diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/__snapshots__/index_privilege_form.test.tsx.snap b/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/__snapshots__/index_privilege_form.test.tsx.snap
index d23a6da13a3b..4dd032f15e8d 100644
--- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/__snapshots__/index_privilege_form.test.tsx.snap
+++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/__snapshots__/index_privilege_form.test.tsx.snap
@@ -65,6 +65,7 @@ exports[`it renders without crashing 1`] = `
isClearable={true}
isDisabled={false}
onChange={[Function]}
+ onCreateOption={[Function]}
options={
Array [
Object {
diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/index_privilege_form.test.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/index_privilege_form.test.tsx
index 889b72d0b65d..f5eb2eadf8c5 100644
--- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/index_privilege_form.test.tsx
+++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/index_privilege_form.test.tsx
@@ -36,6 +36,40 @@ test('it renders without crashing', () => {
expect(wrapper).toMatchSnapshot();
});
+test('it allows for custom index privileges', () => {
+ const props = {
+ indexPrivilege: {
+ names: ['foo'],
+ privileges: ['existing-custom', 'read'],
+ query: '',
+ field_security: {
+ grant: [],
+ },
+ },
+ formIndex: 0,
+ indexPatterns: [],
+ availableFields: [],
+ availableIndexPrivileges: ['all', 'read', 'write', 'index'],
+ isRoleReadOnly: false,
+ allowDocumentLevelSecurity: true,
+ allowFieldLevelSecurity: true,
+ validator: new RoleValidator(),
+ onChange: jest.fn(),
+ onDelete: jest.fn(),
+ intl: {} as any,
+ };
+
+ const wrapper = mountWithIntl();
+
+ const indexPrivsSelect = wrapper.find('EuiComboBox[data-test-subj="privilegesInput0"]');
+
+ (indexPrivsSelect.props() as any).onCreateOption('custom-index-privilege');
+
+ expect(props.onChange).toHaveBeenCalledWith(
+ expect.objectContaining({ privileges: ['existing-custom', 'read', 'custom-index-privilege'] })
+ );
+});
+
describe('delete button', () => {
const props = {
indexPrivilege: {
diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/index_privilege_form.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/index_privilege_form.tsx
index ed5ade0d23bf..19a17daf0792 100644
--- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/index_privilege_form.tsx
+++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/es/index_privilege_form.tsx
@@ -128,6 +128,7 @@ export class IndexPrivilegeForm extends Component {
options={this.props.availableIndexPrivileges.map(toOption)}
selectedOptions={this.props.indexPrivilege.privileges.map(toOption)}
onChange={this.onPrivilegeChange}
+ onCreateOption={this.onCreateCustomPrivilege}
isDisabled={this.props.isRoleReadOnly}
/>
@@ -390,6 +391,13 @@ export class IndexPrivilegeForm extends Component {
});
};
+ private onCreateCustomPrivilege = (customPrivilege: string) => {
+ this.props.onChange({
+ ...this.props.indexPrivilege,
+ privileges: [...this.props.indexPrivilege.privileges, customPrivilege],
+ });
+ };
+
private onQueryChange = (e: ChangeEvent) => {
this.props.onChange({
...this.props.indexPrivilege,