From 73066e8cc30c756ed6953948d9d65bb0175af99f Mon Sep 17 00:00:00 2001 From: Irene Blanco Date: Mon, 16 Dec 2024 11:02:04 +0100 Subject: [PATCH 1/2] [Infra] Update deprecated access tags to the new security configuration in routes (#204214) ## Summary Closes https://github.com/elastic/kibana/issues/203793 This PR replaces the deprecated `access` tags with the new `security` configuration. All instances of `options: {tags: ['access:infra']}` are now updated to `security: {authz: {requiredPrivileges: ['infra']}}`. --- .../framework/kibana_framework_adapter.ts | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/x-pack/plugins/observability_solution/infra/server/lib/adapters/framework/kibana_framework_adapter.ts b/x-pack/plugins/observability_solution/infra/server/lib/adapters/framework/kibana_framework_adapter.ts index f245214cfa37a..ad6a6bbcbcc27 100644 --- a/x-pack/plugins/observability_solution/infra/server/lib/adapters/framework/kibana_framework_adapter.ts +++ b/x-pack/plugins/observability_solution/infra/server/lib/adapters/framework/kibana_framework_adapter.ts @@ -52,9 +52,8 @@ export class KibanaFramework { config: InfraRouteConfig, handler: RequestHandler ) { - const defaultOptions = { - tags: ['access:infra'], - }; + const defaultSecurity = { authz: { requiredPrivileges: ['infra'] } }; + const routeConfig = { path: config.path, validate: config.validate, @@ -65,7 +64,8 @@ export class KibanaFramework { * using `as ...` below to ensure the route config has * the correct options type. */ - options: { ...config.options, ...defaultOptions }, + options: { ...config.options }, + security: defaultSecurity, }; switch (config.method) { case 'get': @@ -89,15 +89,12 @@ export class KibanaFramework { public registerVersionedRoute( config: InfraVersionedRouteConfig ) { - const defaultOptions = { - tags: ['access:infra'], - }; + const defaultSecurity = { authz: { requiredPrivileges: ['infra'] } }; + const routeConfig = { access: config.access, path: config.path, - // Currently we have no use of custom options beyond tags, this can be extended - // beyond defaultOptions if it's needed. - options: defaultOptions, + security: defaultSecurity, }; switch (config.method) { case 'get': From c92899e142c3edf8318d0a7a13c15ff7cfb3a0f4 Mon Sep 17 00:00:00 2001 From: Ievgen Sorokopud Date: Mon, 16 Dec 2024 11:15:52 +0100 Subject: [PATCH 2/2] [Rules migration] Allow partial `RuleResponse` object to be passed to `RuleOverviewTab` (#204318) ## Summary These changes allow `Partial` to be used as a parameter for `RuleOverviewTab` component. We re-use this component for "SIEM Migrations" feature to display translated state of the rule which has just a few fields that represent the `RuleResponse` object. The set of fields used in `RuleMigration` object is a minimum set of fields enough for the rule creation. Right now, `RuleOverviewTab` component requires the complete `RuleResponse` object to be passed even though internally each section (`RuleAboutSection`, `RuleDefinitionSection`, `RuleScheduleSection` and `RuleSetupGuideSection`) of the rule's overview expects `Partial`. To be able to use this component we force type casting at the moment and would like to get rid of it. @elastic/security-detection-rule-management do you have objects regarding this change in `RuleOverviewTab` intefrace? ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - Rule management cypress tests ([100 ESS & 100 Serverless](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/7601)) --- .../components/rule_details/rule_overview_tab.tsx | 2 +- .../rules/components/rule_details_flyout/index.tsx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_overview_tab.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_overview_tab.tsx index 7fd3cc270286c..6ad182d722517 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_overview_tab.tsx +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_overview_tab.tsx @@ -88,7 +88,7 @@ const ExpandableSection = ({ title, isOpen, toggle, children }: ExpandableSectio }; interface RuleOverviewTabProps { - rule: RuleResponse; + rule: Partial; columnWidths?: EuiDescriptionListProps['columnWidths']; expandedOverviewSections: Record; toggleOverviewSection: Record void>; diff --git a/x-pack/plugins/security_solution/public/siem_migrations/rules/components/rule_details_flyout/index.tsx b/x-pack/plugins/security_solution/public/siem_migrations/rules/components/rule_details_flyout/index.tsx index 60a44c251e924..584a5fb9320f3 100644 --- a/x-pack/plugins/security_solution/public/siem_migrations/rules/components/rule_details_flyout/index.tsx +++ b/x-pack/plugins/security_solution/public/siem_migrations/rules/components/rule_details_flyout/index.tsx @@ -126,7 +126,7 @@ export const MigrationRuleDetailsFlyout: React.FC { const elasticRule = ruleMigration?.elastic_rule; if (isMigrationCustomRule(elasticRule)) { - return convertMigrationCustomRuleToSecurityRulePayload(elasticRule, false) as RuleResponse; // TODO: we need to adjust RuleOverviewTab to allow partial RuleResponse as a parameter; + return convertMigrationCustomRuleToSecurityRulePayload(elasticRule, false); } return matchedPrebuiltRule; }, [ruleMigration, matchedPrebuiltRule]);