diff --git a/docs/CHANGELOG.asciidoc b/docs/CHANGELOG.asciidoc index 5948be25def62..e821cb98f4fd0 100644 --- a/docs/CHANGELOG.asciidoc +++ b/docs/CHANGELOG.asciidoc @@ -82,6 +82,8 @@ Fleet:: * Fixes managed agent policy preconfiguration update ({kibana-pull}181624[#181624]). * Use lowercase dataset in template names ({kibana-pull}180887[#180887]). * Fixes KQL/kuery for getting Fleet Server agent count ({kibana-pull}180650[#180650]). +Index Management:: +* Fixes `allow_auto_create` field in the Index Template form ({kibana-pull}178321[#178321]). Lens & Visualizations:: * Fixes controls on fields with custom label ({kibana-pull}180615[#180615]). Machine Learning:: diff --git a/packages/core/plugins/core-plugins-server-internal/src/plugin_context.ts b/packages/core/plugins/core-plugins-server-internal/src/plugin_context.ts index 7844319de1df9..f1469fa57ced6 100644 --- a/packages/core/plugins/core-plugins-server-internal/src/plugin_context.ts +++ b/packages/core/plugins/core-plugins-server-internal/src/plugin_context.ts @@ -367,6 +367,7 @@ export function createPluginStartContext({ }, security: { authc: deps.security.authc, + audit: deps.security.audit, }, userProfile: deps.userProfile, }; diff --git a/packages/core/security/core-security-server-internal/src/security_route_handler_context.ts b/packages/core/security/core-security-server-internal/src/security_route_handler_context.ts index 451b0b2aa1114..4fa328782dd0e 100644 --- a/packages/core/security/core-security-server-internal/src/security_route_handler_context.ts +++ b/packages/core/security/core-security-server-internal/src/security_route_handler_context.ts @@ -10,12 +10,13 @@ import type { KibanaRequest } from '@kbn/core-http-server'; import type { SecurityRequestHandlerContext, AuthcRequestHandlerContext, + AuditRequestHandlerContext, } from '@kbn/core-security-server'; import type { InternalSecurityServiceStart } from './internal_contracts'; export class CoreSecurityRouteHandlerContext implements SecurityRequestHandlerContext { #authc?: AuthcRequestHandlerContext; - + #audit?: AuditRequestHandlerContext; constructor( private readonly securityStart: InternalSecurityServiceStart, private readonly request: KibanaRequest @@ -29,4 +30,13 @@ export class CoreSecurityRouteHandlerContext implements SecurityRequestHandlerCo } return this.#authc; } + + public get audit() { + if (this.#audit == null) { + this.#audit = { + logger: this.securityStart.audit.asScoped(this.request), + }; + } + return this.#audit; + } } diff --git a/packages/core/security/core-security-server-internal/src/test_helpers/create_audit_logger.mock.ts b/packages/core/security/core-security-server-internal/src/test_helpers/create_audit_logger.mock.ts new file mode 100644 index 0000000000000..b8327c8cee59a --- /dev/null +++ b/packages/core/security/core-security-server-internal/src/test_helpers/create_audit_logger.mock.ts @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { AuditLogger } from '@kbn/core-security-server'; + +export type MockedAuditLogger = jest.Mocked; + +export const createAuditLoggerMock = { + create(): MockedAuditLogger { + return { + log: jest.fn(), + enabled: true, + }; + }, +}; diff --git a/packages/core/security/core-security-server-internal/src/utils/convert_security_api.test.ts b/packages/core/security/core-security-server-internal/src/utils/convert_security_api.test.ts index 6fe51b6873862..7c2e49092f73e 100644 --- a/packages/core/security/core-security-server-internal/src/utils/convert_security_api.test.ts +++ b/packages/core/security/core-security-server-internal/src/utils/convert_security_api.test.ts @@ -8,11 +8,22 @@ import type { CoreSecurityDelegateContract } from '@kbn/core-security-server'; import { convertSecurityApi } from './convert_security_api'; +import { createAuditLoggerMock } from '../test_helpers/create_audit_logger.mock'; describe('convertSecurityApi', () => { it('returns the API from the source', () => { - const source: CoreSecurityDelegateContract = { authc: { getCurrentUser: jest.fn() } }; + const source: CoreSecurityDelegateContract = { + authc: { + getCurrentUser: jest.fn(), + }, + audit: { + asScoped: jest.fn().mockReturnValue(createAuditLoggerMock.create()), + withoutRequest: createAuditLoggerMock.create(), + }, + }; const output = convertSecurityApi(source); expect(output.authc.getCurrentUser).toBe(source.authc.getCurrentUser); + expect(output.audit.asScoped).toBe(source.audit.asScoped); + expect(output.audit.withoutRequest).toBe(source.audit.withoutRequest); }); }); diff --git a/packages/core/security/core-security-server-internal/src/utils/default_implementation.test.ts b/packages/core/security/core-security-server-internal/src/utils/default_implementation.test.ts index 17393d5994bf1..e4348404671b9 100644 --- a/packages/core/security/core-security-server-internal/src/utils/default_implementation.test.ts +++ b/packages/core/security/core-security-server-internal/src/utils/default_implementation.test.ts @@ -22,4 +22,19 @@ describe('getDefaultSecurityImplementation', () => { expect(user).toBeNull(); }); }); + + describe('audit.asScoped', () => { + it('returns null', async () => { + const logger = implementation.audit.asScoped({} as any); + expect(logger.log({ message: 'something' })).toBeUndefined(); + }); + }); + + describe('audit.withoutRequest', () => { + it('does not log', async () => { + const logger = implementation.audit.withoutRequest; + expect(logger.enabled).toBe(false); + expect(logger.log({ message: 'no request' })).toBeUndefined(); + }); + }); }); diff --git a/packages/core/security/core-security-server-internal/src/utils/default_implementation.ts b/packages/core/security/core-security-server-internal/src/utils/default_implementation.ts index bd4ce287fd498..91819807f1064 100644 --- a/packages/core/security/core-security-server-internal/src/utils/default_implementation.ts +++ b/packages/core/security/core-security-server-internal/src/utils/default_implementation.ts @@ -13,5 +13,14 @@ export const getDefaultSecurityImplementation = (): CoreSecurityDelegateContract authc: { getCurrentUser: () => null, }, + audit: { + asScoped: () => { + return { log: () => undefined, enabled: false }; + }, + withoutRequest: { + log: () => undefined, + enabled: false, + }, + }, }; }; diff --git a/packages/core/security/core-security-server-mocks/index.ts b/packages/core/security/core-security-server-mocks/index.ts index 0e6eafac658e8..23c49282252f0 100644 --- a/packages/core/security/core-security-server-mocks/index.ts +++ b/packages/core/security/core-security-server-mocks/index.ts @@ -7,3 +7,5 @@ */ export { securityServiceMock } from './src/security_service.mock'; +export type { InternalSecurityStartMock, SecurityStartMock } from './src/security_service.mock'; +export { auditLoggerMock } from './src/audit.mock'; diff --git a/packages/core/security/core-security-server-mocks/src/audit.mock.ts b/packages/core/security/core-security-server-mocks/src/audit.mock.ts new file mode 100644 index 0000000000000..c5c117b6189d6 --- /dev/null +++ b/packages/core/security/core-security-server-mocks/src/audit.mock.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import type { KibanaRequest } from '@kbn/core-http-server'; +import type { AuditLogger } from '@kbn/core-security-server'; + +export type MockedAuditLogger = jest.Mocked; + +export const auditLoggerMock = { + create(): MockedAuditLogger { + return { + log: jest.fn(), + enabled: true, + }; + }, +}; + +export interface MockedAuditService { + asScoped: (request: KibanaRequest) => MockedAuditLogger; + withoutRequest: MockedAuditLogger; +} + +export const auditServiceMock = { + create(): MockedAuditService { + return { + asScoped: jest.fn().mockReturnValue(auditLoggerMock.create()), + withoutRequest: auditLoggerMock.create(), + }; + }, +}; diff --git a/packages/core/security/core-security-server-mocks/src/security_service.mock.ts b/packages/core/security/core-security-server-mocks/src/security_service.mock.ts index 99f86c84461f3..b19539fd862c0 100644 --- a/packages/core/security/core-security-server-mocks/src/security_service.mock.ts +++ b/packages/core/security/core-security-server-mocks/src/security_service.mock.ts @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -import type { +import { SecurityServiceSetup, SecurityServiceStart, SecurityRequestHandlerContext, @@ -15,6 +15,7 @@ import type { InternalSecurityServiceSetup, InternalSecurityServiceStart, } from '@kbn/core-security-server-internal'; +import { auditServiceMock, type MockedAuditService } from './audit.mock'; const createSetupMock = () => { const mock: jest.Mocked = { @@ -24,11 +25,16 @@ const createSetupMock = () => { return mock; }; -const createStartMock = () => { - const mock: jest.MockedObjectDeep = { +export type SecurityStartMock = jest.MockedObjectDeep> & { + audit: MockedAuditService; +}; + +const createStartMock = (): SecurityStartMock => { + const mock = { authc: { getCurrentUser: jest.fn(), }, + audit: auditServiceMock.create(), }; return mock; @@ -42,11 +48,18 @@ const createInternalSetupMock = () => { return mock; }; -const createInternalStartMock = () => { - const mock: jest.MockedObjectDeep = { +export type InternalSecurityStartMock = jest.MockedObjectDeep< + Omit +> & { + audit: MockedAuditService; +}; + +const createInternalStartMock = (): InternalSecurityStartMock => { + const mock = { authc: { getCurrentUser: jest.fn(), }, + audit: auditServiceMock.create(), }; return mock; @@ -67,6 +80,12 @@ const createRequestHandlerContextMock = () => { authc: { getCurrentUser: jest.fn(), }, + audit: { + logger: { + log: jest.fn(), + enabled: true, + }, + }, }; return mock; }; diff --git a/packages/core/security/core-security-server-mocks/tsconfig.json b/packages/core/security/core-security-server-mocks/tsconfig.json index ca806dd4d5029..28181e131badd 100644 --- a/packages/core/security/core-security-server-mocks/tsconfig.json +++ b/packages/core/security/core-security-server-mocks/tsconfig.json @@ -16,5 +16,6 @@ "kbn_references": [ "@kbn/core-security-server", "@kbn/core-security-server-internal", + "@kbn/core-http-server", ] } diff --git a/packages/core/security/core-security-server/index.ts b/packages/core/security/core-security-server/index.ts index c8dd3efda695c..a4d3027c97fdb 100644 --- a/packages/core/security/core-security-server/index.ts +++ b/packages/core/security/core-security-server/index.ts @@ -8,11 +8,21 @@ export type { SecurityServiceSetup, SecurityServiceStart } from './src/contracts'; export type { CoreAuthenticationService } from './src/authc'; +export type { CoreAuditService } from './src/audit'; export type { CoreSecurityDelegateContract, AuthenticationServiceContract, + AuditServiceContract, } from './src/api_provider'; export type { SecurityRequestHandlerContext, AuthcRequestHandlerContext, + AuditRequestHandlerContext, } from './src/request_handler_context'; +export type { + AuditEvent, + AuditHttp, + AuditKibana, + AuditRequest, +} from './src/audit_logging/audit_events'; +export type { AuditLogger } from './src/audit_logging/audit_logger'; diff --git a/packages/core/security/core-security-server/src/api_provider.ts b/packages/core/security/core-security-server/src/api_provider.ts index 2bcd9bd9b2b97..102c1a0a899c7 100644 --- a/packages/core/security/core-security-server/src/api_provider.ts +++ b/packages/core/security/core-security-server/src/api_provider.ts @@ -6,6 +6,7 @@ * Side Public License, v 1. */ +import type { CoreAuditService } from './audit'; import type { CoreAuthenticationService } from './authc'; /** @@ -16,9 +17,12 @@ import type { CoreAuthenticationService } from './authc'; */ export interface CoreSecurityDelegateContract { authc: AuthenticationServiceContract; + audit: AuditServiceContract; } /** * @public */ export type AuthenticationServiceContract = CoreAuthenticationService; + +export type AuditServiceContract = CoreAuditService; diff --git a/packages/core/security/core-security-server/src/audit.ts b/packages/core/security/core-security-server/src/audit.ts new file mode 100644 index 0000000000000..57d72366fdac8 --- /dev/null +++ b/packages/core/security/core-security-server/src/audit.ts @@ -0,0 +1,40 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import type { KibanaRequest } from '@kbn/core-http-server'; + +import type { AuditLogger } from './audit_logging/audit_logger'; + +export interface CoreAuditService { + /** + * Creates an {@link AuditLogger} scoped to the current request. + * + * This audit logger logs events with all required user and session info and should be used for + * all user-initiated actions. + * + * @example + * ```typescript + * const auditLogger = securitySetup.audit.asScoped(request); + * auditLogger.log(event); + * ``` + */ + asScoped: (request: KibanaRequest) => AuditLogger; + + /** + * {@link AuditLogger} for background tasks only. + * + * This audit logger logs events without any user or session info and should never be used to log + * user-initiated actions. + * + * @example + * ```typescript + * securitySetup.audit.withoutRequest.log(event); + * ``` + */ + withoutRequest: AuditLogger; +} diff --git a/x-pack/packages/security/plugin_types_server/src/audit/audit_events.ts b/packages/core/security/core-security-server/src/audit_logging/audit_events.ts similarity index 91% rename from x-pack/packages/security/plugin_types_server/src/audit/audit_events.ts rename to packages/core/security/core-security-server/src/audit_logging/audit_events.ts index 35d7bb254fc22..f0e9829bba3fc 100644 --- a/x-pack/packages/security/plugin_types_server/src/audit/audit_events.ts +++ b/packages/core/security/core-security-server/src/audit_logging/audit_events.ts @@ -1,11 +1,12 @@ /* * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. */ -import type { LogMeta } from '@kbn/core/server'; +import type { LogMeta } from '@kbn/logging'; /** * Audit kibana schema using ECS format diff --git a/x-pack/packages/security/plugin_types_server/src/audit/audit_logger.ts b/packages/core/security/core-security-server/src/audit_logging/audit_logger.ts similarity index 86% rename from x-pack/packages/security/plugin_types_server/src/audit/audit_logger.ts rename to packages/core/security/core-security-server/src/audit_logging/audit_logger.ts index 4670de3aa8d3b..803a167423a29 100644 --- a/x-pack/packages/security/plugin_types_server/src/audit/audit_logger.ts +++ b/packages/core/security/core-security-server/src/audit_logging/audit_logger.ts @@ -1,8 +1,9 @@ /* * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. */ import type { AuditEvent } from './audit_events'; diff --git a/packages/core/security/core-security-server/src/contracts.ts b/packages/core/security/core-security-server/src/contracts.ts index 8c75b352c5556..ed25737823f7b 100644 --- a/packages/core/security/core-security-server/src/contracts.ts +++ b/packages/core/security/core-security-server/src/contracts.ts @@ -8,7 +8,7 @@ import type { CoreAuthenticationService } from './authc'; import type { CoreSecurityDelegateContract } from './api_provider'; - +import type { CoreAuditService } from './audit'; /** * Setup contract for Core's security service. * @@ -33,4 +33,8 @@ export interface SecurityServiceStart { * The {@link CoreAuthenticationService | authentication service} */ authc: CoreAuthenticationService; + /** + * The {@link CoreAuditService | audit service} + */ + audit: CoreAuditService; } diff --git a/packages/core/security/core-security-server/src/request_handler_context.ts b/packages/core/security/core-security-server/src/request_handler_context.ts index 6433ea9a919e1..37915c24ddaa1 100644 --- a/packages/core/security/core-security-server/src/request_handler_context.ts +++ b/packages/core/security/core-security-server/src/request_handler_context.ts @@ -7,11 +7,17 @@ */ import type { AuthenticatedUser } from '@kbn/core-security-common'; +import { AuditLogger } from './audit_logging/audit_logger'; export interface SecurityRequestHandlerContext { authc: AuthcRequestHandlerContext; + audit: AuditRequestHandlerContext; } export interface AuthcRequestHandlerContext { getCurrentUser(): AuthenticatedUser | null; } + +export interface AuditRequestHandlerContext { + logger: AuditLogger; +} diff --git a/packages/core/security/core-security-server/tsconfig.json b/packages/core/security/core-security-server/tsconfig.json index 7b6c07b4a6eba..0304c8ef6dee2 100644 --- a/packages/core/security/core-security-server/tsconfig.json +++ b/packages/core/security/core-security-server/tsconfig.json @@ -16,5 +16,6 @@ "kbn_references": [ "@kbn/core-security-common", "@kbn/core-http-server", + "@kbn/logging", ] } diff --git a/src/core/server/index.ts b/src/core/server/index.ts index 47f5da8bad226..c77f7311100c8 100644 --- a/src/core/server/index.ts +++ b/src/core/server/index.ts @@ -122,6 +122,12 @@ export type { SecurityServiceSetup, SecurityServiceStart, CoreAuthenticationService, + CoreAuditService, + AuditEvent, + AuditHttp, + AuditKibana, + AuditRequest, + AuditLogger, } from '@kbn/core-security-server'; export type { User, diff --git a/x-pack/packages/security/plugin_types_server/src/audit/audit_service.ts b/x-pack/packages/security/plugin_types_server/src/audit/audit_service.ts index 88b25b5181a42..e7b7f27b73b07 100644 --- a/x-pack/packages/security/plugin_types_server/src/audit/audit_service.ts +++ b/x-pack/packages/security/plugin_types_server/src/audit/audit_service.ts @@ -7,7 +7,7 @@ import type { KibanaRequest } from '@kbn/core/server'; -import type { AuditLogger } from './audit_logger'; +import type { AuditLogger } from '@kbn/core-security-server'; export interface AuditServiceSetup { /** diff --git a/x-pack/packages/security/plugin_types_server/src/audit/index.ts b/x-pack/packages/security/plugin_types_server/src/audit/index.ts index 0111172cd409f..2545d064d7abe 100644 --- a/x-pack/packages/security/plugin_types_server/src/audit/index.ts +++ b/x-pack/packages/security/plugin_types_server/src/audit/index.ts @@ -6,5 +6,10 @@ */ export type { AuditServiceSetup } from './audit_service'; -export type { AuditEvent, AuditHttp, AuditKibana, AuditRequest } from './audit_events'; -export type { AuditLogger } from './audit_logger'; +export type { + AuditEvent, + AuditHttp, + AuditKibana, + AuditLogger, + AuditRequest, +} from '@kbn/core-security-server'; diff --git a/x-pack/packages/security/plugin_types_server/tsconfig.json b/x-pack/packages/security/plugin_types_server/tsconfig.json index 0edcc935ca144..51a1cf53c62bf 100644 --- a/x-pack/packages/security/plugin_types_server/tsconfig.json +++ b/x-pack/packages/security/plugin_types_server/tsconfig.json @@ -14,5 +14,6 @@ "@kbn/core", "@kbn/security-plugin-types-common", "@kbn/core-user-profile-server", + "@kbn/core-security-server", ] } diff --git a/x-pack/plugins/kubernetes_security/public/components/tree_view_container/empty_state.tsx b/x-pack/plugins/kubernetes_security/public/components/tree_view_container/empty_state.tsx index 449fb1ef1c94d..84f918a2cd0b5 100644 --- a/x-pack/plugins/kubernetes_security/public/components/tree_view_container/empty_state.tsx +++ b/x-pack/plugins/kubernetes_security/public/components/tree_view_container/empty_state.tsx @@ -31,7 +31,7 @@ export const EmptyState: React.FC = () => { -

+

{ let authc: ReturnType; + let auditService: ReturnType; let api: CoreSecurityDelegateContract; beforeEach(() => { authc = authenticationServiceMock.createStart(); - api = buildSecurityApi({ getAuthc: () => authc }); + auditService = auditServiceMock.create(); + api = buildSecurityApi({ getAuthc: () => authc, audit: auditService }); }); describe('authc.getCurrentUser', () => { @@ -43,6 +46,25 @@ describe('buildSecurityApi', () => { expect(currentUser).toBe(delegateReturn); }); }); + + describe('audit.asScoped', () => { + let auditLogger: AuditLogger; + it('properly delegates to the service', () => { + const request = httpServerMock.createKibanaRequest(); + auditLogger = api.audit.asScoped(request); + auditLogger.log({ message: 'an event' }); + expect(auditService.asScoped).toHaveBeenCalledTimes(1); + expect(auditService.asScoped).toHaveBeenCalledWith(request); + }); + + it('returns the result from the service', async () => { + const request = httpServerMock.createKibanaRequest(); + auditLogger = api.audit.asScoped(request); + auditLogger.log({ message: 'an event' }); + expect(auditService.asScoped(request).log).toHaveBeenCalledTimes(1); + expect(auditService.asScoped(request).log).toHaveBeenCalledWith({ message: 'an event' }); + }); + }); }); describe('buildUserProfileApi', () => { diff --git a/x-pack/plugins/security/server/build_delegate_apis.ts b/x-pack/plugins/security/server/build_delegate_apis.ts index b4fd4474aaace..fb782f3db256f 100644 --- a/x-pack/plugins/security/server/build_delegate_apis.ts +++ b/x-pack/plugins/security/server/build_delegate_apis.ts @@ -7,14 +7,17 @@ import type { CoreSecurityDelegateContract } from '@kbn/core-security-server'; import type { CoreUserProfileDelegateContract } from '@kbn/core-user-profile-server'; +import type { AuditServiceSetup } from '@kbn/security-plugin-types-server'; import type { InternalAuthenticationServiceStart } from './authentication'; import type { UserProfileServiceStartInternal } from './user_profile'; export const buildSecurityApi = ({ getAuthc, + audit, }: { getAuthc: () => InternalAuthenticationServiceStart; + audit: AuditServiceSetup; }): CoreSecurityDelegateContract => { return { authc: { @@ -22,6 +25,15 @@ export const buildSecurityApi = ({ return getAuthc().getCurrentUser(request); }, }, + audit: { + asScoped(request) { + return audit.asScoped(request); + }, + withoutRequest: { + log: audit.withoutRequest.log, + enabled: audit.withoutRequest.enabled, + }, + }, }; }; diff --git a/x-pack/plugins/security/server/plugin.ts b/x-pack/plugins/security/server/plugin.ts index 7153e1cc6794e..791d784c36a0d 100644 --- a/x-pack/plugins/security/server/plugin.ts +++ b/x-pack/plugins/security/server/plugin.ts @@ -298,6 +298,7 @@ export class SecurityPlugin core.security.registerSecurityDelegate( buildSecurityApi({ getAuthc: this.getAuthentication.bind(this), + audit: this.auditSetup, }) ); core.userProfile.registerUserProfileDelegate( diff --git a/x-pack/plugins/security_solution/public/common/hooks/esql/use_esql_availability.ts b/x-pack/plugins/security_solution/public/common/hooks/esql/use_esql_availability.ts index a9df259addf49..41fc7084b32bf 100644 --- a/x-pack/plugins/security_solution/public/common/hooks/esql/use_esql_availability.ts +++ b/x-pack/plugins/security_solution/public/common/hooks/esql/use_esql_availability.ts @@ -6,12 +6,18 @@ */ import { useMemo } from 'react'; +import { ENABLE_ESQL } from '@kbn/esql-utils'; import { useKibana } from '../../lib/kibana'; import { useIsExperimentalFeatureEnabled } from '../use_experimental_features'; +/** + * This hook combines the checks for esql availability within the security solution + * If the advanced setting is disabled, ESQL will not be accessible in the UI for any new timeline or new rule creation workflows + * The feature flags are still available to provide users an escape hatch in case of any esql related performance issues + */ export const useEsqlAvailability = () => { const { uiSettings } = useKibana().services; - const isEsqlAdvancedSettingEnabled = uiSettings?.get('discover:enableESQL'); + const isEsqlAdvancedSettingEnabled = uiSettings?.get(ENABLE_ESQL); const isEsqlRuleTypeEnabled = !useIsExperimentalFeatureEnabled('esqlRulesDisabled') && isEsqlAdvancedSettingEnabled; const isESQLTabInTimelineEnabled = diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_update_authorization.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_update_authorization.cy.ts index c9349ea6d083c..bc0b531a156f1 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_update_authorization.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_update_authorization.cy.ts @@ -66,7 +66,10 @@ const loginPageAsWriteAuthorizedUser = (url: string) => { }; // https://github.com/elastic/kibana/issues/179965 -describe( +// Failing: See https://github.com/elastic/kibana/issues/182485 +// Failing: See https://github.com/elastic/kibana/issues/182483 +// Failing: See https://github.com/elastic/kibana/issues/182486 +describe.skip( 'Detection rules, Prebuilt Rules Installation and Update - Authorization/RBAC', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_via_fleet.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_via_fleet.cy.ts index 762e79bb27003..29ded745c05b7 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_via_fleet.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_via_fleet.cy.ts @@ -16,7 +16,9 @@ import { clickAddElasticRulesButton } from '../../../../tasks/prebuilt_rules'; import { visitRulesManagementTable } from '../../../../tasks/rules_management'; import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -describe( +// Failing: See https://github.com/elastic/kibana/issues/182439 +// Failing: See https://github.com/elastic/kibana/issues/182440 +describe.skip( 'Detection rules, Prebuilt Rules Installation and Update workflow', { tags: ['@ess', '@serverless'] }, () => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_workflow.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_workflow.cy.ts index 782672ccb1c45..75c83d0aa2dab 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_workflow.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/install_workflow.cy.ts @@ -30,7 +30,8 @@ import { import { visitRulesManagementTable } from '../../../../tasks/rules_management'; import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -describe( +// Failing: See https://github.com/elastic/kibana/issues/182441 +describe.skip( 'Detection rules, Prebuilt Rules Installation and Update workflow', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/management.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/management.cy.ts index b49426b9b515a..35736e319737f 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/management.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/management.cy.ts @@ -51,7 +51,8 @@ const rules = Array.from(Array(5)).map((_, i) => { }); // https://github.com/elastic/kibana/issues/179973 -describe('Prebuilt rules', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { +// Failing: See https://github.com/elastic/kibana/issues/182442 +describe.skip('Prebuilt rules', { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] }, () => { beforeEach(() => { login(); deleteAlertsAndRules();