[Bug] ThreatCrowd analyzer not respecting Max TLP value

[k41zen]

The ThreatCrowd analyzer (v1.0) doesn't respect the Max TLP values set when you edit the analyzer in Cortex.

To Reproduce
Set the ThreatCrowd analyser to have a MAX TLP of Amber.
Create an observable in Hive and set TLP to Red.
Select observable and choose ThreatCrowd analyzer.
This should report in Cortex that the TLP value is higher than allowed like others do but it does not. It actually runs the analyzer.

Expected behavior
The analyzer should check the TLP set and refuse to run the analyzer if the observable TLP is higher than the analyzers.

Work environment

• Client OS: W10
• Server OS: Ubuntu 16.04
• Browse type and version: Chrome
• Cortex version: 2.1.3-1
• Cortex Analyzer/Responder name: Threatcrowd
• Cortex Analyzer/Responder version: v1.0

Possible solutions
Changing the check_tlp line in the Threatcrowd.json file from "false" to "true" resolves the issue,

[jeromeleonard]

Hi @k41zen, I did not manage to reproduce this issue with Cortex 3.0.0-1. Everything works fine on my side.