From ed2b5da9ee267e52f16be222e6bda421f286f830 Mon Sep 17 00:00:00 2001 From: Larry Gregory Date: Mon, 17 May 2021 07:46:49 -0400 Subject: [PATCH] Remove circular dependency between features and security --- .../__snapshots__/oss_features.test.ts.snap | 996 ----------------- .../server/feature_privilege_iterator.js | 10 - .../features/server/oss_features.test.ts | 29 - .../__snapshots__/oss_features.test.ts.snap | 997 ++++++++++++++++++ .../server/authorization/oss_features.test.ts | 38 + 5 files changed, 1035 insertions(+), 1035 deletions(-) delete mode 100644 x-pack/plugins/features/server/feature_privilege_iterator.js create mode 100644 x-pack/plugins/security/server/authorization/__snapshots__/oss_features.test.ts.snap create mode 100644 x-pack/plugins/security/server/authorization/oss_features.test.ts diff --git a/x-pack/plugins/features/server/__snapshots__/oss_features.test.ts.snap b/x-pack/plugins/features/server/__snapshots__/oss_features.test.ts.snap index 88712f2ac14c0..b993f0a896f8a 100644 --- a/x-pack/plugins/features/server/__snapshots__/oss_features.test.ts.snap +++ b/x-pack/plugins/features/server/__snapshots__/oss_features.test.ts.snap @@ -455,999 +455,3 @@ Array [ }, ] `; - -exports[`buildOSSFeatures with a basic license returns the advancedSettings feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "advanced_settings", - ], - "management": Object { - "kibana": Array [ - "settings", - ], - }, - "savedObject": Object { - "all": Array [ - "config", - ], - "read": Array [], - }, - "ui": Array [ - "save", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "advanced_settings", - ], - "management": Object { - "kibana": Array [ - "settings", - ], - }, - "savedObject": Object { - "all": Array [], - "read": Array [], - }, - "ui": Array [], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a basic license returns the dashboard feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "alerting": Object { - "all": Array [], - "read": Array [], - }, - "api": Array [ - "store_search_session", - ], - "app": Array [ - "dashboards", - "kibana", - ], - "catalogue": Array [ - "dashboard", - ], - "management": Object { - "kibana": Array [ - "search_sessions", - ], - }, - "savedObject": Object { - "all": Array [ - "dashboard", - "query", - "url", - "search-session", - ], - "read": Array [ - "index-pattern", - "search", - "visualization", - "timelion-sheet", - "canvas-workpad", - "lens", - "map", - "tag", - ], - }, - "ui": Array [ - "createNew", - "show", - "showWriteControls", - "saveQuery", - "createShortUrl", - "storeSearchSession", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "dashboards", - "kibana", - ], - "catalogue": Array [ - "dashboard", - ], - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - "search", - "visualization", - "timelion-sheet", - "canvas-workpad", - "lens", - "map", - "dashboard", - "query", - "tag", - ], - }, - "ui": Array [ - "show", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a basic license returns the dev_tools feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "api": Array [ - "console", - ], - "app": Array [ - "dev_tools", - "kibana", - ], - "catalogue": Array [ - "console", - "searchprofiler", - "grokdebugger", - ], - "savedObject": Object { - "all": Array [], - "read": Array [], - }, - "ui": Array [ - "show", - "save", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "api": Array [ - "console", - ], - "app": Array [ - "dev_tools", - "kibana", - ], - "catalogue": Array [ - "console", - "searchprofiler", - "grokdebugger", - ], - "savedObject": Object { - "all": Array [], - "read": Array [], - }, - "ui": Array [ - "show", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a basic license returns the discover feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "alerting": Object { - "all": Array [], - "read": Array [], - }, - "api": Array [ - "store_search_session", - ], - "app": Array [ - "discover", - "kibana", - ], - "catalogue": Array [ - "discover", - ], - "management": Object { - "kibana": Array [ - "search_sessions", - ], - }, - "savedObject": Object { - "all": Array [ - "search", - "query", - "index-pattern", - "url", - "search-session", - ], - "read": Array [], - }, - "ui": Array [ - "show", - "save", - "saveQuery", - "createShortUrl", - "storeSearchSession", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "discover", - "kibana", - ], - "catalogue": Array [ - "discover", - ], - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - "search", - "query", - ], - }, - "ui": Array [ - "show", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a basic license returns the indexPatterns feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "indexPatterns", - ], - "management": Object { - "kibana": Array [ - "indexPatterns", - ], - }, - "savedObject": Object { - "all": Array [ - "index-pattern", - ], - "read": Array [], - }, - "ui": Array [ - "save", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "indexPatterns", - ], - "management": Object { - "kibana": Array [ - "indexPatterns", - ], - }, - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - ], - }, - "ui": Array [], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a basic license returns the savedObjectsManagement feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "api": Array [ - "copySavedObjectsToSpaces", - ], - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "saved_objects", - ], - "management": Object { - "kibana": Array [ - "objects", - ], - }, - "savedObject": Object { - "all": Array [ - "foo", - "bar", - ], - "read": Array [], - }, - "ui": Array [ - "read", - "edit", - "delete", - "copyIntoSpace", - "shareIntoSpace", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "api": Array [ - "copySavedObjectsToSpaces", - ], - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "saved_objects", - ], - "management": Object { - "kibana": Array [ - "objects", - ], - }, - "savedObject": Object { - "all": Array [], - "read": Array [ - "foo", - "bar", - ], - }, - "ui": Array [ - "read", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a basic license returns the timelion feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "app": Array [ - "timelion", - "kibana", - ], - "catalogue": Array [ - "timelion", - ], - "savedObject": Object { - "all": Array [ - "timelion-sheet", - ], - "read": Array [ - "index-pattern", - ], - }, - "ui": Array [ - "save", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "timelion", - "kibana", - ], - "catalogue": Array [ - "timelion", - ], - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - "timelion-sheet", - ], - }, - "ui": Array [], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a basic license returns the visualize feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "alerting": Object { - "all": Array [], - "read": Array [], - }, - "api": Array [], - "app": Array [ - "visualize", - "lens", - "kibana", - ], - "catalogue": Array [ - "visualize", - ], - "management": Object {}, - "savedObject": Object { - "all": Array [ - "visualization", - "query", - "lens", - "url", - ], - "read": Array [ - "index-pattern", - "search", - "tag", - ], - }, - "ui": Array [ - "show", - "delete", - "save", - "saveQuery", - "createShortUrl", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "visualize", - "lens", - "kibana", - ], - "catalogue": Array [ - "visualize", - ], - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - "search", - "visualization", - "query", - "lens", - "tag", - ], - }, - "ui": Array [ - "show", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a enterprise license returns the advancedSettings feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "advanced_settings", - ], - "management": Object { - "kibana": Array [ - "settings", - ], - }, - "savedObject": Object { - "all": Array [ - "config", - ], - "read": Array [], - }, - "ui": Array [ - "save", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "advanced_settings", - ], - "management": Object { - "kibana": Array [ - "settings", - ], - }, - "savedObject": Object { - "all": Array [], - "read": Array [], - }, - "ui": Array [], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a enterprise license returns the dashboard feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "alerting": Object { - "all": Array [], - "read": Array [], - }, - "api": Array [ - "store_search_session", - ], - "app": Array [ - "dashboards", - "kibana", - ], - "catalogue": Array [ - "dashboard", - ], - "management": Object { - "kibana": Array [ - "search_sessions", - ], - }, - "savedObject": Object { - "all": Array [ - "dashboard", - "query", - "url", - "search-session", - ], - "read": Array [ - "index-pattern", - "search", - "visualization", - "timelion-sheet", - "canvas-workpad", - "lens", - "map", - "tag", - ], - }, - "ui": Array [ - "createNew", - "show", - "showWriteControls", - "saveQuery", - "createShortUrl", - "storeSearchSession", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "dashboards", - "kibana", - ], - "catalogue": Array [ - "dashboard", - ], - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - "search", - "visualization", - "timelion-sheet", - "canvas-workpad", - "lens", - "map", - "dashboard", - "query", - "tag", - ], - }, - "ui": Array [ - "show", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a enterprise license returns the dev_tools feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "api": Array [ - "console", - ], - "app": Array [ - "dev_tools", - "kibana", - ], - "catalogue": Array [ - "console", - "searchprofiler", - "grokdebugger", - ], - "savedObject": Object { - "all": Array [], - "read": Array [], - }, - "ui": Array [ - "show", - "save", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "api": Array [ - "console", - ], - "app": Array [ - "dev_tools", - "kibana", - ], - "catalogue": Array [ - "console", - "searchprofiler", - "grokdebugger", - ], - "savedObject": Object { - "all": Array [], - "read": Array [], - }, - "ui": Array [ - "show", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a enterprise license returns the discover feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "alerting": Object { - "all": Array [], - "read": Array [], - }, - "api": Array [ - "store_search_session", - ], - "app": Array [ - "discover", - "kibana", - ], - "catalogue": Array [ - "discover", - ], - "management": Object { - "kibana": Array [ - "search_sessions", - ], - }, - "savedObject": Object { - "all": Array [ - "search", - "query", - "index-pattern", - "url", - "search-session", - ], - "read": Array [], - }, - "ui": Array [ - "show", - "save", - "saveQuery", - "createShortUrl", - "storeSearchSession", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "discover", - "kibana", - ], - "catalogue": Array [ - "discover", - ], - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - "search", - "query", - ], - }, - "ui": Array [ - "show", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a enterprise license returns the indexPatterns feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "indexPatterns", - ], - "management": Object { - "kibana": Array [ - "indexPatterns", - ], - }, - "savedObject": Object { - "all": Array [ - "index-pattern", - ], - "read": Array [], - }, - "ui": Array [ - "save", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "indexPatterns", - ], - "management": Object { - "kibana": Array [ - "indexPatterns", - ], - }, - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - ], - }, - "ui": Array [], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a enterprise license returns the savedObjectsManagement feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "api": Array [ - "copySavedObjectsToSpaces", - ], - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "saved_objects", - ], - "management": Object { - "kibana": Array [ - "objects", - ], - }, - "savedObject": Object { - "all": Array [ - "foo", - "bar", - ], - "read": Array [], - }, - "ui": Array [ - "read", - "edit", - "delete", - "copyIntoSpace", - "shareIntoSpace", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "api": Array [ - "copySavedObjectsToSpaces", - ], - "app": Array [ - "kibana", - ], - "catalogue": Array [ - "saved_objects", - ], - "management": Object { - "kibana": Array [ - "objects", - ], - }, - "savedObject": Object { - "all": Array [], - "read": Array [ - "foo", - "bar", - ], - }, - "ui": Array [ - "read", - ], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a enterprise license returns the timelion feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "app": Array [ - "timelion", - "kibana", - ], - "catalogue": Array [ - "timelion", - ], - "savedObject": Object { - "all": Array [ - "timelion-sheet", - ], - "read": Array [ - "index-pattern", - ], - }, - "ui": Array [ - "save", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "timelion", - "kibana", - ], - "catalogue": Array [ - "timelion", - ], - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - "timelion-sheet", - ], - }, - "ui": Array [], - }, - "privilegeId": "read", - }, -] -`; - -exports[`buildOSSFeatures with a enterprise license returns the visualize feature augmented with appropriate sub feature privileges 1`] = ` -Array [ - Object { - "privilege": Object { - "alerting": Object { - "all": Array [], - "read": Array [], - }, - "api": Array [], - "app": Array [ - "visualize", - "lens", - "kibana", - ], - "catalogue": Array [ - "visualize", - ], - "management": Object {}, - "savedObject": Object { - "all": Array [ - "visualization", - "query", - "lens", - "url", - ], - "read": Array [ - "index-pattern", - "search", - "tag", - ], - }, - "ui": Array [ - "show", - "delete", - "save", - "saveQuery", - "createShortUrl", - ], - }, - "privilegeId": "all", - }, - Object { - "privilege": Object { - "app": Array [ - "visualize", - "lens", - "kibana", - ], - "catalogue": Array [ - "visualize", - ], - "savedObject": Object { - "all": Array [], - "read": Array [ - "index-pattern", - "search", - "visualization", - "query", - "lens", - "tag", - ], - }, - "ui": Array [ - "show", - ], - }, - "privilegeId": "read", - }, -] -`; diff --git a/x-pack/plugins/features/server/feature_privilege_iterator.js b/x-pack/plugins/features/server/feature_privilege_iterator.js deleted file mode 100644 index f813eeebc9550..0000000000000 --- a/x-pack/plugins/features/server/feature_privilege_iterator.js +++ /dev/null @@ -1,10 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -// the file created to remove TS cicular dependency between features and security pluin -// eslint-disable-next-line @kbn/eslint/no-restricted-paths -export { featurePrivilegeIterator } from '../../security/server/authorization'; diff --git a/x-pack/plugins/features/server/oss_features.test.ts b/x-pack/plugins/features/server/oss_features.test.ts index 86705cae6d5a6..123be506c2656 100644 --- a/x-pack/plugins/features/server/oss_features.test.ts +++ b/x-pack/plugins/features/server/oss_features.test.ts @@ -6,10 +6,6 @@ */ import { buildOSSFeatures } from './oss_features'; -// @ts-expect-error -import { featurePrivilegeIterator } from './feature_privilege_iterator'; -import { KibanaFeature } from '.'; -import { LicenseType } from '../../licensing/server'; describe('buildOSSFeatures', () => { it('returns features including timelion', () => { @@ -72,29 +68,4 @@ Array [ }).map(({ id, subFeatures }) => ({ id, subFeatures })) ).toMatchSnapshot(); }); - - const features = buildOSSFeatures({ - savedObjectTypes: ['foo', 'bar'], - includeTimelion: true, - includeReporting: false, - }); - features.forEach((featureConfig) => { - (['enterprise', 'basic'] as LicenseType[]).forEach((licenseType) => { - describe(`with a ${licenseType} license`, () => { - it(`returns the ${featureConfig.id} feature augmented with appropriate sub feature privileges`, () => { - const privileges = []; - for (const featurePrivilege of featurePrivilegeIterator( - new KibanaFeature(featureConfig), - { - augmentWithSubFeaturePrivileges: true, - licenseType, - } - )) { - privileges.push(featurePrivilege); - } - expect(privileges).toMatchSnapshot(); - }); - }); - }); - }); }); diff --git a/x-pack/plugins/security/server/authorization/__snapshots__/oss_features.test.ts.snap b/x-pack/plugins/security/server/authorization/__snapshots__/oss_features.test.ts.snap new file mode 100644 index 0000000000000..6713e43de38b9 --- /dev/null +++ b/x-pack/plugins/security/server/authorization/__snapshots__/oss_features.test.ts.snap @@ -0,0 +1,997 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`OSS Features with a basic license returns the advancedSettings feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "advanced_settings", + ], + "management": Object { + "kibana": Array [ + "settings", + ], + }, + "savedObject": Object { + "all": Array [ + "config", + ], + "read": Array [], + }, + "ui": Array [ + "save", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "advanced_settings", + ], + "management": Object { + "kibana": Array [ + "settings", + ], + }, + "savedObject": Object { + "all": Array [], + "read": Array [], + }, + "ui": Array [], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a basic license returns the dashboard feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "alerting": Object { + "all": Array [], + "read": Array [], + }, + "api": Array [ + "store_search_session", + ], + "app": Array [ + "dashboards", + "kibana", + ], + "catalogue": Array [ + "dashboard", + ], + "management": Object { + "kibana": Array [ + "search_sessions", + ], + }, + "savedObject": Object { + "all": Array [ + "dashboard", + "query", + "url", + "search-session", + ], + "read": Array [ + "index-pattern", + "search", + "visualization", + "timelion-sheet", + "canvas-workpad", + "lens", + "map", + "tag", + ], + }, + "ui": Array [ + "createNew", + "show", + "showWriteControls", + "saveQuery", + "createShortUrl", + "storeSearchSession", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "dashboards", + "kibana", + ], + "catalogue": Array [ + "dashboard", + ], + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + "search", + "visualization", + "timelion-sheet", + "canvas-workpad", + "lens", + "map", + "dashboard", + "query", + "tag", + ], + }, + "ui": Array [ + "show", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a basic license returns the dev_tools feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "api": Array [ + "console", + ], + "app": Array [ + "dev_tools", + "kibana", + ], + "catalogue": Array [ + "console", + "searchprofiler", + "grokdebugger", + ], + "savedObject": Object { + "all": Array [], + "read": Array [], + }, + "ui": Array [ + "show", + "save", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "api": Array [ + "console", + ], + "app": Array [ + "dev_tools", + "kibana", + ], + "catalogue": Array [ + "console", + "searchprofiler", + "grokdebugger", + ], + "savedObject": Object { + "all": Array [], + "read": Array [], + }, + "ui": Array [ + "show", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a basic license returns the discover feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "alerting": Object { + "all": Array [], + "read": Array [], + }, + "api": Array [ + "store_search_session", + ], + "app": Array [ + "discover", + "kibana", + ], + "catalogue": Array [ + "discover", + ], + "management": Object { + "kibana": Array [ + "search_sessions", + ], + }, + "savedObject": Object { + "all": Array [ + "search", + "query", + "index-pattern", + "url", + "search-session", + ], + "read": Array [], + }, + "ui": Array [ + "show", + "save", + "saveQuery", + "createShortUrl", + "storeSearchSession", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "discover", + "kibana", + ], + "catalogue": Array [ + "discover", + ], + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + "search", + "query", + ], + }, + "ui": Array [ + "show", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a basic license returns the indexPatterns feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "indexPatterns", + ], + "management": Object { + "kibana": Array [ + "indexPatterns", + ], + }, + "savedObject": Object { + "all": Array [ + "index-pattern", + ], + "read": Array [], + }, + "ui": Array [ + "save", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "indexPatterns", + ], + "management": Object { + "kibana": Array [ + "indexPatterns", + ], + }, + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + ], + }, + "ui": Array [], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a basic license returns the savedObjectsManagement feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "api": Array [ + "copySavedObjectsToSpaces", + ], + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "saved_objects", + ], + "management": Object { + "kibana": Array [ + "objects", + ], + }, + "savedObject": Object { + "all": Array [ + "foo", + "bar", + ], + "read": Array [], + }, + "ui": Array [ + "read", + "edit", + "delete", + "copyIntoSpace", + "shareIntoSpace", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "api": Array [ + "copySavedObjectsToSpaces", + ], + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "saved_objects", + ], + "management": Object { + "kibana": Array [ + "objects", + ], + }, + "savedObject": Object { + "all": Array [], + "read": Array [ + "foo", + "bar", + ], + }, + "ui": Array [ + "read", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a basic license returns the timelion feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "app": Array [ + "timelion", + "kibana", + ], + "catalogue": Array [ + "timelion", + ], + "savedObject": Object { + "all": Array [ + "timelion-sheet", + ], + "read": Array [ + "index-pattern", + ], + }, + "ui": Array [ + "save", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "timelion", + "kibana", + ], + "catalogue": Array [ + "timelion", + ], + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + "timelion-sheet", + ], + }, + "ui": Array [], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a basic license returns the visualize feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "alerting": Object { + "all": Array [], + "read": Array [], + }, + "api": Array [], + "app": Array [ + "visualize", + "lens", + "kibana", + ], + "catalogue": Array [ + "visualize", + ], + "management": Object {}, + "savedObject": Object { + "all": Array [ + "visualization", + "query", + "lens", + "url", + ], + "read": Array [ + "index-pattern", + "search", + "tag", + ], + }, + "ui": Array [ + "show", + "delete", + "save", + "saveQuery", + "createShortUrl", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "visualize", + "lens", + "kibana", + ], + "catalogue": Array [ + "visualize", + ], + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + "search", + "visualization", + "query", + "lens", + "tag", + ], + }, + "ui": Array [ + "show", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a enterprise license returns the advancedSettings feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "advanced_settings", + ], + "management": Object { + "kibana": Array [ + "settings", + ], + }, + "savedObject": Object { + "all": Array [ + "config", + ], + "read": Array [], + }, + "ui": Array [ + "save", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "advanced_settings", + ], + "management": Object { + "kibana": Array [ + "settings", + ], + }, + "savedObject": Object { + "all": Array [], + "read": Array [], + }, + "ui": Array [], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a enterprise license returns the dashboard feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "alerting": Object { + "all": Array [], + "read": Array [], + }, + "api": Array [ + "store_search_session", + ], + "app": Array [ + "dashboards", + "kibana", + ], + "catalogue": Array [ + "dashboard", + ], + "management": Object { + "kibana": Array [ + "search_sessions", + ], + }, + "savedObject": Object { + "all": Array [ + "dashboard", + "query", + "url", + "search-session", + ], + "read": Array [ + "index-pattern", + "search", + "visualization", + "timelion-sheet", + "canvas-workpad", + "lens", + "map", + "tag", + ], + }, + "ui": Array [ + "createNew", + "show", + "showWriteControls", + "saveQuery", + "createShortUrl", + "storeSearchSession", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "dashboards", + "kibana", + ], + "catalogue": Array [ + "dashboard", + ], + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + "search", + "visualization", + "timelion-sheet", + "canvas-workpad", + "lens", + "map", + "dashboard", + "query", + "tag", + ], + }, + "ui": Array [ + "show", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a enterprise license returns the dev_tools feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "api": Array [ + "console", + ], + "app": Array [ + "dev_tools", + "kibana", + ], + "catalogue": Array [ + "console", + "searchprofiler", + "grokdebugger", + ], + "savedObject": Object { + "all": Array [], + "read": Array [], + }, + "ui": Array [ + "show", + "save", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "api": Array [ + "console", + ], + "app": Array [ + "dev_tools", + "kibana", + ], + "catalogue": Array [ + "console", + "searchprofiler", + "grokdebugger", + ], + "savedObject": Object { + "all": Array [], + "read": Array [], + }, + "ui": Array [ + "show", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a enterprise license returns the discover feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "alerting": Object { + "all": Array [], + "read": Array [], + }, + "api": Array [ + "store_search_session", + ], + "app": Array [ + "discover", + "kibana", + ], + "catalogue": Array [ + "discover", + ], + "management": Object { + "kibana": Array [ + "search_sessions", + ], + }, + "savedObject": Object { + "all": Array [ + "search", + "query", + "index-pattern", + "url", + "search-session", + ], + "read": Array [], + }, + "ui": Array [ + "show", + "save", + "saveQuery", + "createShortUrl", + "storeSearchSession", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "discover", + "kibana", + ], + "catalogue": Array [ + "discover", + ], + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + "search", + "query", + ], + }, + "ui": Array [ + "show", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a enterprise license returns the indexPatterns feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "indexPatterns", + ], + "management": Object { + "kibana": Array [ + "indexPatterns", + ], + }, + "savedObject": Object { + "all": Array [ + "index-pattern", + ], + "read": Array [], + }, + "ui": Array [ + "save", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "indexPatterns", + ], + "management": Object { + "kibana": Array [ + "indexPatterns", + ], + }, + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + ], + }, + "ui": Array [], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a enterprise license returns the savedObjectsManagement feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "api": Array [ + "copySavedObjectsToSpaces", + ], + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "saved_objects", + ], + "management": Object { + "kibana": Array [ + "objects", + ], + }, + "savedObject": Object { + "all": Array [ + "foo", + "bar", + ], + "read": Array [], + }, + "ui": Array [ + "read", + "edit", + "delete", + "copyIntoSpace", + "shareIntoSpace", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "api": Array [ + "copySavedObjectsToSpaces", + ], + "app": Array [ + "kibana", + ], + "catalogue": Array [ + "saved_objects", + ], + "management": Object { + "kibana": Array [ + "objects", + ], + }, + "savedObject": Object { + "all": Array [], + "read": Array [ + "foo", + "bar", + ], + }, + "ui": Array [ + "read", + ], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a enterprise license returns the timelion feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "app": Array [ + "timelion", + "kibana", + ], + "catalogue": Array [ + "timelion", + ], + "savedObject": Object { + "all": Array [ + "timelion-sheet", + ], + "read": Array [ + "index-pattern", + ], + }, + "ui": Array [ + "save", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "timelion", + "kibana", + ], + "catalogue": Array [ + "timelion", + ], + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + "timelion-sheet", + ], + }, + "ui": Array [], + }, + "privilegeId": "read", + }, +] +`; + +exports[`OSS Features with a enterprise license returns the visualize feature augmented with appropriate sub feature privileges 1`] = ` +Array [ + Object { + "privilege": Object { + "alerting": Object { + "all": Array [], + "read": Array [], + }, + "api": Array [], + "app": Array [ + "visualize", + "lens", + "kibana", + ], + "catalogue": Array [ + "visualize", + ], + "management": Object {}, + "savedObject": Object { + "all": Array [ + "visualization", + "query", + "lens", + "url", + ], + "read": Array [ + "index-pattern", + "search", + "tag", + ], + }, + "ui": Array [ + "show", + "delete", + "save", + "saveQuery", + "createShortUrl", + ], + }, + "privilegeId": "all", + }, + Object { + "privilege": Object { + "app": Array [ + "visualize", + "lens", + "kibana", + ], + "catalogue": Array [ + "visualize", + ], + "savedObject": Object { + "all": Array [], + "read": Array [ + "index-pattern", + "search", + "visualization", + "query", + "lens", + "tag", + ], + }, + "ui": Array [ + "show", + ], + }, + "privilegeId": "read", + }, +] +`; diff --git a/x-pack/plugins/security/server/authorization/oss_features.test.ts b/x-pack/plugins/security/server/authorization/oss_features.test.ts new file mode 100644 index 0000000000000..9d6af351bae13 --- /dev/null +++ b/x-pack/plugins/security/server/authorization/oss_features.test.ts @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { KibanaFeature } from '../../../features/server'; +import { buildOSSFeatures } from '../../../features/server/oss_features'; +import type { LicenseType } from '../../../licensing/server'; +import { featurePrivilegeIterator } from './privileges'; + +describe('OSS Features', () => { + const features = buildOSSFeatures({ + savedObjectTypes: ['foo', 'bar'], + includeTimelion: true, + includeReporting: false, + }); + features.forEach((featureConfig) => { + (['enterprise', 'basic'] as LicenseType[]).forEach((licenseType) => { + describe(`with a ${licenseType} license`, () => { + it(`returns the ${featureConfig.id} feature augmented with appropriate sub feature privileges`, () => { + const privileges = []; + for (const featurePrivilege of featurePrivilegeIterator( + new KibanaFeature(featureConfig), + { + augmentWithSubFeaturePrivileges: true, + licenseType, + } + )) { + privileges.push(featurePrivilege); + } + expect(privileges).toMatchSnapshot(); + }); + }); + }); + }); +});