Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security - Inject logout url #57201

Merged
merged 1 commit into from
Feb 10, 2020

Conversation

legrego
Copy link
Member

@legrego legrego commented Feb 10, 2020

This is a followup to #56786, which accidentally used an injected variable supplied by the Spaces plugin.

Security should not rely on this variable, since Spaces could be disabled, and when that happens, its injected variables will not be present in the UI.

This PR adds a new logoutUrl injected variable for the security plugin to use. This is temporary until the serverBasePath is exposed on the client-side for consumption in the New Platform.

@legrego legrego added release_note:skip Skip the PR/issue when compiling release notes v7.6.1 v7.7.0 v8.0.0 labels Feb 10, 2020
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@legrego legrego added the Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! label Feb 10, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@legrego legrego marked this pull request as ready for review February 10, 2020 15:55
@legrego legrego requested a review from a team as a code owner February 10, 2020 15:55
@legrego legrego requested a review from jportner February 10, 2020 15:55
Copy link
Contributor

@jportner jportner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 😅

@legrego legrego merged commit b228689 into elastic:master Feb 10, 2020
@legrego legrego deleted the security/injected-logout-url branch February 10, 2020 16:03
legrego added a commit to legrego/kibana that referenced this pull request Feb 10, 2020
gmmorris added a commit to gmmorris/kibana that referenced this pull request Feb 11, 2020
* master: (34 commits)
  [Index management] Server-side NP ready (elastic#56829)
  Webhook action - make user and password secrets optional (elastic#56823)
  [DOCS] Removes reference to IRC (elastic#57245)
  [Monitoring] NP migration: Local angular module (elastic#51823)
  [SIEM] Adds ECS link to help menu (elastic#57104)
  Ensure http interceptors are shares across lifecycle methods (elastic#57150)
  [Remote clusters] Migrate server code out of legacy (elastic#56781)
  fixes render bug in alert list (elastic#57152)
  siem 7.6 updates (elastic#57169)
  Make the update alert API key API work when AAD is out of sync (elastic#56640)
  fix(NA): MaxListenersExceededWarning on getLoggerStream (elastic#57133)
  [Metrics UI] Setup commonly used time ranges in timepicker (elastic#56701)
  [Maps] set filter.meta.key to geoFieldName so query passes filterMatchesIndex when ignoreFilterIfFieldNotInIndex is true (elastic#56692)
  Create plugin mock for event log plugin (elastic#57048)
  fix ts error on master (elastic#57236)
  Don't create API key for disabled alerts when calling create API (elastic#57041)
  Fix enable and disable API to still work when AAD is out of sync (elastic#56634)
  [DOCS] Canvas embed objects (elastic#57156)
  Delete autocomplete namespace (elastic#57187)
  Security - Inject logout url (elastic#57201)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v7.6.1 v7.7.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants