-
Notifications
You must be signed in to change notification settings - Fork 8.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] Maintenance window is not displayed for non-admin users in Serverless #184151
Comments
Pinging @elastic/security-solution (Team: SecuritySolution) |
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
Pinging @elastic/response-ops (Team:ResponseOps) |
We have investigated the issue a bit together with @MadameSheema. Here's what we found: This piece of code skips requesting active maintenance windows and causes the callout not to be shown: const isMaintenanceWindowDisabled =
!capabilities[MAINTENANCE_WINDOW_FEATURE_ID].show &&
!capabilities[MAINTENANCE_WINDOW_FEATURE_ID].save;
const { data: activeMaintenanceWindows = [] } = useFetchActiveMaintenanceWindows(kibanaServices, {
enabled: !isMaintenanceWindowDisabled,
}); Checked locally. Looks like for all Serverless roles other than I have no knowledge about capabilities and how they are related to Serverless roles. But you folks probably understand what's going on. |
To my understanding, this is only applicable to security solution. It seems that in |
Pinging @elastic/security-detection-engine (Team:Security Solution Platform) |
Btw maybe it is not a bug. Handling MWs is an administrative process and maybe a T1 analyst should not have access to them. It seems to me it is a product decision on which roles should have access to MW. |
non-admin
users
@cnasikas Thank you for localizing the issue 🙏 I think it's a bug - we only show a callout in Security on the Rule Management page when there's a maintenance window currently active. So we'll need to fix our predefined roles in Serverless:
I assigned it to our team. |
Related to: #184160
Summary
Describe the bug:
non-admin
usersKibana/Elasticsearch Stack version:
Initial context:
Steps to reproduce:
admin
Rules
pageCurrent behavior:
Expected behavior:
Extra information:
admin
one.To do
Fix Security Solution's predefined roles in Serverless:
Code review might be needed from @dhurley14, because he is familiar with serverless roles area.
When the bug is fixed, in the same PR please unskip the corresponding test for the Maintenance Window callout: #184160.
The text was updated successfully, but these errors were encountered: