Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fleet] Implement UX improvements for granular Fleet privileges #183532

Closed
3 of 5 tasks
kpollich opened this issue May 15, 2024 · 6 comments · Fixed by #184166
Closed
3 of 5 tasks

[Fleet] Implement UX improvements for granular Fleet privileges #183532

kpollich opened this issue May 15, 2024 · 6 comments · Fixed by #184166
Assignees
@nchaulet
Labels
Team:Elastic-Agent-Control-Plane Team:Fleet Team label for Observability Data Collection Fleet team

Comments

@kpollich
Copy link
Member

kpollich commented May 15, 2024
edited by nchaulet

The UX team has provided some improvements around discoverability and usage of Fleet's new granular permissions model.

See Figma.
Reach out to @simosilvestri for implementation support.

Implementation

Fleet landing page

  • Add a new dismissible Callout banner at the top of the page, along with a link to the documentation.
  • The Callout banner should only be displayed to admin accounts.
  • If a customer dismisses the Callout banner, it should not be shown again.

image

Fleet - (Apply to Agents, Agent policis and Settings tab)

  • Implement a read-only state to help customers understand their Fleet privileges access status. This feature is only applicable to regular accounts. Show the tooltip on hover.
  • Additionally, disable the actions that regular accounts cannot perform. Show the tooltip on hover.

image

image
@botelastic botelastic bot added the needs-team Issues missing a team label label May 15, 2024
@kpollich kpollich added the Team:Fleet Team label for Observability Data Collection Fleet team label May 15, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

@botelastic botelastic bot removed the needs-team Issues missing a team label label May 15, 2024
@nchaulet
Copy link
Member

The Callout banner should only be displayed to admin accounts

@simosilvestri What do we mean by admin accounts? someone with kibana_admin role? superuser role? ?Fleet.All` privileges ?

@jen-huang
Copy link
Contributor

The Callout banner should only be displayed to admin accounts

@simosilvestri What do we mean by admin accounts? someone with kibana_admin role? superuser role? ?Fleet.All` privileges ?

IMO it means fleet.all privileges because that was the only account option prior to the work for granular privileges.

Btw this message shouldn't be shown if hideAnnouncements from uiSettings is enabled. Similar to what was done in #183102

@simosilvestri
Copy link

Hi @nchaulet, sorry, maybe calling it "Admin" is confusing. I meant whoever has the permission to change these privileges?

@kpollich kpollich mentioned this issue May 20, 2024
Closed
@nchaulet
Copy link
Member

nchaulet commented May 22, 2024
edited

@simosilvestri for the read-only icon it's possible the user do not have access to the agent tab and (with readonly access to agent policies for example) and the policies tab looks like this, where the icon should be shown in that case? will it be better to have that read-only in the header maybe?

Screenshot 2024-05-22 at 9 22 08 AM

Same for the settings tab

Screenshot 2024-05-22 at 11 21 07 AM

@nchaulet nchaulet mentioned this issue May 22, 2024
Merged
1 task
@simosilvestri
Copy link

@nchaulet - New criteria:
Move the [Read only label and icon] to the top right corner of the main header.

Screenshot 2024-05-23 at 16 33 03

@nchaulet nchaulet mentioned this issue May 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nchaulet nchaulet

Labels
Team:Elastic-Agent-Control-Plane Team:Fleet Team label for Observability Data Collection Fleet team
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Fleet] Add Readonly tooltip when user do not have all privileges nchaulet/kibana
6 participants
@ycombinator @nchaulet @jen-huang @kpollich @elasticmachine @simosilvestri