elastic · jen-huang · Oct 13, 2021 · Oct 12, 2021 · Oct 12, 2021 · Oct 13, 2021
diff --git a/x-pack/plugins/fleet/common/types/rest_spec/fleet_setup.ts b/x-pack/plugins/fleet/common/types/rest_spec/fleet_setup.ts
@@ -13,6 +13,7 @@ export interface PostFleetSetupResponse {
 export interface GetFleetStatusResponse {
   isReady: boolean;
   missing_requirements: Array<
+    | 'security_required'
     | 'tls_required'
     | 'api_keys'
     | 'fleet_admin_user'

diff --git a/x-pack/plugins/fleet/public/applications/fleet/app.tsx b/x-pack/plugins/fleet/public/applications/fleet/app.tsx
@@ -45,6 +45,7 @@ import { DefaultLayout, DefaultPageTitle, WithoutHeaderLayout, WithHeaderLayout
 import { AgentPolicyApp } from './sections/agent_policy';
 import { DataStreamApp } from './sections/data_stream';
 import { AgentsApp } from './sections/agents';
+import { MissingESRequirementsPage } from './sections/agents/agent_requirements_page';
 import { CreatePackagePolicyPage } from './sections/agent_policy/create_package_policy_page';
 import { EnrollmentTokenListPage } from './sections/agents/enrollment_token_list_page';
 
@@ -71,6 +72,53 @@ const Panel = styled(EuiPanel)`
   margin-left: auto;
 `;
 
+const PermissionsError: React.FunctionComponent<{ error: string }> = memo(({ error }) => {
+  if (error === 'MISSING_SECURITY') {
+    return <MissingESRequirementsPage missingRequirements={['security_required', 'api_keys']} />;
+  }
+
+  if (error === 'MISSING_SUPERUSER_ROLE') {
+    return (
+      <Panel>
+        <EuiEmptyPrompt
+          iconType="securityApp"
+          title={
+            <h2>
+              <FormattedMessage
+                id="xpack.fleet.permissionDeniedErrorTitle"
+                defaultMessage="Permission denied"
+              />
+            </h2>
+          }
+          body={
+            <p>
+              <FormattedMessage
+                id="xpack.fleet.permissionDeniedErrorMessage"
+                defaultMessage="You are not authorized to access Fleet. Fleet requires {roleName} privileges."
+                values={{ roleName: <EuiCode>superuser</EuiCode> }}
+              />
+            </p>
+          }
+        />
+      </Panel>
+    );
+  }
+
+  return (
+    <Error
+      title={
+        <FormattedMessage
+          id="xpack.fleet.permissionsRequestErrorMessageTitle"
+          defaultMessage="Unable to check permissions"
+        />
+      }
+      error={i18n.translate('xpack.fleet.permissionsRequestErrorMessageDescription', {
+        defaultMessage: 'There was a problem checking Fleet permissions',
+      })}
+    />
+  );
+});
+
 export const WithPermissionsAndSetup: React.FC = memo(({ children }) => {
   useBreadcrumbs('base');
   const { notifications } = useStartServices();
@@ -121,58 +169,7 @@ export const WithPermissionsAndSetup: React.FC = memo(({ children }) => {
   if (isPermissionsLoading || permissionsError) {
     return (
       <ErrorLayout isAddIntegrationsPath={isAddIntegrationsPath}>
-        {isPermissionsLoading ? (
-          <Loading />
-        ) : permissionsError === 'REQUEST_ERROR' ? (
-          <Error
-            title={
-              <FormattedMessage
-                id="xpack.fleet.permissionsRequestErrorMessageTitle"
-                defaultMessage="Unable to check permissions"
-              />
-            }
-            error={i18n.translate('xpack.fleet.permissionsRequestErrorMessageDescription', {
-              defaultMessage: 'There was a problem checking Fleet permissions',
-            })}
-          />
-        ) : (
-          <Panel>
-            <EuiEmptyPrompt
-              iconType="securityApp"
-              title={
-                <h2>
-                  {permissionsError === 'MISSING_SUPERUSER_ROLE' ? (
-                    <FormattedMessage
-                      id="xpack.fleet.permissionDeniedErrorTitle"
-                      defaultMessage="Permission denied"
-                    />
-                  ) : (
-                    <FormattedMessage
-                      id="xpack.fleet.securityRequiredErrorTitle"
-                      defaultMessage="Security is not enabled"
-                    />
-                  )}
-                </h2>
-              }
-              body={
-                <p>
-                  {permissionsError === 'MISSING_SUPERUSER_ROLE' ? (
-                    <FormattedMessage
-                      id="xpack.fleet.permissionDeniedErrorMessage"
-                      defaultMessage="You are not authorized to access Fleet. Fleet requires {roleName} privileges."
-                      values={{ roleName: <EuiCode>superuser</EuiCode> }}
-                    />
-                  ) : (
-                    <FormattedMessage
-                      id="xpack.fleet.securityRequiredErrorMessage"
-                      defaultMessage="You must enable security in Kibana and Elasticsearch to use Fleet."
-                    />
-                  )}
-                </p>
-              }
-            />
-          </Panel>
-        )}
+        {isPermissionsLoading ? <Loading /> : <PermissionsError error={permissionsError!} />}
       </ErrorLayout>
     );
   }

diff --git a/...ublic/applications/fleet/sections/agents/agent_requirements_page/es_requirements_page.tsx b/...ublic/applications/fleet/sections/agents/agent_requirements_page/es_requirements_page.tsx
@@ -76,7 +76,7 @@ export const MissingESRequirementsPage: React.FunctionComponent<{
             values={{ esConfigFile: <EuiCode>elasticsearch.yml</EuiCode> }}
           />
           <EuiSpacer size="l" />
-          <RequirementItem isMissing={false}>
+          <RequirementItem isMissing={missingRequirements.includes('security_required')}>
             <FormattedMessage
               id="xpack.fleet.setupPage.elasticsearchSecurityFlagText"
               defaultMessage="{esSecurityLink}. Set {securityFlag} to {true} ."

diff --git a/x-pack/plugins/fleet/server/routes/app/index.ts b/x-pack/plugins/fleet/server/routes/app/index.ts
@@ -13,11 +13,23 @@ import type { CheckPermissionsResponse, GenerateServiceTokenResponse } from '../
 import { defaultIngestErrorHandler, GenerateServiceTokenError } from '../../errors';
 
 export const getCheckPermissionsHandler: RequestHandler = async (context, request, response) => {
+  const missingSecurityBody: CheckPermissionsResponse = {
+    success: false,
+    error: 'MISSING_SECURITY',
+  };
   const body: CheckPermissionsResponse = { success: true };
   try {
     const security = await appContextService.getSecurity();
     const user = security.authc.getCurrentUser(request);
 
+    // when ES security is disabled, but Kibana security plugin is not explicitly disabled,
+    // `authc.getCurrentUser()` does not error, instead it comes back as `null`
+    if (!user) {
+      return response.ok({
+        body: missingSecurityBody,
+      });
+    }
+
     if (!user?.roles.includes('superuser')) {
       body.success = false;
       body.error = 'MISSING_SUPERUSER_ROLE';
@@ -28,10 +40,10 @@ export const getCheckPermissionsHandler: RequestHandler = async (context, reques
 
     return response.ok({ body: { success: true } });
   } catch (e) {
-    body.success = false;
-    body.error = 'MISSING_SECURITY';
+    // when Kibana security plugin is explicitly disabled,
+    // `appContextService.getSecurity()` returns an error, so we catch it here
     return response.ok({
-      body,
+      body: missingSecurityBody,
     });
   }
 };

diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
@@ -4908,6 +4908,16 @@
     "visTypeMetric.colorModes.backgroundOptionLabel": "背景",
     "visTypeMetric.colorModes.labelsOptionLabel": "ラベル",
     "visTypeMetric.colorModes.noneOptionLabel": "なし",
+    "visTypeMetric.metricDescription": "計算結果を単独の数字として表示します。",
+    "visTypeMetric.metricTitle": "メトリック",
+    "visTypeMetric.params.color.useForLabel": "使用する色",
+    "visTypeMetric.params.rangesTitle": "範囲",
+    "visTypeMetric.params.settingsTitle": "設定",
+    "visTypeMetric.params.showTitleLabel": "タイトルを表示",
+    "visTypeMetric.params.style.fontSizeLabel": "ポイント単位のメトリックフォントサイズ",
+    "visTypeMetric.params.style.styleTitle": "スタイル",
+    "visTypeMetric.schemas.metricTitle": "メトリック",
+    "visTypeMetric.schemas.splitGroupTitle": "グループを分割",
     "expressionMetricVis.function.dimension.splitGroup": "グループを分割",
     "expressionMetricVis.function.bgFill.help": "html 16 進数コード（#123456）、html 色（red、blue）、または rgba 値（rgba（255,255,255,1））。",
     "expressionMetricVis.function.bucket.help": "バケットディメンションの構成です。",
@@ -4923,16 +4933,6 @@
     "expressionMetricVis.function.showLabels.help": "メトリック値の下にラベルを表示します。",
     "expressionMetricVis.function.subText.help": "メトリックの下に表示するカスタムテキスト",
     "expressionMetricVis.function.useRanges.help": "有効な色範囲です。",
-    "visTypeMetric.metricDescription": "計算結果を単独の数字として表示します。",
-    "visTypeMetric.metricTitle": "メトリック",
-    "visTypeMetric.params.color.useForLabel": "使用する色",
-    "visTypeMetric.params.rangesTitle": "範囲",
-    "visTypeMetric.params.settingsTitle": "設定",
-    "visTypeMetric.params.showTitleLabel": "タイトルを表示",
-    "visTypeMetric.params.style.fontSizeLabel": "ポイント単位のメトリックフォントサイズ",
-    "visTypeMetric.params.style.styleTitle": "スタイル",
-    "visTypeMetric.schemas.metricTitle": "メトリック",
-    "visTypeMetric.schemas.splitGroupTitle": "グループを分割",
     "visTypePie.advancedSettings.visualization.legacyPieChartsLibrary.deprecation": "Visualizeの円グラフのレガシーグラフライブラリは廃止予定であり、8.0以降ではサポートされません。",
     "visTypePie.advancedSettings.visualization.legacyPieChartsLibrary.description": "Visualizeで円グラフのレガシーグラフライブラリを有効にします。",
     "visTypePie.advancedSettings.visualization.legacyPieChartsLibrary.name": "円グラフのレガシーグラフライブラリ",
@@ -10947,7 +10947,6 @@
     "xpack.fleet.preconfiguration.missingIDError": "{agentPolicyName}には「id」フィールドがありません。ポリシーのis_defaultまたはis_default_fleet_serverに設定されている場合をのぞき、「id」は必須です。",
     "xpack.fleet.preconfiguration.packageMissingError": "{agentPolicyName}を追加できませんでした。{pkgName}がインストールされていません。{pkgName}を`{packagesConfigValue}`に追加するか、{packagePolicyName}から削除してください。",
     "xpack.fleet.preconfiguration.policyDeleted": "構成済みのポリシー{id}が削除されました。作成をスキップしています",
-    "xpack.fleet.securityRequiredErrorMessage": "Fleet を使用するには、Kibana と Elasticsearch でセキュリティを有効にする必要があります。",
     "xpack.fleet.securityRequiredErrorTitle": "セキュリティが有効ではありません",
     "xpack.fleet.serverError.agentPolicyDoesNotExist": "エージェントポリシー{agentPolicyId}が存在しません",
     "xpack.fleet.serverError.enrollmentKeyDuplicate": "エージェントポリシーの{agentPolicyId}登録キー{providedKeyName}はすでに存在します",

diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
@@ -4953,6 +4953,16 @@
     "visTypeMetric.colorModes.backgroundOptionLabel": "背景",
     "visTypeMetric.colorModes.labelsOptionLabel": "标签",
     "visTypeMetric.colorModes.noneOptionLabel": "无",
+    "visTypeMetric.metricDescription": "将计算结果显示为单个数字。",
+    "visTypeMetric.metricTitle": "指标",
+    "visTypeMetric.params.color.useForLabel": "将颜色用于",
+    "visTypeMetric.params.rangesTitle": "范围",
+    "visTypeMetric.params.settingsTitle": "设置",
+    "visTypeMetric.params.showTitleLabel": "显示标题",
+    "visTypeMetric.params.style.fontSizeLabel": "指标字体大小（磅）",
+    "visTypeMetric.params.style.styleTitle": "样式",
+    "visTypeMetric.schemas.metricTitle": "指标",
+    "visTypeMetric.schemas.splitGroupTitle": "拆分组",
     "expressionMetricVis.function.dimension.splitGroup": "拆分组",
     "expressionMetricVis.function.bgFill.help": "将颜色表示为 html 十六进制代码 (#123456)、html 颜色（red、blue）或 rgba 值 (rgba(255,255,255,1))。",
     "expressionMetricVis.function.bucket.help": "存储桶维度配置",
@@ -4968,16 +4978,6 @@
     "expressionMetricVis.function.showLabels.help": "在指标值下显示标签。",
     "expressionMetricVis.function.subText.help": "要在指标下显示的定制文本",
     "expressionMetricVis.function.useRanges.help": "已启用颜色范围。",
-    "visTypeMetric.metricDescription": "将计算结果显示为单个数字。",
-    "visTypeMetric.metricTitle": "指标",
-    "visTypeMetric.params.color.useForLabel": "将颜色用于",
-    "visTypeMetric.params.rangesTitle": "范围",
-    "visTypeMetric.params.settingsTitle": "设置",
-    "visTypeMetric.params.showTitleLabel": "显示标题",
-    "visTypeMetric.params.style.fontSizeLabel": "指标字体大小（磅）",
-    "visTypeMetric.params.style.styleTitle": "样式",
-    "visTypeMetric.schemas.metricTitle": "指标",
-    "visTypeMetric.schemas.splitGroupTitle": "拆分组",
     "visTypePie.advancedSettings.visualization.legacyPieChartsLibrary.deprecation": "Visualize 中饼图的旧版图表库已弃用，自 8.0 后将不受支持。",
     "visTypePie.advancedSettings.visualization.legacyPieChartsLibrary.description": "在 Visualize 中启用饼图的旧版图表库。",
     "visTypePie.advancedSettings.visualization.legacyPieChartsLibrary.name": "饼图旧版图表库",
@@ -11061,7 +11061,6 @@
     "xpack.fleet.preconfiguration.missingIDError": "{agentPolicyName} 缺失 `id` 字段。`id` 是必需的，但标记为 is_default 或 is_default_fleet_server 的策略除外。",
     "xpack.fleet.preconfiguration.packageMissingError": "{agentPolicyName} 无法添加。{pkgName} 未安装，请将 {pkgName} 添加到 `{packagesConfigValue}` 或将其从 {packagePolicyName} 中移除。",
     "xpack.fleet.preconfiguration.policyDeleted": "预配置的策略 {id} 已删除；将跳过创建",
-    "xpack.fleet.securityRequiredErrorMessage": "必须在 Kibana 和 Elasticsearch 启用安全性，才能使用 Fleet。",
     "xpack.fleet.securityRequiredErrorTitle": "安全性未启用",
     "xpack.fleet.serverError.agentPolicyDoesNotExist": "代理策略 {agentPolicyId} 不存在",
     "xpack.fleet.serverError.enrollmentKeyDuplicate": "称作 {providedKeyName} 的注册密钥对于代理策略 {agentPolicyId} 已存在",