[Security Solution][Entity Analytics][UI] Adding code to check privileges for enabling the Run Engine button#213054
Merged
abhishekbhatia1710 merged 40 commits intoelastic:mainfrom Apr 25, 2025
Conversation
abhishekbhatia1710
added
release_note:fix
Team:Entity Analytics
Contributor
|
Pinging @elastic/security-entity-analytics (Team:Entity Analytics) |
machadoum
reviewed
Mar 4, 2025
...plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx
Outdated
Show resolved
Hide resolved
...plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx
Outdated
Show resolved
Hide resolved
...plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx
Outdated
Show resolved
Hide resolved
machadoum
reviewed
Mar 4, 2025
...plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx
Outdated
Show resolved
Hide resolved
…ps://github.com/abhishekbhatia1710/kibana into ea-12016-privileges-check-for-run-engine-button
Contributor
Author
|
I've updated the logic to disable the 'Run Engine' button when the countdown text displays 'Now running.' Attached are the screenshots, along with testing steps detailed in the PR description. |
machadoum
reviewed
Mar 24, 2025
.../plugins/security_solution/server/lib/entity_analytics/risk_engine/risk_engine_privileges.ts
Outdated
Show resolved
Hide resolved
Using different methods for enable and run risk engine for privilege check
hop-dev
reviewed
Mar 25, 2025
.../plugins/security_solution/server/lib/entity_analytics/risk_engine/risk_engine_privileges.ts
Outdated
Show resolved
Hide resolved
hop-dev
reviewed
Mar 25, 2025
...plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx
Show resolved
Hide resolved
machadoum
approved these changes
Apr 25, 2025
Member
machadoum
left a comment
machadoum
left a comment
There was a problem hiding this comment.
I desk-tested!
The only issue I noticed is UX related and could be addressed later:
Placing dynamic text and a loader next to a button, on a right-aligned design, is a bad pattern. The text and loader vary in size, which makes the button move. That makes it harder to click and creates a confusing user experience.
Apr-25-2025.14-52-11.mov
abhishekbhatia1710
dismissed
hop-dev’s stale review
Mark reviewed already, hence dismissing (with his blessing, ofcourse)
kibanamachine
added
the
backport missing
Contributor
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
2 similar comments
Contributor
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
Contributor
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
This was referenced May 2, 2025
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
abhishekbhatia1710
added a commit
to abhishekbhatia1710/kibana
that referenced
this pull request
May 2, 2025
…eges for enabling the Run Engine button (elastic#213054) ## Summary **What:** Updated the `EntityAnalyticsManagementPage` component to enhance user privilege checks and disable the "Run Engine" button when necessary conditions are not met. **Why:** To improve UI/UX by preventing users from attempting actions they don’t have the required privileges for, ensuring a clearer user experience by displaying errors when required. ## Test Steps - Open Kibana and enable the risk engine - Create a user with no cluster privileges - Login with the no-privileges user - Go to the Entity Risk Score page - The Run Engine button should be disabled. - Login now with the "elastic" user. - Go to the Entity Risk Score page - The Run Engine button should be enabled - Clicking the Run Engine button should update the countdown text to 'Now running' and disable the button. ## Screenshots ### The "Run Engine" button is enabled, but an error is displayed, and the `scheduleRiskEngine` API call is not triggered. cluster privileges ### The "Run Engine" button is disabled because the user lacks the required privileges.  ### User with all the privileges  ### Run Engine button is disabled when countdown text shows "Now running" (for admin user) https://github.com/user-attachments/assets/8d1279f1-6d4c-44b2-b7a8-75e5114af73b ### Run Engine button is disabled when countdown text shows "Now running" (for user without `manage_index_templates` privilege) https://github.com/user-attachments/assets/bb207a23-ae0a-4eb9-8400-ea023a47bb4c ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) (cherry picked from commit 12c3433)
abhishekbhatia1710
added a commit
to abhishekbhatia1710/kibana
that referenced
this pull request
May 2, 2025
…eges for enabling the Run Engine button (elastic#213054) ## Summary **What:** Updated the `EntityAnalyticsManagementPage` component to enhance user privilege checks and disable the "Run Engine" button when necessary conditions are not met. **Why:** To improve UI/UX by preventing users from attempting actions they don’t have the required privileges for, ensuring a clearer user experience by displaying errors when required. ## Test Steps - Open Kibana and enable the risk engine - Create a user with no cluster privileges - Login with the no-privileges user - Go to the Entity Risk Score page - The Run Engine button should be disabled. - Login now with the "elastic" user. - Go to the Entity Risk Score page - The Run Engine button should be enabled - Clicking the Run Engine button should update the countdown text to 'Now running' and disable the button. ## Screenshots ### The "Run Engine" button is enabled, but an error is displayed, and the `scheduleRiskEngine` API call is not triggered. cluster privileges ### The "Run Engine" button is disabled because the user lacks the required privileges.  ### User with all the privileges  ### Run Engine button is disabled when countdown text shows "Now running" (for admin user) https://github.com/user-attachments/assets/8d1279f1-6d4c-44b2-b7a8-75e5114af73b ### Run Engine button is disabled when countdown text shows "Now running" (for user without `manage_index_templates` privilege) https://github.com/user-attachments/assets/bb207a23-ae0a-4eb9-8400-ea023a47bb4c ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) (cherry picked from commit 12c3433)
abhishekbhatia1710
added a commit
to abhishekbhatia1710/kibana
that referenced
this pull request
May 2, 2025
…eges for enabling the Run Engine button (elastic#213054) ## Summary **What:** Updated the `EntityAnalyticsManagementPage` component to enhance user privilege checks and disable the "Run Engine" button when necessary conditions are not met. **Why:** To improve UI/UX by preventing users from attempting actions they don’t have the required privileges for, ensuring a clearer user experience by displaying errors when required. ## Test Steps - Open Kibana and enable the risk engine - Create a user with no cluster privileges - Login with the no-privileges user - Go to the Entity Risk Score page - The Run Engine button should be disabled. - Login now with the "elastic" user. - Go to the Entity Risk Score page - The Run Engine button should be enabled - Clicking the Run Engine button should update the countdown text to 'Now running' and disable the button. ## Screenshots ### The "Run Engine" button is enabled, but an error is displayed, and the `scheduleRiskEngine` API call is not triggered. cluster privileges ### The "Run Engine" button is disabled because the user lacks the required privileges.  ### User with all the privileges  ### Run Engine button is disabled when countdown text shows "Now running" (for admin user) https://github.com/user-attachments/assets/8d1279f1-6d4c-44b2-b7a8-75e5114af73b ### Run Engine button is disabled when countdown text shows "Now running" (for user without `manage_index_templates` privilege) https://github.com/user-attachments/assets/bb207a23-ae0a-4eb9-8400-ea023a47bb4c ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) (cherry picked from commit 12c3433)
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
4 tasks
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
6 similar comments
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
abhishekbhatia1710
added
backport:skip
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
May 29, 2025
…eges for enabling the Run Engine button (elastic#213054) ## Summary **What:** Updated the `EntityAnalyticsManagementPage` component to enhance user privilege checks and disable the "Run Engine" button when necessary conditions are not met. **Why:** To improve UI/UX by preventing users from attempting actions they don’t have the required privileges for, ensuring a clearer user experience by displaying errors when required. ## Test Steps - Open Kibana and enable the risk engine - Create a user with no cluster privileges - Login with the no-privileges user - Go to the Entity Risk Score page - The Run Engine button should be disabled. - Login now with the "elastic" user. - Go to the Entity Risk Score page - The Run Engine button should be enabled - Clicking the Run Engine button should update the countdown text to 'Now running' and disable the button. ## Screenshots ### The "Run Engine" button is enabled, but an error is displayed, and the `scheduleRiskEngine` API call is not triggered. cluster privileges ### The "Run Engine" button is disabled because the user lacks the required privileges.  ### User with all the privileges  ### Run Engine button is disabled when countdown text shows "Now running" (for admin user) https://github.com/user-attachments/assets/8d1279f1-6d4c-44b2-b7a8-75e5114af73b ### Run Engine button is disabled when countdown text shows "Now running" (for user without `manage_index_templates` privilege) https://github.com/user-attachments/assets/bb207a23-ae0a-4eb9-8400-ea023a47bb4c ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
What: Updated the
EntityAnalyticsManagementPagecomponent to enhance user privilege checks and disable the "Run Engine" button when necessary conditions are not met.Why: To improve UI/UX by preventing users from attempting actions they don’t have the required privileges for, ensuring a clearer user experience by displaying errors when required.
Test Steps
disable the button.
Screenshots
The "Run Engine" button is enabled, but an error is displayed, and the
scheduleRiskEngineAPI call is not triggered.The "Run Engine" button is disabled because the user lacks the required privileges.
User with all the privileges
Run Engine button is disabled when countdown text shows "Now running" (for admin user)
Screen.Recording.2025-03-21.at.3.04.16.PM.mov
Run Engine button is disabled when countdown text shows "Now running" (for user without
manage_index_templatesprivilege)Screen.Recording.2025-03-21.at.3.03.08.PM.mov
Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
release_note:*label is applied per the guidelines