Exemple #1
0
 public function hids($isSiteAdmin, $org, $type, $tags = '', $from = false, $to = false, $last = false)
 {
     if (empty($org)) {
         throw new MethodNotAllowedException('No org supplied.');
     }
     // check if it's a valid type
     if ($type != 'md5' && $type != 'sha1' && $type != 'sha256') {
         throw new UnauthorizedException('Invalid hash type.');
     }
     $typeArray = array($type, 'filename|' . $type);
     if ($type == 'md5') {
         $typeArray[] = 'malware-sample';
     }
     $rules = array();
     $eventIds = $this->Event->fetchEventIds($org, $isSiteAdmin, $from, $to, $last);
     if ($tags !== '') {
         $tag = ClassRegistry::init('Tag');
         $args = $this->dissectArgs($tags);
         $tagArray = $tag->fetchEventTagIds($args[0], $args[1]);
         if (!empty($tagArray[0])) {
             foreach ($eventIds as $k => $v) {
                 if (!in_array($v['Event']['id'], $tagArray[0])) {
                     unset($eventIds[$k]);
                 }
             }
         }
         if (!empty($tagArray[1])) {
             foreach ($eventIds as $k => $v) {
                 if (in_array($v['Event']['id'], $tagArray[1])) {
                     unset($eventIds[$k]);
                 }
             }
         }
     }
     $continue = false;
     foreach ($eventIds as $event) {
         //restricting to non-private or same org if the user is not a site-admin.
         $conditions['AND'] = array('Attribute.to_ids' => 1, 'Event.published' => 1, 'Attribute.type' => $typeArray, 'Attribute.event_id' => $event['Event']['id']);
         if (!$isSiteAdmin && $org !== $event['Event']['org']) {
             $conditions['AND']['Attribute.distribution >'] = 0;
         }
         $params = array('conditions' => $conditions, 'recursive' => 0, 'fields' => array('Attribute.type', 'Attribute.value1', 'Attribute.value2'), 'group' => array('Attribute.type', 'Attribute.value1'));
         $items = $this->find('all', $params);
         App::uses('HidsExport', 'Export');
         $export = new HidsExport();
         $rules = array_merge($rules, $export->export($items, strtoupper($type), $continue));
         $continue = true;
     }
     return $rules;
 }
Exemple #2
0
 public function hids($isSiteAdmin, $org, $type, $tags = '', $from, $to, $last)
 {
     if (empty($org)) {
         throw new MethodNotAllowedException('No org supplied.');
     }
     // check if it's a valid type
     if ($type != 'md5' && $type != 'sha1' && $type != 'sha256') {
         throw new UnauthorizedException('Invalid hash type.');
     }
     $typeArray = array($type, 'filename|' . $type);
     if ($type == 'md5') {
         $typeArray[] = 'malware-sample';
     }
     //restricting to non-private or same org if the user is not a site-admin.
     $conditions['AND'] = array('Attribute.to_ids' => 1, 'Event.published' => 1, 'Attribute.type' => $typeArray);
     if (!$isSiteAdmin) {
         $temp = array();
         $distribution = array();
         array_push($temp, array('Attribute.distribution >' => 0));
         array_push($temp, array('AND' => array('Attribute.distribution >' => 0, 'Event.distribution >' => 0)));
         array_push($temp, array('(SELECT events.org FROM events WHERE events.id = Attribute.event_id) LIKE' => $org));
         $conditions['OR'] = $temp;
     }
     // If we sent any tags along, load the associated tag names for each attribute
     if ($tags !== '') {
         $tag = ClassRegistry::init('Tag');
         $args = $this->dissectArgs($tags);
         $tagArray = $tag->fetchEventTagIds($args[0], $args[1]);
         $temp = array();
         foreach ($tagArray[0] as $accepted) {
             $temp['OR'][] = array('Event.id' => $accepted);
         }
         $conditions['AND'][] = $temp;
         $temp = array();
         foreach ($tagArray[1] as $rejected) {
             $temp['AND'][] = array('Event.id !=' => $rejected);
         }
         $conditions['AND'][] = $temp;
     }
     if ($last) {
         $conditions['AND'][] = array('Event.publish_timestamp >=' => $last);
     }
     if ($from) {
         $conditions['AND'][] = array('Event.date >=' => $from);
     }
     if ($to) {
         $conditions['AND'][] = array('Event.date <=' => $to);
     }
     $params = array('conditions' => $conditions, 'recursive' => 0, 'group' => array('Attribute.type', 'Attribute.value1'));
     $items = $this->find('all', $params);
     App::uses('HidsExport', 'Export');
     $export = new HidsExport();
     $rules = $export->export($items, strtoupper($type));
     return $rules;
 }