-
Notifications
You must be signed in to change notification settings - Fork 930
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User unable to export filtered indicators #8407
Comments
At first, I did not reproduced. But then after syncing with @EinatAR I reproduced. It's important to note that Allowed markings for the repro cases are TLP:AMBER, TLP:AMBER+STRICT, TLP:GREEN, TLP:CLEAR and Maximum Shareable marking TLP = no restriction However, it's important to note that:
|
We should also try to fix : the export button is available even if you do not have the capability |
@JeremyCloarec Important to note that it seems to happen only on testing for me |
The bug comes from the fact that the indicators have an Author that is not accessible by the user, and the connector trying to access the standard_id of the Author. The bug can be reproduced using this query with the user not having access to TLP:RED : I'm not entirely sure how to fix it for now though |
As the logic for now of the export do not use the stix generation from the API, i think we need to modify the export connector code to ignore the error when the creator is not accessible, and so export the indicator without his organization |
Description
Issue might be related to this issue: #8405
This is how the bug originally reported, on a user with the capabilities to Generate Knowledge Export, unable to export in txt/plain or csv/txt and receives an error message.
Reproducible Steps
Filter on "In regards of" -> Malware -> Lumma
Pick a few from the list and check the boxes
Click Open Export Panel
Click +
To generate the export in plain/txt:
Expected Output
Generate an export
Actual Output
Receiving an error :
The text was updated successfully, but these errors were encountered: