mirror of https://github.com/MISP/MISP
fix: [API] adding objects now has better validation errors
- instead of silently dropping attributes in certain casespull/5430/head
parent
4f9e3ec6d3
commit
e4c82eb9ff
|
@ -198,6 +198,7 @@ class ObjectsController extends AppController
|
||||||
$this->MispObject->Event->insertLock($this->Auth->user(), $eventId);
|
$this->MispObject->Event->insertLock($this->Auth->user(), $eventId);
|
||||||
}
|
}
|
||||||
$error = false;
|
$error = false;
|
||||||
|
$template = false;
|
||||||
if (!empty($templateId) || !$this->_isRest()) {
|
if (!empty($templateId) || !$this->_isRest()) {
|
||||||
$templates = $this->MispObject->ObjectTemplate->find('all', array(
|
$templates = $this->MispObject->ObjectTemplate->find('all', array(
|
||||||
'conditions' => array('ObjectTemplate.id' => $templateId),
|
'conditions' => array('ObjectTemplate.id' => $templateId),
|
||||||
|
@ -247,10 +248,14 @@ class ObjectsController extends AppController
|
||||||
foreach ($object['Attribute'] as $k => $attribute) {
|
foreach ($object['Attribute'] as $k => $attribute) {
|
||||||
unset($object['Attribute'][$k]['id']);
|
unset($object['Attribute'][$k]['id']);
|
||||||
$object['Attribute'][$k]['event_id'] = $eventId;
|
$object['Attribute'][$k]['event_id'] = $eventId;
|
||||||
$this->MispObject->Event->Attribute->set($attribute);
|
$this->MispObject->Event->Attribute->set($object['Attribute'][$k]);
|
||||||
if (!$this->MispObject->Event->Attribute->validates()) {
|
if (!$this->MispObject->Event->Attribute->validates()) {
|
||||||
if ($this->MispObject->Event->Attribute->validationErrors['value'][0] !== 'Composite type found but the value not in the composite (value1|value2) format.') {
|
if ($this->MispObject->Event->Attribute->validationErrors['value'][0] !== 'Composite type found but the value not in the composite (value1|value2) format.') {
|
||||||
$error = 'Could not save object as at least one attribute has failed validation (' . $attribute['object_relation'] . '). ' . json_encode($this->MispObject->Event->Attribute->validationErrors);
|
$error = sprintf(
|
||||||
|
'Could not save object as at least one attribute has failed validation (%s). %s',
|
||||||
|
isset($attribute['object_relation']) ? $attribute['object_relation'] : 'No object_relation',
|
||||||
|
json_encode($this->MispObject->Event->Attribute->validationErrors)
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -813,9 +813,11 @@ class Attribute extends AppModel
|
||||||
{
|
{
|
||||||
parent::beforeValidate();
|
parent::beforeValidate();
|
||||||
if (!isset($this->data['Attribute']['type'])) {
|
if (!isset($this->data['Attribute']['type'])) {
|
||||||
|
$this->validationErrors['type'] = ['No type set.'];
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (is_array($this->data['Attribute']['value'])) {
|
if (is_array($this->data['Attribute']['value'])) {
|
||||||
|
$this->validationErrors['type'] = ['Value is an array.'];
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
App::uses('ComplexTypeTool', 'Tools');
|
App::uses('ComplexTypeTool', 'Tools');
|
||||||
|
@ -823,6 +825,7 @@ class Attribute extends AppModel
|
||||||
$this->data['Attribute']['value'] = $this->complexTypeTool->refangValue($this->data['Attribute']['value'], $this->data['Attribute']['type']);
|
$this->data['Attribute']['value'] = $this->complexTypeTool->refangValue($this->data['Attribute']['value'], $this->data['Attribute']['type']);
|
||||||
|
|
||||||
if (!empty($this->data['Attribute']['object_id']) && empty($this->data['Attribute']['object_relation'])) {
|
if (!empty($this->data['Attribute']['object_id']) && empty($this->data['Attribute']['object_relation'])) {
|
||||||
|
$this->validationErrors['type'] = ['Object attribute sent, but no object_relation set.'];
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
// remove leading and trailing blanks
|
// remove leading and trailing blanks
|
||||||
|
|
Loading…
Reference in New Issue