jborozco
commented
4 months ago Open JeremyCloarec opened 4 months ago
jborozco
commented
4 months ago 
JeremyCloarec
commented
4 months ago More info on the bug: the bug occurs on all queries using the "regardingOf" filter. The "regardingOf" filter uses the denormalized refs of entities to filter for relations (it checks if rel_relationType exists/targets ids given in regardingOf). But by doing so, it doesn't check for access restrictions on the filtered relations. To fix the "regardingOf" filter, we need a way to also check for access restrictions to the relations
richard-julien
commented
3 months ago Known technical limitation. We need to talk about this
aHenryJard
commented
1 month ago Reopening since the PR has been revert.
Jipegien
commented
1 month ago is @JeremyCloarec still on this?
JeremyCloarec
commented
1 month ago Yes, I will work on a new fix
JeremyCloarec
commented
1 month ago Placing this bug on pause. Fixing it requires current rework of denormalized relations to be finished.
Description
"Entities view" in knowledge panel doesn't filter out entities with the markings of their relationship. When switching to "Relationships view", markings are properly applied. I found this bug on the malware panel bug the bug should be the same for other entities.
Environment
Reproducible Steps
Steps to create the smallest reproducible scenario:
Expected Output
User B can see both relationship targets in Entities view
Actual Output
User B can only see the TLP:GREEN relationship target in Entities view
Additional information
Bug doesn't occur only on Victimology tab but on other tabs also (tested and reproduced on Threat actors tab, I assume that the bug is there on all tabs)
Relationships view with TLP:GREEN user:
Relationships view with TLP:RED user:
Entities view with both users:
