Add telemetry as an automatic privilege grant (#77390)

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
2025-04-25 02:09:32 -04:00 · 2020-09-17 10:48:08 -04:00 · 2020-09-17 10:48:08 -04:00 · fc97a3741c
commit fc97a3741c
parent e616c1501a
3 changed files with 18 additions and 6 deletions
--- a/src/plugins/telemetry/server/routes/telemetry_opt_in.ts
+++ b/src/plugins/telemetry/server/routes/telemetry_opt_in.ts
@ -26,6 +26,7 @@ import {
  StatsGetterConfig,
  TelemetryCollectionManagerPluginSetup,
 } from 'src/plugins/telemetry_collection_manager/server';
 import { SavedObjectsErrorHelpers } from '../../../../core/server';
 import { getTelemetryAllowChangingOptInStatus } from '../../common/telemetry_config';
 import { sendTelemetryOptInStatus } from './telemetry_opt_in_stats';
@ -109,7 +110,13 @@ export function registerTelemetryOptInRoutes({
        });
      }
-      await updateTelemetrySavedObject(context.core.savedObjects.client, attributes);
+      try {
        await updateTelemetrySavedObject(context.core.savedObjects.client, attributes);
      } catch (e) {
        if (SavedObjectsErrorHelpers.isForbiddenError(e)) {
          return res.forbidden();
        }
      }
      return res.ok({ body: optInStatus });
    }
  );
--- a/x-pack/plugins/features/server/feature_registry.test.ts
+++ b/x-pack/plugins/features/server/feature_registry.test.ts
@ -57,7 +57,7 @@ describe('FeatureRegistry', () => {
          read: {
            savedObject: {
              all: [],
-              read: ['config', 'url'],
+              read: ['config', 'url', 'telemetry'],
            },
            ui: [],
          },
@ -230,7 +230,7 @@ describe('FeatureRegistry', () => {
      expect(allPrivilege?.savedObject.all).toEqual(['telemetry']);
    });
-    it(`automatically grants 'read' access to config and url saved objects for both privileges`, () => {
+    it(`automatically grants access to config, url, and telemetry saved objects`, () => {
      const feature: KibanaFeatureConfig = {
        id: 'test-feature',
        name: 'Test Feature',
@ -263,7 +263,7 @@ describe('FeatureRegistry', () => {
      const allPrivilege = result[0].privileges?.all;
      const readPrivilege = result[0].privileges?.read;
      expect(allPrivilege?.savedObject.read).toEqual(['config', 'url']);
-      expect(readPrivilege?.savedObject.read).toEqual(['config', 'url']);
+      expect(readPrivilege?.savedObject.read).toEqual(['config', 'telemetry', 'url']);
    });
    it(`automatically grants 'all' access to telemetry and 'read' to [config, url] saved objects for the reserved privilege`, () => {
@ -332,7 +332,7 @@ describe('FeatureRegistry', () => {
      const readPrivilege = result[0].privileges!.read;
      expect(allPrivilege?.savedObject.all).toEqual(['telemetry']);
      expect(allPrivilege?.savedObject.read).toEqual(['config', 'url']);
-      expect(readPrivilege?.savedObject.read).toEqual(['config', 'url']);
+      expect(readPrivilege?.savedObject.read).toEqual(['config', 'url', 'telemetry']);
    });
    it(`does not allow duplicate features to be registered`, () => {
--- a/x-pack/plugins/features/server/feature_registry.ts
+++ b/x-pack/plugins/features/server/feature_registry.ts
@ -97,7 +97,12 @@ function applyAutomaticReadPrivilegeGrants(
 ) {
  readPrivileges.forEach((readPrivilege) => {
    if (readPrivilege) {
-      readPrivilege.savedObject.read = uniq([...readPrivilege.savedObject.read, 'config', 'url']);
+      readPrivilege.savedObject.read = uniq([
        ...readPrivilege.savedObject.read,
        'config',
        'telemetry',
        'url',
      ]);
    }
  });
 }