[7.x] Add security support for alerts and actions (#41389) #43592
Commits on Aug 20, 2019
-
Add security support for alerts and actions (elastic#41389)
* Initial work * Cleanup add createAPIKey fn pt1 * Change getServices function to take request as parameter * Use API key when executing alerts * Revert task manager using encrypted saved objects * Store fired actions within a saved object to encrypt API keys * Fix fireActionId * Cleanup code, fix type check error * Add a type for getScopedSavedObjectsClient * Fix getBasePath and spaceIdToNamespace functions * Add safety check for API key and action * Fix integration tests * Fix broken jest tests * Cleanup * Rename generatedApiKey to apiKeyValue * Ensure access to action record * Cleanup * Add unit tests * Fix variable conflict * Revert task manager specific code (no longer needed) * Remove fire terminology * Move tests to spaces and security folder * Use ES Archiver to remove spaces (empty_kibana) * Fix missing pieces * Convert action tests to run per user * Convert alerting tests to run per user * Fix type check issue * Fix failing test * Add callCluster and savedObjectsClient authorization tests * Make savedObjectsClient return 403 for authorization tests * Cleanup * Fix test failure * Common function to get data from test index * Create ObjectRemover * Cleanup * useApiKey now provided to functions instead of relying on condition of two strings * Fix typo * Make tests it(...) start with should * Rename useApiKey to isSecurityEnabled * Merge apiKeyId and apiKeyValue into one * Update docs * Use feature controls for list alert / action types API * Remove need to add ! in TypeScript for required plugins * Fix ESLint issue * Include actions and alertTypeParams into AAD and genereate new API key on update * Generate random id for API key name attribute * Include interval in AAD * Send pre-encoded string * Fix ExecutorError * Fix apiKey snapshot * Fix 'default' typo * De-compose apiKey * Refresh API key when enabling / disabling an alert * Add updatedBy * Make unauthorized APIs return 404
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.