mirror of https://github.com/MISP/MISP
Merge branch '2.4' into guides
commit
b1cd958e50
2
PyMISP
2
PyMISP
|
|
@ -1 +1 @@
|
|||
Subproject commit ada955a9e6a02220eb6b86ce70aedc0e3c220c19
|
||||
Subproject commit 3113fcad556f6b7cdece48b2c946da6768a10ab8
|
||||
|
|
@ -46,7 +46,7 @@ class AppController extends Controller
|
|||
|
||||
public $helpers = array('Utility', 'OrgImg');
|
||||
|
||||
private $__queryVersion = '49';
|
||||
private $__queryVersion = '50';
|
||||
public $pyMispVersion = '2.4.96';
|
||||
public $phpmin = '5.6.5';
|
||||
public $phprec = '7.0.16';
|
||||
|
|
|
|||
|
|
@ -166,9 +166,10 @@ class AttributesController extends AppController
|
|||
} else {
|
||||
$values = explode("\n", $this->request->data['Attribute']['value']);
|
||||
}
|
||||
$temp = $this->request->data['Attribute'];
|
||||
foreach ($values as $value) {
|
||||
$this->request->data['Attribute']['value'] = $value;
|
||||
$attributes[] = $this->request->data['Attribute'];
|
||||
$temp['value'] = $value;
|
||||
$attributes[] = $temp;
|
||||
}
|
||||
} else {
|
||||
$attributes = $this->request->data['Attribute'];
|
||||
|
|
@ -294,18 +295,19 @@ class AttributesController extends AppController
|
|||
if (empty($fails)) {
|
||||
$message = 'Attributes saved.';
|
||||
} else {
|
||||
if (count($attributes) > 1) {
|
||||
if ($attributeCount > 1) {
|
||||
$failKeys = array_keys($fails);
|
||||
foreach ($failKeys as $k => $v) {
|
||||
$v = explode('_', $v);
|
||||
$failKeys[$k] = intval($v[1]) + 1;
|
||||
$failKeys[$k] = intval($v[1]);
|
||||
}
|
||||
$message = 'Attributes saved, however, attributes ' . implode(', ', $failKeys) . ' could not be saved.';
|
||||
$failed = 1;
|
||||
$message = sprintf('Attributes saved, however, %s attributes could not be saved. Click %s for more info', count($fails), '$flashErrorMessage');
|
||||
} else {
|
||||
if (!empty($fails["attribute_0"])) {
|
||||
foreach ($fails["attribute_0"] as $k => $v) {
|
||||
$failed = 1;
|
||||
$message = '$this->Flash->info [' . $k . ']: ' . $v[0];
|
||||
$message = $k . ': ' . $v[0];
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
|
|
@ -314,6 +316,25 @@ class AttributesController extends AppController
|
|||
}
|
||||
}
|
||||
}
|
||||
if (!empty($failKeys)) {
|
||||
$flashErrorMessage = array();
|
||||
$original_values = trim($this->request->data['Attribute']['value']);
|
||||
$original_values = explode("\n", $original_values);
|
||||
foreach ($original_values as $k => $original_value) {
|
||||
$original_value = trim($original_value);
|
||||
if (in_array($k, $failKeys)) {
|
||||
$reason = '';
|
||||
foreach ($fails["attribute_" . $k] as $failKey => $failData) {
|
||||
$reason = $failKey . ': ' . $failData[0];
|
||||
}
|
||||
$flashErrorMessage[] = '<span class="red bold">' . h($original_value) . '</span> (' . h($reason) . ')';
|
||||
} else {
|
||||
$flashErrorMessage[] = '<span class="green bold">' . h($original_value) . '</span>';
|
||||
}
|
||||
}
|
||||
$flashErrorMessage = implode('<br />', $flashErrorMessage);
|
||||
$this->Session->write('flashErrorMessage', $flashErrorMessage);
|
||||
}
|
||||
if ($this->request->is('ajax')) {
|
||||
$this->autoRender = false;
|
||||
$errors = ($attributeCount > 1) ? $message : $this->Attribute->validationErrors;
|
||||
|
|
|
|||
|
|
@ -172,7 +172,7 @@ class RestResponseComponent extends Component
|
|||
'optional' => array('url', 'name', 'authkey', 'json', 'push', 'pull', 'push_rules', 'pull_rules', 'submitted_cert', 'submitted_client_cert', 'remote_org_id')
|
||||
),
|
||||
'serverSettings' => array(
|
||||
'description' => "Send a GET request to this endpoint to get a full diagnostic along with all currently set settings of the current instance."
|
||||
'description' => "Send a GET request to this endpoint to get a full diagnostic along with all currently set settings of the current instance. This will also include the worker status"
|
||||
)
|
||||
),
|
||||
'Sighting' => array(
|
||||
|
|
|
|||
|
|
@ -1268,7 +1268,8 @@ class EventsController extends AppController
|
|||
}
|
||||
}
|
||||
}
|
||||
$params = $this->Event->rearrangeEventForView($event);
|
||||
$passedArgs = array('sort' => 'timestamp', 'direction' => 'desc');
|
||||
$params = $this->Event->rearrangeEventForView($event, $passedArgs);
|
||||
$this->params->params['paging'] = array($this->modelClass => $params);
|
||||
$this->set('event', $event);
|
||||
$dataForView = array(
|
||||
|
|
@ -2731,7 +2732,9 @@ class EventsController extends AppController
|
|||
} else {
|
||||
$filename = 'misp.csv.filtered_results.csv';
|
||||
}
|
||||
|
||||
if (!isset($filters['ignore'])) {
|
||||
$filters['ignore'] = 0;
|
||||
}
|
||||
$final = $this->Event->restSearch($user, 'csv', $filters);
|
||||
// if it's a search, grab the attributeIDList from the session and get the IDs from it. Use those as the condition
|
||||
// We don't need to look out for permissions since that's filtered by the search itself
|
||||
|
|
|
|||
|
|
@ -194,6 +194,7 @@ class ObjectsController extends AppController
|
|||
$error = 'Could not save the object as no attributes were set.';
|
||||
} else {
|
||||
foreach ($object['Attribute'] as $k => $attribute) {
|
||||
unset($object['Attribute'][$k]['id']);
|
||||
$object['Attribute'][$k]['event_id'] = $eventId;
|
||||
$this->MispObject->Event->Attribute->set($attribute);
|
||||
if (!$this->MispObject->Event->Attribute->validates()) {
|
||||
|
|
@ -220,6 +221,7 @@ class ObjectsController extends AppController
|
|||
$error = $this->MispObject->ObjectTemplate->checkTemplateConformity($template, $object);
|
||||
}
|
||||
if ($error === true) {
|
||||
unset($object['Object']['id']);
|
||||
$result = $this->MispObject->saveObject($object, $eventId, $template, $this->Auth->user(), $errorBehaviour = 'halt');
|
||||
if (is_numeric($result)) {
|
||||
$this->MispObject->Event->unpublishEvent($eventId);
|
||||
|
|
|
|||
|
|
@ -1375,70 +1375,110 @@ class UsersController extends AppController
|
|||
$this->set('user', $user);
|
||||
}
|
||||
|
||||
public function admin_email()
|
||||
public function admin_email($isPreview=false)
|
||||
{
|
||||
if (!$this->_isAdmin()) {
|
||||
throw new MethodNotAllowedException();
|
||||
}
|
||||
// User has filled in his contact form, send out the email.
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
$conditions = array();
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$conditions = array('org_id' => $this->Auth->user('org_id'));
|
||||
}
|
||||
if ($this->request->data['User']['recipient'] != 1) {
|
||||
$conditions['id'] = $this->request->data['User']['recipientEmailList'];
|
||||
}
|
||||
$conditions['AND'][] = array('User.disabled' => 0);
|
||||
$users = $this->User->find('all', array('recursive' => -1, 'order' => array('email ASC'), 'conditions' => $conditions));
|
||||
$this->request->data['User']['message'] = $this->User->adminMessageResolve($this->request->data['User']['message']);
|
||||
$failures = '';
|
||||
foreach ($users as $user) {
|
||||
$password = $this->User->generateRandomPassword();
|
||||
$body = str_replace('$password', $password, $this->request->data['User']['message']);
|
||||
$body = str_replace('$username', $user['User']['email'], $body);
|
||||
$result = $this->User->sendEmail($user, $body, false, $this->request->data['User']['subject']);
|
||||
// if sending successful and action was a password change, update the user's password.
|
||||
if ($result && $this->request->data['User']['action'] != '0') {
|
||||
$this->User->id = $user['User']['id'];
|
||||
$this->User->saveField('password', $password);
|
||||
$this->User->saveField('change_pw', '1');
|
||||
}
|
||||
if (!$result) {
|
||||
if ($failures != '') {
|
||||
$failures .= ', ';
|
||||
}
|
||||
$failures .= $user['User']['email'];
|
||||
}
|
||||
}
|
||||
if ($failures != '') {
|
||||
$this->Flash->success(__('E-mails sent, but failed to deliver the messages to the following recipients: ' . $failures));
|
||||
} else {
|
||||
$this->Flash->success(__('E-mails sent.'));
|
||||
}
|
||||
}
|
||||
$isPostOrPut = $this->request->is('post') || $this->request->is('put');
|
||||
$conditions = array();
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$conditions = array('org_id' => $this->Auth->user('org_id'));
|
||||
}
|
||||
$conditions['User.disabled'] = 0;
|
||||
$temp = $this->User->find('all', array('recursive' => -1, 'fields' => array('id', 'email'), 'order' => array('email ASC'), 'conditions' => $conditions));
|
||||
$emails = array();
|
||||
// save all the emails of the users and set it for the dropdown list in the form
|
||||
foreach ($temp as $user) {
|
||||
$emails[$user['User']['id']] = $user['User']['email'];
|
||||
|
||||
// harvest parameters
|
||||
if ($isPostOrPut) {
|
||||
$recipient = $this->request->data['User']['recipient'];
|
||||
} else {
|
||||
$recipient = isset($this->request->query['recipient']) ? $this->request->query['recipient'] : NULL;
|
||||
}
|
||||
$this->set('users', $temp);
|
||||
$this->set('recipientEmail', $emails);
|
||||
$this->set('org', Configure::read('MISP.org'));
|
||||
$textsToFetch = array('newUserText', 'passwordResetText');
|
||||
$this->loadModel('Server');
|
||||
foreach ($textsToFetch as $text) {
|
||||
${$text} = Configure::read('MISP.' . $text);
|
||||
if (!${$text}) {
|
||||
${$text} = $this->Server->serverSettings['MISP'][$text]['value'];
|
||||
if ($isPostOrPut) {
|
||||
$recipientEmailList = $this->request->data['User']['recipientEmailList'];
|
||||
} else {
|
||||
$recipientEmailList = isset($this->request->query['recipientEmailList']) ? $this->request->query['recipientEmailList'] : NULL;
|
||||
}
|
||||
if ($isPostOrPut) {
|
||||
$orgNameList = $this->request->data['User']['orgNameList'];
|
||||
} else {
|
||||
$orgNameList = isset($this->request->query['orgNameList']) ? $this->request->query['orgNameList'] : NULL;
|
||||
}
|
||||
|
||||
if (!is_null($recipient) && $recipient == 0) {
|
||||
if (is_null($recipientEmailList)) {
|
||||
throw new NotFoundException(__('Recipient email not provided'));
|
||||
}
|
||||
$conditions['id'] = $recipientEmailList;
|
||||
} else if (!is_null($recipient) && $recipient == 2) {
|
||||
if (is_null($orgNameList)) {
|
||||
throw new NotFoundException(__('Recipient organisation not provided'));
|
||||
}
|
||||
$conditions['org_id'] = $orgNameList;
|
||||
}
|
||||
$conditions['AND'][] = array('User.disabled' => 0);
|
||||
|
||||
// Allow to mimic real form post
|
||||
if ($isPreview) {
|
||||
$users = $this->User->find('list', array('recursive' => -1, 'order' => array('email ASC'), 'conditions' => $conditions, 'fields' => array('email')));
|
||||
$this->set('emails', $users);
|
||||
$this->set('emailsCount', count($users));
|
||||
$this->render('ajax/emailConfirmTemplate');
|
||||
} else {
|
||||
$users = $this->User->find('all', array('recursive' => -1, 'order' => array('email ASC'), 'conditions' => $conditions));
|
||||
// User has filled in his contact form, send out the email.
|
||||
if ($isPostOrPut) {
|
||||
$this->request->data['User']['message'] = $this->User->adminMessageResolve($this->request->data['User']['message']);
|
||||
$failures = '';
|
||||
foreach ($users as $user) {
|
||||
$password = $this->User->generateRandomPassword();
|
||||
$body = str_replace('$password', $password, $this->request->data['User']['message']);
|
||||
$body = str_replace('$username', $user['User']['email'], $body);
|
||||
$result = $this->User->sendEmail($user, $body, false, $this->request->data['User']['subject']);
|
||||
// if sending successful and action was a password change, update the user's password.
|
||||
if ($result && $this->request->data['User']['action'] != '0') {
|
||||
$this->User->id = $user['User']['id'];
|
||||
$this->User->saveField('password', $password);
|
||||
$this->User->saveField('change_pw', '1');
|
||||
}
|
||||
if (!$result) {
|
||||
if ($failures != '') {
|
||||
$failures .= ', ';
|
||||
}
|
||||
$failures .= $user['User']['email'];
|
||||
}
|
||||
}
|
||||
if ($failures != '') {
|
||||
$this->Flash->success(__('E-mails sent, but failed to deliver the messages to the following recipients: ' . $failures));
|
||||
} else {
|
||||
$this->Flash->success(__('E-mails sent.'));
|
||||
}
|
||||
}
|
||||
$conditions = array();
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$conditions = array('org_id' => $this->Auth->user('org_id'));
|
||||
}
|
||||
$conditions['User.disabled'] = 0;
|
||||
$temp = $this->User->find('all', array('recursive' => -1, 'fields' => array('id', 'email', 'Organisation.name'), 'order' => array('email ASC'), 'conditions' => $conditions, 'contain' => array('Organisation')));
|
||||
$emails = array();
|
||||
$orgName = array();
|
||||
// save all the emails of the users and set it for the dropdown list in the form
|
||||
foreach ($temp as $user) {
|
||||
$emails[$user['User']['id']] = $user['User']['email'];
|
||||
$orgName[$user['Organisation']['id']] = $user['Organisation']['name'];
|
||||
}
|
||||
|
||||
$this->set('users', $temp);
|
||||
$this->set('recipientEmail', $emails);
|
||||
$this->set('orgName', $orgName);
|
||||
$this->set('org', Configure::read('MISP.org'));
|
||||
$textsToFetch = array('newUserText', 'passwordResetText');
|
||||
$this->loadModel('Server');
|
||||
foreach ($textsToFetch as $text) {
|
||||
${$text} = Configure::read('MISP.' . $text);
|
||||
if (!${$text}) {
|
||||
${$text} = $this->Server->serverSettings['MISP'][$text]['value'];
|
||||
}
|
||||
$this->set($text, ${$text});
|
||||
}
|
||||
$this->set($text, ${$text});
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -228,7 +228,7 @@ class ComplexTypeTool
|
|||
);
|
||||
|
||||
// algorithms to run through in order
|
||||
private $__checks = array('Hashes', 'Email', 'IP', 'DomainOrFilename', 'SimpleRegex', 'AS');
|
||||
private $__checks = array('Hashes', 'Email', 'IP', 'DomainOrFilename', 'SimpleRegex', 'AS', 'BTC');
|
||||
|
||||
private function __resolveType($raw_input)
|
||||
{
|
||||
|
|
@ -247,6 +247,14 @@ class ComplexTypeTool
|
|||
return false;
|
||||
}
|
||||
|
||||
private function __checkForBTC($input)
|
||||
{
|
||||
if (preg_match("#^[13][a-km-zA-HJ-NP-Z1-9]{25,34}$#i", $input['raw'])) {
|
||||
return array('types' => array('btc'), 'categories' => array('Financial fraud'), 'to_ids' => true, 'default_type' => 'btc', 'value' => $input['raw']);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private function __checkForEmail($input)
|
||||
{
|
||||
// quick filter for an @ to see if we should validate a potential e-mail address
|
||||
|
|
|
|||
|
|
@ -2898,6 +2898,20 @@ class Attribute extends AppModel
|
|||
}
|
||||
}
|
||||
$results = $this->find('all', $params);
|
||||
foreach ($results as $k => $result) {
|
||||
if (!empty($result['AttributeTag'])) {
|
||||
$tagCulled = false;
|
||||
foreach ($result['AttributeTag'] as $k2 => $at) {
|
||||
if (empty($at['Tag'])) {
|
||||
unset($results[$k]['AttributeTag'][$k2]);
|
||||
$tagCulled = true;
|
||||
}
|
||||
}
|
||||
if ($tagCulled) {
|
||||
$results[$k]['AttributeTag'] = array_values($results[$k]['AttributeTag']);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!$loop) {
|
||||
if (!empty($params['limit']) && count($results) < $params['limit']) {
|
||||
$continue = false;
|
||||
|
|
@ -3764,7 +3778,7 @@ class Attribute extends AppModel
|
|||
'fields' => array('Attribute.*', 'Event.org_id', 'Event.distribution'),
|
||||
'withAttachments' => !empty($filters['withAttachments']) ? $filters['withAttachments'] : 0,
|
||||
'enforceWarninglist' => !empty($filters['enforceWarninglist']) ? $filters['enforceWarninglist'] : 0,
|
||||
'includeAllTags' => true,
|
||||
'includeAllTags' => !empty($filters['includeAllTags']) ? $filters['includeAllTags'] : 0,
|
||||
'flatten' => 1,
|
||||
'includeEventUuid' => !empty($filters['includeEventUuid']) ? $filters['includeEventUuid'] : 0,
|
||||
'includeEventTags' => !empty($filters['includeEventTags']) ? $filters['includeEventTags'] : 0
|
||||
|
|
@ -3852,5 +3866,5 @@ class Attribute extends AppModel
|
|||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1412,6 +1412,7 @@ class Event extends AppModel
|
|||
'category' => array('function' => 'set_filter_simple_attribute'),
|
||||
'type' => array('function' => 'set_filter_simple_attribute'),
|
||||
'tags' => array('function' => 'set_filter_tags', 'pop' => true),
|
||||
'ignore' => array('function' => 'set_filter_ignore'),
|
||||
'uuid' => array('function' => 'set_filter_uuid'),
|
||||
'deleted' => array('function' => 'set_filter_deleted'),
|
||||
'to_ids' => array('function' => 'set_filter_to_ids'),
|
||||
|
|
@ -1706,6 +1707,10 @@ class Event extends AppModel
|
|||
if (!empty($options['includeRelatedTags'])) {
|
||||
$options['includeGranularCorrelations'] = 1;
|
||||
}
|
||||
if (isset($options['ignore']) && empty($options['ignore'])) {
|
||||
$conditions['AND'][] = array('Event.published' => 1);
|
||||
$conditionsAttributes['AND'][] = array('Attribute.to_ids' => 1);
|
||||
}
|
||||
$softDeletables = array('Attribute', 'Object', 'ObjectReference');
|
||||
if (isset($options['deleted']) && $options['deleted']) {
|
||||
if (!$user['Role']['perm_sync']) {
|
||||
|
|
@ -2234,8 +2239,17 @@ class Event extends AppModel
|
|||
public function set_filter_ignore(&$params, $conditions, $options)
|
||||
{
|
||||
if (empty($params['ignore'])) {
|
||||
$conditions['AND']['Event.published'] = 1;
|
||||
$conditions['AND']['Attribute.to_ids'] = 1;
|
||||
if (empty($options['scope'])) {
|
||||
$scope = 'Attribute';
|
||||
} else {
|
||||
$scope = $options['scope'];
|
||||
}
|
||||
if ($scope === 'Attribute') {
|
||||
$conditions['AND']['Attribute.to_ids'] = 1;
|
||||
} else {
|
||||
$conditions['AND']['Event.published'] = 1;
|
||||
}
|
||||
|
||||
}
|
||||
return $conditions;
|
||||
}
|
||||
|
|
@ -5461,7 +5475,7 @@ class Event extends AppModel
|
|||
$filters['published'] = 1;
|
||||
}
|
||||
}
|
||||
if (isset($filters['ignore'])) {
|
||||
if (!empty($filters['ignore'])) {
|
||||
$filters['to_ids'] = array(0, 1);
|
||||
$filters['published'] = array(0, 1);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,6 +47,17 @@ class MispObject extends AppModel
|
|||
);
|
||||
|
||||
public $validate = array(
|
||||
'uuid' => array(
|
||||
'uuid' => array(
|
||||
'rule' => array('custom', '/^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$/'),
|
||||
'message' => 'Please provide a valid UUID'
|
||||
),
|
||||
'unique' => array(
|
||||
'rule' => 'isUnique',
|
||||
'message' => 'The UUID provided is not unique',
|
||||
'required' => 'create'
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
public function beforeValidate($options = array())
|
||||
|
|
|
|||
|
|
@ -199,7 +199,9 @@ class SharingGroup extends AppModel
|
|||
'conditions' => array('id' => $sgo['org_id'])
|
||||
));
|
||||
}
|
||||
$sgo['Organisation'] = $this->__sgoCache[$sgo['org_id']];
|
||||
if (!empty($this->__sgoCache[$sgo['org_id']]['Organisation'])) {
|
||||
$sgo['Organisation'] = $this->__sgoCache[$sgo['org_id']]['Organisation'];
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,13 @@
|
|||
<div class="alert alert-error">
|
||||
<button type="button" class="close" data-dismiss="alert">×</button>
|
||||
<?php echo h($message); ?>
|
||||
<button type="button" class="close" data-dismiss="alert">×</button>
|
||||
<?php
|
||||
$message = h($message);
|
||||
if (strpos('$flashErrorMessage', $message) >= 0) {
|
||||
$message = str_replace('$flashErrorMessage', '<span class="useCursorPointer underline bold" onClick="flashErrorPopover();">here</span>', $message);
|
||||
}
|
||||
echo $message;
|
||||
if ($this->Session->read('flashErrorMessage')) {
|
||||
echo sprintf('<div class="hidden" id="flashErrorMessage">%s</div>', $this->element('flashErrorMessage', array('message' => $this->Session->read('flashErrorMessage'))));
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,7 @@
|
|||
<div class="confirmation">
|
||||
<legend><?php echo __('Errors');?></legend>
|
||||
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
|
||||
<div id="flashErrorMessageContent" style="overflow-y: auto;"><?php echo $message; ?></div>
|
||||
<span role="button" tabindex="0" aria-label="<?php echo __('Cancel');?>" title="<?php echo __('Cancel');?>" class="btn btn-inverse" id="PromptNoButton" onClick="cancelPopoverForm();"><?php echo __('Close');?></span>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -55,9 +55,7 @@
|
|||
$branchColour = $branch == '2.4' ? 'green' : 'red bold';
|
||||
?>
|
||||
<span class="<?php echo h($branchColour); ?>">
|
||||
<?php
|
||||
echo h($branch);
|
||||
?>
|
||||
<?=($branch == '2.4') ? h($branch) : "You are not on a branch, Update MISP will fail"; ?>
|
||||
</span>
|
||||
</span><br />
|
||||
<pre class="hidden green bold" id="gitResult"></pre>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,33 @@
|
|||
<div class="confirmation">
|
||||
<?php
|
||||
echo $this->Form->create('GalaxyCluster', array(
|
||||
'style' => 'margin:0px;',
|
||||
'id' => 'PromptForm',
|
||||
'url' => array('controller' => 'galaxy_clusters', 'action' => 'delete', $id)
|
||||
));
|
||||
?>
|
||||
<legend><?php echo __('Galaxy Cluster Deletion');?></legend>
|
||||
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
|
||||
<p><?php echo __('Are you sure you want to delete Galaxy Cluster #<?php echo h($id); ?>?<br /> Associated tags will not be removed. You can reload the Galaxy Cluster at any time by force updating your galaxies.');?></p>
|
||||
<table>
|
||||
<tr>
|
||||
<td style="vertical-align:top">
|
||||
<?php
|
||||
echo $this->Form->button(__('Yes'), array(
|
||||
'type' => 'submit',
|
||||
'class' => 'btn btn-primary'
|
||||
));
|
||||
?>
|
||||
</td>
|
||||
<td style="width:540px;">
|
||||
</td>
|
||||
<td style="vertical-align:top;">
|
||||
<span role="button" tabindex="0" aria-label="<?php echo __('Cancel');?>" class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();"><?php echo __('No');?></span>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->Form->end();
|
||||
?>
|
||||
</div>
|
||||
|
|
@ -59,7 +59,9 @@
|
|||
?>
|
||||
</div>
|
||||
<div>
|
||||
<?php echo $this->fetch('content'); ?>
|
||||
<?php
|
||||
echo $this->fetch('content');
|
||||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->element('footer');
|
||||
|
|
@ -104,12 +106,17 @@
|
|||
tabIsActive = true;
|
||||
});
|
||||
<?php
|
||||
if (!Configure::read('MISP.disable_auto_logout')):
|
||||
if (!Configure::read('MISP.disable_auto_logout')):
|
||||
?>
|
||||
checkIfLoggedIn();
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
if ($('.alert').text().indexOf("$flashErrorMessage") >= 0) {
|
||||
//$('#flashErrorMessage').html()
|
||||
var flashMessageLink = '<span class="useCursorPointer underline bold" onClick="flashErrorPopover();">here</span>';
|
||||
$('.alert').html(($('.alert').html().replace("$flashErrorMessage", flashMessageLink)));
|
||||
}
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
<?php
|
||||
// This choice will determine
|
||||
$actionOptions=array(__('Custom message'), __('Welcome message'), __('Reset password'));
|
||||
$recipientOptions=array(__('A single user'), __('All users'));
|
||||
$recipientOptions=array(__('A single user'), __('All users'), __('All users of the same organisation'));
|
||||
?>
|
||||
<div class="row-fluid">
|
||||
<?php echo $this->Form->input('action', array('type' => 'select', 'options' => $actionOptions, 'id' => 'action')); ?>
|
||||
|
|
@ -29,6 +29,9 @@
|
|||
<div id="recipientEmailList" class="hideAble">
|
||||
<?php echo $this->Form->input('recipientEmailList', array('type' => 'select', 'options' => $recipientEmail, 'label' => 'Recipient Email')); ?>
|
||||
</div>
|
||||
<div id="orgNameList" class="hideAble">
|
||||
<?php echo $this->Form->input('orgNameList', array('type' => 'select', 'options' => $orgName, 'label' => 'Recipient Organisation Name')); ?>
|
||||
</div>
|
||||
</div>
|
||||
<div id="customMessage" class="row-fluid hideAble">
|
||||
<?php
|
||||
|
|
@ -64,13 +67,33 @@ $("#customMessage").change(setAll);
|
|||
$("#action").change(populateSubject);
|
||||
var subjects = [];
|
||||
var standardTexts = [];
|
||||
var submitAllowed = false;
|
||||
$(document).ready(function() {
|
||||
var org = "<?php echo $org;?>";
|
||||
subjects = ["", "[" + org + " MISP] " + "<?php echo __('New user registration');?>" , "[" + org + " MISP] " + "<?php echo __('Password reset');?>"];
|
||||
standardTexts = ['', '<?php echo h($newUserText); ?>', '<?php echo h($passwordResetText); ?>'];
|
||||
//setAll();
|
||||
setAll();
|
||||
|
||||
// Confirm before submit
|
||||
$('#UserAdminEmailForm').submit(function(e) {
|
||||
var url = '<?php echo $baseurl; ?>/admin/users/email/true?';
|
||||
url += 'recipient=' + $('#recipient').val();
|
||||
url += '&recipientEmailList=' + $('#UserRecipientEmailList').val();
|
||||
url += '&orgNameList=' + $('#UserOrgNameList').val();
|
||||
$.get(url, function(data) {
|
||||
$("#confirmation_box").html(data);
|
||||
openPopup("#confirmation_box");
|
||||
});
|
||||
return submitAllowed;
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
function submitMailsForm() {
|
||||
submitAllowed = true;
|
||||
$('#UserAdminEmailForm').submit();
|
||||
}
|
||||
|
||||
function populateSubject() {
|
||||
$("#UserSubject").val(subjects[$("#action").val()]);
|
||||
$("#UserMessage").html(standardTexts[$("#action").val()]).text();
|
||||
|
|
@ -82,6 +105,7 @@ function setAll() {
|
|||
if ($("#action option:selected").val() == 0) $("#subject").show();
|
||||
else $("#customMessage").show();
|
||||
if ($("#recipient option:selected").val() == 0) $("#recipientEmailList").show();
|
||||
if ($("#recipient option:selected").val() == 2) $("#orgNameList").show();
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,17 @@
|
|||
<div class="confirmation">
|
||||
<legend><?php echo __('Confirm sending'); ?> </legend>
|
||||
<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
|
||||
<p><?php echo __('You are about to send a mail to %s recipient(s)?', '<strong>' . h($emailsCount) . '</strong>'); ?></p>
|
||||
<div>
|
||||
<select multiple=1 size=15 style="width: 100%">
|
||||
<?php foreach($emails as $email): ?>
|
||||
<option><?php echo h($email); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</div>
|
||||
<div>
|
||||
<span role="button" tabindex="0" aria-label="<?php echo __('Send');?>" title="<?php echo __('Send');?>" class="btn btn-primary" id="PromptYesButton" onClick="submitMailsForm();"><?php echo __('Send');?></span>
|
||||
<span role="button" tabindex="0" aria-label="<?php echo __('Cancel');?>" title="<?php echo __('Cancel');?>" class="btn btn-inverse" id="PromptNoButton" style="float:right;" onClick="cancelPrompt();"><?php echo __('Cancel');?></span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -1 +1 @@
|
|||
Subproject commit 34bee5f3bb4953fb00d75e1cb11c346659a692df
|
||||
Subproject commit 162802f486427933f5cd0602dd4cf62e24f145ae
|
||||
|
|
@ -650,7 +650,7 @@ class StixParser():
|
|||
return tags
|
||||
|
||||
def parse_TLP_marking(self, marking):
|
||||
return 'tlp:{}'.format(marking.color.lower())
|
||||
return ['tlp:{}'.format(marking.color.lower())]
|
||||
|
||||
################################################################################
|
||||
## FUNCTIONS HANDLING PARSED DATA, USED BY BOTH SUBCLASSES. ##
|
||||
|
|
@ -727,7 +727,7 @@ class StixParser():
|
|||
@staticmethod
|
||||
def fetch_uuid(object_id):
|
||||
try:
|
||||
return "-".join(object_id.split("-")[1:])
|
||||
return "-".join(object_id.split("-")[-5:])
|
||||
except Exception:
|
||||
return str(uuid.uuid4())
|
||||
|
||||
|
|
|
|||
|
|
@ -1257,6 +1257,10 @@ a.proposal_link_red:hover {
|
|||
cursor: hand;
|
||||
}
|
||||
|
||||
.underline {
|
||||
text-decoration: underline;
|
||||
}
|
||||
|
||||
.template_general {
|
||||
display:inline-block;
|
||||
width: 100%;
|
||||
|
|
|
|||
|
|
@ -2866,6 +2866,15 @@ $(".eventViewAttributePopup").click(function() {
|
|||
}
|
||||
});
|
||||
|
||||
function flashErrorPopover() {
|
||||
$('#popover_form').css( "minWidth", "200px");
|
||||
$('#popover_form').html($('#flashErrorMessage').html());
|
||||
$('#popover_form').show();
|
||||
var left = ($(window).width() / 2) - ($('#popover_form').width() / 2);
|
||||
$('#popover_form').css({'left': left + 'px'});
|
||||
$("#gray_out").fadeIn();
|
||||
}
|
||||
|
||||
$(".eventViewAttributeHover").mouseenter(function() {
|
||||
$('.popover').remove();
|
||||
type = $(this).attr('data-object-type');
|
||||
|
|
|
|||
|
|
@ -391,7 +391,7 @@ sudo sed -i -e '$i \sudo -u www-data /var/www/MISP/venv/bin/misp-modules -l 127.
|
|||
sudo -u www-data bash $PATH_TO_MISP/app/Console/worker/start.sh
|
||||
|
||||
# some misp-modules dependencies
|
||||
sudo apt-get install -y libpq5 libjpeg-dev libfuzzy-dev
|
||||
sudo apt-get install -y libfuzzy-dev python3-dev python3-pip libpq5 libjpeg-dev tesseract-ocr imagemagick
|
||||
|
||||
sudo chmod 2775 /usr/local/src
|
||||
sudo chown root:staff /usr/local/src
|
||||
|
|
|
|||
|
|
@ -125,6 +125,8 @@ sudo -u www-data git submodule foreach --recursive git config core.filemode fals
|
|||
sudo -u www-data git config core.filemode false
|
||||
|
||||
# Create a python3 virtualenv
|
||||
sudo apt-get install python3-pip
|
||||
pip3 install virtualenv
|
||||
sudo -u www-data virtualenv -p python3.6 ${PATH_TO_MISP}/venv
|
||||
|
||||
# make pip happy
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ set -x
|
|||
AUTH="$1"
|
||||
|
||||
curl -i -H "Accept: application/json" -H "content-type: application/json" -H "Authorization: $AUTH" --data "@event.json" -X POST http://misp.local/events
|
||||
curl -H "Authorization: $AUTH" -X GET http://misp.local/events/csv/download/1 | sed -e 's/^M//g' | cut -d, -f2 --complement | sort > 1.csv
|
||||
curl -H "Authorization: $AUTH" -X GET http://misp.local/events/csv/download/1/ignore:1 | sed -e 's/^M//g' | cut -d, -f2 --complement | sort > 1.csv
|
||||
cat 1.csv
|
||||
cut -d, -f2 --complement event.csv | sort > compare.csv
|
||||
diff compare.csv 1.csv
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ echo '-- Starting MISP restore process'
|
|||
|
||||
FILE=./misp-backup.conf
|
||||
|
||||
if [ -f $1 ];
|
||||
if [ ! -z $1 ] && [ -f $1 ];
|
||||
then
|
||||
BackupFile=$1
|
||||
else
|
||||
|
|
|
|||
Loading…
Reference in New Issue