Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG]: Missing context of delete comment under cases sub-future. #2410

Closed
ghost opened this issue Aug 29, 2022 · 5 comments
Closed

[BUG]: Missing context of delete comment under cases sub-future. #2410

ghost opened this issue Aug 29, 2022 · 5 comments
Assignees
@nastasha-solomon
Labels
bug Something isn't working Team: Docs v8.4.0

Comments

@ghost
Copy link

ghost commented Aug 29, 2022

Description:
Missing context of delete comment under cases sub-future.

URL:
https://www.elastic.co/guide/en/security/current/case-permissions.html

Expected:
image (3)

Screenshot:
image (2)
@ghost ghost added the bug Something isn't working label Aug 29, 2022
@ghost ghost assigned jmikell821 Aug 29, 2022
@nastasha-solomon
Copy link
Contributor

nastasha-solomon commented Aug 30, 2022
edited
Loading

@jonathan-buttner can users be given privs to delete case comments only? Or, are they only able to delete case comments
if their role has Read or higher case feature privs + the Delete sub-feature priv enabled?

Also, moving forward, will theDelete sub-feature priv encompass all other case sub-features? For example, will the scope of this sub-feature priv eventually expand to include deleting elements like user actions and alerts?

cc: @lcawl

@lcawl
Copy link
Contributor

lcawl commented Aug 30, 2022

According to the current docs, the prerequisites for the delete comments and delete cases are the same. My preference would be for these reference pages to be the source of truth rather than going into that level of detail in the Security, Observability, and Stack Management prerequisite overviews.

@jonathan-buttner
Copy link
Contributor

@jonathan-buttner can users be given privs to delete case comments only?

No, you can't give users privileges to only delete case comments. Once they are given deletion privileges they can delete all entities within cases (most notably cases and comments).

Or, are they only able to delete case comments if their role has Read or higher case feature privs + the Delete sub-feature priv enabled?

Users can delete case entities if they have the deletion sub feature privilege granted to them. Theoretically it'd be possible for them to only have deletion privileges (even if they have no read access, they'd have to create the role through the core security APIs directly though) and they'd be able to delete cases and comments through the cases APIs.

@nastasha-solomon
Copy link
Contributor

Thanks @jonathan-buttner and @lcawl!

@lcawl I agree that the case API docs can be the source of truth and provide more granular details about the access privs provide.

@lcawl
Copy link
Contributor

lcawl commented Nov 10, 2022

I ultimately added mention of the ability to delete comments and alerts in the setup docs via elastic/observability-docs#2333 and #2678

@lcawl lcawl closed this as completed Nov 10, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nastasha-solomon nastasha-solomon

Labels
bug Something isn't working Team: Docs v8.4.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lcawl @jonathan-buttner @jmikell821 @nastasha-solomon