From 131bdc6119b90699bb2dd231fb190527e412ab3c Mon Sep 17 00:00:00 2001 From: Jill Guyonnet Date: Mon, 25 Nov 2024 12:49:23 +0000 Subject: [PATCH] [Fleet] Handle unavailable spaces in agent policy space selector (#201251) ## Summary Closes https://github.com/elastic/kibana/issues/193827 This PR improves the space selector in agent policy setting to handle the case where the user does not have access to all policy spaces. In this case: * Space selection is disabled * The "Create space" link is hidden * A tooltip is shown to inform the user why the input is disabled * The inaccessible space badges are given an `Unavailable space` badge ### Screenshots For a user with access to all policy spaces (no change): ![Screenshot 2024-11-21 at 17 11 00](https://github.com/user-attachments/assets/79c4fcc5-17d5-4273-912c-07eecfd73715) For a user with access to only a subset of policy spaces: ![Screenshot 2024-11-21 at 17 11 09](https://github.com/user-attachments/assets/19ca162a-7ed6-45fd-8ecc-98e6e085af27) ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Elastic Machine (cherry picked from commit db494181e37a3f3477361fc1c1919fc7ed3a1329) --- .../plugins/fleet/common/constants/index.ts | 1 + .../fleet/common/constants/space_awareness.ts | 11 +++++ .../index.test.tsx | 49 +++++++++++++++++++ .../agent_policy_advanced_fields/index.tsx | 31 +++++++++--- .../components/settings/index.tsx | 13 +++-- .../translations/translations/fr-FR.json | 1 - .../translations/translations/ja-JP.json | 1 - .../translations/translations/zh-CN.json | 1 - 8 files changed, 96 insertions(+), 12 deletions(-) create mode 100644 x-pack/plugins/fleet/common/constants/space_awareness.ts diff --git a/x-pack/plugins/fleet/common/constants/index.ts b/x-pack/plugins/fleet/common/constants/index.ts index 8ebfe005960c4..f51e85f22c526 100644 --- a/x-pack/plugins/fleet/common/constants/index.ts +++ b/x-pack/plugins/fleet/common/constants/index.ts @@ -25,6 +25,7 @@ export * from './message_signing_keys'; export * from './locators'; export * from './secrets'; export * from './uninstall_token'; +export * from './space_awareness'; // TODO: This is the default `index.max_result_window` ES setting, which dictates // the maximum amount of results allowed to be returned from a search. It's possible diff --git a/x-pack/plugins/fleet/common/constants/space_awareness.ts b/x-pack/plugins/fleet/common/constants/space_awareness.ts new file mode 100644 index 0000000000000..c89d0f4cddb00 --- /dev/null +++ b/x-pack/plugins/fleet/common/constants/space_awareness.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/** + * The identifier in a saved object's `namespaces` array when it is shared to an unknown space (e.g., one that the end user is not authorized to see). + */ +export const UNKNOWN_SPACE = '?'; diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.test.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.test.tsx index e404b30a37ced..61846bdbd7e24 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.test.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.test.tsx @@ -18,6 +18,8 @@ import type { AgentPolicy, NewAgentPolicy } from '../../../../../../../common/ty import { useLicense } from '../../../../../../hooks/use_license'; +import { useFleetStatus } from '../../../../hooks'; + import type { LicenseService } from '../../../../../../../common/services'; import { generateNewAgentPolicyWithDefaults } from '../../../../../../../common/services'; @@ -26,8 +28,13 @@ import type { ValidationResults } from '../agent_policy_validation'; import { AgentPolicyAdvancedOptionsContent } from '.'; jest.mock('../../../../../../hooks/use_license'); +jest.mock('../../../../hooks', () => ({ + ...jest.requireActual('../../../../hooks'), + useFleetStatus: jest.fn(), +})); const mockedUseLicence = useLicense as jest.MockedFunction; +const mockedUseFleetStatus = useFleetStatus as jest.MockedFunction; describe('Agent policy advanced options content', () => { let testRender: TestRenderer; @@ -40,6 +47,10 @@ describe('Agent policy advanced options content', () => { hasAtLeast: () => true, isPlatinum: () => true, } as unknown as LicenseService); + const useSpaceAwareness = () => + mockedUseFleetStatus.mockReturnValue({ + isSpaceAwarenessEnabled: true, + } as any); const render = ({ isProtected = false, @@ -47,6 +58,7 @@ describe('Agent policy advanced options content', () => { policyId = 'agent-policy-1', newAgentPolicy = false, packagePolicy = [createPackagePolicyMock()], + spaceIds = ['default'], } = {}) => { if (newAgentPolicy) { mockAgentPolicy = generateNewAgentPolicyWithDefaults(); @@ -56,6 +68,7 @@ describe('Agent policy advanced options content', () => { package_policies: packagePolicy, id: policyId, is_managed: isManaged, + space_ids: spaceIds, }; } @@ -72,6 +85,7 @@ describe('Agent policy advanced options content', () => { }; beforeEach(() => { + mockedUseFleetStatus.mockReturnValue({} as any); testRender = createFleetTestRendererMock(); }); afterEach(() => { @@ -173,4 +187,39 @@ describe('Agent policy advanced options content', () => { expect(renderResult.queryByText('This policy has no custom fields')).toBeInTheDocument(); }); }); + + describe('Space selector', () => { + beforeEach(() => { + usePlatinumLicense(); + }); + + describe('when space awareness is disabled', () => { + it('should not be rendered', () => { + render(); + expect(renderResult.queryByTestId('spaceSelectorInput')).not.toBeInTheDocument(); + }); + }); + + describe('when space awareness is enabled', () => { + beforeEach(() => { + useSpaceAwareness(); + }); + + describe('when the user has access to all policy spaces', () => { + it('should render the space selection input with the Create space link', () => { + render(); + expect(renderResult.queryByTestId('spaceSelectorInput')).toBeInTheDocument(); + expect(renderResult.queryByTestId('spaceSelectorInputLink')).toBeInTheDocument(); + }); + }); + + describe('when the user does not have access to all policy spaces', () => { + it('should render the space selection input without the Create space link', () => { + render({ spaceIds: ['default', '?'] }); + expect(renderResult.queryByTestId('spaceSelectorInput')).toBeInTheDocument(); + expect(renderResult.queryByTestId('spaceSelectorInputLink')).not.toBeInTheDocument(); + }); + }); + }); + }); }); diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx index 305148584f545..b0889f825727f 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/index.tsx @@ -34,6 +34,7 @@ import { LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE, dataTypes, DEFAULT_MAX_AGENT_POLICIES_WITH_INACTIVITY_TIMEOUT, + UNKNOWN_SPACE, } from '../../../../../../../common/constants'; import type { NewAgentPolicy, AgentPolicy } from '../../../../types'; import { @@ -127,7 +128,12 @@ export const AgentPolicyAdvancedOptionsContent: React.FunctionComponent = const isManagedorAgentlessPolicy = agentPolicy.is_managed === true || agentPolicy?.supports_agentless === true; - const agentPolicyFormContect = useAgentPolicyFormContext(); + const userHasAccessToAllPolicySpaces = useMemo( + () => 'space_ids' in agentPolicy && !agentPolicy.space_ids?.includes(UNKNOWN_SPACE), + [agentPolicy] + ); + + const agentPolicyFormContext = useAgentPolicyFormContext(); const AgentTamperProtectionSectionContent = useMemo( () => ( @@ -309,13 +315,14 @@ export const AgentPolicyAdvancedOptionsContent: React.FunctionComponent = description={ = /> ), + tooltip: !userHasAccessToAllPolicySpaces && ( + + ), }} /> } + data-test-subj="spaceSelectorInput" > id !== UNKNOWN_SPACE) : [spaceId || 'default'] } - setInvalidSpaceError={agentPolicyFormContect?.setInvalidSpaceError} + setInvalidSpaceError={agentPolicyFormContext?.setInvalidSpaceError} onChange={(newValue) => { if (newValue.length === 0) { return; diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/details_page/components/settings/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/details_page/components/settings/index.tsx index 91cd710db4343..c2f69efd8e916 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/details_page/components/settings/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/details_page/components/settings/index.tsx @@ -39,13 +39,13 @@ import { import { DevtoolsRequestFlyoutButton } from '../../../../../components'; import { ExperimentalFeaturesService } from '../../../../../services'; import { generateUpdateAgentPolicyDevToolsRequest } from '../../../services'; +import { UNKNOWN_SPACE } from '../../../../../../../../common/constants'; -const pickAgentPolicyKeysToSend = (agentPolicy: AgentPolicy) => - pick(agentPolicy, [ +const pickAgentPolicyKeysToSend = (agentPolicy: AgentPolicy) => { + const partialPolicy = pick(agentPolicy, [ 'name', 'description', 'namespace', - 'space_ids', 'monitoring_enabled', 'unenroll_timeout', 'inactivity_timeout', @@ -61,6 +61,13 @@ const pickAgentPolicyKeysToSend = (agentPolicy: AgentPolicy) => 'monitoring_http', 'monitoring_diagnostics', ]); + return { + ...partialPolicy, + ...(!agentPolicy.space_ids?.includes(UNKNOWN_SPACE) && { + space_ids: agentPolicy.space_ids, + }), + }; +}; const FormWrapper = styled.div` max-width: 1200px; diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index fdd5704dc9cd8..b02c8a10570c6 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -20508,7 +20508,6 @@ "xpack.fleet.agentPolicyForm.newAgentPolicyFieldLabel": "Nouveau nom de la stratégie d'agent", "xpack.fleet.agentPolicyForm.outputOptionDisabledTypeNotSupportedText": "La sortie {outputType} pour l'intégration des agents n'est pas prise en charge pour Fleet Server, Synthetics ou APM.", "xpack.fleet.agentPolicyForm.outputOptionDisableOutputTypeText": "La sortie {outputType} pour l'intégration des agents n'est pas prise en charge pour Fleet Server, Synthetics ou APM.", - "xpack.fleet.agentPolicyForm.spaceDescription": "Sélectionnez un ou plusieurs espaces pour cette politique ou créez un nouvel espace. {link}", "xpack.fleet.agentPolicyForm.spaceFieldLabel": "Espaces", "xpack.fleet.agentPolicyForm.systemMonitoringText": "Collecte des logs et des mesures du système", "xpack.fleet.agentPolicyForm.systemMonitoringTooltipText": "Cela ajoutera également une intégration {system} pour collecter les logs et les indicateurs du système.", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 4b8a0448f4285..8ae007a0c2b73 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -20477,7 +20477,6 @@ "xpack.fleet.agentPolicyForm.newAgentPolicyFieldLabel": "新しいエージェントポリシー名", "xpack.fleet.agentPolicyForm.outputOptionDisabledTypeNotSupportedText": "Fleet Server、Synthetics、APMではエージェント統合の{outputType}出力はサポートされていません。", "xpack.fleet.agentPolicyForm.outputOptionDisableOutputTypeText": "Fleet Server、Synthetics、APMではエージェント統合の{outputType}出力はサポートされていません。", - "xpack.fleet.agentPolicyForm.spaceDescription": "このポリシーに1つ以上のスペースを選択するか、新しいスペースを作成します。{link}", "xpack.fleet.agentPolicyForm.spaceFieldLabel": "スペース", "xpack.fleet.agentPolicyForm.systemMonitoringText": "システムログとメトリックの収集", "xpack.fleet.agentPolicyForm.systemMonitoringTooltipText": "これにより、{system}統合も追加され、システムログとメトリックを収集します。", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 2798a19c1755d..ed09aafd26d3a 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -20527,7 +20527,6 @@ "xpack.fleet.agentPolicyForm.newAgentPolicyFieldLabel": "新代理策略名称", "xpack.fleet.agentPolicyForm.outputOptionDisabledTypeNotSupportedText": "Fleet 服务器、Synthetics 或 APM 不支持代理集成的 {outputType} 输出。", "xpack.fleet.agentPolicyForm.outputOptionDisableOutputTypeText": "Fleet 服务器、Synthetics 或 APM 不支持代理集成的 {outputType} 输出。", - "xpack.fleet.agentPolicyForm.spaceDescription": "为此策略选择一个或多个工作区,或创建新工作区。{link}", "xpack.fleet.agentPolicyForm.spaceFieldLabel": "工作区", "xpack.fleet.agentPolicyForm.systemMonitoringText": "收集系统日志和指标", "xpack.fleet.agentPolicyForm.systemMonitoringTooltipText": "这还会添加 {system} 集成以收集系统日志和指标。",