MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: paginator component deprecation notices

pull/9475/head
Luciano Righetti 2024-01-04 10:25:50 +01:00
parent 35dd5aec92
commit e17a8266dd
5 changed files with 226 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
src/Controller/Admin/AccessLogsController.php
View File

@ -3,19 +3,19 @@
namespace App\Controller\Admin;
use App\Controller\AppController;
use App\Model\Entity\AccessLog;
use Cake\Core\Configure;
use Cake\Http\Exception\NotFoundException;
class AccessLogsController extends AppController
{
protected $fields = ['id', 'created', 'user_id', 'org_id', 'authkey_id', 'ip', 'request_method', 'user_agent', 'request_id', 'controller', 'action', 'url', 'response_code', 'memory_usage', 'duration', 'query_count', 'request'];
protected $contain = [
'Users' => ['fields' => ['id', 'email', 'org_id']],
'Organisations' => ['fields' => ['id', 'name', 'uuid']],
];
public $paginate = [
'recursive' => -1,
'limit' => 60,
'fields' => ['id', 'created', 'user_id', 'org_id', 'authkey_id', 'ip', 'request_method', 'user_agent', 'request_id', 'controller', 'action', 'url', 'response_code', 'memory_usage', 'duration', 'query_count', 'request'],
'contain' => [
'Users' => ['fields' => ['id', 'email', 'org_id']],
'Organisations' => ['fields' => ['id', 'name', 'uuid']],
],
'order' => [
'AccessLogs.id' => 'DESC'
],
@ -77,7 +77,7 @@ class AccessLogsController extends AppController
]
);
// $conditions = $this->__searchConditions($params);
$conditions = $this->__searchConditions($params);
$afterFindHandler = function ($entry) {
if (!empty($entry['request'])) {
@ -91,6 +91,9 @@ class AccessLogsController extends AppController
'filters' => $this->filterFields,
'quickFilters' => $this->quickFilterFields,
'afterFind' => $afterFindHandler,
'conditions' => $conditions,
'contain' => $this->contain,
'fields' => $this->fields,
]
);
@ -108,8 +111,8 @@ class AccessLogsController extends AppController
$request = $this->AccessLogs->find(
'all',
[
'conditions' => ['AccessLogs.id' => $id],
'fields' => ['AccessLogs.request'],
'conditions' => ['id' => $id],
'fields' => ['request'],
]
)->first();
if (empty($request)) {
@ -164,4 +167,111 @@ class AccessLogsController extends AppController
{
$this->CRUD->filtering();
}
/**
* @param array $params
* @return array
*/
private function __searchConditions(array $params)
{
$qbRules = [];
foreach ($params as $key => $value) {
if ($key === 'created') {
$qbRules[] = [
'id' => $key,
'operator' => is_array($value) ? 'between' : 'greater_or_equal',
'value' => $value,
];
} else {
if (is_array($value)) {
$value = implode('||', $value);
}
$qbRules[] = [
'id' => $key,
'value' => $value,
];
}
}
$this->set('qbRules', $qbRules);
$conditions = [];
if (isset($params['user'])) {
if (is_numeric($params['user'])) {
$conditions['user_id'] = $params['user'];
} else {
$user = $this->User->find(
'first',
[
'conditions' => ['User.email' => $params['user']],
'fields' => ['id'],
]
);
if (!empty($user)) {
$conditions['user_id'] = $user['User']['id'];
} else {
$conditions['user_id'] = -1;
}
}
}
if (isset($params['ip'])) {
$conditions['ip'] = inet_pton($params['ip']);
}
foreach (['authkey_id', 'request_id', 'controller', 'action'] as $field) {
if (isset($params[$field])) {
$conditions['' . $field] = $params[$field];
}
}
if (isset($params['url'])) {
$conditions['url LIKE'] = "%{$params['url']}%";
}
if (isset($params['user_agent'])) {
$conditions['user_agent LIKE'] = "%{$params['user_agent']}%";
}
if (isset($params['memory_usage'])) {
$conditions['memory_usage >='] = ($params['memory_usage'] * 1024);
}
if (isset($params['memory_usage'])) {
$conditions['memory_usage >='] = ($params['memory_usage'] * 1024);
}
if (isset($params['duration'])) {
$conditions['duration >='] = $params['duration'];
}
if (isset($params['query_count'])) {
$conditions['query_count >='] = $params['query_count'];
}
if (isset($params['request_method'])) {
$methodId = array_flip(AccessLog::REQUEST_TYPES)[$params['request_method']] ?? -1;
$conditions['request_method'] = $methodId;
}
if (isset($params['org'])) {
if (is_numeric($params['org'])) {
$conditions['org_id'] = $params['org'];
} else {
$org = $this->AccessLog->Organisation->fetchOrg($params['org']);
if ($org) {
$conditions['org_id'] = $org['id'];
} else {
$conditions['org_id'] = -1;
}
}
}
if (isset($params['created'])) {
$tempData = is_array($params['created']) ? $params['created'] : [$params['created']];
foreach ($tempData as $k => $v) {
$tempData[$k] = $this->AccessLog->resolveTimeDelta($v);
}
if (count($tempData) === 1) {
$conditions['created >='] = date("Y-m-d H:i:s", $tempData[0]);
} else {
if ($tempData[0] < $tempData[1]) {
$temp = $tempData[1];
$tempData[1] = $tempData[0];
$tempData[0] = $temp;
}
$conditions['AND'][] = ['created <=' => date("Y-m-d H:i:s", $tempData[0])];
$conditions['AND'][] = ['created >=' => date("Y-m-d H:i:s", $tempData[1])];
}
}
return $conditions;
}
}

38
src/Controller/Admin/AuditLogsController.php
View File

@ -59,13 +59,15 @@ class AuditLogsController extends AppController
'WorkflowBlueprint',
];
// Pagination
protected $fields = ['id', 'created', 'user_id', 'org_id', 'request_action', 'model', 'model_id', 'model_title', 'event_id', 'changed'];
protected $contain = [
'Users' => ['fields' => ['id', 'email', 'org_id']],
'Organisations' => ['fields' => ['id', 'name', 'uuid']],
];
protected $conditions = [];
public $paginate = [
'limit' => 60,
'fields' => ['id', 'created', 'user_id', 'org_id', 'request_action', 'model', 'model_id', 'model_title', 'event_id', 'changed'],
'contain' => [
'Users' => ['fields' => ['id', 'email', 'org_id']],
'Organisations' => ['fields' => ['id', 'name', 'uuid']],
],
'order' => [
'id' => 'DESC'
],
@ -110,12 +112,14 @@ class AuditLogsController extends AppController
public function index()
{
$this->paginate['fields'][] = 'ip';
$this->paginate['fields'][] = 'request_type';
$this->paginate['fields'][] = 'authkey_id';
$this->fields[] = 'ip';
$this->fields[] = 'request_type';
$this->fields[] = 'authkey_id';
if ($this->ParamHandler->isRest()) {
$this->paginate['fields'][] = 'request_id';
$this->fields[] = 'request_id';
}
if (!Configure::read('MISP.log_new_audit')) {
$this->Flash->warning(__("Audit log is not enabled. See 'MISP.log_new_audit' in the Server Settings. (Administration -> Server Settings -> MISP tab)"));
@ -137,12 +141,22 @@ class AuditLogsController extends AppController
]
);
$this->paginate['conditions'] = $this->__searchConditions($params);
$this->conditions = $this->__searchConditions($params);
$acl = $this->__applyAuditACL($this->ACL->getUser()->toArray());
if ($acl) {
$this->paginate['conditions']['AND'][] = $acl;
$this->conditions['AND'][] = $acl;
}
$list = $this->paginate()->toArray();
$query = $this->AuditLogs->find(
'all',
[
'conditions' => $this->conditions,
'fields' => $this->fields,
'contain' => $this->contain,
]
);
$list = $this->paginate($query)->toArray();
if ($this->ParamHandler->isRest()) {
return $this->RestResponse->viewData($list, 'json');

110
src/Controller/ObjectTemplatesController.php
View File

@ -22,7 +22,6 @@ class ObjectTemplatesController extends AppController
'order' => [
'Object.id' => 'desc'
],
'recursive' => -1
];
public function beforeFilter(EventInterface $event)
@ -41,17 +40,20 @@ class ObjectTemplatesController extends AppController
$metas = $this->ObjectTemplate->find(
'column',
[
'conditions' => ['ObjectTemplate.active' => 1],
'fields' => ['ObjectTemplate.meta_category'],
'order' => ['ObjectTemplate.meta_category asc'],
'unique' => true,
'conditions' => ['ObjectTemplate.active' => 1],
'fields' => ['ObjectTemplate.meta_category'],
'order' => ['ObjectTemplate.meta_category asc'],
'unique' => true,
]
);
$items = [[
'name' => __('All Objects'),
'value' => $this->baseurl . "/ObjectTemplates/objectChoice/$eventId/0"
]];
$items = [
[
'name' => __('All Objects'),
'value' => $this->baseurl . "/ObjectTemplates/objectChoice/$eventId/0"
]
];
foreach ($metas as $meta) {
$items[] = [
'name' => $meta,
@ -63,7 +65,7 @@ class ObjectTemplatesController extends AppController
$this->set(
'options',
[
'multiple' => 0,
'multiple' => 0,
]
);
$this->render('/Elements/generic_picker');
@ -80,10 +82,10 @@ class ObjectTemplatesController extends AppController
$templates_raw = $this->ObjectTemplate->find(
'all',
[
'recursive' => -1,
'conditions' => $conditions,
'fields' => ['id', 'meta_category', 'name', 'description'],
'order' => ['ObjectTemplate.name asc']
'recursive' => -1,
'conditions' => $conditions,
'fields' => ['id', 'meta_category', 'name', 'description'],
'order' => ['ObjectTemplate.name asc']
]
);
@ -105,11 +107,11 @@ class ObjectTemplatesController extends AppController
$this->set(
'options',
[
'functionName' => 'redirectAddObject',
'multiple' => 0,
'select_options' => [
'additionalData' => ['event_id' => $event_id],
],
'functionName' => 'redirectAddObject',
'multiple' => 0,
'select_options' => [
'additionalData' => ['event_id' => $event_id],
],
]
);
$this->render('/Elements/generic_picker');
@ -121,10 +123,10 @@ class ObjectTemplatesController extends AppController
$temp = $this->ObjectTemplates->find(
'all',
[
'recursive' => -1,
'conditions' => ['ObjectTemplates.uuid' => $id],
'fields' => ['ObjectTemplates.id', 'ObjectTemplates.uuid'],
'order' => ['ObjectTemplates.version desc']
'recursive' => -1,
'conditions' => ['ObjectTemplates.uuid' => $id],
'fields' => ['ObjectTemplates.id', 'ObjectTemplates.uuid'],
'order' => ['ObjectTemplates.version desc']
]
)->first();
if (empty($temp)) {
@ -191,12 +193,14 @@ class ObjectTemplatesController extends AppController
$conditions['ObjectTemplates.active'] = 1;
}
$this->CRUD->index([
'filters' => $this->filterFields,
'quickFilters' => $this->quickFilterFields,
'quickFilterForMetaField' => ['enabled' => true, 'wildcard_search' => true],
'conditions' => $conditions
]);
$this->CRUD->index(
[
'filters' => $this->filterFields,
'quickFilters' => $this->quickFilterFields,
'quickFilterForMetaField' => ['enabled' => true, 'wildcard_search' => true],
'conditions' => $conditions
]
);
$responsePayload = $this->CRUD->getResponsePayload();
@ -234,14 +238,14 @@ class ObjectTemplatesController extends AppController
}
$logEntry = $this->Log->newEntity(
[
'org' => $this->ACL->getUser()->Organisation->name,
'model' => 'ObjectTemplate',
'model_id' => $id,
'email' => $this->ACL->getUser()->email,
'action' => 'update',
'user_id' => $this->ACL->getUser()->id,
'title' => 'Object template updated',
'change' => $change,
'org' => $this->ACL->getUser()->Organisation->name,
'model' => 'ObjectTemplate',
'model_id' => $id,
'email' => $this->ACL->getUser()->email,
'action' => 'update',
'user_id' => $this->ACL->getUser()->id,
'title' => 'Object template updated',
'change' => $change,
]
);
$this->Log->save($logEntry);
@ -252,14 +256,14 @@ class ObjectTemplatesController extends AppController
foreach ($result['fails'] as $id => $fail) {
$logEntry = $this->Log->newEntity(
[
'org' => $this->ACL->getUser()->Organisation->name,
'model' => 'ObjectTemplate',
'model_id' => $id,
'email' => $this->ACL->getUser()->email,
'action' => 'update',
'user_id' => $this->Auth->user('id'),
'title' => 'Object template failed to update',
'change' => $fail['name'] . ' could not be installed/updated. Error: ' . $fail['fail'],
'org' => $this->ACL->getUser()->Organisation->name,
'model' => 'ObjectTemplate',
'model_id' => $id,
'email' => $this->ACL->getUser()->email,
'action' => 'update',
'user_id' => $this->Auth->user('id'),
'title' => 'Object template failed to update',
'change' => $fail['name'] . ' could not be installed/updated. Error: ' . $fail['fail'],
]
);
$this->Log->save($logEntry);
@ -269,14 +273,14 @@ class ObjectTemplatesController extends AppController
} else {
$logEntry = $this->Log->newEntity(
[
'org' => $this->ACL->getUser()->Organisation->name,
'model' => 'ObjectTemplate',
'model_id' => 0,
'email' => $this->ACL->getUser()->email,
'action' => 'update',
'user_id' => $this->ACL->getUser()->id,
'title' => 'Object template update (nothing to update)',
'change' => 'Executed an update of the Object Template library, but there was nothing to update.',
'org' => $this->ACL->getUser()->Organisation->name,
'model' => 'ObjectTemplate',
'model_id' => 0,
'email' => $this->ACL->getUser()->email,
'action' => 'update',
'user_id' => $this->ACL->getUser()->id,
'title' => 'Object template update (nothing to update)',
'change' => 'Executed an update of the Object Template library, but there was nothing to update.',
]
);
$this->Log->save($logEntry);

55
src/Controller/SharingGroupsController.php
View File

@ -28,7 +28,10 @@ class SharingGroupsController extends AppController
public $filterFields = [
'name', 'uuid', 'releasability', 'description', 'active', 'created', 'modified', 'SharingGroups.local', 'roaming', ['name' => 'Organisations.name', 'multiple' => true],
];
public $containFields = [
public $statisticsFields = ['active', 'roaming'];
protected $fields = ['id', 'uuid', 'name', 'description', 'releasability', 'local', 'active', 'roaming'];
protected $contain = [
'SharingGroupOrgs' => [
'Organisations' => ['fields' => ['name', 'id', 'uuid']]
],
@ -42,29 +45,11 @@ class SharingGroupsController extends AppController
]
]
];
public $statisticsFields = ['active', 'roaming'];
public $paginate = [
'limit' => 60,
'maxLimit' => 9999,
'order' => [
'SharingGroup.name' => 'ASC'
],
'fields' => ['id', 'uuid', 'name', 'description', 'releasability', 'local', 'active', 'roaming'],
'contain' => [
'SharingGroupOrgs' => [
'Organisations' => ['fields' => ['name', 'id', 'uuid']]
],
'Organisations' => [
'fields' => ['id', 'name', 'uuid'],
],
'SharingGroupServers' => [
'fields' => ['sharing_group_id', 'all_orgs'],
'Servers' => [
'fields' => ['name', 'id']
]
]
],
];
public function add()
@ -269,7 +254,7 @@ class SharingGroupsController extends AppController
$this->render('add');
}
public function delete($id=false)
public function delete($id = false)
{
$this->request->allowMethod(['get', 'post', 'delete']);
$toggleParams = [
@ -280,9 +265,10 @@ class SharingGroupsController extends AppController
['path' => 'releasability', 'label' => __('Releasability')],
['path' => 'active', 'label' => __('Active'), 'element' => 'boolean',],
['path' => 'roaming', 'label' => __('Roaming'), 'element' => 'boolean',],
['path' => 'org_count', 'label' => __('Org. count'), 'formatter' => function ($field, $row) {
return count($row['SharingGroupOrg']);
}
[
'path' => 'org_count', 'label' => __('Org. count'), 'formatter' => function ($field, $row) {
return count($row['SharingGroupOrg']);
}
],
],
];
@ -320,10 +306,10 @@ class SharingGroupsController extends AppController
]
];
$containFields = $this->containFields;
$containFields = $this->contain;
$validFilterFields = $this->CRUD->getFilterFieldsName($this->filterFields);
if (!$this->__showOrgs()) {
$validFilterFields = array_filter($validFilterFields, fn($filter) => $filter != 'Organisations.name');
$validFilterFields = array_filter($validFilterFields, fn ($filter) => $filter != 'Organisations.name');
unset($containFields['SharingGroupOrgs']);
unset($containFields['SharingGroupServers']);
}
@ -355,6 +341,7 @@ class SharingGroupsController extends AppController
'custom' => $customContextFilters,
],
'contain' => $containFields,
'fields' => $this->fields,
'afterFind' => $afterFindHandler,
'statisticsFields' => $this->statisticsFields,
'wrapResponse' => true,
@ -402,9 +389,10 @@ class SharingGroupsController extends AppController
['path' => 'releasability', 'label' => __('Releasability')],
['path' => 'active', 'label' => __('Active'), 'element' => 'boolean',],
['path' => 'roaming', 'label' => __('Roaming'), 'element' => 'boolean',],
['path' => 'org_count', 'label' => __('Org. count'), 'formatter' => function ($field, $row) {
return count($row['SharingGroupOrg']);
}
[
'path' => 'org_count', 'label' => __('Org. count'), 'formatter' => function ($field, $row) {
return count($row['SharingGroupOrg']);
}
],
],
];
@ -468,7 +456,7 @@ class SharingGroupsController extends AppController
unset($contain['SharingGroupServers']);
}
$afterFindHandler = function(SharingGroup $sg) {
$afterFindHandler = function (SharingGroup $sg) {
if (isset($sg->SharingGroupServer)) {
foreach ($sg->SharingGroupServer as $key => $sgs) {
if ($sgs['server_id'] == 0) {
@ -487,9 +475,10 @@ class SharingGroupsController extends AppController
'conditions' => ['Users.id' => $sg->sync_user_id],
'recursive' => -1,
'fields' => ['Users.id'],
'contain' => ['Organisations' => [
'fields' => ['Organisations.id', 'Organisations.name', 'Organisations.uuid'],
]
'contain' => [
'Organisations' => [
'fields' => ['Organisations.id', 'Organisations.name', 'Organisations.uuid'],
]
]
]
)->first();
@ -508,7 +497,7 @@ class SharingGroupsController extends AppController
return $sg;
};
$conditions= [];
$conditions = [];
$params = [
'contain' => $contain,
'conditions' => $conditions,

3
tests/TestCase/Controller/Users/UsersControllerTest.php
View File

@ -14,7 +14,8 @@ class UsersControllerTest extends TestCase
protected $fixtures = [
'app.Organisations',
'app.Users'
'app.Users',
'app.Roles',
];
public function testLogin(): void