"Marking definitions" issues between different “Groups” within the same “Roles”

[misohouse]

OpenCTI version : 6.3.6

I want to show data separately between different groups that exist within the same role.

To accomplish what I wanted, I set up roles, groups, accounts, and marking definitions as shown in the photo below.

The problem is that when I log in as the test account and check, I see data with a marking definitions(Test_B) that I didn't specify in the settings.

The group assigned to the test account is Test_A, and only Test_A has been assigned a marking definition, so I think it is normal that data with a Test_B marking definition should not be visible.

Or is it because I set the order value to 0 when I set the marking definition?

I ask because I see data from other marking groups even when I don't specify roles when setting up groups.

I would appreciate your response to this issue.

[nino-filigran]

It does not sound right @misohouse , I'll try to reproduce, but in the meantime, could you let me know 3 things?

• did you create your marking after you created you group "external"?
• could you verify what marking "external" has access to?
• could you verify, when you go to external, edit this group, whether this group has the toggle "
  Automatically authorize this group to new marking definition" enabled ?

[misohouse]

@nino-filigran

Q1. did you create your marking after you created you group "external"?
A1.
That's right. The External role is the role you created previously.

Then I created the Test_A group and added only the Test_A group to the External role.

Finally, I created the Test_A marking definition, and added the Test_A marking definition to the Test_A group
.
.
.
.
.
.
Q2. could you verify what marking "external" has access to?
A2.
The Marking definitions accessible to the External group are shown in the figure below.

.
.
.
.
.
.
Q3. could you verify, when you go to external, edit this group, whether this group has the toggle "Automatically authorize this group to new marking definition" enabled ?
A3.
I think the screen below might answer your question.

[nino-filigran]

Ok thanks for your quick answer. At least I can already evacuate this option. I'll keep you posted about reproduction and any questions/information I might need.

[nino-filigran]

I can't manage to reproduce so far, will keep investigating. Could you perform the same check than above but for the 2 groups TEST_A & TEST_B ( just to be sure)?

[nino-filigran]

Could you share also also a screenshot of your marking definition page?

[nino-filigran]

And last question from my side: what is the process you have followed when creating your marking & users?
Did you create all your users & groups first? And/Or your markings? & Did you assign all markings to your groups in one go, or did you create one marking, assigned it to a group, then created another marking & assigned it to a group?