Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Enable button not working on rule details page for custom users #137149

Closed
muskangulati-qasource opened this issue Jul 26, 2022 · 11 comments
Closed

[Security Solution] Enable button not working on rule details page for custom users #137149

muskangulati-qasource opened this issue Jul 26, 2022 · 11 comments
Assignees
@maximpn
Labels
8.6 candidate bug Fixes for quality problems that affect the customer experience Feature:Rule Details Security Solution Detection Rule Details page Feature:Rule Management Security Solution Detection Rule Management area fixed impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.5.1 v8.6.0

Comments

@muskangulati-qasource
Copy link

muskangulati-qasource commented Jul 26, 2022
edited by MadameSheema
Loading

Describe the bug

  • Enable button not working on rule details page for custom users

Build info

VERSION: 8.4.0
BUILD: 54789
COMMIT: af3a3cba9a7fa3b3e0d2e4766a1db11a5ff4f192

Preconditions

  1. To have a user with a custom role:
  • Role different from superuser
  • superuser should not be part of the roles the user has
  • The user should have customized kibana privileges
  1. To have at least one detection rule disabled

Steps to Reproduce

  1. Navigate to the rule details of one of the disabled rules
  2. Enable the rule

Actual Result

  • The user is not able to enable the rule

Expected Result

  • The user should be able to enable the rule

Screen Recording
https://user-images.githubusercontent.com/60252716/180953989-d8427a6b-eda0-4bbc-b49f-5214e585e010.mp4

Workaround:

  • The rule can be enabled from the Rules page

Extra information:

  • This behaviour can be reproduced with different license types
@muskangulati-qasource muskangulati-qasource added bug Fixes for quality problems that affect the customer experience triage_needed impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.4.0 labels Jul 26, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@muskangulati-qasource
Copy link
Author

@manishgupta-qasource please review!

@manishgupta-qasource
Copy link

Reviewed & assigned to @MadameSheema

@banderror banderror added Team:Detections and Resp Security Detection Response Team Feature:Rule Management Security Solution Detection Rule Management area Team:Detection Rule Management Security Detection Rule Management Team Feature:Rule Details Security Solution Detection Rule Details page and removed triage_needed v8.4.0 labels Jul 26, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@MadameSheema
Copy link
Member

During a pair-testing session with @patrykkopycinski we faced the same behavior for an enterprise license with the following custom role. 
{
  "test": {
    "cluster": [
      "all"
    ],
    "indices": [
      {
        "names": [
          "*"
        ],
        "privileges": [
          "all"
        ],
        "field_security": {
          "grant": [
            "*"
          ],
          "except": []
        },
        "allow_restricted_indices": false
      }
    ],
    "applications": [
      {
        "application": "kibana-.kibana",
        "privileges": [
          "feature_siem.all",
          "feature_securitySolutionCases.all",
          "feature_osquery.minimal_all",
          "feature_osquery.live_queries_read",
          "feature_osquery.run_saved_queries",
          "feature_osquery.saved_queries_all",
          "feature_osquery.saved_queries_read",
          "feature_osquery.packs_all",
          "feature_osquery.packs_read",
          "feature_actions.read"
        ],
        "resources": [
          "*"
        ]
      }
    ],
    "run_as": [],
    "metadata": {},
    "transient_metadata": {
      "enabled": true
    }
  }
}

@maximpn maximpn mentioned this issue Oct 13, 2022
Merged
3 tasks
@maximpn maximpn self-assigned this Oct 13, 2022
@MadameSheema MadameSheema changed the title [Security Solution] With Basic license, the enable button is not working on the rule details page but is working correctly on the rules list tab [Security Solution] Enable button not working rule details page for custom users Oct 17, 2022
@MadameSheema MadameSheema changed the title [Security Solution] Enable button not working rule details page for custom users [Security Solution] Enable button not working on rule details page for custom users Oct 17, 2022
@peluja1012 peluja1012 mentioned this issue Oct 19, 2022
Merged
@banderror
Copy link
Contributor

banderror commented Oct 20, 2022
edited
Loading

Two reasons can cause this bug:

  • Current user doesn't have ML admin privileges, i.e. Analytics -> Machine Learning -> All (despite the license, even if it's Platinum)
  • Current license is basic (despite the ML privileges)

maximpn added a commit that referenced this issue Oct 24, 2022
@maximpn
[Security Solution] Fix rule details enable/disable toggle isDisabled…
931987d 
… state (#143252)

**Resolves:** [#137149](#137149)

## Summary

Disables rule details enable/disable toggle for ML rules only under basic license.

Before:

https://user-images.githubusercontent.com/3775283/195514871-f0ccb25e-177d-4b4e-83bc-9c26da1718f0.mov

After:

https://user-images.githubusercontent.com/3775283/195513340-95944c6d-da6d-4ab3-9917-4e03f5791d3a.mov


### Checklist

- [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
@banderror
Copy link
Contributor

@muskangulati-qasource Fixed in #143252 (it has been merged in main which corresponds to 8.6.0, we're also targeting 8.5.1 and going to backport it to 8.5 branch when 8.5.0 will be released).

@banderror
Copy link
Contributor

@maximpn Please backport the fix to the 8.5 branch soon after Elastic releases 8.5.0. Thanks!

maximpn added a commit to maximpn/kibana that referenced this issue Nov 7, 2022
@maximpn
[Security Solution] Fix rule details enable/disable toggle isDisabled…
474d958 
… state (elastic#143252)

**Resolves:** [elastic#137149](elastic#137149)

## Summary

Disables rule details enable/disable toggle for ML rules only under basic license.

Before:

https://user-images.githubusercontent.com/3775283/195514871-f0ccb25e-177d-4b4e-83bc-9c26da1718f0.mov

After:

https://user-images.githubusercontent.com/3775283/195513340-95944c6d-da6d-4ab3-9917-4e03f5791d3a.mov

### Checklist

- [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)

(cherry picked from commit 931987d)
maximpn added a commit that referenced this issue Nov 7, 2022
@maximpn @kibanamachine
[Security Solution] Fix rule details enable/disable toggle isDisabled…
ba69977 
… state (#143252) (#144738)

**Resolves:** [#137149](#137149)

## Summary

Disables rule details enable/disable toggle for ML rules only under basic license.

Before:

https://user-images.githubusercontent.com/3775283/195514871-f0ccb25e-177d-4b4e-83bc-9c26da1718f0.mov

After:

https://user-images.githubusercontent.com/3775283/195513340-95944c6d-da6d-4ab3-9917-4e03f5791d3a.mov

### Checklist

- [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)

(cherry picked from commit 931987d)

Co-authored-by: Kibana Machine <[email protected]>
@maximpn
Copy link
Contributor

maximpn commented Nov 8, 2022

@muskangulati-qasource @banderror The fix has been backported to 8.5.1.

@muskangulati-qasource
Copy link
Author

Hi Team,

We have validated this issue on 8.5.1 BC1 and found the issue is fixed now. ✔️

Build Details:

Version: 8.5.1 BC1
Commit:87149bfd06f4fe41dbfa7e95461294e9dadfb1d8
Build:57136

Screen Recording:

Rule.mp4

Please let us know if anything else is required from our end.

Thanks !!!

@ghost
Copy link

ghost commented Nov 17, 2022

Hi Team,

We have validated this issue on 8.6.0 BC1 and found the issue is fixed now. ✔️

Build Details:

VERSION: 8.6.0 BC1
BUILD: 58392
COMMIT: 50a7feb0a5eb068d3acccc49c83b9ccb6db6734f

Screen Recording:

Rules.-.Kibana.Mozilla.Firefox.2022-11-17.15-37-45.mp4

Hence we are marking this as QA validated.

Thanks !

@ghost ghost closed this as completed Nov 17, 2022
@ghost ghost added the QA:Validated Issue has been validated by QA label Nov 17, 2022
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@maximpn maximpn

Labels
8.6 candidate bug Fixes for quality problems that affect the customer experience Feature:Rule Details Security Solution Detection Rule Details page Feature:Rule Management Security Solution Detection Rule Management area fixed impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.5.1 v8.6.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@maximpn @banderror @elasticmachine @MadameSheema @manishgupta-qasource @muskangulati-qasource