mirror of https://github.com/MISP/MISP
parent
a982839958
commit
c7a98aa286
|
@ -1,5 +1,7 @@
|
|||
<?php
|
||||
|
||||
App::uses('AppController', 'Controller');
|
||||
|
||||
/**
|
||||
* Logs Controller
|
||||
*
|
||||
|
@ -7,16 +9,20 @@ App::uses('AppController', 'Controller');
|
|||
*/
|
||||
class LogsController extends AppController {
|
||||
|
||||
public $components = array('Security', 'RequestHandler');
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'order' => array(
|
||||
'Log.id' => 'DESC'
|
||||
)
|
||||
public $components = array(
|
||||
'Security',
|
||||
'RequestHandler',
|
||||
'AdminCrud' => array(
|
||||
'crud' => array('index')
|
||||
)
|
||||
);
|
||||
|
||||
public $helpers = array('Js' => array('Jquery'));
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'order' => array(
|
||||
'Log.id' => 'DESC'
|
||||
)
|
||||
);
|
||||
|
||||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
|
@ -42,38 +48,18 @@ class LogsController extends AppController {
|
|||
* @return void
|
||||
*/
|
||||
public function admin_index() {
|
||||
$this->Log->recursive = 0;
|
||||
$this->set('logs', Sanitize::clean($this->paginate()));
|
||||
$this->AdminCrud->adminIndex();
|
||||
$this->set('isSearch', 0);
|
||||
}
|
||||
|
||||
/**
|
||||
* admin_view method
|
||||
*
|
||||
* @param string $id
|
||||
*
|
||||
* @throws NotFoundException
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_view($id = null) {
|
||||
$this->Log->id = $id;
|
||||
if (!$this->Log->exists()) {
|
||||
throw new NotFoundException(__('Invalid log'));
|
||||
}
|
||||
$this->set('log', Sanitize::clean($this->Log->read(null, $id)));
|
||||
}
|
||||
|
||||
public function search() {
|
||||
$this->admin_search();
|
||||
}
|
||||
public $helpers = array('Js' => array('Jquery'));
|
||||
|
||||
public function admin_search() {
|
||||
$fullAddress = array('/admin/logs/search', '/logs/admin_search');
|
||||
|
||||
if (in_array($this->request->here, $fullAddress)) {
|
||||
|
||||
$this->set('actionDefinitions', $this->Log->actionDefinitions);
|
||||
$this->set('actionDefinitions', $this->{$this->defaultModel}->actionDefinitions);
|
||||
|
||||
// reset the paginate_conditions
|
||||
$this->Session->write('paginate_conditions_log', array());
|
||||
|
@ -110,7 +96,7 @@ class LogsController extends AppController {
|
|||
if ($change) {
|
||||
$conditions['Log.change LIKE'] = '%' . $change . '%';
|
||||
}
|
||||
$this->Log->recursive = 0;
|
||||
$this->{$this->defaultModel}->recursive = 0;
|
||||
$this->paginate = array(
|
||||
'limit' => 60,
|
||||
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 logs(?)
|
||||
|
@ -133,11 +119,11 @@ class LogsController extends AppController {
|
|||
|
||||
// combobox for actions
|
||||
$actions = array('' => array('ALL' => 'ALL'), 'actions' => array());
|
||||
$actions['actions'] = array_merge($actions['actions'], $this->_arrayToValuesIndexArray($this->Log->validate['action']['rule'][1]));
|
||||
$actions['actions'] = array_merge($actions['actions'], $this->_arrayToValuesIndexArray($this->{$this->defaultModel}->validate['action']['rule'][1]));
|
||||
$this->set('actions', $actions);
|
||||
}
|
||||
} else {
|
||||
$this->set('actionDefinitions', $this->Log->actionDefinitions);
|
||||
$this->set('actionDefinitions', $this->{$this->defaultModel}->actionDefinitions);
|
||||
|
||||
// get from Session
|
||||
$email = $this->Session->read('paginate_conditions_log_email');
|
||||
|
@ -155,7 +141,7 @@ class LogsController extends AppController {
|
|||
$this->set('isSearch', 1);
|
||||
|
||||
// re-get pagination
|
||||
$this->Log->recursive = 0;
|
||||
$this->{$this->defaultModel}->recursive = 0;
|
||||
$this->paginate = $this->Session->read('paginate_conditions_log');
|
||||
$this->set('logs', Sanitize::clean($this->paginate()));
|
||||
|
||||
|
|
|
@ -1,13 +1,15 @@
|
|||
<?php
|
||||
|
||||
App::uses('AppController', 'Controller');
|
||||
|
||||
/**
|
||||
* Logs Controller
|
||||
* Regexps Controller
|
||||
*
|
||||
* @property Log $Log
|
||||
* @property Regexp $Regexp
|
||||
*/
|
||||
class RegexpController extends AppController {
|
||||
|
||||
public $components = array('Security', 'RequestHandler');
|
||||
public $components = array('Security', 'RequestHandler', 'AdminCrud');
|
||||
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
|
@ -18,11 +20,6 @@ class RegexpController extends AppController {
|
|||
|
||||
public function beforeFilter() {
|
||||
parent::beforeFilter();
|
||||
|
||||
// permit reuse of CSRF tokens on the search page.
|
||||
if ('search' == $this->request->params['action']) {
|
||||
$this->Security->csrfUseOnce = false;
|
||||
}
|
||||
}
|
||||
|
||||
public function isAuthorized($user) {
|
||||
|
@ -34,59 +31,37 @@ class RegexpController extends AppController {
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* admin_add method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_add() {
|
||||
$this->AdminCrud->adminAdd();
|
||||
}
|
||||
|
||||
/**
|
||||
* admin_index method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_index() {
|
||||
$this->Regexp->recursive = 0;
|
||||
$this->set('regexps', Sanitize::clean($this->paginate()));
|
||||
$this->AdminCrud->adminIndex();
|
||||
}
|
||||
|
||||
/**
|
||||
* add method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_add() {
|
||||
if ($this->request->is('post')) {
|
||||
$this->Regexp->create();
|
||||
if ($this->Regexp->save($this->request->data)) {
|
||||
$this->Session->setFlash(__('The regexp has been saved'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else {
|
||||
$this->Session->setFlash(__('The regexp could not be saved. Please, try again.'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* edit method
|
||||
* admin_edit method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_edit($id = null) {
|
||||
$this->Regexp->id = $id;
|
||||
if (!$this->Regexp->exists()) {
|
||||
throw new NotFoundException(__('Invalid whitelist'));
|
||||
}
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
if ($this->Regexp->save($this->request->data)) {
|
||||
$this->Session->setFlash(__('The regexp has been saved'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else {
|
||||
$this->Session->setFlash(__('The regexp could not be saved. Please, try again.'));
|
||||
}
|
||||
} else {
|
||||
$this->request->data = Sanitize::clean($this->Regexp->read(null, $id));
|
||||
}
|
||||
$this->AdminCrud->adminEdit($id);
|
||||
}
|
||||
|
||||
/**
|
||||
* delete method
|
||||
* admin_delete method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
|
@ -94,68 +69,41 @@ class RegexpController extends AppController {
|
|||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_delete($id = null) {
|
||||
if (!$this->request->is('post')) {
|
||||
throw new MethodNotAllowedException();
|
||||
}
|
||||
$this->Regexp->id = $id;
|
||||
if (!$this->Regexp->exists()) {
|
||||
throw new NotFoundException(__('Invalid regexp'));
|
||||
}
|
||||
if ($this->Regexp->delete()) {
|
||||
$this->Session->setFlash(__('Regexp deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
$this->Session->setFlash(__('Regexp was not deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
$this->AdminCrud->adminDelete($id);
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public function admin_clean() {
|
||||
// Attributes.value
|
||||
$deletableAttributes = array();
|
||||
$this->loadModel('Attribute');
|
||||
$attributes = $this->Attribute->find('all', array('recursive' => 0));
|
||||
foreach ($attributes as $attribute) {
|
||||
$result = $this->replaceSpecific($attribute['Attribute']['value']);
|
||||
if (!$result) {
|
||||
$deletableAttributes[] = $attribute['Attribute']['id'];
|
||||
} else {
|
||||
$this->Attribute->save($attribute);
|
||||
}
|
||||
}
|
||||
if (count($deletableAttributes)) {
|
||||
foreach ($deletableAttributes as $event) {
|
||||
$this->Attribute->delete($event);
|
||||
}
|
||||
}
|
||||
|
||||
// Event.info
|
||||
$deletableEvents = array();
|
||||
$this->loadModel('Event');
|
||||
$events = $this->Event->find('all', array('recursive' => 0));
|
||||
foreach ($events as $event) {
|
||||
$result = $this->replaceSpecific($event['Event']['info']);
|
||||
if (!$result) {
|
||||
$deletableEvents[] = $event['Event']['id'];
|
||||
} else {
|
||||
$this->Event->save($event);
|
||||
}
|
||||
}
|
||||
if (count($deletableEvents)) {
|
||||
foreach ($deletableEvents as $event) {
|
||||
$this->Event->delete($event);
|
||||
}
|
||||
}
|
||||
$this->regexpAll('Attribute', 'value');
|
||||
$this->regexpAll('Event', 'info');
|
||||
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
|
||||
public function regexpAll($Model, $Field) {
|
||||
$deletable = array();
|
||||
$this->loadModel($Model);
|
||||
$all = $this->{$Model}->find('all', array('recursive' => -1));
|
||||
foreach ($all as $item) {
|
||||
$result = $this->replaceSpecific($item[$Model][$Field]);
|
||||
if (!$result) {
|
||||
$deletable[] = $item[$Model]['id'];
|
||||
} else {
|
||||
$this->{$Model}->save($item);
|
||||
}
|
||||
}
|
||||
if (count($deletable)) {
|
||||
foreach ($deletable as $item) {
|
||||
$this->{$Model}->delete($item);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function replaceSpecific($origString) {
|
||||
$returnValue = true;
|
||||
$regexp = new Regexp();
|
||||
$allRegexp = $regexp->getAll();
|
||||
$allRegexp = $this->Regexp->find('all'); // TODO REGEXP INIT LOAD ARRAY
|
||||
foreach ($allRegexp as $regexp) {
|
||||
if (strlen($regexp['Regexp']['replacement']) && strlen($regexp['Regexp']['regexp'])) {
|
||||
$origString = preg_replace($regexp['Regexp']['regexp'], $regexp['Regexp']['replacement'], $origString);
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
<?php
|
||||
|
||||
App::uses('AppController', 'Controller');
|
||||
|
||||
/**
|
||||
* Roles Controller
|
||||
*
|
||||
|
@ -17,10 +19,9 @@ class RolesController extends AppController {
|
|||
)
|
||||
),
|
||||
'Security',
|
||||
'Session'
|
||||
'Session', 'AdminCrud'
|
||||
);
|
||||
|
||||
//public $components = array('Security');
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'order' => array(
|
||||
|
@ -33,20 +34,13 @@ class RolesController extends AppController {
|
|||
}
|
||||
|
||||
/**
|
||||
* view method
|
||||
*
|
||||
* @param string $id
|
||||
*
|
||||
* @throws NotFoundException
|
||||
* admin_add method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function view($id = null) {
|
||||
$this->Role->id = $id;
|
||||
if (!$this->Role->exists()) {
|
||||
throw new NotFoundException(__('Invalid role'));
|
||||
}
|
||||
$this->set('role', Sanitize::clean($this->Role->read(null, $id)));
|
||||
public function admin_add() {
|
||||
$this->AdminCrud->adminAdd();
|
||||
$this->set('options', $this->options);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -55,45 +49,7 @@ class RolesController extends AppController {
|
|||
* @return void
|
||||
*/
|
||||
public function admin_index() {
|
||||
$this->Role->recursive = 0;
|
||||
$this->set('roles', Sanitize::clean($this->paginate()));
|
||||
$this->set('options', $this->options);
|
||||
}
|
||||
|
||||
/**
|
||||
* admin_view method
|
||||
*
|
||||
* @param string $id
|
||||
*
|
||||
* @throws NotFoundException
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_view($id = null) {
|
||||
$this->Role->id = $id;
|
||||
if (!$this->Role->exists()) {
|
||||
throw new NotFoundException(__('Invalid role'));
|
||||
}
|
||||
$this->set('role', Sanitize::clean($this->Role->read(null, $id)));
|
||||
}
|
||||
|
||||
/**
|
||||
* admin_add method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_add() {
|
||||
if ($this->request->is('post')) {
|
||||
$this->Role->create();
|
||||
$this->request->data = $this->Role->massageData($this->request->data);
|
||||
if ($this->Role->save($this->request->data)) {
|
||||
$this->saveAcl($this->Role, $this->data['Role']['perm_add'], $this->data['Role']['perm_modify'], $this->data['Role']['perm_publish']); // save to ACL as well
|
||||
$this->Session->setFlash(__('The role has been saved'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else {
|
||||
$this->Session->setFlash(__('The role could not be saved. Please, try again.'));
|
||||
}
|
||||
}
|
||||
$this->AdminCrud->adminIndex();
|
||||
$this->set('options', $this->options);
|
||||
}
|
||||
|
||||
|
@ -101,86 +57,25 @@ class RolesController extends AppController {
|
|||
* admin_edit method
|
||||
*
|
||||
* @param string $id
|
||||
*
|
||||
* @throws NotFoundException
|
||||
*
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_edit($id = null) {
|
||||
$this->Role->id = $id;
|
||||
if (!$this->Role->exists()) {
|
||||
throw new NotFoundException(__('Invalid role'));
|
||||
}
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
$fields = array();
|
||||
$this->request->data = $this->Role->massageData($this->request->data);
|
||||
if ($this->Role->save($this->request->data, true, $fields)) {
|
||||
$this->saveAcl($this->Role, $this->data['Role']['perm_add'], $this->data['Role']['perm_modify'], $this->data['Role']['perm_publish']); // save to ACL as well
|
||||
$this->Session->setFlash(__('The role has been saved'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else {
|
||||
$this->Session->setFlash(__('The role could not be saved. Please, try again.'));
|
||||
}
|
||||
} else {
|
||||
$this->Role->recursive = 0;
|
||||
$this->Role->read(null, $id);
|
||||
$this->request->data = Sanitize::clean($this->Role->data);
|
||||
}
|
||||
$this->AdminCrud->adminEdit($id);
|
||||
$this->set('options', $this->options);
|
||||
}
|
||||
|
||||
/**
|
||||
* admin_delete method
|
||||
*
|
||||
* @param string $id
|
||||
* @param string $id
|
||||
*
|
||||
* @throws MethodNotAllowedException
|
||||
* @throws NotFoundException
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_delete($id = null) {
|
||||
if (!$this->request->is('post')) {
|
||||
throw new MethodNotAllowedException();
|
||||
}
|
||||
$this->Role->id = $id;
|
||||
if (!$this->Role->exists()) {
|
||||
throw new NotFoundException(__('Invalid role'));
|
||||
}
|
||||
if ($this->Role->delete(null, false)) {
|
||||
$this->Session->setFlash(__('Role deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
$this->Session->setFlash(__('Role was not deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
$this->AdminCrud->adminDelete($id);
|
||||
}
|
||||
|
||||
/**
|
||||
* saveAcl method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
*/
|
||||
public function saveAcl($role, $permAdd = false, $permModify = false, $permPublish = false) {
|
||||
// this all could need some 'if-changed then do'
|
||||
|
||||
if ($permAdd) {
|
||||
$this->Acl->allow($role, 'controllers/Events/add');
|
||||
$this->Acl->allow($role, 'controllers/Attributes/add');
|
||||
} else {
|
||||
$this->Acl->deny($role, 'controllers/Events/add');
|
||||
$this->Acl->deny($role, 'controllers/Attributes/add');
|
||||
}
|
||||
if ($permModify) {
|
||||
$this->Acl->allow($role, 'controllers/Events/edit');
|
||||
$this->Acl->allow($role, 'controllers/Attributes/edit');
|
||||
} else {
|
||||
$this->Acl->deny($role, 'controllers/Events/edit');
|
||||
$this->Acl->deny($role, 'controllers/Attributes/edit');
|
||||
}
|
||||
if ($permPublish) {
|
||||
$this->Acl->allow($role, 'controllers/Events/publish');
|
||||
} else {
|
||||
$this->Acl->deny($role, 'controllers/Events/publish');
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,5 +1,7 @@
|
|||
<?php
|
||||
|
||||
App::uses('AppController', 'Controller');
|
||||
|
||||
/**
|
||||
* Whitelists Controller
|
||||
*
|
||||
|
@ -7,18 +9,17 @@ App::uses('AppController', 'Controller');
|
|||
*/
|
||||
class WhitelistsController extends AppController {
|
||||
|
||||
public $XXXcomponents = array('Security', 'RequestHandler');
|
||||
public $components = array(
|
||||
'Acl',
|
||||
'Auth' => array(
|
||||
'authorize' => array(
|
||||
'Actions' => array('actionPath' => 'controllers/Whitelists')
|
||||
)
|
||||
),
|
||||
'Security',
|
||||
'Session'
|
||||
'AdminCrud'
|
||||
);
|
||||
|
||||
//public $components = array('Security');
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'order' => array(
|
||||
|
@ -26,74 +27,50 @@ class WhitelistsController extends AppController {
|
|||
)
|
||||
);
|
||||
|
||||
/**
|
||||
* index method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_index() {
|
||||
$this->Whitelist->recursive = 0;
|
||||
$this->set('whitelists', Sanitize::clean($this->paginate()));
|
||||
public function beforeFilter() { // TODO REMOVE
|
||||
parent::beforeFilter();
|
||||
}
|
||||
|
||||
/**
|
||||
* view method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_view($id = null) {
|
||||
$this->Whitelist->id = $id;
|
||||
if (!$this->Whitelist->exists()) {
|
||||
throw new NotFoundException(__('Invalid whitelist'));
|
||||
public function isAuthorized($user) { // TODO REMOVE
|
||||
// Admins can access everything
|
||||
if (parent::isAuthorized($user)) {
|
||||
return true;
|
||||
}
|
||||
$this->set('whitelist', Sanitize::clean($this->Whitelist->read(null, $id)));
|
||||
// the other pages are allowed by logged in users
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* add method
|
||||
* admin_add method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_add() {
|
||||
if ($this->request->is('post')) {
|
||||
$this->Whitelist->create();
|
||||
if ($this->Whitelist->save($this->request->data)) {
|
||||
$this->Session->setFlash(__('The whitelist has been saved'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else {
|
||||
$this->Session->setFlash(__('The whitelist could not be saved. Please, try again.'));
|
||||
}
|
||||
}
|
||||
$this->AdminCrud->adminAdd();
|
||||
}
|
||||
|
||||
/**
|
||||
* edit method
|
||||
* admin_index method
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function admin_index() {
|
||||
$this->AdminCrud->adminIndex();
|
||||
}
|
||||
|
||||
/**
|
||||
* admin_edit method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_edit($id = null) {
|
||||
$this->Whitelist->id = $id;
|
||||
if (!$this->Whitelist->exists()) {
|
||||
throw new NotFoundException(__('Invalid whitelist'));
|
||||
}
|
||||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
if ($this->Whitelist->save($this->request->data)) {
|
||||
$this->Session->setFlash(__('The whitelist has been saved'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else {
|
||||
$this->Session->setFlash(__('The whitelist could not be saved. Please, try again.'));
|
||||
}
|
||||
} else {
|
||||
$this->request->data = Sanitize::clean($this->Whitelist->read(null, $id));
|
||||
}
|
||||
$this->AdminCrud->adminEdit($id);
|
||||
}
|
||||
|
||||
/**
|
||||
* delete method
|
||||
* admin_delete method
|
||||
*
|
||||
* @param string $id
|
||||
* @return void
|
||||
|
@ -101,18 +78,6 @@ class WhitelistsController extends AppController {
|
|||
* @throws NotFoundException
|
||||
*/
|
||||
public function admin_delete($id = null) {
|
||||
if (!$this->request->is('post')) {
|
||||
throw new MethodNotAllowedException();
|
||||
}
|
||||
$this->Whitelist->id = $id;
|
||||
if (!$this->Whitelist->exists()) {
|
||||
throw new NotFoundException(__('Invalid whitelist'));
|
||||
}
|
||||
if ($this->Whitelist->delete()) {
|
||||
$this->Session->setFlash(__('Whitelist deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
}
|
||||
$this->Session->setFlash(__('Whitelist was not deleted'));
|
||||
$this->redirect(array('action' => 'index'));
|
||||
$this->AdminCrud->adminDelete($id);
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue