Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution]Duplicate warning pop-up are shown on attaching existing case to timeline when user have none access privilege to case. #102326

Closed
ghost opened this issue Jun 16, 2021 · 9 comments
Closed

[Security Solution]Duplicate warning pop-up are shown on attaching existing case to timeline when user have none access privilege to case. #102326

ghost opened this issue Jun 16, 2021 · 9 comments
Labels
bug Fixes for quality problems that affect the customer experience fixed impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.14.0

Comments

@ghost
Copy link

ghost commented Jun 16, 2021

Describe the bug
Duplicate warning pop-up are shown on attaching existing case to timeline when user have none access privilege to case.

Build Details:

Version: 7.14.0-SNAPSHOT
commit: 9838db392e7fcfc12f004b68fb1b09739f131148
Build Hash:41559
Artifact : https://artifacts-api.elastic.co/v1/search/7.14.0-SNAPSHOT

Browser Details:
N/A

Browser Details
All

Preconditions

  1. Kibana user should be logged in.
  2. Create a new user and assign below role to it.
  3. Create a Role with All application to All and Case to None .
  4. Case should be exist on above kibana environment. (creat with help of superuser)

Steps to Reproduce
1.login with user having read case privilege
2.Go to Timeline tab
3.Click on any timeline.
4.Click on Attach case > Existing case.
5.Observed that duplicate warning pop-up shown up , all having the same information.

Actual Result
Duplicate warning pop-up are shown on attaching existing case to timeline when user have none access privilege to case.

Expected Result
Single warning pop-up should show up on timeline on attaching existing case to timeline when user have none access privilege to case.

Whats Working

  • N/A

Whats Not Working

  • N/A

Screen-Shoot
image

logs
N/A
@ghost ghost added bug Fixes for quality problems that affect the customer experience Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Jun 16, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@manishgupta-qasource
Copy link

Reviewed & Assigned to @MadameSheema

@manishgupta-qasource manishgupta-qasource added the impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. label Jun 16, 2021
@MadameSheema MadameSheema added the Team:Threat Hunting Security Solution Threat Hunting Team label Jun 16, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@MadameSheema
Copy link
Member

Thanks @karanbirsingh-qasource , I think this is the expected behaviour since we are getting an error per each one of the calls performed.

@cnasikas @jonathan-buttner can you please confirm?

@jonathan-buttner
Copy link
Contributor

This is expected behavior, and as soon as this PR is merged: #101325

Readonly users will not see a button to attach cases from timeline. @manishgupta-qasource once my PR is merged can you confirm that this issue is resolved?

@jonathan-buttner
Copy link
Contributor

Oops I mean @karanbirsingh-qasource could you confirm that it's resolved after my PR is merged.

@ghost
Copy link
Author

ghost commented Jun 17, 2021

sure @jonathan-buttner we we kill track of PR merge and regress the issue.

@MadameSheema MadameSheema removed their assignment Jun 18, 2021
@cnasikas cnasikas added the fixed label Jul 6, 2021
@cnasikas
Copy link
Member

cnasikas commented Jul 6, 2021

@karanbirsingh-qasource It should be fixed 🙂

@ghost
Copy link
Author

ghost commented Jul 6, 2021

Yes @cnasikas thank for the update now, user having None Access to Case sub-feature have no access to cases at all .

Hence closing this issue and adding "QA:Validated" to it.

thanks !!

@ghost ghost closed this as completed Jul 6, 2021
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience fixed impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.14.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@cnasikas @elasticmachine @MadameSheema @jonathan-buttner @manishgupta-qasource