Work in progress on the feeds

2016-02-28 22:54:09 +01:00 · 2016-02-28 22:54:09 +01:00 · 9cb796b394
parent f4c14a5bf3
commit 9cb796b394
7 changed files with 331 additions and 2 deletions
--- a/app/Controller/FeedsController.php
+++ b/app/Controller/FeedsController.php
@ -0,0 +1,79 @@
+<?php
+App::uses('AppController', 'Controller');
+App::uses('Xml', 'Utility');
+
+/**
+ * Feedss Controller
+ */
+class FeedsController extends AppController {
+
+	public $components = array('Security' ,'RequestHandler');	// XXX ACL component
+
+	public $paginate = array(
+			'limit' => 60,
+			'recursive' => -1,
+			'contain' => array(
+			),
+			'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events
+			'order' => array(
+					'Feed.url' => 'ASC'
+			),
+	);
+
+	public $uses = array('Feed');
+
+	public function beforeFilter() {
+		parent::beforeFilter();
+		if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException('You don\'t have the required privileges to do that.');
+	}
+
+/**
+ * index method
+ *
+ * @return void
+ */
+	public function index() {
+		$this->set('feeds', $this->paginate());
+	}
+	
+	public function view($feedId) {
+		$feed = $this->Feed->find('first', array('conditions' => array('Feed.id' => $feedId)));
+	}
+	
+	public function toggleEnabled($feedId) {
+		
+	}
+	
+	public function add() {
+		if ($this->request->is('post')) {
+			if (isset($this->request->data['Feed']['pull_rules'])) $this->request->data['Feed']['rules'] = $this->request->data['Feed']['pull_rules'];
+			$result = $this->Feed->save($this->request->data);
+			if ($result) {
+				$this->Session->setFlash('Feed added.');
+				$this->redirect(array('controller' => 'feeds', 'action' => 'index'));
+			}
+			else $this->Session->setFlash('Feed could not be added.');
+		} else {
+			
+		}
+	}
+	
+	public function edit($feedId) {
+		$this->Feed->id = $feedId;
+		if (!$this->Feed->exists()) throw new NotFoundException('Invalid feed.');
+		$this->Feed->read();
+		if ($this->request->is('post') || $this->request->is('put')) {
+			
+		} else {
+			$this->request->data = $this->Feed->data;
+		}
+	}
+	
+	public function delete($feedId) {
+		
+	}
+	
+	public function fetchFromFeed($feedId) {
+		
+	}
+}
--- a/app/Model/AppModel.php
+++ b/app/Model/AppModel.php
@ -49,7 +49,7 @@ class AppModel extends Model {
 	// major -> minor -> hotfix -> requires_logout
 	public $db_changes = array(
 		2 => array(
-			4 => array(18 => false, 19 => false, 20 => false)
+			4 => array(18 => false, 19 => false, 20 => false, 24 => false)
 		)
 	);
 	
@ -245,6 +245,17 @@ class AppModel extends Model {
 					KEY `1_shadow_attribute_id` (`1_shadow_attribute_id`)
 					) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
 				break;
+			case '2.4.24':
+				$sqlArray[] = "CREATE TABLE IF NOT EXISTS `feeds` (
+					`id` int(11) NOT NULL AUTO_INCREMENT,
+					`name` varchar(255) COLLATE utf8_bin NOT NULL,
+					`provider` varchar(255) COLLATE utf8_bin NOT NULL,
+					`url` varchar(255) COLLATE utf8_bin NOT NULL,
+					`rules` text COLLATE utf8_bin NOT NULL,
+					`enabled` BOOLEAN NOT NULL,
+					PRIMARY KEY (`id`)
+					) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
+				break;
 			case 'fixNonEmptySharingGroupID':
 				$sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4';
 				$sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4';
--- a/app/Model/Feeds.php
+++ b/app/Model/Feeds.php
@ -0,0 +1,56 @@
+<?php
+App::uses('AppModel', 'Model');
+/**
+ * Feed Model
+ *
+ */
+class Feed extends AppModel {
+
+	public $name = 'Feed';
+
+	public $actsAs = array('SysLogLogable.SysLogLogable' => array(
+			'change' => 'full'
+		), 
+		'Trim',
+		'Containable'
+	);
+	
+	public $belongsTo = array(
+	);
+	
+	public $hasMany = array(
+	);
+
+/**
+ * Validation rules
+ *
+ * @var array
+ */
+	public $validate = array(
+		'url' => array( // TODO add extra validation to refuse multiple time the same url from the same org
+			'rule' => array('url'),
+			'message' => 'Please enter a valid url.',
+		),
+		'provider' => array(
+			'valueNotEmpty' => array(
+				'rule' => array('valueNotEmpty'),
+			),
+		),
+		'name' => array(
+				'valueNotEmpty' => array(
+						'rule' => array('valueNotEmpty'),
+				),
+		),
+	);
+	
+	// gets the event UUIDs from the feed by ID
+	// returns an array with the UUIDs of events that are new or that need updating
+	public function getNewEventUuids($feedId) {
+		
+	}
+	
+	public function downloadEvent($feedId, $eventId) {
+		
+	}
+	
+}
--- a/app/View/Feeds/add.ctp
+++ b/app/View/Feeds/add.ctp
@ -0,0 +1,64 @@
+<div class="feed form">
+<?php echo $this->Form->create('Feed');?>
+	<fieldset>
+		<legend>Add MISP Feed</legend>
+		<p>Add a new MISP feed source.</p>
+	<?php
+		echo $this->Form->input('name', array(
+				'div' => 'input clear',
+				'placeholder' => 'Feed name'
+		));
+		echo $this->Form->input('provider', array(
+				'div' => 'input clear',
+				'placeholder' => 'Name of the content provider'
+		));
+		echo $this->Form->input('url', array(
+				'div' => 'input clear',
+				'placeholder' => 'URL of the feed'
+		));
+	?>
+	<?php 
+		echo $this->Form->input('pull_rules', array('style' => 'display:none;', 'label' => false, 'div' => false));
+	?>
+	</fieldset>
+    <b>Filter rules:</b><br />
+    <span id="pull_tags_OR" style="display:none;">Events with the following tags allowed: <span id="pull_tags_OR_text" style="color:green;"></span><br /></span>
+    <span id="pull_tags_NOT" style="display:none;">Events with the following tags blocked: <span id="pull_tags_NOT_text" style="color:red;"></span><br /></span>
+    <span id="pull_orgs_OR" style="display:none;">Events with the following organisations allowed: <span id="pull_orgs_OR_text" style="color:green;"></span><br /></span>
+    <span id="pull_orgs_NOT" style="display:none;">Events with the following organisations blocked: <span id="pull_orgs_NOT_text" style="color:red;"></span><br /></span>
+	<span id="pull_modify"  class="btn btn-inverse" style="line-height:10px; padding: 4px 4px;">Modify</span><br /><br />
+	<?php
+	echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
+	echo $this->Form->end();
+	?>
+	<div id="hiddenRuleForms">
+		<?php echo $this->element('serverRuleElements/pull'); ?>
+	</div>
+</div>
+<?php 
+	echo $this->element('side_menu', array('menuList' => 'feed', 'menuItem' => 'add'));
+?>
+<script type="text/javascript">
+//
+var formInfoValues = {
+		'ServerUrl' : "The base-url to the external server you want to sync with. Example: https://foo.sig.mil.be",
+		'ServerName' : "A name that will make it clear to your users what this instance is. For example: Organisation A's instance",
+		'ServerOrganization' : "The organization having the external server you want to sync with. Example: BE",
+		'ServerAuthkey' : "You can find the authentication key on your profile on the external server.",
+		'ServerPush' : "Allow the upload of events and their attributes.",
+		'ServerPull' : "Allow the download of events and their attributes from the server.",
+		'ServerSubmittedCert' : "You can also upload a certificate file if the instance you are trying to connect to has its own signing authority.",
+		'ServerSelfSigned' : "Click this, if you would like to allow a connection despite the other instance using a self-signed certificate (not recommended)."
+};
+
+
+var rules = {"pull": {"tags": {"OR":[], "NOT":[]}, "orgs": {"OR":[], "NOT":[]}}};
+var validOptions = ['pull'];
+var validFields = ['tags', 'orgs'];
+
+$(document).ready(function() {
+	$("#pull_modify").click(function() {
+		serverRuleFormActivate('pull');
+	});
+});
+</script>
--- a/app/View/Feeds/edit.ctp
+++ b/app/View/Feeds/edit.ctp
@ -0,0 +1,29 @@
+<div class="feed form">
+<?php echo $this->Form->create('Feed');?>
+	<fieldset>
+		<legend>Edit MISP Feed</legend>
+		<p>Edit a MISP feed source.</p>
+	<?php
+		echo $this->Form->input('name', array(
+				'div' => 'input clear',
+				'placeholder' => 'Feed name'
+		));
+		echo $this->Form->input('provider', array(
+				'div' => 'input clear',
+				'placeholder' => 'Name of the content provider'
+		));
+		echo $this->Form->input('url', array(
+				'div' => 'input clear',
+				'placeholder' => 'URL of the feed'
+		));
+		echo $this->Form->input('pull_rules', array('style' => 'display:none;', 'label' => false, 'div' => false));
+	?>
+	</fieldset>
+<?php
+echo $this->Form->button('Add', array('class' => 'btn btn-primary'));
+echo $this->Form->end();
+?>
+</div>
+<?php 
+	echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'eventBlacklistsAdd'));
+?>
--- a/app/View/Feeds/index.ctp
+++ b/app/View/Feeds/index.ctp
@ -0,0 +1,86 @@
+<div class="eventBlacklists index">
+	<h2><?php echo __('Feeds');?></h2>
+	<div class="pagination">
+        <ul>
+        <?php
+        $this->Paginator->options(array(
+            'update' => '.span12',
+            'evalScripts' => true,
+            'before' => '$(".progress").show()',
+            'complete' => '$(".progress").hide()',
+        ));
+
+            echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
+            echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
+            echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
+        ?>
+        </ul>
+    </div>
+	<table class="table table-striped table-hover table-condensed">
+	<tr>
+			<th><?php echo $this->Paginator->sort('id');?></th>
+			<th><?php echo $this->Paginator->sort('provider');?></th>
+			<th><?php echo $this->Paginator->sort('name');?></th>
+			<th><?php echo $this->Paginator->sort('url');?></th>
+			<th><?php echo $this->Paginator->sort('rules');?></th>
+			<th><?php echo $this->Paginator->sort('enabled');?></th>
+			<th class="actions"><?php echo __('Actions');?></th>
+	</tr><?php
+foreach ($feeds as $item): 
+	$rules = array();
+	$rules = json_decode($item['Feed']['rules'], true);
+	$fieldOptions = array('tags', 'orgs');
+	$typeOptions = array('OR' => array('colour' => 'green', 'text' => 'allowed'), 'NOT' => array('colour' => 'red', 'text' => 'blocked'));
+	$ruleDescription = '';
+	foreach ($fieldOptions as $fieldOption) {
+		foreach ($typeOptions as $typeOption => $typeData) {
+			if (isset($rules[$fieldOption][$typeOption]) && !empty($rules[$fieldOption][$typeOption])) {
+				$ruleDescription .= '<span class=\'bold\'>' . 
+				ucfirst($fieldOption) . ' ' . 
+				$typeData['text'] . '</span>: <span class=\'' . 
+				$typeData['colour'] . '\'>';
+				foreach ($rules[$fieldOption][$typeOption] as $k => $temp) {
+					if ($k != 0) $ruleDescription .= ', ';
+					$ruleDescription .= h($temp);
+				}
+				$ruleDescription .= '</span><br />';
+			}
+		}
+	}
+?>
+	<tr>
+		<td class="short"><?php echo h($item['Feed']['id']); ?>&nbsp;</td>
+		<td><?php echo h($item['Feed']['name']); ?>&nbsp;</td>
+		<td><?php echo h($item['Feed']['provider']); ?>&nbsp;</td>
+		<td><?php echo h($item['Feed']['url']); ?>&nbsp;</td>
+		<td class="short"><span class="<?php echo ($item['Feed']['enabled'] ? 'icon-ok' : 'icon-remove'); ?>"></span><span class="short <?php if (!$item['Feed']['enabled'] || empty($ruleDescription)) echo "hidden"; ?>" data-toggle="popover" title="Filter rules" data-content="<?php echo $ruleDescription; ?>"> (Rules)</span>
+		<td class="short"><span class="<?php echo ($item['Feed']['enabled'] ? 'icon-ok' : 'icon-remove');?>">&nbsp;</span></td>
+		<td class="short action-links">
+			<?php echo $this->Html->link('', array('action' => 'fetchFromFeed', $item['Feed']['id']), array('class' => 'icon-download', 'title' => 'Fetch')); ?>
+			<a href="<?php echo $baseurl;?>/feeds/edit/<?php echo h($item['Feed']['id']); ?>"><span class="icon-edit" title="edit">&nbsp;</span></a>
+			<?php echo $this->Form->postLink('', array('action' => 'delete', h($item['Feed']['id'])), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to permanently remove the feed (%s)?', h($item['Feed']['name']))); ?>
+		</td>
+	</tr><?php
+endforeach; ?>
+	</table>
+	<p>
+    <?php
+    echo $this->Paginator->counter(array(
+    'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
+    ));
+    ?>
+    </p>
+    <div class="pagination">
+        <ul>
+        <?php
+            echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
+            echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
+            echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
+        ?>
+        </ul>
+    </div>
+
+</div>
+<?php 
+	echo $this->element('side_menu', array('menuList' => 'feed', 'menuItem' => 'index'));
+?>
--- a/app/webroot/js/ajaxification.js
+++ b/app/webroot/js/ajaxification.js
@ -2077,7 +2077,11 @@ function serverRuleCancel() {

 function serverRuleGenerateJSON() {
 	validOptions.forEach(function(type) {
-		$('#Server' + type.ucfirst() + "Rules").val(JSON.stringify(rules[type]));
+		if ($('#Server' + type.ucfirst() + "Rules").length) {
+			$('#Server' + type.ucfirst() + "Rules").val(JSON.stringify(rules[type]));
+		} else {
+			$('#Feed' + type.ucfirst() + "Rules").val(JSON.stringify(rules[type]));
+		}
 	});
 }