mirror of https://github.com/MISP/MISP
Updated the migration script (SQL)
- Script updated based on the issues during testing - Changed the file upload/downoad mechanism.pull/63/head
parent
a7bb5c7767
commit
a735822ca1
|
@ -428,6 +428,7 @@ class AppController extends Controller {
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
//$this->Acl->allow($inc, 'controllers/Events/add');
|
||||||
if ($permAdd) {
|
if ($permAdd) {
|
||||||
$this->Acl->allow($inc, 'controllers/Events/add');
|
$this->Acl->allow($inc, 'controllers/Events/add');
|
||||||
$this->Acl->allow($inc, 'controllers/Attributes/add');
|
$this->Acl->allow($inc, 'controllers/Attributes/add');
|
||||||
|
@ -463,12 +464,11 @@ class AppController extends Controller {
|
||||||
$this->Acl->deny($inc, 'controllers/Logs');
|
$this->Acl->deny($inc, 'controllers/Logs');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($inc['Role']['perm_admin'])) {
|
if (isset($inc['Role']['perm_admin']) && $inc['Role']['perm_admin']) {
|
||||||
if ($inc['Role']['perm_admin']) {
|
|
||||||
//$this->Acl->allow($inc, 'controllers/Logs');
|
//$this->Acl->allow($inc, 'controllers/Logs');
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
$this->Acl->deny($inc, 'controllers/Roles');
|
$this->Acl->deny($inc, 'controllers/Roles');
|
||||||
|
//$this->Acl->deny($inc, 'controllers');
|
||||||
}
|
}
|
||||||
if (isset($inc['Role']['perm_auth'])) {
|
if (isset($inc['Role']['perm_auth'])) {
|
||||||
if ($inc['Role']['perm_auth']) {
|
if ($inc['Role']['perm_auth']) {
|
||||||
|
|
|
@ -303,12 +303,8 @@ class AttributesController extends AppController {
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->Attribute->read();
|
$this->Attribute->read();
|
||||||
if (PHP_OS == 'WINNT') {
|
$path = APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS;
|
||||||
$path = APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS;
|
$file = $this->Attribute->data['Attribute']['id'];
|
||||||
$file = $this->Attribute->data['Attribute']['id'];
|
|
||||||
} else {
|
|
||||||
$file = new File(APP . "files" . DS . $this->Attribute->data['Attribute']['event_id'] . DS . $this->Attribute->data['Attribute']['id']);
|
|
||||||
}
|
|
||||||
$filename = '';
|
$filename = '';
|
||||||
if ('attachment' == $this->Attribute->data['Attribute']['type']) {
|
if ('attachment' == $this->Attribute->data['Attribute']['type']) {
|
||||||
$filename = Sanitize::clean($this->Attribute->data['Attribute']['value']);
|
$filename = Sanitize::clean($this->Attribute->data['Attribute']['value']);
|
||||||
|
@ -324,23 +320,13 @@ class AttributesController extends AppController {
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->viewClass = 'Media';
|
$this->viewClass = 'Media';
|
||||||
if (PHP_OS == 'WINNT') {
|
$params = array(
|
||||||
$params = array(
|
|
||||||
'id' => $file,
|
'id' => $file,
|
||||||
'name' => $filename,
|
'name' => $filename,
|
||||||
'extension' => $fileExt,
|
'extension' => $fileExt,
|
||||||
'download' => true,
|
'download' => true,
|
||||||
'path' => $path
|
'path' => $path
|
||||||
);
|
);
|
||||||
} else {
|
|
||||||
$params = array(
|
|
||||||
'id' => $file->path,
|
|
||||||
'name' => $filename,
|
|
||||||
'extension' => $fileExt,
|
|
||||||
'download' => true,
|
|
||||||
'path' => DS
|
|
||||||
);
|
|
||||||
}
|
|
||||||
$this->set($params);
|
$this->set($params);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -376,13 +362,13 @@ class AttributesController extends AppController {
|
||||||
if ($this->request->data['Attribute']['malware']) {
|
if ($this->request->data['Attribute']['malware']) {
|
||||||
$this->request->data['Attribute']['type'] = "malware-sample";
|
$this->request->data['Attribute']['type'] = "malware-sample";
|
||||||
$filename = Sanitize::clean($filename);
|
$filename = Sanitize::clean($filename);
|
||||||
preg_replace('\/:*?"<>', '', $filename);
|
preg_replace('/\//:*?"<>/', '', $filename);
|
||||||
$this->request->data['Attribute']['value'] = $filename . '|' . $tmpfile->md5(); // TODO gives problems with bigger files
|
$this->request->data['Attribute']['value'] = $filename . '|' . $tmpfile->md5(); // TODO gives problems with bigger files
|
||||||
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
|
$this->request->data['Attribute']['to_ids'] = 1; // LATER let user choose to send this to IDS
|
||||||
} else {
|
} else {
|
||||||
$this->request->data['Attribute']['type'] = "attachment";
|
$this->request->data['Attribute']['type'] = "attachment";
|
||||||
$filename = Sanitize::clean($filename);
|
$filename = Sanitize::clean($filename);
|
||||||
preg_replace('\/:*?"<>', '', $filename);
|
preg_replace('/\/:*?"<>/', '', $filename);
|
||||||
$this->request->data['Attribute']['value'] = $filename;
|
$this->request->data['Attribute']['value'] = $filename;
|
||||||
$this->request->data['Attribute']['to_ids'] = 0;
|
$this->request->data['Attribute']['to_ids'] = 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
--
|
--
|
||||||
-- Update to attributes
|
-- Update to attributes
|
||||||
--
|
--
|
||||||
ALTER TABLE `attributes` ADD `cluster` tinyint(1) NOT NULL;
|
|
||||||
ALTER TABLE `attributes` ADD `communitie` tinyint(1) NOT NULL;
|
ALTER TABLE `attributes` ADD `cluster` tinyint(1) DEFAULT '0';
|
||||||
|
ALTER TABLE `attributes` ADD `communitie` tinyint(1) DEFAULT '0';
|
||||||
ALTER TABLE `attributes` ADD `dist_change` int(11) DEFAULT '0';
|
ALTER TABLE `attributes` ADD `dist_change` int(11) DEFAULT '0';
|
||||||
-- --------------------------------------------------------
|
-- --------------------------------------------------------
|
||||||
|
|
||||||
|
@ -47,6 +48,8 @@ ALTER TABLE `events` ADD `analysis` tinyint(4) NOT NULL;
|
||||||
ALTER TABLE `events` ADD `attribute_count` int(11) UNSIGNED DEFAULT NULL;
|
ALTER TABLE `events` ADD `attribute_count` int(11) UNSIGNED DEFAULT NULL;
|
||||||
ALTER TABLE `events` ADD `hop_count` int(11) UNSIGNED DEFAULT NULL;
|
ALTER TABLE `events` ADD `hop_count` int(11) UNSIGNED DEFAULT NULL;
|
||||||
ALTER TABLE `events` ADD `dist_change` int(11) NOT NULL DEFAULT 0;
|
ALTER TABLE `events` ADD `dist_change` int(11) NOT NULL DEFAULT 0;
|
||||||
|
ALTER TABLE `events` ADD `orgc` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL;
|
||||||
|
UPDATE TABLE `events` SET `orgc` = `org` WHERE `orgc` = NULL;
|
||||||
-- --------------------------------------------------------
|
-- --------------------------------------------------------
|
||||||
|
|
||||||
--
|
--
|
||||||
|
@ -85,6 +88,7 @@ CREATE TABLE `regexp` (
|
||||||
-- Create table roles
|
-- Create table roles
|
||||||
--
|
--
|
||||||
|
|
||||||
|
DROP TABLE IF EXISTS `roles`;
|
||||||
CREATE TABLE `roles` (
|
CREATE TABLE `roles` (
|
||||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||||
`name` varchar(100) COLLATE utf8_bin NOT NULL,
|
`name` varchar(100) COLLATE utf8_bin NOT NULL,
|
||||||
|
@ -97,21 +101,49 @@ CREATE TABLE `roles` (
|
||||||
`perm_sync` tinyint(1) NOT NULL,
|
`perm_sync` tinyint(1) NOT NULL,
|
||||||
`perm_full` tinyint(1) NOT NULL,
|
`perm_full` tinyint(1) NOT NULL,
|
||||||
`perm_auth` tinyint(1) NOT NULL,
|
`perm_auth` tinyint(1) NOT NULL,
|
||||||
|
`perm_audit` tinyint(1) NOT NULL,
|
||||||
|
`perm_admin` tinyint(1) NOT NULL,
|
||||||
PRIMARY KEY (`id`)
|
PRIMARY KEY (`id`)
|
||||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
|
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
|
||||||
-- --------------------------------------------------------
|
-- --------------------------------------------------------
|
||||||
|
|
||||||
|
--
|
||||||
|
-- Creating initial roles
|
||||||
|
--
|
||||||
|
-- 1. Admin - has full access
|
||||||
|
-- 2. Org Admin - read/write/publish/audit/admin/sync/auth
|
||||||
|
-- 3. User - User - Read / Write, no other permissions (default)
|
||||||
|
-- 4. Sync user - read/write/publish/sync/auth
|
||||||
|
--
|
||||||
|
|
||||||
|
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
|
||||||
|
VALUES ('1', 'admin', NOW() , NOW() , '1', '1', '1', '1', '1', '1', '1', '1', '1');
|
||||||
|
|
||||||
|
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
|
||||||
|
VALUES ('2', 'Org Admin', NOW() , NOW() , '1', '1', '0' , '1', '1', '1', '1', '0' , '1');
|
||||||
|
|
||||||
|
INSERT INTO `roles` (`id` ,`name` ,`created` ,`modified` ,`perm_add` ,`perm_modify` ,`perm_modify_org` ,`perm_publish` ,`perm_sync` ,`perm_admin` ,`perm_audit` ,`perm_full` ,`perm_auth`)
|
||||||
|
VALUES ('3', 'User', NOW() , NOW() , '1', '1', '0' , '0' , '0' , '0' , '0' , '0' , '0');
|
||||||
|
|
||||||
|
INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modify`, `perm_modify_org`, `perm_publish`, `perm_sync`, `perm_admin`, `perm_audit`, `perm_full`, `perm_auth`)
|
||||||
|
VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1');
|
||||||
|
-- --------------------------------------------------------
|
||||||
|
|
||||||
--
|
--
|
||||||
-- Update servers
|
-- Update servers
|
||||||
--
|
--
|
||||||
|
|
||||||
ALTER TABLE `servers` DROP `logo`;
|
ALTER TABLE `servers` DROP `logo`;
|
||||||
-- --------------------------------------------------------
|
-- --------------------------------------------------------
|
||||||
|
|
||||||
--
|
--
|
||||||
-- Update users
|
-- Update users
|
||||||
|
-- Collate changed for email - fixes case sensitivity of user names
|
||||||
--
|
--
|
||||||
|
|
||||||
ALTER TABLE `users` ADD `role_id` int(11) NOT NULL;
|
ALTER TABLE `users` ADD `role_id` int(11) NOT NULL;
|
||||||
ALTER TABLE `users` ADD `change_pw` tinyint(1) NOT NULL;
|
ALTER TABLE `users` ADD `change_pw` tinyint(1) NOT NULL;
|
||||||
|
ALTER TABLE `users` CHANGE `email` `email` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL
|
||||||
|
UPDATE TABLE `users` SET `role_id` = '3';
|
||||||
|
UPDATE TABLE `users` SET `role_id` = '1' WHERE `org` = 'ADMIN';
|
||||||
-- --------------------------------------------------------
|
-- --------------------------------------------------------
|
||||||
|
|
|
@ -1,22 +0,0 @@
|
||||||
|
|
||||||
ALTER TABLE `roles` ADD `perm_admin` TINYINT( 1 ) NOT NULL DEFAULT '0';
|
|
||||||
ALTER TABLE `roles` ADD `perm_audit` TINYINT( 1 ) NOT NULL DEFAULT '0';
|
|
||||||
|
|
||||||
INSERT INTO `roles` (
|
|
||||||
`id` ,
|
|
||||||
`name` ,
|
|
||||||
`created` ,
|
|
||||||
`modified` ,
|
|
||||||
`perm_add` ,
|
|
||||||
`perm_modify` ,
|
|
||||||
`perm_modify_org` ,
|
|
||||||
`perm_publish` ,
|
|
||||||
`perm_sync` ,
|
|
||||||
`perm_admin` ,
|
|
||||||
`perm_audit` ,
|
|
||||||
`perm_full` ,
|
|
||||||
`perm_auth`
|
|
||||||
)
|
|
||||||
VALUES (
|
|
||||||
'1', 'ADMIN', '2013-02-26 14:27:20', '2013-02-26 14:27:20', '1', '1', '1', '1', '1', '1', '1', '1', '1'
|
|
||||||
);
|
|
Loading…
Reference in New Issue