Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve security server types #101661

Conversation

stacey-gammon
Copy link
Contributor

  1. Remove the RecursiveReadonly wrapper to setup and start types.
  2. Export some APIs that are part of the public API.

Before:

There were no setup or start types reported due to the RecursiveResonly wrapper.

Screen Shot 2021-06-08 at 11 48 19 AM

After:

Screen Shot 2021-06-08 at 3 09 32 PM

@stacey-gammon stacey-gammon requested a review from a team as a code owner June 8, 2021 19:10
@legrego legrego requested a review from azasypkin June 8, 2021 19:11
@stacey-gammon stacey-gammon added release_note:skip Skip the PR/issue when compiling release notes v7.14.0 v8.0.0 labels Jun 8, 2021
@stacey-gammon stacey-gammon requested a review from legrego June 8, 2021 21:35
@stacey-gammon stacey-gammon enabled auto-merge (squash) June 8, 2021 21:35
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
security 45 49 +4

Public APIs missing exports

Total count of every type that is part of your API that should be exported but is not. This will cause broken links in the API documentation system. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats exports for more detailed information.

id before after diff
security 11 5 -6
Unknown metric groups

API count

id before after diff
security 95 109 +14

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

Copy link
Member

@azasypkin azasypkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thanks a lot! Just a few minor nits and questions.

Comment on lines 8 to +9
export { SecurityLicense } from './licensing';
export { AuthenticatedUser } from './model';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: while you here ....

Suggested change
export { SecurityLicense } from './licensing';
export { AuthenticatedUser } from './model';
export type { SecurityLicense } from './licensing';
export type { AuthenticatedUser } from './model';

@@ -51,7 +51,7 @@ interface AuthenticationServiceStartParams {
loggers: LoggerFactory;
}

export interface AuthenticationServiceStart {
export interface AuthenticationServiceStartInternal extends AuthenticationServiceStart {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

question: I see Core uses Internal as a prefix to internal contracts (e.g. InternalHttpServiceSetup) and here we use it as a suffix. Do we have any convention for that?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not that I am aware of, though I can change to prefix to be consistent.

/**
* Actions are used to create the "actions" that are associated with Elasticsearch's
* application privileges, and are used to perform the authorization checks implemented
* by the various `checkPrivilegesWithRequest` derivatives
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

Suggested change
* by the various `checkPrivilegesWithRequest` derivatives
* by the various `checkPrivilegesWithRequest` derivatives.

} from './authentication';
export type { CheckPrivilegesPayload } from './authorization';
export type AuthorizationServiceSetup = SecurityPluginStart['authz'];
export { LegacyAuditLogger, AuditLogger, AuditEvent } from './audit';
export type { SecurityPluginSetup, SecurityPluginStart };
export type { AuthenticatedUser } from '../common/model';
export { ROUTE_TAG_CAN_REDIRECT } from './routes/tags';
export { AuditServiceSetup } from './audit';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

Suggested change
export { AuditServiceSetup } from './audit';
export type { AuditServiceSetup } from './audit';

Comment on lines 43 to +45
import type { AuthorizationServiceSetup } from './authorization';
import { AuthorizationService } from './authorization';
import type { AuthorizationServiceSetupInternal } from './authorization/authorization_service';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

Suggested change
import type { AuthorizationServiceSetup } from './authorization';
import { AuthorizationService } from './authorization';
import type { AuthorizationServiceSetupInternal } from './authorization/authorization_service';
import type { AuthorizationServiceSetup, AuthorizationServiceSetupInternal } from './authorization';
import { AuthorizationService } from './authorization';

import { AuthenticationResult } from '../../authentication';
import type { AuthenticationServiceStartInternal } from '../../authentication/authentication_service';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

Suggested change
import type { AuthenticationServiceStartInternal } from '../../authentication/authentication_service';
import type { AuthenticationServiceStartInternal } from '../../authentication';

@@ -9,15 +9,15 @@ import type { CoreSetup, LegacyRequest } from 'src/core/server';

import { KibanaRequest, SavedObjectsClient } from '../../../../../src/core/server';
import type { AuditServiceSetup, SecurityAuditLogger } from '../audit';
import type { AuthorizationServiceSetup } from '../authorization';
import type { AuthorizationServiceSetupInternal } from '../authorization/authorization_service';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

Suggested change
import type { AuthorizationServiceSetupInternal } from '../authorization/authorization_service';
import type { AuthorizationServiceSetupInternal } from '../authorization';

@@ -74,23 +77,29 @@ export interface SecurityPluginSetup {
/**
* @deprecated Use `authz` methods from the `SecurityServiceStart` contract instead.
*/
authz: Pick<
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

question: I definitely agree that it's much better to use dedicated interface here, but just out of curiosity - does Pick not play well with the API docs?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It doesn't, it also doesn't work well in an IDE. From best practices:

Screen Shot 2021-06-09 at 8 38 12 AM

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, missed that somehow, good to know, thanks!

@stacey-gammon stacey-gammon merged commit 7604fd7 into elastic:master Jun 9, 2021
@azasypkin
Copy link
Member

Wow, didn't realize PR will be automatically merged after a single approval 😢

@stacey-gammon
Copy link
Contributor Author

Guess I shouldn't put on auto-merge before a review. 😬 I'll throw up a new PR to address your comments, thanks for the review!

@stacey-gammon stacey-gammon added the auto-backport Deprecated - use backport:version if exact versions are needed label Jun 9, 2021
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Jun 9, 2021
* Remove RecursiveReadonly wrapper on public API items

* Remove Pick and export some types that are part of the public API

* Udpate api docs

* Export API items that are part of the public API

* Add extra comments

* update api docs
@kibanamachine
Copy link
Contributor

💚 Backport successful

Status Branch Result
7.x

This backport PR will be merged automatically after passing CI.

kibanamachine added a commit that referenced this pull request Jun 9, 2021
* Remove RecursiveReadonly wrapper on public API items

* Remove Pick and export some types that are part of the public API

* Udpate api docs

* Export API items that are part of the public API

* Add extra comments

* update api docs

Co-authored-by: Stacey Gammon <[email protected]>
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jun 9, 2021
* master:
  clarify which parts of TM are experimental (elastic#101757)
  Add sh scripts with _bulk_action route usage examples (elastic#101736)
  [Uptime] Only register route in side nav if uptime show capability is true (elastic#101709)
  Use KIBANA_DOCS in doc link service (elastic#101667)
  [Alerting][Event log] Persisting duration information for active alerts in event log (elastic#101387)
  Address design issues in Discover/Graph (elastic#101584)
  Optimize performance for document table (elastic#101715)
  Change file data visualizer links to point to new location in home application (elastic#101393)
  [Fleet] Tighten policy permissions, take II (elastic#97366)
  [ML] Add debounce to the severity control update  (elastic#101581)
  [Fleet] Fix routing issues with `getPath` and `history.push` (elastic#101658)
  [APM] Add link-to/transaction route (elastic#101731)
  [Index Patterns] Runtime fields CRUD REST API  (elastic#101164)
  [ILM] Refactor types and fix missing aria labels (elastic#101518)
  [Lens] New summary row feature for datatable (elastic#101075)
  Blocks save event filter with a white space name (elastic#101599)
  Improve security server types (elastic#101661)
  [APM] Replace side nav with tabs on Settings page (elastic#101460)
  [APM] Only register items in side nav if user has permissions to see app (elastic#101707)
  [Security solution][Endpoint] Add back button when to the event filters list (elastic#101280)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
auto-backport Deprecated - use backport:version if exact versions are needed release_note:skip Skip the PR/issue when compiling release notes v7.14.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants