[backend] add authorized members when creating saved filters (#6044)

CelineSebe · web-flow · commit 5acf5c86f3fa · 2025-03-25T17:51:19.000+01:00
diff --git a/opencti-platform/opencti-graphql/src/modules/savedFilter/savedFilter-domain.ts b/opencti-platform/opencti-graphql/src/modules/savedFilter/savedFilter-domain.ts
@@ -1,17 +1,16 @@
-import { addFilter } from '../../utils/filtering/filtering-utils';
 import { type BasicStoreEntitySavedFilter, ENTITY_TYPE_SAVED_FILTER, type StoreEntitySavedFilter } from './savedFilter-types';
 import type { AuthContext, AuthUser } from '../../types/user';
 import { listEntitiesPaginated } from '../../database/middleware-loader';
 import type { QuerySavedFiltersArgs, SavedFilterAddInput } from '../../generated/graphql';
 import { createInternalObject, deleteInternalObject } from '../../domain/internalObject';
+import { MEMBER_ACCESS_RIGHT_ADMIN } from '../../utils/access';
 
 export const findAll = (context: AuthContext, user: AuthUser, args: QuerySavedFiltersArgs) => {
-  const queryFilters = addFilter(args.filters, 'creator_id', user.id);
-  const queryArgs = { ...args, filters: queryFilters };
-  return listEntitiesPaginated<BasicStoreEntitySavedFilter>(context, user, [ENTITY_TYPE_SAVED_FILTER], queryArgs);
+  return listEntitiesPaginated<BasicStoreEntitySavedFilter>(context, user, [ENTITY_TYPE_SAVED_FILTER], args);
 };
 export const addSavedFilter = (context: AuthContext, user: AuthUser, input: SavedFilterAddInput) => {
-  return createInternalObject<StoreEntitySavedFilter>(context, user, input, ENTITY_TYPE_SAVED_FILTER);
+  const savedFiltersToCreate = { ...input, restricted_members: [{ id: user.id, access_right: MEMBER_ACCESS_RIGHT_ADMIN }] };
+  return createInternalObject<StoreEntitySavedFilter>(context, user, savedFiltersToCreate, ENTITY_TYPE_SAVED_FILTER);
 };
 export const deleteSavedFilter = (context: AuthContext, user: AuthUser, savedFilterId: string) => {
   return deleteInternalObject(context, user, savedFilterId, ENTITY_TYPE_SAVED_FILTER);
diff --git a/opencti-platform/opencti-graphql/tests/02-integration/02-resolvers/savedFilterResolver-test.ts b/opencti-platform/opencti-graphql/tests/02-integration/02-resolvers/savedFilterResolver-test.ts
@@ -1,7 +1,7 @@
 import { describe, it, expect, beforeAll } from 'vitest';
 import gql from 'graphql-tag';
-import { ADMIN_USER, testContext } from '../../utils/testQuery';
-import { queryAsAdminWithSuccess } from '../../utils/testQueryHelper';
+import { ADMIN_USER, testContext, USER_EDITOR } from '../../utils/testQuery';
+import { queryAsAdminWithSuccess, queryAsUserWithSuccess } from '../../utils/testQueryHelper';
 import { elLoadById } from '../../../src/database/engine';
 
 const GET_SAVED_FILTERS_QUERY = gql`
@@ -90,7 +90,16 @@ describe('Saved Filter Resolver', () => {
         const savedFilters = result.data?.savedFilters.edges;
         expect(savedFilters).toBeDefined();
         expect(savedFilters.length).toEqual(1);
-        expect(savedFilters.length).toEqual(1);
+      });
+      it('gives the list of saved filters with restricted members', async () => {
+        const result = await queryAsUserWithSuccess(USER_EDITOR.client, {
+          query: GET_SAVED_FILTERS_QUERY,
+          variables: {},
+        });
+
+        const savedFilters = result.data?.savedFilters.edges;
+        expect(savedFilters).toBeDefined();
+        expect(savedFilters.length).toEqual(0);
       });
     });
   });
