Skip to content

Commit

Permalink
[Security Solution] [Detections] Only display actions options if user…
Browse files Browse the repository at this point in the history
… has "read" privileges (#78812)

* adds new 'can_read_actions' property to privileges api

* only display rule actions piece if user has 'read' privileges for actions

* display dropdown with custom text telling user they do not have read privileges for actions

* fixes type error

* update tests

* utilize application capabilities instead of making a server request

* remove changes to route tests

* don't show form unless user has read permissions for actions, display text saying user is missing required privileges

* pr feedback: refactor logic for rendering form fields
  • Loading branch information
dhurley14 authored Oct 2, 2020
1 parent 511eb0f commit 43cf97e
Show file tree
Hide file tree
Showing 3 changed files with 68 additions and 27 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,14 @@ jest.mock('../../../../common/lib/kibana', () => ({
services: {
application: {
getUrlForApp: jest.fn(),
capabilities: {
siem: {
crud: true,
},
actions: {
read: true,
},
},
},
triggers_actions_ui: {
actionTypeRegistry: jest.fn(),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import {
EuiFlexItem,
EuiButton,
EuiSpacer,
EuiText,
} from '@elastic/eui';
import { findIndex } from 'lodash/fp';
import React, { FC, memo, useCallback, useEffect, useMemo } from 'react';
Expand Down Expand Up @@ -141,37 +142,61 @@ const StepRuleActionsComponent: FC<StepRuleActionsProps> = ({
[isLoading, throttleOptions]
);

return isReadOnlyView ? (
<StepContentWrapper addPadding={addPadding}>
<StepRuleDescription schema={schema} data={initialState} columns="single" />
</StepContentWrapper>
if (isReadOnlyView) {
return (
<StepContentWrapper addPadding={addPadding}>
<StepRuleDescription schema={schema} data={initialState} columns="single" />
</StepContentWrapper>
);
}

const displayActionsOptions =
throttle !== stepActionsDefaultValue.throttle ? (
<>
<EuiSpacer />
<UseField
path="actions"
component={RuleActionsField}
componentProps={{
messageVariables: actionMessageParams,
}}
/>
</>
) : (
<UseField path="actions" component={GhostFormField} />
);

// only display the actions dropdown if the user has "read" privileges for actions
const displayActionsDropDown = application.capabilities.actions.show ? (
<>
<UseField
path="throttle"
component={ThrottleSelectField}
componentProps={throttleFieldComponentProps}
/>
{displayActionsOptions}
<UseField path="kibanaSiemAppUrl" component={GhostFormField} />
<UseField path="enabled" component={GhostFormField} />
</>
) : (
<>
<EuiText>{I18n.NO_ACTIONS_READ_PERMISSIONS}</EuiText>
<UseField
path="throttle"
componentProps={throttleFieldComponentProps}
component={GhostFormField}
/>
<UseField path="actions" component={GhostFormField} />
<UseField path="kibanaSiemAppUrl" component={GhostFormField} />
<UseField path="enabled" component={GhostFormField} />
</>
);

return (
<>
<StepContentWrapper addPadding={!isUpdateView}>
<Form form={form} data-test-subj="stepRuleActions">
<EuiForm>
<UseField
path="throttle"
component={ThrottleSelectField}
componentProps={throttleFieldComponentProps}
/>
{throttle !== stepActionsDefaultValue.throttle ? (
<>
<EuiSpacer />
<UseField
path="actions"
component={RuleActionsField}
componentProps={{
messageVariables: actionMessageParams,
}}
/>
</>
) : (
<UseField path="actions" component={GhostFormField} />
)}
<UseField path="kibanaSiemAppUrl" component={GhostFormField} />
<UseField path="enabled" component={GhostFormField} />
</EuiForm>
<EuiForm>{displayActionsDropDown}</EuiForm>
</Form>
</StepContentWrapper>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,14 @@ export const NO_CONNECTOR_SELECTED = i18n.translate(
}
);

export const NO_ACTIONS_READ_PERMISSIONS = i18n.translate(
'xpack.securitySolution.detectionEngine.createRule.stepRuleActions.noReadActionsPrivileges',
{
defaultMessage:
'Cannot create rule actions. You do not have "Read" permissions for the "Actions" plugin.',
}
);

export const INVALID_MUSTACHE_TEMPLATE = (paramKey: string) =>
i18n.translate(
'xpack.securitySolution.detectionEngine.createRule.stepRuleActions.invalidMustacheTemplateErrorMessage',
Expand Down

0 comments on commit 43cf97e

Please sign in to comment.