[api/frontend] Allow derived-from relations (#1059)

opencti-platform/opencti-front/src/private/components/nav/TopMenuIndicator.js

@@ -80,6 +80,28 @@ class TopMenuIndicator extends Component {
         >
           {t('Overview')}
         </Button>
+        <Button
+          component={Link}
+          to={`/dashboard/observations/indicators/${indicatorId}/knowledge`}
+          variant={
+            location.pathname.includes(
+              `/dashboard/observations/indicators/${indicatorId}/knowledge`,
+            )
+              ? 'contained'
+              : 'text'
+          }
+          size="small"
+          color={
+            location.pathname.includes(
+              `/dashboard/observations/indicators/${indicatorId}/knowledge`,
+            )
+              ? 'primary'
+              : 'inherit'
+          }
+          classes={{ root: classes.button }}
+        >
+          {t('Knowledge')}
+        </Button>
         <Button
           component={Link}
           to={`/dashboard/observations/indicators/${indicatorId}/sightings`}

opencti-platform/opencti-front/src/private/components/observations/indicators/Indicator.js

@@ -15,7 +15,7 @@ import StixDomainObjectOverview from '../../common/stix_domain_objects/StixDomai
 import StixCoreObjectExternalReferences from '../../analysis/external_references/StixCoreObjectExternalReferences';
 import StixCoreObjectLatestHistory from '../../common/stix_core_objects/StixCoreObjectLatestHistory';
 import IndicatorHeader from './IndicatorHeader';
-import IndicatorEntities from './IndicatorEntities';
+import SimpleStixObjectOrStixRelationshipStixCoreRelationships from '../../common/stix_core_relationships/SimpleStixObjectOrStixRelationshipStixCoreRelationships';
 
 const styles = () => ({
   container: {
@@ -55,7 +55,10 @@ class IndicatorComponent extends Component {
           style={{ marginTop: 25 }}
         >
           <Grid item={true} xs={6}>
-            <IndicatorEntities entityId={indicator.id} />
+            <SimpleStixObjectOrStixRelationshipStixCoreRelationships
+              stixObjectOrStixRelationshipId={indicator.id}
+              stixObjectOrStixRelationshipLink={`/dashboard/observations/indicators/${indicator.id}/knowledge`}
+            />
           </Grid>
           <Grid item={true} xs={6}>
             <StixCoreObjectOrStixCoreRelationshipLastReports

opencti-platform/opencti-front/src/private/components/observations/indicators/IndicatorEntities.js

@@ -2,8 +2,6 @@ import React, { Component } from 'react';
 import * as PropTypes from 'prop-types';
 import { compose } from 'ramda';
 import { withStyles } from '@material-ui/core/styles';
-import Typography from '@material-ui/core/Typography';
-import Paper from '@material-ui/core/Paper';
 import { QueryRenderer } from '../../../../relay/environment';
 import inject18n from '../../../../components/i18n';
 import ListLines from '../../../../components/list_lines/ListLines';
@@ -13,12 +11,9 @@ import IndicatorEntitiesLines, {
 import StixCoreRelationshipCreationFromEntity from '../../common/stix_core_relationships/StixCoreRelationshipCreationFromEntity';
 
 const styles = () => ({
-  paper: {
-    height: '100%',
-    minHeight: '100%',
-    margin: '-4px 0 0 0',
-    padding: '25px 15px 0 15px',
-    borderRadius: 6,
+  container: {
+    marginTop: 15,
+    paddingBottom: 70,
   },
 });
 
@@ -45,14 +40,19 @@ class IndicatorEntities extends Component {
     const { entityId } = this.props;
     const { sortBy, orderAsc } = this.state;
     const dataColumns = {
+      relationship_type: {
+        label: 'Relationship type',
+        width: '15%',
+        isSortable: true,
+      },
       entity_type: {
         label: 'Entity type',
-        width: '20%',
+        width: '15%',
         isSortable: false,
       },
       name: {
         label: 'Name',
-        width: '32%',
+        width: '30%',
         isSortable: false,
       },
       start_time: {
@@ -91,6 +91,7 @@ class IndicatorEntities extends Component {
               dataColumns={dataColumns}
               initialLoading={props === null}
               entityId={entityId}
+              displayRelation={true}
             />
           )}
         />
@@ -102,25 +103,20 @@ class IndicatorEntities extends Component {
     const {
       view, sortBy, orderAsc, searchTerm,
     } = this.state;
-    const {
-      classes, t, entityId, relationshipType,
-    } = this.props;
+    const { indicatorId, relationshipType, classes } = this.props;
     const paginationOptions = {
-      fromId: entityId,
-      relationship_type: relationshipType || 'indicates',
+      fromId: indicatorId,
+      relationship_type: relationshipType || 'stix-core-relationship',
       search: searchTerm,
       orderBy: sortBy,
       orderMode: orderAsc ? 'asc' : 'desc',
     };
     return (
-      <div style={{ height: '100%' }}>
-        <Typography variant="h4" gutterBottom={true} style={{ float: 'left' }}>
-          {t('Relations to threats')}
-        </Typography>
+      <div className={classes.container}>
+        {view === 'lines' ? this.renderLines(paginationOptions) : ''}
         <StixCoreRelationshipCreationFromEntity
           paginationOptions={paginationOptions}
-          entityId={entityId}
-          variant="inLine"
+          entityId={indicatorId}
           isRelationReversed={false}
           targetStixDomainObjectTypes={[
             'Threat-Actor',
@@ -130,19 +126,16 @@ class IndicatorEntities extends Component {
             'Tool',
             'Vulnerability',
             'Attack-Pattern',
+            'Indicator',
           ]}
         />
-        <div className="clearfix" />
-        <Paper classes={{ root: classes.paper }} elevation={2}>
-          {view === 'lines' ? this.renderLines(paginationOptions) : ''}
-        </Paper>
       </div>
     );
   }
 }
 
 IndicatorEntities.propTypes = {
-  entityId: PropTypes.string,
+  indicatorId: PropTypes.string,
   relationshipType: PropTypes.string,
   classes: PropTypes.object,
   t: PropTypes.func,

opencti-platform/opencti-front/src/private/components/observations/indicators/IndicatorEntityLine.js

@@ -61,7 +61,7 @@ class IndicatorEntityLineComponent extends Component {
         ? `/dashboard/signatures/indicators/${entityId}/knowledge/relations/${node.id}`
         : `${resolveLink(node.to.entity_type)}/${
           node.to.id
-        }/indicators/relations/${node.id}`
+        }/knowledge/relations/${node.id}`
       : null;
     return (
       <ListItem
@@ -110,9 +110,9 @@ class IndicatorEntityLineComponent extends Component {
                   ? node.to.entity_type === 'stix_relation'
                     || node.to.entity_type === 'stix-relation'
                     ? `${node.to.from.name} ${String.fromCharCode(8594)} ${
-                      node.to.to.name
+                      node.to.to.name || node.to.to.observable_value
                     }`
-                    : node.to.name
+                    : node.to.name || node.to.observable_value
                   : t('Restricted')}
               </div>
               <div
@@ -261,6 +261,9 @@ const IndicatorEntityLineFragment = createFragmentContainer(
             name
             description
           }
+          ... on StixCyberObservable {
+            observable_value
+          }
           ... on StixCoreRelationship {
             from {
               ... on AttackPattern {
@@ -317,6 +320,9 @@ const IndicatorEntityLineFragment = createFragmentContainer(
               ... on XOpenCTIIncident {
                 name
               }
+              ... on StixCyberObservable {
+                observable_value
+              }
             }
             to {
               ... on AttackPattern {
@@ -373,6 +379,9 @@ const IndicatorEntityLineFragment = createFragmentContainer(
               ... on XOpenCTIIncident {
                 name
               }
+              ... on StixCyberObservable {
+                observable_value
+              }
             }
           }
         }
@@ -397,15 +406,13 @@ class IndicatorEntityLineDummyComponent extends Component {
         <ListItemText
           primary={
             <div>
-              {displayRelation ? (
+              {displayRelation && (
                 <div
                   className={classes.bodyItem}
                   style={{ width: dataColumns.relationship_type.width }}
                 >
                   <div className="fakeItem" style={{ width: '80%' }} />
                 </div>
-              ) : (
-                ''
               )}
               <div
                 className={classes.bodyItem}

opencti-platform/opencti-front/src/private/components/observations/indicators/Root.js

@@ -13,6 +13,7 @@ import Loader from '../../../../components/Loader';
 import StixCoreObjectHistory from '../../common/stix_core_objects/StixCoreObjectHistory';
 import IndicatorHeader from './IndicatorHeader';
 import EntityStixSightingRelationships from '../../events/stix_sighting_relationships/EntityStixSightingRelationships';
+import IndicatorEntities from './IndicatorEntities';
 
 const subscription = graphql`
   subscription RootIndicatorSubscription($id: ID!) {
@@ -114,6 +115,19 @@ class RootIndicator extends Component {
                       </React.Fragment>
                     )}
                   />
+                  <Route
+                    exact
+                    path="/dashboard/observations/indicators/:indicatorId/knowledge"
+                    render={(routeProps) => (
+                      <React.Fragment>
+                        <IndicatorHeader indicator={props.indicator} />
+                        <IndicatorEntities
+                          {...routeProps}
+                          indicatorId={indicatorId}
+                        />
+                      </React.Fragment>
+                    )}
+                  />
                   <Route
                     exact
                     path="/dashboard/observations/indicators/:indicatorId/knowledge/relations/:relationId"

opencti-platform/opencti-front/src/utils/Localization.js

@@ -756,6 +756,7 @@ const i18n = {
       Timeline: 'Chronologie',
       'Total pending inserts': "Nombre d'insertions en attente",
       'Relations to threats': 'Relations vers des menaces',
+      'Relations to other entities': "Relations vers d'autres entités",
       'Context relations': 'Relations de contexte',
       'Direct relations creations': 'Créations de relations directes',
       'Number of target relations': 'Nombre de relations de ciblage',

opencti-platform/opencti-front/src/utils/Relation.js

@@ -55,6 +55,7 @@ const relationsTypesMapping = {
   'Indicator_Threat-Actor': ['indicates'],
   Indicator_Tool: ['indicates'],
   'Indicator_Observed-Data': ['based-on'],
+  Indicator_Indicator: ['derived-from'],
   Infrastructure_Infrastructure: [
     'communicates-with',
     'consists-of',

opencti-platform/opencti-graphql/src/database/stix.js

@@ -46,7 +46,7 @@ import {
   RELATION_COMPROMISES,
   RELATION_CONSISTS_OF,
   RELATION_CONTROLS,
-  RELATION_DELIVERS,
+  RELATION_DELIVERS, RELATION_DERIVED_FROM,
   RELATION_HAS,
   RELATION_HOSTS,
   RELATION_INDICATES,
@@ -59,8 +59,8 @@ import {
   RELATION_REVOKED_BY,
   RELATION_SUBTECHNIQUE_OF,
   RELATION_TARGETS,
-  RELATION_USES,
-} from '../schema/stixCoreRelationship';
+  RELATION_USES
+} from "../schema/stixCoreRelationship";
 import { isStixSightingRelationship } from '../schema/stixSightingRelationship';
 import { isStixCyberObservableRelationship } from '../schema/stixCyberObservableRelationship';
 import { isMultipleAttribute } from '../schema/fieldDataAdapter';
@@ -350,6 +350,7 @@ export const stixCoreRelationshipsMapping = {
   [`${ENTITY_TYPE_INDICATOR}_${ENTITY_TYPE_TOOL}`]: [RELATION_INDICATES],
   [`${ENTITY_TYPE_INDICATOR}_${ENTITY_TYPE_VULNERABILITY}`]: [RELATION_INDICATES],
   [`${ENTITY_TYPE_INDICATOR}_${ENTITY_TYPE_CONTAINER_OBSERVED_DATA}`]: [RELATION_BASED_ON],
+  [`${ENTITY_TYPE_INDICATOR}_${ENTITY_TYPE_INDICATOR}`]: [RELATION_DERIVED_FROM],
   [`${ENTITY_TYPE_INDICATOR}_${ABSTRACT_STIX_CYBER_OBSERVABLE}`]: [RELATION_BASED_ON],
   [`${ENTITY_TYPE_INDICATOR}_${RELATION_USES}`]: [RELATION_INDICATES],
   [`${ENTITY_TYPE_INFRASTRUCTURE}_${ENTITY_TYPE_INFRASTRUCTURE}`]: [