Skip to content

Commit

Permalink
[Fleet] Add fleet subfeatures (#178006)
Browse files Browse the repository at this point in the history
  • Loading branch information
@nchaulet
nchaulet authored Mar 11, 2024
1 parent 20a9bf7 commit f034f86
Show file tree
Hide file tree
Showing 2 changed files with 111 additions and 1 deletion.
1 change: 1 addition & 0 deletions x-pack/plugins/fleet/common/experimental_features.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ export const allowedExperimentalValues = Object.freeze<Record<string, boolean>>(
remoteESOutput: true,
agentless: false,
enableStrictKQLValidation: false,
subfeaturePrivileges: false,
});

type ExperimentalConfigKeys = Array<keyof ExperimentalFeatures>;
Expand Down
111 changes: 110 additions & 1 deletion x-pack/plugins/fleet/server/plugin.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,6 +289,7 @@ export class FleetPlugin
registerSavedObjects(core.savedObjects);
registerEncryptedSavedObjects(deps.encryptedSavedObjects);

const experimentalFeatures = parseExperimentalConfigValue(config.enableExperimental ?? []);
// Register feature
if (deps.features) {
deps.features.registerKibanaFeature({
Expand Down Expand Up @@ -318,6 +319,115 @@ export class FleetPlugin
},
],
},
subFeatures: experimentalFeatures.subfeaturePrivileges
? [
{
name: 'Agents',
requireAllSpaces: true,
privilegeGroups: [
{
groupType: 'mutually_exclusive',
privileges: [
{
id: `${PLUGIN_ID}-agents-all`,
api: [`${PLUGIN_ID}-agents-read`, `${PLUGIN_ID}-agents-all`],
name: 'All',
ui: ['read', 'all'],
savedObject: {
all: [],
read: allSavedObjectTypes,
},
includeIn: 'all',
},
{
id: `${PLUGIN_ID}-agents-read`,
api: [`${PLUGIN_ID}-agents-read`],
name: 'Read',
ui: ['read'],
savedObject: {
all: [],
read: allSavedObjectTypes,
},
includeIn: 'read',
alerting: {},
},
],
},
],
},
{
name: 'Agent policies',
requireAllSpaces: true,
privilegeGroups: [
{
groupType: 'mutually_exclusive',
privileges: [
{
id: `${PLUGIN_ID}-agent-policies-all`,
api: [
`${PLUGIN_ID}-agent-policies-read`,
`${PLUGIN_ID}-agent-policies-all`,
],
name: 'All',
ui: ['read', 'all'],
savedObject: {
all: [],
read: allSavedObjectTypes,
},
includeIn: 'all',
},
{
id: `${PLUGIN_ID}-agent-policies-read`,
api: [`${PLUGIN_ID}-agent-policies-read`],
name: 'Read',
ui: ['read'],
savedObject: {
all: [],
read: allSavedObjectTypes,
},
includeIn: 'read',
alerting: {},
},
],
},
],
},
{
name: 'Settings',
requireAllSpaces: true,
privilegeGroups: [
{
groupType: 'mutually_exclusive',
privileges: [
{
id: `${PLUGIN_ID}-settings-all`,
api: [`${PLUGIN_ID}-settings-read`, `${PLUGIN_ID}-settings-all`],
name: 'All',
ui: ['read', 'all'],
savedObject: {
all: [],
read: allSavedObjectTypes,
},
includeIn: 'all',
},
{
id: `${PLUGIN_ID}-settings-read`,
api: [`${PLUGIN_ID}-settings-read`],
name: 'Read',
ui: ['read'],
savedObject: {
all: [],
read: allSavedObjectTypes,
},
includeIn: 'read',
alerting: {},
},
],
},
],
},
]
: [],
privileges: {
all: {
api: [`${PLUGIN_ID}-read`, `${PLUGIN_ID}-all`],
Expand All @@ -340,7 +450,6 @@ export class FleetPlugin
read: allSavedObjectTypes,
},
ui: ['read'],
disabled: true,
},
},
});
Expand Down

0 comments on commit f034f86

Please sign in to comment.