chg: [object:fromAttributes] Added support of hard delete if event not

published yet
2019-06-12 11:00:17 +02:00 · 2019-06-12 11:00:17 +02:00 · b050269949
parent 892348d7fd
commit b050269949
3 changed files with 16 additions and 12 deletions
--- a/app/Controller/ObjectsController.php
+++ b/app/Controller/ObjectsController.php
@ -1016,18 +1016,19 @@ class ObjectsController extends AppController

    function groupAttributesIntoObject($event_id, $selected_template, $selected_attribute_ids='[]')
    {
+        $event = $this->MispObject->Event->find('first', array(
+            'recursive' => -1,
+            'fields' => array('Event.id', 'Event.uuid', 'Event.orgc_id', 'Event.publish_timestamp'),
+            'conditions' => array('Event.id' => $event_id)
+        ));
+        if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
+            throw new NotFoundException(__('Invalid event.'));
+        }
+        $hard_delete_attribute = $event['Event']['publish_timestamp'] == 0;
        if ($this->request->is('post')) {
            if (!$this->request->is('ajax')) {
                throw new MethodNotAllowedException(__('This action can only be reached via AJAX.'));
            }
-            $event = $this->MispObject->Event->find('first', array(
-                'recursive' => -1,
-                'fields' => array('Event.id', 'Event.uuid', 'Event.orgc_id'),
-                'conditions' => array('Event.id' => $event_id)
-            ));
-            if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
-                throw new NotFoundException(__('Invalid event.'));
-            }
            $template = $this->MispObject->ObjectTemplate->find('first', array(
                'recursive' => -1,
                'conditions' => array('ObjectTemplate.id' => $selected_template, 'ObjectTemplate.active' => true)
@ -1061,7 +1062,7 @@ class ObjectsController extends AppController
                ),
                'Attribute' => array()
            );
-            $result = $this->MispObject->groupAttributesIntoObject($this->Auth->user(), $event_id, $object, $template, $selected_attribute_ids, $selected_object_relation_mapping);
+            $result = $this->MispObject->groupAttributesIntoObject($this->Auth->user(), $event_id, $object, $template, $selected_attribute_ids, $selected_object_relation_mapping, $hard_delete_attribute);
            if (is_numeric($result)) {
                $this->MispObject->Event->unpublishEvent($event_id);
                return $this->RestResponse->saveSuccessResponse('Objects', 'Created from Attributes', $result, $this->response->type());
@ -1122,6 +1123,7 @@ class ObjectsController extends AppController

            $distributionData = $this->MispObject->Event->Attribute->fetchDistributionData($this->Auth->user());
            $this->set('event_id', $event_id);
+            $this->set('hard_delete_attribute', $hard_delete_attribute);
            $this->set('distributionData', $distributionData);
            $this->set('distributionLevels', $this->MispObject->Attribute->distributionLevels);
            $this->set('selectedTemplateTd', $selected_template);
--- a/app/Model/MispObject.php
+++ b/app/Model/MispObject.php
@ -819,7 +819,7 @@ class MispObject extends AppModel
        return array('templates' => $templates, 'types' => $attribute_types);
    }

-    public function groupAttributesIntoObject($user, $event_id, $object, $template, $selected_attribute_ids, $selected_object_relation_mapping)
+    public function groupAttributesIntoObject($user, $event_id, $object, $template, $selected_attribute_ids, $selected_object_relation_mapping, $hard_delete_attribute)
    {
        $saved_object_id = $this->saveObject($object, $event_id, $template, $user);

@ -862,7 +862,7 @@ class MispObject extends AppModel
                }
                $saved_object['Attribute'][$i] = $created_attribute;
                $this->Attribute->captureAttribute($created_attribute, $event_id, $user, $saved_object['Object']['id']);
-                $this->Attribute->__delete($existing_attribute['Attribute']['id'], $user);
+                $this->Attribute->__delete($existing_attribute['Attribute']['id'], $user, $hard_delete_attribute);
            }
        }
        return $saved_object['Object']['id'];
--- a/app/View/Objects/group_attributes_into_object.ctp
+++ b/app/View/Objects/group_attributes_into_object.ctp
@ -125,7 +125,9 @@ echo $this->Form->create('Object', array('url' => $baseurl . '/objects/groupAttr
    <div>
        <button class="btn btn-primary" onclick="submitMergeAttributeIntoObjectForm(this);"><?php echo __('Merge above Attributes into an Object'); ?></button>
    </div>
-    <span class="red bold" data-original-title="" title=""><?php echo __('Selected Attributes will be soft-deleted') ?></span>
+    <span class="red bold" data-original-title="" title="">
+        <?php echo sprintf(__('Selected Attributes will be %s deleted'), '<strong style="font-size: medium">' . ($hard_delete_attribute ? __('hard') : __('soft')) . '</strong>'); ?>
+    </span>
 </div>

 <script>