Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support "@"mentioning other users #80334

Open
legrego opened this issue Oct 13, 2020 · 5 comments
Open

Support "@"mentioning other users #80334

legrego opened this issue Oct 13, 2020 · 5 comments
Assignees
@MichaelMarcialis
Labels
blocked enhancement New value added to drive a business result NeededFor:Security Solution SIEM, Endpoint, Timeline, Analyzer, Cases NeededFor:Security Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@legrego
Copy link
Member

legrego commented Oct 13, 2020
edited by ryankeairns
Loading

Related to https://github.com/elastic/dev/issues/1660

Kibana is home to many solutions, which are increasingly becoming collaborative in nature. We can no longer expect that Kibana's primary function is to consume dashboards -- while this is certainly a critical feature, Kibana is so much more than that.

These collaborative features by definition are meant to be used by teams of people, and these people often need to be able to "tag" or "mention" other people into conversations within Kibana.

There are two pieces to this issue:

Enumerate available users

The first step to supporting "mentions" is the ability to actually enumerate the available users. We can easily enumerate the native realm, but we don't have the capacity to enumerate any of the other realms.

Expose search functionality

We should expose functionality to search for a user by any of their available properties, including:

  • username
  • full_name
  • email
  • authentication_realm / lookup_realm

Is possible, it would be ideal if we could also search for users who would satisfy a _has_privileges check. For example, if we wanted to show a list of users within the SIEM app, it might make sense to only display users who are authorized to interact with the SIEM app.

Uniquely identify users

Administrators can setup Kibana/ES to authenticate against multiple providers/realms. When configured this way, it's possible to have username collisions. For example, there might be an account with username larry in both the native and saml realms. These accounts may or may not belong to the same individual.

We should account for this when returning search results, so that we don't accidentally conflate these user accounts.

Blocks #39259
@legrego legrego added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! enhancement New value added to drive a business result labels Oct 13, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@alexfrancoeur
Copy link

Linking to issues where there is more of an immediate need for this type of functionality: https://github.com/elastic/security-team/issues/237, https://github.com/elastic/security-team/issues/45

@kobelb
Copy link
Contributor

kobelb commented Oct 16, 2020

/cc @XavierM

@mshustov mshustov mentioned this issue Dec 17, 2020
Closed
26 tasks
@oatkiller oatkiller added the NeededFor:Security Solution SIEM, Endpoint, Timeline, Analyzer, Cases label Jan 11, 2021
@joshdover
Copy link
Contributor

@azasypkin is there a specific issue this is blocked on right now?

@tvernum
Copy link
Contributor

tvernum commented Feb 23, 2021

Mostly this is blocked on work on the Elasticsearch side.
The Enumerate available users and Uniquely identify users problems needs to be solved in ES, and we are working on a design for that, but it's having to be juggled around other work.

@jportner jportner mentioned this issue Jul 30, 2021
Closed
@exalate-issue-sync exalate-issue-sync bot added impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. loe:small Small Level of Effort labels Aug 4, 2021
@legrego legrego mentioned this issue Sep 23, 2021
Closed
@azasypkin azasypkin removed their assignment Jan 20, 2022
@legrego legrego removed EnableJiraSync loe:small Small Level of Effort impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. labels Aug 18, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MichaelMarcialis MichaelMarcialis

Labels
blocked enhancement New value added to drive a business result NeededFor:Security Solution SIEM, Endpoint, Timeline, Analyzer, Cases NeededFor:Security Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@oatkiller @kobelb @azasypkin @joshdover @tvernum @legrego @MichaelMarcialis @elasticmachine @alexfrancoeur