Skip to content

Commit

Permalink
Merge branch 'master' into add-exception-list-export
Browse files Browse the repository at this point in the history
  • Loading branch information
FrankHassanabad committed Aug 31, 2021
2 parents fb522dc + 23a1788 commit c3db806
Show file tree
Hide file tree
Showing 149 changed files with 3,731 additions and 1,898 deletions.
2 changes: 2 additions & 0 deletions .ci/Jenkinsfile_baseline_trigger
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
#!/bin/groovy

return

def MAXIMUM_COMMITS_TO_CHECK = 10
def MAXIMUM_COMMITS_TO_BUILD = 5

Expand Down
3 changes: 3 additions & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -439,6 +439,9 @@
/x-pack/test/reporting_api_integration/ @elastic/kibana-reporting-services @elastic/kibana-app-services
/x-pack/test/reporting_functional/ @elastic/kibana-reporting-services @elastic/kibana-app-services
/x-pack/test/stack_functional_integration/apps/reporting/ @elastic/kibana-reporting-services @elastic/kibana-app-services
/docs/user/reporting @elastic/kibana-reporting-services @elastic/kibana-app-services
/docs/settings/reporting-settings.asciidoc @elastic/kibana-reporting-services @elastic/kibana-app-services
/docs/setup/configuring-reporting.asciidoc @elastic/kibana-reporting-services @elastic/kibana-app-services
#CC# /x-pack/plugins/reporting/ @elastic/kibana-reporting-services


13 changes: 6 additions & 7 deletions docs/settings/reporting-settings.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -281,16 +281,15 @@ NOTE: This setting exists for backwards compatibility, but is unused and hardcod
[[reporting-advanced-settings]]
==== Security settings

[[xpack-reporting-roles-enabled]] `xpack.reporting.roles.enabled`::
deprecated:[7.14.0,This setting must be set to `false` in 8.0.] When `true`, grants users access to the {report-features} by assigning reporting roles, specified by `xpack.reporting.roles.allow`. Granting access to users this way is deprecated. Set to `false` and use {kibana-ref}/kibana-privileges.html[{kib} privileges] instead. Defaults to `true`.
With Security enabled, Reporting has two forms of access control: each user can only access their own reports, and custom roles determine who has privilege to generate reports. When Reporting is configured with <<kibana-privileges, {kib} application privileges>>, you can control the spaces and applications where users are allowed to generate reports.

[NOTE]
============================================================================
In 7.x, the default value of `xpack.reporting.roles.enabled` is `true`. To migrate users to the
new method of securing access to *Reporting*, you must set `xpack.reporting.roles.enabled: false`. In the next major version of {kib}, `false` will be the only valid configuration.
The `xpack.reporting.roles` settings are for a deprecated system of access control in Reporting. It does not allow API Keys to generate reports, and it doesn't allow {kib} application privileges. We recommend you explicitly turn off reporting's deprecated access control feature by adding `xpack.reporting.roles.enabled: false` in kibana.yml. This will enable application privileges for reporting, as described in <<grant-user-access, granting users access to reporting>>.
============================================================================

`xpack.reporting.roles.allow`::
deprecated:[7.14.0,This setting will be removed in 8.0.] Specifies the roles, in addition to superusers, that can generate reports, using the {ref}/security-api.html#security-role-apis[{es} role management APIs]. Requires `xpack.reporting.roles.enabled` to be `true`. Granting access to users this way is deprecated. Use {kibana-ref}/kibana-privileges.html[{kib} privileges] instead. Defaults to `[ "reporting_user" ]`.
[[xpack-reporting-roles-enabled]] `xpack.reporting.roles.enabled`::
deprecated:[7.14.0,The default for this setting will be `false` in an upcoming version of {kib}.] Sets access control to a set of assigned reporting roles, specified by `xpack.reporting.roles.allow`. Defaults to `true`.

NOTE: Each user has access to only their own reports.
`xpack.reporting.roles.allow`::
deprecated:[7.14.0] In addition to superusers, specifies the roles that can generate reports using the {ref}/security-api.html#security-role-apis[{es} role management APIs]. Requires `xpack.reporting.roles.enabled` to be `true`. Defaults to `[ "reporting_user" ]`.
17 changes: 12 additions & 5 deletions docs/setup/configuring-reporting.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,16 @@ To troubleshoot the problem, start the {kib} server with environment variables t
[float]
[[grant-user-access]]
=== Grant users access to reporting
When security is enabled, you grant users access to generate reports with <<kibana-privileges, {kib} application privileges>>, which allow you to create custom roles that control the spaces and applications where users generate reports.

When security is enabled, access to the {report-features} is controlled by roles and <<kibana-privileges, privileges>>. With privileges, you can define custom roles that grant *Reporting* privileges as sub-features of {kib} applications. To grant users permission to generate reports and view their reports in *Reporting*, create and assign the reporting role.

[[reporting-app-users]]
NOTE: In 7.12.0 and earlier, you grant access to the {report-features} by assigning users the `reporting_user` role in {es}.
. Enable application privileges in Reporting. To enable, turn off the default user access control features in `kibana.yml`:
+
[source,yaml]
------------------------------------
xpack.reporting.roles.enabled: false
------------------------------------
+
NOTE: If you use the default settings, you can still create a custom role that grants reporting privileges. The default role is `reporting_user`. This behavior is being deprecated and does not allow application-level access controls for {report-features}, and does not allow API keys or authentication tokens to authorize report generation. Refer to <<reporting-advanced-settings, reporting security settings>> for information and caveats about the deprecated access control features.

. Create the reporting role.

Expand Down Expand Up @@ -90,10 +95,12 @@ If the *Reporting* option is unavailable, contact your administrator, or <<repor

.. Click *Update user*.

Granting the privilege to generate reports also grants the user the privilege to view their reports in *Stack Management > Reporting*. Users can only access their own reports.

[float]
[[reporting-roles-user-api]]
==== Grant access with the role API
You can also use the {ref}/security-api-put-role.html[role API] to grant access to the reporting features. Grant the reporting role to users in combination with other roles that grant read access to the data in {es}, and at least read access in the applications where users can generate reports.
With <<grant-user-access, {kib} application privileges>> enabled in Reporting, you can also use the {ref}/security-api-put-role.html[role API] to grant access to the {report-features}. Grant custom reporting roles to users in combination with other roles that grant read access to the data in {es}, and at least read access in the applications where users can generate reports.

[source, sh]
---------------------------------------------------------------
Expand Down
6 changes: 3 additions & 3 deletions renovate.json5
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
{
extends: [
'config:base',
':disableDependencyDashboard',
],
ignorePaths: [
'**/__fixtures__/**',
Expand All @@ -12,12 +13,11 @@
baseBranches: [
'master',
'7.x',
'7.13',
'7.15',
],
prConcurrentLimit: 0,
prHourlyLimit: 0,
separateMajorMinor: false,
masterIssue: true,
rangeStrategy: 'bump',
semanticCommits: false,
vulnerabilityAlerts: {
Expand All @@ -39,7 +39,7 @@
packageNames: ['@elastic/charts'],
reviewers: ['markov00', 'nickofthyme'],
matchBaseBranches: ['master'],
labels: ['release_note:skip', 'v8.0.0', 'v7.14.0', 'auto-backport'],
labels: ['release_note:skip', 'v8.0.0', 'v7.16.0', 'auto-backport'],
enabled: true,
},
{
Expand Down
3 changes: 3 additions & 0 deletions src/core/server/elasticsearch/client/client_config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,9 @@ export function parseClientOptions(
...DEFAULT_HEADERS,
...config.customHeaders,
},
// do not make assumption on user-supplied data content
// fixes https://github.com/elastic/kibana/issues/101944
disablePrototypePoisoningProtection: true,
};

if (config.pingTimeout != null) {
Expand Down
4 changes: 3 additions & 1 deletion src/plugins/expressions/common/execution/execution.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -763,13 +763,15 @@ describe('Execution', () => {
});

test('saves duration it took to execute each function', async () => {
const startTime = Date.now();
const execution = createExecution('add val=1 | add val=2 | add val=3', {}, true);
execution.start(-1);
await execution.result.toPromise();
const duration = Date.now() - startTime;

for (const node of execution.state.get().ast.chain) {
expect(typeof node.debug?.duration).toBe('number');
expect(node.debug?.duration).toBeLessThan(100);
expect(node.debug?.duration).toBeLessThanOrEqual(duration);
expect(node.debug?.duration).toBeGreaterThanOrEqual(0);
}
});
Expand Down
2 changes: 1 addition & 1 deletion src/plugins/home/public/application/components/home.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ export class Home extends Component<HomeProps, State> {
if (this.state.isLoading) {
this.setState({ isWelcomeEnabled: false });
}
}, 500);
}, 10000);

const hasUserIndexPattern = await this.props.hasUserIndexPattern();

Expand Down
2 changes: 1 addition & 1 deletion src/plugins/inspector/common/adapters/request/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,6 @@
* Side Public License, v 1.
*/

export { RequestStatistic, RequestStatistics, RequestStatus } from './types';
export { Request, RequestStatistic, RequestStatistics, RequestStatus } from './types';
export { RequestAdapter } from './request_adapter';
export { RequestResponder } from './request_responder';
11 changes: 8 additions & 3 deletions src/plugins/inspector/common/adapters/request/request_adapter.ts
Original file line number Diff line number Diff line change
Expand Up @@ -33,14 +33,19 @@ export class RequestAdapter extends EventEmitter {
* {@link RequestResponder#error}.
*
* @param {string} name The name of this request as it should be shown in the UI.
* @param {object} args Additional arguments for the request.
* @param {RequestParams} params Additional arguments for the request.
* @param {number} [startTime] Set an optional start time for the request
* @return {RequestResponder} An instance to add information to the request and finish it.
*/
public start(name: string, params: RequestParams = {}): RequestResponder {
public start(
name: string,
params: RequestParams = {},
startTime: number = Date.now()
): RequestResponder {
const req: Request = {
...params,
name,
startTime: Date.now(),
startTime,
status: RequestStatus.PENDING,
id: params.id ?? uuid(),
};
Expand Down
1 change: 1 addition & 0 deletions src/plugins/inspector/common/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@

export {
Adapters,
Request,
RequestAdapter,
RequestStatistic,
RequestStatistics,
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/apm/kibana.json
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
"embeddable",
"features",
"infra",
"inspector",
"licensing",
"observability",
"ruleRegistry",
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/apm/public/application/index.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ export const renderApp = ({
core: coreStart,
plugins: pluginsSetup,
data: pluginsStart.data,
inspector: pluginsStart.inspector,
observability: pluginsStart.observability,
observabilityRuleTypeRegistry,
};
Expand Down
3 changes: 2 additions & 1 deletion x-pack/plugins/apm/public/application/uxApp.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ export function UXAppRoot({
core,
deps,
config,
corePlugins: { embeddable, maps, observability, data },
corePlugins: { embeddable, inspector, maps, observability, data },
observabilityRuleTypeRegistry,
}: {
appMountParameters: AppMountParameters;
Expand All @@ -108,6 +108,7 @@ export function UXAppRoot({
appMountParameters,
config,
core,
inspector,
plugins,
observability,
observabilityRuleTypeRegistry,
Expand Down
13 changes: 8 additions & 5 deletions x-pack/plugins/apm/public/components/routing/app_root.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ import {
} from '../../context/apm_plugin/apm_plugin_context';
import { useApmPluginContext } from '../../context/apm_plugin/use_apm_plugin_context';
import { BreadcrumbsContextProvider } from '../../context/breadcrumbs/context';
import { InspectorContextProvider } from '../../context/inspector/inspector_context';
import { LicenseProvider } from '../../context/license/license_context';
import { TimeRangeIdContextProvider } from '../../context/time_range_id/time_range_id_context';
import { UrlParamsProvider } from '../../context/url_params_context/url_params_context';
Expand Down Expand Up @@ -62,12 +63,14 @@ export function ApmAppRoot({
<UrlParamsProvider>
<LicenseProvider>
<AnomalyDetectionJobsContextProvider>
<ApmThemeProvider>
<MountApmHeaderActionMenu />
<InspectorContextProvider>
<ApmThemeProvider>
<MountApmHeaderActionMenu />

<Route component={ScrollToTopOnPathChange} />
<RouteRenderer />
</ApmThemeProvider>
<Route component={ScrollToTopOnPathChange} />
<RouteRenderer />
</ApmThemeProvider>
</InspectorContextProvider>
</AnomalyDetectionJobsContextProvider>
</LicenseProvider>
</UrlParamsProvider>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import { useApmPluginContext } from '../../../context/apm_plugin/use_apm_plugin_
import { AlertingPopoverAndFlyout } from './alerting_popover_flyout';
import { AnomalyDetectionSetupLink } from './anomaly_detection_setup_link';
import { useServiceName } from '../../../hooks/use_service_name';
import { InspectorHeaderLink } from './inspector_header_link';

export function ApmHeaderActionMenu() {
const { core, plugins } = useApmPluginContext();
Expand Down Expand Up @@ -65,6 +66,7 @@ export function ApmHeaderActionMenu() {
defaultMessage: 'Add data',
})}
</EuiHeaderLink>
<InspectorHeaderLink />
</EuiHeaderLinks>
);
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

import { EuiHeaderLink } from '@elastic/eui';
import { i18n } from '@kbn/i18n';
import React from 'react';
import { useKibana } from '../../../../../../../src/plugins/kibana_react/public';
import { enableInspectEsQueries } from '../../../../../observability/public';
import { useApmPluginContext } from '../../../context/apm_plugin/use_apm_plugin_context';
import { useInspectorContext } from '../../../context/inspector/use_inspector_context';

export function InspectorHeaderLink() {
const { inspector } = useApmPluginContext();
const { inspectorAdapters } = useInspectorContext();
const {
services: { uiSettings },
} = useKibana();
const isInspectorEnabled = uiSettings?.get<boolean>(enableInspectEsQueries);

const inspect = () => {
inspector.open(inspectorAdapters);
};

if (!isInspectorEnabled) {
return null;
}

return (
<EuiHeaderLink color="primary" onClick={inspect}>
{i18n.translate('xpack.apm.inspectButtonText', {
defaultMessage: 'Inspect',
})}
</EuiHeaderLink>
);
}
56 changes: 1 addition & 55 deletions x-pack/plugins/apm/public/components/shared/search_bar.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,12 @@

import { QueryDslQueryContainer } from '@elastic/elasticsearch/api/types';
import {
EuiCallOut,
EuiFlexGroup,
EuiFlexGroupProps,
EuiFlexItem,
EuiLink,
EuiSpacer,
EuiFlexGroupProps,
} from '@elastic/eui';
import { i18n } from '@kbn/i18n';
import { FormattedMessage } from '@kbn/i18n/react';
import React from 'react';
import { enableInspectEsQueries } from '../../../../observability/public';
import { useApmPluginContext } from '../../context/apm_plugin/use_apm_plugin_context';
import { useKibanaUrl } from '../../hooks/useKibanaUrl';
import { useBreakPoints } from '../../hooks/use_break_points';
import { DatePicker } from './DatePicker';
import { KueryBar } from './kuery_bar';
Expand All @@ -35,52 +28,6 @@ interface Props {
kueryBarBoolFilter?: QueryDslQueryContainer[];
}

function DebugQueryCallout() {
const { uiSettings } = useApmPluginContext().core;
const advancedSettingsUrl = useKibanaUrl('/app/management/kibana/settings', {
query: {
query: 'category:(observability)',
},
});

if (!uiSettings.get(enableInspectEsQueries)) {
return null;
}

return (
<EuiFlexGroup>
<EuiFlexItem>
<EuiCallOut
title={i18n.translate(
'xpack.apm.searchBar.inspectEsQueriesEnabled.callout.title',
{
defaultMessage:
'Inspectable ES queries (`apm:enableInspectEsQueries`)',
}
)}
iconType="beaker"
color="warning"
>
<FormattedMessage
id="xpack.apm.searchBar.inspectEsQueriesEnabled.callout.description"
defaultMessage="You can now inspect every Elasticsearch query by opening your browser's Dev Tool and looking at the API responses. The setting can be disabled in Kibana's {advancedSettingsLink}"
values={{
advancedSettingsLink: (
<EuiLink href={advancedSettingsUrl}>
{i18n.translate(
'xpack.apm.searchBar.inspectEsQueriesEnabled.callout.description.advancedSettings',
{ defaultMessage: 'Advanced Settings' }
)}
</EuiLink>
),
}}
/>
</EuiCallOut>
</EuiFlexItem>
</EuiFlexGroup>
);
}

export function SearchBar({
hidden = false,
showKueryBar = true,
Expand All @@ -100,7 +47,6 @@ export function SearchBar({

return (
<>
<DebugQueryCallout />
<EuiFlexGroup
gutterSize="s"
responsive={false}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,13 @@ import { ConfigSchema } from '../..';
import { ApmPluginSetupDeps } from '../../plugin';
import { MapsStartApi } from '../../../../maps/public';
import { ObservabilityPublicStart } from '../../../../observability/public';
import { Start as InspectorPluginStart } from '../../../../../../src/plugins/inspector/public';

export interface ApmPluginContextValue {
appMountParameters: AppMountParameters;
config: ConfigSchema;
core: CoreStart;
inspector: InspectorPluginStart;
plugins: ApmPluginSetupDeps & { maps?: MapsStartApi };
observabilityRuleTypeRegistry: ObservabilityRuleTypeRegistry;
observability: ObservabilityPublicStart;
Expand Down
Loading

0 comments on commit c3db806

Please sign in to comment.