Making security a first class citizen of Kibana Core examples
#186574
Labels
Team:Core
Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc
Comments
|
Reporting uses @tsullivan will search for a client-side use case as part of On-Week June 2024. |
TinaHeiligers
added
the
Team:Core
|
Pinging @elastic/kibana-core (Team:Core) |
TinaHeiligers
added
the
Team:Security
|
Pinging @elastic/kibana-security (Team:Security) |
TinaHeiligers
removed
the
Team:Security
|
I have found a few plugins throughout Kibana that call
Some additional areas that
I'd like to focus on an area or areas where updating the code to use |
1 task
1 task
This was referenced Jun 25, 2024
tsullivan
added a commit
that referenced
this issue
Jun 25, 2024
Part of #186574 Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. The Maps plugin uses the `authc.getCurrentUser` in the `es_search_source` utility. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
tsullivan
added a commit
that referenced
this issue
Jun 25, 2024
…rity (#186918) Part of #186574 Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. The Data Visualizer plugin uses the `authc.getCurrentUser` method as a means to use create FileBeat configuration example content. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
This was referenced Jun 25, 2024
1 task
tsullivan
added a commit
that referenced
this issue
Jun 26, 2024
) Part of #186574 Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. The Files plugin uses the `authc.getCurrentUser` method to attribute the current user to files that are created in the system. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
tsullivan
added a commit
that referenced
this issue
Jun 26, 2024
…urity (#186917) Part of #186574 Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. The Image Embeddable plugin uses the `authc.getCurrentUser` method as a means to allow the user to delete image files that are attributed to them. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
This was referenced Jun 26, 2024
tsullivan
added a commit
that referenced
this issue
Jun 28, 2024
…curity (#186928) Part of #186574 Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. The Elastic Assistant plugin uses the `authc.getCurrentUser` indirectly in several data clients in `x-pack/plugins/elastic_assistant/server/routes/request_context_factory.ts`. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
TinaHeiligers
added a commit
that referenced
this issue
Jun 28, 2024
…7121) ## Summary Part of #186574 Updates imports for types available from the core-security packages. Co-authored-by: Kibana Machine <[email protected]>
This was referenced Jun 28, 2024
TinaHeiligers
added a commit
that referenced
this issue
Jun 28, 2024
…186913) ## Summary Part of #186574 Background: This PR is an example of a plugin migrating away from depending on the Security plugin, which is a high-priority effort for the last release before 9.0. The Reporting plugin uses `authc.getCurrentUser` from the security plugin's start contract on the server side. This PR migrates `authc.getCurrentUser` from the security plugin start contract to the core security service. ### Checklist - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Tim Sullivan <[email protected]>
TinaHeiligers
added a commit
that referenced
this issue
Jun 30, 2024
#187124) ## Summary Part of #186574 Background: This PR is an example of a plugin migrating away from depending on the Security plugin, which is a high-priority effort for the last release before 9.0. The Cases plugin uses authc.getCurrentUser from the security plugin's start contract on the server side. This PR migrates authc.getCurrentUser from the security plugin start contract to the core security service. Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Kibana Machine <[email protected]>
tsullivan
added a commit
that referenced
this issue
Jul 2, 2024
…#187020) Part of #186574 ## Summary This PR migrates the Alerting Plugin's server-side code that consumes `authc.getCurrentUser` to use coreContext.security. Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. ### Checklist Delete any items that are not applicable to this PR. - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
tsullivan
added a commit
that referenced
this issue
Jul 2, 2024
…rity (#187023) Part of #186574 ## Summary This PR migrates the Cloud Defend Plugin's route handler that consumes `authc.getCurrentUser` to use `coreContext.security`. Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]>
tsullivan
added a commit
that referenced
this issue
Jul 2, 2024
#187179) Part of #186574 ## Summary This PR migrates the Lists Plugin's `ListsRequestHandlerContext`, which consumes `authc.getCurrentUser`, to use `coreStart.security`. Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. ### Checklist Delete any items that are not applicable to this PR. - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]>
tsullivan
added a commit
that referenced
this issue
Jul 2, 2024
…ity (#186924) Part of #186574 Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. The Actions plugin uses the `authc.getCurrentUser` method to attribute the current user to persisted actions that are created in the system. ### Checklist Delete any items that are not applicable to this PR. - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
TinaHeiligers
added a commit
that referenced
this issue
Jul 2, 2024
Needed for #187306 and [probably more to come](#186574). Expose authenticated user mock and type from core-security server & browser mocks. Exposing the mock from Core avoids dependencies on the Security Plugin remaining just for mocks. It also helps avoid creating duplicates specifically for tests. --------- Co-authored-by: Elastic Machine <[email protected]>
tsullivan
added a commit
that referenced
this issue
Jul 3, 2024
…usage to coreStart.security (#187189) Part of #186574 ## Summary This PR migrates the method to access a Serverless Search view model field, which consumes `authc.getCurrentUser`, to use `coreStart.security`. Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
tsullivan
added a commit
that referenced
this issue
Jul 3, 2024
…t.security (#187192) Part of #186574 ## Summary This PR migrates the method to access an APM Plugin view model field, which consumes `authc.getCurrentUser`, to use `coreStart.security`. Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
tsullivan
added a commit
that referenced
this issue
Jul 3, 2024
…ecurity (#187180) Part of #186574 ## Summary This PR migrates the Logstash Plugin's route handler for saving a pipeline, which consumes `authc.getCurrentUser`, to use `coreContext.security`. Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]>
tsullivan
added a commit
that referenced
this issue
Jul 9, 2024
…#187024) Part of #186574 ## Summary This PR migrates the Encrypted Saved Object Plugin's route handler that consumes `authc.getCurrentUser` to use `coreStart.security`. Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]>
tsullivan
added a commit
that referenced
this issue
Jul 9, 2024
) Part of #186574 Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
SiddharthMantri
added a commit
that referenced
this issue
Aug 30, 2024
…gin to core security service (#189713) ## Summary Part of #186574 Closes #189714 Background: This PR is an example of a plugin migrating away from depending on the Security plugin, which is a high-priority effort for the last release before 9.0. The Enterprise search plugin uses authc.apiKeys.create from the security plugin's start contract on the server side. For more context, the PR which exposes the API keys service from core is here: #186910 This PR migrates the usage from the security plugin start contract to the core security service. --------- Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: kibanamachine <[email protected]>
|
Closing as an ongoing issue to be handled during the implementations |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Related to #174578
Create example migrations from security plugin APIs to
core.securityAPIs.Find and migrate a plugin's
getCurrentUsera) on the server side via start contract,
b) on the server side close to a HTTP handler where using it from the request context would have been better,
c) on the client side, and
d) If
getCurrentUseris the only dependency on the security plugin, remove the dependency.The text was updated successfully, but these errors were encountered: