Merge branch 'hotfix-2.3.104' into develop

2015-08-05 00:13:42 +02:00 · 2015-08-05 00:13:42 +02:00 · bf6d7dc552
parent 181160af2d 7e10eb7b46
commit bf6d7dc552
5 changed files with 35 additions and 11 deletions
--- a/INSTALL/INSTALL.ubuntu1404.txt
+++ b/INSTALL/INSTALL.ubuntu1404.txt
@ -27,7 +27,7 @@ Once the system is installed you can perform the following steps as root:
 apt-get install vim

 # Install the dependencies:
-apt-get install zip php-pear git redis-server make python-dev python-pip libxml2-dev libxslt-dev zlib1g-dev php5-dev libapache2-mod-php5
+apt-get install zip php-pear git redis-server make python-dev python-pip libxml2-dev libxslt1-dev zlib1g-dev php5-dev libapache2-mod-php5 curl
 pear install Crypt_GPG    # we need version >1.3.0 
 pear install Net_GeoIP

--- a/VERSION.json
+++ b/VERSION.json
@ -1 +1 @@
-{"major":2, "minor":3, "hotfix":103}
+{"major":2, "minor":3, "hotfix":104}
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@ -3231,6 +3231,7 @@ class EventsController extends AppController {
 	// API for pushing samples to MISP
 	// Either send it to an existing event, or let MISP create a new one automatically
 	public function upload_sample($event_id = null) {
+		$this->loadModel('Log');
 		$hashes = array('md5' => 'malware-sample', 'sha1' => 'filename|sha1', 'sha256' => 'filename|sha256');
 		$categoryDefinitions = $this->Event->Attribute->categoryDefinitions;
 		$types = array();
@ -3239,7 +3240,7 @@ class EventsController extends AppController {
 		}
 		$parameter_options = array(
 				'distribution' => array('valid_options' => array(0, 1, 2, 3), 'default' => 0),
-				'threat_level_id' => array('valid_options' => array(0, 1, 2 ,3), 'default' => 4),
+				'threat_level_id' => array('valid_options' => array(1, 2, 3, 4), 'default' => 4),
 				'analysis' => array('valid_options' => array(0, 1, 2), 'default' => 0),
 				'info' => array('default' =>  'Malware samples uploaded on ' . date('Y-m-d')),
 				'to_ids' => array('valid_options' => array(0, 1), 'default' => 1),
@ -3309,13 +3310,23 @@ class EventsController extends AppController {
 					'user_id' => $this->Auth->user('id'),
 				)
 			);
-			if (!$result) throw new BadRequestException('The creation of a new event with the supplied information has failed.');
+			if (!$result) {
+				$this->Log->save(array(
+						'org' => $this->Auth->user('org'),
+						'model' => 'Event',
+						'model_id' => 0,
+						'email' => $this->Auth->user('email'),
+						'action' => 'upload_sample',
+						'user_id' => $this->Auth->user('id'),
+						'title' => 'Error: Failed to create event using the upload sample functionality',
+						'change' => 'There was an issue creating an event (' . $data['info'] . '). The validation errors were: ' . json_encode($this->Event->validationErrors),
+				));
+				throw new BadRequestException('The creation of a new event with the supplied information has failed.');
+			}
 			$data['event_id'] = $this->Event->id;
 		}

 		if (!isset($data['to_ids']) || !in_array($data['to_ids'], array('0', '1', 0, 1))) $data['to_ids'] = 1;
-
-
 		foreach ($data['files'] as $file) {
 			$temp = $this->Event->Attribute->handleMaliciousBase64($data['event_id'], $file['filename'], $file['data'], array_keys($hashes));
 			if ($temp['success']) {
@ -3333,7 +3344,19 @@ class EventsController extends AppController {
 							'to_ids' => $data['to_ids']
 					);
 					if ($hash == 'md5') $attribute['data'] = $file['data'];
-					$this->Event->Attribute->save($attribute);
+					$result = $this->Event->Attribute->save($attribute);
+					if (!$result) {
+						$this->Log->save(array(
+								'org' => $this->Auth->user('org'),
+								'model' => 'Event',
+								'model_id' => $data['event_id'],
+								'email' => $this->Auth->user('email'),
+								'action' => 'upload_sample',
+								'user_id' => $this->Auth->user('id'),
+								'title' => 'Error: Failed to create attribute using the upload sample functionality',
+								'change' => 'There was an issue creating an attribute (' . $typeName . ': ' . $file['filename'] . '|' . $file[$hash] . '). ' . 'The validation errors were: ' . json_encode($this->Event->Attribute->validationErrors),
+						));
+					}
 				}
 			}
 		}
--- a/app/Model/Event.php
+++ b/app/Model/Event.php
@ -169,8 +169,8 @@ class Event extends AppModel {
 		),
 		'threat_level_id' => array(
 			'notempty' => array(
-				'rule' => array('notempty'),
-				//'message' => 'Please specify threat level',
+				'rule' => array('inList', array('1', '2', '3', '4')),
+				'message' => 'Options : 1, 2, 3, 4 (for High, Medium, Low, Undefined)',
 				'required' => true
 			),
 		),
@ -186,7 +186,7 @@ class Event extends AppModel {
 		),
 		'analysis' => array(
 			'rule' => array('inList', array('0', '1', '2')),
-				'message' => 'Options : 0, 1, 2',
+				'message' => 'Options : 0, 1, 2 (for Initial, Ongoing, Completed)',
 				//'allowEmpty' => false,
 				'required' => true,
 				//'last' => false, // Stop validation after this rule
--- a/app/Model/Log.php
+++ b/app/Model/Log.php
@ -26,7 +26,8 @@ class Log extends AppModel {
 							'admin_email',
 							'email',
 							'serverSettingsEdit',
-							'remove_dead_workers'
+							'remove_dead_workers',
+							'upload_sample'
 						)),
 			'message' => 'Options : ...'
 		)