Skip to content

Commit

Permalink
Merge pull request #9187 from righel/allow-enrich-objects
Browse files Browse the repository at this point in the history 
new: allow user to enrich objects
  • Loading branch information
@righel
righel committed Aug 3, 2023
2 parents c2fe616 + 3698fdc commit 81e0345
Show file tree
Hide file tree
Showing 5 changed files with 138 additions and 30 deletions.
139 changes: 118 additions & 21 deletions app/Controller/EventsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5210,42 +5210,82 @@ public function delegation_index()
$this->render('index');
}

// expects an attribute ID and the module to be used
public function queryEnrichment($attribute_id, $module = false, $type = 'Enrichment')
// expects a model ID, model type, the module to be used (optional) and the type of enrichment (optional)
public function queryEnrichment($id, $module = false, $type = 'Enrichment', $model = 'Attribute')
{
if (!Configure::read('Plugin.' . $type . '_services_enable')) {
throw new MethodNotAllowedException(__('%s services are not enabled.', $type));
}
$attribute = $this->Event->Attribute->fetchAttributes($this->Auth->user(), [
'conditions' => [
'Attribute.id' => $attribute_id
],
'flatten' => 1,
'includeEventTags' => 1,
'contain' => ['Event' => ['fields' => ['distribution', 'sharing_group_id']]],
]);
if (empty($attribute)) {
throw new MethodNotAllowedException(__('Attribute not found or you are not authorised to see it.'));

if (!in_array($model, array('Attribute', 'ShadowAttribute', 'Object', 'Event'))) {
throw new MethodNotAllowedException(__('Invalid model.'));
}

$this->loadModel('Module');
$enabledModules = $this->Module->getEnabledModules($this->Auth->user(), false, $type);

if (!is_array($enabledModules) || empty($enabledModules)) {
throw new MethodNotAllowedException(__('No valid %s options found for this attribute.', $type));
throw new MethodNotAllowedException(__('No valid %s options found for this %s.', $type, strtolower($model)));
}

if ($model === 'Attribute' || $model === 'ShadowAttribute') {
$attribute = $this->Event->Attribute->fetchAttributes($this->Auth->user(), [
'conditions' => [
'Attribute.id' => $id
],
'flatten' => 1,
'includeEventTags' => 1,
'contain' => ['Event' => ['fields' => ['distribution', 'sharing_group_id']]],
]);
if (empty($attribute)) {
throw new MethodNotAllowedException(__('Attribute not found or you are not authorised to see it.'));
}
}

if ($model === 'Object') {
$object = $this->Event->Object->fetchObjects($this->Auth->user(), [
'conditions' => [
'Object.id' => $id
],
'flatten' => 1,
'includeEventTags' => 1,
'contain' => ['Event' => ['fields' => ['distribution', 'sharing_group_id']]],
]);
if (empty($object)) {
throw new MethodNotAllowedException(__('Object not found or you are not authorised to see it.'));
}
}

if ($this->request->is('ajax')) {
$modules = array();
foreach ($enabledModules['modules'] as $module) {
if (in_array($attribute[0]['Attribute']['type'], $module['mispattributes']['input'])) {
$modules[] = array('name' => $module['name'], 'description' => $module['meta']['description']);
$modules = [];

if ($model === 'Attribute' || $model === 'ShadowAttribute') {
foreach ($enabledModules['modules'] as $module) {
if (in_array($attribute[0]['Attribute']['type'], $module['mispattributes']['input'])) {
$modules[] = array('name' => $module['name'], 'description' => $module['meta']['description']);
}
}
}
foreach (array('attribute_id', 'modules') as $viewVar) {
$this->set($viewVar, $$viewVar);

if ($model === 'Object') {
foreach ($enabledModules['modules'] as $module) {
if (
in_array($object[0]['Object']['name'], $module['mispattributes']['input']) ||
in_array($object[0]['Object']['uuid'], $module['mispattributes']['input'])
) {
$modules[] = array('name' => $module['name'], 'description' => $module['meta']['description']);
}
}
}

$this->set('id', $id);
$this->set('modules', $modules);
$this->set('type', $type);
$this->set('model', $model);
$this->render('ajax/enrichmentChoice');
} else {
$options = array();
$options = [];
$format = 'simplified';
foreach ($enabledModules['modules'] as $temp) {
if ($temp['name'] == $module) {
$format = !empty($temp['mispattributes']['format']) ? $temp['mispattributes']['format'] : 'simplified';
Expand All @@ -5267,7 +5307,13 @@ public function queryEnrichment($attribute_id, $module = false, $type = 'Enrichm
$this->set('title_for_layout', __('Enrichment Results'));
$this->set('title', __('Enrichment Results'));
if ($format == 'misp_standard') {
$this->__queryEnrichment($attribute, $module, $options, $type);
if ($model === 'Attribute' || $model === 'ShadowAttribute') {
$this->__queryEnrichment($attribute, $module, $options, $type);
}

if ($model === 'Object') {
$this->__queryObjectEnrichment($object, $module, $options, $type);
}
} else {
$this->__queryOldEnrichment($attribute, $module, $options, $type);
}
Expand Down Expand Up @@ -5321,6 +5367,57 @@ private function __queryEnrichment($attribute, $module, $options, $type)
}
}

private function __queryObjectEnrichment($object, $module, $options, $type)
{
$object[0]['Object']['Attribute'] = $object[0]['Attribute'];
foreach($object[0]['Object']['Attribute'] as &$attribute) {
if ($this->Event->Attribute->typeIsAttachment($attribute['type'])) {
$attribute['data'] = $this->Event->Attribute->base64EncodeAttachment($attribute);
}
}

$event_id = $object[0]['Event']['id'];
$data = array('module' => $module, 'object' => $object[0]['Object'], 'event_id' => $event_id);
if (!empty($options)) {
$data['config'] = $options;
}
$result = $this->Module->queryModuleServer($data, false, $type, false, $object[0]);
if (!$result) {
throw new InternalErrorException(__('%s service not reachable.', $type));
}
if (isset($result['error'])) {
$this->Flash->error($result['error']);
}
if (!is_array($result)) {
throw new Exception($result);
}
$event = $this->Event->handleMispFormatFromModuleResult($result);
if (empty($event['Attribute']) && empty($event['Object'])) {
throw new NotImplementedException(__('No Attribute or Object returned by the module.'));
} else {
$importComment = !empty($result['comment']) ? $result['comment'] : $object[0]['Object']['value'] . __(': Enriched via the ') . $module . ($type != 'Enrichment' ? ' ' . $type : '') . ' module';
$this->set('importComment', $importComment);
$event['Event'] = $object[0]['Event'];
$org_name = $this->Event->Orgc->find('first', array(
'conditions' => array('Orgc.id' => $event['Event']['orgc_id']),
'fields' => array('Orgc.name')
));
$event['Event']['orgc_name'] = $org_name['Orgc']['name'];
if ($attribute[0]['Object']['id']) {
$object_id = $attribute[0]['Object']['id'];
$initial_object = $this->Event->fetchInitialObject($event_id, $object_id);
if (!empty($initial_object)) {
$event['initialObject'] = $initial_object;
}
}
$this->set('event', $event);
$this->set('menuItem', 'enrichmentResults');
$this->set('title_for_layout', __('Enrichment Results'));
$this->set('title', __('Enrichment Results'));
$this->render('resolved_misp_format');
}
}

private function __queryOldEnrichment($attribute, $module, $options, $type)
{
$data = array('module' => $module, $attribute[0]['Attribute']['type'] => $attribute[0]['Attribute']['value'], 'event_id' => $attribute[0]['Attribute']['event_id'], 'attribute_uuid' => $attribute[0]['Attribute']['uuid']);
Expand Down
8 changes: 4 additions & 4 deletions app/View/Attributes/index.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@ echo $this->element('/genericElements/IndexTable/index_table', [
[
'title' => __('Propose enrichment'),
'icon' => 'asterisk',
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/ShadowAttribute\');',
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Enrichment/ShadowAttribute\');',
'onclick_params_data_path' => 'Attribute.id',
'complex_requirement' => [
'function' => function ($object) use ($modules, $isSiteAdmin, $me) {
Expand All @@ -178,7 +178,7 @@ echo $this->element('/genericElements/IndexTable/index_table', [
[
'title' => __('Propose enrichment through Cortex'),
'icon' => 'eye',
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/ShadowAttribute/Cortex\');',
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Enrichment/ShadowAttribute/Cortex\');',
'onclick_params_data_path' => 'Attribute.id',
'complex_requirement' => [
'function' => function ($object) use ($cortex_modules, $isSiteAdmin, $me) {
Expand All @@ -202,7 +202,7 @@ echo $this->element('/genericElements/IndexTable/index_table', [
[
'title' => __('Add enrichment'),
'icon' => 'asterisk',
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Attribute\');',
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Enrichment/Attribute\');',
'onclick_params_data_path' => 'Attribute.id',
'complex_requirement' => function ($object) use ($modules) {
return $this->Acl->canModifyEvent($object) &&
Expand All @@ -213,7 +213,7 @@ echo $this->element('/genericElements/IndexTable/index_table', [
[
'title' => __('Add enrichment via Cortex'),
'icon' => 'eye',
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Attribute/Cortex\');',
'onclick' => 'simplePopup(\'' . $baseurl . '/events/queryEnrichment/[onclick_params_data_path]/Enrichment/Attribute/Cortex\');',
'onclick_params_data_path' => 'Attribute.id',
'complex_requirement' => function ($object) use ($cortex_modules) {
return $this->Acl->canModifyEvent($object) &&
Expand Down
8 changes: 4 additions & 4 deletions app/View/Elements/Events/View/row_attribute.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -338,12 +338,12 @@
if ($isAclAdd && ($isSiteAdmin || !$mayModify)):
if (isset($modules) && isset($modules['types'][$object['type']])):
?>
<span class="fas fa-asterisk useCursorPointer" role="button" tabindex="0" aria-label="<?php echo __('Query enrichment');?>" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/ShadowAttribute');" title="<?php echo __('Propose enrichment');?>">&nbsp;</span>
<span class="fas fa-asterisk useCursorPointer" role="button" tabindex="0" aria-label="<?php echo __('Query enrichment');?>" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Enrichment/ShadowAttribute');" title="<?php echo __('Propose enrichment');?>">&nbsp;</span>
<?php
endif;
if (isset($cortex_modules) && isset($cortex_modules['types'][$object['type']])):
?>
<span class="icon-eye-open useCursorPointer" role="button" tabindex="0" aria-label="<?php echo __('Query Cortex');?>" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/ShadowAttribute/Cortex');" title="<?php echo __('Propose enrichment through Cortex');?>"></span>
<span class="icon-eye-open useCursorPointer" role="button" tabindex="0" aria-label="<?php echo __('Query Cortex');?>" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Enrichment/ShadowAttribute/Cortex');" title="<?php echo __('Propose enrichment through Cortex');?>"></span>
<?php
endif;
?>
Expand All @@ -358,12 +358,12 @@
if ($isSiteAdmin || $mayModify):
if (isset($modules) && isset($modules['types'][$object['type']])):
?>
<span class="fas fa-asterisk useCursorPointer" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Attribute');" title="<?php echo __('Add enrichment');?>" role="button" tabindex="0" aria-label="<?php echo __('Add enrichment');?>">&nbsp;</span>
<span class="fas fa-asterisk useCursorPointer" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Enrichment/Attribute');" title="<?php echo __('Add enrichment');?>" role="button" tabindex="0" aria-label="<?php echo __('Add enrichment');?>">&nbsp;</span>
<?php
endif;
if (isset($cortex_modules) && isset($cortex_modules['types'][$object['type']])):
?>
<span class="icon-eye-open useCursorPointer" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Attribute/Cortex');" title="<?php echo __('Add enrichment');?>" role="button" tabindex="0" aria-label="<?php echo __('Add enrichment via Cortex');?>"></span>
<span class="icon-eye-open useCursorPointer" onclick="simplePopup('<?php echo $baseurl;?>/events/queryEnrichment/<?= $objectId ?>/Enrichment/Attribute/Cortex');" title="<?php echo __('Add enrichment');?>" role="button" tabindex="0" aria-label="<?php echo __('Add enrichment via Cortex');?>"></span>
<?php
endif;
?>
Expand Down
11 changes: 11 additions & 0 deletions app/View/Elements/Events/View/row_object.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,17 @@ $objectId = intval($object['id']);
<td class="short action-links">
<?php
if ($mayModify) {
if (Configure::read('Plugin.Enrichment_services_enable') && ($isSiteAdmin || $mayModify) && (isset($modules) && isset($modules['types'][$object['name']]))) {
echo sprintf(
'<span class="fa fa-asterisk white useCursorPointer" title="%1$s" role="button" tabindex="0" aria-label="%1$s" onclick="%2$s"></span> ',
__('Add enrichment'),
sprintf(
'simplePopup(\'%s/events/queryEnrichment/%s/0/Enrichment/Object\');',
$baseurl, $objectId
)
);
}

if (empty($object['deleted'])) {
echo sprintf(
'<a href="%s/objects/edit/%s" title="%s" aria-label="%s" class="fa fa-edit white"></a> ',
Expand Down
2 changes: 1 addition & 1 deletion app/View/Events/ajax/enrichmentChoice.ctp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
sprintf(
"window.location='%s/events/queryEnrichment/%s';",
$baseurl,
implode('/', array(h($attribute_id), h($module['name']), h($type)))
implode('/', array(h($id), h($module['name']), h($type), h($model)))
),
h($module['description']),
__('Enrich using the %s module', h($module['name'])),
Expand Down

0 comments on commit 81e0345

Please sign in to comment.