github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Upgrade Assistant] Restrict UI to Kibana admins (#127922) (#128418)

Browse source
This commit is contained in:
Alison Goryachev 2022-03-24 08:01:04 -04:00 committed by GitHub
parent a6fa068cc1
commit 6dbad1d087
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 98 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

52
x-pack/plugins/upgrade_assistant/__jest__/client_integration/app/privileges.test.tsx Normal file
View file

@ -0,0 +1,52 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { act } from 'react-dom/test-utils';
import { AppDependencies } from '../../../public/types';
import { setupEnvironment, kibanaVersion, getAppContextMock } from '../helpers';
import { AppTestBed, setupAppPage } from './app.helpers';
describe('Privileges', () => {
let testBed: AppTestBed;
let httpSetup: ReturnType<typeof setupEnvironment>['httpSetup'];
beforeEach(async () => {
const mockEnvironment = setupEnvironment();
httpSetup = mockEnvironment.httpSetup;
});
describe('when user is not a Kibana global admin', () => {
beforeEach(async () => {
const appContextMock = getAppContextMock(kibanaVersion) as unknown as AppDependencies;
const servicesMock = {
...appContextMock.services,
core: {
...appContextMock.services.core,
application: {
capabilities: {
spaces: {
manage: false,
},
},
},
},
};
await act(async () => {
testBed = await setupAppPage(httpSetup, { services: servicesMock });
});
testBed.component.update();
});
test('renders not authorized message', () => {
const { exists } = testBed;
expect(exists('overview')).toBe(false);
expect(exists('missingKibanaPrivilegesMessage')).toBe(true);
});
});
});

9
x-pack/plugins/upgrade_assistant/__jest__/client_integration/helpers/app_context.mock.ts
View file

@ -88,7 +88,14 @@ export const getAppContextMock = (kibanaVersion: SemVer) => ({
notifications: notificationServiceMock.createStartContract(),
docLinks: docLinksServiceMock.createStartContract(),
history: scopedHistoryMock.create(),
application: applicationServiceMock.createStartContract(),
application: {
...applicationServiceMock.createStartContract(),
capabilities: {
spaces: {
manage: true,
},
},
},
},
},
plugins: {

1
x-pack/plugins/upgrade_assistant/__jest__/client_integration/helpers/index.ts
View file

@ -7,3 +7,4 @@
export { setupEnvironment, WithAppDependencies, kibanaVersion } from './setup_environment';
export { advanceTime } from './time_manipulation';
export { getAppContextMock } from './app_context.mock';

35
x-pack/plugins/upgrade_assistant/public/application/app.tsx
View file

@ -19,6 +19,7 @@ import {
AuthorizationProvider,
RedirectAppLinks,
KibanaThemeProvider,
NotAuthorizedSection,
} from '../shared_imports';
import { AppDependencies } from '../types';
import { AppContextProvider, useAppContext } from './app_context';
@ -35,18 +36,46 @@ const { GlobalFlyoutProvider } = GlobalFlyout;
const AppHandlingClusterUpgradeState: React.FunctionComponent = () => {
const {
isReadOnlyMode,
services: { api },
services: { api, core },
} = useAppContext();
const [clusterUpgradeState, setClusterUpradeState] =
const missingManageSpacesPrivilege = core.application.capabilities.spaces.manage !== true;
const [clusterUpgradeState, setClusterUpgradeState] =
useState<ClusterUpgradeState>('isPreparingForUpgrade');
useEffect(() => {
api.onClusterUpgradeStateChange((newClusterUpgradeState: ClusterUpgradeState) => {
setClusterUpradeState(newClusterUpgradeState);
setClusterUpgradeState(newClusterUpgradeState);
});
}, [api]);
if (missingManageSpacesPrivilege) {
return (
<EuiPageContent
verticalPosition="center"
horizontalPosition="center"
color="subdued"
data-test-subj="missingKibanaPrivilegesMessage"
>
<NotAuthorizedSection
title={
<FormattedMessage
id="xpack.upgradeAssistant.app.deniedPrivilegeTitle"
defaultMessage="Kibana admin role required"
/>
}
message={
<FormattedMessage
id="xpack.upgradeAssistant.app.deniedPrivilegeDescription"
defaultMessage="To use Upgrade Assistant and resolve deprecation issues, you must have access to manage all Kibana spaces."
/>
}
/>
</EuiPageContent>
);
}
// Read-only mode will be enabled up until the last minor before the next major release
if (isReadOnlyMode) {
return <ComingSoonPrompt />;

1
x-pack/plugins/upgrade_assistant/public/shared_imports.ts
View file

@ -22,6 +22,7 @@ export {
WithPrivileges,
AuthorizationProvider,
AuthorizationContext,
NotAuthorizedSection,
} from '../../../../src/plugins/es_ui_shared/public/';
export { Storage } from '../../../../src/plugins/kibana_utils/public';

6
x-pack/test/functional/apps/upgrade_assistant/feature_controls/upgrade_assistant_security.ts
View file

@ -56,11 +56,11 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) {
describe('[SkipCloud] global dashboard read with global_upgrade_assistant_role', function () {
this.tags('skipCloud');
it('should render the "Stack" section with Upgrde Assistant', async function () {
it('should render the "Stack" section with Upgrade Assistant', async function () {
await PageObjects.common.navigateToApp('management');
const sections = await managementMenu.getSections();
expect(sections).to.have.length(3);
expect(sections[2]).to.eql({
expect(sections).to.have.length(5);
expect(sections[4]).to.eql({
sectionId: 'stack',
sectionLinks: ['license_management', 'upgrade_assistant'],
});

4
x-pack/test/functional/config.js
View file

@ -464,9 +464,7 @@ export default async function ({ readConfigFile }) {
},
kibana: [
{
feature: {
discover: ['read'],
},
base: ['all'],
spaces: ['*'],
},
],