AlertsClient.getAuthorizedAlertsIndices() starts using RuleDataService

elastic · Aug 21, 2021 · c388788 · c388788
1 parent cb8708c
commit c388788
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 18 deletions.
diff --git a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client.ts
@@ -15,6 +15,7 @@ import type {
   isValidFeatureId as isValidFeatureIdTyped,
   mapConsumerToIndexName as mapConsumerToIndexNameTyped,
   STATUS_VALUES,
+  ValidFeatureId,
 } from '@kbn/rule-data-utils';
 import {
   getEsQueryConfig as getEsQueryConfigNonTyped,
@@ -42,6 +43,7 @@ import {
   SPACE_IDS,
 } from '../../common/technical_rule_data_field_names';
 import { ParsedTechnicalFields } from '../../common/parse_technical_fields';
+import { Dataset, RuleDataPluginService } from '../rule_data_plugin_service';
 
 const getEsQueryConfig: typeof getEsQueryConfigTyped = getEsQueryConfigNonTyped;
 const getSafeSortIds: typeof getSafeSortIdsTyped = getSafeSortIdsNonTyped;
@@ -71,6 +73,7 @@ export interface ConstructorOptions {
   authorization: PublicMethodsOf<AlertingAuthorization>;
   auditLogger?: AuditLogger;
   esClient: ElasticsearchClient;
+  ruleDataService: RuleDataPluginService;
 }
 
 export interface UpdateOptions<Params extends AlertTypeParams> {
@@ -115,15 +118,17 @@ export class AlertsClient {
   private readonly authorization: PublicMethodsOf<AlertingAuthorization>;
   private readonly esClient: ElasticsearchClient;
   private readonly spaceId: string | undefined;
+  private readonly ruleDataService: RuleDataPluginService;
 
-  constructor({ auditLogger, authorization, logger, esClient }: ConstructorOptions) {
-    this.logger = logger;
-    this.authorization = authorization;
-    this.esClient = esClient;
-    this.auditLogger = auditLogger;
+  constructor(options: ConstructorOptions) {
+    this.logger = options.logger;
+    this.authorization = options.authorization;
+    this.esClient = options.esClient;
+    this.auditLogger = options.auditLogger;
     // If spaceId is undefined, it means that spaces is disabled
     // Otherwise, if space is enabled and not specified, it is "default"
     this.spaceId = this.authorization.getSpaceId();
+    this.ruleDataService = options.ruleDataService;
   }
 
   private getOutcome(
@@ -666,15 +671,18 @@ export class AlertsClient {
         authorizedFeatures.add(ruleType.producer);
       }
 
-      const toReturn = Array.from(authorizedFeatures).flatMap((feature) => {
-        if (featureIds.includes(feature) && isValidFeatureId(feature)) {
-          if (feature === 'siem') {
-            return `${mapConsumerToIndexName[feature]}-${this.spaceId}`;
-          } else {
-            return `${mapConsumerToIndexName[feature]}`;
-          }
+      const validAuthorizedFeatures = Array.from(authorizedFeatures).filter(
+        (feature): feature is ValidFeatureId =>
+          featureIds.includes(feature) && isValidFeatureId(feature)
+      );
+
+      const toReturn = validAuthorizedFeatures.flatMap((feature) => {
+        const indices = this.ruleDataService.findIndicesByFeature(feature, Dataset.alerts);
+        if (feature === 'siem') {
+          return indices.map((i) => `${i.baseName}-${this.spaceId}`);
+        } else {
+          return indices.map((i) => i.baseName);
         }
-        return [];
       });
 
       return toReturn;

diff --git a/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client_factory.ts b/x-pack/plugins/rule_registry/server/alert_data_client/alerts_client_factory.ts
@@ -5,17 +5,19 @@
  * 2.0.
  */
 
-import { ElasticsearchClient, KibanaRequest, Logger } from 'src/core/server';
 import { PublicMethodsOf } from '@kbn/utility-types';
-import { SecurityPluginSetup } from '../../../security/server';
+import { ElasticsearchClient, KibanaRequest, Logger } from 'src/core/server';
 import { AlertingAuthorization } from '../../../alerting/server';
+import { SecurityPluginSetup } from '../../../security/server';
+import { RuleDataPluginService } from '../rule_data_plugin_service';
 import { AlertsClient } from './alerts_client';
 
 export interface AlertsClientFactoryProps {
   logger: Logger;
   esClient: ElasticsearchClient;
   getAlertingAuthorization: (request: KibanaRequest) => PublicMethodsOf<AlertingAuthorization>;
   securityPluginSetup: SecurityPluginSetup | undefined;
+  ruleDataService: RuleDataPluginService | null;
 }
 
 export class AlertsClientFactory {
@@ -26,6 +28,7 @@ export class AlertsClientFactory {
     request: KibanaRequest
   ) => PublicMethodsOf<AlertingAuthorization>;
   private securityPluginSetup!: SecurityPluginSetup | undefined;
+  private ruleDataService!: RuleDataPluginService | null;
 
   public initialize(options: AlertsClientFactoryProps) {
     /**
@@ -40,6 +43,7 @@ export class AlertsClientFactory {
     this.logger = options.logger;
     this.esClient = options.esClient;
     this.securityPluginSetup = options.securityPluginSetup;
+    this.ruleDataService = options.ruleDataService;
   }
 
   public async create(request: KibanaRequest): Promise<AlertsClient> {
@@ -50,6 +54,7 @@ export class AlertsClientFactory {
       authorization: getAlertingAuthorization(request),
       auditLogger: securityPluginSetup?.audit.asScoped(request),
       esClient: this.esClient,
+      ruleDataService: this.ruleDataService!,
     });
   }
 }
diff --git a/x-pack/plugins/rule_registry/server/plugin.ts b/x-pack/plugins/rule_registry/server/plugin.ts
@@ -125,7 +125,7 @@ export class RuleRegistryPlugin
     core: CoreStart,
     plugins: RuleRegistryPluginStartDependencies
   ): RuleRegistryPluginStartContract {
-    const { logger, alertsClientFactory, security } = this;
+    const { logger, alertsClientFactory, ruleDataService, security } = this;
 
     alertsClientFactory.initialize({
       logger,
@@ -135,6 +135,7 @@ export class RuleRegistryPlugin
         return plugins.alerting.getAlertingAuthorizationWithRequest(request);
       },
       securityPluginSetup: security,
+      ruleDataService,
     });
 
     const getRacClientWithRequest = (request: KibanaRequest) => {

diff --git a/x-pack/plugins/rule_registry/server/rule_data_plugin_service/rule_data_plugin_service.ts b/x-pack/plugins/rule_registry/server/rule_data_plugin_service/rule_data_plugin_service.ts
@@ -171,7 +171,8 @@ export class RuleDataPluginService {
    * Looks up the index information associated with the given Kibana "feature".
    * Note: features are used in RBAC.
    */
-  public findIndicesByFeature(featureId: ValidFeatureId): IndexInfo[] {
-    return this.indicesByFeatureId.get(featureId) ?? [];
+  public findIndicesByFeature(featureId: ValidFeatureId, dataset?: Dataset): IndexInfo[] {
+    const foundIndices = this.indicesByFeatureId.get(featureId) ?? [];
+    return dataset ? foundIndices.filter((i) => i.indexOptions.dataset === dataset) : foundIndices;
   }
 }