Skip to content

[SIEM] [Detection Engine] Remove has manage api keys requirement#62446

Merged
dhurley14 merged 9 commits intoelastic:masterfrom
dhurley14:remove-has-manage-api-keys-req
Apr 4, 2020
Merged

[SIEM] [Detection Engine] Remove has manage api keys requirement#62446
dhurley14 merged 9 commits intoelastic:masterfrom
dhurley14:remove-has-manage-api-keys-req

Conversation

@dhurley14
Copy link
Copy Markdown
Contributor

@dhurley14 dhurley14 commented Apr 3, 2020
edited
Loading

Summary

Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes #62387

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@dhurley14 dhurley14 self-assigned this Apr 3, 2020
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Apr 3, 2020

Pinging @elastic/siem (Team:SIEM)

@dhurley14
Copy link
Copy Markdown
Contributor Author

dhurley14 commented Apr 3, 2020

@elasticmachine merge upstream

@dhurley14 dhurley14 marked this pull request as ready for review April 3, 2020 14:39
@dhurley14 dhurley14 requested a review from a team as a code owner April 3, 2020 14:39
FrankHassanabad
FrankHassanabad reviewed Apr 3, 2020
View reviewed changes
x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/create/index.tsx Outdated
);
const userHasNoPermissions =
canUserCRUD != null && hasManageApiKey != null ? !canUserCRUD || !hasManageApiKey : false;
const userHasNoPermissions = canUserCRUD != null ? !canUserCRUD : false;
Copy link
Copy Markdown
Contributor

@FrankHassanabad FrankHassanabad Apr 3, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This small chunk of code should have test coverage and this should be potentially a pure function.

I see this chunk being copied in 4 places which is bad. I would pull this out into a pure function in a utils/helper, add tests and then call it here and below.

Copy link
Copy Markdown
Contributor

@XavierM XavierM Apr 3, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about just using !canUserCRUD now and you already have test for that!
Bad idea because the UX will be worst, always follow @FrankHassanabad suggestions

FrankHassanabad
FrankHassanabad approved these changes Apr 3, 2020
View reviewed changes
Copy link
Copy Markdown
Contributor

@FrankHassanabad FrankHassanabad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for the tests!

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Apr 3, 2020

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@dhurley14 dhurley14 merged commit 7e11961 into elastic:master Apr 4, 2020
@dhurley14 dhurley14 deleted the remove-has-manage-api-keys-req branch April 4, 2020 00:25
@dhurley14 dhurley14 mentioned this pull request Apr 4, 2020
Merged
dhurley14 added a commit to dhurley14/kibana that referenced this pull request Apr 4, 2020
@dhurley14 @elasticmachine
[SIEM] [Detection Engine] Remove has manage api keys requireme… (elas…
cd26644 
…tic#62446)

Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes elastic#62387

* removes hasManageApiKeys since alerting is using the internal user api calls, manage_api_keys privilege is no longer necessary

* linting error

* fixes types and removes a test for manage api keys

* removes manage api key reducer and updates leftover tests

* moves userHasNoPermissions repeated code into a function in helpers, adds a few test cases, updated references to new function

* fix test title

* remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD

* Revert "remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD"

This reverts commit 93912e7.

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
@dhurley14 dhurley14 mentioned this pull request Apr 4, 2020
Merged
dhurley14 added a commit to dhurley14/kibana that referenced this pull request Apr 4, 2020
@dhurley14 @elasticmachine
[SIEM] [Detection Engine] Remove has manage api keys requireme… (elas…
71b94d4 
…tic#62446)

Alerting no longer requires the manage_api_keys privilege, so we are removing it from the detection engine code. Fixes elastic#62387

* removes hasManageApiKeys since alerting is using the internal user api calls, manage_api_keys privilege is no longer necessary

* linting error

* fixes types and removes a test for manage api keys

* removes manage api key reducer and updates leftover tests

* moves userHasNoPermissions repeated code into a function in helpers, adds a few test cases, updated references to new function

* fix test title

* remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD

* Revert "remove userHasNoPermissions function and remove tests, replace with just not canUserCRUD"

This reverts commit 93912e7.

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
gmmorris added a commit to gmmorris/kibana that referenced this pull request Apr 6, 2020
@gmmorris
Merge branch 'event-log/query-support' of github.com:gmmorris/kibana …
503bea6 
…into event-log/query-support

* 'event-log/query-support' of github.com:gmmorris/kibana: (41 commits)
  [jenkins] refer to sizes in most pipeline code (elastic#62082)
  skip flaky suite (elastic#60470)
  [Discover] Fix flaky FT in field visualize (elastic#62418)
  [ML] Data Frame Analytics: Fix feature importance (elastic#61761)
  [Reporting] Use a shim for server config (elastic#62086)
  [Reporting] Fix reporting for non-default spaces (elastic#62226)
  Fix bug that coerced empty scaled float value to 0 (elastic#62251)
  [SIEM] [Detection Engine] Remove has manage api keys requireme… (elastic#62446)
  [Maps] Safely handle empty string and invalid strings from EuiColorPicker (elastic#62507)
  Reporting/bug more blacklisted headers (elastic#62389)
  [SIEM] Prevent undefined behavior in our ML popover (elastic#62498)
  [SIEM] [Detection Engine] remove all unknowns from all rules t… (elastic#62327)
  base changes for active/current node styling (elastic#62007)
  [kbn/ui-shared-deps] expand and split (elastic#62364)
  [ML] DF Analytics - ensure destination index pattern created (elastic#62450)
  Mark rule run as failure if there was an error (elastic#62383)
  Add docs for metric explorer alerts (elastic#62314)
  skip flaky suite (elastic#62281)
  [SIEM][Detection Engine] Fixes export of single rule and the icons
  fixes flakiness (elastic#62406)
  ...
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Sep 23, 2021

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@XavierM XavierM XavierM left review comments

+1 more reviewer

@FrankHassanabad FrankHassanabad FrankHassanabad approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@dhurley14 dhurley14

Labels

release_note:enhancement review Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.7.0 v7.8.0 v8.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[SIEM][Detection Engine] Remove hasManageApiKey from front end checks

6 participants

@dhurley14 @elasticmachine @kibanamachine @XavierM @FrankHassanabad @MindyRS