kibana/x-pack/plugins/cases
Jonathan Buttner b6c982c3b0
[Cases] RBAC (#95058)
* Adding feature flag for auth

* Hiding SOs and adding consumer field

* First pass at adding security changes

* Consumer as the app's plugin ID

* Create addConsumerToSO migration helper

* Fix mapping's SO consumer

* Add test for CasesActions

* Declare hidden types on SO client

* Restructure integration tests

* Init spaces_only integration tests

* Implementing the cases security string

* Adding security plugin tests for cases

* Rough concept for authorization class

* Adding comments

* Fix merge

* Get requiredPrivileges for classes

* Check privillages

* Ensure that all classes are available

* Success if hasAllRequested is true

* Failure if hasAllRequested is false

* Adding schema updates for feature plugin

* Seperate basic from trial

* Enable SIR on integration tests

* Starting the plumbing for authorization in plugin

* Unit tests working

* Move find route logic to case client

* Create integration test helper functions

* Adding auth to create call

* Create getClassFilter helper

* Add class attribute to find request

* Create getFindAuthorizationFilter

* Ensure savedObject is authorized in find method

* Include fields for authorization

* Combine authorization filter with cases & subcases filter

* Fix isAuthorized flag

* Fix merge issue

* Create/delete spaces & users before and after tests

* Add more user and roles

* [Cases] Convert filters from strings to KueryNode (#95288)

* [Cases] RBAC: Rename class to scope (#95535)

* [Cases][RBAC] Rename scope to owner (#96035)

* [Cases] RBAC: Create & Find integration tests (#95511)

* [Cases] Cases client enchantment (#95923)

* [Cases] Authorization and Client Audit Logger (#95477)

* Starting audit logger

* Finishing auth audit logger

* Fixing tests and types

* Adding audit event creator

* Renaming class to scope

* Adding audit logger messages to create and find

* Adding comments and fixing import issue

* Fixing type errors

* Fixing tests and adding username to message

* Addressing PR feedback

* Removing unneccessary log and generating id

* Fixing module issue and remove expect.anything

* [Cases] Migrate sub cases routes to a client (#96461)

* Adding sub cases client

* Move sub case routes to case client

* Throw when attempting to access the sub cases client

* Fixing throw and removing user ans soclients

* [Cases] RBAC: Migrate routes' unit tests to integration tests (#96374)

Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>

* [Cases] Move remaining HTTP functionality to client (#96507)

* Moving deletes and find for attachments

* Moving rest of comment apis

* Migrating configuration routes to client

* Finished moving routes, starting utils refactor

* Refactoring utilites and fixing integration tests

* Addressing PR feedback

* Fixing mocks and types

* Fixing integration tests

* Renaming status_stats

* Fixing test type errors

* Adding plugins to kibana.json

* Adding cases to required plugin

* [Cases] Refactoring authorization (#97483)

* Refactoring authorization

* Wrapping auth calls in helper for try catch

* Reverting name change

* Hardcoding the saved object types

* Switching ensure to owner array

* [Cases] Add authorization to configuration & cases routes (#97228)

* [Cases] Attachments RBAC (#97756)

* Starting rbac for comments

* Adding authorization to rest of comment apis

* Starting the comment rbac tests

* Fixing some of the rbac tests

* Adding some integration tests

* Starting patch tests

* Working tests for comments

* Working tests

* Fixing some tests

* Fixing type issues from pulling in master

* Fixing connector tests that only work in trial license

* Attempting to fix cypress

* Mock return of array for configure

* Fixing cypress test

* Cleaning up

* Addressing PR comments

* Reducing operations

* [Cases] Add RBAC to remaining Cases APIs (#98762)

* Starting rbac for comments

* Adding authorization to rest of comment apis

* Starting the comment rbac tests

* Fixing some of the rbac tests

* Adding some integration tests

* Starting patch tests

* Working tests for comments

* Working tests

* Fixing some tests

* Fixing type issues from pulling in master

* Fixing connector tests that only work in trial license

* Attempting to fix cypress

* Mock return of array for configure

* Fixing cypress test

* Cleaning up

* Working case update tests

* Addressing PR comments

* Reducing operations

* Working rbac push case tests

* Starting stats apis

* Working status tests

* User action tests and fixing migration errors

* Fixing type errors

* including error in message

* Addressing pr feedback

* Fixing some type errors

* [Cases] Add space only tests (#99409)

* Starting spaces tests

* Finishing space only tests

* Refactoring createCaseWithConnector

* Fixing spelling

* Addressing PR feedback and creating alert tests

* Fixing mocks

* [Cases] Add security only tests (#99679)

* Starting spaces tests

* Finishing space only tests

* Refactoring createCaseWithConnector

* Fixing spelling

* Addressing PR feedback and creating alert tests

* Fixing mocks

* Starting security only tests

* Adding remainder security only tests

* Using helper objects

* Fixing type error for null space

* Renaming utility variables

* Refactoring users and roles for security only tests

* Adding sub feature

* [Cases] Cleaning up the services and TODOs (#99723)

* Cleaning up the service intialization

* Fixing type errors

* Adding comments for the api

* Working test for cases client

* Fix type error

* Adding generated docs

* Adding more docs and cleaning up types

* Cleaning up readme

* More clean up and links

* Changing some file names

* Renaming docs

* Integration tests for cases privs and fixes (#100038)

* [Cases] RBAC on UI (#99478)

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

* Fixing case ids by alert id route call

* [Cases] Fixing UI feature permissions and adding UI tests (#100074)

* Integration tests for cases privs and fixes

* Fixing ui cases permissions and adding tests

* Adding test for collection failure and fixing jest

* Renaming variables

* Fixing type error

* Adding some comments

* Validate cases features

* Fix new schema

* Adding owner param for the status stats

* Fix get case status tests

* Adjusting permissions text and fixing status

* Address PR feedback

* Adding top level feature back

* Fixing feature privileges

* Renaming

* Removing uneeded else

* Fixing tests and adding cases merge tests

* [Cases][Security Solution] Basic license security solution API tests (#100925)

* Cleaning up the fixture plugins

* Adding basic feature test

* renaming to unsecuredSavedObjectsClient (#101215)

* [Cases] RBAC Refactoring audit logging (#100952)

* Refactoring audit logging

* Adding unit tests for authorization classes

* Addressing feedback and adding util tests

* return undefined on empty array

* fixing eslint

* [Cases] Cleaning up RBAC integration tests (#101324)

* Adding tests for space permissions

* Adding tests for testing a disable feature

Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
2021-06-07 09:37:11 -04:00
..
common [Cases] RBAC (#95058) 2021-06-07 09:37:11 -04:00
docs [Cases] RBAC (#95058) 2021-06-07 09:37:11 -04:00
images
public [Cases] RBAC (#95058) 2021-06-07 09:37:11 -04:00
server [Cases] RBAC (#95058) 2021-06-07 09:37:11 -04:00
jest.config.js
kibana.json [Cases] RBAC (#95058) 2021-06-07 09:37:11 -04:00
package.json
README.md [Cases] RBAC (#95058) 2021-06-07 09:37:11 -04:00
tsconfig.json

Case management in Kibana

Issues Pull Requests

Cases Plugin Docs

Cases Logo

Report Bug · Request Feature

Table of Contents

Cases API

Explore the API docs »

Cases Client API

Cases Client API docs

Cases UI

Embed Cases UI components in any Kibana plugin

  • Add CasesUiStart to Kibana plugin StartServices dependencies:
cases: CasesUiStart;

Cases UI Methods

  • From the UI component, get the component from the useKibana hook start services
  const { cases } = useKibana().services;
  // call in the return as you would any component
  cases.getCreateCase({
    onCancel: handleSetIsCancel,
    onSuccess,
    timelineIntegration?: {
      plugins: {
        parsingPlugin,
        processingPluginRenderer,
        uiPlugin,
      },
      hooks: {
        useInsertTimeline,
      },
    },
  })
Methods:

getAllCases

Arguments:

Property Description
caseDetailsNavigation CasesNavigation<CaseDetailsHrefSchema, 'configurable'> route configuration to generate the case details url for the case details page
configureCasesNavigation CasesNavigation route configuration for configure cases page
createCaseNavigation CasesNavigation route configuration for create cases page
userCanCrud boolean; user permissions to crud

UI component: All Cases Component

getAllCasesSelectorModal

Arguments:

Property Description
alertData? Omit<CommentRequestAlertType, 'type'>; alert data to post to case
createCaseNavigation CasesNavigation route configuration for create cases page
hiddenStatuses? CaseStatuses[]; array of hidden statuses
onRowClick (theCase?: Case | SubCase) => void; callback for row click, passing case in row
updateCase? (theCase: Case | SubCase) => void; callback after case has been updated
userCanCrud boolean; user permissions to crud

UI component: All Cases Selector Modal Component

getCaseView

Arguments:

Property Description
caseDetailsNavigation CasesNavigation<CaseDetailsHrefSchema, 'configurable'> route configuration to generate the case details url for the case details page
caseId string; ID of the case
configureCasesNavigation CasesNavigation route configuration for configure cases page
createCaseNavigation CasesNavigation route configuration for create cases page
getCaseDetailHrefWithCommentId (commentId: string) => string; callback to generate the case details url with a comment id reference from the case id and comment id
onComponentInitialized? () => void; callback when component has initialized
onCaseDataSuccess? (data: Case) => void; optional callback to handle case data in consuming application
ruleDetailsNavigation CasesNavigation<string | null | undefined, 'configurable'>
showAlertDetails (alertId: string, index: string) => void; callback to show alert details
subCaseId? string; subcase id
timelineIntegration?.editor_plugins Plugins needed for integrating timeline into markdown editor.
timelineIntegration?.editor_plugins.parsingPlugin Plugin;
timelineIntegration?.editor_plugins.processingPluginRenderer React.FC<TimelineProcessingPluginRendererProps & { position: EuiMarkdownAstNodePosition }>
timelineIntegration?.editor_plugins.uiPlugin? EuiMarkdownEditorUiPlugin
timelineIntegration?.hooks.useInsertTimeline (value: string, onChange: (newValue: string) => void): UseInsertTimelineReturn
timelineIntegration?.ui?.renderInvestigateInTimelineActionComponent? (alertIds: string[]) => JSX.Element; space to render InvestigateInTimelineActionComponent
timelineIntegration?.ui?renderTimelineDetailsPanel? () => JSX.Element; space to render TimelineDetailsPanel
useFetchAlertData (alertIds: string[]) => [boolean, Record<string, Ecs>]; fetch alerts
userCanCrud boolean; user permissions to crud

UI component: Case View Component

getCreateCase

Arguments:

Property Description
afterCaseCreated? (theCase: Case) => Promise<void>; callback passing newly created case before pushCaseToExternalService is called
onCancel () => void; callback when create case is canceled
onSuccess (theCase: Case) => Promise<void>; callback passing newly created case after pushCaseToExternalService is called
timelineIntegration?.editor_plugins Plugins needed for integrating timeline into markdown editor.
timelineIntegration?.editor_plugins.parsingPlugin Plugin;
timelineIntegration?.editor_plugins.processingPluginRenderer React.FC<TimelineProcessingPluginRendererProps & { position: EuiMarkdownAstNodePosition }>
timelineIntegration?.editor_plugins.uiPlugin? EuiMarkdownEditorUiPlugin
timelineIntegration?.hooks.useInsertTimeline (value: string, onChange: (newValue: string) => void): UseInsertTimelineReturn

UI component: Create Component

getConfigureCases

Arguments:

Property Description
userCanCrud boolean; user permissions to crud

UI component: Configure Component

getRecentCases

Arguments:

Property Description
allCasesNavigation CasesNavigation route configuration for configure cases page
caseDetailsNavigation CasesNavigation<CaseDetailsHrefSchema, 'configurable'> route configuration to generate the case details url for the case details page
createCaseNavigation CasesNavigation route configuration for create case page
maxCasesToShow number; number of cases to show in widget

UI component: Recent Cases Component

Case Action Type

*Feature in development, disabled by default

See Kibana Actions for more information.

ID: .case

The params properties are modelled after the arguments to the Cases API.

config

This action has no config properties.

secrets

This action type has no secrets properties.

params

Property Description Type
subAction The sub action to perform. It can be create, update, and addComment string
subActionParams The parameters of the sub action object

subActionParams (create)

Property Description Type
tile The cases title. string
description The cases description. string
tags String array containing words and phrases that help categorize cases. string[]
connector Object containing the connectors configuration. connector
settings Object containing the cases settings. settings

subActionParams (update)

Property Description Type
id The ID of the case being updated. string
tile The updated case title. string
description The updated case description. string
tags The updated case tags. string
connector Object containing the connectors configuration. connector
status The updated case status, which can be: open, in-progress or closed. string
settings Object containing the cases settings. settings
version The current case version. string

subActionParams (addComment)

Property Description Type
type The type of the comment. user
comment The comment. string

connector

Property Description Type
id ID of the connector used for pushing case updates to external systems. string
name The connector name. string
type The type of the connector. Must be one of these: .servicenow, jira, .resilient, and .none string
fields Object containing the connectors fields. fields

fields

For ServiceNow connectors:

Property Description Type
urgency The urgency of the incident. string
severity The severity of the incident. string
impact The impact of the incident. string

For Jira connectors:

Property Description Type
issueType The issue type of the issue. string
priority The priority of the issue. string
parent The key of the parent issue (Valid when the issue type is Sub-task). string

For IBM Resilient connectors:

Property Description Type
issueTypes The issue types of the issue. string[]
severityCode The severity code of the issue. string

settings

Property Description Type
syncAlerts Turn on or off alert synching. boolean