add a property to get sorted, deduped groups for a detection. this is particularly useful in site gen.

Author: pyth0n1c

contentctl/objects/detection_tags.py

@@ -33,7 +33,7 @@
     SecurityContentProductName,
     SecurityDomain,
 )
-from contentctl.objects.mitre_attack_enrichment import MitreAttackEnrichment
+from contentctl.objects.mitre_attack_enrichment import MitreAttackEnrichment, MitreAttackGroup
 
 
 class DetectionTags(BaseModel):
@@ -68,6 +68,13 @@ def kill_chain_phases(self) -> list[KillChainPhase]:
                 phases.add(phase)
         return sorted(list(phases))
 
+    @property
+    def unique_mitre_attack_groups(self)->list[MitreAttackGroup]:
+        group_set: set[MitreAttackGroup] = set()
+        for enrichment in self.enrichments:
+            group_set.update(set(enrichment.mitre_attack_group_objects))
+        return sorted(group_set, lambda k: k.group)
+
     # enum is intentionally Cis18 even though field is named cis20 for legacy reasons
     @computed_field
     @property

contentctl/objects/mitre_attack_enrichment.py

@@ -106,12 +106,3 @@ class MitreAttackEnrichment(BaseModel):
 
     def __hash__(self) -> int:
         return id(self)
-
-    @staticmethod
-    def getUniqueGroups(
-        enrichments: list[MitreAttackEnrichment],
-    ) -> list[MitreAttackGroup]:
-        group_set: set[MitreAttackGroup] = set()
-        for enrichment in enrichments:
-            group_set.update(set(enrichment.mitre_attack_group_objects))
-        return sorted(group_set)