Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove unused Bootstrap well modifiers. #12

Conversation

cjcenizal
Copy link
Owner

These styles aren't being used in X-Pack.

@cjcenizal cjcenizal force-pushed the refactor/remove-bootstrap-dependency branch 2 times, most recently from ee44a34 to 00efd32 Compare July 5, 2016 20:31
@cjcenizal cjcenizal closed this Jul 8, 2016
@cjcenizal cjcenizal deleted the refactor/remove-bootstrap-well-modifiers branch July 8, 2016 18:25
cjcenizal added a commit that referenced this pull request Dec 7, 2017
cjcenizal added a commit that referenced this pull request Dec 7, 2017
cjcenizal added a commit that referenced this pull request Dec 7, 2017
cjcenizal added a commit that referenced this pull request Dec 7, 2017
* Update to Enzyme 3.x. (#12)

* Add findTestSubject test helper. Fix KuiCodeEditor tests.

* Fix KuiContextMenu tests.

* Fix KuiConfirmModal tests.

* Fix tests for KuiPager.

* Update KuiConfirmModal tests to use findTestSubject helper.

* Publish test helpers from ui_framework. Fix DashboardCloneModal tests.
cjcenizal pushed a commit that referenced this pull request Dec 12, 2017
* get kibana to start with react 16.0.0

* ensure width and height for dashboard grid

* Update to Enzyme 3.x. (#12)

* Fix tests broken by Enzyme upgrade (#13)

* Update to Enzyme 3.x. (#12)

* Add findTestSubject test helper. Fix KuiCodeEditor tests.

* Fix KuiContextMenu tests.

* Fix KuiConfirmModal tests.

* Fix tests for KuiPager.

* Update KuiConfirmModal tests to use findTestSubject helper.

* Publish test helpers from ui_framework. Fix DashboardCloneModal tests.

* Fix more tests (#14)

* Fix DashboardPanelContainer tests.

* Update KuiColorPicker tests.

* Fix ControlsTab tests.

* Rename vis to input_control_vis. Update and fix InputControlVis tests.

* Fix KuiListingTable tests.

* Fix KuiTextInput tests.

* Update DashboardGrid test snapshots.

* Fix test file names (#15)

* Remove old enzyme setup file.

* Add .test to YesNo and AddDeleteButtons test files.

* needed window.cancelAnimationFrame to accompany requestAnimationFrame

* remove getDOMNode function call from findTestSubject
cjcenizal pushed a commit that referenced this pull request Dec 12, 2017
* get kibana to start with react 16.0.0

* ensure width and height for dashboard grid

* Update to Enzyme 3.x. (#12)

* Fix tests broken by Enzyme upgrade (#13)

* Update to Enzyme 3.x. (#12)

* Add findTestSubject test helper. Fix KuiCodeEditor tests.

* Fix KuiContextMenu tests.

* Fix KuiConfirmModal tests.

* Fix tests for KuiPager.

* Update KuiConfirmModal tests to use findTestSubject helper.

* Publish test helpers from ui_framework. Fix DashboardCloneModal tests.

* Fix more tests (#14)

* Fix DashboardPanelContainer tests.

* Update KuiColorPicker tests.

* Fix ControlsTab tests.

* Rename vis to input_control_vis. Update and fix InputControlVis tests.

* Fix KuiListingTable tests.

* Fix KuiTextInput tests.

* Update DashboardGrid test snapshots.

* Fix test file names (#15)

* Remove old enzyme setup file.

* Add .test to YesNo and AddDeleteButtons test files.

* needed window.cancelAnimationFrame to accompany requestAnimationFrame

* remove getDOMNode function call from findTestSubject
cjcenizal pushed a commit that referenced this pull request Apr 13, 2019
* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* update snapshot

* UI/API changes to facilitate disabling features within spaces (#24235)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* Begin to allow features to be disabled within spaces

typescript fixes

additional cleanup

attempt to resolve build error

fix tests

more ts updates

fix typedefs on manage_spaces_button

more import fixes

test fixes

move user profile into xpack common

Restructure space management screen

fix SASS references

design edits

remove Yes/No language from feature toggles

fix casing

removed unused imports

update snapshot

fix sass reference for collapsible panel

Fix sass reference, take 2

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* extract migration logic into testable unit

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* Design edits (#12)

enables customize avatar popover

update tests, and simplify editing space identifier

remove references to user profile

remove unused test suite

remove unnecessary sass import

removes security's capability_decorator

* fix i18n

* updates toggleUiCapabilities to use new feature definitions

* cleanup and testing

* remove references to old feature interface

* readd lost spacer

* adds feature route testing

* additional i18n

* snapshot update

* copy edits

* fix ml app icon

* add missing export

* remove unnecessary sass import

* attempt to fix build

* fix spaces api tests

* esArchiver mapping updates

* rename toggleUiCapabilities -> toggleUICapabilities

* removes shared collapsible_panel component in favor of plugin-specific components

* some copy and style adjustments

* fix test following rebase

* add lost types file

* design edits

* remove stale export

* feature feedback; fixes cached disabled features

* GAP: Security disables UI capabilities (#25809)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* First, very crappy implementation

* Adding tests for disabling ui capabilities

* All being set to false no longer requires a clone

* Using _.mapValues makes this a lot more readable

* Checking those privileges dynamically

* Fixing some broken stuff when i introduced checkPrivilegesDynamically

* Adding conditional plugin tests

* Renaming conditional plugin to optional plugin

* Fixing type errors

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* Update x-pack/plugins/security/server/lib/authorization/disable_ui_capabilities.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/plugins/security/server/lib/authorization/check_privileges_dynamically.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Disabling all ui capabilities if route is anonymous

* More typescript

* Even more typescript

* Updating snapshot

* Less any

* More safer

* Another one

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* update snapshot

* Update x-pack/plugins/security/server/lib/authorization/check_privileges.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/plugins/security/server/lib/authorization/check_privileges.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Fixing type errors

* Only disabling navLinks if a feature is registered for them

* Adding non i18n'ed tooltip

* Making metadata and tooltip optional

* i18n'ing tooltips

* Responding to peer review comments

* GAP - Role API Structure (#26740)

* Updated the role api PUT structure

* Minimum is an array now

* Updating get route to naively support the new structure

* Renaming and removing some serialized methods

* Updating Role PUT api tests

* Fixing PUT jest tests

* Fixing GET tests

* Updating PrivilegeSerializer tests

* Renaming features to feature for the GET, so we're consistent

* Validating features and feature privileges

* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Renaming some variables/members of the PrivilegesSerializer

* Fixing privileges serializer tests

* Fixing register privileges with cluster tests

* Fixing the role creation for the api integration tests

* Generalizing regex within the feature registry

* update tests

* [GAP] - Support infra features (#26955)

## Summary
This PR adds the `Infrastructure` and `Logs` apps as toggle-able features via Granular Application Privileges.

* [GAP] - Enables xpack_main to populate UI Capabilities (#27031)

## Summary

Currently, plugins that register features via `xpackMainPlugin.registerFeature({...})` also have to specify their own `uiCapabilities` via `injectDefaultVars`, which is counter-intuitive and cumbersome. We've accepted this complexity for OSS plugins, but x-pack and third-party plugins should not have to concern themselves with such implementation details.

This PR removes that requirement for x-pack and third-party plugins, so all they have to do is register features, and ensure that their feature privileges contain the appropriate UI Capabilities in the `ui` property.

### Notes
This implementation intentionally does not alter UI Capabilities that come in via OSS Kibana. The capabilities defined there should be the source of truth, regardless of which distribution is used.


### Example
<pre>
xpackMainPlugin.registerFeature({
  id: 'graph',
  name: 'Graph',
  icon: 'graphApp',
  <b>navLinkId: 'graph',</b>
  privileges: {
    all: {
      app: [],
      savedObject: { ... },
      <b>ui: ['showWriteControls'],</b>
    },
    read: {
      app: [],
      savedObject: { ... },
      <b>ui: ['someOtherCapability],</b>
    }
  }
});
</pre>

Will be translated to the following UI Capabilities:
```
uiCapabilities: {
  navLinks: {
    graph: true
  },
  graph: {
    showWriteControls: true,
    someOtherCapability: true, 
  }
}
```


xpack_main is **not responsible** for disabling UI capabilities, so this will initialize all capabilities with a value of `true`.

* Hide write controls for the visualization application (#26536)

* Hide write controls for the timelion application (#26537)

* blacklist feature ids (#27493)

* [GAP] - Support management links (#27055)

## Summary

This enables management links to be toggled via UI Capabilities.

## TODO
- [x] Implement spaces controls
- [x] Implement security controls
- [x] Testing
- [ ] (optional) - dedicated display for managing management links?

* Enables the feature catalogue registry to be controlled via uiCapabil… (#27945)

* Enables the feature catalogue registry to be controlled via uiCapabilities

* update snapshot

* xpack_main populates uiCapabilities with the full list of catalogue entries

* builds application privileges using catalogue actions

* prevent 'catalogue' from being registered as a feature id

* fix mocha tests

* fix merge

* update snapshots

* GAP - Discover and NavLinks Functional Testing (#27414)

* Adding very basic Discover tests

* Ensuring discover is visible in both spaces

* Parsing the DOM to determine the uiCapabilities

* Making this.wreck `any` because the type definitions suck

* Specifying auth when requesting ui capabilities

* Beginning architecture to support permutation testing

* Adding documentation of the different configurations we'd like to test

* Fixing type errors

* Beginning to work on the framework to test the combinations

* Adding some factories

* Pushing forward, not a huge fan of what I have right now

* The new-new

* Less weird types

* Revising some things after talking with Larry

* Switching from wreck to axios

* Restructuring some files

* Changing to a space with all features, and a space with no features

* Beginning to add the security only tests

* Adding a navLinksBuilder

* Adding spaces only tests

* Not disabling ui capabilities, or authing app/api access when we
shouldn't be

* Can't get rid of management

* Adding more user types

* More users, this is starting to really suck

* Renaming some things...

* Revising which users we'll test in which ui capabilities "test suite"

* Adding some more user scenarios for the security_only configuration

* Adding security_only user scenarios

* Adding space scenarios

* Fixing type errors

* Udpating the readme for the spaces we're testing with

* Adding global read discover security ui functional tests

* Adding tests to make sure save buttons are shown/hidden

The actual implementation is broken somewhere

* Fixing tests after GIS is added and conflicts happened for infra

* Adding discover ui capability tests

* Fixing navlinks tests

* Adding discover view tests

* Adding UI tests for spaces being disabled

* Fixing tests

* Removing wreck dependency, it's garbage

* Fixing typo

* Updating ui capabilities README.md and adding another user for the
security and spaces ui capability tests

* Updating yarn lock file

* Consolidation some types

* Adding VisualizeDisabledSpace to the scenarios.

* Fixing esArchives with .kibana_2

* Disable features optional again

* Adding ensureCurrentUrl: false

* Fixing space selector tests

* Fixing gis privileges, they use saved objects

* Fixing find's element staleness checks

* Update x-pack/test/functional/es_archives/spaces/disabled_features/data.json

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Generalizing logic to get appNavLinksText

* Removing duplicate license header

* Adding GIS mappingst

* Fixing readme

* We love our future selfs

* Adding GisRead scenario

* Whoops

* Adding note about funky syntax for use with exhaustive switches

* Using a centralized list of features

* Give it some time

* Even more time?

* Space Management - accessibility & i18n improvements (#28195)

## Summary

1) Improves the accessibility for the spaces management screen:
    - Customize Space Avatar popover now receives focus when toggled
    - Labels are more descriptive, providing context
    - Delete Space modal correctly focuses

2) Improves i18n support
    - fixed a couple hard-coded strings

3) Adds a "Features" column to the spaces grid page, which shows a brief summary of the number of features enabled for each space:

![image](https://user-images.githubusercontent.com/3493255/50785093-93b78280-127d-11e9-975e-7209d35211ff.png)



Related: https://github.com/elastic/kibana/issues/28184

* Feature Controls - spaces - functional tests (#28213)

* adds tests for /api/features/v1 endpoint

* update failing management test

* Fc/run ui capability tests (#28362)

* Running the UI Capability Tests as part of the normal CI runs

* Adding uptime feature to get these tests passing

* Adding features and sorting

* Adding uptime security_only uiCapability tests, and fixing devTools

* Fixing the docs

* Fixing section panel i18n issue

* Removing unused import

* Updating snapshots

* Feature Controls - The new new role API (#28441)

These changes allow us to build the most recent UI where spaces can be "grouped" and edited at once. This changes the kibana section of the role definition to the following:

```
{
  kibana: [
    {
        base: ['read'],
        feature: {
          discover: ['all'],
          dashboard: ['all']
        },
        spaces: ['*']
    },
    {
        base: ['read'],
        feature: {
          discover: ['all'],
          dashboard: ['all']
        },
        spaces: ['marketing', 'sales']
    }
  ]
}
```

If the `spaces` property isn't provided (for example if the user isn't using Spaces) then it'll default to `['*']`. 

There are a few other stipulations that we're implementing with this approach. 

1. Each "item" can be for 1 to many spaces OR globally. We can't specify both space privileges and global privileges in the same "item" because for Spaces we translate `all` to `space_all`, etc. so we can give them different privileges, and this becomes problematic when trying to serialize/deserialize to ES.
2. Additionally, each space can only appear once. The ES model would allow this, but the role management UI becomes more complicated if we were to allow this when calculating effective privileges.

* Feature Controls - Discover Save Button Test #28500 (#28501)

* Adding some debug logs

* Setting ui settings using the functional services

* Doing the same for the spaces disabled features

* Removing console.log debug statements

* Using save instead of showWriteControls

* Reload when adjusting visible features within the users active space (#28409)

## Summary

Changes to the visible features within a space are not visible until the page is refreshed. Because of this, when a user is editing their active space, their changes are not immediately visible.

This updates the space management screen to force a refresh when updating the visible features inside the active space. It also introduces a modal warning that this will happen:

![image](https://user-images.githubusercontent.com/3493255/50923423-ebd7bb80-141a-11e9-92bd-2779020578a4.png)

* Throwing error if we register a feature after getAll is called (#29030)

* Throwing error if we register a feature after getAll is called

* Fixing some tests

* Fixing feature route tests

* Removing unused imports

* Fixing merge conflict

* Feature Controls - Fixing fallout of removing the legacy fallback (#29141)

* Fixing use of mode.useRbacFoRequest to mode.useRbac

* Fixing ui capability tests

* [Feature Controls] - Fix a11y for customize feature section (#29174)

## Summary

Fixes the displayed and announced text for the "show"/"hide" button of the Customize Visible Features section of the spaces management page.

This was inadvertently broken following a merge from master at some point.

* Feature Controls: Fixing k7's new "nav links" (#29198)

* Fixing k7's new applist for feature controls

* Renaming appSwitcher to appsMenu

* Feature Controls - Dashboard (#29139)

* Using addRouteSetupWork to implement the redirect

* Using centralized addSetupWork

* Fixing dashboard functional feature privileges tests

* Ensuring landing page and create dashboard redirect to the home-page

* Adding more tests to ensure the redirects work properly

* Adding disabled space feature tests for Dashboards

* Update src/ui/public/capabilities/route_setup.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update test/functional/page_objects/common_page.js

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Fixing ui capability tests after adding createNew

* Removing unnecessary `return undefined`

* requireUICapabilities -> requireUICapability

* Updating dashboard ui capability tests

* Fixing issue with the selection column appearing on Dashboards

* Fixing ui capability dashboard space only tests

* [FC] - Move management and catalogue entries out of privilege definition (#28354)

* Moves catalogue and management entries from privilege defintion to base feature definition

* Update new management menu to respect items disabled via UI Capabilities

* add test

* re-add index pattern entries

* re-add advanced settings icon

* fix tests

* remove management and catalogue entries from read-only users

* bring it back now y'all

* catalogue updates for xpack plugins

* Introduces 'grantWithBaseRead' flag

* update privileges from all -> read where necessary

* rename feature builder functions

* catalogue and management items should cascade to privileges when not specified

* add catalogue entry for uptime app

* Simplify feature registrations using inherited catalogue/management entries

* consolidate and fix privilege building logic

* rename variables

* remove debug code

* remove duplicate lodash import

* Update x-pack/plugins/xpack_main/server/lib/feature_registry/feature_registry.ts

Co-Authored-By: legrego <lgregorydev@gmail.com>

* [GAP] - Role Management UI (#26840)

 
![image](https://user-images.githubusercontent.com/3493255/51063094-72310080-15c7-11e9-9274-debf0e9b84f1.png)

![image](https://user-images.githubusercontent.com/3493255/51063108-8aa11b00-15c7-11e9-92fc-31c922086e05.png)


![image](https://user-images.githubusercontent.com/3493255/51063165-cb992f80-15c7-11e9-894d-630c109211d3.png)






---------
Edge-case scenarios:
  1) [x] '*' and spaces in the same "entry"
Handled via `_transform_errors` at the API level. Renders a partial read-only view in the UI.
  2) [x] same space appearing in multiple "entries"
Handled via `_transform_errors` at the API level. Renders a partial read-only view in the UI.
  3) [x] base and feature privileges being set on the same "entry"
UI does not allow this to be set, but UI is smart enough to display the correct effective privilege in this case.
  4) [x] multiple base privileges set in the same "entry"
UI does not allow this to be set, but UI is smart enough to apply the most permissive base privilege when displaying and performing privilege calculations.
  5) [x] multiple feature privileges for the same "entry" (ml_all and ml_read)
UI does not allow for this to be set, but UI is smart enough to apply the most permissive base privilege when displaying and performing privilege calculations.


--------

## Summary
This updates the role management UI to allow application privileges to be customized globally and per-space.

## TODO:
- [x] [First Design review](https://github.com/legrego/kibana/pull/13)
- [ ] Second Design review
- [ ] Copy review
- [x] i18n
- [x] Handle deleted/unknown features
- [x] Handle deleted/unknown spaces
- [x] Cleanup & refactoring
- [x] Testing

* [Feature Controls, Spaces] - Don't load bundles for hidden apps (#29617)

## Summary
This enables the spaces plugin to issue a 404 if the requested application is disabled within the users active space.

To enable this functionality, the `app` property was moved to the root feature level, with the option to override at the privilege level. This follows the same logic as `catalogue` and `management` sections.

This will enable automatic app "protections" for those which only specify a single UI application, including:

1) Timelion
2) Canvas
3) Monitoring
4) APM
5) Code (when it merges)
6) GIS
7) Graph
8) ML

* [Feature Controls] - Copy Edits (#29651)

## Summary
Copy edits from today's session

* [Feature Controls] - Rename-a-thon (#29709)

* post-merge cleanup

* [Feature Controls] - fixes from recent merge from master (#29826)

## Summary

this pr will contain any required changes to fix CI from the recent merge from master, which includes the new k7 redesign design and dark mode

* Feature Controls: Adding privileges tooltip for Dev Tools (#30008)

* Adding privileges tooltip for Dev Tools

* appeasing the linter

* [Feature Controls] - Fix displayed space base privilege (#30133)

## Summary
This fixes the displayed space base privilege when a global base privilege is influencing the dropdown control:

1) Add global 'read' privilege
2) Configure space privilege -- note default base privilege of 'read'
3) Change space base privilege to 'custom'

Prior to this fix, the dropdown would not honor the change; it would keep 'read' as the selected option.

* Feature Controls: Adding read privileges for advanced settings and index patterns (#30106)

* Adding read privileges for advanced settings and index patterns

* Fixing the tests and the actual code itself

* Feature Controls - spaces not a security mechanism warning (#29853)

* Changing copy for the spaces not a security mechanism warning

* Using Gail's wording

* [Feature Controls] - Fixes from merging from master (8.0) (#30267)

* improve typings

* fix xpack_main type definitions

* test updates

* Fc/functional test move (#29835)

* Moving dashboard feature control tests to the dashboard application

* Moving more tests around

* Fixing some tests, no longer using uiSettings service, doesn't play
nicely with spaces

* Fixing esarchived issue

* Renaming some files

* [Feature Controls] - Readonly view for Advanced Settings using UICapabilities (#30243)

## Summary
This builds on the work done in https://github.com/elastic/kibana/pull/30106 to enable a read-only mode for the Advanced Settings screen:

- Input fields are disabled
- Save options are not displayed
- "Reset to default" options are not displayed

* Feature Controls: No Wildcards (#30169)

* A poorly named abstraction enters the room

* No more wildcards, starting to move some stuff around

* Splitting out the feature privilege builders

* Using actions instead of relying on their implementation

* We don't need the saved object types any longer

* Explicitly specifying some actions that used to rely on wildcards

* Fixing api integration test for privileges

* Test fixture plugin which adds the globaltype now specifies a feature

* Unauthorized to find unknown types now

* Adding tests for features with no privileges

* Update x-pack/test/saved_object_api_integration/security_and_spaces/apis/find.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Adding back accidentally deleted test

* Using the shared XPackMainPlugin definition

* Fixing privileges

* [Feature Controls] - Readonly mode for Canvas using UICapabilities (#29264)

## Summary

Updates Canvas to respect UICapabilities when determining if a user has read or read/write access to the application:

1) Adds a `showWriteControls` UI Capability to the Canvas's `all` privilege.
2) Removes the `setCanUserWrite` Redux action
3) Sets the initial (and only) state for `state.transient.canUserWrite` based on the UI Capability.

Closes https://github.com/elastic/kibana/issues/27695

* [Feature Controls] - Readonly mode for Maps using UICapabilities (#30437)

## Summary

This updates the maps application to support a read-only mode:

1) Removes selection/delete from Maps listing page
2) Removes "save" option

## TODO:
- [x] Functional UI Tests

* Add typings for x-pack/test to support .html imports (#30570)

We're importing `ui/capabilities` from the x-pack/test project, which
implicitly traverses into typings which are potentially importing .html
files, so we have to teach TypeScript about it.

* [Feature Controls] - Readonly mode for Timelion using UICapabilities (#30128)

## Summary

Updates Timelion to respect UICapabilities when determining if a user has read or read/write access to the application.

A previous PR was responsible for hiding the save controls, but this PR adds testing and the appropriate UICapabilities to the registered privilege definition.

* remove stray debug code

* [Feature Controls] - Updates from src/ui move to src/legacy/ui (#30678)

* dummy commit

* fix import path

* update message identifier

* fix snapshot

* remove unused translations

* Feature Controls: Adding read/write privileges for all applications (#30732)

* Adding read/write privileges for all applications

* Using default for advanced settings, canvas, maps and timelion

* Update x-pack/test/ui_capabilities/security_only/tests/canvas.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/canvas.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/maps.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/maps.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/timelion.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* [Feature Controls] - Readonly mode for Visualize using UICapabilities (#29714)

* enable read-only view, and enable app redirection for visualize app

* Hide 'Edit Visualization' dashboard context menu item if visualizations are not editable

* Hide 'Add new visualization' button if action is not available

* show 'Visualize' button on discover view only if viz app is available

* update tests

* allow visualizations to be created, but not saved for read-only users

* adds functional tests for visualize

* add tests for showing/hiding the visualize button in the discover app

* fix visualize tests following merge from master

* tests for edit viz feature from dashboards

* cleanup

* remove unnecessary call to set ui settings

* remove unused variables

* reduce flakyness of tsvb tests

* renames visualize.showWriteControls => visualize.save

* fix ui capability tests

* fix tests

* fix references to timePicker page object

* fix ts errors

* adds 'editable' property to embeddable metadata instead of hardcoded capability checks

* Remove unnecessary read-only considerations

* revert unnecessary mock changes

* [Feature Controls] - Adds missing uptime icon (#30716)

## Summary
Adds missing feature icon for Uptime application.

Needs https://github.com/elastic/kibana/pull/30678 to merge before this will go green.

* Feature Controls - Fix branch (#31135)

* Updating snapshot

* Switching visualize to use the default branch of the switch

* Fixing esarchive

* Feature Controls - Graph (#30762)

* Adding graph functional tests

* Fixing Privilieges API test

* Adding graph ui capability tests

* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_and_spaces/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/spaces_only/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Apply suggestions from code review

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Removing hard-coded constants

* Adding Graph delete button

* Fixing ui capability tests

* [Feature Controls] - Fixes page width for spaces management screen (#30723)

## Summary

Fixes the skinny spaces management screen following the redesign of the overall management area.

Needs https://github.com/elastic/kibana/pull/30678 to merge before this will go green.

* Feature Controls - Dev Tools (#30712)

* Adding functional tests

* Addingn Dev_Tools ui capability tests

* Adding some api tests for console's API

* Apply suggestions from code review

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Moving uiCapability definition

* Giving user_1 dashboard access to space_2

* Using the default in the switch for devtools/visualize

* Using forceLogout, maps are leaving us on a 404 page

* Fixing privileges API tests

* Feature Controls- Fix Merge Conflicts (#31651)

* Removing duplicated and outdated tests

* Updating snapshot

* Fixing type script errors

* Getting rid of some double quotes

* Adding saved_object:url access to discover temporarily to fix tests

* Fixing dashboard tests, updating snapshots

* Fixing security only find tests

* Removing reduntant test

* Trying to give it more time

* Fixing it 20 seconds to redirect away from the create new dashboard

* Feature Controls - No more route defaults for dashboards (#31767)

* No more route defaults for dashboards

* Verbose logging...

* Changing some ciGroups to try to narrow down the problem

* Revert "Verbose logging..."

This reverts commit 3198e73b618e1d99c1724d21015988ca77f49672.

* Revert "No more route defaults for dashboards"

This reverts commit 525cd94dc52394ae94acfe5102485474c13267b0.

* Chaning the method in which we do the redirect

* Fixing type issue

* Update index.ts

* Update index.ts

* Feature Controls - Only allowing features to register all and read privileges (#31526)

* Only allowing features to register all and read privileges

* Making all and read optional properties required some existence checks

* Using Aleh's superior solution!

* No more unnecessary `as any`

* Feature Controls - Saved Object Management (#31332)

* Adding savedObject uiCapabilities that mirror the savedobject actions

* Using uiCapabilities to limit which types to search for

* Restricting which saved objects can be deleted based on type

* Hiding "view in app" button when we aren't allowed to

* Filtering the saved objects relationships based on the valid saved
object types

* Using dedicated savedObjectsManagement ui capabilities

* Adding readonly mode of viewing an object

* Displaying View In App if you can actually do so

* No more operations

* Moving saved objects ui capability population to kibana plugin

* Updating x-pack jest tests

* Adding security only saved objects management ui capability tests

* Adding security and spaces tests

* Adding spaces only saved objects managment ui capability tests

* Adding saved object management listing page functional tests

* Adding functional tests for edit visualization

* Consolidating canViewInApp and getInAppUrl into the same file

* Fixing imports

* One more stray import/export

* Adding back esFrom source

* Revert "Adding back esFrom source"

This reverts commit dfb626ace3d5449d340bbe202dc782f1c08814ef.

* Updating jest snapshots

* Updating privileges

* Adding some logging

* Back to 10 seconds

* Trying to get more logs...

* Back to normal logging levels

* Fixing ui capability tests

* Putting timeouts back.

* Feature Controls - UI capability API integration tests with fixture plugins (#32086)

* Only testing the foo plugin for security and spaces

* Using the foo plugin with the security_only tests

* Changing spaces only tests to use the foo plugin

* Using list of features from api, and fixing bug with the spaces
interceptor

* Adding catalogue tests, which are alluding to another bug

* saved_objects catalogue aren't driven by ui capabilites presently

* Expanding the coverage for the spaces only catalogue tests

* Fixing some catalogue asserts

* Fixing catalogue tests for spaces_only, I had it backwards

* Adjusting Readme, adding "global read" scenario for security only tests

* Responding to PR feedback

* Adding back saved objects tests I accidentally deleted

* Fixing typescript issues, we can't import EUI on the server

* Fixing eslint error

* Updating Jest snapshots, fixing chrome mock

* Fixing dashboard listing test

* Adding missing await and forcing logout for graph functional tests

* Putting i18n string back

* Fixing type script issue

* Fixing canvas assert because of merge

* Fixing saved object api error assertations

* user-action is now a saved object type

* Fixing typescript error

* Fixing saved object actions as a result of the merge

* Feature Controls - Infrastructure and Logging (#31843)

* hide infra/logs apps if disabled via UICapabilities

* adds tests

* adds UICapability tests for infra and log apps

* update expected privilege/action mapping

* adds feature controls security tests for infraHome

* adds infra spaces feature control tests

* remove debug code

* a sample readonly implementation, ignoring 'logs' privileges

* ts fixes

* fix capability expectations

* Removing RequiresUICapability component, since there are no usages

* Driving the source configuration seperately for logs/infrastructure

* Adding infrastructure feature controls security functional tests

* Adding spaces infrastructure tests

* Adding logs functional tests

* Reworking the ui capability tests to be more consistent

* Fixing privileges API

* Forcing logout

* Fixing comma issue introduced by merge

* Fix merge conflicts and loading/unloading esarchives more consistently

* Removing unnecessary !!

* Fixing saved object management tests

* Fixing more tests

* Using the new context APIs

* Revert "Using the new context APIs"

This reverts commit 4776f1fc862317fc09af15fd7f30111d0b395b1f.

* Adding future version of ui capabilities react provider

* Switching the order of the HOC's for infra and making the future the
default

* Applying Felix's PR feedback

* Protecting Infra's GraphQL APIs

* Updating privileges list

* Using the introspection query

* No longer using apollo context library, rephrasing test descriptions

* Fixing issue introduced by merge conflict, I forgot a }

* Putting back missplaced data test subj

* Updating jest snapshots

* Feature Controls - Short URLs (#32418)

* Discover is showing creating short urls properly

* Adding Discover functional tests

* When dashboards show the share menu you can always create short urls

* Visualize now displays the short urls link appropriately

* Dashboard all gets access to saved objects and updating privileges api
test

* Updating and adding short url test to url panel content

* Fixing misspelling

* Updating jest snapshot

* Adding comment why allowShortUrl is always true for Dashboards

* Updating snapshots

* Fixing snapshots, mocking chrome.getInjected

* Feature Controls - Uptime (#32577)

* Adding uptime functional tests

* Enabling feature controls for uptime

* Updating the privileges API's actions

* Using a single access tag for limiting API access

* Revising the behavior of maps read-only mode (#33338)

* Feature Controls - APIs (#32915)

* Using HapiJS's scopes to perform authorization on api endpoints

* Revert "Using HapiJS's scopes to perform authorization on api endpoints"

This reverts commit f73810c22d90131f765f69702da2e11183ac4637.

* Switching the syntax of the api tags

* Fixing privileges API

* Typescriptifying some dependencies of the api authorization extensions

* Using dedicated typescript file for api post auth filtering

* Adding tests and restructuring the flow of the api authorization

* Adjusting uptime's usage of privileges and the privileges test

* Integrating PR feedback

* Fixing graph test subject, thanks Joe!

* Consolidating hideWriteControls dashboard listing test

* Reusing maps constants

* Adding type to saved object management ui capability tests

* Feature Controls - Index Pattern Management (#33314)

* Enabling feature controls for index patterns

* Updating privileges API tests

* Fixing saved object management's view index patterns in app logic

* Fixing forgotten canViewInApp tests

* Fixing maps spaces functional tests

* Feature Controls - Differentiating the privileges with the same actions (#32266)

* Differentiating the privileges with the same actions

* The types for the lodash.uniqwith packare aren't right, and we need to
customize the isEqual also, so we're gonna do it ourselves

* Fixing dev tools ui capability

* Removing are equivalent privileges prevention, it's not what we really
need

* Requiring all to be more permissive than read on startup

* Transparently differentiating "all" from "read" feature privileges

* Fixing jest tests

* Adding the allHack: action to the space and global base privileges

* Changing actions to be readonly

* Adding JSDoc's for the Actions class and specifically the `allHack`
action

* Making the import of xpack_main types consistent

* Feature Controls: APM (#32812)

* Adding APM read privilege and adding functional UI tests

* Beginning to validate the APM routes are protected properly

* Protecting APM's APIs

* Specifying CI group

* Fixing privileges

* Adding forgotten apm show ui capability

* Fixing apm's privileges

* Fixing merge-conflict with privileges allHack: and APM

* address canvas feedback (#34269)

* [Feature Controls] - Plugin postInit (#29172)

## Summary

Throwing this up as a straw ~man~ person. If we like it, I can split it out and point the OSS changes against master if we'd prefer.

Introduces a `postInit` plugin hook that is called after all plugins have gone through their `preInit` and `init` phases, which allows the security plugin to call `registerPrivilegesWithCluster` after all plugins have had an opportunity to register their features.

* Feature Controls - Adds bulk toggle for showing/hiding features within a space (#34288)

## Summary

Adds a "Change all" option to the spaces management screen to allow all features to be shown/hidden:

![image](https://user-images.githubusercontent.com/3493255/55344105-85db5d00-547a-11e9-9325-136d1c13f40e.png)


Closes #34184

* Feature Controls - Unregistered Applications Authorization (#34122)

* Converting the app authorization to use typescript

* Adding jest tests

* Only authorizing app routes that are registered for features

* Using ProtectedApplications to lazily get feature applications

* Removing unneeded mocked headers as part of the authorization

* Adding some logging for the app authorization

* Fixing imports, thanks tslint --fix!

* Updating snapshots

* Feature Controls - Disable privilege form until spaces are selected (#34386)

## Summary
This disables the privilege selection until one or more spaces are selected in the role management form:

![image](https://user-images.githubusercontent.com/3493255/55432524-1724ff00-5561-11e9-86f6-1589ba3fa701.png)

* Feature Controls - Visualize read-only create new (#34209)

* Allowing users to create new visualizations, even if they can't be saved

* Fixing privileges and tests

* Updating snapshot

* Removing visualize edit ui capability

* Feature Controls - Actions Version Prefix (#34405)

* Prefixing actions with version

* Updating privileges api integration test

* Update x-pack/plugins/security/server/lib/authorization/actions/saved_object.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Requiring version to be a not empty string

* Updating jest snapshots

* Changing the 403 messages for the saved object client

* Fixing ui/chrome mock

* Feature Controls - Displaying share menu on dashboards when in read-only mode (#34207)

* Displaying share menu on dashboards when in read-only mode

* Fixing test description, thanks Luke!

* Fixing dashboard view mode tests because the share menu is now visible

* migrate from tslint to eslint

* Feature Controls - Reserved Role Apps (#30525)

* Removing feature privileges from ml/monitoring/apm

* Adding monitoring/ml/apm as hard-coded global privileges

* A poorly named abstraction enters the room

* No more wildcards, starting to move some stuff around

* Splitting out the feature privilege builders

* Using actions instead of relying on their implementation

* We don't need the saved object types any longer

* Explicitly specifying some actions that used to rely on wildcards

* Fixing api integration test for privileges

* Test fixture plugin which adds the globaltype now specifies a feature

* Unauthorized to find unknown types now

* Adding reserved privileges tests

* Adding reserved privileges in a designated reserved bucket

* Fixing ui capability tests

* Adding spaces api tests for apm/ml/monitoring users

* Adding more roles to the security only ui capability tests

* You can put a role with reserved privileges using the API

* Adding support to get roles with _reserved privileges

* Adding APM functional tests

* Adding monitoring functional tests

* Fixing typo

* Ensuring apm_user, monitoring_user alone don't authorize you

* Adding ml functional tests

* Fixing test

* Fixing some type errors

* Updating snapshots

* Fixing privileges tests

* Trying to force this to run from source

* Fixing TS errors

* Being a less noisy neighbor

* Forcing logout for apm/dashboard feature controls security tests

* Fixing the security only ui capability tests

* Removing test that monitoring now tests itself

* Fixing some ui capability tests

* Cleaning up the error page services

* Fixing misspelling in comment

* Using forceLogout for monitoring

* Removing code that never should have been there, sorry Larry

* Less leniency with the get roles

* Barely alphabetical for a bit

* Apply suggestions from code review

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Removing errant timeout

* No more hard coded esFrom source

* More nits

* Adding back esFrom source

* APM no longer uses reserved privileges, reserved privileges are
pluggable

* Fixing typescript errors

* Fixing ui capability test themselves

* Displaying reserved privileges for the space aware and simple forms

* Removing ability to PUT roles with _reserved privileges.
Removing ability to GET roles that have entries with both reserved and
feature/base privileges.

* Updating jest snapshots

* Changing the interface for a feature to register a reserved privilege to
include a description as well

* Displaying features with reserved privileges in the feature table

* Adjusting the reserved role privileges unit tests

* Changing usages of expect.js to @kbn/expect

* Changing the CalculatedPrivilege's _reserved property to reserved

* Allowing reserved privileges to be assigned at kibana-*

* Updating forgotten snapshot

* Validating reserved privileges

* Updating imports

* Removing --esFrom flag, we don't need it anymore

* Switching from tslint's ignore to eslint's ignore

* Feature Controls - Adds feature registration to plugin generator (#34537)

## Summary

This updates the plugin generator to allow plugin authors to automatically register their feature with the Feature Registry, for control via Spaces/Security.

Running:
```
elastic-mbp:kibana larry$ node scripts/generate_plugin.js test-plugin
? Provide a short description An awesome Kibana plugin
? What Kibana version are you targeting? master
? Should an app component be generated? Yes
? Should translation files be generated? Yes
? Should a hack component be generated? Yes
? Should a server API be generated? Yes
? Should SCSS be used? Yes
```

Generates the following:
```js
import { resolve } from 'path';
import { existsSync } from 'fs';


import { i18n } from '@kbn/i18n';

import exampleRoute from './server/routes/example';

export default function (kibana) {
  return new kibana.Plugin({
    require: ['elasticsearch'],
    name: 'test_plugin',
    uiExports: {
      app: {
        title: 'Test Plugin',
        description: 'An awesome Kibana plugin',
        main: 'plugins/test_plugin/app',
      },
      hacks: [
        'plugins/test_plugin/hack'
      ],
      styleSheetPaths: [resolve(__dirname, 'public/app.scss'), resolve(__dirname, 'public/app.css')].find(p => existsSync(p)),
    },

    config(Joi) {
      return Joi.object({
        enabled: Joi.boolean().default(true),
      }).default();
    },

    init(server, options) { // eslint-disable-line no-unused-vars
        const xpackMainPlugin = server.plugins.xpack_main;
        if (xpackMainPlugin) {
          const featureId = 'test_plugin';

          xpackMainPlugin.registerFeature({
            id: featureId,
            name: i18n.translate('testPlugin.featureRegistry.featureName', {
              defaultMessage: 'test-plugin',
            }),
            navLinkId: featureId,
            icon: 'discoverApp',
            app: [featureId, 'kibana'],
            catalogue: [],
            privileges: {
              all: {
                api: [],
                savedObject: {
                  all: [],
                  read: ['config'],
                },
                ui: ['show'],
              },
              read: {
                api: [],
                savedObject: {
                  all: [],
                  read: ['config'],
                },
                ui: ['show'],
              },
            },
          });
        }
      // Add server routes and initialize the plugin here
      exampleRoute(server);
    }
  });
}

```

* Updating core system docs

* Fixing infra's dates with data for the functional tests

* [Feature Controls] - Move UICapabilities to the new platform (#30585)

## Summary

This moves the UI Capabilities service into the new platform, shimming into the old platform in a way that is consistent with the `i18n` service.

* Fixing uptime functional api tests

* Removing .only...
cjcenizal pushed a commit that referenced this pull request Apr 19, 2019
* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* update snapshot

* UI/API changes to facilitate disabling features within spaces (#24235)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* Begin to allow features to be disabled within spaces

typescript fixes

additional cleanup

attempt to resolve build error

fix tests

more ts updates

fix typedefs on manage_spaces_button

more import fixes

test fixes

move user profile into xpack common

Restructure space management screen

fix SASS references

design edits

remove Yes/No language from feature toggles

fix casing

removed unused imports

update snapshot

fix sass reference for collapsible panel

Fix sass reference, take 2

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* extract migration logic into testable unit

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* Design edits (#12)

enables customize avatar popover

update tests, and simplify editing space identifier

remove references to user profile

remove unused test suite

remove unnecessary sass import

removes security's capability_decorator

* fix i18n

* updates toggleUiCapabilities to use new feature definitions

* cleanup and testing

* remove references to old feature interface

* readd lost spacer

* adds feature route testing

* additional i18n

* snapshot update

* copy edits

* fix ml app icon

* add missing export

* remove unnecessary sass import

* attempt to fix build

* fix spaces api tests

* esArchiver mapping updates

* rename toggleUiCapabilities -> toggleUICapabilities

* removes shared collapsible_panel component in favor of plugin-specific components

* some copy and style adjustments

* fix test following rebase

* add lost types file

* design edits

* remove stale export

* feature feedback; fixes cached disabled features

* GAP: Security disables UI capabilities (#25809)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* First, very crappy implementation

* Adding tests for disabling ui capabilities

* All being set to false no longer requires a clone

* Using _.mapValues makes this a lot more readable

* Checking those privileges dynamically

* Fixing some broken stuff when i introduced checkPrivilegesDynamically

* Adding conditional plugin tests

* Renaming conditional plugin to optional plugin

* Fixing type errors

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* Update x-pack/plugins/security/server/lib/authorization/disable_ui_capabilities.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/plugins/security/server/lib/authorization/check_privileges_dynamically.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Disabling all ui capabilities if route is anonymous

* More typescript

* Even more typescript

* Updating snapshot

* Less any

* More safer

* Another one

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Introducing uiCapabilities, removing config providers & user profile (#25387)

## Summary
Introduces the concept of "UI Capabilities", which allows Kibana applications to declare capabilities via the `uiCapabilities` injected var, and then use them client-side via the `ui/capabilities` module to inform their rendering decisions.

* GAP - Actions Restructured and Extensible (#25347)

* Restructure user profile for granular app privs (#23750)

merging to feature branch for further development

* Fixing saved object capability checking

* Beginning to restructure actions to be used for all action building

* Using actions to build ui capabilities

* dropping /read from client-side userprovide ui capabilities

* Adding some actions

* Using different syntax which will hopefully help with allowing apps to
specify the privileges themselves

* Exposing all saved object operations in the capabilities

* Using actions in security's onPostAuth

* Only loading the default index pattern when it's required

* Only using the navlinks for the "ui capabilities"

* Redirecting from the discover application if the user can't access
kibana:discover

* Redirecting from dashboard if they're hidden

* Features register their privileges now

* Introducing a FeaturesPrivilegesBuilder

* REmoving app from the feature definition

* Adding navlink specific ations

* Beginning to break out the serializer

* Exposing privileges from the authorization service

* Restructuring the privilege/resource serialization to support features

* Adding actions unit tests

* Adding features privileges builders tests

* Adding PrivilegeSerializer tests

* Renaming missed usages

* Adding tests for the privileges serializer

* Adding privileges tests

* Adding registerPrivilegesWithCluster tests

* Better tests

* Fixing authorization service tests

* Adding ResourceSerializer tests

* Fixing Privileges tests

* Some PUT role tests

* Fixing read ui/api actions

* Exposing features from xpackMainPlugin

* Adding navlink:* to the "reserved privileges"

* navlink -> navLink | nav_linknavlink -> navLink | nav_linknavlink ->
navLink | nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink |
nav_linknavlink -> navLink | nav_linknavlink -> navLink | nav_link

* Automatically determining navlink based ui capabilities

* Backing out changes that got left behind

* Using ui actions for navlinks

* Adding TODOs

* Ui -> UI

* Deleting unused file

* Removing api: [] as it's not necessary anymore

* Fixing graph saved object privileges

* Privileges are now async

* Pushing the asycnchronicity to the privileges "service"

* Adding TODO

* Providing initial value for reduce

* adds uiCapabilities to test_entry_template

* Adding config to APM/ML feature privileges

* Commenting out obviously failing test so we can get CI greeenn

* Fixing browser tests

* Goodbyyeee

* Adding app actions to the reserved privileges

* update snapshot

* Update x-pack/plugins/security/server/lib/authorization/check_privileges.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/plugins/security/server/lib/authorization/check_privileges.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Fixing type errors

* Only disabling navLinks if a feature is registered for them

* Adding non i18n'ed tooltip

* Making metadata and tooltip optional

* i18n'ing tooltips

* Responding to peer review comments

* GAP - Role API Structure (#26740)

* Updated the role api PUT structure

* Minimum is an array now

* Updating get route to naively support the new structure

* Renaming and removing some serialized methods

* Updating Role PUT api tests

* Fixing PUT jest tests

* Fixing GET tests

* Updating PrivilegeSerializer tests

* Renaming features to feature for the GET, so we're consistent

* Validating features and feature privileges

* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/plugins/security/server/lib/authorization/privilege_serializer.test.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Renaming some variables/members of the PrivilegesSerializer

* Fixing privileges serializer tests

* Fixing register privileges with cluster tests

* Fixing the role creation for the api integration tests

* Generalizing regex within the feature registry

* update tests

* [GAP] - Support infra features (#26955)

## Summary
This PR adds the `Infrastructure` and `Logs` apps as toggle-able features via Granular Application Privileges.

* [GAP] - Enables xpack_main to populate UI Capabilities (#27031)

## Summary

Currently, plugins that register features via `xpackMainPlugin.registerFeature({...})` also have to specify their own `uiCapabilities` via `injectDefaultVars`, which is counter-intuitive and cumbersome. We've accepted this complexity for OSS plugins, but x-pack and third-party plugins should not have to concern themselves with such implementation details.

This PR removes that requirement for x-pack and third-party plugins, so all they have to do is register features, and ensure that their feature privileges contain the appropriate UI Capabilities in the `ui` property.

### Notes
This implementation intentionally does not alter UI Capabilities that come in via OSS Kibana. The capabilities defined there should be the source of truth, regardless of which distribution is used.


### Example
<pre>
xpackMainPlugin.registerFeature({
  id: 'graph',
  name: 'Graph',
  icon: 'graphApp',
  <b>navLinkId: 'graph',</b>
  privileges: {
    all: {
      app: [],
      savedObject: { ... },
      <b>ui: ['showWriteControls'],</b>
    },
    read: {
      app: [],
      savedObject: { ... },
      <b>ui: ['someOtherCapability],</b>
    }
  }
});
</pre>

Will be translated to the following UI Capabilities:
```
uiCapabilities: {
  navLinks: {
    graph: true
  },
  graph: {
    showWriteControls: true,
    someOtherCapability: true, 
  }
}
```


xpack_main is **not responsible** for disabling UI capabilities, so this will initialize all capabilities with a value of `true`.

* Hide write controls for the visualization application (#26536)

* Hide write controls for the timelion application (#26537)

* blacklist feature ids (#27493)

* [GAP] - Support management links (#27055)

## Summary

This enables management links to be toggled via UI Capabilities.

## TODO
- [x] Implement spaces controls
- [x] Implement security controls
- [x] Testing
- [ ] (optional) - dedicated display for managing management links?

* Enables the feature catalogue registry to be controlled via uiCapabil… (#27945)

* Enables the feature catalogue registry to be controlled via uiCapabilities

* update snapshot

* xpack_main populates uiCapabilities with the full list of catalogue entries

* builds application privileges using catalogue actions

* prevent 'catalogue' from being registered as a feature id

* fix mocha tests

* fix merge

* update snapshots

* GAP - Discover and NavLinks Functional Testing (#27414)

* Adding very basic Discover tests

* Ensuring discover is visible in both spaces

* Parsing the DOM to determine the uiCapabilities

* Making this.wreck `any` because the type definitions suck

* Specifying auth when requesting ui capabilities

* Beginning architecture to support permutation testing

* Adding documentation of the different configurations we'd like to test

* Fixing type errors

* Beginning to work on the framework to test the combinations

* Adding some factories

* Pushing forward, not a huge fan of what I have right now

* The new-new

* Less weird types

* Revising some things after talking with Larry

* Switching from wreck to axios

* Restructuring some files

* Changing to a space with all features, and a space with no features

* Beginning to add the security only tests

* Adding a navLinksBuilder

* Adding spaces only tests

* Not disabling ui capabilities, or authing app/api access when we
shouldn't be

* Can't get rid of management

* Adding more user types

* More users, this is starting to really suck

* Renaming some things...

* Revising which users we'll test in which ui capabilities "test suite"

* Adding some more user scenarios for the security_only configuration

* Adding security_only user scenarios

* Adding space scenarios

* Fixing type errors

* Udpating the readme for the spaces we're testing with

* Adding global read discover security ui functional tests

* Adding tests to make sure save buttons are shown/hidden

The actual implementation is broken somewhere

* Fixing tests after GIS is added and conflicts happened for infra

* Adding discover ui capability tests

* Fixing navlinks tests

* Adding discover view tests

* Adding UI tests for spaces being disabled

* Fixing tests

* Removing wreck dependency, it's garbage

* Fixing typo

* Updating ui capabilities README.md and adding another user for the
security and spaces ui capability tests

* Updating yarn lock file

* Consolidation some types

* Adding VisualizeDisabledSpace to the scenarios.

* Fixing esArchives with .kibana_2

* Disable features optional again

* Adding ensureCurrentUrl: false

* Fixing space selector tests

* Fixing gis privileges, they use saved objects

* Fixing find's element staleness checks

* Update x-pack/test/functional/es_archives/spaces/disabled_features/data.json

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Generalizing logic to get appNavLinksText

* Removing duplicate license header

* Adding GIS mappingst

* Fixing readme

* We love our future selfs

* Adding GisRead scenario

* Whoops

* Adding note about funky syntax for use with exhaustive switches

* Using a centralized list of features

* Give it some time

* Even more time?

* Space Management - accessibility & i18n improvements (#28195)

## Summary

1) Improves the accessibility for the spaces management screen:
    - Customize Space Avatar popover now receives focus when toggled
    - Labels are more descriptive, providing context
    - Delete Space modal correctly focuses

2) Improves i18n support
    - fixed a couple hard-coded strings

3) Adds a "Features" column to the spaces grid page, which shows a brief summary of the number of features enabled for each space:

![image](https://user-images.githubusercontent.com/3493255/50785093-93b78280-127d-11e9-975e-7209d35211ff.png)



Related: https://github.com/elastic/kibana/issues/28184

* Feature Controls - spaces - functional tests (#28213)

* adds tests for /api/features/v1 endpoint

* update failing management test

* Fc/run ui capability tests (#28362)

* Running the UI Capability Tests as part of the normal CI runs

* Adding uptime feature to get these tests passing

* Adding features and sorting

* Adding uptime security_only uiCapability tests, and fixing devTools

* Fixing the docs

* Fixing section panel i18n issue

* Removing unused import

* Updating snapshots

* Feature Controls - The new new role API (#28441)

These changes allow us to build the most recent UI where spaces can be "grouped" and edited at once. This changes the kibana section of the role definition to the following:

```
{
  kibana: [
    {
        base: ['read'],
        feature: {
          discover: ['all'],
          dashboard: ['all']
        },
        spaces: ['*']
    },
    {
        base: ['read'],
        feature: {
          discover: ['all'],
          dashboard: ['all']
        },
        spaces: ['marketing', 'sales']
    }
  ]
}
```

If the `spaces` property isn't provided (for example if the user isn't using Spaces) then it'll default to `['*']`. 

There are a few other stipulations that we're implementing with this approach. 

1. Each "item" can be for 1 to many spaces OR globally. We can't specify both space privileges and global privileges in the same "item" because for Spaces we translate `all` to `space_all`, etc. so we can give them different privileges, and this becomes problematic when trying to serialize/deserialize to ES.
2. Additionally, each space can only appear once. The ES model would allow this, but the role management UI becomes more complicated if we were to allow this when calculating effective privileges.

* Feature Controls - Discover Save Button Test #28500 (#28501)

* Adding some debug logs

* Setting ui settings using the functional services

* Doing the same for the spaces disabled features

* Removing console.log debug statements

* Using save instead of showWriteControls

* Reload when adjusting visible features within the users active space (#28409)

## Summary

Changes to the visible features within a space are not visible until the page is refreshed. Because of this, when a user is editing their active space, their changes are not immediately visible.

This updates the space management screen to force a refresh when updating the visible features inside the active space. It also introduces a modal warning that this will happen:

![image](https://user-images.githubusercontent.com/3493255/50923423-ebd7bb80-141a-11e9-92bd-2779020578a4.png)

* Throwing error if we register a feature after getAll is called (#29030)

* Throwing error if we register a feature after getAll is called

* Fixing some tests

* Fixing feature route tests

* Removing unused imports

* Fixing merge conflict

* Feature Controls - Fixing fallout of removing the legacy fallback (#29141)

* Fixing use of mode.useRbacFoRequest to mode.useRbac

* Fixing ui capability tests

* [Feature Controls] - Fix a11y for customize feature section (#29174)

## Summary

Fixes the displayed and announced text for the "show"/"hide" button of the Customize Visible Features section of the spaces management page.

This was inadvertently broken following a merge from master at some point.

* Feature Controls: Fixing k7's new "nav links" (#29198)

* Fixing k7's new applist for feature controls

* Renaming appSwitcher to appsMenu

* Feature Controls - Dashboard (#29139)

* Using addRouteSetupWork to implement the redirect

* Using centralized addSetupWork

* Fixing dashboard functional feature privileges tests

* Ensuring landing page and create dashboard redirect to the home-page

* Adding more tests to ensure the redirects work properly

* Adding disabled space feature tests for Dashboards

* Update src/ui/public/capabilities/route_setup.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update test/functional/page_objects/common_page.js

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Fixing ui capability tests after adding createNew

* Removing unnecessary `return undefined`

* requireUICapabilities -> requireUICapability

* Updating dashboard ui capability tests

* Fixing issue with the selection column appearing on Dashboards

* Fixing ui capability dashboard space only tests

* [FC] - Move management and catalogue entries out of privilege definition (#28354)

* Moves catalogue and management entries from privilege defintion to base feature definition

* Update new management menu to respect items disabled via UI Capabilities

* add test

* re-add index pattern entries

* re-add advanced settings icon

* fix tests

* remove management and catalogue entries from read-only users

* bring it back now y'all

* catalogue updates for xpack plugins

* Introduces 'grantWithBaseRead' flag

* update privileges from all -> read where necessary

* rename feature builder functions

* catalogue and management items should cascade to privileges when not specified

* add catalogue entry for uptime app

* Simplify feature registrations using inherited catalogue/management entries

* consolidate and fix privilege building logic

* rename variables

* remove debug code

* remove duplicate lodash import

* Update x-pack/plugins/xpack_main/server/lib/feature_registry/feature_registry.ts

Co-Authored-By: legrego <lgregorydev@gmail.com>

* [GAP] - Role Management UI (#26840)

 
![image](https://user-images.githubusercontent.com/3493255/51063094-72310080-15c7-11e9-9274-debf0e9b84f1.png)

![image](https://user-images.githubusercontent.com/3493255/51063108-8aa11b00-15c7-11e9-92fc-31c922086e05.png)


![image](https://user-images.githubusercontent.com/3493255/51063165-cb992f80-15c7-11e9-894d-630c109211d3.png)






---------
Edge-case scenarios:
  1) [x] '*' and spaces in the same "entry"
Handled via `_transform_errors` at the API level. Renders a partial read-only view in the UI.
  2) [x] same space appearing in multiple "entries"
Handled via `_transform_errors` at the API level. Renders a partial read-only view in the UI.
  3) [x] base and feature privileges being set on the same "entry"
UI does not allow this to be set, but UI is smart enough to display the correct effective privilege in this case.
  4) [x] multiple base privileges set in the same "entry"
UI does not allow this to be set, but UI is smart enough to apply the most permissive base privilege when displaying and performing privilege calculations.
  5) [x] multiple feature privileges for the same "entry" (ml_all and ml_read)
UI does not allow for this to be set, but UI is smart enough to apply the most permissive base privilege when displaying and performing privilege calculations.


--------

## Summary
This updates the role management UI to allow application privileges to be customized globally and per-space.

## TODO:
- [x] [First Design review](https://github.com/legrego/kibana/pull/13)
- [ ] Second Design review
- [ ] Copy review
- [x] i18n
- [x] Handle deleted/unknown features
- [x] Handle deleted/unknown spaces
- [x] Cleanup & refactoring
- [x] Testing

* [Feature Controls, Spaces] - Don't load bundles for hidden apps (#29617)

## Summary
This enables the spaces plugin to issue a 404 if the requested application is disabled within the users active space.

To enable this functionality, the `app` property was moved to the root feature level, with the option to override at the privilege level. This follows the same logic as `catalogue` and `management` sections.

This will enable automatic app "protections" for those which only specify a single UI application, including:

1) Timelion
2) Canvas
3) Monitoring
4) APM
5) Code (when it merges)
6) GIS
7) Graph
8) ML

* [Feature Controls] - Copy Edits (#29651)

## Summary
Copy edits from today's session

* [Feature Controls] - Rename-a-thon (#29709)

* post-merge cleanup

* [Feature Controls] - fixes from recent merge from master (#29826)

## Summary

this pr will contain any required changes to fix CI from the recent merge from master, which includes the new k7 redesign design and dark mode

* Feature Controls: Adding privileges tooltip for Dev Tools (#30008)

* Adding privileges tooltip for Dev Tools

* appeasing the linter

* [Feature Controls] - Fix displayed space base privilege (#30133)

## Summary
This fixes the displayed space base privilege when a global base privilege is influencing the dropdown control:

1) Add global 'read' privilege
2) Configure space privilege -- note default base privilege of 'read'
3) Change space base privilege to 'custom'

Prior to this fix, the dropdown would not honor the change; it would keep 'read' as the selected option.

* Feature Controls: Adding read privileges for advanced settings and index patterns (#30106)

* Adding read privileges for advanced settings and index patterns

* Fixing the tests and the actual code itself

* Feature Controls - spaces not a security mechanism warning (#29853)

* Changing copy for the spaces not a security mechanism warning

* Using Gail's wording

* [Feature Controls] - Fixes from merging from master (8.0) (#30267)

* improve typings

* fix xpack_main type definitions

* test updates

* Fc/functional test move (#29835)

* Moving dashboard feature control tests to the dashboard application

* Moving more tests around

* Fixing some tests, no longer using uiSettings service, doesn't play
nicely with spaces

* Fixing esarchived issue

* Renaming some files

* [Feature Controls] - Readonly view for Advanced Settings using UICapabilities (#30243)

## Summary
This builds on the work done in https://github.com/elastic/kibana/pull/30106 to enable a read-only mode for the Advanced Settings screen:

- Input fields are disabled
- Save options are not displayed
- "Reset to default" options are not displayed

* Feature Controls: No Wildcards (#30169)

* A poorly named abstraction enters the room

* No more wildcards, starting to move some stuff around

* Splitting out the feature privilege builders

* Using actions instead of relying on their implementation

* We don't need the saved object types any longer

* Explicitly specifying some actions that used to rely on wildcards

* Fixing api integration test for privileges

* Test fixture plugin which adds the globaltype now specifies a feature

* Unauthorized to find unknown types now

* Adding tests for features with no privileges

* Update x-pack/test/saved_object_api_integration/security_and_spaces/apis/find.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Adding back accidentally deleted test

* Using the shared XPackMainPlugin definition

* Fixing privileges

* [Feature Controls] - Readonly mode for Canvas using UICapabilities (#29264)

## Summary

Updates Canvas to respect UICapabilities when determining if a user has read or read/write access to the application:

1) Adds a `showWriteControls` UI Capability to the Canvas's `all` privilege.
2) Removes the `setCanUserWrite` Redux action
3) Sets the initial (and only) state for `state.transient.canUserWrite` based on the UI Capability.

Closes https://github.com/elastic/kibana/issues/27695

* [Feature Controls] - Readonly mode for Maps using UICapabilities (#30437)

## Summary

This updates the maps application to support a read-only mode:

1) Removes selection/delete from Maps listing page
2) Removes "save" option

## TODO:
- [x] Functional UI Tests

* Add typings for x-pack/test to support .html imports (#30570)

We're importing `ui/capabilities` from the x-pack/test project, which
implicitly traverses into typings which are potentially importing .html
files, so we have to teach TypeScript about it.

* [Feature Controls] - Readonly mode for Timelion using UICapabilities (#30128)

## Summary

Updates Timelion to respect UICapabilities when determining if a user has read or read/write access to the application.

A previous PR was responsible for hiding the save controls, but this PR adds testing and the appropriate UICapabilities to the registered privilege definition.

* remove stray debug code

* [Feature Controls] - Updates from src/ui move to src/legacy/ui (#30678)

* dummy commit

* fix import path

* update message identifier

* fix snapshot

* remove unused translations

* Feature Controls: Adding read/write privileges for all applications (#30732)

* Adding read/write privileges for all applications

* Using default for advanced settings, canvas, maps and timelion

* Update x-pack/test/ui_capabilities/security_only/tests/canvas.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/canvas.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/maps.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/maps.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/timelion.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* [Feature Controls] - Readonly mode for Visualize using UICapabilities (#29714)

* enable read-only view, and enable app redirection for visualize app

* Hide 'Edit Visualization' dashboard context menu item if visualizations are not editable

* Hide 'Add new visualization' button if action is not available

* show 'Visualize' button on discover view only if viz app is available

* update tests

* allow visualizations to be created, but not saved for read-only users

* adds functional tests for visualize

* add tests for showing/hiding the visualize button in the discover app

* fix visualize tests following merge from master

* tests for edit viz feature from dashboards

* cleanup

* remove unnecessary call to set ui settings

* remove unused variables

* reduce flakyness of tsvb tests

* renames visualize.showWriteControls => visualize.save

* fix ui capability tests

* fix tests

* fix references to timePicker page object

* fix ts errors

* adds 'editable' property to embeddable metadata instead of hardcoded capability checks

* Remove unnecessary read-only considerations

* revert unnecessary mock changes

* [Feature Controls] - Adds missing uptime icon (#30716)

## Summary
Adds missing feature icon for Uptime application.

Needs https://github.com/elastic/kibana/pull/30678 to merge before this will go green.

* Feature Controls - Fix branch (#31135)

* Updating snapshot

* Switching visualize to use the default branch of the switch

* Fixing esarchive

* Feature Controls - Graph (#30762)

* Adding graph functional tests

* Fixing Privilieges API test

* Adding graph ui capability tests

* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_and_spaces/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/security_only/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Update x-pack/test/ui_capabilities/spaces_only/tests/graph.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Apply suggestions from code review

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Removing hard-coded constants

* Adding Graph delete button

* Fixing ui capability tests

* [Feature Controls] - Fixes page width for spaces management screen (#30723)

## Summary

Fixes the skinny spaces management screen following the redesign of the overall management area.

Needs https://github.com/elastic/kibana/pull/30678 to merge before this will go green.

* Feature Controls - Dev Tools (#30712)

* Adding functional tests

* Addingn Dev_Tools ui capability tests

* Adding some api tests for console's API

* Apply suggestions from code review

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Moving uiCapability definition

* Giving user_1 dashboard access to space_2

* Using the default in the switch for devtools/visualize

* Using forceLogout, maps are leaving us on a 404 page

* Fixing privileges API tests

* Feature Controls- Fix Merge Conflicts (#31651)

* Removing duplicated and outdated tests

* Updating snapshot

* Fixing type script errors

* Getting rid of some double quotes

* Adding saved_object:url access to discover temporarily to fix tests

* Fixing dashboard tests, updating snapshots

* Fixing security only find tests

* Removing reduntant test

* Trying to give it more time

* Fixing it 20 seconds to redirect away from the create new dashboard

* Feature Controls - No more route defaults for dashboards (#31767)

* No more route defaults for dashboards

* Verbose logging...

* Changing some ciGroups to try to narrow down the problem

* Revert "Verbose logging..."

This reverts commit 3198e73b618e1d99c1724d21015988ca77f49672.

* Revert "No more route defaults for dashboards"

This reverts commit 525cd94dc52394ae94acfe5102485474c13267b0.

* Chaning the method in which we do the redirect

* Fixing type issue

* Update index.ts

* Update index.ts

* Feature Controls - Only allowing features to register all and read privileges (#31526)

* Only allowing features to register all and read privileges

* Making all and read optional properties required some existence checks

* Using Aleh's superior solution!

* No more unnecessary `as any`

* Feature Controls - Saved Object Management (#31332)

* Adding savedObject uiCapabilities that mirror the savedobject actions

* Using uiCapabilities to limit which types to search for

* Restricting which saved objects can be deleted based on type

* Hiding "view in app" button when we aren't allowed to

* Filtering the saved objects relationships based on the valid saved
object types

* Using dedicated savedObjectsManagement ui capabilities

* Adding readonly mode of viewing an object

* Displaying View In App if you can actually do so

* No more operations

* Moving saved objects ui capability population to kibana plugin

* Updating x-pack jest tests

* Adding security only saved objects management ui capability tests

* Adding security and spaces tests

* Adding spaces only saved objects managment ui capability tests

* Adding saved object management listing page functional tests

* Adding functional tests for edit visualization

* Consolidating canViewInApp and getInAppUrl into the same file

* Fixing imports

* One more stray import/export

* Adding back esFrom source

* Revert "Adding back esFrom source"

This reverts commit dfb626ace3d5449d340bbe202dc782f1c08814ef.

* Updating jest snapshots

* Updating privileges

* Adding some logging

* Back to 10 seconds

* Trying to get more logs...

* Back to normal logging levels

* Fixing ui capability tests

* Putting timeouts back.

* Feature Controls - UI capability API integration tests with fixture plugins (#32086)

* Only testing the foo plugin for security and spaces

* Using the foo plugin with the security_only tests

* Changing spaces only tests to use the foo plugin

* Using list of features from api, and fixing bug with the spaces
interceptor

* Adding catalogue tests, which are alluding to another bug

* saved_objects catalogue aren't driven by ui capabilites presently

* Expanding the coverage for the spaces only catalogue tests

* Fixing some catalogue asserts

* Fixing catalogue tests for spaces_only, I had it backwards

* Adjusting Readme, adding "global read" scenario for security only tests

* Responding to PR feedback

* Adding back saved objects tests I accidentally deleted

* Fixing typescript issues, we can't import EUI on the server

* Fixing eslint error

* Updating Jest snapshots, fixing chrome mock

* Fixing dashboard listing test

* Adding missing await and forcing logout for graph functional tests

* Putting i18n string back

* Fixing type script issue

* Fixing canvas assert because of merge

* Fixing saved object api error assertations

* user-action is now a saved object type

* Fixing typescript error

* Fixing saved object actions as a result of the merge

* Feature Controls - Infrastructure and Logging (#31843)

* hide infra/logs apps if disabled via UICapabilities

* adds tests

* adds UICapability tests for infra and log apps

* update expected privilege/action mapping

* adds feature controls security tests for infraHome

* adds infra spaces feature control tests

* remove debug code

* a sample readonly implementation, ignoring 'logs' privileges

* ts fixes

* fix capability expectations

* Removing RequiresUICapability component, since there are no usages

* Driving the source configuration seperately for logs/infrastructure

* Adding infrastructure feature controls security functional tests

* Adding spaces infrastructure tests

* Adding logs functional tests

* Reworking the ui capability tests to be more consistent

* Fixing privileges API

* Forcing logout

* Fixing comma issue introduced by merge

* Fix merge conflicts and loading/unloading esarchives more consistently

* Removing unnecessary !!

* Fixing saved object management tests

* Fixing more tests

* Using the new context APIs

* Revert "Using the new context APIs"

This reverts commit 4776f1fc862317fc09af15fd7f30111d0b395b1f.

* Adding future version of ui capabilities react provider

* Switching the order of the HOC's for infra and making the future the
default

* Applying Felix's PR feedback

* Protecting Infra's GraphQL APIs

* Updating privileges list

* Using the introspection query

* No longer using apollo context library, rephrasing test descriptions

* Fixing issue introduced by merge conflict, I forgot a }

* Putting back missplaced data test subj

* Updating jest snapshots

* Feature Controls - Short URLs (#32418)

* Discover is showing creating short urls properly

* Adding Discover functional tests

* When dashboards show the share menu you can always create short urls

* Visualize now displays the short urls link appropriately

* Dashboard all gets access to saved objects and updating privileges api
test

* Updating and adding short url test to url panel content

* Fixing misspelling

* Updating jest snapshot

* Adding comment why allowShortUrl is always true for Dashboards

* Updating snapshots

* Fixing snapshots, mocking chrome.getInjected

* Feature Controls - Uptime (#32577)

* Adding uptime functional tests

* Enabling feature controls for uptime

* Updating the privileges API's actions

* Using a single access tag for limiting API access

* Revising the behavior of maps read-only mode (#33338)

* Feature Controls - APIs (#32915)

* Using HapiJS's scopes to perform authorization on api endpoints

* Revert "Using HapiJS's scopes to perform authorization on api endpoints"

This reverts commit f73810c22d90131f765f69702da2e11183ac4637.

* Switching the syntax of the api tags

* Fixing privileges API

* Typescriptifying some dependencies of the api authorization extensions

* Using dedicated typescript file for api post auth filtering

* Adding tests and restructuring the flow of the api authorization

* Adjusting uptime's usage of privileges and the privileges test

* Integrating PR feedback

* Fixing graph test subject, thanks Joe!

* Consolidating hideWriteControls dashboard listing test

* Reusing maps constants

* Adding type to saved object management ui capability tests

* Feature Controls - Index Pattern Management (#33314)

* Enabling feature controls for index patterns

* Updating privileges API tests

* Fixing saved object management's view index patterns in app logic

* Fixing forgotten canViewInApp tests

* Fixing maps spaces functional tests

* Feature Controls - Differentiating the privileges with the same actions (#32266)

* Differentiating the privileges with the same actions

* The types for the lodash.uniqwith packare aren't right, and we need to
customize the isEqual also, so we're gonna do it ourselves

* Fixing dev tools ui capability

* Removing are equivalent privileges prevention, it's not what we really
need

* Requiring all to be more permissive than read on startup

* Transparently differentiating "all" from "read" feature privileges

* Fixing jest tests

* Adding the allHack: action to the space and global base privileges

* Changing actions to be readonly

* Adding JSDoc's for the Actions class and specifically the `allHack`
action

* Making the import of xpack_main types consistent

* Feature Controls: APM (#32812)

* Adding APM read privilege and adding functional UI tests

* Beginning to validate the APM routes are protected properly

* Protecting APM's APIs

* Specifying CI group

* Fixing privileges

* Adding forgotten apm show ui capability

* Fixing apm's privileges

* Fixing merge-conflict with privileges allHack: and APM

* address canvas feedback (#34269)

* [Feature Controls] - Plugin postInit (#29172)

## Summary

Throwing this up as a straw ~man~ person. If we like it, I can split it out and point the OSS changes against master if we'd prefer.

Introduces a `postInit` plugin hook that is called after all plugins have gone through their `preInit` and `init` phases, which allows the security plugin to call `registerPrivilegesWithCluster` after all plugins have had an opportunity to register their features.

* Feature Controls - Adds bulk toggle for showing/hiding features within a space (#34288)

## Summary

Adds a "Change all" option to the spaces management screen to allow all features to be shown/hidden:

![image](https://user-images.githubusercontent.com/3493255/55344105-85db5d00-547a-11e9-9325-136d1c13f40e.png)


Closes #34184

* Feature Controls - Unregistered Applications Authorization (#34122)

* Converting the app authorization to use typescript

* Adding jest tests

* Only authorizing app routes that are registered for features

* Using ProtectedApplications to lazily get feature applications

* Removing unneeded mocked headers as part of the authorization

* Adding some logging for the app authorization

* Fixing imports, thanks tslint --fix!

* Updating snapshots

* Feature Controls - Disable privilege form until spaces are selected (#34386)

## Summary
This disables the privilege selection until one or more spaces are selected in the role management form:

![image](https://user-images.githubusercontent.com/3493255/55432524-1724ff00-5561-11e9-86f6-1589ba3fa701.png)

* Feature Controls - Visualize read-only create new (#34209)

* Allowing users to create new visualizations, even if they can't be saved

* Fixing privileges and tests

* Updating snapshot

* Removing visualize edit ui capability

* Feature Controls - Actions Version Prefix (#34405)

* Prefixing actions with version

* Updating privileges api integration test

* Update x-pack/plugins/security/server/lib/authorization/actions/saved_object.ts

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Requiring version to be a not empty string

* Updating jest snapshots

* Changing the 403 messages for the saved object client

* Fixing ui/chrome mock

* Feature Controls - Displaying share menu on dashboards when in read-only mode (#34207)

* Displaying share menu on dashboards when in read-only mode

* Fixing test description, thanks Luke!

* Fixing dashboard view mode tests because the share menu is now visible

* migrate from tslint to eslint

* Feature Controls - Reserved Role Apps (#30525)

* Removing feature privileges from ml/monitoring/apm

* Adding monitoring/ml/apm as hard-coded global privileges

* A poorly named abstraction enters the room

* No more wildcards, starting to move some stuff around

* Splitting out the feature privilege builders

* Using actions instead of relying on their implementation

* We don't need the saved object types any longer

* Explicitly specifying some actions that used to rely on wildcards

* Fixing api integration test for privileges

* Test fixture plugin which adds the globaltype now specifies a feature

* Unauthorized to find unknown types now

* Adding reserved privileges tests

* Adding reserved privileges in a designated reserved bucket

* Fixing ui capability tests

* Adding spaces api tests for apm/ml/monitoring users

* Adding more roles to the security only ui capability tests

* You can put a role with reserved privileges using the API

* Adding support to get roles with _reserved privileges

* Adding APM functional tests

* Adding monitoring functional tests

* Fixing typo

* Ensuring apm_user, monitoring_user alone don't authorize you

* Adding ml functional tests

* Fixing test

* Fixing some type errors

* Updating snapshots

* Fixing privileges tests

* Trying to force this to run from source

* Fixing TS errors

* Being a less noisy neighbor

* Forcing logout for apm/dashboard feature controls security tests

* Fixing the security only ui capability tests

* Removing test that monitoring now tests itself

* Fixing some ui capability tests

* Cleaning up the error page services

* Fixing misspelling in comment

* Using forceLogout for monitoring

* Removing code that never should have been there, sorry Larry

* Less leniency with the get roles

* Barely alphabetical for a bit

* Apply suggestions from code review

Co-Authored-By: kobelb <brandon.kobel@gmail.com>

* Removing errant timeout

* No more hard coded esFrom source

* More nits

* Adding back esFrom source

* APM no longer uses reserved privileges, reserved privileges are
pluggable

* Fixing typescript errors

* Fixing ui capability test themselves

* Displaying reserved privileges for the space aware and simple forms

* Removing ability to PUT roles with _reserved privileges.
Removing ability to GET roles that have entries with both reserved and
feature/base privileges.

* Updating jest snapshots

* Changing the interface for a feature to register a reserved privilege to
include a description as well

* Displaying features with reserved privileges in the feature table

* Adjusting the reserved role privileges unit tests

* Changing usages of expect.js to @kbn/expect

* Changing the CalculatedPrivilege's _reserved property to reserved

* Allowing reserved privileges to be assigned at kibana-*

* Updating forgotten snapshot

* Validating reserved privileges

* Updating imports

* Removing --esFrom flag, we don't need it anymore

* Switching from tslint's ignore to eslint's ignore

* Feature Controls - Adds feature registration to plugin generator (#34537)

## Summary

This updates the plugin generator to allow plugin authors to automatically register their feature with the Feature Registry, for control via Spaces/Security.

Running:
```
elastic-mbp:kibana larry$ node scripts/generate_plugin.js test-plugin
? Provide a short description An awesome Kibana plugin
? What Kibana version are you targeting? master
? Should an app component be generated? Yes
? Should translation files be generated? Yes
? Should a hack component be generated? Yes
? Should a server API be generated? Yes
? Should SCSS be used? Yes
```

Generates the following:
```js
import { resolve } from 'path';
import { existsSync } from 'fs';


import { i18n } from '@kbn/i18n';

import exampleRoute from './server/routes/example';

export default function (kibana) {
  return new kibana.Plugin({
    require: ['elasticsearch'],
    name: 'test_plugin',
    uiExports: {
      app: {
        title: 'Test Plugin',
        description: 'An awesome Kibana plugin',
        main: 'plugins/test_plugin/app',
      },
      hacks: [
        'plugins/test_plugin/hack'
      ],
      styleSheetPaths: [resolve(__dirname, 'public/app.scss'), resolve(__dirname, 'public/app.css')].find(p => existsSync(p)),
    },

    config(Joi) {
      return Joi.object({
        enabled: Joi.boolean().default(true),
      }).default();
    },

    init(server, options) { // eslint-disable-line no-unused-vars
        const xpackMainPlugin = server.plugins.xpack_main;
        if (xpackMainPlugin) {
          const featureId = 'test_plugin';

          xpackMainPlugin.registerFeature({
            id: featureId,
            name: i18n.translate('testPlugin.featureRegistry.featureName', {
              defaultMessage: 'test-plugin',
            }),
            navLinkId: featureId,
            icon: 'discoverApp',
            app: [featureId, 'kibana'],
            catalogue: [],
            privileges: {
              all: {
                api: [],
                savedObject: {
                  all: [],
                  read: ['config'],
                },
                ui: ['show'],
              },
              read: {
                api: [],
                savedObject: {
                  all: [],
                  read: ['config'],
                },
                ui: ['show'],
              },
            },
          });
        }
      // Add server routes and initialize the plugin here
      exampleRoute(server);
    }
  });
}

```

* Updating core system docs

* Fixing infra's dates with data for the functional tests

* [Feature Controls] - Move UICapabilities to the new platform (#30585)

## Summary

This moves the UI Capabilities service into the new platform, shimming into the old platform in a way that is consistent with the `i18n` service.

* Fixing uptime functional api tests

* Removing .only...
cjcenizal pushed a commit that referenced this pull request Jul 6, 2020
* chore(NA): upgrade oss to lodash4

chore(NA): migrate cli, cli_plugin, cli_keystore,  dev, test_utils and apm src script to lodash4

chore(NA): missing file for cli plugin

chore(NA): add src core

chore(NA): es archiver and fixtures

chore(NA): try to fix functional test failure

chore(NA): migrate src/legacy entirely to lodash4 except src/legacy/core_plugins

chore(NA): move legacy core plugins to lodash4

chore(NA): upgrade optimize to lodash4

chore(NA): upgrade to lodash4 on advanced_settings, charts, console and dashboard

chore(NA): migrate to lodash4 on dev_tools, discover, embeddable, es_ui)shared, expressions, home plugins

chore(NA): upgrade data plugin to lodash4

chore(NA): upgrade usage_collection, ui_actions, tile_map, telemtry, share, saved_objects, saved_objects_management, region_map and navigation to lodash4

chore(NA): missing data upgrades to lodash4

Revert "chore(NA): upgrade usage_collection, ui_actions, tile_map, telemtry, share, saved_objects, saved_objects_management, region_map and navigation to lodash4"

This reverts commit 137055c.

Revert "Revert "chore(NA): upgrade usage_collection, ui_actions, tile_map, telemtry, share, saved_objects, saved_objects_management, region_map and navigation to lodash4""

This reverts commit f7e7368.

Revert "chore(NA): missing data upgrades to lodash4"

This reverts commit 92b85bf.

Revert "chore(NA): upgrade data plugin to lodash4"

This reverts commit 88fdb07.

chore(NA): upgrade idx_pattern_mgt, input_control_vis, inspector, kbn_legacy, kbn_react, kbn_usage_collections, kbn_utils, management and maps_legacy to lodash4

chore(NA): map src plugin data to lodash3

chore(NA): missing lodash.clonedeep dep

chore(NA): change packages kbn-config-schema deps

chore(NA): update renovate config

chore(NA): upgrade vis_type plugins to lodash4

chore(NA): move vis_type_vislib to lodash3

chore(NA): update visualizations and visualize to lodash4

chore(NA): remove lodash 3 types from src and move test to lodash4

chore(NA): move home, usage_collection and management to lodash 3

Revert "chore(NA): move home, usage_collection and management to lodash 3"

This reverts commit f86e858.

chore(NA): move kibana_legacy, saved_objects saved_objects_management into lodash3

chore(NA): update x-pack test to mock lodash4

Revert "chore(NA): move kibana_legacy, saved_objects saved_objects_management into lodash3"

This reverts commit 2d10fe4.

* chore(NA): move x-pack and packages to lodash 4

* chore(NA): remove mention to lodash from main package.json

* chore(NA): remove helper alias for lodash4 and make it the default lodash

* chore(NA): fix last failing types in the repo

* chore(NA): fix public api

* chore(NA): fix types for agg_row.tsx

* chore(NA): fix increment of optimizer modules in the rollup plugin

* chore(NA): migrate `src/core/public/http/fetch.ts` (#5)

* omit undefined query props

* just remove merge usage

* fix types

* chore(NA): fixes for feedback from apm team

* chore(NA): recover old behaviour on apm LoadingIndeicatorContext.tsx

* chore(NA): fixes for feedback from watson

* Platform lodash4 tweaks (#6)

* chore(NA): fix types and behaviour on src/core/server/elasticsearch/errors.ts

* Canvas fixes for lodash upgrade

* [APM] Adds unit test for APM service maps transform (#7)

* Adds a snapshot unit test for getConnections and rearranges some code to make testing easier

* reverts `ArrayList` back to `String[]` in the painless script within `fetch_service_paths_from_trace_ids.ts`

* chore(NA): update yarn.lock

* chore(NA): remove any and use a real type for alerts task runner

Co-authored-by: Gidi Meir Morris <github@gidi.io>

* chore(NA): used named import for triggers_actions_ui file

* chore(NA): fix eslint

* chore(NA): fix types

* Delete most uptime lodash references.

* Simplify. Clean up types.

* [Uptime] Delete most uptime lodash references (#8)

* Delete most uptime lodash references.

* Simplify. Clean up types.

* chore(NA): add eslint rule to avoid using lodash3

* chore(NA): apply changes on feedback from es-ui team

* fix some types (#9)

* Clean up some expressions types.

* chore(NA): missing ts-expect-error statements

* Upgrade lodash 4 vislib (#11)

* replace lodash 3 with lodash 4 on vislib plugin

* Further changes

* further replacement of lodash3 to 4

* further work on upgrading to lodash 4

* final changes to update lodash

* chore(NA): upgrade data plugin to lodash4

chore(NA): upgrade data plugin public to lodash4

chore(NA): fix typecheck task

chore(NA): fix agg_config with hasIn

chore(NA): assign to assignIn and has to hasIn

chore(NA): upgrade data plugin server to lodash4

chore(NA): new signature for core api

fix(NA): match behaviour between lodash3 and lodash4 for set in search_source

* chore(NA): remove lodash3 completely from the repo

* chore(NA): fix x-pack/test/api_integration/apis/metrics_ui/snapshot.ts missing content

* chore(NA): fix lodash usage on apm

* chore(NA): fix typecheck for maps

* Patch lodash template (#12)

* Applying changes from elastic#64985

* Using isIterateeCall, because it seems less brittle

* Also patching `lodash/template` and `lodash/fp/template`

* Reorganizing some files...

* Revising comment

* Ends up `_` is a function also... I hate JavaScript

Co-authored-by: Pierre Gayvallet <pierre.gayvallet@gmail.com>
Co-authored-by: Josh Dover <me@joshdover.com>
Co-authored-by: Clint Andrew Hall <clint.hall@elastic.co>
Co-authored-by: Oliver Gupte <ogupte@users.noreply.github.com>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Gidi Meir Morris <github@gidi.io>
Co-authored-by: Justin Kambic <justin.kambic@elastic.co>
Co-authored-by: Stratoula Kalafateli <stratoula1@gmail.com>
Co-authored-by: Luke Elmers <luke.elmers@elastic.co>
Co-authored-by: Brandon Kobel <brandon.kobel@gmail.com>
Co-authored-by: kobelb <brandon.kobel@elastic.co>
elasticmachine added a commit that referenced this pull request Jul 14, 2020
* Initial App Search in Kibana plugin work

- Initializes a new platform plugin that ships out of the box w/ x-pack
- Contains a very basic front-end that shows AS engines, error states, or a Setup Guide
- Contains a very basic server that remotely calls the AS internal engines API and returns results

* Update URL casing to match Kibana best practices

- URL casing appears to be snake_casing, but kibana.json casing appears to be camelCase

* Register App Search plugin in Home Feature Catalogue

* Add custom App Search in Kibana logo

- I haven't had much success in surfacing a SVG file via a server-side endpoint/URL, but then I realized EuiIcon supports passing in a ReactElement directly. Woo!

* Fix appSearch.host config setting to be optional

- instead of crashing folks on load

* Rename plugin to Enterprise Search

- per product decision, URL should be enterprise_search/app_search and Workplace Search should also eventually live here
- reorganize folder structure in anticipation for another workplace_search plugin/codebase living alongside app_search
- rename app.tsx/main.tsx to a standard top-level index.tsx (which will contain top-level routes/state)
- rename AS->ES files/vars where applicable
- TODO: React Router

* Set up React Router URL structure

* Convert showSetupGuide action/flag to a React Router link

- remove showSetupGuide flag
- add a new shared helper component for combining EuiButton/EuiLink with React Router behavior (https://github.com/elastic/eui/blob/master/wiki/react-router.md#react-router-51)

* Implement Kibana Chrome breadcrumbs

- create shared helper (WS will presumably also want this) for generating EUI breadcrumb objects with React Router links+click behavior
- create React component that calls chrome.setBreadcrumbs on page mount
- clean up type definitions - move app-wide props to IAppSearchProps and update most pages/views to simply import it instead of calling their own definitions

* Added server unit tests (#2)

* Added unit test for server

* PR Feedback

* Refactor top-level Kibana props to a global context state

- rather them passing them around verbosely as props, the components that need them should be able to call the useContext hook

+ Remove IAppSearchProps in favor of IKibanaContext

+ Also rename `appSearchUrl` to `enterpriseSearchUrl`, since this context will contained shared/Kibana-wide values/actions useful to both AS and WS

* Added unit tests for public (#4)

* application.test.ts

* Added Unit Test for EngineOverviewHeader

* Added Unit Test for generate_breadcrumbs

* Added Unit Test for set_breadcrumb.tsx

* Added a unit test for link_events

- Also changed link_events.tsx to link_events.ts since it's just TS, no
React
- Modified letBrowserHandleEvent so it will still return a false
boolean when target is blank

* Betterize these tests

Co-Authored-By: Constance <constancecchen@users.noreply.github.com>

Co-authored-by: Constance <constancecchen@users.noreply.github.com>

* Add UI telemetry tracking to AS in Kibana (#5)

* Set up Telemetry usageCollection, savedObjects, route, & shared helper

- The Kibana UsageCollection plugin handles collecting our telemetry UI data (views, clicks, errors, etc.) and pushing it to elastic's telemetry servers
- That data is stored in incremented in Kibana's savedObjects lib/plugin (as well as mapped)
- When an end-user hits a certain view or action, the shared helper will ping the app search telemetry route which increments the savedObject store

* Update client-side views/links to new shared telemetry helper

* Write tests for new telemetry files

* Implement remaining unit tests (#7)

* Write tests for React Router+EUI helper components

* Update generate_breadcrumbs test

- add test suite for generateBreadcrumb() itself (in order to cover a missing branch)
- minor lint fixes
- remove unnecessary import from set_breadcrumbs test

* Write test for get_username util

+ update test to return a more consistent falsey value (null)

* Add test for SetupGuide

* [Refactor] Pull out various Kibana context mocks into separate files

- I'm creating a reusable useContext mock for shallow()ed enzyme components
+ add more documentation comments + examples

* Write tests for empty state components

+ test new usecontext shallow mock

* Empty state components: Add extra getUserName branch test

* Write test for app search index/routes

* Write tests for engine overview table

+ fix bonus bug

* Write Engine Overview tests

+ Update EngineOverview logic to account for issues found during tests :)
  - Move http to async/await syntax instead of promise syntax (works better with existing HttpServiceMock jest.fn()s)
  - hasValidData wasn't strict enough in type checking/object nest checking and was causing the app itself to crash (no bueno)

* Refactor EngineOverviewHeader test to use shallow + to full coverage

- missed adding this test during telemetry work
- switching to shallow and beforeAll reduces the test time from 5s to 4s!

* [Refactor] Pull out React Router history mocks into a test util helper

+ minor refactors/updates

* Add small tests to increase branch coverage

- mostly testing fallbacks or removing fallbacks in favor of strict type interface
- these are slightly obsessive so I'd also be fine ditching them if they aren't terribly valuable

* Address larger tech debt/TODOs (#8)

* Fix optional chaining TODO

- turns out my local Prettier wasn't up to date, completely my bad

* Fix constants TODO

- adds a common folder/architecture for others to use in the future

* Remove TODO for eslint-disable-line and specify lint rule being skipped

- hopefully that's OK for review, I can't think of any other way to sanely do this without re-architecting the entire file or DDoSing our API

* Add server-side logging to route dependencies

+ add basic example of error catching/logging to Telemetry route
+ [extra] refactor mockResponseFactory name to something slightly easier to read

* Move more Engines Overview API logic/logging to server-side

- handle data validation in the server-side
- wrap server-side API in a try/catch to account for fetch issues
- more correctly return 2xx/4xx statuses and more correctly deal with those responses in the front-end
- Add server info/error/debug logs (addresses TODO)
- Update tests + minor refactors/cleanup
    - remove expectResponseToBe200With helper (since we're now returning multiple response types) and instead make mockResponse var name more readable
    - one-line header auth
    - update tests with example error logs
    - update schema validation for `type` to be an enum of `indexed`/`meta` (more accurately reflecting API)

* Per telemetry team feedback, rename usageCollection telemetry mapping name to simpler 'app_search'

- since their mapping already nests under 'kibana.plugins'
- note: I left the savedObjects name with the '_telemetry' suffix, as there very well may be a use case for top-level generic 'app_search' saved objects

* Update Setup Guide installation instructions (#9)

Co-authored-by: Chris Cressman <chris@chriscressman.com>

* [Refactor] DRY out route test helper

* [Refactor] Rename public/test_utils to public/__mocks__

- to better follow/use jest setups and for .mock.ts suffixes

* Add platinum licensing check to Meta Engines table/call (#11)

* Licensing plugin setup

* Add LicensingContext setup

* Update EngineOverview to not hit meta engines API on platinum license

* Add Jest test helpers for future shallow/context use

* Update plugin to use new Kibana nav + URL update (#12)

* Update new nav categories to add Enterprise Search + update plugin to use new category

- per @johnbarrierwilson and Matt Riley, Enterprise Search should be under Kibana and above Observability
- Run `node scripts/check_published_api_changes.js --accept` since this new category affects public API

* [URL UPDATE] Change '/app/enterprise_search/app_search' to '/app/app_search'

- This needs to be done because App Search and Workplace search *have* to be registered as separate plugins to have 2 distinct nav links
- Currently Kibana doesn't support nested app names (see: elastic#59190) but potentially will in the future

- To support this change, we need to update applications/index.tsx to NOT handle '/app/enterprise_search' level routing, but instead accept an async imported app component (e.g. AppSearch, WorkplaceSearch).
- AppSearch should now treat its router as root '/' instead of '/app_search'

- (Addl) Per Josh Dover's recommendation, switch to `<Router history={params.history}>` from `<BrowserRouter basename={params.appBasePath}>` since they're deprecating appBasePath

* Update breadcrumbs helper to account for new URLs

- Remove path for Enterprise Search breadcrumb, since '/app/enterprise_search' will not link anywhere meaningful for the foreseeable future, so the Enterprise Search root should not go anywhere
- Update App Search helper to go to root path, per new React Router setup

Test changes:
- Mock custom basepath for App Search tests
- Swap enterpriseSearchBreadcrumbs and appSearchBreadcrumbs test order (since the latter overrides the default mock)

* Add create_first_engine_button telemetry tracking to EmptyState

* Switch plugin URLs back to /app/enterprise_search/app_search

Now that elastic#66455 has been merged in 🎉

* Add i18n formatted messages / translations (#13)

* Add i18n provider and formatted/i18n translated messages

* Update tests to account for new I18nProvider context + FormattedMessage components

- Add new mountWithContext helper that provides all contexts+providers used in top-level app
- Add new shallowWithIntl helper for shallow() components that dive into FormattedMessage

* Format i18n dates and numbers

+ update some mock tests to not throw react-intl invalid date messages

* Update EngineOverviewHeader to disable button on prop

* Address review feedback (#14)

* Fix Prettier linting issues

* Escape App Search API endpoint URLs

- per PR feedback
- querystring should automatically encodeURIComponent / escape query param strings

* Update server plugin.ts to use getStartServices() rather than storing local references from start()

- Per feedback: https://github.com/elastic/kibana/blob/master/src/core/CONVENTIONS.md#applications

- Note: savedObjects.registerType needs to be outside of getStartServices, or an error is thrown

- Side update to registerTelemetryUsageCollector to simplify args

- Update/fix tests to account for changes

* E2E testing (#6)

* Wired up basics for E2E testing

* Added version with App Search

* Updated naming

* Switched configuration around

* Added concept of 'fixtures'

* Figured out how to log in as the enterprise_search user

* Refactored to use an App Search service

* Added some real tests

* Added a README

* Cleanup

* More cleanup

* Error handling + README updatre

* Removed unnecessary files

* Apply suggestions from code review

Co-authored-by: Constance <constancecchen@users.noreply.github.com>

* Update x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/engine_table.tsx

Co-authored-by: Constance <constancecchen@users.noreply.github.com>

* PR feedback - updated README

* Additional lint fixes

Co-authored-by: Constance <constancecchen@users.noreply.github.com>

* Add README and CODEOWNERS (#15)

* Add plugin README and CODEOWNERS

* Fix Typescript errors (#16)

* Fix public mocks

* Fix empty states types

* Fix engine table component errors

* Fix engine overview component errors

* Fix setup guide component errors

- SetBreadcrumbs will be fixed in a separate commit

* Fix App Search index errors

* Fix engine overview header component errors

* Fix applications context index errors

* Fix kibana breadcrumb helper errors

* Fix license helper errors

* ❗ Refactor React Router EUI link/button helpers
- in order to fix typescript errors

- this changes the component logic significantly to a react render prop, so that the Link and Button components can have different types - however, end behavior should still remain the same

* Fix telemetry helper errors

* Minor unused var cleanup in plugin files

* Fix telemetry collector/savedobjects errors

* Fix MockRouter type errors and add IRouteDependencies export

- routes will use IRouteDependencies in the next few commits

* Fix engines route errors

* Fix telemetry route errors

* Remove any type from source code

- thanks to Scotty for the inspiration

* Add eslint rules for Enterprise Search plugin

- Add checks for type any, but only on non-test files
- Disable react-hooks/exhaustive-deps, since we're already disabling it in a few files and other plugins also have it turned off

* Cover uncovered lines in engines_table and telemetry tests

* Fixed TS warnings in E2E tests (#17)

* Feedback: Convert static CSS values to EUI variables where possible

* Feedback: Flatten nested CSS where possible

- Prefer setting CSS class overrides on individual EUI components, not on a top-level page

+ Change CSS class casing from kebab-case to camelCase to better match EUI/Kibana

+ Remove unnecessary .euiPageContentHeader margin-bottom override by changing the panelPaddingSize of euiPageContent

+ Decrease engine overview table padding on mobile

* Refactor out components shared with Workplace Search (#18)

* Move getUserName helper to shared

- in preparation for Workplace Search plugin also using this helper

* Move Setup Guide layout to a shared component

* Setup Guide: add extra props for standard/native auth links

Note: It's possible this commit may be unnecessary if we can publish shared Enterprise Search security mode docs

* Update copy per feedback from copy team

* Address various telemetry issues

- saved objects: removing indexing per elastic#43673
- add schema and generate json per elastic#64942
- move definitions over to collectors since saved objects is mostly empty at this point, and schema throws an error when it imports an obj instead of being defined inline
- istanbul ignore saved_objects file since it doesn't have anything meaningful to test but was affecting code coverage

* Disable plugin access if a normal user does not have access to App Search (#19)

* Set up new server security dependency and configs

* Set up access capabilities

* Set up checkAccess helper/caller

* Remove NoUserState component from the public UI

- Since this is now being handled by checkAccess / normal users should never see the plugin at all if they don't have an account/access, the component is no longer needed

* Update server routes to account for new changes

- Remove login redirect catch from routes, since the access helper should now handle that for most users by disabling the plugin (superusers will see a generic cannot connect/error screen)
- Refactor out new config values to a shared mock

* Refactor Enterprise Search http call to hit/return new internal API endpoint

+ pull out the http call to a separate library for upcoming public URL work (so that other files can call it directly as well)

* [Discussion] Increase timeout but add another warning timeout for slow servers

- per recommendation/convo with Brandon

* Register feature control

* Remove no_as_account from UI telemetry

- since we're no longer tracking that in the UI

* Address PR feedback - isSuperUser check

* Public URL support for Elastic Cloud (#21)

* Add server-side public URL route

- Per feedback from Kibana platform team, it's not possible to pass info from server/ to public/ without a HTTP call :[

* Update MockRouter for routes without any payload/params

* Add client-side helper for calling the new public URL API

+ API seems to return a URL a trailing slash, which we need to omit

* Update public/plugin.ts to check and set a public URL

- relies on this.hasCheckedPublicUrl to only make the call once per page load instead of on every page nav

* Fix failing feature control tests

- Split up scenario cases as needed
- Add plugin as an exception alongside ML & Monitoring

* Address PR feedback

- version: kibana
- copy edits
- Sass vars
- code cleanup

* Casing feedback: change all plugin registration IDs from snake_case to camelCase

- note: current remainng snake_case exceptions are telemetry keys
- file names and api endpoints are snake_case per conventions

* Misc security feedback

- remove set
- remove unnecessary capabilities registration
- telemetry namespace agnostic

* Security feedback: add warn logging to telemetry collector

see elastic#66922 (comment)
- add if statement
- pass log dependency around (this is kinda medium, should maybe refactor)
- update tests
- move test file comment to the right file (was meant for telemetry route file)

* Address feedback from Pierre

- Remove unnecessary ServerConfigType
- Remove unnecessary uiCapabilities
- Move registerTelemetryRoute / SavedObjectsServiceStart workaround
- Remove unnecessary license optional chaining

* PR feedback

Address type/typos

* Fix telemetry API call returning 415 on Chrome

- I can't even?? I swear charset=utf-8 fixed the same error a few weeks ago

* Fix failing tests

* Update Enterprise Search functional tests (without host) to run on CI

- Fix incorrect navigateToApp slug (hadn't realized this was a URL, not an ID)
- Update without_host_configured tests to run without API key
- Update README

* Address PR feedback from Pierre

- remove unnecessary authz?
- remove unnecessary content-type json headers
- add loggingSystemMock.collect(mockLogger).error assertion
- reconstrcut new MockRouter on beforeEach for better sandboxing
- fix incorrect describe()s -should be it()
- pull out reusable mockDependencies helper (renamed/extended from mockConfig) for tests that don't particularly use config/log but still want to pass type definitions
- Fix comment copy

Co-authored-by: Jason Stoltzfus <jastoltz24@gmail.com>
Co-authored-by: Chris Cressman <chris@chriscressman.com>
Co-authored-by: scottybollinger <scotty.bollinger@elastic.co>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
cjcenizal pushed a commit that referenced this pull request Jun 14, 2021
* 💄 Hack to fix suggestion box

* 🐛 Fix validation messages

* 🐛 Relax operations check for managedReferences

* Change completion params

* 🏷️ Fix missing arg issue

* ✨ Add more tinymath fns

* 🐛 Improved validation around math operations + multiple named arguments

* 🐛 Use new onError feature in math expression

* ♻️ Refactor namedArguments validation

* 🐛 Fix circular dependency issue in tests + minor fixes

* Move formula into a tab

* 🔥 Leftovers from previous merge

* ✨ Move over namedArgs from previous function

* ✅ Add tests for transferable scenarios

* ✅ Fixed broken test

* ✨ Use custom label for axis

* Allow switching back and forth to formula tab

* Add a section for the function reference

* Add modal editor and markdown docs

* Change the way math nodes are validated

* Use custom portal to fix monaco positioning

* Fix model sharing issues

* Provide signature help

* 🐛 Fix small test issue

* 🐛 Mark pow arguments as required

* 🐛 validate on first render only if a formula is present

* 🔥 Remove log10 fn for now

* ✨ Improved math validation + add tests for math functions

* Fix mount/unmount issues with Monaco

* [Lens] Fully unmount React when flyout closes

* Fix bug with editor frame unmounting

* Fix type

* Add tests for monaco providers, add hover provider

* Add test for last_value

* Usability improvements

* Add KQL and Lucene named parameters

* Add kql, lucene completion and validation

* Fix autocomplete on weird characters and properly connect KQL

* Highlight functions that have additional requirements after validating

* Fix type error and move help text to popover

* Fix escape characters inside KQL

* 🐛 Fix dataType issue when moving over to Formula

* Automatically insert single quotes on every named param

* Only insert single quotes when typing kql= or lucene=

* Reorganize help popover

* Fix merge issues

* Update grammar for formulas

* Fix bad merge

* Rough fullscreen mode

* Type updates

* Pass through fullscreen state

* Remove more chrome from full screen mode

* Fix minor bugs in formula typing

* 🐛 Decouple column order of references and output

* 🔧 Fix tests and types

* ✅ Add first functional test

* Fix copying formulas and empty formula

* Trigger suggestion prompt when hitting enter on function or typing kql=

* 🐛 Prevent flyout from closing while interacting with monaco

* refactoring

* move main column generation into parse module

* fix tests

* refactor small formula styles and markup

* documentation

* adjustments in formula footer

* Formula refactoring (#12)

* refactoring

* move main column generation into parse module

* fix tests

* more style and markup tweak for custom formula

* Fix tests

* [Expressions] Use table column ID instead of name when set

* [Lens] Create managedReference type for formulas

* Fix test failures

* Fix i18n types

* fix fullscreen flex issues

* Delete managedReference when replacing

* refactor css and markup; add button placeholders

* [Lens] Formulas

* Tests for formula

Co-authored-by: Marco Liberati <marco.liberati@elastic.co>

* added error count placeholder

* Add tooltips

* Refactoring from code review

* Fix some editor issues

* Update ID matching to match by name sometimes

* Improve performance of Monaco, fix formulas with 0, update labels

* Improve performance of full screen toggle

* Fix formula tests

* fix stuff

* Add an extra case to prevent insertion of duplicate column

* Simplify logic and add test for output ID

* add telemetry for Lens formula (#15)

* Respond to review comments

* ✨ Improve the signatures with better documentation and examples

* adjust border styles to account for docs collapse

* refactor docs markup; restructure docs obj; styles

* Fix formula auto reordering (#18)

* fix formula auto reordering

* add unit test

* Fix and improve suggestion experience in Formula (#19)

* ✨ Revisit documentation and suggestions

* 👌 Integrated feedback

* ✨ Add query validation for quotes

* Usability updates & type fixes

* add search to formula

* fix form styles to match designs

* fix text styles; revert to Markdown for control

* 👌 Integrated more feedback

* improve search

* improve suggestions

* improve suggestions even more

* 🐛 Fix i18n issues (#22)

* Persist formula on leave, fix fullscreen and popovers

* Fix documentation tests

* 🏷️ fix type issue

* 🐛 Remove hidden operations from valid functions list

* 🐛 Fix empty string query edge case

* 🐛 Enable more suggestions + extends validation

* Fix tests that depended on setState being called without function

* Error state and text wrapping updates

* ✨ Add new module to CodeEditor for brackets matching (#25)

* Fix type

* show warning

* keep current quick function

* ✨ Improve suggestions within kql query

* 📷 Fix snapshot editor test

* 🐛 Improved suggestion for single quote and refactored debounce

* Fix lodash usage

* Fix tests

* Revert "keep current quick function"

This reverts commit ed47705.

* Improve performance of dispatch by using timeout

* Improve memoization of datapanel

* Fix escape characters

* fix reduced suggestions

* fix responsiveness

* fix unit test

* Fix autocomplete on nested math

* Show errors and warnings on first render

* fix transposing column crash

* Update comment

* 🐛 Fix field error message

* fix test types

* 📝 Fix i18n name

* 💄 Manage wordwrap via react component

* Fix selector for palettes that interferes with quick functions

* Use word wrapping by default

* Errors for managed references are handled at the top level

* 🐛 Move the cursor just next to new inserted text

* ⚗️ First pass for performance

* 🐛 Fix unwanted change

* ⚡ Memoize as many combobox props as possible

* ⚡ More memoization

* Show errors in hover

* Use temporary invalid state when moving away from formula

* Remove setActiveDimension and shouldClose, fixed by async setters

* Fix test dependency

* do not show quick functions tab

* increase documentation popover width

* fix functional test

* Call setActiveDimension when updating visualization

* Simplify handling of flyout with incomplete columns

* Fix test issues

* add description to formula telemetry

* fix schema

* Update from design feedback

* More review comments

* Hide callout border from v7 theme

Co-authored-by: dej611 <dej611@gmail.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Joe Reuter <johannes.reuter@elastic.co>
Co-authored-by: Michael Marcialis <michael.marcialis@elastic.co>
Co-authored-by: Joe Reuter <email@johannes-reuter.de>
Co-authored-by: Marco Liberati <marco.liberati@elastic.co>
Co-authored-by: Marco Liberati <dej611@users.noreply.github.com>
cjcenizal pushed a commit that referenced this pull request Jun 14, 2021
* 💄 Hack to fix suggestion box

* 🐛 Fix validation messages

* 🐛 Relax operations check for managedReferences

* Change completion params

* 🏷️ Fix missing arg issue

* ✨ Add more tinymath fns

* 🐛 Improved validation around math operations + multiple named arguments

* 🐛 Use new onError feature in math expression

* ♻️ Refactor namedArguments validation

* 🐛 Fix circular dependency issue in tests + minor fixes

* Move formula into a tab

* 🔥 Leftovers from previous merge

* ✨ Move over namedArgs from previous function

* ✅ Add tests for transferable scenarios

* ✅ Fixed broken test

* ✨ Use custom label for axis

* Allow switching back and forth to formula tab

* Add a section for the function reference

* Add modal editor and markdown docs

* Change the way math nodes are validated

* Use custom portal to fix monaco positioning

* Fix model sharing issues

* Provide signature help

* 🐛 Fix small test issue

* 🐛 Mark pow arguments as required

* 🐛 validate on first render only if a formula is present

* 🔥 Remove log10 fn for now

* ✨ Improved math validation + add tests for math functions

* Fix mount/unmount issues with Monaco

* [Lens] Fully unmount React when flyout closes

* Fix bug with editor frame unmounting

* Fix type

* Add tests for monaco providers, add hover provider

* Add test for last_value

* Usability improvements

* Add KQL and Lucene named parameters

* Add kql, lucene completion and validation

* Fix autocomplete on weird characters and properly connect KQL

* Highlight functions that have additional requirements after validating

* Fix type error and move help text to popover

* Fix escape characters inside KQL

* 🐛 Fix dataType issue when moving over to Formula

* Automatically insert single quotes on every named param

* Only insert single quotes when typing kql= or lucene=

* Reorganize help popover

* Fix merge issues

* Update grammar for formulas

* Fix bad merge

* Rough fullscreen mode

* Type updates

* Pass through fullscreen state

* Remove more chrome from full screen mode

* Fix minor bugs in formula typing

* 🐛 Decouple column order of references and output

* 🔧 Fix tests and types

* ✅ Add first functional test

* Fix copying formulas and empty formula

* Trigger suggestion prompt when hitting enter on function or typing kql=

* 🐛 Prevent flyout from closing while interacting with monaco

* refactoring

* move main column generation into parse module

* fix tests

* refactor small formula styles and markup

* documentation

* adjustments in formula footer

* Formula refactoring (#12)

* refactoring

* move main column generation into parse module

* fix tests

* more style and markup tweak for custom formula

* Fix tests

* [Expressions] Use table column ID instead of name when set

* [Lens] Create managedReference type for formulas

* Fix test failures

* Fix i18n types

* fix fullscreen flex issues

* Delete managedReference when replacing

* refactor css and markup; add button placeholders

* [Lens] Formulas

* Tests for formula

Co-authored-by: Marco Liberati <marco.liberati@elastic.co>

* added error count placeholder

* Add tooltips

* Refactoring from code review

* Fix some editor issues

* Update ID matching to match by name sometimes

* Improve performance of Monaco, fix formulas with 0, update labels

* Improve performance of full screen toggle

* Fix formula tests

* fix stuff

* Add an extra case to prevent insertion of duplicate column

* Simplify logic and add test for output ID

* add telemetry for Lens formula (#15)

* Respond to review comments

* ✨ Improve the signatures with better documentation and examples

* adjust border styles to account for docs collapse

* refactor docs markup; restructure docs obj; styles

* Fix formula auto reordering (#18)

* fix formula auto reordering

* add unit test

* Fix and improve suggestion experience in Formula (#19)

* ✨ Revisit documentation and suggestions

* 👌 Integrated feedback

* ✨ Add query validation for quotes

* Usability updates & type fixes

* add search to formula

* fix form styles to match designs

* fix text styles; revert to Markdown for control

* 👌 Integrated more feedback

* improve search

* improve suggestions

* improve suggestions even more

* 🐛 Fix i18n issues (#22)

* Persist formula on leave, fix fullscreen and popovers

* Fix documentation tests

* 🏷️ fix type issue

* 🐛 Remove hidden operations from valid functions list

* 🐛 Fix empty string query edge case

* 🐛 Enable more suggestions + extends validation

* Fix tests that depended on setState being called without function

* Error state and text wrapping updates

* ✨ Add new module to CodeEditor for brackets matching (#25)

* Fix type

* show warning

* keep current quick function

* ✨ Improve suggestions within kql query

* 📷 Fix snapshot editor test

* 🐛 Improved suggestion for single quote and refactored debounce

* Fix lodash usage

* Fix tests

* Revert "keep current quick function"

This reverts commit ed47705.

* Improve performance of dispatch by using timeout

* Improve memoization of datapanel

* Fix escape characters

* fix reduced suggestions

* fix responsiveness

* fix unit test

* Fix autocomplete on nested math

* Show errors and warnings on first render

* fix transposing column crash

* Update comment

* 🐛 Fix field error message

* fix test types

* 📝 Fix i18n name

* 💄 Manage wordwrap via react component

* Fix selector for palettes that interferes with quick functions

* Use word wrapping by default

* Errors for managed references are handled at the top level

* 🐛 Move the cursor just next to new inserted text

* ⚗️ First pass for performance

* 🐛 Fix unwanted change

* ⚡ Memoize as many combobox props as possible

* ⚡ More memoization

* Show errors in hover

* Use temporary invalid state when moving away from formula

* Remove setActiveDimension and shouldClose, fixed by async setters

* Fix test dependency

* do not show quick functions tab

* increase documentation popover width

* fix functional test

* Call setActiveDimension when updating visualization

* Simplify handling of flyout with incomplete columns

* Fix test issues

* add description to formula telemetry

* fix schema

* Update from design feedback

* More review comments

* Hide callout border from v7 theme

Co-authored-by: dej611 <dej611@gmail.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Joe Reuter <johannes.reuter@elastic.co>
Co-authored-by: Michael Marcialis <michael.marcialis@elastic.co>
Co-authored-by: Joe Reuter <email@johannes-reuter.de>
Co-authored-by: Marco Liberati <marco.liberati@elastic.co>
Co-authored-by: Marco Liberati <dej611@users.noreply.github.com>

Co-authored-by: Wylie Conlon <william.conlon@elastic.co>
Co-authored-by: dej611 <dej611@gmail.com>
Co-authored-by: Joe Reuter <johannes.reuter@elastic.co>
Co-authored-by: Michael Marcialis <michael.marcialis@elastic.co>
Co-authored-by: Joe Reuter <email@johannes-reuter.de>
Co-authored-by: Marco Liberati <marco.liberati@elastic.co>
Co-authored-by: Marco Liberati <dej611@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant