From 5132e9e4a6874b2034c57d2fc91241e9e411eeb2 Mon Sep 17 00:00:00 2001
From: Kevin Logan <56395104+kevinlog@users.noreply.github.com>
Date: Mon, 3 Jul 2023 12:53:46 -0400
Subject: [PATCH] [Security Solution] Update session viewer Policy permissions
 to use Policy specific check (#160448)

## Summary

This PR updates the session viewer code to use the
`canReadPolicyManagement ` permission as opposed to
`canAccessEndpointManagement`. This is because
`canAccessEndpointManagement` requires super user permissions while
`canReadPolicyManagement` which is a more specific permission.

### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
(cherry picked from commit 6a9e8d422cc1e27089615429152b175f075790a7)
---
 .../session_tab_content/use_session_view.test.tsx      |  2 +-
 .../timeline/session_tab_content/use_session_view.tsx  |  6 +++---
 .../public/components/session_view/index.tsx           |  4 ++--
 .../public/components/tty_player/index.test.tsx        |  4 +---
 .../public/components/tty_player/index.tsx             | 10 ++++------
 x-pack/plugins/session_view/public/types.ts            |  2 +-
 6 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.test.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.test.tsx
index 805cb5bf03e8ed..6cf0474ead6dfe 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.test.tsx
+++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.test.tsx
@@ -158,7 +158,7 @@ describe('useSessionView with active timeline and a session id and graph event i
       height: 1000,
       sessionEntityId: 'test',
       loadAlertDetails: mockOpenDetailFn,
-      canAccessEndpointManagement: false,
+      canReadPolicyManagement: false,
     });
   });
 
diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.tsx
index d2d6a82895be90..e16ac4ee9b7fdd 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.tsx
+++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/session_tab_content/use_session_view.tsx
@@ -264,7 +264,7 @@ export const useSessionView = ({
   }, [scopeId]);
   const { globalFullScreen } = useGlobalFullScreen();
   const { timelineFullScreen } = useTimelineFullScreen();
-  const { canAccessEndpointManagement } = useUserPrivileges().endpointPrivileges;
+  const { canReadPolicyManagement } = useUserPrivileges().endpointPrivileges;
 
   const defaults = isTimelineScope(scopeId) ? timelineDefaults : tableDefaults;
   const { sessionViewConfig, activeTab } = useDeepEqualSelector((state) => ({
@@ -309,7 +309,7 @@ export const useSessionView = ({
           loadAlertDetails: openEventDetailsPanel,
           isFullScreen: fullScreen,
           height: heightMinusSearchBar,
-          canAccessEndpointManagement,
+          canReadPolicyManagement,
         })
       : null;
   }, [
@@ -318,7 +318,7 @@ export const useSessionView = ({
     sessionView,
     openEventDetailsPanel,
     fullScreen,
-    canAccessEndpointManagement,
+    canReadPolicyManagement,
   ]);
 
   return {
diff --git a/x-pack/plugins/session_view/public/components/session_view/index.tsx b/x-pack/plugins/session_view/public/components/session_view/index.tsx
index ee4bbb40891e8f..42c16c40baf5cb 100644
--- a/x-pack/plugins/session_view/public/components/session_view/index.tsx
+++ b/x-pack/plugins/session_view/public/components/session_view/index.tsx
@@ -51,7 +51,7 @@ export const SessionView = ({
   jumpToCursor,
   investigatedAlertId,
   loadAlertDetails,
-  canAccessEndpointManagement,
+  canReadPolicyManagement,
 }: SessionViewDeps) => {
   // don't engage jumpTo if jumping to session leader.
   if (jumpToEntityId === sessionEntityId) {
@@ -435,7 +435,7 @@ export const SessionView = ({
         isFullscreen={isFullScreen}
         onJumpToEvent={onJumpToEvent}
         autoSeekToEntityId={currentJumpToOutputEntityId}
-        canAccessEndpointManagement={canAccessEndpointManagement}
+        canReadPolicyManagement={canReadPolicyManagement}
       />
     </div>
   );
diff --git a/x-pack/plugins/session_view/public/components/tty_player/index.test.tsx b/x-pack/plugins/session_view/public/components/tty_player/index.test.tsx
index a3a17380c8fc97..42be993d39d1d4 100644
--- a/x-pack/plugins/session_view/public/components/tty_player/index.test.tsx
+++ b/x-pack/plugins/session_view/public/components/tty_player/index.test.tsx
@@ -107,9 +107,7 @@ describe('TTYPlayer component', () => {
     });
 
     it('renders a message warning when max_bytes exceeded with link to policies page', async () => {
-      renderResult = mockedContext.render(
-        <TTYPlayer {...props} canAccessEndpointManagement={true} />
-      );
+      renderResult = mockedContext.render(<TTYPlayer {...props} canReadPolicyManagement={true} />);
 
       await waitForApiCall();
       await new Promise((r) => setTimeout(r, 10));
diff --git a/x-pack/plugins/session_view/public/components/tty_player/index.tsx b/x-pack/plugins/session_view/public/components/tty_player/index.tsx
index 36d685371e0234..aa85f4bd794c0b 100644
--- a/x-pack/plugins/session_view/public/components/tty_player/index.tsx
+++ b/x-pack/plugins/session_view/public/components/tty_player/index.tsx
@@ -41,7 +41,7 @@ export interface TTYPlayerDeps {
   isFullscreen: boolean;
   onJumpToEvent(event: ProcessEvent): void;
   autoSeekToEntityId?: string;
-  canAccessEndpointManagement?: boolean;
+  canReadPolicyManagement?: boolean;
 }
 
 export const TTYPlayer = ({
@@ -53,7 +53,7 @@ export const TTYPlayer = ({
   isFullscreen,
   onJumpToEvent,
   autoSeekToEntityId,
-  canAccessEndpointManagement,
+  canReadPolicyManagement,
 }: TTYPlayerDeps) => {
   const ref = useRef<HTMLDivElement>(null);
   const { ref: scrollRef, height: containerHeight = 1 } = useResizeObserver<HTMLDivElement>({});
@@ -71,10 +71,8 @@ export const TTYPlayer = ({
   const { getUrlForApp } = useKibana<CoreStart>().services.application;
   const policiesUrl = useMemo(
     () =>
-      canAccessEndpointManagement
-        ? getUrlForApp(SECURITY_APP_ID, { path: POLICIES_PAGE_PATH })
-        : '',
-    [canAccessEndpointManagement, getUrlForApp]
+      canReadPolicyManagement ? getUrlForApp(SECURITY_APP_ID, { path: POLICIES_PAGE_PATH }) : '',
+    [canReadPolicyManagement, getUrlForApp]
   );
 
   const { search, currentLine, seekToLine } = useXtermPlayer({
diff --git a/x-pack/plugins/session_view/public/types.ts b/x-pack/plugins/session_view/public/types.ts
index 3783abdfd2e8b4..846d3baaa86efb 100644
--- a/x-pack/plugins/session_view/public/types.ts
+++ b/x-pack/plugins/session_view/public/types.ts
@@ -34,7 +34,7 @@ export interface SessionViewDeps {
     // Callback used when alert flyout panel is closed
     handleOnAlertDetailsClosed: () => void
   ) => void;
-  canAccessEndpointManagement?: boolean;
+  canReadPolicyManagement?: boolean;
 }
 
 export interface EuiTabProps {