Comments (4)
TinaHeiligers
commented on August 16, 2024
2
Reporting uses getCurrentUser and licensing from the Security Plugin.
I'll migrate getCurrentUser as part of On-Week (June 2024).
We have to wait for licensing to be exposed from Core before completely migrating off of (and removing) the security Plugin.
@tsullivan will search for a client-side use case as part of On-Week June 2024.
from kibana.
tsullivan
commented on August 16, 2024
1
I have found a few plugins throughout Kibana that call security.authc.getCurrentUser from browser-side code.
- src/plugins/data_views/public:
- Has a "getter" type called
UserIdGetter. This is needed in the Data Views API client, which sends auser-hashfield in request headers.
- Has a "getter" type called
- src/plugins/image_embeddable:
- The Image Editor Flyout has a feature to allow the user to delete a file, based on whether the current user ID is stored in the file metadata.
- x-pack/plugins/cases/public:
- A
useCurrentUserhook to build a query filter that gets the recent cases belonging to the current user
- A
- x-pack/plugins/cloud_integrations/cloud_links/public:
- The current user is checked whether they are a cloud user before adding Cloud links to the security nav controls.
- x-pack/plugins/data_visualizer/public:
- used to generate text for a Filebeat configuration
- used to generate a browser session seed for a FieldStats request
Some additional areas that security.authc is used in browser-side code:
x-pack/plugins/enterprise_search/publicAlready consumesgetCurrentUserfrom core.securityx-pack/plugins/fleet/publicDoesn't consumegetCurrentUser- x-pack/plugins/maps/public
- x-pack/plugins/observability_solution/apm/public
- x-pack/plugins/observability_solution/observability_ai_assistant_app/public
x-pack/plugins/stack_connectors/publicDoesn't consumegetCurrentUser
I'd like to focus on an area or areas where updating the code to use core.security APIs will allow me to remove the security dependency from a plugin.
from kibana.
elasticmachine
commented on August 16, 2024
Pinging @elastic/kibana-core (Team:Core)
from kibana.
elasticmachine
commented on August 16, 2024
Pinging @elastic/kibana-security (Team:Security)
from kibana.
Related Issues (20)
- [Infra] Top 10 functions table not rendering HOT 1
- [Infra] Top 10 functions full screen table in a flyout HOT 2
- [Defend workflows]Scan command not generating alerts for the windows OS. HOT 8
- [OneDiscover][UnifiedDocViewer] Auto-pin default selected fields HOT 2
- [ResponseOps][Rules][Alerts] Connect the rule details page refresh button to the alerts table
- [APM] Service groups tour is off HOT 1
- [OneDiscover][UnifiedDocViewer] Add dedicated column for Pinning/Unpinning rows HOT 4
- [OneDiscover][UnifiedDocViewer] Move pagination and actions to flyout footer HOT 1
- Failing test: Chrome UI Functional Tests.test/functional/apps/console/monaco/_vector_tile·ts - console app console vector tiles response validation "before all" hook for "should validate response" HOT 2
- [Fleet] Agent Policies to have multi space affinity HOT 4
- [SLO] Force smaller backfill window on serverless HOT 1
- [SLO] Remove runtime mappings in the rollup transforms HOT 1
- [ES|QL] Improve the last duration calculation in the history component HOT 2
- [Fields metadata service] Add metadata fields support HOT 1
- Failing test: Jest Tests.x-pack/plugins/cases/public/components/custom_fields - FormFields renders correctly HOT 2
- Unable to update UI setting HOT 1
- [ML] Increase Test Coverage 8.16.0 HOT 1
- [Lens] Set default Visualization type per space HOT 1
- [ILM] Replace plugin-defined policy types with ES types HOT 1
- [Task Manager] Explore using process.hrtime for the Kibana discovery service HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kibana.