Skip to content

[Security Solution][Detections] SIEM job fetch failure error toast shown for users without ML permissions #73567

New issue
New issue
Closed
Closed
[Security Solution][Detections] SIEM job fetch failure error toast shown for users without ML permissions#73567
Assignees
rylnd
Labels
Feature:Detection RulesSecurity Solution rules and Detection EngineTeam: SecuritySolutionSecurity Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.Team:SIEMbugFixes for quality problems that affect the customer experiencev7.10.0v7.9.1
@spong

Description

@spong
spong
opened on Jul 28, 2020

This was uncovered in updating demo.elastic.co from 7.7 -> 7.8, and was introduced in 7.8.

When navigating to any Detections page that queries for SIEM Jobs, the below SIEM job fetch failure error toast will be displayed if the user does not have Full ML License + access:ml:canCreateJob permissions.

This will happen for any use of the useSiemJobs hook, as the ml/modules/recognize API had its permissions tightened as part of #64662 for 7.8. Since the MlPopover component (which uses the useSiemJobs hook) is not wrapped in a ml permissions check, but rather its content is, any usage of this component will result in the below error for users without permissions.

There is no workaround for this issue, and to fix we will have to wrap the useSiemJobs hook in the same permissions check we use for the other ML API's.

Additionally, this use-case should be back-filled with tests to ensure future changes to API permissions do not result in similar issues.

Metadata

Metadata

Assignees

Labels

Feature:Detection RulesSecurity Solution rules and Detection EngineTeam: SecuritySolutionSecurity Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.Team:SIEMbugFixes for quality problems that affect the customer experiencev7.10.0v7.9.1

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions