Skip to content

Commit

Permalink
Revert "[Security Solutions] Add PLI authorisation for Cases Connector (
Browse files Browse the repository at this point in the history
#161343)"

This reverts commit aa42bcc.
  • Loading branch information
mistic committed Aug 7, 2023
1 parent 0fba094 commit c4557dd
Show file tree
Hide file tree
Showing 41 changed files with 96 additions and 478 deletions.
6 changes: 0 additions & 6 deletions x-pack/plugins/cases/common/constants/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,6 @@ export const READ_CASES_CAPABILITY = 'read_cases' as const;
export const UPDATE_CASES_CAPABILITY = 'update_cases' as const;
export const DELETE_CASES_CAPABILITY = 'delete_cases' as const;
export const PUSH_CASES_CAPABILITY = 'push_cases' as const;
export const CASES_CONNECTORS_CAPABILITY = 'cases_connectors' as const;

/**
* Cases API Tags
Expand All @@ -174,11 +173,6 @@ export const SUGGEST_USER_PROFILES_API_TAG = 'casesSuggestUserProfiles';
*/
export const BULK_GET_USER_PROFILES_API_TAG = 'bulkGetUserProfiles';

/**
* This tag is registered for the connectors (configure) get API
*/
export const GET_CONNECTORS_CONFIGURE_API_TAG = 'casesGetConnectorsConfigure';

/**
* User profiles
*/
Expand Down
5 changes: 1 addition & 4 deletions x-pack/plugins/cases/common/ui/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,7 @@ import type {
READ_CASES_CAPABILITY,
UPDATE_CASES_CAPABILITY,
} from '..';
import type { CaseMetricsFeature, CasesMetricsResponse, SingleCaseMetricsResponse } from '../api';
import type { CASES_CONNECTORS_CAPABILITY, PUSH_CASES_CAPABILITY } from '../constants';
import type { PUSH_CASES_CAPABILITY } from '../constants';
import type { SnakeToCamelCase } from '../types';
import type {
CaseSeverity,
Expand Down Expand Up @@ -286,7 +285,6 @@ export interface CasesPermissions {
update: boolean;
delete: boolean;
push: boolean;
connectors: boolean;
}

export interface CasesCapabilities {
Expand All @@ -295,5 +293,4 @@ export interface CasesCapabilities {
[UPDATE_CASES_CAPABILITY]: boolean;
[DELETE_CASES_CAPABILITY]: boolean;
[PUSH_CASES_CAPABILITY]: boolean;
[CASES_CONNECTORS_CAPABILITY]: boolean;
}

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 3 additions & 18 deletions x-pack/plugins/cases/common/utils/api_tags.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,7 @@
* 2.0.
*/

import {
BULK_GET_USER_PROFILES_API_TAG,
GET_CONNECTORS_CONFIGURE_API_TAG,
SUGGEST_USER_PROFILES_API_TAG,
} from '../constants';
import { BULK_GET_USER_PROFILES_API_TAG, SUGGEST_USER_PROFILES_API_TAG } from '../constants';
import { HttpApiTagOperation } from '../constants/types';
import type { Owner } from '../constants/types';
import { constructFilesHttpOperationTag } from '../files';
Expand All @@ -20,19 +16,8 @@ export const getApiTags = (owner: Owner) => {
const read = constructFilesHttpOperationTag(owner, HttpApiTagOperation.Read);

return {
all: [
SUGGEST_USER_PROFILES_API_TAG,
BULK_GET_USER_PROFILES_API_TAG,
GET_CONNECTORS_CONFIGURE_API_TAG,
create,
read,
] as const,
read: [
SUGGEST_USER_PROFILES_API_TAG,
BULK_GET_USER_PROFILES_API_TAG,
GET_CONNECTORS_CONFIGURE_API_TAG,
read,
] as const,
all: [SUGGEST_USER_PROFILES_API_TAG, BULK_GET_USER_PROFILES_API_TAG, create, read] as const,
read: [SUGGEST_USER_PROFILES_API_TAG, BULK_GET_USER_PROFILES_API_TAG, read] as const,
delete: [deleteTag] as const,
};
};
4 changes: 1 addition & 3 deletions x-pack/plugins/cases/common/utils/capabilities.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
*/

import {
CASES_CONNECTORS_CAPABILITY,
CREATE_CASES_CAPABILITY,
DELETE_CASES_CAPABILITY,
PUSH_CASES_CAPABILITY,
Expand All @@ -24,8 +23,7 @@ export const createUICapabilities = () => ({
READ_CASES_CAPABILITY,
UPDATE_CASES_CAPABILITY,
PUSH_CASES_CAPABILITY,
CASES_CONNECTORS_CAPABILITY,
] as const,
read: [READ_CASES_CAPABILITY, CASES_CONNECTORS_CAPABILITY] as const,
read: [READ_CASES_CAPABILITY] as const,
delete: [DELETE_CASES_CAPABILITY] as const,
});
16 changes: 1 addition & 15 deletions x-pack/plugins/cases/public/client/helpers/can_use_cases.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ import {
allCasesPermissions,
noCasesCapabilities,
noCasesPermissions,
readCasesPermissions,
readCasesCapabilities,
readCasesPermissions,
writeCasesCapabilities,
writeCasesPermissions,
} from '../../common/mock';
Expand Down Expand Up @@ -77,12 +77,6 @@ const hasSecurityWriteAndObservabilityRead: CasesCapabilities = {
generalCases: noCasesCapabilities(),
};

const hasSecurityConnectors: CasesCapabilities = {
securitySolutionCases: readCasesCapabilities(),
observabilityCases: noCasesCapabilities(),
generalCases: noCasesCapabilities(),
};

describe('canUseCases', () => {
it.each([hasAll, hasSecurity, hasObservability, hasSecurityWriteAndObservabilityRead])(
'returns true for all permissions, if a user has access to both on any solution',
Expand Down Expand Up @@ -115,12 +109,4 @@ describe('canUseCases', () => {
expect(permissions).toStrictEqual(noCasesPermissions());
}
);

it.each([hasSecurityConnectors])(
'returns true for only connectors, if a user has access to only connectors on any solution',
(capability) => {
const permissions = canUseCases(capability)();
expect(permissions).toStrictEqual(readCasesPermissions());
}
);
});
5 changes: 1 addition & 4 deletions x-pack/plugins/cases/public/client/helpers/can_use_cases.ts
Original file line number Diff line number Diff line change
Expand Up @@ -40,10 +40,8 @@ export const canUseCases =
acc.update = acc.update || userCapabilitiesForOwner.update;
acc.delete = acc.delete || userCapabilitiesForOwner.delete;
acc.push = acc.push || userCapabilitiesForOwner.push;
const allFromAcc =
acc.create && acc.read && acc.update && acc.delete && acc.push && acc.connectors;
const allFromAcc = acc.create && acc.read && acc.update && acc.delete && acc.push;
acc.all = acc.all || userCapabilitiesForOwner.all || allFromAcc;
acc.connectors = acc.connectors || userCapabilitiesForOwner.connectors;

return acc;
},
Expand All @@ -54,7 +52,6 @@ export const canUseCases =
update: false,
delete: false,
push: false,
connectors: false,
}
);

Expand Down
31 changes: 0 additions & 31 deletions x-pack/plugins/cases/public/client/helpers/capabilities.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ describe('getUICapabilities', () => {
expect(getUICapabilities(undefined)).toMatchInlineSnapshot(`
Object {
"all": false,
"connectors": false,
"create": false,
"delete": false,
"push": false,
Expand All @@ -26,7 +25,6 @@ describe('getUICapabilities', () => {
expect(getUICapabilities()).toMatchInlineSnapshot(`
Object {
"all": false,
"connectors": false,
"create": false,
"delete": false,
"push": false,
Expand All @@ -40,7 +38,6 @@ describe('getUICapabilities', () => {
expect(getUICapabilities({ create_cases: true })).toMatchInlineSnapshot(`
Object {
"all": false,
"connectors": false,
"create": true,
"delete": false,
"push": false,
Expand All @@ -58,12 +55,10 @@ describe('getUICapabilities', () => {
update_cases: false,
delete_cases: false,
push_cases: false,
cases_connectors: false,
})
).toMatchInlineSnapshot(`
Object {
"all": false,
"connectors": false,
"create": false,
"delete": false,
"push": false,
Expand All @@ -77,7 +72,6 @@ describe('getUICapabilities', () => {
expect(getUICapabilities({})).toMatchInlineSnapshot(`
Object {
"all": false,
"connectors": false,
"create": false,
"delete": false,
"push": false,
Expand All @@ -95,35 +89,10 @@ describe('getUICapabilities', () => {
update_cases: true,
delete_cases: true,
push_cases: true,
cases_connectors: true,
})
).toMatchInlineSnapshot(`
Object {
"all": false,
"connectors": true,
"create": false,
"delete": true,
"push": true,
"read": true,
"update": true,
}
`);
});

it('returns false for the all field when cases_connectors is false', () => {
expect(
getUICapabilities({
create_cases: false,
read_cases: true,
update_cases: true,
delete_cases: true,
push_cases: true,
cases_connectors: false,
})
).toMatchInlineSnapshot(`
Object {
"all": false,
"connectors": false,
"create": false,
"delete": true,
"push": true,
Expand Down
5 changes: 1 addition & 4 deletions x-pack/plugins/cases/public/client/helpers/capabilities.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@

import type { CasesPermissions } from '../../../common';
import {
CASES_CONNECTORS_CAPABILITY,
CREATE_CASES_CAPABILITY,
DELETE_CASES_CAPABILITY,
PUSH_CASES_CAPABILITY,
Expand All @@ -23,8 +22,7 @@ export const getUICapabilities = (
const update = !!featureCapabilities?.[UPDATE_CASES_CAPABILITY];
const deletePriv = !!featureCapabilities?.[DELETE_CASES_CAPABILITY];
const push = !!featureCapabilities?.[PUSH_CASES_CAPABILITY];
const connectors = !!featureCapabilities?.[CASES_CONNECTORS_CAPABILITY];
const all = create && read && update && deletePriv && push && connectors;
const all = create && read && update && deletePriv && push;

return {
all,
Expand All @@ -33,6 +31,5 @@ export const getUICapabilities = (
update,
delete: deletePriv,
push,
connectors,
};
};
2 changes: 0 additions & 2 deletions x-pack/plugins/cases/public/common/lib/kibana/hooks.ts
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,6 @@ export const useApplicationCapabilities = (): UseApplicationCapabilities => {
update: permissions.update,
delete: permissions.delete,
push: permissions.push,
connectors: permissions.connectors,
},
visualize: { crud: !!capabilities.visualize?.save, read: !!capabilities.visualize?.show },
dashboard: {
Expand All @@ -214,7 +213,6 @@ export const useApplicationCapabilities = (): UseApplicationCapabilities => {
permissions.update,
permissions.delete,
permissions.push,
permissions.connectors,
]
);
};
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,6 @@ export const createStartServicesMock = ({ license }: StartServiceArgs = {}): Sta
update_cases: true,
delete_cases: true,
push_cases: true,
cases_connectors: true,
},
visualize: { save: true, show: true },
dashboard: { show: true, createNew: true },
Expand Down
23 changes: 2 additions & 21 deletions x-pack/plugins/cases/public/common/mock/permissions.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,39 +9,23 @@ import type { CasesCapabilities, CasesPermissions } from '../../containers/types

export const allCasesPermissions = () => buildCasesPermissions();
export const noCasesPermissions = () =>
buildCasesPermissions({
read: false,
create: false,
update: false,
delete: false,
push: false,
connectors: false,
});
buildCasesPermissions({ read: false, create: false, update: false, delete: false, push: false });
export const readCasesPermissions = () =>
buildCasesPermissions({
read: true,
create: false,
update: false,
delete: false,
push: false,
connectors: true,
});
buildCasesPermissions({ read: true, create: false, update: false, delete: false, push: false });
export const noCreateCasesPermissions = () => buildCasesPermissions({ create: false });
export const noUpdateCasesPermissions = () => buildCasesPermissions({ update: false });
export const noPushCasesPermissions = () => buildCasesPermissions({ push: false });
export const noDeleteCasesPermissions = () => buildCasesPermissions({ delete: false });
export const writeCasesPermissions = () => buildCasesPermissions({ read: false });
export const onlyDeleteCasesPermission = () =>
buildCasesPermissions({ read: false, create: false, update: false, delete: true, push: false });
export const noConnectorsCasePermission = () => buildCasesPermissions({ connectors: false });

export const buildCasesPermissions = (overrides: Partial<Omit<CasesPermissions, 'all'>> = {}) => {
const create = overrides.create ?? true;
const read = overrides.read ?? true;
const update = overrides.update ?? true;
const deletePermissions = overrides.delete ?? true;
const push = overrides.push ?? true;
const connectors = overrides.connectors ?? true;
const all = create && read && update && deletePermissions && push;

return {
Expand All @@ -51,7 +35,6 @@ export const buildCasesPermissions = (overrides: Partial<Omit<CasesPermissions,
update,
delete: deletePermissions,
push,
connectors,
};
};

Expand All @@ -63,7 +46,6 @@ export const noCasesCapabilities = () =>
update_cases: false,
delete_cases: false,
push_cases: false,
cases_connectors: false,
});
export const readCasesCapabilities = () =>
buildCasesCapabilities({
Expand All @@ -85,6 +67,5 @@ export const buildCasesCapabilities = (overrides?: Partial<CasesCapabilities>) =
update_cases: overrides?.update_cases ?? true,
delete_cases: overrides?.delete_cases ?? true,
push_cases: overrides?.push_cases ?? true,
cases_connectors: overrides?.cases_connectors ?? true,
};
};
Loading

0 comments on commit c4557dd

Please sign in to comment.