Skip to content
This repository was archived by the owner on Dec 5, 2025. It is now read-only.

Commit 8f8eb58

Browse files
JeremyCloarecJeremyCloarec
committed
[client] always do work queries without impersonation
1 parent 8a798e4 commit 8f8eb58

File tree

3 files changed

+23
-37
lines changed

3 files changed

+23
-37
lines changed

pycti/api/opencti_api_client.py

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -264,13 +264,15 @@ def set_retry_number(self, retry_number):
264264
"" if retry_number is None else str(retry_number)
265265
)
266266

267-
def query(self, query, variables=None):
267+
def query(self, query, variables=None, disable_impersonate=False):
268268
"""submit a query to the OpenCTI GraphQL API
269269
270270
:param query: GraphQL query string
271271
:type query: str
272272
:param variables: GraphQL query variables, defaults to {}
273273
:type variables: dict, optional
274+
:param disable_impersonate: removes impersonate header if set to True, defaults to False
275+
:type disable_impersonate: bool, optional
274276
:return: returns the response json content
275277
:rtype: Any
276278
"""
@@ -295,6 +297,9 @@ def query(self, query, variables=None):
295297
else:
296298
query_var[key] = val
297299

300+
query_headers = self.request_headers
301+
if disable_impersonate and "opencti-applicant-id" in query_headers:
302+
del query_headers["opencti"]
298303
# If yes, transform variable (file to null) and create multipart query
299304
if len(files_vars) > 0:
300305
multipart_data = {
@@ -361,7 +366,7 @@ def query(self, query, variables=None):
361366
self.api_url,
362367
data=multipart_data,
363368
files=multipart_files,
364-
headers=self.request_headers,
369+
headers=query_headers,
365370
verify=self.ssl_verify,
366371
cert=self.cert,
367372
proxies=self.proxies,
@@ -372,7 +377,7 @@ def query(self, query, variables=None):
372377
r = self.session.post(
373378
self.api_url,
374379
json={"query": query, "variables": variables},
375-
headers=self.request_headers,
380+
headers=query_headers,
376381
verify=self.ssl_verify,
377382
cert=self.cert,
378383
proxies=self.proxies,

pycti/api/opencti_api_work.py

Lines changed: 15 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ def to_received(self, work_id: str, message: str):
2020
}
2121
}
2222
"""
23-
self.api.query(query, {"id": work_id, "message": message})
23+
self.api.query(query, {"id": work_id, "message": message}, True)
2424

2525
def to_processed(self, work_id: str, message: str, in_error: bool = False):
2626
if self.api.bundle_send_to_queue:
@@ -35,7 +35,7 @@ def to_processed(self, work_id: str, message: str, in_error: bool = False):
3535
}
3636
"""
3737
self.api.query(
38-
query, {"id": work_id, "message": message, "inError": in_error}
38+
query, {"id": work_id, "message": message, "inError": in_error}, True
3939
)
4040

4141
def ping(self, work_id: str):
@@ -60,7 +60,7 @@ def report_expectation(self, work_id: str, error):
6060
}
6161
"""
6262
try:
63-
self.api.query(query, {"id": work_id, "error": error})
63+
self.api.query(query, {"id": work_id, "error": error}, True)
6464
except:
6565
self.api.app_logger.error("Cannot report expectation")
6666

@@ -78,7 +78,9 @@ def add_expectations(self, work_id: str, expectations: int):
7878
}
7979
"""
8080
try:
81-
self.api.query(query, {"id": work_id, "expectations": expectations})
81+
self.api.query(
82+
query, {"id": work_id, "expectations": expectations}, True
83+
)
8284
except:
8385
self.api.app_logger.error("Cannot report expectation")
8486

@@ -96,7 +98,9 @@ def add_draft_context(self, work_id: str, draft_context: str):
9698
}
9799
"""
98100
try:
99-
self.api.query(query, {"id": work_id, "draftContext": draft_context})
101+
self.api.query(
102+
query, {"id": work_id, "draftContext": draft_context}, True
103+
)
100104
except:
101105
self.api.app_logger.error("Cannot report draft context")
102106

@@ -111,7 +115,9 @@ def initiate_work(self, connector_id: str, friendly_name: str) -> str:
111115
}
112116
"""
113117
work = self.api.query(
114-
query, {"connectorId": connector_id, "friendlyName": friendly_name}
118+
query,
119+
{"connectorId": connector_id, "friendlyName": friendly_name},
120+
True,
115121
)
116122
return work["data"]["workAdd"]["id"]
117123

@@ -122,10 +128,7 @@ def delete_work(self, work_id: str):
122128
delete
123129
}
124130
}"""
125-
work = self.api.query(
126-
query,
127-
{"workId": work_id},
128-
)
131+
work = self.api.query(query, {"workId": work_id}, True)
129132
return work["data"]
130133

131134
def wait_for_work_to_finish(self, work_id: str):
@@ -179,10 +182,7 @@ def get_work(self, work_id: str) -> Dict:
179182
}
180183
}
181184
"""
182-
result = self.api.query(
183-
query,
184-
{"id": work_id},
185-
)
185+
result = self.api.query(query, {"id": work_id}, True)
186186
return result["data"]["work"]
187187

188188
def get_connector_works(self, connector_id: str) -> List[Dict]:
@@ -243,6 +243,7 @@ def get_connector_works(self, connector_id: str) -> List[Dict]:
243243
"filterGroups": [],
244244
},
245245
},
246+
True,
246247
)
247248
result = result["data"]["works"]["edges"]
248249
return_value = []

pycti/utils/opencti_stix2.py

Lines changed: 0 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -2501,10 +2501,6 @@ def import_item(
25012501
if work_id is not None:
25022502
item_str = json.dumps(item)
25032503
# report expectation without impersonated user
2504-
current_applicant_id = self.opencti.get_request_headers()[
2505-
"opencti-applicant-id"
2506-
]
2507-
self.opencti.set_applicant_id_header("")
25082504
self.opencti.work.report_expectation(
25092505
work_id,
25102506
{
@@ -2514,7 +2510,6 @@ def import_item(
25142510
),
25152511
},
25162512
)
2517-
self.opencti.set_applicant_id_header(current_applicant_id)
25182513
return False
25192514
try:
25202515
self.opencti.set_retry_number(processing_count)
@@ -2652,12 +2647,7 @@ def import_item(
26522647
self.import_object(item, update, types)
26532648
if work_id is not None:
26542649
# report expectation without impersonated user
2655-
current_applicant_id = self.opencti.get_request_headers()[
2656-
"opencti-applicant-id"
2657-
]
2658-
self.opencti.set_applicant_id_header("")
26592650
self.opencti.work.report_expectation(work_id, None)
2660-
self.opencti.set_applicant_id_header(current_applicant_id)
26612651
bundles_success_counter.add(1)
26622652
return True
26632653
except (RequestException, Timeout):
@@ -2715,18 +2705,13 @@ def import_item(
27152705
if work_id is not None:
27162706
self.opencti.work.api.set_draft_id("")
27172707
# report expectation without impersonated user
2718-
current_applicant_id = self.opencti.get_request_headers()[
2719-
"opencti-applicant-id"
2720-
]
2721-
self.opencti.set_applicant_id_header("")
27222708
self.opencti.work.report_expectation(
27232709
work_id,
27242710
{
27252711
"error": error,
27262712
"source": "Draft in read only",
27272713
},
27282714
)
2729-
self.opencti.set_applicant_id_header(current_applicant_id)
27302715
return False
27312716
# Platform does not know what to do and raises an error:
27322717
# That also works for missing reference with too much execution
@@ -2735,10 +2720,6 @@ def import_item(
27352720
if work_id is not None:
27362721
item_str = json.dumps(item)
27372722
# report expectation without impersonated user
2738-
current_applicant_id = self.opencti.get_request_headers()[
2739-
"opencti-applicant-id"
2740-
]
2741-
self.opencti.set_applicant_id_header("")
27422723
self.opencti.work.report_expectation(
27432724
work_id,
27442725
{
@@ -2750,7 +2731,6 @@ def import_item(
27502731
),
27512732
},
27522733
)
2753-
self.opencti.set_applicant_id_header(current_applicant_id)
27542734
return False
27552735

27562736
def import_bundle(

0 commit comments

Comments
 (0)