[Security Solutions] Add PLI authorisation for Advanced Insights (Entity Risk) #161190
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
machadoum
added
Team:Threat Hunting
machadoum
force-pushed
the
siem-explore-161185
branch
from
278be5d
to
e5b3c8d
Compare
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
machadoum
added
Project:Serverless
machadoum
force-pushed
the
siem-explore-161185
branch
from
56aa297
to
5944cf2
Compare
|
@elasticmachine merge upstream |
angorayc
approved these changes
Jul 25, 2023
logeekal
approved these changes
Jul 25, 2023
| if (RiskScoreUpsell) { | ||
| return <RiskScoreUpsell />; | ||
| if (!isAuthorized) { | ||
| return null; |
There was a problem hiding this comment.
Does it makes sense to hide the complete Tab itself till we have the upsell design ? Empty Tab feels like an error.
I noticed that in ESS when we have basic license, we remove the tab completely. Shouldn't we follow the same pattern in serverless as well?
There was a problem hiding this comment.
I left the tab there so it is easier for those who add the Upsell component. And it also feels like a waste to add extra code for hiding the tab that will be deleted very soon. But I understand your point. It would be more consistent while we don't have the Upsell component. As a compromise, I added a TODO message.
machadoum
force-pushed
the
siem-explore-161185
branch
from
58e5a5a
to
29a89b3
Compare
machadoum
force-pushed
the
siem-explore-161185
branch
from
29a89b3
to
1563bcb
Compare
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Module Count
Async chunks
Page load bundle
History
To update your PR or re-run it, just comment with: cc @machadoum |
ThomThomson
pushed a commit
to ThomThomson/kibana
that referenced
this pull request
Aug 1, 2023
…ity Risk) (elastic#161190) ## Summary Add PLI authorization checks for Entity Analytics features. *This PR only restricts access to the features* but doesn't implement PLG/Upselling. It will be added later when we have defined the UX for it. The `advancedInsights` PLI was already configured, so I only had to add extra checks to make sure users can't see the Risk score on other components. Updated components: * "All hosts" table on the Hosts page * "All users" table on the Users page * Host overview on the Host details page and Host details flyout * User overview on the User details page and User details flyout * Alerts flyout * Remove sample Upselling components config ### Not included * Upselling/PLG * I left empty tabs/pages where the Upselling component will be added ### How to test it? #### ESS * Run ESS with a basic license * Run ESS with a platinum #### Serverless * Run Serverless with security essentials (serverless.security.yml) ``` xpack.serverless.security.productTypes: [ { product_line: 'security', product_tier: 'essentials' } ] ``` * Run Serverless with security complete (kibana/config/serverless.security.yml) ``` xpack.serverless.security.productTypes: [ { product_line: 'security', product_tier: 'complete' }, ] ``` https://github.com/elastic/kibana/assets/1490444/1ab84134-bee1-497c-9b41-a9ec398bd921 ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Add PLI authorization checks for Entity Analytics features.
This PR only restricts access to the features but doesn't implement PLG/Upselling. It will be added later when we have defined the UX for it.
The
advancedInsightsPLI was already configured, so I only had to add extra checks to make sure users can't see the Risk score on other components.Updated components:
Not included
How to test it?
ESS
Serverless
risk.score.PLI.mp4
Checklist
Delete any items that are not applicable to this PR.