* [ML] Update file data visualizer permissions
* adding home bundle
* fixing translations
* removing home from bundles
* switching to current user for analysis
* adding find structure permission check
* clean up
* updating text
* updating maps
* removing has_find_file_structure_permission endpoint
* removing more code
* adding permission error message
* renaming variable
* adding fileUpload:analyzeFile back into ML
* updating error text
* updating snapshots
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Adding feature flag for auth
* Hiding SOs and adding consumer field
* First pass at adding security changes
* Consumer as the app's plugin ID
* Create addConsumerToSO migration helper
* Fix mapping's SO consumer
* Add test for CasesActions
* Declare hidden types on SO client
* Restructure integration tests
* Init spaces_only integration tests
* Implementing the cases security string
* Adding security plugin tests for cases
* Rough concept for authorization class
* Adding comments
* Fix merge
* Get requiredPrivileges for classes
* Check privillages
* Ensure that all classes are available
* Success if hasAllRequested is true
* Failure if hasAllRequested is false
* Adding schema updates for feature plugin
* Seperate basic from trial
* Enable SIR on integration tests
* Starting the plumbing for authorization in plugin
* Unit tests working
* Move find route logic to case client
* Create integration test helper functions
* Adding auth to create call
* Create getClassFilter helper
* Add class attribute to find request
* Create getFindAuthorizationFilter
* Ensure savedObject is authorized in find method
* Include fields for authorization
* Combine authorization filter with cases & subcases filter
* Fix isAuthorized flag
* Fix merge issue
* Create/delete spaces & users before and after tests
* Add more user and roles
* [Cases] Convert filters from strings to KueryNode (#95288)
* [Cases] RBAC: Rename class to scope (#95535)
* [Cases][RBAC] Rename scope to owner (#96035)
* [Cases] RBAC: Create & Find integration tests (#95511)
* [Cases] Cases client enchantment (#95923)
* [Cases] Authorization and Client Audit Logger (#95477)
* Starting audit logger
* Finishing auth audit logger
* Fixing tests and types
* Adding audit event creator
* Renaming class to scope
* Adding audit logger messages to create and find
* Adding comments and fixing import issue
* Fixing type errors
* Fixing tests and adding username to message
* Addressing PR feedback
* Removing unneccessary log and generating id
* Fixing module issue and remove expect.anything
* [Cases] Migrate sub cases routes to a client (#96461)
* Adding sub cases client
* Move sub case routes to case client
* Throw when attempting to access the sub cases client
* Fixing throw and removing user ans soclients
* [Cases] RBAC: Migrate routes' unit tests to integration tests (#96374)
Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>
* [Cases] Move remaining HTTP functionality to client (#96507)
* Moving deletes and find for attachments
* Moving rest of comment apis
* Migrating configuration routes to client
* Finished moving routes, starting utils refactor
* Refactoring utilites and fixing integration tests
* Addressing PR feedback
* Fixing mocks and types
* Fixing integration tests
* Renaming status_stats
* Fixing test type errors
* Adding plugins to kibana.json
* Adding cases to required plugin
* [Cases] Refactoring authorization (#97483)
* Refactoring authorization
* Wrapping auth calls in helper for try catch
* Reverting name change
* Hardcoding the saved object types
* Switching ensure to owner array
* [Cases] Add authorization to configuration & cases routes (#97228)
* [Cases] Attachments RBAC (#97756)
* Starting rbac for comments
* Adding authorization to rest of comment apis
* Starting the comment rbac tests
* Fixing some of the rbac tests
* Adding some integration tests
* Starting patch tests
* Working tests for comments
* Working tests
* Fixing some tests
* Fixing type issues from pulling in master
* Fixing connector tests that only work in trial license
* Attempting to fix cypress
* Mock return of array for configure
* Fixing cypress test
* Cleaning up
* Addressing PR comments
* Reducing operations
* [Cases] Add RBAC to remaining Cases APIs (#98762)
* Starting rbac for comments
* Adding authorization to rest of comment apis
* Starting the comment rbac tests
* Fixing some of the rbac tests
* Adding some integration tests
* Starting patch tests
* Working tests for comments
* Working tests
* Fixing some tests
* Fixing type issues from pulling in master
* Fixing connector tests that only work in trial license
* Attempting to fix cypress
* Mock return of array for configure
* Fixing cypress test
* Cleaning up
* Working case update tests
* Addressing PR comments
* Reducing operations
* Working rbac push case tests
* Starting stats apis
* Working status tests
* User action tests and fixing migration errors
* Fixing type errors
* including error in message
* Addressing pr feedback
* Fixing some type errors
* [Cases] Add space only tests (#99409)
* Starting spaces tests
* Finishing space only tests
* Refactoring createCaseWithConnector
* Fixing spelling
* Addressing PR feedback and creating alert tests
* Fixing mocks
* [Cases] Add security only tests (#99679)
* Starting spaces tests
* Finishing space only tests
* Refactoring createCaseWithConnector
* Fixing spelling
* Addressing PR feedback and creating alert tests
* Fixing mocks
* Starting security only tests
* Adding remainder security only tests
* Using helper objects
* Fixing type error for null space
* Renaming utility variables
* Refactoring users and roles for security only tests
* Adding sub feature
* [Cases] Cleaning up the services and TODOs (#99723)
* Cleaning up the service intialization
* Fixing type errors
* Adding comments for the api
* Working test for cases client
* Fix type error
* Adding generated docs
* Adding more docs and cleaning up types
* Cleaning up readme
* More clean up and links
* Changing some file names
* Renaming docs
* Integration tests for cases privs and fixes (#100038)
* [Cases] RBAC on UI (#99478)
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Fixing case ids by alert id route call
* [Cases] Fixing UI feature permissions and adding UI tests (#100074)
* Integration tests for cases privs and fixes
* Fixing ui cases permissions and adding tests
* Adding test for collection failure and fixing jest
* Renaming variables
* Fixing type error
* Adding some comments
* Validate cases features
* Fix new schema
* Adding owner param for the status stats
* Fix get case status tests
* Adjusting permissions text and fixing status
* Address PR feedback
* Adding top level feature back
* Fixing feature privileges
* Renaming
* Removing uneeded else
* Fixing tests and adding cases merge tests
* [Cases][Security Solution] Basic license security solution API tests (#100925)
* Cleaning up the fixture plugins
* Adding basic feature test
* renaming to unsecuredSavedObjectsClient (#101215)
* [Cases] RBAC Refactoring audit logging (#100952)
* Refactoring audit logging
* Adding unit tests for authorization classes
* Addressing feedback and adding util tests
* return undefined on empty array
* fixing eslint
* [Cases] Cleaning up RBAC integration tests (#101324)
* Adding tests for space permissions
* Adding tests for testing a disable feature
Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* WIP - creating alerting authorization client factory and exposing authorization client on plugin start contract
* Updating alerting feature privilege builder to handle different alerting types
* Passing in alerting authorization type to AlertingActions class string builder
* Passing in authorization type in each function call
* Passing in exempt consumer ids. Adding authorization type to audit logger
* Changing alertType to ruleType
* Changing alertType to ruleType
* Updating unit tests
* Updating unit tests
* Passing field names into authorization query builder. Adding kql/es dsl option
* Converting to es query if requested
* Fixing functional tests
* Removing ability to specify feature privilege name in constructor
* Fixing some types and tests
* Consolidating alerting authorization kuery filter options
* Cleanup and tests
* Cleanup and tests
* Initial commit with changes needed for subfeature privilege
* Throwing error when AlertingAuthorizationClientFactory is not defined
* Renaming authorizationType to entity
* Renaming AlertsAuthorization to AlertingAuthorization
* Fixing unit tests
* Changing schema of alerting feature privilege
* Changing schema of alerting feature privilege
* Updating feature privilege iterator
* Updating feature privilege builder
* Fixing types check
* Updating privilege string terminology
* Updating privilege string terminology
* Wip
* Fixing unit tests
* Unit tests
* Updating README and removing stack subfeature privilege changes
* Fixing README
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* add a link for issue to remove circular deps
* features: migrate from joi to config-schema
* update tests
* migrate home tutorials to config-schema
* migrate home dataset validation to config schema
* remove unnecessary type. we cannot guarantee this is a valid SO
* address Pierres comments
* Adding importableAndExportable but hidden saved object types to saved object feature privilege
* Adding helper function for transforming rule for export. Added audit logging
* Adding helper function for transforming rule for export. Added audit logging
* Adding unit test for transforming rules for export
* Exporting connectors
* Removing auditing during export
* Adding import/export to docs
* PR fixes
* Using action type validation onExport
* Fixing logic for connectors with optional secrets
* Fixing logic for connectors with optional secrets
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* first pass
* migrate more plugins
* migrate yet more plugins
* more oss plugins
* fix test file
* change Plugin signature on the client-side too
* fix test types
* migrate OSS client-side plugins
* migrate OSS client-side test plugins
* migrate xpack client-side plugins
* revert fix attempt on fleet plugin
* fix presentation start signature
* fix yet another signature
* add warnings for server-side async plugins in dev mode
* remove unused import
* fix isPromise
* Add client-side deprecations
* update migration examples
* update generated doc
* fix xpack unit tests
* nit
* (will be reverted) explicitly await for license to be ready in the auth hook
* Revert "(will be reverted) explicitly await for license to be ready in the auth hook"
This reverts commit fdf73feb
* restore await on on promise contracts
* Revert "(will be reverted) explicitly await for license to be ready in the auth hook"
This reverts commit fdf73feb
* Revert "restore await on on promise contracts"
This reverts commit c5f2fe51
* add delay before starting tests in FTR
* update deprecation ts doc
* add explicit contract for monitoring setup
* migrate monitoring plugin to sync
* change plugin timeout to 10sec
* use delay instead of silence
* Rename Background Sessions to Search Sessions (with a send to background action)
* doc
* doc
* jest fun
* rename rfc
* translations
* update so name in features
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Use filter to bulk find
* Update x-pack/plugins/data_enhanced/server/search/session/session_service.ts
Co-authored-by: Lukas Olson <olson.lukas@gmail.com>
* Dashboard in space test
* Add warning on update failure
* fix merge
* Added functional test for sessions in space
* snapshot
* test cleanup
* sub perms
* test snapshots
* Update tests
* test
* code review
* snap
* Added discover test
* Update x-pack/plugins/data_enhanced/public/search/ui/connected_background_session_indicator/connected_background_session_indicator.tsx
Co-authored-by: Anton Dosov <dosantappdev@gmail.com>
Co-authored-by: Lukas Olson <olson.lukas@gmail.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Anton Dosov <dosantappdev@gmail.com>
* create xpack plugin skeleton, start to implement management section
* add tag creation modal
* first implementation of the tags table
* use InMemoryTable
* add edit modal and delete action
* update plugin list
* add tag list, fix types
* add capabilities check on client-side
* add tag combo box component
* add missing i18n keys
* fix privilege FTR tests
* add base structure for FTR tests
* fix feature ftr test
* use string literals for i18n
* create savedObjectsTaggingOss plugin, move API types to oss plugin, start to wire to SO management page.
* update plugin list
* fix types
* allow to use `_find` with multiple references
* add FTR test for _find API on references fields
* add _find integration tests
* update generated doc
* start to implement tag filtering on SO management section
* update generated docs
* wire tagging API to dashboard listing page
* fix i18n namespace
* fix type & tests
* update dashboard listing snapshots
* adapt FTR listingTable service to search for parsable queries
* wite tagging API to visualize listing
* update tagging plugin limits
* add server-side and client-side validation for tag create/edit
* rename title field to name
* fix types
* fix types bis
* add removeReferencesTo API to SOR/SOC
* update generated doc
* add server-side unit test for `savedObjectsTagging` plugin
* move tagging API types to its own file
* add savedObjectsTaggingOss mock
* add tags_cache tests
* add tests for client-side tag client
* extract uiApi to distinct files
* various API improvements
* add more tests
* add link between tag and so management sections + add connection counts
* add base functional test suite for tagging
* add more FTR tests
* improve feature control func test
* update codeowners
* update generated doc
* fix access to proxy modal
* adapt SO save modal to allow to add tag field
* add SO decorator registry and tag implementation
* add unit tests for SO tag decorator
* add functional tests for visualize integration
* add tag SO read permission for vis/dash feature
* add RBAC api integ tests
* add API integration tests
* add test for getTagConnectionsUrl
* add SOM test suite
* add dashboard integration suite
* remove test line
* add missing unit tests
* improve API types doc
* fix create modal save button label
* remove console.log
* improve doc
* self review
* add refresh interval for tag cache
* improve page object doc
* minor cleanup
* address review comments
* small layout fixes
* add initial focus
* use lazy accessor for tag request handler context
* adapt SOM export and export route to handle references
* remove icon from feature config due to master changes
* fix SO table tests
* update generated docs
* sort tags by name in filter dropdown and listing component
* wire SO tagging to dashboard save modal
* fix types
* - add 'create tag' action in tag selector
- add notifications on update/create/delete from management
- delete modal wording
* add description max length validation
* remove real-time validation
* fix i18n bundle id
* update expected size of savedObjectsTagging plugin
* use own useIfMounted
* update limit again, contract components cannot be lazy loaded atm.
* math is hard
* remove single usage of lodash for bundle size
* add async imports for create/edit modal
* add FTR test for 'create tag' action from tag selector
* allow 'create new' option to prepopulate name field
* extract savedObjectToTag
* add advancedSettings read user for security api_integ suite
* add audit login for security client wrapper
* use import type when possible
* wire SO tagging to lens visualization
* fix lens jest test
* Fix `create tag` option being selected when closing the selector dropdown
* add sorting to tag column from getTableColumnDef
* address some of restrry comments
* rename tag selector's setSelected option to onTagsSelected
* fix audit logging even type for saved_object_remove_references
* update plugin size limit to current size
* adapt maxlength validation wording
* remove selection column until we have batch action menu
* remove connections link when user lack read privilege to savedObjectManagement
* forbid registering multiple SO decorators with the same priority
* add so decorator test
* extract getTagFindReferences and create API mock
* update audit-logging ascidoc
* doc nit
* throw conflict error if update returns any failure
* use refresh=true as default
* wording nits
* export: rename `references` to `hasReference`
* update generated doc
* set description max length to 100
* do not initialize tag cache on anonymous pages
* split fetchObjectsToExport into two distinct functions
* change tag client `delete` call order
* tsdoc nits
* more nits
* add README for oss plugin
* add oss plugin start tests
* SavedObject.find: rename `references` to `hasReference`
* change section description label
* remove url prefix constants
* last nits and comments
* update generated doc
* Grouped features for space management
* Apply suggestions from code review
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
* Address PR Feedback
* docs changes
* updating types/docs
* update APM feature name
* Reintroduce extraAction following EUI update
* change ordering of infra features, and render callout for management category
Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
This PR adds _Role Based Access-Control_ to the Alerting framework & Actions feature using Kibana Feature Controls, addressing most of the Meta issue: https://github.com/elastic/kibana/issues/43994
This also closes https://github.com/elastic/kibana/issues/62438
This PR includes the following:
1. Adds `alerting` specific Security Actions (not to be confused with Alerting Actions) to the `security` plugin which allows us to assign alerting specific privileges to users of other plugins using the `features` plugin.
2. Removes the security wrapper from the savedObjectsClient in AlertsClient and instead plugs in the new AlertsAuthorization which performs the privilege checks on each api call made to the AlertsClient.
3. Adds privileges in each plugin that is already using the Alerting Framework which mirror (as closely as possible) the existing api-level tag-based privileges and plugs them into the AlertsClient.
4. Adds feature granted privileges arounds Actions (by relying on Saved Object privileges under the hood) and plugs them into the ActionsClient
5. Removes the legacy api-level tag-based privilege system from both the Alerts and Action HTTP APIs
* chore(NA): upgrade oss to lodash4
chore(NA): migrate cli, cli_plugin, cli_keystore, dev, test_utils and apm src script to lodash4
chore(NA): missing file for cli plugin
chore(NA): add src core
chore(NA): es archiver and fixtures
chore(NA): try to fix functional test failure
chore(NA): migrate src/legacy entirely to lodash4 except src/legacy/core_plugins
chore(NA): move legacy core plugins to lodash4
chore(NA): upgrade optimize to lodash4
chore(NA): upgrade to lodash4 on advanced_settings, charts, console and dashboard
chore(NA): migrate to lodash4 on dev_tools, discover, embeddable, es_ui)shared, expressions, home plugins
chore(NA): upgrade data plugin to lodash4
chore(NA): upgrade usage_collection, ui_actions, tile_map, telemtry, share, saved_objects, saved_objects_management, region_map and navigation to lodash4
chore(NA): missing data upgrades to lodash4
Revert "chore(NA): upgrade usage_collection, ui_actions, tile_map, telemtry, share, saved_objects, saved_objects_management, region_map and navigation to lodash4"
This reverts commit 137055c5fed2fc52bb26547e0bc1ad2e3d4fe309.
Revert "Revert "chore(NA): upgrade usage_collection, ui_actions, tile_map, telemtry, share, saved_objects, saved_objects_management, region_map and navigation to lodash4""
This reverts commit f7e73688782998513d9fb6d7e8f0765e9beb28d1.
Revert "chore(NA): missing data upgrades to lodash4"
This reverts commit 92b85bf947a89bfc70cc4052738a6b2128ffb076.
Revert "chore(NA): upgrade data plugin to lodash4"
This reverts commit 88fdb075ee1e26c4ac979b6681d8a2b002df74c6.
chore(NA): upgrade idx_pattern_mgt, input_control_vis, inspector, kbn_legacy, kbn_react, kbn_usage_collections, kbn_utils, management and maps_legacy to lodash4
chore(NA): map src plugin data to lodash3
chore(NA): missing lodash.clonedeep dep
chore(NA): change packages kbn-config-schema deps
chore(NA): update renovate config
chore(NA): upgrade vis_type plugins to lodash4
chore(NA): move vis_type_vislib to lodash3
chore(NA): update visualizations and visualize to lodash4
chore(NA): remove lodash 3 types from src and move test to lodash4
chore(NA): move home, usage_collection and management to lodash 3
Revert "chore(NA): move home, usage_collection and management to lodash 3"
This reverts commit f86e8585f02d21550746569af54215b076a79a3d.
chore(NA): move kibana_legacy, saved_objects saved_objects_management into lodash3
chore(NA): update x-pack test to mock lodash4
Revert "chore(NA): move kibana_legacy, saved_objects saved_objects_management into lodash3"
This reverts commit 2d10fe450533e1b36db21d99cfae3ce996a244e0.
* chore(NA): move x-pack and packages to lodash 4
* chore(NA): remove mention to lodash from main package.json
* chore(NA): remove helper alias for lodash4 and make it the default lodash
* chore(NA): fix last failing types in the repo
* chore(NA): fix public api
* chore(NA): fix types for agg_row.tsx
* chore(NA): fix increment of optimizer modules in the rollup plugin
* chore(NA): migrate `src/core/public/http/fetch.ts` (#5)
* omit undefined query props
* just remove merge usage
* fix types
* chore(NA): fixes for feedback from apm team
* chore(NA): recover old behaviour on apm LoadingIndeicatorContext.tsx
* chore(NA): fixes for feedback from watson
* Platform lodash4 tweaks (#6)
* chore(NA): fix types and behaviour on src/core/server/elasticsearch/errors.ts
* Canvas fixes for lodash upgrade
* [APM] Adds unit test for APM service maps transform (#7)
* Adds a snapshot unit test for getConnections and rearranges some code to make testing easier
* reverts `ArrayList` back to `String[]` in the painless script within `fetch_service_paths_from_trace_ids.ts`
* chore(NA): update yarn.lock
* chore(NA): remove any and use a real type for alerts task runner
Co-authored-by: Gidi Meir Morris <github@gidi.io>
* chore(NA): used named import for triggers_actions_ui file
* chore(NA): fix eslint
* chore(NA): fix types
* Delete most uptime lodash references.
* Simplify. Clean up types.
* [Uptime] Delete most uptime lodash references (#8)
* Delete most uptime lodash references.
* Simplify. Clean up types.
* chore(NA): add eslint rule to avoid using lodash3
* chore(NA): apply changes on feedback from es-ui team
* fix some types (#9)
* Clean up some expressions types.
* chore(NA): missing ts-expect-error statements
* Upgrade lodash 4 vislib (#11)
* replace lodash 3 with lodash 4 on vislib plugin
* Further changes
* further replacement of lodash3 to 4
* further work on upgrading to lodash 4
* final changes to update lodash
* chore(NA): upgrade data plugin to lodash4
chore(NA): upgrade data plugin public to lodash4
chore(NA): fix typecheck task
chore(NA): fix agg_config with hasIn
chore(NA): assign to assignIn and has to hasIn
chore(NA): upgrade data plugin server to lodash4
chore(NA): new signature for core api
fix(NA): match behaviour between lodash3 and lodash4 for set in search_source
* chore(NA): remove lodash3 completely from the repo
* chore(NA): fix x-pack/test/api_integration/apis/metrics_ui/snapshot.ts missing content
* chore(NA): fix lodash usage on apm
* chore(NA): fix typecheck for maps
* Patch lodash template (#12)
* Applying changes from https://github.com/elastic/kibana/pull/64985
* Using isIterateeCall, because it seems less brittle
* Also patching `lodash/template` and `lodash/fp/template`
* Reorganizing some files...
* Revising comment
* Ends up `_` is a function also... I hate JavaScript
Co-authored-by: Pierre Gayvallet <pierre.gayvallet@gmail.com>
Co-authored-by: Josh Dover <me@joshdover.com>
Co-authored-by: Clint Andrew Hall <clint.hall@elastic.co>
Co-authored-by: Oliver Gupte <ogupte@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Gidi Meir Morris <github@gidi.io>
Co-authored-by: Justin Kambic <justin.kambic@elastic.co>
Co-authored-by: Stratoula Kalafateli <stratoula1@gmail.com>
Co-authored-by: Luke Elmers <luke.elmers@elastic.co>
Co-authored-by: Brandon Kobel <brandon.kobel@gmail.com>
Co-authored-by: kobelb <brandon.kobel@elastic.co>
* ts-ignore --> ts-expect-error
* fix error with mutable array
* fix errors in consumers code
* update SOM
* fix FeatureConfig & Feature compatibility
* do not re-export from code. it breaks built version
* update docs
* add eslint rule for platform team code
* remove test. this is covered by ts-expect-error in unit tests
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* register OSS features with KP SO types only
* use Licensing plugin API in features plugin
* add plugin tests
* filter hidden types out
* cleanup tests
* rename
* add degug logging
* add warning for setup contract
* fix typo
* Specifying valid licenses for the Graph feature
* Adding option to /api/features to ignore valid licenses
This allow us to take advantage of the /api/featues endpoint within our
tests to disable all features, including those which are disabled by the
current license. The ui capabilities don't take into considerating the
license at the moment, so they're separate entirely separeate mechanisms
at this point in time.
* Addressing PR comments
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* create service skeleton
* move registerCapabilitiesModifier to capabilities service and rename to registerCapabilitiesSwitcher
* starts to move capabilities logic to CapabilitiesService
* move capabilities route to service
* add initial integration test for capabilities route
* capabilitiesMixin now delegates to capability service
* use server-side Capabilities import in server code
* update generated doc
* remove capabilities from injectedMetadatas
* use applications sent from client instead of server-registered navLinks
* disable authRequired for capabilities route
* (temp) exposes two endpoints for capabilities
* Add fetch-mock on capabilities call for karma tests
* adapt xpack Capabilities test - first attempt
* adapt x-pack ui_capabilities test
* add '/status' to the list of anonymous pages
* Add documentation on Capabilities APIs
* move Capabilities to core/types
* update generated docs
* add service tests
* protecting resolveCapabilities against added/removed capabilities
* update generated docs
* adapt mocks due to rebase
* add forgotten exports
* improve capabilities routes registering
* name capabilities registering methods
* resolve conflicts due to merge
* address review issues
* add comment about reason for exposing two routes
* extract createHttpServer test helper
* fix merge conflicts
* improve documentation
* remove `/status` anon registration as now done in NP status plugin
* fix merge conflicts
