Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution]Case list disappears under recent case section for user having read case privilege #102321

Closed
ghost opened this issue Jun 16, 2021 · 11 comments
Closed

[Security Solution]Case list disappears under recent case section for user having read case privilege #102321

ghost opened this issue Jun 16, 2021 · 11 comments
Assignees
@cnasikas @jonathan-buttner
Labels
bug Fixes for quality problems that affect the customer experience fixed QA:Validated Issue has been validated by QA Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.14.0

Comments

@ghost
Copy link

ghost commented Jun 16, 2021

Describe the bug
Case list disappears under recent case section for user having read case privilege

Build Details:

Version: 7.14.0-SNAPSHOT
commit: 9838db392e7fcfc12f004b68fb1b09739f131148
Build Hash:41559
Artifact : https://artifacts-api.elastic.co/v1/search/7.14.0-SNAPSHOT

Browser Details:
N/A

Browser Details
All

Preconditions

  1. Kibana user should be logged in.
  2. Create a new user and assign below role to it.
  3. Case should be exist on above kibana environment. (create with help of superuser)
  4. Create a Role with All application to All and Case to Read .

image
image

Steps to Reproduce
1.login with user having read case privilege
2.Go to case tab
3.User is able to view the existing case details.
4.Go to overview tab.
5.Under the recent case section , user is able to view the existing case details.
6.Click on detective hat icon highlighted .
image
7.Click back to folder icon.
7.Observed that case data got disappears and user need to refresh kibana manually to get the data back under recent case section.

Actual Result
Case list disappears under recent case section for user having read case privilege

Expected Result
Data should be retained on jumping between the recent case

Whats Working

  • Issue not occuring for superuser

Whats Not Working

  • N/A

Screen-Shoot

Case-Issue.mp4

logs
@ghost ghost added bug Fixes for quality problems that affect the customer experience Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Jun 16, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@MadameSheema MadameSheema added the Team:Threat Hunting Security Solution Threat Hunting Team label Jun 16, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@manishgupta-qasource
Copy link

Reviewed the bug

@stephmilovic
Copy link
Contributor

This will be fixed by #101325

@ghost
Copy link
Author

ghost commented Jun 17, 2021

Thanks @stephmilovic for the update.

@MadameSheema
Copy link
Member

@karanbirsingh-qasource can you please validate the fix of this issue on the current BC? thanks :)

@ghost
Copy link
Author

ghost commented Jul 7, 2021

Hi @MadameSheema

we have validated this on 7.14.0 BC1 and Found that issue is still occurring 🔴 . Case list disappears under recent case section for user having read case privilege

Build Details:

version: 7.14.0-BC1
Commit:071a74e02f82b79a4a10026b5c9e02d593112fd4
Build:42292

Screen-Cast:

issuestilloccuringcases.mp4

@cnasikas
Copy link
Member

cnasikas commented Jul 7, 2021

@MadameSheema @karanbirsingh-qasource I can confirm that the bug is on master also. I will open a PR with a fix. Fortunately it is not related to the RBAC but how the query is being made to the backend. It is worth noted that the first icon is to show "Recently created cases" and the second to show "My recently reported cases". A user with read only access to cases should see cases when pressing the first button but not when pressing the second button if there is no cases created by that user.

@MadameSheema MadameSheema removed the fixed label Jul 7, 2021
@MadameSheema
Copy link
Member

Thanks @cnasikas !!

@cnasikas cnasikas mentioned this issue Jul 8, 2021
Merged
2 tasks
@cnasikas
Copy link
Member

cnasikas commented Jul 8, 2021

Fixed by #104826

@cnasikas cnasikas added the fixed label Jul 8, 2021
@ghost
Copy link
Author

ghost commented Jul 15, 2021

Hi @cnasikas

we have validated this issue on 7.14.0 BC3 and found it fixed . The case list does not disappear now under the overview page.

Build Details:
Version: 7.14.0 BC3
Commit:c314921a9893e0b46d9a3958f5520e3d6b1ce7d5
Build:42545

Screen-Cast:
https://user-images.githubusercontent.com/59917825/125760049-a88002d5-fe36-4314-aa3d-25d1a916756d.mp4

Hence we are closing this issue and adding "QA: Validated" to it.

thanks !!

@ghost ghost closed this as completed Jul 15, 2021
@ghost ghost added the QA:Validated Issue has been validated by QA label Jul 15, 2021
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cnasikas cnasikas

@jonathan-buttner jonathan-buttner

Labels
bug Fixes for quality problems that affect the customer experience fixed QA:Validated Issue has been validated by QA Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.14.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@stephmilovic @cnasikas @elasticmachine @MadameSheema @jonathan-buttner @manishgupta-qasource