mirror of
https://github.com/elastic/kibana.git
synced 2025-04-25 10:23:14 -04:00
a0731f139e
* Add reusable user profile selector component * Move to package and add examples * [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' * Add server side example * CI Fixes * fix tests * Addd tests * Addressed suggestions from code review * Fix types * Updated user avatar component * Tweak styling and copy * Add missing jsdoc comments * . * . Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
83 lines
2.7 KiB
TypeScript
83 lines
2.7 KiB
TypeScript
/*
|
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
* or more contributor license agreements. Licensed under the Elastic License
|
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
|
* Side Public License, v 1.
|
|
*/
|
|
|
|
import type { Plugin, CoreSetup } from '@kbn/core/server';
|
|
import {
|
|
PluginSetupContract as FeaturesPluginSetup,
|
|
PluginStartContract as FeaturesPluginStart,
|
|
} from '@kbn/features-plugin/server';
|
|
import { SecurityPluginSetup, SecurityPluginStart } from '@kbn/security-plugin/server';
|
|
import { SpacesPluginSetup, SpacesPluginStart } from '@kbn/spaces-plugin/server';
|
|
import { schema } from '@kbn/config-schema';
|
|
|
|
export interface SetupDeps {
|
|
features: FeaturesPluginSetup;
|
|
security: SecurityPluginSetup;
|
|
spaces: SpacesPluginSetup;
|
|
}
|
|
|
|
export interface StartDeps {
|
|
features: FeaturesPluginStart;
|
|
security: SecurityPluginStart;
|
|
spaces: SpacesPluginStart;
|
|
}
|
|
|
|
export class UserProfilesPlugin implements Plugin<void, void, SetupDeps, StartDeps> {
|
|
setup(core: CoreSetup<StartDeps>) {
|
|
const router = core.http.createRouter();
|
|
router.post(
|
|
{
|
|
path: '/internal/user_profiles_examples/_suggest',
|
|
validate: {
|
|
body: schema.object({
|
|
name: schema.string(),
|
|
dataPath: schema.maybe(schema.string()),
|
|
}),
|
|
},
|
|
/**
|
|
* Important: You must restrict access to this endpoint using access `tags`.
|
|
*/
|
|
options: { tags: ['access:suggestUserProfiles'] },
|
|
},
|
|
async (context, request, response) => {
|
|
const [, pluginDeps] = await core.getStartServices();
|
|
|
|
/**
|
|
* Important: `requiredPrivileges` must be hard-coded server-side and cannot be exposed as a
|
|
* param client-side.
|
|
*
|
|
* If your app requires suggestions based on different privileges you must expose separate
|
|
* endpoints for each use-case.
|
|
*
|
|
* In this example we ensure that suggested users have access to the current space and are
|
|
* able to login but in your app you will want to change that to something more relevant.
|
|
*/
|
|
const profiles = await pluginDeps.security.userProfiles.suggest({
|
|
name: request.body.name,
|
|
dataPath: request.body.dataPath,
|
|
requiredPrivileges: {
|
|
spaceId: pluginDeps.spaces.spacesService.getSpaceId(request),
|
|
privileges: {
|
|
kibana: [pluginDeps.security.authz.actions.login],
|
|
},
|
|
},
|
|
});
|
|
|
|
return response.ok({ body: profiles });
|
|
}
|
|
);
|
|
}
|
|
|
|
start() {
|
|
return {};
|
|
}
|
|
|
|
stop() {
|
|
return {};
|
|
}
|
|
}
|