From e3ed847ba0e9544780fda99c15072151df8feb41 Mon Sep 17 00:00:00 2001 From: Christophe Vandeplas Date: Tue, 28 May 2013 11:15:21 +0200 Subject: [PATCH] fixing some REST API and XML issues --- app/Config/bootstrap.default.php | 16 --- app/Controller/AttributesController.php | 10 -- app/Controller/EventsController.php | 107 +++++++--------- app/Model/Attribute.php | 155 +++++++++++------------ app/Model/Event.php | 9 +- app/View/Events/edit.ctp | 157 ++++++++++++------------ app/View/Events/xml/view.ctp | 20 +-- 7 files changed, 213 insertions(+), 261 deletions(-) diff --git a/app/Config/bootstrap.default.php b/app/Config/bootstrap.default.php index 46fe95ca1..2df0181b6 100755 --- a/app/Config/bootstrap.default.php +++ b/app/Config/bootstrap.default.php @@ -133,24 +133,8 @@ Configure::write('GnuPG.homedir', '/path/to/your/.gnupg/'); Configure::write('SecureAuth.amount', 5); // the maximum amount of failed logins Configure::write('SecureAuth.expire', 300); // the time-window for the maximum amount of logins in seconds -/** - * Network activity, ip-src - * 30 class-C network ip addresses - * (time in ms) - * - * default db sql - * all 25366 16601 15941 - * 24839 16604 15611 - * paginated 16759 8447 6615 - * 17734 8639 8846 - */ Configure::write('CyDefSIG.dns', 'false'); // there is a nameserver available to do resolution. -Configure::write('CyDefSIG.rest', 'ii'); // i is unchecked, use ii - // RESTfull, possible values: - // - i, event without attributes - // - ii, event with attributes (more framework friendly and more RESTfull friendly) - /** * The settings below can be used to set additional paths to models, views and controllers. * diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php index 33c711f48..b31660774 100755 --- a/app/Controller/AttributesController.php +++ b/app/Controller/AttributesController.php @@ -181,11 +181,6 @@ class AttributesController extends AppController { // create the attribute $this->Attribute->create(); - if ("i" == Configure::read('CyDefSIG.rest')) { - unset($this->request->data['Event']); - $this->Attribute->unbindModel(array('belongsTo' => array('Event'))); - //$this->request->data['Attribute']['event_id'] = $eventId; - } // Notice (8): Undefined index: id [APP/Controller/AttributesController.php, line 234] // Should be fixed $savedId = $this->Attribute->getId(); @@ -499,11 +494,6 @@ class AttributesController extends AppController { } $fieldList = array('category', 'type', 'value1', 'value2', 'to_ids', 'private', 'cluster', 'value'); - if ("i" == Configure::read('CyDefSIG.rest')) { - unset($this->request->data['Event']); - $this->Attribute->unbindModel(array('belongsTo' => array('Event'))); - $this->request->data['Attribute']['event_id'] = $eventId; - } $this->loadModel('Event'); $this->Event->id = $eventId; diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index 0f68156a2..3f9f23202 100755 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -130,7 +130,7 @@ class EventsController extends AppController { $this->Event->contain('Attribute', 'Attribute.ShadowAttribute', 'User.email'); $this->Event->id = $id; if (!$this->Event->exists()) { - throw new NotFoundException(__('Invalid event')); + throw new NotFoundException(__('Invalid event, it already exists.')); } $this->Event->read(null, $id); $userEmail = $this->Event->data['User']['email']; @@ -246,10 +246,10 @@ class EventsController extends AppController { $ext = $file->ext(); } $ioc = false; - if($this->data['Event']['submittedioc']['error'] != 4) { - $ioc = true; - } if (isset($this->data['Event']['submittedioc'])) { + if($this->data['Event']['submittedioc']['error'] != 4) { + $ioc = true; + } App::uses('File', 'Utility'); $file = new File($this->data['Event']['submittedgfi']['name']); $ext = $file->ext(); @@ -324,18 +324,18 @@ class EventsController extends AppController { * @return bool true if success */ public function _add(&$data, $fromXml, $or='', $passAlong = null, $fromPull = false) { + $this->Event->create(); // force check userid and orgname to be from yourself $auth = $this->Auth; $data['Event']['user_id'] = $auth->user('id'); $data['Event']['org'] = $auth->user('org'); - //$data['Event']['org'] = strlen($or) ? $or : $auth->user('org'); // FIXME security - org problem if (!$fromXml) { $data['Event']['orgc'] = $data['Event']['org']; } - unset ($data['Event']['id']); - $this->Event->create(); - //$this->Event->data = $data; if ($fromXml) { + // FIXME FIXME chri: temporary workaround for unclear org, orgc, from + $data['Event']['orgc'] = $data['Event']['org']; + $data['Event']['from'] = $data['Event']['org']; // Workaround for different structure in XML/array than what CakePHP expects $this->Event->cleanupEventArrayFromXML($data); // the event_id field is not set (normal) so make sure no validation errors are thrown @@ -343,15 +343,13 @@ class EventsController extends AppController { unset($this->Event->Attribute->validate['event_id']); unset($this->Event->Attribute->validate['value']['unique']); // otherwise gives bugs because event_id is not set } - // upstream: false = distribution - // true = reverse distribution, back to origin - $upstream = false; - if (isset($data['Event']['uuid'])) { // TODO here we start RESTful dialog + unset ($data['Event']['id']); + if (isset($data['Event']['uuid'])) { // check if the uuid already exists $existingEventCount = $this->Event->find('count', array('conditions' => array('Event.uuid' => $data['Event']['uuid']))); if ($existingEventCount > 0) { - // TODO RESTfull, set responce location header..so client can find right URL to edit + // RESTfull, set responce location header..so client can find right URL to edit if ($fromPull) return false; $existingEvent = $this->Event->find('first', array('conditions' => array('Event.uuid' => $data['Event']['uuid']))); $this->response->header('Location', Configure::read('CyDefSIG.baseurl') . '/events/' . $existingEvent['Event']['id']); @@ -360,29 +358,20 @@ class EventsController extends AppController { } } - if ($upstream) { - $fieldList = array( - 'Event' => array('orgc', 'date', 'risk', 'analysis', 'info', 'published', 'uuid'), - 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision') - ); - } else { - $fieldList = array( - 'Event' => array('org', 'orgc', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'private', 'cluster', 'communitie', 'dist_change', 'from'), - 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'cluster', 'communitie', 'dist_change') - ); - } + // FIXME chri: validate the necessity for all these fields...impact on security ! + $fieldList = array( + 'Event' => array('orgc', 'date', 'risk', 'analysis', 'info', 'published', 'uuid'), + 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision') + ); + $fieldList = array( + 'Event' => array('org', 'orgc', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'private', 'cluster', 'communitie', 'dist_change', 'from'), + 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'cluster', 'communitie', 'dist_change') + ); - if ("i" == Configure::read('CyDefSIG.baseurl')) { - // this saveAssociated() function will save not only the event, but also the attributes - // from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute - unset($data['Attribute']); - $this->Event->unbindModel(array('hasMany' => array('Attribute'))); - $saveResult = $this->Event->save($data, array('validate' => true, 'fieldList' => $fieldList)); - } else { - $saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList)); - } + $saveResult = $this->Event->saveAssociated($data, array('validate' => true, 'fieldList' => $fieldList)); + // FIXME chri: check if output of $saveResult is what we expect when data not valid, see issue #104 if ($saveResult) { - if (!empty($data['Event']['published']) && 1 == $data['Event']['published'] && $data['Event']['private'] == false) { + if (!empty($data['Event']['published']) && 1 == $data['Event']['published']) { // do the necessary actions to publish the event (email, upload,...) $this->__publish($this->Event->getId(), $passAlong); } @@ -459,44 +448,35 @@ class EventsController extends AppController { 'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'private', 'communitie', 'cluster', 'dist_change') ); - if ("ii" == Configure::read('CyDefSIG.rest')) { - // reposition to get the attribute.id with given uuid - $c = 0; - if (isset($this->request->data['Attribute'])) { - foreach ($this->request->data['Attribute'] as $attribute) { - $existingAttribute = $this->Event->Attribute->findByUuid($attribute['uuid']); - if (count($existingAttribute)) { - $this->request->data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id']; - if (!($this->request->data['Attribute'][$c]['dist_change'] > $existingAttribute['Attribute']['dist_change'])) { - unset($this->request->data['Attribute'][$c]['private']); - unset($this->request->data['Attribute'][$c]['cluster']); - unset($this->request->data['Attribute'][$c]['communitie']); - } + // reposition to get the attribute.id with given uuid + $c = 0; + if (isset($this->request->data['Attribute'])) { + foreach ($this->request->data['Attribute'] as $attribute) { + $existingAttribute = $this->Event->Attribute->findByUuid($attribute['uuid']); + if (count($existingAttribute)) { + $this->request->data['Attribute'][$c]['id'] = $existingAttribute['Attribute']['id']; + if (!($this->request->data['Attribute'][$c]['dist_change'] > $existingAttribute['Attribute']['dist_change'])) { + unset($this->request->data['Attribute'][$c]['private']); + unset($this->request->data['Attribute'][$c]['cluster']); + unset($this->request->data['Attribute'][$c]['communitie']); } - $c++; } + $c++; } } + // unclear what this does, more documentation needed if ($this->request->data['Event']['dist_change'] > $existingEvent['Event']['dist_change']) { array_push($fieldList['Event'], 'private', 'communitie', 'cluster'); } - if ("i" == Configure::read('CyDefSIG.rest')) { - // this saveAssociated() function will save not only the event, but also the attributes - // from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute - // the following 2 lines can be out-commented if we opt to save associated (Event.php:263-264) - unset($this->request->data['Attribute']); - $this->Event->unbindModel(array('hasMany' => array('Attribute'))); - $saveResult = $this->Event->save($this->request->data, array('validate' => true, 'fieldList' => $fieldList)); - } else { - $saveResult = $this->Event->saveAssociated($this->request->data, array('validate' => true, 'fieldList' => $fieldList)); - } + + // this saveAssociated() function will save not only the event, but also the attributes + // from the attributes attachments are also saved to the disk thanks to the afterSave() fonction of Attribute + $saveResult = $this->Event->saveAssociated($this->request->data, array('validate' => true, 'fieldList' => $fieldList)); + if ($saveResult) { - // TODO RESTfull: we now need to compare attributes, to see if we need to do a RESTfull attribute delete - $message = 'Saved'; - $this->set('event', $this->Event->data); //if published -> do the actual publishing if ((!empty($this->request->data['Event']['published']) && 1 == $this->request->data['Event']['published'])) { @@ -642,7 +622,7 @@ class EventsController extends AppController { )); // iterate over the servers and upload the event if(empty($servers)) - return; + return true; $uploaded = true; $failedServers = array(); @@ -703,10 +683,9 @@ class EventsController extends AppController { $this->Event->save($event, array('fieldList' => $fieldList)); $event['Event']['from'] = Configure::read('CyDefSIG.org'); $uploaded = false; - //if ($event['Event']['distribution'] == 'Your organization only' || $event['Event']['distribution'] == 'This server-only') return true; if ('true' == Configure::read('CyDefSIG.sync')) { $uploaded = $this->__uploadEventToServers($id, $passAlong); - if ((is_bool($uploaded) && !$uploaded) || (is_array($uploaded))) { // TODO remove bool + if (($uploaded == false) || (is_array($uploaded))) { $this->Event->saveField('published', 0); } } diff --git a/app/Model/Attribute.php b/app/Model/Attribute.php index 86489f660..d8a192f6b 100755 --- a/app/Model/Attribute.php +++ b/app/Model/Attribute.php @@ -411,6 +411,7 @@ class Attribute extends AppModel { $this->__afterSaveCorrelation($this->data['Attribute']); $result = true; + // if the 'data' field is set on the $this->data then save the data to the correct file if (isset($this->data['Attribute']['type']) && $this->typeIsAttachment($this->data['Attribute']['type']) && !empty($this->data['Attribute']['data'])) { $result = $result && $this->saveBase64EncodedAttachment($this->data['Attribute']); // TODO : is this correct? @@ -442,33 +443,33 @@ class Attribute extends AppModel { parent::beforeValidate(); // distribution - setting correct vars - if(isset($this->data['Attribute']['distribution'])) { - switch ($this->data['Attribute']['distribution']) { - case 'Your organization only': - $this->data['Attribute']['private'] = true; - $this->data['Attribute']['cluster'] = false; - $this->data['Attribute']['communitie'] = false; - break; - case 'This server-only': - $this->data['Attribute']['private'] = true; - $this->data['Attribute']['cluster'] = true; - $this->data['Attribute']['communitie'] = false; - break; - case 'This Community-only': - $this->data['Attribute']['private'] = false; - $this->data['Attribute']['cluster'] = true; - $this->data['Attribute']['communitie'] = false; - break; - case 'Connected communities': - $this->data['Attribute']['private'] = false; - $this->data['Attribute']['cluster'] = false; - $this->data['Attribute']['communitie'] = true; - break; - case 'All communities': - $this->data['Attribute']['private'] = false; - $this->data['Attribute']['cluster'] = false; - $this->data['Attribute']['communitie'] = false; - break; + if(isset($this->data['Attribute']['distribution'])) { + switch ($this->data['Attribute']['distribution']) { + case 'Your organization only': + $this->data['Attribute']['private'] = true; + $this->data['Attribute']['cluster'] = false; + $this->data['Attribute']['communitie'] = false; + break; + case 'This server-only': + $this->data['Attribute']['private'] = true; + $this->data['Attribute']['cluster'] = true; + $this->data['Attribute']['communitie'] = false; + break; + case 'This Community-only': + $this->data['Attribute']['private'] = false; + $this->data['Attribute']['cluster'] = true; + $this->data['Attribute']['communitie'] = false; + break; + case 'Connected communities': + $this->data['Attribute']['private'] = false; + $this->data['Attribute']['cluster'] = false; + $this->data['Attribute']['communitie'] = true; + break; + case 'All communities': + $this->data['Attribute']['private'] = false; + $this->data['Attribute']['cluster'] = false; + $this->data['Attribute']['communitie'] = false; + break; } } @@ -819,6 +820,8 @@ class Attribute extends AppModel { } public function saveBase64EncodedAttachment($attribute) { +print_r("###### saveBase64EncodedAttachment ######"); +print_r($attribute); $rootDir = APP . DS . "files" . DS . $attribute['event_id']; $dir = new Folder($rootDir, true); // create directory structure $destpath = $rootDir . DS . $attribute['id']; @@ -899,12 +902,12 @@ class Attribute extends AppModel { public function __beforeSaveCorrelation($a) { - // (update-only) clean up the relation of the old value: remove the existing relations related to that attribute, we DO have a reference, the id - // ==> DELETE FROM correlations WHERE 1_attribute_id = $a_id OR attribute_id = $a_id; */ + // (update-only) clean up the relation of the old value: remove the existing relations related to that attribute, we DO have a reference, the id + // ==> DELETE FROM correlations WHERE 1_attribute_id = $a_id OR attribute_id = $a_id; */ // first check if it's an update if (isset($a['id'])) { $this->Correlation = ClassRegistry::init('Correlation'); - // FIXME : check that $a['id'] is checked correctly so that the user can't remove attributes he shouldn't + // FIXME : check that $a['id'] is checked correctly so that the user can't remove attributes he shouldn't $dummy = $this->Correlation->deleteAll(array('OR' => array( 'Correlation.1_attribute_id' => $a['id'], 'Correlation.attribute_id' => $a['id'])) @@ -914,59 +917,59 @@ class Attribute extends AppModel { public function __afterSaveCorrelation($a) { $this->Correlation = ClassRegistry::init('Correlation'); - // - // When we add/update an attribute we need to - // - (beforeSave) (update-only) clean up the relation of the old value: remove the existing relations related to that attribute, we DO have a reference, the id - - // - remove the existing relations for that value1 or value2, we do NOT have an id reference, but we have a value1/value2 field to search for + // + // When we add/update an attribute we need to + // - (beforeSave) (update-only) clean up the relation of the old value: remove the existing relations related to that attribute, we DO have a reference, the id + + // - remove the existing relations for that value1 or value2, we do NOT have an id reference, but we have a value1/value2 field to search for // ==> DELETE FROM correlations WHERE value = $value1 OR value = $value2 */ $dummy = $this->Correlation->deleteAll(array('Correlation.value' => array($a['value1'], $a['value2']))); // now build a correlation array of things that will need to be added in the db // we do this twice, once for value1 and once for value2 - $correlations = array(); // init variable - $value_names = array ('value1', 'value2'); - // do the correlation for value1 and value2, this needs to be done separately - foreach ($value_names as $value_name) { - if (empty($a[$value_name])) continue; // do not correlate if attribute is empty - $params = array( - 'conditions' => array('OR' => array( - 'Attribute.value1' => $a[$value_name], - 'Attribute.value2' => $a[$value_name] - )), - 'recursive' => 0, - //'fields' => '', // we want to have the Attribute AND Event, so do not filter here - ); - // search for the related attributes for that "value(1|2)" - $attributes = $this->find('all', $params); + $correlations = array(); // init variable + $value_names = array ('value1', 'value2'); + // do the correlation for value1 and value2, this needs to be done separately + foreach ($value_names as $value_name) { + if (empty($a[$value_name])) continue; // do not correlate if attribute is empty + $params = array( + 'conditions' => array('OR' => array( + 'Attribute.value1' => $a[$value_name], + 'Attribute.value2' => $a[$value_name] + )), + 'recursive' => 0, + //'fields' => '', // we want to have the Attribute AND Event, so do not filter here + ); + // search for the related attributes for that "value(1|2)" + $attributes = $this->find('all', $params); // build the correlations, each attribute should have a relation in both directions - // this is why we have a double loop. - // The result is that for each Attribute pair we want: A1-A2, A2-A1 and so on, - // In total that's N * (N-1) rows (minus the ones from the same event) (with N the number of related attributes) - $attributes_right = $attributes; - foreach ($attributes as $attribute) { - foreach ($attributes_right as $attribute_right) { - if ($attribute['Attribute']['event_id'] == $attribute_right['Attribute']['event_id']) { - // do not build a relation between the same attributes - // or attributes from the same event - continue; - } - $is_private = $attribute_right['Event']['private'] || $attribute_right['Attribute']['private']; - $correlations[] = array( - 'value' => $a[$value_name], - '1_event_id' => $attribute['Attribute']['event_id'], - '1_attribute_id' => $attribute['Attribute']['id'], - 'event_id' => $attribute_right['Attribute']['event_id'], - 'attribute_id' => $attribute_right['Attribute']['id'], - 'org' => $attribute_right['Event']['org'], - 'private' => $is_private, + // this is why we have a double loop. + // The result is that for each Attribute pair we want: A1-A2, A2-A1 and so on, + // In total that's N * (N-1) rows (minus the ones from the same event) (with N the number of related attributes) + $attributes_right = $attributes; + foreach ($attributes as $attribute) { + foreach ($attributes_right as $attribute_right) { + if ($attribute['Attribute']['event_id'] == $attribute_right['Attribute']['event_id']) { + // do not build a relation between the same attributes + // or attributes from the same event + continue; + } + $is_private = $attribute_right['Event']['private'] || $attribute_right['Attribute']['private']; + $correlations[] = array( + 'value' => $a[$value_name], + '1_event_id' => $attribute['Attribute']['event_id'], + '1_attribute_id' => $attribute['Attribute']['id'], + 'event_id' => $attribute_right['Attribute']['event_id'], + 'attribute_id' => $attribute_right['Attribute']['id'], + 'org' => $attribute_right['Event']['org'], + 'private' => $is_private, 'date' => $attribute_right['Event']['date'], - 'info' => $attribute_right['Event']['info'], - ); - } - } - } - // save the new correlations to the database in a single shot + 'info' => $attribute_right['Event']['info'], + ); + } + } + } + // save the new correlations to the database in a single shot $this->Correlation->saveMany($correlations); } diff --git a/app/Model/Event.php b/app/Model/Event.php index afa01f66e..3b5175519 100644 --- a/app/Model/Event.php +++ b/app/Model/Event.php @@ -440,7 +440,7 @@ class Event extends AppModel { * * @param &$data The reference to the variable * - * @throws InternalErrorException // TODO Exception + * @throws InternalErrorException */ public function cleanupEventArrayFromXML(&$data) { // Workaround for different structure in XML/array than what CakePHP expects @@ -491,13 +491,6 @@ class Event extends AppModel { foreach ($event['Attribute'] as $attribute) { $newerUuids[$attribute['id']] = $attribute['uuid']; $attribute['event_id'] = $remoteId; - if ("i" == Configure::read('CyDefSIG.rest')) { - // do the add attributes here i.s.o. saveAssociates() or save() - // and unset Attributes and hasMany for this - // following 2 lines can be out-commented if. (EventsController.php:364-365) - $anAttr = ClassRegistry::init('Attribute'); - $anAttr->uploadAttributeToServer($attribute, $server, $HttpSocket); - } } // get the already existing attributes and delete the ones that are not there foreach ($xml->Event->Attribute as $attribute) { diff --git a/app/View/Events/edit.ctp b/app/View/Events/edit.ctp index 79ef44998..1206c9770 100755 --- a/app/View/Events/edit.ctp +++ b/app/View/Events/edit.ctp @@ -1,79 +1,80 @@ -
-Form->create('Event');?> -
- -Form->input('id'); -echo $this->Form->input('date'); -echo $this->Form->input('risk', array( - 'before' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')))); -echo $this->Form->input('analysis', array( - 'options' => array($analysisLevels), - 'before' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv')))); -if ('true' == Configure::read('CyDefSIG.sync')) { - if ('true' == $canEditDist) { - echo $this->Form->input('distribution', array('label' => 'Distribution', - 'between' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')) - )); - } -} -echo $this->Form->input('info'); - -// link an onchange event to the form elements -if ('true' == $canEditDist) { - $this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")'); -} -$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")'); -$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")'); -?> -
-Form->end(__('Submit', true));?> -
-
- -
- - +
+Form->create('Event');?> +
+ +Form->input('id'); +echo $this->Form->input('date'); +if ('true' == Configure::read('CyDefSIG.sync')) { + if ('true' == $canEditDist) { + echo $this->Form->input('distribution', array('label' => 'Distribution', + 'between' => $this->Html->div('forminfo', '', array('id' => 'EventDistributionDiv')) + )); + } +} +echo $this->Form->input('risk', array( + 'before' => $this->Html->div('forminfo', '', array('id' => 'EventRiskDiv')))); +echo $this->Form->input('analysis', array( + 'options' => array($analysisLevels), + 'before' => $this->Html->div('forminfo', '', array('id' => 'EventAnalysisDiv')) + )); +echo $this->Form->input('info'); + +// link an onchange event to the form elements +if ('true' == $canEditDist) { + $this->Js->get('#EventDistribution')->event('change', 'showFormInfo("#EventDistribution")'); +} +$this->Js->get('#EventRisk')->event('change', 'showFormInfo("#EventRisk")'); +$this->Js->get('#EventAnalysis')->event('change', 'showFormInfo("#EventAnalysis")'); +?> +
+Form->end(__('Submit', true));?> +
+
+ +
+ + Js->writeBuffer(); \ No newline at end of file diff --git a/app/View/Events/xml/view.ctp b/app/View/Events/xml/view.ctp index 8e4e05f98..115b535ae 100755 --- a/app/View/Events/xml/view.ctp +++ b/app/View/Events/xml/view.ctp @@ -36,15 +36,17 @@ foreach ($event['Event']['Attribute'] as $key => $value) { unset($event['Event']['Attribute'][$key]['category_order']); } -foreach ($event['Event']['RelatedEvent'] as $key => $value) { - unset($event['Event']['RelatedEvent'][$key]['user_id']); - unset($event['Event']['RelatedEvent'][$key]['private']); - unset($event['Event']['RelatedEvent'][$key]['communitie']); - unset($event['Event']['RelatedEvent'][$key]['cluster']); - if ('true' != Configure::read('CyDefSIG.showorg') && !$isAdmin) { - unset($event['Event']['RelatedEvent'][$key]['org']); - unset($event['Event']['RelatedEvent'][$key]['orgc']); - unset($event['Event']['RelatedEvent'][$key]['from']); +if (isset($event['Event']['RelatedEvent'])) { + foreach ($event['Event']['RelatedEvent'] as $key => $value) { + unset($event['Event']['RelatedEvent'][$key]['user_id']); + unset($event['Event']['RelatedEvent'][$key]['private']); + unset($event['Event']['RelatedEvent'][$key]['communitie']); + unset($event['Event']['RelatedEvent'][$key]['cluster']); + if ('true' != Configure::read('CyDefSIG.showorg') && !$isAdmin) { + unset($event['Event']['RelatedEvent'][$key]['org']); + unset($event['Event']['RelatedEvent'][$key]['orgc']); + unset($event['Event']['RelatedEvent'][$key]['from']); + } } }