From ffb31c425ddc3a331b07cebff15c0ed37357b61c Mon Sep 17 00:00:00 2001
From: mokaddem <sami.mokaddem@circl.lu>
Date: Wed, 27 Mar 2019 12:02:57 +0100
Subject: [PATCH 1/5] fix: [RestClient:queryBuilder] Distribution level in the
 query builder. Fix #4280

---
 app/Controller/Component/RestResponseComponent.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/Controller/Component/RestResponseComponent.php b/app/Controller/Component/RestResponseComponent.php
index 3938a522c..1c30fd4ba 100644
--- a/app/Controller/Component/RestResponseComponent.php
+++ b/app/Controller/Component/RestResponseComponent.php
@@ -1533,7 +1533,10 @@ class RestResponseComponent extends Component
         $field['values'] = array_keys(ClassRegistry::init("Attribute")->categoryDefinitions);
     }
     private function __overwriteDistribution($scope, &$field) {
-        $field['values'] = array_keys(ClassRegistry::init("Attribute")->distributionLevels);
+        $field['values'] = array();
+        foreach(ClassRegistry::init("Attribute")->distributionLevels as $d => $text) {
+            $field['values'][] = array('label' => $text, 'value' => $d);
+        }
     }
     private function __overwriteTags($scope, &$field) {
         $this->{$scope} = ClassRegistry::init("Tag");

From 9d7e743b2260f2a78afb4305655edb44b3ee2011 Mon Sep 17 00:00:00 2001
From: mokaddem <sami.mokaddem@circl.lu>
Date: Wed, 27 Mar 2019 14:40:08 +0100
Subject: [PATCH 2/5] chg: [restClient:querybuilder] Prefil the QB when picking
 a saved query - WiP

---
 app/webroot/js/misp.js       | 48 --------------------
 app/webroot/js/restClient.js | 86 +++++++++++++++++++++++++++++++++++-
 2 files changed, 85 insertions(+), 49 deletions(-)

diff --git a/app/webroot/js/misp.js b/app/webroot/js/misp.js
index 74ad090f9..2ea5bf8b7 100644
--- a/app/webroot/js/misp.js
+++ b/app/webroot/js/misp.js
@@ -4092,54 +4092,6 @@ function submit_feed_overlap_tool(feedId) {
     });
 }
 
-function populate_rest_history(scope) {
-    if (scope === 'history') {
-        scope = '';
-        var container_class = 'history_queries';
-    } else {
-        scope = '1';
-        var container_class = 'bookmarked_queries';
-    }
-    $.get("/rest_client_history/index/" + scope, function(data) {
-        $('.' + container_class).html(data);
-    });
-}
-
-function loadRestClientHistory(k, data_container) {
-    $('#ServerMethod').val(data_container[k]['RestClientHistory']['http_method']);
-    $('#ServerUseFullPath').prop("checked", data_container[k]['RestClientHistory']['use_full_path']);
-    $('#ServerShowResult').prop("checked", data_container[k]['RestClientHistory']['show_result']);
-    $('#ServerSkipSslValidation').prop("checked", data_container[k]['RestClientHistory']['skip_ssl_validation']);
-    $('#ServerUrl').val(data_container[k]['RestClientHistory']['url']);
-    $('#ServerHeader').val(data_container[k]['RestClientHistory']['headers']);
-    $('#ServerBody').val(data_container[k]['RestClientHistory']['body']);
-    toggleRestClientBookmark();
-}
-
-function toggleRestClientBookmark() {
-    if ($('#ServerBookmark').prop("checked") == true) {
-        $('#bookmark-name').css('display', 'block');
-    } else {
-        $('#bookmark-name').css('display', 'none');
-    }
-}
-
-function removeRestClientHistoryItem(id) {
-    $.ajax({
-        data: '[]',
-        success:function (data, textStatus) {
-            populate_rest_history('bookmark');
-            populate_rest_history('history');
-        },
-        error:function() {
-            handleGenericAjaxResponse({'saved':false, 'errors':['Request failed due to an unexpected error.']});
-        },
-        type:"post",
-        cache: false,
-        url: '/rest_client_history/delete/' + id,
-    });
-}
-
 function changeTaxonomyRequiredState(checkbox) {
     var checkbox_state = $(checkbox).is(":checked");
     var taxonomy_id = $(checkbox).data('taxonomy-id');
diff --git a/app/webroot/js/restClient.js b/app/webroot/js/restClient.js
index cefd5da78..40d7ab209 100644
--- a/app/webroot/js/restClient.js
+++ b/app/webroot/js/restClient.js
@@ -31,6 +31,60 @@ function setApiInfoBox(isTyping) {
     }
 }
 
+function loadRestClientHistory(k, data_container) {
+    $('#ServerMethod').val(data_container[k]['RestClientHistory']['http_method']);
+    $('#ServerUseFullPath').prop("checked", data_container[k]['RestClientHistory']['use_full_path']);
+    $('#ServerShowResult').prop("checked", data_container[k]['RestClientHistory']['show_result']);
+    $('#ServerSkipSslValidation').prop("checked", data_container[k]['RestClientHistory']['skip_ssl_validation']);
+    $('#ServerUrl').val(data_container[k]['RestClientHistory']['url']);
+    $('#ServerHeader').val(data_container[k]['RestClientHistory']['headers']);
+    toggleRestClientBookmark();
+    $('#TemplateSelect').val(data_container[k]['RestClientHistory']['url']).trigger("chosen:updated").trigger("change");
+    updateQueryTool(data_container[k]['RestClientHistory']['url'], data_container[k]['RestClientHistory']['body']);
+    $('#ServerBody').val(data_container[k]['RestClientHistory']['body']);
+    $('#querybuilder').find('.rule-filter-container > select').trigger('chosen:updated');
+}
+
+function populate_rest_history(scope) {
+    if (scope === 'history') {
+        scope = '';
+        var container_class = 'history_queries';
+    } else {
+        scope = '1';
+        var container_class = 'bookmarked_queries';
+    }
+    $.get("/rest_client_history/index/" + scope, function(data) {
+        $('.' + container_class).html(data);
+    });
+}
+
+function toggleRestClientBookmark() {
+    if ($('#ServerBookmark').prop("checked") == true) {
+        $('#bookmark-name').css('display', 'block');
+    } else {
+        $('#bookmark-name').css('display', 'none');
+    }
+}
+
+function removeRestClientHistoryItem(id) {
+    $.ajax({
+        data: '[]',
+        success:function (data, textStatus) {
+            populate_rest_history('bookmark');
+            populate_rest_history('history');
+        },
+        error:function() {
+            handleGenericAjaxResponse({'saved':false, 'errors':['Request failed due to an unexpected error.']});
+        },
+        type:"post",
+        cache: false,
+        url: '/rest_client_history/delete/' + id,
+    });
+}
+
+
+
+
     var allValidApis;
     var fieldsConstraint;
     var querybuilderTool;
@@ -150,9 +204,18 @@ function setApiInfoBox(isTyping) {
     });
 
 
-function updateQueryTool(url) {
+function updateQueryTool(url, body) {
     var apiJson = allValidApis[url];
     var filtersJson = fieldsConstraint[url];
+
+    if (body !== undefined && body.length > 0) {
+        body = JSON.parse(body);
+    } else {
+        body = {};
+    }
+    var controller = apiJson.controller;
+    controller = controller.charAt(0).toUpperCase() + controller.slice(1) + 's';
+
     var filters = [];
     for (var k in filtersJson) {
         if (filtersJson.hasOwnProperty(k)) {
@@ -196,6 +259,11 @@ function updateQueryTool(url) {
         };
         mandatoryFields.forEach(function(mandatory) {
             var r = filtersJson[mandatory];
+            var action = r.id.split('.')[1];
+            if (body[action] !== undefined) {
+                r.value = body[action];
+                delete body[action];
+            }
             r.flags = {
                 no_delete: true,
                 filter_readonly: true
@@ -211,6 +279,22 @@ function updateQueryTool(url) {
         };
     }
 
+    Object.keys(body).forEach(function(k) {
+        var values = body[k];
+        if (Array.isArray(values)) {
+            values.forEach(function(value) {
+                var r = filtersJson[k];
+                r.value = value;
+                console.log(value);
+                rules.rules[0].rules.push(r);
+            });
+        } else {
+            var r = filtersJson[k];
+            r.value = values;
+            rules.rules[0].rules.push(r);
+        }
+    });
+
     // add Params input field
     var paramFields = apiJson.params;
     $('#divAdditionalParamInput').remove();

From 4a37dfbf9475e7cd5e85a9e603e98b4f4a4516ae Mon Sep 17 00:00:00 2001
From: mokaddem <sami.mokaddem@circl.lu>
Date: Wed, 27 Mar 2019 16:45:35 +0100
Subject: [PATCH 3/5] fix: [restClient:querybuilder] Fixed a bug where multiple
 rules where not added correctly and show API info box

---
 app/webroot/js/restClient.js | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/app/webroot/js/restClient.js b/app/webroot/js/restClient.js
index 40d7ab209..f52dc3a8b 100644
--- a/app/webroot/js/restClient.js
+++ b/app/webroot/js/restClient.js
@@ -39,10 +39,11 @@ function loadRestClientHistory(k, data_container) {
     $('#ServerUrl').val(data_container[k]['RestClientHistory']['url']);
     $('#ServerHeader').val(data_container[k]['RestClientHistory']['headers']);
     toggleRestClientBookmark();
-    $('#TemplateSelect').val(data_container[k]['RestClientHistory']['url']).trigger("chosen:updated").trigger("change");
-    updateQueryTool(data_container[k]['RestClientHistory']['url'], data_container[k]['RestClientHistory']['body']);
     $('#ServerBody').val(data_container[k]['RestClientHistory']['body']);
-    $('#querybuilder').find('.rule-filter-container > select').trigger('chosen:updated');
+    $('#TemplateSelect').val(data_container[k]['RestClientHistory']['url']).trigger("chosen:updated");
+    updateQueryTool(data_container[k]['RestClientHistory']['url'], false);
+    $('#querybuilder').find('select').trigger('chosen:updated');
+    setApiInfoBox(false);
 }
 
 function populate_rest_history(scope) {
@@ -132,7 +133,7 @@ function removeRestClientHistoryItem(id) {
             $('#TemplateSelect').val($(this).val()).trigger("chosen:updated").trigger("change");
         });
 
-        $('#TemplateSelect').change(function() {
+        $('#TemplateSelect').change(function(e) {
             var selected_template = $('#TemplateSelect').val();
             if (selected_template !== '' && allValidApis[selected_template] !== undefined) {
                 $('#template_description').show();
@@ -141,7 +142,7 @@ function removeRestClientHistoryItem(id) {
                 $('#ServerUrl').data('urlWithoutParam', selected_template);
                 $('#ServerBody').val(allValidApis[selected_template].body);
                 setApiInfoBox(false);
-                updateQueryTool(selected_template);
+                updateQueryTool(selected_template, true);
             }
         });
 
@@ -204,11 +205,13 @@ function removeRestClientHistoryItem(id) {
     });
 
 
-function updateQueryTool(url, body) {
+function updateQueryTool(url, isEmpty) {
     var apiJson = allValidApis[url];
     var filtersJson = fieldsConstraint[url];
 
-    if (body !== undefined && body.length > 0) {
+    isEmpty = isEmpty === undefined ? false : isEmpty;
+    var body = $('#ServerBody').val();
+    if (!isEmpty && body !== undefined && body.length > 0) {
         body = JSON.parse(body);
     } else {
         body = {};
@@ -283,9 +286,8 @@ function updateQueryTool(url, body) {
         var values = body[k];
         if (Array.isArray(values)) {
             values.forEach(function(value) {
-                var r = filtersJson[k];
+                var r = $.extend({}, filtersJson[k], true);
                 r.value = value;
-                console.log(value);
                 rules.rules[0].rules.push(r);
             });
         } else {

From 9d93fa69aabc89b40aeeb2c4749e9da27981a9f4 Mon Sep 17 00:00:00 2001
From: mokaddem <sami.mokaddem@circl.lu>
Date: Thu, 28 Mar 2019 09:09:57 +0100
Subject: [PATCH 4/5] chg: [restClient:querybuilder] bit of cleanup

---
 app/webroot/js/restClient.js | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/app/webroot/js/restClient.js b/app/webroot/js/restClient.js
index f52dc3a8b..0b33190f7 100644
--- a/app/webroot/js/restClient.js
+++ b/app/webroot/js/restClient.js
@@ -133,7 +133,7 @@ function removeRestClientHistoryItem(id) {
             $('#TemplateSelect').val($(this).val()).trigger("chosen:updated").trigger("change");
         });
 
-        $('#TemplateSelect').change(function(e) {
+        $('#TemplateSelect').change(function() {
             var selected_template = $('#TemplateSelect').val();
             if (selected_template !== '' && allValidApis[selected_template] !== undefined) {
                 $('#template_description').show();
@@ -216,8 +216,6 @@ function updateQueryTool(url, isEmpty) {
     } else {
         body = {};
     }
-    var controller = apiJson.controller;
-    controller = controller.charAt(0).toUpperCase() + controller.slice(1) + 's';
 
     var filters = [];
     for (var k in filtersJson) {

From 7c2e0962504ec082d468aca162ce3fcd006dfef1 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sat, 30 Mar 2019 08:16:12 +0100
Subject: [PATCH 5/5] chg: [warning-lists] updated to the latest version

---
 app/files/warninglists | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/files/warninglists b/app/files/warninglists
index 04e8f468d..3ededf3dd 160000
--- a/app/files/warninglists
+++ b/app/files/warninglists
@@ -1 +1 @@
-Subproject commit 04e8f468d9b789956adb1bea44fa108c4012229f
+Subproject commit 3ededf3ddf92573e1037305859857418f73fdf25