MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Fixed various issues with the attribute REST api 

- also updated the sample curl scripts
pull/468/head
Iglocska 2015-04-14 13:50:51 +02:00
parent 72f8dc0d3d
commit e339f0e646
9 changed files with 78 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION.json
View File

@ -1 +1 @@
{"major":2, "minor":3, "hotfix":60}
{"major":2, "minor":3, "hotfix":61}

81
app/Controller/AttributesController.php
View File

@ -119,7 +119,8 @@ class AttributesController extends AppController {
// remove the published flag from the event
$this->Event->recursive = -1;
$this->Event->read(null, $this->request->data['Attribute']['event_id']);
if (isset($eventId)) $this->Event->read(null, $eventId);
else $this->Event->read(null, $this->request->data['Attribute']['event_id']);
if (!$this->_isSiteAdmin() && ($this->Event->data['Event']['orgc'] != $this->_checkOrg() || !$this->userRole['perm_modify'])) {
throw new UnauthorizedException('You do not have permission to do that.');
}
@ -195,7 +196,7 @@ class AttributesController extends AppController {
// TODO RESTfull, set responce location header..so client can find right URL to edit
$this->response->header('Location', Configure::read('MISP.baseurl') . '/attributes/' . $existingAttribute['Attribute']['id']);
$this->response->send();
$this->view($this->Attribute->getId());
$this->view($this->Attribute->getID());
$this->render('view');
return false;
} else {
@ -216,13 +217,19 @@ class AttributesController extends AppController {
// create the attribute
$this->Attribute->create();
$savedId = $this->Attribute->getId();
$savedId = $this->Attribute->getID();
if ($this->Attribute->save($this->request->data)) {
if ($this->_isRest()) {
// REST users want to see the newly created attribute
$this->view($this->Attribute->getId());
$this->render('view');
if ($this->_isRest() || $this->response->type() === 'application/json') {
$saved_attribute = $this->Attribute->find('first', array(
'conditions' => array('id' => $this->Attribute->id),
'recursive' => -1,
'fields' => array('id', 'type', 'to_ids', 'category', 'uuid', 'event_id', 'distribution', 'timestamp', 'comment', 'value'),
));
$response = array('response' => array('Attribute' => $saved_attribute['Attribute']));
$this->set('response', $response);
if ($this->response->type() === 'application/json') $this->render('/Attributes/json/view');
else $this->render('view');
return false;
} elseif ($this->request->is('ajax')) {
$this->autoRender = false;
return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Attribute added.')),'status'=>200));
@ -692,12 +699,11 @@ class AttributesController extends AppController {
$this->set('attachment', false);
}
if ($this->request->is('post') || $this->request->is('put')) {
// reposition to get the attribute.id with given uuid
// Notice (8): Undefined index: uuid [APP/Controller/AttributesController.php, line 502]
// Fixed - uuid was not passed back from the form since it's not a field. Set the uuid in a variable for non rest users, rest should have uuid.
// Generally all of this should be _isRest() only, but that's something for later to think about
if ($this->_isRest()) {
if ($this->_isRest() || $this->response->type() === 'application/json') {
$existingAttribute = $this->Attribute->findByUuid($this->request->data['Attribute']['uuid']);
} else {
$existingAttribute = $this->Attribute->findByUuid($uuid);
@ -708,17 +714,18 @@ class AttributesController extends AppController {
// check if the attribute has a timestamp already set (from a previous instance that is trying to edit via synchronisation)
if (isset($this->request->data['Attribute']['timestamp'])) {
// check which attribute is newer
if ($this->request->data['Attribute']['timestamp'] > $existingAttribute['Attribute']['timestamp']) {
// carry on with adding this attribute - Don't forget! if orgc!=user org, create shadow attribute, not attribute!
} else {
// the old one is newer or the same, replace the request's attribute with the old one
$this->request->data['Attribute'] = $existingAttribute['Attribute'];
if (count($existingAttribute)) {
if ($this->request->data['Attribute']['timestamp'] > $existingAttribute['Attribute']['timestamp']) {
// carry on with adding this attribute - Don't forget! if orgc!=user org, create shadow attribute, not attribute!
} else {
// the old one is newer or the same, replace the request's attribute with the old one
$this->request->data['Attribute'] = $existingAttribute['Attribute'];
}
}
} else {
$this->request->data['Attribute']['timestamp'] = $date->getTimestamp();
}
$fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'distribution', 'value', 'timestamp', 'comment');
$this->loadModel('Event');
$this->Event->id = $eventId;
@ -730,11 +737,17 @@ class AttributesController extends AppController {
$this->Event->set('timestamp', $date->getTimestamp());
$this->Event->set('published', 0);
$this->Event->save($this->Event->data, array('fieldList' => array('published', 'timestamp', 'info')));
if ($this->_isRest()) {
// REST users want to see the newly created event
$this->view($this->Attribute->getId());
$this->render('view');
if ($this->_isRest() || $this->response->type() === 'application/json') {
$saved_attribute = $this->Attribute->find('first', array(
'conditions' => array('id' => $this->Attribute->id),
'recursive' => -1,
'fields' => array('id', 'type', 'to_ids', 'category', 'uuid', 'event_id', 'distribution', 'timestamp', 'comment', 'value'),
));
$response = array('response' => array('Attribute' => $saved_attribute['Attribute']));
$this->set('response', $response);
if ($this->response->type() === 'application/json') $this->render('/Attributes/json/view');
else $this->render('view');
return false;
} else {
$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
}
@ -824,7 +837,7 @@ class AttributesController extends AppController {
}
}
public function view($id, $hasChildren = 0) {
public function view($id, $hasChildren = 0, $response = 'ajax') {
$this->Attribute->id = $id;
if (!$this->Attribute->exists()) {
throw new NotFoundException('Invalid attribute');
@ -838,18 +851,22 @@ class AttributesController extends AppController {
throw new MethodNotAllowed('Invalid attribute');
}
}
$eventRelations = $this->Attribute->Event->getRelatedAttributes($this->Auth->user(), $this->_isSiteAdmin(), $attribute['Attribute']['event_id']);
$attribute['Attribute']['relations'] = array();
if (isset($eventRelations[$id])) {
foreach ($eventRelations[$id] as $relations) {
$attribute['Attribute']['relations'][] = array($relations['id'], $relations['info'], $relations['org']);
if ($this->request->is('ajax')) {
$eventRelations = $this->Attribute->Event->getRelatedAttributes($this->Auth->user(), $this->_isSiteAdmin(), $attribute['Attribute']['event_id']);
$attribute['Attribute']['relations'] = array();
if (isset($eventRelations[$id])) {
foreach ($eventRelations[$id] as $relations) {
$attribute['Attribute']['relations'][] = array($relations['id'], $relations['info'], $relations['org']);
}
}
$object = $attribute['Attribute'];
$object['objectType'] = 0;
$object['hasChildren'] = $hasChildren;
$this->set('object', $object);
$this->set('distributionLevels', $this->Attribute->Event->distributionLevels);
} else {
$this->redirect('/events/view/' . $this->Attribute->data['Attribute']['event_id']);
}
$object = $attribute['Attribute'];
$object['objectType'] = 0;
$object['hasChildren'] = $hasChildren;
$this->set('object', $object);
$this->set('distributionLevels', $this->Attribute->Event->distributionLevels);
/*
$this->autoRender = false;
$responseObject = array();

2
app/View/Attributes/json/view.ctp Normal file
View File

@ -0,0 +1,2 @@
<?php
echo (json_encode($response));

4
app/View/Attributes/xml/view.ctp Normal file
View File

@ -0,0 +1,4 @@
<?php
App::uses('Xml', 'Utility');
$xmlObject = Xml::fromArray($response, array('format' => 'tags'));
echo($xmlObject->asXml());

7
tools/curl/addAttribute.sh
View File

@ -1,2 +1,5 @@
curl -i -H "Accept: application/xml" -H "content-type: text/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
--data "@input/215.xml" -X POST http://localhost/attributes
curl -i -H "Accept: application/xml" -H "content-type: application/xml" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
--data "@input/attribute.xml" -X POST http://localhost/attributes
#curl -i -H "Accept: application/json" -H "content-type: application/json" -H "Authorization: vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb" \
#--data "@input/attribute.xml" -X POST http://localhost/attributes

1
tools/curl/input/attribute.json Normal file
View File

@ -0,0 +1 @@
{"Attribute":{"type": "ip-dst","event_id": "30","category": "Network activity","to_ids": "1","distribution": "1","value": "8.8.4.4","comment": "This is a sample attribute"}}

10
tools/curl/input/attribute.xml Normal file
View File

@ -0,0 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<Attribute>
<event_id>30</event_id>
<type>ip-src</type>
<category>Network activity</category>
<to_ids>0</to_ids>
<distribution>1</distribution>
<comment>This is a sample Attribute</comment>
<value>8.8.4.4</value>
</Attribute>

67
tools/curl/input/event.json
View File

@ -1,66 +1 @@
{
"Event": {
"id": "15",
"org": "ORG",
"date": "2012-04-12",
"threat_level_id": "4",
"info": "info",
"user_id": "1",
"uuid": "4f8c2c4e-00dc-42c9-83ad-76e9ff32448e",
"distribution": "0",
"analysis": "0",
"timestamp": "1",
"Attribute": [
{
"id": "116",
"event_id": "14",
"type": "ip-dst",
"category": "Network activity",
"to_ids": "1",
"uuid": "4f8c2cc3-0410-4bf0-8559-5b9dff32448e",
"distribution": "0",
"value": "1.1.1.111",
"timestamp": "0"
},
{
"id": "117",
"event_id": "14",
"type": "malware-sample",
"category": "Payload delivery",
"to_ids": "0",
"uuid": "4f8c2d08-7e6c-4648-8730-50a7ff32448e",
"distribution": "0",
"value": "A.doc|3f6f1aaab6171925c81de9b34a8fcf8e",
"timestamp": "0"
},
{
"id": "115",
"event_id": "14",
"type": "vulnerability",
"category": "Payload delivery",
"to_ids": "1",
"uuid": "4f8c2c69-9bf8-4279-8d03-2138ff32448e",
"distribution": "0",
"value": "CVE-XXXX-XXXX",
"timestamp": "0"
}
],
"RelatedEvent": [
{
"id": "11",
"date": "2011-01-03",
"uuid": "4f8812ff-ded0-4592-9227-0615ff32448e"
},
{
"id": "9",
"date": "2011-02-02",
"uuid": "4f85981e-d044-4b16-bc16-0a35ff32448e"
},
{
"id": "6",
"date": "2011-03-01",
"uuid": "4f7a9faa-91d4-4c91-8ec6-0878ff32448e"
}
]
}
}
{"Event": {"id": "25", "orgc": "Iglocska", "date": "2015-04-14", "threat_level_id": "4", "info": "info", "distribution": "1", "analysis": "0", "Attribute": [{"id": "7","type": "ip-dst","category": "Network activity","to_ids": "1","distribution": "1","value": "8.8.8.8"}]}}

20
tools/curl/input/event.xml
View File

@ -1,31 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?>
<Event>
<id>25</id>
<org>NCIRC</org>
<date>2013-12-12</date>
<date>2015-04-14</date>
<threat_level_id>1</threat_level_id>
<info>test5</info>
<info>This is a sample event</info>
<published>0</published>
<uuid>52b9bca5-2e04-4fed-acf3-1f60c0a80e0a</uuid>
<attribute_count>1</attribute_count>
<analysis>0</analysis>
<timestamp>1386855599</timestamp>
<distribution>1</distribution>
<proposal_email_lock>0</proposal_email_lock>
<orgc>NCIRC</orgc>
<locked>0</locked>
<orgc>Iglocska</orgc>
<Attribute>
<id>7</id>
<type>ip-src</type>
<category>Network activity</category>
<to_ids>0</to_ids>
<uuid>52a9bcbe-d87c-4c5e-8408-22e8c0a80e0a</uuid>
<event_id>9</event_id>
<distribution>1</distribution>
<timestamp>1386855599</timestamp>
<comment/>
<value>1.1.1.2</value>
<ShadowAttribute/>
<comment>This is a sample attribute</comment>
<value>8.8.8.8</value>
</Attribute>
<ShadowAttribute/>
</Event>