[Inventory] Check permissions before registering the Inventory plugin…

… in observabilityShared navigation (elastic#195557)

## Summary

Fixes elastic#195360 and
elastic#195560

This PR fixes a bug where the Inventory plugin is improperly registered
in the ObservabilityShared navigation, even in spaces that lack the
required permissions or for user roles that don't have permissions. As a
result, the Inventory link appears in the navigation whenever the
space/user has access to any other Observability plugin.

### Space permissions
#### Before
|Space config|ObservabilityShared navigation|
|-|-|

|![Image](https://github.com/user-attachments/assets/53f51d01-faae-4795-b84b-da636a2e46d3)|![Image](https://github.com/user-attachments/assets/d6c98df5-6975-4e95-be24-7e53e6e1ee02)|

##### After
|Space config|ObservabilityShared navigation|
|-|-|
|![Screenshot 2024-10-09 at 11 47
34](https://github.com/user-attachments/assets/2f5be4c0-4f32-4103-b43a-059e435f730c)|![Screenshot
2024-10-09 at 11 47
12](https://github.com/user-attachments/assets/9dce6095-0a65-4c1d-973f-8a96c330fd08)|
|![Screenshot 2024-10-09 at 11 47
59](https://github.com/user-attachments/assets/f697e646-c034-41d8-b546-925ba4c9fb3a)|![Screenshot
2024-10-09 at 11 48
09](https://github.com/user-attachments/assets/200cf3d3-b7a3-4a42-84ec-48dcf563ad37)|

### User permissions

#### Before
|Role config|ObservabilityShared navigation|
|-|-|

|![Image](https://github.com/user-attachments/assets/74e52c43-0da9-4878-813d-049c1f9f2f83)|![Image](https://github.com/user-attachments/assets/4ffb48a9-81f0-48bd-9156-a98e3361c279)|

#### After
|Role config|ObservabilityShared navigation|
|-|-|

|![Image](https://github.com/user-attachments/assets/74e52c43-0da9-4878-813d-049c1f9f2f83)|<img
width="1266" alt="Screenshot 2024-10-09 at 12 52 48"
src="https://github.com/user-attachments/assets/5d21bbef-53ca-4d83-84b7-d471a12a40e3">|

(cherry picked from commit 7927ebf)

x-pack/plugins/observability_solution/inventory/.storybook/get_mock_inventory_context.tsx

@@ -13,6 +13,7 @@ import type { InferencePublicStart } from '@kbn/inference-plugin/public';
 import type { ObservabilitySharedPluginStart } from '@kbn/observability-shared-plugin/public';
 import type { UnifiedSearchPublicPluginStart } from '@kbn/unified-search-plugin/public';
 import type { SharePluginStart } from '@kbn/share-plugin/public';
+import type { SpacesPluginStart } from '@kbn/spaces-plugin/public';
 import type { InventoryKibanaContext } from '../public/hooks/use_kibana';
 import type { ITelemetryClient } from '../public/services/telemetry/types';
 
@@ -33,5 +34,6 @@ export function getMockInventoryContext(): InventoryKibanaContext {
       fetch: jest.fn(),
       stream: jest.fn(),
     },
+    spaces: {} as unknown as SpacesPluginStart,
   };
 }

x-pack/plugins/observability_solution/inventory/kibana.jsonc

@@ -19,7 +19,7 @@
       "share"
     ],
     "requiredBundles": ["kibanaReact"],
-    "optionalPlugins": [],
+    "optionalPlugins": ["spaces"],
     "extraPublicDirs": []
   }
 }

x-pack/plugins/observability_solution/inventory/public/plugin.ts

@@ -17,7 +17,7 @@ import {
 import { INVENTORY_APP_ID } from '@kbn/deeplinks-observability/constants';
 import { i18n } from '@kbn/i18n';
 import type { Logger } from '@kbn/logging';
-import { from, map } from 'rxjs';
+import { from, map, mergeMap, of } from 'rxjs';
 import { createCallInventoryAPI } from './api';
 import { TelemetryService } from './services/telemetry/telemetry_service';
 import { InventoryServices } from './services/types';
@@ -54,34 +54,53 @@ export class InventoryPlugin
       'observability:entityCentricExperience',
       true
     );
+    const getStartServices = coreSetup.getStartServices();
 
-    if (isEntityCentricExperienceSettingEnabled) {
-      pluginsSetup.observabilityShared.navigation.registerSections(
-        from(coreSetup.getStartServices()).pipe(
-          map(([coreStart, pluginsStart]) => {
-            return [
-              {
-                label: '',
-                sortKey: 300,
-                entries: [
-                  {
-                    label: i18n.translate('xpack.inventory.inventoryLinkTitle', {
-                      defaultMessage: 'Inventory',
-                    }),
-                    app: INVENTORY_APP_ID,
-                    path: '/',
-                    matchPath(currentPath: string) {
-                      return ['/', ''].some((testPath) => currentPath.startsWith(testPath));
-                    },
-                    isTechnicalPreview: true,
+    const hideInventory$ = from(getStartServices).pipe(
+      mergeMap(([coreStart, pluginsStart]) => {
+        if (pluginsStart.spaces) {
+          return from(pluginsStart.spaces.getActiveSpace()).pipe(
+            map(
+              (space) =>
+                space.disabledFeatures.includes(INVENTORY_APP_ID) ||
+                !coreStart.application.capabilities.inventory.show
+            )
+          );
+        }
+
+        return of(!coreStart.application.capabilities.inventory.show);
+      })
+    );
+
+    const sections$ = hideInventory$.pipe(
+      map((hideInventory) => {
+        if (isEntityCentricExperienceSettingEnabled && !hideInventory) {
+          return [
+            {
+              label: '',
+              sortKey: 300,
+              entries: [
+                {
+                  label: i18n.translate('xpack.inventory.inventoryLinkTitle', {
+                    defaultMessage: 'Inventory',
+                  }),
+                  app: INVENTORY_APP_ID,
+                  path: '/',
+                  matchPath(currentPath: string) {
+                    return ['/', ''].some((testPath) => currentPath.startsWith(testPath));
                   },
-                ],
-              },
-            ];
-          })
-        )
-      );
-    }
+                  isTechnicalPreview: true,
+                },
+              ],
+            },
+          ];
+        }
+        return [];
+      })
+    );
+
+    pluginsSetup.observabilityShared.navigation.registerSections(sections$);
+
     this.telemetry.setup({ analytics: coreSetup.analytics });
     const telemetry = this.telemetry.start();
 
@@ -102,7 +121,7 @@ export class InventoryPlugin
         // Load application bundle and Get start services
         const [{ renderApp }, [coreStart, pluginsStart]] = await Promise.all([
           import('./application'),
-          coreSetup.getStartServices(),
+          getStartServices,
         ]);
 
         const services: InventoryServices = {

x-pack/plugins/observability_solution/inventory/public/types.ts

@@ -17,6 +17,7 @@ import type { SharePluginSetup, SharePluginStart } from '@kbn/share-plugin/publi
 import type { UnifiedSearchPublicPluginStart } from '@kbn/unified-search-plugin/public';
 import type { DataViewsPublicPluginStart } from '@kbn/data-views-plugin/public';
 import type { DataPublicPluginSetup, DataPublicPluginStart } from '@kbn/data-plugin/public';
+import type { SpacesPluginStart } from '@kbn/spaces-plugin/public';
 
 /* eslint-disable @typescript-eslint/no-empty-interface*/
 
@@ -38,6 +39,7 @@ export interface InventoryStartDependencies {
   data: DataPublicPluginStart;
   entityManager: EntityManagerPublicPluginStart;
   share: SharePluginStart;
+  spaces?: SpacesPluginStart;
 }
 
 export interface InventoryPublicSetup {}

x-pack/plugins/observability_solution/inventory/tsconfig.json

@@ -45,6 +45,7 @@
     "@kbn/config-schema",
     "@kbn/elastic-agent-utils",
     "@kbn/custom-icons",
-    "@kbn/ui-theme"
+    "@kbn/ui-theme",
+    "@kbn/spaces-plugin"
   ]
 }