Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[8.13] [Security Solution] Fix infinite loading state on Add Rules page for users with 'Security: Read' permissions (#178005) #178588

Closed

Conversation

kibanamachine
Copy link
Contributor

Backport

This will backport the following commits from main to 8.13:

Questions ?

Please refer to the Backport tool documentation

…users with `Security: Read` permissions (elastic#178005)

Fixes: elastic#161543

## Summary

Solves edge case of a `Security: Read` user visiting the Add Rules page
before a user with permissions does (therefore the space has no
permissions). This would cause the `/install/_review` call to never
happen, and the page to get stuck in an infinite loading state.

- Encapsulates logic to calculate if the `/install/_review` endpoint
should be called
- Allows `Security: Read` users to make the endpoint call
`/install/_review`
- The "All Elastic rules already installed" screen is shown to users in
this edge case.
- Adds frontend integration tests to Add Tables page

### Checklist

- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed

(cherry picked from commit b8396f4)
@jpdjere jpdjere changed the title [8.13] [Security Solution] Fix infinite loading state on Add Rules page for users with `Security: Read` permissions (#178005) [8.13] [Security Solution] Fix infinite loading state on Add Rules page for users with 'Security: Read' permissions (#178005) Mar 12, 2024
@jpdjere
Copy link
Contributor

jpdjere commented Mar 13, 2024

@elasticmachine merge upstream

@kibana-ci
Copy link
Collaborator

💔 Build Failed

Failed CI Steps

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @jpdjere

@jpdjere
Copy link
Contributor

jpdjere commented Mar 13, 2024

CI pipeline seems to have broken, closing this one in favour of: #178603

@jpdjere jpdjere closed this Mar 13, 2024
auto-merge was automatically disabled March 13, 2024 09:14

Pull request was closed

jpdjere referenced this pull request Mar 13, 2024
…ge for users with `Security: Read` permissions (#178005) (#178603)

# Backport

This will backport the following commits from `main` to `8.13`:
- [[Security Solution] Fix infinite loading state on Add Rules page for
users with `Security: Read` permissions
(#178005)](#178005)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Juan Pablo
Djeredjian","email":"jpdjeredjian@gmail.com"},"sourceCommit":{"committedDate":"2024-03-12T23:16:20Z","message":"[Security
Solution] Fix infinite loading state on Add Rules page for users with
`Security: Read` permissions (#178005)\n\nFixes:
https://github.com/elastic/kibana/issues/161543\r\n\r\n##
Summary\r\n\r\nSolves edge case of a `Security: Read` user visiting the
Add Rules page\r\nbefore a user with permissions does (therefore the
space has no\r\npermissions). This would cause the `/install/_review`
call to never\r\nhappen, and the page to get stuck in an infinite
loading state.\r\n\r\n- Encapsulates logic to calculate if the
`/install/_review` endpoint\r\nshould be called\r\n- Allows `Security:
Read` users to make the endpoint call\r\n`/install/_review`\r\n- The
\"All Elastic rules already installed\" screen is shown to users
in\r\nthis edge case.\r\n- Adds frontend integration tests to Add Tables
page\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests
changed","sha":"b8396f48ce05f2c16d2fd9890f921260dd6a5a7d","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Prebuilt Detection
Rules","v8.13.0","v8.14.0"],"number":178005,"url":"https://github.com/elastic/kibana/pull/178005","mergeCommit":{"message":"[Security
Solution] Fix infinite loading state on Add Rules page for users with
`Security: Read` permissions (#178005)\n\nFixes:
https://github.com/elastic/kibana/issues/161543\r\n\r\n##
Summary\r\n\r\nSolves edge case of a `Security: Read` user visiting the
Add Rules page\r\nbefore a user with permissions does (therefore the
space has no\r\npermissions). This would cause the `/install/_review`
call to never\r\nhappen, and the page to get stuck in an infinite
loading state.\r\n\r\n- Encapsulates logic to calculate if the
`/install/_review` endpoint\r\nshould be called\r\n- Allows `Security:
Read` users to make the endpoint call\r\n`/install/_review`\r\n- The
\"All Elastic rules already installed\" screen is shown to users
in\r\nthis edge case.\r\n- Adds frontend integration tests to Add Tables
page\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests
changed","sha":"b8396f48ce05f2c16d2fd9890f921260dd6a5a7d"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"8.13","label":"v8.13.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/178588","number":178588,"state":"OPEN"},{"branch":"main","label":"v8.14.0","labelRegex":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/178005","number":178005,"mergeCommit":{"message":"[Security
Solution] Fix infinite loading state on Add Rules page for users with
`Security: Read` permissions (#178005)\n\nFixes:
https://github.com/elastic/kibana/issues/161543\r\n\r\n##
Summary\r\n\r\nSolves edge case of a `Security: Read` user visiting the
Add Rules page\r\nbefore a user with permissions does (therefore the
space has no\r\npermissions). This would cause the `/install/_review`
call to never\r\nhappen, and the page to get stuck in an infinite
loading state.\r\n\r\n- Encapsulates logic to calculate if the
`/install/_review` endpoint\r\nshould be called\r\n- Allows `Security:
Read` users to make the endpoint call\r\n`/install/_review`\r\n- The
\"All Elastic rules already installed\" screen is shown to users
in\r\nthis edge case.\r\n- Adds frontend integration tests to Add Tables
page\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests
changed","sha":"b8396f48ce05f2c16d2fd9890f921260dd6a5a7d"}}]}]
BACKPORT-->

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants