MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch '2.4' of github.com:MISP/MISP into 2.4

pull/4531/head
iglocska 2019-04-24 11:39:23 +02:00
parent e28d1f9da3 55c5f6b429
commit 9fd45e072d
4 changed files with 127 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
app/Controller/EventsController.php
View File

@ -1086,6 +1086,10 @@ class EventsController extends AppController
}
$event = $results[0];
$attributeTagsName = $this->Event->Attribute->AttributeTag->extractAttributeTagsNameFromEvent($event, 'both');
$this->set('attributeTags', array_values($attributeTagsName['tags']));
$this->set('attributeClusters', array_values($attributeTagsName['clusters']));
if (isset($filters['distribution'])) {
if (!is_array($filters['distribution'])) {
$filters['distribution'] = array($filters['distribution']);
@ -1195,12 +1199,6 @@ class EventsController extends AppController
$this->set('advancedFilteringActive', $advancedFiltering['active'] ? 1 : 0);
$this->set('advancedFilteringActiveRules', $advancedFiltering['activeRules']);
$this->set('defaultFilteringRules', $this->defaultFilteringRules);
$attributeTags = $this->Event->Attribute->AttributeTag->getAttributesTags($this->Auth->user(), $event['Event']['id']);
$attributeTags = array_column($attributeTags, 'name');
$this->set('attributeTags', $attributeTags);
$attributeClusters = $this->Event->Attribute->AttributeTag->getAttributesClusters($this->Auth->user(), $event['Event']['id']);
$attributeClusters = array_column($attributeClusters, 'value');
$this->set('attributeClusters', $attributeClusters);
$this->disableCache();
$this->layout = 'ajax';
$this->loadModel('Sighting');
@ -1340,6 +1338,9 @@ class EventsController extends AppController
}
}
}
$attributeTagsName = $this->Event->Attribute->AttributeTag->extractAttributeTagsNameFromEvent($event, 'both');
$this->set('attributeTags', array_values($attributeTagsName['tags']));
$this->set('attributeClusters', array_values($attributeTagsName['clusters']));
$startDate = $event['Event']['timestamp'];
$modDate = date("Y-m-d", $event['Event']['timestamp']);
$modificationMap[$modDate] = 1;
@ -1476,12 +1477,6 @@ class EventsController extends AppController
$this->set('advancedFilteringActive', $advancedFiltering['active'] ? 1 : 0);
$this->set('advancedFilteringActiveRules', $advancedFiltering['activeRules']);
$this->set('defaultFilteringRules', $this->defaultFilteringRules);
$attributeTags = $this->Event->Attribute->AttributeTag->getAttributesTags($this->Auth->user(), $event['Event']['id']);
$attributeTags = array_column($attributeTags, 'name');
$this->set('attributeTags', $attributeTags);
$attributeClusters = $this->Event->Attribute->AttributeTag->getAttributesClusters($this->Auth->user(), $event['Event']['id']);
$attributeClusters = array_column($attributeClusters, 'value');
$this->set('attributeClusters', $attributeClusters);
$this->set('mitreAttackGalaxyId', $this->Event->GalaxyCluster->Galaxy->getMitreAttackGalaxyId());
$this->set('modificationMapCSV', $modificationMapCSV);
}

37
app/Model/AttributeTag.php
View File

@ -234,4 +234,41 @@ class AttributeTag extends AppModel
return $allClusters;
}
public function extractAttributeTagsNameFromEvent(&$event, $to_extract='both')
{
$attribute_tags_name = array('tags' => array(), 'clusters' => array());
foreach ($event['Attribute'] as $i => $attribute) {
if ($to_extract == 'tags' || $to_extract == 'both') {
foreach ($attribute['AttributeTag'] as $tag) {
$attribute_tags_name['tags'][] = $tag['Tag']['name'];
}
}
if ($to_extract == 'clusters' || $to_extract == 'both') {
foreach ($attribute['Galaxy'] as $galaxy) {
foreach ($galaxy['GalaxyCluster'] as $cluster) {
$attribute_tags_name['clusters'][] = $cluster['tag_name'];
}
}
}
}
foreach ($event['Object'] as $i => $object) {
foreach ($object['Attribute'] as $j => $object_attribute) {
if ($to_extract == 'tags' || $to_extract == 'both') {
foreach ($object_attribute['AttributeTag'] as $tag) {
$attribute_tags_name['tags'][] = $tag['Tag']['name'];
}
}
if ($to_extract == 'clusters' || $to_extract == 'both') {
foreach ($object_attribute['Galaxy'] as $galaxy) {
foreach ($galaxy['GalaxyCluster'] as $cluster) {
$attribute_tags_name['clusters'][] = $cluster['tag_name'];
}
}
}
}
}
$attribute_tags_name['tags'] = array_diff_key($attribute_tags_name['tags'], $attribute_tags_name['clusters']); // de-dup if needed.
return $attribute_tags_name;
}
}

104
app/View/Elements/Events/View/eventFilteringQueryBuilder.ctp
View File

@ -1,6 +1,6 @@
<div id="eventFilteringQBWrapper" style="padding: 5px; display: none; border: 1px solid #dddddd; border-bottom: 0px;">
<div id="eventFilteringQB"></div>
<div style="display: flex; justify-content: flex-end">
<div id="eventFilteringQB" style="overflow-y: auto; padding-right: 5px; resize: vertical; max-height: 750px; height: 400px;"></div>
<div style="display: flex; justify-content: flex-end; margin-top: 5px;">
<input id="eventFilteringQBLinkInput" class="form-control" style="width: 66%;"></input>
<button id="eventFilteringQBLinkCopy" type="button" class="btn btn-inverse" style="margin-right: 5px; margin-left: 5px;" onclick="clickMessage(this);"> <i class="fa fa-clipboard"></i> <?php echo h('Copy to clipboard'); ?> </button>
<button id="eventFilteringQBSubmit" type="button" class="btn btn-success" style="margin-right: 5px;"> <i class="fa fa-filter"></i> <?php echo h('Filter'); ?> </button>
@ -11,8 +11,9 @@
?>
<script>
function triggerEventFilteringTool(clicked) {
var defaultFilteringRules = <?php echo json_encode($defaultFilteringRules); ?>;
var defaultFilteringRules = <?php echo json_encode($defaultFilteringRules); ?>;
var querybuilderTool;
function triggerEventFilteringTool(hide) {
var qbOptions = {
plugins: {
'filter-description' : {
@ -197,7 +198,12 @@ function triggerEventFilteringTool(clicked) {
2: "Doesn\'t have sighting(s)"
}
},
<?php if (!empty($attributeTags)): ?>
<?php
if (empty($attributeTags) && isset($filters['taggedAttributes'])) {
$attributeTags = array($filters['taggedAttributes']);
}
if (!empty($attributeTags)):
?>
{
"input": "select",
"type": "string",
@ -207,10 +213,15 @@ function triggerEventFilteringTool(clicked) {
"unique": true,
"id": "taggedAttributes",
"label": "Tags",
"values": <?php echo json_encode($attributeTags); ?>
"values": <?php echo json_encode(array_map("h", $attributeTags)); // additional `h` because values are directly insterted into the DOM by QB.?>
},
<?php endif; ?>
<?php if (!empty($attributeClusters)): ?>
<?php
if (empty($attributeClusters) && isset($filters['galaxyAttachedAttributes'])) {
$attributeClusters = array($filters['galaxyAttachedAttributes']);
}
if (!empty($attributeClusters)):
?>
{
"input": "select",
"type": "string",
@ -220,7 +231,7 @@ function triggerEventFilteringTool(clicked) {
"unique": true,
"id": "galaxyAttachedAttributes",
"label": "Galaxies",
"values": <?php echo json_encode($attributeClusters); ?>
"values": <?php echo json_encode(array_map("h", $attributeClusters)); // additional `h` because values are directly insterted into the DOM by QB.?>
},
<?php endif; ?>
{
@ -335,20 +346,24 @@ function triggerEventFilteringTool(clicked) {
value: <?php echo isset($filters['distribution']) ? json_encode($filters['distribution']) : json_encode(array(0, 1, 2, 3, 4, 5)); ?>
},
<?php endif; ?>
<?php if (!empty($attributeTags) && (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['taggedAttributes']))): ?>
{
field: 'taggedAttributes',
id: 'taggedAttributes',
value: '<?php echo isset($filters['taggedAttributes']) ? h($filters['taggedAttributes']) : $attributeTags[0]; ?>'
},
<?php endif; ?>
<?php if (!empty($attributeClusters) && (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['galaxyAttachedAttributes']))): ?>
{
field: 'galaxyAttachedAttributes',
id: 'galaxyAttachedAttributes',
value: '<?php echo isset($filters['galaxyAttachedAttributes']) ? h($filters['galaxyAttachedAttributes']) : $attributeClusters[0]; ?>'
},
<?php endif; ?>
<?php
if (!empty($filters['taggedAttributes']) && (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['taggedAttributes']))):
$tmp = array(
'field' => 'taggedAttributes',
'id' => 'taggedAttributes',
'value' => $filters['taggedAttributes']
);
echo json_encode($tmp) . ','; // sanitize data
endif;
if (!empty($filters['galaxyAttachedAttributes']) && (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['galaxyAttachedAttributes']))):
$tmp = array(
'field' => 'galaxyAttachedAttributes',
'id' => 'galaxyAttachedAttributes',
'value' => $filters['galaxyAttachedAttributes']
);
echo json_encode($tmp); // sanitize data
endif;
?>
],
flags: {
no_add_group: true,
@ -367,13 +382,16 @@ function triggerEventFilteringTool(clicked) {
var filters = <?php echo json_encode($filters); ?>;
var $wrapper = $('#eventFilteringQBWrapper');
var $ev = $('#eventFilteringQB');
var querybuilderTool = $ev.queryBuilder(qbOptions);
querybuilderTool = $ev.queryBuilder(qbOptions);
querybuilderTool = querybuilderTool[0].queryBuilder;
querybuilderTool.on('rulesChanged', function() {
updateURL();
});
$wrapper.toggle('blind', 100, { direction: 'up' });
if (hide === undefined || !hide) {
$('#eventFilteringQB').height(qbOptions.rules.rules.length < 7 ? 'unset' : $('#eventFilteringQB').height());
$wrapper.toggle('blind', 100, { direction: 'up' });
}
$('#eventFilteringQBSubmit').off('click').on('click', function() {
$button = $(this);
@ -402,29 +420,29 @@ function triggerEventFilteringTool(clicked) {
function updateURL() {
var rules = querybuilderTool.getRules({ skip_empty: true, allow_invalid: true });
var res = cleanRules(rules);
var url = "<?php echo $baseurl; ?>/events/view/<?php echo h($event['Event']['id']); ?>" + buildURL(res);
var url = "<?php echo $baseurl; ?>/events/view/<?php echo h($event['Event']['id']); ?>" + buildFilterURL(res);
$('#eventFilteringQBLinkInput').val(url);
}
}
function buildURL(res) {
var url = "";
Object.keys(res).forEach(function(k) {
var v = res[k];
if (Array.isArray(v)) {
// v = JSON.stringify(v);
v = v.join('||');
}
if (!Array.isArray(defaultFilteringRules[k]) && defaultFilteringRules[k] != v) {
url += "/" + k + ":" + v;
} else {
if (Array.isArray(defaultFilteringRules[k]) && defaultFilteringRules[k].join('||') != v) {
url += "/" + k + ":" + v;
}
}
});
return url;
}
function buildFilterURL(res) {
var url = "";
Object.keys(res).forEach(function(k) {
var v = res[k];
if (Array.isArray(v)) {
// v = JSON.stringify(v);
v = v.join('||');
}
if (!Array.isArray(defaultFilteringRules[k]) && defaultFilteringRules[k] != v) {
url += "/" + k + ":" + encodeURIComponent(v);
} else {
if (Array.isArray(defaultFilteringRules[k]) && defaultFilteringRules[k].join('||') != v) {
url += "/" + k + ":" + encodeURIComponent(v);
}
}
});
return url;
}
function recursiveInject(result, rules) {

29
app/webroot/js/misp.js
View File

@ -3156,14 +3156,28 @@ function pivotObjectReferences(url, uuid) {
}
function toggleBoolFilter(url, param) {
url = url.replace(/view\//i, 'viewEventAttributes/');
if (url.indexOf(param) > -1) {
var replace = '\/' + param + ".+1";
var re = new RegExp(replace,"i");
url = url.replace(re, '');
} else {
url = url + '/' + param + ':1'
if (querybuilderTool === undefined) {
triggerEventFilteringTool(true); // allows to fetch rules
}
var rules = querybuilderTool.getRules({ skip_empty: true, allow_invalid: true });
var res = cleanRules(rules);
Object.keys(res).forEach(function(k) {
if (url.indexOf(k) > -1) { // delete url rule (will be replaced by query builder value later on)
var replace = '\/' + k + ".+/?";
var re = new RegExp(replace,"i");
url = url.replace(re, '');
}
});
if (res[param] !== undefined) { // allow toggle for `deleted`.
res[param] = res[param] == '0' ? '2' : '0';
} else {
res[param] = '0';
}
url += buildFilterURL(res);
url = url.replace(/view\//i, 'viewEventAttributes/');
$.ajax({
type:"get",
url:url,
@ -3172,6 +3186,7 @@ function toggleBoolFilter(url, param) {
},
success:function (data) {
$("#attributes_div").html(data);
querybuilderTool = undefined;
$(".loading").hide();
},
error:function() {