Merge remote-tracking branch 'upstream/master' into nls/hide-lens

packages/kbn-optimizer/limits.yml

@@ -107,7 +107,7 @@ pageLoadAssetSize:
   dataVisualizer: 27530
   banners: 17946
   mapsEms: 26072
-  timelines: 230410
+  timelines: 251886
   screenshotMode: 17856
   visTypePie: 35583
   expressionRevealImage: 25675

packages/kbn-rule-data-utils/src/technical_field_names.ts

@@ -8,7 +8,7 @@
 
 import { ValuesType } from 'utility-types';
 
-const ALERT_NAMESPACE = 'kibana.rac.alert';
+const ALERT_NAMESPACE = 'kibana.rac.alert' as const;
 
 const TIMESTAMP = '@timestamp' as const;
 const EVENT_KIND = 'event.kind' as const;
@@ -28,6 +28,7 @@ const ALERT_DURATION = `${ALERT_NAMESPACE}.duration.us` as const;
 const ALERT_SEVERITY_LEVEL = `${ALERT_NAMESPACE}.severity.level` as const;
 const ALERT_SEVERITY_VALUE = `${ALERT_NAMESPACE}.severity.value` as const;
 const ALERT_STATUS = `${ALERT_NAMESPACE}.status` as const;
+const SPACE_IDS = 'kibana.space_ids' as const;
 const ALERT_EVALUATION_THRESHOLD = `${ALERT_NAMESPACE}.evaluation.threshold` as const;
 const ALERT_EVALUATION_VALUE = `${ALERT_NAMESPACE}.evaluation.value` as const;
 
@@ -52,6 +53,7 @@ const fields = {
   ALERT_STATUS,
   ALERT_EVALUATION_THRESHOLD,
   ALERT_EVALUATION_VALUE,
+  SPACE_IDS,
 };
 
 export {
@@ -75,6 +77,7 @@ export {
   ALERT_STATUS,
   ALERT_EVALUATION_THRESHOLD,
   ALERT_EVALUATION_VALUE,
+  SPACE_IDS,
 };
 
 export type TechnicalRuleDataFieldName = ValuesType<typeof fields>;

src/dev/ci_setup/load_env_keys.sh

@@ -37,12 +37,6 @@ else
   KIBANA_BUILDBUDDY_CI_API_KEY=$(retry 5 vault read -field=value secret/kibana-issues/dev/kibana-buildbuddy-ci-api-key)
   export KIBANA_BUILDBUDDY_CI_API_KEY
 
-  # read FullStory env vars
-  FULLSTORY_ORG_ID=$(retry 5 vault read -field=org_id secret/kibana-issues/dev/fullstory-credentials)
-  export FULLSTORY_ORG_ID
-  FULLSTORY_API_KEY=$(retry 5 vault read -field=api_key secret/kibana-issues/dev/fullstory-credentials)
-  export FULLSTORY_API_KEY
-
   # remove vault related secrets
   unset VAULT_ROLE_ID VAULT_SECRET_ID VAULT_TOKEN VAULT_ADDR
 fi

x-pack/plugins/alerting/server/authorization/alerting_authorization.mock.ts

@@ -17,6 +17,7 @@ const createAlertingAuthorizationMock = () => {
     filterByRuleTypeAuthorization: jest.fn(),
     getFindAuthorizationFilter: jest.fn(),
     getAugmentedRuleTypesWithAuthorization: jest.fn(),
+    getSpaceId: jest.fn(),
   };
   return mocked;
 };

x-pack/plugins/alerting/server/authorization/alerting_authorization.ts

@@ -81,6 +81,7 @@ export class AlertingAuthorization {
   private readonly featuresIds: Promise<Set<string>>;
   private readonly allPossibleConsumers: Promise<AuthorizedConsumers>;
   private readonly exemptConsumerIds: string[];
+  private readonly spaceId: Promise<string | undefined>;
 
   constructor({
     alertTypeRegistry,
@@ -101,6 +102,8 @@ export class AlertingAuthorization {
     // manually authorize each rule type in the management UI.
     this.exemptConsumerIds = exemptConsumerIds;
 
+    this.spaceId = getSpace(request).then((maybeSpace) => maybeSpace?.id);
+
     this.featuresIds = getSpace(request)
       .then((maybeSpace) => new Set(maybeSpace?.disabledFeatures ?? []))
       .then(
@@ -138,6 +141,10 @@ export class AlertingAuthorization {
     return this.authorization?.mode?.useRbacForRequest(this.request) ?? false;
   }
 
+  public async getSpaceId(): Promise<string | undefined> {
+    return this.spaceId;
+  }
+
   /*
    * This method exposes the private 'augmentRuleTypesWithAuthorization' to be
    * used by the RAC/Alerts client

x-pack/plugins/fleet/common/openapi/bundled.json

@@ -941,6 +941,11 @@
       "post": {
         "summary": "Agent policy - copy one policy",
         "operationId": "agent-policy-copy",
+        "parameters": [
+          {
+            "$ref": "#/components/parameters/kbn_xsrf"
+          }
+        ],
         "responses": {
           "200": {
             "description": "OK",
@@ -981,8 +986,7 @@
             }
           },
           "description": ""
-        },
-        "description": "Copies one agent policy"
+        }
       }
     },
     "/agent_policies/delete": {

x-pack/plugins/fleet/common/openapi/bundled.yaml

@@ -579,6 +579,8 @@ paths:
     post:
       summary: Agent policy - copy one policy
       operationId: agent-policy-copy
+      parameters:
+        - $ref: '#/components/parameters/kbn_xsrf'
       responses:
         '200':
           description: OK
@@ -604,7 +606,6 @@ paths:
               required:
                 - name
         description: ''
-      description: Copies one agent policy
   /agent_policies/delete:
     post:
       summary: Agent policy - Delete

x-pack/plugins/fleet/common/openapi/paths/agent_policies@{agent_policy_id}@copy.yaml

@@ -7,6 +7,8 @@ parameters:
 post:
   summary: Agent policy - copy one policy
   operationId: agent-policy-copy
+  parameters:
+    - $ref: ../components/headers/kbn_xsrf.yaml
   responses:
     '200':
       description: OK
@@ -32,4 +34,4 @@ post:
           required:
             - name
     description: ''
-  description: Copies one agent policy
+

x-pack/plugins/rule_registry/common/assets/field_maps/technical_rule_field_map.ts

@@ -26,6 +26,7 @@ import {
   RULE_UUID,
   TAGS,
   TIMESTAMP,
+  SPACE_IDS,
 } from '../../../common/technical_rule_data_field_names';
 import { ecsFieldMap } from './ecs_field_map';
 
@@ -43,6 +44,7 @@ export const technicalRuleFieldMap = {
   ),
   [OWNER]: { type: 'keyword' },
   [PRODUCER]: { type: 'keyword' },
+  [SPACE_IDS]: { type: 'keyword', array: true },
   [ALERT_UUID]: { type: 'keyword' },
   [ALERT_ID]: { type: 'keyword' },
   [ALERT_START]: { type: 'date' },

x-pack/plugins/rule_registry/docs/alerts_client/classes/alertsclient.md

@@ -18,6 +18,7 @@ on alerts as data.
 - [authorization](alertsclient.md#authorization)
 - [esClient](alertsclient.md#esclient)
 - [logger](alertsclient.md#logger)
+- [spaceId](alertsclient.md#spaceid)
 
 ### Methods
 
@@ -41,7 +42,7 @@ on alerts as data.
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:59](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L59)
+[rule_registry/server/alert_data_client/alerts_client.ts:66](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L66)
 
 ## Properties
 
@@ -51,7 +52,7 @@ on alerts as data.
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:57](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L57)
+[rule_registry/server/alert_data_client/alerts_client.ts:63](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L63)
 
 ___
 
@@ -61,7 +62,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:58](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L58)
+[rule_registry/server/alert_data_client/alerts_client.ts:64](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L64)
 
 ___
 
@@ -71,7 +72,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:59](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L59)
+[rule_registry/server/alert_data_client/alerts_client.ts:65](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L65)
 
 ___
 
@@ -81,7 +82,17 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:56](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L56)
+[rule_registry/server/alert_data_client/alerts_client.ts:62](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L62)
+
+___
+
+### spaceId
+
+• `Private` `Readonly` **spaceId**: `Promise`<undefined \| string\>
+
+#### Defined in
+
+[rule_registry/server/alert_data_client/alerts_client.ts:66](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L66)
 
 ## Methods
 
@@ -101,7 +112,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:79](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L79)
+[rule_registry/server/alert_data_client/alerts_client.ts:87](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L87)
 
 ___
 
@@ -121,7 +132,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:115](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L115)
+[rule_registry/server/alert_data_client/alerts_client.ts:134](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L134)
 
 ___
 
@@ -142,7 +153,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:68](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L68)
+[rule_registry/server/alert_data_client/alerts_client.ts:76](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L76)
 
 ___
 
@@ -162,7 +173,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:219](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L219)
+[rule_registry/server/alert_data_client/alerts_client.ts:238](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L238)
 
 ___
 
@@ -188,4 +199,4 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:160](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L160)
+[rule_registry/server/alert_data_client/alerts_client.ts:179](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L179)

x-pack/plugins/rule_registry/docs/alerts_client/interfaces/constructoroptions.md

@@ -19,7 +19,7 @@
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:34](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L34)
+[rule_registry/server/alert_data_client/alerts_client.ts:40](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L40)
 
 ___
 
@@ -29,7 +29,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:33](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L33)
+[rule_registry/server/alert_data_client/alerts_client.ts:39](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L39)
 
 ___
 
@@ -39,7 +39,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:35](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L35)
+[rule_registry/server/alert_data_client/alerts_client.ts:41](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L41)
 
 ___
 
@@ -49,4 +49,4 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:32](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L32)
+[rule_registry/server/alert_data_client/alerts_client.ts:38](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L38)

x-pack/plugins/rule_registry/docs/alerts_client/interfaces/updateoptions.md

@@ -25,7 +25,7 @@
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:41](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L41)
+[rule_registry/server/alert_data_client/alerts_client.ts:47](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L47)
 
 ___
 
@@ -35,7 +35,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:39](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L39)
+[rule_registry/server/alert_data_client/alerts_client.ts:45](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L45)
 
 ___
 
@@ -45,7 +45,7 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:42](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L42)
+[rule_registry/server/alert_data_client/alerts_client.ts:48](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L48)
 
 ___
 
@@ -55,4 +55,4 @@ ___
 
 #### Defined in
 
-[rule_registry/server/alert_data_client/alerts_client.ts:40](https://github.com/elastic/kibana/blob/f2a94addc85/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L40)
+[rule_registry/server/alert_data_client/alerts_client.ts:46](https://github.com/elastic/kibana/blob/48e1b91d751/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts#L46)

x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts

@@ -6,6 +6,7 @@
  */
 import { PublicMethodsOf } from '@kbn/utility-types';
 import { decodeVersion, encodeHitVersion } from '@kbn/securitysolution-es-utils';
+
 import { AlertTypeParams } from '../../../alerting/server';
 import {
   ReadOperations,
@@ -16,7 +17,12 @@ import {
 import { Logger, ElasticsearchClient } from '../../../../../src/core/server';
 import { alertAuditEvent, AlertAuditAction } from './audit_events';
 import { AuditLogger } from '../../../security/server';
-import { ALERT_STATUS, OWNER, RULE_ID } from '../../common/technical_rule_data_field_names';
+import {
+  ALERT_STATUS,
+  OWNER,
+  RULE_ID,
+  SPACE_IDS,
+} from '../../common/technical_rule_data_field_names';
 import { ParsedTechnicalFields } from '../../common/parse_technical_fields';
 import { mapConsumerToIndexName, validFeatureIds, isValidFeatureId } from '../utils/rbac';
 
@@ -57,12 +63,14 @@ export class AlertsClient {
   private readonly auditLogger?: AuditLogger;
   private readonly authorization: PublicMethodsOf<AlertingAuthorization>;
   private readonly esClient: ElasticsearchClient;
+  private readonly spaceId: Promise<string | undefined>;
 
   constructor({ auditLogger, authorization, logger, esClient }: ConstructorOptions) {
     this.logger = logger;
     this.authorization = authorization;
     this.esClient = esClient;
     this.auditLogger = auditLogger;
+    this.spaceId = this.authorization.getSpaceId();
   }
 
   public async getAlertsIndex(
@@ -81,13 +89,24 @@ export class AlertsClient {
     index,
   }: GetAlertParams): Promise<(AlertType & { _version: string | undefined }) | null | undefined> {
     try {
+      const alertSpaceId = await this.spaceId;
+      if (alertSpaceId == null) {
+        this.logger.error('Failed to acquire spaceId from authorization client');
+        return;
+      }
       const result = await this.esClient.search<ParsedTechnicalFields>({
         // Context: Originally thought of always just searching `.alerts-*` but that could
         // result in a big performance hit. If the client already knows which index the alert
         // belongs to, passing in the index will speed things up
         index: index ?? '.alerts-*',
         ignore_unavailable: true,
-        body: { query: { term: { _id: id } } },
+        body: {
+          query: {
+            bool: {
+              filter: [{ term: { _id: id } }, { term: { [SPACE_IDS]: alertSpaceId } }],
+            },
+          },
+        },
         seq_no_primary_term: true,
       });