From 97daca0d41670ca02b4e12821822834d4f2b81df Mon Sep 17 00:00:00 2001
From: Cathia Archidoit <cathia.archidoit@filigran.io>
Date: Mon, 23 Jun 2025 17:36:19 +0200
Subject: [PATCH 1/6] [frontend] trials

---
 pycti/api/opencti_api_client.py        |  2 ++
 pycti/api/opencti_api_internal_file.py | 29 ++++++++++++++++++++++++++
 pycti/utils/opencti_stix2.py           | 18 +++++++++++++++-
 3 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 pycti/api/opencti_api_internal_file.py

diff --git a/pycti/api/opencti_api_client.py b/pycti/api/opencti_api_client.py
index c27a46bb3..f91835df3 100644
--- a/pycti/api/opencti_api_client.py
+++ b/pycti/api/opencti_api_client.py
@@ -18,6 +18,7 @@
 from pycti.api.opencti_api_trash import OpenCTIApiTrash
 from pycti.api.opencti_api_work import OpenCTIApiWork
 from pycti.api.opencti_api_workspace import OpenCTIApiWorkspace
+from pycti.api.opencti_api_internal_file import OpenCTIApiInternalFile
 from pycti.entities.opencti_attack_pattern import AttackPattern
 from pycti.entities.opencti_campaign import Campaign
 from pycti.entities.opencti_capability import Capability
@@ -182,6 +183,7 @@ def __init__(
         self.connector = OpenCTIApiConnector(self)
         self.stix2 = OpenCTIStix2(self)
         self.pir = OpenCTIApiPir(self)
+        self.internal_file = OpenCTIApiInternalFile(self)
 
         # Define the entities
         self.vocabulary = Vocabulary(self)
diff --git a/pycti/api/opencti_api_internal_file.py b/pycti/api/opencti_api_internal_file.py
new file mode 100644
index 000000000..d858bc4ae
--- /dev/null
+++ b/pycti/api/opencti_api_internal_file.py
@@ -0,0 +1,29 @@
+class OpenCTIApiInternalFile:
+    """OpenCTIApiInternalFile"""
+
+    def __init__(self, api):
+        self.api = api
+
+    def delete(self, **kwargs):
+        fileName = kwargs.get("fileName", None)
+        self.opencti.app_logger.info(
+            "-------- fileName ----------",
+            {"filename": fileName},
+        )
+        if fileName is not None:
+            query = """
+                mutation InternalFileDelete($fileName: String) {
+                    deleteImport(fileName: $fileName)
+                }
+               """
+            self.api.query(
+                query,
+                {
+                    "fileName": fileName,
+                },
+            )
+        else:
+            self.opencti.app_logger.error(
+                "[stix_internal_file] Cant delete internal file, missing parameters: fileName"
+            )
+            return None
diff --git a/pycti/utils/opencti_stix2.py b/pycti/utils/opencti_stix2.py
index 860427d48..8b1712f35 100644
--- a/pycti/utils/opencti_stix2.py
+++ b/pycti/utils/opencti_stix2.py
@@ -941,6 +941,7 @@ def get_internal_helper(self):
             "workspace": self.opencti.workspace,
             "publicdashboard": self.opencti.public_dashboard,
             "notification": self.opencti.notification,
+            "internalfile": self.opencti.internal_file
         }
 
     def generate_standard_id_from_stix(self, data):
@@ -2598,7 +2599,22 @@ def element_operation_delete(self, item, operation):
         else:
             # Element is not knowledge we need to use the right api
             stix_helper = self.get_internal_helper().get(item["type"])
-            if stix_helper and hasattr(stix_helper, "delete"):
+
+            self.opencti.app_logger.info(stix_helper)
+            self.opencti.app_logger.info(
+                "-------- TYPE ----------",
+                {"type": item["type"]},
+            )
+            if item["type"] == "internalfile":
+                self.opencti.app_logger.info(
+                    "-------- internal file ----------",
+                    {"type": item["type"]},
+                )
+                self.opencti.app_logger.info(item)
+                fileName = self.opencti.get_attribute_in_extension("id", item)
+                self.opencti.app_logger.info(fileName)
+                stix_helper.delete(fileName=item["fileName"])
+            elif stix_helper and hasattr(stix_helper, "delete"):
                 stix_helper.delete(id=item["id"])
             else:
                 raise ValueError(

From a9f70f063854ab093be548ca73dc81ee6b5e388d Mon Sep 17 00:00:00 2001
From: Cathia Archidoit <cathia.archidoit@filigran.io>
Date: Tue, 24 Jun 2025 09:55:19 +0200
Subject: [PATCH 2/6] [client-python] fixes

---
 pycti/api/opencti_api_internal_file.py | 6 +-----
 pycti/api/opencti_api_playbook.py      | 2 +-
 pycti/utils/opencti_stix2.py           | 2 +-
 3 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/pycti/api/opencti_api_internal_file.py b/pycti/api/opencti_api_internal_file.py
index d858bc4ae..b4390f194 100644
--- a/pycti/api/opencti_api_internal_file.py
+++ b/pycti/api/opencti_api_internal_file.py
@@ -6,10 +6,6 @@ def __init__(self, api):
 
     def delete(self, **kwargs):
         fileName = kwargs.get("fileName", None)
-        self.opencti.app_logger.info(
-            "-------- fileName ----------",
-            {"filename": fileName},
-        )
         if fileName is not None:
             query = """
                 mutation InternalFileDelete($fileName: String) {
@@ -23,7 +19,7 @@ def delete(self, **kwargs):
                 },
             )
         else:
-            self.opencti.app_logger.error(
+            self.api.app_logger.error(
                 "[stix_internal_file] Cant delete internal file, missing parameters: fileName"
             )
             return None
diff --git a/pycti/api/opencti_api_playbook.py b/pycti/api/opencti_api_playbook.py
index 62a24d515..96677fc0f 100644
--- a/pycti/api/opencti_api_playbook.py
+++ b/pycti/api/opencti_api_playbook.py
@@ -48,7 +48,7 @@ def delete(self, **kwargs):
                 },
             )
         else:
-            self.opencti.app_logger.error(
+            self.api.app_logger.error(
                 "[stix_playbook] Cant delete playbook, missing parameters: id"
             )
             return None
diff --git a/pycti/utils/opencti_stix2.py b/pycti/utils/opencti_stix2.py
index 8b1712f35..06312dd09 100644
--- a/pycti/utils/opencti_stix2.py
+++ b/pycti/utils/opencti_stix2.py
@@ -2613,7 +2613,7 @@ def element_operation_delete(self, item, operation):
                 self.opencti.app_logger.info(item)
                 fileName = self.opencti.get_attribute_in_extension("id", item)
                 self.opencti.app_logger.info(fileName)
-                stix_helper.delete(fileName=item["fileName"])
+                stix_helper.delete(fileName=fileName)
             elif stix_helper and hasattr(stix_helper, "delete"):
                 stix_helper.delete(id=item["id"])
             else:

From 7225eabba9986140dab115f076c8d8fa6866f333 Mon Sep 17 00:00:00 2001
From: Cathia Archidoit <cathia.archidoit@filigran.io>
Date: Tue, 24 Jun 2025 09:58:39 +0200
Subject: [PATCH 3/6] [client-python] fixes

---
 pycti/api/opencti_api_internal_file.py |  3 ++-
 pycti/utils/opencti_stix2.py           | 19 ++-----------------
 2 files changed, 4 insertions(+), 18 deletions(-)

diff --git a/pycti/api/opencti_api_internal_file.py b/pycti/api/opencti_api_internal_file.py
index b4390f194..fe8c0df33 100644
--- a/pycti/api/opencti_api_internal_file.py
+++ b/pycti/api/opencti_api_internal_file.py
@@ -5,7 +5,8 @@ def __init__(self, api):
         self.api = api
 
     def delete(self, **kwargs):
-        fileName = kwargs.get("fileName", None)
+        item = kwargs.get("item", None)
+        fileName = self.api.get_attribute_in_extension("id", item)
         if fileName is not None:
             query = """
                 mutation InternalFileDelete($fileName: String) {
diff --git a/pycti/utils/opencti_stix2.py b/pycti/utils/opencti_stix2.py
index 06312dd09..89aa7abdc 100644
--- a/pycti/utils/opencti_stix2.py
+++ b/pycti/utils/opencti_stix2.py
@@ -2599,23 +2599,8 @@ def element_operation_delete(self, item, operation):
         else:
             # Element is not knowledge we need to use the right api
             stix_helper = self.get_internal_helper().get(item["type"])
-
-            self.opencti.app_logger.info(stix_helper)
-            self.opencti.app_logger.info(
-                "-------- TYPE ----------",
-                {"type": item["type"]},
-            )
-            if item["type"] == "internalfile":
-                self.opencti.app_logger.info(
-                    "-------- internal file ----------",
-                    {"type": item["type"]},
-                )
-                self.opencti.app_logger.info(item)
-                fileName = self.opencti.get_attribute_in_extension("id", item)
-                self.opencti.app_logger.info(fileName)
-                stix_helper.delete(fileName=fileName)
-            elif stix_helper and hasattr(stix_helper, "delete"):
-                stix_helper.delete(id=item["id"])
+            if stix_helper and hasattr(stix_helper, "delete"):
+                stix_helper.delete(id=item["id"], item=item)
             else:
                 raise ValueError(
                     "Delete operation or not found stix helper", {"type": item["type"]}

From 95cbddb9041957a95a3d06fd40c6f05b8b20bf5c Mon Sep 17 00:00:00 2001
From: Cathia Archidoit <cathia.archidoit@filigran.io>
Date: Tue, 24 Jun 2025 10:04:08 +0200
Subject: [PATCH 4/6] [client-python] isort

---
 pycti/api/opencti_api_client.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pycti/api/opencti_api_client.py b/pycti/api/opencti_api_client.py
index f91835df3..1e6b4784b 100644
--- a/pycti/api/opencti_api_client.py
+++ b/pycti/api/opencti_api_client.py
@@ -11,6 +11,7 @@
 from pycti import __version__
 from pycti.api.opencti_api_connector import OpenCTIApiConnector
 from pycti.api.opencti_api_draft import OpenCTIApiDraft
+from pycti.api.opencti_api_internal_file import OpenCTIApiInternalFile
 from pycti.api.opencti_api_notification import OpenCTIApiNotification
 from pycti.api.opencti_api_pir import OpenCTIApiPir
 from pycti.api.opencti_api_playbook import OpenCTIApiPlaybook
@@ -18,7 +19,6 @@
 from pycti.api.opencti_api_trash import OpenCTIApiTrash
 from pycti.api.opencti_api_work import OpenCTIApiWork
 from pycti.api.opencti_api_workspace import OpenCTIApiWorkspace
-from pycti.api.opencti_api_internal_file import OpenCTIApiInternalFile
 from pycti.entities.opencti_attack_pattern import AttackPattern
 from pycti.entities.opencti_campaign import Campaign
 from pycti.entities.opencti_capability import Capability

From 5abe76cec103335c03c1843afce054140dc417e0 Mon Sep 17 00:00:00 2001
From: Cathia Archidoit <cathia.archidoit@filigran.io>
Date: Tue, 24 Jun 2025 10:21:48 +0200
Subject: [PATCH 5/6] [client-python] black

---
 pycti/utils/opencti_stix2.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pycti/utils/opencti_stix2.py b/pycti/utils/opencti_stix2.py
index 89aa7abdc..142798afb 100644
--- a/pycti/utils/opencti_stix2.py
+++ b/pycti/utils/opencti_stix2.py
@@ -941,7 +941,7 @@ def get_internal_helper(self):
             "workspace": self.opencti.workspace,
             "publicdashboard": self.opencti.public_dashboard,
             "notification": self.opencti.notification,
-            "internalfile": self.opencti.internal_file
+            "internalfile": self.opencti.internal_file,
         }
 
     def generate_standard_id_from_stix(self, data):

From c07b300d490f02b17134577211806968261d5bd2 Mon Sep 17 00:00:00 2001
From: Cathia Archidoit <cathia.archidoit@filigran.io>
Date: Tue, 24 Jun 2025 14:24:45 +0200
Subject: [PATCH 6/6] [client-python] fix

---
 pycti/api/opencti_api_internal_file.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pycti/api/opencti_api_internal_file.py b/pycti/api/opencti_api_internal_file.py
index fe8c0df33..a49b04079 100644
--- a/pycti/api/opencti_api_internal_file.py
+++ b/pycti/api/opencti_api_internal_file.py
@@ -6,8 +6,8 @@ def __init__(self, api):
 
     def delete(self, **kwargs):
         item = kwargs.get("item", None)
-        fileName = self.api.get_attribute_in_extension("id", item)
-        if fileName is not None:
+        file_name = self.api.get_attribute_in_extension("id", item)
+        if file_name is not None:
             query = """
                 mutation InternalFileDelete($fileName: String) {
                     deleteImport(fileName: $fileName)
@@ -16,7 +16,7 @@ def delete(self, **kwargs):
             self.api.query(
                 query,
                 {
-                    "fileName": fileName,
+                    "fileName": file_name,
                 },
             )
         else: