[client] add remove from draft/share/unshare methods for sightings and relationships

JeremyCloarec · JeremyCloarec · commit d2ce9cb6de57 · 2025-06-13T16:52:01.000+02:00
diff --git a/pycti/entities/opencti_stix_core_relationship.py b/pycti/entities/opencti_stix_core_relationship.py
@@ -1247,3 +1247,88 @@ def import_from_stix2(self, **kwargs):
             self.opencti.app_logger.error(
                 "[opencti_stix_core_relationship] Missing parameters: stixObject"
             )
+
+
+"""
+        Share element to multiple organizations
+
+        :param entity_id: the stix_core_relationship id
+        :param organization_id:s the organization to share with
+        :return void
+    """
+
+
+def organization_share(self, entity_id, organization_ids, sharing_direct_container):
+    query = """
+            mutation StixCoreRelationshipEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
+                stixCoreRelationshipEdit(id: $id) {
+                    restrictionOrganizationAdd(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
+                      id
+                    }
+                }
+            }
+        """
+    self.opencti.query(
+        query,
+        {
+            "id": entity_id,
+            "organizationId": organization_ids,
+            "directContainerSharing": sharing_direct_container,
+        },
+    )
+
+
+"""
+    Unshare element from multiple organizations
+
+    :param entity_id: the stix_core_relationship id
+    :param organization_id:s the organization to share with
+    :return void
+"""
+
+
+def organization_unshare(self, entity_id, organization_ids, sharing_direct_container):
+    query = """
+            mutation StixCoreRelationshipEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
+                stixCoreRelationshipEdit(id: $id) {
+                    restrictionOrganizationDelete(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
+                      id
+                    }
+                }
+            }
+        """
+    self.opencti.query(
+        query,
+        {
+            "id": entity_id,
+            "organizationId": organization_ids,
+            "directContainerSharing": sharing_direct_container,
+        },
+    )
+
+
+"""
+        Remove a stix_core_relationship object from draft (revert)
+
+        :param id: the stix_core_relationship id
+        :return void
+    """
+
+
+def remove_from_draft(self, **kwargs):
+    id = kwargs.get("id", None)
+    if id is not None:
+        self.opencti.app_logger.info("Draft remove stix_core_relationship", {"id": id})
+        query = """
+                mutation StixCoreRelationshipEditDraftRemove($id: ID!) {
+                    stixCoreRelationshipEdit(id: $id) {
+                        removeFromDraft
+                    }
+                }
+            """
+        self.opencti.query(query, {"id": id})
+    else:
+        self.opencti.app_logger.error(
+            "[stix_core_relationship] Cant remove from draft, missing parameters: id"
+        )
+        return None
diff --git a/pycti/entities/opencti_stix_sighting_relationship.py b/pycti/entities/opencti_stix_sighting_relationship.py
@@ -802,6 +802,91 @@ def update_created_by(self, **kwargs):
             self.opencti.app_logger.error("Missing parameters: id")
             return False
 
+
+"""
+        Share element to multiple organizations
+
+        :param entity_id: the stix_sighting id
+        :param organization_id:s the organization to share with
+        :return void
+    """
+
+
+def organization_share(self, entity_id, organization_ids, sharing_direct_container):
+    query = """
+            mutation StixSightingRelationshipEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
+                stixSightingRelationshipEdit(id: $id) {
+                    restrictionOrganizationAdd(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
+                      id
+                    }
+                }
+            }
+        """
+    self.opencti.query(
+        query,
+        {
+            "id": entity_id,
+            "organizationId": organization_ids,
+            "directContainerSharing": sharing_direct_container,
+        },
+    )
+
+
+"""
+    Unshare element from multiple organizations
+
+    :param entity_id: the stix_sighting id
+    :param organization_id:s the organization to share with
+    :return void
+"""
+
+
+def organization_unshare(self, entity_id, organization_ids, sharing_direct_container):
+    query = """
+            mutation StixSightingRelationshipEdit($id: ID!, $organizationId: [ID!]!, $directContainerSharing: Boolean) {
+                stixSightingRelationshipEdit(id: $id) {
+                    restrictionOrganizationDelete(organizationId: $organizationId, directContainerSharing: $directContainerSharing) {
+                      id
+                    }
+                }
+            }
+        """
+    self.opencti.query(
+        query,
+        {
+            "id": entity_id,
+            "organizationId": organization_ids,
+            "directContainerSharing": sharing_direct_container,
+        },
+    )
+
+
+"""
+        Remove a stix_sighting object from draft (revert)
+
+        :param id: the stix_sighting id
+        :return void
+    """
+
+
+def remove_from_draft(self, **kwargs):
+    id = kwargs.get("id", None)
+    if id is not None:
+        self.opencti.app_logger.info("Draft remove stix_sighting", {"id": id})
+        query = """
+                mutation StixSightingRelationshipEditDraftRemove($id: ID!) {
+                    stixSightingRelationshipEdit(id: $id) {
+                        removeFromDraft
+                    }
+                }
+            """
+        self.opencti.query(query, {"id": id})
+    else:
+        self.opencti.app_logger.error(
+            "[stix_sighting] Cant remove from draft, missing parameters: id"
+        )
+        return None
+
     """
         Delete a stix_sighting
 
diff --git a/pycti/utils/opencti_stix2.py b/pycti/utils/opencti_stix2.py
@@ -2522,9 +2522,20 @@ def organization_share(self, item):
         )
         if sharing_direct_container is None:
             sharing_direct_container = item["sharing_direct_container"]
-        self.opencti.stix_core_object.organization_share(
-            item["id"], organization_ids, sharing_direct_container
-        )
+
+        if item["type"] == "relationship":
+            self.opencti.stix_core_relationship.organization_share(
+                item["id"], organization_ids, sharing_direct_container
+            )
+        elif item["type"] == "sighting":
+            self.opencti.stix_sighting_relationship.organization_share(
+                item["id"], organization_ids, sharing_direct_container
+            )
+        else:
+            # Element is considered stix core object
+            self.opencti.stix_core_object.organization_share(
+                item["id"], organization_ids, sharing_direct_container
+            )
 
     def organization_unshare(self, item):
         organization_ids = self.opencti.get_attribute_in_extension(
@@ -2537,9 +2548,19 @@ def organization_unshare(self, item):
         )
         if sharing_direct_container is None:
             sharing_direct_container = item["sharing_direct_container"]
-        self.opencti.stix_core_object.organization_unshare(
-            item["id"], organization_ids, sharing_direct_container
-        )
+        if item["type"] == "relationship":
+            self.opencti.stix_core_relationship.organization_unshare(
+                item["id"], organization_ids, sharing_direct_container
+            )
+        elif item["type"] == "sighting":
+            self.opencti.stix_sighting_relationship.organization_unshare(
+                item["id"], organization_ids, sharing_direct_container
+            )
+        else:
+            # Element is considered stix core object
+            self.opencti.stix_core_object.organization_unshare(
+                item["id"], organization_ids, sharing_direct_container
+            )
 
     def element_operation_delete(self, item, operation):
         # If data is stix, just use the generic stix function for deletion
@@ -2564,11 +2585,20 @@ def element_operation_delete(self, item, operation):
                     "Delete operation or not found stix helper", {"type": item["type"]}
                 )
 
+    def element_remove_from_draft(self, item):
+        if item["type"] == "relationship":
+            self.opencti.stix_core_relationship.remove_from_draft(id=item["id"])
+        elif item["type"] == "sighting":
+            self.opencti.stix_sighting_relationship.remove_from_draft(id=item["id"])
+        else:
+            # Element is considered stix core object
+            self.opencti.stix_core_object.remove_from_draft(id=item["id"])
+
     def apply_opencti_operation(self, item, operation):
         if operation == "delete" or operation == "delete_force":
             self.element_operation_delete(item=item, operation=operation)
         elif operation == "revert_draft":
-            self.opencti.stix_core_object.remove_from_draft(id=item["id"])
+            self.element_remove_from_draft(item=item)
         elif operation == "restore":
             self.opencti.trash.restore(item["id"])
         elif operation == "merge":
