Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SECURITY SOLUTION] [CASES] Allow cases to be there when security solutions privileges is none #113573

Merged
merged 25 commits into from
Oct 25, 2021
Merged

[SECURITY SOLUTION] [CASES] Allow cases to be there when security solutions privileges is none #113573

merged 25 commits into from
Oct 25, 2021

Conversation

XavierM
Copy link
Contributor

@XavierM XavierM commented Sep 30, 2021
edited
Loading

Summary

We rename the plugins.home.featureCatalogue.registerSolution({id to a new ID like that kibana core is not controlling the magic to hide/show the security solution app dependently of its privileges. Since we have different applications under the same application id like cases, security( management, timelines etc ...) with different privileges like cases and security.

#112980 (review)

One thing I did notice that is slightly different behavior than before is that a user can have cases read or all and not have security and they will not be able to access cases because the entire security plugin will be disabled.

image

This is slightly different from how it worked as a sub feature because it was not possible to grant cases privileges when the security privilege was set to none

The toggle is grayed out:

image

Checklist

@XavierM XavierM added bug Fixes for quality problems that affect the customer experience release_note:enhancement v8.0.0 Team:Threat Hunting Security Solution Threat Hunting Team Team:Threat Hunting:Cases labels Sep 30, 2021
@XavierM XavierM requested review from a team as code owners September 30, 2021 20:42
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting-cases (Team:Threat Hunting:Cases)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@semd

This comment has been minimized.

Sign in to view
@jportner jportner mentioned this pull request Oct 14, 2021
Closed
@XavierM XavierM mentioned this pull request Oct 15, 2021
Merged
2 tasks
@XavierM XavierM changed the title [SECURITY SOLUTION] [CASES} Allow cases to be there when security solutions privileges is none [SECURITY SOLUTION] [CASES] Allow cases to be there when security solutions privileges is none Oct 15, 2021
@XavierM

This comment has been minimized.

Sign in to view
@XavierM XavierM requested a review from a team as a code owner October 21, 2021 17:25
@XavierM XavierM requested a review from a team as a code owner October 21, 2021 18:38
semd
semd approved these changes Oct 25, 2021
View reviewed changes
Copy link
Contributor

@semd semd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tested locally and everything LGTM!
Thanks Xavier

@XavierM
Copy link
Contributor Author

XavierM commented Oct 25, 2021

@elasticmachine merge upstream

@XavierM XavierM enabled auto-merge (squash) October 25, 2021 17:50
@kibanamachine
Copy link
Contributor

💛 Build succeeded, but was flaky

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 2778 2779 +1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 4.6MB 4.5MB -147.6KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 104.3KB 253.1KB +148.8KB
Unknown metric groups

async chunk count

id before after diff
securitySolution 22 20 -2

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

tylersmalley
tylersmalley approved these changes Oct 25, 2021
View reviewed changes
Copy link
Contributor

@tylersmalley tylersmalley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not going to block this change on the limit increase, but I would please ask that you address the massive plugin bundle size. #95870

@XavierM XavierM merged commit 436c74a into elastic:master Oct 25, 2021
@semd semd mentioned this pull request Oct 26, 2021
Merged
1 task
@kibanamachine
Copy link
Contributor

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 113573 or prevent reminders by adding the backport:skip label.

@kibanamachine kibanamachine added the backport missing Added to PRs automatically when the are determined to be missing a backport. label Oct 27, 2021
@cnasikas cnasikas added backport:skip This commit does not require backporting and removed backport missing Added to PRs automatically when the are determined to be missing a backport. labels Oct 28, 2021
@FrankHassanabad FrankHassanabad mentioned this pull request Mar 3, 2022
Merged
FrankHassanabad added a commit that referenced this pull request Mar 3, 2022
@FrankHassanabad
Small telemetry fixes (#126831)
9c45883 
## Summary

Small fixes and just a few docs to clarify things. I might be wrong on what I'm doing, so please let me know.

Looking at the telemetry data from servers I see things like this (I made this up, not real data, but the shape of the data is the same as what we see on the servers):

```json
"securitySolution:overview" : {
  "clicks_total" : 420,
  "minutes_on_screen_total" : 55.58454999999998,
  "viewId" : "main",
  "clicks_7_days" : 0,
  "clicks_90_days" : 0,
  "appId" : "securitySolution:overview",
  "minutes_on_screen_7_days" : 0,
  "minutes_on_screen_30_days" : 0,
  "clicks_30_days" : 0,
  "minutes_on_screen_90_days" : 0
},
``` 

and I also see the views which is 👍 what I would make the dashboards from ... So not for sure if the structure above this is legacy. I could not get the shape of data above to happen locally. However, this shape below seems better and what I would create dashboards from.

```json
"securitySolution" : {
  "clicks_total" : 420,
  "minutes_on_screen_total" : 2.90670000000006,
  "viewId" : "main",
  "clicks_7_days" : 70,
  "clicks_90_days" : 370,
  "appId" : "securitySolution",
  "minutes_on_screen_7_days" : 104.62756666666667,
  "minutes_on_screen_30_days" : 121.61288333333334,
  "clicks_30_days" : 121,
  "minutes_on_screen_90_days" : 250.55426666666665,
  "views" : [
    {
      "clicks_total" : 8,
      "minutes_on_screen_total" : 5.709183333333334,
      "viewId" : "overview",
      "clicks_7_days" : 0,
      "clicks_90_days" : 6,
      "appId" : "securitySolution",
      "minutes_on_screen_7_days" : 0,
      "minutes_on_screen_30_days" : 0.5038833333333333,
      "clicks_30_days" : 0,
      "minutes_on_screen_90_days" : 6.565383333333333
    },
```

With this new key of "securitySolutionUI" I don't see keys like `securitySolutionUI:overview` but I do see the views like above so let me know if changing the keys here in some areas are a mistake or not or if this is not the right thing to do.


Ref to earlier PR with the new key of `securitySolutionUI` from `APP_ID` changing:
#113573
@semd semd mentioned this pull request Sep 3, 2024
Merged
semd added a commit that referenced this pull request Oct 1, 2024
@semd @elasticmachine
[Security Solution] Fix the feature app list (#191965)
e373e44 
## Summary

Fixes elastic/kibana-team#1136

The Kibana feature definition for Security Solution was missing the
correct plugin ID registered in the `app` definition. We were still
defining the old _"securitySolution"_ app ID in the `app` property,
instead of the new _"securitySolutionUI"_ ID.

The Security Solution plugin ID change (_"securitySolution"_ ->
_"securitySolutionUI"_) was done a long time ago, the inconsistency with
the Security feature definition is causing the _Security_ app to still
be visible in the global search when the Security feature is disabled:

- In the role features
<img width="737" alt="Security and Cases disabled"
src="https://github.com/user-attachments/assets/146b8205-90f7-4218-9f1a-7b55c3bad563">

- Or in the space features config
<img width="1213" alt="Captura de pantalla 2024-09-03 a les 15 31 09"
src="https://github.com/user-attachments/assets/2563675a-d956-4422-a887-d6d95bcad773">


This is fixed now:

Before:
<img width="1302" alt="Security app incorrectly enabled"
src="https://github.com/user-attachments/assets/8031f054-7cfb-4098-93c2-eac402501887">

After:
<img width="1302" alt="Security app disabled properly"
src="https://github.com/user-attachments/assets/a4f38ec2-fb78-4b1b-8c2d-bac58b97ff99">


### Caveat

As per this PR changes: #113573
In the Kibana features of the role, under the Security catalog, both
Security and Cases features need to be `none` for the Security Solution
plugin to be disabled. Otherwise, we must enable the plugin and make the
enabled features available. So, with a role with the following Kibana
features:

<img width="737" alt="Security disabled cases enabled"
src="https://github.com/user-attachments/assets/aca8288e-9dd9-49d0-b864-e60273d30759">

The Security app needs to be available and display only Cases available:

<img width="247" alt="navigation with only cases"
src="https://github.com/user-attachments/assets/d4866edb-1d1d-4290-a399-76a37536b05c">

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Oct 1, 2024
@semd
[Security Solution] Fix the feature app list (elastic#191965)
4c50f74 
## Summary

Fixes elastic/kibana-team#1136

The Kibana feature definition for Security Solution was missing the
correct plugin ID registered in the `app` definition. We were still
defining the old _"securitySolution"_ app ID in the `app` property,
instead of the new _"securitySolutionUI"_ ID.

The Security Solution plugin ID change (_"securitySolution"_ ->
_"securitySolutionUI"_) was done a long time ago, the inconsistency with
the Security feature definition is causing the _Security_ app to still
be visible in the global search when the Security feature is disabled:

- In the role features
<img width="737" alt="Security and Cases disabled"
src="https://github.com/user-attachments/assets/146b8205-90f7-4218-9f1a-7b55c3bad563">

- Or in the space features config
<img width="1213" alt="Captura de pantalla 2024-09-03 a les 15 31 09"
src="https://github.com/user-attachments/assets/2563675a-d956-4422-a887-d6d95bcad773">

This is fixed now:

Before:
<img width="1302" alt="Security app incorrectly enabled"
src="https://github.com/user-attachments/assets/8031f054-7cfb-4098-93c2-eac402501887">

After:
<img width="1302" alt="Security app disabled properly"
src="https://github.com/user-attachments/assets/a4f38ec2-fb78-4b1b-8c2d-bac58b97ff99">

### Caveat

As per this PR changes: elastic#113573
In the Kibana features of the role, under the Security catalog, both
Security and Cases features need to be `none` for the Security Solution
plugin to be disabled. Otherwise, we must enable the plugin and make the
enabled features available. So, with a role with the following Kibana
features:

<img width="737" alt="Security disabled cases enabled"
src="https://github.com/user-attachments/assets/aca8288e-9dd9-49d0-b864-e60273d30759">

The Security app needs to be available and display only Cases available:

<img width="247" alt="navigation with only cases"
src="https://github.com/user-attachments/assets/d4866edb-1d1d-4290-a399-76a37536b05c">

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
(cherry picked from commit e373e44)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonathan-buttner jonathan-buttner jonathan-buttner left review comments

@cnasikas cnasikas cnasikas left review comments

@paul-tavares paul-tavares paul-tavares approved these changes

@semd semd semd approved these changes

@pgayvallet pgayvallet pgayvallet approved these changes

@tylersmalley tylersmalley tylersmalley approved these changes

@ashokaditya ashokaditya Awaiting requested review from ashokaditya ashokaditya was automatically assigned from elastic/security-onboarding-and-lifecycle-mgt

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting bug Fixes for quality problems that affect the customer experience release_note:enhancement Team:Threat Hunting Security Solution Threat Hunting Team v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@XavierM @elasticmachine @semd @kibanamachine @tylersmalley @pgayvallet @cnasikas @jonathan-buttner @paul-tavares