Skip to content

Commit

Permalink
Adds RBAC API checks for event filters (elastic#144009)
Browse files Browse the repository at this point in the history 
Co-authored-by: Kibana Machine <[email protected]>
  • Loading branch information
@dasansol92 @kibanamachine
dasansol92 and kibanamachine authored Oct 27, 2022
1 parent eff4ce0 commit 028fa94
Showing 1 changed file with 16 additions and 8 deletions.
24 changes: 16 additions & 8 deletions .../security_solution/server/lists_integration/endpoint/validators/event_filter_validator.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,16 @@ export class EventFilterValidator extends BaseValidator {
return item.listId === ENDPOINT_EVENT_FILTERS_LIST_ID;
}

protected async validateHasWritePrivilege(): Promise<void> {
return super.validateHasPrivilege('canWriteEventFilters');
}

protected async validateHasReadPrivilege(): Promise<void> {
return super.validateHasPrivilege('canReadEventFilters');
}

async validatePreCreateItem(item: CreateExceptionListItemOptions) {
await this.validateCanManageEndpointArtifacts();
await this.validateHasWritePrivilege();
await this.validateEventFilterData(item);

// user can always create a global entry so additional checks not needed
Expand All @@ -67,7 +75,7 @@ export class EventFilterValidator extends BaseValidator {
): Promise<UpdateExceptionListItemOptions> {
const updatedItem = _updatedItem as ExceptionItemLikeOptions;

await this.validateCanManageEndpointArtifacts();
await this.validateHasWritePrivilege();
await this.validateEventFilterData(updatedItem);

try {
Expand Down Expand Up @@ -96,27 +104,27 @@ export class EventFilterValidator extends BaseValidator {
}

async validatePreGetOneItem(): Promise<void> {
await this.validateCanManageEndpointArtifacts();
await this.validateHasReadPrivilege();
}

async validatePreSummary(): Promise<void> {
await this.validateCanManageEndpointArtifacts();
await this.validateHasReadPrivilege();
}

async validatePreDeleteItem(): Promise<void> {
await this.validateCanManageEndpointArtifacts();
await this.validateHasWritePrivilege();
}

async validatePreExport(): Promise<void> {
await this.validateCanManageEndpointArtifacts();
await this.validateHasWritePrivilege();
}

async validatePreSingleListFind(): Promise<void> {
await this.validateCanManageEndpointArtifacts();
await this.validateHasReadPrivilege();
}

async validatePreMultiListFind(): Promise<void> {
await this.validateCanManageEndpointArtifacts();
await this.validateHasReadPrivilege();
}

async validatePreImport(): Promise<void> {
Expand Down

0 comments on commit 028fa94

Please sign in to comment.