pycti 6.1.2__py3-none-any.whl → 6.1.4__py3-none-any.whl

pycti/__init__.py

@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-__version__ = "6.1.2"
+__version__ = "6.1.4"
 
 from .api.opencti_api_client import OpenCTIApiClient
 from .api.opencti_api_connector import OpenCTIApiConnector

pycti/connector/opencti_connector_helper.py

@@ -262,17 +262,10 @@ class ListenQueue(threading.Thread):
                     raise ValueError(
                         "Internal enrichment must be based on a specific id"
                     )
-                default_reader_type = "Stix-Core-Object"
-                readers = self.helper.api.stix2.get_readers()
-                reader_type = (
-                    entity_type if entity_type is not None else default_reader_type
+                do_read = self.helper.api.stix2.get_reader(
+                    entity_type if entity_type is not None else "Stix-Core-Object"
                 )
-                selected_reader = (
-                    readers[reader_type]
-                    if reader_type in readers
-                    else readers[default_reader_type]
-                )
-                opencti_entity = selected_reader(id=entity_id, withFiles=True)
+                opencti_entity = do_read(id=entity_id, withFiles=True)
                 if opencti_entity is None:
                     raise ValueError(
                         "Unable to read/access to the entity, please check that the connector permission"

pycti/entities/opencti_stix_core_relationship.py

@@ -588,6 +588,7 @@ class StixCoreRelationship:
         external_references = kwargs.get("externalReferences", None)
         kill_chain_phases = kwargs.get("killChainPhases", None)
         granted_refs = kwargs.get("objectOrganization", None)
+        x_opencti_workflow_id = kwargs.get("x_opencti_workflow_id", None)
         update = kwargs.get("update", False)
 
         self.opencti.app_logger.info(
@@ -630,6 +631,7 @@ class StixCoreRelationship:
                     "objectOrganization": granted_refs,
                     "externalReferences": external_references,
                     "killChainPhases": kill_chain_phases,
+                    "x_opencti_workflow_id": x_opencti_workflow_id,
                     "update": update,
                 }
             },
@@ -1190,6 +1192,11 @@ class StixCoreRelationship:
                     if "x_opencti_granted_refs" in stix_relation
                     else None
                 ),
+                x_opencti_workflow_id=(
+                    stix_relation["x_opencti_workflow_id"]
+                    if "x_opencti_workflow_id" in stix_relation
+                    else None
+                ),
                 update=update,
             )
         else:

pycti/utils/opencti_stix2.py

@@ -754,48 +754,7 @@ class OpenCTIStix2:
             "reports": reports,
         }
 
-    def get_listers(self):
-        return {
-            "Stix-Core-Object": self.opencti.stix_core_object.list,
-            "Stix-Domain-Object": self.opencti.stix_domain_object.list,
-            "Administrative-Area": self.opencti.location.list,
-            "Attack-Pattern": self.opencti.attack_pattern.list,
-            "Campaign": self.opencti.campaign.list,
-            "Channel": self.opencti.channel.list,
-            "Event": self.opencti.event.list,
-            "Note": self.opencti.note.list,
-            "Observed-Data": self.opencti.observed_data.list,
-            "Opinion": self.opencti.opinion.list,
-            "Report": self.opencti.report.list,
-            "Grouping": self.opencti.grouping.list,
-            "Case-Incident": self.opencti.case_incident.list,
-            "Feedback": self.opencti.feedback.list,
-            "Case-Rfi": self.opencti.case_rfi.list,
-            "Case-Rft": self.opencti.case_rft.list,
-            "Task": self.opencti.task.list,
-            "Course-Of-Action": self.opencti.course_of_action.list,
-            "Data-Component": self.opencti.data_component.list,
-            "Data-Source": self.opencti.data_source.list,
-            "Identity": self.opencti.identity.list,
-            "Indicator": self.opencti.indicator.list,
-            "Infrastructure": self.opencti.infrastructure.list,
-            "Intrusion-Set": self.opencti.intrusion_set.list,
-            "Location": self.opencti.location.list,
-            "Language": self.opencti.language.list,
-            "Malware": self.opencti.malware.list,
-            "Malware-Analysis": self.opencti.malware_analysis.list,
-            "Threat-Actor": self.opencti.threat_actor_group.list,
-            "Threat-Actor-Group": self.opencti.threat_actor_group.list,
-            "Threat-Actor-Individual": self.opencti.threat_actor_individual.list,
-            "Tool": self.opencti.tool.list,
-            "Narrative": self.opencti.narrative.list,
-            "Vulnerability": self.opencti.vulnerability.list,
-            "Incident": self.opencti.incident.list,
-            "Stix-Cyber-Observable": self.opencti.stix_cyber_observable.list,
-            "stix-sighting-relationship": self.opencti.stix_sighting_relationship.list,
-            "stix-core-relationship": self.opencti.stix_core_relationship.list,
-        }
-
+    # Please use get_reader instead of this definition
     def get_readers(self):
         return {
             "Attack-Pattern": self.opencti.attack_pattern.read,
@@ -851,8 +810,11 @@ class OpenCTIStix2:
             entity_type = "Identity"
         if LocationTypes.has_value(entity_type):
             entity_type = "Location"
+        if entity_type == "Container":
+            entity_type = "Stix-Domain-Object"
         if StixCyberObservableTypes.has_value(entity_type):
             entity_type = "Stix-Cyber-Observable"
+
         readers = self.get_readers()
         return readers.get(
             entity_type, lambda **kwargs: self.unknown_type({"type": entity_type})
@@ -1872,7 +1834,7 @@ class OpenCTIStix2:
                 filters=relationships_from_filter
             )
             if len(x) > 0:
-                entity["sighting_of_ref"] = entity["from"]["id"]
+                entity["sighting_of_ref"] = entity["from"]["standard_id"]
                 # handle from and to separately like Stix Core Relationship and call 2 requests
                 objects_to_get.append(
                     entity["from"]
@@ -1886,7 +1848,7 @@ class OpenCTIStix2:
                 filters=relationships_to_filter
             )
             if len(y) > 0:
-                entity["where_sighted_refs"] = [entity["to"]["id"]]
+                entity["where_sighted_refs"] = [entity["to"]["standard_id"]]
                 objects_to_get.append(entity["to"])
 
             del entity["from"]
@@ -1903,7 +1865,7 @@ class OpenCTIStix2:
                 filters=relationships_from_filter
             )
             if len(x) > 0:
-                entity["source_ref"] = entity["from"]["id"]
+                entity["source_ref"] = entity["from"]["standard_id"]
                 # handle from and to separately like Stix Core Relationship and call 2 requests
                 objects_to_get.append(
                     entity["from"]
@@ -1918,7 +1880,7 @@ class OpenCTIStix2:
                 filters=relationships_to_filter
             )
             if len(y) > 0:
-                entity["target_ref"] = entity["to"]["id"]
+                entity["target_ref"] = entity["to"]["standard_id"]
                 objects_to_get.append(entity["to"])
             del entity["to"]
         # Stix Domain Object
@@ -2095,32 +2057,14 @@ class OpenCTIStix2:
 
             if no_custom_attributes:
                 del entity["x_opencti_id"]
-            # Export
-            reader = self.get_readers()
             # Get extra objects
             for entity_object in objects_to_get:
-                # Map types
-                if entity_object["entity_type"] == "StixFile":
-                    entity_object["entity_type"] = "File"
-
-                if IdentityTypes.has_value(entity_object["entity_type"]):
-                    entity_object["entity_type"] = "Identity"
-                elif LocationTypes.has_value(entity_object["entity_type"]):
-                    entity_object["entity_type"] = "Location"
-                elif StixCyberObservableTypes.has_value(entity_object["entity_type"]):
-                    entity_object["entity_type"] = "Stix-Cyber-Observable"
-                elif "stix-core-relationship" in entity_object["parent_types"]:
-                    entity_object["entity_type"] = "stix-core-relationship"
-                elif "stix-ref-relationship" in entity_object["parent_types"]:
-                    entity_object["entity_type"] = "stix-ref-relationship"
-
-                do_read = reader.get(
-                    entity_object["entity_type"],
-                    lambda **kwargs: self.unknown_type(
-                        {"type": entity_object["entity_type"]}
-                    ),
-                )
-
+                resolve_type = entity_object["entity_type"]
+                if "stix-core-relationship" in entity_object["parent_types"]:
+                    resolve_type = "stix-core-relationship"
+                if "stix-ref-relationship" in entity_object["parent_types"]:
+                    resolve_type = "stix-ref-relationship"
+                do_read = self.get_reader(resolve_type)
                 query_filters = self.prepare_id_filters_export(
                     entity_object["id"], access_filter
                 )
@@ -2225,20 +2169,7 @@ class OpenCTIStix2:
             "id": "bundle--" + str(uuid.uuid4()),
             "objects": [],
         }
-
-        if entity_type == "StixFile":
-            entity_type = "File"
-
-        # Map types
-        if IdentityTypes.has_value(entity_type):
-            entity_type = "Identity"
-        if LocationTypes.has_value(entity_type):
-            entity_type = "Location"
-
-        readers = self.get_readers()
-        do_read = readers.get(
-            entity_type, lambda **kwargs: self.unknown_type({"type": entity_type})
-        )
+        do_read = self.get_reader(entity_type)
         entity = do_read(id=entity_id)
         if entity is None:
             self.opencti.app_logger.error(

{pycti-6.1.2.dist-info → pycti-6.1.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pycti
-Version: 6.1.2
+Version: 6.1.4
 Summary: Python API client for OpenCTI.
 Home-page: https://github.com/OpenCTI-Platform/client-python
 Author: Filigran

{pycti-6.1.2.dist-info → pycti-6.1.4.dist-info}/RECORD

@@ -1,4 +1,4 @@
-pycti/__init__.py,sha256=-5gvj8jJoXHLHwvkydsZlMTdLp33NwBuRRKvoT1DyyY,5035
+pycti/__init__.py,sha256=wZBeVfDfWr21plXv-SmfxEqF3S574PQgFfuvn0yq-ns,5035
 pycti/api/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 pycti/api/opencti_api_client.py,sha256=fDeVJjExlsrTNYRf28LYhifz901JkdOZueCdvvko36Y,29575
 pycti/api/opencti_api_connector.py,sha256=fYF0Jy9KIMFNt1RC_A1rpWomVJ-oj5HiSsBem4W0J5U,3549
@@ -6,7 +6,7 @@ pycti/api/opencti_api_playbook.py,sha256=OkqDawpnMYIHz5sD4djlJ_KgORkfvQ7YbJwttxE
 pycti/api/opencti_api_work.py,sha256=JLfl7oy6Cq9IrYW_kUrqwzN46FoVzyIn1JJQKyK0h_w,7615
 pycti/connector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 pycti/connector/opencti_connector.py,sha256=0vrZ8Y8ecbxegAP1YhpX6ybOZahYjjOkcId51D1oBi4,2449
-pycti/connector/opencti_connector_helper.py,sha256=knJ4fWDTMouVcD_o00UfjHr_jVerrzudl9Aqhu1BigM,60606
+pycti/connector/opencti_connector_helper.py,sha256=MUo8Eq53qn0MDIfyWj-mEV1jUJVrFCH8ENtAS8j0s-Q,60311
 pycti/connector/opencti_metric_handler.py,sha256=4jXHeJflomtHjuQ_YU0b36TG7o26vOWbY_jvU8Ezobs,3725
 pycti/entities/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 pycti/entities/opencti_attack_pattern.py,sha256=ycAR0cReJ1dd_edQPAL6qBrFvvTx10GJFMTezyK91cg,21471
@@ -41,7 +41,7 @@ pycti/entities/opencti_opinion.py,sha256=SPcY8-0zRJCMle-eDLka-CFPyAqU3CnVVBtfVYh
 pycti/entities/opencti_report.py,sha256=zKoq3Kpo3afvFsw0QCBOaeVm9J_xRMBOZfJC7ZPRaRg,33580
 pycti/entities/opencti_stix.py,sha256=uMheSg8i1f2Ozx2Mk0iShWzHHjj6MMWDtV5nDjVxKEE,2275
 pycti/entities/opencti_stix_core_object.py,sha256=3jABOB_-vm2CSB6LU3ylxpSj_oixRCcfU3T10n2_MFU,49559
-pycti/entities/opencti_stix_core_relationship.py,sha256=cD825areOn2quv06M28YGE7A3bTQ8_Pxx1QW6JyoQBs,42895
+pycti/entities/opencti_stix_core_relationship.py,sha256=93E9sIiKIOYJtjzBecMBMOGoKNsgOJnrRi0HscmU6iA,43249
 pycti/entities/opencti_stix_cyber_observable.py,sha256=EOJuXeSmFcm4oI2rPOqxZ8QZq_ej_CTkYgCTtUkZwsk,106785
 pycti/entities/opencti_stix_domain_object.py,sha256=QI6uBbefNC_PQSwl0O5KpG4cWqa-15mIju8dwREzooU,78504
 pycti/entities/opencti_stix_nested_ref_relationship.py,sha256=2r1i7cUl-WWictlnC_MJrm9sTIt_yJe2uqTpQm-yo6o,12330
@@ -57,12 +57,12 @@ pycti/entities/opencti_vulnerability.py,sha256=dzJ0fZB2XrkPwT-cANr6atzYOWXF5nk0a
 pycti/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 pycti/utils/constants.py,sha256=Gj0fz94p0ApjCUCUqBQpFTfNslT021HS2w6M8azqXBY,10601
 pycti/utils/opencti_logger.py,sha256=0dvB75V0SuPFGxL539dAQrxTt1N5Acx0A3Ogwl5WMJ8,2199
-pycti/utils/opencti_stix2.py,sha256=DB48oDbAKyEwwowHU7_0_p9Y74hXRMaA0IkJ-eschYU,115786
+pycti/utils/opencti_stix2.py,sha256=7-AhzCrt0j28acGFbgTvXIAlUBI05zcYD5zmOAf-caY,112457
 pycti/utils/opencti_stix2_splitter.py,sha256=Ht9Mp-W3gbwxIKEr7i_5NYpcDr3TA2gYdC4TzOz0G4c,4496
 pycti/utils/opencti_stix2_update.py,sha256=CnMyqkeVA0jgyxEcgqna8sABU4YPMjkEJ228GVurIn4,14658
 pycti/utils/opencti_stix2_utils.py,sha256=4r9qglN3AIN8JH1B9Ts2o20Qn3K203M4c5-lIPzRpZ4,4138
-pycti-6.1.2.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
-pycti-6.1.2.dist-info/METADATA,sha256=b82hU_8nLqw4EasBlkMdZvl03q-CMk2RsLsGOioSpOE,5313
-pycti-6.1.2.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-pycti-6.1.2.dist-info/top_level.txt,sha256=cqEpxitAhHP4VgSA6xmrak6Yk9MeBkwoMTB6k7d2ZnE,6
-pycti-6.1.2.dist-info/RECORD,,
+pycti-6.1.4.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
+pycti-6.1.4.dist-info/METADATA,sha256=M2QbuEG6qBPN6MmV195krKAjx_boL3XUD1bCHm0PriE,5313
+pycti-6.1.4.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+pycti-6.1.4.dist-info/top_level.txt,sha256=cqEpxitAhHP4VgSA6xmrak6Yk9MeBkwoMTB6k7d2ZnE,6
+pycti-6.1.4.dist-info/RECORD,,