Skip to content

Commit

Permalink
fix: Remove the option for disabling sightings - it's an integral fea…
Browse files Browse the repository at this point in the history 
…ture of the MISP core. Fixes #2820
  • Loading branch information
@iglocska
iglocska committed Jan 16, 2018
1 parent 4db92dc commit a7aa235
Show file tree
Hide file tree
Showing 9 changed files with 202 additions and 241 deletions.
2 changes: 1 addition & 1 deletion app/Controller/EventsController.php
View file
Expand Up @@ -596,7 +596,7 @@ public function index() {
}
$events = $this->Event->attachTagsToEvents($events);
if (Configure::read('MISP.showCorrelationsOnIndex')) $events = $this->Event->attachCorrelationCountToEvents($this->Auth->user(), $events);
if (Configure::read('MISP.showSightingsCountOnIndex') && Configure::read('MISP.Plugin.Sightings_enable') !== false) $events = $this->Event->attachSightingsCountToEvents($this->Auth->user(), $events);
if (Configure::read('MISP.showSightingsCountOnIndex')) $events = $this->Event->attachSightingsCountToEvents($this->Auth->user(), $events);
if (Configure::read('MISP.showProposalsCountOnIndex')) $events = $this->Event->attachProposalsCountToEvents($this->Auth->user(), $events);
if (Configure::read('MISP.showDiscussionsCountOnIndex')) $events = $this->Event->attachDiscussionsCountToEvents($this->Auth->user(), $events);
$events = $this->GalaxyCluster->attachClustersToEventIndex($events, true);
Expand Down
1 change: 0 additions & 1 deletion app/Controller/SightingsController.php
View file
Expand Up @@ -6,7 +6,6 @@ class SightingsController extends AppController {

public function beforeFilter() {
parent::beforeFilter();
if (Configure::read('Plugin.Sightings_enable') === false) throw new MethodNotAllowedException('This feature is not enabled on this instance.');
}

public $paginate = array(
Expand Down
8 changes: 2 additions & 6 deletions app/Model/Event.php
View file
Expand Up @@ -1595,9 +1595,7 @@ public function fetchEvent($user, $options = array(), $useCache = false) {
if (empty($results)) return array();

// Do some refactoring with the event
if (Configure::read('Plugin.Sightings_enable') !== false) {
$this->Sighting = ClassRegistry::init('Sighting');
}
$this->Sighting = ClassRegistry::init('Sighting');
$userEmails = array();
$fields = array(
'common' => array('distribution', 'sharing_group_id', 'uuid'),
Expand Down Expand Up @@ -1763,9 +1761,7 @@ public function fetchEvent($user, $options = array(), $useCache = false) {
$event['ShadowAttribute'] = $this->Feed->attachFeedCorrelations($event['ShadowAttribute'], $user, $event['Event'], $overrideLimit);
}
}
if (Configure::read('Plugin.Sightings_enable') !== false) {
$event['Sighting'] = $this->Sighting->attachToEvent($event, $user);
}
$event['Sighting'] = $this->Sighting->attachToEvent($event, $user);
// remove proposals to attributes that we cannot see
// if the shadow attribute wasn't moved within an attribute before, this is the case
if (isset($event['ShadowAttribute'])) {
Expand Down
8 changes: 0 additions & 8 deletions app/Model/Server.php
View file
Expand Up @@ -1278,14 +1278,6 @@ class Server extends AppModel {
'test' => 'testBool',
'type' => 'boolean'
),
'Sightings_enable' => array(
'level' => 1,
'description' => 'Enables or disables the sighting functionality. When enabled, users can use the UI or the appropriate APIs to submit sightings data about indicators.',
'value' => true,
'errorMessage' => '',
'test' => 'testBool',
'type' => 'boolean',
),
'Sightings_policy' => array(
'level' => 1,
'description' => 'This setting defines who will have access to seeing the reported sightings. The default setting is the event owner alone (in addition to everyone seeing their own contribution) with the other options being Sighting reporters (meaning the event owner and anyone that provided sighting data about the event) and Everyone (meaning anyone that has access to seeing the event / attribute).',
Expand Down
12 changes: 5 additions & 7 deletions app/View/Elements/Events/View/row_attribute.ctp
View file
Expand Up @@ -237,13 +237,11 @@
</div>
</td>
<?php
if (Configure::read('Plugin.Sightings_enable') !== false):
echo $this->element('/Events/View/sighting_field', array(
'object' => $object,
'tr_class' => $tr_class,
'page' => $page
));
endif;
echo $this->element('/Events/View/sighting_field', array(
'object' => $object,
'tr_class' => $tr_class,
'page' => $page
));
?>
<td class="short action-links">
<?php
Expand Down
278 changes: 136 additions & 142 deletions app/View/Elements/Events/View/row_proposal.ctp
View file
Expand Up @@ -36,163 +36,157 @@
<input id = "select_proposal_<?php echo $object['id']; ?>" class="select_proposal row_checkbox" type="checkbox" data-id="<?php echo $object['id'];?>" />
</td>
<?php endif; ?>
<td class="short context hidden">
<td class="short context hidden">
<?php
echo $object['objectType'] == 0 ? h($object['id']) : '&nbsp;';
?>
</td>
<td class="short context hidden">
<?php echo $object['objectType'] == 0 ? h($object['uuid']) : '&nbsp;'; ?>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_timestamp_solid'; ?>">
<?php
echo $object['objectType'] == 0 ? h($object['id']) : '&nbsp;';
if (isset($object['timestamp'])) echo date('Y-m-d', $object['timestamp']);
else echo '&nbsp';
?>
</td>
<td class="short context hidden">
<?php echo $object['objectType'] == 0 ? h($object['uuid']) : '&nbsp;'; ?>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_timestamp_solid'; ?>">
<?php
if (isset($object['timestamp'])) echo date('Y-m-d', $object['timestamp']);
else echo '&nbsp';
?>
</div>
</td>
<td class="short">
<?php
if ($object['objectType'] != 0) {
if (isset($object['Org']['name'])) {
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS . h($object['Org']['name']) . '.png';
if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($object['Org']['name']) . '.png', array('alt' => h($object['Org']['name']), 'title' => h($object['Org']['name']), 'style' => 'width:24px; height:24px'));
else echo h($object['Org']['name']);
}
} else { ?>
&nbsp;
<?php
</div>
</td>
<td class="short">
<?php
if ($object['objectType'] != 0) {
if (isset($object['Org']['name'])) {
$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS . h($object['Org']['name']) . '.png';
if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($object['Org']['name']) . '.png', array('alt' => h($object['Org']['name']), 'title' => h($object['Org']['name']), 'style' => 'width:24px; height:24px'));
else echo h($object['Org']['name']);
}
?>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'category', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['category']); ?>
</div>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'type', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['type']); ?>
</div>
</td>
<td id="<?php echo h($currentType) . '_' . h($object['id']) . '_container'; ?>" class="showspaces limitedWidth shortish">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_placeholder'; ?>" class = "inline-field-placeholder"></div>
<?php
if ('attachment' !== $object['type'] && 'malware-sample' !== $object['type']) $editable = ' ondblclick="activateField(\'' . $currentType . '\', \'' . $object['id'] . '\', \'value\', \'' . $event['Event']['id'] . '\');"';
else $editable = '';
?>
<div id = "<?php echo $currentType; ?>_<?php echo $object['id']; ?>_value_solid" class="inline-field-solid" <?php echo $editable; ?>>
<span <?php if (Configure::read('Plugin.Enrichment_hover_enable') && isset($modules) && isset($modules['hover_type'][$object['type']])) echo 'class="eventViewAttributeHover" data-object-type="' . h($currentType) . '" data-object-id="' . h($object['id']) . '"'?>>
} else { ?>
&nbsp;
<?php
}
?>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_category_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'category', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['category']); ?>
</div>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_type_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'type', <?php echo $event['Event']['id'];?>);">
<?php echo h($object['type']); ?>
</div>
</td>
<td id="<?php echo h($currentType) . '_' . h($object['id']) . '_container'; ?>" class="showspaces limitedWidth shortish">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_placeholder'; ?>" class = "inline-field-placeholder"></div>
<?php
if ('attachment' !== $object['type'] && 'malware-sample' !== $object['type']) $editable = ' ondblclick="activateField(\'' . $currentType . '\', \'' . $object['id'] . '\', \'value\', \'' . $event['Event']['id'] . '\');"';
else $editable = '';
?>
<div id = "<?php echo $currentType; ?>_<?php echo $object['id']; ?>_value_solid" class="inline-field-solid" <?php echo $editable; ?>>
<span <?php if (Configure::read('Plugin.Enrichment_hover_enable') && isset($modules) && isset($modules['hover_type'][$object['type']])) echo 'class="eventViewAttributeHover" data-object-type="' . h($currentType) . '" data-object-id="' . h($object['id']) . '"'?>>
<?php
echo $this->element('/Events/View/value_field', array('object' => $object, 'linkClass' => $linkClass));
?>
</span>
<?php
echo $this->element('/Events/View/value_field', array('object' => $object, 'linkClass' => $linkClass));
?>
</span>
<?php
if (isset($object['warnings'])) {
$temp = '';
$components = array(1 => 0, 2 => 1);
$valueParts = explode('|', $object['value']);
foreach ($components as $component => $valuePart) {
if (isset($object['warnings'][$component]) && isset($valueParts[$valuePart])) {
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
}
if (isset($object['warnings'])) {
$temp = '';
$components = array(1 => 0, 2 => 1);
$valueParts = explode('|', $object['value']);
foreach ($components as $component => $valuePart) {
if (isset($object['warnings'][$component]) && isset($valueParts[$valuePart])) {
foreach ($object['warnings'][$component] as $warning) $temp .= '<span class=\'bold\'>' . h($valueParts[$valuePart]) . '</span>: <span class=\'red\'>' . h($warning) . '</span><br />';
}
echo ' <span class="icon-warning-sign icon-white" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover">&nbsp;</span>';
}
?>
echo ' <span class="icon-warning-sign icon-white" data-placement="right" data-toggle="popover" data-content="' . h($temp) . '" data-trigger="hover">&nbsp;</span>';
}
?>
</div>
</td>
<td class="shortish">
<?php
if ($object['objectType'] == 0):
?>
<div class="attributeTagContainer">
&nbsp;
</div>
</td>
<td class="shortish">
<?php
else:
?>
&nbsp;
<?php
endif;
?>
</td>
<td class="showspaces bitwider">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'comment', <?php echo $event['Event']['id'];?>);">
<?php echo nl2br(h($object['comment'])); ?>&nbsp;
</div>
</td>
<td class="short" style="padding-top:3px;">&nbsp;</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
if ($object['objectType'] == 0):
if (!empty($event['RelatedShadowAttribute'][$object['id']])) {
foreach ($event['RelatedShadowAttribute'][$object['id']] as $relatedAttribute) {
$relatedData = array('Event info' => $relatedAttribute['info'], 'Correlating Value' => $relatedAttribute['value'], 'date' => isset($relatedAttribute['date']) ? $relatedAttribute['date'] : 'N/A');
$popover = '';
foreach ($relatedData as $k => $v) {
$popover .= '<span class=\'bold black\'>' . h($k) . '</span>: <span class="blue">' . h($v) . '</span><br />';
}
echo '<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="' . h($popover) . '" data-trigger="hover"><span>';
$correlationClass = 'white' . ($relatedAttribute['org_id'] == $me['org_id'] ? ' bold' : '');
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array('class' => $correlationClass));
echo "</span></li>";
echo ' ';
}
}
?>
<div class="attributeTagContainer">
&nbsp;
</div>
</ul>
</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
else:
?>
&nbsp;
if (!empty($object['Feed'])):
foreach ($object['Feed'] as $feed):
$popover = '';
foreach ($feed as $k => $v):
if ($k == 'id') continue;
$popover .= '<span class=\'bold black\'>' . Inflector::humanize(h($k)) . '</span>: <span class="blue">' . h($v) . '</span><br />';
endforeach;
?>
<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="<?php echo h($popover);?>" data-trigger="hover"><span>
<?php
if ($isSiteAdmin):
echo $this->Html->link($feed['id'], array('controller' => 'feeds', 'action' => 'previewIndex', $feed['id']), array('style' => 'margin-right:3px;'));
else:
?>
<span style="margin-right:3px;"><?php echo h($feed['id']);?></span>
<?php
endif;
endforeach;
?>
</li>
<?php
endif;
?>
</td>
<td class="showspaces bitwider">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_comment_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'comment', <?php echo $event['Event']['id'];?>);">
<?php echo nl2br(h($object['comment'])); ?>&nbsp;
</div>
</td>
<td class="short" style="padding-top:3px;">&nbsp;</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
if (!empty($event['RelatedShadowAttribute'][$object['id']])) {
foreach ($event['RelatedShadowAttribute'][$object['id']] as $relatedAttribute) {
$relatedData = array('Event info' => $relatedAttribute['info'], 'Correlating Value' => $relatedAttribute['value'], 'date' => isset($relatedAttribute['date']) ? $relatedAttribute['date'] : 'N/A');
$popover = '';
foreach ($relatedData as $k => $v) {
$popover .= '<span class=\'bold black\'>' . h($k) . '</span>: <span class="blue">' . h($v) . '</span><br />';
}
echo '<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="' . h($popover) . '" data-trigger="hover"><span>';
$correlationClass = 'white' . ($relatedAttribute['org_id'] == $me['org_id'] ? ' bold' : '');
echo $this->Html->link($relatedAttribute['id'], array('controller' => 'events', 'action' => 'view', $relatedAttribute['id'], true, $event['Event']['id']), array('class' => $correlationClass));
echo "</span></li>";
echo ' ';
}
}
?>
</ul>
</td>
<td class="shortish">
<ul class="inline" style="margin:0px;">
<?php
if (!empty($object['Feed'])):
foreach ($object['Feed'] as $feed):
$popover = '';
foreach ($feed as $k => $v):
if ($k == 'id') continue;
$popover .= '<span class=\'bold black\'>' . Inflector::humanize(h($k)) . '</span>: <span class="blue">' . h($v) . '</span><br />';
endforeach;
?>
<li style="padding-right: 0px; padding-left:0px;" data-toggle="popover" data-content="<?php echo h($popover);?>" data-trigger="hover"><span>
<?php
if ($isSiteAdmin):
echo $this->Html->link($feed['id'], array('controller' => 'feeds', 'action' => 'previewIndex', $feed['id']), array('style' => 'margin-right:3px;'));
else:
?>
<span style="margin-right:3px;"><?php echo h($feed['id']);?></span>
<?php
endif;
endforeach;
?>
</li>
<?php
endif;
?>
</ul>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'to_ids', <?php echo $event['Event']['id'];?>);">
<?php
if ($object['to_ids']) echo 'Yes';
else echo 'No';
?>
</div>
</td>
<td class="shortish">&nbsp;</td>
<?php
if (Configure::read('Plugin.Sightings_enable') !== false):
?>
</ul>
</td>
<td class="short">
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_placeholder'; ?>" class = "inline-field-placeholder"></div>
<div id = "<?php echo $currentType . '_' . $object['id'] . '_to_ids_solid'; ?>" class="inline-field-solid" ondblclick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'to_ids', <?php echo $event['Event']['id'];?>);">
<?php
if ($object['to_ids']) echo 'Yes';
else echo 'No';
?>
</div>
</td>
<td class="shortish">&nbsp;</td>
<td class="shortish">&nbsp;</td>
<td class="short">&nbsp;</td>
<?php
endif;
?>
<td class="short action-links">
<?php
if (($event['Orgc']['id'] == $me['org_id'] && $mayModify) || $isSiteAdmin) {
Expand Down

0 comments on commit a7aa235

Please sign in to comment.