[Ent Search Deprecation] Remove permission check for capabilities cat…

…alogue (elastic#202060) This change is related to removing the permission check for capabilities catalogue in enterprise search. This PR resolves this [issue](elastic/search-team#8521). ### Description Currently, this [line](https://github.com/elastic/kibana/blob/01de8870602d032f0c49c791552966fa556e634e/x-pack/plugins/enterprise_search/server/plugin.ts#L234) is registering kibana capabilities for app search and workplace search. Enterprise search has it's own RBAC and this registration is an extension of kibana's RBAC. Once we get rid of enterprisesearch nodes, we do not need this any more. Co-authored-by: Elastic Machine <[email protected]>
banderror · Dec 10, 2024 · 7ca3b8e · 7ca3b8e
1 parent 80f915f
commit 7ca3b8e
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 85 deletions.
diff --git a/x-pack/plugins/enterprise_search/server/plugin.ts b/x-pack/plugins/enterprise_search/server/plugin.ts
@@ -13,7 +13,6 @@ import {
   Logger,
   SavedObjectsServiceStart,
   IRouter,
-  KibanaRequest,
   DEFAULT_APP_CATEGORIES,
 } from '@kbn/core/server';
 import { CustomIntegrationsPluginSetup } from '@kbn/custom-integrations-plugin/server';
@@ -65,7 +64,6 @@ import { registerTelemetryUsageCollector as registerESTelemetryUsageCollector }
 import { registerTelemetryUsageCollector as registerWSTelemetryUsageCollector } from './collectors/workplace_search/telemetry';
 import { registerEnterpriseSearchIntegrations } from './integrations';
 
-import { checkAccess } from './lib/check_access';
 import { entSearchHttpAgent } from './lib/enterprise_search_http_agent';
 import {
   EnterpriseSearchRequestHandler,
@@ -141,17 +139,9 @@ export class EnterpriseSearchPlugin implements Plugin {
   }
 
   public setup(
-    {
-      capabilities,
-      elasticsearch,
-      http,
-      savedObjects,
-      getStartServices,
-      uiSettings,
-    }: CoreSetup<PluginsStart>,
+    { elasticsearch, http, savedObjects, getStartServices, uiSettings }: CoreSetup<PluginsStart>,
     {
       usageCollection,
-      security,
       features,
       globalSearch,
       logsShared,
@@ -285,40 +275,6 @@ export class EnterpriseSearchPlugin implements Plugin {
      */
     uiSettings.register(enterpriseSearchUISettings);
 
-    /**
-     * Register user access to the Enterprise Search plugins
-     */
-    capabilities.registerSwitcher(
-      async (request: KibanaRequest) => {
-        const [, { spaces }] = await getStartServices();
-
-        const dependencies = {
-          config,
-          security,
-          spaces,
-          request,
-          log,
-          ml,
-        };
-
-        const { hasAppSearchAccess, hasWorkplaceSearchAccess } = await checkAccess(dependencies);
-
-        return {
-          navLinks: {
-            appSearch: hasAppSearchAccess && config.canDeployEntSearch,
-            workplaceSearch: hasWorkplaceSearchAccess && config.canDeployEntSearch,
-          },
-          catalogue: {
-            appSearch: hasAppSearchAccess && config.canDeployEntSearch,
-            workplaceSearch: hasWorkplaceSearchAccess && config.canDeployEntSearch,
-          },
-        };
-      },
-      {
-        capabilityPath: ['navLinks.*', 'catalogue.*'],
-      }
-    );
-
     /**
      * Register routes
      */

diff --git a/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts b/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts
@@ -59,15 +59,9 @@ export default function catalogueTests({ getService }: FtrProviderContext) {
           case 'everything_space_all at everything_space': {
             expect(uiCapabilities.success).to.be(true);
             expect(uiCapabilities.value).to.have.property('catalogue');
-            // everything except spaces, monitoring, the classic enterprise search suite (app search/workplace search), and ES features are enabled
+            // everything except spaces, monitoring, and ES features are enabled
             // (easier to say: all "proper" Kibana features are enabled)
-            const exceptions = [
-              'monitoring',
-              'appSearch',
-              'workplaceSearch',
-              'spaces',
-              ...esFeatureExceptions,
-            ];
+            const exceptions = ['monitoring', 'spaces', ...esFeatureExceptions];
             const expected = mapValues(
               uiCapabilities.value!.catalogue,
               (enabled, catalogueId) => !exceptions.includes(catalogueId)

diff --git a/x-pack/test/ui_capabilities/security_and_spaces/tests/nav_links.ts b/x-pack/test/ui_capabilities/security_and_spaces/tests/nav_links.ts
@@ -47,12 +47,7 @@ export default function navLinksTests({ getService }: FtrProviderContext) {
           case 'everything_space_all at everything_space':
             expect(uiCapabilities.success).to.be(true);
             expect(uiCapabilities.value).to.have.property('navLinks');
-            expect(uiCapabilities.value!.navLinks).to.eql(
-              navLinksBuilder.except('monitoring', {
-                feature: 'enterpriseSearch',
-                apps: ['appSearch', 'workplaceSearch'],
-              })
-            );
+            expect(uiCapabilities.value!.navLinks).to.eql(navLinksBuilder.except('monitoring'));
             break;
           case 'global_read at everything_space':
           case 'dual_privileges_read at everything_space':

diff --git a/x-pack/test/ui_capabilities/spaces_only/tests/catalogue.ts b/x-pack/test/ui_capabilities/spaces_only/tests/catalogue.ts
@@ -25,13 +25,6 @@ export default function catalogueTests({ getService }: FtrProviderContext) {
     'watcher',
   ];
 
-  const uiCapabilitiesExceptions = [
-    // appSearch and workplace Search are loaded but disabled because the ent-search application isn't running.
-    // That means the following capabilities are disabled:
-    'appSearch',
-    'workplaceSearch',
-  ];
-
   describe('catalogue', () => {
     SpaceScenarios.forEach((scenario) => {
       it(`${scenario.name}`, async () => {
@@ -41,10 +34,7 @@ export default function catalogueTests({ getService }: FtrProviderContext) {
             expect(uiCapabilities.success).to.be(true);
             expect(uiCapabilities.value).to.have.property('catalogue');
             // everything is enabled
-            const expected = mapValues(
-              uiCapabilities.value!.catalogue,
-              (enabled, catalogueId) => !uiCapabilitiesExceptions.includes(catalogueId)
-            );
+            const expected = mapValues(uiCapabilities.value!.catalogue, (enabled) => enabled);
             expect(uiCapabilities.value!.catalogue).to.eql(expected);
             break;
           }
@@ -66,8 +56,7 @@ export default function catalogueTests({ getService }: FtrProviderContext) {
             // only foo is disabled
             const expected = mapValues(
               uiCapabilities.value!.catalogue,
-              (enabled, catalogueId) =>
-                !uiCapabilitiesExceptions.includes(catalogueId) && catalogueId !== 'foo'
+              (enabled, catalogueId) => catalogueId !== 'foo' && enabled
             );
             expect(uiCapabilities.value!.catalogue).to.eql(expected);
             break;

diff --git a/x-pack/test/ui_capabilities/spaces_only/tests/nav_links.ts b/x-pack/test/ui_capabilities/spaces_only/tests/nav_links.ts
@@ -17,13 +17,6 @@ export default function navLinksTests({ getService }: FtrProviderContext) {
   const uiCapabilitiesService: UICapabilitiesService = getService('uiCapabilities');
   const featuresService: FeaturesService = getService('features');
 
-  const uiCapabilitiesExceptions = {
-    // appSearch and workplace Search are loaded but disabled because the ent-search application isn't running.
-    // That means the following capabilities are disabled:
-    feature: 'enterpriseSearch',
-    apps: ['appSearch', 'workplaceSearch'],
-  };
-
   describe('navLinks', () => {
     let navLinksBuilder: NavLinksBuilder;
     before(async () => {
@@ -38,9 +31,7 @@ export default function navLinksTests({ getService }: FtrProviderContext) {
           case 'everything_space':
             expect(uiCapabilities.success).to.be(true);
             expect(uiCapabilities.value).to.have.property('navLinks');
-            expect(uiCapabilities.value!.navLinks).to.eql(
-              navLinksBuilder.except(uiCapabilitiesExceptions)
-            );
+            expect(uiCapabilities.value!.navLinks).to.eql(navLinksBuilder.all());
             break;
           case 'nothing_space':
             expect(uiCapabilities.success).to.be(true);
@@ -50,9 +41,7 @@ export default function navLinksTests({ getService }: FtrProviderContext) {
           case 'foo_disabled_space':
             expect(uiCapabilities.success).to.be(true);
             expect(uiCapabilities.value).to.have.property('navLinks');
-            expect(uiCapabilities.value!.navLinks).to.eql(
-              navLinksBuilder.except('foo', uiCapabilitiesExceptions)
-            );
+            expect(uiCapabilities.value!.navLinks).to.eql(navLinksBuilder.except('foo'));
             break;
           default:
             throw new UnreachableError(scenario);