[Security Solution] Disable ML rule's edit button link under basic license #143260
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
maximpn
added
bug
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
xcrzx
reviewed
Oct 18, 2022
...k/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx
Outdated
Show resolved
Hide resolved
...k/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx
Outdated
Show resolved
Hide resolved
...k/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx
Outdated
Show resolved
Hide resolved
...k/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx
Outdated
Show resolved
Hide resolved
maximpn
force-pushed
the
disable-ml-rule-edit-button-for-basic-license
branch
from
8564c29
to
d42c47c
Compare
maximpn
force-pushed
the
disable-ml-rule-edit-button-for-basic-license
branch
from
9ba2931
to
83b355e
Compare
maximpn
force-pushed
the
disable-ml-rule-edit-button-for-basic-license
branch
from
0f94dcc
to
7230f9f
Compare
|
@elasticmachine merge upstream |
maximpn
force-pushed
the
disable-ml-rule-edit-button-for-basic-license
branch
from
598af98
to
70c3a51
Compare
|
@elasticmachine merge upstream |
xcrzx
reviewed
Oct 20, 2022
| @@ -68,7 +68,7 @@ const useEnabledColumn = ({ hasPermissions }: ColumnsProps): TableColumn => { | |||
| render: (_, rule: Rule) => ( | |||
| <EuiToolTip | |||
| position="top" | |||
| content={getToolTipContent(rule, hasMlPermissions, hasActionsPrivileges)} | |||
| content={getToolTipContent(rule, hasMlPermissions, hasActionsPrivileges, true)} | |||
There was a problem hiding this comment.
Could we pass an actual canUserCRUD value here instead of the hardcoded true?
| @@ -96,7 +96,7 @@ const RuleActionsOverflowComponent = ({ | |||
| > | |||
| <EuiToolTip | |||
| position="left" | |||
| content={getToolTipContent(rule, true, canDuplicateRuleWithActions)} | |||
| content={getToolTipContent(rule, true, canDuplicateRuleWithActions, true)} | |||
There was a problem hiding this comment.
Could we pass an actual canUserCRUD value here instead of the hardcoded true?
There was a problem hiding this comment.
getToolTipContent() is used as a utility function here. It can be simplified though full privileges refactoring will be much better.
| ev.preventDefault(); | ||
| navigateToApp(APP_UI_ID, { | ||
| deepLinkId: SecurityPageName.rules, | ||
| path: getEditRuleUrl(ruleId ?? ''), |
There was a problem hiding this comment.
Nit: ruleId is not nullable.
| iconType="controlsHorizontal" | ||
| isDisabled={disabled} | ||
| deepLinkId={SecurityPageName.rules} | ||
| path={getEditRuleUrl(ruleId ?? '')} |
There was a problem hiding this comment.
Nit: ruleId is not nullable.
| ): string | undefined => { | ||
| if (rule == null) { | ||
| return undefined; | ||
| } else if (isMlRule(rule.type) && !hasMlPermissions) { | ||
| return detectionI18n.ML_RULES_DISABLED_MESSAGE; | ||
| } else if (!canEditRuleWithActions(rule, hasReadActionsPrivileges)) { | ||
| return i18n.EDIT_RULE_SETTINGS_TOOLTIP; | ||
| return i18n.LACK_OF_KIBANA_PRIVILEGES; | ||
| } else if (canUserCRUD !== null && !canUserCRUD) { |
There was a problem hiding this comment.
Let's use the userHasPermissions(canUserCRUD) helper here.
| @@ -484,13 +484,20 @@ export const EDIT_RULE_SETTINGS = i18n.translate( | |||
| } | |||
| ); | |||
|
|
|||
| export const EDIT_RULE_SETTINGS_TOOLTIP = i18n.translate( | |||
| 'xpack.securitySolution.detectionEngine.rules.allRules.actions.editRuleSettingsToolTip', | |||
| export const LACK_OF_KIBANA_PRIVILEGES = i18n.translate( | |||
There was a problem hiding this comment.
Thanks for renaming this constant! For more clarity, I'd propose to name it more specific, like LACK_OF_KIBANA_ACTIONS_FEATURE_PRIVILEGES, as Kibana privileges is a broader term that includes many different features, including actions, security, etc.
There was a problem hiding this comment.
sounds good, thanks
| { | ||
| defaultMessage: 'You do not have Kibana Actions privileges', | ||
| } | ||
| ); | ||
|
|
||
| export const LACK_OF_RULE_EDITING_PRIVILEGES = i18n.translate( |
There was a problem hiding this comment.
LACK_OF_KIBANA_SECURITY_FEATURE_PRIVILEGES
| export const LACK_OF_RULE_EDITING_PRIVILEGES = i18n.translate( | ||
| 'xpack.securitySolution.detectionEngine.rules.allRules.actions.lackOfRuleEditingPrivileges', | ||
| { | ||
| defaultMessage: 'You do not have rule editing privileges', |
There was a problem hiding this comment.
It would be better to rephrase this line like "You do not have Kibana Security privileges" for consistency with the documentation and the Kibana feature privileges UI.
There was a problem hiding this comment.
sounds good, thanks
maximpn
force-pushed
the
disable-ml-rule-edit-button-for-basic-license
branch
from
1746361
to
60db907
Compare
xcrzx
approved these changes
Oct 20, 2022
maximpn
force-pushed
the
disable-ml-rule-edit-button-for-basic-license
branch
from
527c76f
to
41403c4
Compare
|
@elasticmachine merge upstream |
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
History
To update your PR or re-run it, just comment with: cc @maximpn |
|
@banderror I've created an issue #143812 to address your comment. |
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
banderror
removed
the
backport:prev-minor
|
@maximpn you shouldn't backport it to 8.5, it's too late. |
jloleysens
added a commit
to jloleysens/kibana
that referenced
this pull request
Oct 24, 2022
* main: (57 commits) [Files] Filepicker (elastic#143111) [Infrastructure UI] Replace Lens table with EUI table and own api (elastic#142871) [api-docs] Daily api_docs build (elastic#143829) [api-docs] Daily api_docs build (elastic#143825) [api-docs] Daily api_docs build (elastic#143823) [Security Solution] Restructuring folders of Detection Engine + refactoring Rule Management (elastic#142950) [Dev tools] Fix performance issue with autocomplete suggestions (elastic#143428) [Security Solution] Disable ML rule's edit button link under basic license (elastic#143260) [Lens] Use the language-documentation package for formula (elastic#143649) [api-docs] Daily api_docs build (elastic#143811) [Security Solution] Fix missing title on inspect pop-up (elastic#143601) fix incorrect filters being passed to events table causing duplicate entries in our inpsect tool request tab (elastic#143239) [Security Solution][Endpoint] `get-file` response action kibana download file API (elastic#143708) Rely on refresh context to update stats independently of overview cards. (elastic#143308) [RAM] Rule event log - Fix incorrect results when filtering by message and outcome simultaneously (elastic#143119) [ML] Display link to create data view from error cases in data frame analytics results pages (elastic#143596) Update links in README :) (elastic#143675) Add more tests for ml_inference_logic (elastic#143764) skip failing test suite (elastic#143717) [DOCS] Add assignees to case APIs (elastic#143610) ...
e40pud
pushed a commit
to e40pud/kibana
that referenced
this pull request
Oct 24, 2022
…cense (elastic#143260) **Resolves:** [elastic#139796](elastic#139796) ## Summary It disables ML rule's edit button link under the basic license. ## Details ML rules aren't available under the basic license but installable from the prebuilt rules. Having an active edit button makes the UX inconsistent. Disabling such a button under the basic license for ML rules improves UX though doesn't block a user from opening the rule editing page from the address bar. Before: https://user-images.githubusercontent.com/3775283/195552179-525f0423-3a62-4ab5-b1ef-0f5cafe2286e.mov After: https://user-images.githubusercontent.com/3775283/195551540-b95fabeb-4e50-4a26-ae42-1a72f53573dc.mov ### Checklist - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
maximpn
added a commit
to maximpn/kibana
that referenced
this pull request
Nov 7, 2022
…cense (elastic#143260) **Resolves:** [elastic#139796](elastic#139796) ## Summary It disables ML rule's edit button link under the basic license. ## Details ML rules aren't available under the basic license but installable from the prebuilt rules. Having an active edit button makes the UX inconsistent. Disabling such a button under the basic license for ML rules improves UX though doesn't block a user from opening the rule editing page from the address bar. Before: https://user-images.githubusercontent.com/3775283/195552179-525f0423-3a62-4ab5-b1ef-0f5cafe2286e.mov After: https://user-images.githubusercontent.com/3775283/195551540-b95fabeb-4e50-4a26-ae42-1a72f53573dc.mov ### Checklist - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) (cherry picked from commit a670c7f) # Conflicts: # x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx
maximpn
added a commit
that referenced
this pull request
Nov 7, 2022
…cense (#143260) (#144723) **Resolves:** [#139796](#139796) ## Summary It disables ML rule's edit button link under the basic license. ## Details ML rules aren't available under the basic license but installable from the prebuilt rules. Having an active edit button makes the UX inconsistent. Disabling such a button under the basic license for ML rules improves UX though doesn't block a user from opening the rule editing page from the address bar. Before: https://user-images.githubusercontent.com/3775283/195552179-525f0423-3a62-4ab5-b1ef-0f5cafe2286e.mov After: https://user-images.githubusercontent.com/3775283/195551540-b95fabeb-4e50-4a26-ae42-1a72f53573dc.mov ### Checklist - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) (cherry picked from commit a670c7f) # Conflicts: # x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves: #139796
Summary
It disables ML rule's edit button link under the basic license.
Details
ML rules aren't available under the basic license but installable from the prebuilt rules. Having an active edit button makes the UX inconsistent. Disabling such a button under the basic license for ML rules improves UX though doesn't block a user from opening the rule editing page from the address bar.
Before:
Screen.Recording.2022-10-13.at.11.59.02.mov
After:
Screen.Recording.2022-10-13.at.11.56.25.mov
Checklist