Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mechanisms inconsistency when "enforce reference" is activated #5884

Closed
Lhorus6 opened this issue Feb 9, 2024 · 6 comments · Fixed by #6175
Closed

Mechanisms inconsistency when "enforce reference" is activated #5884

Lhorus6 opened this issue Feb 9, 2024 · 6 comments · Fixed by #6175
Assignees
@JeremyCloarec
Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 6.0.9

Comments

@Lhorus6
Copy link

Lhorus6 commented Feb 9, 2024
edited

Description

Starting point : "enforce reference" is activated on Report.

If I want to add an object to my report (from the Knowledge view, or entities, or observables), I get a "Validation error" because I haven't validated my change with a reference. I can't do this because the pop-up doesn't appear. To understand what pop-up I'm talking about, try modifying the report description and this time the pop-up will appear.

Additional information

  • If I try this time to create an entity or relationship to add directly to my report from knowledge graph, I also get this error but note that the object is created (it's just not added to my report because of the lack of reference).
  • If I validate a workbench from the data tab of a report, its execution works (my entities are well created on my platform) but I still get the "Validation error" and my objects are not added to my report, still for the same problem.

Environment

OCTI 5.12.29

Reproducible Steps

Steps to create the smallest reproducible scenario:

  1. Activate "enforce reference" on Report (settings > customization > report)
  2. Navigate on the "Entities" tab of a Report
  3. Try to add an entity

EDIT: WARNING

If your have the "Bypass all capabilities" or "Bypass mandatory references if any" right, you bypass the "enforce reference" policy and therefore don't reproduce the bug (because it's as if the policy wasn't activated).

Expected Output

Obtain the pop up allowing me to add the reference needed
@Lhorus6 Lhorus6 added bug use for describing something not working as expected needs triage use to identify issue needing triage from Filigran Product team labels Feb 9, 2024
@SamuelHassine SamuelHassine added this to the Release 6.0.0 milestone Feb 9, 2024
@nino-filigran
Copy link

@Lhorus6 I do not get the same result, but there's definitively something going on:

Activate "enforce reference" on Report (settings > customization > report)
Navigate on the "Entities" tab of a Report
Try to add an entity
-> For me the entity is added, but I do not get the pop up

Activate "enforce reference" on Report (settings > customization > report)
Navigate on the "Entities" tab of a Report
Update the report (any field)
Click on "validate wihtout reference"
The screen remains blocked on the drawer component. However, my field is correctly updated.

If I try this time to create an entity or relationship to add directly to my report from knowledge graph, I also get this error but note that the object is created (it's just not added to my report because of the lack of reference).
-> I do not get the validation error.

@nino-filigran nino-filigran removed the needs triage use to identify issue needing triage from Filigran Product team label Feb 12, 2024
@Lhorus6
Copy link
Author

Lhorus6 commented Feb 12, 2024

@nino-filigran What is your user configuration? If you have the "bypass all" right, you bypass the enforce reference policy.
This is something I should have warned about in the issue... I'll add it

@Lhorus6
Copy link
Author

Lhorus6 commented Feb 13, 2024

After a quick look, it seems related to this : #4839

@JeremyCloarec JeremyCloarec self-assigned this Feb 14, 2024
@JeremyCloarec
Copy link
Contributor

@Lhorus6 I was able to reproduce the bug from your description. We'll look into it

@JeremyCloarec
Copy link
Contributor

JeremyCloarec commented Feb 21, 2024
edited

I tested most of the entities with the references enforced to analyze the scope of the bug, here are some of my findings.

  • In all containers (Report/Groupings/Observed Data/Cases), adding observables/entities from anywhere throw a validation error because there is no popup for adding a reference
  • In all entities that can be shared to an orga, the sharing fails for the same reason: we get a validation error because no popup opens
  • Malware analysis can't be created because the form asks for a reference even when one is already entered. They also can't seem to be edited because the external reference is not accepted on validation of an edition
  • Not sure if this is a bug or intented behavior, but external references can always be removed from an entity (even when references are enforced)
  • In malware analysis and malwares, we can't add nested objects: we get a validation error and no popup
  • In Cases, we can't add an origin of the case: we get a validation error and no popup
  • On multiple other entities, we can modify some fields without being asked for a reference, which seems inconsistent with previous behaviors. For exemple: Base on in Indicators, Affected softwares in Vulnerabilites, Course of action in Attack patterns etc...

@nino-filigran nino-filigran mentioned this issue Feb 22, 2024
Open
@nino-filigran
Copy link

For now, tackling only thhe issue of the reports as it was the main problem. The other issues will be tackled in this ticket: #6074

@JeremyCloarec JeremyCloarec mentioned this issue Feb 22, 2024
Closed
@Jipegien Jipegien modified the milestones: Release 6.0.1, Release 6.0.2 Feb 29, 2024
@JeremyCloarec JeremyCloarec mentioned this issue Feb 29, 2024
Merged
5 tasks
@JeremyCloarec JeremyCloarec linked a pull request Mar 4, 2024 that will close this issue
[backend/frontend] Fix enable references behavior when adding entities to containers #6175
Merged
5 tasks
@Jipegien Jipegien modified the milestones: Release 6.0.5, Release 6.0.6 Mar 4, 2024
@Jipegien Jipegien modified the milestones: Release 6.0.8, Release 6.0.9 Mar 20, 2024
SamuelHassine pushed a commit that referenced this issue Apr 3, 2024
@JeremyCloarec
[backend/frontend] Fix enable references behavior when adding entitie…
ddbbd7e 
…s to containers (#5884)
@SamuelHassine SamuelHassine added the solved use to identify issue that has been solved (must be linked to the solving PR) label Apr 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@JeremyCloarec JeremyCloarec

Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 6.0.9
6 participants
@richard-julien @SamuelHassine @Lhorus6 @Jipegien @nino-filigran @JeremyCloarec