[Search Session] Control "Kibana / Search Sessions" management section by privileges#90818
Conversation
| // in case user doesn't have permissions to search session, do not forward sessionId to the server | ||
| // because user most likely also doesn't have access to `search-session` SO | ||
| if (!this.hasAccessToSearchSessions) { | ||
| return null; |
There was a problem hiding this comment.
Noticed that after this pr #89570 we track all searches in es and trackId would through in case a user doesn't have access to search-session SO.
To avoid this ensure we don't send sessionId to the server in case a user doesn't have access to work with sessions
|
Pinging @elastic/kibana-app-services (Team:AppServices) |
| const managementMenu = getService('managementMenu'); | ||
|
|
||
| describe('Search sessions Management UI permissions', () => { | ||
| describe('Sessions management is not available if non of apps enable search sessions', () => { |
|
@elasticmachine merge upstream |
|
|
||
| try { | ||
| const searchSessionOptions = | ||
| searchSessionId && dataSearch.session.getSearchOptions(searchSessionId); |
There was a problem hiding this comment.
getSearchOptions can return null now. TSVB route validation fails in case we send
searchSession: null, so this change just makes sure searchSession key is not send in case getSearchOptions returns null
|
|
||
| try { | ||
| const searchSessionOptions = | ||
| searchSessionId && dataSearch.session.getSearchOptions(searchSessionId); |
There was a problem hiding this comment.
getSearchOptions can return null now. timelion route validation fails in case we send
searchSession: null, so this change just makes sure searchSession key is not send in case getSearchOptions returns null
|
@elasticmachine merge upstream |
stratoula
left a comment
There was a problem hiding this comment.
Kibana app changes, LGTM!
💚 Build SucceededMetrics [docs]Module Count
Async chunks
Page load bundle
History
To update your PR or re-run it, just comment with: |
* master: (44 commits) [APM] Add experimental support for Data Streams (elastic#89650) [Search Session] Control "Kibana / Search Sessions" management section by privileges (elastic#90818) [Lens] Median as default function (elastic#90952) Implement custom global header banner (elastic#87438) [Fleet] Reduce permissions. (elastic#90302) Update dependency @elastic/charts to v24.5.1 (elastic#89822) [Create index pattern] Can't create single character index without wildcard (elastic#90919) [ts/build_ts_refs] add support for --clean flag (elastic#91060) Don't clean when running e2e tests (elastic#91057) Fixes track_total_hits in the body not having an effect when using search strategy (elastic#91068) [Security Solution][Detections] Adds list plugin Saved Objects to Security feature privilege (elastic#90895) Removing the code plugin entirely for 8.0 (elastic#77940) chore(NA): move the instruction to remove yarn global bazelisk package into the first place on install bazel tools (elastic#91026) [jest/ci] remove max-old-space-size override to use 4gb default (elastic#91020) [Fleet] Restrict integration changes for managed policies (elastic#90675) [CI] Fix auto-backport condditions so that it doesn't trigger for other labels (elastic#91042) [DOCS] Uses variable to refer to query profiler (elastic#90976) [App Search] Relevance Tuning logic listeners (elastic#89461) [Metrics UI] Fix saving/loading saved views from URL (elastic#90216) Limit cardinality of transaction.name (elastic#90955) ...
Summary
Closes #89833
This pr hides "Kibana / Search Sessions" management section in case there is no app that allows to use search session following this recommendation.
This is how it looks inside the app for such case (there are tooltips on disabled buttons):
Checklist
Delete any items that are not applicable to this PR.
For maintainers