Skip to content

[AI4DSOC] Change rules details page capabilities#219260

Merged
tomsonpl merged 5 commits intoelastic:mainfrom
tomsonpl:ai-soc-rules-details
Apr 25, 2025
Merged

[AI4DSOC] Change rules details page capabilities#219260
tomsonpl merged 5 commits intoelastic:mainfrom
tomsonpl:ai-soc-rules-details

Conversation

@tomsonpl
Copy link
Contributor

@tomsonpl tomsonpl commented Apr 25, 2025
edited
Loading

This approach was suggested by @semd , big thank you 👍

Summary

This PR enhances the navigation and access control for the Security Solution's rules management functionality.
It introduces a dedicated rulesManagement page name in the deep links system and updates the routing configuration to properly handle rule details pages while restricting access to editing capabilities and the landing page based on user permissions.
It's a follow up to this PR: #219111

Changes

  • Rule details pages are now accessible in AI SOC
  • Rule editing functionality is restricted in AI SOC (security, but not ai_soc)
  • Rules landing page access is accessible in AI SOC (doesn't hurt us since it's anyway not accessible through UI in serverless)
  • Rules management is restricted in AI SOC
  • Removed render overwrite to enable rule details links
  • Added test coverage for the new routing behavior

Testing

  • Updated Cypress tests to verify the correct routing behavior
  • Tested with different user roles to ensure proper access control
  • Verified that rule details pages open correctly while edit functionality is appropriately restricted

@tomsonpl tomsonpl self-assigned this Apr 25, 2025
@tomsonpl tomsonpl added release_note:skip Skip the PR/issue when compiling release notes Team:Security Generative AI Security Generative AI backport:version Backport to applied version labels v9.1.0 labels Apr 25, 2025
@tomsonpl
Copy link
Contributor Author

tomsonpl commented Apr 25, 2025

/ci

@tomsonpl tomsonpl marked this pull request as ready for review April 25, 2025 15:16
@tomsonpl tomsonpl requested review from a team as code owners April 25, 2025 15:16
@tomsonpl tomsonpl requested review from dhurley14 and jkelas April 25, 2025 15:16
@xcrzx xcrzx requested review from xcrzx and removed request for jkelas April 25, 2025 15:30
vgomez-el
vgomez-el approved these changes Apr 25, 2025
View reviewed changes
Copy link
Contributor

@vgomez-el vgomez-el left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@tomsonpl tomsonpl requested review from PhilippeOberti and rylnd and removed request for dhurley14 April 25, 2025 16:08
rylnd
rylnd approved these changes Apr 25, 2025
View reviewed changes
Copy link
Contributor

@rylnd rylnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No logic was changed in Detection Engine code; only the addition of a few constants.

I think @elastic/security-detection-rule-management should confirm whether these capabilities are correct; besides that, this LGTM.

@tomsonpl tomsonpl requested a review from a team as a code owner April 25, 2025 16:21
xcrzx
xcrzx approved these changes Apr 25, 2025
View reviewed changes
Copy link
Contributor

@xcrzx xcrzx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested the navigation locally in both AI4SOC and Complete tiers. The rule details page is accessible as expected, and no regressions spotted in the Complete tier. LGTM 👍

@tomsonpl tomsonpl enabled auto-merge (squash) April 25, 2025 16:25
stephmilovic
stephmilovic approved these changes Apr 25, 2025
View reviewed changes
Copy link
Contributor

@stephmilovic stephmilovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code review only, LGTM!!

PhilippeOberti
PhilippeOberti requested changes Apr 25, 2025
View reviewed changes
Copy link
Contributor

@PhilippeOberti PhilippeOberti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blocking the merge as allowing access to the rule details page in AI4DSOC might not be the right move right now.
As you can see in the video below, we have buttons which lead to pages not found (like the edit button), we have actions available that probably should not be (duplicate, delete...), we have the chart that has cell actions, we have the wrong table, access to all the non-AI4DSOC flyouts…

PhilippeOberti
PhilippeOberti approved these changes Apr 25, 2025
View reviewed changes
Copy link
Contributor

@PhilippeOberti PhilippeOberti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So @jamesspi decided to go ahead and allow the page to be visible, despite all the UI inconsistencies and issues.

I'm then approving the PR. I will start working on cleaning up the UI for AI4DSOC, starting with the alerts table.

@tomsonpl tomsonpl merged commit 49838cb into elastic:main Apr 25, 2025
9 checks passed
@elasticmachine
Copy link
Contributor

elasticmachine commented Apr 25, 2025

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 9.1MB 9.1MB +450.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 91.0KB 91.0KB +70.0B
securitySolutionEss 33.7KB 33.7KB +37.0B
securitySolutionServerless 52.3KB 52.3KB +37.0B
total +144.0B

cc @tomsonpl

peluja1012 pushed a commit to peluja1012/kibana that referenced this pull request Apr 25, 2025
@tomsonpl @peluja1012
[AI4DSOC] Change rules details page capabilities (elastic#219260)
edadcbb
@PhilippeOberti PhilippeOberti mentioned this pull request Apr 25, 2025
Closed
1 task
@kibanamachine kibanamachine added the backport missing Added to PRs automatically when the are determined to be missing a backport. label Apr 29, 2025
@kibanamachine
Copy link
Contributor

kibanamachine commented Apr 29, 2025

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219260 locally
cc: @tomsonpl

ashokaditya added a commit to tomsonpl/kibana that referenced this pull request Apr 30, 2025
@ashokaditya
fix detection rules breadcrumb
2455321 
refs changes in elastic#219260
@kibanamachine
Copy link
Contributor

kibanamachine commented Apr 30, 2025

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219260 locally
cc: @tomsonpl

2 similar comments
@kibanamachine
Copy link
Contributor

kibanamachine commented May 1, 2025

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219260 locally
cc: @tomsonpl

@kibanamachine
Copy link
Contributor

kibanamachine commented May 2, 2025

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219260 locally
cc: @tomsonpl

@tomsonpl tomsonpl added backport:skip This PR does not require backporting and removed backport missing Added to PRs automatically when the are determined to be missing a backport. backport:version Backport to applied version labels labels May 3, 2025
@ashokaditya ashokaditya mentioned this pull request May 7, 2025
Merged
akowalska622 pushed a commit to akowalska622/kibana that referenced this pull request May 29, 2025
@tomsonpl @akowalska622
[AI4DSOC] Change rules details page capabilities (elastic#219260)
944edf9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rylnd rylnd rylnd approved these changes

@stephmilovic stephmilovic stephmilovic approved these changes

@PhilippeOberti PhilippeOberti PhilippeOberti approved these changes

@vgomez-el vgomez-el vgomez-el approved these changes

+1 more reviewer

@xcrzx xcrzx xcrzx approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@tomsonpl tomsonpl

Labels

backport:skip This PR does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Security Generative AI Security Generative AI v9.1.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@tomsonpl @elasticmachine @kibanamachine @rylnd @xcrzx @stephmilovic @PhilippeOberti @vgomez-el