validate linkbyids (#524)

center-for-threat-informed-defense · Jan 23, 2024 · a2062d9 · a2062d9
1 parent cf222c2
commit a2062d9
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 5 deletions.
diff --git a/app/src/app/classes/stix/stix-object.ts b/app/src/app/classes/stix/stix-object.ts
@@ -269,6 +269,17 @@ export abstract class StixObject extends Serializable {
         }
     }
 
+    /**
+     * Validate the object's ATT&CK ID
+     * This function handles cases in which the object has an organization prefix
+     * @returns true if the ATT&CK ID is valid, false otherwise
+     */
+    public isValidAttackId(): boolean {
+        let idRegex = new RegExp("^([A-Z]+-)?" + this.attackIDValidator.regex + "$");
+        let attackIDValid = idRegex.test(this.attackID);
+        return attackIDValid;
+    }
+
     /**
      * Validate the current object state and return information on the result of the validation
      * @abstract
@@ -356,9 +367,7 @@ export abstract class StixObject extends Serializable {
                                         "message": "ATT&CK ID is unique"
                                     })
                                 }
-                                let idRegex = new RegExp("^([A-Z]+-)?" + this.attackIDValidator.regex + "$");
-                                let attackIDValid = idRegex.test(this.attackID);
-                                if (!attackIDValid) {
+                                if (!this.isValidAttackId()) {
                                     result.errors.push({
                                         "result": "error",
                                         "field": "attackID",

diff --git a/...c/app/components/stix/descriptive-property/descriptive-view/descriptive-view.component.ts b/...c/app/components/stix/descriptive-property/descriptive-view/descriptive-view.component.ts
@@ -107,7 +107,12 @@ export class DescriptiveViewComponent implements OnInit {
             map((results: any) => {
                 let data = results.data as StixObject[];
                 // store retrieved objects in dictionary for quick lookup
-                data.forEach(obj => this.objectLookup[obj.attackID] = obj);
+                data.forEach(obj => {
+                    // objects must be validated in cases where more than one object is 
+                    // returned by the given ATT&CK ID, this occurs due to older versions 
+                    // of ATT&CK in which techniques shared their IDs with mitigations
+                    if (obj.isValidAttackId()) this.objectLookup[obj.attackID] = obj;
+                });
                 return results;
             })
         );
@@ -119,7 +124,7 @@ export class DescriptiveViewComponent implements OnInit {
     private replaceLinkByIds(displayStr: string, linkedIDs: string[]): string {
         for (let id of linkedIDs) {
             let obj = this.objectLookup[id];
-            if (obj && obj.name) {
+            if (obj?.name) {
                 let rep = `(LinkById: ${obj.attackID})`;
                 let target = this.config.mode == 'edit' ? ` target="_blank"` : ``; // open linked object in new tab when editing
                 let linkHTML = `<span><a href="${obj.attackType}/${obj.stixID}"${target}>${obj.name}</a></span>`;