MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [cleanup] of temporary paths

pull/9432/head
iglocska 2023-11-23 09:18:20 +01:00
parent babf2b73b0
commit f66c336c7c
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
2 changed files with 7 additions and 149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
app/Model/Attribute.php
View File

@ -2574,134 +2574,6 @@ class Attribute extends AppModel
}
public function editAttribute($attribute, array $event, $user, $objectId, $log = false, $force = false, &$nothingToChange = false, $server = null)
{
if ($this->fast_update) {
$this->Behaviors->unload('SysLogLogable.SysLogLogable');
}
$eventId = $event['Event']['id'];
$attribute['event_id'] = $eventId;
$attribute['object_id'] = $objectId;
if (isset($attribute['encrypt'])) {
$attribute = $this->onDemandEncrypt($attribute);
}
unset($attribute['id']);
if (isset($attribute['uuid'])) {
$existingAttribute = $this->find('first', array(
'conditions' => array('Attribute.uuid' => $attribute['uuid']),
'recursive' => -1,
));
if (!empty($existingAttribute)) {
if ($existingAttribute['Attribute']['event_id'] != $eventId || $existingAttribute['Attribute']['object_id'] != $objectId) {
$change = 'An attribute was blocked from being saved due to a duplicate UUID. The uuid in question is: ' . $attribute['uuid'] . '. This can also be due to the same attribute (or an attribute with the same UUID) existing in a different event / object)';
$this->loadLog()->createLogEntry($user, 'edit', 'Attribute', 0, 'Duplicate UUID found in attribute', $change);
return true;
}
// If a field is not set in the request, just reuse the old value
$recoverFields = array('value', 'to_ids', 'distribution', 'category', 'type', 'comment', 'sharing_group_id', 'object_id', 'object_relation', 'first_seen', 'last_seen');
foreach ($recoverFields as $rF) {
if (!isset($attribute[$rF])) {
$attribute[$rF] = $existingAttribute['Attribute'][$rF];
}
}
$attribute['id'] = $existingAttribute['Attribute']['id'];
// Check if the attribute's timestamp is bigger than the one that already exists.
// If yes, it means that it's newer, so insert it. If no, it means that it's the same attribute or older - don't insert it, insert the old attribute.
// Alternatively, we could unset this attribute from the request, but that could lead with issues if we decide that we want to start deleting attributes that don't exist in a pushed event.
if (isset($attribute['timestamp'])) {
if (!$force && $attribute['timestamp'] <= $existingAttribute['Attribute']['timestamp']) {
$nothingToChange = true;
return true;
}
} else {
$attribute['timestamp'] = time();
}
} else {
$this->create();
}
} else {
$this->create();
}
$attribute['event_id'] = $eventId;
if (isset($attribute['distribution']) && $attribute['distribution'] == 4) {
if (!empty($attribute['SharingGroup'])) {
$attribute['sharing_group_id'] = $this->SharingGroup->captureSG($attribute['SharingGroup'], $user);
} elseif (!empty($attribute['sharing_group_id'])) {
if (!$this->SharingGroup->checkIfAuthorised($user, $attribute['sharing_group_id'])) {
unset($attribute['sharing_group_id']);
}
}
if (empty($attribute['sharing_group_id'])) {
$attribute_short = (isset($attribute['category']) ? $attribute['category'] : 'N/A') . '/' . (isset($attribute['type']) ? $attribute['type'] : 'N/A') . ' ' . (isset($attribute['value']) ? $attribute['value'] : 'N/A');
$this->loadLog()->createLogEntry($user, 'edit', 'Attribute', 0,
'Attribute dropped due to invalid sharing group for Event ' . $eventId . ' failed: ' . $attribute_short,
'Validation errors: ' . json_encode($this->validationErrors) . ' Full Attribute: ' . json_encode($attribute)
);
return 'Invalid sharing group choice.';
}
} else if (!isset($attribute['distribution'])) {
$attribute['distribution'] = $this->defaultDistribution();
}
$fieldList = self::EDITABLE_FIELDS;
if (empty($existingAttribute)) {
$addableFieldList = array('event_id', 'type', 'uuid');
$fieldList = array_merge($fieldList, $addableFieldList);
}
if ($objectId) {
$fieldList[] = 'object_id';
$fieldList[] = 'object_relation';
}
$saveOptions = [
'fieldList' => $fieldList,
'parentEvent' => $event,
'atomic' => false
];
// This is somewhat dangerous, fast_update assumes that you are just updating an existing attribute's
// non uniqueness modifying fields (first/last seen, comment, tags, timestamp, etc)
// By ignoring this warning, you are introducing potential duplicates.
if ($this->fast_update) {
$saveOptions['skipAuditLog'] = true;
}
if (!$this->save(['Attribute' => $attribute], $saveOptions)) {
$this->logDropped($user, $attribute, 'edit');
return $this->validationErrors;
}
if (!empty($attribute['Sighting'])) {
$this->Sighting->captureSightings($attribute['Sighting'], $this->id, $eventId, $user);
}
if ($user['Role']['perm_tagger']) {
/*
We should unwrap the line below and remove the server option in the future once we have tag soft-delete
A solution to still keep the behavior for previous instance could be to not soft-delete the Tag if the remote instance
has a version below x
*/
if (isset($server) && isset($server['Server']['remove_missing_tags']) && $server['Server']['remove_missing_tags']) {
$this->AttributeTag->pruneOutdatedAttributeTagsFromSync(isset($attribute['Tag']) ? $attribute['Tag'] : array(), $existingAttribute['AttributeTag']);
}
if (isset($attribute['Tag'])) {
foreach ($attribute['Tag'] as $tag) {
$tag_id = $this->AttributeTag->Tag->captureTag($tag, $user);
if ($tag_id) {
$tag['id'] = $tag_id;
// fix the IDs here
$this->AttributeTag->handleAttributeTag($this->id, $attribute['event_id'], $tag);
} else {
// If we couldn't attach the tag it is most likely because we couldn't create it - which could have many reasons
// However, if a tag couldn't be added, it could also be that the user is a tagger but not a tag editor
// In which case if no matching tag is found, no tag ID is returned. Logging these is pointless as it is the correct behaviour.
if ($user['Role']['perm_tag_editor']) {
$this->loadLog()->createLogEntry($user, 'edit', 'Attribute', $this->id, 'Failed create or attach Tag ' . $tag['name'] . ' to the attribute.');
}
}
}
}
}
return true;
}
public function editAttribute2($attribute, array $event, $user, $objectId, $log = false, $force = false, &$nothingToChange = false, $server = null)
{
if ($this->fast_update) {
$this->Behaviors->unload('SysLogLogable.SysLogLogable');

28
app/Model/Event.php
View File

@ -4116,29 +4116,15 @@ class Event extends AppModel
if (isset($data['Event']['Attribute'])) {
$data['Event']['Attribute'] = array_values($data['Event']['Attribute']);
$attributes = [];
if (false) {
foreach ($data['Event']['Attribute'] as $k => $attribute) {
$nothingToChange = false;
$attributes[] = $this->Attribute->editAttribute2($attribute, $saveResult, $user, 0, false, $force, $nothingToChange, $server);
if (!$nothingToChange) {
$changed = true;
}
}
$result = $this->Attribute->editAttributeBulk($attributes, $saveResult, $user);
$result = $this->Attribute->editAttributePostProcessing($attributes, $saveResult, $user);
} else {
foreach ($data['Event']['Attribute'] as $k => $attribute) {
$nothingToChange = false;
$result = $this->Attribute->editAttribute($attribute, $saveResult, $user, 0, false, $force, $nothingToChange, $server);
if ($result !== true) {
$validationErrors['Attribute'][] = $result;
}
if (!$nothingToChange) {
$changed = true;
}
foreach ($data['Event']['Attribute'] as $k => $attribute) {
$nothingToChange = false;
$attributes[] = $this->Attribute->editAttribute2($attribute, $saveResult, $user, 0, false, $force, $nothingToChange, $server);
if (!$nothingToChange) {
$changed = true;
}
}
$result = $this->Attribute->editAttributeBulk($attributes, $saveResult, $user);
$result = $this->Attribute->editAttributePostProcessing($attributes, $saveResult, $user);
}
if (isset($data['Event']['Object'])) {
$data['Event']['Object'] = array_values($data['Event']['Object']);