mirror of https://github.com/MISP/MISP
542 lines
25 KiB
PHP
542 lines
25 KiB
PHP
<?php
|
|
App::uses('AppController', 'Controller');
|
|
|
|
class SharingGroupsController extends AppController
|
|
{
|
|
public $components = array('Session', 'RequestHandler');
|
|
|
|
public function beforeFilter()
|
|
{
|
|
parent::beforeFilter();
|
|
if (!empty($this->request->params['admin']) && !$this->_isSiteAdmin()) {
|
|
$this->redirect('/');
|
|
}
|
|
$sgs = $this->SharingGroup->fetchAllAuthorised($this->Auth->user());
|
|
$this->paginate = Set::merge($this->paginate, array('conditions' => array('SharingGroup.id' => $sgs)));
|
|
}
|
|
|
|
public $paginate = array(
|
|
'limit' => 60,
|
|
'maxLimit' => 9999, // LATER we will bump here on a problem once we have more than 9999 events <- no we won't, this is the max a user van view/page.
|
|
'order' => array(
|
|
'SharingGroup.name' => 'ASC'
|
|
),
|
|
'fields' => array('SharingGroup.id', 'SharingGroup.uuid', 'SharingGroup.name', 'SharingGroup.description', 'SharingGroup.releasability', 'SharingGroup.local', 'SharingGroup.active'),
|
|
'contain' => array(
|
|
'SharingGroupOrg' => array(
|
|
'Organisation' => array('fields' => array('Organisation.name', 'Organisation.id', 'Organisation.uuid'))
|
|
),
|
|
'Organisation' => array(
|
|
'fields' => array('Organisation.id', 'Organisation.name', 'Organisation.uuid'),
|
|
),
|
|
'SharingGroupServer' => array(
|
|
'fields' => array('SharingGroupServer.all_orgs'),
|
|
'Server' => array(
|
|
'fields' => array('Server.name', 'Server.id')
|
|
)
|
|
)
|
|
),
|
|
);
|
|
|
|
public function add()
|
|
{
|
|
if (!$this->userRole['perm_sharing_group']) {
|
|
throw new MethodNotAllowedException('You don\'t have the required privileges to do that.');
|
|
}
|
|
$orgs = $this->SharingGroup->Organisation->find('all', array(
|
|
'conditions' => array('local' => 1),
|
|
'recursive' => -1,
|
|
'fields' => array('id', 'name', 'uuid')
|
|
));
|
|
|
|
if ($this->request->is('post')) {
|
|
if ($this->_isRest()) {
|
|
if (isset($this->request->data['SharingGroup'])) {
|
|
$this->request->data = $this->request->data['SharingGroup'];
|
|
}
|
|
$sg = $this->request->data;
|
|
$id = $this->SharingGroup->captureSG($this->request->data, $this->Auth->user());
|
|
if ($id) {
|
|
if (empty($sg['roaming']) && empty($sg['SharingGroupServer'])) {
|
|
$this->SharingGroup->SharingGroupServer->create();
|
|
$this->SharingGroup->SharingGroupServer->save(array(
|
|
'sharing_group_id' => $this->SharingGroup->id,
|
|
'server_id' => 0,
|
|
'all_orgs' => 0
|
|
));
|
|
}
|
|
$sg = $this->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'simplified', false, $id);
|
|
if (!empty($sg)) {
|
|
$sg = empty($sg) ? array() : $sg[0];
|
|
}
|
|
return $this->RestResponse->viewData($sg, $this->response->type());
|
|
} else {
|
|
return $this->RestResponse->saveFailResponse('SharingGroup', 'add', false, 'Could not save sharing group.', $this->response->type());
|
|
}
|
|
} else {
|
|
$json = json_decode($this->request->data['SharingGroup']['json'], true);
|
|
$sg = $json['sharingGroup'];
|
|
if (!empty($json['organisations'])) {
|
|
$sg['Organisation'] = $json['organisations'];
|
|
}
|
|
if (!empty($json['servers'])) {
|
|
$sg['Server'] = $json['servers'];
|
|
}
|
|
}
|
|
$this->SharingGroup->create();
|
|
$sg['active'] = $sg['active'] ? 1: 0;
|
|
$sg['roaming'] = $sg['roaming'] ? 1: 0;
|
|
$sg['organisation_uuid'] = $this->Auth->user('Organisation')['uuid'];
|
|
$sg['local'] = 1;
|
|
$sg['org_id'] = $this->Auth->user('org_id');
|
|
$this->request->data['SharingGroup']['organisation_uuid'] = $this->Auth->user('Organisation')['uuid'];
|
|
if ($this->SharingGroup->save(array('SharingGroup' => $sg))) {
|
|
if (!empty($sg['Organisation'])) {
|
|
foreach ($sg['Organisation'] as $org) {
|
|
$this->SharingGroup->SharingGroupOrg->create();
|
|
$this->SharingGroup->SharingGroupOrg->save(array(
|
|
'sharing_group_id' => $this->SharingGroup->id,
|
|
'org_id' => $org['id'],
|
|
'extend' => $org['extend']
|
|
));
|
|
}
|
|
}
|
|
if (empty($sg['roaming']) && !empty($sg['Server'])) {
|
|
foreach ($sg['Server'] as $server) {
|
|
$this->SharingGroup->SharingGroupServer->create();
|
|
$this->SharingGroup->SharingGroupServer->save(array(
|
|
'sharing_group_id' => $this->SharingGroup->id,
|
|
'server_id' => $server['id'],
|
|
'all_orgs' => $server['all_orgs']
|
|
));
|
|
}
|
|
}
|
|
$this->redirect('/SharingGroups/view/' . $this->SharingGroup->id);
|
|
} else {
|
|
$validationReplacements = array(
|
|
'notempty' => 'This field cannot be left empty.',
|
|
);
|
|
$validationErrors = $this->SharingGroup->validationErrors;
|
|
$failedField = array_keys($validationErrors)[0];
|
|
$reason = reset($this->SharingGroup->validationErrors)[0];
|
|
foreach ($validationReplacements as $k => $vR) {
|
|
if ($reason == $k) {
|
|
$reason = $vR;
|
|
}
|
|
}
|
|
$this->Flash->error('The sharing group could not be added. ' . ucfirst($failedField) . ': ' . $reason);
|
|
}
|
|
} elseif ($this->_isRest()) {
|
|
return $this->RestResponse->describe('SharingGroup', 'add', false, $this->response->type());
|
|
}
|
|
$this->set('orgs', $orgs);
|
|
$this->set('localInstance', empty(Configure::read('MISP.external_baseurl')) ? Configure::read('MISP.baseurl') : Configure::read('MISP.external_baseurl'));
|
|
// We just pass true and allow the user to edit, since he/she is just about to create the SG. This is needed to reuse the view for the edit
|
|
$this->set('user', $this->Auth->user());
|
|
}
|
|
|
|
public function edit($id = false)
|
|
{
|
|
if (!$this->userRole['perm_sharing_group']) {
|
|
throw new MethodNotAllowedException('You don\'t have the required privileges to do that.');
|
|
}
|
|
if (empty($id)) {
|
|
throw new NotFoundException('Invalid sharing group.');
|
|
}
|
|
// add check for perm_sharing_group
|
|
$this->SharingGroup->id = $id;
|
|
if (!$this->SharingGroup->exists()) {
|
|
throw new NotFoundException('Invalid sharing group.');
|
|
}
|
|
if (!$this->_isSiteAdmin() && !$this->SharingGroup->checkIfAuthorisedExtend($this->Auth->user(), $id)) {
|
|
throw new MethodNotAllowedException('Action not allowed.');
|
|
}
|
|
|
|
// check if the user is eligible to edit the SG (original creator or extend)
|
|
$sharingGroup = $this->SharingGroup->find('first', array(
|
|
'conditions' => array('SharingGroup.id' => $id),
|
|
'recursive' => -1,
|
|
'contain' => array(
|
|
'SharingGroupOrg' => array(
|
|
'Organisation' => array('name', 'local', 'id')
|
|
),
|
|
'SharingGroupServer' => array(
|
|
'Server' => array(
|
|
'fields' => array('name', 'url', 'id')
|
|
)
|
|
),
|
|
'Organisation' => array(
|
|
'fields' => array('name', 'local', 'id')
|
|
),
|
|
),
|
|
));
|
|
if ($this->request->is('post')) {
|
|
if ($this->_isRest()) {
|
|
if (isset($this->request->data['SharingGroup'])) {
|
|
$this->request->data = $this->request->data['SharingGroup'];
|
|
}
|
|
$this->request->data['uuid'] = $sharingGroup['SharingGroup']['uuid'];
|
|
$id = $this->SharingGroup->captureSG($this->request->data, $this->Auth->user());
|
|
if ($id) {
|
|
$sg = $this->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'simplified', false, $id);
|
|
return $this->RestResponse->viewData($sg, $this->response->type());
|
|
} else {
|
|
return $this->RestResponse->saveFailResponse('SharingGroup', 'add', false, 'Could not save sharing group.', $this->response->type());
|
|
}
|
|
} else {
|
|
$json = json_decode($this->request->data['SharingGroup']['json'], true);
|
|
$sg = $json['sharingGroup'];
|
|
$sg['id'] = $id;
|
|
$fields = array('name', 'releasability', 'description', 'active', 'roaming');
|
|
$existingSG = $this->SharingGroup->find('first', array('recursive' => -1, 'conditions' => array('SharingGroup.id' => $id)));
|
|
foreach ($fields as $field) {
|
|
$existingSG['SharingGroup'][$field] = $sg[$field];
|
|
}
|
|
unset($existingSG['SharingGroup']['modified']);
|
|
if ($this->SharingGroup->save($existingSG)) {
|
|
$this->SharingGroup->SharingGroupOrg->updateOrgsForSG($id, $json['organisations'], $sharingGroup['SharingGroupOrg'], $this->Auth->user());
|
|
$this->SharingGroup->SharingGroupServer->updateServersForSG($id, $json['servers'], $sharingGroup['SharingGroupServer'], $json['sharingGroup']['roaming'], $this->Auth->user());
|
|
$this->redirect('/SharingGroups/view/' . $id);
|
|
} else {
|
|
$validationReplacements = array(
|
|
'notempty' => 'This field cannot be left empty.',
|
|
);
|
|
$validationErrors = $this->SharingGroup->validationErrors;
|
|
$failedField = array_keys($validationErrors)[0];
|
|
$reason = reset($this->SharingGroup->validationErrors)[0];
|
|
foreach ($validationReplacements as $k => $vR) {
|
|
if ($reason == $k) {
|
|
$reason = $vR;
|
|
}
|
|
}
|
|
$this->Flash->error('The sharing group could not be edited. ' . ucfirst($failedField) . ': ' . $reason);
|
|
}
|
|
}
|
|
} elseif ($this->_isRest()) {
|
|
return $this->RestResponse->describe('SharingGroup', 'edit', false, $this->response->type());
|
|
}
|
|
$orgs = $this->SharingGroup->Organisation->find('all', array(
|
|
'conditions' => array('local' => 1),
|
|
'recursive' => -1,
|
|
'fields' => array('id', 'name')
|
|
));
|
|
$this->set('sharingGroup', $sharingGroup);
|
|
$this->set('id', $id);
|
|
$this->set('orgs', $orgs);
|
|
$this->set('localInstance', empty(Configure::read('MISP.external_baseurl')) ? Configure::read('MISP.baseurl') : Configure::read('MISP.external_baseurl'));
|
|
// We just pass true and allow the user to edit, since he/she is just about to create the SG. This is needed to reuse the view for the edit
|
|
$this->set('user', $this->Auth->user());
|
|
}
|
|
|
|
public function delete($id)
|
|
{
|
|
if (!$this->userRole['perm_sharing_group']) {
|
|
throw new MethodNotAllowedException('You don\'t have the required privileges to do that.');
|
|
}
|
|
if (!$this->request->is('post') && !$this->request->is('delete')) {
|
|
throw new MethodNotAllowedException(__('Action not allowed, post or delete request expected.'));
|
|
}
|
|
if (!$this->SharingGroup->checkIfOwner($this->Auth->user(), $id)) {
|
|
throw new MethodNotAllowedException('Action not allowed.');
|
|
}
|
|
$deletedSg = $this->SharingGroup->find('first', array(
|
|
'conditions' => array('id' => $id),
|
|
'recursive' => -1,
|
|
'fields' => array('active')
|
|
));
|
|
if ($this->SharingGroup->delete($id)) {
|
|
if ($this->_isRest()) {
|
|
return $this->RestResponse->saveSuccessResponse('SharingGroups', 'delete', $id, $this->response->type());
|
|
}
|
|
$this->Flash->success(__('Sharing Group deleted'));
|
|
} else {
|
|
if ($this->_isRest()) {
|
|
return $this->RestResponse->saveFailResponse('SharingGroups', 'delete', $id, 'The sharing group could not be deleted.', $this->response->type());
|
|
}
|
|
$this->Flash->error(__('Sharing Group could not be deleted. Make sure that there are no events, attributes or threads belonging to this sharing group.'));
|
|
}
|
|
|
|
if ($deletedSg['SharingGroup']['active']) {
|
|
$this->redirect('/SharingGroups/index');
|
|
} else {
|
|
$this->redirect('/SharingGroups/index/true');
|
|
}
|
|
}
|
|
|
|
public function index($passive = false)
|
|
{
|
|
if ($passive === 'true') {
|
|
$passive = true;
|
|
}
|
|
if ($passive === true) {
|
|
$this->paginate['conditions'][] = array('SharingGroup.active' => 0);
|
|
} else {
|
|
$this->paginate['conditions'][] = array('SharingGroup.active' => 1);
|
|
}
|
|
$result = $this->paginate();
|
|
// check if the current user can modify or delete the SG
|
|
foreach ($result as $k => $sg) {
|
|
if ($sg['Organisation']['uuid'] == $this->Auth->user('Organisation')['uuid'] && $this->userRole['perm_sharing_group']) {
|
|
$result[$k]['editable'] = true;
|
|
} else {
|
|
$result[$k]['editable'] = false;
|
|
if (!empty($sg['SharingGroupOrg'])) {
|
|
foreach ($sg['SharingGroupOrg'] as $sgo) {
|
|
if ($sgo['org_id'] == $this->Auth->user('org_id') && $sgo['extend']) {
|
|
$result[$k]['editable'] = true;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
$this->set('passive', $passive);
|
|
if ($this->_isRest()) {
|
|
$this->set('response', $result);
|
|
$this->set('_serialize', array('response'));
|
|
} else {
|
|
$this->set('sharingGroups', $result);
|
|
}
|
|
}
|
|
|
|
public function view($id)
|
|
{
|
|
if (!$this->SharingGroup->checkIfAuthorised($this->Auth->user(), $id)) {
|
|
throw new MethodNotAllowedException('Sharing group doesn\'t exist or you do not have permission to access it.');
|
|
}
|
|
$this->SharingGroup->id = $id;
|
|
$this->SharingGroup->contain(
|
|
array(
|
|
'SharingGroupOrg' => array(
|
|
'Organisation' => array(
|
|
'fields' => array('id', 'name', 'uuid', 'local')
|
|
)
|
|
),
|
|
'Organisation',
|
|
'SharingGroupServer' => array(
|
|
'Server' => array(
|
|
'fields' => array('id', 'name', 'url')
|
|
)
|
|
)
|
|
)
|
|
);
|
|
$this->SharingGroup->read();
|
|
$sg = $this->SharingGroup->data;
|
|
if (isset($sg['SharingGroupServer'])) {
|
|
foreach ($sg['SharingGroupServer'] as $key => $sgs) {
|
|
if ($sgs['server_id'] == 0) {
|
|
$sg['SharingGroupServer'][$key]['Server'] = array(
|
|
'id' => "0",
|
|
'name' => 'Local instance',
|
|
'url' => empty(Configure::read('MISP.external_baseurl')) ? Configure::read('MISP.baseurl') : Configure::read('MISP.external_baseurl')
|
|
);
|
|
}
|
|
}
|
|
}
|
|
if ($sg['SharingGroup']['sync_user_id']) {
|
|
$this->loadModel('User');
|
|
$sync_user = $this->User->find('first', array(
|
|
'conditions' => array('User.id' => $sg['SharingGroup']['sync_user_id']),
|
|
'recursive' => -1,
|
|
'fields' => array('User.id', 'User.org_id'),
|
|
'contain' => array('Organisation' => array(
|
|
'fields' => array('Organisation.name')
|
|
))
|
|
));
|
|
if (empty($sync_user)) {
|
|
$sg['SharingGroup']['sync_org_name'] = 'N/A';
|
|
}
|
|
$sg['SharingGroup']['sync_org_name'] = $sync_user['Organisation']['name'];
|
|
}
|
|
if ($this->_isRest()) {
|
|
return $this->RestResponse->viewData($sg, $this->response->type());
|
|
}
|
|
$this->set('mayModify', $this->SharingGroup->checkIfAuthorisedExtend($this->Auth->user(), $id));
|
|
$this->set('id', $id);
|
|
$this->set('sg', $sg);
|
|
}
|
|
|
|
private function __initialiseSGQuickEdit($id, $request)
|
|
{
|
|
if (!$this->request->is('post') || !$this->_isRest()) {
|
|
//throw new MethodNotAllowedException('This action only accepts POST requests coming from the API.');
|
|
}
|
|
// allow passing the sg_id via a JSON object
|
|
if (!$id) {
|
|
$validParams = array('sg_id', 'sg_uuid', 'id', 'uuid');
|
|
foreach ($validParams as $param) {
|
|
if (!empty($request[$param])) {
|
|
$id = $request[$param];
|
|
break;
|
|
}
|
|
}
|
|
if (empty($id)) {
|
|
throw new MethodNotAllowedException('No valid sharing group ID provided.');
|
|
}
|
|
}
|
|
$sg = $this->SharingGroup->fetchSG($id, $this->Auth->user(), false);
|
|
if (empty($sg)) {
|
|
throw new MethodNotAllowedException('Invalid sharing group or no editing rights.');
|
|
}
|
|
return $sg;
|
|
}
|
|
|
|
private function __initialiseSGQuickEditObject($id, $request, $type = 'org')
|
|
{
|
|
$params = array(
|
|
'org' => array(
|
|
'org_id', 'org_uuid', 'org_name'
|
|
),
|
|
'server' => array(
|
|
'server_id', 'server_url', 'server_baseurl', 'server_name'
|
|
)
|
|
);
|
|
if (!empty($id)) {
|
|
if ($type == 'org') {
|
|
return $this->SharingGroup->SharingGroupOrg->Organisation->fetchOrg($id);
|
|
} else {
|
|
return $this->SharingGroup->SharingGroupServer->Server->fetchServer($id);
|
|
}
|
|
}
|
|
if ($type !== 'org' && $type !== 'server') {
|
|
return false;
|
|
}
|
|
foreach ($params[$type] as $param) {
|
|
if (!empty($request[$param])) {
|
|
if ($type == 'org') {
|
|
return $this->SharingGroup->SharingGroupOrg->Organisation->fetchOrg($request[$param]);
|
|
} else {
|
|
return $this->SharingGroup->SharingGroupServer->Server->fetchServer($request[$param]);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
public function addOrg($sg_id = false, $object_id = false, $extend = false)
|
|
{
|
|
$sg = $this->__initialiseSGQuickEdit($sg_id, $this->request->data);
|
|
$org = $this->__initialiseSGQuickEditObject($object_id, $this->request->data, $type = 'org');
|
|
if (empty($org)) {
|
|
throw new MethodNotAllowedException('Invalid organisation.');
|
|
}
|
|
if (isset($this->request->data['extend'])) {
|
|
$extend = $this->request->data['extend'];
|
|
}
|
|
$addOrg = true;
|
|
if (!empty($sg['SharingGroupOrg'])) {
|
|
foreach ($sg['SharingGroupOrg'] as $sgo) {
|
|
if ($sgo['org_id'] == $org['id']) {
|
|
$addOrg = false;
|
|
}
|
|
}
|
|
}
|
|
if (!$addOrg) {
|
|
return $this->RestResponse->saveFailResponse('SharingGroup', $this->action, false, 'Organisation is already in the sharing group.', $this->response->type());
|
|
}
|
|
$this->SharingGroup->SharingGroupOrg->create();
|
|
$sgo = array(
|
|
'SharingGroupOrg' => array(
|
|
'org_id' => $org['id'],
|
|
'sharing_group_id' => $sg['SharingGroup']['id'],
|
|
'extend' => $extend ? 1:0
|
|
)
|
|
);
|
|
$result = $this->SharingGroup->SharingGroupOrg->save($sgo);
|
|
return $this->__sendQuickSaveResponse($this->action, $result, 'Organisation');
|
|
}
|
|
|
|
public function removeOrg($sg_id = false, $object_id = false)
|
|
{
|
|
$sg = $this->__initialiseSGQuickEdit($sg_id, $this->request->data);
|
|
$org = $this->__initialiseSGQuickEditObject($object_id, $this->request->data, $type = 'org');
|
|
if (empty($org)) {
|
|
throw new MethodNotAllowedException('Invalid organisation.');
|
|
}
|
|
$removeOrg = false;
|
|
if (!empty($sg['SharingGroupOrg'])) {
|
|
foreach ($sg['SharingGroupOrg'] as $sgo) {
|
|
if ($sgo['org_id'] == $org['id']) {
|
|
$removeOrg = $sgo['id'];
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
if (false === $removeOrg) {
|
|
return $this->RestResponse->saveFailResponse('SharingGroup', $this->action, false, 'Organisation is not in the sharing group.', $this->response->type());
|
|
}
|
|
$result = $this->SharingGroup->SharingGroupOrg->delete($removeOrg);
|
|
return $this->__sendQuickSaveResponse($this->action, $result, 'Organisation');
|
|
}
|
|
|
|
public function addServer($sg_id = false, $object_id = false, $all = false)
|
|
{
|
|
$sg = $this->__initialiseSGQuickEdit($sg_id, $this->request->data);
|
|
$server = $this->__initialiseSGQuickEditObject($object_id, $this->request->data, $type = 'server');
|
|
if (empty($server)) {
|
|
throw new MethodNotAllowedException('Invalid Server.');
|
|
}
|
|
if (isset($this->request->data['all'])) {
|
|
$all = $this->request->data['all'];
|
|
}
|
|
if (isset($this->request->data['all_orgs'])) {
|
|
$all = $this->request->data['all_orgs'];
|
|
}
|
|
$addServer = true;
|
|
if (!empty($sg['SharingGroupServer'])) {
|
|
foreach ($sg['SharingGroupServer'] as $sgs) {
|
|
if ($sgs['server_id'] == $server['Server']['id']) {
|
|
$addServer = false;
|
|
}
|
|
}
|
|
}
|
|
if (!$addServer) {
|
|
return $this->RestResponse->saveFailResponse('SharingGroup', $this->action, false, 'Server is already in the sharing group.', $this->response->type());
|
|
}
|
|
$this->SharingGroup->SharingGroupServer->create();
|
|
$sgs = array(
|
|
'SharingGroupServer' => array(
|
|
'server_id' => $server['Server']['id'],
|
|
'sharing_group_id' => $sg['SharingGroup']['id'],
|
|
'all_orgs' => $all ? 1:0
|
|
)
|
|
);
|
|
$result = $this->SharingGroup->SharingGroupServer->save($sgs);
|
|
return $this->__sendQuickSaveResponse($this->action, $result);
|
|
}
|
|
|
|
public function removeServer($sg_id = false, $object_id = false)
|
|
{
|
|
$sg = $this->__initialiseSGQuickEdit($sg_id, $this->request->data);
|
|
$server = $this->__initialiseSGQuickEditObject($object_id, $this->request->data, $type = 'server');
|
|
if (empty($server)) {
|
|
throw new MethodNotAllowedException('Invalid Server.');
|
|
}
|
|
$removeServer = false;
|
|
if (!empty($sg['SharingGroupServer'])) {
|
|
foreach ($sg['SharingGroupServer'] as $sgs) {
|
|
if ($sgs['server_id'] == $server['Server']['id']) {
|
|
$removeServer = $server['Server']['id'];
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
if (false === $addServer) {
|
|
return $this->RestResponse->saveFailResponse('SharingGroup', $this->action, false, 'Server is not in the sharing group.', $this->response->type());
|
|
}
|
|
$result = $this->SharingGroup->SharingGroupServer->delete($removeServer);
|
|
return $this->__sendQuickSaveResponse($this->action, $result);
|
|
}
|
|
|
|
private function __sendQuickSaveResponse($action, $result, $object_type = 'Server')
|
|
{
|
|
$actionType = 'added to';
|
|
if (strpos($action, 'remove') !== false) {
|
|
$actionType = 'removed from';
|
|
}
|
|
if ($result) {
|
|
return $this->RestResponse->saveSuccessResponse('SharingGroup', $action, false, $this->response->type(), $object_type . ' ' . $actionType . ' the sharing group.');
|
|
} else {
|
|
return $this->RestResponse->saveFailResponse('SharingGroup', $action, false, $object_type . ' could not be ' . $actionType . ' the sharing group.', $this->response->type());
|
|
}
|
|
}
|
|
}
|