[RAC][RBAC] - WIP getting auth find working by yctercero · Pull Request #7 · yctercero/kibana

yctercero · 2021-04-12T08:55:17Z

Summary

Summarize your PR. If it involves visual changes include a screenshot or gif.

Checklist

Delete any items that are not applicable to this PR.

Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
Documentation was added for features that require explanation or tutorials
Unit or functional tests were updated or added to match the most common scenarios
Any UI touched in this PR is usable by keyboard only (learn more about keyboard accessibility)
Any UI touched in this PR does not create any new axe failures (run axe in browser: FF, Chrome)
If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the docker list
This renders correctly on smaller devices using a responsive layout. (You can test this in your browser)
This was checked for cross-browser compatibility

For maintainers

This was checked for breaking API changes and was labeled appropriately

… include space id in constructor rather than parameter as a part of the get since the spaceId will be available to us in the start phase of the plugin

… and adds some rac client functions to be implemented (#3) * wip - ignore * adds rac client initialization to plugin setup / startup and adds scaffolding for CRUD client functions Co-authored-by: Yara Tercero <yara.tercero@elastic.co>

…g from alerts to rac

…, used no-verify for this commit

…ed to rac feature in plugin feature registry

…ould be able to query for data but getting back 403 for internal user

…adds an audit logger mock

…nitialization

…e log statements, added security as a required plugin to rule_registry plugin without which, the rac authorization class was receiving an undefined security client so our calls to shouldCheckAuthorization were failing silently. Added some routes and scripts to test authz functionality. To test please see the README in the rule_registry/scripts.

fixes [#8](elastic/observability-accessibility#8) fixes [#7](elastic/observability-accessibility#7) ## Summary Fixes APM breadcrumbs on serverless | Serverless | Stateful | |---|---| | <img width="700px" alt="image" src="https://github.com/user-attachments/assets/944a7d58-7de3-4a7f-be02-3c8c1110a0e2"> |<img width="800px" alt="image" src="https://github.com/user-attachments/assets/450664b1-ddfc-4395-9fa3-a7b941affb3b">| |<img width="500px" alt="image" src="https://github.com/user-attachments/assets/944a7d58-7de3-4a7f-be02-3c8c1110a0e2"> |<img width="500px" alt="image" src="https://github.com/user-attachments/assets/450664b1-ddfc-4395-9fa3-a7b941affb3b">| | <img width="500px" alt="image" src="https://github.com/user-attachments/assets/944a7d58-7de3-4a7f-be02-3c8c1110a0e2"> |<img width="500px" alt="image" src="https://github.com/user-attachments/assets/cb8a39e2-ca33-4cf9-a8ac-4c84566d092d">| |<img width="500px" alt="image" src="https://github.com/user-attachments/assets/151a3a9c-c81e-4558-9d00-e695e3d1d79c">|<img width="500px" alt="image" src="https://github.com/user-attachments/assets/2562e96f-d5e4-4aa4-a221-6721f8995883">| |<img width="500px" alt="image" src="https://github.com/user-attachments/assets/8d877d11-8c3f-4ac5-8146-6a11125eae7c">|<img width="500px" alt="image" src="https://github.com/user-attachments/assets/36e588cb-4c18-4d66-a2c6-f0e66392f708">| |<img width="500px" alt="image" src="https://github.com/user-attachments/assets/14253196-06de-4343-811f-61aa31ea0d1e">|<img width="500px" alt="image" src="https://github.com/user-attachments/assets/0cdfc83f-6545-433f-8c14-5bbf2a581175">| |<img width="500px" alt="image" src="https://github.com/user-attachments/assets/89a58e2b-2cef-4188-b2be-f359ba6890db">|<img width="500px" alt="image" src="https://github.com/user-attachments/assets/f15e767f-5b60-4485-ac71-7b6fd850ec50">| |<img width="500px" alt="image" src="https://github.com/user-attachments/assets/a0f7bfae-bfda-4f49-b92a-e736d80fea4c">|<img width="500px" alt="image" src="https://github.com/user-attachments/assets/680db8ab-58b8-454b-a0d7-6e1681dbe616">| ### How to test #### Serverless - Start a local ES serverless instance: `yarn es serverless --projectType=oblt --ssl -k/--insecure` - Start a local Kibana serverless instance: ` yarn start --serverless=oblt --no-ssl` - Run some synthtrace scenarios - `NODE_TLS_REJECT_UNAUTHORIZED=0 node scripts/synthtrace mobile.ts --live --target=https://elastic_serverless:changeme@127.0.0.1:9200 --kibana=http://elastic_serverless:changeme@0.0.0.0:5601` - `NODE_TLS_REJECT_UNAUTHORIZED=0 node scripts/synthtrace service_map.ts --live --target=https://elastic_serverless:changeme@127.0.0.1:9200 --kibana=http://elastic_serverless:changeme@0.0.0.0:5601` - Navigate to Applications and click through the links ### Stateful - Start a local ES and Kibana instance - Run the some synthtrace scenarios: - `node scripts/synthtrace mobile.ts --live` - `node scripts/synthtrace service_map.ts --live` - Navigate to Applications and click through the links --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>

dhurley14 force-pushed the rac_rbac_poc branch from 7f0360d to 5c38595 Compare April 12, 2021 14:20

yctercero force-pushed the rbac_another_one branch from 5033a58 to 0cd01e5 Compare April 13, 2021 18:35

dhurley14 force-pushed the rac_rbac_poc branch from c32d746 to cefa8b0 Compare April 15, 2021 16:07

yctercero and others added 13 commits April 19, 2021 21:29

adding alerts actions to security plugin

2861f01

adds kibana security feature privileges and updates alerts actions to…

8eafdac

… include space id in constructor rather than parameter as a part of the get since the spaceId will be available to us in the start phase of the plugin

wip - updating kibana features plugin to include rac and some renamin…

26445e3

…g from alerts to rac

still wip

8024caa

testing out how to view owners for alerts when registering rac plugin…

6df1b18

…, used no-verify for this commit

adds a working racClient to request context and picks up owners suppl…

f0010f6

…ed to rac feature in plugin feature registry

adds elasticsearch client to provide functionality for rac client, sh…

a71ef10

…ould be able to query for data but getting back 403 for internal user

adding tests, cleanup, almost there mvp

81f4f02

updates unit tests to remove the 'spaceid' from the authz action and …

2ebdf71

…adds an audit logger mock

fixes bug where we did not assign getSpaces function in rac factory i…

38681fc

…nitialization

adds missing variables from rebase conflicts with master

d7b9b3f

dhurley14 force-pushed the rac_rbac_poc branch from cefa8b0 to d7b9b3f Compare April 20, 2021 01:48

dhurley14 and others added 2 commits April 19, 2021 21:49

fixes changes from rebase with master

896deaf

some pre-work to get rac working as subfeature

47fc497

yctercero force-pushed the rbac_another_one branch from 0cd01e5 to 47fc497 Compare April 20, 2021 17:01

yctercero added 3 commits May 3, 2021 07:42

remove search strategy changes

08912a3

remove search strategy changes

c8ab239

remove search strategy changes

7c69aea

yctercero force-pushed the rac_rbac_poc branch from cd62a2f to 8c07c0f Compare May 5, 2021 18:35

dhurley14 force-pushed the rac_rbac_poc branch from 68dc7d1 to 350aa97 Compare May 12, 2021 17:33

yctercero deleted the branch rac_rbac_poc August 4, 2022 18:31

yctercero closed this Aug 4, 2022

yctercero deleted the rbac_another_one branch August 4, 2022 18:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[RAC][RBAC] - WIP getting auth find working#7

[RAC][RBAC] - WIP getting auth find working#7
yctercero wants to merge 18 commits intorac_rbac_pocfrom
rbac_another_one

yctercero commented Apr 12, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

yctercero commented Apr 12, 2021

Summary

Checklist

For maintainers

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants