elasticmachine
commented
2 months ago Pinging @elastic/obs-ux-infra_services-team (Team:obs-ux-infra_services)
Open crespocarlos opened 2 months ago
elasticmachine
commented
2 months ago Pinging @elastic/obs-ux-infra_services-team (Team:obs-ux-infra_services)
crespocarlos
commented
2 months ago cc @roshan-elastic
roshan-elastic
commented
2 months ago @crespocarlos - Do you think we should be handling this empty state or should the logs embeddable handle this for us?
crespocarlos
commented
2 months ago @roshan-elastic I think so. Embeddables could validate whether consumers have the necessary access to view it and show the appropriate message.
At the same time, we need to decide whether we even want to show the tab if users don't have permission to see the logs tab.
roshan-elastic
commented
2 months ago Cheers @crespocarlos. Quick Q - is it about permissions to the data or the logs feature itself?
crespocarlos
commented
2 months ago @roshan-elastic It could be both. While I believe this be highly unlikely, you could have access to Logs feature, but restricted access to logs indices
roshan-elastic
commented
2 months ago Cool - cc @smith
Sounds like ideally the logs embeddable itself should have some kind of state for no permissions handling but we should disable the tab completely if we know it won't work.
Sounds like this applies to the other issues too:
Summary
We should hide the logs tab in the hosts view and asset details or display a message when users don't have access to Logs
User without access to Logs
Admin user
Steps to reproduce
Possible solution
We could show the Logs tab only if
application.uiCapabilities.logs.showistrueor display a message saying that the user doesn't have permission if the same condition is not met, eg:Osquery displays a message, so If we decide to hide the Logs tab, we might want to hide Osquery tab to in case users don't have permission to view it for consistency.