mirror of https://github.com/MISP/MISP
Jakub Onderka
GitHub
commit
a061850b68
|
|
@ -78,8 +78,9 @@ class EventReportsController extends AppController
|
|||
if (!$this->_isRest()) {
|
||||
throw new MethodNotAllowedException(__('This function can only be reached via the API.'));
|
||||
}
|
||||
$report = $this->EventReport->simpleFetchById($this->Auth->user(), $reportId);
|
||||
$proxyMISPElements = $this->EventReport->getProxyMISPElements($this->Auth->user(), $report['EventReport']['event_id']);
|
||||
$user = $this->_closeSession();
|
||||
$report = $this->EventReport->simpleFetchById($user, $reportId);
|
||||
$proxyMISPElements = $this->EventReport->getProxyMISPElements($user, $report['EventReport']['event_id']);
|
||||
return $this->RestResponse->viewData($proxyMISPElements, $this->response->type());
|
||||
}
|
||||
|
||||
|
|
@ -178,7 +179,7 @@ class EventReportsController extends AppController
|
|||
$reports = $this->EventReport->find('all', [
|
||||
'recursive' => -1,
|
||||
'conditions' => $compiledConditions,
|
||||
'contain' => $this->EventReport->defaultContain,
|
||||
'contain' => EventReport::DEFAULT_CONTAIN,
|
||||
]);
|
||||
return $this->RestResponse->viewData($reports, $this->response->type());
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -1665,7 +1665,7 @@ class EventsController extends AppController
|
|||
$this->set('mayModify', $this->__canModifyEvent($event));
|
||||
$this->set('mayPublish', $this->__canPublishEvent($event));
|
||||
try {
|
||||
$instanceKey = $this->Event->CryptographicKey->ingestInstanceKey();
|
||||
$instanceKey = $event['Event']['protected'] ? $this->Event->CryptographicKey->ingestInstanceKey() : null;
|
||||
} catch (Exception $e) {
|
||||
$instanceKey = null;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ class EventReport extends AppModel
|
|||
);
|
||||
|
||||
const CAPTURE_FIELDS = array('uuid', 'name', 'content', 'distribution', 'sharing_group_id', 'timestamp', 'deleted', 'event_id');
|
||||
public $defaultContain = array(
|
||||
const DEFAULT_CONTAIN = array(
|
||||
'SharingGroup' => array('fields' => array('id', 'name', 'uuid')),
|
||||
'Event' => array(
|
||||
'fields' => array('Event.id', 'Event.orgc_id', 'Event.org_id', 'Event.info', 'Event.user_id', 'Event.date'),
|
||||
|
|
@ -355,7 +355,7 @@ class EventReport extends AppModel
|
|||
{
|
||||
$params = array(
|
||||
'conditions' => $this->buildACLConditions($user),
|
||||
'contain' => $this->defaultContain,
|
||||
'contain' => self::DEFAULT_CONTAIN,
|
||||
'recursive' => -1
|
||||
);
|
||||
if ($full) {
|
||||
|
|
|
|||
|
|
@ -101,10 +101,13 @@ class FuzzyCorrelateSsdeep extends AppModel
|
|||
'Attribute.event_id' => $eventId,
|
||||
'Attribute.type' => 'ssdeep',
|
||||
),
|
||||
'fields' => 'Attribute.id',
|
||||
'fields' => ['Attribute.id'],
|
||||
));
|
||||
if (empty($attributeId)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return $this->deleteAll(array('FuzzyCorrelateSsdeep.attribute_id' => $attributeId));
|
||||
return $this->deleteAll(array('FuzzyCorrelateSsdeep.attribute_id' => $attributeId), false);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,8 +2,8 @@
|
|||
if (isset($field['raw'])) {
|
||||
$string = $field['raw'];
|
||||
} else {
|
||||
$value = Hash::extract($data, $field['path']);
|
||||
$string = empty($value[0]) ? '' : h($value[0]);
|
||||
$value = Hash::get($data, $field['path']);
|
||||
$string = empty($value) ? '' : h($value);
|
||||
}
|
||||
if (!empty($field['url'])) {
|
||||
if (!empty($field['url_vars'])) {
|
||||
|
|
@ -11,7 +11,7 @@ if (!empty($field['url'])) {
|
|||
$field['url_vars'] = [$field['url_vars']];
|
||||
}
|
||||
foreach ($field['url_vars'] as $k => $path) {
|
||||
$field['url'] = str_replace('{{' . $k . '}}', Hash::extract($data, $path)[0], $field['url']);
|
||||
$field['url'] = str_replace('{{' . $k . '}}', Hash::get($data, $path), $field['url']);
|
||||
$temp = explode(':', $field['url']);
|
||||
if (!in_array(strtolower($temp[0]), ['http', 'https'])) {
|
||||
$field['url'] = '#';
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
<?php
|
||||
$keys = Hash::extract($data, $field['path']);
|
||||
$event = Hash::extract($data, $field['event_path']);
|
||||
if ($event['protected']) {
|
||||
echo sprintf(
|
||||
|
|
@ -26,6 +25,7 @@
|
|||
)
|
||||
);
|
||||
$foundInstanceKey = false;
|
||||
$keys = Hash::extract($data, $field['path']);
|
||||
foreach ($keys as $key) {
|
||||
$isInstanceKey = $key['fingerprint'] === $field['instanceFingerprint'];
|
||||
if ($isInstanceKey) {
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@
|
|||
[
|
||||
'key' => __('Contributors'),
|
||||
'type' => 'custom',
|
||||
'function' => function ($data) use ($contributors, $baseurl, $event) {
|
||||
'function' => function (array $event) use ($contributors, $baseurl) {
|
||||
$contributorsContent = [];
|
||||
foreach ($contributors as $organisationId => $name) {
|
||||
$org = ['Organisation' => ['id' => $organisationId, 'name' => $name]];
|
||||
|
|
@ -104,7 +104,7 @@
|
|||
[
|
||||
'key' => __('Tags'),
|
||||
'type' => 'custom',
|
||||
'function' => function($data) use($event, $isSiteAdmin, $mayModify, $me, $missingTaxonomies, $tagConflicts) {
|
||||
'function' => function(array $event) use($isSiteAdmin, $mayModify, $me, $missingTaxonomies, $tagConflicts) {
|
||||
return sprintf(
|
||||
'<span class="eventTagContainer">%s</span>',
|
||||
$this->element(
|
||||
|
|
@ -112,8 +112,8 @@
|
|||
[
|
||||
'event' => $event,
|
||||
'tags' => $event['EventTag'],
|
||||
'tagAccess' => ($isSiteAdmin || $mayModify),
|
||||
'localTagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id')),
|
||||
'tagAccess' => $isSiteAdmin || $mayModify,
|
||||
'localTagAccess' => $isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id'),
|
||||
'missingTaxonomies' => $missingTaxonomies,
|
||||
'tagConflicts' => $tagConflicts
|
||||
]
|
||||
|
|
@ -249,19 +249,19 @@
|
|||
'key' => __('Correlation'),
|
||||
'class' => $event['Event']['disable_correlation'] ? 'background-red bold' : '',
|
||||
'type' => 'custom',
|
||||
'function' => function($data) use($mayModify, $isSiteAdmin) {
|
||||
'function' => function($event) use($mayModify, $isSiteAdmin) {
|
||||
return sprintf(
|
||||
'%s%s',
|
||||
$data['Event']['disable_correlation'] ? __('Disabled') : __('Enabled'),
|
||||
$event['Event']['disable_correlation'] ? __('Disabled') : __('Enabled'),
|
||||
(!$mayModify && !$isSiteAdmin) ? '' :
|
||||
sprintf(
|
||||
' (<a onClick="getPopup(%s);" style="%scursor:pointer;font-weight:normal;">%s</a>)',
|
||||
' (<a onclick="getPopup(%s);" style="%scursor:pointer">%s</a>)',
|
||||
sprintf(
|
||||
"'%s', 'events', 'toggleCorrelation', '', '#confirmation_box'",
|
||||
h($data['Event']['id'])
|
||||
h($event['Event']['id'])
|
||||
),
|
||||
$data['Event']['disable_correlation'] ? 'color:white;' : '',
|
||||
$data['Event']['disable_correlation'] ? __('enable') : __('disable')
|
||||
$event['Event']['disable_correlation'] ? 'color:white;' : '',
|
||||
$event['Event']['disable_correlation'] ? __('enable') : __('disable')
|
||||
)
|
||||
);
|
||||
},
|
||||
|
|
|
|||
Loading…
Reference in New Issue