Merge pull request #4252 from mokaddem/sightingFiltering

Sighting filtering
pull/3660/merge
Steve Clement 2019-03-28 14:50:15 +01:00 committed by GitHub
commit b2191c9927
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 91 additions and 17 deletions

View File

@ -26,7 +26,7 @@ class EventsController extends AppController
);
private $acceptedFilteringNamedParams = array('sort', 'direction', 'focus', 'extended', 'overrideLimit', 'filterColumnsOverwrite', 'attributeFilter', 'extended', 'page',
'searchFor', 'proposal', 'correlation', 'warning', 'deleted', 'includeRelatedTags', 'distribution', 'taggedAttributes', 'galaxyAttachedAttributes', 'objectType', 'attributeType', 'focus', 'extended', 'overrideLimit', 'filterColumnsOverwrite', 'feed', 'server', 'toIDS'
'searchFor', 'proposal', 'correlation', 'warning', 'deleted', 'includeRelatedTags', 'distribution', 'taggedAttributes', 'galaxyAttachedAttributes', 'objectType', 'attributeType', 'focus', 'extended', 'overrideLimit', 'filterColumnsOverwrite', 'feed', 'server', 'toIDS', 'sighting'
);
public $defaultFilteringRules = array(
@ -41,6 +41,7 @@ class EventsController extends AppController
'feed' => 0,
'server' => 0,
'distribution' => array(0, 1, 2, 3, 4, 5),
'sighting' => 0,
'taggedAttributes' => '',
'galaxyAttachedAttributes' => ''
);
@ -1134,7 +1135,9 @@ class EventsController extends AppController
$filters['sort'] = 'timestamp';
$filters['direction'] = 'desc';
}
$params = $this->Event->rearrangeEventForView($event, $filters, $all);
$sightingsData = $this->Event->getSightingData($event);
$this->set('sightingsData', $sightingsData);
$params = $this->Event->rearrangeEventForView($event, $filters, $all, $sightingsData);
$this->params->params['paging'] = array($this->modelClass => $params);
// workaround to get the event dates in to the attribute relations
$relatedDates = array();
@ -1165,8 +1168,6 @@ class EventsController extends AppController
$this->set($variable, $currentModel->{$variable});
}
}
$sightingsData = $this->Event->getSightingData($event);
$this->set('sightingsData', $sightingsData);
if (Configure::read('Plugin.Enrichment_services_enable')) {
$this->loadModel('Module');
$modules = $this->Module->getEnabledModules($this->Auth->user());
@ -1380,7 +1381,9 @@ class EventsController extends AppController
}
}
unset($modificationMap);
$params = $this->Event->rearrangeEventForView($event, $filters);
$sightingsData = $this->Event->getSightingData($event);
$this->set('sightingsData', $sightingsData);
$params = $this->Event->rearrangeEventForView($event, $filters, false, $sightingsData);
$this->params->params['paging'] = array($this->modelClass => $params);
$this->set('event', $event);
@ -1423,8 +1426,6 @@ class EventsController extends AppController
'recursive' => -1,
'contain' => array('Org', 'RequesterOrg'))));
}
$sightingsData = $this->Event->getSightingData($event);
$this->set('sightingsData', $sightingsData);
if (Configure::read('Plugin.Enrichment_services_enable')) {
$this->loadModel('Module');
$modules = $this->Module->getEnabledModules($this->Auth->user());

View File

@ -4412,7 +4412,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
$filterType = false,
&$eventWarnings,
$warningLists
$warningLists,
$sightingsData
) {
$attribute['objectType'] = 'attribute';
$include = true;
@ -4462,6 +4463,15 @@ class Event extends AppModel
$include = $include && ($filterType['server'] == 2);
}
/* sightings */
if ($filterType['sighting'] == 0) { // `both`
// pass, do not consider as `both` is selected
} else if (isset($sightingsData['data'][$attribute['id']])) { // `include only`
$include = $include && ($filterType['sighting'] == 1);
} else { // `exclude`
$include = $include && ($filterType['sighting'] == 2);
}
/* TypeGroupings */
if (
$filterType['attributeFilter'] != 'all'
@ -4574,7 +4584,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
$filterType = false,
&$eventWarnings,
$warningLists
$warningLists,
$sightingsData
) {
$object['category'] = $object['meta-category'];
$proposal['objectType'] = 'object';
@ -4590,7 +4601,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
false,
$eventWarnings,
$warningLists
$warningLists,
$sightingsData
);
if ($result['include']) {
$temp[] = $result['data'];
@ -4604,16 +4616,17 @@ class Event extends AppModel
|| $filterType['correlation'] != 0
|| $filterType['proposal'] != 0
|| $filterType['warning'] != 0
|| $filterType['sighting'] != 0
|| $filterType['feed'] != 0
|| $filterType['server'] != 0
) {
$include = $this->__checkObjectByFilter($object, $filterType, $correlatedAttributes, $correlatedShadowAttributes);
$include = $this->__checkObjectByFilter($object, $filterType, $correlatedAttributes, $correlatedShadowAttributes, $sightingsData);
}
return array('include' => $include, 'data' => $object);
}
private function __checkObjectByFilter($object, $filterType, $correlatedAttributes, $correlatedShadowAttributes)
private function __checkObjectByFilter($object, $filterType, $correlatedAttributes, $correlatedShadowAttributes, $sightingsData)
{
$include = true;
@ -4697,6 +4710,35 @@ class Event extends AppModel
}
}
/* sighting */
if ($filterType['sighting'] == 0) { // `both`
// pass, do not consider as `both` is selected
} else if ($filterType['sighting'] == 1 || $filterType['sighting'] == 2) {
$flagKeep = false;
foreach ($object['Attribute'] as $k => $attribute) { // check if object contains at least 1 warning
if (isset($sightingsData['data'][$attribute['id']])) {
$flagKeep = ($filterType['sighting'] == 1); // keep if server are included
} else {
$flagKeep = ($filterType['sighting'] == 2); // keep if server are excluded
}
if (!$flagKeep && !empty($attribute['ShadowAttribute'])) {
foreach ($attribute['ShadowAttribute'] as $shadowAttribute) {
if (isset($sightingsData['data'][$attribute['id']])) {
$flagKeep = ($filterType['sighting'] == 1); // do not keep if server are excluded
break;
}
}
}
if ($flagKeep) {
break;
}
}
if (!$flagKeep) {
$include = false;
return $include;
}
}
/* feed */
if ($filterType['feed'] == 0) { // `both`
// pass, do not consider as `both` is selected
@ -4790,7 +4832,7 @@ class Event extends AppModel
return $object;
}
public function rearrangeEventForView(&$event, $passedArgs = array(), $all = false)
public function rearrangeEventForView(&$event, $passedArgs = array(), $all = false, $sightingsData=array())
{
$this->Warninglist = ClassRegistry::init('Warninglist');
$warningLists = $this->Warninglist->fetchForEventView();
@ -4807,6 +4849,7 @@ class Event extends AppModel
'warning' => isset($passedArgs['warning']) ? $passedArgs['warning'] : 0,
'deleted' => isset($passedArgs['deleted']) ? $passedArgs['deleted'] : 0,
'toIDS' => isset($passedArgs['toIDS']) ? $passedArgs['toIDS'] : 0,
'sighting' => isset($passedArgs['sighting']) ? $passedArgs['sighting'] : 0,
'feed' => isset($passedArgs['feed']) ? $passedArgs['feed'] : 0,
'server' => isset($passedArgs['server']) ? $passedArgs['server'] : 0
);
@ -4827,7 +4870,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
$filterType,
$eventWarnings,
$warningLists
$warningLists,
$sightingsData
);
if ($result['include']) {
$event['objects'][] = $result['data'];
@ -4855,7 +4899,8 @@ class Event extends AppModel
$correlatedShadowAttributes,
$filterType,
$eventWarnings,
$warningLists
$warningLists,
$sightingsData
);
if ($result['include']) {
$event['objects'][] = $result['data'];

View File

@ -182,6 +182,21 @@ function triggerEventFilteringTool(clicked) {
5: "Inherit",
}
},
{
"input": "radio",
"type": "integer",
"operators": [
"equal",
],
"unique": true,
"id": "sighting",
"label": "Sightings",
"values": {
0: "Both",
1: "Have sighting(s) only",
2: "Doesn\'t have sighting(s)"
}
},
<?php if (!empty($attributeTags)): ?>
{
"input": "select",
@ -305,6 +320,13 @@ function triggerEventFilteringTool(clicked) {
value: <?php echo isset($filters['server']) ? h($filters['server']) : 0; ?>
},
<?php endif; ?>
<?php if (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['sighting'])): ?>
{
field: 'sighting',
id: 'sighting',
value: <?php echo isset($filters['sighting']) ? h($filters['sighting']) : 0; ?>
},
<?php endif; ?>
<?php if (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['distribution'])): ?>
{
field: 'distribution',

View File

@ -172,9 +172,15 @@
</td>
<?php endif; ?>
<?php if (Configure::read('MISP.showSightingsCountOnIndex')):?>
<td class = "bold" style="width:30px;" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'" title="<?php echo (!empty($event['Event']['sightings_count']) ? h($event['Event']['sightings_count']) : '0') . ' sighting(s)';?>">
<?php echo !empty($event['Event']['sightings_count']) ? h($event['Event']['sightings_count']) : ''; ?>&nbsp;
<td class = "bold" style="width:30px;">
<?php if (!empty($event['Event']['sightings_count'])): ?>
<a href="<?php echo $baseurl."/events/view/" . h($event['Event']['id']) . '/sighting:1';?>" title="<?php echo (!empty($event['Event']['sightings_count']) ? h($event['Event']['sightings_count']) : '0') . ' sighting(s). Show filtered event with sighting(s) only.';?>">
<?php echo h($event['Event']['sightings_count']); ?>&nbsp;
</a>
<?php endif; ?>
</td>
<?php endif; ?>
<?php if (Configure::read('MISP.showProposalsOnIndex')): ?>
<td class = "bold" style="width:30px;" ondblclick="location.href ='<?php echo $baseurl."/events/view/".$event['Event']['id'];?>'" title="<?php echo (!empty($event['Event']['proposals_count']) ? h($event['Event']['proposals_count']) : '0') . __(' proposal(s)');?>">