mirror of https://github.com/MISP/MISP
Updated the migration script (SQL)
- Script updated based on the issues during testing - Changed the file upload/downoad mechanism.pull/63/head
parent
a7bb5c7767
commit
a735822ca1
|
@ -428,6 +428,7 @@ class AppController extends Controller {
|
|||
default:
|
||||
break;
|
||||
}
|
||||
//$this->Acl->allow($inc, 'controllers/Events/add');
|
||||
if ($permAdd) {
|
||||
$this->Acl->allow($inc, 'controllers/Events/add');
|
||||
$this->Acl->allow($inc, 'controllers/Attributes/add');
|
||||
|
@ -463,12 +464,11 @@ class AppController extends Controller {
|
|||
$this->Acl->deny($inc, 'controllers/Logs');
|
||||
}
|
||||
|
||||
if (isset($inc['Role']['perm_admin'])) {
|
||||
if ($inc['Role']['perm_admin']) {
|
||||
if (isset($inc['Role']['perm_admin']) && $inc['Role']['perm_admin']) {
|
||||
//$this->Acl->allow($inc, 'controllers/Logs');
|
||||
}
|
||||
} else {
|
||||
$this->Acl->deny($inc, 'controllers/Roles');
|
||||
//$this->Acl->deny($inc, 'controllers');
|
||||
}
|
||||
if (isset($inc['Role']['perm_auth'])) {
|
||||
if ($inc['Role']['perm_auth']) {
|
||||
|
|
|
@ -303,12 +303,8 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
$this->Attribute->read();
|
||||
if (PHP_OS == 'WINNT') {
|
||||
$path = APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS;
|
||||
$file = $this->Attribute->data['Attribute']['id'];
|
||||
} else {
|
||||
$file = new File(APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS . $this->Attribute->data['Attribute']['id']);
|
||||
}
|
||||
$path = APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS;
|
||||
$file = $this->Attribute->data['Attribute']['id'];
|
||||
$filename = '';
|
||||
if ('attachment' == $this->Attribute->data['Attribute']['type']) {
|
||||
$filename = Sanitize::clean($this->Attribute->data['Attribute']['value']);
|
||||
|
@ -324,23 +320,13 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
$this->viewClass = 'Media';
|
||||
if (PHP_OS == 'WINNT') {
|
||||
$params = array(
|
||||
$params = array(
|
||||
'id' => $file,
|
||||
'name' => $filename,
|
||||
'extension' => $fileExt,
|
||||
'download' => true,
|
||||
'path' => $path
|
||||
);
|
||||
} else {
|
||||
$params = array(
|
||||
'id' => $file->path,
|
||||
'name' => $filename,
|
||||
'extension' => $fileExt,
|
||||
'download' => true,
|
||||
'path' => DS
|
||||
);
|
||||
}
|
||||
);
|
||||
$this->set($params);
|
||||
}
|
||||
|
||||
|
@ -376,13 +362,13 @@ class AttributesController extends AppController {
|
|||
if ($this->request->data['Attribute']['malware']) {
|
||||
$this->request->data['Attribute']['type'] = "malware-sample";
|
||||
$filename = Sanitize::clean($filename);
|
||||
preg_replace('\/:*?"<>', '', $filename);
|
||||
preg_replace('/\//:*?"<>/', '', $filename);
|
||||
$this->request->data['Attribute']['value'] = $filename . '|' . $tmpfile->md5(); // TODO gives problems with bigger files
|
||||
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
|
||||
} else {
|
||||
$this->request->data['Attribute']['type'] = "attachment";
|
||||
$filename = Sanitize::clean($filename);
|
||||
preg_replace('\/:*?"<>', '', $filename);
|
||||
preg_replace('/\/:*?"<>/', '', $filename);
|
||||
$this->request->data['Attribute']['value'] = $filename;
|
||||
$this->request->data['Attribute']['to_ids'] = 0;
|
||||
}
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
--
|
||||
-- Update to attributes
|
||||
--
|
||||
ALTER TABLE `attributes` ADD `cluster` tinyint(1) NOT NULL;
|
||||
ALTER TABLE `attributes` ADD `communitie` tinyint(1) NOT NULL;
|
||||
|
||||
ALTER TABLE `attributes` ADD `cluster` tinyint(1) DEFAULT '0';
|
||||
ALTER TABLE `attributes` ADD `communitie` tinyint(1) DEFAULT '0';
|
||||
ALTER TABLE `attributes` ADD `dist_change` int(11) DEFAULT '0';
|
||||
-- --------------------------------------------------------
|
||||
|
||||
|
@ -47,6 +48,8 @@ ALTER TABLE `events` ADD `analysis` tinyint(4) NOT NULL;
|
|||
ALTER TABLE `events` ADD `attribute_count` int(11) UNSIGNED DEFAULT NULL;
|
||||
ALTER TABLE `events` ADD `hop_count` int(11) UNSIGNED DEFAULT NULL;
|
||||
ALTER TABLE `events` ADD `dist_change` int(11) NOT NULL DEFAULT 0;
|
||||
ALTER TABLE `events` ADD `orgc` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL;
|
||||
UPDATE TABLE `events` SET `orgc` = `org` WHERE `orgc` = NULL;
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
|
@ -85,6 +88,7 @@ CREATE TABLE `regexp` (
|
|||
-- Create table roles
|
||||
--
|
||||
|
||||
DROP TABLE IF EXISTS `roles`;
|
||||
CREATE TABLE `roles` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(100) COLLATE utf8_bin NOT NULL,
|
||||
|
@ -97,21 +101,49 @@ CREATE TABLE `roles` (
|
|||
`perm_sync` tinyint(1) NOT NULL,
|
||||
`perm_full` tinyint(1) NOT NULL,
|
||||
`perm_auth` tinyint(1) NOT NULL,
|
||||
`perm_audit` tinyint(1) NOT NULL,
|
||||
`perm_admin` tinyint(1) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Creating initial roles
|
||||
--
|
||||
-- 1. Admin - has full access
|
||||
-- 2. Org Admin - read/write/publish/audit/admin/sync/auth
|
||||
-- 3. User - User - Read / Write, no other permissions (default)
|
||||
-- 4. Sync user - read/write/publish/sync/auth
|
||||
--
|
||||
|
||||
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
|
||||
VALUES ('1', 'admin', NOW() , NOW() , '1', '1', '1', '1', '1', '1', '1', '1', '1');
|
||||
|
||||
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
|
||||
VALUES ('2', 'Org Admin', NOW() , NOW() , '1', '1', '0' , '1', '1', '1', '1', '0' , '1');
|
||||
|
||||
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
|
||||
VALUES ('3', 'User', NOW() , NOW() , '1', '1', '0' , '0' , '0' , '0' , '0' , '0' , '0');
|
||||
|
||||
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`)
|
||||
VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1');
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Update servers
|
||||
--
|
||||
|
||||
ALTER TABLE `servers` DROP `logo`;
|
||||
ALTER TABLE `servers` DROP `logo`;
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Update users
|
||||
-- Collate changed for email - fixes case sensitivity of user names
|
||||
--
|
||||
|
||||
ALTER TABLE `users` ADD `role_id` int(11) NOT NULL;
|
||||
ALTER TABLE `users` ADD `change_pw` tinyint(1) NOT NULL;
|
||||
ALTER TABLE `users` CHANGE `email` `email` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL
|
||||
UPDATE TABLE `users` SET `role_id` = '3';
|
||||
UPDATE TABLE `users` SET `role_id` = '1' WHERE `org` = 'ADMIN';
|
||||
-- --------------------------------------------------------
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
|
||||
ALTER TABLE `roles` ADD `perm_admin` TINYINT( 1 ) NOT NULL DEFAULT '0';
|
||||
ALTER TABLE `roles` ADD `perm_audit` TINYINT( 1 ) NOT NULL DEFAULT '0';
|
||||
|
||||
INSERT INTO `roles` (
|
||||
`id` ,
|
||||
`name` ,
|
||||
`created` ,
|
||||
`modified` ,
|
||||
`perm_add` ,
|
||||
`perm_modify` ,
|
||||
`perm_modify_org` ,
|
||||
`perm_publish` ,
|
||||
`perm_sync` ,
|
||||
`perm_admin` ,
|
||||
`perm_audit` ,
|
||||
`perm_full` ,
|
||||
`perm_auth`
|
||||
)
|
||||
VALUES (
|
||||
'1', 'ADMIN', '2013-02-26 14:27:20', '2013-02-26 14:27:20', '1', '1', '1', '1', '1', '1', '1', '1', '1'
|
||||
);
|
Loading…
Reference in New Issue