[backend] feat(stix): fix pr feedbacks (#3511)

Author: gabriel-peze

…tifacts_column_to_security_coverage.java …tifacts_column_to_security_coverage.javaopenaev-api/src/main/java/io/openaev/migration/V4_73__Add_artifacts_column_to_security_coverage.java renamed to openaev-api/src/main/java/io/openaev/migration/V4_74__Add_artifacts_column_to_security_coverage.java openaev-api/src/main/java/io/openaev/migration/V4_73__Add_artifacts_column_to_security_coverage.java renamed to openaev-api/src/main/java/io/openaev/migration/V4_74__Add_artifacts_column_to_security_coverage.java

@@ -6,7 +6,7 @@
 import org.springframework.stereotype.Component;
 
 @Component
-public class V4_73__Add_artifacts_column_to_security_coverage extends BaseJavaMigration {
+public class V4_74__Add_artifacts_column_to_security_coverage extends BaseJavaMigration {
   @Override
   public void migrate(Context context) throws Exception {
     try (Statement stmt = context.getConnection().createStatement()) {

openaev-api/src/main/java/io/openaev/opencti/service/OpenCTIService.java

@@ -279,7 +279,12 @@ public Document downloadAndSaveFile(String uri, String name, String mimeType) {
         return documentService.upsert(
             name, octiFile.getInputStream(), octiFile.getSize(), mimeType, documentCreateInput);
       } catch (Exception e) {
-        throw new RuntimeException(e);
+        String errorMessage =
+            String.format(
+                "Error while upserting document from OpenCTI file (uri=%s, name=%s, mimeType=%s)",
+                uri, name, mimeType);
+        log.error(errorMessage, e);
+        throw new RuntimeException(errorMessage, e);
       }
     }
     return null;

openaev-api/src/main/java/io/openaev/service/stix/SecurityCoverageService.java

@@ -644,9 +644,8 @@ private BaseType<?> getArtifactCoverage(List<String> externalRefs, Exercise simu
                 .filter(
                     inject ->
                         inject.getPayload().isPresent()
-                            && inject.getPayload().get() instanceof FileDrop
-                            && documentIds.contains(
-                                ((FileDrop) inject.getPayload().get()).getFileDropFile().getId()))
+                            && inject.getPayload().get() instanceof FileDrop fileDrop
+                            && documentIds.contains(fileDrop.getFileDropFile().getId()))
                 .toList(),
         inject ->
             Optional.ofNullable(inject)

openaev-api/src/main/java/io/openaev/utils/SecurityCoverageUtils.java

@@ -107,10 +107,11 @@ public Set<StixRefToExternalRef> extractObjectReferences(List<ObjectBase> object
           && obj.hasExtension(ExtendedProperties.OPENCTI_EXTENSION_DEFINITION)) {
         Dictionary extensionObj =
             (Dictionary) obj.getExtension(ExtendedProperties.OPENCTI_EXTENSION_DEFINITION);
-        if (extensionObj.has(StixConstants.FILES)) {
+        Object filesValue = extensionObj.get(StixConstants.FILES);
+        if (extensionObj.has(StixConstants.FILES)
+            && filesValue instanceof io.openaev.stix.types.List<?> filesList) {
           List<String> documentIds =
-              getAllDocumentIdsFromFiles(
-                  (io.openaev.stix.types.List<Dictionary>) extensionObj.get(StixConstants.FILES));
+              getAllDocumentIdsFromFiles((io.openaev.stix.types.List<Dictionary>) filesList);
           manageAndAddStixRefToExternalRefs(stixToRef, obj, documentIds);
         }
         continue;

openaev-api/src/test/java/io/openaev/api/stix_process/StixApiTest.java

@@ -12,6 +12,10 @@
 import static org.assertj.core.api.Assertions.assertThatNoException;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.junit.jupiter.api.TestInstance.Lifecycle.PER_CLASS;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.verify;
+import static org.mockserver.model.HttpRequest.request;
+import static org.mockserver.model.HttpResponse.response;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
@@ -50,26 +54,20 @@
 import org.mockserver.configuration.Configuration;
 import org.mockserver.integration.ClientAndServer;
 import org.mockserver.socket.PortFactory;
-import org.mockserver.client.MockServerClient;
-import org.mockserver.configuration.Configuration;
-import org.mockserver.integration.ClientAndServer;
-import org.mockserver.socket.PortFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
 import org.springframework.test.context.DynamicPropertyRegistry;
 import org.springframework.test.context.DynamicPropertySource;
 import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.bean.override.mockito.MockitoSpyBean;
-import org.springframework.test.context.TestPropertySource;
-import org.springframework.test.context.DynamicPropertyRegistry;
-import org.springframework.test.context.DynamicPropertySource;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.transaction.annotation.Transactional;
 
 @TestInstance(PER_CLASS)
 @Transactional
 @WithMockUser(withCapabilities = {Capability.MANAGE_STIX_BUNDLE})
 @DisplayName("STIX API Integration Tests")
+@TestPropertySource(properties = {"openaev.xtm.opencti.enable=true"})
 class StixApiTest extends IntegrationTest {
 
   public static final String T_1531 = "T1531";
@@ -232,6 +230,38 @@ void setUp() throws Exception {
             vulnerabilityComposer.forVulnerability(
                 VulnerabilityFixture.createVulnerabilityInput("CVE-2025-56786")))
         .persist();
+
+    injectorContractComposer
+        .forInjectorContract(injectorContractFixture.getWellKnownSingleManualContract())
+        .persist();
+
+    // need to mock unregistered connector to be use in process
+    mockServer
+        .when(request().withMethod("POST").withPath(""))
+        .respond(
+            response()
+                .withStatusCode(200)
+                .withHeader("Content-Type", "application/json")
+                .withBody(
+                    """
+                                  {
+                                    "data": {}
+                                  }
+                              """));
+    openCTIConnectorService.registerOrPingAllConnectors();
+
+    mockServer
+        .when(request().withMethod("POST").withPath("graphql"))
+        .respond(
+            response()
+                .withStatusCode(200)
+                .withHeader("Content-Type", "application/json")
+                .withBody(
+                    """
+                                          {
+                                            "data": {}
+                                          }
+                                      """));
   }
 
   @Nested
@@ -254,6 +284,7 @@ class ImportStixBundles {
               .getResponse()
               .getContentAsString();
 
+      verify(securityCoverageService).pushSecurityCoverageBundleWithExternalURI(any());
       assertThat(response).isNotBlank();
       String scenarioId = JsonPath.read(response, "$.scenarioId");
       Scenario createdScenario = scenarioRepository.findById(scenarioId).orElseThrow();