New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Connection Details] Add route for own api key permissions #182013
Conversation
/ci |
/ci |
/ci |
/ci |
Pinging @elastic/appex-sharedux (Team:SharedUX) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
see comment
hasPermission: once( | ||
async () => await http!.get<boolean>('/internal/security/api_key/check_permissions') | ||
), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Calling, from a plugin, an HTTP endpoint owned by another plugin is a bad isolation pattern that is strongly discouraged.
In theory, that should be done by leveraging the security plugin's contract (that should be the one charge of performing the http call).
Let's wait on what the security team thinks about it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good call, @pgayvallet . I agree it would be best to expose this alongside the rest of the apiKeys functions in Security plugin's start() > authc > apiKeys
💔 Build FailedFailed CI StepsTest Failures
Metrics [docs]Async chunks
Page load bundle
Unknown metric groupsAPI count
History
To update your PR or re-run it, just comment with: cc @rshen91 |
Closing duplicate of https://github.com/elastic/kibana/pull/183286/files |
Summary
Partially closes #181288 and follow up on connection details created in #180912
This PR creates the endpoint that will return API Keys if a user can manage their own API keys and adds it to the existing routes in the security plugin.
Checklist