mirror of https://github.com/MISP/MISP
chg: [server:synchronisation] Tpye filtering duringg PUSH synchronisation
Split type on attributes and objectspull/8022/head
Sami Mokaddem
parent
4848d1013a
commit
9d104e941e
|
|
@ -1117,7 +1117,7 @@ class Event extends AppModel
|
|||
return $data;
|
||||
}
|
||||
|
||||
private function __prepareAttributesForSync($data, $server)
|
||||
private function __prepareAttributesForSync($data,$server, $pushRules)
|
||||
{
|
||||
// prepare attribute for sync
|
||||
if (!empty($data['Attribute'])) {
|
||||
|
|
@ -1128,13 +1128,16 @@ class Event extends AppModel
|
|||
} else {
|
||||
$data['Attribute'][$key] = $this->__removeNonExportableTags($data['Attribute'][$key], 'Attribute', $server);
|
||||
}
|
||||
if (!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type')) && in_array($attribute['type'], $pushRules['type_attributes']['NOT'])) {
|
||||
unset($data['Attribute'][$key]);
|
||||
}
|
||||
}
|
||||
$data['Attribute'] = array_values($data['Attribute']);
|
||||
}
|
||||
return $data;
|
||||
}
|
||||
|
||||
private function __prepareObjectsForSync($data, $server)
|
||||
private function __prepareObjectsForSync($data,$server, $pushRules)
|
||||
{
|
||||
// prepare Object for sync
|
||||
if (!empty($data['Object'])) {
|
||||
|
|
@ -1143,9 +1146,12 @@ class Event extends AppModel
|
|||
if (empty($data['Object'][$key])) {
|
||||
unset($data['Object'][$key]);
|
||||
} else {
|
||||
$data['Object'][$key] = $this->__prepareAttributesForSync($data['Object'][$key], $server);
|
||||
$data['Object'][$key] = $this->__prepareAttributesForSync($data['Object'][$key], $server, $pushRules);
|
||||
}
|
||||
}
|
||||
if (!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type')) && in_array($object['name'], $pushRules['type_objects']['NOT'])) {
|
||||
unset($data['Object'][$key]);
|
||||
}
|
||||
$data['Object'] = array_values($data['Object']);
|
||||
}
|
||||
return $data;
|
||||
|
|
@ -1184,14 +1190,20 @@ class Event extends AppModel
|
|||
}
|
||||
}
|
||||
}
|
||||
$event['Event'] = $this->__prepareAttributesForSync($event['Event'], $server);
|
||||
$event['Event'] = $this->__prepareObjectsForSync($event['Event'], $server);
|
||||
$event['Event'] = $this->__prepareEventReportForSync($event['Event'], $server);
|
||||
|
||||
$pushRules = $this->jsonDecode($server['Server']['push_rules']);
|
||||
$event['Event'] = $this->__prepareAttributesForSync($event['Event'], $server, $pushRules);
|
||||
$event['Event'] = $this->__prepareObjectsForSync($event['Event'], $server, $pushRules);
|
||||
$event['Event'] = $this->__prepareEventReportForSync($event['Event'], $server, $pushRules);
|
||||
|
||||
// Downgrade the event from connected communities to community only
|
||||
if (!$server['Server']['internal'] && $event['Event']['distribution'] == 2) {
|
||||
$event['Event']['distribution'] = 1;
|
||||
}
|
||||
|
||||
debug($event);
|
||||
throw new Exception("Error Processing Request", 1);
|
||||
|
||||
return $event;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -80,65 +80,18 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<?php if (!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type'))) : ?>
|
||||
<div id="eventreport_div">
|
||||
<span class="report-title-section">
|
||||
<label class="checkbox">
|
||||
<input id="type-filtering-cb" type="checkbox" onclick="$('.type-filtering-container').toggle()"><?= __('Type filtering') ?>
|
||||
</label>
|
||||
</span>
|
||||
<div class="type-filtering-container hidden">
|
||||
<div class="alert alert-error">
|
||||
<button type="button" class="close" data-dismiss="alert">×</button>
|
||||
<strong><?= __('Warning!') ?></strong>
|
||||
<?= __('Use this feature only if you know exactly what you are doing as it might introduce unwanted behaviour:') ?>
|
||||
<ul>
|
||||
<li><?= __('This instance will receive incomplete events (missing the filtered out types)') ?></li>
|
||||
<li><?= __('If later you decide to have the filtered types back, the only way for this instance to have them is to completely delete the affected events as a full sync is needed') ?></li>
|
||||
<li><?= __('Any synchronization with this instances will also receive incomplete events') ?></li>
|
||||
</ul>
|
||||
<strong><?= __('Any instance being synchronized with this one will also be affected by these defects!') ?></strong>
|
||||
<label class="checkbox">
|
||||
<input id="type-filtering-notice-cb" type="checkbox" onclick="$('.type-filtering-subcontainer').toggle()"><?= __('I understand the shortcomings of using these filters') ?>
|
||||
</label>
|
||||
</div>
|
||||
<div class="type-filtering-subcontainer" style="display: flex; flex-direction: column;">
|
||||
<div style="display: flex;">
|
||||
<h4 class="bold green" style=""></h4>
|
||||
<h4 class="bold red" style="margin-left: auto;"><?= __('AND NOT'); ?></h4>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('serverRuleElements/rules_widget', [
|
||||
'scope' => 'type_attributes',
|
||||
'scopeI18n' => __('Attribute Types'),
|
||||
'technique' => 'pull',
|
||||
'allowEmptyOptions' => true,
|
||||
'options' => $allAttributeTypes,
|
||||
'optionNoValue' => true,
|
||||
'initAllowOptions' => [],
|
||||
'initBlockOptions' => $attributeTypeBlockRules,
|
||||
'disableAllow' => true,
|
||||
'disableFreeText' => true,
|
||||
]);
|
||||
?>
|
||||
<?php
|
||||
echo $this->element('serverRuleElements/rules_widget', [
|
||||
'scope' => 'type_objects',
|
||||
'scopeI18n' => __('Object Types'),
|
||||
'technique' => 'pull',
|
||||
'allowEmptyOptions' => true,
|
||||
'options' => $allObjectTypes,
|
||||
'optionNoValue' => true,
|
||||
'initAllowOptions' => [],
|
||||
'initBlockOptions' => $objectTypeBlockRules,
|
||||
'disableAllow' => true,
|
||||
'disableFreeText' => true,
|
||||
]);
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<?php
|
||||
if (!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type'))) {
|
||||
echo $this->element('serverRuleElements/rules_filtering_type', [
|
||||
'technique' => 'pull',
|
||||
'allowEmptyOptions' => true,
|
||||
'allAttributeTypes' => $allAttributeTypes,
|
||||
'attributeTypeBlockRules' => $attributeTypeBlockRules,
|
||||
'allObjectTypes' => $allObjectTypes,
|
||||
'objectTypeBlockRules' => $objectTypeBlockRules,
|
||||
]);
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
|
||||
<?php
|
||||
|
|
@ -169,11 +122,11 @@ echo $this->element('genericElements/assetLoader', array(
|
|||
<?php endif; ?>
|
||||
setupCodeMirror()
|
||||
<?php if (empty($attributeTypeBlockRules) && empty($objectTypeBlockRules)) : ?>
|
||||
$('.type-filtering-subcontainer').hide()
|
||||
$('div.server-rule-container-pull .type-filtering-subcontainer').hide()
|
||||
<?php else : ?>
|
||||
$('#type-filtering-cb').prop('checked', true)
|
||||
$('#type-filtering-notice-cb').prop('checked', true)
|
||||
$('.type-filtering-container').show()
|
||||
$('div.server-rule-container-pull #type-filtering-cb').prop('checked', true)
|
||||
$('div.server-rule-container-pull #type-filtering-notice-cb').prop('checked', true)
|
||||
$('div.server-rule-container-pull .type-filtering-container').show()
|
||||
<?php endif; ?>
|
||||
|
||||
function addPullFilteringRulesToPicker() {
|
||||
|
|
|
|||
|
|
@ -4,11 +4,15 @@
|
|||
$tagBlockRules = [];
|
||||
$orgAllowRules = [];
|
||||
$orgBlockRules = [];
|
||||
$attributeTypeBlockRules = [];
|
||||
$objectTypeBlockRules = [];
|
||||
if (!empty($ruleObject)) {
|
||||
$tagAllowRules = mapIDsToObject($allTags, $ruleObject['tags']['OR']);
|
||||
$tagBlockRules = mapIDsToObject($allTags, $ruleObject['tags']['NOT']);
|
||||
$orgAllowRules = mapIDsToObject($allOrganisations, $ruleObject['orgs']['OR']);
|
||||
$orgBlockRules = mapIDsToObject($allOrganisations, $ruleObject['orgs']['NOT']);
|
||||
$attributeTypeBlockRules = !empty($ruleObject['type_attributes']['NOT']) ? $ruleObject['type_attributes']['NOT'] : [];
|
||||
$objectTypeBlockRules = !empty($ruleObject['type_objects']['NOT']) ? $ruleObject['type_objects']['NOT'] : [];
|
||||
}
|
||||
function mapIDsToObject($data, $ids) {
|
||||
$result = [];
|
||||
|
|
@ -58,5 +62,33 @@
|
|||
'disableFreeText' => true
|
||||
]);
|
||||
?>
|
||||
|
||||
<?php
|
||||
if (!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type'))) {
|
||||
echo $this->element('serverRuleElements/rules_filtering_type', [
|
||||
'technique' => 'push',
|
||||
'allowEmptyOptions' => true,
|
||||
'allAttributeTypes' => $allAttributeTypes,
|
||||
'attributeTypeBlockRules' => $attributeTypeBlockRules,
|
||||
'allObjectTypes' => $allObjectTypes,
|
||||
'objectTypeBlockRules' => $objectTypeBlockRules,
|
||||
]);
|
||||
}
|
||||
?>
|
||||
<div style="height: 50px;"></div>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
var pullRemoteRules404Error = '<?= __('Connection error or the remote version is not supporting remote filter lookups (v2.4.142+). Make sure that the remote instance is accessible and that it is up to date.') ?>'
|
||||
var cm;
|
||||
$(function() {
|
||||
var serverID = "<?= isset($id) ? $id : '' ?>"
|
||||
<?php if (empty($attributeTypeBlockRules) && empty($objectTypeBlockRules)) : ?>
|
||||
$('div.server-rule-container-push .type-filtering-subcontainer').hide()
|
||||
<?php else : ?>
|
||||
$('div.server-rule-container-push #type-filtering-cb').prop('checked', true)
|
||||
$('div.server-rule-container-push #type-filtering-notice-cb').prop('checked', true)
|
||||
$('div.server-rule-container-push .type-filtering-container').show()
|
||||
<?php endif; ?>
|
||||
})
|
||||
</script>
|
||||
|
|
@ -0,0 +1,57 @@
|
|||
<div id="eventreport_div">
|
||||
<span class="report-title-section">
|
||||
<label class="checkbox">
|
||||
<input id="type-filtering-cb" type="checkbox" onclick="$('div.server-rule-container-<?= $technique ?> .type-filtering-container').toggle()"><?= __('Type filtering') ?>
|
||||
</label>
|
||||
</span>
|
||||
<div class="type-filtering-container hidden">
|
||||
<div class="alert alert-error">
|
||||
<button type="button" class="close" data-dismiss="alert">×</button>
|
||||
<strong><?= __('Warning!') ?></strong>
|
||||
<?= __('Use this feature only if you know exactly what you are doing as it might introduce unwanted behaviour:') ?>
|
||||
<ul>
|
||||
<li><?= __('This instance will receive incomplete events (missing the filtered out types)') ?></li>
|
||||
<li><?= __('If later you decide to have the filtered types back, the only way for this instance to have them is to completely delete the affected events as a full sync is needed') ?></li>
|
||||
<li><?= __('Any synchronization with this instances will also receive incomplete events') ?></li>
|
||||
</ul>
|
||||
<strong><?= __('Any instance being synchronized with this one will also be affected by these defects!') ?></strong>
|
||||
<label class="checkbox">
|
||||
<input id="type-filtering-notice-cb" type="checkbox" onclick="$('div.server-rule-container-<?= $technique ?> .type-filtering-subcontainer').toggle()"><?= __('I understand the shortcomings of using these filters') ?>
|
||||
</label>
|
||||
</div>
|
||||
<div class="type-filtering-subcontainer" style="display: flex; flex-direction: column;">
|
||||
<div style="display: flex;">
|
||||
<h4 class="bold green" style=""></h4>
|
||||
<h4 class="bold red" style="margin-left: auto;"><?= __('AND NOT'); ?></h4>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('serverRuleElements/rules_widget', [
|
||||
'scope' => 'type_attributes',
|
||||
'scopeI18n' => __('Attribute Types'),
|
||||
'technique' => $technique,
|
||||
'allowEmptyOptions' => true,
|
||||
'options' => $allAttributeTypes,
|
||||
'optionNoValue' => true,
|
||||
'initAllowOptions' => [],
|
||||
'initBlockOptions' => $attributeTypeBlockRules,
|
||||
'disableAllow' => true,
|
||||
'disableFreeText' => true,
|
||||
]);
|
||||
?>
|
||||
<?php
|
||||
echo $this->element('serverRuleElements/rules_widget', [
|
||||
'scope' => 'type_objects',
|
||||
'scopeI18n' => __('Object Types'),
|
||||
'technique' => $technique,
|
||||
'allowEmptyOptions' => true,
|
||||
'options' => $allObjectTypes,
|
||||
'optionNoValue' => true,
|
||||
'initAllowOptions' => [],
|
||||
'initBlockOptions' => $objectTypeBlockRules,
|
||||
'disableAllow' => true,
|
||||
'disableFreeText' => true,
|
||||
]);
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -157,14 +157,20 @@
|
|||
<span id="push_tags_NOT" style="display:none;"><?php echo __('Events with the following tags blocked: ');?><span id="push_tags_NOT_text" style="color:red;"></span><br /></span>
|
||||
<span id="push_orgs_OR" style="display:none;"><?php echo __('Events with the following organisations allowed: ');?><span id="push_orgs_OR_text" style="color:green;"></span><br /></span>
|
||||
<span id="push_orgs_NOT" style="display:none;"><?php echo __('Events with the following organisations blocked: ');?><span id="push_orgs_NOT_text" style="color:red;"></span><br /></span>
|
||||
<?php if(!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type'))): ?>
|
||||
<span id="push_type_attributes_NOT" style="display:none;"><?php echo __('Attributes of the following types blocked: ');?><span id="push_type_attributes_NOT_text" style="color:red;"></span><br /></span>
|
||||
<span id="push_type_objects_NOT" style="display:none;"><?php echo __('Objects of the following names blocked: ');?><span id="push_type_objects_NOT_text" style="color:red;"></span><br /></span>
|
||||
<?php endif; ?>
|
||||
<span id="push_modify" class="btn btn-inverse" style="line-height:10px; padding: 4px 4px;"><?php echo __('Modify');?></span><br /><br />
|
||||
<b><?php echo __('Pull rules:');?></b><br />
|
||||
<span id="pull_tags_OR" style="display:none;"><?php echo __('Events with the following tags allowed: ');?><span id="pull_tags_OR_text" style="color:green;"></span><br /></span>
|
||||
<span id="pull_tags_NOT" style="display:none;"><?php echo __('Events with the following tags blocked: ');?><span id="pull_tags_NOT_text" style="color:red;"></span><br /></span>
|
||||
<span id="pull_orgs_OR" style="display:none;"><?php echo __('Events with the following organisations allowed: ');?><span id="pull_orgs_OR_text" style="color:green;"></span><br /></span>
|
||||
<span id="pull_orgs_NOT" style="display:none;"><?php echo __('Events with the following organisations blocked: ');?><span id="pull_orgs_NOT_text" style="color:red;"></span><br /></span>
|
||||
<?php if(!empty(Configure::read('MISP.enable_synchronisation_filtering_on_type'))): ?>
|
||||
<span id="pull_type_attributes_NOT" style="display:none;"><?php echo __('Attributes of the following types blocked: ');?><span id="pull_type_attributes_NOT_text" style="color:red;"></span><br /></span>
|
||||
<span id="pull_type_objects_NOT" style="display:none;"><?php echo __('Objects of the following names blocked: ');?><span id="pull_type_objects_NOT_text" style="color:red;"></span><br /></span>
|
||||
<?php endif; ?>
|
||||
<span id="pull_url_params" style="display:none;"><?php echo __('Additional parameters: ');?><span id="pull_url_params_text" style="color:green;"></span><br /></span>
|
||||
<span id="pull_modify" class="btn btn-inverse" style="line-height:10px; padding: 4px 4px;"><?php echo __('Modify');?></span><br /><br />
|
||||
<?php
|
||||
|
|
@ -247,7 +253,9 @@ var formInfoValues = {
|
|||
var rules = {
|
||||
"push": {
|
||||
"tags": {"OR":[], "NOT":[]},
|
||||
"orgs": {"OR":[], "NOT":[]}
|
||||
"orgs": {"OR":[], "NOT":[]},
|
||||
"type_attributes": {"NOT":[]},
|
||||
"type_objects": {"NOT":[]},
|
||||
},
|
||||
"pull": {
|
||||
"tags": {"OR":[], "NOT":[]},
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ foreach ($servers as $server):
|
|||
$rules['push'] = json_decode($server['Server']['push_rules'], true);
|
||||
$rules['pull'] = json_decode($server['Server']['pull_rules'], true);
|
||||
$syncOptions = array('pull', 'push');
|
||||
$fieldOptions = array('tags', 'orgs');
|
||||
$fieldOptions = array('tags', 'orgs', 'type_attributes', 'type_objects');
|
||||
$typeOptions = array('OR' => array('colour' => 'green', 'text' => 'allowed'), 'NOT' => array('colour' => 'red', 'text' => 'blocked'));
|
||||
$ruleDescription = array('pull' => '', 'push' => '');
|
||||
foreach ($syncOptions as $syncOption) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue