[FR] manual trigger on IOC : Add case_id in data send

[ggambini]

Hi,

When module call a external webhook, case_id is include for a lot of iris items, like asset, note, etc. But for ioc, json dont contain case_id and we cant callback iris ioc endpoints because they require case_id (from a case that link ioc).

Exemple of rawdata send by module :

[{'ioc_value': 'http://toto.fr', 'ioc_enrichment': None, 'ioc_type': {'type_name': 'url', 'type_description': 'url', 'type_taxonomy': None, 'type_validation_regex': None, 'type_validation_expect': None, 'type_id': 141}, 'ioc_id': 1, 'ioc_uuid': 'xxx', 'ioc_type_id': 141, 'ioc_description': '', 'ioc_tags': 'edr', 'user_id': 1, 'ioc_misp': None, 'ioc_tlp_id': 2, 'custom_attributes': OrderedDict(), 'modification_history': None}]

And an example of rawdata from asset :

[{'asset_name': 'toto', 'asset_enrichment': None, 'asset_type': {'asset_name': 'Account', 'asset_description': 'Generic Account', 'asset_icon_compromised': 'ioc_user.png', 'asset_icon_not_compromised': 'user.png', 'asset_id': 1}, 'alerts': [], 'analysis_status': {'id': 1, 'name': 'Unspecified'}, 'asset_id': 1, 'asset_uuid': 'xxxx', 'asset_description': 'titi', 'asset_domain': '', 'asset_ip': '', 'asset_info': '', 'asset_compromise_status_id': 0, 'asset_type_id': 1, 'asset_tags': '', 'case_id': 1, 'date_added': '2026-01-22T09:57:35.968799', 'date_update': '2026-01-22T09:57:35.968806', 'user_id': 1, 'analysis_status_id': 1, 'custom_attributes': OrderedDict(), 'modification_history': None}]

API update IOC :
https://docs.dfir-iris.org/_static/iris_api_reference_v2.0.2.html#tag/Case-IOC/operation/post-case-ioc-update

Error returned if case_id dont match a case that link current ioc :

"Invalid IOC ID for this case"

Regards