Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Spaces] - Space aware privileges UI #21049

Merged
merged 100 commits into from
Aug 27, 2018
Merged
Show file tree
Hide file tree
Changes from 75 commits
Commits
Show all changes
100 commits
Select commit Hold shift + click to select a range
f208d3c
Crude and incomplete impl of Space-Aware Saved Objects Client
legrego May 7, 2018
7538bf3
Code review updates
legrego May 8, 2018
bb3e511
Missed one - move extraBodyProperties to the top
legrego May 8, 2018
0e2e4e8
Remove documentFilter from bulkGet
legrego May 9, 2018
a6287cc
Merge branch 'spaces-phase-1' into space-aware-saved-objects
legrego May 21, 2018
7db0a4a
Make config document id independent of Kibana version
legrego May 21, 2018
de0adb6
partial impl
legrego Jun 18, 2018
192d9c2
Merge branch 'spaces-phase-1' into space-aware-saved-objects
legrego Jun 18, 2018
1c4afd8
Merge branch 'spaces-phase-1' into space-aware-saved-objects
legrego Jun 20, 2018
d573457
cleanup and fixes following initial rbac phase 1 merge
legrego Jun 20, 2018
d99cec7
remove unused/migrated files
legrego Jun 20, 2018
7e2d1e3
remove unused code
legrego Jun 20, 2018
862752b
Merge branch 'spaces-phase-1' into space-aware-saved-objects
legrego Jun 20, 2018
a63128c
partial updates for space aware saved objects and tests
legrego Jun 22, 2018
858eff0
working get & find functional tests
legrego Jun 22, 2018
1b95aa0
added bulk_get tests
legrego Jun 22, 2018
fc663d9
refactor query params into dedicated module
legrego Jun 25, 2018
fc61594
additional tests and bugfixes for space aware saved objects
legrego Jun 25, 2018
776da8a
revert changes to ui settings service
legrego Jun 25, 2018
d2545d4
additional tests for space-aware saved objects
legrego Jun 25, 2018
1fd7699
Fix navigating to the default space
legrego Jun 25, 2018
9469742
additional unit tests
legrego Jun 25, 2018
e24578f
Create default space on startup, *after* ES has gone green
legrego Jun 25, 2018
5fe4bfd
support & testing for bulk_create for space-enabled installations
legrego Jun 26, 2018
c6e8925
cleanup and docs
legrego Jun 26, 2018
1bc36c7
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Jun 26, 2018
0544eb3
Merge branch 'space-aware-saved-objects' into space-aware-privileges
legrego Jun 26, 2018
b878051
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Jun 26, 2018
f4a19ab
undo formatting changes
legrego Jun 27, 2018
46e7c71
update for rxjs6 compat
legrego Jun 27, 2018
3220623
experimental WIP for space change callbacks
legrego Jun 27, 2018
392c7ea
start to refactor kibana privileges form
legrego Jun 28, 2018
dee335b
only allow filters to be passed to getQueryParams
legrego Jun 29, 2018
452de10
don't add space id when updating within the default space
legrego Jun 29, 2018
6bf3515
renaming files
legrego Jun 29, 2018
8cb871a
additional SOC and repository tests
legrego Jul 5, 2018
53bb020
remove default context from utility functions
legrego Jul 5, 2018
90892ca
rename spacesSavedObjectsClientWrapper => spacesSavedObjectsClientWra…
legrego Jul 5, 2018
4181c9e
don't mutate passed options for SOC create method
legrego Jul 5, 2018
a35d15f
allow options to be passed for get and bulkGet
legrego Jul 5, 2018
093dd47
additional review updates
legrego Jul 5, 2018
6e1c4c4
Merge branch 'spaces-phase-1' into space-aware-saved-objects
legrego Jul 5, 2018
2195ee0
consolidate init logic
legrego Jul 5, 2018
48c5f23
Add error handling when switching spaces
legrego Jul 6, 2018
3a832e9
rename single character variables
legrego Jul 6, 2018
71f0634
Merge branch 'spaces-phase-1' into space-aware-saved-objects
legrego Jul 9, 2018
ca0b4d0
Merge branch 'space-aware-saved-objects' into space-aware-privileges
legrego Jul 9, 2018
a4c1ddb
additional WIP changes
legrego Jul 9, 2018
00bd94c
fix merge
legrego Jul 16, 2018
415fa09
Merge branch 'spaces-phase-1' into space-aware-saved-objects
legrego Jul 16, 2018
8d48c80
Merge branch 'spaces-phase-1' into space-aware-saved-objects
legrego Jul 19, 2018
edd1089
update role screen to use new public roles api
legrego Jul 20, 2018
1a65ca9
Merge branch 'spaces-phase-1' into update-roles-screen-spaces
legrego Jul 20, 2018
95ef05c
update spaces and role management to conform to new user management s…
legrego Jul 20, 2018
2461a12
Merge branch 'space-aware-saved-objects' into space-aware-privileges
legrego Jul 20, 2018
79ca48e
Merge branch 'update-roles-screen-spaces' into space-aware-privileges
legrego Jul 20, 2018
aaa3ebf
space aware privileges using public roles api
legrego Jul 20, 2018
ca4883f
reorganize ES privilege components
legrego Jul 20, 2018
841f9a8
improve prop naming
legrego Jul 20, 2018
4e96943
additional tests
legrego Jul 20, 2018
f2e39c1
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Jul 20, 2018
1527858
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Jul 23, 2018
b9ed305
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Jul 26, 2018
0ce04ef
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Jul 27, 2018
5d462e0
improve styling of space selector control
legrego Jul 27, 2018
46d1d22
fix spacing around privilege forms
legrego Jul 27, 2018
08d9096
cleanup and additional testing
legrego Jul 30, 2018
112d992
Design edits (#8)
cchaos Jul 31, 2018
9d0b173
fix tests following design edits
legrego Jul 31, 2018
372e206
Delete index.css
legrego Aug 1, 2018
b8f4269
show impacted spaces when base privilege is set to all
legrego Aug 15, 2018
42ba27f
Merge branch 'space-aware-privileges' of github.com:legrego/kibana in…
legrego Aug 15, 2018
ab43322
fix action column
legrego Aug 15, 2018
71d5119
show impacted spaces regardless of the minimum permission
legrego Aug 15, 2018
51d83a4
adjust sizing and alignment; bugfix for flyout privileges
legrego Aug 15, 2018
5297bc3
adjust alignment and responsiveness of flex group
legrego Aug 15, 2018
b4cbc26
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Aug 15, 2018
a22a638
fix react warning
legrego Aug 15, 2018
482c1e9
show empty index form when role does not include any index privileges
legrego Aug 15, 2018
ce635ee
change ES cluster privileges to use a combobox instead of a checkbox …
legrego Aug 15, 2018
c325845
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Aug 16, 2018
c9f5824
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Aug 17, 2018
99376f8
update role management page to use new role api
legrego Aug 17, 2018
8780832
move shared components
legrego Aug 17, 2018
d00c5e5
cleanup
legrego Aug 17, 2018
dd28bd7
use common 'manage spaces' button
legrego Aug 17, 2018
344cceb
fix broken import reference
legrego Aug 17, 2018
3beaeb8
update security tests to work with updated role management form
legrego Aug 20, 2018
ade287d
fix snapshot tests
legrego Aug 21, 2018
febbdf5
remove kibana privilege view model
legrego Aug 21, 2018
cc1e357
let => const
legrego Aug 21, 2018
cba659f
fix displayed space permission when minimum privilege > assigned spac…
legrego Aug 21, 2018
aff7d89
reserved state of roles not reflected by screen reader. Fixes #20192
legrego Aug 21, 2018
c7b5069
Allow Kibana privileges to be managed if the Spaces plugin is disabled
legrego Aug 21, 2018
c8d3045
additional testing and bugfixes
legrego Aug 21, 2018
631463c
add validation to kibana privileges
legrego Aug 21, 2018
a3be801
show deleted spaces in the privilege list
legrego Aug 21, 2018
681792d
Merge branch 'spaces-phase-1' into space-aware-privileges
legrego Aug 24, 2018
812652d
fix reference
legrego Aug 24, 2018
eea0eb8
TypeScript-ify role management
legrego Aug 24, 2018
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion x-pack/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ module.exports = function (kibana) {
graph(kibana),
monitoring(kibana),
reporting(kibana),
spaces(kibana),
security(kibana),
searchprofiler(kibana),
ml(kibana),
Expand All @@ -44,7 +45,6 @@ module.exports = function (kibana) {
cloud(kibana),
indexManagement(kibana),
consoleExtensions(kibana),
spaces(kibana),
notifications(kibana),
kueryAutocomplete(kibana)
];
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugins/security/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ export const security = (kibana) => new kibana.Plugin({
id: 'security',
configPrefix: 'xpack.security',
publicDir: resolve(__dirname, 'public'),
require: ['kibana', 'elasticsearch', 'xpack_main'],
require: ['kibana', 'elasticsearch', 'xpack_main', 'spaces'],
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change prevents us from disabling the spaces plugin when security is enabled. How much additional work would be required to make the privilege management screens work with the spaces plugin disabled? We could leave the explicit references to Spaces from a code-perspective, while simply hiding/re-wording things when Spaces isn't enabled, which might lower the burden...

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't take more than a day -- I have old code that I can resurrect from history as a starting point


config(Joi) {
return Joi.object({
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
import React, { Component, Fragment } from 'react';
import PropTypes from 'prop-types';
import {
EuiButton,
EuiButtonEmpty,
EuiOverlayMask,
EuiConfirmModal,
} from '@elastic/eui';
Expand All @@ -29,9 +29,9 @@ export class DeleteRoleButton extends Component {

return (
<Fragment>
<EuiButton color={'danger'} iconType={'trash'} onClick={this.showModal}>
Delete Role
</EuiButton>
<EuiButtonEmpty color={'danger'} onClick={this.showModal}>
Delete role
</EuiButtonEmpty>
{this.maybeShowModal()}
</Fragment>
);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

import React from 'react';
import {
EuiButton,
EuiButtonEmpty,
EuiConfirmModal,
} from '@elastic/eui';
import { DeleteRoleButton } from './delete_role_button';
Expand All @@ -18,15 +18,15 @@ import {
test('it renders without crashing', () => {
const deleteHandler = jest.fn();
const wrapper = shallow(<DeleteRoleButton canDelete={true} onDelete={deleteHandler} />);
expect(wrapper.find(EuiButton)).toHaveLength(1);
expect(wrapper.find(EuiButtonEmpty)).toHaveLength(1);
expect(deleteHandler).toHaveBeenCalledTimes(0);
});

test('it shows a confirmation dialog when clicked', () => {
const deleteHandler = jest.fn();
const wrapper = mount(<DeleteRoleButton canDelete={true} onDelete={deleteHandler} />);

wrapper.find(EuiButton).simulate('click');
wrapper.find(EuiButtonEmpty).simulate('click');

expect(wrapper.find(EuiConfirmModal)).toHaveLength(1);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ import {
EuiFlexGroup,
EuiFlexItem,
EuiButton,
EuiPageBody,
} from '@elastic/eui';
import { saveRole, deleteRole } from '../../../../objects';
import { isReservedRole } from '../../../../lib/role';
Expand All @@ -39,6 +40,7 @@ export class EditRolePage extends Component {
allowFieldLevelSecurity: PropTypes.bool.isRequired,
kibanaAppPrivileges: PropTypes.array.isRequired,
notifier: PropTypes.func.isRequired,
spaces: PropTypes.array,
};

constructor(props) {
Expand All @@ -52,22 +54,24 @@ export class EditRolePage extends Component {

render() {
return (
<EuiPage className="editRolePage">
<EuiForm {...this.state.formError}>
{this.getFormTitle()}
<EuiPage className="editRolePage" restrictWidth>
<EuiPageBody>
<EuiForm {...this.state.formError}>
{this.getFormTitle()}

<EuiSpacer />
<EuiSpacer />

{this.getRoleName()}
{this.getRoleName()}

{this.getElasticsearchPrivileges()}
{this.getElasticsearchPrivileges()}

{this.getKibanaPrivileges()}
{this.getKibanaPrivileges()}

<EuiSpacer />
<EuiSpacer />

{this.getFormButtons()}
</EuiForm>
{this.getFormButtons()}
</EuiForm>
</EuiPageBody>
</EuiPage>
);
}
Expand Down Expand Up @@ -124,7 +128,7 @@ export class EditRolePage extends Component {

onNameChange = (e) => {
const rawValue = e.target.value;
const name = rawValue.replace(/\s/g, '-');
const name = rawValue.replace(/\s/g, '_');

this.setState({
role: {
Expand Down Expand Up @@ -160,15 +164,14 @@ export class EditRolePage extends Component {
}

getKibanaPrivileges = () => {
if (!this.props.rbacEnabled) {
return null;
}

return (
<div>
<EuiSpacer />
<KibanaPrivileges
kibanaAppPrivileges={this.props.kibanaAppPrivileges}
spaces={this.props.spaces}
editable={!isReservedRole(this.state.role)}
spacesEnabled={this.props.spaces.length > 1}
role={this.state.role}
onChange={this.onRoleChange}
/>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
import React, { Component } from 'react';
import _ from 'lodash';
import PropTypes from 'prop-types';
import { getClusterPrivileges } from '../../../../../services/role_privileges';
import { isReservedRole } from '../../../../../lib/role';
import { getClusterPrivileges } from '../../../../../../services/role_privileges';
import { isReservedRole } from '../../../../../../lib/role';
import {
EuiCheckboxGroup,
EuiFlexGroup,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ import {
import './elasticsearch_privileges.less';
import { ClusterPrivileges } from './cluster_privileges';
import { IndexPrivileges } from './index_privileges';
import { CollapsiblePanel } from '../collapsible_panel';
import { documentationLinks } from '../../../../../documentation_links';
import { CollapsiblePanel } from '../../collapsible_panel';
import { documentationLinks } from '../../../../../../documentation_links';

export class ElasticsearchPrivileges extends Component {
static propTypes = {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { shallow, mount } from 'enzyme';
import { IndexPrivileges } from './index_privileges';
import { ClusterPrivileges } from './cluster_privileges';
import { ElasticsearchPrivileges } from './elasticsearch_privileges';
import { RoleValidator } from '../../lib/validate_role';
import { RoleValidator } from '../../../lib/validate_role';

test('it renders without crashing', () => {
const props = {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ import {
EuiHorizontalRule,
EuiButtonIcon,
} from '@elastic/eui';
import { getIndexPrivileges } from '../../../../../services/role_privileges';
import { getIndexPrivileges } from '../../../../../../services/role_privileges';

const fromOption = (option) => option.label;
const toOption = (value) => ({ label: value });
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
import React from 'react';
import { shallow, mount } from 'enzyme';
import { IndexPrivilegeForm } from './index_privilege_form';
import { RoleValidator } from '../../lib/validate_role';
import { RoleValidator } from '../../../lib/validate_role';
import { EuiSwitch, EuiTextArea, EuiButtonIcon } from '@elastic/eui';

test('it renders without crashing', () => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@
import React, { Component } from 'react';
import PropTypes from 'prop-types';
import _ from 'lodash';
import { isReservedRole, isRoleEnabled } from '../../../../../lib/role';
import { isReservedRole, isRoleEnabled } from '../../../../../../lib/role';
import { IndexPrivilegeForm } from './index_privilege_form';
import { getFields } from '../../../../../objects';
import { getFields } from '../../../../../../objects';

export class IndexPrivileges extends Component {
static propTypes = {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import React from 'react';
import { shallow, mount } from 'enzyme';
import { IndexPrivileges } from './index_privileges';
import { IndexPrivilegeForm } from './index_privilege_form';
import { RoleValidator } from '../../lib/validate_role';
import { RoleValidator } from '../../../lib/validate_role';

test('it renders without crashing', () => {
const props = {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,5 @@
* you may not use this file except in compliance with the Elastic License.
*/

export { ElasticsearchPrivileges } from './elasticsearch_privileges';
export { KibanaPrivileges } from './kibana_privileges';
export { ElasticsearchPrivileges } from './es/elasticsearch_privileges';
export { KibanaPrivileges } from './kibana/kibana_privileges';
Original file line number Diff line number Diff line change
@@ -0,0 +1,120 @@
// Jest Snapshot v1, https://goo.gl/fbAQLP

exports[`PrivilegeCalloutWarning renders without crashing 1`] = `
<PrivilegeCalloutWarning
basePrivilege="all"
isReservedRole={false}
role={Object {}}
spaces={Array []}
>
<EuiCallOut
color="warning"
iconType="iInCircle"
size="m"
title="Minimum privilege is too high to customize individual spaces"
>
<div
className="euiCallOut euiCallOut--warning"
>
<div
className="euiCallOutHeader"
>
<EuiIcon
aria-hidden="true"
className="euiCallOutHeader__icon"
size="m"
type="iInCircle"
>
<iInCircle
aria-hidden="true"
className="euiIcon euiIcon--medium euiCallOutHeader__icon"
focusable="false"
height="16"
style={
Object {
"fill": undefined,
}
}
viewBox="0 0 16 16"
width="16"
xmlns="http://www.w3.org/2000/svg"
>
<svg
aria-hidden="true"
className="euiIcon euiIcon--medium euiCallOutHeader__icon"
focusable="false"
height="16"
style={
Object {
"fill": undefined,
}
}
viewBox="0 0 16 16"
width="16"
xmlns="http://www.w3.org/2000/svg"
>
<path
d="M8.3 10.717H6.7v-4h1.6v4zm-1.6-5.71a.83.83 0 0 1 .207-.578c.137-.153.334-.229.59-.229.256 0 .454.076.594.23.14.152.209.345.209.576 0 .228-.07.417-.21.568-.14.15-.337.226-.593.226-.256 0-.453-.075-.59-.226a.81.81 0 0 1-.207-.568zM7.5 13A5.506 5.506 0 0 1 2 7.5C2 4.467 4.467 2 7.5 2S13 4.467 13 7.5 10.533 13 7.5 13m0-12a6.5 6.5 0 1 0 0 13 6.5 6.5 0 0 0 0-13"
fillRule="evenodd"
/>
</svg>
</iInCircle>
</EuiIcon>
<span
className="euiCallOutHeader__title"
>
Minimum privilege is too high to customize individual spaces
</span>
</div>
<EuiText
grow={true}
size="s"
>
<div
className="euiText euiText--small"
>
<p>
Setting the minimum privilege to
<strong>
all
</strong>
grants full access to all spaces. To customize privileges for individual spaces, the minimum privilege must be either
<strong>
read
</strong>
or
<strong>
none
</strong>
.
</p>
</div>
</EuiText>
</div>
</EuiCallOut>
<div
className="privilegeCallout--showSpacesLink"
>
<EuiSpacer
size="l"
>
<div
className="euiSpacer euiSpacer--l"
/>
</EuiSpacer>
<EuiLink
color="primary"
onClick={[Function]}
type="button"
>
<button
className="euiLink euiLink--primary"
onClick={[Function]}
type="button"
>
See summary of all spaces privileges
</button>
</EuiLink>
</div>
</PrivilegeCalloutWarning>
`;
Loading