Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Meta] Certain Kibana pages and components don't properly account for user privileges in Serverless. #183760

Open
azasypkin opened this issue May 17, 2024 · 3 comments
Labels
bug Fixes for quality problems that affect the customer experience Feature:Security/Authorization Platform Security - Authorization Meta Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@azasypkin
Copy link
Member

azasypkin commented May 17, 2024

Summary

This issue is meant to be a lightweight catch-all meta bucket for all recent findings related to inadequate handling of predefined and upcoming custom roles in Serverless (mostly UI & UX). The list below includes a quick issue description and the owning team to raise awareness.

The ask for the owning teams is to either update the issue description with a link to a GitHub issue where the bug is tracked (see Tracked in:) or leave a comment here acknowledging the issue and/or the fix.

## Broken links to integrations in Security projects FIXED!

Project type: Security
User role: Viewer or Editor (predefined)
Owner: @elastic/security-threat-hunting-explore
Tracked in: #183765

Screen.Recording.2024-05-17.at.17.52.16.mov

Broken links and errors from Home page in Search projects

Project type: Search
User role: custom (read_security cluster privilege, read Dashboards & Discover Kibana privileges)
Owner: @elastic/enterprise-search-frontend
Tracked in: TBD
serverless-access-issues
Issue list:

  • Upload file
  • Create connector
  • Create API key
  • Create pipeline
  • Links to management pages that redirect to main management page (API keys, connectors, pipelines, etc.)
  • Link to discover
  • There may be others I did not catch

/cc @elastic/kibana-security @jeramysoucy

@azasypkin azasypkin added bug Fixes for quality problems that affect the customer experience Meta Feature:Security/Authorization Platform Security - Authorization labels May 17, 2024
@botelastic botelastic bot added the needs-team Issues missing a team label label May 17, 2024
@azasypkin azasypkin added the Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! label May 17, 2024
@botelastic botelastic bot removed the needs-team Issues missing a team label label May 17, 2024
semd added a commit that referenced this issue Oct 11, 2024
## Summary

Issue: #189487

This PR is the final implementation of the Onboarding page redesign.

It has been developed in collaboration with @angorayc and
@agusruidiazgd, using this branch as a feature branch.
It already includes 2 smaller PRs that have already been reviewed and
approved by the @elastic/security-threat-hunting-explore team:
- semd#8
- semd#9

### Changes
- Onboarding page architecture refactor
([issue](#174766))
- Fixes #183765 (from [this Meta
issue](#183760))

---

- The progress bar has been removed
<img width="903" alt="progress bar"
src="https://github.com/user-attachments/assets/f16f3b6d-609f-4178-b83e-3b2106ba56ea">

---

- Card styles updated:
  - Icons updated to custom SVGs to have the correct color
  - Icon with circle background
  - Card internal content border removed

| Old | New |
| - | - |
|<img width="1172" alt="Old styles"
src="https://github.com/user-attachments/assets/5a75cd84-a30d-4621-88e3-17d837165016">|<img
width="1172" alt="New styles"
src="https://github.com/user-attachments/assets/8059bcbc-2f3d-4c7e-ba4f-041a58b51372">|

---

- Completed card styles updated:
  - Icon with green circle background

| Old | New |
| - | - |
|<img width="1172" alt="Old styles complete"
src="https://github.com/user-attachments/assets/3258c7be-4ffe-4d25-9cdb-d4fce66ce451">|<img
width="1172" alt="New styles complete"
src="https://github.com/user-attachments/assets/7dac6ec0-d78d-4881-ae84-3b46562c6d7d">|

---

- Improved "Add data with integrations" card

| Old | New |
| - | - |
|<img width="1174" alt="old integrations card"
src="https://github.com/user-attachments/assets/3c65c4f5-004b-4619-aa92-26ec0656a8e5">|<img
width="1174" alt="new integrations card"
src="https://github.com/user-attachments/assets/634e5249-b169-4c93-865e-b82453db90bf">|

---

- New "Configure AI assistant" card in a new "Discover Elastic AI" group


https://github.com/user-attachments/assets/39bd0dd4-88ba-47df-a77b-6b9b2a185cef

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Angela Chuang <yi-chun.chuang@elastic.co>
Co-authored-by: Agustina Nahir Ruidiaz <agustina.ruidiaz@elastic.co>
kibanamachine pushed a commit to kibanamachine/kibana that referenced this issue Oct 11, 2024
## Summary

Issue: elastic#189487

This PR is the final implementation of the Onboarding page redesign.

It has been developed in collaboration with @angorayc and
@agusruidiazgd, using this branch as a feature branch.
It already includes 2 smaller PRs that have already been reviewed and
approved by the @elastic/security-threat-hunting-explore team:
- semd#8
- semd#9

### Changes
- Onboarding page architecture refactor
([issue](elastic#174766))
- Fixes elastic#183765 (from [this Meta
issue](elastic#183760))

---

- The progress bar has been removed
<img width="903" alt="progress bar"
src="https://github.com/user-attachments/assets/f16f3b6d-609f-4178-b83e-3b2106ba56ea">

---

- Card styles updated:
  - Icons updated to custom SVGs to have the correct color
  - Icon with circle background
  - Card internal content border removed

| Old | New |
| - | - |
|<img width="1172" alt="Old styles"
src="https://github.com/user-attachments/assets/5a75cd84-a30d-4621-88e3-17d837165016">|<img
width="1172" alt="New styles"
src="https://github.com/user-attachments/assets/8059bcbc-2f3d-4c7e-ba4f-041a58b51372">|

---

- Completed card styles updated:
  - Icon with green circle background

| Old | New |
| - | - |
|<img width="1172" alt="Old styles complete"
src="https://github.com/user-attachments/assets/3258c7be-4ffe-4d25-9cdb-d4fce66ce451">|<img
width="1172" alt="New styles complete"
src="https://github.com/user-attachments/assets/7dac6ec0-d78d-4881-ae84-3b46562c6d7d">|

---

- Improved "Add data with integrations" card

| Old | New |
| - | - |
|<img width="1174" alt="old integrations card"
src="https://github.com/user-attachments/assets/3c65c4f5-004b-4619-aa92-26ec0656a8e5">|<img
width="1174" alt="new integrations card"
src="https://github.com/user-attachments/assets/634e5249-b169-4c93-865e-b82453db90bf">|

---

- New "Configure AI assistant" card in a new "Discover Elastic AI" group

https://github.com/user-attachments/assets/39bd0dd4-88ba-47df-a77b-6b9b2a185cef

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Angela Chuang <yi-chun.chuang@elastic.co>
Co-authored-by: Agustina Nahir Ruidiaz <agustina.ruidiaz@elastic.co>
(cherry picked from commit d39c75a)
@semd
Copy link
Contributor

semd commented Oct 14, 2024

Hey @azasypkin, the first item (Broken links to integrations in Security projects) has been fixed in #183765

@azasypkin
Copy link
Member Author

Awesome, thanks for the update @semd !

@christendybenko
Copy link

➕ Subscribed to this issue as it is relevant to our search onboarding roll out.

We are following it here: https://github.com/elastic/search-team/issues/8176

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Fixes for quality problems that affect the customer experience Feature:Security/Authorization Platform Security - Authorization Meta Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Development

No branches or pull requests

3 participants