-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security Solution][Alerts] - Add alerts subfeature UI (#105505)
###Summary This PR adds the subfeature UI for alerts to security solution. Note that the ability to customize subfeatures is still a gold feature. How will this map with existing users? The feature and subfeature are tied. So if a user was previously assinged All for security solution - they would get all for alerts, etc. It still remains behind a feature flag, so to see the change you'll need to have the following in your kibana.dev.yml xpack.securitySolution.enableExperimental: ['ruleRegistryEnabled'] xpack.ruleRegistry.write.enabled: true
- Loading branch information
Showing
4 changed files
with
170 additions
and
108 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,161 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { i18n } from '@kbn/i18n'; | ||
|
||
import { KibanaFeatureConfig, SubFeatureConfig } from '../../features/common'; | ||
import { DEFAULT_APP_CATEGORIES } from '../../../../src/core/server'; | ||
import { APP_ID, SERVER_APP_ID } from '../common/constants'; | ||
import { savedObjectTypes } from './saved_objects'; | ||
|
||
const CASES_SUB_FEATURE: SubFeatureConfig = { | ||
name: 'Cases', | ||
privilegeGroups: [ | ||
{ | ||
groupType: 'mutually_exclusive', | ||
privileges: [ | ||
{ | ||
id: 'cases_all', | ||
includeIn: 'all', | ||
name: 'All', | ||
savedObject: { | ||
all: [], | ||
read: [], | ||
}, | ||
// using variables with underscores here otherwise when we retrieve them from the kibana | ||
// capabilities in a hook I get type errors regarding boolean | ReadOnly<{[x: string]: boolean}> | ||
ui: ['crud_cases', 'read_cases'], // uiCapabilities.siem.crud_cases | ||
cases: { | ||
all: [APP_ID], | ||
}, | ||
}, | ||
{ | ||
id: 'cases_read', | ||
includeIn: 'read', | ||
name: 'Read', | ||
savedObject: { | ||
all: [], | ||
read: [], | ||
}, | ||
// using variables with underscores here otherwise when we retrieve them from the kibana | ||
// capabilities in a hook I get type errors regarding boolean | ReadOnly<{[x: string]: boolean}> | ||
ui: ['read_cases'], // uiCapabilities.siem.read_cases | ||
cases: { | ||
read: [APP_ID], | ||
}, | ||
}, | ||
], | ||
}, | ||
], | ||
}; | ||
|
||
export const getAlertsSubFeature = (ruleTypes: string[]): SubFeatureConfig => ({ | ||
name: i18n.translate('xpack.securitySolution.featureRegistry.manageAlertsName', { | ||
defaultMessage: 'Alerts', | ||
}), | ||
privilegeGroups: [ | ||
{ | ||
groupType: 'mutually_exclusive', | ||
privileges: [ | ||
{ | ||
id: 'alerts_all', | ||
name: i18n.translate('xpack.securitySolution.featureRegistry.subfeature.alertsAllName', { | ||
defaultMessage: 'All', | ||
}), | ||
includeIn: 'all' as 'all', | ||
alerting: { | ||
alert: { | ||
all: ruleTypes, | ||
}, | ||
}, | ||
savedObject: { | ||
all: [], | ||
read: [], | ||
}, | ||
ui: [], | ||
}, | ||
{ | ||
id: 'alerts_read', | ||
name: i18n.translate('xpack.securitySolution.featureRegistry.subfeature.alertsReadName', { | ||
defaultMessage: 'Read', | ||
}), | ||
includeIn: 'read' as 'read', | ||
alerting: { | ||
alert: { | ||
read: ruleTypes, | ||
}, | ||
}, | ||
savedObject: { | ||
all: [], | ||
read: [], | ||
}, | ||
ui: [], | ||
}, | ||
], | ||
}, | ||
], | ||
}); | ||
|
||
export const getKibanaPrivilegesFeaturePrivileges = ( | ||
ruleTypes: string[], | ||
isRuleRegistryEnabled: boolean | ||
): KibanaFeatureConfig => ({ | ||
id: SERVER_APP_ID, | ||
name: i18n.translate('xpack.securitySolution.featureRegistry.linkSecuritySolutionTitle', { | ||
defaultMessage: 'Security', | ||
}), | ||
order: 1100, | ||
category: DEFAULT_APP_CATEGORIES.security, | ||
app: [APP_ID, 'kibana'], | ||
catalogue: ['securitySolution'], | ||
management: { | ||
insightsAndAlerting: ['triggersActions'], | ||
}, | ||
alerting: ruleTypes, | ||
cases: [APP_ID], | ||
subFeatures: isRuleRegistryEnabled | ||
? [{ ...CASES_SUB_FEATURE }, { ...getAlertsSubFeature(ruleTypes) }] | ||
: [{ ...CASES_SUB_FEATURE }], | ||
privileges: { | ||
all: { | ||
app: [APP_ID, 'kibana'], | ||
catalogue: ['securitySolution'], | ||
api: ['securitySolution', 'lists-all', 'lists-read', 'rac'], | ||
savedObject: { | ||
all: ['alert', 'exception-list', 'exception-list-agnostic', ...savedObjectTypes], | ||
read: [], | ||
}, | ||
alerting: { | ||
rule: { | ||
all: ruleTypes, | ||
}, | ||
}, | ||
management: { | ||
insightsAndAlerting: ['triggersActions'], | ||
}, | ||
ui: ['show', 'crud'], | ||
}, | ||
read: { | ||
app: [APP_ID, 'kibana'], | ||
catalogue: ['securitySolution'], | ||
api: ['securitySolution', 'lists-read', 'rac'], | ||
savedObject: { | ||
all: [], | ||
read: ['exception-list', 'exception-list-agnostic', ...savedObjectTypes], | ||
}, | ||
alerting: { | ||
rule: { | ||
read: ruleTypes, | ||
}, | ||
}, | ||
management: { | ||
insightsAndAlerting: ['triggersActions'], | ||
}, | ||
ui: ['show'], | ||
}, | ||
}, | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters