (!$length) { - $addIndex = "ALTER TABLE `" . $table . "` ADD INDEX `" . $field . "` (`" . $field . "`);"; + $addIndex = "ALTER TABLE `" . $table . "` ADD $index `" . $field . "` (`" . $field . "`);"; } else { - $addIndex = "ALTER TABLE `" . $table . "` ADD INDEX `" . $field . "` (`" . $field . "`(" . $length . "));"; + $addIndex = "ALTER TABLE `" . $table . "` ADD $index `" . $field . "` (`" . $field . "`(" . $length . "));"; } } $result = true; @@ -1844,7 +1846,7 @@ class AppModel extends Model try { $this->query($addIndex); } catch (Exception $e) { - $duplicate = (strpos($e->getMessage(), '1061') !== false); + $duplicate = strpos($e->getMessage(), '1061') !== false; $errorMessage = $e->getMessage(); $result = false; } diff --git a/db_schema.json b/db_schema.json index 86641ec5f..80cdb3c39 100644 --- a/db_schema.json +++ b/db_schema.json @@ -7654,7 +7654,8 @@ "event_reports": { "id": true, "uuid": true, - "name": false + "name": false, + "event_id": false }, "event_tags": { "id": true, From 599819f7f9cdae2e5d9d3a32caa9f25e1a5a2d7c Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 27 Feb 2021 11:13:47 +0100 Subject: [PATCH 271/437] new: [authkeys] Allowed IPs --- app/Controller/AppController.php | 95 +++++++++---- app/Controller/AuthKeysController.php | 30 +++- app/Controller/Component/CRUDComponent.php | 31 +++-- app/Controller/ServersController.php | 6 +- app/Lib/Tools/CidrTool.php | 20 +++ app/Model/AppModel.php | 5 +- app/Model/AuthKey.php | 101 +++++++++++--- app/Model/Log.php | 6 +- app/View/AuthKeys/add.ctp | 11 +- app/View/AuthKeys/index.ctp | 16 ++- app/View/AuthKeys/view.ctp | 129 +++++++++--------- .../IndexTable/Fields/datetime.ctp | 41 +++--- .../SingleViews/Fields/customField.ctp | 1 + app/webroot/css/main.css | 6 +- app/webroot/js/misp.js | 3 +- db_schema.json | 13 +- tests/testlive_security.py | 23 ++++ 17 files changed, 380 insertions(+), 157 deletions(-) create mode 100644 app/View/Elements/genericElements/SingleViews/Fields/customField.ctp diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 63c388cb1..7601603a4 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -125,8 +125,8 @@ class AppController extends Controller } if (!$this->_isRest()) { $this->__contentSecurityPolicy(); + $this->response->header('X-XSS-Protection', '1; mode=block'); } - $this->response->header('X-XSS-Protection', '1; mode=block'); if (!empty($this->params['named']['sql'])) { $this->sql_dump = intval($this->params['named']['sql']); @@ -446,22 +446,9 @@ class AppController extends Controller } else { // User not authenticated correctly // reset the session information - $redis = $this->User->setupRedis(); - // Do not log every fail, but just once per hour - if ($redis && !$redis->exists('misp:auth_fail_throttling:' . $authKeyToStore)) { - $redis->setex('misp:auth_fail_throttling:' . $authKeyToStore, 3600, 1); + if ($this->_shouldLog($authKeyToStore)) { $this->loadModel('Log'); - $this->Log->create(); - $log = array( - 'org' => 'SYSTEM', - 'model' => 'User', - 'model_id' => 0, - 'email' => 'SYSTEM', - 'action' => 'auth_fail', - 'title' => "Failed authentication using API key ($authKeyToStore)", - 'change' => null, - ); - $this->Log->save($log); + $this->Log->createLogEntry('SYSTEM', 'auth_fail', 'User', 0, "Failed authentication using API key ($authKeyToStore)"); } $this->Session->destroy(); } @@ -548,8 +535,10 @@ class AppController extends Controller } if ($user['disabled']) { - $this->Log = ClassRegistry::init('Log'); - $this->Log->createLogEntry($user, 'auth_fail', 'User', $user['id'], 'Login attempt by disabled user.'); + if ($this->_shouldLog('disabled:' . $user['id'])) { + $this->Log = ClassRegistry::init('Log'); + $this->Log->createLogEntry($user, 'auth_fail', 'User', $user['id'], 'Login attempt by disabled user.'); + } $this->Auth->logout(); if ($this->_isRest()) { @@ -565,11 +554,33 @@ class AppController extends Controller if (isset($user['authkey_expiration']) && $user['authkey_expiration']) { $time = isset($_SERVER['REQUEST_TIME']) ? $_SERVER['REQUEST_TIME'] : time(); if ($user['authkey_expiration'] < $time) { + if ($this->_shouldLog('expired:' . $user['authkey_id'])) { + $this->Log = ClassRegistry::init('Log'); + $this->Log->createLogEntry($user, 'auth_fail', 'User', $user['id'], "Login attempt by expired auth key {$user['authkey_id']}."); + } $this->Auth->logout(); throw new ForbiddenException('Auth key is expired'); } } + if (!empty($user['allowed_ips'])) { + App::uses('CidrTool', 'Tools'); + $cidrTool = new CidrTool($user['allowed_ips']); + $remoteIp = $this->_remoteIp(); + if ($remoteIp === null) { + $this->Auth->logout(); + throw new ForbiddenException('Auth key is limited to IP address, but IP address not found'); + } + if (!$cidrTool->contains($remoteIp)) { + if ($this->_shouldLog('not_allowed_ip:' . $user['authkey_id'] . ':' . $remoteIp)) { + $this->Log = ClassRegistry::init('Log'); + $this->Log->createLogEntry($user, 'auth_fail', 'User', $user['id'], "Login attempt from not allowed IP address for auth key {$user['authkey_id']}."); + } + $this->Auth->logout(); + throw new ForbiddenException('It is not possible to use this Auth key from your IP address'); + } + } + $isUserRequest = !$this->_isRest() && !$this->request->is('ajax') && !$this->_isAutomation(); // Next checks makes sense just for user direct HTTP request, so skip REST and AJAX calls if (!$isUserRequest) { @@ -632,7 +643,7 @@ class AppController extends Controller return; } - $remoteAddress = trim($_SERVER['REMOTE_ADDR']); + $remoteAddress = $this->_remoteIp(); $pipe = $redis->multi(Redis::PIPELINE); // keep for 30 days @@ -680,11 +691,7 @@ class AppController extends Controller $change .= PHP_EOL . 'Request body: ' . $payload; } $this->Log = ClassRegistry::init('Log'); - try { - $this->Log->createLogEntry($user, 'request', 'User', $user['id'], 'Paranoid log entry', $change); - } catch (Exception $e) { - // When `MISP.log_skip_db_logs_completely` is enabled, Log::createLogEntry method throws exception - } + $this->Log->createLogEntry($user, 'request', 'User', $user['id'], 'Paranoid log entry', $change); } } @@ -1500,17 +1507,47 @@ class AppController extends Controller throw new RuntimeException("User with ID {$sessionUser['id']} not exists."); } if (isset($sessionUser['authkey_id'])) { + // Reload authkey $this->loadModel('AuthKey'); - if (!$this->AuthKey->exists($sessionUser['authkey_id'])) { + $authKey = $this->AuthKey->find('first', [ + 'conditions' => ['id' => $sessionUser['authkey_id'], 'user_id' => $user['id']], + 'fields' => ['id', 'expiration', 'allowed_ips'], + 'recursive' => -1, + ]); + if (empty($authKey)) { throw new RuntimeException("Auth key with ID {$sessionUser['authkey_id']} not exists."); } + $user['authkey_id'] = $authKey['AuthKey']['id']; + $user['authkey_expiration'] = $authKey['AuthKey']['expiration']; + $user['allowed_ips'] = $authKey['AuthKey']['allowed_ips']; } - foreach (['authkey_id', 'authkey_expiration', 'logged_by_authkey'] as $copy) { - if (isset($sessionUser[$copy])) { - $user[$copy] = $sessionUser[$copy]; - } + if (isset($sessionUser['logged_by_authkey'])) { + $user['logged_by_authkey'] = $sessionUser['logged_by_authkey']; } $this->Auth->login($user); return $user; } + + /** + * @return string|null + */ + protected function _remoteIp() + { + $ipHeader = Configure::read('MISP.log_client_ip_header') ?: 'REMOTE_ADDR'; + return isset($_SERVER[$ipHeader]) ? trim($_SERVER[$ipHeader]) : null; + } + + /** + * @param string $key + * @return bool Returns true if the same log defined by $key was not stored in last hour + */ + protected function _shouldLog($key) + { + $redis = $this->User->setupRedis(); + if ($redis && !$redis->exists('misp:auth_fail_throttling:' . $key)) { + $redis->setex('misp:auth_fail_throttling:' . $key, 3600, 1); + return true; + } + return false; + } } diff --git a/app/Controller/AuthKeysController.php b/app/Controller/AuthKeysController.php index b90bb2fa4..47e1fef57 100644 --- a/app/Controller/AuthKeysController.php +++ b/app/Controller/AuthKeysController.php @@ -71,8 +71,34 @@ class AuthKeysController extends AppController public function edit($id) { - $this->set('metaGroup', 'admin'); - $this->set('metaAction', 'authkeys_edit'); + $this->CRUD->edit($id, [ + 'conditions' => $this->__prepareConditions(), + 'afterFind' => function (array $authKey) { + unset($authKey['AuthKey']['authkey']); + if (is_array($authKey['AuthKey']['allowed_ips'])) { + $authKey['AuthKey']['allowed_ips'] = implode("\n", $authKey['AuthKey']['allowed_ips']); + } + $authKey['AuthKey']['expiration'] = date('Y-m-d H:i:s', $authKey['AuthKey']['expiration']); + return $authKey; + }, + 'fields' => ['comment', 'allowed_ips', 'expiration'], + ]); + if ($this->IndexFilter->isRest()) { + return $this->restResponsePayload; + } + $this->set('dropdownData', [ + 'user' => $this->User->find('list', [ + 'sort' => ['username' => 'asc'], + 'conditions' => ['id' => $this->request->data['AuthKey']['user_id']], + ]) + ]); + $this->set('menuData', [ + 'menuList' => $this->_isSiteAdmin() ? 'admin' : 'globalActions', + 'menuItem' => 'authKeyAdd', + ]); + $this->set('edit', true); + $this->set('validity', Configure::read('Security.advanced_authkeys_validity')); + $this->render('add'); } public function add($user_id = false) diff --git a/app/Controller/Component/CRUDComponent.php b/app/Controller/Component/CRUDComponent.php index 1e682c197..5a63087c4 100644 --- a/app/Controller/Component/CRUDComponent.php +++ b/app/Controller/Component/CRUDComponent.php @@ -145,13 +145,21 @@ class CRUDComponent extends Component if (empty($id)) { throw new NotFoundException(__('Invalid %s.', $modelName)); } - $data = $this->Controller->{$modelName}->find('first', - isset($params['get']) ? $params['get'] : [ - 'recursive' => -1, - 'conditions' => [ - 'id' => $id - ] - ]); + $query = isset($params['get']) ? $params['get'] : [ + 'recursive' => -1, + 'conditions' => [ + 'id' => $id + ], + ]; + if (!empty($params['conditions'])) { + $query['conditions']['AND'][] = $params['conditions']; + } + /** @var Model $model */ + $model = $this->Controller->{$modelName}; + $data = $model->find('first', $query); + if (isset($params['afterFind'])) { + $data = $params['afterFind']($data); + } if ($this->Controller->request->is('post') || $this->Controller->request->is('put')) { $input = $this->Controller->request->data; if (empty($input[$modelName])) { @@ -171,7 +179,10 @@ class CRUDComponent extends Component $data[$modelName][$field] = $fieldData; } } - if ($this->Controller->{$modelName}->save($data)) { + if (isset($params['beforeSave'])) { + $data = $params['beforeSave']($data); + } + if ($model->save($data)) { $message = __('%s updated.', $modelName); if ($this->Controller->IndexFilter->isRest()) { $this->Controller->restResponsePayload = $this->Controller->RestResponse->viewData($data, 'json'); @@ -182,7 +193,9 @@ class CRUDComponent extends Component } } else { if ($this->Controller->IndexFilter->isRest()) { - + $controllerName = $this->Controller->params['controller']; + $actionName = $this->Controller->params['action']; + $this->Controller->restResponsePayload = $this->Controller->RestResponse->saveFailResponse($controllerName, $actionName, false, $model->validationErrors, 'json'); } } } else { diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 7e07d5b3d..52a95d388 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -2434,9 +2434,9 @@ misp.direct_call(relative_path, body) } $message = 'CSP reported violation'; - $ipHeader = Configure::read('MISP.log_client_ip_header') ?: 'REMOTE_ADDR'; - if (isset($_SERVER[$ipHeader])) { - $message .= ' from IP ' . $_SERVER[$ipHeader]; + $remoteIp = $this->_remoteIp(); + if ($remoteIp) { + $message .= ' from IP ' . $remoteIp; } $this->log("$message: " . json_encode($report['csp-report'], JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES)); diff --git a/app/Lib/Tools/CidrTool.php b/app/Lib/Tools/CidrTool.php index faf978f3d..b21351c0c 100644 --- a/app/Lib/Tools/CidrTool.php +++ b/app/Lib/Tools/CidrTool.php @@ -66,6 +66,26 @@ class CidrTool return $match; } + /** + * @param string $cidr + * @return bool + */ + public static function validate($cidr) + { + $parts = explode('/', $cidr, 2); + $ipBytes = inet_pton($parts[0]); + if ($ipBytes === false) { + return false; + } + + $maximumNetmask = strlen($ipBytes) === 4 ? 32 : 128; + if (isset($parts[1]) && ($parts[1] > $maximumNetmask || $parts[1] < 0)) { + return false; // Netmask part of CIDR is invalid + } + + return true; + } + /** * Using solution from https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/IpUtils.php * diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 60c220c87..3f4e0d216 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -89,7 +89,7 @@ class AppModel extends Model 45 => false, 46 => false, 47 => false, 48 => false, 49 => false, 50 => false, 51 => false, 52 => false, 53 => false, 54 => false, 55 => false, 56 => false, 57 => false, 58 => false, 59 => false, 60 => false, 61 => false, 62 => false, - 63 => true, 64 => false, 65 => false + 63 => true, 64 => false, 65 => false, 66 => false, 67 => false, ); public $advanced_updates_description = array( @@ -1572,6 +1572,9 @@ class AppModel extends Model $sqlArray[] = "ALTER TABLE `galaxy_clusters` MODIFY COLUMN `tag_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT '';"; $indexArray[] = ['event_reports', 'event_id']; break; + case 67: + $sqlArray[] = "ALTER TABLE `auth_keys` ADD `allowed_ips` text DEFAULT NULL;"; + break; case 'fixNonEmptySharingGroupID': $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;'; diff --git a/app/Model/AuthKey.php b/app/Model/AuthKey.php index f4711b6b7..50de35909 100644 --- a/app/Model/AuthKey.php +++ b/app/Model/AuthKey.php @@ -1,6 +1,7 @@ data['AuthKey']['id'])) { if (empty($this->data['AuthKey']['uuid'])) { $this->data['AuthKey']['uuid'] = CakeText::uuid(); @@ -42,22 +42,66 @@ class AuthKey extends AppModel $this->data['AuthKey']['authkey_end'] = substr($authkey, -4); $this->data['AuthKey']['authkey_raw'] = $authkey; $this->authkey_raw = $authkey; + } - $validity = Configure::read('Security.advanced_authkeys_validity'); - if (empty($this->data['AuthKey']['expiration'])) { - $this->data['AuthKey']['expiration'] = $validity ? strtotime("+$validity days") : 0; + if (!empty($this->data['AuthKey']['allowed_ips'])) { + if (is_string($this->data['AuthKey']['allowed_ips'])) { + $this->data['AuthKey']['allowed_ips'] = trim($this->data['AuthKey']['allowed_ips']); + if (empty($this->data['AuthKey']['allowed_ips'])) { + $this->data['AuthKey']['allowed_ips'] = []; + } else { + $this->data['AuthKey']['allowed_ips'] = explode("\n", $this->data['AuthKey']['allowed_ips']); + $this->data['AuthKey']['allowed_ips'] = array_map('trim', $this->data['AuthKey']['allowed_ips']); + } + } + if (!is_array($this->data['AuthKey']['allowed_ips'])) { + $this->invalidate('allowed_ips', 'Allowed IPs must be array'); + } + foreach ($this->data['AuthKey']['allowed_ips'] as $cidr) { + if (!CidrTool::validate($cidr)) { + $this->invalidate('allowed_ips', "$cidr is not valid IP range"); + } + } + } + + $creationTime = isset($this->data['AuthKey']['created']) ? $this->data['AuthKey']['created'] : time(); + $validity = Configure::read('Security.advanced_authkeys_validity'); + if (empty($this->data['AuthKey']['expiration'])) { + $this->data['AuthKey']['expiration'] = $validity ? strtotime("+$validity days", $creationTime) : 0; + } else { + $expiration = is_numeric($this->data['AuthKey']['expiration']) ? + (int)$this->data['AuthKey']['expiration'] : + strtotime($this->data['AuthKey']['expiration']); + + if ($expiration === false) { + $this->invalidate('expiration', __('Expiration must be in YYYY-MM-DD format.')); + } + if ($validity && $expiration > strtotime("+$validity days", $creationTime)) { + $this->invalidate('expiration', __('Maximal key validity is %s days.', $validity)); + } + $this->data['AuthKey']['expiration'] = $expiration; + } + + return true; + } + + public function afterFind($results, $primary = false) + { + foreach ($results as $key => $val) { + if (isset($val['AuthKey']['allowed_ips'])) { + $results[$key]['AuthKey']['allowed_ips'] = $this->jsonDecode($val['AuthKey']['allowed_ips']); + } + } + return $results; + } + + public function beforeSave($options = array()) + { + if (isset($this->data['AuthKey']['allowed_ips'])) { + if (empty($this->data['AuthKey']['allowed_ips'])) { + $this->data['AuthKey']['allowed_ips'] = null; } else { - $expiration = is_numeric($this->data['AuthKey']['expiration']) ? - (int)$this->data['AuthKey']['expiration'] : - strtotime($this->data['AuthKey']['expiration']); - - if ($expiration === false) { - $this->invalidate('expiration', __('Expiration must be in YYYY-MM-DD format.')); - } - if ($validity && $expiration > strtotime("+$validity days")) { - $this->invalidate('expiration', __('Maximal key validity is %s days.', $validity)); - } - $this->data['AuthKey']['expiration'] = $expiration; + $this->data['AuthKey']['allowed_ips'] = json_encode($this->data['AuthKey']['allowed_ips']); } } return true; @@ -71,9 +115,9 @@ class AuthKey extends AppModel { $start = substr($authkey, 0, 4); $end = substr($authkey, -4); - $existing_authkeys = $this->find('all', [ + $possibleAuthkeys = $this->find('all', [ 'recursive' => -1, - 'fields' => ['id', 'authkey', 'user_id', 'expiration'], + 'fields' => ['id', 'authkey', 'user_id', 'expiration', 'allowed_ips'], 'conditions' => [ 'OR' => [ 'expiration >' => time(), @@ -84,12 +128,13 @@ class AuthKey extends AppModel ] ]); $passwordHasher = $this->getHasher(); - foreach ($existing_authkeys as $existing_authkey) { - if ($passwordHasher->check($authkey, $existing_authkey['AuthKey']['authkey'])) { - $user = $this->User->getAuthUser($existing_authkey['AuthKey']['user_id']); + foreach ($possibleAuthkeys as $possibleAuthkey) { + if ($passwordHasher->check($authkey, $possibleAuthkey['AuthKey']['authkey'])) { + $user = $this->User->getAuthUser($possibleAuthkey['AuthKey']['user_id']); if ($user) { - $user['authkey_id'] = $existing_authkey['AuthKey']['id']; - $user['authkey_expiration'] = $existing_authkey['AuthKey']['expiration']; + $user['authkey_id'] = $possibleAuthkey['AuthKey']['id']; + $user['authkey_expiration'] = $possibleAuthkey['AuthKey']['expiration']; + $user['allowed_ips'] = $possibleAuthkey['AuthKey']['allowed_ips']; } return $user; } @@ -175,6 +220,18 @@ class AuthKey extends AppModel return $output; } + /** + * When key is modified, update `date_modified` for user that was assigned to that key, so session data + * will be realoaded. + * @see AppController::_refreshAuth + */ + public function afterSave($created, $options = array()) + { + parent::afterSave($created, $options); + $userId = $this->data['AuthKey']['user_id']; + $this->User->updateAll(['date_modified' => time()], ['User.id' => $userId]); + } + /** * When key is deleted, update after `date_modified` for user that was assigned to that key, so session data * will be realoaded and canceled. diff --git a/app/Model/Log.php b/app/Model/Log.php index 1cf7aee90..19b7aeb64 100644 --- a/app/Model/Log.php +++ b/app/Model/Log.php @@ -199,7 +199,7 @@ class Log extends AppModel * @param int $modelId * @param string $title * @param string|array $change - * @return array + * @return array|null * @throws Exception * @throws InvalidArgumentException */ @@ -238,6 +238,10 @@ class Log extends AppModel )); if (!$result) { + if ($action === 'request' && !empty(Configure::read('MISP.log_paranoid_skip_db'))) { + return null; + } + throw new Exception("Cannot save log because of validation errors: " . json_encode($this->validationErrors)); } diff --git a/app/View/AuthKeys/add.ctp b/app/View/AuthKeys/add.ctp index 62e5a40db..a3cd94042 100644 --- a/app/View/AuthKeys/add.ctp +++ b/app/View/AuthKeys/add.ctp @@ -1,7 +1,7 @@ element('genericElements/Form/genericForm', [ 'data' => [ - 'title' => __('Add auth key'), + 'title' => isset($edit) ? __('Edit auth key') : __('Add auth key'), 'description' => __('Auth keys are used for API access. A user can have more than one authkey, so if you would like to use separate keys per tool that queries MISP, add additional keys. Use the comment field to make identifying your keys easier.'), 'fields' => [ [ @@ -13,7 +13,14 @@ echo $this->element('genericElements/Form/genericForm', [ [ 'field' => 'comment', 'label' => __('Comment'), - 'class' => 'span6' + 'class' => 'span6', + 'rows' => 4, + ], + [ + 'field' => 'allowed_ips', + 'label' => __('Allowed IPs'), + 'class' => 'span6', + 'rows' => 4, ], [ 'field' => 'expiration', diff --git a/app/View/AuthKeys/index.ctp b/app/View/AuthKeys/index.ctp index 127132961..77c3ab45f 100644 --- a/app/View/AuthKeys/index.ctp +++ b/app/View/AuthKeys/index.ctp @@ -63,12 +63,17 @@ 'data_path' => 'AuthKey.last_used', 'element' => 'datetime', 'requirements' => $keyUsageEnabled, + 'empty' => __('Never'), ], [ 'name' => __('Comment'), 'sort' => 'AuthKey.comment', 'data_path' => 'AuthKey.comment', ], + [ + 'name' => __('Allowed IPs'), + 'data_path' => 'AuthKey.allowed_ips', + ], ], 'title' => empty($ajax) ? __('Authentication key Index') : false, 'description' => empty($ajax) ? __('A list of API keys bound to a user.') : false, @@ -80,7 +85,16 @@ 'AuthKey.id' ), 'icon' => 'eye', - 'dbclickAction' => true + 'dbclickAction' => true, + 'title' => 'View auth key', + ], + [ + 'url' => $baseurl . '/auth_keys/edit', + 'url_params_data_paths' => array( + 'AuthKey.id' + ), + 'icon' => 'edit', + 'title' => 'Edit auth key', ], [ 'onclick' => sprintf( diff --git a/app/View/AuthKeys/view.ctp b/app/View/AuthKeys/view.ctp index 37f786371..43b79780b 100644 --- a/app/View/AuthKeys/view.ctp +++ b/app/View/AuthKeys/view.ctp @@ -15,65 +15,72 @@ if (isset($keyUsage)) { $uniqueIps = null; } -echo $this->element( - 'genericElements/SingleViews/single_view', - [ - 'title' => 'Auth key view', - 'data' => $data, - 'fields' => [ - [ - 'key' => __('ID'), - 'path' => 'AuthKey.id' - ], - [ - 'key' => __('UUID'), - 'path' => 'AuthKey.uuid', - ], - [ - 'key' => __('Auth Key'), - 'path' => 'AuthKey', - 'type' => 'authkey' - ], - [ - 'key' => __('User'), - 'path' => 'User.id', - 'pathName' => 'User.email', - 'model' => 'users', - 'type' => 'model' - ], - [ - 'key' => __('Comment'), - 'path' => 'AuthKey.comment' - ], - [ - 'key' => __('Created'), - 'path' => 'AuthKey.created', - 'type' => 'datetime' - ], - [ - 'key' => __('Expiration'), - 'path' => 'AuthKey.expiration', - 'type' => 'expiration' - ], - [ - 'key' => __('Key usage'), - 'type' => 'sparkline', - 'path' => 'AuthKey.id', - 'csv' => [ - 'data' => $keyUsageCsv, - ], - 'requirement' => isset($keyUsage), - ], - [ - 'key' => __('Last used'), - 'raw' => $lastUsed ? $this->Time->time($lastUsed) : __('Not used yet'), - 'requirement' => isset($keyUsage), - ], - [ - 'key' => __('Unique IPs'), - 'raw' => $uniqueIps, - 'requirement' => isset($keyUsage), - ] +echo $this->element('genericElements/SingleViews/single_view', [ + 'title' => 'Auth key view', + 'data' => $data, + 'fields' => [ + [ + 'key' => __('ID'), + 'path' => 'AuthKey.id' ], - ] -); + [ + 'key' => __('UUID'), + 'path' => 'AuthKey.uuid', + ], + [ + 'key' => __('Auth Key'), + 'path' => 'AuthKey', + 'type' => 'authkey' + ], + [ + 'key' => __('User'), + 'path' => 'User.id', + 'pathName' => 'User.email', + 'model' => 'users', + 'type' => 'model' + ], + [ + 'key' => __('Comment'), + 'path' => 'AuthKey.comment' + ], + [ + 'key' => __('Allowed IPs'), + 'type' => 'custom', + 'function' => function (array $data) { + if (is_array($data['AuthKey']['allowed_ips'])) { + return implode("
", array_map('h', $data['AuthKey']['allowed_ips'])); + } + return __('All'); + } + ], + [ + 'key' => __('Created'), + 'path' => 'AuthKey.created', + 'type' => 'datetime' + ], + [ + 'key' => __('Expiration'), + 'path' => 'AuthKey.expiration', + 'type' => 'expiration' + ], + [ + 'key' => __('Key usage'), + 'type' => 'sparkline', + 'path' => 'AuthKey.id', + 'csv' => [ + 'data' => $keyUsageCsv, + ], + 'requirement' => isset($keyUsage), + ], + [ + 'key' => __('Last used'), + 'raw' => $lastUsed ? $this->Time->time($lastUsed) : __('Not used yet'), + 'requirement' => isset($keyUsage), + ], + [ + 'key' => __('Unique IPs'), + 'raw' => $uniqueIps, + 'requirement' => isset($keyUsage), + ] + ], +]); diff --git a/app/View/Elements/genericElements/IndexTable/Fields/datetime.ctp b/app/View/Elements/genericElements/IndexTable/Fields/datetime.ctp index 34d3f3bbf..b78c98c5a 100644 --- a/app/View/Elements/genericElements/IndexTable/Fields/datetime.ctp +++ b/app/View/Elements/genericElements/IndexTable/Fields/datetime.ctp @@ -1,26 +1,27 @@ 1) { - $data = implode(', ', $data); +$data = Hash::extract($row, $field['data_path']); +if (is_array($data)) { + if (count($data) > 1) { + $data = implode(', ', $data); + } else { + if (count($data) > 0) { + $data = $data[0]; } else { - if (count($data) > 0) { - $data = $data[0]; - } else { - $data = ''; - } + $data = ''; } } - if (empty($data) && !empty($field['empty'])) { - $data = $field['empty']; - } +} +if (empty($data) && !empty($field['empty'])) { + $data = $field['empty']; +} else { $data = $this->Time->time($data); - if (!empty($field['onClick'])) { - $data = sprintf( - '%s', - $field['onClick'], - $data - ); - } - echo $data; +} +if (!empty($field['onClick'])) { + $data = sprintf( + '%s', + $field['onClick'], + $data + ); +} +echo $data; diff --git a/app/View/Elements/genericElements/SingleViews/Fields/customField.ctp b/app/View/Elements/genericElements/SingleViews/Fields/customField.ctp new file mode 100644 index 000000000..a056047b4 --- /dev/null +++ b/app/View/Elements/genericElements/SingleViews/Fields/customField.ctp @@ -0,0 +1 @@ + Date: Mon, 1 Mar 2021 15:25:18 +0100 Subject: [PATCH 272/437] new: [authkeys] Copy key info when resetting key --- app/Controller/Component/ACLComponent.php | 2 +- app/Controller/UsersController.php | 16 +++--- app/Model/AuthKey.php | 67 ++++++++++++++++++----- app/Model/User.php | 7 +-- 4 files changed, 65 insertions(+), 27 deletions(-) diff --git a/app/Controller/Component/ACLComponent.php b/app/Controller/Component/ACLComponent.php index fb398c910..783329be2 100644 --- a/app/Controller/Component/ACLComponent.php +++ b/app/Controller/Component/ACLComponent.php @@ -687,7 +687,7 @@ class ACLComponent extends Component 'register' => array('*'), 'registrations' => array('perm_site_admin'), 'resetAllSyncAuthKeys' => array(), - 'resetauthkey' => array('*'), + 'resetauthkey' => ['AND' => ['self_management_enabled', 'perm_auth']], 'request_API' => array('*'), 'routeafterlogin' => array('*'), 'statistics' => array('*'), diff --git a/app/Controller/UsersController.php b/app/Controller/UsersController.php index 966eb329f..3d3c47d04 100644 --- a/app/Controller/UsersController.php +++ b/app/Controller/UsersController.php @@ -1294,24 +1294,22 @@ class UsersController extends AppController public function resetauthkey($id = null, $alert = false) { - if (!$this->_isAdmin() && Configure::read('MISP.disableUserSelfManagement')) { - throw new MethodNotAllowedException('User self-management has been disabled on this instance.'); - } if (!$this->request->is('post') && !$this->request->is('put')) { throw new MethodNotAllowedException(__('This functionality is only accessible via POST requests.')); } - if ($id == 'me') { + if ($id === 'me') { $id = $this->Auth->user('id'); + // Reset just current auth key + $keyId = isset($this->Auth->user()['authkey_id']) ? $this->Auth->user()['authkey_id'] : null; + } else { + $keyId = null; } - if (!$this->userRole['perm_auth']) { - throw new MethodNotAllowedException(__('Invalid action.')); - } - $newkey = $this->User->resetauthkey($this->Auth->user(), $id, $alert); + $newkey = $this->User->resetauthkey($this->Auth->user(), $id, $alert, $keyId); if ($newkey === false) { throw new MethodNotAllowedException(__('Invalid user.')); } if (!$this->_isRest()) { - $this->Flash->success(__('New authkey generated.', true)); + $this->Flash->success(__('New authkey generated.')); $this->redirect($this->referer()); } else { return $this->RestResponse->saveSuccessResponse('User', 'resetauthkey', $id, $this->response->type(), 'Authkey updated: ' . $newkey); diff --git a/app/Model/AuthKey.php b/app/Model/AuthKey.php index 50de35909..5dbfb8ac2 100644 --- a/app/Model/AuthKey.php +++ b/app/Model/AuthKey.php @@ -142,26 +142,67 @@ class AuthKey extends AppModel return false; } - public function resetauthkey($id) + /** + * @param int $userId + * @param int|null $keyId + * @return false|string + * @throws Exception + */ + public function resetAuthKey($userId, $keyId = null) { - $existing_authkeys = $this->find('all', [ - 'recursive' => -1, - 'conditions' => [ - 'user_id' => $id - ] - ]); - foreach ($existing_authkeys as $key) { - $key['AuthKey']['expiration'] = time(); - $this->save($key); + $time = time(); + + if ($keyId) { + $currentAuthkey = $this->find('first', [ + 'recursive' => -1, + 'conditions' => [ + 'id' => $keyId, + 'user_id' => $userId, + ], + ]); + if (empty($currentAuthkey)) { + throw new RuntimeException("Key with ID $keyId for user with ID $userId not found."); + } + $currentAuthkey['AuthKey']['expiration'] = $time; + if (!$this->save($currentAuthkey)) { + throw new RuntimeException("Key with ID $keyId could not be saved."); + } + $comment = __("Created by resetting auth key %s\n%s", $keyId, $currentAuthkey['AuthKey']['comment']); + $allowedIps = isset($currentAuthkey['AuthKey']['allowed_ips']) ? $currentAuthkey['AuthKey']['allowed_ips'] : []; + return $this->createnewkey($userId, $comment, $allowedIps); + } else { + $existingAuthkeys = $this->find('all', [ + 'recursive' => -1, + 'conditions' => [ + 'OR' => [ + 'expiration >' => $time, + 'expiration' => 0 + ], + 'user_id' => $userId + ] + ]); + foreach ($existingAuthkeys as $key) { + $key['AuthKey']['expiration'] = $time; + $this->save($key); + } + return $this->createnewkey($userId); } - return $this->createnewkey($id); } - public function createnewkey($id) + /** + * @param int $userId + * @param string $comment + * @param array $allowedIps + * @return false|string + * @throws Exception + */ + public function createnewkey($userId, $comment = '', array $allowedIps = []) { $newKey = [ 'authkey' => (new RandomTool())->random_str(true, 40), - 'user_id' => $id + 'user_id' => $userId, + 'comment' => $comment, + 'allowed_ips' => empty($allowedIps) ? null : $allowedIps, ]; $this->create(); if ($this->save($newKey)) { diff --git a/app/Model/User.php b/app/Model/User.php index e8f70527d..ca505519c 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -1106,7 +1106,7 @@ class User extends AppModel return $results; } - public function resetauthkey($user, $id, $alert = false) + public function resetauthkey($user, $id, $alert = false, $keyId = null) { $this->id = $id; if (!$id || !$this->exists($id)) { @@ -1123,8 +1123,7 @@ class User extends AppModel $this->extralog( $user, 'reset_auth_key', - sprintf( - __('Authentication key for user %s (%s) updated.'), + __('Authentication key for user %s (%s) updated.', $updatedUser['User']['id'], $updatedUser['User']['email'] ), @@ -1133,7 +1132,7 @@ class User extends AppModel ); } else { $this->AuthKey = ClassRegistry::init('AuthKey'); - $newkey = $this->AuthKey->resetauthkey($id); + $newkey = $this->AuthKey->resetAuthKey($id, $keyId); } if ($alert) { $baseurl = Configure::read('MISP.external_baseurl'); From 27eb90f3d56b04cc6e23a55e95fe069b82bb3983 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 3 Mar 2021 09:46:40 +0100 Subject: [PATCH 273/437] chg: [PyMISP] Bump before release --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index 4a2367ec9..fe87d4293 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit 4a2367ec965d70d84a0091ea3a6978916a7df25a +Subproject commit fe87d4293bac938f9601ea44b6738fba0f3586da From 12dec25144aea5dc3ba243ccc3d37e69454bdb2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 3 Mar 2021 10:23:45 +0100 Subject: [PATCH 274/437] chg: [PyMISP] Fix tests --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index fe87d4293..ef9efce5c 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit fe87d4293bac938f9601ea44b6738fba0f3586da +Subproject commit ef9efce5c348379ceeaacf91b604d6cde5190e6c From 9923e30c848d40e03d0b143b101345b5240103c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 3 Mar 2021 10:41:50 +0100 Subject: [PATCH 275/437] chg: [PyMISP] Bump version --- PyMISP | 2 +- app/Controller/AppController.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/PyMISP b/PyMISP index ef9efce5c..39a7b8242 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit ef9efce5c348379ceeaacf91b604d6cde5190e6c +Subproject commit 39a7b8242f0d3022276d417ec334bb46b890ff23 diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 5d46a29ac..4c919f55d 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -26,7 +26,7 @@ class AppController extends Controller public $helpers = array('OrgImg', 'FontAwesome', 'UserName', 'DataPathCollector'); private $__queryVersion = '126'; - public $pyMispVersion = '2.4.138'; + public $pyMispVersion = '2.4.140'; public $phpmin = '7.2'; public $phprec = '7.4'; public $phptoonew = '8.0'; From 0207b93858008861e62ba19cdc5e3f2b1ce35e19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 3 Mar 2021 09:46:40 +0100 Subject: [PATCH 276/437] chg: [PyMISP] Bump before release --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index 4a2367ec9..fe87d4293 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit 4a2367ec965d70d84a0091ea3a6978916a7df25a +Subproject commit fe87d4293bac938f9601ea44b6738fba0f3586da From 5a35a2877a5cd9c859782b8868cc78b72d6e2658 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 3 Mar 2021 10:23:45 +0100 Subject: [PATCH 277/437] chg: [PyMISP] Fix tests --- PyMISP | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PyMISP b/PyMISP index fe87d4293..ef9efce5c 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit fe87d4293bac938f9601ea44b6738fba0f3586da +Subproject commit ef9efce5c348379ceeaacf91b604d6cde5190e6c From 9f18cec0ca48533eb8e590717cd1e00232a179a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 3 Mar 2021 10:41:50 +0100 Subject: [PATCH 278/437] chg: [PyMISP] Bump version --- PyMISP | 2 +- app/Controller/AppController.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/PyMISP b/PyMISP index ef9efce5c..39a7b8242 160000 --- a/PyMISP +++ b/PyMISP @@ -1 +1 @@ -Subproject commit ef9efce5c348379ceeaacf91b604d6cde5190e6c +Subproject commit 39a7b8242f0d3022276d417ec334bb46b890ff23 diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index c2fa205d3..277549902 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -26,7 +26,7 @@ class AppController extends Controller public $helpers = array('OrgImg', 'FontAwesome', 'UserName', 'DataPathCollector'); private $__queryVersion = '126'; - public $pyMispVersion = '2.4.138'; + public $pyMispVersion = '2.4.140'; public $phpmin = '7.2'; public $phprec = '7.4'; public $phptoonew = '8.0'; From 6a553d39da44a43eae02fc7a6fd374152eed311f Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 3 Mar 2021 13:37:08 +0100 Subject: [PATCH 279/437] fix: [OIDC] Change algo how roles are assigned to users --- .../Component/Auth/OidcAuthenticate.php | 20 +++++++++---------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php index 5031c65c9..4ec5befbe 100644 --- a/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php +++ b/app/Plugin/OidcAuth/Controller/Component/Auth/OidcAuthenticate.php @@ -72,9 +72,9 @@ class OidcAuthenticate extends BaseAuthenticate } if ($user['role_id'] != $roleId) { - $user['role_id'] = $roleId; $this->userModel()->updateField($user, 'role_id', $roleId); $this->log($mispUsername, "User role changed from {$user['role_id']} to $roleId."); + $user['role_id'] = $roleId; } $this->log($mispUsername, 'Logged in.'); @@ -182,20 +182,18 @@ class OidcAuthenticate extends BaseAuthenticate ]); $roleNameToId = array_change_key_case($roleNameToId); // normalize role names to lowercase - $userRole = null; - foreach ($roles as $role) { - if (isset($roleMapper[$role])) { - $roleId = $roleMapper[$role]; - if (!is_numeric($roleId)) { - $roleId = mb_strtolower($roleId); - if (isset($roleNameToId[$roleId])) { - $roleId = $roleNameToId[$roleId]; + foreach ($roleMapper as $oidcRole => $mispRole) { + if (in_array($oidcRole, $roles, true)) { + if (!is_numeric($mispRole)) { + $mispRole = mb_strtolower($mispRole); + if (isset($roleNameToId[$mispRole])) { + $mispRole = $roleNameToId[$mispRole]; } else { - $this->log($mispUsername, "MISP Role with name `$roleId` not found, skipping."); + $this->log($mispUsername, "MISP Role with name `$mispRole` not found, skipping."); continue; } } - return $roleId; // first match wins + return $mispRole; // first match wins } } From eb75b5c39592b469fd25124bc79ed9a12e00c569 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 3 Mar 2021 15:22:37 +0100 Subject: [PATCH 280/437] fix: [csp] Custom policies --- app/Controller/AppController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 277549902..d2b4d434b 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -717,7 +717,7 @@ class AppController extends Controller return; } if (is_array($custom)) { - $default = $default + $custom; + $default = $custom + $default; } $header = []; foreach ($default as $key => $value) { From 7695b52f0f541867b31652e218de65db90a24b8e Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 3 Mar 2021 17:19:07 +0100 Subject: [PATCH 281/437] chg: [csp] Report only by default --- app/Controller/AppController.php | 3 ++- app/Lib/Tools/SecurityAudit.php | 9 ++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index d2b4d434b..7397c2082 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -729,7 +729,8 @@ class AppController extends Controller } } } - $this->response->header('Content-Security-Policy', implode('; ', $header)); + $header = Configure::read('Security.csp_enforce') ? 'Content-Security-Policy' : 'Content-Security-Policy-Report-Only'; + $this->response->header($header, implode('; ', $header)); } private function __rateLimitCheck() diff --git a/app/Lib/Tools/SecurityAudit.php b/app/Lib/Tools/SecurityAudit.php index ff14faec6..1d87b221b 100644 --- a/app/Lib/Tools/SecurityAudit.php +++ b/app/Lib/Tools/SecurityAudit.php @@ -61,7 +61,7 @@ class SecurityAudit if (empty(Configure::read('Security.disable_browser_cache'))) { $output['Browser'][] = [ 'warning', - __('Browser cache is enabled. Attacker can obtain sensitive data from user cache. You can disable cache by setting `Security.disable_browser_cache` to `false`.'), + __('Browser cache is enabled. Attacker can obtain sensitive data from user cache. You can disable cache by setting `Security.disable_browser_cache` to `true`.'), ]; } if (empty(Configure::read('Security.check_sec_fetch_site_header'))) { @@ -70,6 +70,13 @@ class SecurityAudit __('MISP server is not checking `Sec-Fetch` HTTP headers. This is protection against CSRF for moder browsers. You can enable this checks by setting `Security.check_sec_fetch_site_header` to `true`.'), ]; } + if (empty(Configure::read('Security.csp_enforce'))) { + $output['Browser'][] = [ + 'warning', + __('Content security policies (CSP) are not enforced. Consider enabling them by setting `Security.csp_enforce` to `true`.'), + 'https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP', + ]; + } if (Configure::read('Security.disable_form_security')) { $output['Browser'][] = ['error', __('Disabling form security is never a good idea.')]; } From 440eb2372ca8ebda4ba4df8663379a6833ad8be4 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 3 Mar 2021 18:28:18 +0100 Subject: [PATCH 282/437] fix: [csp] Incorrect variable name --- app/Controller/AppController.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 7397c2082..5d920105d 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -729,8 +729,8 @@ class AppController extends Controller } } } - $header = Configure::read('Security.csp_enforce') ? 'Content-Security-Policy' : 'Content-Security-Policy-Report-Only'; - $this->response->header($header, implode('; ', $header)); + $headerName = Configure::read('Security.csp_enforce') ? 'Content-Security-Policy' : 'Content-Security-Policy-Report-Only'; + $this->response->header($headerName, implode('; ', $header)); } private function __rateLimitCheck() From 0d69f84c39a75c2ae918d97554c4675005e03fbd Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 3 Mar 2021 17:02:31 +0100 Subject: [PATCH 283/437] new: [test] Password change --- tests/testlive_security.py | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/tests/testlive_security.py b/tests/testlive_security.py index 766746b5d..31870d396 100644 --- a/tests/testlive_security.py +++ b/tests/testlive_security.py @@ -54,8 +54,11 @@ def login(url: str, email: str, password: str) -> requests.Session: r.raise_for_status() parsed = fromstring(r.text) - form = parsed.forms[0] + if len(parsed.forms) != 1: + raise Exception("Login form not found in: " + r.text) + + form = parsed.forms[0] form_fields = form.fields login_form = {} @@ -637,6 +640,28 @@ class TestSecurity(unittest.TestCase): # Password should be still the same self.assertIsInstance(login(url, self.test_usr.email, self.test_usr_password), requests.Session) + def test_change_pw_by_site_admin(self): + old_password = self.test_usr_password + new_password = str(uuid.uuid4()) + check_response(self.admin_misp_connector.update_user({"password": new_password}, self.test_usr.id)) + + self.assertFalse(login(url, self.test_usr.email, old_password), "Old password should not works") + self.assertIsInstance(login(url, self.test_usr.email, new_password), requests.Session) + + # Set password back to original + self.admin_misp_connector.update_user({"password": old_password}, self.test_usr.id) + + def test_change_pw_by_org_admin(self): + old_password = self.test_usr_password + new_password = str(uuid.uuid4()) + check_response(self.org_admin_misp_connector.update_user({"password": new_password}, self.test_usr.id)) + + self.assertFalse(login(url, self.test_usr.email, old_password), "Old password should not works") + self.assertIsInstance(login(url, self.test_usr.email, new_password), requests.Session) + + # Set password back to original + self.org_admin_misp_connector.update_user({"password": old_password}, self.test_usr.id) + def test_change_pw_disabled_by_org_admin(self): with self.__setting("MISP.disable_user_password_change", True): self.org_admin_misp_connector.update_user({"password": str(uuid.uuid4())}, self.test_usr.id) @@ -897,7 +922,7 @@ class TestSecurity(unittest.TestCase): config["Security"]["auth_enforced"] = True with self.__setting(config): # Form login should not work when shibb is enforced, because form doesn't exists - with self.assertRaises(IndexError): + with self.assertRaises(Exception): login(url, self.test_usr.email, self.test_usr_password) def test_shibb_enforced_api_login(self): From 2a8ba9020fde4deaae0d190b3ca9ae561ee23040 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 3 Mar 2021 20:06:25 +0100 Subject: [PATCH 284/437] new: [internal] Security setting force_https --- app/Controller/AppController.php | 37 +++++++++++++++++++++----------- app/Lib/Tools/SecurityAudit.php | 11 ++++++++-- app/Model/Server.php | 9 ++++++++ 3 files changed, 42 insertions(+), 15 deletions(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 68349da20..0c7888b4a 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -94,26 +94,19 @@ class AppController extends Controller public function beforeFilter() { $this->_setupBaseurl(); - $this->Auth->loginRedirect = $this->baseurl. '/users/routeafterlogin'; + $this->Auth->loginRedirect = $this->baseurl . '/users/routeafterlogin'; $customLogout = Configure::read('Plugin.CustomAuth_custom_logout'); $this->Auth->logoutRedirect = $customLogout ?: ($this->baseurl . '/users/login'); $this->__sessionMassage(); - if (Configure::read('Security.allow_cors')) { - // Add CORS headers - $this->response->cors($this->request, - explode(',', Configure::read('Security.cors_origins')), - ['*'], - ['Origin', 'Content-Type', 'Authorization', 'Accept']); - if ($this->request->is('options')) { - // Stop here! - // CORS only needs the headers - $this->response->send(); - $this->_stop(); - } + // If server is running behind reverse proxy, PHP will not recognize that user is accessing site by HTTPS connection. + // By setting `Security.force_https` to `true`, session cookie will be set as Secure and CSP headers will upgrade insecure requests. + if (Configure::read('Security.force_https')) { + $_SERVER['HTTPS'] = 'on'; } + $this->__cors(); if (Configure::read('Security.check_sec_fetch_site_header')) { $secFetchSite = $this->request->header('Sec-Fetch-Site'); if ($secFetchSite !== false && $secFetchSite !== 'same-origin' && ($this->request->is('post') || $this->request->is('put') || $this->request->is('ajax'))) { @@ -740,6 +733,24 @@ class AppController extends Controller $this->response->header($header, implode('; ', $header)); } + private function __cors() + { + if (Configure::read('Security.allow_cors')) { + // Add CORS headers + $this->response->cors($this->request, + explode(',', Configure::read('Security.cors_origins')), + ['*'], + ['Origin', 'Content-Type', 'Authorization', 'Accept']); + + if ($this->request->is('options')) { + // Stop here! + // CORS only needs the headers + $this->response->send(); + $this->_stop(); + } + } + } + private function __rateLimitCheck() { $info = array(); diff --git a/app/Lib/Tools/SecurityAudit.php b/app/Lib/Tools/SecurityAudit.php index 1d87b221b..bb9491e84 100644 --- a/app/Lib/Tools/SecurityAudit.php +++ b/app/Lib/Tools/SecurityAudit.php @@ -77,8 +77,15 @@ class SecurityAudit 'https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP', ]; } - if (Configure::read('Security.disable_form_security')) { - $output['Browser'][] = ['error', __('Disabling form security is never a good idea.')]; + if (!env('HTTPS') && strpos(Configure::read('MISP.baseurl'), 'https://') === 0) { + $output['Browser'][] = [ + 'error', + __('MISP base URL is set to https://, but MISP things that the connection is insecure. This usually happens when server is running behind reverse proxy. By setting `Security.force_https` to `true`, session cookie will be set as Secure and CSP headers will upgrade insecure requests.'), + ]; + } + $sessionConfig = Configure::read('Session'); + if (isset($sessionConfig['ini']['session.cookie_secure']) && !$sessionConfig['ini']['session.cookie_secure']) { + $output['Browser'][] = ['error', __('Setting session cookie is not secure is never good idea.')]; } if (empty(Configure::read('Security.advanced_authkeys'))) { diff --git a/app/Model/Server.php b/app/Model/Server.php index e0dc2c339..d7aacbd96 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -5693,6 +5693,15 @@ class Server extends AppModel 'type' => 'boolean', 'null' => true, ], + 'force_https' => [ + 'level' => self::SETTING_OPTIONAL, + 'description' => __('If enabled, MISP server will consider all requests as secure. This is usually useful when you run MISP behind reverse proxy that terminates HTTPS.'), + 'value' => false, + 'errorMessage' => '', + 'test' => 'testBool', + 'type' => 'boolean', + 'null' => true, + ], 'email_otp_enabled' => array( 'level'=> 2, 'description' => __('Enable two step authentication with a OTP sent by email. Requires e-mailing to be enabled. Warning: You cannot use it in combination with external authentication plugins.'), From 96e349f47fd4c6947c158d387708c58dc6f06d52 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 3 Mar 2021 19:00:48 +0100 Subject: [PATCH 285/437] chg: [csp] Add Security.csp_enforce to server setting --- app/Model/Server.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/app/Model/Server.php b/app/Model/Server.php index c4c938583..54999faca 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -5574,6 +5574,14 @@ class Server extends AppModel 'type' => 'boolean', 'null' => true ), + 'csp_enforce' => [ + 'level' => self::SETTING_CRITICAL, + 'description' => __('Enforce CSP. Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. When disabled, violations will be just logged.'), + 'value' => false, + 'errorMessage' => '', + 'test' => 'testBool', + 'type' => 'boolean', + ], 'salt' => array( 'level' => 0, 'description' => __('The salt used for the hashed passwords. You cannot reset this from the GUI, only manually from the settings.php file. Keep in mind, this will invalidate all passwords in the database.'), From e77d9fcd491ef342a2f0edc77d743cb48dc573a1 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 3 Mar 2021 10:01:36 +0100 Subject: [PATCH 286/437] fix: [internal] PHP warnings when pivoting --- app/Controller/EventsController.php | 63 +++++++++++++++++++++++++---- 1 file changed, 55 insertions(+), 8 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 3a64d2f49..cadb0f441 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1224,6 +1224,11 @@ class EventsController extends AppController $this->render('/Elements/eventattribute'); } + /** + * @param array $event + * @param bool $continue + * @param int $fromEvent + */ private function __viewUI($event, $continue, $fromEvent) { $this->loadModel('Taxonomy'); @@ -1278,9 +1283,9 @@ class EventsController extends AppController // set the pivot data $this->helpers[] = 'Pivot'; if ($continue) { - $data = $this->__continuePivoting($event['Event']['id'], $event['Event']['info'], $event['Event']['date'], $fromEvent); + $this->__continuePivoting($event['Event']['id'], $event['Event']['info'], $event['Event']['date'], $fromEvent); } else { - $data = $this->__startPivoting($event['Event']['id'], $event['Event']['info'], $event['Event']['date']); + $this->__startPivoting($event['Event']['id'], $event['Event']['info'], $event['Event']['date']); } $pivot = $this->Session->read('pivot_thread'); $this->__arrangePivotVertical($pivot); @@ -1626,24 +1631,61 @@ class EventsController extends AppController $this->__viewUI($event, $continue, $fromEvent); } + /** + * @param int $id + * @param string $info + * @param string $date + */ private function __startPivoting($id, $info, $date) { - $this->Session->write('pivot_thread', null); - $initial_pivot = array('id' => $id, 'info' => $info, 'date' => $date, 'depth' => 0, 'height' => 0, 'children' => array(), 'deletable' => true); - $this->Session->write('pivot_thread', $initial_pivot); + $initialPivot = [ + 'id' => $id, + 'info' => $info, + 'date' => $date, + 'depth' => 0, + 'height' => 0, + 'children' => [], + 'deletable' => true, + ]; + $this->Session->write('pivot_thread', $initialPivot); } + /** + * @param int $id + * @param string $info + * @param string $date + * @param int $fromEvent + */ private function __continuePivoting($id, $info, $date, $fromEvent) { $pivot = $this->Session->read('pivot_thread'); - $newPivot = array('id' => $id, 'info' => $info, 'date' => $date, 'depth' => null, 'children' => array(), 'deletable' => true); + if (!is_array($pivot)) { + $this->__startPivoting($id, $info, $date); + return; + } + + $newPivot = [ + 'id' => $id, + 'info' => $info, + 'date' => $date, + 'depth' => null, + 'children' => [], + 'deletable' => true, + ]; if (!$this->__checkForPivot($pivot, $id)) { $pivot = $this->__insertPivot($pivot, $fromEvent, $newPivot, 0); } $this->Session->write('pivot_thread', $pivot); } - private function __insertPivot($pivot, $oldId, $newPivot, $depth) + /** + * @param array $pivot + * @param int $oldId + * @param array $newPivot + * @param int $depth + * @return array + */ + private function __insertPivot(array $pivot, $oldId, array $newPivot, $depth) { $depth++; if ($pivot['id'] == $oldId) { @@ -1659,7 +1701,12 @@ class EventsController extends AppController return $pivot; } - private function __checkForPivot($pivot, $id) + /** + * @param array $pivot + * @param int $id + * @return bool + */ + private function __checkForPivot(array $pivot, $id) { if ($id == $pivot['id']) { return true; From 74c38f1d345050e220120663d486eb6f276524cc Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 12:56:17 +0100 Subject: [PATCH 287/437] chg: [diagnostics] Show Redis memory fragmentation --- app/View/Elements/healthElements/diagnostics.ctp | 1 + 1 file changed, 1 insertion(+) diff --git a/app/View/Elements/healthElements/diagnostics.ctp b/app/View/Elements/healthElements/diagnostics.ctp index 404b249c2..9f3fb74c4 100644 --- a/app/View/Elements/healthElements/diagnostics.ctp +++ b/app/View/Elements/healthElements/diagnostics.ctp @@ -293,6 +293,7 @@ :
: B
: B
+ : B
: B Redis is not available. From 1b50258d0426037058ef86462096c4b264b034c1 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 12:56:39 +0100 Subject: [PATCH 288/437] fix: [diagnostics] Typo in security audit message --- app/Lib/Tools/SecurityAudit.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Lib/Tools/SecurityAudit.php b/app/Lib/Tools/SecurityAudit.php index bb9491e84..86c65c49e 100644 --- a/app/Lib/Tools/SecurityAudit.php +++ b/app/Lib/Tools/SecurityAudit.php @@ -85,7 +85,7 @@ class SecurityAudit } $sessionConfig = Configure::read('Session'); if (isset($sessionConfig['ini']['session.cookie_secure']) && !$sessionConfig['ini']['session.cookie_secure']) { - $output['Browser'][] = ['error', __('Setting session cookie is not secure is never good idea.')]; + $output['Browser'][] = ['error', __('Setting session cookie as not secure is never good idea.')]; } if (empty(Configure::read('Security.advanced_authkeys'))) { From 6ed50c3812f2a4cc5361d27245fa09dd906425b7 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 12:56:58 +0100 Subject: [PATCH 289/437] fix: [UI] Remove warning about old PHP a Python --- app/View/Elements/healthElements/diagnostics.ctp | 1 - 1 file changed, 1 deletion(-) diff --git a/app/View/Elements/healthElements/diagnostics.ctp b/app/View/Elements/healthElements/diagnostics.ctp index 9f3fb74c4..d2cb1b8f0 100644 --- a/app/View/Elements/healthElements/diagnostics.ctp +++ b/app/View/Elements/healthElements/diagnostics.ctp @@ -188,7 +188,6 @@

:…
(> ):
(> ):

-

PHP, Python.

&$phpSetting): From 37f1e1c49895fc2699cc69f3d43b725f5bab04e2 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 12:58:39 +0100 Subject: [PATCH 290/437] fix: [UI] Diagnostics box --- .../Elements/healthElements/diagnostics.ctp | 49 ++++++++++--------- 1 file changed, 26 insertions(+), 23 deletions(-) diff --git a/app/View/Elements/healthElements/diagnostics.ctp b/app/View/Elements/healthElements/diagnostics.ctp index d2cb1b8f0..54851af8e 100644 --- a/app/View/Elements/healthElements/diagnostics.ctp +++ b/app/View/Elements/healthElements/diagnostics.ctp @@ -235,9 +235,8 @@ - '; - echo $this->element('/genericElements/IndexTable/index_table', array( +
+ element('/genericElements/IndexTable/index_table', array( 'data' => array( 'data' => $dbDiagnostics, 'skip_pagination' => 1, @@ -265,25 +264,27 @@ 'description' => __('Size of each individual table on disk, along with the size that can be freed via SQL optimize. Make sure that you always have at least 3x the size of the largest table in free space in order for the update scripts to work as expected.') ) )); - echo '
'; ?> -

-
- element('/healthElements/db_schema_diagnostic', array( - 'checkedTableColumn' => $dbSchemaDiagnostics['checked_table_column'], - 'dbSchemaDiagnostics' => $dbSchemaDiagnostics['diagnostic'], - 'expectedDbVersion' => $dbSchemaDiagnostics['expected_db_version'], - 'actualDbVersion' => $dbSchemaDiagnostics['actual_db_version'], - 'error' => $dbSchemaDiagnostics['error'], - 'remainingLockTime' => $dbSchemaDiagnostics['remaining_lock_time'], - 'updateFailNumberReached' => $dbSchemaDiagnostics['update_fail_number_reached'], - 'updateLocked' => $dbSchemaDiagnostics['update_locked'], - 'dataSource' => $dbSchemaDiagnostics['dataSource'], - 'columnPerTable' => $dbSchemaDiagnostics['columnPerTable'], - 'dbIndexDiagnostics' => $dbSchemaDiagnostics['diagnostic_index'], - 'indexes' => $dbSchemaDiagnostics['indexes'], - )); ?> -
+
+ +

+
+ element('/healthElements/db_schema_diagnostic', array( + 'checkedTableColumn' => $dbSchemaDiagnostics['checked_table_column'], + 'dbSchemaDiagnostics' => $dbSchemaDiagnostics['diagnostic'], + 'expectedDbVersion' => $dbSchemaDiagnostics['expected_db_version'], + 'actualDbVersion' => $dbSchemaDiagnostics['actual_db_version'], + 'error' => $dbSchemaDiagnostics['error'], + 'remainingLockTime' => $dbSchemaDiagnostics['remaining_lock_time'], + 'updateFailNumberReached' => $dbSchemaDiagnostics['update_fail_number_reached'], + 'updateLocked' => $dbSchemaDiagnostics['update_locked'], + 'dataSource' => $dbSchemaDiagnostics['dataSource'], + 'columnPerTable' => $dbSchemaDiagnostics['columnPerTable'], + 'dbIndexDiagnostics' => $dbSchemaDiagnostics['diagnostic_index'], + 'indexes' => $dbSchemaDiagnostics['indexes'], + )); ?> +
+

: ' . __('Not installed.') . '') ?>
@@ -432,10 +433,11 @@

+
-
+ ' . $message . ''; ?> -
+
+

Sessions in CakePHP rely on PHP\'s garbage collection for clean-up and in certain distributions this can be disabled by default resulting in an ever growing cake session table.
If you are affected by this, just click the clean session table button below.');?>

From 65fb06fccf5032d5bd08e0bf38ffe3931be06ff0 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 16:11:55 +0100 Subject: [PATCH 291/437] chg: [UI] Nicer pivots --- app/View/Elements/pivot.ctp | 13 +-- app/View/Helper/PivotHelper.php | 147 +++++++++++++++----------------- app/webroot/css/tree.css | 48 +++++------ 3 files changed, 98 insertions(+), 110 deletions(-) diff --git a/app/View/Elements/pivot.ctp b/app/View/Elements/pivot.ctp index 47c2561d2..5de84306b 100644 --- a/app/View/Elements/pivot.ctp +++ b/app/View/Elements/pivot.ctp @@ -1,14 +1,7 @@ -Html->css('tree'); -?> +Html->css('tree'); ?>
- - Pivot->convertPivotToHTML($pivot, $event['Event']['id']); - ?> - -
-
+ Pivot->convertPivotToHTML($pivot, $event['Event']['id']); ?>
+
diff --git a/app/View/Helper/PivotHelper.php b/app/View/Helper/PivotHelper.php index 95a67fecc..f3c1932ce 100644 --- a/app/View/Helper/PivotHelper.php +++ b/app/View/Helper/PivotHelper.php @@ -1,82 +1,77 @@ (11 - strlen((string)$pivot['id'])) && strlen($pivot['info']) > 9) { - $text .= mb_substr($pivot['info'], 0, 6) . '...'; - } else { - $text .= $pivot['info']; - } - - // Colour the text white if it is a highlighted pivot element - $pivotType = 'pivotText'; - $pivotSpanType = ''; - if ($activeText) { - $pivotType = 'pivotTextBlue'; - $pivotSpanType = 'pivotSpanBlue'; - } - - $data[] = ''; - if ($pivot['deletable']) { - $data[] = ''; - } - $data[] = '' . h($text) . ''; - $data[] = ''; - if (!empty($pivot['children'])) { - foreach ($pivot['children'] as $k => $v) { - $extra = ''; - if ($v['id'] == $currentEvent) { - $active = ' activePivot'; - } - if ($k > 0) { - $pixelDifference = $pivot['children'][$k]['height'] - $pivot['children'][$k-1]['height']; - $lineDifference = $pixelDifference / 50; - $extra = ' distance' . $lineDifference; - } - $data[] = '
'; - if ($active != '') $temp = $this->__doConvert($v, $currentEvent, true); - else $temp = $this->__doConvert($v, $currentEvent); - $data = array_merge($data, $temp); - $data[] = '
'; - $active = ''; - } - } - return $data; +class PivotHelper extends AppHelper +{ + public function convertPivotToHTML(array $pivot, $currentEvent) + { + $lookingAtRoot = false; + $pivotType = ''; + if ($pivot['id'] == $currentEvent) { + $lookingAtRoot = true; + $pivotType = ' activePivot'; } - - public function convertPivotToHTML($pivot, $currentEvent) { - $lookingAtRoot = false; - $pivotType = ''; - if ($pivot['id'] == $currentEvent) { - $lookingAtRoot = true; - $pivotType = ' activePivot'; - } - $temp = $this->__doConvert($pivot, $currentEvent, $lookingAtRoot); - $height = $this->__findMaxHeight($pivot); - $height = $height + 50; - $data = array('
'); - $data = array_merge($data, $temp); - $data = array_merge($data, array('
')); - foreach ($data as $k => $v) { - echo ($v); - } - } - - private function __findMaxHeight($pivot) { - $height = $pivot['height']; - $heightToAdd = 0; - $temp = 0; - foreach ($pivot['children'] as $k => $v) { - $temp = $this->__findMaxHeight($v); - if ($temp > $heightToAdd) $heightToAdd = $temp; - } - return $height + $heightToAdd; + $temp = $this->__doConvert($pivot, $currentEvent, $lookingAtRoot); + $height = $this->__findMaxHeight($pivot); + $height = $height + 50; + echo '
'; + foreach ($temp as $v) { + echo $v; } + echo '
'; } + + private function __doConvert($pivot, $currentEvent, $activeText=false) + { + $data = null; + $info = h($pivot['info']); + $text = $pivot['id'] . ': ' . $info; + $active = ''; + + // Colour the text white if it is a highlighted pivot element + $pivotType = 'pivotText'; + $pivotSpanType = ''; + if ($activeText) { + $pivotType = 'pivotTextBlue'; + $pivotSpanType = 'pivotSpanBlue'; + } + + $data[] = ''; + if ($pivot['deletable']) { + $data[] = ''; + } + $data[] = '' . $text . ''; + $data[] = ''; + if (!empty($pivot['children'])) { + foreach ($pivot['children'] as $k => $v) { + $extra = ''; + if ($v['id'] == $currentEvent) { + $active = ' activePivot'; + } + if ($k > 0) { + $pixelDifference = $pivot['children'][$k]['height'] - $pivot['children'][$k-1]['height']; + $lineDifference = $pixelDifference / 50; + $extra = ' distance' . $lineDifference; + } + $data[] = '
'; + if ($active != '') $temp = $this->__doConvert($v, $currentEvent, true); + else $temp = $this->__doConvert($v, $currentEvent); + $data = array_merge($data, $temp); + $data[] = '
'; + $active = ''; + } + } + return $data; + } + + private function __findMaxHeight(array $pivot) + { + $height = $pivot['height']; + $heightToAdd = 0; + foreach ($pivot['children'] as $v) { + $temp = $this->__findMaxHeight($v); + if ($temp > $heightToAdd) $heightToAdd = $temp; + } + return $height + $heightToAdd; + } +} diff --git a/app/webroot/css/tree.css b/app/webroot/css/tree.css index e87560ba2..03c7cfc44 100644 --- a/app/webroot/css/tree.css +++ b/app/webroot/css/tree.css @@ -1,6 +1,7 @@ .tree { width: 100%; position: relative; + white-space: nowrap; } .tree div:not(:nth-of-type(1))::before { @@ -8,8 +9,8 @@ position: absolute; left: -15px; border-bottom: 1px solid #ccc; - border-top: 0px solid #ccc; - border-right: 0px solid #ccc; + border-top: 0 solid #ccc; + border-right: 0 solid #ccc; border-left: 1px solid #ccc; width: 15px; } @@ -49,10 +50,10 @@ height: 350px; } - .distance8::before { +.distance8::before { top: -385px; height: 400px; - } +} .distance9::before { top: -435px; @@ -66,15 +67,15 @@ .tree div:last-of-type::before { border-bottom-left-radius: 7px; - -webkit-bottom-left-border-radius: 7px; - -moz-border-bottom-left-radius: 7px; } .tree div:first-of-type::before { content: ''; - position: absolute; top: 15px; left: -34px; + position: absolute; + top: 15px; left: -34px; border-top: 1px solid #ccc; - width: 35px; height: 20px; + width: 35px; + height: 20px; } .firstPivot::before { @@ -82,31 +83,27 @@ } .firstPivot { - left:0px; - top:0px; + left: 0; + top: 0; } -.tree div span{ +.tree div span { border: 1px solid #ccc; - padding-left:5px; - padding-right:5px; - padding-top:4px; - padding-bottom:2px; - width: 105px; - + padding: 4px 5px 2px; + width: 130px; display: inline-block; border-radius: 7px; - -webkit-border-radius: 7px; - -moz-border-radius: 7px; + overflow: hidden; + text-overflow: ellipsis; } -.tree .pivotElement div{ +.tree .pivotElement div { position: absolute; - left: 150px; + left: 175px; } .pivotDelete { - vertical-align: text-top; + color: black; } .pivotText { @@ -126,6 +123,9 @@ .pivotSpanBlue { background-color: #0088cc; border-radius: 7px; - -webkit-border-radius: 7px; - -moz-border-radius: 7px; + color: white; +} + +.pivotSpanBlue a, .pivotSpanBlue a:hover { + color: white; } From 2e7bd05b94be580f1e8c0d3268dd1e49b47bacb6 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 16:47:17 +0100 Subject: [PATCH 292/437] fix: [UI] Add attribute checkboxes --- app/View/Elements/genericElements/Form/genericForm.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Elements/genericElements/Form/genericForm.ctp b/app/View/Elements/genericElements/Form/genericForm.ctp index 5a112ca53..78031d932 100644 --- a/app/View/Elements/genericElements/Form/genericForm.ctp +++ b/app/View/Elements/genericElements/Form/genericForm.ctp @@ -52,7 +52,7 @@ } $params['class'] = $class; } else { - if (!empty($fieldData['type']) && ($fieldData['type'] !== 'checkbox' || $fieldData['type'] !== 'radio')) { + if (!empty($fieldData['type']) && ($fieldData['type'] !== 'checkbox' && $fieldData['type'] !== 'radio')) { $params['class'] = 'span6'; } } From 27e58bbb2dae6c0cc5853ba9110b56181a02044d Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 13 Jan 2021 23:15:04 +0100 Subject: [PATCH 293/437] chg: [sync] Do not decode body if is empty --- app/Lib/Tools/HttpSocketExtended.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/Lib/Tools/HttpSocketExtended.php b/app/Lib/Tools/HttpSocketExtended.php index 2147ea8a8..30ab5d2c2 100644 --- a/app/Lib/Tools/HttpSocketExtended.php +++ b/app/Lib/Tools/HttpSocketExtended.php @@ -32,6 +32,10 @@ class HttpSocketResponseExtended extends HttpSocketResponse { parent::parseResponse($message); + if ($this->body === '') { + return; // skip decoding body if is empty + } + $contentEncoding = $this->getHeader('Content-Encoding'); if ($contentEncoding === 'gzip' && function_exists('gzdecode')) { $this->body = gzdecode($this->body); From 921583f24da7548393178713e8be123b15a22885 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 18:29:26 +0100 Subject: [PATCH 294/437] chg: [sync] Code cleanup --- app/Model/AppModel.php | 6 +++--- app/Model/Event.php | 6 ++---- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 3348e9ecc..59e72a86c 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -2719,26 +2719,26 @@ class AppModel extends Model /** * @param array $server + * @param string $model * @return array[] * @throws JsonException */ protected function setupSyncRequest(array $server, $model = 'Server') { $version = implode('.', $this->checkMISPVersion()); + $commit = $this->checkMIPSCommit(); $request = array( 'header' => array( 'Authorization' => $server[$model]['authkey'], 'Accept' => 'application/json', 'Content-Type' => 'application/json', 'MISP-version' => $version, + 'User-Agent' => 'MISP ' . $version . (empty($commit) ? '' : ' - #' . $commit), ) ); - - $commit = $this->checkMIPSCommit(); if ($commit) { $request['header']['commit'] = $commit; } - $request['header']['User-Agent'] = 'MISP ' . $version . (empty($commit) ? '' : ' - #' . $commit); return $request; } diff --git a/app/Model/Event.php b/app/Model/Event.php index 9901a429d..acfe52b35 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -4467,13 +4467,11 @@ class Event extends AppModel $elevatedUser = array( 'Role' => array( 'perm_site_admin' => 1, - 'perm_sync' => 1 + 'perm_sync' => 1, + 'perm_audit' => 0, ), 'org_id' => $eventOrgcId['Event']['orgc_id'] ); - $elevatedUser['Role']['perm_site_admin'] = 1; - $elevatedUser['Role']['perm_sync'] = 1; - $elevatedUser['Role']['perm_audit'] = 0; $event = $this->fetchEvent($elevatedUser, array('eventid' => $id, 'metadata' => 1)); if (empty($event)) { return true; From 5113ae34c7af41cc4182a2b80b02166dcb427edd Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 18:46:57 +0100 Subject: [PATCH 295/437] fix: [internal] Warning when object has no attributes --- app/Model/Event.php | 12 +++++++----- app/Model/Server.php | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index ed9fbcead..735475829 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -7340,7 +7340,7 @@ class Event extends AppModel /** * extractAllTagNames Returns all tag names attached to any elements in an event * - * @param mixed $event + * @param array $event * @return array All tag names in the event */ public function extractAllTagNames(array $event) @@ -7370,10 +7370,12 @@ class Event extends AppModel } if (!empty($event['Object'])) { foreach ($event['Object'] as $object) { - foreach ($object['Attribute'] as $attribute) { - foreach ($attribute['AttributeTag'] as $attributeTag) { - $tagName = $attributeTag['Tag']['name']; - $tags[$tagName] = $tagName; + if (!empty($object['Attribute'])) { + foreach ($object['Attribute'] as $attribute) { + foreach ($attribute['AttributeTag'] as $attributeTag) { + $tagName = $attributeTag['Tag']['name']; + $tags[$tagName] = $tagName; + } } } } diff --git a/app/Model/Server.php b/app/Model/Server.php index 1b05ef2b1..91014add8 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -1125,7 +1125,7 @@ class Server extends AppModel * @param array $server * @param array $user * @param string|int $technique Either the 'full' string or the event id - * @param bool $event + * @param array|bool $event * @return array List of successfully pushed clusters */ public function syncGalaxyClusters($HttpSocket, array $server, array $user, $technique='full', $event=false) From a43a62577a41c82492349366ff4ff2dc7a137b80 Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Thu, 4 Mar 2021 20:10:14 +0000 Subject: [PATCH 296/437] chg: [restClient:querybuilder] fix remove tag from object template --- app/Controller/Component/RestResponseComponent.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/app/Controller/Component/RestResponseComponent.php b/app/Controller/Component/RestResponseComponent.php index b971b28d7..c7eb9a167 100644 --- a/app/Controller/Component/RestResponseComponent.php +++ b/app/Controller/Component/RestResponseComponent.php @@ -270,10 +270,9 @@ class RestResponseComponent extends Component 'optional' => array('name', 'colour', 'exportable', 'hide_tag', 'org_id', 'user_id'), 'params' => array('tag_id') ), - 'removeTag' => array( - 'description' => "POST a request object in JSON format to this API to create detach a tag from an event. #FIXME Function does not exists", - 'mandatory' => array('event', 'tag'), - 'params' => array('tag_id') + 'removeTagFromObject' => array( + 'description' => "Untag an event or attribute. Tag can be the id or the name.", + 'mandatory' => array('uuid', 'tag') ), 'attachTagToObject' => array( 'description' => "Attach a Tag to an object, refenced by an UUID. Tag can either be a tag id or a tag name.", From 5d2ae28a585064f30582a31d6adf76f8b46f6354 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Thu, 4 Mar 2021 21:33:33 +0100 Subject: [PATCH 297/437] fix: [UI] Module diagnostics view --- .../Elements/healthElements/diagnostics.ctp | 31 ++++++++----------- 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/app/View/Elements/healthElements/diagnostics.ctp b/app/View/Elements/healthElements/diagnostics.ctp index 54851af8e..79078a7f5 100644 --- a/app/View/Elements/healthElements/diagnostics.ctp +++ b/app/View/Elements/healthElements/diagnostics.ctp @@ -293,7 +293,7 @@ :
: B
: B
- : B
+ :
: B Redis is not available. @@ -435,23 +435,18 @@

- - ' . $message . ''; - ?> - ' . $message . '
'; + } ?>
From f723a313f7dfdbca10e606d9049fb417ee601c61 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 5 Mar 2021 00:33:15 +0100 Subject: [PATCH 298/437] fix: [UI] fix broken checkbox layout in generic Form builder forms --- app/View/Elements/genericElements/Form/genericForm.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Elements/genericElements/Form/genericForm.ctp b/app/View/Elements/genericElements/Form/genericForm.ctp index 5a112ca53..78031d932 100644 --- a/app/View/Elements/genericElements/Form/genericForm.ctp +++ b/app/View/Elements/genericElements/Form/genericForm.ctp @@ -52,7 +52,7 @@ } $params['class'] = $class; } else { - if (!empty($fieldData['type']) && ($fieldData['type'] !== 'checkbox' || $fieldData['type'] !== 'radio')) { + if (!empty($fieldData['type']) && ($fieldData['type'] !== 'checkbox' && $fieldData['type'] !== 'radio')) { $params['class'] = 'span6'; } } From 29518586c510fe5073ee921b2000e9a1c3d80972 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 5 Mar 2021 00:33:15 +0100 Subject: [PATCH 299/437] fix: [UI] fix broken checkbox layout in generic Form builder forms --- app/View/Elements/genericElements/Form/genericForm.ctp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/View/Elements/genericElements/Form/genericForm.ctp b/app/View/Elements/genericElements/Form/genericForm.ctp index 5a112ca53..78031d932 100644 --- a/app/View/Elements/genericElements/Form/genericForm.ctp +++ b/app/View/Elements/genericElements/Form/genericForm.ctp @@ -52,7 +52,7 @@ } $params['class'] = $class; } else { - if (!empty($fieldData['type']) && ($fieldData['type'] !== 'checkbox' || $fieldData['type'] !== 'radio')) { + if (!empty($fieldData['type']) && ($fieldData['type'] !== 'checkbox' && $fieldData['type'] !== 'radio')) { $params['class'] = 'span6'; } } From 6c89e0219c388122d86abb47771059bc2baa6840 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 5 Mar 2021 01:00:41 +0100 Subject: [PATCH 300/437] fix: [UI] event matrix heatmap view correctly flattens the event - object attributes were excluded --- app/Model/AttributeTag.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/app/Model/AttributeTag.php b/app/Model/AttributeTag.php index 9894d7844..e80a763d3 100644 --- a/app/Model/AttributeTag.php +++ b/app/Model/AttributeTag.php @@ -88,7 +88,7 @@ class AttributeTag extends AppModel { $this->delete($id); } - + /** * handleAttributeTags * @@ -248,9 +248,12 @@ class AttributeTag extends AppModel } } else { $allowed_tag_lookup_table = array_flip($allowedTags); - $attributes = $this->Attribute->fetchAttributes($user, array('conditions' => array( - 'Attribute.event_id' => $eventId - ))); + $attributes = $this->Attribute->fetchAttributes($user, array( + 'conditions' => array( + 'Attribute.event_id' => $eventId + ), + 'flatten' => 1 + )); $scores = array('scores' => array(), 'maxScore' => 0); foreach ($attributes as $attribute) { foreach ($attribute['AttributeTag'] as $tag) { From 128587350d8d696f11f828968f48d3be27f8f21e Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 5 Mar 2021 01:00:41 +0100 Subject: [PATCH 301/437] fix: [UI] event matrix heatmap view correctly flattens the event - object attributes were excluded --- app/Model/AttributeTag.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/app/Model/AttributeTag.php b/app/Model/AttributeTag.php index 9894d7844..e80a763d3 100644 --- a/app/Model/AttributeTag.php +++ b/app/Model/AttributeTag.php @@ -88,7 +88,7 @@ class AttributeTag extends AppModel { $this->delete($id); } - + /** * handleAttributeTags * @@ -248,9 +248,12 @@ class AttributeTag extends AppModel } } else { $allowed_tag_lookup_table = array_flip($allowedTags); - $attributes = $this->Attribute->fetchAttributes($user, array('conditions' => array( - 'Attribute.event_id' => $eventId - ))); + $attributes = $this->Attribute->fetchAttributes($user, array( + 'conditions' => array( + 'Attribute.event_id' => $eventId + ), + 'flatten' => 1 + )); $scores = array('scores' => array(), 'maxScore' => 0); foreach ($attributes as $attribute) { foreach ($attribute['AttributeTag'] as $tag) { From cc9b50fb8e414ac214608142f06fea3d6a7aa80c Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 5 Mar 2021 10:13:16 +0100 Subject: [PATCH 302/437] fix: [sync] Warning when sync object without attributes --- app/Model/Event.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index 78c39e09f..08395868a 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3533,11 +3533,13 @@ class Event extends AppModel continue; } } - foreach ($o['Attribute'] as $k2 => $a) { - if (isset($a['distribution']) && $a['distribution'] == 4) { - $data['Event']['Object'][$k]['Attribute'][$k2] = $this->captureSGForElement($a, $user, $server); - if ($data['Event']['Object'][$k]['Attribute'][$k2] === false) { - unset($data['Event']['Object'][$k]['Attribute'][$k2]); + if (!empty($o['Attribute'])) { + foreach ($o['Attribute'] as $k2 => $a) { + if (isset($a['distribution']) && $a['distribution'] == 4) { + $data['Event']['Object'][$k]['Attribute'][$k2] = $this->captureSGForElement($a, $user, $server); + if ($data['Event']['Object'][$k]['Attribute'][$k2] === false) { + unset($data['Event']['Object'][$k]['Attribute'][$k2]); + } } } } From fe1034b461d763de3335316d68cac2464177a748 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 5 Mar 2021 11:56:32 +0100 Subject: [PATCH 303/437] fix: [Freetext import] handle end of sentence periods and brackets better, fixes #7163 --- app/Lib/Tools/ComplexTypeTool.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/Lib/Tools/ComplexTypeTool.php b/app/Lib/Tools/ComplexTypeTool.php index 71569b10c..8d6cb01be 100644 --- a/app/Lib/Tools/ComplexTypeTool.php +++ b/app/Lib/Tools/ComplexTypeTool.php @@ -217,6 +217,10 @@ class ComplexTypeTool $iocArray = array_merge($iocArray, $this->__returnOddElements($quotedText)); $resultArray = array(); foreach ($iocArray as $ioc) { + // remove trailing . + $ioc = rtrim($ioc, '.'); + // remove brackets if enclosed + $ioc = trim($ioc, '()'); $ioc = str_replace("\xc2\xa0", '', $ioc); // remove non breaking space $ioc = trim($ioc, $charactersToTrim); $ioc = preg_replace('/\p{C}+/u', '', $ioc); From 4a4722a30c24a556e382581c2ce8df432a5bae33 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 5 Mar 2021 12:20:39 +0100 Subject: [PATCH 304/437] chg: [security audit] removed sharing group recommendation and fixed grammar - the hide sharing group org setting is actively harmful, we should definitely not promote it --- app/Lib/Tools/SecurityAudit.php | 60 +++++++++++++++++++-------------- 1 file changed, 35 insertions(+), 25 deletions(-) diff --git a/app/Lib/Tools/SecurityAudit.php b/app/Lib/Tools/SecurityAudit.php index 1d87b221b..6a32a32c5 100644 --- a/app/Lib/Tools/SecurityAudit.php +++ b/app/Lib/Tools/SecurityAudit.php @@ -40,7 +40,7 @@ class SecurityAudit $passwordPolicyLength = Configure::read('Security.password_policy_length') ?: $server->serverSettings['Security']['password_policy_length']['value']; if ($passwordPolicyLength < 8) { - $output['Password'][] = ['error', __('Minimum password length is set to %s, that too short.', $passwordPolicyLength)]; + $output['Password'][] = ['error', __('Minimum password length is set to %s, it is highly advised to increase it.', $passwordPolicyLength)]; } elseif ($passwordPolicyLength < 12) { $output['Password'][] = ['warning', __('Minimum password length is set to %s, consider raising to at least 12 characters.', $passwordPolicyLength)]; } @@ -54,20 +54,20 @@ class SecurityAudit if (!empty(Configure::read('Security.auth')) && !Configure::read('Security.auth_enforced')) { $output['Login'][] = [ 'hint', - __('External authentication is enabled, but local accounts will still work. You can disable logging with local accounts by setting `Security.auth_enforced` to `true`.'), + __('External authentication is enabled, but local accounts will still work. You can disable the ability to log in via local accounts by setting `Security.auth_enforced` to `true`.'), ]; } if (empty(Configure::read('Security.disable_browser_cache'))) { $output['Browser'][] = [ 'warning', - __('Browser cache is enabled. Attacker can obtain sensitive data from user cache. You can disable cache by setting `Security.disable_browser_cache` to `true`.'), + __('Browser cache is enabled. An attacker could obtain sensitive data from the user cache. You can disable the cache by setting `Security.disable_browser_cache` to `true`.'), ]; } if (empty(Configure::read('Security.check_sec_fetch_site_header'))) { $output['Browser'][] = [ 'warning', - __('MISP server is not checking `Sec-Fetch` HTTP headers. This is protection against CSRF for moder browsers. You can enable this checks by setting `Security.check_sec_fetch_site_header` to `true`.'), + __('The MISP server is not checking `Sec-Fetch` HTTP headers. This is a protection mechanism against CSRF used by modern browsers. You can enable this check by setting `Security.check_sec_fetch_site_header` to `true`.'), ]; } if (empty(Configure::read('Security.csp_enforce'))) { @@ -77,50 +77,57 @@ class SecurityAudit 'https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP', ]; } - if (Configure::read('Security.disable_form_security')) { - $output['Browser'][] = ['error', __('Disabling form security is never a good idea.')]; + if (!env('HTTPS') && strpos(Configure::read('MISP.baseurl'), 'https://') === 0) { + $output['Browser'][] = [ + 'error', + __('MISP base URL is set to https://, but MISP thinks that the connection is insecure. This usually happens when a server is running behind a reverse proxy. By setting `Security.force_https` to `true`, session cookies will be set as Secure and CSP headers will upgrade insecure requests.'), + ]; + } + $sessionConfig = Configure::read('Session'); + if (isset($sessionConfig['ini']['session.cookie_secure']) && !$sessionConfig['ini']['session.cookie_secure']) { + $output['Browser'][] = ['error', __('Setting session cookies as not secure is never a good idea.')]; } if (empty(Configure::read('Security.advanced_authkeys'))) { - $output['Auth Key'][] = ['warning', __('Consider enabling Advanced Auth Keys, that provides higher security.')]; + $output['Auth Key'][] = ['warning', __('Consider enabling Advanced Auth Keys, they provide increased security by only storing the API key hashes.')]; } if (Configure::read('Security.allow_unsafe_apikey_named_param')) { - $output['Auth Key'][] = ['error', __('It is possible to pass API key in URL, so the key can be logged by proxies.')]; + $output['Auth Key'][] = ['error', __('It is possible to pass API keys via the URL, meaning that the keys can be logged by proxies.')]; } if (empty(Configure::read('Security.do_not_log_authkeys'))) { - $output['Auth Key'][] = ['warning', __('Auth Key logging is not disabled. Auth Keys in cleartext can be visible in Audit log.')]; + $output['Auth Key'][] = ['warning', __('Auth Key logging is not disabled. Auth Keys in cleartext can be visible in the Audit log.')]; } $salt = Configure::read('Security.salt'); if (empty($salt)) { $output['Security salt'][] = ['error', __('Salt is not set.')]; } else if (strlen($salt) < 32) { - $output['Security salt'][] = ['warning', __('Salt is too short, should contains at least 32 characters.')]; + $output['Security salt'][] = ['warning', __('Salt is too short, should contain at least 32 characters.')]; } else if ($salt === "Rooraenietu8Eeyoemail($output); + /* + * These settings are dangerous and break both the transparency and potential introduce sync issues if (!Configure::read('Security.hide_organisation_index_from_users')) { $output['MISP'][] = [ 'hint', @@ -177,6 +186,7 @@ class SecurityAudit __('Any user can see list of all organisations in sharing group that user can see. You can disable that by setting `Security.hide_organisations_in_sharing_groups` to `true`. %s', $server->serverSettings['Security']['hide_organisations_in_sharing_groups']['description']), ]; } + */ $this->feeds($output); $this->remoteServers($output); @@ -197,19 +207,19 @@ class SecurityAudit } else if (version_compare(PHP_VERSION, '7.4.0', '<')) { $output['PHP'][] = [ 'hint', - __('PHP version 7.3 will be not supported after 6 Dec 2021. Event after that date can be still supported by your distribution.'), + __('PHP version 7.3 will not be supported after 6 Dec 2021. Even beyond that date, it can be still supported by your distribution.'), 'https://www.php.net/supported-versions.php' ]; } if (ini_get('session.use_strict_mode') != 1) { $output['PHP'][] = [ 'warning', - __('Session strict mode is disable.'), + __('Session strict mode is disabled.'), 'https://www.php.net/manual/en/session.configuration.php#ini.session.use-strict-mode', ]; } if (empty(ini_get('session.cookie_httponly'))) { - $output['PHP'][] = ['error', __('Session cookie is not set as HTTP only. Session cookie can be access from JavaScript.')]; + $output['PHP'][] = ['error', __('Session cookie is not set as HTTP only. Session cookie can be accessed from JavaScript.')]; } if (!in_array(strtolower(ini_get('session.cookie_samesite')), ['strict', 'lax'])) { $output['PHP'][] = [ @@ -325,14 +335,14 @@ class SecurityAudit if (!Configure::read('GnuPG.bodyonlyencrypted')) { $output['Email'][] = [ 'hint', - __('Full email body with all event information will be send even without encryption.') + __('Full email body with all event information will be sent, even without encryption.') ]; } if ($canSignPgp && !Configure::read('GnuPG.obscure_subject')) { $output['Email'][] = [ 'hint', - __('Even for encrypted emails, email subject will be send unencrypted. You can change that behaviour by setting `GnuPG.obscure_subject` to `true`.'), + __('Even for encrypted emails, the email subject will be sent unencrypted. You can change that behaviour by setting `GnuPG.obscure_subject` to `true`.'), ]; } @@ -357,7 +367,7 @@ class SecurityAudit if ($diffDays > 300) { $output['System'][] = [ 'warning', - __('Kernel build time is since %s days ago. This usually means that the system kernel is not updated.', $diffDays), + __('Kernel build time was s days ago. This usually means that the system kernel is not updated.', $diffDays), ]; } } @@ -394,7 +404,7 @@ class SecurityAudit } else if (version_compare($parts[1], '3.7', '<')) { $output['System'][] = [ 'hint', - __('You are using Python %s. This version will be not supported after 23 Dec 2021, but it can be still supported by your distribution.', $parts[1]), + __('You are using Python %s. This version will not be supported beyond 23 Dec 2021, but it can be that it is still supported by your distribution.', $parts[1]), 'https://endoflife.date/python', ]; } @@ -406,7 +416,7 @@ class SecurityAudit if (in_array($ubuntuVersion, ['14.04', '19.10'])) { $output['System'][] = [ 'warning', - __('You are using Ubuntu %s. This version doesn\'t have security support anymore.', $ubuntuVersion), + __('You are using Ubuntu %s. This version doesn\'t receive security support anymore.', $ubuntuVersion), 'https://endoflife.date/ubuntu', ]; } else if (in_array($ubuntuVersion, ['16.04'])) { @@ -490,7 +500,7 @@ class SecurityAudit $command = implode(' ', $command); $process = proc_open($command, $descriptorspec, $pipes); if (!$process) { - throw new Exception("Command '$command' could be started."); + throw new Exception("Command '$command' could not be started."); } $stdout = stream_get_contents($pipes[1]); From 91b82178a5455aa1d4c1aff3621ea6b81c0388d6 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 5 Mar 2021 16:16:27 +0100 Subject: [PATCH 305/437] fix: [SG] allow saving sharing groups with empty releasabiltiy tags, fixes #7165 --- app/Model/SharingGroup.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Model/SharingGroup.php b/app/Model/SharingGroup.php index e150bf197..057a49f71 100644 --- a/app/Model/SharingGroup.php +++ b/app/Model/SharingGroup.php @@ -713,12 +713,12 @@ class SharingGroup extends AppModel $this->create(); $newSG = array(); $date = date('Y-m-d H:i:s'); - if (empty($sg['name']) || empty($sg['releasability'])) { + if (empty($sg['name'])) { return false; } $newSG = [ 'name' => $sg['name'], - 'releasability' => $sg['releasability'], + 'releasability' => !isset($sg['releasability']) ? '' : $sg['releasability'], 'description' => !isset($sg['description']) ? '' : $sg['description'], 'uuid' => !isset($sg['uuid']) ? CakeText::uuid() : $sg['uuid'], 'organisation_uuid' => !isset($sg['organisation_uuid']) ? $user['Organisation']['uuid'] : $sg['organisation_uuid'], From 9e50fe8617c05bee0314464d43870aaa620471f8 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 5 Mar 2021 18:54:50 +0100 Subject: [PATCH 306/437] chg: [UI] Make some parts of MISP nicer --- app/webroot/css/main.css | 11 +++++++++-- app/webroot/css/markdownEditor/markdownEditor.css | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/app/webroot/css/main.css b/app/webroot/css/main.css index 7a260d31b..0f9a9e76e 100644 --- a/app/webroot/css/main.css +++ b/app/webroot/css/main.css @@ -47,9 +47,16 @@ h3{ font-size: 18px; line-height: 20px; } -pre { - font-size: 11px; +code { + padding: 0; + border: 0; + background: transparent; + font-size: .875em; +} + +pre { + font-size: 12px; } .ellipsis-overflow { diff --git a/app/webroot/css/markdownEditor/markdownEditor.css b/app/webroot/css/markdownEditor/markdownEditor.css index b1fa60391..e58a0e753 100644 --- a/app/webroot/css/markdownEditor/markdownEditor.css +++ b/app/webroot/css/markdownEditor/markdownEditor.css @@ -58,7 +58,7 @@ #viewer-container { margin: 0 0; justify-content: center; - padding: 7px 15px; + padding: 10px 15px; overflow-y: auto; box-shadow: inset 0 2px 6px #eee; } From d52db986212872308379f85838ffa526da49aae6 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 5 Mar 2021 18:55:31 +0100 Subject: [PATCH 307/437] chg: [UI] It is 2021! Removed -moz and -webkit specific CSS properties --- app/webroot/css/main.css | 103 ++++++--------------------------------- 1 file changed, 14 insertions(+), 89 deletions(-) diff --git a/app/webroot/css/main.css b/app/webroot/css/main.css index 0f9a9e76e..f5a9680f0 100644 --- a/app/webroot/css/main.css +++ b/app/webroot/css/main.css @@ -39,11 +39,11 @@ form button.btn[disabled] { float:none; }*/ -h2{ +h2 { font-size: 25px; clear:both; } -h3{ +h3 { font-size: 18px; line-height: 20px; } @@ -75,9 +75,7 @@ pre { .navbar-lab .navbar-inner{ background: #FF9900; - -webkit-border-radius: 0px !important; - -moz-border-radius: 0px !important; - border-radius: 0px !important; + border-radius: 0 !important; } .navbar-lab .nav > li > a{ @@ -85,8 +83,6 @@ pre { } .navbar-inner{ - -webkit-border-radius: 0px !important; - -moz-border-radius: 0px !important; border-radius: 0px !important; } @@ -604,8 +600,6 @@ dd { height: 100%; position: absolute; padding: 0; - -webkit-border-radius: 10px; - -moz-border-radius: 10px; border-radius: 10px; background: rgba(0,0,0,0.25); box-shadow: 0 2px 6px rgba(0,0,0,0.5), inset 0 1px rgba(255,255,255,0.3), inset 0 10px rgba(255,255,255,0.1), inset 0 10px 20px rgba(255,255,255,0.3), inset 0 -15px 30px rgba(0,0,0,0.3); @@ -686,10 +680,8 @@ dd { .quote { margin: 0 10px; margin-bottom: 10px; - -moz-border-radius: 0px; - -webkit-border-radius: 0px; background: #f2f6f8 none; - border-radius: 0px; + border-radius: 0; border: 1px solid #417394; position: relative; top: 0; @@ -698,7 +690,6 @@ dd { .loading { display: none; - text-color: #0088cc; position: fixed; top: 50%; left: 50%; @@ -713,27 +704,17 @@ dd { left: 13px; } .toggle { - border-radius: 0px !important; - -webkit-border-radius: 0px !important; - -moz-border-radius: 0px !important; + border-radius: 0 !important; } .toggle-left { - border-bottom-right-radius: 0px !important; - -webkit-bottom-right-radius: 0px !important; - -moz-border-bottom-right-radius: 0px !important; - border-top-right-radius: 0px !important; - -webkit-top-right-radius: 0px !important; - -moz-border-top-right-radius: 0px !important; + border-bottom-right-radius: 0 !important; + border-top-right-radius: 0 !important; } .toggle-right { - border-bottom-left-radius: 0px !important; - -webkit-bottom-left-radius: 0px !important; - -moz-border-bottom-left-radius: 0px !important; - border-top-left-radius: 0px !important; - -webkit-top-left-radius: 0px !important; - -moz-border-top-left-radius: 0px !important; + border-bottom-left-radius: 0 !important; + border-top-left-radius: 0 !important; } .spinner { @@ -741,9 +722,6 @@ dd { width:60px; margin:0 auto; position:relative; - -webkit-animation: rotation .6s infinite linear; - -moz-animation: rotation .6s infinite linear; - -o-animation: rotation .6s infinite linear; animation: rotation .6s infinite linear; border:6px solid rgba(0,174,239,.15); border-radius:100%; @@ -807,20 +785,12 @@ a.proposal_link_red:hover { } .tag:first-child { - -webkit-border-top-left-radius: 3px; - -moz-border-top-left-radius: 3px; border-top-left-radius: 3px; - -webkit-border-bottom-left-radius: 3px; - -moz-border-bottom-left-radius: 3px; border-bottom-left-radius: 3px; } .tag:last-child { - -webkit-border-top-right-radius: 3px; - -moz-border-top-right-radius: 3px; border-top-right-radius: 3px; - -webkit-border-bottom-right-radius: 3px; - -moz-border-bottom-right-radius: 3px; border-bottom-right-radius: 3px; margin-right:2px; } @@ -844,11 +814,7 @@ a.proposal_link_red:hover { font-size: 12px; font-weight: bold; line-height: 14px; - -webkit-border-top-left-radius: 3px; - -moz-border-top-left-radius: 3px; border-top-left-radius: 3px; - -webkit-border-bottom-left-radius: 3px; - -moz-border-bottom-left-radius: 3px; border-bottom-left-radius: 3px; box-shadow: 3px 3px 3px #888888; } @@ -859,11 +825,7 @@ a.proposal_link_red:hover { font-size: 12px; font-weight: bold; line-height: 14px; - -webkit-border-top-right-radius: 3px; - -moz-border-top-right-radius: 3px; border-top-right-radius: 3px; - -webkit-border-bottom-right-radius: 3px; - -moz-border-bottom-right-radius: 3px; border-bottom-right-radius: 3px; box-shadow: 3px 3px 3px #888888; background-color:black; @@ -876,8 +838,6 @@ a.proposal_link_red:hover { font-size: 12px; font-weight: bold; line-height: 14px; - -webkit-border-radius: 3px; - -moz-border-radius: 3px; border-radius: 3px; box-shadow: 3px 3px 3px #888888; } @@ -1251,8 +1211,6 @@ li .generic-picker-item-element-check { padding-left:10px; padding-right:10px; border-radius: 6px; - -webkit-border-radius: 6px; - -moz-border-radius: 6px; box-shadow: 2px 2px 2px #888888; } @@ -1557,11 +1515,9 @@ span.success { .attributehistogramBar { overflow: hidden; height:13px; - -webkit-border-radius: 2px; - -moz-border-radius: 2px; border-radius: 2px; box-shadow: 2px 2px 2px #888888; - margin-left:0px; + margin-left:0; } .attributehistogram-left-table { @@ -1587,8 +1543,6 @@ span.success { display:inline-block; width:10px; height:10px; - -webkit-border-radius: 2px; - -moz-border-radius: 2px; border-radius: 2px; box-shadow: 1px 1px 1px #888888; } @@ -1634,10 +1588,7 @@ span.success { margin: 0 0 15px 0; background-color: #FFFFFF; padding:0px !important; - padding-right:0px !important; border: 1px solid black !important; - -webkit-radius: 8px; - -moz-border-radius: 8px; border-radius: 8px; } @@ -1726,9 +1677,7 @@ span.success { color:white; font-weight:bold; height:25px; - -moz-border-radius: 0px; - -webkit-border-radius: 7px 7px 0px 0px; - border-radius: 7px 7px 0px 0px; + border-radius: 7px 7px 0 0; } .templateElementHeaderText { @@ -1742,9 +1691,7 @@ span.success { height: 100%; position: absolute; padding: 0; - -webkit-border-radius: 7px 7px 0px 0px; - -moz-border-radius: 7px 7px 0px 0px; - border-radius: 7px 7px 0px 0px; + border-radius: 7px 7px 0 0; background: rgba(0,0,0,0.1.25); box-shadow: 0 2px 6px rgba(0,0,0,0.5), inset 0 1px rgba(255,255,255,0.3), @@ -1761,10 +1708,8 @@ span.success { height:40px; line-height:40px; background-color: #FFFFFF; - padding:0px !important; + padding:0 !important; border: 1px dashed black !important; - -webkit-radius: 8px; - -moz-border-radius: 8px; border-radius: 8px; text-align:center; vertical-align:middle; @@ -2102,21 +2047,12 @@ a.discrete { .progress-queued .bar, .progress .bar-queued { background-color: #A0A0A0; - background-image: -moz-linear-gradient(top, #dbdbdb, #bfbfbf); - background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#dbdbdb), to(#bfbfbf)); - background-image: -webkit-linear-gradient(top, #dbdbdb, #bfbfbf); - background-image: -o-linear-gradient(top, #dbdbdb, #bfbfbf); background-image: linear-gradient(to bottom, #dbdbdb, #bfbfbf); background-repeat: repeat-x; - filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdbdbdb', endColorstr='#ffbfbfbf', GradientType=0); } .progress-queued.progress-striped .bar, .progress-striped .bar-warning { background-color: #A0A0A0; - background-image: -webkit-gradient(linear, 0 100%, 100% 0, color-stop(0.25, rgba(255, 255, 255, 0.15)), color-stop(0.25, transparent), color-stop(0.5, transparent), color-stop(0.5, rgba(255, 255, 255, 0.15)), color-stop(0.75, rgba(255, 255, 255, 0.15)), color-stop(0.75, transparent), to(transparent)); - background-image: -webkit-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); - background-image: -moz-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); - background-image: -o-linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); } @@ -2421,18 +2357,6 @@ table tr:hover .down-expand-button { padding-left:0px !important; } -@-webkit-keyframes rotation { - from {-webkit-transform: rotate(0deg);} - to {-webkit-transform: rotate(359deg);} -} -@-moz-keyframes rotation { - from {-moz-transform: rotate(0deg);} - to {-moz-transform: rotate(359deg);} -} -@-o-keyframes rotation { - from {-o-transform: rotate(0deg);} - to {-o-transform: rotate(359deg);} -} @keyframes rotation { from { transform: rotate(0deg); @@ -2761,3 +2685,4 @@ Query builder .query-builder .rule-value-container label input { margin-top: 0; } + From 42f74e7175b712a716ff46987ae11ca2a159572d Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 5 Mar 2021 20:04:23 +0100 Subject: [PATCH 308/437] new: [shortcuts] Show help when pressing ? key --- app/View/Elements/footer.ctp | 4 ++-- .../js/keyboard-shortcuts-definition.js | 16 ++++++++++------ app/webroot/js/keyboard-shortcuts.js | 19 ++++++++++--------- 3 files changed, 22 insertions(+), 17 deletions(-) diff --git a/app/View/Elements/footer.ctp b/app/View/Elements/footer.ctp index dacd6c010..a23c721c0 100644 --- a/app/View/Elements/footer.ctp +++ b/app/View/Elements/footer.ctp @@ -1,8 +1,8 @@
-
+
- :
+ :
diff --git a/app/webroot/js/keyboard-shortcuts-definition.js b/app/webroot/js/keyboard-shortcuts-definition.js index bd6acbe3f..ad60c185c 100644 --- a/app/webroot/js/keyboard-shortcuts-definition.js +++ b/app/webroot/js/keyboard-shortcuts-definition.js @@ -1,4 +1,4 @@ -function getShortcutsDefinition() { +function getShortcutsDefinition(controller, action) { var shortcuts = [ { "key": "l", @@ -13,11 +13,17 @@ function getShortcutsDefinition() { "action": function () { document.location.href = baseurl + '/events/add'; } + }, + { + "key": "?", + "description": "Show this help", + "action": function () { + $('#triangle').click(); + } } ]; - var $body = $(document.body); - if ($body.data('controller') === 'events' && $body.data('action') === 'view') { + if (controller === 'events' && action === 'view') { shortcuts.push({ "key": "t", "description": "Open the tag selection modal", @@ -46,9 +52,7 @@ function getShortcutsDefinition() { $('#quickFilterField').focus(); } }); - } - - if ($body.data('controller') === 'events' && $body.data('action') === 'index') { + } else if (controller === 'events' && action === 'index') { shortcuts.push({ "key": "s", "description": "Focus the filter events bar", diff --git a/app/webroot/js/keyboard-shortcuts.js b/app/webroot/js/keyboard-shortcuts.js index f2432e2a9..dc92cc733 100644 --- a/app/webroot/js/keyboard-shortcuts.js +++ b/app/webroot/js/keyboard-shortcuts.js @@ -21,7 +21,8 @@ let keyboardShortcutsManager = { init() { /* Codacy comment to notify that baseurl is a read-only global variable. */ /* global baseurl */ - this.mapKeyboardShortcuts(getShortcutsDefinition()); + var $body = $(document.body); + this.mapKeyboardShortcuts(getShortcutsDefinition($body.data('controller'), $body.data('action'))); this.setKeyboardListener(); }, @@ -43,7 +44,7 @@ let keyboardShortcutsManager = { */ addShortcutListToHTML() { let html = "
    "; - for(let shortcut of this.shortcutKeys.values()) { + for (let shortcut of this.shortcutKeys.values()) { html += `
  • ${shortcut.key.toUpperCase()}: ${shortcut.description}
    • ` } html += "
" @@ -55,7 +56,7 @@ let keyboardShortcutsManager = { * @param {} config The shortcut JSON list: [{key: string, description: string, action: string(eval-able JS code)}] */ mapKeyboardShortcuts(config) { - for(let shortcut of config) { + for (let shortcut of config) { this.shortcutKeys.set(shortcut.key, shortcut); } this.addShortcutListToHTML(); @@ -68,12 +69,12 @@ let keyboardShortcutsManager = { */ setKeyboardListener() { window.onkeyup = (keyboardEvent) => { - if(this.shortcutKeys.has(keyboardEvent.key)) { + if (this.shortcutKeys.has(keyboardEvent.key)) { let activeElement = document.activeElement.tagName; - if(!this.ESCAPED_TAG_NAMES.includes(activeElement)) { + if (!this.ESCAPED_TAG_NAMES.includes(activeElement)) { this.shortcutKeys.get(keyboardEvent.key).action(); } - } else if(this.NAVIGATION_KEYS.includes(keyboardEvent.key)) { + } else if (this.NAVIGATION_KEYS.includes(keyboardEvent.key)) { window.dispatchEvent(new CustomEvent(this.EVENTS[keyboardEvent.key], {detail: keyboardEvent})); } } @@ -81,8 +82,8 @@ let keyboardShortcutsManager = { } // Inits the keyboard shortcut manager's main routine and the click event on the keyboard shortcut triangle at the bottom of the screen. -$(document).ready(function(){ - keyboardShortcutsManager.init(); - $('#triangle').click(keyboardShortcutsManager.onTriangleClick); +$(function(){ + keyboardShortcutsManager.init(); + $('#triangle').click(keyboardShortcutsManager.onTriangleClick); }); From 79e78b817f28137a31ad9ee6ed5c1aba22815f7b Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 5 Feb 2021 10:44:10 +0100 Subject: [PATCH 309/437] new: [mail] Backend support for sending HTML emails --- app/Lib/Tools/SendEmail.php | 91 +++++++++++++++++++++++++++++-------- app/Model/User.php | 11 ++++- 2 files changed, 80 insertions(+), 22 deletions(-) diff --git a/app/Lib/Tools/SendEmail.php b/app/Lib/Tools/SendEmail.php index a8b6e95f9..8a4033920 100644 --- a/app/Lib/Tools/SendEmail.php +++ b/app/Lib/Tools/SendEmail.php @@ -3,6 +3,36 @@ App::uses('CakeEmail', 'Network/Email'); class SendEmailException extends Exception {} +class CakeEmailBody +{ + /** @var string|null */ + public $html; + + /** @var string|null */ + public $text; + + public function __construct($text = null, $html = null) + { + $this->html = $html; + $this->text = $text; + } + + /** + * @return string + */ + public function format() + { + if (!empty($this->html) && !empty($this->text)) { + return 'both'; + } + + if (!empty($this->html)) { + return 'html'; + } + return 'text'; + } +} + /** * Class CakeEmailExtended * @@ -14,7 +44,7 @@ class SendEmailException extends Exception {} class CakeEmailExtended extends CakeEmail { /** - * @var MimeMultipart|MessagePart + * @var MimeMultipart|MessagePart|CakeEmailBody */ private $body; @@ -30,7 +60,7 @@ class CakeEmailExtended extends CakeEmail $headers['Content-Type'] = $this->body->getContentType(); } else if ($this->body instanceof MessagePart) { $headers = array_merge($headers, $this->body->getHeaders()); - } else { + } else if ($this->_emailFormat !== 'both') { // generate correct content-type header for 'text' or 'html' format $headers['Content-Type'] = 'multipart/mixed; boundary="' . $this->boundary() . '"'; } @@ -71,18 +101,40 @@ class CakeEmailExtended extends CakeEmail return $this->body->render(); } else if ($this->body instanceof MessagePart) { return $this->body->render(false); + } else if ($this->body instanceof CakeEmailBody) { + return $this->_render([]); // @see _renderTemplates } - return $this->_render($this->_wrap($this->body)); + throw new InvalidArgumentException("Expected that body is instance of MimeMultipart, MessagePart or CakeEmailBody, " . gettype($this->body) . " given."); } - // This is hack how to force CakeEmail to always generate multipart message. protected function _renderTemplates($content) { + if (!$this->body instanceof CakeEmailBody) { + throw new InvalidArgumentException("Expected instance of CakeEmailBody, " . gettype($this->body) . " given."); + } + $this->_boundary = md5(uniqid()); - $output = parent::_renderTemplates($content); - $output[''] = ''; - return $output; + + $rendered = []; + if (!empty($this->body->text)) { + $rendered['text'] = $this->body->text; + } + if (!empty($this->body->html)) { + $rendered['html'] = $this->body->html; + } + + foreach ($rendered as $type => $content) { + $content = str_replace(array("\r\n", "\r"), "\n", $content); + $content = $this->_encodeString($content, $this->charset); + $content = $this->_wrap($content); + $content = implode("\n", $content); + $rendered[$type] = rtrim($content, "\n"); + } + + // This is hack how to force CakeEmail to always generate multipart message. + $rendered[''] = ''; + return $rendered; } protected function _render($content) @@ -101,7 +153,7 @@ class CakeEmailExtended extends CakeEmail if ($content !== null) { throw new InvalidArgumentException("Content must be null for CakeEmailExtended."); } - return parent::send($this->body); + return parent::send(); } public function __toString() @@ -285,7 +337,8 @@ class SendEmail } } - $params['body'] = str_replace('\n', PHP_EOL, $params['body']); // TODO: Why this? + $body = str_replace('\n', PHP_EOL, $params['body']); // TODO: Why this? + $body = new CakeEmailBody($body); $attachments = array(); if (!empty($params['requestor_gpgkey'])) { @@ -306,8 +359,8 @@ class SendEmail $email->returnPath(Configure::read('MISP.email')); $email->to($params['to']); $email->subject($params['subject']); - $email->emailFormat('text'); - $email->body($params['body']); + $email->emailFormat($body->format()); + $email->body($body); $email->attachments($attachments); $mock = false; @@ -352,15 +405,15 @@ class SendEmail /** * @param array $user * @param string $subject - * @param string $body - * @param string|null $bodyWithoutEncryption + * @param CakeEmailBody $body + * @param CakeEmailBody|null $bodyWithoutEncryption * @param array $replyToUser * @return bool True if e-mail is encrypted, false if not. * @throws Crypt_GPG_BadPassphraseException * @throws Crypt_GPG_Exception * @throws SendEmailException */ - public function sendToUser(array $user, $subject, $body, $bodyWithoutEncryption = null, array $replyToUser = array()) + public function sendToUser(array $user, $subject, CakeEmailBody $body, CakeEmailBody $bodyWithoutEncryption = null, array $replyToUser = array()) { if (Configure::read('MISP.disable_emailing')) { throw new SendEmailException('Emailing is currently disabled on this instance.'); @@ -383,9 +436,7 @@ class SendEmail $body = $bodyWithoutEncryption; } - $body = str_replace('\n', PHP_EOL, $body); // TODO: Why this? - - $email = $this->create($user, $subject, $body, array(), $replyToUser); + $email = $this->create($user, $subject, $body, [], $replyToUser); $signed = false; if (Configure::read('GnuPG.sign')) { @@ -499,12 +550,12 @@ class SendEmail /** * @param array $user User model * @param string $subject - * @param string $body + * @param CakeEmailBody $body * @param array $attachments * @param array $replyToUser User model * @return CakeEmailExtended */ - private function create(array $user, $subject, $body, array $attachments = array(), array $replyToUser = array()) + private function create(array $user, $subject, CakeEmailBody $body, array $attachments = array(), array $replyToUser = array()) { $email = new CakeEmailExtended(); @@ -534,7 +585,7 @@ class SendEmail $email->returnPath(Configure::read('MISP.email')); // TODO? $email->to($user['User']['email']); $email->subject($subject); - $email->emailFormat('text'); + $email->emailFormat($body->format()); $email->body($body); foreach ($attachments as $key => $value) { diff --git a/app/Model/User.php b/app/Model/User.php index ca505519c..3bf2c23fa 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -800,13 +800,20 @@ class User extends AppModel return true; } - $this->Log = ClassRegistry::init('Log'); + $this->loadLog(); $replyToLog = $replyToUser ? ' from ' . $replyToUser['User']['email'] : ''; $gpg = $this->initializeGpg(); $sendEmail = new SendEmail($gpg); + try { - $encrypted = $sendEmail->sendToUser($user, $subject, $body, $bodyNoEnc ?: null, $replyToUser ?: array()); + $encrypted = $sendEmail->sendToUser( + $user, + $subject, + new CakeEmailBody($body), + $bodyNoEnc ? new CakeEmailBody($bodyNoEnc): null, + $replyToUser ?: [] + ); } catch (SendEmailException $e) { $this->logException("Exception during sending e-mail", $e); From e2b1ba18a332af4bf1c5844bc9d43ce8205ee45d Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 5 Feb 2021 15:40:22 +0100 Subject: [PATCH 310/437] new: [mail] HTML alert emails --- app/Lib/Tools/SendEmail.php | 2 +- app/Model/Event.php | 196 +++++++-------------------------- app/Model/Server.php | 8 ++ app/Model/User.php | 10 +- app/View/Emails/text/alert.ctp | 101 +++++++++++++++++ 5 files changed, 152 insertions(+), 165 deletions(-) create mode 100644 app/View/Emails/text/alert.ctp diff --git a/app/Lib/Tools/SendEmail.php b/app/Lib/Tools/SendEmail.php index 8a4033920..35b7701cc 100644 --- a/app/Lib/Tools/SendEmail.php +++ b/app/Lib/Tools/SendEmail.php @@ -581,7 +581,7 @@ class SendEmail $email->replyTo(Configure::read('MISP.email_reply_to')); } - $email->from(Configure::read('MISP.email')); + $email->from(Configure::read('MISP.email'), Configure::read('MISP.email_from_name')); $email->returnPath(Configure::read('MISP.email')); // TODO? $email->to($user['User']['email']); $email->subject($subject); diff --git a/app/Model/Event.php b/app/Model/Event.php index 08395868a..271a96c31 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3219,7 +3219,7 @@ class Event extends AppModel ])[0]; if ($this->UserSetting->checkPublishFilter($user, $eventForUser)) { - $body = $this->__buildAlertEmailBody($eventForUser, $user, $oldpublish); + $body = $this->renderAlertEmail($eventForUser, $user, $oldpublish); $this->User->sendEmail(['User' => $user], $body, $bodyNoEnc, $subject); } if ($jobId) { @@ -3233,136 +3233,41 @@ class Event extends AppModel return true; } - /** - * @param string $body - * @param string $bodyTempOther - * @param array $objects - * @param int|null $oldpublish Timestamp of latest publish - */ - private function __buildAlertEmailObject(&$body, &$bodyTempOther, array $objects, $oldpublish) - { - foreach ($objects as $object) { - if (isset($oldpublish) && isset($object['timestamp']) && $object['timestamp'] > $oldpublish) { - $body .= '* '; - } else { - $body .= ' '; - } - $body .= $object['name'] . '/' . $object['meta-category'] . "\n"; - if (!empty($object['Attribute'])) { - $body .= $this->__buildAlertEmailAttribute($body, $bodyTempOther, $object['Attribute'], $oldpublish, ' '); - } - } - } - - /** - * @param string $body - * @param string $bodyTempOther - * @param array $attributes - * @param int|null $oldpublish Timestamp of latest publish - * @param string $indent - */ - private function __buildAlertEmailAttribute(&$body, &$bodyTempOther, array $attributes, $oldpublish, $indent = ' ') - { - $appendlen = 20; - foreach ($attributes as $attribute) { - $ids = $attribute['to_ids'] ? ' (IDS)' : ''; - - // Defanging URLs (Not "links") emails domains/ips in notification emails - $value = $attribute['value']; - if ('url' == $attribute['type'] || 'uri' == $attribute['type']) { - $value = str_ireplace("http", "hxxp", $value); - $value = str_ireplace(".", "[.]", $value); - } elseif (in_array($attribute['type'], array('email-src', 'email-dst', 'whois-registrant-email', 'dns-soa-email', 'email-reply-to'))) { - $value = str_replace("@", "[at]", $value); - } elseif (in_array($attribute['type'], array('hostname', 'domain', 'ip-src', 'ip-dst', 'domain|ip'))) { - $value = str_replace(".", "[.]", $value); - } - - $strRepeatCount = $appendlen - 2 - strlen($attribute['type']); - $strRepeat = ($strRepeatCount > 0) ? str_repeat(' ', $strRepeatCount) : ''; - if (isset($oldpublish) && isset($attribute['timestamp']) && $attribute['timestamp'] > $oldpublish) { - $line = '* ' . $indent . $attribute['category'] . '/' . $attribute['type'] . $strRepeat . ': ' . $value . $ids . " *\n"; - } else { - $line = $indent . $attribute['category'] . '/' . $attribute['type'] . $strRepeat . ': ' . $value . $ids . "\n"; - } - - if (!empty($attribute['AttributeTag'])) { - $tags = []; - foreach ($attribute['AttributeTag'] as $aT) { - $tags[] = $aT['Tag']['name']; - } - $line .= ' - Tags: ' . implode(', ', $tags) . "\n"; - } - if ('other' == $attribute['type']) { // append the 'other' attribute types to the bottom. - $bodyTempOther .= $line; - } else { - $body .= $line; - } - } - } - /** * @param array $event * @param array $user - * @param int|null $oldpublish Timestamp of latest publish - * @return string + * @param int|null $oldpublish Timestamp of previous publishing. + * @param bool $contactAlert + * @return CakeEmailBody + * @throws CakeException */ - private function __buildAlertEmailBody(array $event, array $user, $oldpublish) + private function renderAlertEmail(array $event, array $user, $oldpublish = null, $contactAlert = false) { - // The mail body, h() is NOT needed as we are sending plain-text mails. - $body = ""; - $body .= '==============================================' . "\n"; - $body .= 'URL : ' . $this->__getAnnounceBaseurl() . '/events/view/' . $event['Event']['id'] . "\n"; - $body .= 'Event ID : ' . $event['Event']['id'] . "\n"; - $body .= 'Date : ' . $event['Event']['date'] . "\n"; - if (Configure::read('MISP.showorg')) { - $body .= 'Reported by : ' . $event['Orgc']['name'] . "\n"; - $body .= 'Local owner of the event : ' . $event['Org']['name'] . "\n"; + $View = new View(); + $View->helpers = ['TextColour']; + $View->loadHelpers(); + + $View->set('event', $event); + $View->set('user', $user); + $View->set('oldPublishTimestamp', $oldpublish); + $View->set('baseurl', $this->__getAnnounceBaseurl()); + $View->set('distributionLevels', $this->distributionLevels); + $View->set('analysisLevels', $this->analysisLevels); + $View->set('contactAlert', $contactAlert); + + try { + $View->viewPath = $View->layoutPath = 'Emails' . DS . 'html'; + $html = $View->render('alert'); + } catch (MissingViewException $e) { + $html = null; // HTMl template is optional } - $body .= 'Distribution: ' . $this->distributionLevels[$event['Event']['distribution']] . "\n"; - if ($event['Event']['distribution'] == 4) { - $body .= 'Sharing Group: ' . $event['SharingGroup']['name'] . "\n"; - } - $tags = []; - foreach ($event['EventTag'] as $tag) { - $tags[] = $tag['Tag']['name']; - } - $body .= 'Tags: ' . implode(', ', $tags) . "\n"; - $body .= 'Threat Level: ' . $event['ThreatLevel']['name'] . "\n"; - $body .= 'Analysis : ' . $this->analysisLevels[$event['Event']['analysis']] . "\n"; - $body .= 'Description : ' . $event['Event']['info'] . "\n"; - if (!empty($event['RelatedEvent'])) { - $body .= '==============================================' . "\n"; - $body .= 'Related to: '. "\n"; - foreach ($event['RelatedEvent'] as $relatedEvent) { - $body .= $this->__getAnnounceBaseurl() . '/events/view/' . $relatedEvent['Event']['id'] . ' (' . $relatedEvent['Event']['date'] . ') ' ."\n"; - } - $body .= '==============================================' . "\n"; - } - $bodyTempOther = ""; - if (!empty($event['Attribute'])) { - $body .= 'Attributes (* indicates a new or modified attribute):' . "\n"; - $this->__buildAlertEmailAttribute($body, $bodyTempOther, $event['Attribute'], $oldpublish); - } - if (!empty($event['Object'])) { - $body .= 'Objects (* indicates a new or modified object):' . "\n"; - $this->__buildAlertEmailObject($body, $bodyTempOther, $event['Object'], $oldpublish); - } - if (!empty($bodyTempOther)) { - $body .= "\n"; - } - $body .= $bodyTempOther; // append the 'other' attribute types to the bottom. - $body .= '==============================================' . "\n"; - $body .= sprintf( - "You receive this e-mail because the e-mail address %s is set to receive publish alerts on the MISP instance at %s.%s%s", - $user['email'], - $this->__getAnnounceBaseurl(), - PHP_EOL, - PHP_EOL - ); - $body .= "If you would like to unsubscribe from receiving such alert e-mails, simply\ndisable publish alerts via " . $this->__getAnnounceBaseurl() . '/users/edit' . PHP_EOL; - $body .= '==============================================' . "\n"; - return $body; + + $View->hasRendered = false; + $View->viewPath = $View->layoutPath = 'Emails' . DS . 'text'; + $text = $View->render('alert'); + + require_once APP . '/Lib/Tools/SendEmail.php'; // TODO + return new CakeEmailBody($text, $html); } /** @@ -3423,13 +3328,13 @@ class Event extends AppModel $subject = "[" . Configure::read('MISP.org') . " MISP] Need info about event $id - " . strtoupper($tplColorString); $result = true; foreach ($orgMembers as $reporter) { - list($bodyevent, $body) = $this->__buildContactEventEmailBody($user, $message, $event); + list($bodyevent, $body) = $this->__buildContactEventEmailBody($user, $reporter, $message, $event); $result = $this->User->sendEmail($reporter, $bodyevent, $body, $subject, $user) && $result; } return $result; } - private function __buildContactEventEmailBody(array $user, $message, array $event) + private function __buildContactEventEmailBody(array $user, array $reporter, $message, array $event) { // The mail body, h() is NOT needed as we are sending plain-text mails. $body = ""; @@ -3451,40 +3356,13 @@ class Event extends AppModel $body .= "\n"; $body .= "The event is the following: \n"; - // print the event in mail-format - // LATER place event-to-email-layout in a function - $body .= 'URL : ' . $this->__getAnnounceBaseurl() . '/events/view/' . $event['Event']['id'] . "\n"; - $bodyevent = $body; - $bodyevent .= 'Event ID : ' . $event['Event']['id'] . "\n"; - $bodyevent .= 'Date : ' . $event['Event']['date'] . "\n"; - if (Configure::read('MISP.showorg')) { - $bodyevent .= 'Reported by : ' . $event['Orgc']['name'] . "\n"; - } - $bodyevent .= 'Risk : ' . $event['ThreatLevel']['name'] . "\n"; - $bodyevent .= 'Analysis : ' . $this->analysisLevels[$event['Event']['analysis']] . "\n"; + $full = $body; + $body .= $this->__getAnnounceBaseurl() . '/events/view/' . $event['Event']['id'] . "\n"; - foreach ($event['RelatedEvent'] as $relatedEvent) { - $bodyevent .= 'Related to : ' . $this->__getAnnounceBaseurl() . '/events/view/' . $relatedEvent['Event']['id'] . ' (' . $relatedEvent['Event']['date'] . ')' . "\n"; - } + $rendered = $this->renderAlertEmail($event, $reporter); + $full .= $rendered->text; - $bodyevent .= 'Info : ' . "\n"; - $bodyevent .= $event['Event']['info'] . "\n"; - - $bodyTempOther = ""; - if (!empty($event['Attribute'])) { - $bodyevent .= 'Attributes:' . "\n"; - $this->__buildAlertEmailAttribute($bodyevent, $bodyTempOther, $event['Attribute'], null); - } - if (!empty($event['Object'])) { - $bodyevent .= 'Objects:' . "\n"; - $this->__buildAlertEmailObject($bodyevent, $bodyTempOther, $event['Object'], null); - } - if (!empty($bodyTempOther)) { - $bodyevent .= "\n"; - } - $bodyevent .= $bodyTempOther; // append the 'other' attribute types to the bottom. - - return array($bodyevent, $body); + return array($body, $full); } public function captureSGForElement($element, $user, $server=false) diff --git a/app/Model/Server.php b/app/Model/Server.php index 1b05ef2b1..8109c86bf 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -4739,6 +4739,14 @@ class Server extends AppModel 'test' => 'testBool', 'type' => 'boolean', ), + 'email_from_name' => [ + 'level' => 2, + 'description' => __('Notification e-mail sender name.'), + 'value' => '', + 'errorMessage' => '', + 'test' => 'testForEmpty', + 'type' => 'string', + ], 'taxii_sync' => array( 'level' => 3, 'description' => __('This setting is deprecated and can be safely removed.'), diff --git a/app/Model/User.php b/app/Model/User.php index 3bf2c23fa..e56fd49b6 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -757,7 +757,7 @@ class User extends AppModel 'conditions' => $conditions, 'recursive' => -1, 'fields' => array('id', 'email', 'gpgkey', 'certif_public', 'org_id', 'disabled'), - 'contain' => ['Role' => ['fields' => ['perm_site_admin', 'perm_audit']], 'Organisation' => ['fields' => ['id']]], + 'contain' => ['Role' => ['fields' => ['perm_site_admin', 'perm_audit']], 'Organisation' => ['fields' => ['id', 'name']]], )); foreach ($users as $k => $user) { $user = $user['User']; @@ -786,8 +786,8 @@ class User extends AppModel * the remaining two parameters are the e-mail subject and a secondary user object which will be used as the replyto address if set. If it is set and an encryption key for the replyTo user exists, then his/her public key will also be attached * * @param array $user - * @param string $body - * @param string|false $bodyNoEnc + * @param CakeEmailBody|string $body + * @param CakeEmailBody|string|false $bodyNoEnc * @param string $subject * @param array|false $replyToUser * @return bool @@ -810,8 +810,8 @@ class User extends AppModel $encrypted = $sendEmail->sendToUser( $user, $subject, - new CakeEmailBody($body), - $bodyNoEnc ? new CakeEmailBody($bodyNoEnc): null, + is_string($body) ? new CakeEmailBody($body) : $body, + $bodyNoEnc ? (is_string($bodyNoEnc) ? new CakeEmailBody($bodyNoEnc) : $bodyNoEnc): null, $replyToUser ?: [] ); diff --git a/app/View/Emails/text/alert.ctp b/app/View/Emails/text/alert.ctp new file mode 100644 index 000000000..6c9bae885 --- /dev/null +++ b/app/View/Emails/text/alert.ctp @@ -0,0 +1,101 @@ + 0) ? str_repeat(' ', $strRepeatCount) : ''; + if (isset($oldPublishTimestamp) && isset($attribute['timestamp']) && $attribute['timestamp'] > $oldPublishTimestamp) { + $line = '* ' . $indent . $attribute['category'] . '/' . $attribute['type'] . $strRepeat . ': ' . $value . $ids . " *\n"; + } else { + $line = $indent . $attribute['category'] . '/' . $attribute['type'] . $strRepeat . ': ' . $value . $ids . "\n"; + } + + if (!empty($attribute['AttributeTag'])) { + $tags = []; + foreach ($attribute['AttributeTag'] as $aT) { + $tags[] = $aT['Tag']['name']; + } + $line .= ' - Tags: ' . implode(', ', $tags) . "\n"; + } + echo $line; + } +}; + +$renderObjects = function(array $objects) use ($renderAttributes, $oldPublishTimestamp) { + foreach ($objects as $object) { + $body = ''; + if (isset($oldPublishTimestamp) && isset($object['timestamp']) && $object['timestamp'] > $oldPublishTimestamp) { + $body .= '* '; + } else { + $body .= ' '; + } + $body .= $object['name'] . '/' . $object['meta-category'] . "\n"; + if (!empty($object['Attribute'])) { + $body .= $renderAttributes($object['Attribute'], ' '); + } + echo $body; + } +}; + +$tags = []; +foreach ($event['EventTag'] as $tag) { + $tags[] = $tag['Tag']['name']; +} +?> +============================================== +URL : /events/view/ +Event ID : +Date : + +Reported by : +Local owner of the event : + +Distribution: + +Sharing Group: + +Tags: +Threat Level: +Analysis : +Description : + +============================================== +Related to: + +============================================== + + + +Attributes + + + + +Objects + + + +============================================== +You receive this e-mail because the e-mail address is set +to receive alerts on the MISP instance at . + +If you would like to unsubscribe from receiving such alert e-mails, simply +disable alerts via /users/edit +============================================== From 17fb5db3cfeeb4cac73df93bda933d78e12ee406 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 6 Feb 2021 10:58:46 +0100 Subject: [PATCH 311/437] new: [mail] Move contact alert email to templates --- app/Lib/Tools/SendEmail.php | 25 ++++-- app/Lib/Tools/SendEmailTemplate.php | 51 ++++++++++++ app/Model/Event.php | 103 +++++++++---------------- app/Model/User.php | 8 +- app/View/Emails/text/alert.ctp | 19 ++++- app/View/Emails/text/alert_contact.ctp | 23 ++++++ 6 files changed, 148 insertions(+), 81 deletions(-) create mode 100644 app/Lib/Tools/SendEmailTemplate.php create mode 100644 app/View/Emails/text/alert_contact.ctp diff --git a/app/Lib/Tools/SendEmail.php b/app/Lib/Tools/SendEmail.php index 35b7701cc..f8dd8f7ba 100644 --- a/app/Lib/Tools/SendEmail.php +++ b/app/Lib/Tools/SendEmail.php @@ -405,16 +405,20 @@ class SendEmail /** * @param array $user * @param string $subject - * @param CakeEmailBody $body - * @param CakeEmailBody|null $bodyWithoutEncryption + * @param SendEmailTemplate|string $body + * @param string|false $bodyWithoutEncryption * @param array $replyToUser * @return bool True if e-mail is encrypted, false if not. * @throws Crypt_GPG_BadPassphraseException * @throws Crypt_GPG_Exception * @throws SendEmailException */ - public function sendToUser(array $user, $subject, CakeEmailBody $body, CakeEmailBody $bodyWithoutEncryption = null, array $replyToUser = array()) + public function sendToUser(array $user, $subject, $body, $bodyWithoutEncryption = false, array $replyToUser = array()) { + if ($body instanceof SendEmailTemplate && $bodyWithoutEncryption !== false) { + throw new InvalidArgumentException("When body is instance of SendEmailTemplate, \$bodyWithoutEncryption must be false."); + } + if (Configure::read('MISP.disable_emailing')) { throw new SendEmailException('Emailing is currently disabled on this instance.'); } @@ -431,9 +435,18 @@ class SendEmail throw new SendEmailException('Encrypted messages are enforced and the message could not be encrypted for this user as no valid encryption key was found.'); } - // If 'bodyonlyencrypted' is enabled and the user has no encryption key, use the alternate body (if it exists) - if (Configure::read('GnuPG.bodyonlyencrypted') && !$canEncryptSmime && !$canEncryptGpg && $bodyWithoutEncryption) { - $body = $bodyWithoutEncryption; + // If 'GnuPG.bodyonlyencrypted' is enabled and the user has no encryption key, use the alternate body + $hideDetails = Configure::read('GnuPG.bodyonlyencrypted') && !$canEncryptSmime && !$canEncryptGpg; + + if ($body instanceof SendEmailTemplate) { + $body->set('canEncryptSmime', $canEncryptSmime); + $body->set('canEncryptGpg', $canEncryptGpg); + $body = $body->render($hideDetails); + } else { + if ($hideDetails && $bodyWithoutEncryption) { + $body = $bodyWithoutEncryption; + } + $body = new CakeEmailBody($body); } $email = $this->create($user, $subject, $body, [], $replyToUser); diff --git a/app/Lib/Tools/SendEmailTemplate.php b/app/Lib/Tools/SendEmailTemplate.php new file mode 100644 index 000000000..7ab7009a6 --- /dev/null +++ b/app/Lib/Tools/SendEmailTemplate.php @@ -0,0 +1,51 @@ +viewName = $viewName; + } + + /** + * @param string $key + * @param mixed $value + */ + public function set($key, $value) + { + $this->viewVars[$key] = $value; + } + + /** + * @param bool $hideDetails True when GnuPG.bodyonlyencrypted is enabled and e-mail cannot be send in encrypted form + * @return CakeEmailBody + * @throws CakeException + */ + public function render($hideDetails = false) + { + $View = new View(); + $View->helpers = ['TextColour']; + $View->loadHelpers(); + + $View->set($this->viewVars); + $View->set('hideDetails', $hideDetails); + + $View->viewPath = $View->layoutPath = 'Emails' . DS . 'html'; + try { + $html = $View->render($this->viewName); + } catch (MissingViewException $e) { + $html = null; // HTMl template is optional + } + + $View->viewPath = $View->layoutPath = 'Emails' . DS . 'text'; + $View->hasRendered = false; + $text = $View->render($this->viewName); + + return new CakeEmailBody($text, $html); + } +} diff --git a/app/Model/Event.php b/app/Model/Event.php index 271a96c31..67eb2b452 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -4,6 +4,7 @@ App::uses('CakeEmail', 'Network/Email'); App::uses('RandomTool', 'Tools'); App::uses('AttachmentTool', 'Tools'); App::uses('TmpFileTool', 'Tools'); +App::uses('SendEmailTemplate', 'Tools'); /** * @property User $User @@ -3202,10 +3203,6 @@ class Event extends AppModel } $subject = "[" . Configure::read('MISP.org') . " MISP] Event $id - $subject$threatLevel" . strtoupper($subjMarkingString); - $eventUrl = $this->__getAnnounceBaseurl() . "/events/view/" . $id; - $bodyNoEnc = __("A new or modified event was just published on %s", $eventUrl) . "\n\n"; - $bodyNoEnc .= __("If you would like to unsubscribe from receiving such alert e-mails, simply\ndisable publish alerts via %s", $this->__getAnnounceBaseurl() . '/users/edit'); - $userCount = count($usersWithAccess); $this->UserSetting = ClassRegistry::init('UserSetting'); foreach ($usersWithAccess as $k => $user) { @@ -3219,8 +3216,8 @@ class Event extends AppModel ])[0]; if ($this->UserSetting->checkPublishFilter($user, $eventForUser)) { - $body = $this->renderAlertEmail($eventForUser, $user, $oldpublish); - $this->User->sendEmail(['User' => $user], $body, $bodyNoEnc, $subject); + $body = $this->prepareAlertEmail($eventForUser, $user, $oldpublish); + $this->User->sendEmail(['User' => $user], $body, false, $subject); } if ($jobId) { $this->Job->saveProgress($jobId, null, $k / $userCount * 100); @@ -3235,39 +3232,22 @@ class Event extends AppModel /** * @param array $event - * @param array $user + * @param array $user E-mail receiver * @param int|null $oldpublish Timestamp of previous publishing. - * @param bool $contactAlert - * @return CakeEmailBody + * @return SendEmailTemplate * @throws CakeException */ - private function renderAlertEmail(array $event, array $user, $oldpublish = null, $contactAlert = false) + private function prepareAlertEmail(array $event, array $user, $oldpublish = null) { - $View = new View(); - $View->helpers = ['TextColour']; - $View->loadHelpers(); - - $View->set('event', $event); - $View->set('user', $user); - $View->set('oldPublishTimestamp', $oldpublish); - $View->set('baseurl', $this->__getAnnounceBaseurl()); - $View->set('distributionLevels', $this->distributionLevels); - $View->set('analysisLevels', $this->analysisLevels); - $View->set('contactAlert', $contactAlert); - - try { - $View->viewPath = $View->layoutPath = 'Emails' . DS . 'html'; - $html = $View->render('alert'); - } catch (MissingViewException $e) { - $html = null; // HTMl template is optional - } - - $View->hasRendered = false; - $View->viewPath = $View->layoutPath = 'Emails' . DS . 'text'; - $text = $View->render('alert'); - - require_once APP . '/Lib/Tools/SendEmail.php'; // TODO - return new CakeEmailBody($text, $html); + $template = new SendEmailTemplate('alert'); + $template->set('event', $event); + $template->set('user', $user); + $template->set('oldPublishTimestamp', $oldpublish); + $template->set('baseurl', $this->__getAnnounceBaseurl()); + $template->set('distributionLevels', $this->distributionLevels); + $template->set('analysisLevels', $this->analysisLevels); + $template->set('tlp', $this->getEmailSubjectMarkForEvent($event)); + return $template; } /** @@ -3327,42 +3307,33 @@ class Event extends AppModel $tplColorString = $this->getEmailSubjectMarkForEvent($event); $subject = "[" . Configure::read('MISP.org') . " MISP] Need info about event $id - " . strtoupper($tplColorString); $result = true; - foreach ($orgMembers as $reporter) { - list($bodyevent, $body) = $this->__buildContactEventEmailBody($user, $reporter, $message, $event); - $result = $this->User->sendEmail($reporter, $bodyevent, $body, $subject, $user) && $result; + foreach ($orgMembers as $eventReporter) { + $body = $this->prepareContactAlertEmail($user, $eventReporter, $message, $event); + $result = $this->User->sendEmail($eventReporter, $body, false, $subject, $user) && $result; } return $result; } - private function __buildContactEventEmailBody(array $user, array $reporter, $message, array $event) + /** + * @param array $user + * @param array $eventReporter + * @param string $message + * @param array $event + * @return SendEmailTemplate + */ + private function prepareContactAlertEmail(array $user, array $eventReporter, $message, array $event) { - // The mail body, h() is NOT needed as we are sending plain-text mails. - $body = ""; - $body .= "Hello, \n"; - $body .= "\n"; - $body .= "Someone wants to get in touch with you concerning a MISP event. \n"; - $body .= "\n"; - $body .= "You can reach them at " . $user['User']['email'] . "\n"; - if (!empty($user['User']['gpgkey'])) { - $body .= "Their GnuPG key is added as attachment to this email. \n"; - } - if (!empty($user['User']['certif_public'])) { - $body .= "Their Public certificate is added as attachment to this email. \n"; - } - $body .= "\n"; - $body .= "They wrote the following message: \n"; - $body .= $message . "\n"; - $body .= "\n"; - $body .= "\n"; - $body .= "The event is the following: \n"; - - $full = $body; - $body .= $this->__getAnnounceBaseurl() . '/events/view/' . $event['Event']['id'] . "\n"; - - $rendered = $this->renderAlertEmail($event, $reporter); - $full .= $rendered->text; - - return array($body, $full); + $template = new SendEmailTemplate('alert_contact'); + $template->set('event', $event); + $template->set('requestor', $user); + $template->set('message', $message); + $template->set('user', $this->User->rearrangeToAuthForm($eventReporter)); + $template->set('baseurl', $this->__getAnnounceBaseurl()); + $template->set('distributionLevels', $this->distributionLevels); + $template->set('analysisLevels', $this->analysisLevels); + $template->set('contactAlert', true); + $template->set('tlp', $this->getEmailSubjectMarkForEvent($event)); + return $template; } public function captureSGForElement($element, $user, $server=false) diff --git a/app/Model/User.php b/app/Model/User.php index e56fd49b6..5482da065 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -807,13 +807,7 @@ class User extends AppModel $sendEmail = new SendEmail($gpg); try { - $encrypted = $sendEmail->sendToUser( - $user, - $subject, - is_string($body) ? new CakeEmailBody($body) : $body, - $bodyNoEnc ? (is_string($bodyNoEnc) ? new CakeEmailBody($bodyNoEnc) : $bodyNoEnc): null, - $replyToUser ?: [] - ); + $encrypted = $sendEmail->sendToUser($user, $subject, $body, $bodyNoEnc,$replyToUser ?: []); } catch (SendEmailException $e) { $this->logException("Exception during sending e-mail", $e); diff --git a/app/View/Emails/text/alert.ctp b/app/View/Emails/text/alert.ctp index 6c9bae885..ba1f0a872 100644 --- a/app/View/Emails/text/alert.ctp +++ b/app/View/Emails/text/alert.ctp @@ -1,4 +1,19 @@ -Attributes +Attributes -Objects +Objects diff --git a/app/View/Emails/text/alert_contact.ctp b/app/View/Emails/text/alert_contact.ctp new file mode 100644 index 000000000..64a38ff65 --- /dev/null +++ b/app/View/Emails/text/alert_contact.ctp @@ -0,0 +1,23 @@ +Hello, + +Someone wants to get in touch with you concerning a MISP event. + +You can reach them at + +Their PGP key is added as attachment to this email. + + +Their Public certificate is added as attachment to this email. + + +They wrote the following message: + + + +The event is the following: + Date: Sat, 6 Feb 2021 13:54:07 +0100 Subject: [PATCH 312/437] new: [mail] Add reference for event alert emails --- app/Lib/Tools/SendEmail.php | 16 +++++++++++++--- app/Lib/Tools/SendEmailTemplate.php | 18 ++++++++++++++++++ app/Model/Event.php | 1 + 3 files changed, 32 insertions(+), 3 deletions(-) diff --git a/app/Lib/Tools/SendEmail.php b/app/Lib/Tools/SendEmail.php index f8dd8f7ba..3379dffa7 100644 --- a/app/Lib/Tools/SendEmail.php +++ b/app/Lib/Tools/SendEmail.php @@ -441,15 +441,25 @@ class SendEmail if ($body instanceof SendEmailTemplate) { $body->set('canEncryptSmime', $canEncryptSmime); $body->set('canEncryptGpg', $canEncryptGpg); - $body = $body->render($hideDetails); + $bodyContent = $body->render($hideDetails); } else { if ($hideDetails && $bodyWithoutEncryption) { $body = $bodyWithoutEncryption; } - $body = new CakeEmailBody($body); + $bodyContent = new CakeEmailBody($body); } - $email = $this->create($user, $subject, $body, [], $replyToUser); + $email = $this->create($user, $subject, $bodyContent, [], $replyToUser); + + // Generate `In-Reply-To` and `References` to group emails + if ($body instanceof SendEmailTemplate && $body->referenceId()) { + $reference = sha1($body->referenceId() . '|' . Configure::read('MISP.uuid')); + $reference = "<$reference@{$email->domain()}>"; + $email->addHeaders([ + 'In-Reply-To' => $reference, + 'References' => $reference, + ]); + } $signed = false; if (Configure::read('GnuPG.sign')) { diff --git a/app/Lib/Tools/SendEmailTemplate.php b/app/Lib/Tools/SendEmailTemplate.php index 7ab7009a6..a378fbd22 100644 --- a/app/Lib/Tools/SendEmailTemplate.php +++ b/app/Lib/Tools/SendEmailTemplate.php @@ -7,12 +7,29 @@ class SendEmailTemplate /** @var string */ private $viewName; + /** @var string|null */ + private $referenceId; + public function __construct($viewName) { $this->viewName = $viewName; } /** + * This value will be used for grouping emails in mail client. + * @param string|null $referenceId + * @return string + */ + public function referenceId($referenceId = null) + { + if ($referenceId === null) { + return $this->referenceId ; + } + $this->referenceId = $referenceId; + } + + /** + * Set template variable. * @param string $key * @param mixed $value */ @@ -29,6 +46,7 @@ class SendEmailTemplate public function render($hideDetails = false) { $View = new View(); + $View->autoLayout = false; $View->helpers = ['TextColour']; $View->loadHelpers(); diff --git a/app/Model/Event.php b/app/Model/Event.php index 67eb2b452..576159a4d 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3247,6 +3247,7 @@ class Event extends AppModel $template->set('distributionLevels', $this->distributionLevels); $template->set('analysisLevels', $this->analysisLevels); $template->set('tlp', $this->getEmailSubjectMarkForEvent($event)); + $template->referenceId("event-alert|{$event['Event']['id']}"); return $template; } From 9b9c69bfad66ee453a0483983ba2a77ab51a9470 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 6 Feb 2021 14:24:09 +0100 Subject: [PATCH 313/437] new: [email] Allow to set email subject from template --- app/Lib/Tools/SendEmail.php | 1 + app/Lib/Tools/SendEmailTemplate.php | 15 +++++++++++++++ app/Model/User.php | 4 ++-- 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/app/Lib/Tools/SendEmail.php b/app/Lib/Tools/SendEmail.php index 3379dffa7..7d8903302 100644 --- a/app/Lib/Tools/SendEmail.php +++ b/app/Lib/Tools/SendEmail.php @@ -442,6 +442,7 @@ class SendEmail $body->set('canEncryptSmime', $canEncryptSmime); $body->set('canEncryptGpg', $canEncryptGpg); $bodyContent = $body->render($hideDetails); + $subject = $body->subject() ?: $subject; // Get generated subject from template } else { if ($hideDetails && $bodyWithoutEncryption) { $body = $bodyWithoutEncryption; diff --git a/app/Lib/Tools/SendEmailTemplate.php b/app/Lib/Tools/SendEmailTemplate.php index a378fbd22..f96f0a0ee 100644 --- a/app/Lib/Tools/SendEmailTemplate.php +++ b/app/Lib/Tools/SendEmailTemplate.php @@ -10,6 +10,9 @@ class SendEmailTemplate /** @var string|null */ private $referenceId; + /** @var string|null */ + private $subject; + public function __construct($viewName) { $this->viewName = $viewName; @@ -28,6 +31,15 @@ class SendEmailTemplate $this->referenceId = $referenceId; } + /** + * Get subject from template. Must be called after render method. + * @return string + */ + public function subject() + { + return $this->subject; + } + /** * Set template variable. * @param string $key @@ -64,6 +76,9 @@ class SendEmailTemplate $View->hasRendered = false; $text = $View->render($this->viewName); + // Template can change default subject. + $this->subject = $View->get('subject'); + return new CakeEmailBody($text, $html); } } diff --git a/app/Model/User.php b/app/Model/User.php index 5482da065..4b58bf561 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -786,8 +786,8 @@ class User extends AppModel * the remaining two parameters are the e-mail subject and a secondary user object which will be used as the replyto address if set. If it is set and an encryption key for the replyTo user exists, then his/her public key will also be attached * * @param array $user - * @param CakeEmailBody|string $body - * @param CakeEmailBody|string|false $bodyNoEnc + * @param SendEmailTemplate|string $body + * @param string|false $bodyNoEnc * @param string $subject * @param array|false $replyToUser * @return bool From 0d493efb1bde2eb6de75a8fe9fcded00fc518d6a Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 7 Feb 2021 19:14:47 +0100 Subject: [PATCH 314/437] chg: [email] Move event alert email subject generting --- app/Lib/Tools/SendEmailTemplate.php | 10 +++++-- app/Model/Event.php | 46 ++++++++++++++++------------- 2 files changed, 32 insertions(+), 24 deletions(-) diff --git a/app/Lib/Tools/SendEmailTemplate.php b/app/Lib/Tools/SendEmailTemplate.php index f96f0a0ee..6f2a33356 100644 --- a/app/Lib/Tools/SendEmailTemplate.php +++ b/app/Lib/Tools/SendEmailTemplate.php @@ -26,18 +26,22 @@ class SendEmailTemplate public function referenceId($referenceId = null) { if ($referenceId === null) { - return $this->referenceId ; + return $this->referenceId; } $this->referenceId = $referenceId; } /** * Get subject from template. Must be called after render method. + * @param string|null $subject * @return string */ - public function subject() + public function subject($subject = null) { - return $this->subject; + if ($subject === null) { + return $this->subject; + } + $this->subject = $subject; } /** diff --git a/app/Model/Event.php b/app/Model/Event.php index 576159a4d..a96149f92 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3156,7 +3156,7 @@ class Event extends AppModel { $event = $this->find('first', [ 'conditions' => ['Event.id' => $id], - 'contain' => ['EventTag' => ['Tag'], 'ThreatLevel'], + 'recursive' => -1, ]); if (empty($event)) { throw new NotFoundException('Invalid Event.'); @@ -3185,23 +3185,6 @@ class Event extends AppModel $event['Event']['sharing_group_id'], $userConditions ); - if (Configure::read('MISP.extended_alert_subject')) { - $subject = preg_replace("/\r|\n/", "", $event['Event']['info']); - if (strlen($subject) > 58) { - $subject = substr($subject, 0, 55) . '... - '; - } else { - $subject .= " - "; - } - } else { - $subject = ''; - } - $subjMarkingString = $this->getEmailSubjectMarkForEvent($event); - if (Configure::read('MISP.threatlevel_in_email_subject') === false) { - $threatLevel = ''; - } else { - $threatLevel = $event['ThreatLevel']['name'] . " - "; - } - $subject = "[" . Configure::read('MISP.org') . " MISP] Event $id - $subject$threatLevel" . strtoupper($subjMarkingString); $userCount = count($usersWithAccess); $this->UserSetting = ClassRegistry::init('UserSetting'); @@ -3217,7 +3200,7 @@ class Event extends AppModel if ($this->UserSetting->checkPublishFilter($user, $eventForUser)) { $body = $this->prepareAlertEmail($eventForUser, $user, $oldpublish); - $this->User->sendEmail(['User' => $user], $body, false, $subject); + $this->User->sendEmail(['User' => $user], $body, false, null); } if ($jobId) { $this->Job->saveProgress($jobId, null, $k / $userCount * 100); @@ -3237,8 +3220,28 @@ class Event extends AppModel * @return SendEmailTemplate * @throws CakeException */ - private function prepareAlertEmail(array $event, array $user, $oldpublish = null) + public function prepareAlertEmail(array $event, array $user, $oldpublish = null) { + if (Configure::read('MISP.extended_alert_subject')) { + $subject = preg_replace("/\r|\n/", "", $event['Event']['info']); + if (strlen($subject) > 58) { + $subject = substr($subject, 0, 55) . '... - '; + } else { + $subject .= " - "; + } + } else { + $subject = ''; + } + + if (Configure::read('MISP.threatlevel_in_email_subject') === false) { + $threatLevel = ''; + } else { + $threatLevel = $event['ThreatLevel']['name'] . " - "; + } + + $subjMarkingString = $this->getEmailSubjectMarkForEvent($event); + $subject = "[" . Configure::read('MISP.org') . " MISP] Event {$event['Event']['id']} - $subject$threatLevel" . strtoupper($subjMarkingString); + $template = new SendEmailTemplate('alert'); $template->set('event', $event); $template->set('user', $user); @@ -3246,7 +3249,8 @@ class Event extends AppModel $template->set('baseurl', $this->__getAnnounceBaseurl()); $template->set('distributionLevels', $this->distributionLevels); $template->set('analysisLevels', $this->analysisLevels); - $template->set('tlp', $this->getEmailSubjectMarkForEvent($event)); + $template->set('tlp', $subjMarkingString); + $template->subject($subject); $template->referenceId("event-alert|{$event['Event']['id']}"); return $template; } From d523025b6d632b7e6f37da2af035ee02148b74b0 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 7 Feb 2021 19:40:33 +0100 Subject: [PATCH 315/437] new: [email] Command for testing generated alert email --- app/Console/Command/EventShell.php | 37 ++++++++++++++++++++++++++++++ app/Lib/Tools/SendEmail.php | 32 +++++++++++++++++++++----- app/Model/User.php | 6 ++--- 3 files changed, 66 insertions(+), 9 deletions(-) diff --git a/app/Console/Command/EventShell.php b/app/Console/Command/EventShell.php index bf8824db6..7607b6196 100644 --- a/app/Console/Command/EventShell.php +++ b/app/Console/Command/EventShell.php @@ -29,6 +29,13 @@ class EventShell extends AppShell ], ) )); + $parser->addSubcommand('testEventNotificationEmail', [ + 'help' => __('Generate event notification email in EML format.'), + 'arguments' => [ + 'event_id' => ['help' => __('Event ID'), 'required' => true], + 'user_id' => ['help' => __('User ID'), 'required' => true], + ], + ]); return $parser; } @@ -469,6 +476,36 @@ class EventShell extends AppShell $this->Job->save($job); } + public function testEventNotificationEmail() + { + list($eventId, $userId) = $this->args; + + $user = $this->User->getUserById($userId); + if (empty($user)) { + $this->error("User with ID $userId not found."); + } + $eventForUser = $this->Event->fetchEvent($this->User->rearrangeToAuthForm($user), [ + 'eventid' => $eventId, + 'includeAllTags' => true, + 'includeEventCorrelations' => true, + 'noEventReports' => true, + 'noSightings' => true, + ]); + if (empty($eventForUser)) { + $this->error("Event with ID $eventId not exists or given user don't have permission to access it."); + } + + $emailTemplate = $this->Event->prepareAlertEmail($eventForUser[0], $this->User->rearrangeToAuthForm($user)); + + App::uses('SendEmail', 'Tools'); + App::uses('GpgTool', 'Tools'); + $sendEmail = new SendEmail(GpgTool::initializeGpg()); + $sendEmail->setTransport('Debug'); + $result = $sendEmail->sendToUser($user, null, $emailTemplate); + + echo $result['contents']['headers'] . "\n\n" . $result['contents']['message'] . "\n"; + } + /** * @param int $userId * @return array diff --git a/app/Lib/Tools/SendEmail.php b/app/Lib/Tools/SendEmail.php index 7d8903302..451cc0f18 100644 --- a/app/Lib/Tools/SendEmail.php +++ b/app/Lib/Tools/SendEmail.php @@ -304,11 +304,12 @@ class MessagePart class SendEmail { - /** - * @var CryptGpgExtended - */ + /** @var CryptGpgExtended */ private $gpg; + /** @var string|null */ + private $transport; + /** * @param CryptGpgExtended|null $gpg */ @@ -323,6 +324,14 @@ class SendEmail } } + /** + * @param string $transport + */ + public function setTransport($transport) + { + $this->transport = $transport; + } + /** * @param array $params * @return array|bool @@ -363,6 +372,10 @@ class SendEmail $email->body($body); $email->attachments($attachments); + if ($this->transport) { + $email->transport($this->transport); + } + $mock = false; if (!empty(Configure::read('MISP.disable_emailing')) || !empty($params['mock'])) { $email->transport('Debug'); @@ -408,7 +421,7 @@ class SendEmail * @param SendEmailTemplate|string $body * @param string|false $bodyWithoutEncryption * @param array $replyToUser - * @return bool True if e-mail is encrypted, false if not. + * @return array * @throws Crypt_GPG_BadPassphraseException * @throws Crypt_GPG_Exception * @throws SendEmailException @@ -452,6 +465,10 @@ class SendEmail $email = $this->create($user, $subject, $bodyContent, [], $replyToUser); + if ($this->transport) { + $email->transport($this->transport); + } + // Generate `In-Reply-To` and `References` to group emails if ($body instanceof SendEmailTemplate && $body->referenceId()) { $reference = sha1($body->referenceId() . '|' . Configure::read('MISP.uuid')); @@ -529,8 +546,11 @@ class SendEmail } try { - $email->send(); - return $encrypted; + return [ + 'contents' => $email->send(), + 'encrypted' => $encrypted, + 'subject' => $subject, + ]; } catch (Exception $e) { throw new SendEmailException('The message could not be sent.', 0, $e); } diff --git a/app/Model/User.php b/app/Model/User.php index 4b58bf561..60b44d7ed 100644 --- a/app/Model/User.php +++ b/app/Model/User.php @@ -807,7 +807,7 @@ class User extends AppModel $sendEmail = new SendEmail($gpg); try { - $encrypted = $sendEmail->sendToUser($user, $subject, $body, $bodyNoEnc,$replyToUser ?: []); + $result = $sendEmail->sendToUser($user, $subject, $body, $bodyNoEnc,$replyToUser ?: []); } catch (SendEmailException $e) { $this->logException("Exception during sending e-mail", $e); @@ -824,9 +824,9 @@ class User extends AppModel return false; } - $logTitle = $encrypted ? 'Encrypted email' : 'Email'; + $logTitle = $result['encrypted'] ? 'Encrypted email' : 'Email'; // Intentional two spaces to pass test :) - $logTitle .= $replyToLog . ' to ' . $user['User']['email'] . ' sent, titled "' . $subject . '".'; + $logTitle .= $replyToLog . ' to ' . $user['User']['email'] . ' sent, titled "' . $result['subject'] . '".'; $this->Log->create(); $this->Log->save(array( From 9f81f0fb65278e971bfb000da0f1d638357177f4 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 8 Feb 2021 01:01:12 +0100 Subject: [PATCH 316/437] fix: [email] Correctly set domain for email message ID --- app/Lib/Tools/SendEmail.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/app/Lib/Tools/SendEmail.php b/app/Lib/Tools/SendEmail.php index 451cc0f18..de88f45f2 100644 --- a/app/Lib/Tools/SendEmail.php +++ b/app/Lib/Tools/SendEmail.php @@ -469,7 +469,7 @@ class SendEmail $email->transport($this->transport); } - // Generate `In-Reply-To` and `References` to group emails + // Generate `In-Reply-To` and `References` headers to group emails if ($body instanceof SendEmailTemplate && $body->referenceId()) { $reference = sha1($body->referenceId() . '|' . Configure::read('MISP.uuid')); $reference = "<$reference@{$email->domain()}>"; @@ -603,6 +603,14 @@ class SendEmail { $email = new CakeEmailExtended(); + $fromEmail = Configure::read('MISP.email'); + + // Set correct domain when sending email from CLI + $fromEmailParts = explode('@', $fromEmail, 2); + if (isset($fromEmailParts[1])) { + $email->domain($fromEmailParts[1]); + } + // We must generate message ID by own, because CakeEmail returns different message ID for every call of // getHeaders() method. $email->messageId($this->generateMessageId($email)); @@ -625,8 +633,8 @@ class SendEmail $email->replyTo(Configure::read('MISP.email_reply_to')); } - $email->from(Configure::read('MISP.email'), Configure::read('MISP.email_from_name')); - $email->returnPath(Configure::read('MISP.email')); // TODO? + $email->from($fromEmail, Configure::read('MISP.email_from_name')); + $email->returnPath($fromEmail); // TODO? $email->to($user['User']['email']); $email->subject($subject); $email->emailFormat($body->format()); From 29040c4f1c7a0b8d1941fa3ef6281b27b09da5fc Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 8 Feb 2021 11:09:35 +0100 Subject: [PATCH 317/437] new: [email] New setting `MISP.event_alert_metadata_only` --- app/Console/Command/EventShell.php | 1 + app/Model/Event.php | 1 + app/Model/Server.php | 10 +++++++++- 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/app/Console/Command/EventShell.php b/app/Console/Command/EventShell.php index 7607b6196..4cab2bae5 100644 --- a/app/Console/Command/EventShell.php +++ b/app/Console/Command/EventShell.php @@ -490,6 +490,7 @@ class EventShell extends AppShell 'includeEventCorrelations' => true, 'noEventReports' => true, 'noSightings' => true, + 'metadata' => Configure::read('MISP.event_alert_metadata_only') ?: false, ]); if (empty($eventForUser)) { $this->error("Event with ID $eventId not exists or given user don't have permission to access it."); diff --git a/app/Model/Event.php b/app/Model/Event.php index a96149f92..adb14f3ec 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -3196,6 +3196,7 @@ class Event extends AppModel 'includeEventCorrelations' => true, 'noEventReports' => true, 'noSightings' => true, + 'metadata' => Configure::read('MISP.event_alert_metadata_only') ?: false, ])[0]; if ($this->UserSetting->checkPublishFilter($user, $eventForUser)) { diff --git a/app/Model/Server.php b/app/Model/Server.php index 8109c86bf..021e0d439 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -4864,12 +4864,20 @@ class Server extends AppModel ), 'extended_alert_subject' => array( 'level' => 1, - 'description' => __('enabling this flag will allow the event description to be transmitted in the alert e-mail\'s subject. Be aware that this is not encrypted by GnuPG, so only enable it if you accept that part of the event description will be sent out in clear-text.'), + 'description' => __('Enabling this flag will allow the event description to be transmitted in the alert e-mail\'s subject. Be aware that this is not encrypted by GnuPG, so only enable it if you accept that part of the event description will be sent out in clear-text.'), 'value' => false, 'errorMessage' => '', 'test' => 'testBool', 'type' => 'boolean' ), + 'event_alert_metadata_only' => [ + 'level' => self::SETTING_OPTIONAL, + 'description' => __('Send just event metadata (attributes and objects will be omitted) for event alert.'), + 'value' => false, + 'errorMessage' => '', + 'test' => 'testBool', + 'type' => 'boolean' + ], 'default_event_distribution' => array( 'level' => 0, 'description' => __('The default distribution setting for events (0-3).'), From f140de17f24f84a850fbebe53c08bd40dd3eba42 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 8 Feb 2021 15:59:47 +0100 Subject: [PATCH 318/437] fix: [email] Correct Content-Type header for alternative content --- app/Lib/Tools/SendEmail.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/app/Lib/Tools/SendEmail.php b/app/Lib/Tools/SendEmail.php index de88f45f2..2173b529e 100644 --- a/app/Lib/Tools/SendEmail.php +++ b/app/Lib/Tools/SendEmail.php @@ -661,14 +661,15 @@ class SendEmail $messagePart = new MessagePart(); $messagePart->addHeader('Content-Type', array( - 'multipart/mixed', + $email->emailFormat() === 'both' ? 'multipart/alternative' : 'multipart/mixed', 'boundary="' . $email->boundary() . '"', 'protected-headers="v1"', )); - // Protect User-Facing Headers according to https://tools.ietf.org/id/draft-autocrypt-lamps-protected-headers-01.html + // Protect User-Facing Headers and Structural Headers according to + // https://tools.ietf.org/id/draft-autocrypt-lamps-protected-headers-02.html $originalHeaders = $email->getHeaders(array('subject', 'from', 'to')); - $protectedHeaders = array('From', 'To', 'Date', 'Message-ID', 'Subject', 'Reply-To'); + $protectedHeaders = ['From', 'To', 'Date', 'Message-ID', 'Subject', 'Reply-To', 'In-Reply-To', 'References']; foreach ($protectedHeaders as $header) { if (isset($originalHeaders[$header])) { $messagePart->addHeader($header, $originalHeaders[$header]); @@ -757,7 +758,7 @@ class SendEmail $messagePart = new MessagePart(); $messagePart->addHeader('Content-Type', array( - 'multipart/mixed', + $email->emailFormat() === 'both' ? 'multipart/alternative' : 'multipart/mixed', 'boundary="' . $email->boundary() . '"', )); $messagePart->setPayload($renderedEmail); From 634810d856d4ddf132c3c319b9a1505591630c3f Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 8 Feb 2021 17:13:25 +0100 Subject: [PATCH 319/437] fix: [email] Correctly check if user has PGP or S/MIME key --- app/Controller/EventsController.php | 50 +++++++++++++++++------------ 1 file changed, 29 insertions(+), 21 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 829853d94..36d68a146 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -838,27 +838,7 @@ class EventsController extends AppController return $this->RestResponse->viewData($export->eventIndex($events), 'csv'); } - $user = $this->Auth->user(); - $user = $this->Event->User->fillKeysToUser($user); - - if (empty($user['gpgkey']) && Configure::read('GnuPG.onlyencrypted')) { - // No GnuPG - if (Configure::read('SMIME.enabled') && empty($user['certif_public'])) { - // No GnuPG and No SMIME - $this->Flash->info(__('No X.509 certificate or GnuPG key set in your profile. To receive emails, submit your public certificate or GnuPG key in your profile.')); - } elseif (!Configure::read('SMIME.enabled')) { - $this->Flash->info(__('No GnuPG key set in your profile. To receive emails, submit your public key in your profile.')); - } - } elseif ($this->Auth->user('autoalert') && empty($user['gpgkey']) && Configure::read('GnuPG.bodyonlyencrypted')) { - // No GnuPG & autoalert - if ($this->Auth->user('autoalert') && Configure::read('SMIME.enabled') && empty($user['certif_public'])) { - // No GnuPG and No SMIME & autoalert - $this->Flash->info(__('No X.509 certificate or GnuPG key set in your profile. To receive attributes in emails, submit your public certificate or GnuPG key in your profile.')); - } elseif (!Configure::read('SMIME.enabled')) { - $this->Flash->info(__('No GnuPG key set in your profile. To receive attributes in emails, submit your public key in your profile.')); - } - } - + $this->__noKeyNotification(); $this->set('events', $events); $this->set('eventDescriptions', $this->Event->fieldDescriptions); $this->set('analysisLevels', $this->Event->analysisLevels); @@ -876,6 +856,34 @@ class EventsController extends AppController } } + private function __noKeyNotification() + { + $onlyEncrypted = Configure::read('GnuPG.onlyencrypted'); + $bodyOnlyEncrypted = Configure::read('GnuPG.bodyonlyencrypted'); + if (!$onlyEncrypted && !$bodyOnlyEncrypted) { + return; + } + + $user = $this->Event->User->fillKeysToUser($this->Auth->user()); + if (!empty($user['gpgkey'])) { + return; // use has PGP key + } + + if ($onlyEncrypted) { + if (Configure::read('SMIME.enabled') && empty($user['certif_public'])) { + $this->Flash->info(__('No X.509 certificate or PGP key set in your profile. To receive emails, submit your public certificate or PGP key in your profile.')); + } elseif (!Configure::read('SMIME.enabled')) { + $this->Flash->info(__('No PGP key set in your profile. To receive emails, submit your public key in your profile.')); + } + } elseif ($bodyOnlyEncrypted && $user['autoalert']) { + if (Configure::read('SMIME.enabled') && empty($user['certif_public'])) { + $this->Flash->info(__('No X.509 certificate or PGP key set in your profile. To receive attributes in emails, submit your public certificate or PGP key in your profile.')); + } elseif (!Configure::read('SMIME.enabled')) { + $this->Flash->info(__('No PGP key set in your profile. To receive attributes in emails, submit your public key in your profile.')); + } + } + } + public function filterEventIndex() { $passedArgsArray = array(); From 8b2d1bdffda8381e5551e29433fdaafa43fda160 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Fri, 5 Mar 2021 09:14:00 +0100 Subject: [PATCH 320/437] chg: [internal] Fetch attribute UUIDs for sightings in different query --- app/Model/Sighting.php | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/app/Model/Sighting.php b/app/Model/Sighting.php index 534cbda92..e8a0319c6 100644 --- a/app/Model/Sighting.php +++ b/app/Model/Sighting.php @@ -536,7 +536,6 @@ class Sighting extends AppModel */ public function attachToEvent(array $event, array $user, $attribute = null, $extraConditions = false, $forSync = false) { - $contain = []; $conditions = array('Sighting.event_id' => $event['Event']['id']); if (isset($attribute['Attribute']['id'])) { $conditions['Sighting.attribute_id'] = $attribute['Attribute']['id']; @@ -547,8 +546,6 @@ class Sighting extends AppModel 'conditions' => ['Attribute.id' => $attribute], 'fields' => ['Attribute.uuid'] ]); - } else { - $contain['Attribute'] = ['fields' => 'Attribute.uuid']; } $ownEvent = $user['Role']['perm_site_admin'] || $event['Event']['org_id'] == $user['org_id']; @@ -570,18 +567,29 @@ class Sighting extends AppModel $sightings = $this->find('all', array( 'conditions' => $conditions, 'recursive' => -1, - 'contain' => $contain, )); if (empty($sightings)) { - return array(); + return []; } - foreach ($sightings as $k => $sighting) { - if (isset($sighting['Attribute']['uuid'])) { - $sighting['Sighting']['attribute_uuid'] = $sighting['Attribute']['uuid']; - } else { - $sighting['Sighting']['attribute_uuid'] = $attribute['Attribute']['uuid']; + if ($attribute === null) { + // Do not add attribute uuid in contain query, joining is slow and takes more memory + $attributeUuids = $this->Attribute->find('all', [ + 'conditions' => ['Attribute.event_id' => $event['Event']['id']], + 'fields' => ['Attribute.id', 'Attribute.uuid'], + 'recursive' => -1, + ]); + // `array_column` is much faster than find('list') + $attributeUuids = array_column(array_column($attributeUuids, 'Attribute'), 'uuid', 'id'); + foreach ($sightings as $k => $sighting) { + $sighting['Sighting']['attribute_uuid'] = $attributeUuids[$sighting['Sighting']['attribute_id']]; + $sightings[$k] = $sighting; + } + unset($attributeUuids); + } else { + foreach ($sightings as $k => $sighting) { + $sighting['Sighting']['attribute_uuid'] = $attribute['Attribute']['uuid']; + $sightings[$k] = $sighting; } - $sightings[$k] = $sighting; } return $this->attachOrgToSightings($sightings, $user, $forSync); } From 3f12e95571e4b35f12e20dd60d88585885a2fd1c Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sat, 6 Mar 2021 10:39:06 +0100 Subject: [PATCH 321/437] new: [test] Alert email generating --- app/Console/Command/EventShell.php | 11 ++++------- tests/curl_tests_GH.sh | 5 ++++- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/app/Console/Command/EventShell.php b/app/Console/Command/EventShell.php index 4cab2bae5..b69c36122 100644 --- a/app/Console/Command/EventShell.php +++ b/app/Console/Command/EventShell.php @@ -480,11 +480,8 @@ class EventShell extends AppShell { list($eventId, $userId) = $this->args; - $user = $this->User->getUserById($userId); - if (empty($user)) { - $this->error("User with ID $userId not found."); - } - $eventForUser = $this->Event->fetchEvent($this->User->rearrangeToAuthForm($user), [ + $user = $this->getUser($userId); + $eventForUser = $this->Event->fetchEvent($user, [ 'eventid' => $eventId, 'includeAllTags' => true, 'includeEventCorrelations' => true, @@ -496,13 +493,13 @@ class EventShell extends AppShell $this->error("Event with ID $eventId not exists or given user don't have permission to access it."); } - $emailTemplate = $this->Event->prepareAlertEmail($eventForUser[0], $this->User->rearrangeToAuthForm($user)); + $emailTemplate = $this->Event->prepareAlertEmail($eventForUser[0], $user); App::uses('SendEmail', 'Tools'); App::uses('GpgTool', 'Tools'); $sendEmail = new SendEmail(GpgTool::initializeGpg()); $sendEmail->setTransport('Debug'); - $result = $sendEmail->sendToUser($user, null, $emailTemplate); + $result = $sendEmail->sendToUser(['User' => $user], null, $emailTemplate); echo $result['contents']['headers'] . "\n\n" . $result['contents']['message'] . "\n"; } diff --git a/tests/curl_tests_GH.sh b/tests/curl_tests_GH.sh index fdf87ba22..2bdcf5d5d 100755 --- a/tests/curl_tests_GH.sh +++ b/tests/curl_tests_GH.sh @@ -6,9 +6,12 @@ set -x AUTH="$1" HOST="$2" -curl -i -H "Accept: application/json" -H "content-type: application/json" -H "Authorization: $AUTH" --data "@event.json" -X POST http://${HOST}/events +curl -i -H "Accept: application/json" -H "content-type: application/json" -H "Authorization: $AUTH" --data "@event.json" -X POST http://${HOST}/events > /dev/null curl -H "Authorization: $AUTH" -X GET http://${HOST}/events/csv/download/1/ignore:1 | sed -e 's/^M//g' | cut -d, -f2 --complement | sort > 1.csv cat 1.csv cut -d, -f2 --complement event.csv | sort > compare.csv diff compare.csv 1.csv +# Test alert email generating +sudo -E su $USER -c '../app/Console/cake Event testEventNotificationEmail 1 1' > /dev/null +# Delete created event curl -i -H "Accept: application/json" -H "content-type: application/json" -H "Authorization: $AUTH" -X POST http://${HOST}/events/delete/1 From 5dcaa53e88eac389e5a4df4d916a7cb417d5f967 Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Sun, 7 Mar 2021 00:14:42 +0000 Subject: [PATCH 322/437] chg: [attributes] fix copypasta error leading to internal server error on addtag with tag name --- app/Controller/AttributesController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index eb46297ca..622041d1e 100644 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -2678,7 +2678,7 @@ class AttributesController extends AppController } } } else { - $tag = $this->Event->EventTag->Tag->find('first', array('recursive' => -1, 'conditions' => $conditions)); + $tag = $this->Attribute->AttributeTag->Tag->find('first', array('recursive' => -1, 'conditions' => $conditions)); if (empty($tag)) { return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Invalid Tag.')), 'status'=>200, 'type' => 'json')); } From e19850218a31ad86a51544f757af173fa222baf4 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Sun, 7 Mar 2021 11:12:03 +0100 Subject: [PATCH 323/437] chg: [optimisation] Faster Model::_findList method --- app/Model/AppModel.php | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/app/Model/AppModel.php b/app/Model/AppModel.php index 4e4c0acae..09b4d622d 100644 --- a/app/Model/AppModel.php +++ b/app/Model/AppModel.php @@ -3036,6 +3036,34 @@ class AppModel extends Model } } + /** + * Optimised version of CakePHP _findList method when just one or two fields are set from same model + * @param string $state + * @param array $query + * @param array $results + * @return array + */ + protected function _findList($state, $query, $results = []) + { + if ($state === 'before') { + return parent::_findList($state, $query, $results); + } + + if (empty($results)) { + return []; + } + + if ($query['list']['groupPath'] === null) { + $keyPath = explode('.', $query['list']['keyPath']); + $valuePath = explode('.', $query['list']['valuePath']); + if ($keyPath[1] === $valuePath[1]) { // same model + return array_column(array_column($results, $keyPath[1]), $valuePath[2], $keyPath[2]); + } + } + + return parent::_findList($state, $query, $results); + } + /** * Find method that allows to fetch just one column from database. * @param $state From 8913fe15cc5ec0cee171377e8d9a62d59015fd22 Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Sun, 7 Mar 2021 00:14:42 +0000 Subject: [PATCH 324/437] chg: [attributes] fix copypasta error leading to internal server error on addtag with tag name --- app/Controller/AttributesController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index eb46297ca..622041d1e 100644 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -2678,7 +2678,7 @@ class AttributesController extends AppController } } } else { - $tag = $this->Event->EventTag->Tag->find('first', array('recursive' => -1, 'conditions' => $conditions)); + $tag = $this->Attribute->AttributeTag->Tag->find('first', array('recursive' => -1, 'conditions' => $conditions)); if (empty($tag)) { return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Invalid Tag.')), 'status'=>200, 'type' => 'json')); } From c43cf356a3a6cafcada11908008056b3dafdebbf Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Sun, 7 Mar 2021 00:14:42 +0000 Subject: [PATCH 325/437] chg: [attributes] fix copypasta error leading to internal server error on addtag with tag name --- app/Controller/AttributesController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index eb46297ca..622041d1e 100644 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -2678,7 +2678,7 @@ class AttributesController extends AppController } } } else { - $tag = $this->Event->EventTag->Tag->find('first', array('recursive' => -1, 'conditions' => $conditions)); + $tag = $this->Attribute->AttributeTag->Tag->find('first', array('recursive' => -1, 'conditions' => $conditions)); if (empty($tag)) { return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Invalid Tag.')), 'status'=>200, 'type' => 'json')); } From 9c19392f02838afd66bf41cc6402ee3b04bd5f84 Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Sun, 7 Mar 2021 13:04:39 +0000 Subject: [PATCH 326/437] chg: [attributes] fix attribute addtag by name conditions for find not set --- app/Controller/AttributesController.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index 622041d1e..fe555f05d 100644 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -2678,6 +2678,11 @@ class AttributesController extends AppController } } } else { + $conditions = array('LOWER(Tag.name)' => strtolower(trim($tag_id))); + if (!$this->_isSiteAdmin()) { + $conditions['Tag.org_id'] = array('0', $this->Auth->user('org_id')); + $conditions['Tag.user_id'] = array('0', $this->Auth->user('id')); + } $tag = $this->Attribute->AttributeTag->Tag->find('first', array('recursive' => -1, 'conditions' => $conditions)); if (empty($tag)) { return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Invalid Tag.')), 'status'=>200, 'type' => 'json')); From 0c102a112cea7795a901dd0d4eed1c26a3474b85 Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Sun, 7 Mar 2021 13:04:39 +0000 Subject: [PATCH 327/437] chg: [attributes] fix attribute addtag by name conditions for find not set --- app/Controller/AttributesController.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index 622041d1e..fe555f05d 100644 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -2678,6 +2678,11 @@ class AttributesController extends AppController } } } else { + $conditions = array('LOWER(Tag.name)' => strtolower(trim($tag_id))); + if (!$this->_isSiteAdmin()) { + $conditions['Tag.org_id'] = array('0', $this->Auth->user('org_id')); + $conditions['Tag.user_id'] = array('0', $this->Auth->user('id')); + } $tag = $this->Attribute->AttributeTag->Tag->find('first', array('recursive' => -1, 'conditions' => $conditions)); if (empty($tag)) { return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Invalid Tag.')), 'status'=>200, 'type' => 'json')); From d7e535a302fee6348b71683b15659b548220a4ea Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Sun, 7 Mar 2021 16:09:49 +0000 Subject: [PATCH 328/437] chg: [restClient:querybuilder] add events and attributes addTag and removeTag actions. --- .../Component/RestResponseComponent.php | 41 +++++++++++++++---- 1 file changed, 33 insertions(+), 8 deletions(-) diff --git a/app/Controller/Component/RestResponseComponent.php b/app/Controller/Component/RestResponseComponent.php index b971b28d7..6508b1c84 100644 --- a/app/Controller/Component/RestResponseComponent.php +++ b/app/Controller/Component/RestResponseComponent.php @@ -48,7 +48,15 @@ class RestResponseComponent extends Component 'mandatory' => array('returnFormat'), 'optional' => array('page', 'limit', 'value' , 'type', 'category', 'org', 'tags', 'date', 'last', 'eventid', 'withAttachments', 'uuid', 'publish_timestamp', 'timestamp', 'attribute_timestamp', 'enforceWarninglist', 'to_ids', 'deleted', 'includeEventUuid', 'includeEventTags', 'event_timestamp', 'threat_level_id', 'eventinfo', 'includeProposals', 'includeDecayScore', 'includeFullModel', 'decayingModel', 'excludeDecayed', 'score', 'first_seen', 'last_seen'), 'params' => array() - ) + ), + 'addTag' => array( + 'description' => "Add a tag or a tag collection to an attribute.", + 'mandatory' => array('attribute', 'tag') + ), + 'removeTag' => array( + 'description' => "Remove a tag from an attribute.", + 'mandatory' => array('attribute', 'tag') + ), ), 'Community' => array( 'requestAccess' => array( @@ -80,7 +88,15 @@ class RestResponseComponent extends Component 'mandatory' => array('returnFormat'), 'optional' => array('page', 'limit', 'value', 'type', 'category', 'org', 'tag', 'tags', 'searchall', 'date', 'last', 'eventid', 'withAttachments', 'metadata', 'uuid', 'published', 'publish_timestamp', 'timestamp', 'enforceWarninglist', 'sgReferenceOnly', 'eventinfo', 'excludeLocalTags', 'threat_level_id'), 'params' => array() - ) + ), + 'addTag' => array( + 'description' => "Add a tag or a tag collection to an event.", + 'mandatory' => array('event', 'tag') + ), + 'removeTag' => array( + 'description' => "Remove a tag from an event.", + 'mandatory' => array('event', 'tag') + ), ), 'EventGraph' => array( 'add' => array( @@ -944,6 +960,13 @@ class RestResponseComponent extends Component 'values' => array(1 => 'True', 0 => 'False' ), 'help' => __('Should the warning list be enforced. Adds `blocked` field for matching attributes') ), + 'event' => array( + 'input' => 'number', + 'type' => 'integer', + 'operators' => array('equal', 'not_equal'), + 'validation' => array('min' => 0, 'step' => 1), + 'help' => __('Event id') + ), 'event_id' => array( 'input' => 'number', 'type' => 'integer', @@ -1671,12 +1694,6 @@ class RestResponseComponent extends Component 'operators' => array('equal'), 'help' => __('Not supported (warninglist->checkvalues) expect an array') ), - 'event' => array( - 'input' => 'text', - 'type' => 'string', - 'operators' => array('equal'), - 'help' => __('Not supported (removeTag)') - ), 'push_rules' => array( 'input' => 'text', 'type' => 'string', @@ -1801,6 +1818,9 @@ class RestResponseComponent extends Component case "last_seen": $this->__overwriteSeen($scope, $action, $fieldsConstraint[$field]); break; + case "attribute": + $this->__overwriteAttribute($scope, $action, $fieldsConstraint[$field]); + break; default: break; } @@ -1882,6 +1902,11 @@ class RestResponseComponent extends Component $field['help'] = __('Also supports array of tags'); } } + private function __overwriteAttribute($scope, $action, &$field){ + if ($action == 'addTag' || $action == 'removeTag') { + $field['help'] = __('Attribute id'); + } + } private function __overwriteNationality($scope, $action, &$field) { $field['values'] = ClassRegistry::init("Organisation")->getCountries(); } From f4cb072d586b9a6d3ee2dea011dfe95ebf8703ba Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 8 Mar 2021 08:43:40 +0100 Subject: [PATCH 329/437] chg: [correlation] Do not update info and date column, since they are not used anymore --- app/Model/Event.php | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index 9901a429d..f4d34bf77 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -510,24 +510,16 @@ class Event extends AppModel public function afterSave($created, $options = array()) { if (!Configure::read('MISP.completely_disable_correlation') && !$created) { - $db = $this->getDataSource(); - - $updateCorrelation = array(); - if (isset($this->data['Event']['date'])) { - $updateCorrelation['Correlation.date'] = $db->value($this->data['Event']['date']); - } - if (isset($this->data['Event']['info'])) { - $updateCorrelation['Correlation.info'] = $db->value($this->data['Event']['info']); - } + $updateCorrelation = []; if (isset($this->data['Event']['distribution'])) { - $updateCorrelation['Correlation.distribution'] = $db->value($this->data['Event']['distribution']); + $updateCorrelation['Correlation.distribution'] = (int)$this->data['Event']['distribution']; } if (isset($this->data['Event']['sharing_group_id'])) { - $updateCorrelation['Correlation.sharing_group_id'] = $db->value($this->data['Event']['sharing_group_id']); + $updateCorrelation['Correlation.sharing_group_id'] = (int)$this->data['Event']['sharing_group_id']; } if (!empty($updateCorrelation)) { $this->Correlation = ClassRegistry::init('Correlation'); - $this->Correlation->updateAll($updateCorrelation, array('Correlation.event_id' => intval($this->data['Event']['id']))); + $this->Correlation->updateAll($updateCorrelation, ['Correlation.event_id' => (int)$this->data['Event']['id']]); } } if (empty($this->data['Event']['unpublishAction']) && empty($this->data['Event']['skip_zmq']) && Configure::read('Plugin.ZeroMQ_enable') && Configure::read('Plugin.ZeroMQ_event_notifications_enable')) { From b81f348581929f18c1fadf4e5ade24331038ea2d Mon Sep 17 00:00:00 2001 From: Jeroen Pinoy Date: Sun, 7 Mar 2021 16:09:49 +0000 Subject: [PATCH 330/437] chg: [restClient:querybuilder] add events and attributes addTag and removeTag actions. --- .../Component/RestResponseComponent.php | 41 +++++++++++++++---- 1 file changed, 33 insertions(+), 8 deletions(-) diff --git a/app/Controller/Component/RestResponseComponent.php b/app/Controller/Component/RestResponseComponent.php index b971b28d7..6508b1c84 100644 --- a/app/Controller/Component/RestResponseComponent.php +++ b/app/Controller/Component/RestResponseComponent.php @@ -48,7 +48,15 @@ class RestResponseComponent extends Component 'mandatory' => array('returnFormat'), 'optional' => array('page', 'limit', 'value' , 'type', 'category', 'org', 'tags', 'date', 'last', 'eventid', 'withAttachments', 'uuid', 'publish_timestamp', 'timestamp', 'attribute_timestamp', 'enforceWarninglist', 'to_ids', 'deleted', 'includeEventUuid', 'includeEventTags', 'event_timestamp', 'threat_level_id', 'eventinfo', 'includeProposals', 'includeDecayScore', 'includeFullModel', 'decayingModel', 'excludeDecayed', 'score', 'first_seen', 'last_seen'), 'params' => array() - ) + ), + 'addTag' => array( + 'description' => "Add a tag or a tag collection to an attribute.", + 'mandatory' => array('attribute', 'tag') + ), + 'removeTag' => array( + 'description' => "Remove a tag from an attribute.", + 'mandatory' => array('attribute', 'tag') + ), ), 'Community' => array( 'requestAccess' => array( @@ -80,7 +88,15 @@ class RestResponseComponent extends Component 'mandatory' => array('returnFormat'), 'optional' => array('page', 'limit', 'value', 'type', 'category', 'org', 'tag', 'tags', 'searchall', 'date', 'last', 'eventid', 'withAttachments', 'metadata', 'uuid', 'published', 'publish_timestamp', 'timestamp', 'enforceWarninglist', 'sgReferenceOnly', 'eventinfo', 'excludeLocalTags', 'threat_level_id'), 'params' => array() - ) + ), + 'addTag' => array( + 'description' => "Add a tag or a tag collection to an event.", + 'mandatory' => array('event', 'tag') + ), + 'removeTag' => array( + 'description' => "Remove a tag from an event.", + 'mandatory' => array('event', 'tag') + ), ), 'EventGraph' => array( 'add' => array( @@ -944,6 +960,13 @@ class RestResponseComponent extends Component 'values' => array(1 => 'True', 0 => 'False' ), 'help' => __('Should the warning list be enforced. Adds `blocked` field for matching attributes') ), + 'event' => array( + 'input' => 'number', + 'type' => 'integer', + 'operators' => array('equal', 'not_equal'), + 'validation' => array('min' => 0, 'step' => 1), + 'help' => __('Event id') + ), 'event_id' => array( 'input' => 'number', 'type' => 'integer', @@ -1671,12 +1694,6 @@ class RestResponseComponent extends Component 'operators' => array('equal'), 'help' => __('Not supported (warninglist->checkvalues) expect an array') ), - 'event' => array( - 'input' => 'text', - 'type' => 'string', - 'operators' => array('equal'), - 'help' => __('Not supported (removeTag)') - ), 'push_rules' => array( 'input' => 'text', 'type' => 'string', @@ -1801,6 +1818,9 @@ class RestResponseComponent extends Component case "last_seen": $this->__overwriteSeen($scope, $action, $fieldsConstraint[$field]); break; + case "attribute": + $this->__overwriteAttribute($scope, $action, $fieldsConstraint[$field]); + break; default: break; } @@ -1882,6 +1902,11 @@ class RestResponseComponent extends Component $field['help'] = __('Also supports array of tags'); } } + private function __overwriteAttribute($scope, $action, &$field){ + if ($action == 'addTag' || $action == 'removeTag') { + $field['help'] = __('Attribute id'); + } + } private function __overwriteNationality($scope, $action, &$field) { $field['values'] = ClassRegistry::init("Organisation")->getCountries(); } From 306782afac174d322fd26ba325f8b534f2b7325d Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Mon, 8 Mar 2021 10:22:55 +0100 Subject: [PATCH 331/437] chg: [internal] Faster event locks with Redis --- app/Controller/EventsController.php | 2 +- app/Model/EventLock.php | 101 +++++++++++++++------------- 2 files changed, 57 insertions(+), 46 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 3a64d2f49..a5ca151d0 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -5318,7 +5318,7 @@ class EventsController extends AppController throw new MethodNotAllowedException('This endpoint requires a POST request.'); } - $event = $this->Event->fetchSimpleEvent($this->Auth->User(), $id); + $event = $this->Event->fetchSimpleEvent($this->Auth->user(), $id); if (empty($event)) { throw new MethodNotAllowedException(__('Invalid Event')); } diff --git a/app/Model/EventLock.php b/app/Model/EventLock.php index 790c2b801..769923763 100644 --- a/app/Model/EventLock.php +++ b/app/Model/EventLock.php @@ -5,7 +5,8 @@ App::uses('AppModel', 'Model'); class EventLock extends AppModel { // In seconds - const DEFAULT_TTL = 900; + const DEFAULT_TTL = 900, + PREFIX = 'misp:event_lock'; /** * @param array $user @@ -14,7 +15,7 @@ class EventLock extends AppModel */ public function insertLock(array $user, $eventId) { - return $this->insertLockToRedis("misp:event_lock:$eventId:user:{$user['id']}", [ + return $this->insertLockToRedis($eventId, "user:{$user['id']}", [ 'type' => 'user', 'timestamp' => time(), 'User' => [ @@ -32,7 +33,7 @@ class EventLock extends AppModel */ public function insertLockBackgroundJob($eventId, $jobId) { - return $this->insertLockToRedis("misp:event_lock:$eventId:job:$jobId", [ + return $this->insertLockToRedis($eventId, "job:$jobId", [ 'type' => 'job', 'timestamp' => time(), 'job_id' => $jobId, @@ -45,21 +46,38 @@ class EventLock extends AppModel */ public function insertLockApi($eventId, array $user) { - $rand = mt_rand(); - if ($this->insertLockToRedis("misp:event_lock:$eventId:api:{$user['id']}:$rand", [ + $apiLockId = mt_rand(); + if ($this->insertLockToRedis($eventId, "api:{$user['id']}:$apiLockId", [ 'type' => 'api', 'user_id' => $user['id'], 'timestamp' => time(), ])) { - return $rand; + return $apiLockId; } return null; } + /** + * @param int $eventId + * @param int $apiLockId + * @return bool + */ + public function deleteApiLock($eventId, $apiLockId, array $user) + { + try { + $redis = $this->setupRedisWithException(); + } catch (Exception $e) { + return false; + } + + $deleted = $redis->hdel(self::PREFIX . $eventId, "api:{$user['id']}:$apiLockId"); + return $deleted > 0; + } + /** * @param int $eventId * @param int $jobId - * @return null + * @return bool */ public function deleteBackgroundJobLock($eventId, $jobId) { @@ -69,40 +87,7 @@ class EventLock extends AppModel return false; } - $deleted = $redis->del("misp:event_lock:$eventId:job:$jobId"); - return $deleted > 0; - } - - /** - * @param string $key - * @param array $data - * @return bool - */ - private function insertLockToRedis($key, array $data) - { - try { - $redis = $this->setupRedisWithException(); - } catch (Exception $e) { - return false; - } - - return $redis->setex($key, self::DEFAULT_TTL, json_encode($data)); - } - - /** - * @param int $eventId - * @param int $lockId - * @return bool - */ - public function deleteApiLock($eventId, $lockId, array $user) - { - try { - $redis = $this->setupRedisWithException(); - } catch (Exception $e) { - return false; - } - - $deleted = $redis->del("misp:event_lock:$eventId:api:{$user['id']}:$lockId"); + $deleted = $redis->hDel(self::PREFIX . $eventId, "job:$jobId"); return $deleted > 0; } @@ -120,13 +105,39 @@ class EventLock extends AppModel return []; } - $keys = $redis->keys("misp:event_lock:$eventId:*"); + $keys = $redis->hGetAll(self::PREFIX . $eventId); if (empty($keys)) { return []; } - return array_map(function ($value) { - return $this->jsonDecode($value); - }, $redis->mget($keys)); + $output = []; + $now = time(); + foreach ($keys as $value) { + $value = $this->jsonDecode($value); + if ($value['timestamp'] + self::DEFAULT_TTL > $now) { + $output[] = $value; + } + } + return $output; + } + + /** + * @param int $eventId + * @param string $lockId + * @param array $data + * @return bool + */ + private function insertLockToRedis($eventId, $lockId, array $data) + { + try { + $redis = $this->setupRedisWithException(); + } catch (Exception $e) { + return false; + } + + $pipeline = $redis->pipeline(); + $pipeline->hSet(self::PREFIX . $eventId, $lockId, json_encode($data)); + $pipeline->expire(self::PREFIX . $eventId, self::DEFAULT_TTL); // prolong TTL + return $pipeline->exec()[0] !== false; } } From 3b4f61c8849dce6c57eeba3aeda4c5bf3b36f96c Mon Sep 17 00:00:00 2001 From: mokaddem Date: Tue, 9 Mar 2021 10:48:06 +0100 Subject: [PATCH 332/437] chg: [eventGraph] Improved object coloring strategy --- app/Lib/Tools/ColourPaletteTool.php | 14 +++++++++++++- app/Lib/Tools/EventGraphTool.php | 23 +++++++++++++++++++++++ app/webroot/js/event-graph.js | 16 ++++++++-------- 3 files changed, 44 insertions(+), 9 deletions(-) diff --git a/app/Lib/Tools/ColourPaletteTool.php b/app/Lib/Tools/ColourPaletteTool.php index a5bcceffa..75a3d14da 100644 --- a/app/Lib/Tools/ColourPaletteTool.php +++ b/app/Lib/Tools/ColourPaletteTool.php @@ -66,7 +66,11 @@ class ColourPaletteTool // pass the element's id from the list along to get a colour for a single item public function generatePaletteFromString($string, $items, $onlySpecific = false) { - $hue = $this->__stringToNumber($string); + if (Validation::uuid($string)) { + $hue = $this->__uuidToNumber($string); + } else { + $hue = $this->__stringToNumber($string); + } $saturation = 1; $steps = 80 / $items; $results = array(); @@ -91,4 +95,12 @@ class ColourPaletteTool } return $number % 100 / 100; } + + private function __uuidToNumber($string) + { + $part = explode('-', $string)[4]; + $number = hexdec($part); + $max = hexdec('ffffffffffff'); + return round($number / $max, 2); + } } diff --git a/app/Lib/Tools/EventGraphTool.php b/app/Lib/Tools/EventGraphTool.php index 5006fff16..327ee63cc 100644 --- a/app/Lib/Tools/EventGraphTool.php +++ b/app/Lib/Tools/EventGraphTool.php @@ -28,6 +28,9 @@ 'distributionLevels' => $this->__eventModel->Attribute->distributionLevels ); $this->__authorized_JSON_key = array('event_id', 'distribution', 'category', 'type', 'value', 'comment', 'uuid', 'to_ids', 'timestamp', 'id'); + + App::uses('ColourPaletteTool', 'Tools'); + $this->__paletteTool = new ColourPaletteTool(); return true; } @@ -270,6 +273,7 @@ $this->__extendedEventUUIDMapping[$toPush['event_id']] = ''; } + $templatesCount = []; foreach ($object as $obj) { $toPush = array( 'id' => sprintf('o-%s', $obj['id']), @@ -290,6 +294,10 @@ $this->__json['existing_object_relation'][$attr['object_relation']] = 0; // set-alike } } + if (empty($templatesCount[$obj['template_uuid']])) { + $templatesCount[$obj['template_uuid']] = 0; + } + $templatesCount[$obj['template_uuid']]++; array_push($this->__json['items'], $toPush); $this->__extendedEventUUIDMapping[$toPush['event_id']] = ''; @@ -307,6 +315,7 @@ array_push($this->__json['relations'], $toPush); } } + $this->__json['items'] = $this->addObjectColors($this->__json['items'], $templatesCount); if ($this->__extended_view) { $this->fetchEventUUIDFromId(); @@ -564,4 +573,18 @@ ]); $this->__extendedEventUUIDMapping = $eventUUIDs; } + + private function addObjectColors($items, $templatesCount) + { + $colours = []; + foreach ($templatesCount as $templateUUID => $count) { + $colours[$templateUUID] = $this->__paletteTool->generatePaletteFromString($templateUUID, $count); + } + foreach ($items as $i => $item) { + if ($item['node_type'] == 'object') { + $items[$i]['color'] = array_shift($colours[$item['template_uuid']]); + } + } + return $items; + } } diff --git a/app/webroot/js/event-graph.js b/app/webroot/js/event-graph.js index 86a92beb2..529b6c3c3 100644 --- a/app/webroot/js/event-graph.js +++ b/app/webroot/js/event-graph.js @@ -86,13 +86,13 @@ class EventGraph { bind_listener() { var that = this; this.network.on("selectNode", function (params) { - that.network.moveTo({ - position: { - x: params.pointer.canvas.x, - y: params.pointer.canvas.y - }, - animation: true, - }); + // that.network.moveTo({ + // position: { + // x: params.pointer.canvas.x, + // y: params.pointer.canvas.y + // }, + // animation: true, + // }); }); this.network.on("dragStart", function (params) { @@ -717,7 +717,7 @@ class EventGraph { group: group, mass: 5, icon: { - color: stringToRGB(label), + color: node.color, face: '"Font Awesome 5 Free"', code: that.get_FA_icon(node['meta-category']), } From 2d058b6dc19833f6fdbe1b6a52ee0ee5415a9c69 Mon Sep 17 00:00:00 2001 From: mokaddem Date: Tue, 9 Mar 2021 10:53:24 +0100 Subject: [PATCH 333/437] chg: bumped queryversion --- app/Controller/AppController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php index 5f6403dc2..530ff0d63 100755 --- a/app/Controller/AppController.php +++ b/app/Controller/AppController.php @@ -25,7 +25,7 @@ class AppController extends Controller public $helpers = array('OrgImg', 'FontAwesome', 'UserName', 'DataPathCollector'); - private $__queryVersion = '126'; + private $__queryVersion = '127'; public $pyMispVersion = '2.4.140'; public $phpmin = '7.2'; public $phprec = '7.4'; From fc3924c8e801cc9379d7c44ca0aad1718df1de60 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 9 Mar 2021 16:05:02 +0100 Subject: [PATCH 334/437] new: [freetext] Faster freetext parsing with more tests --- app/Lib/Tools/ComplexTypeTool.php | 42 ++++++++++--------------------- app/Test/ComplexTypeToolTest.php | 27 ++++++++++++++++++++ 2 files changed, 40 insertions(+), 29 deletions(-) diff --git a/app/Lib/Tools/ComplexTypeTool.php b/app/Lib/Tools/ComplexTypeTool.php index 8d6cb01be..4b8242864 100644 --- a/app/Lib/Tools/ComplexTypeTool.php +++ b/app/Lib/Tools/ComplexTypeTool.php @@ -41,7 +41,7 @@ class ComplexTypeTool public static function refangValue($value, $type) { foreach (self::$__refangRegexTable as $regex) { - if (in_array($type, $regex['types'])) { + if (in_array($type, $regex['types'], true)) { $value = preg_replace($regex['from'], $regex['to'], $value); } } @@ -131,16 +131,6 @@ class ComplexTypeTool return array('type' => 'other', 'value' => $input); } - private function __returnOddElements($array) - { - foreach ($array as $k => $v) { - if ($k % 2 != 1) { - unset($array[$k]); - } - } - return array_values($array); - } - /** * Parse a CSV file with the given settings * All lines starting with # are stripped @@ -203,27 +193,21 @@ class ComplexTypeTool public function checkFreeText($input, $settings = array()) { - $charactersToTrim = '\'",() ' . "\t\n\r\0\x0B"; // custom + default PHP trim + $charactersToTrim = '\'".,() ' . "\t\n\r\0\x0B"; // custom + default PHP trim + $input = str_replace("\xc2\xa0", ' ', $input); // non breaking space to normal space + $input = preg_replace('/\p{C}+/u', ' ', $input); $iocArray = preg_split("/\r\n|\n|\r|\s|\s+|,|\<|\>|;/", $input); - $quotedText = explode('"', $input); - foreach ($quotedText as $k => $temp) { - $temp = trim($temp); - if (empty($temp)) { - unset($quotedText[$k]); - } else { - $quotedText[$k] = $temp; - } - } - $iocArray = array_merge($iocArray, $this->__returnOddElements($quotedText)); - $resultArray = array(); + + preg_match_all('/\"([^\"]*)\"/', $input, $matches); + foreach ($matches[1] as $match) { + if ($match !== '') { + $iocArray[] = $match; + } + } + + $resultArray = []; foreach ($iocArray as $ioc) { - // remove trailing . - $ioc = rtrim($ioc, '.'); - // remove brackets if enclosed - $ioc = trim($ioc, '()'); - $ioc = str_replace("\xc2\xa0", '', $ioc); // remove non breaking space $ioc = trim($ioc, $charactersToTrim); - $ioc = preg_replace('/\p{C}+/u', '', $ioc); if (empty($ioc)) { continue; } diff --git a/app/Test/ComplexTypeToolTest.php b/app/Test/ComplexTypeToolTest.php index a605af0e6..739208f9e 100644 --- a/app/Test/ComplexTypeToolTest.php +++ b/app/Test/ComplexTypeToolTest.php @@ -94,6 +94,15 @@ EOT; $this->assertEquals('ip-dst', $results[0]['default_type']); } + public function testCheckFreeTextIpv4Bracket(): void + { + $complexTypeTool = new ComplexTypeTool(); + $results = $complexTypeTool->checkFreeText('we also saw an IP address (8.8.8.8).'); + $this->assertCount(1, $results); + $this->assertEquals('8.8.8.8', $results[0]['value']); + $this->assertEquals('ip-dst', $results[0]['default_type']); + } + public function testCheckFreeTextIpv4WithPort(): void { $complexTypeTool = new ComplexTypeTool(); @@ -497,6 +506,24 @@ EOT; } } + public function testCheckFreeTextNonBreakableSpace(): void + { + $complexTypeTool = new ComplexTypeTool(); + $results = $complexTypeTool->checkFreeText("127.0.0.1\xc2\xa0127.0.0.2"); + $this->assertCount(2, $results); + $this->assertEquals('127.0.0.1', $results[0]['value']); + $this->assertEquals('ip-dst', $results[0]['default_type']); + } + + public function testCheckFreeTextQuoted(): void + { + $complexTypeTool = new ComplexTypeTool(); + $results = $complexTypeTool->checkFreeText('="127.0.0.1",="127.0.0.2","","1"'); + $this->assertCount(2, $results); + $this->assertEquals('127.0.0.1', $results[0]['value']); + $this->assertEquals('ip-dst', $results[0]['default_type']); + } + public function testCheckFreeTextRemoveDuplicates(): void { $complexTypeTool = new ComplexTypeTool(); From ad20eb3562011ed89fabeecc8446f2546692a4e7 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 9 Mar 2021 17:57:22 +0100 Subject: [PATCH 335/437] new: [event loader] has a new extensionList parameter - boolean, if set includes a list of extension events, metadata only --- app/Model/Event.php | 39 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 38 insertions(+), 1 deletion(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index ed9fbcead..bfc12d071 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -1842,6 +1842,7 @@ class Event extends AppModel 'blockedAttributeTags', 'eventsExtendingUuid', 'extended', + 'extensionList', 'excludeGalaxy', 'includeCustomGalaxyCluster', // not used 'includeRelatedTags', @@ -2385,6 +2386,11 @@ class Event extends AppModel $results[$k] = $this->__mergeExtensions($user, $result, $options); } } + if ($options['extensionList']) { + foreach ($results as $k => $result) { + $results[$k] = $this->__fetchEventsExtendingEvent($user, $result, $options); + } + } return $results; } @@ -2562,6 +2568,37 @@ class Event extends AppModel return $event; } + /** + * @param array $user + * @param array $event + * @param array $options + * @return array + * @throws Exception + */ + private function __fetchEventsExtendingEvent(array $user, array $event, array $options) + { + $extensions = $this->fetchEvent($user, [ + 'eventsExtendingUuid' => $event['Event']['uuid'], + 'sgReferenceOnly' => $options['sgReferenceOnly'], + 'metadata' => 1 + ]); + $extensionList = []; + foreach ($extensions as $extension) { + $extensionList[] = [ + 'id' => $extension['Event']['id'], + 'uuid' => $extension['Event']['uuid'], + 'info' => $extension['Event']['info'], + 'Orgc' => [ + 'id' => $extension['Orgc']['id'], + 'uuid' => $extension['Orgc']['uuid'], + 'name' => $extension['Orgc']['name'] + ] + ]; + } + $event['Event']['ExtendedBy'] = $extensionList; + return $event; + } + /** * @param array $user * @param array $event @@ -2602,7 +2639,7 @@ class Event extends AppModel $event[$thingToMerge] = array_merge($event[$thingToMerge], $extensionEvent[$thingToMerge]); } // Merge event reports if requested - if (!$options['noEventReports']) { + if (!$options['noEventReports'] && isset($event['EventReport'])) { $event['EventReport'] = array_merge($event['EventReport'], $extensionEvent['EventReport']); } // Merge just tags that are not already in main event From 644d84f4df2ab0113ab8c8818ba9c971a4e6c1a0 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 9 Mar 2021 17:58:24 +0100 Subject: [PATCH 336/437] fix: [UI] indextable link generation on empty result set - empty string instead of notice barfed back --- .../Elements/genericElements/IndexTable/Fields/links.ctp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/app/View/Elements/genericElements/IndexTable/Fields/links.ctp b/app/View/Elements/genericElements/IndexTable/Fields/links.ctp index 33839bd13..45b13643c 100644 --- a/app/View/Elements/genericElements/IndexTable/Fields/links.ctp +++ b/app/View/Elements/genericElements/IndexTable/Fields/links.ctp @@ -17,7 +17,12 @@ } $url_param_data_paths = implode('/', $temp); } else { - $url_param_data_paths = h(Hash::extract($row, $field['url_params_data_paths'])[0]); + $url_param_data_paths = Hash::extract($row, $field['url_params_data_paths']); + if (!empty($url_param_data_paths)) { + $url_param_data_paths = $url_param_data_paths[0]; + } else { + $url_param_data_paths = ''; + } } $urlWithData .= '/' . $url_param_data_paths; } From 1d08e3eef2d3f593e0502ee34bcfa92c3f07f250 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 9 Mar 2021 20:05:22 +0100 Subject: [PATCH 337/437] fix: [merge] Local tags should stay local --- app/Model/Event.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/app/Model/Event.php b/app/Model/Event.php index a53d798f8..2dee4aedb 100755 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -6207,7 +6207,6 @@ class Event extends AppModel if ($jobId) { $this->Job = ClassRegistry::init('Job'); $this->Job->id = $jobId; - } $failed_attributes = $failed_objects = $failed_object_attributes = $failed_reports = 0; $saved_attributes = $saved_objects = $saved_object_attributes = $saved_reports = 0; @@ -6244,7 +6243,7 @@ class Event extends AppModel foreach ($attribute['Tag'] as $tag) { $tag_id = $this->Attribute->AttributeTag->Tag->captureTag($tag, $user); if ($tag_id) { - $this->Attribute->AttributeTag->attachTagToAttribute($this->Attribute->id, $id, $tag_id); + $this->Attribute->AttributeTag->attachTagToAttribute($this->Attribute->id, $id, $tag_id, !empty($tag['local'])); } } } @@ -6581,7 +6580,7 @@ class Event extends AppModel foreach ($attribute['Tag'] as $tag) { $tag_id = $this->Attribute->AttributeTag->Tag->captureTag($tag, $user); if ($tag_id) { - $this->Attribute->AttributeTag->attachTagToAttribute($this->Attribute->id, $event_id, $tag_id); + $this->Attribute->AttributeTag->attachTagToAttribute($this->Attribute->id, $event_id, $tag_id, !empty($tag['local'])); } } } From ddd5673f86cce28afc0eaaf9da09c1803b126d70 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 9 Mar 2021 20:39:24 +0100 Subject: [PATCH 338/437] fix: [merge] Local tags should stay local vol. 2 --- app/View/Events/resolved_misp_format.ctp | 4 ++-- app/webroot/js/misp.js | 6 ++++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/app/View/Events/resolved_misp_format.ctp b/app/View/Events/resolved_misp_format.ctp index b20321d6b..1e9592c4b 100644 --- a/app/View/Events/resolved_misp_format.ctp +++ b/app/View/Events/resolved_misp_format.ctp @@ -280,7 +280,7 @@ ?> - + @@ -390,7 +390,7 @@ ?> - + diff --git a/app/webroot/js/misp.js b/app/webroot/js/misp.js index b0f688361..cb4482602 100644 --- a/app/webroot/js/misp.js +++ b/app/webroot/js/misp.js @@ -2841,7 +2841,8 @@ function moduleResultsSubmit(id) { $(this).find('.objectAttributeTag').each(function() { tags.push({ name: $(this).attr('title'), - colour: rgb2hex($(this).css('background-color')) + colour: rgb2hex($(this).css('background-color')), + local: $(this).data('local'), }); }); attribute['Tag'] = tags; @@ -2900,7 +2901,8 @@ function moduleResultsSubmit(id) { $(this).find('.attributeTag').each(function() { tags.push({ name: $(this).attr('title'), - colour: rgb2hex($(this).css('background-color')) + colour: rgb2hex($(this).css('background-color')), + local: $(this).data('local'), }); }); temp['Tag'] = tags; From eebe0310916a6c54f7387cb9499b72e21c4d8688 Mon Sep 17 00:00:00 2001 From: iglocska Date: Tue, 9 Mar 2021 23:10:19 +0100 Subject: [PATCH 339/437] fix: [unsafe API keys] fixed - if you really have to use them, they should work again - please don't use them, you are disclosing your APIkey via the URL - apache logs, proxy logs they will all have your APIkey - adding headers with your APIkey isn't so difficult - if a tool you use has no way of configuring headers, reach out to your vendor, they ought to do something about that --- app/Controller/ServersController.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 7e07d5b3d..3220350c0 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -2038,7 +2038,8 @@ class ServersController extends AppController App::uses('HttpSocket', 'Network/Http'); $HttpSocket = new HttpSocket($params); $view_data = array(); - $temp_headers = explode("\n", $request['header']); + + $temp_headers = empty($request['header']) ? [] : explode("\n", $request['header']); $request['header'] = array( 'Authorization' => $this->Auth->user('authkey'), 'Accept' => 'application/json', From 3935dee16b3bbe2802c828489771fa25ce940c20 Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Wed, 10 Mar 2021 08:17:11 +0100 Subject: [PATCH 340/437] chg: [internal] Threat levels list --- app/Controller/EventsController.php | 11 ++--------- app/Controller/FeedsController.php | 6 ++---- app/Controller/ServersController.php | 6 ++---- app/Model/ThreatLevel.php | 7 +++++++ 4 files changed, 13 insertions(+), 17 deletions(-) diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 5b2363a76..b0126935c 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -590,13 +590,7 @@ class EventsController extends AppController $searchTermInternal = $searchTerm; if ($searchTerm == 'threatlevel') { $searchTermInternal = 'threat_level_id'; - $threatLevels = $this->Event->ThreatLevel->find('all', array( - 'recursive' => -1, - 'fields' => array('id', 'name'), - )); - foreach ($threatLevels as $tl) { - $terms[$tl['ThreatLevel']['id']] = $tl['ThreatLevel']['name']; - } + $terms = $this->Event->ThreatLevel->list(); } elseif ($searchTerm == 'analysis') { $terms = $this->Event->analysisLevels; } else { @@ -4765,8 +4759,7 @@ class EventsController extends AppController ); $this->set('events', $this->paginate()); - $threat_levels = $this->Event->ThreatLevel->find('all'); - $this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name')); + $this->set('threatLevels', $this->Event->ThreatLevel->list()); $this->set('eventDescriptions', $this->Event->fieldDescriptions); $this->set('analysisLevels', $this->Event->analysisLevels); $this->set('distributionLevels', $this->Event->distributionLevels); diff --git a/app/Controller/FeedsController.php b/app/Controller/FeedsController.php index f25cf37ca..e5dfed8bc 100644 --- a/app/Controller/FeedsController.php +++ b/app/Controller/FeedsController.php @@ -690,8 +690,7 @@ class FeedsController extends AppController } $this->set('events', $events); $this->loadModel('Event'); - $threat_levels = $this->Event->ThreatLevel->find('all'); - $this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name')); + $this->set('threatLevels', $this->Event->ThreatLevel->list()); $this->set('eventDescriptions', $this->Event->fieldDescriptions); $this->set('analysisLevels', $this->Event->analysisLevels); $this->set('distributionLevels', $this->Event->distributionLevels); @@ -798,8 +797,7 @@ class FeedsController extends AppController $this->set($alias, $currentModel->{$variable}); } } - $threat_levels = $this->Event->ThreatLevel->find('all'); - $this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name')); + $this->set('threatLevels', $this->Event->ThreatLevel->list()); } else { if ($event === 'blocked') { throw new MethodNotAllowedException(__('This event is blocked by the Feed filters.')); diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 52a95d388..9e16ee11e 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -124,8 +124,7 @@ class ServersController extends AppController } $this->loadModel('Event'); - $threat_levels = $this->Event->ThreatLevel->find('list', ['fields' => ['id', 'name']]); - $this->set('threatLevels', $threat_levels); + $this->set('threatLevels', $this->Event->ThreatLevel->list()); App::uses('CustomPaginationTool', 'Tools'); $customPagination = new CustomPaginationTool(); $params = $customPagination->createPaginationRules($events, $this->passedArgs, $this->alias); @@ -202,8 +201,7 @@ class ServersController extends AppController $this->set($alias, $currentModel->{$variable}); } } - $threat_levels = $this->Event->ThreatLevel->find('list', ['fields' => ['id', 'name']]); - $this->set('threatLevels', $threat_levels); + $this->set('threatLevels', $this->Event->ThreatLevel->list()); $this->set('title_for_layout', __('Remote event preview')); } diff --git a/app/Model/ThreatLevel.php b/app/Model/ThreatLevel.php index 232f0dfa3..1b0114450 100644 --- a/app/Model/ThreatLevel.php +++ b/app/Model/ThreatLevel.php @@ -22,4 +22,11 @@ class ThreatLevel extends AppModel ), ), ); + + public function list() + { + return $this->find('list', [ + 'fields' => ['id', 'name'], + ]); + } } From 42f78580df062cb2696e059929fc8fb648f568bb Mon Sep 17 00:00:00 2001 From: Jakub Onderka Date: Tue, 9 Mar 2021 23:01:52 +0100 Subject: [PATCH 341/437] chg: [UI] Make feed event preview nicer --- app/Controller/FeedsController.php | 42 ++++++----- app/View/Feeds/preview_event.ctp | 111 ++++++++++++----------------- app/View/Servers/preview_event.ctp | 2 +- 3 files changed, 72 insertions(+), 83 deletions(-) diff --git a/app/Controller/FeedsController.php b/app/Controller/FeedsController.php index e5dfed8bc..b07c07c29 100644 --- a/app/Controller/FeedsController.php +++ b/app/Controller/FeedsController.php @@ -606,26 +606,30 @@ class FeedsController extends AppController public function previewIndex($feedId) { - $this->Feed->id = $feedId; - if (!$this->Feed->exists()) { + $feed = $this->Feed->find('first', [ + 'conditions' => ['id' => $feedId], + 'recursive' => -1, + ]); + if (empty($feed)) { throw new NotFoundException(__('Invalid feed.')); } - $this->Feed->read(); - if (!empty($this->Feed->data['Feed']['settings'])) { - $this->Feed->data['Feed']['settings'] = json_decode($this->Feed->data['Feed']['settings'], true); + if (!empty($feed['Feed']['settings'])) { + $feed['Feed']['settings'] = json_decode($feed['Feed']['settings'], true); } $params = array(); if ($this->request->is('post')) { $params = $this->request->data['Feed']; } - if ($this->Feed->data['Feed']['source_format'] == 'misp') { - return $this->__previewIndex($this->Feed->data, $params); - } elseif (in_array($this->Feed->data['Feed']['source_format'], array('freetext', 'csv'))) { - return $this->__previewFreetext($this->Feed->data); + if ($feed['Feed']['source_format'] === 'misp') { + return $this->__previewIndex($feed, $params); + } elseif (in_array($feed['Feed']['source_format'], ['freetext', 'csv'], true)) { + return $this->__previewFreetext($feed); + } else { + throw new Exception("Invalid feed format `{$feed['Feed']['source_format']}`."); } } - private function __previewIndex($feed, $filterParams = array()) + private function __previewIndex(array $feed, $filterParams = array()) { $urlparams = ''; App::uses('CustomPaginationTool', 'Tools'); @@ -703,7 +707,7 @@ class FeedsController extends AppController $this->set('passedArgsArray', $passedArgs); } - private function __previewFreetext($feed) + private function __previewFreetext(array $feed) { if (isset($this->passedArgs['page'])) { $currentPage = $this->passedArgs['page']; @@ -758,13 +762,15 @@ class FeedsController extends AppController public function previewEvent($feedId, $eventUuid, $all = false) { - $this->Feed->id = $feedId; - if (!$this->Feed->exists()) { + $feed = $this->Feed->find('first', [ + 'conditions' => ['id' => $feedId], + 'recursive' => -1, + ]); + if (empty($feed)) { throw new NotFoundException(__('Invalid feed.')); } - $this->Feed->read(); try { - $event = $this->Feed->downloadEventFromFeed($this->Feed->data, $eventUuid); + $event = $this->Feed->downloadEventFromFeed($feed, $eventUuid); } catch (Exception $e) { throw new Exception(__('Could not download the selected Event'), 0, $e); } @@ -781,11 +787,11 @@ class FeedsController extends AppController $params = $this->Event->rearrangeEventForView($event, $this->passedArgs, $all); $this->params->params['paging'] = array('Feed' => $params); $this->set('event', $event); - $this->set('feed', $this->Feed->data); + $this->set('feed', $feed); $this->loadModel('Event'); $dataForView = array( - 'Attribute' => array('attrDescriptions' => 'fieldDescriptions', 'distributionDescriptions' => 'distributionDescriptions', 'distributionLevels' => 'distributionLevels'), - 'Event' => array('eventDescriptions' => 'fieldDescriptions', 'analysisLevels' => 'analysisLevels') + 'Attribute' => array('attrDescriptions' => 'fieldDescriptions', 'distributionDescriptions' => 'distributionDescriptions', 'distributionLevels' => 'distributionLevels'), + 'Event' => array('eventDescriptions' => 'fieldDescriptions', 'analysisLevels' => 'analysisLevels') ); foreach ($dataForView as $m => $variables) { if ($m === 'Event') { diff --git a/app/View/Feeds/preview_event.ctp b/app/View/Feeds/preview_event.ctp index 184e13ff7..8ecc1899a 100755 --- a/app/View/Feeds/preview_event.ctp +++ b/app/View/Feeds/preview_event.ctp @@ -1,71 +1,56 @@ + __('UUID'), 'value' => $event['Event']['uuid'], 'class' => 'quickSelect'], + ['key' => Configure::read('MISP.showorgalternate') ? __('Source Organisation') : __('Org'), 'value' => $event['Orgc']['name']], +]; +if (Configure::read('MISP.tagging')) { + ob_start(); + if (!empty($event['Tag'])): foreach ($event['Tag'] as $tag): ?> + + + + __('Tags'), 'html' => $tags]; +} +$tableData[] = ['key' => __('Date'), 'html' => $this->Time->time($event['Event']['date'])]; +$tableData[] = [ + 'key' => __('Threat Level'), + 'key_title' => $eventDescriptions['threat_level_id']['desc'], + 'value' => $threatLevels[$event['Event']['threat_level_id']], + 'value_class' => 'threat-level-' . strtolower($threatLevels[$event['Event']['threat_level_id']]), +]; +$tableData[] = [ + 'key' => __('Analysis'), + 'key_title' => $eventDescriptions['analysis']['desc'], + 'value' => $analysisLevels[$event['Event']['analysis']], +]; +$tableData[] = [ + 'key' => __('Info'), + 'value' => $event['Event']['info'] +]; +$tableData[] = [ + 'key' => __('Published'), + 'class' => $event['Event']['published'] == 0 ? 'background-red bold not-published' : 'published', + 'class_value' => $event['Event']['published'] == 0 ? '' : 'green', + 'html' => $event['Event']['published'] == 0 ? __('No') : sprintf('%s', __('Yes')), +]; +$tableData[] = [ + 'key' => __('Last change'), + 'html' => $this->Time->time($event['Event']['timestamp']), +]; +?>
58) $title = substr($title, 0, 55) . '...'; ?> -

+

-
-
-
-
-
- -
-
- - - - -   -
- -
-
- -   -
-
-
- -   -
-
-
- -   -
-
-
- -   -
- -
>
-
>
- -
>
-
>
- -
>
-
>
- -
+ element('genericElements/viewMetaTable', array('table_data' => $tableData)); ?>
@@ -96,12 +81,10 @@ element('Feeds/eventattribute'); ?>
-element('/genericElements/SideMenu/side_menu', array('menuList' => 'feeds', 'menuItem' => 'previewEvent', 'id' => $event['Event']['uuid'])); -?> +element('/genericElements/SideMenu/side_menu', array('menuList' => 'feeds', 'menuItem' => 'previewEvent', 'id' => $event['Event']['uuid'])); ?> diff --git a/app/View/Elements/galaxyQuickViewMini.ctp b/app/View/Elements/galaxyQuickViewMini.ctp deleted file mode 100644 index 064a565a3..000000000 --- a/app/View/Elements/galaxyQuickViewMini.ctp +++ /dev/null @@ -1,120 +0,0 @@ - -
- -   - - 'description', 'value' => $cluster['description']); - } - if (isset($cluster['meta']['synonyms'])) { - $cluster_fields[] = array('key' => 'synonyms', 'value' => $cluster['meta']['synonyms']); - } - if (isset($cluster['source'])) { - $cluster_fields[] = array('key' => 'source', 'value' => $cluster['source']); - } - if (!empty($cluster['meta'])) { - foreach ($cluster['meta'] as $metaKey => $metaField) { - if (!in_array($metaKey, ['synonyms', 'refs'], true)) { - $cluster_fields[] = array('key' => $metaKey, 'value' => $metaField); - } - } - } - $popover_data = '

' . h($cluster['value']) . '

'; - foreach ($cluster_fields as $cluster_field) { - $key = sprintf('%s', Inflector::humanize(h($cluster_field['key']))); - if (is_array($cluster_field['value'])) { - if ($cluster_field['key'] === 'country') { - $value = array(); - foreach ($cluster_field['value'] as $k => $v) { - $value[] = $this->Icon->countryFlag($v) . ' ' . h($v); - } - $value_contents = implode("
", $value); - } else { - $value_contents = nl2br(h(implode("\n", $cluster_field['value'])), false); - } - } else { - $value_contents = h($cluster_field['value']); - } - $value = sprintf('%s', $value_contents); - $popover_data .= "$key: $value
"; - } - echo sprintf( - '
%s %s %s %s
', - sprintf( - '', - h($popover_data), - h($cluster['id']), - sprintf( - ' %s', - $cluster['local'] ? 'user' : 'globe-americas', - h($cluster['value']) - ) - ), - sprintf( - '', - $baseurl, - h($cluster['id']), - __('View details about this cluster'), - __('View cluster') - ), - sprintf( - '', - $baseurl, - h($cluster['tag_id']), - __('View all events containing this cluster.'), - __('View all events containing this cluster.') - ), - (!empty($static_tags_only) || (!$isSiteAdmin && (!$mayModify || !$isAclTagger))) ? '' : sprintf( - '%s%s%s', - $this->Form->create( - false, - array( - 'url' => $baseurl . '/galaxy_clusters/detach/' . ucfirst(h($target_id)) . '/' . h($target_type) . '/' . h($cluster['tag_id']), - 'style' => 'display: inline-block; margin: 0px;' - ) - ), - sprintf( - '', - __('Are you sure you want to detach %s from this %s?', h($cluster['value']), h($target_type)) - ), - $this->Form->end() - ) - ); - endforeach; -?> -
- -%s', - 'useCursorPointer btn btn-inverse addGalaxy', - h($target_type), - h($target_id), - 'line-height:10px; padding: 2px; margin-right:5px;', - ' +' - ); - } - if ( - (!isset($local_tag_off) || !$local_tag_off) && - ($isSiteAdmin || ($mayModify && $isAclTagger) || ($isAclTagger && Configure::read('MISP.host_org_id') == $me['org_id'])) - ) { - echo sprintf( - '', - 'useCursorPointer btn btn-inverse addGalaxy', - h($target_type), - h($target_id), - 'line-height:10px; padding: 2px;', - ' +' - ); - } - } diff --git a/app/View/Elements/galaxyQuickViewNew.ctp b/app/View/Elements/galaxyQuickViewNew.ctp new file mode 100755 index 000000000..502e0b40d --- /dev/null +++ b/app/View/Elements/galaxyQuickViewNew.ctp @@ -0,0 +1,140 @@ + 'description', 'value' => $this->Markdown->toText($cluster['description'])]; + } + if (isset($cluster['meta']['synonyms'])) { + $clusterFields[] = ['key' => 'synonyms', 'value' => $cluster['meta']['synonyms']]; + } + if (isset($cluster['source'])) { + $clusterFields[] = ['key' => 'source', 'value' => $cluster['source']]; + } + if (!empty($cluster['meta'])) { + foreach ($cluster['meta'] as $metaKey => $metaField) { + if (!in_array($metaKey, ['synonyms', 'refs'], true)) { + $clusterFields[] = ['key' => $metaKey, 'value' => $metaField]; + } + } + } + $popover = '

' . h($cluster['value']) . '

'; + foreach ($clusterFields as $clusterField) { + $key = '' . h($normalizeKey($clusterField['key'])) . ''; + if (is_array($clusterField['value'])) { + if ($clusterField['key'] === 'country') { + $value = []; + foreach ($clusterField['value'] as $v) { + $value[] = $this->Icon->countryFlag($v) . ' ' . h($v); + } + $valueContents = implode("
", $value); + } else { + if (count($clusterField['value']) < 4) { + $valueContents = h(implode(", ", $clusterField['value'])); + } else { + $valueContents = nl2br("\n" . h(implode("\n", $clusterField['value'])), false); + } + } + } else { + $valueContents = h($clusterField['value']); + } + $popover .= "$key: $valueContents
"; + } + return $popover; +} +?> + +
+ +

+ + + + +

+
    + +
  • + class="useCursorPointer" data-clusterid="" data-content=""> + + + + + + + + Form->create(false, [ + 'id' => false, // prevent duplicate ids + 'url' => $baseurl . '/galaxy_clusters/detach/' . ucfirst(h($target_id)) . '/' . h($target_type) . '/' . $cluster['tag_id'], + 'style' => 'display: inline-block; margin: 0px;' +]); +echo sprintf( + '', + __('Detach'), + __('Are you sure you want to detach %s from this event?', h($cluster['value'])) +); +echo $this->Form->end(); +} +?> +
    • + +
+ +
+ +%s', + 'useCursorPointer btn btn-inverse addGalaxy', + h($target_type), + h($target_id), + ' ' + ); +} + +if ( + $editButtonsEnabled && + (!isset($local_tag_off) || !$local_tag_off) && + ($isSiteAdmin || ($isAclTagger && $hostOrgUser)) +) { + echo sprintf( + '', + 'useCursorPointer btn btn-inverse addGalaxy', + h($target_type), + h($target_id), + ' ' + ); +} diff --git a/app/View/Events/ajax/ajaxGalaxies.ctp b/app/View/Events/ajax/ajaxGalaxies.ctp index d8a3c7616..c3a5548d0 100644 --- a/app/View/Events/ajax/ajaxGalaxies.ctp +++ b/app/View/Events/ajax/ajaxGalaxies.ctp @@ -1,24 +1,19 @@ %s', __('Galaxies')); - $element = 'galaxyQuickView'; - } else if ($scope == 'attribute') { - $element = 'galaxyQuickViewMini'; - } - echo $this->element($element, array( - 'mayModify' => $mayModify, - 'isAclTagger' => $isAclTagger, - 'data' => $object['Galaxy'], - 'target_id' => $scope == 'event' ? $object['Event']['id'] : $object['Attribute']['id'], - 'target_type' => $scope - )); +$mayModify = ($isAclModify && $object['Event']['orgc_id'] == $me['org_id']); +if ($scope === 'event') { + echo '' . __('Galaxies') . ''; +} +echo $this->element('galaxyQuickViewNew', [ + 'mayModify' => $mayModify, + 'isAclTagger' => $isAclTagger, + 'data' => $object['Galaxy'], + 'target_id' => $scope == 'event' ? $object['Event']['id'] : $object['Attribute']['id'], + 'target_type' => $scope +]); ?>