[Security Solution] "No Data" screen is displayed when a user has missing privileges #114960
Comments
xcrzx
added
bug
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Should be fixed in #115016 🙌 |
We will still have inconsistent UI when users don't have privileges to read from
In my opinion, we should not show the Add Data screen to users with insufficient privileges as that will mislead them. They would not solve their access issues by adding data as there is already data in indices. Instead, we should communicate what is wrong with their privileges and how to set them up properly. But this is more of a product question. @jethr0null, could you please provide your input on what we should display to users in that case? |
peluja1012
added
Team:Detection Rule Management
|
@xcrzx your proposal to make the experience consistent (showing the no privileges message) makes sense to me. That said, I am not able to speak to any design conventions we might have in place (nor do I focus on those specific UIs from a PM perspective) so I'll loop a few folks in to confirm that the guidance/feedback I'm providing is sound. @paulewing does the proposed path forward make sense to you? @yiyangliu9286 are there any design conventions that we should be aware of as we consider this change? |
|
I think this has more to do with the new "No data" logic check that was implemented for the interstitial screen. If there truly is data, but the user has no access to it, then likely it can bypass the "No data" screen to the final page where the original callout occurs (at least as a quick fix). cc @kevinlog as you implemented this new logic check. But if a user has no access at all, I'm not sure there's much point in sending them all the way to the content page with a dismissable message. Likely design could help with consistent messaging/UI to present these types of screens across the entire soution. |
|
spoke with @yctercero offline. In a previous conversation with @xcrzx , I asked if this was a regression introduced by the new Data Screen and he said he didn't think it was. I wouldn't expect the new Add Data screen to change existing behavior as it is still shown based on Sourcerer and the For instance, here's the logic on the Network page: https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/public/network/pages/network.tsx#L155 Let me know of any questions or clarifications needed! |
|
@kevinlog thanks so much! We're taking it on and taking it as an opportunity to audit the UX around these privileges. |
peluja1012
added
the
8.2 candidate
peluja1012
removed
the
8.2 candidate
yctercero
added
the
SecuritySolution:QAAssist
peluja1012
added
the
Feature:Detection Alerts/Rules RBAC
yctercero
added
Team:Detection Engine
|
On latest 8.15 BC: Created the following role and had a new user assigned to it: Upon login and launching Security app: Screen.Recording.2024-07-19.at.10.21.44.AM.mov |
|
@ARWNightingale is working on designs for updated privileges for exceptions, rules, alerts. Can we wrap this ticket into that effort? https://github.com/elastic/security-team/issues/10405 cc @approksiu |
yctercero
added
the
impact:medium
Description
Users with insufficient privileges to use Security Solution see welcome screen with a call to add more data instead of the insufficient privileges callout. That could confuse some users as data is already there, but it is not visible due to a lack of the required privileges.
Steps to reproduce
Security > OverviewCurrent behavior
Welcome screen is displayed with a call to add data:
It seems like the empty screen is being shown because the user doesn't have privileges to
.log-*indices.Expected behavior
A clear message to the user that they do not have the required
readprivilege for the.log-*indices to access Security Solution. Something similar to the following callout:The text was updated successfully, but these errors were encountered: