MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'develop' of github.com:MISP/MISP into develop

pull/7479/head
iglocska 2021-06-07 14:46:18 +02:00
parent a71aafdeb5 d22fcdae66
commit dd9f00e5e0
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
30 changed files with 7657 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
Pipfile.lock generated
View File

@ -23,18 +23,18 @@
},
"attrs": {
"hashes": [
"sha256:31b2eced602aa8423c2aea9c76a724617ed67cf9513173fd3a4f03e3a929c7e6",
"sha256:832aa3cde19744e49938b91fea06d69ecb9e649c93ba974535d08ad92164f700"
"sha256:149e90d6d8ac20db7a955ad60cf0e6881a3f20d37096140088356da6c716b0b1",
"sha256:ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==20.3.0"
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==21.2.0"
},
"certifi": {
"hashes": [
"sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c",
"sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"
"sha256:2bbf76fd432960138b3ef6dda3dde0544f27cbf8546c458e60baf371917ba9ee",
"sha256:50b1e4f8446b06f41be7dd6338db18e0990601dce795c2b1686458aa7e8fa7d8"
],
"version": "==2020.12.5"
"version": "==2021.5.30"
},
"chardet": {
"hashes": [
@ -72,18 +72,24 @@
"sha256:079f3ae844f38982d156efce585bc540c16a926d4436712cf4baee0cce487a3d",
"sha256:0fbcf5565ac01dff87cbfc0ff323515c823081c5777a9fc7703ff58388c258c3",
"sha256:122fba10466c7bd4178b07dba427aa516286b846b2cbd6f6169141917283aae2",
"sha256:1b38116b6e628118dea5b2186ee6820ab138dbb1e24a13e478490c7db2f326ae",
"sha256:1b7584d421d254ab86d4f0b13ec662a9014397678a7c4265a02a6d7c2b18a75f",
"sha256:26e761ab5b07adf5f555ee82fb4bfc35bf93750499c6c7614bd64d12aaa67927",
"sha256:289e9ca1a9287f08daaf796d96e06cb2bc2958891d7911ac7cae1c5f9e1e0ee3",
"sha256:2a9d50e69aac3ebee695424f7dbd7b8c6d6eb7de2a2eb6b0f6c7db6aa41e02b7",
"sha256:3082c518be8e97324390614dacd041bb1358c882d77108ca1957ba47738d9d59",
"sha256:33bb934a044cf32157c12bfcfbb6649807da20aa92c062ef51903415c704704f",
"sha256:3439c71103ef0e904ea0a1901611863e51f50b5cd5e8654a151740fde5e1cade",
"sha256:36108c73739985979bf302006527cf8a20515ce444ba916281d1c43938b8bb96",
"sha256:39b78571b3b30645ac77b95f7c69d1bffc4cf8c3b157c435a34da72e78c82468",
"sha256:4289728b5e2000a4ad4ab8da6e1db2e093c63c08bdc0414799ee776a3f78da4b",
"sha256:4bff24dfeea62f2e56f5bab929b4428ae6caba2d1eea0c2d6eb618e30a71e6d4",
"sha256:4c61b3a0db43a1607d6264166b230438f85bfed02e8cff20c22e564d0faff354",
"sha256:542d454665a3e277f76954418124d67516c5f88e51a900365ed54a9806122b83",
"sha256:5a0a14e264069c03e46f926be0d8919f4105c1623d620e7ec0e612a2e9bf1c04",
"sha256:5c8c163396cc0df3fd151b927e74f6e4acd67160d6c33304e805b84293351d16",
"sha256:66e575c62792c3f9ca47cb8b6fab9e35bab91360c783d1606f758761810c9791",
"sha256:6f12e1427285008fd32a6025e38e977d44d6382cf28e7201ed10d6c1698d2a9a",
"sha256:74f7d8d439b18fa4c385f3f5dfd11144bb87c1da034a466c5b5577d23a1d9b51",
"sha256:7610b8c31688f0b1be0ef882889817939490a36d0ee880ea562a4e1399c447a1",
"sha256:76fa7b1362d19f8fbd3e75fe2fb7c79359b0af8747e6f7141c338f0bee2f871a",
@ -96,10 +102,14 @@
"sha256:b007cbb845b28db4fb8b6a5cdcbf65bacb16a8bd328b53cbc0698688a68e1caa",
"sha256:bc4313cbeb0e7a416a488d72f9680fffffc645f8a838bd2193809881c67dd106",
"sha256:bccbfc27563652de7dc9bdc595cb25e90b59c5f8e23e806ed0fd623755b6565d",
"sha256:c47ff7e0a36d4efac9fd692cfa33fbd0636674c102e9e8d9b26e1b93a94e7617",
"sha256:c4f05c5a7c49d2fb70223d0d5bcfbe474cf928310ac9fa6a7c6dddc831d0b1d4",
"sha256:cdaf11d2bd275bf391b5308f86731e5194a21af45fbaaaf1d9e8147b9160ea92",
"sha256:ce256aaa50f6cc9a649c51be3cd4ff142d67295bfc4f490c9134d0f9f6d58ef0",
"sha256:d2e35d7bf1c1ac8c538f88d26b396e73dd81440d59c1ef8522e1ea77b345ede4",
"sha256:d916d31fd85b2f78c76400d625076d9124de3e4bda8b016d25a050cc7d603f24",
"sha256:df7c53783a46febb0e70f6b05df2ba104610f2fb0d27023409734a3ecbb78fb2",
"sha256:e1cbd3f19a61e27e011e02f9600837b921ac661f0c40560eefb366e4e4fb275e",
"sha256:efac139c3f0bf4f0939f9375af4b02c5ad83a622de52d6dfa8e438e8e01d0eb0",
"sha256:efd7a09678fd8b53117f6bae4fa3825e0a22b03ef0a932e070c0bdbb3a35e654",
"sha256:f2380a6376dfa090227b663f9678150ef27543483055cc327555fb592c5967e2",
@ -226,11 +236,11 @@
},
"six": {
"hashes": [
"sha256:30639c035cdb23534cd4aa2dd52c3bf48f06e5f4a941509c8bafd8ce11080259",
"sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"
"sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926",
"sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==1.15.0"
"version": "==1.16.0"
},
"stix": {
"hashes": [
@ -253,11 +263,11 @@
},
"urllib3": {
"hashes": [
"sha256:2f4da4594db7e1e110a944bb1b551fdf4e6c136ad42e4234131391e21eb5b0df",
"sha256:e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937"
"sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c",
"sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'",
"version": "==1.26.4"
"version": "==1.26.5"
},
"weakrefmethod": {
"hashes": [

2
app/Controller/AppController.php
View File

@ -25,7 +25,7 @@ class AppController extends Controller
public $helpers = array('OrgImg', 'FontAwesome', 'UserName', 'DataPathCollector');
private $__queryVersion = '129';
private $__queryVersion = '130';
public $pyMispVersion = '2.4.143';
public $phpmin = '7.2';
public $phprec = '7.4';

2
app/Controller/Component/ACLComponent.php
View File

@ -348,6 +348,7 @@ class ACLComponent extends Component
'unpublish' => array('perm_galaxy_editor'),
'updateCluster' => array('perm_galaxy_editor'),
'view' => array('*'),
'viewCyCatRelations' => array('*'),
'viewGalaxyMatrix' => array('*'),
'viewRelations' => array('*'),
'viewRelationTree' => array('*'),
@ -536,6 +537,7 @@ class ACLComponent extends Component
'resetRemoteAuthKey' => array(),
'removeOrphanedCorrelations' => array('perm_site_admin'),
'rest' => array('perm_auth'),
'openapi' => array('*'),
'restartDeadWorkers' => array(),
'restartWorkers' => array(),
'serverSettings' => array(),

6
app/Controller/DashboardsController.php
View File

@ -12,7 +12,7 @@ class DashboardsController extends AppController
public function beforeFilter()
{
parent::beforeFilter();
$this->Security->unlockedActions = array_merge(array('renderWidget', 'updateSettings', 'getForm'), $this->Security->unlockedActions);
$this->Security->unlockedActions = array_merge(array('renderWidget', 'getForm'), $this->Security->unlockedActions);
}
public $paginate = array(
@ -113,14 +113,14 @@ class DashboardsController extends AppController
{
if ($this->request->is('post')) {
$this->UserSetting = ClassRegistry::init('UserSetting');
if (!isset($this->request->data['value'])) {
if (!isset($this->request->data['Dashboard']['value'])) {
throw new InvalidArgumentException(__('No setting data found.'));
}
$data = array(
'UserSetting' => array(
'user_id' => $this->Auth->user('id'),
'setting' => 'dashboard',
'value' => $this->request->data['value']
'value' => $this->request->data['Dashboard']['value']
)
);
$result = $this->UserSetting->setSetting($this->Auth->user(), $data);

27
app/Controller/EventsController.php
View File

@ -41,7 +41,7 @@ class EventsController extends AppController
'proposal' => 0,
'correlation' => 0,
'warning' => 0,
'deleted' => 2,
'deleted' => 0,
'includeRelatedTags' => 0,
'includeDecayScore' => 0,
'toIDS' => 0,
@ -1130,13 +1130,12 @@ class EventsController extends AppController
$conditions['overrideLimit'] = 1;
}
if (isset($filters['deleted'])) {
$conditions['deleted'] = $filters['deleted'] == 2 ? 0 : [0, 1];
if ($filters['deleted'] == 2) { // not-deleted only
$conditions['deleted'] = 0;
} elseif ($filters['deleted'] == 1) { // deleted only
$conditions['deleted'] = 1;
} else { // both
if ($filters['deleted'] == 1) { // both
$conditions['deleted'] = [0, 1];
} elseif ($filters['deleted'] == 0) { // not-deleted only
$conditions['deleted'] = 1;
} else { // only deleted
$conditions['deleted'] = 0;
}
}
if (isset($filters['toIDS']) && $filters['toIDS'] != 0) {
@ -1283,7 +1282,7 @@ class EventsController extends AppController
}
$deleted = 0;
if (isset($filters['deleted'])) {
$deleted = $filters['deleted'] == 2 ? 0 : 1;
$deleted = $filters['deleted'] > 0 ? 1 : 0;
}
$this->set('includeSightingdb', (!empty($filters['includeSightingdb']) && Configure::read('Plugin.Sightings_sighting_db_enable')));
$this->set('deleted', $deleted);
@ -1626,7 +1625,15 @@ class EventsController extends AppController
if (($this->userRole['perm_sync'] && $this->_isRest() && !$this->userRole['perm_site_admin']) && $deleted == 1) {
$conditions['deleted'] = array(0,1);
} else {
$conditions['deleted'] = $deleted == 2 ? array(0,1) : $deleted;
if (is_array($deleted)) {
$conditions['deleted'] = $deleted;
} else if ($deleted == 1) { // both
$conditions['deleted'] = [0, 1];
} elseif ($deleted == 0) { // not-deleted only
$conditions['deleted'] = 0;
} else { // only deleted
$conditions['deleted'] = 1;
}
}
}
if (isset($this->params['named']['toIDS']) && $this->params['named']['toIDS'] != 0) {
@ -1728,7 +1735,7 @@ class EventsController extends AppController
return $this->__restResponse($event);
}
$this->set('deleted', isset($deleted) ? ($deleted == 2 ? 0 : 1) : 0);
$this->set('deleted', isset($deleted) ? ($deleted > 0 ? 1 : 0) : 0);
$this->set('includeRelatedTags', (!empty($this->params['named']['includeRelatedTags'])) ? 1 : 0);
$this->set('includeDecayScore', (!empty($this->params['named']['includeDecayScore'])) ? 1 : 0);

6
app/Controller/FeedsController.php
View File

@ -202,9 +202,6 @@ class FeedsController extends AppController
$tags = $this->Event->EventTag->Tag->find('list', array('fields' => array('Tag.name'), 'order' => array('lower(Tag.name) asc')));
$tags[0] = 'None';
$this->set('tags', $tags);
if (!isset($this->request->data['Feed']['fixed_event'])) {
$this->request->data['Feed']['fixed_event'] = 1;
}
$this->set('orgs', $this->Event->Orgc->find('list', array(
'fields' => array('id', 'name'),
'order' => 'LOWER(name)'
@ -221,6 +218,9 @@ class FeedsController extends AppController
}
}
}
if (!isset($this->request->data['Feed']['fixed_event'])) {
$this->request->data['Feed']['fixed_event'] = 1;
}
$error = false;
if (isset($this->request->data['Feed']['pull_rules'])) {
$this->request->data['Feed']['rules'] = $this->request->data['Feed']['pull_rules'];

12
app/Controller/GalaxyClustersController.php
View File

@ -178,9 +178,6 @@ class GalaxyClustersController extends AppController
$cluster['GalaxyCluster']['tag_count'] = $this->GalaxyCluster->Tag->EventTag->countForTag($tag['Tag']['id'], $this->Auth->user());
$cluster['GalaxyCluster']['tag_id'] = $tag['Tag']['id'];
}
if (Configure::read('Plugin.Cycat_enable')) {
$cluster = $this->GalaxyCluster->getCyCatRelations($cluster);
}
if ($this->_isRest()) {
return $this->RestResponse->viewData($cluster, $this->response->type());
} else {
@ -777,6 +774,15 @@ class GalaxyClustersController extends AppController
}
}
public function viewCyCatRelations($id)
{
$cluster = $this->GalaxyCluster->fetchIfAuthorized($this->Auth->user(), $id, 'view', true, false);
$CyCatRelations = $this->GalaxyCluster->getCyCatRelations($cluster);
$this->set('cluster', $cluster);
$this->set('CyCatRelations', $CyCatRelations);
$this->render('cluster_cycatrelations');
}
public function viewGalaxyMatrix($id)
{
if (!$this->request->is('ajax')) {

3
app/Controller/ServersController.php
View File

@ -2527,4 +2527,7 @@ misp.direct_call(relative_path, body)
$syncFilteringRules = $this->Server->getAvailableSyncFilteringRules($this->Auth->user());
return $this->RestResponse->viewData($syncFilteringRules);
}
public function openapi() {
}
}

25
app/Model/Event.php
View File

@ -1004,17 +1004,28 @@ class Event extends AppModel
private function __prepareForPushToServer($event, $server)
{
if ($event['Event']['distribution'] == 4) {
if (!empty($event['SharingGroup']['SharingGroupServer'])) {
$found = false;
foreach ($event['SharingGroup']['SharingGroupServer'] as $sgs) {
if ($sgs['server_id'] == $server['Server']['id']) {
$found = true;
if (empty($event['SharingGroup']['SharingGroup']['roaming']) && empty($server['Server']['internal'])) {
$serverFound = false;
if (!empty($event['SharingGroup']['SharingGroupServer'])) {
foreach ($event['SharingGroup']['SharingGroupServer'] as $sgs) {
if ($sgs['server_id'] == $server['Server']['id']) {
$serverFound = true;
}
}
}
if (!$found) {
if (!$serverFound) {
return 403;
}
} else if (empty($event['SharingGroup']['roaming'])) {
}
$orgFound = false;
if (!empty($event['SharingGroup']['SharingGroupOrg'])) {
foreach ($event['SharingGroup']['SharingGroupOrg'] as $org) {
if (isset($org['Organisation']) && $org['Organisation']['uuid'] === $server['RemoteOrg']['uuid']) {
$orgFound = true;
}
}
}
if (!$orgFound) {
return 403;
}
}

18
app/Model/GalaxyCluster.php
View File

@ -2136,6 +2136,10 @@ class GalaxyCluster extends AppModel
public function getCyCatRelations($cluster)
{
$CyCatRelations = [];
if (empty(Configure::read('Plugin.CyCat_enable'))) {
return $CyCatRelations;
}
App::uses('SyncTool', 'Tools');
$cycatUrl = empty(Configure::read("Plugin.CyCat_url")) ? 'https://api.cycat.org': Configure::read("Plugin.CyCat_url");
$syncTool = new SyncTool();
@ -2154,17 +2158,19 @@ class GalaxyCluster extends AppModel
if ($response->code === '200') {
$response = $this->HttpSocket->get($cycatUrl . '/relationships/' . $cluster['GalaxyCluster']['uuid'], array(), $request);
if ($response->code === '200') {
$relations = json_decode($response->body);
if (!empty($relations)) {
foreach ($relations as $relation) {
$response = $this->HttpSocket->get($cycatUrl . '/lookup/' . $relation, array(), $request);
$relationUUIDs = json_decode($response->body);
if (!empty($relationUUIDs)) {
foreach ($relationUUIDs as $relationUUID) {
$response = $this->HttpSocket->get($cycatUrl . '/lookup/' . $relationUUID, array(), $request);
if ($response->code === '200') {
$cluster['CyCat'][$relation] = json_decode($response->body, true);
$lookupResult = json_decode($response->body, true);
$lookupResult['uuid'] = $relationUUID;
$CyCatRelations[$relationUUID] = $lookupResult;
}
}
}
}
}
return $cluster;
return $CyCatRelations;
}
}

2
app/Model/Organisation.php
View File

@ -98,7 +98,7 @@ class Organisation extends AppModel
'uuid' => '0',
'contacts' => '',
'local' => true,
'restricted_to_domain' => '[]',
'restricted_to_domain' => [],
'landingpage' => null
);

2
app/Model/Post.php
View File

@ -135,7 +135,7 @@ class Post extends AppModel
'NOT' => ['User.id' => $excludeUsers]
],
'contain' => ['User' => ['fields' => $userFields]],
'group' => ['User.id'], // remove duplicates
'group' => ['User.id', 'Post.id', 'User.email', 'User.gpgkey', 'User.certif_public', 'User.disabled'], // remove duplicates
]);
$orgMembers = array_merge($orgMembers, $temp);

7
app/Model/SharingGroup.php
View File

@ -533,7 +533,7 @@ class SharingGroup extends AppModel
}
}
}
if ($conditional === false) {
if ($conditional === false && empty($server['Server']['internal'])) {
return false;
}
}
@ -618,6 +618,7 @@ class SharingGroup extends AppModel
if ($existingCaptureResult !== true) {
return $existingCaptureResult;
}
$sg_id = $existingSG['SharingGroup']['id'];
$forceUpdate = true;
}
unset($sg['Organisation']);
@ -838,7 +839,7 @@ class SharingGroup extends AppModel
$temp = $this->SharingGroupOrg->find('first', array(
'recursive' => -1,
'conditions' => array(
'sharing_group_id' => $existingSG['SharingGroup']['id'],
'sharing_group_id' => $sg_id,
'org_id' => $sg['SharingGroupOrg'][$k]['org_id']
),
));
@ -891,7 +892,7 @@ class SharingGroup extends AppModel
$temp = $this->SharingGroupServer->find('first', array(
'recursive' => -1,
'conditions' => array(
'sharing_group_id' => $existingSG['SharingGroup']['id'],
'sharing_group_id' => $sg_id,
'server_id' => $sg['SharingGroupServer'][$k]['server_id']
),
));

19
app/View/Dashboards/update_settings.ctp Normal file
View File

@ -0,0 +1,19 @@
<?php
$modelForForm = 'Dashboard';
echo $this->element('genericElements/Form/genericForm', array(
'form' => $this->Form,
'url' => 'updateSettings',
'data' => array(
'title' => __('Add Widget'),
'model' => 'Dashboard',
'fields' => array(
array(
'field' => 'value',
),
),
'submit' => array(
'action' => 'updateSettings',
),
)
));
?>

8
app/View/Elements/Events/View/eventFilteringQueryBuilder.ctp
View File

@ -101,9 +101,9 @@ function triggerEventFilteringTool(hide) {
"id": "deleted",
"label": "Deleted",
"values": {
0: "Both",
1: "Deleted only",
2: "Exclude deleted"
0: "Exclude deleted",
1: "Both",
2: "Deleted only"
}
},
{
@ -314,7 +314,7 @@ function triggerEventFilteringTool(hide) {
{
field: 'deleted',
id: 'deleted',
value: <?php echo isset($filters['deleted']) ? h($filters['deleted']) : 2; ?>
value: <?php echo isset($filters['deleted']) ? h($filters['deleted']) : 0; ?>
},
<?php endif; ?>
<?php if (count($advancedFilteringActiveRules) == 0 || isset($advancedFilteringActiveRules['includeRelatedTags'])): ?>

7
app/View/Elements/eventattributetoolbar.ctp
View File

@ -1,4 +1,7 @@
<?php
if (!empty($this->passedArgs['correlation'])) {
$attributeFilter = 'correlation';
}
$simple_filter_data = array(
array(
'id' => 'filter_all',
@ -32,8 +35,8 @@
'title' => __('Only show correlating attributes'),
'text' => __('Correlation'),
'active' => $attributeFilter == 'correlation',
'onClick' => 'filterAttributes',
'onClickParams' => array('correlation', $event['Event']['id'])
'onClick' => 'toggleBoolFilter',
'onClickParams' => array($urlHere, 'correlation'),
);
$simple_filter_data[] = array(
'id' => 'filter_warning',

17
app/View/Elements/genericElements/SideMenu/side_menu.ctp
View File

@ -1556,6 +1556,23 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
));
}
break;
case 'api':
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'openapi',
'url' => $baseurl . '/servers/openapi',
'text' => __('OpenAPI')
));
if ($isAclAdd) {
if ($canAccess('servers', 'rest')) {
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
'element_id' => 'rest',
'url' => $baseurl . '/servers/rest',
'text' => __('REST client')
));
}
}
break;
}
?>
</ul>

2
app/View/Elements/genericElements/accordion.ctp
View File

@ -13,7 +13,7 @@
</div>',
h($elementId),
h($elementId) . '-collapse',
h($title),
!empty($titleHTML) ? $titleHTML : h($title),
!empty($allowFullscreen) ? '' : sprintf(
'<span class="fas fa-external-link-alt" title="View %s full screen" onclick="event.stopPropagation(); window.location.href=\'%s\';"></span>',
h($title),

20
app/View/Elements/global_menu.ctp
View File

@ -33,11 +33,6 @@
'text' => __('Search Attributes'),
'url' => $baseurl . '/attributes/search'
),
array(
'text' => __('REST client'),
'url' => $baseurl . '/servers/rest',
'requirement' => $canAccess('servers', 'rest'),
),
array(
'type' => 'separator'
),
@ -476,6 +471,21 @@
'url' => $baseurl . '/admin/logs/search'
)
)
),
array(
'type' => 'root',
'text' => __('API'),
'children' => array(
array(
'text' => __('OpenAPI'),
'url' => $baseurl . '/servers/openapi'
),
array(
'text' => __('REST client'),
'url' => $baseurl . '/servers/rest',
'requirement' => $canAccess('servers', 'rest')
)
)
)
);
$menu_right = array(

1
app/View/Events/automation.ctp
View File

@ -3,6 +3,7 @@
?>
<div class="event index">
<h2><?php echo __('Automation');?></h2>
<p class="bold"><?php echo __('Check out the OpenAPI spec of the MISP Automation API <a href="%s">here</a>.', $baseurl . '/servers/openapi');?></p>
<p><?php echo __('Automation functionality is designed to automatically feed other tools and systems with the data in your MISP repository.
To to make this functionality available for automated tools an authentication key is used.');?>
<br /><?php echo __('You can use the <a href="' . $baseurl . '/servers/rest">REST client</a> to test your API queries against your MISP and export the resulting tuned queries as curl or python scripts.');?>

34
app/View/GalaxyClusters/cluster_cycatrelations.ctp Normal file
View File

@ -0,0 +1,34 @@
<?php
$cycatUrl = empty(Configure::read('Plugin.CyCat_url')) ? 'https://api.cycat.org' : Configure::read('Plugin.CyCat_url');
$CyCatRelationsTable = $this->element('/genericElements/IndexTable/index_table', [
'data' => [
'skip_pagination' => true,
'data' => $CyCatRelations,
'fields' => [
[
'name' => __('UUID'),
'class' => 'short',
'data_path' => 'uuid',
'element' => 'links',
'url_params_data_paths' => 'uuid',
'url' => $cycatUrl . '/lookup'
],
[
'name' => __('MITRE CTI Name'),
'class' => 'short',
'data_path' => 'mitre-cti:name',
],
[
'name' => __('MITRE CTI Type'),
'class' => 'short',
'data_path' => 'mitre-cti:type',
],
[
'name' => __('MITRE CTI Description'),
'data_path' => 'mitre-cti:description',
],
],
]
]);
echo $CyCatRelationsTable;
?>

41
app/View/GalaxyClusters/view.ctp
View File

@ -80,32 +80,6 @@ $table_data[] = array('key' => __('Events'), 'html' => isset($cluster['GalaxyClu
):
'<span>0</span>'
);
if (!empty(Configure::read('Plugin.CyCat_enable'))) {
$cycatUrl = empty(Configure::read('Plugin.CyCat_url')) ? 'https://api.cycat.org' : Configure::read('Plugin.CyCat_url');
$cycatHtml = [];
foreach ($cluster['CyCat'] as $relationship_uuid => $relationship_data) {
$temp = '';
unset($relationship_data['raw']);
unset($relationship_data['_cycat_type']);
$relationship_data_massaged = [];
foreach ($relationship_data as $massagedKey => $massagedValue) {
$relationship_data_massaged[] = sprintf(
'%s%s: %s',
PHP_EOL . PHP_EOL,
h($massagedKey),
h($massagedValue)
);
}
$cycatHtml[] = sprintf(
'<a href="%s/lookup/%s" title="%s">%s</a>',
h($cycatUrl),
h($relationship_uuid),
implode($relationship_data_massaged),
h($relationship_uuid)
);
}
$table_data[] = array('key' => __('CyCat relationships'), 'html' => implode('<br />', $cycatHtml));
}
if (!empty($extendedFromHtml)) {
$table_data[] = array('key' => __('Forked From'), 'html' => $extendedFromHtml);
}
@ -128,6 +102,21 @@ if (!empty($extendedByHtml)) {
<div class="row-fuild">
<div id="relations_container"></div>
</div>
<?php
if (!empty(Configure::read('Plugin.CyCat_enable'))) {
$titleHTML = __('CyCat Relationships');
$titleHTML .= sprintf('<a href="%s" onclick="event.stopPropagation()" title="%s" target="_blank"><img src="%s" style="height: 2.5em"/></a>',
'https://cycat.org/',
__('CyCAT or the CYbersecurity Resource CATalogue aims at mapping and documenting, in a single formalism and catalogue all the available cybersecurity tools, rules, playbooks, processes and controls.'),
$baseurl . '/img/CyCat.ico'
);
echo $this->element('/genericElements/accordion', [
'title' => 'CyCat Relationships',
'titleHTML' => $titleHTML,
'url' => '/galaxy_clusters/viewCyCatRelations/' . $cluster['GalaxyCluster']['id']
]);
}
?>
<div id="elements_content"></div>
</div>
<?= $this->element('genericElements/assetLoader', array(

13
app/View/Servers/openapi.ctp Normal file
View File

@ -0,0 +1,13 @@
<?php
echo $this->element('genericElements/assetLoader', array(
'js' => array('redoc.standalone')
));
?>
<div id="redoc-container"></div>
<script>
Redoc.init('/doc/openapi.yaml', {
fontFamily: "inherit",
disableSearch: true,
expandResponses: "200"
}, document.getElementById('redoc-container'))
</script>

2
app/View/Servers/rest.ctp
View File

@ -189,7 +189,7 @@
</div>
<?php
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'event-collection', 'menuItem' => 'rest'));
echo $this->element('/genericElements/SideMenu/side_menu', array('menuList' => 'api', 'menuItem' => 'rest'));
echo $this->element('genericElements/assetLoader', array(
'js' => array(
'moment.min',

2
app/files/warninglists

@ -1 +1 @@
Subproject commit 29192e0b2074a4af3f861b0a88af2e4da988a202
Subproject commit f3a63c2b0fed22c3427df1ede6ffda8744d356cc

7306
app/webroot/doc/openapi.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

BIN
app/webroot/img/CyCat.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

32
app/webroot/js/misp.js
View File

@ -3676,7 +3676,7 @@ function toggleBoolFilter(url, param) {
});
if (res[param] !== undefined) {
if (param == 'deleted') {
res[param] = res[param] == 0 ? 2 : 0;
res[param] = res[param] == 0 ? 1 : 0;
} else {
res[param] = res[param] == 0 ? 1 : 0;
}
@ -5073,17 +5073,25 @@ function saveDashboardState() {
dashBoardSettings.push(temp);
}
});
$.ajax({
data: {value: dashBoardSettings},
success:function (data, textStatus) {
showMessage('success', 'Dashboard settings saved.');
},
error: function (jqXHR, textStatus, errorThrown) {
showMessage('fail', textStatus + ": " + errorThrown);
},
type: "post",
url: baseurl + '/dashboards/updateSettings',
});
var url = baseurl + '/dashboards/updateSettings'
fetchFormDataAjax(url, function(formData) {
var $formContainer = $(formData)
$formContainer.find('#DashboardValue').val(JSON.stringify(dashBoardSettings))
var $theForm = $formContainer.find('form')
xhr({
data: $theForm.serialize(),
success:function (data) {
showMessage('success', 'Dashboard settings saved.');
},
error:function(jqXHR, textStatus, errorThrown) {
showMessage('fail', textStatus + ": " + errorThrown);
},
beforeSend:function() {
},
type:"post",
url: $theForm.attr('action')
});
})
}
function updateDashboardWidget(element) {

107
app/webroot/js/redoc.standalone.js Normal file
View File

File diff suppressed because one or more lines are too long

1
app/webroot/js/redoc.standalone.js.map Normal file
View File

File diff suppressed because one or more lines are too long