Improve home screen for limited-access users #77665
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
legrego
force-pushed
the
home/improve-capabilities-checking
branch
2 times, most recently
from
8db8ad0
to
831a63c
Compare
legrego
added
release_note:skip
legrego
force-pushed
the
home/improve-capabilities-checking
branch
from
b7b0e0b
to
2716cfb
Compare
💚 Build SucceededBuild metricsasync chunks size
page load bundle size
History
To update your PR or re-run it, just comment with: |
|
Pinging @elastic/kibana-security (Team:Security) |
cjcenizal
approved these changes
Sep 17, 2020
|
ACK: will review today |
azasypkin
approved these changes
Sep 18, 2020
| @@ -13,7 +13,15 @@ import { UserAtSpaceScenarios } from '../scenarios'; | |||
| export default function catalogueTests({ getService }: FtrProviderContext) { | |||
| const uiCapabilitiesService: UICapabilitiesService = getService('uiCapabilities'); | |||
|
|
|||
| const esFeatureExceptions = ['security', 'rollup_jobs', 'reporting', 'transform', 'watcher']; | |||
| const esFeatureExceptions = [ | |||
There was a problem hiding this comment.
question: just for my own education, is this a list of features that depend on specific ES cluster privileges?
There was a problem hiding this comment.
Yes, these are what I'm calling "Elasticsearch Features", which are governed by cluster and/or index privileges as opposed to Kibana Privileges. This was a concept that we introduced in #67791 in order to know when it was safe to show/hide features within the Stack Management application.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This is mostly a followup to #67791, but there were also tweaks required to the Home app to respond to the differing privilege levels.
Updates the ILM and Snapshot/Restore features to correctly register their catalogue entries with the privilege system.
These entries were showing up for all users because they were not registered as part of the call to
registerElasticsearchFeature()Updates the Feature Catalogue to support an optional
visible()callback.Feature catalogue entries must be registered during
setup, before thecapabilitiesservice is ready. As a result, the Stack Management entry needs to dynamically update its visibility after registration.This entry was showing up for all users prior to this change.
Adds functional tests to verify this
There were 0 functional tests verifying home screen functionality with security enabled. This PR introduces a couple to prevent regressions, but more should be added in followups.
User with access to only Dashboards
Before
After