Andras Iklody
879154eab2
Fixed deprecated errors
...
Removed cause of deprecated errors (Pass by reference)
2012-12-20 14:48:23 +01:00
Noud de Brouwer
547a80ba7d
Sanitize
...
Sanitize countermeasures.
2012-12-19 15:28:31 +00:00
Noud de Brouwer
95158d2ef3
Sanitize
...
Sanitize countermeasures.
2012-12-19 12:42:38 +00:00
Noud de Brouwer
d89ab91dee
coding standards
...
Coding Standards.
2012-12-18 16:44:07 +00:00
Noud de Brouwer
68617350e8
Sanitize
...
Sanitize::clean() but redo the info and value fields.
2012-12-18 03:18:48 +00:00
Noud de Brouwer
9211e4d405
search
...
After added feedback on entered search terms for search attributes
and search logs, this now also works for LogsController::index()
and next and previous page.
Signed-off-by: Noud de Brouwer <noud4@home.nl>
2012-12-18 03:01:02 +00:00
Noud de Brouwer
8c7f8921a7
Sanitize
...
do not Sanitize::clean() $this->request->data.
2012-12-17 17:33:21 +00:00
Andras Iklody
099e5d92be
Fix for the Attributes
2012-12-17 17:21:57 +01:00
Andras Iklody
1ceadab700
Added features from branch analysis_levels
...
-Analaysis levels setable for events as per milestone item 94
-Password change forced as per milestone item 109
-Added feedback on entered search terms for search attributes
-fixed the authentication issue
-some minor fixes
2012-12-17 15:51:30 +01:00
noud
2903493205
Merge branch 'master' into develop
...
Conflicts:
app/Controller/AttributesController.php
app/Controller/EventsController.php
2012-12-13 16:03:35 +01:00
noud
276cb5df10
RESTfull sync
...
this is in responce to the email
From: <User1088@QET.BE>
To: <ndebrouwer@hotmail.com>, <andrzej.dereszowski@ncirc.nato.int>
Subject: Re: sync/REST
Date: Fri, 7 Dec 2012 13:30:10 +0000
in this there is a complaint about the RESTfull sync workings.
the email hints about 2 possible options:
i) RESTfull add event without attributes (conform the web interface)
ii) RESTfull add event with attributes (more conform the code)
both are implemented and can be choisen in bootstrap.php by
Configure::write('CyDefSIG.rest', 'ii') or 'i'.
2012-12-13 15:52:00 +01:00
noud
094719fa01
Merge branch 'master' into develop
...
Conflicts:
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Controller/ServersController.php
app/Model/Event.php
2012-12-12 18:01:39 +01:00
noud
26c8ad57ee
Role
...
renamed everything group to role (i.s.o. renaming just the visable).
2012-12-12 16:15:01 +01:00
noud
52a7625a9d
Source Code Review
...
sanitize everything displayed from the db.
(and some small coding standard whitespaces)
2012-12-12 14:01:00 +01:00
noud
079ce88793
RESTfull sync
...
Let RESTfull only work conform the web pages (to Christophes wish),
so add/edit event apart from add/edit attribute.
(there is annotation in the code to revert back to full RESTfull and
add/edit the attribute(s) alongside add/edit the event.)
2012-12-11 16:11:45 +01:00
noud
6f4b72f214
RESTfull sync
...
redone delete attribute and add that to the sync.
2012-12-11 10:33:32 +01:00
noud
e4dafd3882
RESTfull sync
...
RESTfull attribute add, edit and view, to be usefull in sync.
2012-12-10 11:32:40 +01:00
noud
9a7f160ec4
code
...
a "1" gremlin removed.
2012-12-03 13:07:07 +01:00
noud
053edeb304
regex and blacklist
...
blacklist, as in, do not input attributes, is working now,
for manual, batch and GFI Sandbox import.
2012-12-03 10:34:28 +01:00
noud
d301f201b9
distribution
...
do not do anything upon delete in regard to distribution.
2012-11-28 11:17:55 +01:00
noud
6cce4792b4
correlation
...
some correction so no missing correlation.
2012-11-23 08:56:43 +01:00
noud
00fe39cc25
RBAC
...
respect setting for edit attribute.
2012-11-22 15:54:28 +01:00
noud
6b06ba7ff6
count & GFI Sandbox
...
count # attributes in events index.
plus various fixes for distribution in correlation of a GFI Sandbox
upload.
2012-11-14 16:14:04 +01:00
noud
8eb56ebc43
RBAC
...
AttributesController::edit() know's it's own attribute now for RBAC
check.
2012-11-09 14:33:54 +01:00
noud
2785512268
distribution
...
removed No push leftovers as a distribution.
2012-11-07 15:41:50 +01:00
noud
582dbb0f7b
Audit log
...
Search logs and paging now works as expected (conform search
attributes).
2012-10-31 08:16:37 +01:00
noud
8d986601b9
dropdowns
...
no space in edit Attribute categories dropdown.
2012-10-30 11:12:25 +01:00
noud
3c02cccf30
dropdowns
...
undo better optgroup support in dropdown in Attribute::add()
and just remove the not usable empty category.
2012-10-24 11:38:29 +02:00
noud
944cfb1348
dropdowns
...
better optgroup support in dropdown in Attribute::add().
2012-10-24 11:22:18 +02:00
noud
0232148631
dropdowns
...
better optgroup support in dropdowns where 'ALL' or '' is used
in Search Attributes and Search Logs.
2012-10-24 10:42:32 +02:00
noud
23cce1e2db
Correlation.
...
to overcome a possible error on empty correlations.
2012-10-23 17:28:56 +02:00
noud
1b570b9183
Pulldowns
...
removed the select optgroup.
2012-10-23 14:58:50 +02:00
noud
4b096fa584
distribution
...
changes and cleanup.
2012-10-23 11:28:39 +02:00
noud
1f428e4aa5
Wording change
...
so this works.
2012-10-22 16:39:33 +02:00
Andrzej Dereszowski
25e63dda68
Wording change
...
Changed Private column to Distribution + some minor vocabulary changes.
2012-10-22 16:29:08 +02:00
noud
e300ab7ffa
Merge branch 'master' of ssh://misp.ncirc.nato.int/home/git/cydefsig.git
2012-10-22 15:14:33 +02:00
noud
833f6d074f
Correlation.
...
to overcome a possible error on empty correlations.
2012-10-19 15:04:31 +02:00
noud
7077d1e8d4
GFI sandbox.
...
better representation of a downloadable attribute
in a link (just href the file name, not including the path).
2012-10-19 10:04:20 +02:00
noud
eae89d95cd
Private.
...
Add "Pull only" as a sharing state where,
everybody does see an event, is pullable,
but will never be pushed.
Has a generatePrivate for db conversion now.
2012-10-18 11:40:12 +02:00
noud
67e50cb612
Private
...
Private events are true private and
running a server in 2 modes (private and sync),
so real private (red) or private to server (amber)
or full distributable (green).
Mind this needs a change to tables events, attributes and correlation.
These are in MYSQL.private.sql.
2012-10-17 14:45:26 +02:00
noud
8f3d624c1a
Merge branch 'master' into develop
...
Conflicts:
app/Controller/AppController.php
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Controller/ServersController.php
app/Controller/UsersController.php
app/Model/Attribute.php
app/Model/Event.php
app/Model/Server.php
app/Model/User.php
app/View/Attributes/edit.ctp
app/View/Attributes/index.ctp
app/View/Elements/actions_menu.ctp
app/View/Events/add.ctp
app/View/Events/index.ctp
app/View/Events/view.ctp
app/View/Events/xml/view.ctp
app/View/Servers/index.ctp
app/View/Users/admin_index.ctp
2012-09-24 16:02:01 +02:00
noud
8179a1a691
Merge and code standards.
...
Forgot to clean View/Helper/AppHelper.php.
Changed underscore method names to private and protected where
appropriate given phpcs code standards errors.
2012-09-24 09:02:09 +02:00
noud
1d04652476
CakePHP Coding Standards
...
changed to camel caps format where needed.
2012-09-19 11:05:10 +02:00
noud
94a367c2f5
CakePHP Coding Standards
...
http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html
Eclipse:
Window->Preferences
General->Editors->Text Editors
Displayed tab width: 4
Insert spaces for tabs NOT
PHP->Code Style->Formatter
Tab policy: Tabs
File->Convert Line Delimeters To->Unix [default]
http://mark-story.com/posts/view/static-analysis-tools-for-php
for instance:
phpcs --standard=CakePHP app/Model/
Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
noud
253d8e1b58
Merge branch 'master' into develop
...
Conflicts:
app/Controller/EventsController.php
app/Model/Attribute.php
app/View/Events/view.ctp
2012-09-17 13:02:53 +02:00
noud
db222f8e5e
REST.
...
Small correction to delete attribute after uuid change.
2012-09-06 08:38:15 +02:00
noud
f782005c6a
Sync.
...
small correction after uuid correction,
so delete attribute works again.
2012-09-03 16:29:22 +02:00
Christophe Vandeplas
111644b16a
refactored uuid integration (moved to beforeFilter)
2012-09-03 11:35:21 +02:00
noud
ea5ea121e3
Add attribute.
...
Add attribute, do not fill in any, and hit Submit, did give error
messages.
2012-08-24 14:09:17 +02:00
noud
b7a5d8a3f8
Delete (published) event or attribute.
...
Previous, upon delete only on the local server the event or attribute
was deleted.
Now, if delete, look for same event or attribute (using it's uuid)
and delete on remote servers as well.
Also look and delete if not published, so no dangling/zombie copies
remain on remote servers.
2012-08-21 16:55:57 +02:00
noud
2dea0e347d
Correlation performance gain.
...
in Config/bootstrap.php add
Configure::write('CyDefSIG.correlation', 'sql');
possible values:
- default, like it was
- db, correlation in database
- sql, selection on attributes i.s.o. per attribute
(sql improvement possible if result conform db above)
Network activity, ip-src
30 class-C network ip addresses
(7650 tupels) (time in ms)
default db sql
all 25366 16601 15941
24839 16604 15611
paginated 16759 8447 6615
17734 8639 8846
this is used in both:
- events/view/<id>
- attributes/event/<id>
2012-08-03 12:00:16 +02:00
Andrzej Dereszowski
3ff180e898
Merge branch 'develop_0.2.2-0.2.3' into develop
...
Conflicts:
app/Config/Schema/schema_0.2.2.php
app/Config/routes.php
app/Controller/AppController.php
app/Controller/UsersController.php
app/Model/User.php
app/README.txt
2012-07-24 16:09:48 +02:00
noud
de89d28caa
Fix, paging on event with lots of attributes.
2012-07-20 13:27:55 +02:00
noud
29a67f4d96
Fixes the Search Attributes.
2012-07-19 11:41:04 +02:00
noud
8db00efdac
Remove extra dot between filename and ext when downloading attachment.
2012-07-19 11:41:04 +02:00
Andrzej Dereszowski
bf98f2db3c
Merge branch 'develop_0.2.2_fixes' into develop
...
Conflicts:
app/Model/Attribute.php
2012-07-11 16:15:27 +02:00
noud
c1823b1cf4
Corrects the download in IE fix, to filename.ext.zip or filename.ext.
...
(Got filename.ext.zip.zip for attachment and filename.ext.ext for
malware given the previous fix)
2012-07-10 17:23:00 +02:00
noud
c1bc80ac61
Download attachment does not work on MS Internet Explorer.
...
This _can_ be a fix, not sure. If not, CakePHP bug #2554 or others.
2012-07-10 13:36:32 +02:00
noud
8f4727e3ad
Correction to upload so zip only ticked when malware and not when
...
attachement.
2012-07-10 11:39:43 +02:00
noud
1a56db0aac
Do validation after edit attribute.
2012-07-09 15:13:54 +02:00
noud
1143ee265d
Fix to: Add attribute, non-valid, correct, ´black-holed´.
2012-07-09 14:18:26 +02:00
noud
4ac501d54e
Only show categories with type attachment or malware-sample in Add
...
Attachement view. (this was..No possibility to upload if type
attachement or malware-sample is not in category.)
2012-07-09 14:14:55 +02:00
noud
ed41233f2a
No possibility to upload if type attachement or malware-sample is not in
...
category.
2012-07-06 13:48:17 +02:00
noud
66c5312ea6
DataBase migrate, Audit and Access Control granulation.
2012-06-28 17:24:12 +02:00
root
b4558887ce
Revert "Audit and ACL first cut."
...
This reverts commit 5818231f48
.
2012-06-26 09:40:52 +02:00
noud
5818231f48
Audit and ACL first cut.
2012-06-25 15:54:52 +02:00
Christophe Vandeplas
2d335f5dbe
cleanup of comments and todos
...
minor memory performance improvement
2012-06-11 11:01:58 +02:00
Christophe Vandeplas
39fb9bca1d
Attribute types validation is now a separate function that uses the
...
Attribute->type_definitions variable
2012-05-31 17:12:26 +02:00
Andrzej Dereszowski
7ee4d29fac
Fixed merge conflicts with HEAD at belmod
...
Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop
Conflicts:
app/Controller/EventsController.php
app/Model/Attribute.php
2012-05-29 17:19:36 +02:00
Andrzej Dereszowski
51dbbcfa13
Explanation messages implemenented for forms and for list views (using
...
"title" html element)
2012-05-29 16:50:45 +02:00
Christophe Vandeplas
00d62ab722
REST XML request also received base64 encoded file content
2012-05-21 15:20:25 +02:00
Christophe Vandeplas
9e2c2c5753
fix bug when editing attributes
2012-05-16 11:19:06 +02:00
Christophe Vandeplas
9e7ee3c85b
fixes bug where event is not unpublished when attribute is edited
2012-05-11 08:33:04 +02:00
Christophe Vandeplas
4b5999bb5b
fixes issue 67
2012-05-03 15:05:08 +02:00
Christophe Vandeplas
a2d073b7b9
REST POST of event and signatures works (basics, no error-handling)
2012-04-10 15:47:42 +02:00
Christophe Vandeplas
fb958eaacc
Logging in for REST using Authorized HTTP header field.
2012-04-06 16:32:33 +02:00
Christophe Vandeplas
6cee17bfcd
XML format for attributes index
2012-04-04 18:08:57 +02:00
Christophe Vandeplas
2142585710
Implemented basics for private, nonsyncable, Events or Attributes.
2012-04-01 18:41:47 +02:00
Christophe Vandeplas
0915ce48d3
Added some infoboxes when adding Attributes.
2012-03-31 23:29:56 +02:00
Christophe Vandeplas
20cddd07db
changed alerted -> published
...
other minor fixes
2012-03-27 14:49:31 +02:00
Christophe Vandeplas
7c4394682d
Renamed Signature to Attribute
2012-03-26 19:56:44 +02:00