mirror of
https://github.com/elastic/kibana.git
synced 2025-04-25 10:23:14 -04:00
de0e1eb0d4
## Summary Closes #162263 Introduces a new `Feature Privileges` section to the developer documentation. The documentation includes a tutorial on how to control access to features of plugin being developed. Introduces a few sections: - Controlling access to UI features - Controlling access to server side APIs - Documentation for configuration options ## Testing To build this locally, run ./scripts/dev_docs from a local checkout of this PR. A server will eventually start on http://localhost:3000 where you can preview the changes. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
90 lines
2.3 KiB
TypeScript
90 lines
2.3 KiB
TypeScript
/*
|
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
* or more contributor license agreements. Licensed under the Elastic License
|
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
|
* Side Public License, v 1.
|
|
*/
|
|
|
|
import { CoreSetup, DEFAULT_APP_CATEGORIES, Plugin } from '@kbn/core/server';
|
|
import {
|
|
PluginSetupContract as FeaturesPluginSetup,
|
|
// PluginStartContract as FeaturesPluginStart,
|
|
} from '@kbn/features-plugin/server';
|
|
import { FEATURE_PRIVILEGES_PLUGIN_ID } from '../common';
|
|
|
|
export interface FeatureControlExampleDeps {
|
|
features: FeaturesPluginSetup;
|
|
}
|
|
|
|
export class FeatureControlsPluginExample
|
|
implements Plugin<void, void, any, FeatureControlExampleDeps>
|
|
{
|
|
public setup(core: CoreSetup, { features }: FeatureControlExampleDeps) {
|
|
features.registerKibanaFeature({
|
|
id: FEATURE_PRIVILEGES_PLUGIN_ID,
|
|
name: 'Feature Plugin Examples',
|
|
category: DEFAULT_APP_CATEGORIES.management,
|
|
app: ['FeaturePluginExample'],
|
|
privileges: {
|
|
all: {
|
|
app: ['FeaturePluginExample'],
|
|
savedObject: {
|
|
all: [],
|
|
read: [],
|
|
},
|
|
api: ['my_closed_example_api'],
|
|
ui: ['view', 'create', 'edit', 'delete', 'assign'],
|
|
},
|
|
read: {
|
|
app: ['FeaturePluginExample'],
|
|
savedObject: {
|
|
all: [],
|
|
read: ['tag'],
|
|
},
|
|
api: [],
|
|
ui: ['view'],
|
|
},
|
|
},
|
|
});
|
|
|
|
const router = core.http.createRouter();
|
|
router.get(
|
|
{
|
|
path: '/internal/my_plugin/read',
|
|
validate: false,
|
|
},
|
|
async (context, request, response) => {
|
|
return response.ok({
|
|
body: {
|
|
time: new Date().toISOString(),
|
|
},
|
|
});
|
|
}
|
|
);
|
|
router.get(
|
|
{
|
|
path: '/internal/my_plugin/sensitive_action',
|
|
validate: false,
|
|
options: {
|
|
tags: ['access:my_closed_example_api'],
|
|
},
|
|
},
|
|
async (context, request, response) => {
|
|
return response.ok({
|
|
body: {
|
|
time: new Date().toISOString(),
|
|
},
|
|
});
|
|
}
|
|
);
|
|
}
|
|
|
|
start() {
|
|
return {};
|
|
}
|
|
|
|
stop() {
|
|
return {};
|
|
}
|
|
}
|