Skip to content

[Observability] [Cases] Cases in the observability app#100360

Closed
stephmilovic wants to merge 31 commits intoelastic:cases-rbac-pocfrom
stephmilovic:cases_obs
Closed

[Observability] [Cases] Cases in the observability app#100360
stephmilovic wants to merge 31 commits intoelastic:cases-rbac-pocfrom
stephmilovic:cases_obs

Conversation

@stephmilovic
Copy link
Contributor

@stephmilovic stephmilovic commented May 19, 2021
edited
Loading

Summary

Cases in the observability app. Four new views:

1. All Cases

/observability/cases

1

2. Create Case

/observability/cases/create

2

3. Case Details

/observability/cases/:detailName

3

4. Configure Case

/observability/cases/configure

4

There is still a flag on Observability/Cases in the sidebar menu:
xpack.observability.unsafe.alertingExperience.enabled: true

Internal ticket: https://github.com/elastic/security-team/issues/853

It's working! Still to do:

  • fix missing breadcrumbs
  • connect userPermissions for each page
  • connect useFetchAlertData
  • connect showAlertDetails (in security we open timeline)
  • update values for ruleDetailsNavigation
  • No longer pursuing alerts in this PR. making the above mentioned properties optional in Cases UI wherever used: useFetchAlertData, showAlertDetails, ruleDetailsNavigation
  • test!

@stephmilovic stephmilovic added v8.0.0 Team:Observability Team label for Observability Team (for things that are handled across all of observability) Team:Threat Hunting Security Solution Threat Hunting Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v7.14.0 Theme: rac label obsolete Feature:Cases-RAC-RBAC Feature:RAC label obsolete labels May 19, 2021
stephmilovic
stephmilovic commented May 25, 2021
View reviewed changes
x-pack/plugins/observability/public/components/app/cases/create/flyout.tsx
const FormWrapper = styled.div`
width: 100%;
`;
function CreateCaseFlyoutComponent({
Copy link
Contributor Author

@stephmilovic stephmilovic May 25, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is unused, but leaving here for when alerting is enabled unless someone objects?

@cnasikas cnasikas mentioned this pull request May 25, 2021
Closed
12 tasks
@stephmilovic stephmilovic marked this pull request as ready for review May 25, 2021 17:32
@stephmilovic stephmilovic requested a review from a team as a code owner May 25, 2021 17:32
@stephmilovic stephmilovic requested review from a team and smith May 25, 2021 17:50
@legrego legrego self-requested a review May 25, 2021 18:12
legrego
legrego reviewed May 26, 2021
View reviewed changes
Copy link
Member

@legrego legrego left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the plan to merge this into the cases-rbac-poc branch before it merges to master, or will you rebase this against master once cases-rbac-poc merges?

I ask because cases-rbac-poc is already an enormous PR, and adding another large PR on top of it will make reviewing that much more difficult, especially for those of us who aren't intimately familiar with this part of the codebase.

@stephmilovic
Copy link
Contributor Author

stephmilovic commented May 26, 2021
edited
Loading

Is the plan to merge this into the cases-rbac-poc branch before it merges to master, or will you rebase this against master once cases-rbac-poc merges?

I ask because cases-rbac-poc is already an enormous PR, and adding another large PR on top of it will make reviewing that much more difficult, especially for those of us who aren't intimately familiar with this part of the codebase.

@legrego definitely waiting for cases-rbac-poc and reopening against master. Hoping my reviewers can approve both this PR and the new one I'll need to open so we can get this code merged quickly

smith
smith requested changes May 27, 2021
View reviewed changes
Copy link
Contributor

@smith smith left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good overall but I found a few problems:

  • When viewing an individual case, breadcrumb for "cases" isn't clickable. I think you might need to put an href property somewhere
  • On the table, filtering by a tag using the filters always returns an empty list for me
  • When viewing an individual case and deleting it, I'm taken back to the observability overview page instead of the list of cases
  • Once I've deleted a case, if I go back to that URL (http://localhost:5701/kbn/app/observability/cases/cad584d0-bf03-11eb-a23c-5924635d118c), I get a blank page with a toast about an error fetching data. There should be some kind of not found page

katrin-freihofner
katrin-freihofner reviewed Jun 1, 2021
View reviewed changes
Copy link

@katrin-freihofner katrin-freihofner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stephmilovic the screenshots look good to me (I don't have any data to try it). Looking forward to trying it out when it's ready!

@stephmilovic
Copy link
Contributor Author

stephmilovic commented Jun 1, 2021

@stephmilovic the screenshots look good to me (I don't have any data to try it). Looking forward to trying it out when it's ready!

no need for any index data! just go in and create a case, then you will have data ;)

@stephmilovic stephmilovic requested a review from smith June 3, 2021 13:40
@stephmilovic
Copy link
Contributor Author

stephmilovic commented Jun 3, 2021

Looks good overall but I found a few problems:

  • When viewing an individual case, breadcrumb for "cases" isn't clickable. I think you might need to put an href property somewhere
  • On the table, filtering by a tag using the filters always returns an empty list for me
  • When viewing an individual case and deleting it, I'm taken back to the observability overview page instead of the list of cases
  • Once I've deleted a case, if I go back to that URL (http://localhost:5701/kbn/app/observability/cases/cad584d0-bf03-11eb-a23c-5924635d118c), I get a blank page with a toast about an error fetching data. There should be some kind of not found page

changes made! thank you!

@stephmilovic
Copy link
Contributor Author

stephmilovic commented Jun 7, 2021

@elasticmachine merge upstream

@jonathan-buttner jonathan-buttner deleted the branch elastic:cases-rbac-poc June 7, 2021 13:37
@stephmilovic stephmilovic mentioned this pull request Jun 7, 2021
Merged
7 tasks
@jonathan-buttner
Copy link
Contributor

jonathan-buttner commented Jun 7, 2021

This PR was against the cases-rbac-poc branch which has been merged to master. I accidentally deleted the feature branch which inadvertently closed this PR. A new PR was opened against master here: #101487

@kibanamachine
Copy link
Contributor

kibanamachine commented Jun 7, 2021

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@legrego legrego legrego left review comments

@cnasikas cnasikas cnasikas left review comments

@jonathan-buttner jonathan-buttner jonathan-buttner left review comments

@smith smith Awaiting requested review from smith

+1 more reviewer

@katrin-freihofner katrin-freihofner katrin-freihofner left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Feature:RAC label obsolete Team:Observability Team label for Observability Team (for things that are handled across all of observability) Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team Theme: rac label obsolete v7.14.0 v8.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@stephmilovic @elasticmachine @jonathan-buttner @kibanamachine @smith @legrego @cnasikas @katrin-freihofner