mirror of https://github.com/MISP/MISP
add: [stix2 import] Handling sharing group id parameters to pass to the resulting MISP Event
Christian Studer
parent
54eca25ce5
commit
9fc2a954b2
|
|
@ -2394,6 +2394,16 @@ class EventsController extends AppController
|
|||
throw new MethodNotAllowedException(__('Wrong distribution level'));
|
||||
}
|
||||
}
|
||||
$sharingGroupId = null;
|
||||
if ($initialDistribution == 4) {
|
||||
if (!isset($this->params['named']['sharing_group_id'])) {
|
||||
throw new MethodNotAllowedException(__('The sharing group id is needed when the distribution is set to 4 ("Sharing group").'));
|
||||
}
|
||||
$sharingGroupId = $this->params['named']['sharing_group_id'];
|
||||
if (!in_array($sharingGroupId, $sgs)) {
|
||||
throw new MethodNotAllowedException(__('Please select a valid sharing group id.'));
|
||||
}
|
||||
}
|
||||
if (isset($this->params['named']['galaxies_as_tags'])) {
|
||||
$galaxies_as_tags = $this->params['named']['galaxies_as_tags'];
|
||||
}
|
||||
|
|
@ -2408,6 +2418,7 @@ class EventsController extends AppController
|
|||
'uploaded_stix_file.' . ($stix_version == '1' ? 'xml' : 'json'),
|
||||
$publish,
|
||||
$initialDistribution,
|
||||
$sharingGroupId,
|
||||
$galaxies_as_tags,
|
||||
$debug
|
||||
);
|
||||
|
|
@ -2438,6 +2449,7 @@ class EventsController extends AppController
|
|||
$original_file,
|
||||
$this->data['Event']['publish'],
|
||||
$this->data['Event']['distribution'],
|
||||
$this->data['Event']['sharing_group_id'],
|
||||
!boolval($this->data['Event']['galaxies_parsing']),
|
||||
$debug
|
||||
);
|
||||
|
|
|
|||
|
|
@ -5837,7 +5837,7 @@ class Event extends AppModel
|
|||
* @throws InvalidArgumentException
|
||||
* @throws Exception
|
||||
*/
|
||||
public function upload_stix(array $user, $file, $stix_version, $original_file, $publish, $distribution, $galaxiesAsTags, $debug = false)
|
||||
public function upload_stix(array $user, $file, $stix_version, $original_file, $publish, $distribution, $sharingGroupId, $galaxiesAsTags, $debug = false)
|
||||
{
|
||||
$scriptDir = APP . 'files' . DS . 'scripts';
|
||||
if ($stix_version == '2' || $stix_version == '2.0' || $stix_version == '2.1') {
|
||||
|
|
@ -5849,6 +5849,9 @@ class Event extends AppModel
|
|||
'-i', $file,
|
||||
'--distribution', $distribution
|
||||
];
|
||||
if ($distribution == 4) {
|
||||
array_push($shell_command, '--sharing_group_id', $sharingGroupId);
|
||||
}
|
||||
if ($galaxiesAsTags) {
|
||||
$shell_command[] = '--galaxies_as_tags';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -41,9 +41,10 @@ def _process_stix_file(args: argparse.ArgumentParser):
|
|||
)
|
||||
stix_version = getattr(bundle, 'version', '2.1')
|
||||
to_call = 'Internal' if _from_misp(bundle.objects) else 'External'
|
||||
parser = globals()[f'{to_call}STIX2toMISPParser'](
|
||||
args.distribution, args.galaxies_as_tags
|
||||
)
|
||||
arguments = [args.galaxies_as_tags, args.distribution]
|
||||
if args.distribution == 4 and args.sharing_group_id is not None:
|
||||
arguments.append(args.sharing_group_id)
|
||||
parser = globals()[f'{to_call}STIX2toMISPParser'](*arguments)
|
||||
parser.load_stix_bundle(bundle)
|
||||
parser.parse_stix_bundle()
|
||||
with open(f'{args.input}.out', 'wt', encoding='utf-8') as f:
|
||||
|
|
@ -81,6 +82,10 @@ if __name__ == '__main__':
|
|||
'--distribution', type=int, default=0,
|
||||
help='Distribution level for the resulting MISP Event.'
|
||||
)
|
||||
argparser.add_argument(
|
||||
'--sharing_group_id', type=int,
|
||||
help='Sharing group id when the distribution level is 4.'
|
||||
)
|
||||
argparser.add_argument(
|
||||
'--debug', action='store_true',
|
||||
help='Display error and warning messages.'
|
||||
|
|
|
|||
Loading…
Reference in New Issue