The introduction of confidence level to Users and Groups will leave existing platforms in a potentially unstable state: the existing users and groups are not migrated to any confidence value, and it will be mandatory to have a proper confidence policy implemented to each platform according to the CTI team needs.

There will be a delay between the introduction of confidence levels and their usage in the platform ingestion mechanisms. Admins will have time to setup their confidence policy, then update to the next version of OpenCTI that leverages it into the platform internals.

This issue i about providing platform admins with tools to facilitate greatly the implementation of their confidence policy across users and groups.

The easiest way to tackle this problem is to configure the existing groups with a max confidence level.
As Users are members of groups (if not, it means they do not have any permissions in the app), they will inherit the group(s) confidence level properly.

subtasks

• add a popup dialog at the start of the platform (login or refresh) that warns platform admins that there is problems with their confidence policy. Specifically, we warn about groups without confidence level set. No issue, no popup.
• Highlight in the UI issues with users and groups without confidence level, with alerts, icons, and tooltips
• add the ability to select groups when creating a user (if groups are specified this way, they overrides the default groups that have been set in the platform)
• show group max confidence level in the Select UI when creating a user
• show groups confidence level in the user edition > group tab

linked to

• Add Confidence level on Users #4304
• Managing max confidence level at Group level #4901
• Add per-entity overrides for user and group confidence level #5694
• Assert User's confidence when updating or inserting data in the platform #5695
• Assert associated User's confidence when ingesting data from streams, feeds and connectors #5697
• Enforce input validation against schema for patching object attributes #5696