Skip to content

Commit

Permalink
[8.x] [Fleet] Add new space aware saved object type to Fleet saved ob…
Browse files Browse the repository at this point in the history 
…ject permissions (#193025) (#193104)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Fleet] Add new space aware saved object type to Fleet saved object
permissions (#193025)](#193025)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Nicolas
Chaulet","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-09-16T22:47:45Z","message":"[Fleet]
Add new space aware saved object type to Fleet saved object permissions
(#193025)","sha":"4405f94cad29adf5adf2424e69cbc030e11883f7","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[Fleet]
Add new space aware saved object type to Fleet saved object
permissions","number":193025,"url":"https://github.com/elastic/kibana/pull/193025","mergeCommit":{"message":"[Fleet]
Add new space aware saved object type to Fleet saved object permissions
(#193025)","sha":"4405f94cad29adf5adf2424e69cbc030e11883f7"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193025","number":193025,"mergeCommit":{"message":"[Fleet]
Add new space aware saved object type to Fleet saved object permissions
(#193025)","sha":"4405f94cad29adf5adf2424e69cbc030e11883f7"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Nicolas Chaulet <[email protected]>
  • Loading branch information
@kibanamachine @nchaulet
kibanamachine and nchaulet authored Sep 17, 2024
1 parent 4d25d0f commit 87786b5
Show file tree
Hide file tree
Showing 4 changed files with 87 additions and 5 deletions.
11 changes: 8 additions & 3 deletions x-pack/plugins/fleet/server/plugin.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,12 @@ import {
} from '../common';
import type { ExperimentalFeatures } from '../common/experimental_features';
import { parseExperimentalConfigValue } from '../common/experimental_features';

import {
LEGACY_PACKAGE_POLICY_SAVED_OBJECT_TYPE,
PACKAGE_POLICY_SAVED_OBJECT_TYPE,
AGENT_POLICY_SAVED_OBJECT_TYPE,
LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE,
} from '../common/constants';
import { getFilesClientFactory } from './services/files/get_files_client_factory';

import type { MessageSigningServiceInterface } from './services/security';
Expand All @@ -78,12 +83,10 @@ import {
} from './services/security';

import {
LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE,
ASSETS_SAVED_OBJECT_TYPE,
DOWNLOAD_SOURCE_SAVED_OBJECT_TYPE,
FLEET_SERVER_HOST_SAVED_OBJECT_TYPE,
OUTPUT_SAVED_OBJECT_TYPE,
PACKAGE_POLICY_SAVED_OBJECT_TYPE,
PACKAGES_SAVED_OBJECT_TYPE,
PLUGIN_ID,
PRECONFIGURATION_DELETION_RECORD_SAVED_OBJECT_TYPE,
Expand Down Expand Up @@ -190,6 +193,8 @@ export type FleetSetupContract = void;
const allSavedObjectTypes = [
OUTPUT_SAVED_OBJECT_TYPE,
LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE,
AGENT_POLICY_SAVED_OBJECT_TYPE,
LEGACY_PACKAGE_POLICY_SAVED_OBJECT_TYPE,
PACKAGE_POLICY_SAVED_OBJECT_TYPE,
PACKAGES_SAVED_OBJECT_TYPE,
ASSETS_SAVED_OBJECT_TYPE,
Expand Down
9 changes: 7 additions & 2 deletions x-pack/test/fleet_api_integration/apis/space_awareness/agent_policies.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,24 +11,29 @@ import { FtrProviderContext } from '../../../api_integration/ftr_provider_contex
import { skipIfNoDockerRegistry } from '../../helpers';
import { SpaceTestApiClient } from './api_helper';
import { cleanFleetIndices, expectToRejectWithNotFound } from './helpers';
import { setupTestUsers, testUsers } from '../test_users';

export default function (providerContext: FtrProviderContext) {
const { getService } = providerContext;
const supertest = getService('supertest');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const esClient = getService('es');
const kibanaServer = getService('kibanaServer');
const spaces = getService('spaces');
let TEST_SPACE_1: string;

describe('agent policies', function () {
skipIfNoDockerRegistry(providerContext);
const apiClient = new SpaceTestApiClient(supertest);
const apiClient = new SpaceTestApiClient(supertestWithoutAuth, {
username: testUsers.fleet_all_int_all.username,
password: testUsers.fleet_all_int_all.password,
});

let defaultSpacePolicy1: CreateAgentPolicyResponse;
let spaceTest1Policy1: CreateAgentPolicyResponse;
let spaceTest1Policy2: CreateAgentPolicyResponse;

before(async () => {
await setupTestUsers(getService('security'));
TEST_SPACE_1 = spaces.getDefaultTestSpace();
await kibanaServer.savedObjects.cleanStandardList();
await kibanaServer.savedObjects.cleanStandardList({
Expand Down
4 changes: 4 additions & 0 deletions x-pack/test/fleet_api_integration/apis/space_awareness/api_helper.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,7 @@ export class SpaceTestApiClient {
async deleteAgentPolicy(agentPolicyId: string, spaceId?: string) {
await this.supertest
.post(`${this.getBaseUrl(spaceId)}/api/fleet/agent_policies/delete`)
.auth(this.auth.username, this.auth.password)
.send({
agentPolicyId,
})
Expand All @@ -142,6 +143,7 @@ export class SpaceTestApiClient {
async getAgentPolicy(policyId: string, spaceId?: string): Promise<GetOneAgentPolicyResponse> {
const { body: res } = await this.supertest
.get(`${this.getBaseUrl(spaceId)}/api/fleet/agent_policies/${policyId}`)
.auth(this.auth.username, this.auth.password)
.expect(200);

return res;
Expand Down Expand Up @@ -172,6 +174,7 @@ export class SpaceTestApiClient {
async getAgentPolicies(spaceId?: string): Promise<GetAgentPoliciesResponse> {
const { body: res } = await this.supertest
.get(`${this.getBaseUrl(spaceId)}/api/fleet/agent_policies`)
.auth(this.auth.username, this.auth.password)
.expect(200);

return res;
Expand Down Expand Up @@ -482,6 +485,7 @@ export class SpaceTestApiClient {
async postEnableSpaceAwareness(spaceId?: string): Promise<any> {
const { body: res } = await this.supertest
.post(`${this.getBaseUrl(spaceId)}/internal/fleet/enable_space_awareness`)
.auth(this.auth.username, this.auth.password)
.set('kbn-xsrf', 'xxxx')
.set('elastic-api-version', '1');

Expand Down
68 changes: 68 additions & 0 deletions ...t_serverless/api_integration/test_suites/observability/platform_security/authorization.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3666,6 +3666,18 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:ingest-agent-policies/delete",
"saved_object:ingest-agent-policies/bulk_delete",
"saved_object:ingest-agent-policies/share_to_space",
"saved_object:fleet-agent-policies/bulk_get",
"saved_object:fleet-agent-policies/get",
"saved_object:fleet-agent-policies/find",
"saved_object:fleet-agent-policies/open_point_in_time",
"saved_object:fleet-agent-policies/close_point_in_time",
"saved_object:fleet-agent-policies/create",
"saved_object:fleet-agent-policies/bulk_create",
"saved_object:fleet-agent-policies/update",
"saved_object:fleet-agent-policies/bulk_update",
"saved_object:fleet-agent-policies/delete",
"saved_object:fleet-agent-policies/bulk_delete",
"saved_object:fleet-agent-policies/share_to_space",
"saved_object:ingest-package-policies/bulk_get",
"saved_object:ingest-package-policies/get",
"saved_object:ingest-package-policies/find",
Expand All @@ -3678,6 +3690,18 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:ingest-package-policies/delete",
"saved_object:ingest-package-policies/bulk_delete",
"saved_object:ingest-package-policies/share_to_space",
"saved_object:fleet-package-policies/bulk_get",
"saved_object:fleet-package-policies/get",
"saved_object:fleet-package-policies/find",
"saved_object:fleet-package-policies/open_point_in_time",
"saved_object:fleet-package-policies/close_point_in_time",
"saved_object:fleet-package-policies/create",
"saved_object:fleet-package-policies/bulk_create",
"saved_object:fleet-package-policies/update",
"saved_object:fleet-package-policies/bulk_update",
"saved_object:fleet-package-policies/delete",
"saved_object:fleet-package-policies/bulk_delete",
"saved_object:fleet-package-policies/share_to_space",
"saved_object:epm-packages/bulk_get",
"saved_object:epm-packages/get",
"saved_object:epm-packages/find",
Expand Down Expand Up @@ -3993,6 +4017,18 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:ingest-agent-policies/delete",
"saved_object:ingest-agent-policies/bulk_delete",
"saved_object:ingest-agent-policies/share_to_space",
"saved_object:fleet-agent-policies/bulk_get",
"saved_object:fleet-agent-policies/get",
"saved_object:fleet-agent-policies/find",
"saved_object:fleet-agent-policies/open_point_in_time",
"saved_object:fleet-agent-policies/close_point_in_time",
"saved_object:fleet-agent-policies/create",
"saved_object:fleet-agent-policies/bulk_create",
"saved_object:fleet-agent-policies/update",
"saved_object:fleet-agent-policies/bulk_update",
"saved_object:fleet-agent-policies/delete",
"saved_object:fleet-agent-policies/bulk_delete",
"saved_object:fleet-agent-policies/share_to_space",
"saved_object:ingest-package-policies/bulk_get",
"saved_object:ingest-package-policies/get",
"saved_object:ingest-package-policies/find",
Expand All @@ -4005,6 +4041,18 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:ingest-package-policies/delete",
"saved_object:ingest-package-policies/bulk_delete",
"saved_object:ingest-package-policies/share_to_space",
"saved_object:fleet-package-policies/bulk_get",
"saved_object:fleet-package-policies/get",
"saved_object:fleet-package-policies/find",
"saved_object:fleet-package-policies/open_point_in_time",
"saved_object:fleet-package-policies/close_point_in_time",
"saved_object:fleet-package-policies/create",
"saved_object:fleet-package-policies/bulk_create",
"saved_object:fleet-package-policies/update",
"saved_object:fleet-package-policies/bulk_update",
"saved_object:fleet-package-policies/delete",
"saved_object:fleet-package-policies/bulk_delete",
"saved_object:fleet-package-policies/share_to_space",
"saved_object:epm-packages/bulk_get",
"saved_object:epm-packages/get",
"saved_object:epm-packages/find",
Expand Down Expand Up @@ -4305,11 +4353,21 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:ingest-agent-policies/find",
"saved_object:ingest-agent-policies/open_point_in_time",
"saved_object:ingest-agent-policies/close_point_in_time",
"saved_object:fleet-agent-policies/bulk_get",
"saved_object:fleet-agent-policies/get",
"saved_object:fleet-agent-policies/find",
"saved_object:fleet-agent-policies/open_point_in_time",
"saved_object:fleet-agent-policies/close_point_in_time",
"saved_object:ingest-package-policies/bulk_get",
"saved_object:ingest-package-policies/get",
"saved_object:ingest-package-policies/find",
"saved_object:ingest-package-policies/open_point_in_time",
"saved_object:ingest-package-policies/close_point_in_time",
"saved_object:fleet-package-policies/bulk_get",
"saved_object:fleet-package-policies/get",
"saved_object:fleet-package-policies/find",
"saved_object:fleet-package-policies/open_point_in_time",
"saved_object:fleet-package-policies/close_point_in_time",
"saved_object:epm-packages/bulk_get",
"saved_object:epm-packages/get",
"saved_object:epm-packages/find",
Expand Down Expand Up @@ -4457,11 +4515,21 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:ingest-agent-policies/find",
"saved_object:ingest-agent-policies/open_point_in_time",
"saved_object:ingest-agent-policies/close_point_in_time",
"saved_object:fleet-agent-policies/bulk_get",
"saved_object:fleet-agent-policies/get",
"saved_object:fleet-agent-policies/find",
"saved_object:fleet-agent-policies/open_point_in_time",
"saved_object:fleet-agent-policies/close_point_in_time",
"saved_object:ingest-package-policies/bulk_get",
"saved_object:ingest-package-policies/get",
"saved_object:ingest-package-policies/find",
"saved_object:ingest-package-policies/open_point_in_time",
"saved_object:ingest-package-policies/close_point_in_time",
"saved_object:fleet-package-policies/bulk_get",
"saved_object:fleet-package-policies/get",
"saved_object:fleet-package-policies/find",
"saved_object:fleet-package-policies/open_point_in_time",
"saved_object:fleet-package-policies/close_point_in_time",
"saved_object:epm-packages/bulk_get",
"saved_object:epm-packages/get",
"saved_object:epm-packages/find",
Expand Down

0 comments on commit 87786b5

Please sign in to comment.