Fix observability alerting permissions#79896
Merged
jasonrhodes merged 2 commits intoelastic:masterfrom Oct 15, 2020
Merged
Conversation
Contributor
|
Pinging @elastic/apm-ui (Team:apm) |
Contributor
|
Pinging @elastic/uptime (Team:uptime) |
sorenlouv
approved these changes
Oct 7, 2020
Contributor
|
Pinging @elastic/logs-metrics-ui (Team:logs-metrics-ui) |
Contributor
|
@jasonrhodes Are you targeting this for 7.10 or 7.11? |
Contributor
|
I can still open the alerting flyout but get an error when I try to submit. Good enough for now but worth pointing out
|
justinkambic
approved these changes
Oct 12, 2020
Member
Author
Yes that’s unfortunately how it’s now working in Logs and Metrics too. Definitely need to figure out how we can handle that better in our apps now. |
Member
Author
7.10 is the plan, please let me know if anyone feels like this is risky in their own apps (cc @justinkambic ) |
Member
Author
|
@elasticmachine merge upstream |
Contributor
💚 Build SucceededMetrics [docs]
History
To update your PR or re-run it, just comment with: |
Contributor
@jasonrhodes I don't think there's any special consideration for Uptime vs. the other apps 👍 |
This was referenced Oct 15, 2020
jasonrhodes
added a commit
to jasonrhodes/kibana
that referenced
this pull request
Oct 15, 2020
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
jasonrhodes
added a commit
to jasonrhodes/kibana
that referenced
this pull request
Oct 15, 2020
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
jasonrhodes
added a commit
that referenced
this pull request
Oct 15, 2020
jasonrhodes
added a commit
that referenced
this pull request
Oct 15, 2020
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Oct 16, 2020
* master: (115 commits) [ML] Transforms/DF Analytics: Fix data grid column sorting. (elastic#80618) added brace import to vis editor (elastic#80652) Fix error rate sorting in services list (elastic#80764) Emit info log when using custom registry URL (elastic#80768) [Reporting] Config Schema Validation for rules[N].protocol strings (elastic#80766) Add Storybook a11y addon (elastic#80069) Fix anomaly alert selection text (elastic#80746) [Security Solution] [Maps] Kibana index pattern, comma bug fix (elastic#80208) [kbn/optimizer] tweak split chunks options (elastic#80444) update template to use the new team label (elastic#80748) [Security Solution] Fix the Field dropdown in Timeline data providers resets when scrolled (elastic#80718) Adjusts observability alerting perms to require "all" (elastic#79896) [Security Solutions][Detection Engine] Fixes pre-packaged rules which contain exception lists to not overwrite user defined lists (elastic#80592) [data.ui] Fix flaky test & lazy loading rendering artifacts. (elastic#80612) Licensed feature usage for connectors (elastic#77679) [Security Solution] Cypress template creation (elastic#80180) [APM] Hide service if only data is from ML (elastic#80145) Fix role mappings test for ESS (elastic#80604) [Maps] Add support for envelope (elastic#80614) [Security Solution] Update button text according to status (elastic#80389) ...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #79890
Summary
These changes make it so that a user must be given "all" permissions to an observability feature in order to create or edit alerts for that feature (before this change, they only required "read" permission in that feature).
Now, when you try to create an alert with only "read" permissions, you get an error on create. (We should improve this experience but separate from this bug fix.
This fix has been checked and tested for: