[SecuritySolution] Fix Risk score Insufficient privileges warning missing cluster privileges #212405
+122
−86
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
machadoum
added
release_note:fix
Team: SecuritySolution
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-entity-analytics (Team:Entity Analytics) |
CAWilson94
approved these changes
Feb 25, 2025
machadoum
force-pushed
the
siem-ea-11138
branch
from
9fe663c to
fa9ded6
Compare
The install button was enabled when all toggles were disabled
machadoum
force-pushed
the
siem-ea-11138
branch
from
fa9ded6 to
0de798e
Compare
CAWilson94
reviewed
Feb 28, 2025
| useEffect(() => { | ||
| setToggleState({ | ||
| riskScore: canInstallRiskScore, | ||
| entityStore: canInstallEntityStore, |
This was referenced Mar 6, 2025
|
Starting backport for target branches: 8.17, 8.18, 8.x, 9.0 |
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Async chunks
History
cc @machadoum |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Mar 6, 2025
…sing cluster privileges (elastic#212405) ## Summary ### * Fixes Bug: User with no cluster privileges should not be able to enable the risk score When users with no cluster privileges open the risk score page, they don't see any errors and are able to click the install button. This happened because we were only checking for index privileges in the UI, but for the enablement flow we also need to check cluster privileges. I also introduced a new parameter to the missing privileges hook so pages that only need to check for `read` privileges can work as before. https://github.com/user-attachments/assets/fe162005-ee2b-497d-8744-6262e4511d2d * Fixed Bug: The install button was enabled when all toggles were disabled There were too many booleans in the panel, which was confusing and led me to introduce more bugs while trying to fix this one, so I refactored the code to understand it before fixing it. I also simplified the logic to display the modal. Now, it only shows when one of the engines' status is "not_installed" <img width="300" src="https://github.com/user-attachments/assets/a2e8fbba-ac64-4c97-9ef0-ef6fe61e60cd" /> ### To Reproduce 1. Create a user with security privileges and index privileges but no cluster privileges 2. Go to the risk score page and enable the toggle ### Checklist Check the PR satisfies following conditions. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or (cherry picked from commit b69b696)
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
This was referenced Mar 6, 2025
machadoum
added a commit
to machadoum/kibana
that referenced
this pull request
Mar 6, 2025
…sing cluster privileges (elastic#212405) ## Summary ### * Fixes Bug: User with no cluster privileges should not be able to enable the risk score When users with no cluster privileges open the risk score page, they don't see any errors and are able to click the install button. This happened because we were only checking for index privileges in the UI, but for the enablement flow we also need to check cluster privileges. I also introduced a new parameter to the missing privileges hook so pages that only need to check for `read` privileges can work as before. https://github.com/user-attachments/assets/fe162005-ee2b-497d-8744-6262e4511d2d * Fixed Bug: The install button was enabled when all toggles were disabled There were too many booleans in the panel, which was confusing and led me to introduce more bugs while trying to fix this one, so I refactored the code to understand it before fixing it. I also simplified the logic to display the modal. Now, it only shows when one of the engines' status is "not_installed" <img width="300" src="https://github.com/user-attachments/assets/a2e8fbba-ac64-4c97-9ef0-ef6fe61e60cd" /> ### To Reproduce 1. Create a user with security privileges and index privileges but no cluster privileges 2. Go to the risk score page and enable the toggle ### Checklist Check the PR satisfies following conditions. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or (cherry picked from commit b69b696) # Conflicts: # x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/entity_analytics_risk_score/index.tsx # x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/entity_store/components/dashboard_enablement_panel.tsx # x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/risk_details_tab_body/index.tsx # x-pack/solutions/security/plugins/security_solution/public/explore/hosts/pages/navigation/host_risk_score_tab_body.tsx
machadoum
added a commit
to machadoum/kibana
that referenced
this pull request
Mar 6, 2025
…sing cluster privileges (elastic#212405) ## Summary ### * Fixes Bug: User with no cluster privileges should not be able to enable the risk score When users with no cluster privileges open the risk score page, they don't see any errors and are able to click the install button. This happened because we were only checking for index privileges in the UI, but for the enablement flow we also need to check cluster privileges. I also introduced a new parameter to the missing privileges hook so pages that only need to check for `read` privileges can work as before. https://github.com/user-attachments/assets/fe162005-ee2b-497d-8744-6262e4511d2d * Fixed Bug: The install button was enabled when all toggles were disabled There were too many booleans in the panel, which was confusing and led me to introduce more bugs while trying to fix this one, so I refactored the code to understand it before fixing it. I also simplified the logic to display the modal. Now, it only shows when one of the engines' status is "not_installed" <img width="300" src="https://github.com/user-attachments/assets/a2e8fbba-ac64-4c97-9ef0-ef6fe61e60cd" /> ### To Reproduce 1. Create a user with security privileges and index privileges but no cluster privileges 2. Go to the risk score page and enable the toggle ### Checklist Check the PR satisfies following conditions. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or (cherry picked from commit b69b696) # Conflicts: # x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/entity_analytics_risk_score/index.tsx # x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/risk_details_tab_body/index.tsx # x-pack/solutions/security/plugins/security_solution/public/explore/hosts/pages/navigation/host_risk_score_tab_body.tsx
machadoum
added a commit
to machadoum/kibana
that referenced
this pull request
Mar 6, 2025
…sing cluster privileges (elastic#212405) ## Summary ### * Fixes Bug: User with no cluster privileges should not be able to enable the risk score When users with no cluster privileges open the risk score page, they don't see any errors and are able to click the install button. This happened because we were only checking for index privileges in the UI, but for the enablement flow we also need to check cluster privileges. I also introduced a new parameter to the missing privileges hook so pages that only need to check for `read` privileges can work as before. https://github.com/user-attachments/assets/fe162005-ee2b-497d-8744-6262e4511d2d * Fixed Bug: The install button was enabled when all toggles were disabled There were too many booleans in the panel, which was confusing and led me to introduce more bugs while trying to fix this one, so I refactored the code to understand it before fixing it. I also simplified the logic to display the modal. Now, it only shows when one of the engines' status is "not_installed" <img width="300" src="https://github.com/user-attachments/assets/a2e8fbba-ac64-4c97-9ef0-ef6fe61e60cd" /> ### To Reproduce 1. Create a user with security privileges and index privileges but no cluster privileges 2. Go to the risk score page and enable the toggle ### Checklist Check the PR satisfies following conditions. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or (cherry picked from commit b69b696) # Conflicts: # x-pack/plugins/security_solution/public/entity_analytics/components/entity_analytics_risk_score/index.tsx # x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/components/enablement_modal.test.tsx # x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/components/enablement_modal.tsx # x-pack/plugins/security_solution/public/explore/hosts/pages/navigation/host_risk_score_tab_body.tsx # x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/entity_store/components/dashboard_enablement_panel.tsx # x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/risk_details_tab_body/index.tsx
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
machadoum
added a commit
to machadoum/kibana
that referenced
this pull request
Mar 6, 2025
…sing cluster privileges (elastic#212405) * Fixes Bug: User with no cluster privileges should not be able to enable the risk score When users with no cluster privileges open the risk score page, they don't see any errors and are able to click the install button. This happened because we were only checking for index privileges in the UI, but for the enablement flow we also need to check cluster privileges. I also introduced a new parameter to the missing privileges hook so pages that only need to check for `read` privileges can work as before. https://github.com/user-attachments/assets/fe162005-ee2b-497d-8744-6262e4511d2d * Fixed Bug: The install button was enabled when all toggles were disabled There were too many booleans in the panel, which was confusing and led me to introduce more bugs while trying to fix this one, so I refactored the code to understand it before fixing it. I also simplified the logic to display the modal. Now, it only shows when one of the engines' status is "not_installed" <img width="300" src="https://github.com/user-attachments/assets/a2e8fbba-ac64-4c97-9ef0-ef6fe61e60cd" /> 1. Create a user with security privileges and index privileges but no cluster privileges 2. Go to the risk score page and enable the toggle Check the PR satisfies following conditions. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or (cherry picked from commit b69b696)
machadoum
added a commit
to machadoum/kibana
that referenced
this pull request
Mar 6, 2025
…sing cluster privileges (elastic#212405) * Fixes Bug: User with no cluster privileges should not be able to enable the risk score When users with no cluster privileges open the risk score page, they don't see any errors and are able to click the install button. This happened because we were only checking for index privileges in the UI, but for the enablement flow we also need to check cluster privileges. I also introduced a new parameter to the missing privileges hook so pages that only need to check for `read` privileges can work as before. https://github.com/user-attachments/assets/fe162005-ee2b-497d-8744-6262e4511d2d * Fixed Bug: The install button was enabled when all toggles were disabled There were too many booleans in the panel, which was confusing and led me to introduce more bugs while trying to fix this one, so I refactored the code to understand it before fixing it. I also simplified the logic to display the modal. Now, it only shows when one of the engines' status is "not_installed" <img width="300" src="https://github.com/user-attachments/assets/a2e8fbba-ac64-4c97-9ef0-ef6fe61e60cd" /> 1. Create a user with security privileges and index privileges but no cluster privileges 2. Go to the risk score page and enable the toggle Check the PR satisfies following conditions. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or (cherry picked from commit b69b696)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
When users with no cluster privileges open the risk score page, they don't see any errors and are able to click the install button.
This happened because we were only checking for index privileges in the UI, but for the enablement flow we also need to check cluster privileges. I also introduced a new parameter to the missing privileges hook so pages that only need to check for
readprivileges can work as before.Nov-13-2024.10-38-35.mp4
There were too many booleans in the panel, which was confusing and led me to introduce more bugs while trying to fix this one, so I refactored the code to understand it before fixing it.
I also simplified the logic to display the modal. Now, it only shows when one of the engines' status is "not_installed"
To Reproduce
Checklist
Check the PR satisfies following conditions.