# Cypress Tests
The `siem/cypress` directory contains end to end tests (specific to the `SIEM` app) that execute via [Cypress](https://www.cypress.io/).
At present, these tests are only executed in a local development environment; they are **not** integrated in the Kibana CI infrastructure, and therefore do **not** run automatically when you submit a PR.
See the `Server and Authentication Requirements` section below for additional details.
## Organizing Tests and (Mock) Data
- Code and CSS selectors that may be re-used across tests should be added to `siem/cypress/integration/lib`, as described below
- Smoke Tests are located in `siem/cypress/integration/smoke_tests`
- Mocked responses from the server are located in `siem/cypress/fixtures`
### `cypress/integration/lib`
The `cypress/integration/lib` folder contains code intended to be re-used across many different tests.
- Files named `helpers.ts` (e.g. `siem/cypress/integration/lib/login/helpers.ts`) contain functions (e.g. `login`) that may be imported and invoked from multiple tests.
- Files named `selectors.ts` export CSS selectors for re-use. For example, `siem/cypress/integration/lib/login/selectors.ts` exports the following selector that matches the Username text area in the Kibana login page:
```
export const USERNAME = '[data-test-subj="loginUsername"]';
```
## Server and Authentication Requirements
The current version of the Smoke Tests require running a local Kibana server that connects to an instance of `elasticsearch`. A file named `config/kibana.dev.yml` like the example below is required to run the tests:
```yaml
elasticsearch:
username: 'elastic'
password: '<password>'
hosts: ['https://<server>:9200']
```
The `username` and `password` from `config/kibana.dev.yml` will be read by the `login` test helper function when tests authenticate with Kibana.
See the `Running Tests Interactively` section for details.
## Running Tests Interactively
To run tests in interactively via the Cypress test runner:
1. Create and configure a `config/kibana.dev.yml`, as described in the `Server and Authentication Requirements` section above.
2. Start a local instance of the Kibana development server:
```
yarn start --no-base-path
```
3. Launch the Cypress interactive test runner:
```sh
cd x-pack/legacy/plugins/siem
yarn cypress:open
```
4. Click the `Run all specs` button in the Cypress test runner
https://github.com/elastic/ingest-dev/issues/515
* New and Legacy platforms share http server instance.
Required to use a common security interceptor for incoming http requests
* generate docs
* remove excessive contract method
* add test for New platform compatibility
* address comments part #1
* log server running only for http server
* fix test. mutate hapi request headers for BWC with legacy
* return 503 on start
* address @eli comments
* address @joshdover comments
* Always mock metadata/chrome in OSS
* Enable jest env in jest mocks
* Exclude jest mocks in karma bundles
* Use setupFilesAfterEnv in config
* Remove chrome/metadata mock from x-pack
* Remove kuery mock
* Add missing mock to SIEM test
* Fix typo in mock import
* Remove top level capabilities x-pack mock
* Move kfetch mock to ui/public
* Move moment-timezone to mocks file
* Unmock kfetch in kfetch specific tests
* Make kfetch mock manual
* Removed unnecessary jest.mock
* Remove kfetch unmocks
* [ftr/percy] integrate percy with functional test runner
* execute ftr within `percy exec`
* share PERCY_BIN and GRUNT_BIN vars in setup
* [license] whitelist `(Unlicense OR Apache-2.0)`
* [percy] include pr/parallel info in env
* echo the actual variable value
* destructure required modules
* [ci] calculate percy env in a script
* remove outdated eslint overrides
* oops, nonce should be the same for each build
* take snapshots in context tests
* add percy snapshots to some dashboard tests
* account for extra execution of PERCY_BIN
* remove usage of percy service
* rename service to `visualTesting`
* write a simple test
* switch left-over percy test to visualTesting
* set log level for percy agent
* trigger ci
* try using the system chrome install instead of downloading one
* fix export definition
* Don't skip chromium download
* Add Spencer's fix to point to chrome installation
* Attempting to split tests into own ci job and test files
* Renumber job
* Add tag to decorations file
* Try new files with existing CI job
* Try again to create a new CI job
* Fix eslint problem with space
* eslint updates
* fix console test
* make test names unique
* Update ci group names
* Try old name again
* save
* add separate visual_regression ci job
* add visual regression ci job
* add new job to jobs.yml
* update path to take_percy_snapshot script
* use fixed percy job total
* fix common services import
* move visual_create_and_add_embeddables to visual_regression project
* finish moving create_and_add_embeddables
* add x-pack visual regression job
* migrate dashboard_snapshots tests to visual_regression
* remove references to removed test files
* restore some unnecessary changes
* reimplement the login page tests
* yarn.lock update
* fix test
* remove old CI_GROUP 100 block
* update failed_tests trap
* reduce yarn.lock changes
* disable debug logging
* disable visual-regression tests for now, we can enable them in specific prs
* [Maps] sybmolize points with maki icons
* add from for selecting symbol
* add from for selecting symbol
* get icons working for static colors
* static icon sizing
* refacto symbol_utils
* timing issue
* use SDF icons
* dynamic iconSize
* set icon-anchor
* display symbol icon in map legend
* add unit tests for VectorIcon
* set icon fill based on dark mode
* remove unused file
* fix jest tests
* set icon-opacity
* use size style to configure icon-image small or large
* fix queryRadius error by just hiding other point layer instead of removing
* remove console statement on error
* use maki icon size constants
* add retry around opening set view popover for flaky test
This PR updates the filters agg editor to use the full QueryBar component, enabling use of KQL and autocomplete inside the editor for this aggregation in Visualize.
* Typescript dashboard app code. Pulls out part of the massive embeddable API PR.
I typscripted this code as part of that PR because it helped me find errors, but really unnecessarily blew up the size of that PR. So pulling out.
* User filter types from kbn-es-query
* Address code review feedback
* Replace require with import
* Warn in Typescript when using Array.flat() or .flatMap() without polyfill
* Update ecma version provided to babel in eslint
* Update per review comments
* skip and adjust functional tests for Firefox
* downgrade geckodriver to 0.22.0
* [ftr] add firefox specific config file
* remove hard coded firefox adjustments
* remove firefox specific screenshot directory
* run functional tests in firefox in x-pack
* pass the logger to readConfigFile()
* rename local var
* skip xpack firefox config
* run xpack firefox functional tests in separate command
* update report name for XPack firefox results
* adjust viz shared item test
* skip shared item test
* [test/feature_controls] increase timeout to 20 sec & use forceLogout
* FF timeout on TSVB, refresh page on failure for url navigation
* [feature_controls/visualize_security] increase timeout to 20 sec
* skip dev_tools_spaces tests on FF
* run all groups 3 times
* skip more func tests
* skip more tests
* skip all feature controls tests for Firefox
* revert back changes in feature controls tests
* rename xpack report for chrome
* skip tile map for FF, wait for render before saving
* Revert "run all groups 3 times"
This reverts commit 12b4f69627.
* revert refresh on login
* apply feedback
* chore(NA): add transpile with babel the typescript files on xpack when build.
* chore(NA): fix the globs for public folders inside server paths
* docs(NA): add comments to explain globs.
* chore(NA): use pipeline instead of async pipeline promise from dev utils. chore(NA): change globs definitions to match the overall convention.
* chore(NA): apply documented way to use stream pipeline.
* chore(NA): exclude test files from the build transpilation.
* chore(NA): add ignore for eslint complexity warning
* chore(na): fix bad added type files.
* fix(NA): unused type exports
* Pin dependencies
* include core-js in babel packages
* specify core-js version when using `useBuiltIns`
* dedupe @babel/types to avoid "range of null" problem
* Pin dependencies
* [eslint] ignore large files that take a long time to parse
* [eslint-plugin-import] force `querystring` to be considered a core module
* [eslint-plugin-import] auto-fix import order issues
* [feat] add reach-like functionality to object
In #36804 we need to validate a `Partial<HttpConfig>` object which may
or may not have all the required keys attached to it. This is the type
of use-case for `Joi.reach`, so we should expose a reach-like method on
the object validation class so that you can return the validator for a
specific key on an object.
* [fix] change to validateKey
* [fix] use throw error matcher
* [fix] use same interface for validate
* [fix] change test name]
* Revert "Revert "[kbn-es] await native realm setup, error if there are failures (#36290)""
This reverts commit a102ca1f97.
* [kbn/es] retry setPassword call if it fails
* [kbn-es] await native realm setup, error if there are failures
* cleanup listener from started promise too
* fix typo
* log native realm setup errors on run and handle 400 when xpack isn't available
* avoid creating potentially unused promises
* avoid Promise constructor that's larger than necessary
* group similar operations, add some light comments
* set passwords in parallel so that logging is grouped
* update native realm tests
* update es_bin fixture to handle _xpack requests
* log started after server is listening
* remove unused mockEsBin args
* use more realistic http address log
* Extract Tags component and tag filter config object from workpad templates
Added tag filtering to element selection modal
Added tags to element
Added type definitions to Registry in @kbn/interpreter
Added stories for Tag and TagList components
Changed graphic tag color
* In kbn-test, provide password to cluster.start()
* Security enabled by default, overwrite by passing `-E "xpack.security.enabled=false"`
Signed-off-by: Tyler Smalley <tyler.smalley@elastic.co>
enable security on file dataviz and import (ML plugin)
update unit tests
add api test coverage for security in basic
move audit logging to standard+ license level
Attempts to make KQL syntax errors more sensical to the average user.
I initially tried to use a similar solution to the one we used for detecting usage of old lucene syntax. In other words, I tried to create rules in the grammar that would match strings containing common mistakes the user might make and throw custom error messages for each situation. This proved to be more difficult for detecting errors in the regular language. While the Lucene rules could be completely separated from the main grammar, the KQL error rules had to be mixed into the main grammar which made it much more complex and had a lot of unintended side effects.
So instead I decided to lean more heavily on PEG's built in error reporting. Giving certain rules human readable names allows the parser to use those names in the error reporting instead of auto generating a long list of possible characters that might be expected based on the matching rules. Since the PEG errors contain location information I was also able to add ascii art that points the user to exactly where the error occurred in their query string. While this approach is not quite as nice as bespoke error messages that tell the user exactly what is wrong in plain English, it's much more maintainable and I think it still results in much better error messages compared to what we have today.
I've also removed the old original kuery grammar (for queries like is(response, 200)). We were only using it to display an error if I user was still using the old syntax. This version of kuery hasn't existed since 6.3 and we've had error messages telling users this since then. I think it's safe to remove the legacy parser at this point, which greatly reduces the complexity of our error reporting.
* [APM] Add new kibana package '@kbn/babel-plugin-apm-idx' based on
'babel-plugin-idx' to work with the APM implementation of the deep
object property helper function. Configure it as a babel plugin in the
common babel preset.
* [APM] modified the expanded output code to handle null checking correction for nested properties and added tests.
* [APM] use same versions of babel and jest as core kibana. fixes broken tests.
* [APM] created namespaced package `@kbn/elastic-idx`. Made available the
apm/common/idx and the corresponding babel plugin under this package.
Modified all imports of apm/common/idx to @kbn/elastic-idx.
* [APM] add typescript build to the @kbn/elastic-idx package
* [APM] fix idx import and linting failures
* [APM] make @kbn/elastic-idx/babel plugin detect idx calls as member functions from the bound scope
Makes feature-secops closely mirror master of kibana
* Puts the ci/cd system back to where it mirrors master
* Removed stylelint
* Fixed accidental linter differences that accumulated along the way
* Fixed accidental package addition of `cherrio`
* Added back the translation file of `zh-CN.json`
* https://github.com/elastic/ingest-dev/issues/397
* https://github.com/elastic/ingest-dev/issues/198
* [dev/build] fix missing flag checks
With the upgrade to the new version of getopts, boolean flags are now defaulting to `false`, which prevents the `undefined` checks in place for the `--rpm`, `--deb`, `--docker` flags. Or order to ensure that they can be checked for existence we can default the flags to `null`, which gives these "boolean" flags a third possible state, only possible when the flags are not specified from the command line.
* [dev/build] break out args processing and test
* reindent help text
* always return unknownFlags
getopts added the `string` option in a recent version, which I didn't realize when I made updates to src/dev/run/run.ts, which rely on this option. To make sure it is available this updates getopts in all projects from `2.x` to `^2.2.4`
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Introducing uiCapabilities, removing config providers & user profile (#25387)
## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.
* GAP - Actions Restructured and Extensible (#25347)
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Fixing saved object capability checking
* Beginning to restructure actions to be used for all action building
* Using actions to build ui capabilities
* dropping /read from client-side userprovide ui capabilities
* Adding some actions
* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves
* Exposing all saved object operations in the capabilities
* Using actions in security's onPostAuth
* Only loading the default index pattern when it's required
* Only using the navlinks for the "ui capabilities"
* Redirecting from the discover application if the user can't access
kibana:discover
* Redirecting from dashboard if they're hidden
* Features register their privileges now
* Introducing a FeaturesPrivilegesBuilder
* REmoving app from the feature definition
* Adding navlink specific ations
* Beginning to break out the serializer
* Exposing privileges from the authorization service
* Restructuring the privilege/resource serialization to support features
* Adding actions unit tests
* Adding features privileges builders tests
* Adding PrivilegeSerializer tests
* Renaming missed usages
* Adding tests for the privileges serializer
* Adding privileges tests
* Adding registerPrivilegesWithCluster tests
* Better tests
* Fixing authorization service tests
* Adding ResourceSerializer tests
* Fixing Privileges tests
* Some PUT role tests
* Fixing read ui/api actions
* Exposing features from xpackMainPlugin
* Adding navlink:* to the "reserved privileges"
* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link
* Automatically determining navlink based ui capabilities
* Backing out changes that got left behind
* Using ui actions for navlinks
* Adding TODOs
* Ui -> UI
* Deleting unused file
* Removing api: [] as it's not necessary anymore
* Fixing graph saved object privileges
* Privileges are now async
* Pushing the asycnchronicity to the privileges "service"
* Adding TODO
* Providing initial value for reduce
* adds uiCapabilities to test_entry_template
* Adding config to APM/ML feature privileges
* Commenting out obviously failing test so we can get CI greeenn
* Fixing browser tests
* Goodbyyeee
* Adding app actions to the reserved privileges
* update snapshot
* UI/API changes to facilitate disabling features within spaces (#24235)
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Introducing uiCapabilities, removing config providers & user profile (#25387)
## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.
* GAP - Actions Restructured and Extensible (#25347)
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Fixing saved object capability checking
* Beginning to restructure actions to be used for all action building
* Using actions to build ui capabilities
* dropping /read from client-side userprovide ui capabilities
* Adding some actions
* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves
* Exposing all saved object operations in the capabilities
* Using actions in security's onPostAuth
* Only loading the default index pattern when it's required
* Only using the navlinks for the "ui capabilities"
* Redirecting from the discover application if the user can't access
kibana:discover
* Redirecting from dashboard if they're hidden
* Features register their privileges now
* Introducing a FeaturesPrivilegesBuilder
* REmoving app from the feature definition
* Adding navlink specific ations
* Beginning to break out the serializer
* Exposing privileges from the authorization service
* Restructuring the privilege/resource serialization to support features
* Adding actions unit tests
* Adding features privileges builders tests
* Adding PrivilegeSerializer tests
* Renaming missed usages
* Adding tests for the privileges serializer
* Adding privileges tests
* Adding registerPrivilegesWithCluster tests
* Better tests
* Fixing authorization service tests
* Adding ResourceSerializer tests
* Fixing Privileges tests
* Some PUT role tests
* Fixing read ui/api actions
* Exposing features from xpackMainPlugin
* Adding navlink:* to the "reserved privileges"
* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link
* Automatically determining navlink based ui capabilities
* Backing out changes that got left behind
* Using ui actions for navlinks
* Adding TODOs
* Ui -> UI
* Deleting unused file
* Removing api: [] as it's not necessary anymore
* Fixing graph saved object privileges
* Privileges are now async
* Pushing the asycnchronicity to the privileges "service"
* Adding TODO
* Providing initial value for reduce
* adds uiCapabilities to test_entry_template
* Adding config to APM/ML feature privileges
* Commenting out obviously failing test so we can get CI greeenn
* Fixing browser tests
* Goodbyyeee
* Adding app actions to the reserved privileges
* Begin to allow features to be disabled within spaces
typescript fixes
additional cleanup
attempt to resolve build error
fix tests
more ts updates
fix typedefs on manage_spaces_button
more import fixes
test fixes
move user profile into xpack common
Restructure space management screen
fix SASS references
design edits
remove Yes/No language from feature toggles
fix casing
removed unused imports
update snapshot
fix sass reference for collapsible panel
Fix sass reference, take 2
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* extract migration logic into testable unit
* Introducing uiCapabilities, removing config providers & user profile (#25387)
## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.
* Design edits (#12)
enables customize avatar popover
update tests, and simplify editing space identifier
remove references to user profile
remove unused test suite
remove unnecessary sass import
removes security's capability_decorator
* fix i18n
* updates toggleUiCapabilities to use new feature definitions
* cleanup and testing
* remove references to old feature interface
* readd lost spacer
* adds feature route testing
* additional i18n
* snapshot update
* copy edits
* fix ml app icon
* add missing export
* remove unnecessary sass import
* attempt to fix build
* fix spaces api tests
* esArchiver mapping updates
* rename toggleUiCapabilities -> toggleUICapabilities
* removes shared collapsible_panel component in favor of plugin-specific components
* some copy and style adjustments
* fix test following rebase
* add lost types file
* design edits
* remove stale export
* feature feedback; fixes cached disabled features
* GAP: Security disables UI capabilities (#25809)
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Fixing saved object capability checking
* Beginning to restructure actions to be used for all action building
* Using actions to build ui capabilities
* dropping /read from client-side userprovide ui capabilities
* Adding some actions
* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves
* Exposing all saved object operations in the capabilities
* Using actions in security's onPostAuth
* Only loading the default index pattern when it's required
* Only using the navlinks for the "ui capabilities"
* Redirecting from the discover application if the user can't access
kibana:discover
* Redirecting from dashboard if they're hidden
* Features register their privileges now
* Introducing a FeaturesPrivilegesBuilder
* REmoving app from the feature definition
* Adding navlink specific ations
* Beginning to break out the serializer
* Exposing privileges from the authorization service
* Restructuring the privilege/resource serialization to support features
* Adding actions unit tests
* Adding features privileges builders tests
* Adding PrivilegeSerializer tests
* Renaming missed usages
* Adding tests for the privileges serializer
* Adding privileges tests
* Adding registerPrivilegesWithCluster tests
* Better tests
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Fixing authorization service tests
* Adding ResourceSerializer tests
* Fixing Privileges tests
* Some PUT role tests
* Fixing read ui/api actions
* Introducing uiCapabilities, removing config providers & user profile (#25387)
## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.
* Exposing features from xpackMainPlugin
* Adding navlink:* to the "reserved privileges"
* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link
* Automatically determining navlink based ui capabilities
* Backing out changes that got left behind
* Using ui actions for navlinks
* Adding TODOs
* Ui -> UI
* Deleting unused file
* Removing api: [] as it's not necessary anymore
* Fixing graph saved object privileges
* Privileges are now async
* Pushing the asycnchronicity to the privileges "service"
* Adding TODO
* Providing initial value for reduce
* adds uiCapabilities to test_entry_template
* Adding config to APM/ML feature privileges
* Commenting out obviously failing test so we can get CI greeenn
* Fixing browser tests
* First, very crappy implementation
* Adding tests for disabling ui capabilities
* All being set to false no longer requires a clone
* Using _.mapValues makes this a lot more readable
* Checking those privileges dynamically
* Fixing some broken stuff when i introduced checkPrivilegesDynamically
* Adding conditional plugin tests
* Renaming conditional plugin to optional plugin
* Fixing type errors
* GAP - Actions Restructured and Extensible (#25347)
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Fixing saved object capability checking
* Beginning to restructure actions to be used for all action building
* Using actions to build ui capabilities
* dropping /read from client-side userprovide ui capabilities
* Adding some actions
* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves
* Exposing all saved object operations in the capabilities
* Using actions in security's onPostAuth
* Only loading the default index pattern when it's required
* Only using the navlinks for the "ui capabilities"
* Redirecting from the discover application if the user can't access
kibana:discover
* Redirecting from dashboard if they're hidden
* Features register their privileges now
* Introducing a FeaturesPrivilegesBuilder
* REmoving app from the feature definition
* Adding navlink specific ations
* Beginning to break out the serializer
* Exposing privileges from the authorization service
* Restructuring the privilege/resource serialization to support features
* Adding actions unit tests
* Adding features privileges builders tests
* Adding PrivilegeSerializer tests
* Renaming missed usages
* Adding tests for the privileges serializer
* Adding privileges tests
* Adding registerPrivilegesWithCluster tests
* Better tests
* Fixing authorization service tests
* Adding ResourceSerializer tests
* Fixing Privileges tests
* Some PUT role tests
* Fixing read ui/api actions
* Exposing features from xpackMainPlugin
* Adding navlink:* to the "reserved privileges"
* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link
* Automatically determining navlink based ui capabilities
* Backing out changes that got left behind
* Using ui actions for navlinks
* Adding TODOs
* Ui -> UI
* Deleting unused file
* Removing api: [] as it's not necessary anymore
* Fixing graph saved object privileges
* Privileges are now async
* Pushing the asycnchronicity to the privileges "service"
* Adding TODO
* Providing initial value for reduce
* adds uiCapabilities to test_entry_template
* Adding config to APM/ML feature privileges
* Commenting out obviously failing test so we can get CI greeenn
* Fixing browser tests
* Goodbyyeee
* Adding app actions to the reserved privileges
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Introducing uiCapabilities, removing config providers & user profile (#25387)
## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.
* GAP - Actions Restructured and Extensible (#25347)
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Fixing saved object capability checking
* Beginning to restructure actions to be used for all action building
* Using actions to build ui capabilities
* dropping /read from client-side userprovide ui capabilities
* Adding some actions
* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves
* Exposing all saved object operations in the capabilities
* Using actions in security's onPostAuth
* Only loading the default index pattern when it's required
* Only using the navlinks for the "ui capabilities"
* Redirecting from the discover application if the user can't access
kibana:discover
* Redirecting from dashboard if they're hidden
* Features register their privileges now
* Introducing a FeaturesPrivilegesBuilder
* REmoving app from the feature definition
* Adding navlink specific ations
* Beginning to break out the serializer
* Exposing privileges from the authorization service
* Restructuring the privilege/resource serialization to support features
* Adding actions unit tests
* Adding features privileges builders tests
* Adding PrivilegeSerializer tests
* Renaming missed usages
* Adding tests for the privileges serializer
* Adding privileges tests
* Adding registerPrivilegesWithCluster tests
* Better tests
* Fixing authorization service tests
* Adding ResourceSerializer tests
* Fixing Privileges tests
* Some PUT role tests
* Fixing read ui/api actions
* Exposing features from xpackMainPlugin
* Adding navlink:* to the "reserved privileges"
* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link
* Automatically determining navlink based ui capabilities
* Backing out changes that got left behind
* Using ui actions for navlinks
* Adding TODOs
* Ui -> UI
* Deleting unused file
* Removing api: [] as it's not necessary anymore
* Fixing graph saved object privileges
* Privileges are now async
* Pushing the asycnchronicity to the privileges "service"
* Adding TODO
* Providing initial value for reduce
* adds uiCapabilities to test_entry_template
* Adding config to APM/ML feature privileges
* Commenting out obviously failing test so we can get CI greeenn
* Fixing browser tests
* Goodbyyeee
* Adding app actions to the reserved privileges
* Update x-pack/plugins/security/server/lib/authorization/disable_ui_capabilities.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/plugins/security/server/lib/authorization/check_privileges_dynamically.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Disabling all ui capabilities if route is anonymous
* More typescript
* Even more typescript
* Updating snapshot
* Less any
* More safer
* Another one
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Introducing uiCapabilities, removing config providers & user profile (#25387)
## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.
* GAP - Actions Restructured and Extensible (#25347)
* Restructure user profile for granular app privs (#23750)
merging to feature branch for further development
* Fixing saved object capability checking
* Beginning to restructure actions to be used for all action building
* Using actions to build ui capabilities
* dropping /read from client-side userprovide ui capabilities
* Adding some actions
* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves
* Exposing all saved object operations in the capabilities
* Using actions in security's onPostAuth
* Only loading the default index pattern when it's required
* Only using the navlinks for the "ui capabilities"
* Redirecting from the discover application if the user can't access
kibana:discover
* Redirecting from dashboard if they're hidden
* Features register their privileges now
* Introducing a FeaturesPrivilegesBuilder
* REmoving app from the feature definition
* Adding navlink specific ations
* Beginning to break out the serializer
* Exposing privileges from the authorization service
* Restructuring the privilege/resource serialization to support features
* Adding actions unit tests
* Adding features privileges builders tests
* Adding PrivilegeSerializer tests
* Renaming missed usages
* Adding tests for the privileges serializer
* Adding privileges tests
* Adding registerPrivilegesWithCluster tests
* Better tests
* Fixing authorization service tests
* Adding ResourceSerializer tests
* Fixing Privileges tests
* Some PUT role tests
* Fixing read ui/api actions
* Exposing features from xpackMainPlugin
* Adding navlink:* to the "reserved privileges"
* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link
* Automatically determining navlink based ui capabilities
* Backing out changes that got left behind
* Using ui actions for navlinks
* Adding TODOs
* Ui -> UI
* Deleting unused file
* Removing api: [] as it's not necessary anymore
* Fixing graph saved object privileges
* Privileges are now async
* Pushing the asycnchronicity to the privileges "service"
* Adding TODO
* Providing initial value for reduce
* adds uiCapabilities to test_entry_template
* Adding config to APM/ML feature privileges
* Commenting out obviously failing test so we can get CI greeenn
* Fixing browser tests
* Goodbyyeee
* Adding app actions to the reserved privileges
* update snapshot
* Update x-pack/plugins/security/server/lib/authorization/check_privileges.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/plugins/security/server/lib/authorization/check_privileges.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Fixing type errors
* Only disabling navLinks if a feature is registered for them
* Adding non i18n'ed tooltip
* Making metadata and tooltip optional
* i18n'ing tooltips
* Responding to peer review comments
* GAP - Role API Structure (#26740)
* Updated the role api PUT structure
* Minimum is an array now
* Updating get route to naively support the new structure
* Renaming and removing some serialized methods
* Updating Role PUT api tests
* Fixing PUT jest tests
* Fixing GET tests
* Updating PrivilegeSerializer tests
* Renaming features to feature for the GET, so we're consistent
* Validating features and feature privileges
* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Renaming some variables/members of the PrivilegesSerializer
* Fixing privileges serializer tests
* Fixing register privileges with cluster tests
* Fixing the role creation for the api integration tests
* Generalizing regex within the feature registry
* update tests
* [GAP] - Support infra features (#26955)
## Summary
This PR adds the `Infrastructure` and `Logs` apps as toggle-able features via Granular Application Privileges.
* [GAP] - Enables xpack_main to populate UI Capabilities (#27031)
## Summary
Currently, plugins that register features via `xpackMainPlugin.registerFeature({...})` also have to specify their own `uiCapabilities` via `injectDefaultVars`, which is counter-intuitive and cumbersome. We've accepted this complexity for OSS plugins, but x-pack and third-party plugins should not have to concern themselves with such implementation details.
This PR removes that requirement for x-pack and third-party plugins, so all they have to do is register features, and ensure that their feature privileges contain the appropriate UI Capabilities in the `ui` property.
### Notes
This implementation intentionally does not alter UI Capabilities that come in via OSS Kibana. The capabilities defined there should be the source of truth, regardless of which distribution is used.
### Example
<pre>
xpackMainPlugin.registerFeature({
id: 'graph',
name: 'Graph',
icon: 'graphApp',
<b>navLinkId: 'graph',</b>
privileges: {
all: {
app: [],
savedObject: { ... },
<b>ui: ['showWriteControls'],</b>
},
read: {
app: [],
savedObject: { ... },
<b>ui: ['someOtherCapability],</b>
}
}
});
</pre>
Will be translated to the following UI Capabilities:
```
uiCapabilities: {
navLinks: {
graph: true
},
graph: {
showWriteControls: true,
someOtherCapability: true,
}
}
```
xpack_main is **not responsible** for disabling UI capabilities, so this will initialize all capabilities with a value of `true`.
* Hide write controls for the visualization application (#26536)
* Hide write controls for the timelion application (#26537)
* blacklist feature ids (#27493)
* [GAP] - Support management links (#27055)
## Summary
This enables management links to be toggled via UI Capabilities.
## TODO
- [x] Implement spaces controls
- [x] Implement security controls
- [x] Testing
- [ ] (optional) - dedicated display for managing management links?
* Enables the feature catalogue registry to be controlled via uiCapabil… (#27945)
* Enables the feature catalogue registry to be controlled via uiCapabilities
* update snapshot
* xpack_main populates uiCapabilities with the full list of catalogue entries
* builds application privileges using catalogue actions
* prevent 'catalogue' from being registered as a feature id
* fix mocha tests
* fix merge
* update snapshots
* GAP - Discover and NavLinks Functional Testing (#27414)
* Adding very basic Discover tests
* Ensuring discover is visible in both spaces
* Parsing the DOM to determine the uiCapabilities
* Making this.wreck `any` because the type definitions suck
* Specifying auth when requesting ui capabilities
* Beginning architecture to support permutation testing
* Adding documentation of the different configurations we'd like to test
* Fixing type errors
* Beginning to work on the framework to test the combinations
* Adding some factories
* Pushing forward, not a huge fan of what I have right now
* The new-new
* Less weird types
* Revising some things after talking with Larry
* Switching from wreck to axios
* Restructuring some files
* Changing to a space with all features, and a space with no features
* Beginning to add the security only tests
* Adding a navLinksBuilder
* Adding spaces only tests
* Not disabling ui capabilities, or authing app/api access when we
shouldn't be
* Can't get rid of management
* Adding more user types
* More users, this is starting to really suck
* Renaming some things...
* Revising which users we'll test in which ui capabilities "test suite"
* Adding some more user scenarios for the security_only configuration
* Adding security_only user scenarios
* Adding space scenarios
* Fixing type errors
* Udpating the readme for the spaces we're testing with
* Adding global read discover security ui functional tests
* Adding tests to make sure save buttons are shown/hidden
The actual implementation is broken somewhere
* Fixing tests after GIS is added and conflicts happened for infra
* Adding discover ui capability tests
* Fixing navlinks tests
* Adding discover view tests
* Adding UI tests for spaces being disabled
* Fixing tests
* Removing wreck dependency, it's garbage
* Fixing typo
* Updating ui capabilities README.md and adding another user for the
security and spaces ui capability tests
* Updating yarn lock file
* Consolidation some types
* Adding VisualizeDisabledSpace to the scenarios.
* Fixing esArchives with .kibana_2
* Disable features optional again
* Adding ensureCurrentUrl: false
* Fixing space selector tests
* Fixing gis privileges, they use saved objects
* Fixing find's element staleness checks
* Update x-pack/test/functional/es_archives/spaces/disabled_features/data.json
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Generalizing logic to get appNavLinksText
* Removing duplicate license header
* Adding GIS mappingst
* Fixing readme
* We love our future selfs
* Adding GisRead scenario
* Whoops
* Adding note about funky syntax for use with exhaustive switches
* Using a centralized list of features
* Give it some time
* Even more time?
* Space Management - accessibility & i18n improvements (#28195)
## Summary
1) Improves the accessibility for the spaces management screen:
- Customize Space Avatar popover now receives focus when toggled
- Labels are more descriptive, providing context
- Delete Space modal correctly focuses
2) Improves i18n support
- fixed a couple hard-coded strings
3) Adds a "Features" column to the spaces grid page, which shows a brief summary of the number of features enabled for each space:
Related: https://github.com/elastic/kibana/issues/28184
* Feature Controls - spaces - functional tests (#28213)
* adds tests for /api/features/v1 endpoint
* update failing management test
* Fc/run ui capability tests (#28362)
* Running the UI Capability Tests as part of the normal CI runs
* Adding uptime feature to get these tests passing
* Adding features and sorting
* Adding uptime security_only uiCapability tests, and fixing devTools
* Fixing the docs
* Fixing section panel i18n issue
* Removing unused import
* Updating snapshots
* Feature Controls - The new new role API (#28441)
These changes allow us to build the most recent UI where spaces can be "grouped" and edited at once. This changes the kibana section of the role definition to the following:
```
{
kibana: [
{
base: ['read'],
feature: {
discover: ['all'],
dashboard: ['all']
},
spaces: ['*']
},
{
base: ['read'],
feature: {
discover: ['all'],
dashboard: ['all']
},
spaces: ['marketing', 'sales']
}
]
}
```
If the `spaces` property isn't provided (for example if the user isn't using Spaces) then it'll default to `['*']`.
There are a few other stipulations that we're implementing with this approach.
1. Each "item" can be for 1 to many spaces OR globally. We can't specify both space privileges and global privileges in the same "item" because for Spaces we translate `all` to `space_all`, etc. so we can give them different privileges, and this becomes problematic when trying to serialize/deserialize to ES.
2. Additionally, each space can only appear once. The ES model would allow this, but the role management UI becomes more complicated if we were to allow this when calculating effective privileges.
* Feature Controls - Discover Save Button Test #28500 (#28501)
* Adding some debug logs
* Setting ui settings using the functional services
* Doing the same for the spaces disabled features
* Removing console.log debug statements
* Using save instead of showWriteControls
* Reload when adjusting visible features within the users active space (#28409)
## Summary
Changes to the visible features within a space are not visible until the page is refreshed. Because of this, when a user is editing their active space, their changes are not immediately visible.
This updates the space management screen to force a refresh when updating the visible features inside the active space. It also introduces a modal warning that this will happen:
* Throwing error if we register a feature after getAll is called (#29030)
* Throwing error if we register a feature after getAll is called
* Fixing some tests
* Fixing feature route tests
* Removing unused imports
* Fixing merge conflict
* Feature Controls - Fixing fallout of removing the legacy fallback (#29141)
* Fixing use of mode.useRbacFoRequest to mode.useRbac
* Fixing ui capability tests
* [Feature Controls] - Fix a11y for customize feature section (#29174)
## Summary
Fixes the displayed and announced text for the "show"/"hide" button of the Customize Visible Features section of the spaces management page.
This was inadvertently broken following a merge from master at some point.
* Feature Controls: Fixing k7's new "nav links" (#29198)
* Fixing k7's new applist for feature controls
* Renaming appSwitcher to appsMenu
* Feature Controls - Dashboard (#29139)
* Using addRouteSetupWork to implement the redirect
* Using centralized addSetupWork
* Fixing dashboard functional feature privileges tests
* Ensuring landing page and create dashboard redirect to the home-page
* Adding more tests to ensure the redirects work properly
* Adding disabled space feature tests for Dashboards
* Update src/ui/public/capabilities/route_setup.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update test/functional/page_objects/common_page.js
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Fixing ui capability tests after adding createNew
* Removing unnecessary `return undefined`
* requireUICapabilities -> requireUICapability
* Updating dashboard ui capability tests
* Fixing issue with the selection column appearing on Dashboards
* Fixing ui capability dashboard space only tests
* [FC] - Move management and catalogue entries out of privilege definition (#28354)
* Moves catalogue and management entries from privilege defintion to base feature definition
* Update new management menu to respect items disabled via UI Capabilities
* add test
* re-add index pattern entries
* re-add advanced settings icon
* fix tests
* remove management and catalogue entries from read-only users
* bring it back now y'all
* catalogue updates for xpack plugins
* Introduces 'grantWithBaseRead' flag
* update privileges from all -> read where necessary
* rename feature builder functions
* catalogue and management items should cascade to privileges when not specified
* add catalogue entry for uptime app
* Simplify feature registrations using inherited catalogue/management entries
* consolidate and fix privilege building logic
* rename variables
* remove debug code
* remove duplicate lodash import
* Update x-pack/plugins/xpack_main/server/lib/feature_registry/feature_registry.ts
Co-Authored-By: legrego <lgregorydev@gmail.com>
* [GAP] - Role Management UI (#26840)
---------
Edge-case scenarios:
1) [x] '*' and spaces in the same "entry"
Handled via `_transform_errors` at the API level. Renders a partial read-only view in the UI.
2) [x] same space appearing in multiple "entries"
Handled via `_transform_errors` at the API level. Renders a partial read-only view in the UI.
3) [x] base and feature privileges being set on the same "entry"
UI does not allow this to be set, but UI is smart enough to display the correct effective privilege in this case.
4) [x] multiple base privileges set in the same "entry"
UI does not allow this to be set, but UI is smart enough to apply the most permissive base privilege when displaying and performing privilege calculations.
5) [x] multiple feature privileges for the same "entry" (ml_all and ml_read)
UI does not allow for this to be set, but UI is smart enough to apply the most permissive base privilege when displaying and performing privilege calculations.
--------
## Summary
This updates the role management UI to allow application privileges to be customized globally and per-space.
## TODO:
- [x] [First Design review](https://github.com/legrego/kibana/pull/13)
- [ ] Second Design review
- [ ] Copy review
- [x] i18n
- [x] Handle deleted/unknown features
- [x] Handle deleted/unknown spaces
- [x] Cleanup & refactoring
- [x] Testing
* [Feature Controls, Spaces] - Don't load bundles for hidden apps (#29617)
## Summary
This enables the spaces plugin to issue a 404 if the requested application is disabled within the users active space.
To enable this functionality, the `app` property was moved to the root feature level, with the option to override at the privilege level. This follows the same logic as `catalogue` and `management` sections.
This will enable automatic app "protections" for those which only specify a single UI application, including:
1) Timelion
2) Canvas
3) Monitoring
4) APM
5) Code (when it merges)
6) GIS
7) Graph
8) ML
* [Feature Controls] - Copy Edits (#29651)
## Summary
Copy edits from today's session
* [Feature Controls] - Rename-a-thon (#29709)
* post-merge cleanup
* [Feature Controls] - fixes from recent merge from master (#29826)
## Summary
this pr will contain any required changes to fix CI from the recent merge from master, which includes the new k7 redesign design and dark mode
* Feature Controls: Adding privileges tooltip for Dev Tools (#30008)
* Adding privileges tooltip for Dev Tools
* appeasing the linter
* [Feature Controls] - Fix displayed space base privilege (#30133)
## Summary
This fixes the displayed space base privilege when a global base privilege is influencing the dropdown control:
1) Add global 'read' privilege
2) Configure space privilege -- note default base privilege of 'read'
3) Change space base privilege to 'custom'
Prior to this fix, the dropdown would not honor the change; it would keep 'read' as the selected option.
* Feature Controls: Adding read privileges for advanced settings and index patterns (#30106)
* Adding read privileges for advanced settings and index patterns
* Fixing the tests and the actual code itself
* Feature Controls - spaces not a security mechanism warning (#29853)
* Changing copy for the spaces not a security mechanism warning
* Using Gail's wording
* [Feature Controls] - Fixes from merging from master (8.0) (#30267)
* improve typings
* fix xpack_main type definitions
* test updates
* Fc/functional test move (#29835)
* Moving dashboard feature control tests to the dashboard application
* Moving more tests around
* Fixing some tests, no longer using uiSettings service, doesn't play
nicely with spaces
* Fixing esarchived issue
* Renaming some files
* [Feature Controls] - Readonly view for Advanced Settings using UICapabilities (#30243)
## Summary
This builds on the work done in https://github.com/elastic/kibana/pull/30106 to enable a read-only mode for the Advanced Settings screen:
- Input fields are disabled
- Save options are not displayed
- "Reset to default" options are not displayed
* Feature Controls: No Wildcards (#30169)
* A poorly named abstraction enters the room
* No more wildcards, starting to move some stuff around
* Splitting out the feature privilege builders
* Using actions instead of relying on their implementation
* We don't need the saved object types any longer
* Explicitly specifying some actions that used to rely on wildcards
* Fixing api integration test for privileges
* Test fixture plugin which adds the globaltype now specifies a feature
* Unauthorized to find unknown types now
* Adding tests for features with no privileges
* Update x-pack/test/saved_object_api_integration/security_and_spaces/apis/find.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Adding back accidentally deleted test
* Using the shared XPackMainPlugin definition
* Fixing privileges
* [Feature Controls] - Readonly mode for Canvas using UICapabilities (#29264)
## Summary
Updates Canvas to respect UICapabilities when determining if a user has read or read/write access to the application:
1) Adds a `showWriteControls` UI Capability to the Canvas's `all` privilege.
2) Removes the `setCanUserWrite` Redux action
3) Sets the initial (and only) state for `state.transient.canUserWrite` based on the UI Capability.
Closes https://github.com/elastic/kibana/issues/27695
* [Feature Controls] - Readonly mode for Maps using UICapabilities (#30437)
## Summary
This updates the maps application to support a read-only mode:
1) Removes selection/delete from Maps listing page
2) Removes "save" option
## TODO:
- [x] Functional UI Tests
* Add typings for x-pack/test to support .html imports (#30570)
We're importing `ui/capabilities` from the x-pack/test project, which
implicitly traverses into typings which are potentially importing .html
files, so we have to teach TypeScript about it.
* [Feature Controls] - Readonly mode for Timelion using UICapabilities (#30128)
## Summary
Updates Timelion to respect UICapabilities when determining if a user has read or read/write access to the application.
A previous PR was responsible for hiding the save controls, but this PR adds testing and the appropriate UICapabilities to the registered privilege definition.
* remove stray debug code
* [Feature Controls] - Updates from src/ui move to src/legacy/ui (#30678)
* dummy commit
* fix import path
* update message identifier
* fix snapshot
* remove unused translations
* Feature Controls: Adding read/write privileges for all applications (#30732)
* Adding read/write privileges for all applications
* Using default for advanced settings, canvas, maps and timelion
* Update x-pack/test/ui_capabilities/security_only/tests/canvas.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/test/ui_capabilities/security_only/tests/canvas.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/test/ui_capabilities/security_only/tests/maps.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/test/ui_capabilities/security_only/tests/maps.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/test/ui_capabilities/security_only/tests/timelion.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* [Feature Controls] - Readonly mode for Visualize using UICapabilities (#29714)
* enable read-only view, and enable app redirection for visualize app
* Hide 'Edit Visualization' dashboard context menu item if visualizations are not editable
* Hide 'Add new visualization' button if action is not available
* show 'Visualize' button on discover view only if viz app is available
* update tests
* allow visualizations to be created, but not saved for read-only users
* adds functional tests for visualize
* add tests for showing/hiding the visualize button in the discover app
* fix visualize tests following merge from master
* tests for edit viz feature from dashboards
* cleanup
* remove unnecessary call to set ui settings
* remove unused variables
* reduce flakyness of tsvb tests
* renames visualize.showWriteControls => visualize.save
* fix ui capability tests
* fix tests
* fix references to timePicker page object
* fix ts errors
* adds 'editable' property to embeddable metadata instead of hardcoded capability checks
* Remove unnecessary read-only considerations
* revert unnecessary mock changes
* [Feature Controls] - Adds missing uptime icon (#30716)
## Summary
Adds missing feature icon for Uptime application.
Needs https://github.com/elastic/kibana/pull/30678 to merge before this will go green.
* Feature Controls - Fix branch (#31135)
* Updating snapshot
* Switching visualize to use the default branch of the switch
* Fixing esarchive
* Feature Controls - Graph (#30762)
* Adding graph functional tests
* Fixing Privilieges API test
* Adding graph ui capability tests
* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/test/ui_capabilities/security_and_spaces/tests/graph.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update x-pack/test/ui_capabilities/spaces_only/tests/graph.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Apply suggestions from code review
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Removing hard-coded constants
* Adding Graph delete button
* Fixing ui capability tests
* [Feature Controls] - Fixes page width for spaces management screen (#30723)
## Summary
Fixes the skinny spaces management screen following the redesign of the overall management area.
Needs https://github.com/elastic/kibana/pull/30678 to merge before this will go green.
* Feature Controls - Dev Tools (#30712)
* Adding functional tests
* Addingn Dev_Tools ui capability tests
* Adding some api tests for console's API
* Apply suggestions from code review
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Moving uiCapability definition
* Giving user_1 dashboard access to space_2
* Using the default in the switch for devtools/visualize
* Using forceLogout, maps are leaving us on a 404 page
* Fixing privileges API tests
* Feature Controls- Fix Merge Conflicts (#31651)
* Removing duplicated and outdated tests
* Updating snapshot
* Fixing type script errors
* Getting rid of some double quotes
* Adding saved_object:url access to discover temporarily to fix tests
* Fixing dashboard tests, updating snapshots
* Fixing security only find tests
* Removing reduntant test
* Trying to give it more time
* Fixing it 20 seconds to redirect away from the create new dashboard
* Feature Controls - No more route defaults for dashboards (#31767)
* No more route defaults for dashboards
* Verbose logging...
* Changing some ciGroups to try to narrow down the problem
* Revert "Verbose logging..."
This reverts commit 3198e73b61.
* Revert "No more route defaults for dashboards"
This reverts commit 525cd94dc5.
* Chaning the method in which we do the redirect
* Fixing type issue
* Update index.ts
* Update index.ts
* Feature Controls - Only allowing features to register all and read privileges (#31526)
* Only allowing features to register all and read privileges
* Making all and read optional properties required some existence checks
* Using Aleh's superior solution!
* No more unnecessary `as any`
* Feature Controls - Saved Object Management (#31332)
* Adding savedObject uiCapabilities that mirror the savedobject actions
* Using uiCapabilities to limit which types to search for
* Restricting which saved objects can be deleted based on type
* Hiding "view in app" button when we aren't allowed to
* Filtering the saved objects relationships based on the valid saved
object types
* Using dedicated savedObjectsManagement ui capabilities
* Adding readonly mode of viewing an object
* Displaying View In App if you can actually do so
* No more operations
* Moving saved objects ui capability population to kibana plugin
* Updating x-pack jest tests
* Adding security only saved objects management ui capability tests
* Adding security and spaces tests
* Adding spaces only saved objects managment ui capability tests
* Adding saved object management listing page functional tests
* Adding functional tests for edit visualization
* Consolidating canViewInApp and getInAppUrl into the same file
* Fixing imports
* One more stray import/export
* Adding back esFrom source
* Revert "Adding back esFrom source"
This reverts commit dfb626ace3.
* Updating jest snapshots
* Updating privileges
* Adding some logging
* Back to 10 seconds
* Trying to get more logs...
* Back to normal logging levels
* Fixing ui capability tests
* Putting timeouts back.
* Feature Controls - UI capability API integration tests with fixture plugins (#32086)
* Only testing the foo plugin for security and spaces
* Using the foo plugin with the security_only tests
* Changing spaces only tests to use the foo plugin
* Using list of features from api, and fixing bug with the spaces
interceptor
* Adding catalogue tests, which are alluding to another bug
* saved_objects catalogue aren't driven by ui capabilites presently
* Expanding the coverage for the spaces only catalogue tests
* Fixing some catalogue asserts
* Fixing catalogue tests for spaces_only, I had it backwards
* Adjusting Readme, adding "global read" scenario for security only tests
* Responding to PR feedback
* Adding back saved objects tests I accidentally deleted
* Fixing typescript issues, we can't import EUI on the server
* Fixing eslint error
* Updating Jest snapshots, fixing chrome mock
* Fixing dashboard listing test
* Adding missing await and forcing logout for graph functional tests
* Putting i18n string back
* Fixing type script issue
* Fixing canvas assert because of merge
* Fixing saved object api error assertations
* user-action is now a saved object type
* Fixing typescript error
* Fixing saved object actions as a result of the merge
* Feature Controls - Infrastructure and Logging (#31843)
* hide infra/logs apps if disabled via UICapabilities
* adds tests
* adds UICapability tests for infra and log apps
* update expected privilege/action mapping
* adds feature controls security tests for infraHome
* adds infra spaces feature control tests
* remove debug code
* a sample readonly implementation, ignoring 'logs' privileges
* ts fixes
* fix capability expectations
* Removing RequiresUICapability component, since there are no usages
* Driving the source configuration seperately for logs/infrastructure
* Adding infrastructure feature controls security functional tests
* Adding spaces infrastructure tests
* Adding logs functional tests
* Reworking the ui capability tests to be more consistent
* Fixing privileges API
* Forcing logout
* Fixing comma issue introduced by merge
* Fix merge conflicts and loading/unloading esarchives more consistently
* Removing unnecessary !!
* Fixing saved object management tests
* Fixing more tests
* Using the new context APIs
* Revert "Using the new context APIs"
This reverts commit 4776f1fc86.
* Adding future version of ui capabilities react provider
* Switching the order of the HOC's for infra and making the future the
default
* Applying Felix's PR feedback
* Protecting Infra's GraphQL APIs
* Updating privileges list
* Using the introspection query
* No longer using apollo context library, rephrasing test descriptions
* Fixing issue introduced by merge conflict, I forgot a }
* Putting back missplaced data test subj
* Updating jest snapshots
* Feature Controls - Short URLs (#32418)
* Discover is showing creating short urls properly
* Adding Discover functional tests
* When dashboards show the share menu you can always create short urls
* Visualize now displays the short urls link appropriately
* Dashboard all gets access to saved objects and updating privileges api
test
* Updating and adding short url test to url panel content
* Fixing misspelling
* Updating jest snapshot
* Adding comment why allowShortUrl is always true for Dashboards
* Updating snapshots
* Fixing snapshots, mocking chrome.getInjected
* Feature Controls - Uptime (#32577)
* Adding uptime functional tests
* Enabling feature controls for uptime
* Updating the privileges API's actions
* Using a single access tag for limiting API access
* Revising the behavior of maps read-only mode (#33338)
* Feature Controls - APIs (#32915)
* Using HapiJS's scopes to perform authorization on api endpoints
* Revert "Using HapiJS's scopes to perform authorization on api endpoints"
This reverts commit f73810c22d.
* Switching the syntax of the api tags
* Fixing privileges API
* Typescriptifying some dependencies of the api authorization extensions
* Using dedicated typescript file for api post auth filtering
* Adding tests and restructuring the flow of the api authorization
* Adjusting uptime's usage of privileges and the privileges test
* Integrating PR feedback
* Fixing graph test subject, thanks Joe!
* Consolidating hideWriteControls dashboard listing test
* Reusing maps constants
* Adding type to saved object management ui capability tests
* Feature Controls - Index Pattern Management (#33314)
* Enabling feature controls for index patterns
* Updating privileges API tests
* Fixing saved object management's view index patterns in app logic
* Fixing forgotten canViewInApp tests
* Fixing maps spaces functional tests
* Feature Controls - Differentiating the privileges with the same actions (#32266)
* Differentiating the privileges with the same actions
* The types for the lodash.uniqwith packare aren't right, and we need to
customize the isEqual also, so we're gonna do it ourselves
* Fixing dev tools ui capability
* Removing are equivalent privileges prevention, it's not what we really
need
* Requiring all to be more permissive than read on startup
* Transparently differentiating "all" from "read" feature privileges
* Fixing jest tests
* Adding the allHack: action to the space and global base privileges
* Changing actions to be readonly
* Adding JSDoc's for the Actions class and specifically the `allHack`
action
* Making the import of xpack_main types consistent
* Feature Controls: APM (#32812)
* Adding APM read privilege and adding functional UI tests
* Beginning to validate the APM routes are protected properly
* Protecting APM's APIs
* Specifying CI group
* Fixing privileges
* Adding forgotten apm show ui capability
* Fixing apm's privileges
* Fixing merge-conflict with privileges allHack: and APM
* address canvas feedback (#34269)
* [Feature Controls] - Plugin postInit (#29172)
## Summary
Throwing this up as a straw ~man~ person. If we like it, I can split it out and point the OSS changes against master if we'd prefer.
Introduces a `postInit` plugin hook that is called after all plugins have gone through their `preInit` and `init` phases, which allows the security plugin to call `registerPrivilegesWithCluster` after all plugins have had an opportunity to register their features.
* Feature Controls - Adds bulk toggle for showing/hiding features within a space (#34288)
## Summary
Adds a "Change all" option to the spaces management screen to allow all features to be shown/hidden:
Closes#34184
* Feature Controls - Unregistered Applications Authorization (#34122)
* Converting the app authorization to use typescript
* Adding jest tests
* Only authorizing app routes that are registered for features
* Using ProtectedApplications to lazily get feature applications
* Removing unneeded mocked headers as part of the authorization
* Adding some logging for the app authorization
* Fixing imports, thanks tslint --fix!
* Updating snapshots
* Feature Controls - Disable privilege form until spaces are selected (#34386)
## Summary
This disables the privilege selection until one or more spaces are selected in the role management form:
* Feature Controls - Visualize read-only create new (#34209)
* Allowing users to create new visualizations, even if they can't be saved
* Fixing privileges and tests
* Updating snapshot
* Removing visualize edit ui capability
* Feature Controls - Actions Version Prefix (#34405)
* Prefixing actions with version
* Updating privileges api integration test
* Update x-pack/plugins/security/server/lib/authorization/actions/saved_object.ts
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Requiring version to be a not empty string
* Updating jest snapshots
* Changing the 403 messages for the saved object client
* Fixing ui/chrome mock
* Feature Controls - Displaying share menu on dashboards when in read-only mode (#34207)
* Displaying share menu on dashboards when in read-only mode
* Fixing test description, thanks Luke!
* Fixing dashboard view mode tests because the share menu is now visible
* migrate from tslint to eslint
* Feature Controls - Reserved Role Apps (#30525)
* Removing feature privileges from ml/monitoring/apm
* Adding monitoring/ml/apm as hard-coded global privileges
* A poorly named abstraction enters the room
* No more wildcards, starting to move some stuff around
* Splitting out the feature privilege builders
* Using actions instead of relying on their implementation
* We don't need the saved object types any longer
* Explicitly specifying some actions that used to rely on wildcards
* Fixing api integration test for privileges
* Test fixture plugin which adds the globaltype now specifies a feature
* Unauthorized to find unknown types now
* Adding reserved privileges tests
* Adding reserved privileges in a designated reserved bucket
* Fixing ui capability tests
* Adding spaces api tests for apm/ml/monitoring users
* Adding more roles to the security only ui capability tests
* You can put a role with reserved privileges using the API
* Adding support to get roles with _reserved privileges
* Adding APM functional tests
* Adding monitoring functional tests
* Fixing typo
* Ensuring apm_user, monitoring_user alone don't authorize you
* Adding ml functional tests
* Fixing test
* Fixing some type errors
* Updating snapshots
* Fixing privileges tests
* Trying to force this to run from source
* Fixing TS errors
* Being a less noisy neighbor
* Forcing logout for apm/dashboard feature controls security tests
* Fixing the security only ui capability tests
* Removing test that monitoring now tests itself
* Fixing some ui capability tests
* Cleaning up the error page services
* Fixing misspelling in comment
* Using forceLogout for monitoring
* Removing code that never should have been there, sorry Larry
* Less leniency with the get roles
* Barely alphabetical for a bit
* Apply suggestions from code review
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Removing errant timeout
* No more hard coded esFrom source
* More nits
* Adding back esFrom source
* APM no longer uses reserved privileges, reserved privileges are
pluggable
* Fixing typescript errors
* Fixing ui capability test themselves
* Displaying reserved privileges for the space aware and simple forms
* Removing ability to PUT roles with _reserved privileges.
Removing ability to GET roles that have entries with both reserved and
feature/base privileges.
* Updating jest snapshots
* Changing the interface for a feature to register a reserved privilege to
include a description as well
* Displaying features with reserved privileges in the feature table
* Adjusting the reserved role privileges unit tests
* Changing usages of expect.js to @kbn/expect
* Changing the CalculatedPrivilege's _reserved property to reserved
* Allowing reserved privileges to be assigned at kibana-*
* Updating forgotten snapshot
* Validating reserved privileges
* Updating imports
* Removing --esFrom flag, we don't need it anymore
* Switching from tslint's ignore to eslint's ignore
* Feature Controls - Adds feature registration to plugin generator (#34537)
## Summary
This updates the plugin generator to allow plugin authors to automatically register their feature with the Feature Registry, for control via Spaces/Security.
Running:
```
elastic-mbp:kibana larry$ node scripts/generate_plugin.js test-plugin
? Provide a short description An awesome Kibana plugin
? What Kibana version are you targeting? master
? Should an app component be generated? Yes
? Should translation files be generated? Yes
? Should a hack component be generated? Yes
? Should a server API be generated? Yes
? Should SCSS be used? Yes
```
Generates the following:
```js
import { resolve } from 'path';
import { existsSync } from 'fs';
import { i18n } from '@kbn/i18n';
import exampleRoute from './server/routes/example';
export default function (kibana) {
return new kibana.Plugin({
require: ['elasticsearch'],
name: 'test_plugin',
uiExports: {
app: {
title: 'Test Plugin',
description: 'An awesome Kibana plugin',
main: 'plugins/test_plugin/app',
},
hacks: [
'plugins/test_plugin/hack'
],
styleSheetPaths: [resolve(__dirname, 'public/app.scss'), resolve(__dirname, 'public/app.css')].find(p => existsSync(p)),
},
config(Joi) {
return Joi.object({
enabled: Joi.boolean().default(true),
}).default();
},
init(server, options) { // eslint-disable-line no-unused-vars
const xpackMainPlugin = server.plugins.xpack_main;
if (xpackMainPlugin) {
const featureId = 'test_plugin';
xpackMainPlugin.registerFeature({
id: featureId,
name: i18n.translate('testPlugin.featureRegistry.featureName', {
defaultMessage: 'test-plugin',
}),
navLinkId: featureId,
icon: 'discoverApp',
app: [featureId, 'kibana'],
catalogue: [],
privileges: {
all: {
api: [],
savedObject: {
all: [],
read: ['config'],
},
ui: ['show'],
},
read: {
api: [],
savedObject: {
all: [],
read: ['config'],
},
ui: ['show'],
},
},
});
}
// Add server routes and initialize the plugin here
exampleRoute(server);
}
});
}
```
* Updating core system docs
* Fixing infra's dates with data for the functional tests
* [Feature Controls] - Move UICapabilities to the new platform (#30585)
## Summary
This moves the UI Capabilities service into the new platform, shimming into the old platform in a way that is consistent with the `i18n` service.
* Fixing uptime functional api tests
* Removing .only...
* Adds time_zone to query
* Adds dateFormatTZ to kuery query
Removes comments
* Adds defaults for the dateFormatTZ to the function signatures
* Adds tests for date match in kuery
Modifies test
* Adds a test for get_es_query_config
* Adds test for get timezone from settings utility method
* Adds tests for modified range method
Adds config param test to node_types/functions
code clean up
* resolves initial PR comments
* Refactors build_es_query test
* Refactors get_time_zone_from_settings test
* Uses spys to test that the config is passed down to children in ast toElasticsearchQuery
* removes default config nulls
* Deletes sinon.spy tests in kuery
* removes moment.setDefault from __tests__/get_timezone_from_settings.js
Adds two fields to the IndexPattern Field:
* parent - the name of the field this field is a child of
* subType - The type of child this field is. Currently the only valid value is multi but we could expand this to include aliases, object children, and nested children.
The thinking behind implementing these two new properties instead of a simple isMultiField flag is that it should be generic enough to describe other sorts of parent -> child relationships between fields.
* Quick unrelated fixes
* [Search Profiler] Quick fix style fix up including dark theme
* Fixed IE
* Remove unused translation
* Make the main panel always visible and scroll independently
* Space out flyout title
* Fix up for the new tabs directive
* restrict import from core&plugin internals
* Fork import/no-restricted-paths and add allowSameFolder option
Our use case requires to restrict imports from plugin folders, which names are unknown for us yet. We cannot use 'import/no-restricted-paths' in the current state, because if we define 'from: plugins/*/server/' the rule will report all relative imports in the same folder as well. To fix this problem we added another option 'allowSameFolder' that makes the rule to ignore imports in the same folder.
* update notices
* add basePath option
* support glob pattern instead of reagexp
* remove @notice, make basePath required
* chore(NA): first changes on every package.json order to support new babel 7. chore(NA): build for kbn-pm with babel 7.
* chore(NA): patch babel register to load typescrit
* chore(NA): first working version with babel 7 replacing typescript compiler.
* fix(NA): common preset declaration in order to make it work with babel-loader.
* chore(na): organizing babel preset env package json.
* chore(NA): mocha tests enabled.
* fix(NA): typo on importing
* test(NA): majority of x-pack tests ported to use babel-jest
* fix(NA): report info button test with babel-jest.
* fix(NA): polling service tests.
* test(na): fix server plugins plugin tests.
* test(NA): batch of test fixs for jest tests under babel-jest hoisting.
* chore(NA): add babel plugin to hoist mock prefixed vars on jest tests.
* chore(NA): update yarn.lock file.
* chore(NA): tests passing.
* chore(NA): remove wrong dep
* chore(NA): fix tsconfig
* chore(NA): skip babel for ts-jest.
* chore(NA): selectively apply the plugin to strip off namespace from ts files.
* chore(NA): remove not needed changes from ts tests
* chore(NA): removed ts-jest dependency. chore(NA): migrate ts tests on x-pack to use babel-jest with the new pattern.
* chore(NA): migrate kibana default distribution typescript tests to run with babel-jest and the new test mock pattern.
* chore(NA): merge and solve conflicts with master.
* chore(NA): fix problems reported by eslint
* chore(NA): fix license ovveride for babel-plugin-mock-imports
* chore(NA): update jest integration tests for kbn pm
* chore(NA): update babel jest integration tests for kbn pm.
* test(NA): update jest integration snapshot for kbn pm.
* chore(NA): apply changes according to the pull request reviews.
* chore(NA): apply changes according to the pull request reviews.
* refact(NA): migrate jest tests to the new pattern.
* fix(NA): babel 7 polyfill in the tests bundle.
* chore(NA): restore needed step in order to compile x-pack with typescript.
* chore(NA): change build to compile typescript with babel for the oss code. chore(NA): change transpile typescript task to only transpile types for x-pack. refact(NA): common preset for babel 7
* Revert "chore(NA): change build to compile typescript with babel for the oss code. chore(NA): change transpile typescript task to only transpile types for x-pack. refact(NA): common preset for babel 7"
This reverts commit 2707d538f5.
* fix(NA): import paths for tabConfigConst
* chore(NA): fix transpiling error on browser tests
* chore(NA): simplify kbn babel preset package.
* chore(NA): migrate build to use babel transpiler for typescript excluding xpack.
* fix(NA): introduced error on test quick task.
* fix(NA): fix preset for client side code on build.
* fix(NA): build with babel
* fix(NA): negated patterns in the end.
* fix(NA): kbn_tp_sample_panel_action creation.
* fix(NA): babel typescript transform plugin workaround when exporting interface name.
* refact(NA): remove not needed type cast to any on jest test.
* docs(NA): add developement documentation about jest mocks test pattern.
* chore(NA): missing unmerged path.
* chore(NA): fix jest tests for template.
* [CCR] Client integration tests (table lists) (#33525)
* Force user to re-authenticate if token refresh fails with `400` status code. (#33774)
* Improve performance of the Logstash Pipeline Viewer (#33793)
Resolves#27513.
_This PR is a combination of #31293 (the code changes) + #33570 (test updates). These two PRs were individually reviewed and merged into a feature branch. This combo PR here simply sets up the merge from the feature branch to `master`._
Summary of changes, taken from #31293:
## Before this PR
The Logstash Pipeline Viewer UI would make a single Kibana API call to fetch all the information necessary to render the Logstash pipeline. This included information necessary to render the detail drawer that opens up when a user clicks on an individual vertex in the pipeline.
Naturally, this single API call fetched _a lot_ of data, not just from the Kibana server but also, in turn, from Elasticsearch as well. The "pro" of this approach was that the user would see instantaneous results if they clicked on a vertex in a pipeline and opened the detail drawer for that vertex. The "cons" were the amount of computation Elasticsearch had to perform and the amount of data being transferred over the wire between Elasticsearch and the Kibana server as well as between the Kibana server and the browser.
## With this PR
This PR makes the Kibana API call to fetch data necessary for **initially** rendering the pipeline — that is, with the detail drawer closed — much lighter. When the user clicks on a vertex in a pipeline, a second API call is then made to fetch data necessary for the detail drawer.
## Gains, by the numbers
Based on a simple, 1-input, 1-filter, and 1-output pipeline.
* Before this PR, the Elasticsearch `logstash_stats` API responses (multiple calls were made using the `composite` aggregation over the `date_histogram` aggregation) generated a total of 1228 aggregation buckets (before any `filter_path`s were applied but across all `composite` "pages"). With this PR, the single `logstash_stats` API response (note that this is just for the initial rendering of the pipeline, with the detail drawer closed) generated 12 buckets (also before any `filter_path`s were applied). That's a **99.02% reduction** in number of buckets.
* Before this PR, the Elasticsearch `logstash_stats` API responses added up to 70319 bytes. With this PR, the single `logstash_stats` API response for the same pipeline is 746 bytes. That's a **98.93% reduction** in size.
* Before this PR, the Elasticsearch `logstash_state` API response was 7718 bytes. With this PR, the API response for the same pipeline is 2328 bytes. That's a **69.83% reduction** in size.
* Before this PR the Kibana API response was 51777 bytes. With this PR, the API response for the same pipeline is 2567 bytes (again, note that this is just for the initial rendering of the pipeline, with the detail drawer closed). That's a **95.04% reduction** in size.
* [Maps] split settings into layer and source panels (#33788)
* [Maps] split settings into layer and source panels
* fix SCSS import
* [env] exit if starting as root (#21563)
* [env] exit if starting as root
* fix windows
* s/--allow-root
* Typescript sample panel action (#33602)
* Typescript sample panel action
* Update EUI version to match main cabana version
* update yarn.lock
* add back typings include
* use correct relative path
* Home page "recent links" should communicate saved object type #21896 (#33694)
* adds object type for screen order
* adds object type for pointer hovering
* Update src/legacy/ui/public/chrome/directives/header_global_nav/components/header.tsx
Co-Authored-By: rockfield <philipp.b@ya.ru>
* [@kbn/expect] "fork" expect.js into repo
* [eslint] autofix references to expect.js
* [tslint] autofix all expect.js imports
* now that expect.js is in strict mode, avoid reassigning fn.length
I'd like to add another custom eslint rule, but there isn't a very good place to do that right now. We have the `eslint-plugin-kibana-custom` package, which is super simple but isn't in the `@kbn` namespace and isn't included in the root eslint config, and `@kbn/eslint-plugin-license-header` is too specific, so I've merged those two packages into `@kbn/eslint-plugin-eslint`, which is a little redundant but allows is to refer to the rules within it as `@kbn/eslint/{rule}`, which feels nice.
Thoughts?
_**NOTE:**_ merging the eslint rules from the two packages means enabling prettier for the code from `@kbn/eslint-plugin-license-header`, all those changes are made in 42c7da6fe2. [View the changes without the prettier updates](b647f2b...74e07a0)
* [ci/es] base default es version on pkg.branch value
* [ci/env] initialize $TEST_ES_FROM in checkout_sibling_es.sh
* [UA] remove TEST_ES_SNAPSHOT_VERSION override
* [ci/es] call checkout_sibling_es.sh from one location
* [ci] remove unused `--from` param
* [ci/env] always default to snapshots, switch to source when necessary
* [kbn/test] default esFrom to $TEST_ES_FROM
* [ci/setup] fix define order
* [ci/grunt] don't pass --esFrom let env pass through
* [ci/env] use branch, not version
* [ci] use same indent style as following lines
* [kbn/test] apply default values when processing args
* [kbn/test] simplify defaults, read default on each process
## Summary
While working on a plugin that was just using the Kibana eslint config, I saw a stream of these messages:
> Warning: React version specified in eslint-plugin-react-settings must be a string; got “object”
Looking into our eslint config, I noticed we're using `semver.coerce` to get the version from the `package.json` file in Kibana. This looked right, except that method actually returns an object:
```js
const ver = semver.coerce('^16.8.0');
console.log(ver);
```
That produces:
```
SemVer {
options: { loose: false, includePrerelease: false },
loose: false,
raw: '16.8.0',
major: 16,
minor: 8,
patch: 0,
prerelease: [],
build: [],
version: '16.8.0' }
```
The [semver package](https://www.npmjs.com/package/semver) includes some examples where they wrap that value in `semver.valid`, which produces a string and fixes the warning.
```js
const ver = semver.valid(semver.coerce('^16.8.0'));
console.log(ver); // outputs 16.8.0
```
### So why don't we see this warning in Kibana?
I'm not sure, but I suspect it's because it's a console warning and our tooling prevents that output from showing up.
This change stops the warning output when you run eslint in my plugin though.
UPDATE: After some more digging, it looks like it's related to the version override in Kibana's eslintrc. Removing the override stops the linter from running, without the changes in this PR.
* Prefer third-party plugin development in plugins instead of kibana-extra
* Fix failing recursive directory creation and removal
* Add new built version of kbn-pm
* [ftr] flatten GenericProviderTypes to fix "log" types
* [ftr/remote] typscript-ify
* remove webdriver types, since they're version 3 and we're using version 4
* simplify initWebDriver() function
* keep jest tests in the functional tests as js, mixing jest and mocha types doesn't work
We have had `insert_final_newline = true` in our `.editorconfig` file since April 2015, but never validated it with eslint. I'm a little tired of extra changes showing up in PRs because some people use editors which respect the `.editorconfig` file and some don't, so I figured we might want to enable the rule in eslint so that the can be autofixed.
Votes requested please :)
In https://github.com/elastic/kibana/pull/31234 there were some extra changes that I've reverted, like use of the `tsconfig-paths` package to magically rewrite import statements to defy the standard node module resolution algorithm, the inclusion of several unnecessary options in the `test/tsconfig.json` file, and changes of the line-endings in the config files. This also brings a few enhancements from https://github.com/elastic/kibana/pull/30190 including a modularized version of the expect.js types, and options for explicit mappings for the PageObjects and services used in ftr tests.
* bump typescript version to 3.3.3333
* fix tests after updating TS version
* suppress type errors until they fixed appropriately
* address comments
* add type def for UnconnectedKibanaLink
* remove fix @ts-ignore
* fix snapshot test. provide displayName
* udpate jest, jest-cli, @types/jest to v24
* fix type error in kibana-i18n package
* return serivce explicitly to fix typings
* add explicit never
* suppress typings errors
* update jest versions in x-pack
* make tests in x-pack more robust and fix incompatibility
* suppress CallCluster mock typings
Mock interface doesn't match CallCluster. Requires
additional work
* x-pack. resolve other typing conflicts
* remove unused types/jest
* fix snapshots
* restore mocks after jest.spyOn
* remove outdated definitions for jest
* cleanup x-pack package.json and update @types/jest
* fix tests merged from master
* updated yarn.lock and log errors for scripts/type_check
* This commit fixes error in TS, which failed on parsing the file.
* suppress type errors from master
* jest-cli is devDep
* [kuery] support matching field names with newlines (#29539)
* [kuery] support matching field names with newlines
* Add support for newlines in KQL grammar
* Add test for newlines in wildcards
* Fix test
* Use 's' instead of 'm' to match newlines instead of doing multi-line
* Fix autocomplete suggestions to handle newlines and tabs in field names
* Add line feed to escaped whitespace
* Fix broken test
This commit accompanies the four that precede it. Rather than squash
them altogether, the four previous commits all do nothing except move
files to help avoid conflicts.
* Fix buildEsQuery to ignore filters if not in index
* Fix tests and move getEsQueryConfig to package
* Revert changes to TSVB
* Remove console log
* Review feedback
This removes the custom build process for Canvas plugins. Canvas plugins are now regular
Kibana plugins. They can register server-side functions like so:
```js
server.plugins.interpreter.register({
serverFunctions: [yourFunctionsHere],
});
```
And client-side functions need to be included in `uiExports.canvas`, then they need to
register themselves like so:
```js
// kbnInterpreter is a global, sadly, but it makes registration simple
kbnInterpreter.register({
elements: [yourElementsHere],
browserFunctions: [yourFnsHere],
});
```
* csp: nonce and unsafe-eval for scripts
To kick things off, a rudimentary CSP implementation only allows
dynamically loading new JavaScript if it includes an associated nonce
that is generated on every load of the app.
A more sophisticated content security policy is necessary, particularly
one that bans eval for scripts, but one step at a time.
* img-src is not necessary if the goal is not to restrict
* configurable CSP owned by security team
* smoke test
* remove x-content-security-policy
* document csp.rules
* fix tsconfig for test
* switch integration test back to regular js
* stop looking for tsconfig in test
* grrr, linting errors not caught by precommit
* docs: people -> you for consistency sake
Co-Authored-By: epixa <court@epixa.com>
* Use mixin for full screen graphics
- Moved svg assets to one folder under `ui/public/assets/images`
- Deleted .less files
* Fix Kibana logos as well
* forgot to remove
* adds dark mode images
* Removed search_select
In favor of pattern to be created in EUI : https://github.com/elastic/eui/issues/1498
* No LESS in plugin generator
* remove comment
* Remove .less from testbed
* snaps
* Update dark mode graphics to be a bit lighter
* [karma] load css via url, rather than webpack
* [karma] css isn't built at config time, concat at request time
Fixes the build issues introduced in #25563 and re-introduces the new react/eui/typescript filter bar, essentially reverting the revert in #29662. I did have to resolve one merge conflict in query_bar.tsx, and re-deleted all of the old filter bar code where translation code had been added.
* Bring over all ui-select styles and convert color vars
* Some bootstrap dark theming
* Consolidating non-EUI form control styles
* Update some tutorial pieces set to EUI
* Fix up visualize editor sidebar as best as I can
* PR feedback
- comment for image
- euiScrollbar
- euiBorderThick
* Fix advanced toggle test
* Don’t show IE’s select arrow
This gets Canvas expressions to behave consistently across environments, and is the first step in migrating expressions to a different transport layer.
* Breadcrumbs and Title on their own line
- Menu on the left, datepicker on the right
* Fixed up usages of kuiLocalTitle
* Fix alignment if main menu doesn’t exist
* Remove some extraneous classes
* Add support to kbn-es and kbn-test for data archives
* Fix log indent
* Decompress directly to data directory
Co-Authored-By: joshdover <me@joshdover.com>
* Improve logs
* progress
* progress
* cleanup and elastic configs
* make upgrades to support adding aditional users, with
* use defaultDeep to ensure settings pass correctly
* move needed configs to start servers into kbn_server (except x-pack plugin paths and users)
* move xpack config to an export
* add more time
* diff rollbacks
* roll back prettier diff
* revert setupUsers signature
* remove more bluebird
* update bluebird for fixes with jest compatability
* fix ts errors
* dont allow jest to keep going making errors confising
* Separates configs for jest integration core/x-pack.
* Pass nested kbn config parameters.
* Adds example x-pack integration test using live es.
* Cloud detectors should be configurable for tests.
* Cloud detectors should use native promises only.
* No erroneous comments...
* Util is only for promisify, duh!
* New tests should have docuementation to help those looking to utilize them.
* Doc section headings should be consistent with each other.
* With git there is no need to commit commented code.
Plugins loaded by the `@kbn/interpreter` can sometimes setup global values while loading, like the regeneratorRuntime for instance, but the current plugin loading code is deleting every global that was added during plugin load. This changes the logic to only cleanup the `canvas` global after loading the canvas plugins.
resolves https://github.com/elastic/kibana/issues/27162
EUI 5.7.0 had a color refresh which switched around our palette to better match branding guidelines. Hex colors are still hard coded in large parts of Kibana so most of the changes not in kbn/ui-framework are simple shifts to match that styling.
* Added workpad manager which contains workpad_loader and workpad_templates
* Fixed term filter in workpad_templates
* design changes
* Removed console logs
Closes workpad manager modal after cloning template
Fixed filtering workpad templates
Removed console log
Added sample templates
Added more templates to test with
Removed cloneDeep
* case insensitive template search
* Case insensitive tag order in popover
* added descriptions and tags to sample data workpads
* refine list of initial templates
* remove sample data templates, make buttons bigger
* Added template and tag registries
* Fixed workpad loader resizing issue on home page
* Moved tags to ui folder
* Fixed template class
* Fixed properties in templates to match workpad
* feat(NA): upgrade node js version on file configs.
* chore(NA): migrate configs and 3rd party dependencies to work on node js 10.x
* fix(NA): add missing async function declaration.
* chore(NA): updated elastic/good package to work with node10
* chore(NA): update lockfiles.
* fix(NA): add missing dep.
* fix(NA): types for node 10.
* test(NA): fix error return type for node10.
* fix(NA): kbn-pm webpack config to unlazy a require using lazy-cache. fix(NA): build to work with node 10.
* test(NA): jest integration test for kbn-pluin-helpers.
* test(NA): fix jest tests for kbn-es.
* fix(NA): use ostmpdir instead of a tmp folder inside the fixtures.
* fix(NA): change afterEach on kbn es decompress test.
* fix(NA): change afterEach on kbn es decompress test.
* fix(NA): readd mock-fs for the tests that still use it on kbn-es and that works on node10.
* fix(NA): readd mock-fs for the tests that still use it on kbn-es and that works on node10.
* refact(NA): rewrite tests using mock-fs and completely remove this dependency.
* fix(NA): failing test implementation using jest mock in order to replace mock-fs.
* fix(NA): update jest snapshots to match new ones generated one node 10.
* fix(NA): cli/cluster mock to spyOn off method instead off spyOn removeListener as this was changed on Node 10.
* fix(NA): tests for cluster_manager to also spyOn off and on instead of addListener and removeListener
* test(NA): fix management advance settings image field test flow.
* fix(NA): apply missing types for src/core/server/plugins/discovery/plugins_discovery.ts.
* test(NA): updated 2 missing snapshots for KuiCodeEditor on kbn-ui-framework.
* refact(NA): fix eslint errors.
* refact(NA): fix ts code with tslint fix. chore(NA): update jest snapshots.
* chore(NA): migrate kbn config schema peer dependency to last used joi version to avoid warning on bootstrap.
* fix(NA): tslint errors.
* chore(NA): upgrade types node to the last version.
* fix(NA): missing utf8 input format encoding when reading a file.
* chore(NA): upgrade to node 10.14.1
* fix(NA): Buffer api usage to avoid deprecation warnings.
* feat(NA): first dll bundler code.
* chore(NA): upgrade to webpack 4.
* chore(NA): updated package.json
* chore(NA): removed old code.
* chore(NA): add parallel option.
* chore(NA): removed console log and old var about node modules.
* chore(NA): turn off unsafe cache.
* chore(NA): update lock files.
* chore(NA): new config for dll generation.
* chore(NA): update stats emit.
* chore(NA): update dependencies.
* chore(NA): right cache loaders.
* chore(NA): remove ui_bundles alias.
* feat(20749): init implementation on bridge plugin for dll bundler.
* feat(20749): init implementation for dll compiler.
* feat(20749): dll bundler init from other process and webpack wrapper..
* feat(20749): optimizer changes to integrate with dll bundler.
* chore(20749): split into different processes.
* refact(20749): change to single running process.
* refact(NA): improvements on dll bundler plugin.
* refact(NA): removing including loop on plugins.
* refact(20749): only run dllReference once.
* chore(20749): todo on result.request path building.
* chore(NA): lock files updated.
* chore(NA): avoiding dll paths being removed.
* chore(NA): tests on sync generation.
* chore(NA): changes on entry paths compiler.
* chore(NA): different hooks tests.
* chore(20749): first working version, single process, for dynamic building dll.
* feat(20749): last gross features for the dynamicdllplugin.
* refact(20749): string interpolation when creating the path to delete in every optimizer cycle. feat(20749): creating the DynamicDllPlugin foundations.
* chore(NA): updated base optimizer run function args.
* chore(20749): first working solution with vendor dll both for prod and dev.
* chore(20749): useful todos on client dlls.
* feat(NA): auto built blacklist for server node_modules.
* refact(NA): removed unused code.
* chore(NA): update all webpack and loaders stuff to last versions.
* refact(NA): first refacts on clean taks related with dll. feat(NA): added clean empty folders task.
* refact(NA): removed support for console logs during the build.
* refact(NA): removed extra space.
* refact(NA): removed extra space.
* refact(NA): getDllModules function.
* chore(NA): removed unsafeCache option.
* feat(NA): removed unsafeCache option.
* refact(NA): apply general inheritance principles to the optimizer: hooks, and init. refact(NA): merge dynamic dll plugin into the common config. refact(NA): restore old template structure - vendors.dll style is always emitted.
* fix(NA): fs_optimizer run function by not returning inside async func.
* fix(NA): change template anchor name from vendor to vendors.
* docs(NA): added info about files were keeping when cleaning the bundles.
* fix(NA): filtering elible dll modules to delete.
* refact(NA): removed old dll bundler in favor on new dynamic dll plugin.
* refact(NA): initial split for clean modules on dll task.
* refact(NA): update new dll config model. refact(NA): update config on dynamicdllplugin.
* refact(NA): major work refactor for dynamic dll plugin.
* refact(NA): extract clean node modules on dll task to its own folder.
* refact(NA): organize imports.
* docs(NA): add docs to registerCompilerHooks function for the optimizer.
* refact(NA): finished refactor for dynamic dll plugin with correct error handling for runWebpack function.
* refact(NA): basic structure for clean client modules on dll task.
* fix(NA): resolve path for dll manifest during cclean build tasks.
* refact(NA): split webpack dll related functions to their own file for clean client modules on dll task.
* refact(NA): added error handling for the clean client modules on dll task - webpack dll related functions.
* docs(NA): added license header.
* refact(NA): complete split out the functions from the clean modules on dll task to the code_parser file.
* refact(NA): main task entries compose.
* docs(NA): extend docs for the getDependenciesFromFile function.
* refact(NA): final structure split for clean client node modules dll task.
* fix(NA): added missing param to calculate top level dependencies.
* docs(NA): completed todo description about dll location.
* fix(NA): add production option to webpack config on kbn-pm.
* docs(NA): extended documentation about style extraction.
* refact(NA): removed extra comments.
* feat(NA): env variable to force dll creation.
* feat(NA): include option to define folders to keep on delete empty folders task.
* refact(NA): remove unused method from dll compiler.
* feat(NA): move dlls outside bundles folder and support request for /dlls from a browser perspective.
* chore(NA): gitignore updated to include new dlls folder.
* chore(NA): eslintignore updated.
* chore(NA): removed strange file from repo.
* test(NA): fix failing tests for bundles_route.
* fix(NA): change paths array to path string in a server route config.
* fix(NA): remove infinite loop calls on register hooks functions.
* fix(NA): readFile should only override the file in case it not exists.
* refact(NA): removed dll compiler finish log on success with stats.
* fix(NA): dll compiler alias.
* fix(NA): dynamic dll plugin flow on needs compile.
* fix(NA): raw alias config.
* Revert "fix(NA): raw alias config."
This reverts commit ebb245a786.
* feat(NA): raw alias for moment on dll config model.
* fix(NA): removed uiBundles from base_optimizer call on dynamicdllplugin.
* chore(NA): decrease moment versions.
* chore(NA): temporary changes on dll compiler.
* fix(NA): majority of problems between dll approach, webpackshims and browser tests.
* fix(NA): webpackShims integration with client vendors dll. fix(NA): enable esm modules mutability for development. fix(NA): only clean dll contents from build when they belong to node_modules.
* fix(NA): fix for endless dll compilation loop.
* fix(NA): removed esm plugin and skipped test using wrong stub strategy.
* docs(NA): added some comments for the skipped test.
* feat(NA): considering requires inside webpackShims valid entry paths to add to the dll entry file.
* fix(NA): small fix for the max compilation logic.
* docs(NA): add small explanatory note.
* fix(NA): building requires results with relative requires found onn webpackShims.
* docs(NA): add small note for error handling on dll compiler.
* fix(NA): move precinct to prod dependencies.
* test(NA): testing running functional tests on production.
* fix(NA): restore tests run config for development flag. feat(NA): force dll creation with uiBundles is Dev flag.
* chore(NA): update dependencies.
* feat(NA): test update dll to completely match base optimizer one.
* fix(NA): removed ts.
* refact(NA): removed unused consts.
* fix(NA): set back transpile sacss task in place.
* fix(NA): fix resolve remoing ts and tsx.
* fix(NA): set back transpile sacss task in place.
* fix(NA): removing isDevmode from mustCompileDll.
* fix(NA): add search for import statements into the dependencies visitor.
* fix(NA): add dll suffix to vendors resource on ui bootstrap template.
* fix(NA): some configs for unrelated dll work projects.
* chore(NA): upgrade canvas plugins webpack build to webpack4.
* chore(NA): add shim for moment-duration-format.
* chore(NA): stup moment-duration-format into the moment webpackShim.
* chore(NA): setup moment-duration-format into the moment-timezone webpackShim.
* fix(NA): moment and moment-timezone webpackShims
* chore(NA): added moment and moment-timezone webpackShims to x-pack. fix(NA): revert changes on webpackShims for oss kibana.
* fix(NA): xpack webpackshims for moment.
* fix(NA): remove xpack webpakcshims for moment.
* fix(NA): webpakcshims for moment.
* fix(NA): remove every changes from webpackShims and xpack webpackShims.
* fix(NA): fix visitors to gather server dependencies resulting from export * from and export x, 'x' from.
* chore(NA): update some webpack related dependencies.
* fix(NA): in the dll the plugins need to have their own dependencies. It is the same for the ones into the tests relying on test against distributable.
* feat(NA): including test/plugin_functional plugins into the kbn-pm bootstrap tasks.
* fix(NA): wrong built yarn lock files.
* chore(NA): updated webpack related dependencies.
* feat(NA): add missing color for dynamic_dll_plugin logging tag.
* chore(NA): removed forgotten console.log.
* chore(NA): removed forgotten dead code.
* chore(NA): removed missing old comment.
* docs(NA): added missing notice for 2 tools we have relied on.
* refact(NA): added is to a boolean variable to keep the consistency inside the code parser strategies.
* fix(NA): update notice cli to exclude search inside dlls bundles. chore(NA): update notice file.
* feat(NA): use lodash matches in the code parser visitors logic.
* docs(NA): updated notice file related with the code parser visitors logic..
* docs(NA): added explanation for the process that decides if we should build a new dll or not.
* test(NA): added missing tests for some usefull parts of the code.
* refact(NA): split registerCompileHook function into small ones.
* chore(NA): uncomment scripts from tests.
* feat(NA): isolate code-parser in a kbn package
* fix(NA): missing relative dot into the cwd function.
* chore(NA): update all inter deps to match.
* fix(NA): rebuild the yarn locks and the package jsons based on master ones.
* fix(NA): move babel-code-parser to the prod deps.
* chore(NA): include build path instead of the base root path.
* refact(NA): integrate plugin_functional test plugins with workspaces.
* fix(NA): include missing license for plugin functional test plugins.
* fix(NA): always write posix paths into the dll entry file in order to make the dlls compilation working on windows too. chore(NA): improve error handling into dll compiler.
* fix(NA): revert wrong moved line from canvas.
* fix(NA): match ts-loader version between kibana and x-pack.
* fix(NA): sync dll compiler with base_optimizer.
* fix(NA): exclude kbn-interpreter from the dll.
* refact(NA): remove exclusion of kbn-interpretor from base_optimizer.
* chore(NA): add dlls folder to the yarn kbn clean script.
* fix(NA): missing utf8 input format encoding when reading a file to create the hash into the watch optimizer cahce.
* refact(NA): re-engineering to the dynamic_dll_plugin logs and lifecycle.
* fix(NA): update clean node modules task to search under legacy/core_plugins.
* fix(NA): fix build on windows with globby on cleaning dlls for the watch optimizer cache.
* docs(NA): update documentation for the clean client node modules build task.
* docs(NA): added extra comment to clarify the purpose for the built entrypoints.
* chore(NA): update clean client node_modules code to use posix path.
* feat(NA): add support for discovering server entries over the legacy plugins and the new plugins.
