Skip to content

Commit

Permalink
[Security Solutions] Removes the elastic legacy client from lists and…
Browse files Browse the repository at this point in the history
… security_solution plugins (elastic#106130)

## Summary

Addressees elastic#83910 by removing the elastic legacy client from:
* `lists` plugin
* `security_solution` plugin
* `kbn-securitysolution-es-utils` package

Removes found dead code in `security_solution` plugin:
* `server/lib/configuration/inmemory_configuration_adapter.ts`
* `server/lib/detection_engine/privileges/read_privileges.ts`
* `server/lib/configuration/index.ts`
* `server/lib/configuration/adapter_types.ts`
* `server/lib/compose/kibana.ts`
* `server/lib/ecs_fields/extend_map.test.ts`
* `server/lib/ecs_fields/extend_map.ts`
* `server/lib/index_fields/elasticsearch_adapter.ts`
* `server/lib/index_fields/index.ts`
* `server/lib/index_fields/mock.ts`
* `server/lib/index_fields/types.ts`
* `server/lib/source_status/elasticsearch_adapter.ts`
* `server/lib/source_status/index.ts`
* `server/lib/source_status/query.dsl.ts`
* `server/lib/source_status/types.ts`
* `server/lib/sources/configuration.test.ts`
* `server/lib/sources/configuration.ts`
* `server/lib/sources/index.ts`
* `server/lib/sources/types.ts`

Removes dead code in `lists` plugin:
* `server/schemas/common/get_call_cluster.mock.ts`
* `server/lib/ecs_fields/index.ts`
* `server/lib/framework/kibana_framework_adapter.ts`

Removes dead types from `security_solution` plugin:
* `server/lib/framework/types.ts`
* `server/lib/types.ts`

Removes dead functions from `security_solution` plugin:
* `server/utils/build_query/calculate_timeseries_interval.ts`
* `server/utils/runtime_types.ts`

### What to check as a reviewer
* Ensure that there is no left over words of `legacy` such as `legacy.something`
* Ensure there are no more `callAsCurrentUser` since that is all dead and gone
* Ensure anywhere you see `esClient.someThing` it returns the `.body` at the end or destructors it as in `{ body } = esClient.someThing`


### Risk Matrix

| Risk                      | Probability | Severity | Mitigation/Notes        |
|---------------------------|-------------|----------|-------------------------|
| Telemetry might stop working or have invalid values. | Med | High | We will have to manually test telemetry. Pinged people from telemetry for a code review |
| An REST route returns invalid values. | Med | High | e2e tests caught some of these already. The rest of the code was re-checked by hand |
| Deleted function/code might actually be still in use somewhere. | Low | High | e2e and unit tests should catch any of this. |



### Checklist

Delete any items that are not applicable to this PR.

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
  • Loading branch information
FrankHassanabad authored Jul 21, 2021
1 parent d4eeea4 commit dd8a4a7
Show file tree
Hide file tree
Showing 49 changed files with 200 additions and 1,723 deletions.
142 changes: 61 additions & 81 deletions packages/kbn-securitysolution-es-utils/src/read_privileges/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,89 +6,69 @@
* Side Public License, v 1.
*/

/**
* Copied from src/core/server/elasticsearch/legacy/api_types.ts including its deprecation mentioned below
* TODO: Remove this and refactor the readPrivileges to utilize any newer client side ways rather than all this deprecated legacy stuff
*/
export interface LegacyCallAPIOptions {
/**
* Indicates whether `401 Unauthorized` errors returned from the Elasticsearch API
* should be wrapped into `Boom` error instances with properly set `WWW-Authenticate`
* header that could have been returned by the API itself. If API didn't specify that
* then `Basic realm="Authorization Required"` is used as `WWW-Authenticate`.
*/
wrap401Errors?: boolean;
/**
* A signal object that allows you to abort the request via an AbortController object.
*/
signal?: AbortSignal;
}

type CallWithRequest<T extends Record<string, any>, V> = (
endpoint: string,
params: T,
options?: LegacyCallAPIOptions
) => Promise<V>;
import { ElasticsearchClient } from '../elasticsearch_client';

export const readPrivileges = async (
callWithRequest: CallWithRequest<{}, unknown>,
esClient: ElasticsearchClient,
index: string
): Promise<unknown> => {
return callWithRequest('transport.request', {
path: '/_security/user/_has_privileges',
method: 'POST',
body: {
cluster: [
'all',
'create_snapshot',
'manage',
'manage_api_key',
'manage_ccr',
'manage_transform',
'manage_ilm',
'manage_index_templates',
'manage_ingest_pipelines',
'manage_ml',
'manage_own_api_key',
'manage_pipeline',
'manage_rollup',
'manage_saml',
'manage_security',
'manage_token',
'manage_watcher',
'monitor',
'monitor_transform',
'monitor_ml',
'monitor_rollup',
'monitor_watcher',
'read_ccr',
'read_ilm',
'transport_client',
],
index: [
{
names: [index],
privileges: [
'all',
'create',
'create_doc',
'create_index',
'delete',
'delete_index',
'index',
'manage',
'maintenance',
'manage_follow_index',
'manage_ilm',
'manage_leader_index',
'monitor',
'read',
'read_cross_cluster',
'view_index_metadata',
'write',
],
},
],
},
});
return (
await esClient.transport.request({
path: '/_security/user/_has_privileges',
method: 'POST',
body: {
cluster: [
'all',
'create_snapshot',
'manage',
'manage_api_key',
'manage_ccr',
'manage_transform',
'manage_ilm',
'manage_index_templates',
'manage_ingest_pipelines',
'manage_ml',
'manage_own_api_key',
'manage_pipeline',
'manage_rollup',
'manage_saml',
'manage_security',
'manage_token',
'manage_watcher',
'monitor',
'monitor_transform',
'monitor_ml',
'monitor_rollup',
'monitor_watcher',
'read_ccr',
'read_ilm',
'transport_client',
],
index: [
{
names: [index],
privileges: [
'all',
'create',
'create_doc',
'create_index',
'delete',
'delete_index',
'index',
'manage',
'maintenance',
'manage_follow_index',
'manage_ilm',
'manage_leader_index',
'monitor',
'read',
'read_cross_cluster',
'view_index_metadata',
'write',
],
},
],
},
})
).body;
};
12 changes: 3 additions & 9 deletions x-pack/plugins/lists/server/routes/read_privileges_route.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,16 +25,10 @@ export const readPrivilegesRoute = (router: ListsPluginRouter): void => {
async (context, request, response) => {
const siemResponse = buildSiemResponse(response);
try {
const clusterClient = context.core.elasticsearch.legacy.client;
const esClient = context.core.elasticsearch.client.asCurrentUser;
const lists = getListClient(context);
const clusterPrivilegesLists = await readPrivileges(
clusterClient.callAsCurrentUser,
lists.getListIndex()
);
const clusterPrivilegesListItems = await readPrivileges(
clusterClient.callAsCurrentUser,
lists.getListItemIndex()
);
const clusterPrivilegesLists = await readPrivileges(esClient, lists.getListIndex());
const clusterPrivilegesListItems = await readPrivileges(esClient, lists.getListItemIndex());
const privileges = merge(
{
listItems: clusterPrivilegesListItems,
Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,6 @@ import {
} from '../../../../../../src/plugins/data/common';
import { DocValueFields, Maybe } from '../common';

export type BeatFieldsFactoryQueryType = 'beatFields';

interface FieldInfo {
category: string;
description?: string;
Expand Down
45 changes: 0 additions & 45 deletions x-pack/plugins/security_solution/server/lib/compose/kibana.ts

This file was deleted.

This file was deleted.

This file was deleted.

This file was deleted.

This file was deleted.

Loading

0 comments on commit dd8a4a7

Please sign in to comment.