From d4256ad87a83f4f3159ab4a19cb7e5062b459429 Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Wed, 18 Oct 2023 16:45:50 +0200
Subject: [PATCH] fix: [llm test] should work nao

---
 app/Controller/EventReportsController.php |  9 ++++-
 app/Model/Attribute.php                   |  2 +-
 app/Model/EventReport.php                 | 41 +++++++++++++++++++++--
 app/View/EventReports/ajax/sendToLLM.ctp  |  4 +--
 4 files changed, 50 insertions(+), 6 deletions(-)

diff --git a/app/Controller/EventReportsController.php b/app/Controller/EventReportsController.php
index a1553c4e0..9395c1c57 100644
--- a/app/Controller/EventReportsController.php
+++ b/app/Controller/EventReportsController.php
@@ -382,7 +382,7 @@ class EventReportsController extends AppController
             $report = $this->EventReport->fetchIfAuthorized($this->Auth->user(), $reportId, 'edit', true, false);
             if ($this->request->is('post')) {
                 $errors = [];
-                $result = $this->EventReport->sendToLLM($report, $errors);
+                $result = $this->EventReport->sendToLLM($report, $this->Auth->user(), $errors);
                 if ($result !== false) {
                     $successMessage = __('Successfully sent to Event Report %s to LLM', $reportId);
                     return $this->__getSuccessResponseBasedOnContext($successMessage, $result, 'sendToLLM', $reportId);
@@ -551,4 +551,11 @@ class EventReportsController extends AppController
         }
         return $savedReport;
     }
+
+    public function test()
+    {
+        $report = $this->EventReport->find('first', ['conditions' => ['EventReport.id' => 25]]);
+        $errors = [];
+        $this->EventReport->sendToLLM($report, $this->Auth->user(), $errors);
+    }
 }
diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php
index ca2c6658a..2f560c23c 100644
--- a/app/Model/Attribute.php
+++ b/app/Model/Attribute.php
@@ -3547,7 +3547,7 @@ class Attribute extends AppModel
         if (isset($attribute['id'])) {
             $conditions['Attribute.id !='] = $attribute['id'];
         }
-
+        
         return $this->find('first', [
             'recursive' => -1,
             'conditions' => $conditions,
diff --git a/app/Model/EventReport.php b/app/Model/EventReport.php
index 12b032742..ab9c9b087 100644
--- a/app/Model/EventReport.php
+++ b/app/Model/EventReport.php
@@ -962,7 +962,7 @@ class EventReport extends AppModel
         return $report;
     }
 
-    public function sendToLLM($report, &$errors)
+    public function sendToLLM($report, $user, &$errors)
     {
         $syncTool = new SyncTool();
         $config = [];
@@ -985,7 +985,44 @@ class EventReport extends AppModel
                 'x-api-key' => $apiKey,
             ])
         ];
+        
         $response = $HttpSocket->post($url, $data, $request);
-        return $response->body;
+        $data = json_decode($response->body, true);
+/*
+        debug($data);
+        
+        $data = array(
+	'AI_ThreatActor' => 'Sofacy',
+	'AI_AttributedCountry' => 'unknown',
+	'AI_Type' => 'Developments in IT Security',
+	'AI_Motivation' => 'Espionage',
+	'AI_ExecutiveSummary' => 'The Sofacy group, also known as APT28 or Fancy Bear, continues to target government and strategic organizations primarily in North America and Europe. They have recently been using a tool called Zebrocy, delivered via phishing attacks, to cast a wider net within target organizations. They have also been observed leveraging the Dynamic Data Exchange (DDE) exploit technique to deliver different payloads, including the Koadic toolkit. This report provides details on the campaigns and tactics used by the Sofacy group.',
+	'AI_CouldWeBeAffected' => true
+);
+*/
+        
+        if (!empty($data['AI_ExecutiveSummary'])) {
+            $report['EventReport']['content'] = '# Executive Summary' . PHP_EOL . $data['AI_ExecutiveSummary'] . PHP_EOL . PHP_EOL . '# Report' . PHP_EOL . $report['EventReport']['content'];
+        }
+        $this->save($report);
+        $event = $this->Event->find('first', [
+            'conditions' => ['Event.id' => $report['EventReport']['event_id']],
+            'recursive' => -1
+        ]);
+        if (!empty($data['AI_ThreatActor'])) {
+            $tag_id = $this->Event->EventTag->Tag->captureTag(['name' => 'misp-galaxy:threat-actor="' . $data['AI_ThreatActor'] . '"'], $user);
+            $this->Event->EventTag->attachTagToEvent($event['Event']['id'], ['id' => $tag_id]);
+        }
+
+        if (!empty($data['AI_AttributedCountry'])) {
+            $tag_id = $this->Event->EventTag->Tag->captureTag(['name' => 'misp-galaxy:threat-actor-country="' . $data['AI_AttributedCountry'] . '"'], $user);
+            $this->Event->EventTag->attachTagToEvent($event['Event']['id'], ['id' => $tag_id]);
+        }
+
+        if (!empty($data['AI_Motivation'])) {
+            $tag_id = $this->Event->EventTag->Tag->captureTag(['name' => 'misp-galaxy:threat-actor-motivation="' . $data['AI_Motivation'] . '"'], $user);
+            $this->Event->EventTag->attachTagToEvent($event['Event']['id'], ['id' => $tag_id]);
+        }
+        return $report;
     }
 }
diff --git a/app/View/EventReports/ajax/sendToLLM.ctp b/app/View/EventReports/ajax/sendToLLM.ctp
index a1f7219dd..bda8bd92b 100644
--- a/app/View/EventReports/ajax/sendToLLM.ctp
+++ b/app/View/EventReports/ajax/sendToLLM.ctp
@@ -15,7 +15,7 @@ echo $this->element('genericElements/Form/genericForm', array(
 <script>
     function confirmSubmissionToLLM() {
         submitGenericFormInPlace(function(data) {
-            console.log(data)
-        })
+            window.location.reload();
+        });
     }
 </script>
\ No newline at end of file