diff --git a/opencti-platform/opencti-graphql/src/schema/stixDomainObject.ts b/opencti-platform/opencti-graphql/src/schema/stixDomainObject.ts index 1cc69735cd260..9ff70b5508596 100644 --- a/opencti-platform/opencti-graphql/src/schema/stixDomainObject.ts +++ b/opencti-platform/opencti-graphql/src/schema/stixDomainObject.ts @@ -186,8 +186,6 @@ export const STIX_ORGANIZATIONS_UNRESTRICTED = [ ABSTRACT_STIX_REF_RELATIONSHIP, ENTITY_TYPE_IDENTITY_ORGANIZATION, ENTITY_TYPE_IDENTITY_SECTOR, - ENTITY_TYPE_IDENTITY_SYSTEM, - ENTITY_TYPE_IDENTITY_INDIVIDUAL, ENTITY_TYPE_LOCATION, ENTITY_TYPE_WORK, // Work is defined as an history object ENTITY_TYPE_TAXII_COLLECTION, // TODO TaxiiCollection must be migrate to add according parent types diff --git a/opencti-platform/opencti-graphql/tests/02-integration/02-resolvers/container-organization-sharing-test.ts b/opencti-platform/opencti-graphql/tests/02-integration/02-resolvers/container-organization-sharing-test.ts new file mode 100644 index 0000000000000..2ecd9f633bc2d --- /dev/null +++ b/opencti-platform/opencti-graphql/tests/02-integration/02-resolvers/container-organization-sharing-test.ts @@ -0,0 +1,196 @@ +import { describe, expect, it } from 'vitest'; +import gql from 'graphql-tag'; +import { + ADMIN_API_TOKEN, + ADMIN_USER, + adminQuery, + API_URI, + FIVE_MINUTES, + getOrganizationIdByName, + PLATFORM_ORGANIZATION, + PYTHON_PATH, + TEST_ORGANIZATION, + testContext, + USER_EDITOR, +} from '../../utils/testQuery'; +import { adminQueryWithSuccess, queryAsUserWithSuccess } from '../../utils/testQueryHelper'; +import { findById } from '../../../src/domain/report'; +import { execChildPython } from '../../../src/python/pythonBridge'; + +const READ_QUERY = gql` + query caseIncident($id: String!) { + caseIncident(id: $id) { + id + standard_id + name + authorized_members { + id + access_right + } + currentUserAccessRight + } + } +`; + +const DELETE_QUERY = gql` + mutation CaseIncidentDelete($id: ID!) { + caseIncidentDelete(id: $id) + } +`; + +const PLATFORM_ORGANIZATION_QUERY = gql` + mutation PoliciesFieldPatchMutation($id: ID!, $input: [EditInput]!) { + settingsEdit(id: $id) { + fieldPatch(input: $input) { + platform_organization { + id + name + } + enterprise_edition + id + } + } + } +`; + +const ORGANIZATION_SHARING_QUERY = gql` + mutation StixCoreObjectSharingGroupAddMutation( + $id: ID! + $organizationId: ID! + ) { + stixCoreObjectEdit(id: $id) { + restrictionOrganizationAdd(organizationId: $organizationId) { + id + objectOrganization { + id + name + } + } + } + } +`; + +const importOpts: string[] = [API_URI, ADMIN_API_TOKEN, './tests/data/DATA-TEST-STIX2_v2.json']; + +describe('Database provision', () => { + it('Should import creation succeed', async () => { + // Inject data + const execution = await execChildPython(testContext, ADMIN_USER, PYTHON_PATH, 'local_importer.py', importOpts); + expect(execution).not.toBeNull(); + expect(execution.status).toEqual('success'); + }, FIVE_MINUTES); + // Python lib is fixed but we need to wait for a new release + it('Should import update succeed', async () => { + const execution = await execChildPython(testContext, ADMIN_USER, PYTHON_PATH, 'local_importer.py', importOpts); + expect(execution).not.toBeNull(); + expect(execution.status).toEqual('success'); + }, FIVE_MINUTES); +}); + +describe('Organization sharing standard behavior for container', () => { + let reportInternalId: string; + let organizationId: string; + let settingsInternalId: string; + let platformOrganizationId: string; + it('should load Report', async () => { + const report = await findById(testContext, ADMIN_USER, 'report--57162a65-2a58-560b-9a65-47c3f040f3d4'); // Report is in DATA-TEST-STIX_v2.json + reportInternalId = report.internal_id; + }); + it('should plateform organization sharing and EE activated', async () => { // TODO extract set/unset EE and orga platfor in testQueryHelpers + // Get organization id + platformOrganizationId = await getOrganizationIdByName(PLATFORM_ORGANIZATION.name); + + // Get settings ID + const SETTINGS_READ_QUERY = gql` + query settings { + settings { + id + platform_organization { + id + name + } + } + } + `; + const queryResult = await adminQuery({ query: SETTINGS_READ_QUERY, variables: {} }); + settingsInternalId = queryResult.data?.settings?.id; + + // Set plateform organization + const platformOrganization = await adminQueryWithSuccess({ + query: PLATFORM_ORGANIZATION_QUERY, + variables: { + id: settingsInternalId, + input: [ + { key: 'platform_organization', value: platformOrganizationId }, + { key: 'enterprise_edition', value: new Date().getTime() }, + ] + } + }); + expect(platformOrganization?.data?.settingsEdit.fieldPatch.platform_organization).not.toBeUndefined(); + expect(platformOrganization?.data?.settingsEdit.fieldPatch.enterprise_edition).not.toBeUndefined(); + expect(platformOrganization?.data?.settingsEdit.fieldPatch.platform_organization.name).toEqual(PLATFORM_ORGANIZATION.name); + }); + it('should share Report with Organization', async () => { + // Get organization id + organizationId = await getOrganizationIdByName(TEST_ORGANIZATION.name); + const organizationSharingQueryResult = await adminQueryWithSuccess({ + query: ORGANIZATION_SHARING_QUERY, + variables: { id: reportInternalId, organizationId } + }); + expect(organizationSharingQueryResult?.data?.stixCoreObjectEdit.restrictionOrganizationAdd).not.toBeNull(); + expect(organizationSharingQueryResult?.data?.stixCoreObjectEdit.restrictionOrganizationAdd.objectOrganization[0].name).toEqual(TEST_ORGANIZATION.name); + }); + it('should Editor user access all objects', async () => { + const REPORT_STIX_DOMAIN_ENTITIES = gql` + query report($id: String!) { + report(id: $id) { + id + standard_id + objects(first: 30) { + edges { + node { + ... on BasicObject { + id + standard_id + } + ... on BasicRelationship { + id + standard_id + } + } + } + } + } + } + `; + const queryResult = await queryAsUserWithSuccess(USER_EDITOR.client, { + query: REPORT_STIX_DOMAIN_ENTITIES, + variables: { id: reportInternalId }, + }); + expect(queryResult.data.report.objects.edges.length).toEqual(10); + }); + it.skip('should delete Report', async () => { + // Delete the case + await adminQuery({ + query: DELETE_QUERY, + variables: { id: reportInternalId }, + }); + // Verify is no longer found + const queryResult = await adminQueryWithSuccess({ query: READ_QUERY, variables: { id: reportInternalId } }); + expect(queryResult?.data?.caseIncident).toBeNull(); + }); + it.skip('should plateform organization sharing and EE deactivated', async () => { + // Remove plateform organization + const platformOrganization = await adminQueryWithSuccess({ + query: PLATFORM_ORGANIZATION_QUERY, + variables: { + id: settingsInternalId, + input: [ + { key: 'platform_organization', value: [] }, + { key: 'enterprise_edition', value: [] }, + ] + } + }); + expect(platformOrganization?.data?.settingsEdit.fieldPatch.platform_organization).toBeNull(); + }); +}); diff --git a/opencti-platform/opencti-graphql/tests/data/DATA-TEST-STIX2_v2.json b/opencti-platform/opencti-graphql/tests/data/DATA-TEST-STIX2_v2.json index de2f6ee8d15ac..5877ef83d0fca 100644 --- a/opencti-platform/opencti-graphql/tests/data/DATA-TEST-STIX2_v2.json +++ b/opencti-platform/opencti-graphql/tests/data/DATA-TEST-STIX2_v2.json @@ -982,6 +982,219 @@ "stop_time": "2020-02-29T23:00:00.000Z", "created_by_ref": "identity--7b82b010-b1c0-4dae-981f-7756374a17df", "object_marking_refs": ["marking-definition--78ca4366-f5b8-4764-83f7-34ce38198e27"] + }, + { + "id": "report--57162a65-2a58-560b-9a65-47c3f040f3d4", + "spec_version": "2.1", + "revoked": false, + "confidence": 100, + "created": "2024-09-12T09:47:15.000Z", + "modified": "2024-09-17T08:52:19.988Z", + "name": "organization sharing test", + "published": "2024-09-12T09:47:15.000Z", + "x_opencti_workflow_id": "19b6920b-9e66-4c3d-9b2e-d2bf072679a6", + "labels": [ + "test" + ], + "x_opencti_id": "b2412082-1829-4cdc-afd8-0eb466a9d1c8", + "x_opencti_type": "Report", + "type": "report", + "object_refs": [ + "ipv4-addr--cbd67181-b9f8-595b-8bc3-3971e34fa1cc", + "identity--08e1548d-f976-57df-97fc-286e6fb4e6ff", + "identity--01d38593-14c7-5bb1-b8b5-2f6f3809858c", + "identity--000a81f3-b583-51f6-81cd-21b52e322a7a", + "file--86b44f11-7d87-59b4-abf2-045fa0d98172", + "identity--09d26702-b557-58ef-86cb-f511909943c5", + "location--0359730b-8b68-596e-ad90-92f5e5f05062", + "location--45471973-3952-5edd-97b8-5341505abd20", + "indicator--0036303b-99e3-5ed2-9498-49c1ba8409dd", + "attack-pattern--90a3f7f1-d15e-5756-80cb-0f3b84be23b7" + ] + }, + { + "id": "ipv4-addr--cbd67181-b9f8-595b-8bc3-3971e34fa1cc", + "spec_version": "2.1", + "x_opencti_description": "this is a test", + "x_opencti_score": 0, + "value": "1.1.1.1", + "x_opencti_id": "c93f1a85-30fe-4c42-b874-5833e50946ae", + "x_opencti_type": "IPv4-Addr", + "type": "ipv4-addr" + }, + { + "id": "identity--e52b2fa3-2af0-5e53-ad38-17d54b3d61cb", + "spec_version": "2.1", + "identity_class": "organization", + "name": "AlienVault", + "x_opencti_reliability": "D - Not usually reliable", + "created": "2023-08-20T17:43:55.001Z", + "modified": "2024-07-16T15:06:24.952Z", + "x_opencti_organization_type": "vendor", + "x_opencti_id": "af7eb059-fee9-4a82-8587-ce9a7dda441a", + "x_opencti_type": "Organization", + "type": "identity" + }, + { + "id": "identity--08e1548d-f976-57df-97fc-286e6fb4e6ff", + "spec_version": "2.1", + "revoked": false, + "confidence": 45, + "created": "2023-08-23T06:05:34.697Z", + "modified": "2024-09-09T13:01:36.274Z", + "identity_class": "class", + "name": "Public Health", + "x_opencti_id": "8df446ee-4c5a-4b83-b175-cbfe5c3cdce3", + "x_opencti_type": "Sector", + "type": "identity", + "created_by_ref": "identity--e52b2fa3-2af0-5e53-ad38-17d54b3d61cb" + }, + { + "id": "identity--01d38593-14c7-5bb1-b8b5-2f6f3809858c", + "spec_version": "2.1", + "revoked": false, + "confidence": 100, + "created": "2024-03-28T09:18:58.835Z", + "modified": "2024-03-28T09:21:22.628Z", + "identity_class": "individual", + "name": "Indivual A", + "x_opencti_aliases": [ + "IndA", + "IndA ter" + ], + "x_opencti_id": "4e4a32a1-fe3b-43eb-824b-b6c3c5d92c39", + "x_opencti_type": "Individual", + "type": "identity" + }, + { + "id": "identity--000a81f3-b583-51f6-81cd-21b52e322a7a", + "spec_version": "2.1", + "revoked": false, + "confidence": 100, + "created": "2024-02-27T20:23:49.779Z", + "modified": "2024-09-12T13:28:26.033Z", + "identity_class": "system", + "name": "Gootkit C&C", + "x_opencti_id": "ad921110-2611-450a-b3d4-50197e4c9d45", + "x_opencti_type": "System", + "type": "identity" + }, + { + "id": "file--86b44f11-7d87-59b4-abf2-045fa0d98172", + "spec_version": "2.1", + "name": "activeds.dll", + "x_opencti_id": "9d3ed2cf-75bc-40f8-aeb0-b4448c3a2132", + "x_opencti_type": "StixFile", + "type": "file" + }, + { + "id": "identity--09d26702-b557-58ef-86cb-f511909943c5", + "spec_version": "2.1", + "revoked": false, + "confidence": 0, + "created": "2024-02-07T15:24:28.697Z", + "modified": "2024-02-07T15:24:28.697Z", + "identity_class": "organization", + "name": "iop", + "x_opencti_organization_type": "other", + "x_opencti_id": "2d10f4fa-4a78-407f-ac47-d72652aaba49", + "x_opencti_type": "Organization", + "type": "identity" + }, + { + "id": "identity--f29f12ba-3980-5642-9b3e-d11e9b296aed", + "spec_version": "2.1", + "identity_class": "organization", + "name": "Crowdstrike", + "contact_information": "crowdstrike.com", + "created": "2023-11-24T10:03:15.887Z", + "modified": "2024-09-09T13:02:05.899Z", + "x_opencti_id": "a3cf8078-e2f0-4796-8168-2c88008e3d9b", + "x_opencti_type": "Organization", + "type": "identity" + }, + { + "id": "location--0359730b-8b68-596e-ad90-92f5e5f05062", + "spec_version": "2.1", + "revoked": false, + "confidence": 0, + "created": "2023-12-08T09:31:17.992Z", + "modified": "2023-12-08T09:31:20.002Z", + "name": "Slovakia", + "x_opencti_aliases": [ + "SK" + ], + "x_opencti_location_type": "Country", + "country": "Slovakia", + "x_opencti_id": "bbbe2f55-603c-4c2f-a6e5-4fdfe3e9f373", + "x_opencti_type": "Country", + "type": "location", + "created_by_ref": "identity--f29f12ba-3980-5642-9b3e-d11e9b296aed" + }, + { + "id": "location--45471973-3952-5edd-97b8-5341505abd20", + "spec_version": "2.1", + "revoked": false, + "confidence": 0, + "created": "2023-12-08T09:31:17.992Z", + "modified": "2023-12-08T09:31:19.603Z", + "name": "North America", + "x_opencti_location_type": "Region", + "region": "North America", + "x_opencti_id": "431eb49a-a584-4ef7-99b6-3bf4d39a42df", + "x_opencti_type": "Region", + "type": "location", + "created_by_ref": "identity--f29f12ba-3980-5642-9b3e-d11e9b296aed" + }, + { + "id": "identity--b2a8fbec-b4fb-563c-a052-7b5b4ab23070", + "spec_version": "2.1", + "identity_class": "organization", + "name": "Recorded Future", + "contact_information": "recordedfuture.com", + "created": "2023-11-30T08:40:08.623Z", + "modified": "2024-06-06T09:53:22.957Z", + "x_opencti_id": "4a4b8079-399a-4f9d-ad53-53478ae4677f", + "x_opencti_type": "Organization", + "type": "identity" + }, + { + "id": "indicator--0036303b-99e3-5ed2-9498-49c1ba8409dd", + "spec_version": "2.1", + "revoked": false, + "confidence": 0, + "created": "2023-11-30T15:06:07.288Z", + "modified": "2024-09-17T08:52:27.631Z", + "pattern_type": "stix", + "pattern_version": "2.1", + "pattern": "[ipv4-addr:value = '72.18.130.48']", + "name": "72.18.130.48", + "valid_from": "2023-11-30T16:06:07.288Z", + "valid_until": "2024-11-29T16:06:07.288Z", + "x_opencti_score": 92, + "x_opencti_detection": false, + "x_opencti_main_observable_type": "Unknown", + "labels": [ + "test" + ], + "x_opencti_id": "6c19513d-6a44-402c-81ba-44d63bf03b5f", + "x_opencti_type": "Indicator", + "type": "indicator", + "created_by_ref": "identity--b2a8fbec-b4fb-563c-a052-7b5b4ab23070" + }, + { + "id": "attack-pattern--90a3f7f1-d15e-5756-80cb-0f3b84be23b7", + "spec_version": "2.1", + "revoked": false, + "confidence": 0, + "created": "2023-11-30T14:59:09.037Z", + "modified": "2024-09-17T08:52:27.689Z", + "name": "T1190", + "x_mitre_id": "T1190", + "x_opencti_id": "8c0942ab-da38-4b39-9755-9317c8b8a6bb", + "x_opencti_type": "Attack-Pattern", + "type": "attack-pattern", + "created_by_ref": "identity--b2a8fbec-b4fb-563c-a052-7b5b4ab23070" } ] }