MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Updated the migration script (SQL) 

- Script updated based on the issues during testing

- Changed the file upload/downoad mechanism.
pull/63/head
Andras Iklody 2013-02-27 15:24:38 +01:00
parent a7bb5c7767
commit a735822ca1
4 changed files with 44 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Controller/AppController.php
View File

@ -428,6 +428,7 @@ class AppController extends Controller {
default:
break;
}
//$this->Acl->allow($inc, 'controllers/Events/add');
if ($permAdd) {
$this->Acl->allow($inc, 'controllers/Events/add');
$this->Acl->allow($inc, 'controllers/Attributes/add');
@ -463,12 +464,11 @@ class AppController extends Controller {
$this->Acl->deny($inc, 'controllers/Logs');
}
if (isset($inc['Role']['perm_admin'])) {
if ($inc['Role']['perm_admin']) {
if (isset($inc['Role']['perm_admin']) && $inc['Role']['perm_admin']) {
//$this->Acl->allow($inc, 'controllers/Logs');
}
} else {
$this->Acl->deny($inc, 'controllers/Roles');
//$this->Acl->deny($inc, 'controllers');
}
if (isset($inc['Role']['perm_auth'])) {
if ($inc['Role']['perm_auth']) {

26
app/Controller/AttributesController.php
View File

@ -303,12 +303,8 @@ class AttributesController extends AppController {
}
$this->Attribute->read();
if (PHP_OS == 'WINNT') {
$path = APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS;
$file = $this->Attribute->data['Attribute']['id'];
} else {
$file = new File(APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS . $this->Attribute->data['Attribute']['id']);
}
$path = APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS;
$file = $this->Attribute->data['Attribute']['id'];
$filename = '';
if ('attachment' == $this->Attribute->data['Attribute']['type']) {
$filename = Sanitize::clean($this->Attribute->data['Attribute']['value']);
@ -324,23 +320,13 @@ class AttributesController extends AppController {
}
$this->viewClass = 'Media';
if (PHP_OS == 'WINNT') {
$params = array(
$params = array(
'id' => $file,
'name' => $filename,
'extension' => $fileExt,
'download' => true,
'path' => $path
);
} else {
$params = array(
'id' => $file->path,
'name' => $filename,
'extension' => $fileExt,
'download' => true,
'path' => DS
);
}
);
$this->set($params);
}
@ -376,13 +362,13 @@ class AttributesController extends AppController {
if ($this->request->data['Attribute']['malware']) {
$this->request->data['Attribute']['type'] = "malware-sample";
$filename = Sanitize::clean($filename);
preg_replace('\/:*?"<>', '', $filename);
preg_replace('/\//:*?"<>/', '', $filename);
$this->request->data['Attribute']['value'] = $filename . '|' . $tmpfile->md5(); // TODO gives problems with bigger files
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
} else {
$this->request->data['Attribute']['type'] = "attachment";
$filename = Sanitize::clean($filename);
preg_replace('\/:*?"<>', '', $filename);
preg_replace('/\/:*?"<>/', '', $filename);
$this->request->data['Attribute']['value'] = $filename;
$this->request->data['Attribute']['to_ids'] = 0;
}

38
app/MYSQL.migrate.sql
View File

@ -1,8 +1,9 @@
--
-- Update to attributes
--
ALTER TABLE `attributes` ADD `cluster` tinyint(1) NOT NULL;
ALTER TABLE `attributes` ADD `communitie` tinyint(1) NOT NULL;
ALTER TABLE `attributes` ADD `cluster` tinyint(1) DEFAULT '0';
ALTER TABLE `attributes` ADD `communitie` tinyint(1) DEFAULT '0';
ALTER TABLE `attributes` ADD `dist_change` int(11) DEFAULT '0';
-- --------------------------------------------------------
@ -47,6 +48,8 @@ ALTER TABLE `events` ADD `analysis` tinyint(4) NOT NULL;
ALTER TABLE `events` ADD `attribute_count` int(11) UNSIGNED DEFAULT NULL;
ALTER TABLE `events` ADD `hop_count` int(11) UNSIGNED DEFAULT NULL;
ALTER TABLE `events` ADD `dist_change` int(11) NOT NULL DEFAULT 0;
ALTER TABLE `events` ADD `orgc` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL;
UPDATE TABLE `events` SET `orgc` = `org` WHERE `orgc` = NULL;
-- --------------------------------------------------------
--
@ -85,6 +88,7 @@ CREATE TABLE `regexp` (
-- Create table roles
--
DROP TABLE IF EXISTS `roles`;
CREATE TABLE `roles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(100) COLLATE utf8_bin NOT NULL,
@ -97,21 +101,49 @@ CREATE TABLE `roles` (
`perm_sync` tinyint(1) NOT NULL,
`perm_full` tinyint(1) NOT NULL,
`perm_auth` tinyint(1) NOT NULL,
`perm_audit` tinyint(1) NOT NULL,
`perm_admin` tinyint(1) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Creating initial roles
--
-- 1. Admin - has full access
-- 2. Org Admin - read/write/publish/audit/admin/sync/auth
-- 3. User - User - Read / Write, no other permissions (default)
-- 4. Sync user - read/write/publish/sync/auth
--
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('1', 'admin', NOW() , NOW() , '1', '1', '1', '1', '1', '1', '1', '1', '1');
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('2', 'Org Admin', NOW() , NOW() , '1', '1', '0' , '1', '1', '1', '1', '0' , '1');
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
VALUES ('3', 'User', NOW() , NOW() , '1', '1', '0' , '0' , '0' , '0' , '0' , '0' , '0');
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`)
VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1');
-- --------------------------------------------------------
--
-- Update servers
--
ALTER TABLE `servers` DROP `logo`;
ALTER TABLE `servers` DROP `logo`;
-- --------------------------------------------------------
--
-- Update users
-- Collate changed for email - fixes case sensitivity of user names
--
ALTER TABLE `users` ADD `role_id` int(11) NOT NULL;
ALTER TABLE `users` ADD `change_pw` tinyint(1) NOT NULL;
ALTER TABLE `users` CHANGE `email` `email` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL
UPDATE TABLE `users` SET `role_id` = '3';
UPDATE TABLE `users` SET `role_id` = '1' WHERE `org` = 'ADMIN';
-- --------------------------------------------------------

22
app/MYSQL.migrate2.sql
View File

@ -1,22 +0,0 @@
ALTER TABLE `roles` ADD `perm_admin` TINYINT( 1 ) NOT NULL DEFAULT '0';
ALTER TABLE `roles` ADD `perm_audit` TINYINT( 1 ) NOT NULL DEFAULT '0';
INSERT INTO `roles` (
`id` ,
`name` ,
`created` ,
`modified` ,
`perm_add` ,
`perm_modify` ,
`perm_modify_org` ,
`perm_publish` ,
`perm_sync` ,
`perm_admin` ,
`perm_audit` ,
`perm_full` ,
`perm_auth`
)
VALUES (
'1', 'ADMIN', '2013-02-26 14:27:20', '2013-02-26 14:27:20', '1', '1', '1', '1', '1', '1', '1', '1', '1'
);