Bug: Can't add Galaxy Clusters to Events if Tag Editor permission is not granted

[vincenzocaputo]

It seems that adding a galaxy cluster to an event is not possible if these conditions are met:

• The Connector Tag associated with the galaxy does not exist
• The user does not have the Tag Editor permission

The PyMISP method tag(misp_entity, tag, local=False) returns the following message error:

ERROR:pymisp:Something went wrong (403): {'saved': False, 'name': 'Could not attachTagToObject Tag', 'message': 'Could not attachTagToObject Tag', 'url': '/tags/attachTagToObject', 'errors': 'Failed to attach 1 tags. Reasons: {"0":"Tag not found and insufficient privileges to create it."}'}

However, the same user can attach the Galaxy Cluster to the Event via GUI, triggering the connector tag creation.

[SunsetR]

Hello, I encountered the same issue when updating events. Events can only be updated successfully when there are tag labels associated with the galaxy. Do you have any new solutions for this?🫡

[Rafiot]

This is odd it works via the GUI, not being to create tag when the user doesn't have the Tag Editor perms is working as it should be.

Any idea @mokaddem @iglocska @righel ?

[vincenzocaputo]

This is odd it works via the GUI, not being to create tag when the user doesn't have the Tag Editor perms is working as it should be.

Any idea @mokaddem @iglocska @righel ?

Yes, it works as it should but as far as I know at the moment the most convenient (and recommended) way to add a galaxy cluster to an event is to use connector tags (see also your response here.

Maybe the add_galaxy function should be used in these cases?

[iglocska]

This is odd it works via the GUI, not being to create tag when the user doesn't have the Tag Editor perms is working as it should be.

Sounds like there (correctly) is an exception for that case in place, however, it also sounds like it's not adhered to everywhere. Definitely one to fix on MISP side.