Skip to content

Commit dd8a4a7

Browse files
FrankHassanabadFrankHassanabad
authored
[Security Solutions] Removes the elastic legacy client from lists and security_solution plugins (#106130)
## Summary Addressees #83910 by removing the elastic legacy client from: * `lists` plugin * `security_solution` plugin * `kbn-securitysolution-es-utils` package Removes found dead code in `security_solution` plugin: * `server/lib/configuration/inmemory_configuration_adapter.ts` * `server/lib/detection_engine/privileges/read_privileges.ts` * `server/lib/configuration/index.ts` * `server/lib/configuration/adapter_types.ts` * `server/lib/compose/kibana.ts` * `server/lib/ecs_fields/extend_map.test.ts` * `server/lib/ecs_fields/extend_map.ts` * `server/lib/index_fields/elasticsearch_adapter.ts` * `server/lib/index_fields/index.ts` * `server/lib/index_fields/mock.ts` * `server/lib/index_fields/types.ts` * `server/lib/source_status/elasticsearch_adapter.ts` * `server/lib/source_status/index.ts` * `server/lib/source_status/query.dsl.ts` * `server/lib/source_status/types.ts` * `server/lib/sources/configuration.test.ts` * `server/lib/sources/configuration.ts` * `server/lib/sources/index.ts` * `server/lib/sources/types.ts` Removes dead code in `lists` plugin: * `server/schemas/common/get_call_cluster.mock.ts` * `server/lib/ecs_fields/index.ts` * `server/lib/framework/kibana_framework_adapter.ts` Removes dead types from `security_solution` plugin: * `server/lib/framework/types.ts` * `server/lib/types.ts` Removes dead functions from `security_solution` plugin: * `server/utils/build_query/calculate_timeseries_interval.ts` * `server/utils/runtime_types.ts` ### What to check as a reviewer * Ensure that there is no left over words of `legacy` such as `legacy.something` * Ensure there are no more `callAsCurrentUser` since that is all dead and gone * Ensure anywhere you see `esClient.someThing` it returns the `.body` at the end or destructors it as in `{ body } = esClient.someThing` ### Risk Matrix | Risk | Probability | Severity | Mitigation/Notes | |---------------------------|-------------|----------|-------------------------| | Telemetry might stop working or have invalid values. | Med | High | We will have to manually test telemetry. Pinged people from telemetry for a code review | | An REST route returns invalid values. | Med | High | e2e tests caught some of these already. The rest of the code was re-checked by hand | | Deleted function/code might actually be still in use somewhere. | Low | High | e2e and unit tests should catch any of this. | ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
1 parent d4eeea4 commit dd8a4a7

49 files changed

Lines changed: 200 additions & 1723 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

packages/kbn-securitysolution-es-utils/src/read_privileges/index.ts

Lines changed: 61 additions & 81 deletions
Original file line numberDiff line numberDiff line change
@@ -6,89 +6,69 @@
66
* Side Public License, v 1.
77
*/
88

9-
/**
10-
* Copied from src/core/server/elasticsearch/legacy/api_types.ts including its deprecation mentioned below
11-
* TODO: Remove this and refactor the readPrivileges to utilize any newer client side ways rather than all this deprecated legacy stuff
12-
*/
13-
export interface LegacyCallAPIOptions {
14-
/**
15-
* Indicates whether `401 Unauthorized` errors returned from the Elasticsearch API
16-
* should be wrapped into `Boom` error instances with properly set `WWW-Authenticate`
17-
* header that could have been returned by the API itself. If API didn't specify that
18-
* then `Basic realm="Authorization Required"` is used as `WWW-Authenticate`.
19-
*/
20-
wrap401Errors?: boolean;
21-
/**
22-
* A signal object that allows you to abort the request via an AbortController object.
23-
*/
24-
signal?: AbortSignal;
25-
}
26-
27-
type CallWithRequest<T extends Record<string, any>, V> = (
28-
endpoint: string,
29-
params: T,
30-
options?: LegacyCallAPIOptions
31-
) => Promise<V>;
9+
import { ElasticsearchClient } from '../elasticsearch_client';
3210

3311
export const readPrivileges = async (
34-
callWithRequest: CallWithRequest<{}, unknown>,
12+
esClient: ElasticsearchClient,
3513
index: string
3614
): Promise<unknown> => {
37-
return callWithRequest('transport.request', {
38-
path: '/_security/user/_has_privileges',
39-
method: 'POST',
40-
body: {
41-
cluster: [
42-
'all',
43-
'create_snapshot',
44-
'manage',
45-
'manage_api_key',
46-
'manage_ccr',
47-
'manage_transform',
48-
'manage_ilm',
49-
'manage_index_templates',
50-
'manage_ingest_pipelines',
51-
'manage_ml',
52-
'manage_own_api_key',
53-
'manage_pipeline',
54-
'manage_rollup',
55-
'manage_saml',
56-
'manage_security',
57-
'manage_token',
58-
'manage_watcher',
59-
'monitor',
60-
'monitor_transform',
61-
'monitor_ml',
62-
'monitor_rollup',
63-
'monitor_watcher',
64-
'read_ccr',
65-
'read_ilm',
66-
'transport_client',
67-
],
68-
index: [
69-
{
70-
names: [index],
71-
privileges: [
72-
'all',
73-
'create',
74-
'create_doc',
75-
'create_index',
76-
'delete',
77-
'delete_index',
78-
'index',
79-
'manage',
80-
'maintenance',
81-
'manage_follow_index',
82-
'manage_ilm',
83-
'manage_leader_index',
84-
'monitor',
85-
'read',
86-
'read_cross_cluster',
87-
'view_index_metadata',
88-
'write',
89-
],
90-
},
91-
],
92-
},
93-
});
15+
return (
16+
await esClient.transport.request({
17+
path: '/_security/user/_has_privileges',
18+
method: 'POST',
19+
body: {
20+
cluster: [
21+
'all',
22+
'create_snapshot',
23+
'manage',
24+
'manage_api_key',
25+
'manage_ccr',
26+
'manage_transform',
27+
'manage_ilm',
28+
'manage_index_templates',
29+
'manage_ingest_pipelines',
30+
'manage_ml',
31+
'manage_own_api_key',
32+
'manage_pipeline',
33+
'manage_rollup',
34+
'manage_saml',
35+
'manage_security',
36+
'manage_token',
37+
'manage_watcher',
38+
'monitor',
39+
'monitor_transform',
40+
'monitor_ml',
41+
'monitor_rollup',
42+
'monitor_watcher',
43+
'read_ccr',
44+
'read_ilm',
45+
'transport_client',
46+
],
47+
index: [
48+
{
49+
names: [index],
50+
privileges: [
51+
'all',
52+
'create',
53+
'create_doc',
54+
'create_index',
55+
'delete',
56+
'delete_index',
57+
'index',
58+
'manage',
59+
'maintenance',
60+
'manage_follow_index',
61+
'manage_ilm',
62+
'manage_leader_index',
63+
'monitor',
64+
'read',
65+
'read_cross_cluster',
66+
'view_index_metadata',
67+
'write',
68+
],
69+
},
70+
],
71+
},
72+
})
73+
).body;
9474
};

x-pack/plugins/lists/server/routes/read_privileges_route.ts

Lines changed: 3 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -25,16 +25,10 @@ export const readPrivilegesRoute = (router: ListsPluginRouter): void => {
2525
async (context, request, response) => {
2626
const siemResponse = buildSiemResponse(response);
2727
try {
28-
const clusterClient = context.core.elasticsearch.legacy.client;
28+
const esClient = context.core.elasticsearch.client.asCurrentUser;
2929
const lists = getListClient(context);
30-
const clusterPrivilegesLists = await readPrivileges(
31-
clusterClient.callAsCurrentUser,
32-
lists.getListIndex()
33-
);
34-
const clusterPrivilegesListItems = await readPrivileges(
35-
clusterClient.callAsCurrentUser,
36-
lists.getListItemIndex()
37-
);
30+
const clusterPrivilegesLists = await readPrivileges(esClient, lists.getListIndex());
31+
const clusterPrivilegesListItems = await readPrivileges(esClient, lists.getListItemIndex());
3832
const privileges = merge(
3933
{
4034
listItems: clusterPrivilegesListItems,

x-pack/plugins/lists/server/schemas/common/get_call_cluster.mock.ts

Lines changed: 0 additions & 37 deletions
This file was deleted.

x-pack/plugins/security_solution/common/search_strategy/index_fields/index.ts

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,6 @@ import {
1313
} from '../../../../../../src/plugins/data/common';
1414
import { DocValueFields, Maybe } from '../common';
1515

16-
export type BeatFieldsFactoryQueryType = 'beatFields';
17-
1816
interface FieldInfo {
1917
category: string;
2018
description?: string;

x-pack/plugins/security_solution/server/lib/compose/kibana.ts

Lines changed: 0 additions & 45 deletions
This file was deleted.

x-pack/plugins/security_solution/server/lib/configuration/adapter_types.ts

Lines changed: 0 additions & 10 deletions
This file was deleted.

x-pack/plugins/security_solution/server/lib/configuration/index.ts

Lines changed: 0 additions & 8 deletions
This file was deleted.

x-pack/plugins/security_solution/server/lib/configuration/inmemory_configuration_adapter.ts

Lines changed: 0 additions & 17 deletions
This file was deleted.

x-pack/plugins/security_solution/server/lib/detection_engine/privileges/read_privileges.ts

Lines changed: 0 additions & 71 deletions
This file was deleted.

0 commit comments

Comments
 (0)