Skip to content
This repository was archived by the owner on Dec 5, 2025. It is now read-only.

[client] background tasks fixes (opencti #10274) #908

Merged
JeremyCloarec merged 2 commits into from
Jun 16, 2025
Merged

[client] background tasks fixes (opencti #10274) #908

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d2ce9cb
[client] add remove from draft/share/unshare methods for sightings an…
JeremyCloarec Jun 13, 2025
7f3f879
[client] add remove from draft/share/unshare methods for sightings an…
JeremyCloarec Jun 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
83 changes: 83 additions & 0 deletions pycti/entities/opencti_stix_core_relationship.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1247,3 +1247,86 @@ def import_from_stix2(self, **kwargs):
self.opencti.app_logger.error(
"[opencti_stix_core_relationship] Missing parameters: stixObject"
)

"""
Share element to multiple organizations

:param entity_id: the stix_core_relationship id
:param organization_id:s the organization to share with
:return void
"""

def organization_share(self, entity_id, organization_ids, sharing_direct_container):
query = """
mutation StixCoreRelationshipEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
stixCoreRelationshipEdit(id: $id) {
restrictionOrganizationAdd(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
id
}
}
}
"""
self.opencti.query(
query,
{
"id": entity_id,
"organizationId": organization_ids,
"directContainerSharing": sharing_direct_container,
},
)

"""
Unshare element from multiple organizations

:param entity_id: the stix_core_relationship id
:param organization_id:s the organization to share with
:return void
"""

def organization_unshare(
self, entity_id, organization_ids, sharing_direct_container
):
query = """
mutation StixCoreRelationshipEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
stixCoreRelationshipEdit(id: $id) {
restrictionOrganizationDelete(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
id
}
}
}
"""
self.opencti.query(
query,
{
"id": entity_id,
"organizationId": organization_ids,
"directContainerSharing": sharing_direct_container,
},
)

"""
Remove a stix_core_relationship object from draft (revert)

:param id: the stix_core_relationship id
:return void
"""

def remove_from_draft(self, **kwargs):
id = kwargs.get("id", None)
if id is not None:
self.opencti.app_logger.info(
"Draft remove stix_core_relationship", {"id": id}
)
query = """
mutation StixCoreRelationshipEditDraftRemove($id: ID!) {
stixCoreRelationshipEdit(id: $id) {
removeFromDraft
}
}
"""
self.opencti.query(query, {"id": id})
else:
self.opencti.app_logger.error(
"[stix_core_relationship] Cant remove from draft, missing parameters: id"
)
return None
81 changes: 81 additions & 0 deletions pycti/entities/opencti_stix_sighting_relationship.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -802,6 +802,87 @@ def update_created_by(self, **kwargs):
self.opencti.app_logger.error("Missing parameters: id")
return False

"""
Share element to multiple organizations

:param entity_id: the stix_sighting id
:param organization_id:s the organization to share with
:return void
"""

def organization_share(self, entity_id, organization_ids, sharing_direct_container):
query = """
mutation StixSightingRelationshipEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
stixSightingRelationshipEdit(id: $id) {
restrictionOrganizationAdd(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
id
}
}
}
"""
self.opencti.query(
query,
{
"id": entity_id,
"organizationId": organization_ids,
"directContainerSharing": sharing_direct_container,
},
)

"""
Unshare element from multiple organizations

:param entity_id: the stix_sighting id
:param organization_id:s the organization to share with
:return void
"""

def organization_unshare(
self, entity_id, organization_ids, sharing_direct_container
):
query = """
mutation StixSightingRelationshipEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
stixSightingRelationshipEdit(id: $id) {
restrictionOrganizationDelete(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
id
}
}
}
"""
self.opencti.query(
query,
{
"id": entity_id,
"organizationId": organization_ids,
"directContainerSharing": sharing_direct_container,
},
)

"""
Remove a stix_sighting object from draft (revert)

:param id: the stix_sighting id
:return void
"""

def remove_from_draft(self, **kwargs):
id = kwargs.get("id", None)
if id is not None:
self.opencti.app_logger.info("Draft remove stix_sighting", {"id": id})
query = """
mutation StixSightingRelationshipEditDraftRemove($id: ID!) {
stixSightingRelationshipEdit(id: $id) {
removeFromDraft
}
}
"""
self.opencti.query(query, {"id": id})
else:
self.opencti.app_logger.error(
"[stix_sighting] Cant remove from draft, missing parameters: id"
)
return None

"""
Delete a stix_sighting

Expand Down
44 changes: 37 additions & 7 deletions pycti/utils/opencti_stix2.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2522,9 +2522,20 @@ def organization_share(self, item):
)
if sharing_direct_container is None:
sharing_direct_container = item["sharing_direct_container"]
self.opencti.stix_core_object.organization_share(
item["id"], organization_ids, sharing_direct_container
)

if item["type"] == "relationship":
self.opencti.stix_core_relationship.organization_share(
item["id"], organization_ids, sharing_direct_container
)
elif item["type"] == "sighting":
self.opencti.stix_sighting_relationship.organization_share(
item["id"], organization_ids, sharing_direct_container
)
else:
# Element is considered stix core object
self.opencti.stix_core_object.organization_share(
item["id"], organization_ids, sharing_direct_container
)

def organization_unshare(self, item):
organization_ids = self.opencti.get_attribute_in_extension(
Expand All @@ -2537,9 +2548,19 @@ def organization_unshare(self, item):
)
if sharing_direct_container is None:
sharing_direct_container = item["sharing_direct_container"]
self.opencti.stix_core_object.organization_unshare(
item["id"], organization_ids, sharing_direct_container
)
if item["type"] == "relationship":
self.opencti.stix_core_relationship.organization_unshare(
item["id"], organization_ids, sharing_direct_container
)
elif item["type"] == "sighting":
self.opencti.stix_sighting_relationship.organization_unshare(
item["id"], organization_ids, sharing_direct_container
)
else:
# Element is considered stix core object
self.opencti.stix_core_object.organization_unshare(
item["id"], organization_ids, sharing_direct_container
)

def element_operation_delete(self, item, operation):
# If data is stix, just use the generic stix function for deletion
Expand All @@ -2564,11 +2585,20 @@ def element_operation_delete(self, item, operation):
"Delete operation or not found stix helper", {"type": item["type"]}
)

def element_remove_from_draft(self, item):
if item["type"] == "relationship":
self.opencti.stix_core_relationship.remove_from_draft(id=item["id"])
elif item["type"] == "sighting":
self.opencti.stix_sighting_relationship.remove_from_draft(id=item["id"])
else:
# Element is considered stix core object
self.opencti.stix_core_object.remove_from_draft(id=item["id"])

def apply_opencti_operation(self, item, operation):
if operation == "delete" or operation == "delete_force":
self.element_operation_delete(item=item, operation=operation)
elif operation == "revert_draft":
self.opencti.stix_core_object.remove_from_draft(id=item["id"])
self.element_remove_from_draft(item=item)
elif operation == "restore":
self.opencti.trash.restore(item["id"])
elif operation == "merge":
Expand Down