From ea559200e1de28a2507186fd915629dca3a7ea1c Mon Sep 17 00:00:00 2001
From: Kevin Logan <56395104+kevinlog@users.noreply.github.com>
Date: Mon, 3 Jul 2023 12:53:46 -0400
Subject: [PATCH] [Security Solution] Update session viewer Policy permissions
to use Policy specific check (#160448)
## Summary
This PR updates the session viewer code to use the
`canReadPolicyManagement ` permission as opposed to
`canAccessEndpointManagement`. This is because
`canAccessEndpointManagement` requires super user permissions while
`canReadPolicyManagement` which is a more specific permission.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
---
.../session_tab_content/use_session_view.test.tsx | 2 +-
.../timeline/session_tab_content/use_session_view.tsx | 6 +++---
.../public/components/session_view/index.tsx | 4 ++--
.../public/components/tty_player/index.test.tsx | 4 +---
.../public/components/tty_player/index.tsx | 10 ++++------
x-pack/plugins/session_view/public/types.ts | 2 +-
6 files changed, 12 insertions(+), 16 deletions(-)
diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.test.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.test.tsx
index 805cb5bf03e8ed3..6cf0474ead6dfe2 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.test.tsx
+++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.test.tsx
@@ -158,7 +158,7 @@ describe('useSessionView with active timeline and a session id and graph event i
height: 1000,
sessionEntityId: 'test',
loadAlertDetails: mockOpenDetailFn,
- canAccessEndpointManagement: false,
+ canReadPolicyManagement: false,
});
});
diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.tsx
index d2d6a82895be903..e16ac4ee9b7fdd7 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.tsx
+++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.tsx
@@ -264,7 +264,7 @@ export const useSessionView = ({
}, [scopeId]);
const { globalFullScreen } = useGlobalFullScreen();
const { timelineFullScreen } = useTimelineFullScreen();
- const { canAccessEndpointManagement } = useUserPrivileges().endpointPrivileges;
+ const { canReadPolicyManagement } = useUserPrivileges().endpointPrivileges;
const defaults = isTimelineScope(scopeId) ? timelineDefaults : tableDefaults;
const { sessionViewConfig, activeTab } = useDeepEqualSelector((state) => ({
@@ -309,7 +309,7 @@ export const useSessionView = ({
loadAlertDetails: openEventDetailsPanel,
isFullScreen: fullScreen,
height: heightMinusSearchBar,
- canAccessEndpointManagement,
+ canReadPolicyManagement,
})
: null;
}, [
@@ -318,7 +318,7 @@ export const useSessionView = ({
sessionView,
openEventDetailsPanel,
fullScreen,
- canAccessEndpointManagement,
+ canReadPolicyManagement,
]);
return {
diff --git a/x-pack/plugins/session_view/public/components/session_view/index.tsx b/x-pack/plugins/session_view/public/components/session_view/index.tsx
index ee4bbb40891e8f4..42c16c40baf5cb9 100644
--- a/x-pack/plugins/session_view/public/components/session_view/index.tsx
+++ b/x-pack/plugins/session_view/public/components/session_view/index.tsx
@@ -51,7 +51,7 @@ export const SessionView = ({
jumpToCursor,
investigatedAlertId,
loadAlertDetails,
- canAccessEndpointManagement,
+ canReadPolicyManagement,
}: SessionViewDeps) => {
// don't engage jumpTo if jumping to session leader.
if (jumpToEntityId === sessionEntityId) {
@@ -435,7 +435,7 @@ export const SessionView = ({
isFullscreen={isFullScreen}
onJumpToEvent={onJumpToEvent}
autoSeekToEntityId={currentJumpToOutputEntityId}
- canAccessEndpointManagement={canAccessEndpointManagement}
+ canReadPolicyManagement={canReadPolicyManagement}
/>
);
diff --git a/x-pack/plugins/session_view/public/components/tty_player/index.test.tsx b/x-pack/plugins/session_view/public/components/tty_player/index.test.tsx
index a3a17380c8fc971..42be993d39d1d4e 100644
--- a/x-pack/plugins/session_view/public/components/tty_player/index.test.tsx
+++ b/x-pack/plugins/session_view/public/components/tty_player/index.test.tsx
@@ -107,9 +107,7 @@ describe('TTYPlayer component', () => {
});
it('renders a message warning when max_bytes exceeded with link to policies page', async () => {
- renderResult = mockedContext.render(
-
- );
+ renderResult = mockedContext.render();
await waitForApiCall();
await new Promise((r) => setTimeout(r, 10));
diff --git a/x-pack/plugins/session_view/public/components/tty_player/index.tsx b/x-pack/plugins/session_view/public/components/tty_player/index.tsx
index 36d685371e02340..aa85f4bd794c0b9 100644
--- a/x-pack/plugins/session_view/public/components/tty_player/index.tsx
+++ b/x-pack/plugins/session_view/public/components/tty_player/index.tsx
@@ -41,7 +41,7 @@ export interface TTYPlayerDeps {
isFullscreen: boolean;
onJumpToEvent(event: ProcessEvent): void;
autoSeekToEntityId?: string;
- canAccessEndpointManagement?: boolean;
+ canReadPolicyManagement?: boolean;
}
export const TTYPlayer = ({
@@ -53,7 +53,7 @@ export const TTYPlayer = ({
isFullscreen,
onJumpToEvent,
autoSeekToEntityId,
- canAccessEndpointManagement,
+ canReadPolicyManagement,
}: TTYPlayerDeps) => {
const ref = useRef(null);
const { ref: scrollRef, height: containerHeight = 1 } = useResizeObserver({});
@@ -71,10 +71,8 @@ export const TTYPlayer = ({
const { getUrlForApp } = useKibana().services.application;
const policiesUrl = useMemo(
() =>
- canAccessEndpointManagement
- ? getUrlForApp(SECURITY_APP_ID, { path: POLICIES_PAGE_PATH })
- : '',
- [canAccessEndpointManagement, getUrlForApp]
+ canReadPolicyManagement ? getUrlForApp(SECURITY_APP_ID, { path: POLICIES_PAGE_PATH }) : '',
+ [canReadPolicyManagement, getUrlForApp]
);
const { search, currentLine, seekToLine } = useXtermPlayer({
diff --git a/x-pack/plugins/session_view/public/types.ts b/x-pack/plugins/session_view/public/types.ts
index 3783abdfd2e8b44..846d3baaa86efbf 100644
--- a/x-pack/plugins/session_view/public/types.ts
+++ b/x-pack/plugins/session_view/public/types.ts
@@ -34,7 +34,7 @@ export interface SessionViewDeps {
// Callback used when alert flyout panel is closed
handleOnAlertDetailsClosed: () => void
) => void;
- canAccessEndpointManagement?: boolean;
+ canReadPolicyManagement?: boolean;
}
export interface EuiTabProps {