Container refs queries do not respect the direction when container to container

[SamuelHassine]

Description

• A report is a container and then can contain entities
• A note is a container and then contain entities

When creating a note in a report, the direction SHOULD be note => object_refs => report (the note actually CONTAINS the report).

Then, when getting the report object refs, note SHOULD NOT be included.

In the master branch:

• Create a report
• In the report, create a new note

Check the object_refs of the report in the query of the graph:

The note SHOULD not be here.

This is the same for opinions.

Same, opinions should not be displayed as "related entities" in cases. Related entities are all entities contained in the objects_refs of the case. And when creating an opinion in a case, the case in contained in the opinion object_refs, but here:

Opinions from the top right graph SHOULD NOT be displayed in the "Related entities".

[RomuDeuxfois]

We have the from and to specified in DB for a Stix-Ref-Relationship :

Maybe, we can filter on it in back-end to retrieve the Stix-Ref-Relationship wanted. To do that, we need to use the stix-meta-relationship and stix-cyber-obersable-relationship Index to retrieve the from and to. This can cause performance issues.

Or we can extend the new Stix-Ref-Relationship API to handle this case.

⚠️ We have this problem in other relationships (like linked_to_ref)