-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SIEM] [Detection Engine] Remove has manage api keys requirement #62446
[SIEM] [Detection Engine] Remove has manage api keys requirement #62446
Conversation
…i calls, manage_api_keys privilege is no longer necessary
Pinging @elastic/siem (Team:SIEM) |
@elasticmachine merge upstream |
@@ -117,8 +116,7 @@ const CreateRulePageComponent: React.FC = () => { | |||
getActionMessageParams((stepsData.current['define-rule'].data as DefineStepRule).ruleType), | |||
[stepsData.current['define-rule'].data] | |||
); | |||
const userHasNoPermissions = | |||
canUserCRUD != null && hasManageApiKey != null ? !canUserCRUD || !hasManageApiKey : false; | |||
const userHasNoPermissions = canUserCRUD != null ? !canUserCRUD : false; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This small chunk of code should have test coverage and this should be potentially a pure function.
I see this chunk being copied in 4 places which is bad. I would pull this out into a pure function in a utils/helper, add tests and then call it here and below.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what about just using !canUserCRUD
now and you already have test for that!
Bad idea because the UX will be worst, always follow @FrankHassanabad suggestions
…adds a few test cases, updated references to new function
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks for the tests!
…ust not canUserCRUD
…e with just not canUserCRUD" This reverts commit 93912e7.
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
…tic#62446) Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes elastic#62387 * removes hasManageApiKeys since alerting is using the internal user api calls, manage_api_keys privilege is no longer necessary * linting error * fixes types and removes a test for manage api keys * removes manage api key reducer and updates leftover tests * moves userHasNoPermissions repeated code into a function in helpers, adds a few test cases, updated references to new function * fix test title * remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD * Revert "remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD" This reverts commit 93912e7. Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
…tic#62446) Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes elastic#62387 * removes hasManageApiKeys since alerting is using the internal user api calls, manage_api_keys privilege is no longer necessary * linting error * fixes types and removes a test for manage api keys * removes manage api key reducer and updates leftover tests * moves userHasNoPermissions repeated code into a function in helpers, adds a few test cases, updated references to new function * fix test title * remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD * Revert "remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD" This reverts commit 93912e7. Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
…into event-log/query-support * 'event-log/query-support' of github.com:gmmorris/kibana: (41 commits) [jenkins] refer to sizes in most pipeline code (elastic#62082) skip flaky suite (elastic#60470) [Discover] Fix flaky FT in field visualize (elastic#62418) [ML] Data Frame Analytics: Fix feature importance (elastic#61761) [Reporting] Use a shim for server config (elastic#62086) [Reporting] Fix reporting for non-default spaces (elastic#62226) Fix bug that coerced empty scaled float value to 0 (elastic#62251) [SIEM] [Detection Engine] Remove has manage api keys requireme… (elastic#62446) [Maps] Safely handle empty string and invalid strings from EuiColorPicker (elastic#62507) Reporting/bug more blacklisted headers (elastic#62389) [SIEM] Prevent undefined behavior in our ML popover (elastic#62498) [SIEM] [Detection Engine] remove all unknowns from all rules t… (elastic#62327) base changes for active/current node styling (elastic#62007) [kbn/ui-shared-deps] expand and split (elastic#62364) [ML] DF Analytics - ensure destination index pattern created (elastic#62450) Mark rule run as failure if there was an error (elastic#62383) Add docs for metric explorer alerts (elastic#62314) skip flaky suite (elastic#62281) [SIEM][Detection Engine] Fixes export of single rule and the icons fixes flakiness (elastic#62406) ...
Pinging @elastic/security-solution (Team: SecuritySolution) |
Summary
Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes #62387
Checklist
Delete any items that are not applicable to this PR.
For maintainers