From 21ceeebb976510e1ece265d27b4f552100662d64 Mon Sep 17 00:00:00 2001 From: Larry Gregory Date: Thu, 11 Jun 2020 07:42:38 -0400 Subject: [PATCH] Support migrating from reserved feature privileges (#68504) --- .../roles/__fixtures__/kibana_features.ts | 42 +++++----- .../feature_table/feature_table.test.tsx | 84 +++++++++++++++++++ .../kibana/feature_table/feature_table.tsx | 12 ++- 3 files changed, 115 insertions(+), 23 deletions(-) diff --git a/x-pack/plugins/security/public/management/roles/__fixtures__/kibana_features.ts b/x-pack/plugins/security/public/management/roles/__fixtures__/kibana_features.ts index 10b5b3ce8521cb..08561234fd7067 100644 --- a/x-pack/plugins/security/public/management/roles/__fixtures__/kibana_features.ts +++ b/x-pack/plugins/security/public/management/roles/__fixtures__/kibana_features.ts @@ -10,32 +10,36 @@ export const createFeature = ( config: Pick & { excludeFromBaseAll?: boolean; excludeFromBaseRead?: boolean; + privileges?: FeatureConfig['privileges']; } ) => { - const { excludeFromBaseAll, excludeFromBaseRead, ...rest } = config; + const { excludeFromBaseAll, excludeFromBaseRead, privileges, ...rest } = config; return new Feature({ icon: 'discoverApp', navLinkId: 'discover', app: [], catalogue: [], - privileges: { - all: { - excludeFromBasePrivileges: excludeFromBaseAll, - savedObject: { - all: ['all-type'], - read: ['read-type'], - }, - ui: ['read-ui', 'all-ui', `read-${config.id}`, `all-${config.id}`], - }, - read: { - excludeFromBasePrivileges: excludeFromBaseRead, - savedObject: { - all: [], - read: ['read-type'], - }, - ui: ['read-ui', `read-${config.id}`], - }, - }, + privileges: + privileges === null + ? null + : { + all: { + excludeFromBasePrivileges: excludeFromBaseAll, + savedObject: { + all: ['all-type'], + read: ['read-type'], + }, + ui: ['read-ui', 'all-ui', `read-${config.id}`, `all-${config.id}`], + }, + read: { + excludeFromBasePrivileges: excludeFromBaseRead, + savedObject: { + all: [], + read: ['read-type'], + }, + ui: ['read-ui', `read-${config.id}`], + }, + }, ...rest, }); }; diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table.test.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table.test.tsx index be475398608e06..6bc829f766e582 100644 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table.test.tsx +++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table.test.tsx @@ -762,4 +762,88 @@ describe('FeatureTable', () => { }, }); }); + + it('renders a description for features with only reserved privileges (omitting the primary feature controls)', () => { + const role = createRole([ + { + spaces: ['foo'], + base: [], + feature: {}, + }, + ]); + const reservedFeature = createFeature({ + id: 'reserved_feature', + name: 'Reserved Feature', + privileges: null, + reserved: { + description: 'this is my reserved feature description', + privileges: [ + { + id: 'priv_1', + privilege: { + api: [], + savedObject: { all: [], read: [] }, + ui: [], + }, + }, + ], + }, + }); + + const { wrapper } = setup({ + role, + features: [reservedFeature], + privilegeIndex: 0, + calculateDisplayedPrivileges: false, + canCustomizeSubFeaturePrivileges: false, + }); + + expect(findTestSubject(wrapper, 'reservedFeatureDescription').text()).toMatchInlineSnapshot( + `"this is my reserved feature description"` + ); + + expect(findTestSubject(wrapper, 'primaryFeaturePrivilegeControl')).toHaveLength(0); + }); + + it('renders renders the primary feature controls when both primary and reserved privileges are specified', () => { + const role = createRole([ + { + spaces: ['foo'], + base: [], + feature: {}, + }, + ]); + const reservedFeature = createFeature({ + id: 'reserved_feature', + name: 'Reserved Feature with primary feature privileges', + reserved: { + description: 'this is my reserved feature description', + privileges: [ + { + id: 'priv_1', + privilege: { + api: [], + savedObject: { all: [], read: [] }, + ui: [], + }, + }, + ], + }, + }); + + const { displayedPrivileges, wrapper } = setup({ + role, + features: [reservedFeature], + privilegeIndex: 0, + calculateDisplayedPrivileges: true, + canCustomizeSubFeaturePrivileges: false, + }); + + expect(findTestSubject(wrapper, 'reservedFeatureDescription')).toHaveLength(0); + expect(displayedPrivileges).toEqual({ + reserved_feature: { + primaryFeaturePrivilege: 'none', + }, + }); + }); }); diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table.tsx index 0776f2af2ddd7b..38e4390a2856ae 100644 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table.tsx +++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/feature_table/feature_table.tsx @@ -193,12 +193,16 @@ export class FeatureTable extends Component { render: (roleEntry: Role, record: TableRow) => { const { feature } = record; - if (feature.reserved) { - return {feature.reserved.description}; - } - const primaryFeaturePrivileges = feature.getPrimaryFeaturePrivileges(); + if (feature.reserved && primaryFeaturePrivileges.length === 0) { + return ( + + {feature.reserved.description} + + ); + } + if (primaryFeaturePrivileges.length === 0) { return null; }