From 6aa77f303016d0919bf197ad14b1e2ac423b676c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arturo=20Lidue=C3=B1a?= Date: Wed, 4 Dec 2024 14:56:28 +0100 Subject: [PATCH] Enhance access query logic to handle user ID and name conditions (#202833) [Obs AI Assistant] Fetch user instructions and conversation using user id instead of user name - https://github.com/elastic/kibana/issues/192701 To avoid potential collisions when fetching data, we should query for the user id instead of the user name when getting instructions or conversations. **If user.id is provided:** - Matches documents with user.id equal to the provided value. - Falls back to user.name when user.id does not exist in the document. **If user.id is not provided:** - Matches only documents with user.name. ## Summary Summarize your PR. If it involves visual changes include a screenshot or gif. ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [ ] This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The `release_note:breaking` label should be applied in these situations. - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [ ] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) (cherry picked from commit 720ddd716bda9210ca92d21b0ed7065554118859) --- .../server/service/util/get_access_query.ts | 27 ++++++++++++++----- 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/util/get_access_query.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/util/get_access_query.ts index 6b654731a264b..b517273630f56 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/util/get_access_query.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/util/get_access_query.ts @@ -17,12 +17,7 @@ export function getAccessQuery({ filter: [ { bool: { - should: [ - { term: { public: true } }, - ...(user - ? [{ term: user.id ? { 'user.id': user.id } : { 'user.name': user.name } }] - : []), - ], + should: [{ term: { public: true } }, ...getUserAccessFilters(user)], minimum_should_match: 1, }, }, @@ -51,3 +46,23 @@ export function getAccessQuery({ }, ]; } + +function getUserAccessFilters(user?: { name: string; id?: string }) { + if (!user) { + return []; + } + + if (user.id) { + return [ + { term: { 'user.id': user.id } }, + { + bool: { + must_not: { exists: { field: 'user.id' } }, + must: { term: { 'user.name': user.name } }, + }, + }, + ]; + } + + return [{ term: { 'user.name': user.name } }]; +}