[Fix] Wrong permissions on edit CDB

[gabiwassan]

Hi team,

This PR resolves:

• Wrong permissions on edit CDB List with Cluster and Manager context configuration server.
• Added action to get context server and status.
• Context server is dynamically added to the CDBList edit button, add new, and delete.
  Note: Policy cluster:status is necessary to get configuration context manager or cluster

Issue #2657

[jsanchez91]

I have conducted tests with these users and roles using X-Pack Security:

• elastic: administrator
• test_user: readonly, cluster_readonly

This is the result I have obtained in both tests

[gabiwassan]

I have conducted tests with these users and roles using X-Pack Security:

• elastic: administrator
• test_user: readonly, cluster_readonly

This is the result I have obtained in both tests

Thanks, I'm checking it right now.

[frankeros]

Hi @gabiwassan

Testing this branch I found this bug when you set these policies to the role

You're able to see all files but trying to access one of them throw this error

The same error occurs

---

---

With these policies

when you try to add new lists

It requires a specific path (I'm not sure if it is a bug)

[Desvelao]

Should it be the section variable instead this.props.msg? I checked the code and didn't found where it is coming from.

[Desvelao]

Should it be the section variable instead this.props.msg? I checked the code and didn't found where it is coming from.

[Desvelao]

I tested the PR and found the next problem:

• Logged with deafult admin user in Open Distro, I foudn this problem in the Management/Rules section:
  

[Desvelao]

I don't think we need check the permissions here, allowing edit/remove items of the list.

I think only the Save button is enough to do the validation to upload the file.

I found a problem using the default admin user that has the default administrator role. The Save button is disabled because the required resource is not included in the action that has this role.

Maybe modify the resource to node:id:* (Although the file should really have to be uploaded to the master node of the cluster, i mean the resource should be node:id:<master_node_id> instead node:id:* to be more exactly)

[frankeros]

Testing the new commits I found these two bugs

• When the user has permissions to a specific file and permissions to upload_file
  
  and try to save a new list file gets this error
  
  but the new item is created anyway

• When the user (any with access to this action) tries to export a list detail, gets this error
  

code: 3034
message: "3034 - An error occurred fetching data from the Wazuh API : Extra query parameter(s) path not in spec"
statusCode: 500

[frankeros]

great job @gabiwassan!! 👏 👏

[gabiwassan]

Testing the new commits I found these two bugs

• When the user has permissions to a specific file and permissions to upload_file
  
  and try to save a new list file gets this error
  
  but the new item is created anyway
• When the user (any with access to this action) tries to export a list detail, gets this error
  

code: 3034
message: "3034 - An error occurred fetching data from the Wazuh API : Extra query parameter(s) path not in spec"
statusCode: 500

The following issue was created #2692 for error 500

[Desvelao]

LGTM