MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

replace Risk with ThreatLevel [skip ci] 

- Event.risk has been replaced by Event.threat_level_id.
      all functionality remains the same and users should not see
      any difference.
      ENUM() used for Event.risk is vendor specific and requires
      too many hacks to play nicely with bake.
    - Added default schema file, SQL dumps should be avoided since
      they make updating/upgrading a pain.
    - Removed old unused schemas
pull/217/head
Alexandru Ciobanu 2013-11-17 17:54:15 +01:00
parent 233a30b9fd
commit f36cc43955
23 changed files with 413 additions and 632 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
INSTALL/MYSQL.sql Executable file → Normal file
View File

@ -13,13 +13,13 @@ CREATE TABLE IF NOT EXISTS `attributes` (
`value2` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`to_ids` tinyint(1) NOT NULL DEFAULT '1',
`uuid` varchar(40) COLLATE utf8_bin NOT NULL,
`timestamp` int(11) NOT NULL DEFAULT '0',
`timestamp` int(11) DEFAULT '0',
`distribution` tinyint(4) NOT NULL DEFAULT '0',
`comment` text COLLATE utf8_bin NOT NULL,
`comment` text COLLATE utf8_bin,
PRIMARY KEY (`id`),
KEY `event_id` (`event_id`),
KEY `uuid` (`uuid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -68,7 +68,8 @@ CREATE TABLE IF NOT EXISTS `correlations` (
KEY `1_event_id` (`1_event_id`),
KEY `1_attribute_id` (`1_attribute_id`),
KEY `attribute_id` (`attribute_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
@ -77,9 +78,9 @@ CREATE TABLE IF NOT EXISTS `correlations` (
CREATE TABLE IF NOT EXISTS `events` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`threat_level_id` int(11) DEFAULT NULL,
`org` varchar(255) COLLATE utf8_bin NOT NULL,
`date` date NOT NULL,
`risk` enum('Undefined','Low','Medium','High') COLLATE utf8_bin NOT NULL,
`info` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`user_id` int(11) NOT NULL,
`published` tinyint(1) NOT NULL DEFAULT '0',
@ -94,7 +95,7 @@ CREATE TABLE IF NOT EXISTS `events` (
PRIMARY KEY (`id`),
KEY `uuid` (`uuid`),
FULLTEXT KEY `info` (`info`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -115,13 +116,14 @@ CREATE TABLE IF NOT EXISTS `logs` (
`org` varchar(255) COLLATE utf8_bin DEFAULT NULL,
`description` varchar(255) COLLATE utf8_bin DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `posts`
--
CREATE TABLE IF NOT EXISTS `posts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`date_created` datetime NOT NULL,
@ -131,7 +133,7 @@ CREATE TABLE IF NOT EXISTS `posts` (
`post_id` int(11) NOT NULL DEFAULT '0',
`thread_id` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ;
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -145,7 +147,7 @@ CREATE TABLE IF NOT EXISTS `regexp` (
`replacement` varchar(255) COLLATE utf8_bin NOT NULL,
`type` varchar(100) COLLATE utf8_bin NOT NULL DEFAULT 'ALL',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -167,10 +169,10 @@ CREATE TABLE IF NOT EXISTS `roles` (
`perm_audit` tinyint(1) DEFAULT NULL,
`perm_full` tinyint(1) DEFAULT NULL,
`perm_auth` tinyint(1) NOT NULL DEFAULT '0',
`perm_regexp_access` TINYINT( 1 ) NOT NULL DEFAULT '0',
`perm_site_admin` TINYINT( 1 ) NOT NULL DEFAULT '0',
`perm_regexp_access` tinyint(1) NOT NULL DEFAULT '0',
`perm_site_admin` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=5 ;
-- --------------------------------------------------------
@ -189,7 +191,7 @@ CREATE TABLE IF NOT EXISTS `servers` (
`lastpulledid` int(11) NOT NULL,
`lastpushedid` int(11) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -213,12 +215,14 @@ CREATE TABLE IF NOT EXISTS `shadow_attributes` (
KEY `event_id` (`event_id`),
KEY `uuid` (`uuid`),
KEY `old_id` (`old_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `threads`
--
CREATE TABLE IF NOT EXISTS `threads` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`date_created` datetime NOT NULL,
@ -230,7 +234,22 @@ CREATE TABLE IF NOT EXISTS `threads` (
`title` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
`org` varchar(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 ;
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `threat_levels`
--
CREATE TABLE IF NOT EXISTS `threat_levels` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(50) NOT NULL,
`description` varchar(255) DEFAULT NULL,
`form_description` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
@ -255,7 +274,7 @@ CREATE TABLE IF NOT EXISTS `users` (
PRIMARY KEY (`id`),
KEY `email` (`email`),
KEY `password` (`password`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ;
-- --------------------------------------------------------
@ -267,7 +286,7 @@ CREATE TABLE IF NOT EXISTS `whitelist` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
@ -275,9 +294,9 @@ CREATE TABLE IF NOT EXISTS `whitelist` (
-- Default values for initial installation
--
INSERT INTO `regexp`
INSERT INTO `regexp`
(`regexp`, `replacement`)
VALUES
VALUES
('/.:.ProgramData./i','%ALLUSERSPROFILE%\\\\'),
('/.:.Documents and Settings.All Users./i','%ALLUSERSPROFILE%\\\\'),
('/.:.Program Files.Common Files./i','%COMMONPROGRAMFILES%\\\\'),
@ -328,3 +347,17 @@ INSERT INTO `roles` (`id`, `name`, `created`, `modified`, `perm_add`, `perm_modi
VALUES ('4', 'Sync user', NOW(), NOW(), '1', '1', '1', '1', '1', '0', '1', '0', '1');
-- --------------------------------------------------------
--
-- Initial threat levels
--
INSERT INTO `threat_levels` (`id`, `name`, `description`, `form_description`)
VALUES
(1,'High','*high* means sophisticated APT malware or 0-day attack','Sophisticated APT malware or 0-day attack'),
(2,'Medium','*medium* means APT malware','APT malware'),
(3,'Low','*low* means mass-malware','Mass-malware'),
(4,'Undefined','*undefined* no risk','No risk');
-- --------------------------------------------------------

27
app/Config/Schema/db_correlation.php
View File

@ -1,27 +0,0 @@
<?php
class DbCorrelationSchema extends CakeSchema {
public $name = 'DbCorrelation';
public function before($event = array()) {
return true;
}
public function after($event = array()) {
}
public $correlations = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
'date' => array('type' => 'date', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
}

28
app/Config/Schema/db_log.php
View File

@ -1,28 +0,0 @@
<?php
class DbLogSchema extends CakeSchema {
public $name = 'DbLog';
public function before($event = array()) {
return true;
}
public function after($event = array()) {
}
public $logs = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'title' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
'model' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'model_id' => array('type' => 'integer', 'null' => true, 'default' => null),
'action' => array('type' => 'string', 'null' => true, 'default' => null, 'length' => 20, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'user_id' => array('type' => 'integer', 'null' => true, 'default' => null),
'change' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'email' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
}

21
app/Config/Schema/db_log.sql
View File

@ -1,21 +0,0 @@
-- Audit, log table
-- works in conjunction with:
-- https://github.com/alkemann/CakePHP-Assets/wiki
-- also described at:
-- http://bakery.cakephp.org/articles/alkemann/2008/10/21/logablebehavior
DROP TABLE logs;
CREATE TABLE logs (
id int(11) NOT NULL AUTO_INCREMENT,
title varchar(255),
created DATETIME,
description varchar(255),
model varchar(20),
model_id int(11),
action varchar(20),
user_id int(11),
`change` varchar(255),
email varchar(255),
org varchar(255) COLLATE utf8_bin,
PRIMARY KEY (id)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ;

20
app/Config/Schema/db_regexp.php
View File

@ -1,20 +0,0 @@
<?php
class DbRegexpSchema extends CakeSchema {
public $name = 'DbRegexp';
public function before($event = array()) {
return true;
}
public function after($event = array()) {
}
public $regexp = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
}

49
app/Config/Schema/db_role.php
View File

@ -1,49 +0,0 @@
<?php
class DbRoleSchema extends CakeSchema {
public $name = 'DbRole';
public function before($event = array()) {
return true;
}
public function after($event = array()) {
if (isset($event['create'])) {
switch ($event['create']) {
case 'roles':
// populate roles
//$roles = ClassRegistry::init('Role');
//$roles->create();
//$roles->save(array('Role' => array('name' => 'malware analyst', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => false, 'perm_full' => false)));
//$roles->create();
//$roles->save(array('Role' => array('name' => 'admin', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => true, 'perm_full' => true)));
//$roles->create();
//$roles->save(array('Role' => array('name' => 'IDS analyst', 'perm_add' => true, 'perm_modify' => true, 'perm_publish' => true, 'perm_full' => false)));
//$roles->create();
//$roles->save(array('Role' => array('name' => 'guest', 'perm_add' => false, 'perm_modify' => false, 'perm_publish' => false, 'perm_full' => false)));
// populate Users.role_id
//$users = ClassRegistry::init('User');
//$user = $users->read(null, '1');
//$users->saveField('role_id', '2'); // $user['User']['role_id'] = '2';
break;
}
}
}
public $roles = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
'modified' => array('type' => 'datetime', 'null' => true, 'default' => null),
'perm_add' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_modify' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_modify_org' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_publish' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_sync' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_admin' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_audit' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_full' => array('type' => 'boolean', 'null' => true, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
);
}

32
app/Config/Schema/db_role.sql
View File

@ -1,32 +0,0 @@
-- ACL, role table
-- works in conjunction with: CakePHP AclComponent
CREATE TABLE roles (
id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(100) NOT NULL,
perm_add boolean,
perm_modify boolean,
perm_modify_org boolean,
perm_publish boolean,
perm_full boolean,
created DATETIME,
modified DATETIME
);
-- ALTER TABLE users ADD COLUMN role_id INT(11);
-- data of Roles
-- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('malware analyst',true,true,false,false);
-- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('admin',true,true,true,true);
-- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('IDS analyst',true,true,true,false);
-- INSERT INTO roles (name,perm_add,perm_modify,perm_publish,perm_full) VALUES ('guest',false,false,false,false);
-- CakePHP AclComponent acor & aros tables
-- aros table (should be auto generated on role create)
-- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',1,1,2);
-- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',2,3,4);
-- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',3,5,6);
-- INSERT INTO aros (model,foreign_key,lft,rght) VALUES ('Role',4,7,8);
-- aros_acos

19
app/Config/Schema/db_whitelist.php
View File

@ -1,19 +0,0 @@
<?php
class DbWhitelistSchema extends CakeSchema {
public $name = 'DbWhitelist';
public function before($event = array()) {
return true;
}
public function after($event = array()) {
}
public $whitelist = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
}

183
app/Config/Schema/schema_0.2.3.php → app/Config/Schema/schema.php Executable file → Normal file
View File

@ -1,8 +1,6 @@
<?php
<?php
class AppSchema extends CakeSchema {
public $file = 'schema_0.2.3.php';
public function before($event = array()) {
return true;
}
@ -13,17 +11,20 @@ class AppSchema extends CakeSchema {
public $attributes = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'value1' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'value2' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
'timestamp' => array('type' => 'integer', 'null' => true, 'default' => '0'),
'distribution' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 4),
'comment' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1),
'event_id' => array('column' => 'event_id', 'unique' => 0),
'uuid' => array('column' => 'uuid', 'unique' => 0)
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
@ -31,41 +32,33 @@ class AppSchema extends CakeSchema {
'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
'indexes' => array(),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $correlations = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
'indexes' => array(
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $events = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'threat_level_id' => array('type' => 'integer', 'null' => true, 'default' => null),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'date' => array('type' => 'date', 'null' => false, 'default' => null),
//'risk' ENUM
'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
//'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'revision' => array('type' => 'boolean', 'null' => false, 'default' => null),
'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 11),
'hop_count' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 11),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null),
'analysis' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
'orgc' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'timestamp' => array('type' => 'integer', 'null' => false, 'default' => '0'),
'distribution' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 4),
'proposal_email_lock' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'locked' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1),
'uuid' => array('column' => 'uuid', 'unique' => 0),
'info' => array('column' => 'info', 'type' => 'fulltext')
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
@ -81,30 +74,57 @@ class AppSchema extends CakeSchema {
'email' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $regex = array(
public $posts = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'regex' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'date_created' => array('type' => 'datetime', 'null' => false, 'default' => null),
'date_modified' => array('type' => 'datetime', 'null' => false, 'default' => null),
'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
'contents' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'post_id' => array('type' => 'integer', 'null' => false, 'default' => '0'),
'thread_id' => array('type' => 'integer', 'null' => false, 'default' => '0'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
);
public $regexp = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'type' => array('type' => 'string', 'null' => false, 'default' => 'ALL', 'length' => 100, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $roles = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'latin1_swedish_ci', 'charset' => 'latin1'),
'name' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'created' => array('type' => 'datetime', 'null' => true, 'default' => null),
'modified' => array('type' => 'datetime', 'null' => true, 'default' => null),
'perm_add' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_modify' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_modify_org' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_publish' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_sync' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_admin' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_audit' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_full' => array('type' => 'boolean', 'null' => true, 'default' => null),
'perm_auth' => array('type' => 'boolean', 'null' => true, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
'perm_auth' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'perm_regexp_access' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'perm_site_admin' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $servers = array(
@ -117,15 +137,65 @@ class AppSchema extends CakeSchema {
'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $shadow_attributes = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'old_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1),
'event_id' => array('column' => 'event_id', 'unique' => 0),
'uuid' => array('column' => 'uuid', 'unique' => 0),
'old_id' => array('column' => 'old_id', 'unique' => 0)
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $threads = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'date_created' => array('type' => 'datetime', 'null' => false, 'default' => null),
'date_modified' => array('type' => 'datetime', 'null' => false, 'default' => null),
'distribution' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
'post_count' => array('type' => 'integer', 'null' => false, 'default' => null),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null),
'title' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
);
public $threat_levels = array(
'id' => array('type' => 'boolean', 'null' => false, 'default' => null, 'key' => 'primary'),
'name' => array('type' => 'string', 'null' => false, 'length' => 50, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'form_description' => array('type' => 'string', 'null' => false, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
);
public $users = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'email' => array('type' => 'string', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
@ -133,15 +203,24 @@ class AppSchema extends CakeSchema {
'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
'role_id' => array('type' => 'integer', 'null' => true, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
'role_id' => array('type' => 'integer', 'null' => false, 'default' => null),
'change_pw' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
'contactalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1),
'email' => array('column' => 'email', 'unique' => 0),
'password' => array('column' => 'password', 'unique' => 0)
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $whitelists = array(
public $whitelist = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'name' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
}

77
app/Config/Schema/schema_0.2.1.1.php
View File

@ -1,77 +0,0 @@
<?php
class AppSchema extends CakeSchema {
public $file = 'schema_0.2.1.1.php';
public function before($event = array()) {
return true;
}
public function after($event = array()) {
}
public $attributes = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $bruteforces = array(
'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
'indexes' => array(),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $events = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'date' => array('type' => 'date', 'null' => false, 'default' => null),
'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $servers = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
'lastfetchedid' => array('type' => 'integer', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $users = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
}

126
app/Config/Schema/schema_0.2.2.1.php
View File

@ -1,126 +0,0 @@
<?php
class AppSchema extends CakeSchema {
public $file = 'schema_0.2.2.1.php';
public function before($event = array()) {
return true;
}
public function after($event = array()) {
if (isset($event['update'])) {
switch ($event['update']) {
case 'users':
// TDDO Schema,Users.role_id is not here
break;
}
}
}
public $attributes = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $bruteforces = array(
'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
'indexes' => array(),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $correlations = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'1_event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'1_attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'1_private' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'attribute_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $events = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'date' => array('type' => 'date', 'null' => false, 'default' => null),
//'risk' ENUM
'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
//'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'revision' => array('type' => 'boolean', 'null' => false, 'default' => null),
'cluster' => array('type' => 'boolean', 'null' => false, 'default' => null),
'communitie' => array('type' => 'boolean', 'null' => false, 'default' => null),
'attribute_count' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 11),
'hop_count' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 11),
'analysis' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 4),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $regexp = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'regexp' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'replacement' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 255, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $servers = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'organization' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 10, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $users = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
'role_id' => array('type' => 'integer', 'null' => true, 'default' => null),
'change_pw' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 1),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $whitelists = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'name' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
}

79
app/Config/Schema/schema_0.2.2.php
View File

@ -1,79 +0,0 @@
<?php
class AppSchema extends CakeSchema {
public $file = 'schema_0.2.2.php';
public function before($event = array()) {
return true;
}
public function after($event = array()) {
}
public $attributes = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'event_id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'index'),
'type' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 100, 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'category' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'value1' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'to_ids' => array('type' => 'boolean', 'null' => false, 'default' => '1'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'revision' => array('type' => 'integer', 'null' => false, 'default' => '0', 'length' => 10),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'value2' => array('type' => 'text', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'event_id' => array('column' => 'event_id', 'unique' => 0), 'uuid' => array('column' => 'uuid', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $bruteforces = array(
'ip' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'username' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'expire' => array('type' => 'datetime', 'null' => false, 'default' => null),
'indexes' => array(),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $events = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'date' => array('type' => 'date', 'null' => false, 'default' => null),
//'risk' ENUM
'info' => array('type' => 'text', 'null' => false, 'default' => null, 'key' => 'index', 'collate' => 'utf8_unicode_ci', 'charset' => 'utf8'),
'user_id' => array('type' => 'integer', 'null' => false, 'default' => null),
'alerted' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'uuid' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'private' => array('type' => 'boolean', 'null' => false, 'default' => null),
'published' => array('type' => 'boolean', 'null' => false, 'default' => '0'),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'uuid' => array('column' => 'uuid', 'unique' => 0), 'info' => array('column' => 'info', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $servers = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'url' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'push' => array('type' => 'boolean', 'null' => false, 'default' => null),
'pull' => array('type' => 'boolean', 'null' => false, 'default' => null),
'lastpulledid' => array('type' => 'integer', 'null' => false, 'default' => null),
'lastpushedid' => array('type' => 'integer', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
public $users = array(
'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'key' => 'primary'),
'password' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'key' => 'index', 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'org' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'email' => array('type' => 'string', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'autoalert' => array('type' => 'boolean', 'null' => false, 'default' => null),
'authkey' => array('type' => 'string', 'null' => false, 'default' => null, 'length' => 40, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'invited_by' => array('type' => 'integer', 'null' => false, 'default' => null),
'gpgkey' => array('type' => 'text', 'null' => false, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'nids_sid' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 15),
'termsaccepted' => array('type' => 'boolean', 'null' => false, 'default' => null),
'newsread' => array('type' => 'date', 'null' => false, 'default' => null),
'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'username' => array('column' => 'password', 'unique' => 0)),
'tableParameters' => array('charset' => 'utf8', 'collate' => 'utf8_bin', 'engine' => 'MyISAM')
);
}

6
app/Controller/Component/NidsExportComponent.php
View File

@ -33,7 +33,7 @@ class NidsExportComponent extends Component {
$this->explain();
// generate the rules
foreach ($items as &$item) {
switch ($item['Event']['risk']) {
/*switch ($item['Event']['risk']) {
case 'Undefined':
$priority = '4';
break;
@ -48,12 +48,12 @@ class NidsExportComponent extends Component {
break;
default:
$priority = '4';
}
}*/
# proto src_ip src_port direction dst_ip dst_port msg rule_content tag sid rev
$ruleFormatMsg = 'msg: "' . Configure::read('CyDefSIG.name') . ' e' . $item['Event']['id'] . ' %s"';
$ruleFormatReference = 'reference:url,' . Configure::read('CyDefSIG.baseurl') . '/events/view/' . $item['Event']['id'];
$ruleFormat = '%salert %s %s %s %s %s %s (' . $ruleFormatMsg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $priority . '; ' . $ruleFormatReference . ';) ';
$ruleFormat = '%salert %s %s %s %s %s %s (' . $ruleFormatMsg . '; %s %s classtype:' . $this->classtype . '; sid:%d; rev:%d; priority:' . $item['Event']['threat_level_id'] . '; ' . $ruleFormatReference . ';) ';
$sid = $startSid + ($item['Attribute']['id'] * 10); // leave 9 possible rules per attribute type
$attribute = &$item['Attribute'];

45
app/Controller/EventsController.php
View File

@ -149,6 +149,11 @@ class EventsController extends AppController {
}
}
}
$this->paginate = array('contain' => array(
'ThreatLevel' => array(
'fields' => array(
'ThreatLevel.name'))
));
$this->set('events', $this->paginate());
if (!$this->Auth->user('gpgkey')) {
$this->Session->setFlash(__('No GPG key set in your profile. To receive emails, submit your public key in your profile.'));
@ -462,11 +467,9 @@ class EventsController extends AppController {
$this->set('distributionLevels', $this->Event->distributionLevels);
// combobox for risks
$risks = $this->Event->validate['risk']['rule'][1];
$risks = $this->_arrayToValuesIndexArray($risks);
$this->set('risks',$risks);
// tooltip for risk
$this->set('riskDescriptions', $this->Event->riskDescriptions);
$threat_levels = $this->Event->ThreatLevel->find('all');
$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
$this->set('riskDescriptions', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.form_description'));
// combobox for analysis
$analysiss = $this->Event->validate['analysis']['rule'][1];
@ -590,7 +593,7 @@ class EventsController extends AppController {
}
// FIXME chri: validatebut the necessity for all these fields...impact on security !
$fieldList = array(
'Event' => array('org', 'orgc', 'date', 'risk', 'analysis', 'info', 'user_id', 'published', 'uuid', 'timestamp', 'distribution', 'locked'),
'Event' => array('org', 'orgc', 'date', 'threat_level_id', 'analysis', 'info', 'user_id', 'published', 'uuid', 'timestamp', 'distribution', 'locked'),
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'timestamp', 'distribution')
);
@ -624,7 +627,7 @@ class EventsController extends AppController {
return 'Event originated on this instance, any changes to it have to be done locally.';
}
$fieldList = array(
'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
'Event' => array('date', 'threat_level_id', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'distribution', 'timestamp')
);
$data['Event']['id'] = $this->Event->data['Event']['id'];
@ -715,7 +718,7 @@ class EventsController extends AppController {
}
}
$fieldList = array(
'Event' => array('date', 'risk', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
'Event' => array('date', 'threat_level_id', 'analysis', 'info', 'published', 'uuid', 'from', 'distribution', 'timestamp'),
'Attribute' => array('event_id', 'category', 'type', 'value', 'value1', 'value2', 'to_ids', 'uuid', 'revision', 'distribution', 'timestamp')
);
@ -768,7 +771,7 @@ class EventsController extends AppController {
}
}
// say what fields are to be updated
$fieldList = array('date', 'risk', 'analysis', 'info', 'published', 'distribution', 'timestamp');
$fieldList = array('date', 'threat_level_id', 'analysis', 'info', 'published', 'distribution', 'timestamp');
$this->Event->read();
// always force the org, but do not force it for admins
@ -801,12 +804,9 @@ class EventsController extends AppController {
$this->set('distributionLevels', $this->Event->distributionLevels);
// combobox for types
$risks = $this->Event->validate['risk']['rule'][1];
$risks = $this->_arrayToValuesIndexArray($risks);
$this->set('risks',$risks);
// tooltip for risk
$this->set('riskDescriptions', $this->Event->riskDescriptions);
$threat_levels = $this->Event->ThreatLevel->find('all');
$this->set('threatLevels', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.name'));
$this->set('riskDescriptions', Set::combine($threat_levels, '{n}.ThreatLevel.id', '{n}.ThreatLevel.form_description'));
// combobox for analysis
$analysiss = $this->Event->validate['analysis']['rule'][1];
@ -1057,7 +1057,7 @@ class EventsController extends AppController {
if ('true' == Configure::read('CyDefSIG.showorg')) {
$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
}
$body .= 'Risk : ' . $event['Event']['risk'] . "\n";
$body .= 'Risk : ' . $event['ThreatLevel']['name'] . "\n";
$body .= 'Analysis : ' . $this->Event->analysisLevels[$event['Event']['analysis']] . "\n";
$body .= 'Info : ' . "\n";
$body .= $event['Event']['info'] . "\n";
@ -1119,7 +1119,7 @@ class EventsController extends AppController {
// prepare the the unencrypted email
$this->Email->from = Configure::read('CyDefSIG.email');
$this->Email->to = $user['User']['email'];
$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['ThreatLevel']['name'] . " - TLP Amber";
$this->Email->template = 'body';
$this->Email->sendAs = 'text'; // both text or html
$this->set('body', $bodySigned);
@ -1148,7 +1148,7 @@ class EventsController extends AppController {
// send the email
$this->Email->from = Configure::read('CyDefSIG.email');
$this->Email->to = $user['User']['email'];
$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['Event']['risk'] . " - TLP Amber";
$this->Email->subject = "[" . Configure::read('CyDefSIG.org') . " " . Configure::read('CyDefSIG.name') . "] Event " . $id . " - " . $event['ThreatLevel']['name'] . " - TLP Amber";
$this->Email->template = 'body';
$this->Email->sendAs = 'text'; // both text or html
@ -1274,7 +1274,7 @@ class EventsController extends AppController {
if ('true' == Configure::read('CyDefSIG.showorg')) {
$body .= 'Reported by : ' . $event['Event']['org'] . "\n";
}
$body .= 'Risk : ' . $event['Event']['risk'] . "\n";
$body .= 'Risk : ' . $event['ThreatLevel']['name'] . "\n";
$body .= 'Analysis : ' . $event['Event']['analysis'] . "\n";
$relatedEvents = $this->Event->getRelatedEvents($this->Auth->user(), $this->_isSiteAdmin());
if (!empty($relatedEvents)) {
@ -1481,7 +1481,7 @@ class EventsController extends AppController {
// $conditions['AND'][] = array('Event.published =' => 1);
// do not expose all the data ...
$fields = array('Event.id', 'Event.org', 'Event.date', 'Event.risk', 'Event.info', 'Event.published', 'Event.uuid', 'Event.attribute_count', 'Event.analysis', 'Event.timestamp', 'Event.distribution', 'Event.proposal_email_lock', 'Event.orgc', 'Event.user_id', 'Event.locked');
$fields = array('Event.id', 'Event.org', 'Event.date','Event.info', 'Event.published', 'Event.uuid', 'Event.attribute_count', 'Event.analysis', 'Event.timestamp', 'Event.distribution', 'Event.proposal_email_lock', 'Event.orgc', 'Event.user_id', 'Event.locked');
$fieldsAtt = array('Attribute.id', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.uuid', 'Attribute.event_id', 'Attribute.distribution', 'Attribute.timestamp', 'Attribute.comment');
$fieldsShadowAtt = array('ShadowAttribute.id', 'ShadowAttribute.type', 'ShadowAttribute.category', 'ShadowAttribute.value', 'ShadowAttribute.to_ids', 'ShadowAttribute.uuid', 'ShadowAttribute.event_id', 'ShadowAttribute.old_id');
@ -1489,6 +1489,9 @@ class EventsController extends AppController {
'recursive' => 0,
'fields' => $fields,
'contain' => array(
'ThreatLevel' => array(
'fields' => array('ThreatLevel.name')
),
'Attribute' => array(
'fields' => $fieldsAtt,
'conditions' => $conditionsAttributes,
@ -2289,7 +2292,7 @@ class EventsController extends AppController {
$date = new DateTime();
$data['Event']['info'] = 'Test event showing every category-type combination';
$data['Event']['date'] = '2013-10-09';
$data['Event']['risk'] = 'Undefined';
$data['Event']['threat_level_id'] = 4; //'Undefined'
$data['Event']['analysis'] = '0';
$data['Event']['distribution'] = '0';

26
app/Model/Event.php
View File

@ -34,7 +34,7 @@ class Event extends AppModel {
* @var array
*/
public $fieldDescriptions = array(
'risk' => array('desc' => 'Risk levels: *low* means mass-malware, *medium* means APT malware, *high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Risk levels: low: mass-malware medium: APT malware high: sophisticated APT malware or 0-day attack'),
'threat_level_id' => array('desc' => 'Risk levels: *low* means mass-malware, *medium* means APT malware, *high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Risk levels: low: mass-malware medium: APT malware high: sophisticated APT malware or 0-day attack'),
'classification' => array('desc' => 'Set the Traffic Light Protocol classification. <ol><li><em>TLP:AMBER</em>- Share only within the organization on a need-to-know basis</li><li><em>TLP:GREEN:NeedToKnow</em>- Share within your constituency on the need-to-know basis.</li><li><em>TLP:GREEN</em>- Share within your constituency.</li></ol>'),
'submittedgfi' => array('desc' => 'GFI sandbox: export upload', 'formdesc' => 'GFI sandbox: export upload'),
'submittedioc' => array('desc' => '', 'formdesc' => ''),
@ -42,12 +42,12 @@ class Event extends AppModel {
'distribution' => array('desc' => 'Describes who will have access to the event.')
);
public $riskDescriptions = array(
/*public $riskDescriptions = array(
'Undefined' => array('desc' => '*undefined* no risk', 'formdesc' => 'No risk'),
'Low' => array('desc' => '*low* means mass-malware', 'formdesc' => 'Mass-malware'),
'Medium' => array('desc' => '*medium* means APT malware', 'formdesc' => 'APT malware'),
'High' => array('desc' => '*high* means sophisticated APT malware or 0-day attack', 'formdesc' => 'Sophisticated APT malware or 0-day attack')
);
);*/
public $analysisDescriptions = array(
0 => array('desc' => '*Initial* means the event has just been created', 'formdesc' => 'Creation started'),
@ -106,14 +106,14 @@ class Event extends AppModel {
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'risk' => array(
'rule' => array('inList', array('Undefined', 'Low','Medium','High')),
'message' => 'Options : Undefined, Low, Medium, High',
//'allowEmpty' => false,
'required' => true,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
'threat_level_id' => array(
'notempty' => array(
'rule' => array('notempty'),
//'message' => 'Please specify threat level',
'required' => true
),
),
'distribution' => array(
'rule' => array('inList', array('0', '1', '2', '3')),
'message' => 'Options : Your organisation only, This community only, Connected communities, All communities',
@ -219,6 +219,10 @@ class Event extends AppModel {
'conditions' => '',
'fields' => '',
'order' => ''
),
'ThreatLevel' => array(
'className' => 'ThreatLevel',
'foreignKey' => 'threat_level_id'
)
);
@ -574,7 +578,7 @@ class Event extends AppModel {
$newTextBody = $response->body();
return 404;
break;
case '405':
case '405':
return 405;
break;
case '403': // Not authorised

39
app/Model/ThreatLevel.php Normal file
View File

@ -0,0 +1,39 @@
<?php
App::uses('AppModel', 'Model');
class ThreatLevel extends AppModel {
public $validate = array(
'name' => array(
'notEmpty' => array(
'rule' => array('notEmpty'),
'required' => true
),
),
'description' => array(
'notEmpty' => array(
'rule' => array('notEmpty'),
),
),
'form_description' => array(
'notEmpty' => array(
'rule' => array('notEmpty'),
'required' => true
),
),
);
/**
* hasMany associations
*
* @var array
*/
/*public $hasMany = array(
'Event' => array(
'className' => 'Event',
'foreignKey' => 'threat_level_id',
'dependent' => false,
)
);*/
}

47
app/Test/Case/Model/ThreatLevelTest.php Normal file
View File

@ -0,0 +1,47 @@
<?php
App::uses('ThreatLevel', 'Model');
/**
* ThreatLevel Test Case
*
*/
class ThreatLevelTest extends CakeTestCase {
/**
* Fixtures
*
* @var array
*/
public $fixtures = array(
'app.threat_level',
'app.event',
'app.user',
'app.role',
'app.post',
'app.thread',
'app.attribute',
'app.shadow_attribute'
);
/**
* setUp method
*
* @return void
*/
public function setUp() {
parent::setUp();
$this->ThreatLevel = ClassRegistry::init('ThreatLevel');
}
/**
* tearDown method
*
* @return void
*/
public function tearDown() {
unset($this->ThreatLevel);
parent::tearDown();
}
}

56
app/Test/Fixture/ThreatLevelFixture.php Normal file
View File

@ -0,0 +1,56 @@
<?php
/**
* ThreatLevelFixture
*
*/
class ThreatLevelFixture extends CakeTestFixture {
/**
* Fields
*
* @var array
*/
public $fields = array(
'id' => array('type' => 'boolean', 'null' => false, 'default' => null, 'key' => 'primary'),
'name' => array('type' => 'string', 'null' => false, 'length' => 50, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'description' => array('type' => 'string', 'null' => true, 'default' => null, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'form_description' => array('type' => 'string', 'null' => false, 'collate' => 'utf8_bin', 'charset' => 'utf8'),
'indexes' => array(
'PRIMARY' => array('column' => 'id', 'unique' => 1)
),
'tableParameters' => array('charset' => 'latin1', 'collate' => 'latin1_swedish_ci', 'engine' => 'InnoDB')
);
/**
* Records
*
* @var array
*/
public $records = array(
array(
'id' => 1,
'name' => 'High',
'description' => '*high* means sophisticated APT malware or 0-day attack',
'form_description' => 'Sophisticated APT malware or 0-day attack'
),
array(
'id' => 2,
'name' => 'Medium',
'description' => '*medium* means APT malware',
'form_description' => 'APT malware'
),
array(
'id' => 3,
'name' => 'Low',
'description' => '*low* means mass-malware',
'form_description' => 'Mass-malware'
),
array(
'id' => 4,
'name' => 'Undefined',
'description' => '*undefined* no risk',
'form_description' => 'No risk'
),
);
}

15
app/View/Events/add.ctp
View File

@ -18,7 +18,7 @@
'selected' => $initialDistribution,
));
}
echo $this->Form->input('risk', array(
echo $this->Form->input('threat_level_id', array(
'div' => 'input clear'
));
echo $this->Form->input('analysis', array(
@ -41,7 +41,7 @@ echo $this->Form->end();
?>
</div>
<?php
<?php
echo $this->element('side_menu', array('menuList' => 'event-collection', 'menuItem' => 'add'));
?>
@ -51,7 +51,7 @@ echo $this->Form->end();
//
var formInfoValues = {
'EventDistribution' : new Array(),
'EventRisk' : new Array(),
'EventThreatLevelId' : new Array(),
'EventAnalysis' : new Array()
};
@ -61,8 +61,7 @@ foreach ($distributionDescriptions as $type => $def) {
echo "formInfoValues['EventDistribution']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($riskDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['EventRisk']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
echo "formInfoValues['EventThreatLevelId']['" . addslashes($type) . "'] = \"" . addslashes($def) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($analysisDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
@ -72,11 +71,11 @@ foreach ($analysisDescriptions as $type => $def) {
$(document).ready(function() {
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
@ -91,7 +90,7 @@ $(document).ready(function() {
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({

15
app/View/Events/edit.ctp
View File

@ -14,7 +14,7 @@ if ('true' == Configure::read('CyDefSIG.sync')) {
'label' => 'Distribution',
));
}
echo $this->Form->input('risk', array(
echo $this->Form->input('threat_level_id', array(
'div' => 'input clear'
));
echo $this->Form->input('analysis', array(
@ -32,7 +32,7 @@ echo $this->Form->button('Submit', array('class' => 'btn btn-primary'));
echo $this->Form->end();
?>
</div>
<?php
<?php
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'editEvent'));
?>
@ -42,7 +42,7 @@ echo $this->Form->end();
//
var formInfoValues = {
'EventDistribution' : new Array(),
'EventRisk' : new Array(),
'EventThreatLevelId' : new Array(),
'EventAnalysis' : new Array()
};
@ -52,8 +52,7 @@ foreach ($distributionDescriptions as $type => $def) {
echo "formInfoValues['EventDistribution']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($riskDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
echo "formInfoValues['EventRisk']['" . addslashes($type) . "'] = \"" . addslashes($info) . "\";\n"; // as we output JS code we need to add slashes
echo "formInfoValues['EventThreatLevelId']['" . addslashes($type) . "'] = \"" . addslashes($def) . "\";\n"; // as we output JS code we need to add slashes
}
foreach ($analysisDescriptions as $type => $def) {
$info = isset($def['formdesc']) ? $def['formdesc'] : $def['desc'];
@ -63,11 +62,11 @@ foreach ($analysisDescriptions as $type => $def) {
$(document).ready(function() {
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseleave', function(e) {
$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseleave', function(e) {
$('#'+e.currentTarget.id).popover('destroy');
});
$("#EventAnalysis, #EventRisk, #EventDistribution").on('mouseover', function(e) {
$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('mouseover', function(e) {
var $e = $(e.target);
if ($e.is('option')) {
$('#'+e.currentTarget.id).popover('destroy');
@ -82,7 +81,7 @@ $(document).ready(function() {
// workaround for browsers like IE and Chrome that do now have an onmouseover on the 'options' of a select.
// disadvangate is that user needs to click on the item to see the tooltip.
// no solutions exist, except to generate the select completely using html.
$("#EventAnalysis, #EventRisk, #EventDistribution").on('change', function(e) {
$("#EventAnalysis, #EventThreatLevelId, #EventDistribution").on('change', function(e) {
var $e = $(e.target);
$('#'+e.currentTarget.id).popover('destroy');
$('#'+e.currentTarget.id).popover({

50
app/View/Events/index.ctp
View File

@ -100,18 +100,18 @@
<span id="searchorg"><br/>
<?php
echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
echo $this->Form->input('searchorg', array(
'value' => $this->passedArgs['searchorg'],
'label' => '',
'class' => 'input-mini'));
?>
<input type="submit" style="visibility:collapse;" />
<?php
echo $this->Form->end();
?>
<input type="submit" style="visibility:collapse;" />
<?php
echo $this->Form->end();
?>
</span>
</th>
@ -135,8 +135,8 @@
<div id="searchdate" class="input-append input-prepend">
<?php
echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
echo $this->Form->input('searchinfo', array('value' => $this->passedArgs['searchinfo'], 'type' => 'hidden'));
echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
echo $this->Form->input('searchDatefrom', array(
'value' => $this->passedArgs['searchDatefrom'],
@ -153,15 +153,15 @@
'class' => 'span1 datepicker',
'div' => false
));
?>
<input type="submit" style="visibility:collapse;" />
<?php
echo $this->Form->end();
?>
<input type="submit" style="visibility:collapse;" />
<?php
echo $this->Form->end();
?>
</div>
</th>
<th title="<?php echo $eventDescriptions['risk']['desc'];?>">
<?php echo $this->Paginator->sort('risk');?>
<th title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>">
<?php echo $this->Paginator->sort('threat_level_id');?>
</th>
<th title="<?php echo $eventDescriptions['analysis']['desc'];?>">
<?php echo $this->Paginator->sort('analysis');?>
@ -172,18 +172,18 @@
<span id="searchinfo"><br/>
<?php
echo $this->Form->create('', array('action' => 'index', 'style' => 'margin-bottom:0px'));
echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
echo $this->Form->input('searchorg', array('value' => $this->passedArgs['searchorg'], 'type' => 'hidden'));
echo $this->Form->input('searchpublished', array('value' => $this->passedArgs['searchpublished'], 'type' => 'hidden'));
echo $this->Form->input('searchDatefrom', array('value' => $this->passedArgs['searchDatefrom'], 'type' => 'hidden'));
echo $this->Form->input('searchDateuntil', array('value' => $this->passedArgs['searchDateuntil'], 'type' => 'hidden'));
echo $this->Form->input('searchinfo', array(
'value' => $this->passedArgs['searchinfo'],
'label' => '',
'class' => 'input-large'));
?>
<input type="submit" style="visibility:collapse;" />
<?php
echo $this->Form->end();
?>
<input type="submit" style="visibility:collapse;" />
<?php
echo $this->Form->end();
?>
</span>
</th>
@ -246,7 +246,7 @@
<?php echo $event['Event']['date']; ?>&nbsp;
</td>
<td class="short" onclick="location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
<?php echo $event['Event']['risk']; ?>&nbsp;
<?php echo $event['ThreatLevel']['name']; ?>&nbsp;
</td>
<td class="short" onclick="location.href ='/events/view/<?php echo $event['Event']['id'];?>'">
<?php echo $analysisLevels[$event['Event']['analysis']]; ?>&nbsp;
@ -294,7 +294,7 @@
</ul>
</div>
</div>
<?php
<?php
echo $this->element('side_menu', array('menuList' => 'event-collection', 'menuItem' => 'index'));
?>

10
app/View/Events/view.ctp
View File

@ -2,7 +2,7 @@
$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id']) || ($isAclModifyOrg && $event['Event']['orgc'] == $me['org']));
$mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
?>
<?php
<?php
echo $this->element('side_menu', array('menuList' => 'event', 'menuItem' => 'viewEvent'));
?>
@ -54,9 +54,9 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
<?php echo h($event['Event']['date']); ?>
&nbsp;
</dd>
<dt title="<?php echo $eventDescriptions['risk']['desc'];?>">Risk</dt>
<dt title="<?php echo $eventDescriptions['threat_level_id']['desc'];?>">Risk</dt>
<dd>
<?php echo h($event['Event']['risk']); ?>
<?php echo h($event['ThreatLevel']['name']); ?>
&nbsp;
</dd>
<dt title="<?php echo $eventDescriptions['analysis']['desc'];?>">Analysis</dt>
@ -203,7 +203,7 @@ if (!empty($event['Attribute'])):?>
$first = 0;
?>
<ul class="inline" style="margin:0px;">
<?php
<?php
if (isset($relatedAttributes[$attribute['id']]) && (null != $relatedAttributes[$attribute['id']])) {
foreach ($relatedAttributes[$attribute['id']] as $relatedAttribute) {
echo '<li style="padding-right: 0px; padding-left:0px;" title ="' . h($relatedAttribute['info']) . '"><span>';
@ -394,7 +394,7 @@ if (!empty($event['Attribute'])):?>
endif; ?>
</div>
<div id="discussions_div">
<?php
<?php
echo $this->element('eventdiscussion');
?>
</div>

4
app/View/Users/admin_view.ctp
View File

@ -112,7 +112,7 @@ if (h($user['User']['change_pw']) == 1) {
</td>
<td><?php echo h($event['id']);?></td>
<td><?php echo h($event['date']);?></td>
<td><?php echo h($event['risk']);?></td>
<td><?php echo h($event['threat_level_id']);?></td>
<td><?php echo h($event['info']);?></td>
<td><?php echo h($event['uuid']);?></td>
<td><?php echo h($event['distribution']);?></td>
@ -131,6 +131,6 @@ if (h($user['User']['change_pw']) == 1) {
endif; ?>
</div>
</div>
<?php
<?php
echo $this->element('side_menu', array('menuList' => 'admin', 'menuItem' => 'viewUser'));
?>