[client] Fix association of observables to indicators

Samuel Hassine · Samuel Hassine · commit 11f93713ccc7 · 2021-04-01T20:08:44.000+02:00
diff --git a/pycti/entities/opencti_indicator.py b/pycti/entities/opencti_indicator.py
@@ -108,6 +108,14 @@ def __init__(self, opencti):
             x_opencti_detection
             x_opencti_main_observable_type
             x_mitre_platforms
+            observables {
+                edges {
+                    node {
+                        id
+                        observable_value
+                    }
+                }
+            }
             killChainPhases {
                 edges {
                     node {
@@ -372,9 +380,9 @@ def create(self, **kwargs):
                 "[opencti_indicator] Missing parameters: name or pattern or x_opencti_main_observable_type",
             )
 
-    def add_stix_observable(self, **kwargs):
+    def add_stix_cyber_observable(self, **kwargs):
         """
-        Add a Stix-Observable object to Indicator object (based-on)
+        Add a Stix-Cyber-Observable object to Indicator object (based-on)
 
         :param id: the id of the Indicator
         :param indicator: Indicator object
@@ -406,21 +414,20 @@ def add_stix_observable(self, **kwargs):
                     + "}",
                 )
                 query = """
-                   mutation IndicatorEdit($id: ID!, $input: StixMetaRelationshipAddInput) {
-                       indicatorEdit(id: $id) {
-                            relationAdd(input: $input) {
-                                id
-                            }
-                       }
-                   }
+                    mutation StixCoreRelationshipAdd($input: StixCoreRelationshipAddInput!) {
+                        stixCoreRelationshipAdd(input: $input) {
+                            id
+                        }
+                    }
                 """
                 self.opencti.query(
                     query,
                     {
                         "id": id,
                         "input": {
+                            "fromId": id,
                             "toId": stix_cyber_observable_id,
-                            "through": "based-on",
+                            "relationship_type": "based-on",
                         },
                     },
                 )
diff --git a/setup.py b/setup.py
@@ -59,7 +59,7 @@ def run(self):
         "pika==1.2.0",
         "sseclient==0.0.27",
         "python-magic==0.4.18;sys.platform=='linux' or sys.platform=='darwin'",
-        "python-magic-bin==0.4.14;sys.platform=='win32'",
+        "python-magic-bin==0.4.14;sys.platform=='win32/'",
     ],
     cmdclass={"verify": VerifyVersionCommand},
     extras_require={
