mirror of https://github.com/MISP/MISP
Merge branch 'develop' of github.com:MISP/MISP into develop
commit
d91f70377d
|
@ -169,16 +169,24 @@ class AdminShell extends AppShell
|
|||
}
|
||||
}
|
||||
|
||||
# FIXME: Make Taxonomy->update() return a status string on API if successful
|
||||
public function updateTaxonomies()
|
||||
{
|
||||
$this->ConfigLoad->execute();
|
||||
$result = $this->Taxonomy->update();
|
||||
if ($result) {
|
||||
echo 'Taxonomies updated' . PHP_EOL;
|
||||
} else {
|
||||
echo 'Could not update Taxonomies' . PHP_EOL;
|
||||
$successes = count(!empty($result['success']) ? $result['success'] : []);
|
||||
$fails = count(!empty($result['fails']) ? $result['fails'] : []);
|
||||
$message = '';
|
||||
if ($successes == 0 && $fails == 0) {
|
||||
$message = __('All taxonomies are up to date already.');
|
||||
} elseif ($successes == 0 && $fails > 0) {
|
||||
$message = __('Could not update any of the taxonomies.');
|
||||
} elseif ($successes > 0 ) {
|
||||
$message = __('Successfully updated %s taxonomies.', $successes);
|
||||
if ($fails != 0) {
|
||||
$message .= __(' However, could not update %s taxonomies.', $fails);
|
||||
}
|
||||
}
|
||||
echo $message . PHP_EOL;
|
||||
}
|
||||
|
||||
public function updateWarningLists()
|
||||
|
|
|
@ -2714,15 +2714,15 @@ class AttributesController extends AppController
|
|||
} else {
|
||||
$attribute = $attributes[0];
|
||||
}
|
||||
if (!$this->__canModifyTag($attribute, $local)) {
|
||||
$fails++;
|
||||
continue;
|
||||
}
|
||||
$eventId = $attribute['Attribute']['event_id'];
|
||||
$event = $this->Attribute->Event->find('first', array(
|
||||
'conditions' => array('Event.id' => $eventId),
|
||||
'recursive' => -1
|
||||
));
|
||||
if (!$this->__canModifyTag($event, $local)) {
|
||||
$fails++;
|
||||
continue;
|
||||
}
|
||||
if (!$this->_isRest()) {
|
||||
$this->Attribute->Event->insertLock($this->Auth->user(), $eventId);
|
||||
}
|
||||
|
|
|
@ -727,6 +727,7 @@ class ACLComponent extends Component
|
|||
),
|
||||
'eventGraph' => array(
|
||||
'view' => array('*'),
|
||||
'viewPicture' => array('*'),
|
||||
'add' => array('perm_add'),
|
||||
'delete' => array('perm_modify'),
|
||||
)
|
||||
|
|
|
@ -50,6 +50,37 @@ class EventGraphController extends AppController
|
|||
return $this->RestResponse->viewData($eventGraphs, $this->response->type());
|
||||
}
|
||||
|
||||
public function viewPicture($event_id, $graph_id)
|
||||
{
|
||||
$this->loadModel('Event');
|
||||
$event = $this->Event->fetchSimpleEvent($this->Auth->user(), $event_id);
|
||||
if (empty($event)) {
|
||||
throw new NotFoundException('Invalid event');
|
||||
}
|
||||
|
||||
$conditions = [
|
||||
'EventGraph.event_id' => $event['Event']['id'],
|
||||
'EventGraph.org_id' => $this->Auth->user('org_id'),
|
||||
'EventGraph.id' => $graph_id,
|
||||
];
|
||||
$eventGraph = $this->EventGraph->find('first', array(
|
||||
'conditions' => $conditions,
|
||||
'contain' => array(
|
||||
'User' => array(
|
||||
'fields' => array(
|
||||
'User.email'
|
||||
)
|
||||
)
|
||||
)
|
||||
));
|
||||
if (empty($eventGraph)) {
|
||||
throw new MethodNotAllowedException('Invalid event graph');
|
||||
}
|
||||
$eventGraph = $eventGraph;
|
||||
$imageData = $this->EventGraph->getPictureData($eventGraph);
|
||||
return new CakeResponse(array('body' => $imageData, 'type' => 'png'));
|
||||
}
|
||||
|
||||
public function add($event_id = false)
|
||||
{
|
||||
if ($this->request->is('get')) {
|
||||
|
|
|
@ -4252,7 +4252,7 @@ class Attribute extends AppModel
|
|||
'tags' => array('function' => 'set_filter_tags', 'pop' => true),
|
||||
'uuid' => array('function' => 'set_filter_uuid'),
|
||||
'deleted' => array('function' => 'set_filter_deleted'),
|
||||
'timestamp' => array('function' => 'set_filter_timestamp'),
|
||||
'timestamp' => array('function' => 'set_filter_timestamp', 'pop' => true),
|
||||
'attribute_timestamp' => array('function' => 'set_filter_timestamp'),
|
||||
'first_seen' => array('function' => 'set_filter_seen'),
|
||||
'last_seen' => array('function' => 'set_filter_seen'),
|
||||
|
|
|
@ -3077,6 +3077,9 @@ class Event extends AppModel
|
|||
);
|
||||
foreach ($filters[$options['filter']] as $f) {
|
||||
$conditions = $this->Attribute->setTimestampConditions($params[$options['filter']], $conditions, $f);
|
||||
if (!empty($options['pop'])) {
|
||||
unset($params[$options['filter']]);
|
||||
}
|
||||
}
|
||||
}
|
||||
return $conditions;
|
||||
|
|
|
@ -53,4 +53,18 @@ class EventGraph extends AppModel
|
|||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public function getPictureData($eventGraph)
|
||||
{
|
||||
$b64 = str_replace('data:image/png;base64,', '', $eventGraph['EventGraph']['preview_img']);
|
||||
$imageDecoded = base64_decode($b64);
|
||||
$source = imagecreatefromstring($imageDecoded);
|
||||
imagesavealpha($source, true);
|
||||
ob_start();
|
||||
imagepng($source, null, 9);
|
||||
$imageData = ob_get_contents();
|
||||
ob_end_clean();
|
||||
imagedestroy($source);
|
||||
return $imageData;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -5,7 +5,8 @@
|
|||
array(
|
||||
'attributeId' => $attributeId,
|
||||
'tags' => $attributeTags,
|
||||
'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id']),
|
||||
'tagAccess' => ($isSiteAdmin || $mayModify),
|
||||
'localTagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id')),
|
||||
'scope' => 'attribute'
|
||||
)
|
||||
);
|
||||
|
|
|
@ -60,6 +60,7 @@
|
|||
'isSiteAdmin' => false, // prevent add button
|
||||
'isAclTagger' => false,
|
||||
'data' => !empty($object['Galaxy']) ? $object['Galaxy'] : array(),
|
||||
'event' => $object,
|
||||
'target_id' => $object['id'],
|
||||
'target_type' => 'attribute'
|
||||
));
|
||||
|
|
|
@ -143,7 +143,17 @@ $quickEdit = function($fieldName) use ($editScope, $object, $event) {
|
|||
</td>
|
||||
<td class="short">
|
||||
<div class="attributeTagContainer">
|
||||
<?php echo $this->element('ajaxTags', array('attributeId' => $object['id'], 'tags' => $object['AttributeTag'], 'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id']), 'context' => $context, 'scope' => 'attribute', 'tagConflicts' => isset($object['tagConflicts']) ? $object['tagConflicts'] : array())); ?>
|
||||
<?php echo $this->element(
|
||||
'ajaxTags',
|
||||
array('attributeId' => $object['id'],
|
||||
'tags' => $object['AttributeTag'],
|
||||
'tagAccess' => ($isSiteAdmin || $mayModify),
|
||||
'localTagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id')),
|
||||
'context' => $context,
|
||||
'scope' => 'attribute',
|
||||
'tagConflicts' => isset($object['tagConflicts']) ? $object['tagConflicts'] : array()
|
||||
)
|
||||
); ?>
|
||||
</div>
|
||||
</td>
|
||||
<?php
|
||||
|
@ -166,6 +176,7 @@ $quickEdit = function($fieldName) use ($editScope, $object, $event) {
|
|||
'mayModify' => $mayModify,
|
||||
'isAclTagger' => $isAclTagger,
|
||||
'data' => (!empty($object['Galaxy']) ? $object['Galaxy'] : array()),
|
||||
'event' => $event,
|
||||
'target_id' => $object['id'],
|
||||
'target_type' => 'attribute',
|
||||
));
|
||||
|
|
|
@ -110,6 +110,7 @@
|
|||
'mayModify' => false,
|
||||
'isAclTagger' => false,
|
||||
'data' => $galaxies,
|
||||
'event' => $event,
|
||||
'target_id' => $event['Event']['id'],
|
||||
'target_type' => 'event',
|
||||
'static_tags_only' => 1
|
||||
|
@ -127,6 +128,7 @@
|
|||
'event' => $event,
|
||||
'tags' => $event['EventTag'],
|
||||
'tagAccess' => false,
|
||||
'localTagAccess' => false,
|
||||
'missingTaxonomies' => false,
|
||||
'columnised' => true,
|
||||
'static_tags_only' => 1,
|
||||
|
|
|
@ -22,6 +22,7 @@
|
|||
break;
|
||||
}
|
||||
$full = $isAclTagger && $tagAccess && empty($static_tags_only);
|
||||
$fullLocal = $isAclTagger && $localTagAccess && empty($static_tags_only);
|
||||
$host_org_editor = (int)$me['org_id'] === Configure::read('MISP.host_org_id') && $isAclTagger && empty($static_tags_only);
|
||||
$tagData = "";
|
||||
foreach ($tags as $tag) {
|
||||
|
@ -85,7 +86,7 @@
|
|||
);
|
||||
}
|
||||
$span_delete = '';
|
||||
if ($full) {
|
||||
if ($full || ($fullLocal && $tag['Tag']['local'])) {
|
||||
$span_delete = sprintf(
|
||||
'<span class="%s" title="%s" role="%s" tabindex="%s" aria-label="%s" onClick="%s">x</span>',
|
||||
'black-white tag useCursorPointer noPrint',
|
||||
|
@ -121,7 +122,7 @@
|
|||
'<i class="fas fa-globe-americas"></i> +'
|
||||
);
|
||||
}
|
||||
if ($host_org_editor || $full) {
|
||||
if ($full || $fullLocal) {
|
||||
$buttonData[] = sprintf(
|
||||
'<button title="%s" role="button" tabindex="0" aria-label="%s" class="%s" style="%s" onClick="%s">%s</button>',
|
||||
__('Add a local tag'),
|
||||
|
|
|
@ -7,8 +7,15 @@ if (isset($preview) && $preview) {
|
|||
} else {
|
||||
$preview = false;
|
||||
}
|
||||
$tagAccess = ($isSiteAdmin || ($mayModify && $isAclTagger));
|
||||
if (empty($local_tag_off) || !empty($event)) {
|
||||
$localTagAccess = ($isSiteAdmin || ($mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id'))) && $isAclTagger;
|
||||
} else {
|
||||
$localTagAccess = false;
|
||||
}
|
||||
|
||||
$editButtonsEnabled = !(isset($static_tags_only) && $static_tags_only);
|
||||
$editButtonsEnabled = empty($static_tags_only) && $tagAccess;
|
||||
$editButtonsLocalEnabled = empty($static_tags_only) && $localTagAccess && empty($local_tag_off);
|
||||
|
||||
$sortClusters = function (array $clusters) {
|
||||
usort($clusters, function (array $a, array $b) {
|
||||
|
@ -94,7 +101,7 @@ $generatePopover = function (array $cluster) use ($normalizeKey) {
|
|||
<a href="<?= $baseurl ?>/galaxy_clusters/view/<?= h($cluster['id']) ?>" class="black fa fa-search" title="<?= __('View details about this cluster') ?>" aria-label="<?= __('View cluster') ?>"></a>
|
||||
<a href="<?= $baseurl ?>/events/index/searchtag:<?= h($cluster['tag_id']) ?>" class="black fa fa-list" title="<?= __('View all events containing this cluster') ?>" aria-label="<?= __('View all events containing this cluster') ?>"></a>
|
||||
<?php endif ;?>
|
||||
<?php if ($editButtonsEnabled && ($isSiteAdmin || ($mayModify && $isAclTagger))) {
|
||||
<?php if ($editButtonsEnabled || ($editButtonsLocalEnabled && $cluster['local'])) {
|
||||
echo $this->Form->create(false, [
|
||||
'id' => false, // prevent duplicate ids
|
||||
'url' => $baseurl . '/galaxy_clusters/detach/' . ucfirst(h($target_id)) . '/' . h($target_type) . '/' . $cluster['tag_id'],
|
||||
|
@ -115,7 +122,7 @@ echo $this->Form->end();
|
|||
</div>
|
||||
<?php endif; ?>
|
||||
<?php
|
||||
if ($editButtonsEnabled && ($isSiteAdmin || ($mayModify && $isAclTagger))) {
|
||||
if ($editButtonsEnabled) {
|
||||
echo sprintf(
|
||||
'<button class="%s" data-target-type="%s" data-target-id="%s" data-local="false" role="button" tabindex="0" aria-label="' . __('Add new cluster') . '" title="' . __('Add new cluster') . '">%s</button>',
|
||||
'useCursorPointer btn btn-inverse addGalaxy',
|
||||
|
@ -125,11 +132,7 @@ if ($editButtonsEnabled && ($isSiteAdmin || ($mayModify && $isAclTagger))) {
|
|||
);
|
||||
}
|
||||
|
||||
if (
|
||||
$editButtonsEnabled &&
|
||||
(!isset($local_tag_off) || !$local_tag_off) &&
|
||||
($isSiteAdmin || ($isAclTagger && $hostOrgUser))
|
||||
) {
|
||||
if ($editButtonsLocalEnabled) {
|
||||
echo sprintf(
|
||||
'<button class="%s" data-target-type="%s" data-target-id="%s" data-local="true" role="button" tabindex="0" aria-label="' . __('Add new local cluster') . '" title="' . __('Add new local cluster') . '">%s</button>',
|
||||
'useCursorPointer btn btn-inverse addGalaxy',
|
||||
|
|
|
@ -19,6 +19,7 @@
|
|||
'attributeId' => 0,
|
||||
'tags' => $tags,
|
||||
'tagAccess' => false,
|
||||
'localTagAccess' => false,
|
||||
'static_tags_only' => 1,
|
||||
'scope' => isset($field['scope']) ? $field['scope'] : 'event',
|
||||
'hide_global_scope' => isset($field['hide_global_scope']) ? $field['hide_global_scope'] : false
|
||||
|
|
|
@ -7,6 +7,7 @@ echo $this->element('galaxyQuickViewNew', [
|
|||
'mayModify' => $mayModify,
|
||||
'isAclTagger' => $isAclTagger,
|
||||
'data' => $object['Galaxy'],
|
||||
'event' => $object,
|
||||
'target_id' => $scope == 'event' ? $object['Event']['id'] : $object['Attribute']['id'],
|
||||
'target_type' => $scope
|
||||
]);
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
'event' => $event,
|
||||
'tags' => $tags,
|
||||
'tagAccess' => ($isSiteAdmin || $mayModify),
|
||||
'localTagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id')),
|
||||
'tagConflicts' => $tagConflicts
|
||||
));
|
||||
?>
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
if ($fieldData === 'Tag') {
|
||||
echo '<div><span class="blue bold">Tags</span>: ';
|
||||
if (!empty($event['EventTag'])) {
|
||||
echo '<span>' . $this->element('ajaxTags', array('event' => $event, 'tags' => $event['EventTag'], 'static_tags_only' => true)) . '</span>';
|
||||
echo '<span>' . $this->element('ajaxTags', array('event' => $event, 'tags' => $event['EventTag'], 'static_tags_only' => true, 'tagAccess' => false, 'localTagAccess' => false)) . '</span>';
|
||||
}
|
||||
echo '</div>';
|
||||
} else {
|
||||
|
|
|
@ -71,7 +71,8 @@
|
|||
$this->element('ajaxTags', array(
|
||||
'event' => $event,
|
||||
'tags' => $event['Tag'],
|
||||
'tagAccess' => ($isSiteAdmin || $me['org_id'] == $event['Event']['orgc_id']),
|
||||
'tagAccess' => false,
|
||||
'localTagAccess' => false,
|
||||
'static_tags_only' => 1
|
||||
))
|
||||
)
|
||||
|
|
|
@ -105,7 +105,8 @@
|
|||
array(
|
||||
'event' => $event,
|
||||
'tags' => $event['EventTag'],
|
||||
'tagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['orgc_id']),
|
||||
'tagAccess' => ($isSiteAdmin || $mayModify),
|
||||
'localTagAccess' => ($isSiteAdmin || $mayModify || $me['org_id'] == $event['Event']['org_id'] || (int)$me['org_id'] === Configure::read('MISP.host_org_id')),
|
||||
'missingTaxonomies' => $missingTaxonomies,
|
||||
'tagConflicts' => $tagConflicts
|
||||
)
|
||||
|
@ -536,6 +537,7 @@
|
|||
'mayModify' => $mayModify,
|
||||
'isAclTagger' => $isAclTagger,
|
||||
'data' => $event['Galaxy'],
|
||||
'event' => $event,
|
||||
'target_id' => $event['Event']['id'],
|
||||
'target_type' => 'event'
|
||||
]); ?>
|
||||
|
|
|
@ -22,6 +22,7 @@
|
|||
'scope' => 'feed',
|
||||
'tags' => array(array('Tag' => $feed['Tag'])),
|
||||
'tagAccess' => false,
|
||||
'localTagAccess' => false,
|
||||
'static_tags_only' => true
|
||||
)
|
||||
)
|
||||
|
|
|
@ -98,6 +98,7 @@ $tableData[] = [
|
|||
<span class="title-section"><?= __('Galaxies') ?></span>
|
||||
<?= $this->element('galaxyQuickViewNew', [
|
||||
'data' => $event['Galaxy'],
|
||||
'event' => $event,
|
||||
'preview' => true,
|
||||
]); ?>
|
||||
</div>
|
||||
|
|
Loading…
Reference in New Issue