Skip to content

Commit

Permalink
[8.x] [Docs] Update feature privilege docs to reflect new route autho…
Browse files Browse the repository at this point in the history
…rization (#201017) (#201042)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Docs] Update feature privilege docs to reflect new route
authorization (#201017)](#201017)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"Sid","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-20T20:52:58Z","message":"[Docs]
Update feature privilege docs to reflect new route authorization
(#201017)\n\n## Summary\r\n\r\nUpdates developer documentation on
Feature privileges to reflect changes\r\nto Route
Authorization.\r\n\r\n\r\n### Screenshots\r\nBefore\r\n<img
width=\"400\" alt=\"Screenshot 2024-11-20 at 18 52
02\"\r\nsrc=\"https://github.com/user-attachments/assets/0bb01bd0-e41a-48ee-bcaf-bd4119037f1b\">\r\n\r\nAfter\r\n<img
width=\"400\" alt=\"Screenshot 2024-11-20 at 18 49
26\"\r\nsrc=\"https://github.com/user-attachments/assets/2d5712ce-c277-4ecd-831e-750df8309933\">\r\n\r\n\r\n###
Checklist\r\n\r\nCheck the PR satisfies following conditions.
\r\n\r\nReviewers should verify this PR satisfies this list as
well.\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or
tutorials","sha":"4ffdb35b14c1a19cf0ade972b198a6e6e7f06ba5","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","v9.0.0","docs","DevDocs","backport:prev-minor","v8.17.0"],"title":"[Docs]
Update feature privilege docs to reflect new route
authorization","number":201017,"url":"https://github.com/elastic/kibana/pull/201017","mergeCommit":{"message":"[Docs]
Update feature privilege docs to reflect new route authorization
(#201017)\n\n## Summary\r\n\r\nUpdates developer documentation on
Feature privileges to reflect changes\r\nto Route
Authorization.\r\n\r\n\r\n### Screenshots\r\nBefore\r\n<img
width=\"400\" alt=\"Screenshot 2024-11-20 at 18 52
02\"\r\nsrc=\"https://github.com/user-attachments/assets/0bb01bd0-e41a-48ee-bcaf-bd4119037f1b\">\r\n\r\nAfter\r\n<img
width=\"400\" alt=\"Screenshot 2024-11-20 at 18 49
26\"\r\nsrc=\"https://github.com/user-attachments/assets/2d5712ce-c277-4ecd-831e-750df8309933\">\r\n\r\n\r\n###
Checklist\r\n\r\nCheck the PR satisfies following conditions.
\r\n\r\nReviewers should verify this PR satisfies this list as
well.\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or
tutorials","sha":"4ffdb35b14c1a19cf0ade972b198a6e6e7f06ba5"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/201017","number":201017,"mergeCommit":{"message":"[Docs]
Update feature privilege docs to reflect new route authorization
(#201017)\n\n## Summary\r\n\r\nUpdates developer documentation on
Feature privileges to reflect changes\r\nto Route
Authorization.\r\n\r\n\r\n### Screenshots\r\nBefore\r\n<img
width=\"400\" alt=\"Screenshot 2024-11-20 at 18 52
02\"\r\nsrc=\"https://github.com/user-attachments/assets/0bb01bd0-e41a-48ee-bcaf-bd4119037f1b\">\r\n\r\nAfter\r\n<img
width=\"400\" alt=\"Screenshot 2024-11-20 at 18 49
26\"\r\nsrc=\"https://github.com/user-attachments/assets/2d5712ce-c277-4ecd-831e-750df8309933\">\r\n\r\n\r\n###
Checklist\r\n\r\nCheck the PR satisfies following conditions.
\r\n\r\nReviewers should verify this PR satisfies this list as
well.\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or
tutorials","sha":"4ffdb35b14c1a19cf0ade972b198a6e6e7f06ba5"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Sid <[email protected]>
  • Loading branch information
kibanamachine and SiddharthMantri authored Nov 20, 2024
1 parent 29209cb commit ab77df1
Showing 1 changed file with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions dev_docs/key_concepts/feature_privileges.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -179,8 +179,10 @@ public setup(core: CoreSetup, deps: FeatureControlExampleDeps) {
{
path: '/internal/my_plugin/sensitive_action',
validate: false,
options: {
tags: ['access:my_closed_example_api'],
security: {
authz: {
requiredPrivileges: ['my_closed_example_api']
}
},
},
async (context, request, response) => {
Expand All @@ -193,8 +195,11 @@ public setup(core: CoreSetup, deps: FeatureControlExampleDeps) {
);
}
```
<DocCallOut>
For more information on the `security.authz` object and API authorization, please refer to our guide on <DocLink id="kibDevDocsSecurityAPIAuthorization" text="Configuring authorization on routes"/>
</DocCallOut>

Notice, we've added an `options.tags` property for the API route that returns sensitive information. This tag is then used in the privileges object as follow
Notice, we've added a `security.authz.requiredPrivileges` property for the API route that returns sensitive information. This added configuration is then used in the privileges object as follow

```ts
{
Expand Down Expand Up @@ -347,7 +352,6 @@ A deep dive into every option for the Kibana Feature configuration and what they
}
```


### FeatureKibanaPrivileges Interface

#### excludeFromBasePrivileges (optional)
Expand Down

0 comments on commit ab77df1

Please sign in to comment.