Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SIEM] [Detection Engine] Remove has manage api keys requirement #62446

Merged
merged 9 commits into from
Apr 4, 2020

Conversation

dhurley14
Copy link
Contributor

@dhurley14 dhurley14 commented Apr 3, 2020

Summary

Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes #62387

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@dhurley14 dhurley14 self-assigned this Apr 3, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@dhurley14
Copy link
Contributor Author

@elasticmachine merge upstream

@dhurley14 dhurley14 marked this pull request as ready for review April 3, 2020 14:39
@dhurley14 dhurley14 requested a review from a team as a code owner April 3, 2020 14:39
@@ -117,8 +116,7 @@ const CreateRulePageComponent: React.FC = () => {
getActionMessageParams((stepsData.current['define-rule'].data as DefineStepRule).ruleType),
[stepsData.current['define-rule'].data]
);
const userHasNoPermissions =
canUserCRUD != null && hasManageApiKey != null ? !canUserCRUD || !hasManageApiKey : false;
const userHasNoPermissions = canUserCRUD != null ? !canUserCRUD : false;
Copy link
Contributor

@FrankHassanabad FrankHassanabad Apr 3, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This small chunk of code should have test coverage and this should be potentially a pure function.

I see this chunk being copied in 4 places which is bad. I would pull this out into a pure function in a utils/helper, add tests and then call it here and below.

Copy link
Contributor

@XavierM XavierM Apr 3, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about just using !canUserCRUD now and you already have test for that!
Bad idea because the UX will be worst, always follow @FrankHassanabad suggestions

Copy link
Contributor

@FrankHassanabad FrankHassanabad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for the tests!

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@dhurley14 dhurley14 merged commit 7e11961 into elastic:master Apr 4, 2020
@dhurley14 dhurley14 deleted the remove-has-manage-api-keys-req branch April 4, 2020 00:25
dhurley14 added a commit to dhurley14/kibana that referenced this pull request Apr 4, 2020
…tic#62446)

Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes elastic#62387

* removes hasManageApiKeys since alerting is using the internal user api calls, manage_api_keys privilege is no longer necessary

* linting error

* fixes types and removes a test for manage api keys

* removes manage api key reducer and updates leftover tests

* moves userHasNoPermissions repeated code into a function in helpers, adds a few test cases, updated references to new function

* fix test title

* remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD

* Revert "remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD"

This reverts commit 93912e7.

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
dhurley14 added a commit to dhurley14/kibana that referenced this pull request Apr 4, 2020
…tic#62446)

Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes elastic#62387

* removes hasManageApiKeys since alerting is using the internal user api calls, manage_api_keys privilege is no longer necessary

* linting error

* fixes types and removes a test for manage api keys

* removes manage api key reducer and updates leftover tests

* moves userHasNoPermissions repeated code into a function in helpers, adds a few test cases, updated references to new function

* fix test title

* remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD

* Revert "remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD"

This reverts commit 93912e7.

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
gmmorris added a commit to gmmorris/kibana that referenced this pull request Apr 6, 2020
…into event-log/query-support

* 'event-log/query-support' of github.com:gmmorris/kibana: (41 commits)
  [jenkins] refer to sizes in most pipeline code (elastic#62082)
  skip flaky suite (elastic#60470)
  [Discover] Fix flaky FT in field visualize (elastic#62418)
  [ML] Data Frame Analytics: Fix feature importance (elastic#61761)
  [Reporting] Use a shim for server config (elastic#62086)
  [Reporting] Fix reporting for non-default spaces (elastic#62226)
  Fix bug that coerced empty scaled float value to 0 (elastic#62251)
  [SIEM] [Detection Engine] Remove has manage api keys requireme… (elastic#62446)
  [Maps] Safely handle empty string and invalid strings from EuiColorPicker (elastic#62507)
  Reporting/bug more blacklisted headers (elastic#62389)
  [SIEM] Prevent undefined behavior in our ML popover (elastic#62498)
  [SIEM] [Detection Engine] remove all unknowns from all rules t… (elastic#62327)
  base changes for active/current node styling (elastic#62007)
  [kbn/ui-shared-deps] expand and split (elastic#62364)
  [ML] DF Analytics - ensure destination index pattern created (elastic#62450)
  Mark rule run as failure if there was an error (elastic#62383)
  Add docs for metric explorer alerts (elastic#62314)
  skip flaky suite (elastic#62281)
  [SIEM][Detection Engine] Fixes export of single rule and the icons
  fixes flakiness (elastic#62406)
  ...
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release_note:enhancement review Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.7.0 v7.8.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[SIEM][Detection Engine] Remove hasManageApiKey from front end checks
6 participants