-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Fleet] Add fleet subfeatures #178006
[Fleet] Add fleet subfeatures #178006
Conversation
🤖 GitHub commentsExpand to view the GitHub comments
Just comment with:
|
Yeah, looks like a bug indeed, I'll dig into this tomorrow. |
Presumably something like this should fix the bug, but I'd like to take a closer look tomorrow before proposing/working-on the solution: diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table_expanded_row.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table_expanded_row.tsx
index abc33abcb86..42090f8c6c0 100644
--- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table_expanded_row.tsx
+++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table_expanded_row.tsx
@@ -63,7 +63,8 @@ export const FeatureTableExpandedRow = ({
privilegeCalculator.updateSelectedFeaturePrivilegesForCustomization(
feature.id,
privilegeIndex,
- e.target.checked
+ e.target.checked,
+ allSpacesSelected
)
);
setIsCustomizing(e.target.checked);
diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/privilege_form_calculator/privilege_form_calculator.ts b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/privilege_form_calculator/privilege_form_calculator.ts
index d6afdaf6efa..14493fcd561 100644
--- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/privilege_form_calculator/privilege_form_calculator.ts
+++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/privilege_form_calculator/privilege_form_calculator.ts
@@ -185,13 +185,19 @@ export class PrivilegeFormCalculator {
* @param featureId the feature id
* @param privilegeIndex the index of the kibana privileges role component
* @param willBeCustomizing flag indicating if this feature is about to have its sub-feature privileges customized or not
+ * @param allSpacesSelected indicates if the privilege form is configured to grant access to all spaces.
*/
public updateSelectedFeaturePrivilegesForCustomization(
featureId: string,
privilegeIndex: number,
- willBeCustomizing: boolean
+ willBeCustomizing: boolean,
+ allSpacesSelected: boolean
) {
- const primary = this.getDisplayedPrimaryFeaturePrivilege(featureId, privilegeIndex);
+ const primary = this.getDisplayedPrimaryFeaturePrivilege(
+ featureId,
+ privilegeIndex,
+ allSpacesSelected
+ );
const selectedFeaturePrivileges = this.getSelectedFeaturePrivileges(featureId, privilegeIndex);
if (!primary) { |
/ci |
Pinging @elastic/fleet (Team:Fleet) |
@elasticmachine merge upstream |
In the issue it seems we want to exclude |
Looks it does not seems possible to not have |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, probably we should confirm with Nima, what should be the behaviour if Settings:None is selected.
@elasticmachine merge upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, thanks for setting up the feature flag and getting started here 👍
💚 Build Succeeded
Metrics [docs]Page load bundle
History
To update your PR or re-run it, just comment with: cc @nchaulet |
… `all spaces` requirement (#178239) ## Summary Allow customizing sub-feature privileges with `all spaces` requirement. See #178006 (comment) for more details about what was broken. ## To do - [x] Fix bug and update existing tests - [x] Add more tests with `all spaces` requirement __Reported in:__ #178006 (comment) ## How to test Add the following to your `kibana.dev.yml` and try to customize sub-feature privileges of the `Fleet` feature ```yaml xpack.fleet.enableExperimental: ['subfeaturePrivileges'] ``` Before this PR, the `Customize sub-feature privileges` switch didn't work. Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
… `all spaces` requirement (elastic#178239) ## Summary Allow customizing sub-feature privileges with `all spaces` requirement. See elastic#178006 (comment) for more details about what was broken. ## To do - [x] Fix bug and update existing tests - [x] Add more tests with `all spaces` requirement __Reported in:__ elastic#178006 (comment) ## How to test Add the following to your `kibana.dev.yml` and try to customize sub-feature privileges of the `Fleet` feature ```yaml xpack.fleet.enableExperimental: ['subfeaturePrivileges'] ``` Before this PR, the `Customize sub-feature privileges` switch didn't work. Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit acc94b3)
…es with `all spaces` requirement (#178239) (#178644) # Backport This will backport the following commits from `main` to `8.13`: - [fix(platform-security): allow customizing sub-feature privileges with `all spaces` requirement (#178239)](#178239) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Aleh Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2024-03-13T15:29:54Z","message":"fix(platform-security): allow customizing sub-feature privileges with `all spaces` requirement (#178239)\n\n## Summary\r\n\r\nAllow customizing sub-feature privileges with `all spaces` requirement.\r\nSee #178006 (comment) for\r\nmore details about what was broken.\r\n\r\n## To do\r\n\r\n- [x] Fix bug and update existing tests\r\n- [x] Add more tests with `all spaces` requirement\r\n\r\n__Reported in:__\r\nhttps://github.com//pull/178006#issue-2169314164\r\n\r\n## How to test\r\n\r\nAdd the following to your `kibana.dev.yml` and try to customize\r\nsub-feature privileges of the `Fleet` feature\r\n\r\n```yaml\r\nxpack.fleet.enableExperimental: ['subfeaturePrivileges']\r\n```\r\n\r\nBefore this PR, the `Customize sub-feature privileges` switch didn't\r\nwork.\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>","sha":"acc94b3b512c7ba9d9c3223c941154ba416cc5a2","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","Team:Security","Feature:Users/Roles/API Keys","release_note:skip","backport:all-open","v8.14.0"],"title":"fix(platform-security): allow customizing sub-feature privileges with `all spaces` requirement","number":178239,"url":"https://github.com/elastic/kibana/pull/178239","mergeCommit":{"message":"fix(platform-security): allow customizing sub-feature privileges with `all spaces` requirement (#178239)\n\n## Summary\r\n\r\nAllow customizing sub-feature privileges with `all spaces` requirement.\r\nSee #178006 (comment) for\r\nmore details about what was broken.\r\n\r\n## To do\r\n\r\n- [x] Fix bug and update existing tests\r\n- [x] Add more tests with `all spaces` requirement\r\n\r\n__Reported in:__\r\nhttps://github.com//pull/178006#issue-2169314164\r\n\r\n## How to test\r\n\r\nAdd the following to your `kibana.dev.yml` and try to customize\r\nsub-feature privileges of the `Fleet` feature\r\n\r\n```yaml\r\nxpack.fleet.enableExperimental: ['subfeaturePrivileges']\r\n```\r\n\r\nBefore this PR, the `Customize sub-feature privileges` switch didn't\r\nwork.\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>","sha":"acc94b3b512c7ba9d9c3223c941154ba416cc5a2"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/178239","number":178239,"mergeCommit":{"message":"fix(platform-security): allow customizing sub-feature privileges with `all spaces` requirement (#178239)\n\n## Summary\r\n\r\nAllow customizing sub-feature privileges with `all spaces` requirement.\r\nSee #178006 (comment) for\r\nmore details about what was broken.\r\n\r\n## To do\r\n\r\n- [x] Fix bug and update existing tests\r\n- [x] Add more tests with `all spaces` requirement\r\n\r\n__Reported in:__\r\nhttps://github.com//pull/178006#issue-2169314164\r\n\r\n## How to test\r\n\r\nAdd the following to your `kibana.dev.yml` and try to customize\r\nsub-feature privileges of the `Fleet` feature\r\n\r\n```yaml\r\nxpack.fleet.enableExperimental: ['subfeaturePrivileges']\r\n```\r\n\r\nBefore this PR, the `Customize sub-feature privileges` switch didn't\r\nwork.\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>","sha":"acc94b3b512c7ba9d9c3223c941154ba416cc5a2"}}]}] BACKPORT--> Co-authored-by: Aleh Zasypkin <aleh.zasypkin@elastic.co>
Summary
Resolve https://github.com/elastic/ingest-dev/issues/2892
Introduce this under a fleet feature flag
subfeaturePrivileges
, so this will have no impact for users.The privileges UI is currently broken but will be fixed by #178239
@elastic/kibana-security it seems there is a bug nothing happened when I click on customize sub-features.
If I remove
requireAllSpaces: true
from the top privilieges it seems to work, but currently fleet require all spaces.How to test
Add the following to your
kibana.dev.yml