MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [eventReport] Correctly tag event if requested + undefined variable

pull/6493/head
mokaddem 2020-10-26 14:05:06 +01:00
parent 2143cdf83d
commit 9c48f03cfe
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
3 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Controller/EventReportsController.php
View File

@ -206,7 +206,7 @@ class EventReportsController extends AppController
$errors = $this->EventReport->applySuggestions($this->Auth->user(), $report, $suggestionResult['contentWithSuggestions'], $suggestionResult['suggestionsMapping']); $errors = $this->EventReport->applySuggestions($this->Auth->user(), $report, $suggestionResult['contentWithSuggestions'], $suggestionResult['suggestionsMapping']);
if (empty($errors)) { if (empty($errors)) {
if (!empty($this->data['EventReport']['tag_event'])) { if (!empty($this->data['EventReport']['tag_event'])) {
$this->AttachTagsAfterReplacements($this->Auth->User(), $contextResults['replacedContext']); $this->EventReport->attachTagsAfterReplacements($this->Auth->User(), $contextResults['replacedContext'], $report['EventReport']['event_id']);
} }
$report = $this->EventReport->simpleFetchById($this->Auth->user(), $reportId); $report = $this->EventReport->simpleFetchById($this->Auth->user(), $reportId);
$data = [ 'report' => $report ]; $data = [ 'report' => $report ];
@ -230,6 +230,7 @@ class EventReportsController extends AppController
} else { } else {
$report = $this->EventReport->fetchIfAuthorized($this->Auth->user(), $reportId, 'view', $throwErrors=true, $full=false); $report = $this->EventReport->fetchIfAuthorized($this->Auth->user(), $reportId, 'view', $throwErrors=true, $full=false);
$dataResults = $this->EventReport->getComplexTypeToolResultWithReplacements($this->Auth->user(), $report); $dataResults = $this->EventReport->getComplexTypeToolResultWithReplacements($this->Auth->user(), $report);
$report['EventReport']['content'] = $dataResults['replacementResult']['contentWithReplacements'];
$contextResults = $this->EventReport->extractWithReplacements($this->Auth->user(), $report); $contextResults = $this->EventReport->extractWithReplacements($this->Auth->user(), $report);
$typeToCategoryMapping = $this->EventReport->Event->Attribute->typeToCategoryMapping(); $typeToCategoryMapping = $this->EventReport->Event->Attribute->typeToCategoryMapping();
$data = [ $data = [

5
app/Model/EventReport.php
View File

@ -717,6 +717,7 @@ class EventReport extends AppModel
$this->GalaxyCluster = ClassRegistry::init('GalaxyCluster'); $this->GalaxyCluster = ClassRegistry::init('GalaxyCluster');
$mitreAttackGalaxyId = $this->GalaxyCluster->Galaxy->getMitreAttackGalaxyId(); $mitreAttackGalaxyId = $this->GalaxyCluster->Galaxy->getMitreAttackGalaxyId();
$clusterContain = ['Tag']; $clusterContain = ['Tag'];
$replacedContext = [];
if ($options['prune_deprecated']) { if ($options['prune_deprecated']) {
$clusterContain['Galaxy'] = ['conditions' => ['Galaxy.namespace !=' => 'deprecated']]; $clusterContain['Galaxy'] = ['conditions' => ['Galaxy.namespace !=' => 'deprecated']];
@ -881,7 +882,7 @@ class EventReport extends AppModel
} }
} }
public function AttachTagsAfterReplacements($user, $replacedContext) public function attachTagsAfterReplacements($user, $replacedContext, $eventId)
{ {
$this->EventTag = ClassRegistry::init('EventTag'); $this->EventTag = ClassRegistry::init('EventTag');
foreach ($replacedContext as $rawText => $tagNames) { foreach ($replacedContext as $rawText => $tagNames) {
@ -892,7 +893,7 @@ class EventReport extends AppModel
if ($tagId === -1) { if ($tagId === -1) {
$tagId = $this->EventTag->Tag->captureTag(['name' => $tagName], $user); $tagId = $this->EventTag->Tag->captureTag(['name' => $tagName], $user);
} }
$this->EventTag->attachTagToEvent($report['EventReport']['event_id'], $tagId); $this->EventTag->attachTagToEvent($eventId, $tagId);
} }
} }
} }

2
app/View/EventReports/ajax/extractAllFromReport.ctp
View File

@ -9,7 +9,7 @@ echo $this->element('genericElements/Form/genericForm', array(
'fields' => array( 'fields' => array(
sprintf('<h5>%s</h5>', __('Post extraction actions:')), sprintf('<h5>%s</h5>', __('Post extraction actions:')),
array( array(
'label' => __('Tag the event with element found in the report'), 'label' => __('Tag the event with contextual elements found in the report'),
'field' => 'tag_event', 'field' => 'tag_event',
'type' => 'checkbox', 'type' => 'checkbox',
'div' => array('class' => 'checkbox') 'div' => array('class' => 'checkbox')