mirror of https://github.com/MISP/MISP
chg: [i18n] More __();
parent
6c7081ede8
commit
c607729e18
|
@ -127,14 +127,14 @@ class AttributesController extends AppController {
|
|||
if ($this->request->is('get') && $this->_isRest()) {
|
||||
return $this->RestResponse->describe('Attributes', 'add', false, $this->response->type());
|
||||
}
|
||||
if ($eventId === false) throw new MethodNotAllowedException('No event ID set.');
|
||||
if ($eventId === false) throw new MethodNotAllowedException(__('No event ID set.'));
|
||||
if (!$this->userRole['perm_add']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permissions to create attributes');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permissions to create attributes'));
|
||||
}
|
||||
$this->loadModel('Event');
|
||||
if (Validation::uuid($eventId)) {
|
||||
$temp = $this->Event->find('first', array('recursive' => -1, 'fields' => array('Event.id'), 'conditions' => array('Event.uuid' => $eventId)));
|
||||
if (empty($temp)) throw new NotFoundException('Invalid event');
|
||||
if (empty($temp)) throw new NotFoundException(__('Invalid event'));
|
||||
$eventId = $temp['Event']['id'];
|
||||
} else if (!is_numeric($eventId)) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
@ -147,7 +147,7 @@ class AttributesController extends AppController {
|
|||
$this->Event->recursive = -1;
|
||||
$this->Event->read(null, $eventId);
|
||||
if (!$this->_isSiteAdmin() && ($this->Event->data['Event']['orgc_id'] != $this->_checkOrg() || !$this->userRole['perm_modify'])) {
|
||||
throw new UnauthorizedException('You do not have permission to do that.');
|
||||
throw new UnauthorizedException(__('You do not have permission to do that.'));
|
||||
}
|
||||
if (!$this->_isRest()) $this->Event->insertLock($this->Auth->user(), $this->Event->data['Event']['id']);
|
||||
if ($this->request->is('ajax')) {
|
||||
|
@ -393,7 +393,7 @@ class AttributesController extends AppController {
|
|||
($this->Attribute->data['Event']['distribution'] == 0 ||
|
||||
$this->Attribute->data['Attribute']['distribution'] == 0
|
||||
)) {
|
||||
throw new UnauthorizedException('You do not have the permission to view this event.');
|
||||
throw new UnauthorizedException(__('You do not have the permission to view this event.'));
|
||||
}
|
||||
$this->__downloadAttachment($this->Attribute->data['Attribute']);
|
||||
}
|
||||
|
@ -431,7 +431,7 @@ class AttributesController extends AppController {
|
|||
$this->Event->recursive = -1;
|
||||
$this->Event->read();
|
||||
if (!$this->_isSiteAdmin() && ($this->Event->data['Event']['orgc_id'] != $this->_checkOrg() || !$this->userRole['perm_modify'])) {
|
||||
throw new UnauthorizedException('You do not have permission to do that.');
|
||||
throw new UnauthorizedException(__('You do not have permission to do that.'));
|
||||
}
|
||||
$partialFails = array();
|
||||
$fails = array();
|
||||
|
@ -446,7 +446,7 @@ class AttributesController extends AppController {
|
|||
(!empty($value['tmp_name']) && $value['tmp_name'] != 'none')
|
||||
) {
|
||||
if (!is_uploaded_file($tmpfile->path))
|
||||
throw new InternalErrorException('PHP says file was not uploaded. Are you attacking me?');
|
||||
throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?'));
|
||||
} else {
|
||||
$fails[] = $filename;
|
||||
continue;
|
||||
|
@ -583,7 +583,7 @@ class AttributesController extends AppController {
|
|||
$this->Event->recursive = -1;
|
||||
$this->Event->read();
|
||||
if (!$this->_isSiteAdmin() && ($this->Event->data['Event']['orgc_id'] != $this->_checkOrg() || !$this->userRole['perm_modify'])) {
|
||||
throw new UnauthorizedException('You do not have permission to do that.');
|
||||
throw new UnauthorizedException(__('You do not have permission to do that.'));
|
||||
}
|
||||
//
|
||||
// File upload
|
||||
|
@ -594,7 +594,7 @@ class AttributesController extends AppController {
|
|||
(!empty( $this->request->data['Attribute']['value']['tmp_name']) && $this->request->data['Attribute']['value']['tmp_name'] != 'none')
|
||||
) {
|
||||
if (!is_uploaded_file($tmpfile->path))
|
||||
throw new InternalErrorException('PHP says file was not uploaded. Are you attacking me?');
|
||||
throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?'));
|
||||
} else {
|
||||
$this->Flash->error(__('There was a problem to upload the file.', true), 'default', array(), 'error');
|
||||
$this->redirect(array('controller' => 'attributes', 'action' => 'add_threatconnect', $this->request->data['Attribute']['event_id']));
|
||||
|
@ -622,6 +622,7 @@ class AttributesController extends AppController {
|
|||
// verify header of the file (first row)
|
||||
$required_headers = array('Type', 'Value', 'Confidence', 'Description', 'Source');
|
||||
|
||||
// TODO i18n
|
||||
if (count(array_intersect($header, $required_headers)) != count($required_headers)) {
|
||||
$this->Flash->error('Incorrect ThreatConnect headers. The minimum required headers are: '.implode(',', $required_headers), 'default', array(), 'error');
|
||||
$this->redirect(array('controller' => 'attributes', 'action' => 'add_threatconnect', $this->request->data['Attribute']['event_id']));
|
||||
|
@ -764,7 +765,7 @@ class AttributesController extends AppController {
|
|||
if (Validation::uuid($id)) {
|
||||
$this->Attribute->recursive = -1;
|
||||
$temp = $this->Attribute->findByUuid($id);
|
||||
if ($temp == null) throw new NotFoundException('Invalid attribute');
|
||||
if ($temp == null) throw new NotFoundException(__('Invalid attribute'));
|
||||
$id = $temp['Attribute']['id'];
|
||||
} else if (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid attribute'));
|
||||
|
@ -813,11 +814,11 @@ class AttributesController extends AppController {
|
|||
// carry on with adding this attribute - Don't forget! if orgc!=user org, create shadow attribute, not attribute!
|
||||
} else {
|
||||
// the old one is newer or the same, replace the request's attribute with the old one
|
||||
throw new MethodNotAllowedException('Attribute could not be saved: Attribute in the request not newer than the local copy.');
|
||||
throw new MethodNotAllowedException(__('Attribute could not be saved: Attribute in the request not newer than the local copy.'));
|
||||
}
|
||||
} else {
|
||||
if ($this->_isRest() || $this->response->type() === 'application/json') {
|
||||
throw new NotFoundException('Invalid attribute.');
|
||||
throw new NotFoundException(__('Invalid attribute.'));
|
||||
} else {
|
||||
$this->Flash->error(__('Invalid attribute.'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'index'));
|
||||
|
@ -829,7 +830,7 @@ class AttributesController extends AppController {
|
|||
'conditions' => array('Event.id' => $eventId)
|
||||
));
|
||||
if (empty($event)) {
|
||||
throw new NotFoundException('Invalid Event.');
|
||||
throw new NotFoundException(__('Invalid Event.'));
|
||||
}
|
||||
if ($existingAttribute['Attribute']['object_id']) {
|
||||
$result = $this->Attribute->save($this->request->data, array('Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.comment', 'Attribute.distribution', 'Attribute.sharing_group_id'));
|
||||
|
@ -958,7 +959,7 @@ class AttributesController extends AppController {
|
|||
if (Validation::uuid($id)) {
|
||||
$this->Attribute->recursive = -1;
|
||||
$temp = $this->Attribute->findByUuid($id);
|
||||
if ($temp == null) throw new NotFoundException('Invalid attribute');
|
||||
if ($temp == null) throw new NotFoundException(__('Invalid attribute'));
|
||||
$id = $temp['Attribute']['id'];
|
||||
} else if (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid event id.'));
|
||||
|
@ -987,12 +988,12 @@ class AttributesController extends AppController {
|
|||
if (empty($this->request->data['Attribute'])) {
|
||||
$this->request->data = array('Attribute' => $this->request->data);
|
||||
if (empty($this->request->data['Attribute'])) {
|
||||
throw new MethodNotAllowedException('Invalid input.');
|
||||
throw new MethodNotAllowedException(__('Invalid input.'));
|
||||
}
|
||||
}
|
||||
foreach ($this->request->data['Attribute'] as $changedKey => $changedField) {
|
||||
if (!in_array($changedKey, $validFields)) {
|
||||
throw new MethodNotAllowedException('Invalid field.');
|
||||
throw new MethodNotAllowedException(__('Invalid field.'));
|
||||
}
|
||||
if ($attribute['Attribute'][$changedKey] == $changedField) {
|
||||
$this->autoRender = false;
|
||||
|
@ -1031,7 +1032,7 @@ class AttributesController extends AppController {
|
|||
'conditions' => array('Attribute.uuid' => $id),
|
||||
'fields' => array('Attribute.id', 'Attribute.uuid')
|
||||
));
|
||||
if (empty($temp)) throw new NotFoundException('Invalid attribute');
|
||||
if (empty($temp)) throw new NotFoundException(__('Invalid attribute'));
|
||||
$id = $temp['Attribute']['id'];
|
||||
} else if (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid attribute id.'));
|
||||
|
@ -1105,7 +1106,7 @@ class AttributesController extends AppController {
|
|||
}
|
||||
} else {
|
||||
if ($this->_isRest() || $this->response->type() === 'application/json') {
|
||||
throw new Exception('Attribute was not deleted');
|
||||
throw new Exception(__('Attribute was not deleted'));
|
||||
} else {
|
||||
$this->Flash->error(__('Attribute was not deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
|
@ -1129,7 +1130,7 @@ class AttributesController extends AppController {
|
|||
));
|
||||
if (empty($attribute) || !$this->userRole['perm_site_admin'] && $this->Auth->user('org_id') != $attribute['Event']['orgc_id']) {
|
||||
if ($this->request->is('ajax')) return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'Invalid Attribute')), 'type' => 'json', 'status'=>200));
|
||||
else throw new MethodNotAllowedException('Invalid Attribute');
|
||||
else throw new MethodNotAllowedException(__('Invalid Attribute'));
|
||||
}
|
||||
if (!$this->_isRest()) $this->Attribute->Event->insertLock($this->Auth->user(), $attribute['Attribute']['event_id']);
|
||||
if ($this->request->is('ajax')) {
|
||||
|
@ -1147,7 +1148,7 @@ class AttributesController extends AppController {
|
|||
if ($this->Attribute->restore($id, $this->Auth->user())) {
|
||||
$this->Attribute->__alterAttributeCount($this->data['Attribute']['event_id']);
|
||||
$this->redirect(array('action' => 'view', $id));
|
||||
} else throw new NotFoundException('Could not restore the attribute');
|
||||
} else throw new NotFoundException(__('Could not restore the attribute'));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1165,17 +1166,17 @@ class AttributesController extends AppController {
|
|||
'fields' => array('Event.*')
|
||||
)),
|
||||
));
|
||||
if (empty($result)) throw new MethodNotAllowedException('Attribute not found or not authorised.');
|
||||
if (empty($result)) throw new MethodNotAllowedException(__('Attribute not found or not authorised.'));
|
||||
|
||||
// check for permissions
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if ($result['Event']['locked']) {
|
||||
if ($this->Auth->user('org_id') != $result['Event']['org_id'] || !$this->userRole['perm_sync']) {
|
||||
throw new MethodNotAllowedException('Attribute not found or not authorised.');
|
||||
throw new MethodNotAllowedException(__('Attribute not found or not authorised.'));
|
||||
}
|
||||
} else {
|
||||
if ($this->Auth->user('org_id') != $result['Event']['orgc_id']) {
|
||||
throw new MethodNotAllowedException('Attribute not found or not authorised.');
|
||||
throw new MethodNotAllowedException(__('Attribute not found or not authorised.'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1224,7 +1225,7 @@ class AttributesController extends AppController {
|
|||
if ($this->request->is('get')) {
|
||||
return $this->RestResponse->describe('Attributes', 'deleteSelected', false, $this->response->type());
|
||||
}
|
||||
throw new MethodNotAllowedException('This function is only accessible via POST requests.');
|
||||
throw new MethodNotAllowedException(__('This function is only accessible via POST requests.'));
|
||||
}
|
||||
// get a json object with a list of attribute IDs to be deleted
|
||||
// check each of them and return a json object with the successful deletes and the failed ones.
|
||||
|
@ -1241,7 +1242,7 @@ class AttributesController extends AppController {
|
|||
$ids = json_decode($this->request->data['Attribute']['ids_delete']);
|
||||
}
|
||||
if (empty($id)) {
|
||||
throw new MethodNotAllowedException('No event ID set.');
|
||||
throw new MethodNotAllowedException(__('No event ID set.'));
|
||||
}
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
$event = $this->Attribute->Event->find('first', array(
|
||||
|
@ -1250,7 +1251,7 @@ class AttributesController extends AppController {
|
|||
'fields' => array('id', 'orgc_id', 'user_id')
|
||||
));
|
||||
if ($event['Event']['orgc_id'] != $this->Auth->user('org_id') || (!$this->userRole['perm_modify_org'] && !($this->userRole['perm_modify'] && $event['Event']['user_id'] == $this->Auth->user('id')))) {
|
||||
throw new MethodNotAllowedException('Invalid Event.');
|
||||
throw new MethodNotAllowedException(__('Invalid Event.'));
|
||||
}
|
||||
}
|
||||
if (empty($ids)) $ids = -1;
|
||||
|
@ -1272,7 +1273,7 @@ class AttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
if (empty($attributes)) {
|
||||
throw new NotFoundException('No matching attributes found.');
|
||||
throw new NotFoundException(__('No matching attributes found.'));
|
||||
}
|
||||
$successes = array();
|
||||
foreach ($attributes as $a) {
|
||||
|
@ -1301,7 +1302,7 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
public function editSelected($id) {
|
||||
if (!$this->request->is('ajax')) throw new MethodNotAllowedException('This method can only be accessed via AJAX.');
|
||||
if (!$this->request->is('ajax')) throw new MethodNotAllowedException(__('This method can only be accessed via AJAX.'));
|
||||
|
||||
if ($this->request->is('post')) {
|
||||
$event = $this->Attribute->Event->find('first', array(
|
||||
|
@ -1311,7 +1312,7 @@ class AttributesController extends AppController {
|
|||
));
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if ($event['Event']['orgc_id'] != $this->Auth->user('org_id') || (!$this->userRole['perm_modify_org'] && !($this->userRole['perm_modify'] && $event['user_id'] == $this->Auth->user('id')))) {
|
||||
throw new MethodNotAllowedException('You are not authorized to edit this event.');
|
||||
throw new MethodNotAllowedException(__('You are not authorized to edit this event.'));
|
||||
}
|
||||
}
|
||||
$attribute_ids = json_decode($this->request->data['Attribute']['attribute_ids']);
|
||||
|
@ -1373,7 +1374,7 @@ class AttributesController extends AppController {
|
|||
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'validationErrors' => $this->Attribute->validationErrors)), 'status' => 200, 'type' => 'json'));
|
||||
}
|
||||
} else {
|
||||
if (!isset($id)) throw new MethodNotAllowedException('No event ID provided.');
|
||||
if (!isset($id)) throw new MethodNotAllowedException(__('No event ID provided.'));
|
||||
$this->layout = 'ajax';
|
||||
$this->set('id', $id);
|
||||
$this->set('sgs', $this->Attribute->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', true));
|
||||
|
@ -1925,11 +1926,11 @@ class AttributesController extends AppController {
|
|||
if ($key != null && strlen($key) == 40) {
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
$key = strtolower($key);
|
||||
if (!$this->Auth->user()) throw new UnauthorizedException('You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml.');
|
||||
if (!$this->Auth->user()) throw new UnauthorizedException(__('You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml.'));
|
||||
}
|
||||
// request handler for POSTed queries. If the request is a post, the parameters (apart from the key) will be ignored and replaced by the terms defined in the posted json or xml object.
|
||||
// The correct format for both is a "request" root element, as shown by the examples below:
|
||||
|
@ -1939,16 +1940,16 @@ class AttributesController extends AppController {
|
|||
if ($this->request->is('post')) {
|
||||
if ($this->response->type() === 'application/json') {
|
||||
if ($key == 'xml') {
|
||||
throw new MethodNotAllowedException('Content type and parameter mismatch. Expecting JSON.');
|
||||
throw new MethodNotAllowedException(__('Content type and parameter mismatch. Expecting JSON.'));
|
||||
}
|
||||
$data = $this->request->input('json_decode', true);
|
||||
} else if ($this->response->type() === 'application/xml' && !empty($this->request->data)) {
|
||||
if ($key == 'json') {
|
||||
throw new MethodNotAllowedException('Content type and parameter mismatch. Expecting XML.');
|
||||
throw new MethodNotAllowedException(__('Content type and parameter mismatch. Expecting XML.'));
|
||||
}
|
||||
$data = $this->request->data;
|
||||
} else {
|
||||
throw new BadRequestException('Either specify the search terms in the url, or POST a json array / xml (with the root element being "request" and specify the correct accept and content type headers.');
|
||||
throw new BadRequestException(__('Either specify the search terms in the url, or POST a json array / xml (with the root element being "request" and specify the correct accept and content type headers.'));
|
||||
}
|
||||
if (!isset($data['request'])) {
|
||||
$data['request'] = $data;
|
||||
|
@ -2062,11 +2063,11 @@ class AttributesController extends AppController {
|
|||
if ($key != null && $key != 'download') {
|
||||
$user = $this->checkAuthUser($key);
|
||||
} else {
|
||||
if (!$this->Auth->user()) throw new UnauthorizedException('You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml.');
|
||||
if (!$this->Auth->user()) throw new UnauthorizedException(__('You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml.'));
|
||||
$user = $this->checkAuthUser($this->Auth->user('authkey'));
|
||||
}
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
if ($this->response->type() === 'application/json') {
|
||||
|
@ -2074,7 +2075,7 @@ class AttributesController extends AppController {
|
|||
} else if ($this->response->type() === 'application/xml' && !empty($this->request->data)) {
|
||||
$data = $this->request->data;
|
||||
} else {
|
||||
throw new BadRequestException('Either specify the search terms in the url, or POST a json array / xml (with the root element being "request" and specify the correct accept and content type headers.');
|
||||
throw new BadRequestException(__('Either specify the search terms in the url, or POST a json array / xml (with the root element being "request" and specify the correct accept and content type headers.'));
|
||||
}
|
||||
$paramArray = array('type', 'sigOnly');
|
||||
foreach ($paramArray as $p) {
|
||||
|
@ -2091,7 +2092,7 @@ class AttributesController extends AppController {
|
|||
|
||||
if (!$myEventOrAdmin) {
|
||||
if ($this->Event->data['Event']['distribution'] == 0) {
|
||||
throw new UnauthorizedException('You don\'t have access to that event.');
|
||||
throw new UnauthorizedException(__('You don\'t have access to that event.'));
|
||||
}
|
||||
}
|
||||
$this->response->type('xml'); // set the content type
|
||||
|
@ -2151,7 +2152,7 @@ class AttributesController extends AppController {
|
|||
// If after all of this $contained is still true, let's add the attribute to the array
|
||||
if ($contained) $attributes[] = $attribute;
|
||||
}
|
||||
if (empty($attributes)) throw new NotFoundException('No matches.');
|
||||
if (empty($attributes)) throw new NotFoundException(__('No matches.'));
|
||||
$this->set('results', $attributes);
|
||||
}
|
||||
|
||||
|
@ -2159,17 +2160,17 @@ class AttributesController extends AppController {
|
|||
if ($key != null && $key != 'download') {
|
||||
$user = $this->checkAuthUser($key);
|
||||
} else {
|
||||
if (!$this->Auth->user()) throw new UnauthorizedException('You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml.');
|
||||
if (!$this->Auth->user()) throw new UnauthorizedException(__('You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml.'));
|
||||
$user = $this->checkAuthUser($this->Auth->user('authkey'));
|
||||
}
|
||||
// if the user is authorised to use the api key then user will be populated with the user's account
|
||||
// in addition we also set a flag indicating whether the user is a site admin or not.
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
$this->Attribute->id = $id;
|
||||
if (!$this->Attribute->exists()) {
|
||||
throw new NotFoundException('Invalid attribute or no authorisation to view it.');
|
||||
throw new NotFoundException(__('Invalid attribute or no authorisation to view it.'));
|
||||
}
|
||||
$this->Attribute->read(null, $id);
|
||||
if (!$user['User']['siteAdmin'] &&
|
||||
|
@ -2177,7 +2178,7 @@ class AttributesController extends AppController {
|
|||
($this->Attribute->data['Event']['distribution'] == 0 ||
|
||||
$this->Attribute->data['Attribute']['distribution'] == 0
|
||||
)) {
|
||||
throw new NotFoundException('Invalid attribute or no authorisation to view it.');
|
||||
throw new NotFoundException(__('Invalid attribute or no authorisation to view it.'));
|
||||
}
|
||||
$this->__downloadAttachment($this->Attribute->data['Attribute']);
|
||||
}
|
||||
|
@ -2203,11 +2204,11 @@ class AttributesController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
}
|
||||
$this->response->type('txt'); // set the content type
|
||||
|
@ -2232,7 +2233,7 @@ class AttributesController extends AppController {
|
|||
} else {
|
||||
$data = $this->request->data;
|
||||
}
|
||||
if (empty($data)) throw new BadRequestException('Either specify the search terms in the url, or POST a json array / xml (with the root element being "request" and specify the correct headers based on content type.');
|
||||
if (empty($data)) throw new BadRequestException(__('Either specify the search terms in the url, or POST a json array / xml (with the root element being "request" and specify the correct headers based on content type.'));
|
||||
$paramArray = array('eventId', 'tags', 'from', 'to', 'policy', 'walled_garden', 'ns', 'email', 'serial', 'refresh', 'retry', 'expiry', 'minimum_ttl', 'ttl', 'enforceWarninglist', 'ns_alt');
|
||||
foreach ($paramArray as $p) {
|
||||
if (isset($data['request'][$p])) ${$p} = $data['request'][$p];
|
||||
|
@ -2266,16 +2267,16 @@ class AttributesController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
}
|
||||
if (false === $eventId) $eventIds = $this->Attribute->Event->fetchEventIds($this->Auth->user(), false, false, false, true);
|
||||
else if (is_numeric($eventId)) $eventIds = array($eventId);
|
||||
else throw new MethodNotAllowedException('Invalid event ID format.');
|
||||
else throw new MethodNotAllowedException(__('Invalid event ID format.'));
|
||||
$values = array();
|
||||
foreach ($eventIds as $k => $eventId) {
|
||||
$values = array_merge_recursive($values, $this->Attribute->rpz($this->Auth->user(), $tags, $eventId, $from, $to, $enforceWarninglist));
|
||||
|
@ -2325,11 +2326,11 @@ class AttributesController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
}
|
||||
$filename = 'misp.' . $type . '.intel';
|
||||
|
@ -2384,8 +2385,8 @@ class AttributesController extends AppController {
|
|||
|
||||
public function fetchViewValue($id, $field = null) {
|
||||
$validFields = array('value', 'comment', 'type', 'category', 'to_ids', 'distribution', 'timestamp');
|
||||
if (!isset($field) || !in_array($field, $validFields)) throw new MethodNotAllowedException('Invalid field requested.');
|
||||
if (!$this->request->is('ajax')) throw new MethodNotAllowedException('This function can only be accessed via AJAX.');
|
||||
if (!isset($field) || !in_array($field, $validFields)) throw new MethodNotAllowedException(__('Invalid field requested.'));
|
||||
if (!$this->request->is('ajax')) throw new MethodNotAllowedException(__('This function can only be accessed via AJAX.'));
|
||||
$this->Attribute->id = $id;
|
||||
if (!$this->Attribute->exists()) {
|
||||
throw new NotFoundException(__('Invalid attribute'));
|
||||
|
@ -2417,8 +2418,8 @@ class AttributesController extends AppController {
|
|||
|
||||
public function fetchEditForm($id, $field = null) {
|
||||
$validFields = array('value', 'comment', 'type', 'category', 'to_ids', 'distribution');
|
||||
if (!isset($field) || !in_array($field, $validFields)) throw new MethodNotAllowedException('Invalid field requested.');
|
||||
if (!$this->request->is('ajax')) throw new MethodNotAllowedException('This function can only be accessed via AJAX.');
|
||||
if (!isset($field) || !in_array($field, $validFields)) throw new MethodNotAllowedException(__('Invalid field requested.'));
|
||||
if (!$this->request->is('ajax')) throw new MethodNotAllowedException(__('This function can only be accessed via AJAX.'));
|
||||
$this->Attribute->id = $id;
|
||||
if (!$this->Attribute->exists()) {
|
||||
throw new NotFoundException(__('Invalid attribute'));
|
||||
|
@ -2479,14 +2480,14 @@ class AttributesController extends AppController {
|
|||
|
||||
public function attributeReplace($id) {
|
||||
if (!$this->userRole['perm_add']) {
|
||||
throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
|
||||
throw new MethodNotAllowedException(__('Event not found or you don\'t have permissions to create attributes'));
|
||||
}
|
||||
$event = $this->Attribute->Event->find('first', array(
|
||||
'conditions' => array('Event.id' => $id),
|
||||
'fields' => array('id', 'orgc_id', 'distribution'),
|
||||
'recursive' => -1
|
||||
));
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && ($event['Event']['orgc_id'] != $this->Auth->user('org_id') || !$this->userRole['perm_add']))) throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && ($event['Event']['orgc_id'] != $this->Auth->user('org_id') || !$this->userRole['perm_add']))) throw new MethodNotAllowedException(__('Event not found or you don\'t have permissions to create attributes'));
|
||||
$this->set('event_id', $id);
|
||||
if ($this->request->is('get')) {
|
||||
$this->layout = 'ajax';
|
||||
|
@ -2505,14 +2506,14 @@ class AttributesController extends AppController {
|
|||
$this->set('categoryDefinitions', $this->Attribute->categoryDefinitions);
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
if (!$this->request->is('ajax')) throw new MethodNotAllowedException('This action can only be accessed via AJAX.');
|
||||
if (!$this->request->is('ajax')) throw new MethodNotAllowedException(__('This action can only be accessed via AJAX.'));
|
||||
|
||||
$newValues = explode(PHP_EOL, $this->request->data['Attribute']['value']);
|
||||
$category = $this->request->data['Attribute']['category'];
|
||||
$type = $this->request->data['Attribute']['type'];
|
||||
$to_ids = $this->request->data['Attribute']['to_ids'];
|
||||
|
||||
if (!$this->_isSiteAdmin() && $this->Auth->user('org_id') != $event['Event']['orgc_id'] && !$this->userRole['perm_add']) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
if (!$this->_isSiteAdmin() && $this->Auth->user('org_id') != $event['Event']['orgc_id'] && !$this->userRole['perm_add']) throw new MethodNotAllowedException(__('You are not authorised to do that.'));
|
||||
|
||||
$oldAttributes = $this->Attribute->find('all', array(
|
||||
'conditions' => array(
|
||||
|
@ -2600,19 +2601,19 @@ class AttributesController extends AppController {
|
|||
|
||||
// download a sample by passing along an md5
|
||||
public function downloadSample($hash=false, $allSamples=false, $eventID=false) {
|
||||
if (!$this->userRole['perm_auth']) throw new MethodNotAllowedException('This functionality requires API key access.');
|
||||
if (!$this->userRole['perm_auth']) throw new MethodNotAllowedException(__('This functionality requires API key access.'));
|
||||
$error = false;
|
||||
if ($this->response->type() === 'application/json') {
|
||||
$data = $this->request->input('json_decode', true);
|
||||
} else if ($this->response->type() === 'application/xml') {
|
||||
$data = $this->request->data;
|
||||
} else {
|
||||
throw new BadRequestException('This action is for the API only. Please refer to the automation page for information on how to use it.');
|
||||
throw new BadRequestException(__('This action is for the API only. Please refer to the automation page for information on how to use it.'));
|
||||
}
|
||||
if (!$hash && isset($data['request']['hash'])) $hash = $data['request']['hash'];
|
||||
if (!$allSamples && isset($data['request']['allSamples'])) $allSamples = $data['request']['allSamples'];
|
||||
if (!$eventID && isset($data['request']['eventID'])) $eventID = $data['request']['eventID'];
|
||||
if (!$eventID && !$hash) throw new MethodNotAllowedException('No hash or event ID received. You need to set at least one of the two.');
|
||||
if (!$eventID && !$hash) throw new MethodNotAllowedException(__('No hash or event ID received. You need to set at least one of the two.'));
|
||||
if (!$hash) $allSamples = true;
|
||||
|
||||
|
||||
|
@ -2718,7 +2719,7 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
public function pruneOrphanedAttributes() {
|
||||
if (!$this->_isSiteAdmin() || !$this->request->is('post')) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
if (!$this->_isSiteAdmin() || !$this->request->is('post')) throw new MethodNotAllowedException(__('You are not authorised to do that.'));
|
||||
$events = array_keys($this->Attribute->Event->find('list'));
|
||||
$orphans = $this->Attribute->find('list', array('conditions' => array('Attribute.event_id !=' => $events)));
|
||||
if (count($orphans) > 0) $this->Attribute->deleteAll(array('Attribute.event_id !=' => $events), false, true);
|
||||
|
@ -2727,7 +2728,7 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
public function checkOrphanedAttributes() {
|
||||
if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException(__('You are not authorised to do that.'));
|
||||
$this->loadModel('Attribute');
|
||||
$events = array_keys($this->Attribute->Event->find('list'));
|
||||
$orphans = $this->Attribute->find('list', array('conditions' => array('Attribute.event_id !=' => $events)));
|
||||
|
@ -2735,7 +2736,7 @@ class AttributesController extends AppController {
|
|||
}
|
||||
|
||||
public function updateAttributeValues($script) {
|
||||
if (!$this->_isSiteAdmin() || !$this->request->is('post')) throw new MethodNotAllowedException('You are not authorised to do that.');
|
||||
if (!$this->_isSiteAdmin() || !$this->request->is('post')) throw new MethodNotAllowedException(__('You are not authorised to do that.'));
|
||||
switch ($script) {
|
||||
case 'urlSanitisation':
|
||||
$replaceConditions = array(
|
||||
|
@ -2744,7 +2745,7 @@ class AttributesController extends AppController {
|
|||
);
|
||||
break;
|
||||
default:
|
||||
throw new Exception('Invalid script.');
|
||||
throw new Exception(__('Invalid script.'));
|
||||
}
|
||||
$counter = 0;
|
||||
foreach ($replaceConditions as $rC) {
|
||||
|
@ -2771,7 +2772,7 @@ class AttributesController extends AppController {
|
|||
|
||||
public function hoverEnrichment($id) {
|
||||
$attribute = $this->Attribute->fetchAttributes($this->Auth->user(), array('conditions' => array('Attribute.id' => $id), 'flatten' => 1));
|
||||
if (empty($attribute)) throw new NotFoundException('Invalid Attribute');
|
||||
if (empty($attribute)) throw new NotFoundException(__('Invalid Attribute'));
|
||||
$this->loadModel('Server');
|
||||
$this->loadModel('Module');
|
||||
$modules = $this->Module->getEnabledModules($this->Auth->user());
|
||||
|
@ -2793,7 +2794,7 @@ class AttributesController extends AppController {
|
|||
}
|
||||
}
|
||||
}
|
||||
if (!$found) throw new MethodNotAllowedException('No valid enrichment options found for this attribute.');
|
||||
if (!$found) throw new MethodNotAllowedException(__('No valid enrichment options found for this attribute.'));
|
||||
$data = array('module' => $type, $attribute[0]['Attribute']['type'] => $attribute[0]['Attribute']['value']);
|
||||
if (!empty($options)) $data['config'] = $options;
|
||||
$data = json_encode($data);
|
||||
|
@ -2803,6 +2804,7 @@ class AttributesController extends AppController {
|
|||
$resultArray[] = array($type => $result);
|
||||
}
|
||||
} else {
|
||||
// TODO: i18n?
|
||||
$resultArray[] = array($type => 'Enrichment service not reachable.');
|
||||
continue;
|
||||
}
|
||||
|
@ -2845,7 +2847,7 @@ class AttributesController extends AppController {
|
|||
|
||||
public function attributeStatistics($type = 'type', $percentage = false) {
|
||||
$validTypes = array('type', 'category');
|
||||
if (!in_array($type, $validTypes)) throw new MethodNotAllowedException('Invalid type requested.');
|
||||
if (!in_array($type, $validTypes)) throw new MethodNotAllowedException(__('Invalid type requested.'));
|
||||
$totalAttributes = $this->Attribute->find('count', array());
|
||||
$attributes = $this->Attribute->find('all', array(
|
||||
'recursive' => -1,
|
||||
|
@ -3044,14 +3046,14 @@ class AttributesController extends AppController {
|
|||
|
||||
public function toggleCorrelation($id) {
|
||||
if (!$this->_isSiteAdmin() && Configure.read('MISP.allow_disabling_correlation')) {
|
||||
throw new MethodNotAllowedException('Disabling the correlation is not permitted on this instance.');
|
||||
throw new MethodNotAllowedException(__('Disabling the correlation is not permitted on this instance.'));
|
||||
}
|
||||
$this->Attribute->id = $id;
|
||||
if (!$this->Attribute->exists()) {
|
||||
throw new NotFoundException('Invalid Attribute.');
|
||||
throw new NotFoundException(__('Invalid Attribute.'));
|
||||
}
|
||||
if (!$this->Auth->user('Role')['perm_modify']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permission to do that.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permission to do that.'));
|
||||
}
|
||||
$conditions = array('Attribute.id' => $id);
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
|
@ -3063,10 +3065,10 @@ class AttributesController extends AppController {
|
|||
'contain' => array('Event')
|
||||
));
|
||||
if (empty($attribute)) {
|
||||
throw new NotFoundException('Invalid Attribute.');
|
||||
throw new NotFoundException(__('Invalid Attribute.'));
|
||||
}
|
||||
if (!$this->Auth->user('Role')['perm_modify_org'] && $this->Auth->user('id') != $attribute['Event']['user_id']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permission to do that.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permission to do that.'));
|
||||
}
|
||||
if (!$this->_isRest()) $this->Attribute->Event->insertLock($this->Auth->user(), $attribute['Event']['id']);
|
||||
if ($this->request->is('post')) {
|
||||
|
|
|
@ -889,7 +889,7 @@ class EventsController extends AppController {
|
|||
$conditions['includeFeedCorrelations'] = true;
|
||||
$conditions['includeAllTags'] = true;
|
||||
$results = $this->Event->fetchEvent($this->Auth->user(), $conditions);
|
||||
if (empty($results)) throw new NotFoundException('Invalid event');
|
||||
if (empty($results)) throw new NotFoundException(__('Invalid event'));
|
||||
$event = $results[0];
|
||||
|
||||
if(isset($this->params['named']['searchFor'])) {
|
||||
|
@ -1224,7 +1224,7 @@ class EventsController extends AppController {
|
|||
'conditions' => array('Event.uuid' => $id),
|
||||
'fields' => array('Event.id', 'Event.uuid')
|
||||
));
|
||||
if ($temp == null) throw new NotFoundException('Invalid event');
|
||||
if ($temp == null) throw new NotFoundException(__('Invalid event'));
|
||||
$id = $temp['Event']['id'];
|
||||
} else if (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
@ -1259,7 +1259,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
$conditions['includeFeedCorrelations'] = true;
|
||||
$results = $this->Event->fetchEvent($this->Auth->user(), $conditions);
|
||||
if (empty($results)) throw new NotFoundException('Invalid event');
|
||||
if (empty($results)) throw new NotFoundException(__('Invalid event'));
|
||||
//if the current user is an org admin AND event belongs to his/her org, fetch also the event creator info
|
||||
if ($this->userRole['perm_admin'] && !$this->_isSiteAdmin() && ($results[0]['Org']['id'] == $this->Auth->user('org_id'))) {
|
||||
$results[0]['User']['email'] = $this->User->field('email', array('id' => $results[0]['Event']['user_id']));
|
||||
|
@ -1378,13 +1378,13 @@ class EventsController extends AppController {
|
|||
|
||||
public function add() {
|
||||
if (!$this->userRole['perm_add']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permissions to create events');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permissions to create events'));
|
||||
}
|
||||
$sgs = $this->Event->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', 1);
|
||||
if ($this->request->is('post')) {
|
||||
if ($this->_isRest()) {
|
||||
if (empty($this->data)) {
|
||||
throw new MethodNotAllowedException('No valid event data received.');
|
||||
throw new MethodNotAllowedException(__('No valid event data received.'));
|
||||
}
|
||||
// rearrange the response if the event came from an export
|
||||
if (isset($this->request->data['response'])) $this->request->data = $this->request->data['response'];
|
||||
|
@ -1413,14 +1413,14 @@ class EventsController extends AppController {
|
|||
if (!isset($this->request->data['Event']['SharingGroup']['uuid'])) {
|
||||
if ($this->Event->SharingGroup->checkIfExists($this->request->data['Event']['SharingGroup']['uuid']) &&
|
||||
$this->Event->SharingGroup->checkIfAuthorised($this->Auth->user(), $this->request->data['Event']['SharingGroup']['uuid'])) {
|
||||
throw new MethodNotAllowedException('Invalid Sharing Group or not authorised (Sync user is not contained in the Sharing group).');
|
||||
throw new MethodNotAllowedException(__('Invalid Sharing Group or not authorised (Sync user is not contained in the Sharing group).'));
|
||||
}
|
||||
}
|
||||
} else if (!isset($sgs[$this->request->data['Event']['sharing_group_id']])) {
|
||||
throw new MethodNotAllowedException('Invalid Sharing Group or not authorised.');
|
||||
throw new MethodNotAllowedException(__('Invalid Sharing Group or not authorised.'));
|
||||
}
|
||||
} else {
|
||||
if (!isset($sgs[$this->request->data['Event']['sharing_group_id']])) throw new MethodNotAllowedException('Invalid Sharing Group or not authorised.');
|
||||
if (!isset($sgs[$this->request->data['Event']['sharing_group_id']])) throw new MethodNotAllowedException(__('Invalid Sharing Group or not authorised.'));
|
||||
}
|
||||
} else {
|
||||
// If the distribution is set to something "traditional", set the SG id to 0.
|
||||
|
@ -1443,7 +1443,7 @@ class EventsController extends AppController {
|
|||
if ($add === true && !is_numeric($add)) {
|
||||
if ($this->_isRest()) {
|
||||
if ($add === 'blocked') {
|
||||
throw new ForbiddenException('Event blocked by local blacklist.');
|
||||
throw new ForbiddenException(__('Event blocked by local blacklist.'));
|
||||
}
|
||||
// REST users want to see the newly created event
|
||||
$results = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $created_id));
|
||||
|
@ -1464,8 +1464,9 @@ class EventsController extends AppController {
|
|||
if (is_numeric($add)) {
|
||||
$this->response->header('Location', Configure::read('MISP.baseurl') . '/events/' . $add);
|
||||
$this->response->send();
|
||||
throw new NotFoundException('Event already exists, if you would like to edit it, use the url in the location header.');
|
||||
throw new NotFoundException(__('Event already exists, if you would like to edit it, use the url in the location header.'));
|
||||
}
|
||||
// # TODO i18n?
|
||||
$this->set('name', 'Add event failed.');
|
||||
$this->set('message', 'The event could not be saved.');
|
||||
$this->set('errors', $validationErrors);
|
||||
|
@ -1474,7 +1475,7 @@ class EventsController extends AppController {
|
|||
return false;
|
||||
} else {
|
||||
if ($add === 'blocked') {
|
||||
$this->Flash->error('A blacklist entry is blocking you from creating any events. Please contact the administration team of this instance' . (Configure::read('MISP.contact') ? ' at ' . Configure::read('MISP.contact') : '') . '.');
|
||||
$this->Flash->error(__('A blacklist entry is blocking you from creating any events. Please contact the administration team of this instance') . (Configure::read('MISP.contact') ? ' at ' . Configure::read('MISP.contact') : '') . '.');
|
||||
} else {
|
||||
$this->Flash->error(__('The event could not be saved. Please, try again.'), 'default', array(), 'error');
|
||||
}
|
||||
|
@ -1522,7 +1523,7 @@ class EventsController extends AppController {
|
|||
$this->Event->recursive = -1;
|
||||
$this->Event->read(null, $id);
|
||||
if (!$this->_isSiteAdmin() && ($this->Event->data['Event']['orgc_id'] != $this->_checkOrg() || !$this->userRole['perm_modify'])) {
|
||||
throw new UnauthorizedException('You do not have permission to do that.');
|
||||
throw new UnauthorizedException(__('You do not have permission to do that.'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
if (!empty($this->data)) {
|
||||
|
@ -1540,7 +1541,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function add_misp_export() {
|
||||
if (!$this->userRole['perm_modify']) {
|
||||
throw new UnauthorizedException('You do not have permission to do that.');
|
||||
throw new UnauthorizedException(__('You do not have permission to do that.'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
$results = array();
|
||||
|
@ -1552,9 +1553,10 @@ class EventsController extends AppController {
|
|||
if (isset($this->data['Event']['submittedfile']) && (strtolower($ext) != 'xml' && strtolower($ext) != 'json') && $this->data['Event']['submittedfile']['size'] > 0 &&
|
||||
is_uploaded_file($this->data['Event']['submittedfile']['tmp_name'])) {
|
||||
$log = ClassRegistry::init('Log');
|
||||
// #TODO Think about whether we want to Localize Log entries.
|
||||
$log->createLogEntry($this->Auth->user(), 'file_upload', 'Event', 0, 'MISP export file upload failed', 'File details: ' . json_encode($this->data['Event']['submittedfile']));
|
||||
$this->Flash->error(__('You may only upload MISP XML or MISP JSON files.'));
|
||||
throw new MethodNotAllowedException('File upload failed or file does not have the expected extension (.xml / .json).');
|
||||
throw new MethodNotAllowedException(__('File upload failed or file does not have the expected extension (.xml / .json).'));
|
||||
}
|
||||
if (isset($this->data['Event']['submittedfile'])) {
|
||||
if (Configure::read('MISP.take_ownership_xml_import')
|
||||
|
@ -1572,7 +1574,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function upload_stix($stix_version = '1') {
|
||||
if (!$this->userRole['perm_modify']) {
|
||||
throw new UnauthorizedException('You do not have permission to do that.');
|
||||
throw new UnauthorizedException(__('You do not have permission to do that.'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
if ($this->_isRest()) {
|
||||
|
@ -1704,7 +1706,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
if (Validation::uuid($id)) {
|
||||
$temp = $this->Event->find('first', array('recursive' => -1, 'fields' => array('Event.id'), 'conditions' => array('Event.uuid' => $id)));
|
||||
if (empty($temp)) throw new NotFoundException('Invalid event');
|
||||
if (empty($temp)) throw new NotFoundException(__('Invalid event'));
|
||||
$id = $temp['Event']['id'];
|
||||
} else if (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
@ -1919,7 +1921,7 @@ class EventsController extends AppController {
|
|||
$event = $this->Event->read(null, $id);
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if (!$this->userRole['perm_publish'] || $this->Auth->user('org_id') !== $this->Event->data['Event']['orgc_id']) {
|
||||
throw new MethodNotAllowedException('You don\'t have the permission to do that.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have the permission to do that.'));
|
||||
}
|
||||
}
|
||||
$this->Event->insertLock($this->Auth->user(), $id);
|
||||
|
@ -1981,7 +1983,7 @@ class EventsController extends AppController {
|
|||
$this->Event->read(null, $id);
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if (!$this->userRole['perm_publish'] || $this->Auth->user('org_id') !== $this->Event->data['Event']['orgc_id']) {
|
||||
throw new MethodNotAllowedException('You don\'t have the permission to do that.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have the permission to do that.'));
|
||||
}
|
||||
}
|
||||
$success = true;
|
||||
|
@ -2197,7 +2199,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function downloadExport($type, $extra = null) {
|
||||
if (Configure::read('MISP.disable_cached_exports')) {
|
||||
throw new MethodNotAllowedException('This feature is currently disabled');
|
||||
throw new MethodNotAllowedException(__('This feature is currently disabled'));
|
||||
}
|
||||
if ($this->_isSiteAdmin()) $org = 'ADMIN';
|
||||
else $org = $this->Auth->user('Organisation')['name'];
|
||||
|
@ -2232,7 +2234,7 @@ class EventsController extends AppController {
|
|||
// For XML: <request><value>7.7.7.7&&1.1.1.1</value><type>ip-src</type></request>
|
||||
if ($this->request->is('post')) {
|
||||
if (empty($this->request->data)) {
|
||||
throw new BadRequestException('Either specify the search terms in the url, or POST an xml (with the root element being "request".');
|
||||
throw new BadRequestException(__('Either specify the search terms in the url, or POST an xml (with the root element being "request".'));
|
||||
} else {
|
||||
$data = $this->request->data;
|
||||
}
|
||||
|
@ -2259,7 +2261,7 @@ class EventsController extends AppController {
|
|||
$eventIdArray = array();
|
||||
|
||||
if ($eventid) {
|
||||
if (!is_numeric($eventid)) throw new MethodNotAllowedException('Invalid Event ID.');
|
||||
if (!is_numeric($eventid)) throw new MethodNotAllowedException(__('Invalid Event ID.'));
|
||||
$eventIdArray[] = $eventid;
|
||||
}
|
||||
|
||||
|
@ -2267,11 +2269,11 @@ class EventsController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
$user = $this->Auth->user();
|
||||
}
|
||||
|
@ -2300,7 +2302,7 @@ class EventsController extends AppController {
|
|||
$result = $this->Whitelist->removeWhitelistedFromArray($result, false);
|
||||
$final .= $converter->convert($result[0]) . PHP_EOL;
|
||||
}
|
||||
if ($validEvents == 0) throw new NotFoundException('No events found that match the passed parameters.');
|
||||
if ($validEvents == 0) throw new NotFoundException(__('No events found that match the passed parameters.'));
|
||||
$final .= '</response>' . PHP_EOL;
|
||||
$this->response->body($final);
|
||||
$this->response->type('xml');
|
||||
|
@ -2322,7 +2324,7 @@ class EventsController extends AppController {
|
|||
public function nids($format = 'suricata', $key = 'download', $id = false, $continue = false, $tags = false, $from = false, $to = false, $last = false, $type = false, $enforceWarninglist = false, $includeAllTags = false, $eventid = false) {
|
||||
if ($this->request->is('post')) {
|
||||
if (empty($this->request->data)) {
|
||||
throw new BadRequestException('Either specify the search terms in the url, or POST a json or xml with the filter parameters. Valid filters: id (event ID), tags (list of tags), from (from date in YYYY-MM-DD format), to (to date in YYYY-MM-DD format), last (events with a published timestamp newer than - valid options are in time + unit format such as 6d or 2w, etc)');
|
||||
throw new BadRequestException(__('Either specify the search terms in the url, or POST a json or xml with the filter parameters. Valid filters: id (event ID), tags (list of tags), from (from date in YYYY-MM-DD format), to (to date in YYYY-MM-DD format), last (events with a published timestamp newer than - valid options are in time + unit format such as 6d or 2w, etc)'));
|
||||
} else {
|
||||
$data = $this->request->data;
|
||||
}
|
||||
|
@ -2362,12 +2364,12 @@ class EventsController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
// check if there's a user logged in or not
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
$user = $this->Auth->user();
|
||||
}
|
||||
|
@ -2383,7 +2385,7 @@ class EventsController extends AppController {
|
|||
$simpleFalse = array('tags', 'from', 'to', 'last', 'enforceWarninglist');
|
||||
if ($this->request->is('post')) {
|
||||
if (empty($this->request->data)) {
|
||||
throw new BadRequestException('Either specify the search terms in the url, or POST a json or xml with the filter parameters.');
|
||||
throw new BadRequestException(__('Either specify the search terms in the url, or POST a json or xml with the filter parameters.'));
|
||||
} else {
|
||||
$data = $this->request->data;
|
||||
}
|
||||
|
@ -2402,7 +2404,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
if (!in_array($type, array('md5', 'sha1', 'sha256'))) {
|
||||
throw new MethodNotAllowedException('Invalid hash type.');
|
||||
throw new MethodNotAllowedException(__('Invalid hash type.'));
|
||||
}
|
||||
if ($from) $from = $this->Event->dateFieldCheck($from);
|
||||
if ($to) $to = $this->Event->dateFieldCheck($to);
|
||||
|
@ -2415,12 +2417,12 @@ class EventsController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
// check if there's a user logged in or not
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
}
|
||||
$this->loadModel('Attribute');
|
||||
|
@ -2436,7 +2438,7 @@ class EventsController extends AppController {
|
|||
$paramArray = array('eventid', 'ignore', 'tags', 'category', 'type', 'includeContext', 'from', 'to', 'last', 'headerless', 'enforceWarninglist', 'value', 'timestamp');
|
||||
if ($this->request->is('post')) {
|
||||
if (empty($this->request->data)) {
|
||||
return $this->RestResponse->throwException(400, 'Either specify the search terms in the url, or POST a json or xml with the filter parameters.', 'csv', true);
|
||||
return $this->RestResponse->throwException(400, __('Either specify the search terms in the url, or POST a json or xml with the filter parameters.'), 'csv', true);
|
||||
} else {
|
||||
$data = $this->request->data;
|
||||
}
|
||||
|
@ -2462,11 +2464,11 @@ class EventsController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
return $this->RestResponse->throwException(401, 'This authentication key is not authorized to be used for exports. Contact your administrator.', 'csv', true);
|
||||
return $this->RestResponse->throwException(401, __('This authentication key is not authorized to be used for exports. Contact your administrator.'), 'csv', true);
|
||||
}
|
||||
} else {
|
||||
if (!$this->Auth->user('id')) {
|
||||
return $this->RestResponse->throwException(401, 'You have to be logged in to do that.', 'csv', true);
|
||||
return $this->RestResponse->throwException(401, __('You have to be logged in to do that.'), 'csv', true);
|
||||
}
|
||||
$user = $this->Auth->user();
|
||||
}
|
||||
|
@ -2591,7 +2593,7 @@ class EventsController extends AppController {
|
|||
if (!empty($this->data) && $this->data['Event']['submittedioc']['size'] > 0 &&
|
||||
is_uploaded_file($this->data['Event']['submittedioc']['tmp_name'])) {
|
||||
if (!$this->Event->checkFilename($this->data['Event']['submittedioc']['name'])) {
|
||||
throw new Exception ('Filename not allowed.');
|
||||
throw new Exception (__('Filename not allowed.'));
|
||||
}
|
||||
|
||||
App::uses('FileAccessTool', 'Tools');
|
||||
|
@ -2703,7 +2705,7 @@ class EventsController extends AppController {
|
|||
unset($dataArray['Event']);
|
||||
}
|
||||
if (!isset($dataArray['response']) || !isset($dataArray['response']['Event'])) {
|
||||
throw new Exception('This is not a valid MISP XML file.');
|
||||
throw new Exception(__('This is not a valid MISP XML file.'));
|
||||
}
|
||||
$dataArray = $this->Event->updateXMLArray($dataArray);
|
||||
$results = array();
|
||||
|
@ -2790,11 +2792,11 @@ class EventsController extends AppController {
|
|||
public function restSearch($key = 'download', $value = false, $type = false, $category = false, $org = false, $tags = false, $searchall = false, $from = false, $to = false, $last = false, $eventid = false, $withAttachments = false, $metadata = false, $uuid = false, $publish_timestamp = false, $timestamp = false, $published = false, $enforceWarninglist = false, $sgReferenceOnly = false) {
|
||||
if ($key != null && strlen($key) == 40) {
|
||||
if (!$this->checkAuthUser($key)) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
$key = strtolower($key);
|
||||
if (!$this->Auth->user()) throw new UnauthorizedException('You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml.');
|
||||
if (!$this->Auth->user()) throw new UnauthorizedException(__('You are not authorized. Please send the Authorization header with your auth key along with an Accept header for application/xml.'));
|
||||
}
|
||||
if (!is_array($value) && $value !== false) $value = str_replace('|', '/', $value);
|
||||
// request handler for POSTed queries. If the request is a post, the parameters (apart from the key) will be ignored and replaced by the terms defined in the posted json or xml object.
|
||||
|
@ -2808,7 +2810,7 @@ class EventsController extends AppController {
|
|||
} else if ($this->response->type() === 'application/xml') {
|
||||
$data = $this->request->data;
|
||||
} else {
|
||||
throw new BadRequestException('Either specify the search terms in the url, or POST a json array / xml (with the root element being "request" and specify the correct headers based on content type.');
|
||||
throw new BadRequestException(__('Either specify the search terms in the url, or POST a json array / xml (with the root element being "request" and specify the correct headers based on content type.'));
|
||||
}
|
||||
if (!isset($data['request'])) {
|
||||
$data['request'] = $data;
|
||||
|
@ -2968,18 +2970,18 @@ class EventsController extends AppController {
|
|||
// TODO implement mass download of all events - maybe in a zip file?
|
||||
$this->response->type('text'); // set the content type
|
||||
if ($eventid == null) {
|
||||
throw new Exception('Not yet implemented');
|
||||
throw new Exception(__('Not yet implemented'));
|
||||
}
|
||||
$this->layout = 'text/default';
|
||||
|
||||
if ($key != 'download'){
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2989,7 +2991,7 @@ class EventsController extends AppController {
|
|||
throw new NotFoundException(__('Invalid event or not authorised.'));
|
||||
}
|
||||
$event = $this->Event->fetchEvent($this->Auth->user(), $options = array('eventid' => $eventid, 'to_ids' => 1, 'enforceWarninglist' => $enforceWarninglist));
|
||||
if (empty($event)) throw new NotFoundException('Invalid event or not authorised.');
|
||||
if (empty($event)) throw new NotFoundException(__('Invalid event or not authorised.'));
|
||||
$this->loadModel('Whitelist');
|
||||
$temp = $this->Whitelist->removeWhitelistedFromArray(array($event[0]), false);
|
||||
$event = $temp[0];
|
||||
|
@ -3006,7 +3008,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
public function create_dummy_event() {
|
||||
if (!$this->_isSiteAdmin() || !$this->request->is('post')) throw new MethodNotAllowedException('You don\'t have the privileges to access this.');
|
||||
if (!$this->_isSiteAdmin() || !$this->request->is('post')) throw new MethodNotAllowedException(__('You don\'t have the privileges to access this.'));
|
||||
$data['Event']['info'] = 'Test event showing every category-type combination';
|
||||
$data['Event']['date'] = '2013-10-09';
|
||||
$data['Event']['threat_level_id'] = 4; //'Undefined'
|
||||
|
@ -3073,7 +3075,7 @@ class EventsController extends AppController {
|
|||
|
||||
// for load testing, it's slow, execution time is set at 1 hour maximum
|
||||
public function create_massive_dummy_events() {
|
||||
if (!$this->_isSiteAdmin() || !$this->request->is('post')) throw new MethodNotAllowedException('You don\'t have the privileges to access this.');
|
||||
if (!$this->_isSiteAdmin() || !$this->request->is('post')) throw new MethodNotAllowedException(__('You don\'t have the privileges to access this.'));
|
||||
ini_set('max_execution_time', 3600);
|
||||
$this->Event->Behaviors->unload('SysLogLogable.SysLogLogable');
|
||||
$date = new DateTime();
|
||||
|
@ -3322,7 +3324,7 @@ class EventsController extends AppController {
|
|||
*/
|
||||
public function freeTextImport($id, $adhereToWarninglists = false, $returnMetaAttributes = false) {
|
||||
if (!$this->userRole['perm_add']) {
|
||||
throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
|
||||
throw new MethodNotAllowedException(__('Event not found or you don\'t have permissions to create attributes'));
|
||||
}
|
||||
$event = $this->Event->find('first', array(
|
||||
'conditions' => array('Event.id' => $id),
|
||||
|
@ -3542,7 +3544,7 @@ class EventsController extends AppController {
|
|||
$TagId = $this->Tag->captureTag(array('name' => $tagName),array('Role' => $this->userRole));
|
||||
$this->loadModel('AttributeTag');
|
||||
if (!$this->AttributeTag->attachTagToAttribute($AttributSave['Attribute']['id'],$id,$TagId)) {
|
||||
throw new MethodNotAllowedException('Could not add tags.');
|
||||
throw new MethodNotAllowedException(__('Could not add tags.'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -3588,11 +3590,11 @@ class EventsController extends AppController {
|
|||
|
||||
public function saveFreeText($id) {
|
||||
if (!$this->userRole['perm_add']) {
|
||||
throw new MethodNotAllowedException('Event not found or you don\'t have permissions to create attributes');
|
||||
throw new MethodNotAllowedException(__('Event not found or you don\'t have permissions to create attributes'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
if (!$this->Event->checkIfAuthorised($this->Auth->user(), $id)) {
|
||||
throw new MethodNotAllowedException('Invalid event.');
|
||||
throw new MethodNotAllowedException(__('Invalid event.'));
|
||||
}
|
||||
$this->Event->insertLock($this->Auth->user(), $id);
|
||||
$attributes = json_decode($this->request->data['Attribute']['JsonObject'], true);
|
||||
|
@ -3613,11 +3615,11 @@ class EventsController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
}
|
||||
$result = $this->Event->stix2($id, $this->Auth->user());
|
||||
|
@ -3630,11 +3632,11 @@ class EventsController extends AppController {
|
|||
// check if the key is valid -> search for users based on key
|
||||
$user = $this->checkAuthUser($key);
|
||||
if (!$user) {
|
||||
throw new UnauthorizedException('This authentication key is not authorized to be used for exports. Contact your administrator.');
|
||||
throw new UnauthorizedException(__('This authentication key is not authorized to be used for exports. Contact your administrator.'));
|
||||
}
|
||||
} else {
|
||||
if (!$this->Auth->user('id')) {
|
||||
throw new UnauthorizedException('You have to be logged in to do that.');
|
||||
throw new UnauthorizedException(__('You have to be logged in to do that.'));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -3644,7 +3646,7 @@ class EventsController extends AppController {
|
|||
// This would return all OSINT tagged events except for event #3 and #4
|
||||
if ($this->request->is('post')) {
|
||||
if (empty($this->request->data)) {
|
||||
throw new BadRequestException('Either specify the search terms in the url, or POST an xml (with the root element being "request".');
|
||||
throw new BadRequestException(__('Either specify the search terms in the url, or POST an xml (with the root element being "request".'));
|
||||
} else {
|
||||
$data = $this->request->data;
|
||||
}
|
||||
|
@ -3691,7 +3693,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
public function filterEventIdsForPush() {
|
||||
if (!$this->userRole['perm_sync']) throw new MethodNotAllowedException('You do not have the permission to do that.');
|
||||
if (!$this->userRole['perm_sync']) throw new MethodNotAllowedException(__('You do not have the permission to do that.'));
|
||||
if ($this->request->is('post')) {
|
||||
$incomingIDs = array();
|
||||
$incomingEvents = array();
|
||||
|
@ -3718,7 +3720,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
public function checkuuid($uuid) {
|
||||
if (!$this->userRole['perm_sync']) throw new MethodNotAllowedException('You do not have the permission to do that.');
|
||||
if (!$this->userRole['perm_sync']) throw new MethodNotAllowedException(__('You do not have the permission to do that.'));
|
||||
$events = $this->Event->find('first', array(
|
||||
'conditions' => array('Event.uuid' => $uuid),
|
||||
'recursive' => -1,
|
||||
|
@ -3731,7 +3733,7 @@ class EventsController extends AppController {
|
|||
$message= "";
|
||||
$success = true;
|
||||
$counter = 0;
|
||||
if (!$this->userRole['perm_sync'] || !$this->userRole['perm_add']) throw new MethodNotAllowedException('You do not have the permission to do that.');
|
||||
if (!$this->userRole['perm_sync'] || !$this->userRole['perm_add']) throw new MethodNotAllowedException(__('You do not have the permission to do that.'));
|
||||
if ($this->request->is('post')) {
|
||||
$event = $this->Event->find('first', array(
|
||||
'conditions' => array('Event.uuid' => $uuid),
|
||||
|
@ -3789,10 +3791,11 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
public function exportChoice($id) {
|
||||
if (!is_numeric($id)) throw new MethodNotAllowedException('Invalid ID');
|
||||
if (!is_numeric($id)) throw new MethodNotAllowedException(__('Invalid ID'));
|
||||
$event = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $id));
|
||||
if (empty($event)) throw new NotFoundException('Event not found or you are not authorised to view it.');
|
||||
if (empty($event)) throw new NotFoundException(__('Event not found or you are not authorised to view it.'));
|
||||
$event = $event[0];
|
||||
// #TODO i18n
|
||||
$exports = array(
|
||||
'xml' => array(
|
||||
'url' => '/events/restSearch/download/false/false/false/false/false/false/false/false/false/' . $id . '/false.xml',
|
||||
|
@ -3919,10 +3922,11 @@ class EventsController extends AppController {
|
|||
|
||||
public function importChoice($id = false, $scope = 'event') {
|
||||
if ($scope == 'event') {
|
||||
if (!is_numeric($id)) throw new MethodNotAllowedException('Invalid ID');
|
||||
if (!is_numeric($id)) throw new MethodNotAllowedException(__('Invalid ID'));
|
||||
$event = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $id));
|
||||
if (empty($event)) throw new NotFoundException('Event not found or you are not authorised to view it.');
|
||||
if (empty($event)) throw new NotFoundException(__('Event not found or you are not authorised to view it.'));
|
||||
$event = $event[0];
|
||||
// #TODO i18n
|
||||
$imports = array(
|
||||
'freetext' => array(
|
||||
'url' => '/events/freeTextImport/' . $id,
|
||||
|
@ -3997,6 +4001,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
$default_distribution = !empty(Configure::read('MISP.default_attribute_distribution')) ? Configure::read('MISP.default_attribute_distribution') : 5;
|
||||
if ($default_distribution == 'event') $default_distribution = 5;
|
||||
// #TODO i18n
|
||||
$parameter_options = array(
|
||||
'distribution' => array('valid_options' => array(0, 1, 2, 3, 5), 'default' => $default_distribution),
|
||||
'threat_level_id' => array('valid_options' => array(1, 2, 3, 4), 'default' => 4),
|
||||
|
@ -4007,14 +4012,14 @@ class EventsController extends AppController {
|
|||
'comment' => array('default' => '')
|
||||
);
|
||||
|
||||
if (!$this->userRole['perm_auth']) throw new MethodNotAllowedException('This functionality requires API key access.');
|
||||
if (!$this->request->is('post')) throw new MethodNotAllowedException('Please POST the samples as described on the automation page.');
|
||||
if (!$this->userRole['perm_auth']) throw new MethodNotAllowedException(__('This functionality requires API key access.'));
|
||||
if (!$this->request->is('post')) throw new MethodNotAllowedException(__('Please POST the samples as described on the automation page.'));
|
||||
if ($this->response->type() === 'application/json') {
|
||||
$data = $this->request->input('json_decode', true);
|
||||
} else if ($this->response->type() === 'application/xml') {
|
||||
$data = $this->request->data;
|
||||
} else {
|
||||
throw new BadRequestException('Please POST the samples as described on the automation page.');
|
||||
throw new BadRequestException(__('Please POST the samples as described on the automation page.'));
|
||||
}
|
||||
|
||||
if (isset($data['request'])) $data = $data['request'];
|
||||
|
@ -4041,12 +4046,12 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
if (empty($data['files'])) {
|
||||
throw new BadRequestException('No samples received, or samples not in the correct format. Please refer to the API documentation on the automation page.');
|
||||
throw new BadRequestException(__('No samples received, or samples not in the correct format. Please refer to the API documentation on the automation page.'));
|
||||
}
|
||||
if (isset($event_id)) $data['settings']['event_id'] = $event_id;
|
||||
if (isset($data['settings']['event_id'])) {
|
||||
$this->Event->id = $data['settings']['event_id'];
|
||||
if (!$this->Event->exists()) throw new NotFoundException('Event not found');
|
||||
if (!$this->Event->exists()) throw new NotFoundException(__('Event not found'));
|
||||
}
|
||||
if (isset($data['advanced'])) $advanced = $data['advanced'];
|
||||
|
||||
|
@ -4065,7 +4070,7 @@ class EventsController extends AppController {
|
|||
'conditions' => $conditions,
|
||||
'fields' => array('id'),
|
||||
));
|
||||
if (empty($event)) throw new NotFoundException('Event not found.');
|
||||
if (empty($event)) throw new NotFoundException(__('Event not found.'));
|
||||
$this->Event->insertLock($this->Auth->user(), $event['Event']['id']);
|
||||
$this->Event->id = $data['settings']['event_id'];
|
||||
$date = new DateTime();
|
||||
|
@ -4073,7 +4078,7 @@ class EventsController extends AppController {
|
|||
$this->Event->saveField('published', 0);
|
||||
} else {
|
||||
$this->Event->create();
|
||||
if ($data['settings']['distribution'] == 5) throw new BadRequestException('Distribution level 5 is not supported when uploading a sample without passing an event ID. Distribution level 5 is meant to take on the distribution level of an existing event.');
|
||||
if ($data['settings']['distribution'] == 5) throw new BadRequestException(__('Distribution level 5 is not supported when uploading a sample without passing an event ID. Distribution level 5 is meant to take on the distribution level of an existing event.'));
|
||||
$result = $this->Event->save(
|
||||
array(
|
||||
'info' => $data['settings']['info'],
|
||||
|
@ -4097,7 +4102,7 @@ class EventsController extends AppController {
|
|||
'title' => 'Error: Failed to create event using the upload sample functionality',
|
||||
'change' => 'There was an issue creating an event (' . $data['settings']['info'] . '). The validation errors were: ' . json_encode($this->Event->validationErrors),
|
||||
));
|
||||
throw new BadRequestException('The creation of a new event with the supplied information has failed.');
|
||||
throw new BadRequestException(__('The creation of a new event with the supplied information has failed.'));
|
||||
}
|
||||
$data['settings']['event_id'] = $this->Event->id;
|
||||
$event_id = $this->Event->id;
|
||||
|
@ -4182,7 +4187,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function viewGraph($id) {
|
||||
$event = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $id));
|
||||
if (empty($event)) throw new MethodNotAllowedException('Invalid Event.');
|
||||
if (empty($event)) throw new MethodNotAllowedException(__('Invalid Event.'));
|
||||
|
||||
$this->set('event', $event[0]);
|
||||
$this->set('scope', 'event');
|
||||
|
@ -4192,7 +4197,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function viewEventGraph() {
|
||||
$event = $this->Event->fetchEvent($this->Auth->user(), array('eventid' => $id));
|
||||
if (empty($event)) throw new MethodNotAllowedException('Invalid Event.');
|
||||
if (empty($event)) throw new MethodNotAllowedException(__('Invalid Event.'));
|
||||
$this->set('event', $event[0]);
|
||||
$this->set('scope', 'event');
|
||||
$this->set('id', $id);
|
||||
|
@ -4202,7 +4207,7 @@ class EventsController extends AppController {
|
|||
|
||||
/*
|
||||
public function deleteNode($id) {
|
||||
if (!$this->request->is('post')) throw new MethodNotAllowedException('Only POST requests are allowed.');
|
||||
if (!$this->request->is('post')) throw new MethodNotAllowedException(__('Only POST requests are allowed.'));
|
||||
App::uses('CorrelationGraphTool', 'Tools');
|
||||
$grapher = new CorrelationGraphTool();
|
||||
$grapher->construct($this->Event, $this->Taxonomy, $this->GalaxyCluster, $this->Auth->user(), $this->request->data);
|
||||
|
@ -4212,7 +4217,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function updateGraph($id, $type = 'event') {
|
||||
$validTools = array('event', 'galaxy', 'tag');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException('Invalid type.');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException(__('Invalid type.'));
|
||||
$this->loadModel('Taxonomy');
|
||||
$this->loadModel('GalaxyCluster');
|
||||
App::uses('CorrelationGraphTool', 'Tools');
|
||||
|
@ -4231,7 +4236,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function getDistributionGraph($id, $type = 'event') {
|
||||
$validTools = array('event');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException('Invalid type.');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException(__('Invalid type.'));
|
||||
$this->loadModel('Server');
|
||||
$this->loadModel('Organisation');
|
||||
App::uses('DistributionGraphTool', 'Tools');
|
||||
|
@ -4257,7 +4262,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function getEventGraphReferences($id, $type = 'event') {
|
||||
$validTools = array('event');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException('Invalid type.');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException(__('Invalid type.'));
|
||||
$this->loadModel('Tag');
|
||||
App::uses('EventGraphTool', 'Tools');
|
||||
$grapher = new EventGraphTool();
|
||||
|
@ -4279,7 +4284,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function getEventGraphTags($id, $type = 'event') {
|
||||
$validTools = array('event');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException('Invalid type.');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException(__('Invalid type.'));
|
||||
$this->loadModel('Tag');
|
||||
App::uses('EventGraphTool', 'Tools');
|
||||
$grapher = new EventGraphTool();
|
||||
|
@ -4301,7 +4306,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function getEventGraphGeneric($id, $type = 'event') {
|
||||
$validTools = array('event');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException('Invalid type.');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException(__('Invalid type.'));
|
||||
$this->loadModel('Tag');
|
||||
App::uses('EventGraphTool', 'Tools');
|
||||
$grapher = new EventGraphTool();
|
||||
|
@ -4328,7 +4333,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function getReferenceData($uuid, $type = 'reference') {
|
||||
$validTools = array('reference');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException('Invalid type.');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException(__('Invalid type.'));
|
||||
App::uses('EventGraphTool', 'Tools');
|
||||
$grapher = new EventGraphTool();
|
||||
$data = $this->request->is('post') ? $this->request->data : array();
|
||||
|
@ -4346,7 +4351,7 @@ class EventsController extends AppController {
|
|||
|
||||
public function getObjectTemplate($type = 'templates') {
|
||||
$validTools = array('templates');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException('Invalid type.');
|
||||
if (!in_array($type, $validTools)) throw new MethodNotAllowedException(__('Invalid type.'));
|
||||
App::uses('EventGraphTool', 'Tools');
|
||||
$eventGraphTool = new EventGraphTool();
|
||||
|
||||
|
@ -4387,7 +4392,7 @@ class EventsController extends AppController {
|
|||
return new CakeResponse(array('body' => json_encode($json), 'status' => 200, 'type' => 'json'));
|
||||
} else {
|
||||
if (!$this->request->is('ajax')) {
|
||||
throw new MethodNotAllowedException('Invalid method.');
|
||||
throw new MethodNotAllowedException(__('Invalid method.'));
|
||||
}
|
||||
|
||||
App::uses('ColourGradientTool', 'Tools');
|
||||
|
@ -4464,13 +4469,13 @@ class EventsController extends AppController {
|
|||
|
||||
// expects an attribute ID and the module to be used
|
||||
public function queryEnrichment($attribute_id, $module = false, $type = 'Enrichment') {
|
||||
if (!Configure::read('Plugin.' . $type . '_services_enable')) throw new MethodNotAllowedException($type . ' services are not enabled.');
|
||||
if (!Configure::read('Plugin.' . $type . '_services_enable')) throw new MethodNotAllowedException(__('%s services are not enabled.', $type));
|
||||
$attribute = $this->Event->Attribute->fetchAttributes($this->Auth->user(), array('conditions' => array('Attribute.id' => $attribute_id), 'flatten' => 1));
|
||||
if (empty($attribute)) throw new MethodNotAllowedException('Attribute not found or you are not authorised to see it.');
|
||||
if (empty($attribute)) throw new MethodNotAllowedException(__('Attribute not found or you are not authorised to see it.'));
|
||||
if ($this->request->is('ajax')) {
|
||||
$this->loadModel('Module');
|
||||
$enabledModules = $this->Module->getEnabledModules($this->Auth->user(), false, $type);
|
||||
if (!is_array($enabledModules) || empty($enabledModules)) throw new MethodNotAllowedException('No valid ' . $type . ' options found for this attribute.');
|
||||
if (!is_array($enabledModules) || empty($enabledModules)) throw new MethodNotAllowedException(__('No valid %s options found for this attribute.', $type));
|
||||
$modules = array();
|
||||
foreach ($enabledModules['modules'] as $module) {
|
||||
if (in_array($attribute[0]['Attribute']['type'], $module['mispattributes']['input'])) {
|
||||
|
@ -4483,7 +4488,7 @@ class EventsController extends AppController {
|
|||
} else {
|
||||
$this->loadModel('Module');
|
||||
$enabledModules = $this->Module->getEnabledModules($this->Auth->user(), false, $type);
|
||||
if (!is_array($enabledModules) || empty($enabledModules)) throw new MethodNotAllowedException('No valid ' . $type . ' options found for this attribute.');
|
||||
if (!is_array($enabledModules) || empty($enabledModules)) throw new MethodNotAllowedException(__('no valid %s options found for this attribute.', $type));
|
||||
$options = array();
|
||||
foreach ($enabledModules['modules'] as $temp) {
|
||||
if ($temp['name'] == $module) {
|
||||
|
@ -4501,7 +4506,7 @@ class EventsController extends AppController {
|
|||
if (!empty($options)) $data['config'] = $options;
|
||||
$data = json_encode($data);
|
||||
$result = $this->Module->queryModuleServer('/query', $data, false, $type);
|
||||
if (!$result) throw new MethodNotAllowedException($type . ' service not reachable.');
|
||||
if (!$result) throw new MethodNotAllowedException(__('%s service not reachable.', $type));
|
||||
if (isset($result['error'])) $this->Flash->error($result['error']);
|
||||
if (!is_array($result)) throw new Exception($result);
|
||||
$resultArray = $this->Event->handleModuleResult($result, $attribute[0]['Attribute']['event_id']);
|
||||
|
@ -4509,7 +4514,7 @@ class EventsController extends AppController {
|
|||
$importComment = $result['comment'];
|
||||
}
|
||||
else {
|
||||
$importComment = $attribute[0]['Attribute']['value'] . ': Enriched via the ' . $module . ($type != 'Enrichment' ? ' ' . $type : '') . ' module';
|
||||
$importComment = $attribute[0]['Attribute']['value'] . __(': Enriched via the %s', $module) . ($type != 'Enrichment' ? ' ' . $type : '') . ' module';
|
||||
}
|
||||
$typeCategoryMapping = array();
|
||||
foreach ($this->Event->Attribute->categoryDefinitions as $k => $cat) {
|
||||
|
@ -4556,7 +4561,7 @@ class EventsController extends AppController {
|
|||
$this->loadModel('Module');
|
||||
$moduleName = $module;
|
||||
if (!$this->Event->checkIfAuthorised($this->Auth->user(), $eventId)) {
|
||||
throw new MethodNotAllowedException('Invalid event.');
|
||||
throw new MethodNotAllowedException(__('Invalid event.'));
|
||||
}
|
||||
$module = $this->Module->getEnabledModule($module, 'Import');
|
||||
if (!is_array($module)) throw new MethodNotAllowedException($module);
|
||||
|
@ -4630,7 +4635,7 @@ class EventsController extends AppController {
|
|||
$modulePayload['filename'] = $filename;
|
||||
}
|
||||
$result = $this->Module->queryModuleServer('/query', json_encode($modulePayload, true), false, $moduleFamily = 'Import');
|
||||
if (!$result) throw new Exception('Import service not reachable.');
|
||||
if (!$result) throw new Exception(__('Import service not reachable.'));
|
||||
if (isset($result['error'])) $this->Flash->error($result['error']);
|
||||
if (!is_array($result)) throw new Exception($result);
|
||||
$resultArray = $this->Event->handleModuleResult($result, $eventId);
|
||||
|
@ -4697,14 +4702,14 @@ class EventsController extends AppController {
|
|||
|
||||
public function toggleCorrelation($id) {
|
||||
if (!$this->_isSiteAdmin() && Configure.read('MISP.allow_disabling_correlation')) {
|
||||
throw new MethodNotAllowedException('Disabling the correlation is not permitted on this instance.');
|
||||
throw new MethodNotAllowedException(__('Disabling the correlation is not permitted on this instance.'));
|
||||
}
|
||||
$this->Event->id = $id;
|
||||
if (!$this->Event->exists()) {
|
||||
throw new NotFoundException('Invalid Event.');
|
||||
throw new NotFoundException(__('Invalid Event.'));
|
||||
}
|
||||
if (!$this->Auth->user('Role')['perm_modify']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permission to do that.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permission to do that.'));
|
||||
}
|
||||
$conditions = array('Event.id' => $id);
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
|
@ -4715,10 +4720,10 @@ class EventsController extends AppController {
|
|||
'recursive' => -1
|
||||
));
|
||||
if (empty($event)) {
|
||||
throw new NotFoundException('Invalid Event.');
|
||||
throw new NotFoundException(__('Invalid Event.'));
|
||||
}
|
||||
if (!$this->Auth->user('Role')['perm_modify_org'] && $this->Auth->user('id') != $event['Event']['user_id']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permission to do that.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permission to do that.'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
if ($event['Event']['disable_correlation']) {
|
||||
|
@ -4751,11 +4756,11 @@ class EventsController extends AppController {
|
|||
public function checkPublishedStatus($id) {
|
||||
$event = $this->Event->fetchEvent($this->Auth->user(), array('metadata' => 1, 'eventid' => $id));
|
||||
if (empty($event)) {
|
||||
throw new NotFoundException('Invalid event');
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
}
|
||||
return new CakeResponse(array('body'=> h($event[0]['Event']['published']), 'status'=>200, 'type' => 'txt'));
|
||||
}
|
||||
|
||||
// #TODO i18n
|
||||
public function pushEventToZMQ($id) {
|
||||
if ($this->request->is('Post')) {
|
||||
if (Configure::read('Plugin.ZeroMQ_enable')) {
|
||||
|
@ -4784,7 +4789,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
|
||||
public function getEventInfoById($id) {
|
||||
if (empty($id)) throw new MethodNotAllowedException('Invalid ID.');
|
||||
if (empty($id)) throw new MethodNotAllowedException(__('Invalid ID.'));
|
||||
$conditions = array('Event.id' => $id);
|
||||
if (Validation::uuid($id)) {
|
||||
$conditions = array('Event.uuid' => $id);
|
||||
|
@ -4830,7 +4835,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
$event = $this->Event->find('first', array('conditions' => $conditions, 'recursive' => -1));
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && ($this->Auth->user('org_id') != $event['Event']['orgc_id'] || !$this->userRole['perm_modify']))) {
|
||||
throw new MethodNotAllowedException('Invalid Event');
|
||||
throw new MethodNotAllowedException(__('Invalid Event'));
|
||||
}
|
||||
$this->Event->insertLock($this->Auth->user(), $event['Event']['id']);
|
||||
if ($this->request->is('post')) {
|
||||
|
@ -4882,6 +4887,7 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
}
|
||||
// TODO: i18n
|
||||
if (!empty($locks)) {
|
||||
$message = sprintf('Warning: Your view on this event might not be up to date as it is currently being edited by: %s', implode(', ', $locks));
|
||||
$this->set('message', $message);
|
||||
|
@ -4901,7 +4907,7 @@ class EventsController extends AppController {
|
|||
'conditions' => array('Event.uuid' => $id),
|
||||
'fields' => array('Event.id', 'Event.uuid', 'Event.orgc_id')
|
||||
));
|
||||
if ($event == null) throw new NotFoundException('Invalid event');
|
||||
if ($event == null) throw new NotFoundException(__('Invalid event'));
|
||||
$id = $event['Event']['id'];
|
||||
} else if (!is_numeric($id)) {
|
||||
throw new NotFoundException(__('Invalid event'));
|
||||
|
|
|
@ -22,7 +22,7 @@ class FeedsController extends AppController {
|
|||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
$this->Security->unlockedActions = array('previewIndex');
|
||||
if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException('You don\'t have the required privileges to do that.');
|
||||
if (!$this->_isSiteAdmin()) throw new MethodNotAllowedException(__('You don\'t have the required privileges to do that.'));
|
||||
}
|
||||
|
||||
public function index() {
|
||||
|
@ -205,7 +205,7 @@ class FeedsController extends AppController {
|
|||
|
||||
public function edit($feedId) {
|
||||
$this->Feed->id = $feedId;
|
||||
if (!$this->Feed->exists()) throw new NotFoundException('Invalid feed.');
|
||||
if (!$this->Feed->exists()) throw new NotFoundException(__('Invalid feed.'));
|
||||
$this->Feed->read();
|
||||
$this->loadModel('Event');
|
||||
$sgs = $this->Event->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', 1);
|
||||
|
@ -292,9 +292,9 @@ class FeedsController extends AppController {
|
|||
}
|
||||
|
||||
public function delete($feedId) {
|
||||
if (!$this->request->is('post')) throw new MethodNotAllowedException('This action requires a post request.');
|
||||
if (!$this->request->is('post')) throw new MethodNotAllowedException(__('This action requires a post request.'));
|
||||
$this->Feed->id = $feedId;
|
||||
if (!$this->Feed->exists()) throw new NotFoundException('Invalid feed.');
|
||||
if (!$this->Feed->exists()) throw new NotFoundException(__('Invalid feed.'));
|
||||
if ($this->Feed->delete($feedId)) {
|
||||
$message = 'Feed deleted.';
|
||||
if ($this->_isRest()) {
|
||||
|
@ -313,13 +313,13 @@ class FeedsController extends AppController {
|
|||
|
||||
public function fetchFromFeed($feedId) {
|
||||
$this->Feed->id = $feedId;
|
||||
if (!$this->Feed->exists()) throw new NotFoundException('Invalid feed.');
|
||||
if (!$this->Feed->exists()) throw new NotFoundException(__('Invalid feed.'));
|
||||
$this->Feed->read();
|
||||
if (!empty($this->Feed->data['Feed']['settings'])) {
|
||||
$this->Feed->data['Feed']['settings'] = json_decode($this->Feed->data['Feed']['settings'], true);
|
||||
}
|
||||
if (!$this->Feed->data['Feed']['enabled']) {
|
||||
$this->Flash->info('Feed is currently not enabled. Make sure you enable it.');
|
||||
$this->Flash->info(__('Feed is currently not enabled. Make sure you enable it.'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
if (Configure::read('MISP.background_jobs')) {
|
||||
|
@ -332,7 +332,7 @@ class FeedsController extends AppController {
|
|||
'status' => 0,
|
||||
'retries' => 0,
|
||||
'org' => $this->Auth->user('Organisation')['name'],
|
||||
'message' => 'Starting fetch from Feed.',
|
||||
'message' => __('Starting fetch from Feed.'),
|
||||
);
|
||||
$this->Job->save($data);
|
||||
$jobId = $this->Job->id;
|
||||
|
@ -343,18 +343,18 @@ class FeedsController extends AppController {
|
|||
true
|
||||
);
|
||||
$this->Job->saveField('process_id', $process_id);
|
||||
$message = 'Pull queued for background execution.';
|
||||
$message = __('Pull queued for background execution.');
|
||||
} else {
|
||||
$result = $this->Feed->downloadFromFeedInitiator($feedId, $this->Auth->user());
|
||||
if (!$result) {
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->viewData(array('result' => 'Fetching the feed has failed.'), $this->response->type());
|
||||
return $this->RestResponse->viewData(array('result' => __('Fetching the feed has failed.')), $this->response->type());
|
||||
} else {
|
||||
$this->Flash->error('Fetching the feed has failed.');
|
||||
$this->Flash->error(__('Fetching the feed has failed.'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
}
|
||||
$message = 'Fetching the feed has successfuly completed.';
|
||||
$message = __('Fetching the feed has successfuly completed.');
|
||||
if ($this->Feed->data['Feed']['source_format'] == 'misp') {
|
||||
if (isset($result['add'])) $message['result'] .= ' Downloaded ' . count($result['add']) . ' new event(s).';
|
||||
if (isset($result['edit'])) $message['result'] .= ' Updated ' . count($result['edit']) . ' event(s).';
|
||||
|
@ -393,7 +393,7 @@ class FeedsController extends AppController {
|
|||
'status' => 0,
|
||||
'retries' => 0,
|
||||
'org' => $this->Auth->user('Organisation')['name'],
|
||||
'message' => 'Starting fetch from Feed.',
|
||||
'message' => __('Starting fetch from Feed.'),
|
||||
);
|
||||
$this->Job->save($data);
|
||||
$jobId = $this->Job->id;
|
||||
|
@ -410,7 +410,7 @@ class FeedsController extends AppController {
|
|||
if (!$result) {
|
||||
continue;
|
||||
}
|
||||
$message = 'Fetching the feed has successfuly completed.';
|
||||
$message = __('Fetching the feed has successfully completed.');
|
||||
if ($this->Feed->data['Feed']['source_format'] == 'misp') {
|
||||
if (isset($result['add'])) $message['result'] .= ' Downloaded ' . count($result['add']) . ' new event(s).';
|
||||
if (isset($result['edit'])) $message['result'] .= ' Updated ' . count($result['edit']) . ' event(s).';
|
||||
|
@ -423,30 +423,30 @@ class FeedsController extends AppController {
|
|||
|
||||
public function getEvent($feedId, $eventUuid, $all = false) {
|
||||
$this->Feed->id = $feedId;
|
||||
if (!$this->Feed->exists()) throw new NotFoundException('Invalid feed.');
|
||||
if (!$this->Feed->exists()) throw new NotFoundException(__('Invalid feed.'));
|
||||
$this->Feed->read();
|
||||
if (!$this->Feed->data['Feed']['enabled']) {
|
||||
$this->Flash->info('Feed is currently not enabled. Make sure you enable it.');
|
||||
$this->Flash->info(__('Feed is currently not enabled. Make sure you enable it.'));
|
||||
$this->redirect(array('action' => 'previewIndex', $feedId));
|
||||
}
|
||||
$result = $this->Feed->downloadAndSaveEventFromFeed($this->Feed->data, $eventUuid, $this->Auth->user());
|
||||
if (isset($result['action'])) {
|
||||
if ($result['result']) {
|
||||
if ($result['action'] == 'add') $this->Flash->success('Event added.');
|
||||
if ($result['action'] == 'add') $this->Flash->success(__('Event added.'));
|
||||
else {
|
||||
if ($result['result'] === 'No change') $this->Flash->info('Event already up to date.');
|
||||
else $this->Flash->success('Event updated.');
|
||||
if ($result['result'] === 'No change') $this->Flash->info(__('Event already up to date.'));
|
||||
else $this->Flash->success(__('Event updated.'));
|
||||
}
|
||||
} else {
|
||||
$this->Flash->error('Could not ' . $result['action'] . ' event.');
|
||||
$this->Flash->error(__('Could not %s event.', $result['action']));
|
||||
}
|
||||
} else $this->Flash->error('Download failed.');
|
||||
} else $this->Flash->error(__('Download failed.'));
|
||||
$this->redirect(array('action' => 'previewIndex', $feedId));
|
||||
}
|
||||
|
||||
public function previewIndex($feedId) {
|
||||
$this->Feed->id = $feedId;
|
||||
if (!$this->Feed->exists()) throw new NotFoundException('Invalid feed.');
|
||||
if (!$this->Feed->exists()) throw new NotFoundException(__('Invalid feed.'));
|
||||
$this->Feed->read();
|
||||
if (!empty($this->Feed->data['Feed']['settings'])) {
|
||||
$this->Feed->data['Feed']['settings'] = json_decode($this->Feed->data['Feed']['settings'], true);
|
||||
|
@ -497,7 +497,7 @@ class FeedsController extends AppController {
|
|||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->viewData($events, $this->response->type());
|
||||
}
|
||||
if (isset($events['code'])) throw new NotFoundException('Feed could not be fetched. The HTTP error code returned was: ' .$events['code']);
|
||||
if (isset($events['code'])) throw new NotFoundException(__('Feed could not be fetched. The HTTP error code returned was: ', $events['code']));
|
||||
$pageCount = count($events);
|
||||
App::uses('CustomPaginationTool', 'Tools');
|
||||
$customPagination = new CustomPaginationTool();
|
||||
|
@ -529,7 +529,7 @@ class FeedsController extends AppController {
|
|||
$urlparams = '';
|
||||
App::uses('SyncTool', 'Tools');
|
||||
$syncTool = new SyncTool();
|
||||
if (!in_array($feed['Feed']['source_format'], array('freetext', 'csv'))) throw new MethodNotAllowedException('Invalid feed type.');
|
||||
if (!in_array($feed['Feed']['source_format'], array('freetext', 'csv'))) throw new MethodNotAllowedException(__('Invalid feed type.'));
|
||||
$HttpSocket = $syncTool->setupHttpSocketFeed($feed);
|
||||
$params = array();
|
||||
// params is passed as reference here, the pagination happens in the method, which isn't ideal but considering the performance gains here it's worth it
|
||||
|
@ -574,7 +574,7 @@ class FeedsController extends AppController {
|
|||
else $currentPage = 1;
|
||||
App::uses('SyncTool', 'Tools');
|
||||
$syncTool = new SyncTool();
|
||||
if ($feed['Feed']['source_format'] != 'csv') throw new MethodNotAllowedException('Invalid feed type.');
|
||||
if ($feed['Feed']['source_format'] != 'csv') throw new MethodNotAllowedException(__('Invalid feed type.'));
|
||||
$HttpSocket = $syncTool->setupHttpSocketFeed($feed);
|
||||
$resultArray = $this->Feed->getFreetextFeed($feed, $HttpSocket, $feed['Feed']['source_format'], $currentPage);
|
||||
// we want false as a valid option for the split fetch, but we don't want it for the preview
|
||||
|
@ -600,7 +600,7 @@ class FeedsController extends AppController {
|
|||
|
||||
public function previewEvent($feedId, $eventUuid, $all = false) {
|
||||
$this->Feed->id = $feedId;
|
||||
if (!$this->Feed->exists()) throw new NotFoundException('Invalid feed.');
|
||||
if (!$this->Feed->exists()) throw new NotFoundException(__('Invalid feed.'));
|
||||
$this->Feed->read();
|
||||
$event = $this->Feed->downloadEventFromFeed($this->Feed->data, $eventUuid, $this->Auth->user());
|
||||
if ($this->_isRest()) {
|
||||
|
@ -627,8 +627,8 @@ class FeedsController extends AppController {
|
|||
$threat_levels = $this->Event->ThreatLevel->find('all');
|
||||
$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
|
||||
} else {
|
||||
if ($event === 'blocked') throw new MethodNotAllowedException('This event is blocked by the Feed filters.');
|
||||
else throw new NotFoundException('Could not download the selected Event');
|
||||
if ($event === 'blocked') throw new MethodNotAllowedException(__('This event is blocked by the Feed filters.'));
|
||||
else throw new NotFoundException(__('Could not download the selected Event'));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -659,9 +659,9 @@ class FeedsController extends AppController {
|
|||
}
|
||||
|
||||
private function __toggleEnable($id, $enable = true) {
|
||||
if (!is_numeric($id)) throw new MethodNotAllowedException('Invalid Feed.');
|
||||
if (!is_numeric($id)) throw new MethodNotAllowedException(__('Invalid Feed.'));
|
||||
$this->Feed->id = $id;
|
||||
if (!$this->Feed->exists()) throw new MethodNotAllowedException('Invalid Feed.');
|
||||
if (!$this->Feed->exists()) throw new MethodNotAllowedException(__('Invalid Feed.'));
|
||||
$feed = $this->Feed->find('first', array(
|
||||
'conditions' => array('Feed.id' => $id),
|
||||
'recursive' => -1
|
||||
|
@ -680,11 +680,11 @@ class FeedsController extends AppController {
|
|||
|
||||
public function fetchSelectedFromFreetextIndex($id) {
|
||||
if (!$this->request->is('Post')) {
|
||||
throw new MethodNotAllowedException('Only POST requests are allowed.');
|
||||
throw new MethodNotAllowedException(__('Only POST requests are allowed.'));
|
||||
}
|
||||
$this->Feed->id = $id;
|
||||
if (!$this->Feed->exists()) {
|
||||
throw new NotFoundException('Feed not found.');
|
||||
throw new NotFoundException(__('Feed not found.'));
|
||||
}
|
||||
$feed = $this->Feed->read();
|
||||
if (!empty($feed['Feed']['settings'])) {
|
||||
|
@ -693,9 +693,9 @@ class FeedsController extends AppController {
|
|||
$data = json_decode($this->request->data['Feed']['data'], true);
|
||||
$result = $this->Feed->saveFreetextFeedData($feed, $data, $this->Auth->user());
|
||||
if ($result === true) {
|
||||
$this->Flash->success('Data pulled.');
|
||||
$this->Flash->success(__('Data pulled.'));
|
||||
} else {
|
||||
$this->Flash->error('Could not pull the selected data. Reason: ' . $result);
|
||||
$this->Flash->error(__('Could not pull the selected data. Reason: %s', $result));
|
||||
}
|
||||
$this->redirect(array('controller' => 'feeds', 'action' => 'index'));
|
||||
}
|
||||
|
@ -711,7 +711,7 @@ class FeedsController extends AppController {
|
|||
'status' => 0,
|
||||
'retries' => 0,
|
||||
'org' => $this->Auth->user('Organisation')['name'],
|
||||
'message' => 'Starting feed caching.',
|
||||
'message' => __('Starting feed caching.'),
|
||||
);
|
||||
$this->Job->save($data);
|
||||
$jobId = $this->Job->id;
|
||||
|
@ -726,10 +726,10 @@ class FeedsController extends AppController {
|
|||
} else {
|
||||
$result = $this->Feed->cacheFeedInitiator($this->Auth->user(), false, $scope);
|
||||
if (!$result) {
|
||||
$this->Flash->error('Caching the feeds has failed.');
|
||||
$this->Flash->error(__('Caching the feeds has failed.'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
$message = 'Caching the feeds has successfuly completed.';
|
||||
$message = __('Caching the feeds has successfully completed.');
|
||||
}
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->saveSuccessResponse('Feed', 'cacheFeed', false, $this->response->type(), $message);
|
||||
|
@ -755,7 +755,7 @@ class FeedsController extends AppController {
|
|||
try {
|
||||
$feedIds = json_decode($feedList, true);
|
||||
} catch (Exception $e) {
|
||||
$this->Flash->error('Invalid feed list received.');
|
||||
$this->Flash->error(__('Invalid feed list received.'));
|
||||
$this->redirect(array('controller' => 'feeds', 'action' => 'index'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
|
|
|
@ -23,7 +23,7 @@ class ObjectsController extends AppController {
|
|||
|
||||
public function revise_object($action, $event_id, $template_id, $object_id = false) {
|
||||
if (!$this->request->is('post') && !$this->request->is('put')) {
|
||||
throw new MethodNotAllowedException('This action can only be reached via POST requests');
|
||||
throw new MethodNotAllowedException(__('This action can only be reached via POST requests'));
|
||||
}
|
||||
$this->request->data = $this->MispObject->attributeCleanup($this->request->data);
|
||||
$eventFindParams = array(
|
||||
|
@ -40,7 +40,7 @@ class ObjectsController extends AppController {
|
|||
));
|
||||
$event = $this->MispObject->Event->find('first', $eventFindParams);
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
throw new NotFoundException('Invalid event.');
|
||||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$sharing_groups = array();
|
||||
if ($this->request->data['Object']['distribution'] == 4) {
|
||||
|
@ -62,7 +62,7 @@ class ObjectsController extends AppController {
|
|||
$sharing_groups[$sg['SharingGroup']['id']] = $sg;
|
||||
}
|
||||
foreach ($sharing_groups as $k => $sg) {
|
||||
if (empty($sg)) throw new NotFoundException('Invalid sharing group.');
|
||||
if (empty($sg)) throw new NotFoundException(__('Invalid sharing group.'));
|
||||
}
|
||||
$this->set('sharing_groups', $sharing_groups);
|
||||
}
|
||||
|
@ -73,7 +73,7 @@ class ObjectsController extends AppController {
|
|||
'fields' => array('SharingGroup.id', 'SharingGroup.name'),
|
||||
'order' => false
|
||||
));
|
||||
if (empty($sg)) throw new NotFoundException('Invalid sharing group.');
|
||||
if (empty($sg)) throw new NotFoundException(__('Invalid sharing group.'));
|
||||
$this->set('sg', $sg);
|
||||
}
|
||||
$this->set('distributionLevels', $this->MispObject->Attribute->distributionLevels);
|
||||
|
@ -92,7 +92,7 @@ class ObjectsController extends AppController {
|
|||
*/
|
||||
public function add($eventId, $templateId = false, $version = false) {
|
||||
if (!$this->userRole['perm_modify']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permissions to create objects.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permissions to create objects.'));
|
||||
}
|
||||
$eventFindParams = array(
|
||||
'recursive' => -1,
|
||||
|
@ -120,7 +120,7 @@ class ObjectsController extends AppController {
|
|||
}
|
||||
unset($temp);
|
||||
} else {
|
||||
throw new NotFoundException('Invalid template.');
|
||||
throw new NotFoundException(__('Invalid template.'));
|
||||
}
|
||||
}
|
||||
// Find the event that is to be updated
|
||||
|
@ -129,11 +129,11 @@ class ObjectsController extends AppController {
|
|||
} else if (is_numeric($eventId)) {
|
||||
$eventFindParams['conditions']['Event.id'] = $eventId;
|
||||
} else {
|
||||
throw new NotFoundException('Invalid event.');
|
||||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$event = $this->MispObject->Event->find('first', $eventFindParams);
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
throw new NotFoundException('Invalid event.');
|
||||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$eventId = $event['Event']['id'];
|
||||
if (!$this->_isRest()) $this->MispObject->Event->insertLock($this->Auth->user(), $eventId);
|
||||
|
@ -286,7 +286,7 @@ class ObjectsController extends AppController {
|
|||
$conditions = array('Object.id' => $id);
|
||||
}
|
||||
if (!$this->userRole['perm_modify']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permissions to edit objects.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permissions to edit objects.'));
|
||||
}
|
||||
$object = $this->MispObject->find('first', array(
|
||||
'conditions' => $conditions,
|
||||
|
@ -300,7 +300,7 @@ class ObjectsController extends AppController {
|
|||
)
|
||||
));
|
||||
if (empty($object)) {
|
||||
throw new NotFoundException('Invalid object.');
|
||||
throw new NotFoundException(__('Invalid object.'));
|
||||
}
|
||||
$id = $object['Object']['id'];
|
||||
$eventFindParams = array(
|
||||
|
@ -311,7 +311,7 @@ class ObjectsController extends AppController {
|
|||
|
||||
$event = $this->MispObject->Event->find('first', $eventFindParams);
|
||||
if (empty($event) || (!$this->_isSiteAdmin() && $event['Event']['orgc_id'] != $this->Auth->user('org_id'))) {
|
||||
throw new NotFoundException('Invalid object.');
|
||||
throw new NotFoundException(__('Invalid object.'));
|
||||
}
|
||||
if (!$this->_isRest()) $this->MispObject->Event->insertLock($this->Auth->user(), $event['Event']['id']);
|
||||
$template = $this->MispObject->ObjectTemplate->find('first', array(
|
||||
|
@ -402,13 +402,13 @@ class ObjectsController extends AppController {
|
|||
|
||||
public function delete($id, $hard = false) {
|
||||
if (!$this->userRole['perm_modify']) {
|
||||
throw new MethodNotAllowedException('You don\'t have permissions to delete objects.');
|
||||
throw new MethodNotAllowedException(__('You don\'t have permissions to delete objects.'));
|
||||
}
|
||||
$lookupField = 'id';
|
||||
if (Validation::uuid($id)) {
|
||||
$lookupField = 'uuid';
|
||||
} else if (!is_numeric($id)) {
|
||||
throw new NotFoundException('Invalid object.');
|
||||
throw new NotFoundException(__('Invalid object.'));
|
||||
}
|
||||
$object = $this->MispObject->find('first', array(
|
||||
'recursive' => -1,
|
||||
|
@ -419,11 +419,11 @@ class ObjectsController extends AppController {
|
|||
)
|
||||
));
|
||||
if (empty($object)) {
|
||||
throw new NotFoundException('Invalid event.');
|
||||
throw new NotFoundException(__('Invalid event.'));
|
||||
}
|
||||
$eventId = $object['Event']['id'];
|
||||
if (!$this->_isSiteAdmin() && ($object['Event']['orgc_id'] != $this->Auth->user('org_id') || !$this->userRole['perm_modify'])) {
|
||||
throw new UnauthorizedException('You do not have permission to do that.');
|
||||
throw new UnauthorizedException(__('You do not have permission to do that.'));
|
||||
}
|
||||
if (!$this->_isRest()) $this->MispObject->Event->insertLock($this->Auth->user(), $eventId);
|
||||
if ($this->request->is('post')) {
|
||||
|
@ -508,17 +508,17 @@ class ObjectsController extends AppController {
|
|||
)
|
||||
),
|
||||
));
|
||||
if (empty($object)) throw new MethodNotAllowedException('Object not found or not authorised.');
|
||||
if (empty($object)) throw new MethodNotAllowedException(__('Object not found or not authorised.'));
|
||||
|
||||
// check for permissions
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if ($object['Event']['locked']) {
|
||||
if ($this->Auth->user('org_id') != $object['Event']['org_id'] || !$this->userRole['perm_sync']) {
|
||||
throw new MethodNotAllowedException('Object not found or not authorised.');
|
||||
throw new MethodNotAllowedException(__('Object not found or not authorised.'));
|
||||
}
|
||||
} else {
|
||||
if ($this->Auth->user('org_id') != $object['Event']['orgc_id']) {
|
||||
throw new MethodNotAllowedException('Object not found or not authorised.');
|
||||
throw new MethodNotAllowedException(__('Object not found or not authorised.'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -256,7 +256,7 @@ class ShadowAttributesController extends AppController {
|
|||
}
|
||||
} else {
|
||||
if ($this->_isRest()) {
|
||||
throw new MethodNotAllowedException('Could not discard proposal.');
|
||||
throw new MethodNotAllowedException(__('Could not discard proposal.'));
|
||||
} else {
|
||||
$this->autoRender = false;
|
||||
return new CakeResponse(array('body'=> json_encode(array('false' => true, 'errors' => 'Could not discard proposal.')), 'status'=>200, 'type' => 'json'));
|
||||
|
@ -286,10 +286,10 @@ class ShadowAttributesController extends AppController {
|
|||
$this->set('ajax', false);
|
||||
}
|
||||
if (empty($eventId)) {
|
||||
if (empty($event)) throw new NotFoundException('Invalid Event');
|
||||
if (empty($event)) throw new NotFoundException(__('Invalid Event'));
|
||||
}
|
||||
$event = $this->ShadowAttribute->Event->fetchEvent($this->Auth->user(), array('eventid' => $eventId));
|
||||
if (empty($event)) throw new NotFoundException('Invalid Event');
|
||||
if (empty($event)) throw new NotFoundException(__('Invalid Event'));
|
||||
$event = $event[0];
|
||||
|
||||
if ($this->request->is('post')) {
|
||||
|
@ -420,7 +420,7 @@ class ShadowAttributesController extends AppController {
|
|||
foreach ($this->ShadowAttribute->validationErrors as $k => $v) {
|
||||
$message .= '[' . $k . ']: ' . $v[0] . PHP_EOL;
|
||||
}
|
||||
throw new NotFoundException('Could not save the proposal. Errors: ' . $message);
|
||||
throw new NotFoundException(__('Could not save the proposal. Errors: ', $message));
|
||||
} else {
|
||||
$this->Flash->error(__('The proposal could not be saved. Please, try again.'));
|
||||
}
|
||||
|
@ -465,7 +465,7 @@ class ShadowAttributesController extends AppController {
|
|||
'contain' => array('Event' => array('fields' => array('Event.org_id', 'Event.distribution', 'Event.id'))),
|
||||
'conditions' => array('ShadowAttribute.id' => $id)
|
||||
));
|
||||
if (!$this->ShadowAttribute->Event->checkIfAuthorised($this->Auth->user(), $sa['Event']['id'])) throw new UnauthorizedException('You do not have the permission to view this event.');
|
||||
if (!$this->ShadowAttribute->Event->checkIfAuthorised($this->Auth->user(), $sa['Event']['id'])) throw new UnauthorizedException(__('You do not have the permission to view this event.'));
|
||||
$this->__downloadAttachment($sa['ShadowAttribute']);
|
||||
}
|
||||
|
||||
|
@ -490,7 +490,7 @@ class ShadowAttributesController extends AppController {
|
|||
|
||||
public function add_attachment($eventId = null) {
|
||||
$event = $this->ShadowAttribute->Event->fetchEvent($this->Auth->user(), array('eventid' => $eventId));
|
||||
if (empty($event)) throw new NotFoundException('Invalid Event');
|
||||
if (empty($event)) throw new NotFoundException(__('Invalid Event'));
|
||||
$event = $event[0];
|
||||
|
||||
if ($this->request->is('post')) {
|
||||
|
@ -503,7 +503,7 @@ class ShadowAttributesController extends AppController {
|
|||
(!empty( $this->request->data['ShadowAttribute']['value']['tmp_name']) && $this->request->data['ShadowAttribute']['value']['tmp_name'] != 'none')
|
||||
) {
|
||||
if (!is_uploaded_file($tmpfile->path))
|
||||
throw new InternalErrorException('PHP says file was not uploaded. Are you attacking me?');
|
||||
throw new InternalErrorException(__('PHP says file was not uploaded. Are you attacking me?'));
|
||||
} else {
|
||||
$this->Flash->error(__('There was a problem to upload the file.', true));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['ShadowAttribute']['event_id']));
|
||||
|
@ -624,7 +624,7 @@ class ShadowAttributesController extends AppController {
|
|||
'conditions' => array('Attribute.id' => $id),
|
||||
'flatten' => 1
|
||||
));
|
||||
if (empty($existingAttribute)) throw new MethodNotAllowedException('Invalid Attribute.');
|
||||
if (empty($existingAttribute)) throw new MethodNotAllowedException(__('Invalid Attribute.'));
|
||||
$existingAttribute = $existingAttribute[0];
|
||||
|
||||
// Check if the attribute is an attachment, if yes, block the type and the value fields from being edited.
|
||||
|
@ -668,7 +668,7 @@ class ShadowAttributesController extends AppController {
|
|||
$validChangeMade = true;
|
||||
}
|
||||
}
|
||||
if (!$validChangeMade) throw new MethodNotAllowedException('Invalid input.');
|
||||
if (!$validChangeMade) throw new MethodNotAllowedException(__('Invalid input.'));
|
||||
$this->request->data['ShadowAttribute']['org_id'] = $this->Auth->user('org_id');
|
||||
$this->request->data['ShadowAttribute']['email'] = $this->Auth->user('email');
|
||||
if ($this->ShadowAttribute->save($this->request->data)) {
|
||||
|
@ -697,7 +697,7 @@ class ShadowAttributesController extends AppController {
|
|||
foreach ($this->ShadowAttribute->validationErrors as $k => $v) {
|
||||
$message .= '[' . $k . ']: ' . $v[0] . PHP_EOL;
|
||||
}
|
||||
throw new NotFoundException('Could not save the proposal. Errors: ' . $message);
|
||||
throw new NotFoundException(__('Could not save the proposal. Errors: ', $message));
|
||||
} else {
|
||||
$this->Flash->error(__('The ShadowAttribute could not be saved. Please, try again.'));
|
||||
}
|
||||
|
@ -756,13 +756,13 @@ class ShadowAttributesController extends AppController {
|
|||
if (strlen($id) == 36) {
|
||||
$this->ShadowAttribute->Event->recursive = -1;
|
||||
$temp = $this->ShadowAttribute->Event->Attribute->find('first', array('recursive' => -1, 'conditions' => array('Attribute.uuid' => $id), 'fields' => array('id')));
|
||||
if ($temp == null) throw new NotFoundException('Invalid attribute');
|
||||
if ($temp == null) throw new NotFoundException(__('Invalid attribute'));
|
||||
$id = $temp['Attribute']['id'];
|
||||
}
|
||||
|
||||
|
||||
$existingAttribute = $this->ShadowAttribute->Event->Attribute->fetchAttributes($this->Auth->user(), array('Attriute.id' => $id));
|
||||
if (empty($existingAttribute)) {
|
||||
throw new NotFoundException('Invalid attribute.');
|
||||
throw new NotFoundException(__('Invalid attribute.'));
|
||||
}
|
||||
|
||||
if ($this->request->is('post')) {
|
||||
|
@ -817,7 +817,7 @@ class ShadowAttributesController extends AppController {
|
|||
),
|
||||
'conditions' => array('AND' => array('ShadowAttribute.id' => $id, $distConditions, 'ShadowAttribute.deleted' => 0))
|
||||
));
|
||||
if (empty($sa)) throw new NotFoundException('Invalid proposal.');
|
||||
if (empty($sa)) throw new NotFoundException(__('Invalid proposal.'));
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if ($sa['ShadowAttribute']['old_id'] != 0 && $sa['Event']['org_id'] != $this->Auth->user('org_id') && $sa['Event']['orgc_id'] != $this->Auth->user('org_id')) {
|
||||
$a = $this->ShadowAttribute->Event->Attribute->find('first', array(
|
||||
|
@ -825,7 +825,7 @@ class ShadowAttributesController extends AppController {
|
|||
'fields' => array('Attribute.id', 'Attribute.distribution'),
|
||||
'conditions' => array('Attribute.id' => $sa['ShadowAttribute']['old_id'], 'Attribute.distribution >' => 0)
|
||||
));
|
||||
if (empty($a)) throw new NotFoundException('Invalid proposal.');
|
||||
if (empty($a)) throw new NotFoundException(__('Invalid proposal.'));
|
||||
}
|
||||
}
|
||||
$this->set('ShadowAttribute', $sa['ShadowAttribute']);
|
||||
|
@ -864,7 +864,7 @@ class ShadowAttributesController extends AppController {
|
|||
),
|
||||
'recursive' => 1
|
||||
));
|
||||
if (empty($temp)) throw new MethodNotAllowedException('No proposals found or invalid event.');
|
||||
if (empty($temp)) throw new MethodNotAllowedException(__('No proposals found or invalid event.'));
|
||||
$proposals = array();
|
||||
foreach ($temp as $proposal) {
|
||||
$proposal['ShadowAttribute']['org'] = $proposal['Org']['name'];
|
||||
|
@ -931,7 +931,7 @@ class ShadowAttributesController extends AppController {
|
|||
if (!$this->_isRest() || !$this->userRole['perm_sync']) {
|
||||
throw new MethodNotAllowedException(__('This feature is only available using the API to Sync users'));
|
||||
}
|
||||
if (!$this->request->is('Post')) throw new MethodNotAllowedException('This feature is only available using POST requests');
|
||||
if (!$this->request->is('Post')) throw new MethodNotAllowedException(__('This feature is only available using POST requests'));
|
||||
$result = array();
|
||||
if (!empty($this->request->data)) {
|
||||
foreach ($this->request->data as $eventUuid) {
|
||||
|
@ -969,7 +969,7 @@ class ShadowAttributesController extends AppController {
|
|||
|
||||
public function fetchEditForm($id, $field = null) {
|
||||
$validFields = array('value', 'comment', 'type', 'category', 'to_ids');
|
||||
if (!isset($field) || !in_array($field, $validFields)) throw new MethodNotAllowedException('Invalid field requested.');
|
||||
if (!isset($field) || !in_array($field, $validFields)) throw new MethodNotAllowedException(__('Invalid field requested.'));
|
||||
$this->loadModel('Attribute');
|
||||
$this->Attribute->id = $id;
|
||||
if (!$this->Attribute->exists()) {
|
||||
|
|
|
@ -261,6 +261,7 @@ class Attribute extends AppModel {
|
|||
//'url-regex' => array('desc' => '', 'default_category' => 'Person', 'to_ids' => 0),
|
||||
);
|
||||
|
||||
// TODO i18n?
|
||||
// definitions of categories
|
||||
public $categoryDefinitions = array(
|
||||
'Internal reference' => array(
|
||||
|
@ -541,7 +542,7 @@ class Attribute extends AppModel {
|
|||
if (in_array($this->data['Attribute']['type'], $compositeTypes)) {
|
||||
$pieces = explode('|', $this->data['Attribute']['value']);
|
||||
if (2 != count($pieces)) {
|
||||
throw new InternalErrorException('Composite type, but value not explodable');
|
||||
throw new InternalErrorException(__('Composite type, but value not explodable'));
|
||||
}
|
||||
$this->data['Attribute']['value1'] = $pieces[0];
|
||||
$this->data['Attribute']['value2'] = $pieces[1];
|
||||
|
@ -630,7 +631,7 @@ class Attribute extends AppModel {
|
|||
$file = new File($filepath);
|
||||
if ($file->exists()) {
|
||||
if (!$file->delete()) {
|
||||
throw new InternalErrorException('Delete of file attachment failed. Please report to administrator.');
|
||||
throw new InternalErrorException(__('Delete of file attachment failed. Please report to administrator.'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -699,6 +700,7 @@ class Attribute extends AppModel {
|
|||
$this->data['Attribute']['timestamp'] = $date->getTimestamp();
|
||||
}
|
||||
// TODO: add explanatory comment
|
||||
// TODO: i18n?
|
||||
$result = $this->runRegexp($this->data['Attribute']['type'], $this->data['Attribute']['value']);
|
||||
if ($result === false) {
|
||||
$this->invalidate('value', 'This value is blocked by a regular expression in the import filters.');
|
||||
|
@ -743,7 +745,7 @@ class Attribute extends AppModel {
|
|||
|
||||
public function maxTextLength($fields) {
|
||||
if (strlen($fields['value']) > 65535) {
|
||||
return 'The entered string is too long and would get truncated. Please consider adding the data as an attachment instead';
|
||||
return __('The entered string is too long and would get truncated. Please consider adding the data as an attachment instead');
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -853,21 +855,21 @@ class Attribute extends AppModel {
|
|||
if (preg_match("#^[0-9a-f]{" . $length . "}$#", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'Checksum has an invalid length or format (expected: ' . $length . ' hexadecimal characters). Please double check the value or select type "other".';
|
||||
$returnValue = __('Checksum has an invalid length or format (expected: %s hexadecimal characters). Please double check the value or select type "other".', $length);
|
||||
}
|
||||
break;
|
||||
case 'tlsh':
|
||||
if (preg_match("#^[0-9a-f]{35,}$#", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'Checksum has an invalid length or format (expected: at least 35 hexadecimal characters). Please double check the value or select type "other".';
|
||||
$returnValue = __('Checksum has an invalid length or format (expected: at least 35 hexadecimal characters). Please double check the value or select type "other".');
|
||||
}
|
||||
break;
|
||||
case 'pehash':
|
||||
if (preg_match("#^[0-9a-f]{40}$#", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'The input doesn\'t match the expected sha1 format (expected: 40 hexadecimal characters). Keep in mind that MISP currently only supports SHA1 for PEhashes, if you would like to get the support extended to other hash types, make sure to create a github ticket about it at https://github.com/MISP/MISP!';
|
||||
$returnValue = __('The input doesn\'t match the expected sha1 format (expected: 40 hexadecimal characters). Keep in mind that MISP currently only supports SHA1 for PEhashes, if you would like to get the support extended to other hash types, make sure to create a github ticket about it at https://github.com/MISP/MISP!');
|
||||
}
|
||||
break;
|
||||
case 'ssdeep':
|
||||
|
@ -875,14 +877,14 @@ class Attribute extends AppModel {
|
|||
$parts = explode(':', $value);
|
||||
if (is_numeric($parts[0])) $returnValue = true;
|
||||
}
|
||||
if (!$returnValue) $returnValue = 'Invalid SSDeep hash. The format has to be blocksize:hash:hash';
|
||||
if (!$returnValue) $returnValue = __('Invalid SSDeep hash. The format has to be blocksize:hash:hash');
|
||||
break;
|
||||
case 'impfuzzy':
|
||||
if (substr_count($value, ':') == 2) {
|
||||
$parts = explode(':', $value);
|
||||
if (is_numeric($parts[0])) $returnValue = true;
|
||||
}
|
||||
if (!$returnValue) $returnValue = 'Invalid impfuzzy format. The format has to be imports:hash:hash';
|
||||
if (!$returnValue) $returnValue = __('Invalid impfuzzy format. The format has to be imports:hash:hash');
|
||||
break;
|
||||
case 'http-method':
|
||||
if (preg_match("#(OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT|PROPFIND|PROPPATCH|MKCOL|COPY|MOVE|LOCK|UNLOCK|VERSION-CONTROL|REPORT|CHECKOUT|CHECKIN|UNCHECKOUT|MKWORKSPACE|UPDATE|LABEL|MERGE|BASELINE-CONTROL|MKACTIVITY|ORDERPATCH|ACL|PATCH|SEARCH)#", $value)) {
|
||||
|
@ -896,7 +898,7 @@ class Attribute extends AppModel {
|
|||
if (preg_match("#^.+\|[0-9a-f]{40}$#", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'The input doesn\'t match the expected filename|sha1 format (expected: filename|40 hexadecimal characters). Keep in mind that MISP currently only supports SHA1 for PEhashes, if you would like to get the support extended to other hash types, make sure to create a github ticket about it at https://github.com/MISP/MISP!';
|
||||
$returnValue = __('The input doesn\'t match the expected filename|sha1 format (expected: filename|40 hexadecimal characters). Keep in mind that MISP currently only supports SHA1 for PEhashes, if you would like to get the support extended to other hash types, make sure to create a github ticket about it at https://github.com/MISP/MISP!');
|
||||
}
|
||||
break;
|
||||
case 'filename|md5':
|
||||
|
@ -914,12 +916,12 @@ class Attribute extends AppModel {
|
|||
if (preg_match("#^.+\|[0-9a-f]{" . $length . "}$#", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'Checksum has an invalid length or format (expected: filename|' . $length . ' hexadecimal characters). Please double check the value or select type "other".';
|
||||
$returnValue = __('Checksum has an invalid length or format (expected: filename|%s hexadecimal characters). Please double check the value or select type "other".', $length);
|
||||
}
|
||||
break;
|
||||
case 'filename|ssdeep':
|
||||
if (substr_count($value, '|') != 1 || !preg_match("#^.+\|.+$#", $value)) {
|
||||
$returnValue = 'Invalid composite type. The format has to be ' . $type . '.';
|
||||
$returnValue = __('Invalid composite type. The format has to be %s.', $type);
|
||||
} else {
|
||||
$composite = explode('|', $value);
|
||||
$value = $composite[1];
|
||||
|
@ -927,14 +929,14 @@ class Attribute extends AppModel {
|
|||
$parts = explode(':', $value);
|
||||
if (is_numeric($parts[0])) $returnValue = true;
|
||||
}
|
||||
if (!$returnValue) $returnValue = 'Invalid SSDeep hash (expected: blocksize:hash:hash).';
|
||||
if (!$returnValue) $returnValue = __('Invalid SSDeep hash (expected: blocksize:hash:hash).');
|
||||
}
|
||||
break;
|
||||
case 'filename|tlsh':
|
||||
if (preg_match("#^.+\|[0-9a-f]{35,}$#", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'Checksum has an invalid length or format (expected: filename|at least 35 hexadecimal characters). Please double check the value or select type "other".';
|
||||
$returnValue = __('Checksum has an invalid length or format (expected: filename|at least 35 hexadecimal characters). Please double check the value or select type "other".');
|
||||
}
|
||||
break;
|
||||
case 'ip-src':
|
||||
|
@ -945,19 +947,19 @@ class Attribute extends AppModel {
|
|||
// [0] = the IP
|
||||
// [1] = the network address
|
||||
if (count($parts) != 2 || (!is_numeric($parts[1]) || !($parts[1] < 129 && $parts[1] > 0))) {
|
||||
$returnValue = 'Invalid CIDR notation value found.';
|
||||
$returnValue = __('Invalid CIDR notation value found.');
|
||||
}
|
||||
$ip = $parts[0];
|
||||
} else {
|
||||
$ip = $value;
|
||||
}
|
||||
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
|
||||
$returnValue = 'IP address has an invalid format.';
|
||||
$returnValue = __('IP address has an invalid format.');
|
||||
}
|
||||
break;
|
||||
case 'port':
|
||||
if (!is_numeric($value) || $value < 1 || $value > 65535) {
|
||||
$returnValue = 'Port numbers have to be positive integers between 1 and 65535.';
|
||||
$returnValue = __('Port numbers have to be positive integers between 1 and 65535.');
|
||||
} else {
|
||||
$returnValue = true;
|
||||
}
|
||||
|
@ -986,7 +988,7 @@ class Attribute extends AppModel {
|
|||
if (preg_match("#^[A-Z0-9.\-_]+\.[A-Z0-9\-]{2,}[\.]?$#i", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = ucfirst($type) . ' name has an invalid format. Please double check the value or select type "other".';
|
||||
$returnValue = ucfirst($type) . __(' name has an invalid format. Please double check the value or select type "other".');
|
||||
}
|
||||
break;
|
||||
case 'hostname|port':
|
||||
|
@ -1003,10 +1005,10 @@ class Attribute extends AppModel {
|
|||
if (filter_var($parts[1], FILTER_VALIDATE_IP)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'IP address has an invalid format.';
|
||||
$returnValue = __('IP address has an invalid format.');
|
||||
}
|
||||
} else {
|
||||
$returnValue = 'Domain name has an invalid format.';
|
||||
$returnValue = __('Domain name has an invalid format.');
|
||||
}
|
||||
break;
|
||||
case 'email-src':
|
||||
|
@ -1019,7 +1021,7 @@ class Attribute extends AppModel {
|
|||
if (preg_match("#^.*\@.*\..*$#i", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'Email address has an invalid format. Please double check the value or select type "other".';
|
||||
$returnValue = __('Email address has an invalid format. Please double check the value or select type "other".');
|
||||
}
|
||||
break;
|
||||
case 'vulnerability':
|
||||
|
@ -1027,7 +1029,7 @@ class Attribute extends AppModel {
|
|||
if (preg_match("#^(CVE-)[0-9]{4}(-)[0-9]{4,}$#", $value)) {
|
||||
$returnValue = true;
|
||||
} else {
|
||||
$returnValue = 'Invalid format. Expected: CVE-xxxx-xxxx...';
|
||||
$returnValue = __('Invalid format. Expected: CVE-xxxx-xxxx...');
|
||||
}
|
||||
break;
|
||||
case 'named pipe':
|
||||
|
@ -1038,7 +1040,7 @@ class Attribute extends AppModel {
|
|||
case 'windows-service-name':
|
||||
case 'windows-service-displayname':
|
||||
if (strlen($value) > 256 || preg_match('#[\\\/]#', $value)) {
|
||||
$returnValue = 'Invalid format. Only values shorter than 256 characters that don\'t include any forward or backward slashes are allowed.';
|
||||
$returnValue = __('Invalid format. Only values shorter than 256 characters that don\'t include any forward or backward slashes are allowed.');
|
||||
} else {
|
||||
$returnValue = true;
|
||||
}
|
||||
|
@ -1150,20 +1152,20 @@ class Attribute extends AppModel {
|
|||
new DateTime($value);
|
||||
$returnValue = true;
|
||||
} catch (Exception $e) {
|
||||
$returnValue = 'Datetime has to be in the ISO 8601 format.';
|
||||
$returnValue = __('Datetime has to be in the ISO 8601 format.');
|
||||
}
|
||||
break;
|
||||
case 'size-in-bytes':
|
||||
case 'counter':
|
||||
if (!is_numeric($value) || $value < 0) {
|
||||
$returnValue = 'The value has to be a number greater or equal 0.';
|
||||
$returnValue = __('The value has to be a number greater or equal 0.');
|
||||
} else {
|
||||
$returnValue = true;
|
||||
}
|
||||
break;
|
||||
case 'targeted-threat-index':
|
||||
if (!is_numeric($value) || $value < 0 || $value > 10) {
|
||||
$returnValue = 'The value has to be a number between 0 and 10.';
|
||||
$returnValue = __('The value has to be a number between 0 and 10.');
|
||||
} else {
|
||||
$returnValue = true;
|
||||
}
|
||||
|
@ -1780,10 +1782,10 @@ class Attribute extends AppModel {
|
|||
|
||||
|
||||
public function hids($user, $type, $tags = '', $from = false, $to = false, $last = false, $jobId = false, $enforceWarninglist = false) {
|
||||
if (empty($user)) throw new MethodNotAllowedException('Could not read user.');
|
||||
if (empty($user)) throw new MethodNotAllowedException(__('Could not read user.'));
|
||||
// check if it's a valid type
|
||||
if ($type != 'md5' && $type != 'sha1' && $type != 'sha256') {
|
||||
throw new UnauthorizedException('Invalid hash type.');
|
||||
throw new UnauthorizedException(__('Invalid hash type.'));
|
||||
}
|
||||
$conditions = array();
|
||||
$typeArray = array($type, 'filename|' . $type);
|
||||
|
@ -1835,7 +1837,7 @@ class Attribute extends AppModel {
|
|||
|
||||
|
||||
public function nids($user, $format, $id = false, $continue = false, $tags = false, $from = false, $to = false, $last = false, $type = false, $enforceWarninglist = false, $includeAllTags = false) {
|
||||
if (empty($user)) throw new MethodNotAllowedException('Could not read user.');
|
||||
if (empty($user)) throw new MethodNotAllowedException(__('Could not read user.'));
|
||||
$eventIds = $this->Event->fetchEventIds($user, $from, $to, $last);
|
||||
|
||||
// If we sent any tags along, load the associated tag names for each attribute
|
||||
|
@ -2273,7 +2275,7 @@ class Attribute extends AppModel {
|
|||
}
|
||||
}
|
||||
} else {
|
||||
if ($element['mandatory']) $errors = 'This field is mandatory.';
|
||||
if ($element['mandatory']) $errors = __('This field is mandatory.');
|
||||
}
|
||||
return array('attributes' => $results, 'errors' => $errors);
|
||||
}
|
||||
|
@ -2604,7 +2606,7 @@ class Attribute extends AppModel {
|
|||
// The archive is password protected using the "infected" password
|
||||
// The contents of the archive will be the actual sample, named <md5> and the original filename in a text file named <md5>.filename.txt
|
||||
public function handleMaliciousBase64($event_id, $original_filename, $base64, $hash_types, $proposal = false) {
|
||||
if (!is_numeric($event_id)) throw new Exception('Something went wrong. Received a non-numeric event ID while trying to create a zip archive of an uploaded malware sample.');
|
||||
if (!is_numeric($event_id)) throw new Exception(__('Something went wrong. Received a non-numeric event ID while trying to create a zip archive of an uploaded malware sample.'));
|
||||
$attachments_dir = Configure::read('MISP.attachments_dir');
|
||||
if (empty($attachments_dir)) {
|
||||
$my_server = ClassRegistry::init('Server');
|
||||
|
|
|
@ -10,7 +10,7 @@ class Role extends AppModel {
|
|||
'name' => array(
|
||||
'unique' => array(
|
||||
'rule' => 'isUnique',
|
||||
'message' => 'A role with this name already exists.'
|
||||
'message' => 'A role with this name already exists.' // TODO i18n?
|
||||
),
|
||||
'valueNotEmpty' => array(
|
||||
'rule' => array('valueNotEmpty'),
|
||||
|
@ -54,6 +54,7 @@ class Role extends AppModel {
|
|||
'publish' => 3
|
||||
);
|
||||
|
||||
// #TODO i18n?
|
||||
public $permFlags = array(
|
||||
'perm_site_admin' => array(
|
||||
'id' => 'RolePermSiteAdmin',
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
'extra' => __(', both local and remote')
|
||||
),
|
||||
'external' => array(
|
||||
'text' => ('Known remote organisations'),
|
||||
'text' => __('Known remote organisations'),
|
||||
'extra' => __(' on other instances')
|
||||
),
|
||||
'local' => array(
|
||||
|
|
|
@ -8,9 +8,9 @@
|
|||
<?php
|
||||
echo $this->element('Users/statisticsMenu');
|
||||
$types = array(
|
||||
'local' => array('selected' => false, 'text' => 'Local organisations'),
|
||||
'external' => array('selected' => false, 'text' => 'Known remote organisations'),
|
||||
'all' => array('selected' => false, 'text' => 'All organisations')
|
||||
'local' => array('selected' => false, 'text' => __('Local organisations')),
|
||||
'external' => array('selected' => false, 'text' => __('Known remote organisations')),
|
||||
'all' => array('selected' => false, 'text' => __('All organisations'))
|
||||
);
|
||||
$types[$scope]['selected'] = true;
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue