Open TinaHeiligers opened 2 weeks ago
Reporting uses getCurrentUser
and licensing from the Security Plugin.
I'll migrate getCurrentUser
as part of On-Week (June 2024).
We have to wait for licensing
to be exposed from Core before completely migrating off of (and removing) the security Plugin.
@tsullivan will search for a client-side use case as part of On-Week June 2024.
Pinging @elastic/kibana-core (Team:Core)
Pinging @elastic/kibana-security (Team:Security)
I have found a few plugins throughout Kibana that call security.authc.getCurrentUser
from browser-side code.
UserIdGetter
. This is needed in the Data Views API client, which sends a user-hash
field in request headers.useCurrentUser
hook to build a query filter that gets the recent cases belonging to the current userSome additional areas that security.authc
is used in browser-side code:
getCurrentUser
from core.securitygetCurrentUser
getCurrentUser
I'd like to focus on an area or areas where updating the code to use core.security
APIs will allow me to remove the security dependency from a plugin.
Related to https://github.com/elastic/kibana/issues/174578 Create example migrations from security plugin APIs to
core.security
APIs.Find and migrate a plugin's
getCurrentUser
a) on the server side via start contract, b) on the server side close to a HTTP handler where using it from the request context would have been better, c) on the client side, and d) IfgetCurrentUser
is the only dependency on the security plugin, remove the dependency.