[6.6] [ML] Fixes annotations integrity check. (#30102) (#30120)

With security enabled, the internal user wouldn't have enough permissions to run the integrity check. This changes the check to use the currently logged in user. Also fixes some typos in messages.
2025-04-23 17:28:26 -04:00 · 2019-02-05 21:39:37 +01:00 · 2019-02-05 21:39:37 +01:00 · 1ede80962b
commit 1ede80962b
parent d8bb369f7e
4 changed files with 14 additions and 17 deletions
--- a/x-pack/plugins/ml/public/explorer/explorer_charts/explorer_chart_info_tooltip.js
+++ b/x-pack/plugins/ml/public/explorer/explorer_charts/explorer_chart_info_tooltip.js
@ -11,7 +11,7 @@ import React from 'react';
 import { CHART_TYPE } from '../explorer_constants';

 const CHART_DESCRIPTION = {
-  [CHART_TYPE.EVENT_DISTRIBUTION]: 'The gray dots depict the distribution of occurences over time for a sample of by_field_values with \
+  [CHART_TYPE.EVENT_DISTRIBUTION]: 'The gray dots depict the distribution of occurrences over time for a sample of by_field_values with \
 more frequent event types at the top and rarer ones at the bottom.',
  [CHART_TYPE.POPULATION_DISTRIBUTION]: 'The gray dots depict the distribution of values over time for a sample of over_field_values.'
 };
--- a/x-pack/plugins/ml/public/timeseriesexplorer/components/timeseries_chart/timeseries_chart.js
+++ b/x-pack/plugins/ml/public/timeseriesexplorer/components/timeseries_chart/timeseries_chart.js
@ -170,7 +170,7 @@ export class TimeseriesChart extends React.Component {
      toastNotifications.addSuccess(`Deleted annotation for job with ID ${annotation.job_id}.`);
    } catch (err) {
      toastNotifications
-        .addDanger(`An error occured deleting the annotation for job with ID ${annotation.job_id}: ${JSON.stringify(err)}`);
+        .addDanger(`An error occurred deleting the annotation for job with ID ${annotation.job_id}: ${JSON.stringify(err)}`);
    }

    this.closeDeleteModal();
@ -201,7 +201,7 @@ export class TimeseriesChart extends React.Component {
      .catch((resp) => {
        const action = (typeof annotation._id === 'undefined') ? 'creating' : 'updating';
        toastNotifications
-          .addDanger(`An error occured ${action} the annotation for job with ID ${annotation.job_id}: ${JSON.stringify(resp)}`);
+          .addDanger(`An error occurred ${action} the annotation for job with ID ${annotation.job_id}: ${JSON.stringify(resp)}`);
      });
  }

--- a/x-pack/plugins/ml/server/lib/check_annotations/index.js
+++ b/x-pack/plugins/ml/server/lib/check_annotations/index.js
@ -4,8 +4,6 @@
 * you may not use this file except in compliance with the Elastic License.
 */

-import { callWithInternalUserFactory } from '../../client/call_with_internal_user_factory';
-
 import {
  ML_ANNOTATIONS_INDEX_ALIAS_READ,
  ML_ANNOTATIONS_INDEX_ALIAS_WRITE,
@ -19,30 +17,28 @@ import { FEATURE_ANNOTATIONS_ENABLED } from '../../../common/constants/feature_f
 // - ML_ANNOTATIONS_INDEX_PATTERN index is present
 // - ML_ANNOTATIONS_INDEX_ALIAS_READ alias is present
 // - ML_ANNOTATIONS_INDEX_ALIAS_WRITE alias is present
-export async function isAnnotationsFeatureAvailable(server) {
+export async function isAnnotationsFeatureAvailable(callWithRequest) {
  if (!FEATURE_ANNOTATIONS_ENABLED) return false;

  try {
-    const callWithInternalUser = callWithInternalUserFactory(server);
-
    const indexParams = { index: ML_ANNOTATIONS_INDEX_PATTERN };

-    const annotationsIndexExists = await callWithInternalUser('indices.exists', indexParams);
+    const annotationsIndexExists = await callWithRequest('indices.exists', indexParams);
    if (!annotationsIndexExists) return false;

-    const annotationsReadAliasExists = await callWithInternalUser('indices.existsAlias', {
+    const annotationsReadAliasExists = await callWithRequest('indices.existsAlias', {
      name: ML_ANNOTATIONS_INDEX_ALIAS_READ
    });

    if (!annotationsReadAliasExists) return false;

-    const annotationsWriteAliasExists = await callWithInternalUser('indices.existsAlias', {
+    const annotationsWriteAliasExists = await callWithRequest('indices.existsAlias', {
      name: ML_ANNOTATIONS_INDEX_ALIAS_WRITE
    });
    if (!annotationsWriteAliasExists) return false;

  } catch (err) {
-    server.log(['info', 'ml'], 'Disabling ML annotations feature because the index/alias integrity check failed.');
+    /* return false if any of the server requests fails */
    return false;
  }

--- a/x-pack/plugins/ml/server/routes/annotations.js
+++ b/x-pack/plugins/ml/server/routes/annotations.js
@ -18,7 +18,8 @@ import { ANNOTATION_USER_UNKNOWN } from '../../common/constants/annotations';
 function getAnnotationsFeatureUnavailableErrorMessage() {
  return Boom.badRequest(
    i18n.translate('xpack.ml.routes.annotations.annotationsFeatureUnavailableErrorMessage', {
-      defaultMessage: 'Index and aliases required for the annotations feature have not been created.',
+      defaultMessage: 'Index and aliases required for the annotations feature have not been'
+        + ' created or are not accessible for the current user.',
    })
  );
 }
@ -41,12 +42,12 @@ export function annotationRoutes(server, commonRouteConfig) {
    method: 'PUT',
    path: '/api/ml/annotations/index',
    async handler(request) {
-      const annotationsFeatureAvailable = await isAnnotationsFeatureAvailable(server);
+      const callWithRequest = callWithRequestFactory(server, request);
+      const annotationsFeatureAvailable = await isAnnotationsFeatureAvailable(callWithRequest);
      if (annotationsFeatureAvailable === false) {
        return getAnnotationsFeatureUnavailableErrorMessage();
      }

-      const callWithRequest = callWithRequestFactory(server, request);
      const { indexAnnotation } = annotationServiceProvider(callWithRequest);
      const username = _.get(request, 'auth.credentials.username', ANNOTATION_USER_UNKNOWN);
      return indexAnnotation(request.payload, username)
@ -61,12 +62,12 @@ export function annotationRoutes(server, commonRouteConfig) {
    method: 'DELETE',
    path: '/api/ml/annotations/delete/{annotationId}',
    async handler(request) {
-      const annotationsFeatureAvailable = await isAnnotationsFeatureAvailable(server);
+      const callWithRequest = callWithRequestFactory(server, request);
+      const annotationsFeatureAvailable = await isAnnotationsFeatureAvailable(callWithRequest);
      if (annotationsFeatureAvailable === false) {
        return getAnnotationsFeatureUnavailableErrorMessage();
      }

-      const callWithRequest = callWithRequestFactory(server, request);
      const annotationId = request.params.annotationId;
      const { deleteAnnotation } = annotationServiceProvider(callWithRequest);
      return deleteAnnotation(annotationId)