[Fix]Removes synonyms read-only permission. (#211471)

## Summary Kibana permission for read-only is removed. This is not a breaking change while the feature is not yet released. Cluster requirements make it obsolete. Also fixed warnings on permission names. ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The `release_note:breaking` label should be applied in these situations. - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
2025-04-23 01:13:23 -04:00 · 2025-02-18 12:59:27 +01:00 · 2025-02-18 12:59:27 +01:00 · 148d47ced1
commit 148d47ced1
parent 46132d8c3e
3 changed files with 14 additions and 22 deletions
--- a/x-pack/solutions/search/plugins/search_synonyms/server/plugin.ts
+++ b/x-pack/solutions/search/plugins/search_synonyms/server/plugin.ts
@ -49,22 +49,21 @@ export class SearchSynonymsPlugin
      privileges: {
        all: {
          app: ['kibana', PLUGIN_ID],
-          api: ['synonyms:manage', 'synonyms:read'],
+          api: ['manage_synonyms'],
          catalogue: [PLUGIN_ID],
          savedObject: {
            all: [],
            read: [],
          },
-          ui: ['read', 'save'],
+          ui: ['manage'],
        },
        read: {
-          app: ['kibana', PLUGIN_ID],
-          api: ['synonyms:read'],
+          disabled: true,
          savedObject: {
            all: [],
            read: [],
          },
-          ui: ['read'],
+          ui: [],
        },
      },
    });
@ -72,7 +71,7 @@ export class SearchSynonymsPlugin
    return {};
  }

-  public start(core: CoreStart) {
+  public start(_: CoreStart) {
    return {};
  }

--- a/x-pack/solutions/search/plugins/search_synonyms/server/routes.ts
+++ b/x-pack/solutions/search/plugins/search_synonyms/server/routes.ts
@ -26,11 +26,10 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
      path: APIRoutes.SYNONYM_SETS,
      options: {
        access: 'internal',
-        tags: ['synonyms:read'],
      },
      security: {
        authz: {
-          requiredPrivileges: ['synonyms:read'],
+          requiredPrivileges: ['manage_synonyms'],
        },
      },
      validate: {
@ -78,11 +77,10 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
      path: APIRoutes.SYNONYM_SET_ID,
      options: {
        access: 'internal',
-        tags: ['synonyms:write', 'synonyms:read'],
      },
      security: {
        authz: {
-          requiredPrivileges: ['synonyms:write', 'synonyms:read'],
+          requiredPrivileges: ['manage_synonyms'],
        },
      },
      validate: {
@ -119,11 +117,10 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
      path: APIRoutes.SYNONYM_SET_ID,
      options: {
        access: 'internal',
-        tags: ['synonyms:read'],
      },
      security: {
        authz: {
-          requiredPrivileges: ['synonyms:read'],
+          requiredPrivileges: ['manage_synonyms'],
        },
      },
      validate: {
@ -177,11 +174,10 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
      path: APIRoutes.SYNONYM_SET_ID_RULE_ID,
      options: {
        access: 'internal',
-        tags: ['synonyms:read'],
      },
      security: {
        authz: {
-          requiredPrivileges: ['synonyms:read'],
+          requiredPrivileges: ['manage_synonyms'],
        },
      },
      validate: {
@ -228,11 +224,10 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
      path: APIRoutes.SYNONYM_SET_ID_RULE_ID,
      options: {
        access: 'internal',
-        tags: ['synonyms:write', 'synonyms:read'],
      },
      security: {
        authz: {
-          requiredPrivileges: ['synonyms:write', 'synonyms:read'],
+          requiredPrivileges: ['manage_synonyms'],
        },
      },
      validate: {
@ -279,11 +274,10 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
      path: APIRoutes.SYNONYM_SET_ID,
      options: {
        access: 'internal',
-        tags: ['synonyms:write', 'synonyms:read'],
      },
      security: {
        authz: {
-          requiredPrivileges: ['synonyms:write', 'synonyms:read'],
+          requiredPrivileges: ['manage_synonyms'],
        },
      },
      validate: {
@ -328,11 +322,10 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
      path: APIRoutes.GENERATE_SYNONYM_RULE_ID,
      options: {
        access: 'internal',
-        tags: ['synonyms:write', 'synonyms:read'],
      },
      security: {
        authz: {
-          requiredPrivileges: ['synonyms:write', 'synonyms:read'],
+          requiredPrivileges: ['manage_synonyms'],
        },
      },
      validate: {
@ -377,11 +370,10 @@ export function defineRoutes({ logger, router }: { logger: Logger; router: IRout
      path: APIRoutes.SYNONYM_SET_ID_RULE_ID,
      options: {
        access: 'internal',
-        tags: ['synonyms:write', 'synonyms:read'],
      },
      security: {
        authz: {
-          requiredPrivileges: ['synonyms:write', 'synonyms:read'],
+          requiredPrivileges: ['manage_synonyms'],
        },
      },
      validate: {
--- a/x-pack/test/ui_capabilities/security_and_spaces/tests/nav_links.ts
+++ b/x-pack/test/ui_capabilities/security_and_spaces/tests/nav_links.ts
@ -62,6 +62,7 @@ export default function navLinksTests({ getService }: FtrProviderContext) {
                'enterpriseSearchApplications',
                'enterpriseSearchAnalytics',
                'searchPlayground',
+                'searchSynonyms',
                'searchInferenceEndpoints',
                'guidedOnboardingFeature',
                'securitySolutionAssistant',