mirror of https://github.com/MISP/MISP
Merge pull request #7470 from mokaddem/improvements-cycat
Improvements for cycat integrationpull/7479/head
Andras Iklody
GitHub
commit
a5e422c52a
|
|
@ -348,6 +348,7 @@ class ACLComponent extends Component
|
|||
'unpublish' => array('perm_galaxy_editor'),
|
||||
'updateCluster' => array('perm_galaxy_editor'),
|
||||
'view' => array('*'),
|
||||
'viewCyCatRelations' => array('*'),
|
||||
'viewGalaxyMatrix' => array('*'),
|
||||
'viewRelations' => array('*'),
|
||||
'viewRelationTree' => array('*'),
|
||||
|
|
|
|||
|
|
@ -178,9 +178,6 @@ class GalaxyClustersController extends AppController
|
|||
$cluster['GalaxyCluster']['tag_count'] = $this->GalaxyCluster->Tag->EventTag->countForTag($tag['Tag']['id'], $this->Auth->user());
|
||||
$cluster['GalaxyCluster']['tag_id'] = $tag['Tag']['id'];
|
||||
}
|
||||
if (Configure::read('Plugin.Cycat_enable')) {
|
||||
$cluster = $this->GalaxyCluster->getCyCatRelations($cluster);
|
||||
}
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->viewData($cluster, $this->response->type());
|
||||
} else {
|
||||
|
|
@ -777,6 +774,15 @@ class GalaxyClustersController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public function viewCyCatRelations($id)
|
||||
{
|
||||
$cluster = $this->GalaxyCluster->fetchIfAuthorized($this->Auth->user(), $id, 'view', true, false);
|
||||
$CyCatRelations = $this->GalaxyCluster->getCyCatRelations($cluster);
|
||||
$this->set('cluster', $cluster);
|
||||
$this->set('CyCatRelations', $CyCatRelations);
|
||||
$this->render('cluster_cycatrelations');
|
||||
}
|
||||
|
||||
public function viewGalaxyMatrix($id)
|
||||
{
|
||||
if (!$this->request->is('ajax')) {
|
||||
|
|
|
|||
|
|
@ -2136,6 +2136,10 @@ class GalaxyCluster extends AppModel
|
|||
|
||||
public function getCyCatRelations($cluster)
|
||||
{
|
||||
$CyCatRelations = [];
|
||||
if (empty(Configure::read('Plugin.CyCat_enable'))) {
|
||||
return $CyCatRelations;
|
||||
}
|
||||
App::uses('SyncTool', 'Tools');
|
||||
$cycatUrl = empty(Configure::read("Plugin.CyCat_url")) ? 'https://api.cycat.org': Configure::read("Plugin.CyCat_url");
|
||||
$syncTool = new SyncTool();
|
||||
|
|
@ -2154,17 +2158,19 @@ class GalaxyCluster extends AppModel
|
|||
if ($response->code === '200') {
|
||||
$response = $this->HttpSocket->get($cycatUrl . '/relationships/' . $cluster['GalaxyCluster']['uuid'], array(), $request);
|
||||
if ($response->code === '200') {
|
||||
$relations = json_decode($response->body);
|
||||
if (!empty($relations)) {
|
||||
foreach ($relations as $relation) {
|
||||
$response = $this->HttpSocket->get($cycatUrl . '/lookup/' . $relation, array(), $request);
|
||||
$relationUUIDs = json_decode($response->body);
|
||||
if (!empty($relationUUIDs)) {
|
||||
foreach ($relationUUIDs as $relationUUID) {
|
||||
$response = $this->HttpSocket->get($cycatUrl . '/lookup/' . $relationUUID, array(), $request);
|
||||
if ($response->code === '200') {
|
||||
$cluster['CyCat'][$relation] = json_decode($response->body, true);
|
||||
$lookupResult = json_decode($response->body, true);
|
||||
$lookupResult['uuid'] = $relationUUID;
|
||||
$CyCatRelations[$relationUUID] = $lookupResult;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return $cluster;
|
||||
return $CyCatRelations;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
</div>',
|
||||
h($elementId),
|
||||
h($elementId) . '-collapse',
|
||||
h($title),
|
||||
!empty($titleHTML) ? $titleHTML : h($title),
|
||||
!empty($allowFullscreen) ? '' : sprintf(
|
||||
'<span class="fas fa-external-link-alt" title="View %s full screen" onclick="event.stopPropagation(); window.location.href=\'%s\';"></span>',
|
||||
h($title),
|
||||
|
|
|
|||
|
|
@ -0,0 +1,34 @@
|
|||
<?php
|
||||
$cycatUrl = empty(Configure::read('Plugin.CyCat_url')) ? 'https://api.cycat.org' : Configure::read('Plugin.CyCat_url');
|
||||
$CyCatRelationsTable = $this->element('/genericElements/IndexTable/index_table', [
|
||||
'data' => [
|
||||
'skip_pagination' => true,
|
||||
'data' => $CyCatRelations,
|
||||
'fields' => [
|
||||
[
|
||||
'name' => __('UUID'),
|
||||
'class' => 'short',
|
||||
'data_path' => 'uuid',
|
||||
'element' => 'links',
|
||||
'url_params_data_paths' => 'uuid',
|
||||
'url' => $cycatUrl . '/lookup'
|
||||
],
|
||||
[
|
||||
'name' => __('MITRE CTI Name'),
|
||||
'class' => 'short',
|
||||
'data_path' => 'mitre-cti:name',
|
||||
],
|
||||
[
|
||||
'name' => __('MITRE CTI Type'),
|
||||
'class' => 'short',
|
||||
'data_path' => 'mitre-cti:type',
|
||||
],
|
||||
[
|
||||
'name' => __('MITRE CTI Description'),
|
||||
'data_path' => 'mitre-cti:description',
|
||||
],
|
||||
],
|
||||
]
|
||||
]);
|
||||
echo $CyCatRelationsTable;
|
||||
?>
|
||||
|
|
@ -80,32 +80,6 @@ $table_data[] = array('key' => __('Events'), 'html' => isset($cluster['GalaxyClu
|
|||
):
|
||||
'<span>0</span>'
|
||||
);
|
||||
if (!empty(Configure::read('Plugin.CyCat_enable'))) {
|
||||
$cycatUrl = empty(Configure::read('Plugin.CyCat_url')) ? 'https://api.cycat.org' : Configure::read('Plugin.CyCat_url');
|
||||
$cycatHtml = [];
|
||||
foreach ($cluster['CyCat'] as $relationship_uuid => $relationship_data) {
|
||||
$temp = '';
|
||||
unset($relationship_data['raw']);
|
||||
unset($relationship_data['_cycat_type']);
|
||||
$relationship_data_massaged = [];
|
||||
foreach ($relationship_data as $massagedKey => $massagedValue) {
|
||||
$relationship_data_massaged[] = sprintf(
|
||||
'%s%s: %s',
|
||||
PHP_EOL . PHP_EOL,
|
||||
h($massagedKey),
|
||||
h($massagedValue)
|
||||
);
|
||||
}
|
||||
$cycatHtml[] = sprintf(
|
||||
'<a href="%s/lookup/%s" title="%s">%s</a>',
|
||||
h($cycatUrl),
|
||||
h($relationship_uuid),
|
||||
implode($relationship_data_massaged),
|
||||
h($relationship_uuid)
|
||||
);
|
||||
}
|
||||
$table_data[] = array('key' => __('CyCat relationships'), 'html' => implode('<br />', $cycatHtml));
|
||||
}
|
||||
if (!empty($extendedFromHtml)) {
|
||||
$table_data[] = array('key' => __('Forked From'), 'html' => $extendedFromHtml);
|
||||
}
|
||||
|
|
@ -128,6 +102,21 @@ if (!empty($extendedByHtml)) {
|
|||
<div class="row-fuild">
|
||||
<div id="relations_container"></div>
|
||||
</div>
|
||||
<?php
|
||||
$titleHTML = __('CyCat Relationships');
|
||||
$titleHTML .= sprintf('<a href="%s" onclick="event.stopPropagation()" title="%s" target="_blank"><img src="%s" style="height: 2.5em"/></a>',
|
||||
'https://cycat.org/',
|
||||
__('CyCAT or the CYbersecurity Resource CATalogue aims at mapping and documenting, in a single formalism and catalogue all the available cybersecurity tools, rules, playbooks, processes and controls.'),
|
||||
'https://cycat.org/images/favicon.ico'
|
||||
);
|
||||
if (!empty(Configure::read('Plugin.CyCat_enable'))) {
|
||||
echo $this->element('/genericElements/accordion', [
|
||||
'title' => 'CyCat Relationships',
|
||||
'titleHTML' => $titleHTML,
|
||||
'url' => '/galaxy_clusters/viewCyCatRelations/' . $cluster['GalaxyCluster']['id']
|
||||
]);
|
||||
}
|
||||
?>
|
||||
<div id="elements_content"></div>
|
||||
</div>
|
||||
<?= $this->element('genericElements/assetLoader', array(
|
||||
|
|
|
|||
Loading…
Reference in New Issue