From 3377e4b64feb0d3cee3b87d3fef25319de65f1be Mon Sep 17 00:00:00 2001 From: Devin Hurley Date: Wed, 30 Jun 2021 18:34:24 -0400 Subject: [PATCH 1/6] force any plugin registering rules to register the feature id into the master list which maps feature id to index names --- x-pack/plugins/apm/server/plugin.ts | 3 ++- x-pack/plugins/observability/server/plugin.ts | 6 +++++ .../server/alert_data_client/alerts_client.ts | 27 +++++++++++-------- .../server/rule_data_client/types.ts | 4 +++ .../security_solution/server/plugin.ts | 1 + 5 files changed, 29 insertions(+), 12 deletions(-) diff --git a/x-pack/plugins/apm/server/plugin.ts b/x-pack/plugins/apm/server/plugin.ts index 2d3638272508e..a6e23918e8a9b 100644 --- a/x-pack/plugins/apm/server/plugin.ts +++ b/x-pack/plugins/apm/server/plugin.ts @@ -19,7 +19,7 @@ import { mapValues, once } from 'lodash'; import { TECHNICAL_COMPONENT_TEMPLATE_NAME } from '../../rule_registry/common/assets'; import { mappingFromFieldMap } from '../../rule_registry/common/mapping_from_field_map'; import { RuleDataClient } from '../../rule_registry/server'; -import { APMConfig, APMXPackConfig } from '.'; +import { APMConfig, APMXPackConfig, APM_SERVER_FEATURE_ID } from '.'; import { mergeConfigs } from './index'; import { UI_SETTINGS } from '../../../../src/plugins/data/common'; import { APM_FEATURE, registerFeaturesUsage } from './feature'; @@ -181,6 +181,7 @@ export class APMPlugin }); const ruleDataClient = new RuleDataClient({ + feature: APM_SERVER_FEATURE_ID, alias: ruleDataService.getFullAssetName('observability-apm'), getClusterClient: async () => { const coreStart = await getCoreStart(); diff --git a/x-pack/plugins/observability/server/plugin.ts b/x-pack/plugins/observability/server/plugin.ts index 2006ce50a74cb..deb657984c07e 100644 --- a/x-pack/plugins/observability/server/plugin.ts +++ b/x-pack/plugins/observability/server/plugin.ts @@ -105,7 +105,13 @@ export class ObservabilityPlugin implements Plugin { return coreStart.elasticsearch.client.asInternalUser; }, ready: () => Promise.resolve(), + // For the line below this comment... + // so just .alerts? That doesn't seem right... + // I'm imagining this should be .alerts-observability and so + // ...ruleDataService.getFullAssetName('observability'); + // otherwise .alerts could return top alerts for everything? alias: plugins.ruleRegistry.ruleDataService.getFullAssetName(), + feature: 'observability', }); registerRoutes({ diff --git a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts index e36e97b7a252a..81d43b0013767 100644 --- a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts +++ b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts @@ -46,6 +46,12 @@ interface GetAlertParams { index?: string; } +export const mapConsumerToIndexName = { + observability: '.alerts-observability', + apm: '.alerts-observability-apm', + siem: ['.alerts-security-solution', '.siem-signals'], +}; + /** * Provides apis to interact with alerts as data * ensures the request is authorized to perform read / write actions @@ -69,7 +75,7 @@ export class AlertsClient { operations: Array ) { return this.authorization.getAugmentRuleTypesWithAuthorization( - featureIds.length !== 0 ? featureIds : ['apm', 'siem'], + featureIds.length !== 0 ? featureIds : Object.keys(mapConsumerToIndexName), operations, AlertingAuthorizationEntity.Alert ); @@ -196,7 +202,9 @@ export class AlertsClient { } } - public async getAuthorizedAlertsIndices(featureIds: string[]): Promise { + public async getAuthorizedAlertsIndices( + featureIds: Array + ): Promise { const augmentedRuleTypes = await this.authorization.getAugmentRuleTypesWithAuthorization( featureIds, [ReadOperations.Find, ReadOperations.Get, WriteOperations.Update], @@ -206,20 +214,17 @@ export class AlertsClient { // As long as the user can read a minimum of one type of rule type produced by the provided feature, // the user should be provided that features' alerts index. // Limiting which alerts that user can read on that index will be done via the findAuthorizationFilter - const authorizedFeatures = new Set(); + const authorizedFeatures = new Set(); for (const ruleType of augmentedRuleTypes.authorizedRuleTypes) { authorizedFeatures.add(ruleType.producer); } + const typeguard = (a: string): a is keyof typeof mapConsumerToIndexName => + a in Object.keys(mapConsumerToIndexName); + const toReturn = Array.from(authorizedFeatures).flatMap((feature) => { - switch (feature) { - case 'apm': - return '.alerts-observability-apm'; - case 'siem': - return ['.alerts-security-solution', '.siem-signals']; - default: - return []; - } + if (typeguard(feature)) return mapConsumerToIndexName[feature]; + return []; }); return toReturn; diff --git a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts index d5ce022781b0d..5e168df32521f 100644 --- a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts +++ b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts @@ -11,6 +11,7 @@ import { ElasticsearchClient } from 'kibana/server'; import { FieldDescriptor } from 'src/plugins/data/server'; import { ESSearchRequest, ESSearchResponse } from 'src/core/types/elasticsearch'; import { TechnicalRuleDataFieldName } from '../../common/technical_rule_data_field_names'; +import { mapConsumerToIndexName } from '../alert_data_client/alerts_client'; export interface RuleDataReader { search( @@ -37,8 +38,11 @@ export interface IRuleDataClient { createOrUpdateWriteTarget(options: { namespace?: string }): Promise; } +type ValidFeatureIds = keyof typeof mapConsumerToIndexName; + export interface RuleDataClientConstructorOptions { getClusterClient: () => Promise; ready: () => Promise; alias: string; + feature: ValidFeatureIds; } diff --git a/x-pack/plugins/security_solution/server/plugin.ts b/x-pack/plugins/security_solution/server/plugin.ts index 453e98b020cbe..c53a0134a6261 100644 --- a/x-pack/plugins/security_solution/server/plugin.ts +++ b/x-pack/plugins/security_solution/server/plugin.ts @@ -237,6 +237,7 @@ export class Plugin implements IPlugin { const coreStart = await start(); From 879c0c07d8a69c92f120878245cdcc7aa3963a82 Mon Sep 17 00:00:00 2001 From: Devin Hurley Date: Wed, 30 Jun 2021 19:53:31 -0400 Subject: [PATCH 2/6] javascript is not python --- .../authorization/alerting_authorization.ts | 2 +- .../server/alert_data_client/alerts_client.ts | 22 ++++++++++++------- .../server/routes/get_alert_index.ts | 8 ++----- .../server/rule_data_client/types.ts | 4 +--- 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/x-pack/plugins/alerting/server/authorization/alerting_authorization.ts b/x-pack/plugins/alerting/server/authorization/alerting_authorization.ts index de49cdd370585..655e1f7ce095c 100644 --- a/x-pack/plugins/alerting/server/authorization/alerting_authorization.ts +++ b/x-pack/plugins/alerting/server/authorization/alerting_authorization.ts @@ -143,7 +143,7 @@ export class AlertingAuthorization { * used by the RAC/Alerts client */ public async getAugmentRuleTypesWithAuthorization( - featureIds: string[], + featureIds: readonly string[], operations: Array, authorizationEntity: AlertingAuthorizationEntity ): Promise<{ diff --git a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts index 81d43b0013767..197ee95fab4ae 100644 --- a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts +++ b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts @@ -46,9 +46,12 @@ interface GetAlertParams { index?: string; } -export const mapConsumerToIndexName = { - observability: '.alerts-observability', +export const validFeatureIds = ['apm', 'observability', 'siem'] as const; +export type ValidFeatureIds = typeof validFeatureIds[number]; + +export const mapConsumerToIndexName: { [featureId in ValidFeatureIds]: string | string[] } = { apm: '.alerts-observability-apm', + observability: '.alerts-observability', siem: ['.alerts-security-solution', '.siem-signals'], }; @@ -75,7 +78,7 @@ export class AlertsClient { operations: Array ) { return this.authorization.getAugmentRuleTypesWithAuthorization( - featureIds.length !== 0 ? featureIds : Object.keys(mapConsumerToIndexName), + featureIds.length !== 0 ? featureIds : validFeatureIds, operations, AlertingAuthorizationEntity.Alert ); @@ -203,10 +206,10 @@ export class AlertsClient { } public async getAuthorizedAlertsIndices( - featureIds: Array + featureIds: readonly ValidFeatureIds[] ): Promise { const augmentedRuleTypes = await this.authorization.getAugmentRuleTypesWithAuthorization( - featureIds, + featureIds as string[], [ReadOperations.Find, ReadOperations.Get, WriteOperations.Update], AlertingAuthorizationEntity.Alert ); @@ -219,11 +222,14 @@ export class AlertsClient { authorizedFeatures.add(ruleType.producer); } - const typeguard = (a: string): a is keyof typeof mapConsumerToIndexName => - a in Object.keys(mapConsumerToIndexName); + const isValidFeatureId = (a: string): a is ValidFeatureIds => + // @ts-expect-error Argument of type 'string' is not assignable to parameter of type '"apm" | "observability" | "siem"' + validFeatureIds.includes(a); const toReturn = Array.from(authorizedFeatures).flatMap((feature) => { - if (typeguard(feature)) return mapConsumerToIndexName[feature]; + if (isValidFeatureId(feature)) { + return mapConsumerToIndexName[feature]; + } return []; }); diff --git a/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts b/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts index bfafec919ebb2..a394fc7262570 100644 --- a/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts +++ b/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts @@ -11,6 +11,7 @@ import { transformError } from '@kbn/securitysolution-es-utils'; import { RacRequestHandlerContext } from '../types'; import { BASE_RAC_ALERTS_API_PATH } from '../../common/constants'; +import { validFeatureIds } from '../alert_data_client/alerts_client'; export const getAlertsIndexRoute = (router: IRouter) => { router.get( @@ -22,14 +23,9 @@ export const getAlertsIndexRoute = (router: IRouter) = }, }, async (context, request, response) => { - const APM_SERVER_FEATURE_ID = 'apm'; - const SERVER_APP_ID = 'siem'; try { const alertsClient = await context.rac.getAlertsClient(); - const indexName = await alertsClient.getAuthorizedAlertsIndices([ - APM_SERVER_FEATURE_ID, - SERVER_APP_ID, - ]); + const indexName = await alertsClient.getAuthorizedAlertsIndices(validFeatureIds); return response.ok({ body: { index_name: indexName }, }); diff --git a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts index 5e168df32521f..458f3ccbef9bb 100644 --- a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts +++ b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts @@ -11,7 +11,7 @@ import { ElasticsearchClient } from 'kibana/server'; import { FieldDescriptor } from 'src/plugins/data/server'; import { ESSearchRequest, ESSearchResponse } from 'src/core/types/elasticsearch'; import { TechnicalRuleDataFieldName } from '../../common/technical_rule_data_field_names'; -import { mapConsumerToIndexName } from '../alert_data_client/alerts_client'; +import { ValidFeatureIds } from '../alert_data_client/alerts_client'; export interface RuleDataReader { search( @@ -38,8 +38,6 @@ export interface IRuleDataClient { createOrUpdateWriteTarget(options: { namespace?: string }): Promise; } -type ValidFeatureIds = keyof typeof mapConsumerToIndexName; - export interface RuleDataClientConstructorOptions { getClusterClient: () => Promise; ready: () => Promise; From fbd3905673ec83c59245fd294041d5716a17ca01 Mon Sep 17 00:00:00 2001 From: Devin Hurley Date: Thu, 1 Jul 2021 16:12:41 -0400 Subject: [PATCH 3/6] favor keyof instead of typeof as const, removes ts-expect-error --- x-pack/plugins/apm/server/plugin.ts | 2 +- .../server/alert_data_client/alerts_client.ts | 22 +++++++++---------- .../server/routes/get_alert_index.ts | 1 - .../server/rule_data_client/types.ts | 4 ++-- 4 files changed, 14 insertions(+), 15 deletions(-) diff --git a/x-pack/plugins/apm/server/plugin.ts b/x-pack/plugins/apm/server/plugin.ts index a6e23918e8a9b..303002bf5445a 100644 --- a/x-pack/plugins/apm/server/plugin.ts +++ b/x-pack/plugins/apm/server/plugin.ts @@ -181,7 +181,7 @@ export class APMPlugin }); const ruleDataClient = new RuleDataClient({ - feature: APM_SERVER_FEATURE_ID, + feature: 'devin', alias: ruleDataService.getFullAssetName('observability-apm'), getClusterClient: async () => { const coreStart = await getCoreStart(); diff --git a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts index 197ee95fab4ae..552679ddc0cbd 100644 --- a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts +++ b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts @@ -46,14 +46,20 @@ interface GetAlertParams { index?: string; } -export const validFeatureIds = ['apm', 'observability', 'siem'] as const; -export type ValidFeatureIds = typeof validFeatureIds[number]; - -export const mapConsumerToIndexName: { [featureId in ValidFeatureIds]: string | string[] } = { +/** + * registering a new instance of the rule data client + * in a new plugin will require updating the below data structure + * to include the index name where the alerts as data will be written to. + */ +export const mapConsumerToIndexName = { apm: '.alerts-observability-apm', observability: '.alerts-observability', siem: ['.alerts-security-solution', '.siem-signals'], }; +export type ValidFeatureId = keyof typeof mapConsumerToIndexName; + +export const validFeatureIds = Object.keys(mapConsumerToIndexName); +export const isValidFeatureId = (a: string): a is ValidFeatureId => validFeatureIds.includes(a); /** * Provides apis to interact with alerts as data @@ -205,9 +211,7 @@ export class AlertsClient { } } - public async getAuthorizedAlertsIndices( - featureIds: readonly ValidFeatureIds[] - ): Promise { + public async getAuthorizedAlertsIndices(featureIds: string[]): Promise { const augmentedRuleTypes = await this.authorization.getAugmentRuleTypesWithAuthorization( featureIds as string[], [ReadOperations.Find, ReadOperations.Get, WriteOperations.Update], @@ -222,10 +226,6 @@ export class AlertsClient { authorizedFeatures.add(ruleType.producer); } - const isValidFeatureId = (a: string): a is ValidFeatureIds => - // @ts-expect-error Argument of type 'string' is not assignable to parameter of type '"apm" | "observability" | "siem"' - validFeatureIds.includes(a); - const toReturn = Array.from(authorizedFeatures).flatMap((feature) => { if (isValidFeatureId(feature)) { return mapConsumerToIndexName[feature]; diff --git a/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts b/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts index a394fc7262570..efe019eff1157 100644 --- a/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts +++ b/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts @@ -48,7 +48,6 @@ export const getAlertsIndexRoute = (router: IRouter) = }) ), }); - // return response.custom; } } ); diff --git a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts index 458f3ccbef9bb..7e360c5429b2e 100644 --- a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts +++ b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts @@ -11,7 +11,7 @@ import { ElasticsearchClient } from 'kibana/server'; import { FieldDescriptor } from 'src/plugins/data/server'; import { ESSearchRequest, ESSearchResponse } from 'src/core/types/elasticsearch'; import { TechnicalRuleDataFieldName } from '../../common/technical_rule_data_field_names'; -import { ValidFeatureIds } from '../alert_data_client/alerts_client'; +import { ValidFeatureId } from '../alert_data_client/alerts_client'; export interface RuleDataReader { search( @@ -42,5 +42,5 @@ export interface RuleDataClientConstructorOptions { getClusterClient: () => Promise; ready: () => Promise; alias: string; - feature: ValidFeatureIds; + feature: ValidFeatureId; } From d2173f5090e36357df226d4a6709bdfa01666567 Mon Sep 17 00:00:00 2001 From: Devin Hurley Date: Thu, 1 Jul 2021 16:28:32 -0400 Subject: [PATCH 4/6] updates typedocs --- x-pack/plugins/apm/server/plugin.ts | 2 +- .../docs/alerts_client/alerts_client_api.md | 75 +++++++++++++++++++ .../alerts_client/classes/alertsclient.md | 58 +++++++------- .../interfaces/constructoroptions.md | 19 +---- .../alerts_client/interfaces/updateoptions.md | 35 +++++---- .../server/rule_data_client/types.ts | 7 ++ 6 files changed, 134 insertions(+), 62 deletions(-) diff --git a/x-pack/plugins/apm/server/plugin.ts b/x-pack/plugins/apm/server/plugin.ts index 303002bf5445a..a6e23918e8a9b 100644 --- a/x-pack/plugins/apm/server/plugin.ts +++ b/x-pack/plugins/apm/server/plugin.ts @@ -181,7 +181,7 @@ export class APMPlugin }); const ruleDataClient = new RuleDataClient({ - feature: 'devin', + feature: APM_SERVER_FEATURE_ID, alias: ruleDataService.getFullAssetName('observability-apm'), getClusterClient: async () => { const coreStart = await getCoreStart(); diff --git a/x-pack/plugins/rule_registry/docs/alerts_client/alerts_client_api.md b/x-pack/plugins/rule_registry/docs/alerts_client/alerts_client_api.md index b94a19f8e3f38..608335b97e09b 100644 --- a/x-pack/plugins/rule_registry/docs/alerts_client/alerts_client_api.md +++ b/x-pack/plugins/rule_registry/docs/alerts_client/alerts_client_api.md @@ -12,3 +12,78 @@ Alerts as data client API Interface - [ConstructorOptions](interfaces/constructoroptions.md) - [UpdateOptions](interfaces/updateoptions.md) + +### Type aliases + +- [ValidFeatureId](alerts_client_api.md#validfeatureid) + +### Variables + +- [mapConsumerToIndexName](alerts_client_api.md#mapconsumertoindexname) +- [validFeatureIds](alerts_client_api.md#validfeatureids) + +### Functions + +- [isValidFeatureId](alerts_client_api.md#isvalidfeatureid) + +## Type aliases + +### ValidFeatureId + +Ƭ **ValidFeatureId**: keyof typeof [mapConsumerToIndexName](alerts_client_api.md#mapconsumertoindexname) + +#### Defined in + +[rule_registry/server/alert_data_client/alerts_client.ts:59](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L59) + +## Variables + +### mapConsumerToIndexName + +• `Const` **mapConsumerToIndexName**: `Object` + +registering a new instance of the rule data client +in a new plugin will require updating the below data structure +to include the index name where the alerts as data will be written to. + +#### Type declaration + +| Name | Type | +| :------ | :------ | +| `apm` | `string` | +| `observability` | `string` | +| `siem` | `string`[] | + +#### Defined in + +[rule_registry/server/alert_data_client/alerts_client.ts:54](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L54) + +___ + +### validFeatureIds + +• `Const` **validFeatureIds**: `string`[] + +#### Defined in + +[rule_registry/server/alert_data_client/alerts_client.ts:61](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L61) + +## Functions + +### isValidFeatureId + +▸ `Const` **isValidFeatureId**(`a`): a is "apm" \| "observability" \| "siem" + +#### Parameters + +| Name | Type | +| :------ | :------ | +| `a` | `string` | + +#### Returns + +a is "apm" \| "observability" \| "siem" + +#### Defined in + +[rule_registry/server/alert_data_client/alerts_client.ts:62](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L62) diff --git a/x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md b/x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md index 1ff8499213add..50585d7bdacda 100644 --- a/x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md +++ b/x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md @@ -18,14 +18,13 @@ on alerts as data. - [authorization](alertsclient.md#authorization) - [esClient](alertsclient.md#esclient) - [logger](alertsclient.md#logger) -- [ruleDataService](alertsclient.md#ruledataservice) ### Methods - [fetchAlert](alertsclient.md#fetchalert) - [get](alertsclient.md#get) - [getAlertsIndex](alertsclient.md#getalertsindex) -- [getFullAssetName](alertsclient.md#getfullassetname) +- [getAuthorizedAlertsIndices](alertsclient.md#getauthorizedalertsindices) - [update](alertsclient.md#update) ## Constructors @@ -42,7 +41,7 @@ on alerts as data. #### Defined in -[alerts_client.ts:56](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L56) +[rule_registry/server/alert_data_client/alerts_client.ts:73](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L73) ## Properties @@ -52,7 +51,7 @@ on alerts as data. #### Defined in -[alerts_client.ts:53](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L53) +[rule_registry/server/alert_data_client/alerts_client.ts:71](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L71) ___ @@ -62,7 +61,7 @@ ___ #### Defined in -[alerts_client.ts:54](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L54) +[rule_registry/server/alert_data_client/alerts_client.ts:72](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L72) ___ @@ -72,7 +71,7 @@ ___ #### Defined in -[alerts_client.ts:55](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L55) +[rule_registry/server/alert_data_client/alerts_client.ts:73](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L73) ___ @@ -82,23 +81,13 @@ ___ #### Defined in -[alerts_client.ts:52](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L52) - -___ - -### ruleDataService - -• `Private` `Readonly` **ruleDataService**: `PublicMethodsOf` - -#### Defined in - -[alerts_client.ts:56](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L56) +[rule_registry/server/alert_data_client/alerts_client.ts:70](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L70) ## Methods ### fetchAlert -▸ `Private` **fetchAlert**(`__namedParameters`): `Promise`\>\> +▸ `Private` **fetchAlert**(`__namedParameters`): `Promise` #### Parameters @@ -108,11 +97,11 @@ ___ #### Returns -`Promise`\>\> +`Promise` #### Defined in -[alerts_client.ts:83](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L83) +[rule_registry/server/alert_data_client/alerts_client.ts:93](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L93) ___ @@ -132,47 +121,54 @@ ___ #### Defined in -[alerts_client.ts:108](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L108) +[rule_registry/server/alert_data_client/alerts_client.ts:122](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L122) ___ ### getAlertsIndex -▸ **getAlertsIndex**(`featureIds`): `Promise` +▸ **getAlertsIndex**(`featureIds`, `operations`): `Promise`<`Object`\> #### Parameters | Name | Type | | :------ | :------ | | `featureIds` | `string`[] | +| `operations` | (`ReadOperations` \| `WriteOperations`)[] | #### Returns -`Promise` +`Promise`<`Object`\> #### Defined in -[alerts_client.ts:76](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L76) +[rule_registry/server/alert_data_client/alerts_client.ts:82](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L82) ___ -### getFullAssetName +### getAuthorizedAlertsIndices + +▸ **getAuthorizedAlertsIndices**(`featureIds`): `Promise` + +#### Parameters -▸ **getFullAssetName**(): `string` +| Name | Type | +| :------ | :------ | +| `featureIds` | `string`[] | #### Returns -`string` +`Promise` #### Defined in -[alerts_client.ts:72](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L72) +[rule_registry/server/alert_data_client/alerts_client.ts:214](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L214) ___ ### update -▸ **update**(`__namedParameters`): `Promise`\>\> +▸ **update**(`__namedParameters`): `Promise`<`Object`\> #### Type parameters @@ -188,8 +184,8 @@ ___ #### Returns -`Promise`\>\> +`Promise`<`Object`\> #### Defined in -[alerts_client.ts:146](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L146) +[rule_registry/server/alert_data_client/alerts_client.ts:160](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L160) diff --git a/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md b/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md index 5cf1539c52878..15f8bfed3be5d 100644 --- a/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md +++ b/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md @@ -10,7 +10,6 @@ - [authorization](constructoroptions.md#authorization) - [esClient](constructoroptions.md#esclient) - [logger](constructoroptions.md#logger) -- [ruleDataService](constructoroptions.md#ruledataservice) ## Properties @@ -20,7 +19,7 @@ #### Defined in -[alerts_client.ts:26](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L26) +[rule_registry/server/alert_data_client/alerts_client.ts:33](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L33) ___ @@ -30,7 +29,7 @@ ___ #### Defined in -[alerts_client.ts:25](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L25) +[rule_registry/server/alert_data_client/alerts_client.ts:32](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L32) ___ @@ -40,7 +39,7 @@ ___ #### Defined in -[alerts_client.ts:27](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L27) +[rule_registry/server/alert_data_client/alerts_client.ts:34](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L34) ___ @@ -50,14 +49,4 @@ ___ #### Defined in -[alerts_client.ts:24](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L24) - -___ - -### ruleDataService - -• **ruleDataService**: `PublicMethodsOf` - -#### Defined in - -[alerts_client.ts:28](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L28) +[rule_registry/server/alert_data_client/alerts_client.ts:31](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L31) diff --git a/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md b/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md index 3ec99762c78cc..8a5eeafb41eac 100644 --- a/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md +++ b/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md @@ -12,25 +12,20 @@ ### Properties -- [data](updateoptions.md#data) +- [\_version](updateoptions.md#_version) - [id](updateoptions.md#id) -- [indexName](updateoptions.md#indexname) +- [index](updateoptions.md#index) +- [status](updateoptions.md#status) ## Properties -### data +### \_version -• **data**: `Object` - -#### Type declaration - -| Name | Type | -| :------ | :------ | -| `status` | `string` | +• **\_version**: `undefined` \| `string` #### Defined in -[alerts_client.ts:33](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L33) +[rule_registry/server/alert_data_client/alerts_client.ts:40](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L40) ___ @@ -40,14 +35,24 @@ ___ #### Defined in -[alerts_client.ts:32](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L32) +[rule_registry/server/alert_data_client/alerts_client.ts:38](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L38) + +___ + +### index + +• **index**: `string` + +#### Defined in + +[rule_registry/server/alert_data_client/alerts_client.ts:41](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L41) ___ -### indexName +### status -• **indexName**: `string` +• **status**: `string` #### Defined in -[alerts_client.ts:37](https://github.com/dhurley14/kibana/blob/25bf227f8c6/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L37) +[rule_registry/server/alert_data_client/alerts_client.ts:39](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L39) diff --git a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts index 7e360c5429b2e..b7f6a4a03e76f 100644 --- a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts +++ b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts @@ -38,6 +38,13 @@ export interface IRuleDataClient { createOrUpdateWriteTarget(options: { namespace?: string }): Promise; } +/** + * The purpose of the `feature` param is to force the user to update + * the data structure which contains the mapping of consumers to alerts + * as data indices. The idea is it is typed such that it forces the + * user to go to the code and modify it. At least until a better system + * is put in place or we move the alerts as data client out of rule registry. + */ export interface RuleDataClientConstructorOptions { getClusterClient: () => Promise; ready: () => Promise; From 69566c27a6b56792aa61031757442345b3530a06 Mon Sep 17 00:00:00 2001 From: Devin Hurley Date: Thu, 1 Jul 2021 16:39:22 -0400 Subject: [PATCH 5/6] adds rbac utils to utils folder and updates typedocs --- .../docs/alerts_client/alerts_client_api.md | 75 ------------------- .../alerts_client/classes/alertsclient.md | 20 ++--- .../interfaces/constructoroptions.md | 8 +- .../alerts_client/interfaces/updateoptions.md | 8 +- .../server/alert_data_client/alerts_client.ts | 16 +--- .../server/routes/get_alert_index.ts | 2 +- .../server/rule_data_client/types.ts | 2 +- .../rule_registry/server/utils/rbac.ts | 21 ++++++ 8 files changed, 42 insertions(+), 110 deletions(-) create mode 100644 x-pack/plugins/rule_registry/server/utils/rbac.ts diff --git a/x-pack/plugins/rule_registry/docs/alerts_client/alerts_client_api.md b/x-pack/plugins/rule_registry/docs/alerts_client/alerts_client_api.md index 608335b97e09b..b94a19f8e3f38 100644 --- a/x-pack/plugins/rule_registry/docs/alerts_client/alerts_client_api.md +++ b/x-pack/plugins/rule_registry/docs/alerts_client/alerts_client_api.md @@ -12,78 +12,3 @@ Alerts as data client API Interface - [ConstructorOptions](interfaces/constructoroptions.md) - [UpdateOptions](interfaces/updateoptions.md) - -### Type aliases - -- [ValidFeatureId](alerts_client_api.md#validfeatureid) - -### Variables - -- [mapConsumerToIndexName](alerts_client_api.md#mapconsumertoindexname) -- [validFeatureIds](alerts_client_api.md#validfeatureids) - -### Functions - -- [isValidFeatureId](alerts_client_api.md#isvalidfeatureid) - -## Type aliases - -### ValidFeatureId - -Ƭ **ValidFeatureId**: keyof typeof [mapConsumerToIndexName](alerts_client_api.md#mapconsumertoindexname) - -#### Defined in - -[rule_registry/server/alert_data_client/alerts_client.ts:59](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L59) - -## Variables - -### mapConsumerToIndexName - -• `Const` **mapConsumerToIndexName**: `Object` - -registering a new instance of the rule data client -in a new plugin will require updating the below data structure -to include the index name where the alerts as data will be written to. - -#### Type declaration - -| Name | Type | -| :------ | :------ | -| `apm` | `string` | -| `observability` | `string` | -| `siem` | `string`[] | - -#### Defined in - -[rule_registry/server/alert_data_client/alerts_client.ts:54](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L54) - -___ - -### validFeatureIds - -• `Const` **validFeatureIds**: `string`[] - -#### Defined in - -[rule_registry/server/alert_data_client/alerts_client.ts:61](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L61) - -## Functions - -### isValidFeatureId - -▸ `Const` **isValidFeatureId**(`a`): a is "apm" \| "observability" \| "siem" - -#### Parameters - -| Name | Type | -| :------ | :------ | -| `a` | `string` | - -#### Returns - -a is "apm" \| "observability" \| "siem" - -#### Defined in - -[rule_registry/server/alert_data_client/alerts_client.ts:62](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L62) diff --git a/x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md b/x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md index 50585d7bdacda..9b639829a9f5f 100644 --- a/x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md +++ b/x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md @@ -41,7 +41,7 @@ on alerts as data. #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:73](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L73) +[rule_registry/server/alert_data_client/alerts_client.ts:59](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L59) ## Properties @@ -51,7 +51,7 @@ on alerts as data. #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:71](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L71) +[rule_registry/server/alert_data_client/alerts_client.ts:57](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L57) ___ @@ -61,7 +61,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:72](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L72) +[rule_registry/server/alert_data_client/alerts_client.ts:58](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L58) ___ @@ -71,7 +71,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:73](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L73) +[rule_registry/server/alert_data_client/alerts_client.ts:59](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L59) ___ @@ -81,7 +81,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:70](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L70) +[rule_registry/server/alert_data_client/alerts_client.ts:56](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L56) ## Methods @@ -101,7 +101,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:93](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L93) +[rule_registry/server/alert_data_client/alerts_client.ts:79](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L79) ___ @@ -121,7 +121,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:122](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L122) +[rule_registry/server/alert_data_client/alerts_client.ts:108](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L108) ___ @@ -142,7 +142,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:82](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L82) +[rule_registry/server/alert_data_client/alerts_client.ts:68](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L68) ___ @@ -162,7 +162,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:214](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L214) +[rule_registry/server/alert_data_client/alerts_client.ts:200](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L200) ___ @@ -188,4 +188,4 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:160](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L160) +[rule_registry/server/alert_data_client/alerts_client.ts:146](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L146) diff --git a/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md b/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md index 15f8bfed3be5d..e3dbc6b2c2354 100644 --- a/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md +++ b/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md @@ -19,7 +19,7 @@ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:33](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L33) +[rule_registry/server/alert_data_client/alerts_client.ts:34](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L34) ___ @@ -29,7 +29,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:32](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L32) +[rule_registry/server/alert_data_client/alerts_client.ts:33](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L33) ___ @@ -39,7 +39,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:34](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L34) +[rule_registry/server/alert_data_client/alerts_client.ts:35](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L35) ___ @@ -49,4 +49,4 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:31](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L31) +[rule_registry/server/alert_data_client/alerts_client.ts:32](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L32) diff --git a/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md b/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md index 8a5eeafb41eac..fbc0991635000 100644 --- a/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md +++ b/x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md @@ -25,7 +25,7 @@ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:40](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L40) +[rule_registry/server/alert_data_client/alerts_client.ts:41](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L41) ___ @@ -35,7 +35,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:38](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L38) +[rule_registry/server/alert_data_client/alerts_client.ts:39](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L39) ___ @@ -45,7 +45,7 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:41](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L41) +[rule_registry/server/alert_data_client/alerts_client.ts:42](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L42) ___ @@ -55,4 +55,4 @@ ___ #### Defined in -[rule_registry/server/alert_data_client/alerts_client.ts:39](https://github.com/dhurley14/kibana/blob/fbd3905673e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L39) +[rule_registry/server/alert_data_client/alerts_client.ts:40](https://github.com/dhurley14/kibana/blob/d2173f5090e/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L40) diff --git a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts index 552679ddc0cbd..4db2c0b8291a2 100644 --- a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts +++ b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts @@ -18,6 +18,7 @@ import { alertAuditEvent, AlertAuditAction } from './audit_events'; import { AuditLogger } from '../../../security/server'; import { ALERT_STATUS, OWNER, RULE_ID } from '../../common/technical_rule_data_field_names'; import { ParsedTechnicalFields } from '../../common/parse_technical_fields'; +import { mapConsumerToIndexName, validFeatureIds, isValidFeatureId } from '../utils/rbac'; // TODO: Fix typings https://github.com/elastic/kibana/issues/101776 type NonNullableProps = Omit & @@ -46,21 +47,6 @@ interface GetAlertParams { index?: string; } -/** - * registering a new instance of the rule data client - * in a new plugin will require updating the below data structure - * to include the index name where the alerts as data will be written to. - */ -export const mapConsumerToIndexName = { - apm: '.alerts-observability-apm', - observability: '.alerts-observability', - siem: ['.alerts-security-solution', '.siem-signals'], -}; -export type ValidFeatureId = keyof typeof mapConsumerToIndexName; - -export const validFeatureIds = Object.keys(mapConsumerToIndexName); -export const isValidFeatureId = (a: string): a is ValidFeatureId => validFeatureIds.includes(a); - /** * Provides apis to interact with alerts as data * ensures the request is authorized to perform read / write actions diff --git a/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts b/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts index efe019eff1157..b8b181a493cec 100644 --- a/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts +++ b/x-pack/plugins/rule_registry/server/routes/get_alert_index.ts @@ -11,7 +11,7 @@ import { transformError } from '@kbn/securitysolution-es-utils'; import { RacRequestHandlerContext } from '../types'; import { BASE_RAC_ALERTS_API_PATH } from '../../common/constants'; -import { validFeatureIds } from '../alert_data_client/alerts_client'; +import { validFeatureIds } from '../utils/rbac'; export const getAlertsIndexRoute = (router: IRouter) => { router.get( diff --git a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts index b7f6a4a03e76f..9a7f8ad4de9fd 100644 --- a/x-pack/plugins/rule_registry/server/rule_data_client/types.ts +++ b/x-pack/plugins/rule_registry/server/rule_data_client/types.ts @@ -11,7 +11,7 @@ import { ElasticsearchClient } from 'kibana/server'; import { FieldDescriptor } from 'src/plugins/data/server'; import { ESSearchRequest, ESSearchResponse } from 'src/core/types/elasticsearch'; import { TechnicalRuleDataFieldName } from '../../common/technical_rule_data_field_names'; -import { ValidFeatureId } from '../alert_data_client/alerts_client'; +import { ValidFeatureId } from '../utils/rbac'; export interface RuleDataReader { search( diff --git a/x-pack/plugins/rule_registry/server/utils/rbac.ts b/x-pack/plugins/rule_registry/server/utils/rbac.ts new file mode 100644 index 0000000000000..d66845d498ce7 --- /dev/null +++ b/x-pack/plugins/rule_registry/server/utils/rbac.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/** + * registering a new instance of the rule data client + * in a new plugin will require updating the below data structure + * to include the index name where the alerts as data will be written to. + */ +export const mapConsumerToIndexName = { + apm: '.alerts-observability-apm', + observability: '.alerts-observability', + siem: ['.alerts-security-solution', '.siem-signals'], +}; +export type ValidFeatureId = keyof typeof mapConsumerToIndexName; + +export const validFeatureIds = Object.keys(mapConsumerToIndexName); +export const isValidFeatureId = (a: string): a is ValidFeatureId => validFeatureIds.includes(a); From 87914f1800d41a9510630afb50c1c4d1f5ccf488 Mon Sep 17 00:00:00 2001 From: Devin Hurley Date: Thu, 1 Jul 2021 16:43:53 -0400 Subject: [PATCH 6/6] featureIds is already string[] and do not trust input for type guard --- .../rule_registry/server/alert_data_client/alerts_client.ts | 2 +- x-pack/plugins/rule_registry/server/utils/rbac.ts | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts index 4db2c0b8291a2..d32e09d32de13 100644 --- a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts +++ b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts @@ -199,7 +199,7 @@ export class AlertsClient { public async getAuthorizedAlertsIndices(featureIds: string[]): Promise { const augmentedRuleTypes = await this.authorization.getAugmentRuleTypesWithAuthorization( - featureIds as string[], + featureIds, [ReadOperations.Find, ReadOperations.Get, WriteOperations.Update], AlertingAuthorizationEntity.Alert ); diff --git a/x-pack/plugins/rule_registry/server/utils/rbac.ts b/x-pack/plugins/rule_registry/server/utils/rbac.ts index d66845d498ce7..a7e3d264f4bca 100644 --- a/x-pack/plugins/rule_registry/server/utils/rbac.ts +++ b/x-pack/plugins/rule_registry/server/utils/rbac.ts @@ -18,4 +18,5 @@ export const mapConsumerToIndexName = { export type ValidFeatureId = keyof typeof mapConsumerToIndexName; export const validFeatureIds = Object.keys(mapConsumerToIndexName); -export const isValidFeatureId = (a: string): a is ValidFeatureId => validFeatureIds.includes(a); +export const isValidFeatureId = (a: unknown): a is ValidFeatureId => + typeof a === 'string' && validFeatureIds.includes(a);