From d9fb4147720b8439a452e23653578e9ab982ad38 Mon Sep 17 00:00:00 2001 From: Irene Blanco Date: Thu, 10 Oct 2024 14:32:37 +0200 Subject: [PATCH] [Inventory] Check permissions before registering the Inventory plugin in observabilityShared navigation (#195557) ## Summary Fixes https://github.com/elastic/kibana/issues/195360 and https://github.com/elastic/kibana/issues/195560 This PR fixes a bug where the Inventory plugin is improperly registered in the ObservabilityShared navigation, even in spaces that lack the required permissions or for user roles that don't have permissions. As a result, the Inventory link appears in the navigation whenever the space/user has access to any other Observability plugin. ### Space permissions #### Before |Space config|ObservabilityShared navigation| |-|-| |![Image](https://github.com/user-attachments/assets/53f51d01-faae-4795-b84b-da636a2e46d3)|![Image](https://github.com/user-attachments/assets/d6c98df5-6975-4e95-be24-7e53e6e1ee02)| ##### After |Space config|ObservabilityShared navigation| |-|-| |![Screenshot 2024-10-09 at 11 47 34](https://github.com/user-attachments/assets/2f5be4c0-4f32-4103-b43a-059e435f730c)|![Screenshot 2024-10-09 at 11 47 12](https://github.com/user-attachments/assets/9dce6095-0a65-4c1d-973f-8a96c330fd08)| |![Screenshot 2024-10-09 at 11 47 59](https://github.com/user-attachments/assets/f697e646-c034-41d8-b546-925ba4c9fb3a)|![Screenshot 2024-10-09 at 11 48 09](https://github.com/user-attachments/assets/200cf3d3-b7a3-4a42-84ec-48dcf563ad37)| ### User permissions #### Before |Role config|ObservabilityShared navigation| |-|-| |![Image](https://github.com/user-attachments/assets/74e52c43-0da9-4878-813d-049c1f9f2f83)|![Image](https://github.com/user-attachments/assets/4ffb48a9-81f0-48bd-9156-a98e3361c279)| #### After |Role config|ObservabilityShared navigation| |-|-| |![Image](https://github.com/user-attachments/assets/74e52c43-0da9-4878-813d-049c1f9f2f83)|Screenshot 2024-10-09 at 12 52 48| (cherry picked from commit 7927ebf2a6e3bc459acb6d3217cb87ba8f837e09) --- .../.storybook/get_mock_inventory_context.tsx | 2 + .../inventory/kibana.jsonc | 2 +- .../inventory/public/plugin.ts | 75 ++++++++++++------- .../inventory/public/types.ts | 2 + .../inventory/tsconfig.json | 3 +- 5 files changed, 54 insertions(+), 30 deletions(-) diff --git a/x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx b/x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx index 51aaeebc655f2..d90ce08aab1c6 100644 --- a/x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx +++ b/x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx @@ -13,6 +13,7 @@ import type { InferencePublicStart } from '@kbn/inference-plugin/public'; import type { ObservabilitySharedPluginStart } from '@kbn/observability-shared-plugin/public'; import type { UnifiedSearchPublicPluginStart } from '@kbn/unified-search-plugin/public'; import type { SharePluginStart } from '@kbn/share-plugin/public'; +import type { SpacesPluginStart } from '@kbn/spaces-plugin/public'; import type { InventoryKibanaContext } from '../public/hooks/use_kibana'; import type { ITelemetryClient } from '../public/services/telemetry/types'; @@ -33,5 +34,6 @@ export function getMockInventoryContext(): InventoryKibanaContext { fetch: jest.fn(), stream: jest.fn(), }, + spaces: {} as unknown as SpacesPluginStart, }; } diff --git a/x-pack/plugins/observability_solution/inventory/kibana.jsonc b/x-pack/plugins/observability_solution/inventory/kibana.jsonc index f60cf36183b24..28556c7bcc583 100644 --- a/x-pack/plugins/observability_solution/inventory/kibana.jsonc +++ b/x-pack/plugins/observability_solution/inventory/kibana.jsonc @@ -19,7 +19,7 @@ "share" ], "requiredBundles": ["kibanaReact"], - "optionalPlugins": [], + "optionalPlugins": ["spaces"], "extraPublicDirs": [] } } diff --git a/x-pack/plugins/observability_solution/inventory/public/plugin.ts b/x-pack/plugins/observability_solution/inventory/public/plugin.ts index c02a57b45f691..30e3a1eed3681 100644 --- a/x-pack/plugins/observability_solution/inventory/public/plugin.ts +++ b/x-pack/plugins/observability_solution/inventory/public/plugin.ts @@ -17,7 +17,7 @@ import { import { INVENTORY_APP_ID } from '@kbn/deeplinks-observability/constants'; import { i18n } from '@kbn/i18n'; import type { Logger } from '@kbn/logging'; -import { from, map } from 'rxjs'; +import { from, map, mergeMap, of } from 'rxjs'; import { createCallInventoryAPI } from './api'; import { TelemetryService } from './services/telemetry/telemetry_service'; import { InventoryServices } from './services/types'; @@ -54,34 +54,53 @@ export class InventoryPlugin 'observability:entityCentricExperience', true ); + const getStartServices = coreSetup.getStartServices(); - if (isEntityCentricExperienceSettingEnabled) { - pluginsSetup.observabilityShared.navigation.registerSections( - from(coreSetup.getStartServices()).pipe( - map(([coreStart, pluginsStart]) => { - return [ - { - label: '', - sortKey: 300, - entries: [ - { - label: i18n.translate('xpack.inventory.inventoryLinkTitle', { - defaultMessage: 'Inventory', - }), - app: INVENTORY_APP_ID, - path: '/', - matchPath(currentPath: string) { - return ['/', ''].some((testPath) => currentPath.startsWith(testPath)); - }, - isTechnicalPreview: true, + const hideInventory$ = from(getStartServices).pipe( + mergeMap(([coreStart, pluginsStart]) => { + if (pluginsStart.spaces) { + return from(pluginsStart.spaces.getActiveSpace()).pipe( + map( + (space) => + space.disabledFeatures.includes(INVENTORY_APP_ID) || + !coreStart.application.capabilities.inventory.show + ) + ); + } + + return of(!coreStart.application.capabilities.inventory.show); + }) + ); + + const sections$ = hideInventory$.pipe( + map((hideInventory) => { + if (isEntityCentricExperienceSettingEnabled && !hideInventory) { + return [ + { + label: '', + sortKey: 300, + entries: [ + { + label: i18n.translate('xpack.inventory.inventoryLinkTitle', { + defaultMessage: 'Inventory', + }), + app: INVENTORY_APP_ID, + path: '/', + matchPath(currentPath: string) { + return ['/', ''].some((testPath) => currentPath.startsWith(testPath)); }, - ], - }, - ]; - }) - ) - ); - } + isTechnicalPreview: true, + }, + ], + }, + ]; + } + return []; + }) + ); + + pluginsSetup.observabilityShared.navigation.registerSections(sections$); + this.telemetry.setup({ analytics: coreSetup.analytics }); const telemetry = this.telemetry.start(); @@ -102,7 +121,7 @@ export class InventoryPlugin // Load application bundle and Get start services const [{ renderApp }, [coreStart, pluginsStart]] = await Promise.all([ import('./application'), - coreSetup.getStartServices(), + getStartServices, ]); const services: InventoryServices = { diff --git a/x-pack/plugins/observability_solution/inventory/public/types.ts b/x-pack/plugins/observability_solution/inventory/public/types.ts index 2393b1b55e2b6..48fe7e7eed1c7 100644 --- a/x-pack/plugins/observability_solution/inventory/public/types.ts +++ b/x-pack/plugins/observability_solution/inventory/public/types.ts @@ -17,6 +17,7 @@ import type { SharePluginSetup, SharePluginStart } from '@kbn/share-plugin/publi import type { UnifiedSearchPublicPluginStart } from '@kbn/unified-search-plugin/public'; import type { DataViewsPublicPluginStart } from '@kbn/data-views-plugin/public'; import type { DataPublicPluginSetup, DataPublicPluginStart } from '@kbn/data-plugin/public'; +import type { SpacesPluginStart } from '@kbn/spaces-plugin/public'; /* eslint-disable @typescript-eslint/no-empty-interface*/ @@ -38,6 +39,7 @@ export interface InventoryStartDependencies { data: DataPublicPluginStart; entityManager: EntityManagerPublicPluginStart; share: SharePluginStart; + spaces?: SpacesPluginStart; } export interface InventoryPublicSetup {} diff --git a/x-pack/plugins/observability_solution/inventory/tsconfig.json b/x-pack/plugins/observability_solution/inventory/tsconfig.json index 54fcfe7e3a11f..20b5e2e37232a 100644 --- a/x-pack/plugins/observability_solution/inventory/tsconfig.json +++ b/x-pack/plugins/observability_solution/inventory/tsconfig.json @@ -45,6 +45,7 @@ "@kbn/config-schema", "@kbn/elastic-agent-utils", "@kbn/custom-icons", - "@kbn/ui-theme" + "@kbn/ui-theme", + "@kbn/spaces-plugin" ] }