PyPI - pycti - Versions diffs - 6.4.11__tar.gz → 6.5.1__tar.gz - Mend

@@ -2407,6 +2407,19 @@ class OpenCTIStix2:
         return bundle
+    def apply_patch(self, item):
+        input = item["opencti_field_patch"]
+        if item["type"] == "relationship":
+            self.opencti.stix_core_relationship.update_field(id=item["id"], input=input)
+        elif item["type"] == "sighting":
+            self.opencti.stix_sighting_relationship.update_field(
+                id=item["id"], input=input
+            )
+        elif StixCyberObservableTypes.has_value(item["type"]):
+            self.opencti.stix_cyber_observable.update_field(id=item["id"], input=input)
+        else:
+            self.opencti.stix_domain_object.update_field(id=item["id"], input=input)
     def import_item(
         self,
         item,
@@ -2426,6 +2439,8 @@ class OpenCTIStix2:
                     target_id = item["merge_target_id"]
                     source_ids = item["merge_source_ids"]
                     self.opencti.stix.merge(id=target_id, object_ids=source_ids)
+                elif item["opencti_operation"] == "patch":
+                    self.apply_patch(item=item)
                 else:
                     raise ValueError("Not supported opencti_operation")
             elif item["type"] == "relationship":

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: pycti
-Version: 6.4.11
+Version: 6.5.1
 Summary: Python API client for OpenCTI.
 Home-page: https://github.com/OpenCTI-Platform/client-python
 Author: Filigran

@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-__version__ = "6.4.11"
+__version__ = "6.5.1"
 from .api.opencti_api_client import OpenCTIApiClient
 from .api.opencti_api_connector import OpenCTIApiConnector

@@ -82,6 +82,24 @@ class OpenCTIApiWork:
             except:
                 self.api.app_logger.error("Cannot report expectation")
+    def add_draft_context(self, work_id: str, draft_context: str):
+        if self.api.bundle_send_to_queue:
+            self.api.app_logger.info(
+                "Update draft context",
+                {"work_id": work_id, "draft_context": draft_context},
+            )
+            query = """
+                mutation addDraftContext($id: ID!, $draftContext: String) {
+                    workEdit(id: $id) {
+                        addDraftContext(draftContext: $draftContext)
+                    }
+                }
+               """
+            try:
+                self.api.query(query, {"id": work_id, "draftContext": draft_context})
+            except:
+                self.api.app_logger.error("Cannot report draft context")
     def initiate_work(self, connector_id: str, friendly_name: str) -> str:
         if self.api.bundle_send_to_queue:
             self.api.app_logger.info("Initiate work", {"connector_id": connector_id})

@@ -1732,6 +1732,8 @@ class OpenCTIConnectorHelper:  # pylint: disable=too-many-public-methods
         if bundle_send_to_queue:
             if work_id:
                 self.api.work.add_expectations(work_id, expectations_number)
+                if draft_id:
+                    self.api.work.add_draft_context(work_id, draft_id)
             if entities_types is None:
                 entities_types = []
             if self.queue_protocol == "amqp":

@@ -3,7 +3,7 @@ import deprecation
 class StixCyberObservableDeprecatedMixin:
     """
-    deprecated [>=6.2 & <6.5]`
+    deprecated [>=6.2 & <6.8]`
     Promote a Stix-Observable to an Indicator
     :param id: the Stix-Observable id

pycti 6.4.11tar.gz → 6.5.1tar.gz