Skip to content

Commit

Permalink
[7.x] Add telemetry as an automatic privilege grant (#77390) (#77774)
Browse files Browse the repository at this point in the history
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
  • Loading branch information
legrego and elasticmachine authored Sep 17, 2020
1 parent fa36528 commit 3d6253f
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 6 deletions.
9 changes: 8 additions & 1 deletion src/plugins/telemetry/server/routes/telemetry_opt_in.ts
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ import {
StatsGetterConfig,
TelemetryCollectionManagerPluginSetup,
} from 'src/plugins/telemetry_collection_manager/server';
import { SavedObjectsErrorHelpers } from '../../../../core/server';
import { getTelemetryAllowChangingOptInStatus } from '../../common/telemetry_config';
import { sendTelemetryOptInStatus } from './telemetry_opt_in_stats';

Expand Down Expand Up @@ -109,7 +110,13 @@ export function registerTelemetryOptInRoutes({
});
}

await updateTelemetrySavedObject(context.core.savedObjects.client, attributes);
try {
await updateTelemetrySavedObject(context.core.savedObjects.client, attributes);
} catch (e) {
if (SavedObjectsErrorHelpers.isForbiddenError(e)) {
return res.forbidden();
}
}
return res.ok({ body: optInStatus });
}
);
Expand Down
8 changes: 4 additions & 4 deletions x-pack/plugins/features/server/feature_registry.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ describe('FeatureRegistry', () => {
read: {
savedObject: {
all: [],
read: ['config', 'url'],
read: ['config', 'url', 'telemetry'],
},
ui: [],
},
Expand Down Expand Up @@ -230,7 +230,7 @@ describe('FeatureRegistry', () => {
expect(allPrivilege?.savedObject.all).toEqual(['telemetry']);
});

it(`automatically grants 'read' access to config and url saved objects for both privileges`, () => {
it(`automatically grants access to config, url, and telemetry saved objects`, () => {
const feature: KibanaFeatureConfig = {
id: 'test-feature',
name: 'Test Feature',
Expand Down Expand Up @@ -263,7 +263,7 @@ describe('FeatureRegistry', () => {
const allPrivilege = result[0].privileges?.all;
const readPrivilege = result[0].privileges?.read;
expect(allPrivilege?.savedObject.read).toEqual(['config', 'url']);
expect(readPrivilege?.savedObject.read).toEqual(['config', 'url']);
expect(readPrivilege?.savedObject.read).toEqual(['config', 'telemetry', 'url']);
});

it(`automatically grants 'all' access to telemetry and 'read' to [config, url] saved objects for the reserved privilege`, () => {
Expand Down Expand Up @@ -332,7 +332,7 @@ describe('FeatureRegistry', () => {
const readPrivilege = result[0].privileges!.read;
expect(allPrivilege?.savedObject.all).toEqual(['telemetry']);
expect(allPrivilege?.savedObject.read).toEqual(['config', 'url']);
expect(readPrivilege?.savedObject.read).toEqual(['config', 'url']);
expect(readPrivilege?.savedObject.read).toEqual(['config', 'url', 'telemetry']);
});

it(`does not allow duplicate features to be registered`, () => {
Expand Down
7 changes: 6 additions & 1 deletion x-pack/plugins/features/server/feature_registry.ts
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,12 @@ function applyAutomaticReadPrivilegeGrants(
) {
readPrivileges.forEach((readPrivilege) => {
if (readPrivilege) {
readPrivilege.savedObject.read = uniq([...readPrivilege.savedObject.read, 'config', 'url']);
readPrivilege.savedObject.read = uniq([
...readPrivilege.savedObject.read,
'config',
'telemetry',
'url',
]);
}
});
}

0 comments on commit 3d6253f

Please sign in to comment.