MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'hotfix-2.3.146' into develop

pull/712/head
iglocska 2015-10-27 08:36:14 +01:00
parent 679bef35f0 aede05bdc6
commit f7f3142a91
2 changed files with 20 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION.json
View File

@ -1 +1 @@
{"major":2, "minor":3, "hotfix":145} {"major":2, "minor":3, "hotfix":146}

46
app/Controller/AttributesController.php
View File

@ -797,42 +797,34 @@ class AttributesController extends AppController {
return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $this->Attribute->validationErrors)),'status'=>200)); return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $this->Attribute->validationErrors)),'status'=>200));
} }
} }
public function view($id, $hasChildren = 0, $response = 'ajax') { public function view($id) {
$this->Attribute->id = $id; $this->Attribute->id = $id;
if (!$this->Attribute->exists()) { if (!$this->Attribute->exists()) {
throw new NotFoundException('Invalid attribute'); throw new NotFoundException('Invalid attribute');
} }
$this->Attribute->recursive = -1; if ($this->_isRest()) {
$this->Attribute->contain('Event'); $distConditions = array();
$attribute = $this->Attribute->read(); if (!$this->_isSiteAdmin()) {
if (!$this->_isSiteAdmin()) { $distConditions = array('OR' => array('Event.org' => $this->Auth->user('org'), array('AND' => array('Event.distribution >' => 0, 'Attribute.distribution >' => 0))));
//
if ($this->Attribute->data['Event']['org'] == $this->Auth->user('org') || (($this->Attribute->data['Event']['distribution'] > 0) && $this->Attribute->data['Attribute']['distribution'] > 0)) {
throw new MethodNotAllowed('Invalid attribute');
} }
} $attribute = $this->Attribute->find('first', array(
if ($this->request->is('ajax')) { 'recursive' => -1,
$eventRelations = $this->Attribute->Event->getRelatedAttributes($this->Auth->user(), $this->_isSiteAdmin(), $attribute['Attribute']['event_id']); 'contain' => 'Event',
$attribute['Attribute']['relations'] = array(); 'fields' => array('Event.distribution', 'Event.id', 'Event.org',
if (isset($eventRelations[$id])) { 'Attribute.id', 'Attribute.event_id', 'Attribute.type', 'Attribute.category', 'Attribute.value', 'Attribute.to_ids', 'Attribute.uuid', 'Attribute.timestamp', 'Attribute.comment', 'Attribute.distribution'),
foreach ($eventRelations[$id] as $relations) { 'conditions' => array('AND' => array('Attribute.id' => $id, $distConditions)),
$attribute['Attribute']['relations'][] = array($relations['id'], $relations['info'], $relations['org']); ));
} if (empty($attribute)) throw new MethodNotAllowedException('Invalid attribute');
if ($this->Attribute->typeIsAttachment($attribute['Attribute']['type'])) {
$encodedFile = $this->Attribute->base64EncodeAttachment($attribute['Attribute']);
$attribute['Attribute']['data'] = $encodedFile;
} }
$object = $attribute['Attribute']; $this->set('Attribute', $attribute['Attribute']);
$object['objectType'] = 0; $this->set('_serialize', array('Attribute'));
$object['hasChildren'] = $hasChildren;
$this->set('object', $object);
$this->set('distributionLevels', $this->Attribute->Event->distributionLevels);
} else { } else {
$this->redirect('/events/view/' . $this->Attribute->data['Attribute']['event_id']); $this->redirect('/events/view/' . $this->Attribute->data['Attribute']['event_id']);
} }
/*
$this->autoRender = false;
$responseObject = array();
return new CakeResponse(array('body'=> json_encode($attribute['Attribute']),'status'=>200));
*/
} }
/** /**