-
Notifications
You must be signed in to change notification settings - Fork 799
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[backend] Improve stix loader and stream relation resolution #4154
Conversation
const toId = stixData.target_ref ?? stixData.where_sighted_refs[0]; | ||
const hasFrom = missingMap.has(fromId) || cache.has(fromId); | ||
const hasTo = missingMap.has(toId) || cache.has(toId); | ||
if (!hasFrom || !hasTo) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sur this is exactly what we want
If there are in a platform
- a sector : marking RED
- a sector : marking GREEN
- a relationship between this two sectors : marking GREEN
- user A : marking GREEN
If user A modify the relationship, the modification is not displayed in the stream
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Its exactly what is expected. If both part of the relation is not accessible the relation must not be published.
@@ -471,7 +472,7 @@ const loadElementsWithDependencies = async (context, user, elements, opts = {}) | |||
const message = `From ${element.fromId} is ${validFrom}, To ${element.toId} is ${validTo}`; | |||
logApp.warn(`Auto delete of invalid relation ${element.id}. ${message}`); | |||
// Auto deletion of the invalid relation | |||
await elDeleteElements(context, SYSTEM_USER, [element], storeLoadByIdWithRefs); | |||
// await elDeleteElements(context, SYSTEM_USER, [element], storeLoadByIdWithRefs); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why removing this ?
There are some side effects ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just forgot to remove the comment after some testing
There is conditions where an auto sanity mode think that the relation should be deleted.
Its due to our process that doesnt not use system user to resolve to be sure about the situation.
Also improve the stream to not publish the relation if one of the from/to is not accessible.