Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adjust feature visibility based on Space solution #183639

Open
legrego opened this issue May 16, 2024 · 1 comment
Open

Adjust feature visibility based on Space solution #183639

legrego opened this issue May 16, 2024 · 1 comment
Labels
blocked enhancement New value added to drive a business result Feature:Security/Spaces Platform Security - Spaces feature Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@legrego
Copy link
Member

legrego commented May 16, 2024
edited

Blocked on:

Kibana should adjust the set of visible features within a space based on its configured solution.
This logic is only applicable for the stateful offering. Serverless projects do not respond to a space solution.

Requirements[solution=undefined | 'classic']

  • No changes to behavior. Kibana should hide the disabledFeatures within the space.

Requirements[solution='security' | 'observability' | 'search']

  • Kibana should hide all features which are not associated with this solution.
  • Kibana should hide the disabledFeatures within the space. This is additive, in that it allows the space to have a subset of features available within the solution.

Notes

  • The spaces plugin hides features using a "Capabilities Switcher":

    kibana/x-pack/plugins/spaces/server/capabilities/capabilities_switcher.ts

    Line 59 in 5e95a76

    function toggleDisabledFeatures(
  • The spaces plugin also prevents direct access to applications via its on_post_auth_interceptor:

    kibana/x-pack/plugins/spaces/server/lib/request_interceptors/on_post_auth_interceptor.ts

    Lines 111 to 129 in 5e95a76

    if (appId !== 'kibana' && space && space.disabledFeatures.length > 0) {
    log.debug(`Verifying application is available: "${appId}"`);
    const allFeatures = features.getKibanaFeatures();
    const isRegisteredApp = allFeatures.some((feature) => feature.app.includes(appId));
    if (isRegisteredApp) {
    const enabledFeatures = allFeatures.filter(
    (feature) => !space.disabledFeatures.includes(feature.id)
    );
    const isAvailableInSpace = enabledFeatures.some((feature) => feature.app.includes(appId));
    if (!isAvailableInSpace) {
    log.debug(`App ${appId} is not enabled within space "${spaceId}".`);
    return response.notFound();
    }
    }
    }
  • Functional tests for UI capabilities are located in x-pack/test/ui_capabilities
@legrego legrego added blocked Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! enhancement New value added to drive a business result Feature:Security/Spaces Platform Security - Spaces feature labels May 16, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
blocked enhancement New value added to drive a business result Feature:Security/Spaces Platform Security - Spaces feature Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@legrego @elasticmachine