diff --git a/x-pack/solutions/security/packages/features/privileges.ts b/x-pack/solutions/security/packages/features/privileges.ts deleted file mode 100644 index 5cfe7b2d58d3b..0000000000000 --- a/x-pack/solutions/security/packages/features/privileges.ts +++ /dev/null @@ -1,10 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -export { - ProductFeaturesPrivilegeId, - ProductFeaturesPrivileges, -} from './src/product_features_privileges'; diff --git a/x-pack/solutions/security/packages/features/src/product_features_privileges.ts b/x-pack/solutions/security/packages/features/src/product_features_privileges.ts deleted file mode 100644 index 22b4e858e4a55..0000000000000 --- a/x-pack/solutions/security/packages/features/src/product_features_privileges.ts +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { APP_ID } from './constants'; - -export enum ProductFeaturesPrivilegeId { - endpointExceptions = 'endpoint_exceptions', -} - -/** - * This is the mapping of the privileges that are registered - * using a different Kibana feature configuration (sub-feature, main feature privilege, etc) - * in each offering type (ess, serverless) - */ -export const ProductFeaturesPrivileges = { - [ProductFeaturesPrivilegeId.endpointExceptions]: { - all: { - ui: ['showEndpointExceptions', 'crudEndpointExceptions'], - api: [`${APP_ID}-showEndpointExceptions`, `${APP_ID}-crudEndpointExceptions`], - }, - read: { - ui: ['showEndpointExceptions'], - api: [`${APP_ID}-showEndpointExceptions`], - }, - }, -}; diff --git a/x-pack/solutions/security/packages/features/src/security/product_feature_config.ts b/x-pack/solutions/security/packages/features/src/security/product_feature_config.ts index be72dcdbf9df8..58b966f7e9693 100644 --- a/x-pack/solutions/security/packages/features/src/security/product_feature_config.ts +++ b/x-pack/solutions/security/packages/features/src/security/product_feature_config.ts @@ -66,6 +66,10 @@ export const securityDefaultProductFeaturesConfig: DefaultSecurityProductFeature }, }, + [ProductFeatureSecurityKey.endpointExceptions]: { + subFeatureIds: [SecuritySubFeatureId.endpointExceptions], + }, + [ProductFeatureSecurityKey.endpointHostManagement]: { subFeatureIds: [SecuritySubFeatureId.endpointList], }, diff --git a/x-pack/solutions/security/packages/features/src/security/types.ts b/x-pack/solutions/security/packages/features/src/security/types.ts index dda61b6e86b9a..363ecd91a0e4c 100644 --- a/x-pack/solutions/security/packages/features/src/security/types.ts +++ b/x-pack/solutions/security/packages/features/src/security/types.ts @@ -20,8 +20,7 @@ export interface SecurityFeatureParams { savedObjects: string[]; } -export type DefaultSecurityProductFeaturesConfig = Omit< - Record>, - ProductFeatureSecurityKey.endpointExceptions - // | add not generic security app features here +export type DefaultSecurityProductFeaturesConfig = Record< + ProductFeatureSecurityKey, + ProductFeatureKibanaConfig >; diff --git a/x-pack/solutions/security/packages/features/src/security/v1_features/kibana_features.ts b/x-pack/solutions/security/packages/features/src/security/v1_features/kibana_features.ts index 84a2f71bb32ab..b5c5920db0c33 100644 --- a/x-pack/solutions/security/packages/features/src/security/v1_features/kibana_features.ts +++ b/x-pack/solutions/security/packages/features/src/security/v1_features/kibana_features.ts @@ -99,7 +99,10 @@ export const getSecurityBaseKibanaFeature = ({ minimal: [ { feature: TIMELINE_FEATURE_ID, privileges: ['all'] }, { feature: NOTES_FEATURE_ID, privileges: ['all'] }, - { feature: SECURITY_FEATURE_ID_V2, privileges: ['minimal_all'] }, + { + feature: SECURITY_FEATURE_ID_V2, + privileges: ['minimal_all', 'endpoint_exceptions_all'], + }, ], }, app: [APP_ID, CLOUD_POSTURE_APP_ID, CLOUD_DEFEND_APP_ID, 'kibana'], @@ -146,7 +149,10 @@ export const getSecurityBaseKibanaFeature = ({ minimal: [ { feature: TIMELINE_FEATURE_ID, privileges: ['read'] }, { feature: NOTES_FEATURE_ID, privileges: ['read'] }, - { feature: SECURITY_FEATURE_ID_V2, privileges: ['minimal_read'] }, + { + feature: SECURITY_FEATURE_ID_V2, + privileges: ['minimal_read', 'endpoint_exceptions_read'], + }, ], }, app: [APP_ID, CLOUD_POSTURE_APP_ID, CLOUD_DEFEND_APP_ID, 'kibana'], diff --git a/x-pack/solutions/security/packages/features/src/security/v1_features/kibana_sub_features.ts b/x-pack/solutions/security/packages/features/src/security/v1_features/kibana_sub_features.ts index 8d3c9b4a36a2c..b0d39efe7da6c 100644 --- a/x-pack/solutions/security/packages/features/src/security/v1_features/kibana_sub_features.ts +++ b/x-pack/solutions/security/packages/features/src/security/v1_features/kibana_sub_features.ts @@ -8,10 +8,6 @@ import { i18n } from '@kbn/i18n'; import type { SubFeatureConfig } from '@kbn/features-plugin/common'; import { EXCEPTION_LIST_NAMESPACE_AGNOSTIC } from '@kbn/securitysolution-list-constants'; -import { - ProductFeaturesPrivilegeId, - ProductFeaturesPrivileges, -} from '../../product_features_privileges'; import { SecuritySubFeatureId } from '../../product_features_keys'; import { APP_ID, SECURITY_FEATURE_ID_V2 } from '../../constants'; @@ -645,7 +641,7 @@ const endpointExceptionsSubFeature = (): SubFeatureConfig => ({ description: i18n.translate( 'securitySolutionPackages.features.featureRegistry.subFeatures.endpointExceptions.description', { - defaultMessage: 'Use Endpoint Exceptions (this is a test sub-feature).', + defaultMessage: 'Use Endpoint Exceptions.', } ), privilegeGroups: [ @@ -663,7 +659,8 @@ const endpointExceptionsSubFeature = (): SubFeatureConfig => ({ all: [], read: [], }, - ...ProductFeaturesPrivileges[ProductFeaturesPrivilegeId.endpointExceptions].all, + api: [`${APP_ID}-showEndpointExceptions`, `${APP_ID}-crudEndpointExceptions`], + ui: ['showEndpointExceptions', 'crudEndpointExceptions'], }, { replacedBy: [ @@ -676,7 +673,8 @@ const endpointExceptionsSubFeature = (): SubFeatureConfig => ({ all: [], read: [], }, - ...ProductFeaturesPrivileges[ProductFeaturesPrivilegeId.endpointExceptions].read, + api: [`${APP_ID}-showEndpointExceptions`], + ui: ['showEndpointExceptions'], }, ], }, diff --git a/x-pack/solutions/security/packages/features/src/security/v2_features/kibana_sub_features.ts b/x-pack/solutions/security/packages/features/src/security/v2_features/kibana_sub_features.ts index d4a20c92bc74c..324af3b5ba140 100644 --- a/x-pack/solutions/security/packages/features/src/security/v2_features/kibana_sub_features.ts +++ b/x-pack/solutions/security/packages/features/src/security/v2_features/kibana_sub_features.ts @@ -8,10 +8,6 @@ import { i18n } from '@kbn/i18n'; import type { SubFeatureConfig } from '@kbn/features-plugin/common'; import { EXCEPTION_LIST_NAMESPACE_AGNOSTIC } from '@kbn/securitysolution-list-constants'; -import { - ProductFeaturesPrivilegeId, - ProductFeaturesPrivileges, -} from '../../product_features_privileges'; import { SecuritySubFeatureId } from '../../product_features_keys'; import { APP_ID } from '../../constants'; @@ -665,7 +661,7 @@ const endpointExceptionsSubFeature = (): SubFeatureConfig => ({ description: i18n.translate( 'securitySolutionPackages.features.featureRegistry.subFeatures.endpointExceptions.description', { - defaultMessage: 'Use Endpoint Exceptions (this is a test sub-feature).', + defaultMessage: 'Use Endpoint Exceptions.', } ), privilegeGroups: [ @@ -680,7 +676,8 @@ const endpointExceptionsSubFeature = (): SubFeatureConfig => ({ all: [], read: [], }, - ...ProductFeaturesPrivileges[ProductFeaturesPrivilegeId.endpointExceptions].all, + api: [`${APP_ID}-showEndpointExceptions`, `${APP_ID}-crudEndpointExceptions`], + ui: ['showEndpointExceptions', 'crudEndpointExceptions'], }, { id: 'endpoint_exceptions_read', @@ -690,7 +687,8 @@ const endpointExceptionsSubFeature = (): SubFeatureConfig => ({ all: [], read: [], }, - ...ProductFeaturesPrivileges[ProductFeaturesPrivilegeId.endpointExceptions].read, + api: [`${APP_ID}-showEndpointExceptions`], + ui: ['showEndpointExceptions'], }, ], }, @@ -723,11 +721,11 @@ export const getSecurityV2SubFeaturesMap = ({ }; const securitySubFeaturesList: Array<[SecuritySubFeatureId, SubFeatureConfig]> = [ - [SecuritySubFeatureId.endpointList, enableSpaceAwarenessIfNeeded(endpointListSubFeature())], [ SecuritySubFeatureId.endpointExceptions, enableSpaceAwarenessIfNeeded(endpointExceptionsSubFeature()), ], + [SecuritySubFeatureId.endpointList, enableSpaceAwarenessIfNeeded(endpointListSubFeature())], [ SecuritySubFeatureId.trustedApplications, enableSpaceAwarenessIfNeeded(trustedApplicationsSubFeature()), diff --git a/x-pack/solutions/security/plugins/security_solution_ess/server/product_features/security_product_features_config.ts b/x-pack/solutions/security/plugins/security_solution_ess/server/product_features/security_product_features_config.ts index 0cec48bda5e44..d4a40308417c8 100644 --- a/x-pack/solutions/security/plugins/security_solution_ess/server/product_features/security_product_features_config.ts +++ b/x-pack/solutions/security/plugins/security_solution_ess/server/product_features/security_product_features_config.ts @@ -9,18 +9,12 @@ import type { ProductFeatureKibanaConfig, ProductFeaturesSecurityConfig, } from '@kbn/security-solution-features'; -import { - ProductFeatureSecurityKey, - type SecuritySubFeatureId, -} from '@kbn/security-solution-features/keys'; +import type { ProductFeatureSecurityKey } from '@kbn/security-solution-features/keys'; +import { type SecuritySubFeatureId } from '@kbn/security-solution-features/keys'; import { securityDefaultProductFeaturesConfig, createEnabledProductFeaturesConfigMap, } from '@kbn/security-solution-features/config'; -import { - ProductFeaturesPrivilegeId, - ProductFeaturesPrivileges, -} from '@kbn/security-solution-features/privileges'; export const getSecurityProductFeaturesConfigurator = (enabledProductFeatureKeys: ProductFeatureKeys) => (): ProductFeaturesSecurityConfig => { @@ -44,7 +38,4 @@ const securityProductFeaturesConfig: Record< ProductFeatureKibanaConfig > = { ...securityDefaultProductFeaturesConfig, - [ProductFeatureSecurityKey.endpointExceptions]: { - privileges: ProductFeaturesPrivileges[ProductFeaturesPrivilegeId.endpointExceptions], - }, }; diff --git a/x-pack/solutions/security/plugins/security_solution_serverless/server/product_features/security_product_features_config.ts b/x-pack/solutions/security/plugins/security_solution_serverless/server/product_features/security_product_features_config.ts index caec038374c23..97dc13dc4f965 100644 --- a/x-pack/solutions/security/plugins/security_solution_serverless/server/product_features/security_product_features_config.ts +++ b/x-pack/solutions/security/plugins/security_solution_serverless/server/product_features/security_product_features_config.ts @@ -13,7 +13,7 @@ import { securityDefaultProductFeaturesConfig, createEnabledProductFeaturesConfigMap, } from '@kbn/security-solution-features/config'; -import { +import type { ProductFeatureSecurityKey, SecuritySubFeatureId, } from '@kbn/security-solution-features/keys'; @@ -45,7 +45,4 @@ const securityProductFeaturesConfig: Record< ProductFeatureKibanaConfig > = { ...securityDefaultProductFeaturesConfig, - [ProductFeatureSecurityKey.endpointExceptions]: { - subFeatureIds: [SecuritySubFeatureId.endpointExceptions], - }, };