Skip to content

Commit

Permalink
Merge pull request #3 from legrego/remove-privs-api
Browse files Browse the repository at this point in the history
Remove privs api and hardcoded privs list
  • Loading branch information
kobelb authored Sep 6, 2018
2 parents 6627127 + fc5f7fa commit 14d9058
Show file tree
Hide file tree
Showing 17 changed files with 16 additions and 234 deletions.

This file was deleted.

2 changes: 2 additions & 0 deletions x-pack/plugins/security/common/model/kibana_privilege.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,5 @@
*/

export type KibanaPrivilege = 'none' | 'read' | 'all';

export const KibanaAppPrivileges: KibanaPrivilege[] = ['read', 'all'];
2 changes: 0 additions & 2 deletions x-pack/plugins/security/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ import { validateConfig } from './server/lib/validate_config';
import { authenticateFactory } from './server/lib/auth_redirect';
import { checkLicense } from './server/lib/check_license';
import { initAuthenticator } from './server/lib/authentication/authenticator';
import { initPrivilegesApi } from './server/routes/api/v1/privileges';
import { SecurityAuditLogger } from './server/lib/audit_logger';
import { AuditLogger } from '../../server/lib/audit_logger';
import { createAuthorizationService, registerPrivilegesWithCluster } from './server/lib/authorization';
Expand Down Expand Up @@ -161,7 +160,6 @@ export const security = (kibana) => new kibana.Plugin({
initUsersApi(server);
initPublicRolesApi(server);
initIndicesApi(server);
initPrivilegesApi(server);
initLoginView(server, xpackMainPlugin);
initLogoutView(server);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ import React, { ChangeEvent, Component, HTMLProps } from 'react';
import { toastNotifications } from 'ui/notify';
import { Space } from '../../../../../../spaces/common/model/space';
import { IndexPrivilege } from '../../../../../common/model/index_privilege';
import { KibanaApplicationPrivilege } from '../../../../../common/model/kibana_application_privilege';
import { KibanaPrivilege } from '../../../../../common/model/kibana_privilege';
import { Role } from '../../../../../common/model/role';
import { isReservedRole } from '../../../../lib/role';
import { deleteRole, saveRole } from '../../../../objects';
Expand All @@ -42,7 +42,7 @@ interface Props {
rbacEnabled: boolean;
allowDocumentLevelSecurity: boolean;
allowFieldLevelSecurity: boolean;
kibanaAppPrivileges: KibanaApplicationPrivilege[];
kibanaAppPrivileges: KibanaPrivilege[];
notifier: any;
spaces?: Space[];
spacesEnabled: boolean;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

import React, { Component } from 'react';
import { Space } from '../../../../../../../../spaces/common/model/space';
import { KibanaApplicationPrivilege } from '../../../../../../../common/model/kibana_application_privilege';
import { KibanaPrivilege } from '../../../../../../../common/model/kibana_privilege';
import { Role } from '../../../../../../../common/model/role';
import { RoleValidator } from '../../../lib/validate_role';
import { CollapsiblePanel } from '../../collapsible_panel';
Expand All @@ -18,7 +18,7 @@ interface Props {
spacesEnabled: boolean;
spaces?: Space[];
editable: boolean;
kibanaAppPrivileges: KibanaApplicationPrivilege[];
kibanaAppPrivileges: KibanaPrivilege[];
onChange: (role: Role) => void;
validator: RoleValidator;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,14 +24,7 @@ const buildProps = (customProps?: any) => {
},
},
editable: true,
kibanaAppPrivileges: [
{
name: 'all',
},
{
name: 'read',
},
],
kibanaAppPrivileges: ['all', 'read'],
onChange: jest.fn(),
...customProps,
};
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import {
EuiFormRow,
} from '@elastic/eui';
import React, { Component, Fragment } from 'react';
import { KibanaApplicationPrivilege } from '../../../../../../../common/model/kibana_application_privilege';
import { KibanaPrivilege } from '../../../../../../../common/model/kibana_privilege';
import { Role } from '../../../../../../../common/model/role';
import { isReservedRole } from '../../../../../../lib/role';
Expand All @@ -19,7 +18,7 @@ import { copyRole } from '../../../lib/copy_role';
import { PrivilegeSelector } from './privilege_selector';

interface Props {
kibanaAppPrivileges: KibanaApplicationPrivilege[];
kibanaAppPrivileges: KibanaPrivilege[];
role: Role;
onChange: (role: Role) => void;
editable: boolean;
Expand All @@ -30,7 +29,6 @@ export class SimplePrivilegeForm extends Component<Props, {}> {
const { kibanaAppPrivileges, role } = this.props;

const assignedPrivileges = role.kibana;
const availablePrivileges = kibanaAppPrivileges.map(privilege => privilege.name);

const kibanaPrivilege: KibanaPrivilege =
assignedPrivileges.global.length > 0
Expand All @@ -45,7 +43,7 @@ export class SimplePrivilegeForm extends Component<Props, {}> {
<EuiFormRow hasEmptyLabelSpace>
<PrivilegeSelector
data-test-subj={'kibanaPrivilege'}
availablePrivileges={availablePrivileges}
availablePrivileges={kibanaAppPrivileges}
value={kibanaPrivilege}
disabled={isReservedRole(role)}
allowNone={true}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,7 @@ const buildProps = (customProps: any = {}) => {
},
],
editable: true,
kibanaAppPrivileges: [
{
name: 'all',
},
{
name: 'read',
},
],
kibanaAppPrivileges: ['all', 'read'],
onChange: jest.fn(),
validator: new RoleValidator(),
...customProps,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ import {
} from '@elastic/eui';
import React, { Component, Fragment } from 'react';
import { Space } from '../../../../../../../../spaces/common/model/space';
import { KibanaApplicationPrivilege } from '../../../../../../../common/model/kibana_application_privilege';
import { KibanaPrivilege } from '../../../../../../../common/model/kibana_privilege';
import { Role } from '../../../../../../../common/model/role';
import { isReservedRole } from '../../../../../../lib/role';
Expand All @@ -32,7 +31,7 @@ import { PrivilegeSpaceForm } from './privilege_space_form';
import { PrivilegeSpaceTable } from './privilege_space_table';

interface Props {
kibanaAppPrivileges: KibanaApplicationPrivilege[];
kibanaAppPrivileges: KibanaPrivilege[];
role: Role;
spaces: Space[];
onChange: (role: Role) => void;
Expand Down Expand Up @@ -74,7 +73,6 @@ export class SpaceAwarePrivilegeForm extends Component<Props, State> {
const { kibanaAppPrivileges, role } = this.props;

const assignedPrivileges = role.kibana;
const availablePrivileges = kibanaAppPrivileges.map(privilege => privilege.name);

const basePrivilege =
assignedPrivileges.global.length > 0 ? assignedPrivileges.global[0] : NO_PRIVILEGE_VALUE;
Expand All @@ -101,7 +99,7 @@ export class SpaceAwarePrivilegeForm extends Component<Props, State> {
<EuiFormRow hasEmptyLabelSpace helpText={helptext}>
<PrivilegeSelector
data-test-subj={'kibanaMinimumPrivilege'}
availablePrivileges={availablePrivileges}
availablePrivileges={kibanaAppPrivileges}
value={basePrivilege}
disabled={isReservedRole(role)}
allowNone={true}
Expand All @@ -112,7 +110,7 @@ export class SpaceAwarePrivilegeForm extends Component<Props, State> {

<EuiSpacer />

{this.renderSpacePrivileges(basePrivilege, availablePrivileges)}
{this.renderSpacePrivileges(basePrivilege, kibanaAppPrivileges)}
</Fragment>
);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import { EditRolePage } from './components';

import React from 'react';
import { render, unmountComponentAtNode } from 'react-dom';
import { KibanaAppPrivileges } from '../../../../common/model/kibana_privilege';

routes.when(`${EDIT_ROLES_PATH}/:name?`, {
template,
Expand Down Expand Up @@ -120,16 +121,13 @@ routes.when(`${EDIT_ROLES_PATH}/:name?`, {
spaces,
} = $route.current.locals;

// todo: don't hard-code this...
const kibanaApplicationPrivilege = [{ name: 'all' }, { name: 'read' } ];

$scope.$$postDigest(() => {
const domNode = document.getElementById('editRoleReactRoot');

render(<EditRolePage
runAsUsers={users}
role={role}
kibanaAppPrivileges={kibanaApplicationPrivilege}
kibanaAppPrivileges={KibanaAppPrivileges}
indexPatterns={indexPatterns}
rbacEnabled={true}
rbacApplication={rbacApplication}
Expand Down
25 changes: 0 additions & 25 deletions x-pack/plugins/security/server/routes/api/v1/privileges.js

This file was deleted.

1 change: 1 addition & 0 deletions x-pack/test/api_integration/apis/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@

export default function ({ loadTestFile }) {
describe('apis', () => {
loadTestFile(require.resolve('./es'));
loadTestFile(require.resolve('./security'));
loadTestFile(require.resolve('./monitoring'));
loadTestFile(require.resolve('./xpack_main'));
Expand Down
2 changes: 0 additions & 2 deletions x-pack/test/rbac_api_integration/apis/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -180,8 +180,6 @@ export default function ({ loadTestFile, getService }) {
});

});
loadTestFile(require.resolve('./es'));
loadTestFile(require.resolve('./privileges'));
loadTestFile(require.resolve('./saved_objects'));
loadTestFile(require.resolve('./spaces'));
});
Expand Down
Loading

0 comments on commit 14d9058

Please sign in to comment.