Merge branch 'main' of github.com:MISP/misp-stix into dev

misp_stix_converter/__init__.py

@@ -1,4 +1,4 @@
-__version__ = '2.4.194'
+__version__ = '2.4.196.1'
 
 import argparse
 from .misp_stix_mapping import Mapping # noqa
@@ -48,6 +48,10 @@ def _handle_return_message(traceback):
 
 def main():
     parser = argparse.ArgumentParser(description='Convert MISP <-> STIX')
+    parser.add_argument(
+        '-v', '--version', action='version',
+        version=f'{parser.prog} {__version__}'
+    )
     parser.add_argument(
         '--debug', action='store_true', help='Show errors and warnings'
     )

misp_stix_converter/stix2misp/external_stix2_to_misp.py

@@ -37,9 +37,10 @@ def __init__(self):
         self._tool_parser: ExternalSTIX2ToolConverter
         self._vulnerability_parser: ExternalSTIX2VulnerabilityConverter
 
-    def parse_stix_bundle(self, cluster_distribution: Optional[int] = 0,
-                          cluster_sharing_group_id: Optional[int] = None,
-                          organisation_uuid: Optional[str] = None, **kwargs):
+    def parse_stix_bundle(
+            self, cluster_distribution: Optional[int] = 0,
+            cluster_sharing_group_id: Optional[int] = None,
+            organisation_uuid: Optional[str] = MISP_org_uuid, **kwargs):
         self._set_parameters(**kwargs)
         self._set_cluster_distribution(
             cluster_distribution, cluster_sharing_group_id
@@ -57,6 +58,10 @@ def observable_object_parser(self) -> STIX2ObservableObjectConverter:
     #                              PARSER SETTERS                              #
     ############################################################################
 
+    ############################################################################
+    #                              PARSER SETTERS                              #
+    ############################################################################
+
     def _set_attack_pattern_parser(self):
         self._attack_pattern_parser = ExternalSTIX2AttackPatternConverter(self)
 
@@ -138,8 +143,9 @@ def _handle_unparsed_content(self):
             return super()._handle_unparsed_content()
         unparsed_content = defaultdict(list)
         for object_id, content in self._observable.items():
-            if content['used'][self.misp_event.uuid]:
-                continue
+            if self.misp_event.uuid in content['used']:
+                if content['used'][self.misp_event.uuid]:
+                    continue
             unparsed_content[content['observable'].type].append(object_id)
         for observable_type in self._mapping.observable_object_types():
             if observable_type not in unparsed_content:
@@ -153,9 +159,9 @@ def _handle_unparsed_content(self):
                 continue
             to_call = f'_parse_{feature}_observable_object'
             for object_id in unparsed_content[observable_type]:
-                if self._observable[object_id]['used'][self.misp_event.uuid]:
-                    # if object_id.split('--')[0] not in _force_observables_list:
-                    continue
+                if self.misp_event.uuid in self._observable[object_id]['used']:
+                    if self._observable[object_id]['used'][self.misp_event.uuid]:
+                        continue
                 try:
                     getattr(self.observable_object_parser, to_call)(object_id)
                 except Exception as exception:

misp_stix_converter/stix2misp/importparser.py

@@ -322,6 +322,11 @@ def _distribution_and_sharing_group_id_error(self):
             'Invalid Sharing Group ID - cannot be None when distribution is 4'
         )
 
+    def _distribution_and_sharing_group_id_error(self):
+        self.__errors['init'].add(
+            'Invalid Sharing Group ID - cannot be None when distribution is 4'
+        )
+
     def _distribution_error(self, exception: Exception):
         self.__errors['init'].add(
             f'Wrong distribution format: {exception}'