mirror of https://github.com/MISP/MISP
parent
b84bc50c56
commit
ea0ab59e4f
|
@ -64,7 +64,6 @@ class AppController extends Controller {
|
|||
}
|
||||
|
||||
public function beforeFilter() {
|
||||
|
||||
// user must accept terms
|
||||
if (!$this->Auth->user('termsaccepted') && ($this->request->here != '/users/terms') && ($this->request->here != '/users/logout') && ($this->request->here != '/users/login')) {
|
||||
$this->redirect(array('controller' => 'users', 'action' => 'terms'));
|
||||
|
@ -431,7 +430,9 @@ class AppController extends Controller {
|
|||
}
|
||||
}
|
||||
|
||||
// CakePHP returns false if filesize is 0 at lib/cake/Utility/File.php:384
|
||||
/**
|
||||
* CakePHP returns false if filesize is 0 at lib/cake/Utility/File.php:384
|
||||
*/
|
||||
public function checkEmpty($fileP = '/var/www/cydefsig/app/files/test') {
|
||||
// Check if there were problems with the file upload
|
||||
// only keep the last part of the filename, this should prevent directory attacks
|
||||
|
|
|
@ -80,16 +80,16 @@ class EventsController extends AppController {
|
|||
}
|
||||
}
|
||||
|
||||
// // do not show cluster outside server
|
||||
// if ('true' == Configure::read('CyDefSIG.private')) {
|
||||
// if ($this->_isRest()) {
|
||||
// $this->paginate = Set::merge($this->paginate,array(
|
||||
// 'conditions' =>
|
||||
// array(array('Event.cluster !=' => true)),
|
||||
// //array("AND" => array(array('Event.private !=' => 2))),
|
||||
// ));
|
||||
// }
|
||||
// }
|
||||
//// do not show cluster outside server
|
||||
//if ('true' == Configure::read('CyDefSIG.private')) {
|
||||
// if ($this->_isRest()) {
|
||||
// $this->paginate = Set::merge($this->paginate,array(
|
||||
// 'conditions' =>
|
||||
// array(array('Event.cluster !=' => true)),
|
||||
// //array("AND" => array(array('Event.private !=' => 2))),
|
||||
// ));
|
||||
// }
|
||||
//}
|
||||
}
|
||||
|
||||
public function isAuthorized($user) {
|
||||
|
|
|
@ -191,20 +191,20 @@ class ServersController extends AppController {
|
|||
}
|
||||
if (is_array($event['Event']['Attribute']) && !isset($event['Event']['Attribute']['id'])) {
|
||||
$toRemove = array();
|
||||
$size = sizeof($event['Event']['Attribute']);
|
||||
$size = count($event['Event']['Attribute']);
|
||||
for ($i = 0; $i < $size; $i++) {
|
||||
switch($event['Event']['Attribute'][$i]['distribution']) {
|
||||
case 'Org':
|
||||
$toRemove[] = $i;
|
||||
break;
|
||||
case 'Community':
|
||||
$event['Event']['Attribute'][$i]['private'] = true;
|
||||
$event['Event']['Attribute'][$i]['distribution'] = 'Org';
|
||||
break;
|
||||
case 'All':
|
||||
$event['Event']['Attribute'][$i]['cluster'] = true;
|
||||
$event['Event']['Attribute'][$i]['distribution'] = 'Community';
|
||||
break;
|
||||
case 'Org':
|
||||
$toRemove[] = $i;
|
||||
break;
|
||||
case 'Community':
|
||||
$event['Event']['Attribute'][$i]['private'] = true;
|
||||
$event['Event']['Attribute'][$i]['distribution'] = 'Org';
|
||||
break;
|
||||
case 'All':
|
||||
$event['Event']['Attribute'][$i]['cluster'] = true;
|
||||
$event['Event']['Attribute'][$i]['distribution'] = 'Community';
|
||||
break;
|
||||
}
|
||||
}
|
||||
foreach ($toRemove as $thisRemove) {
|
||||
|
@ -213,17 +213,17 @@ class ServersController extends AppController {
|
|||
$event['Event']['Attribute'] = array_values($event['Event']['Attribute']);
|
||||
} elseif (is_array($event['Event']['Attribute']) && isset($event['Event']['Attribute']['id'])) {
|
||||
switch($event['Event']['Attribute']['distribution']) {
|
||||
case 'Org':
|
||||
unset($event['Event']['Attribute']);
|
||||
break;
|
||||
case 'Community':
|
||||
$event['Event']['Attribute']['private'] = true;
|
||||
$event['Event']['Attribute']['distribution'] = 'Org';
|
||||
break;
|
||||
case 'All':
|
||||
$event['Event']['Attribute']['cluster'] = true;
|
||||
$event['Event']['Attribute']['distribution'] = 'Community';
|
||||
break;
|
||||
case 'Org':
|
||||
unset($event['Event']['Attribute']);
|
||||
break;
|
||||
case 'Community':
|
||||
$event['Event']['Attribute']['private'] = true;
|
||||
$event['Event']['Attribute']['distribution'] = 'Org';
|
||||
break;
|
||||
case 'All':
|
||||
$event['Event']['Attribute']['cluster'] = true;
|
||||
$event['Event']['Attribute']['distribution'] = 'Community';
|
||||
break;
|
||||
}
|
||||
}
|
||||
// Distribution, set reporter of the event, being the admin that initiated the pull
|
||||
|
|
|
@ -8,23 +8,23 @@ App::uses('AppController', 'Controller');
|
|||
class WhitelistsController extends AppController {
|
||||
|
||||
public $components = array(
|
||||
'Acl',
|
||||
'Auth' => array(
|
||||
'authorize' => array(
|
||||
'Actions' => array('actionPath' => 'controllers/Whitelists')
|
||||
)
|
||||
),
|
||||
'Security',
|
||||
'Session'
|
||||
);
|
||||
'Acl',
|
||||
'Auth' => array(
|
||||
'authorize' => array(
|
||||
'Actions' => array('actionPath' => 'controllers/Whitelists')
|
||||
)
|
||||
),
|
||||
'Security',
|
||||
'Session'
|
||||
);
|
||||
|
||||
//public $components = array('Security');
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'order' => array(
|
||||
'Whitelist.name' => 'ASC'
|
||||
)
|
||||
);
|
||||
//public $components = array('Security');
|
||||
public $paginate = array(
|
||||
'limit' => 60,
|
||||
'order' => array(
|
||||
'Whitelist.name' => 'ASC'
|
||||
)
|
||||
);
|
||||
|
||||
/**
|
||||
* index method
|
||||
|
|
|
@ -775,7 +775,7 @@ class Attribute extends AppModel {
|
|||
$this->create();
|
||||
$this->data['Attribute']['event_id'] = $eventId;
|
||||
if ($malware) {
|
||||
$md5 = !$tmpfile->size() ? md5_file($fileP) : $tmpfile->md5() ;
|
||||
$md5 = !$tmpfile->size() ? md5_file($fileP) : $tmpfile->md5();
|
||||
$this->data['Attribute']['category'] = $category ? $category : "Payload delivery";
|
||||
$this->data['Attribute']['type'] = "malware-sample";
|
||||
$this->data['Attribute']['value'] = $fullFileName ? $fullFileName . '|' . $md5 : $filename . '|' . $md5; // TODO gives problems with bigger files
|
||||
|
|
|
@ -400,7 +400,7 @@ class Event extends AppModel {
|
|||
if (!$attribute['cluster'] && !$attribute['private']) {
|
||||
$attribute['cluster'] = true;
|
||||
$attribute['distribution'] = 'Community';
|
||||
}
|
||||
}
|
||||
// remove value1 and value2 from the output
|
||||
unset($attribute['value1']);
|
||||
unset($attribute['value2']);
|
||||
|
@ -548,7 +548,7 @@ class Event extends AppModel {
|
|||
$response = $HttpSocket->get($uri, $data = '', $request);
|
||||
|
||||
if ($response->isOk()) {
|
||||
//debug($response->body);
|
||||
//debug($response->body);
|
||||
$xml = Xml::build($response->body);
|
||||
$eventArray = Xml::toArray($xml);
|
||||
$eventIds = array();
|
||||
|
|
|
@ -18,9 +18,6 @@ if ('true' == Configure::read('CyDefSIG.sync')) {
|
|||
echo $this->Form->input('distribution', array('label' => 'Distribution', 'selected' => 'All',
|
||||
'between' => $this->Html->div('forminfo', '', array('id' => 'AttributeDistributionDiv'))
|
||||
));
|
||||
// echo $this->Form->input('sharing', array('label' => 'Distribution',
|
||||
// 'before' => $this->Html->div('forminfo', isset($attrDescriptions['sharing']['formdesc']) ? $attrDescriptions['sharing']['formdesc'] : $attrDescriptions['sharing']['desc']),
|
||||
// ));
|
||||
} else {
|
||||
echo $this->Form->input('private', array(
|
||||
'before' => $this->Html->div('forminfo', isset($attrDescriptions['private']['formdesc']) ? $attrDescriptions['private']['formdesc'] : $attrDescriptions['private']['desc']),
|
||||
|
|
|
@ -35,7 +35,7 @@
|
|||
<td class="short" onclick="document.location ='<?php echo $this->Html->url(array('admin' => true, 'action' => 'view', $user['User']['id']), true);?>';">
|
||||
<?php echo h($user['User']['newsread']); ?> </td>
|
||||
<td class="actions">
|
||||
<?php if (($isAclModifyOrg && ($user['User']['org'] == $me['org'])) || ('1' == $me['id'])) {
|
||||
<?php if (($isAclModifyOrg && ($user['User']['org'] == $me['org'])) || ('1' == $me['id'])) {
|
||||
echo $this->Html->link(__('Edit'), array('admin' => true, 'action' => 'edit', $user['User']['id']), null);
|
||||
echo $this->Form->postLink(__('Delete'), array('admin' => true, 'action' => 'delete', $user['User']['id']), null, __('Are you sure you want to delete # %s?', $user['User']['id']));
|
||||
}?>
|
||||
|
|
Loading…
Reference in New Issue