IOC edit silently drops Source Reference: update() never calls setSourceRef() #8
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
ThreatIocController.update(PUT/api/aria/ioc/{id}) updates value, description, confidence, and expiresAt but never appliessourceReffrom the request. Editing an IOC's Source Reference in the UI silently no-ops — the field keeps its old value with no error shown to the user.Confirmed code refs
src/main/java/com/hiveops/aria/controller/ThreatIocController.java—update(Long id, CreateIocRequest request), lines 63-71. Body sets:ioc.setValue(...)(65)ioc.setDescription(...)(66)ioc.setConfidence(...)(67)ioc.setExpiresAt(...)(68)ioc.setSourceRef(request.getSourceRef())— the field is silently ignored on save.create()(line 53) does set.sourceRef(request.getSourceRef()), andCreateIocRequestexposessourceRef(line 90).src/main/java/com/hiveops/aria/entity/ThreatIoc.java:36—private String sourceRef;.frontend/src/components/IocManagement.svelte— edit form pre-fillssourceRef(line 91), builds a singlepayloadincludingsourceRef: form.sourceRef.trim() || undefined(line 114), and sends it viaariaApi.updateIoc(...)on edit (line 119). The input is bound at line 332.Impact
A BCOS_ADMIN editing an IOC and changing "Source Reference" (e.g. correcting an "FBI FLASH AC-000265-TT" citation) sees a success toast ("IOC updated") but the change is never persisted. Silent data-loss on one edit field; misleading UX. No security/scoping implications.
Suggested fix
Add the missing setter in
update():placed alongside the other
ioc.set...calls (after line 66/68). Optionally matchconfidence's null-preserving semantics if partial updates are desired, but for consistency with the create path a straight set is appropriate.Verified against code via the guide KB verification pass.