Skip to content

[8.19] [Security Solution][Entity Analytics][UI] Adding code to check privileges for enabling the Run Engine button (#213054)#219896

Closed
abhishekbhatia1710 wants to merge 1 commit intoelastic:8.19from
abhishekbhatia1710:backport/8.19/pr-213054
Closed

[8.19] [Security Solution][Entity Analytics][UI] Adding code to check privileges for enabling the Run Engine button (#213054)#219896
abhishekbhatia1710 wants to merge 1 commit intoelastic:8.19from
abhishekbhatia1710:backport/8.19/pr-213054

Conversation

@abhishekbhatia1710
Copy link
Contributor

@abhishekbhatia1710 abhishekbhatia1710 commented May 2, 2025

Backport

This will backport the following commits from main to 8.19:

Questions ?

Please refer to the Backport tool documentation

@abhishekbhatia1710
[Security Solution][Entity Analytics][UI] Adding code to check privil…
14d2366 
…eges for enabling the Run Engine button (elastic#213054)

## Summary

**What:** Updated the `EntityAnalyticsManagementPage` component to
enhance user privilege checks and disable the "Run Engine" button when
necessary conditions are not met.

**Why:** To improve UI/UX by preventing users from attempting actions
they don’t have the required privileges for, ensuring a clearer user
experience by displaying errors when required.

## Test Steps
- Open Kibana and enable the risk engine
- Create a user with no cluster privileges
- Login with the no-privileges user
  - Go to the Entity Risk Score page
  - The Run Engine button should be disabled.
- Login now with the "elastic" user.
  - Go to the Entity Risk Score page
  - The Run Engine button should be enabled
- Clicking the Run Engine button should update the countdown text to
'Now running' and
    disable the button.

## Screenshots

### The "Run Engine" button is enabled, but an error is displayed, and
the `scheduleRiskEngine` API call is not triggered.

![Screenshot 2025-03-04 at 3 13
55 PM](https://github.com/user-attachments/assets/43b772d8-4782-45b8-93b2-9dec2af02c30)cluster
privileges

### The "Run Engine" button is disabled because the user lacks the
required privileges.

![Screenshot 2025-03-04 at 3 04
22 PM](https://github.com/user-attachments/assets/812653ec-d8db-4e7b-87f1-596e3eb8845c)

### User with all the privileges
![Screenshot 2025-03-04 at 3 17
38 PM](https://github.com/user-attachments/assets/82b7f5bc-438d-489c-a56e-13b1eb63acbf)

### Run Engine button is disabled when countdown text shows "Now
running" (for admin user)

https://github.com/user-attachments/assets/8d1279f1-6d4c-44b2-b7a8-75e5114af73b

### Run Engine button is disabled when countdown text shows "Now
running" (for user without `manage_index_templates` privilege)

https://github.com/user-attachments/assets/bb207a23-ae0a-4eb9-8400-ea023a47bb4c

### Checklist

Check the PR satisfies following conditions.

Reviewers should verify this PR satisfies this list as well.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

(cherry picked from commit 12c3433)
@abhishekbhatia1710 abhishekbhatia1710 added the backport This PR is a backport of another PR label May 2, 2025
@abhishekbhatia1710 abhishekbhatia1710 enabled auto-merge (squash) May 2, 2025 07:10
@abhishekbhatia1710 abhishekbhatia1710 mentioned this pull request May 2, 2025
Merged
2 tasks
@prodsecmachine
Copy link
Collaborator

prodsecmachine commented May 2, 2025
edited
Loading

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

license/snyk check is complete. No issues have been found. (View Details)

@elasticmachine
Copy link
Contributor

elasticmachine commented May 2, 2025

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 9.2MB 9.2MB +729.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 86.3KB 86.3KB +32.0B

@abhishekbhatia1710
Copy link
Contributor Author

abhishekbhatia1710 commented May 14, 2025

It was decided that backports are not necessary for this change, as it includes both a feature addition and a bug fix.

auto-merge was automatically disabled May 14, 2025 05:45

Pull request was closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kibanamachine kibanamachine Awaiting requested review from kibanamachine kibanamachine is a code owner

Assignees

No one assigned

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@abhishekbhatia1710 @prodsecmachine @elasticmachine