# Backport
This will backport the following commits from `main` to `8.x`:
- [chore(security, eslint): apply platform security-specific rules to
all exclusively owned paths.
(#195711)](https://github.com/elastic/kibana/pull/195711)
<!--- Backport version: 8.9.8 -->
### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)
<!--BACKPORT [{"author":{"name":"Aleh
Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2024-10-11T07:49:12Z","message":"chore(security,
eslint): apply platform security-specific rules to all exclusively owned
paths. (#195711)\n\n## Summary\r\n\r\nApply platform security-specific
rules to all exclusively owned
paths.","sha":"a2d6e102d37217c58bf771a17c77976575e87a84","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["chore","Team:Security","release_note:skip","v9.0.0","backport:prev-major","v8.16.0"],"number":195711,"url":"https://github.com/elastic/kibana/pull/195711","mergeCommit":{"message":"chore(security,
eslint): apply platform security-specific rules to all exclusively owned
paths. (#195711)\n\n## Summary\r\n\r\nApply platform security-specific
rules to all exclusively owned
paths.","sha":"a2d6e102d37217c58bf771a17c77976575e87a84"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195711","number":195711,"mergeCommit":{"message":"chore(security,
eslint): apply platform security-specific rules to all exclusively owned
paths. (#195711)\n\n## Summary\r\n\r\nApply platform security-specific
rules to all exclusively owned
paths.","sha":"a2d6e102d37217c58bf771a17c77976575e87a84"}},{"branch":"8.x","label":"v8.16.0","labelRegex":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
## Summary
in #174284 we split serverless roles into individual files per project.
This PR updates mock-idp-plugin we use to simulate SAML auth in "local"
setup to fetch roles based on `projectType` from the respective yml
file:
- since we read roles from a yml file, new end point `GET
/mock_idp/supported_roles` was added to handle it.
- loginPage & rolesSwitcher hooks are updated to fetch roles via http
- hardcoded roles removed
Few other changes were made:
- move `readRolesFromResource` from `kbn-test` to `kbn-es` for
convenience: it is used to read ES resource files.
- move `system_indices_superuser` to the bottom of the file so it won't
be the first choice in UI role selector (+ we plan to remove the value
in the future)
- Change MOCK_IDP_REALM_NAME to `cloud-saml-kibana` as it is the actual
provider name we use in setup.
<img width="1026" alt="image"
src="060b3c21-9c1a-4210-8b5f-2d574a8f78e7">
<img width="1593" alt="image"
src="4afde9df-5a7e-4ae5-a9f5-ab18b871fc1b">
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
