opencti
opencti copied to clipboard
OpenCTI-Platform
[frontend/backend] authorized members bypass organization sharing for case IR (#4538)
Proposed changes
- Add filter in elastic query to let user access entity if they is in authorized_members (even if user is member of the organization)
- backend tests
- Add refresh session if plateform organization is updated
- Ensure session is updated in the cache
- add 1 identity => +1 live event
- 5 create / 4 updates / 2 delete => +9 raw events
Related issues
- https://github.com/OpenCTI-Platform/opencti/issues/4538
Checklist
- [x] I consider the submitted work as finished
- [x] I tested the code for its functionality
- [x] I wrote test cases for the relevant uses case (coverage and e2e)
- [ ] I added/update the relevant documentation (either on github or on notion)
- [x] Where necessary I refactored code to improve the overall quality
Further comments
Codecov Report
Attention: Patch coverage is 66.66667% with 12 lines in your changes missing coverage. Please review.
Project coverage is 66.14%. Comparing base (
fc45e43) to head (81072e9). Report is 1 commits behind head on master.
Additional details and impacted files
@@ Coverage Diff @@
## master #8052 +/- ##
==========================================
- Coverage 66.15% 66.14% -0.01%
==========================================
Files 597 597
Lines 59899 59927 +28
Branches 6142 6151 +9
==========================================
+ Hits 39625 39639 +14
- Misses 20274 20288 +14
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
bug known:
accessing default dahsboard with a user from different organization is not possible