[Security Solutions] Add PLI authorisation for Threat Intelligence

x-pack/packages/security-solution/navigation/src/constants.ts

@@ -67,7 +67,7 @@ export enum SecurityPageName {
    * Warning: Computed values are not permitted in an enum with string valued members
    * All threat intelligence page names must match `TIPageId` in x-pack/plugins/threat_intelligence/public/common/navigation/types.ts
    */
-  threatIntelligenceIndicators = 'threat_intelligence-indicators',
+  threatIntelligence = 'threat_intelligence',
   timelines = 'timelines',
   timelinesTemplates = 'timelines-templates',
   trustedApps = 'trusted_apps',

x-pack/plugins/security_solution/common/types/app_features.ts

@@ -18,6 +18,11 @@ export enum AppFeatureSecurityKey {
    * Enables Endpoint Exceptions like isolate host, trusted apps, blocklist, etc.
    */
   endpointExceptions = 'endpoint_exceptions',
+
+  /**
+   * Enables Threat Intelligence
+   */
+  threatIntelligence = 'threat-intelligence',
 }
 
 export enum AppFeatureCasesKey {

x-pack/plugins/security_solution/cypress/screens/security_header.ts

@@ -60,8 +60,7 @@ export const NETWORK = '[data-test-subj="solutionSideNavPanelLink-network"]';
 
 export const USERS = '[data-test-subj="solutionSideNavPanelLink-users"]';
 
-export const INDICATORS =
-  '[data-test-subj="solutionSideNavItemLink-threat_intelligence-indicators"]';
+export const INDICATORS = '[data-test-subj="solutionSideNavItemLink-threat_intelligence"]';
 
 export const RULES = '[data-test-subj="solutionSideNavPanelLink-rules"]';
 

x-pack/plugins/security_solution/public/common/components/navigation/security_side_nav/categories.ts

@@ -25,7 +25,7 @@ export const CATEGORIES: SeparatorLinkCategory[] = [
     type: LinkCategoryType.separator,
     linkIds: [
       SecurityPageName.timelines,
-      SecurityPageName.threatIntelligenceIndicators,
+      SecurityPageName.threatIntelligence,
       SecurityPageName.exploreLanding,
     ],
   },

x-pack/plugins/security_solution/public/overview/components/overview_cti_links/threat_intel_panel_view.tsx

@@ -69,7 +69,7 @@ export const ThreatIntelPanelView: React.FC<LinkPanelViewProps> = ({
           () => (
             <SecuritySolutionLinkButton
               data-test-subj="cti-view-indicators"
-              deepLinkId={SecurityPageName.threatIntelligenceIndicators}
+              deepLinkId={SecurityPageName.threatIntelligence}
             >
               <FormattedMessage
                 id="xpack.securitySolution.overview.threatIndicatorsAction"

x-pack/plugins/security_solution/public/threat_intelligence/links.ts

@@ -18,5 +18,5 @@ import type { LinkItem } from '../common/links';
 export const indicatorsLinks: LinkItem = {
   ...getSecuritySolutionLink<SecurityPageName>('indicators'),
   globalNavPosition: 7,
-  capabilities: [`${SERVER_APP_ID}.show`],
+  capabilities: [`${SERVER_APP_ID}.threat-intelligence`],
 };

x-pack/plugins/security_solution/public/threat_intelligence/routes.tsx

@@ -6,7 +6,6 @@
  */
 
 import React, { memo } from 'react';
-import { TrackApplicationView } from '@kbn/usage-collection-plugin/public';
 import type { SecuritySolutionPluginContext } from '@kbn/threat-intelligence-plugin/public';
 import { THREAT_INTELLIGENCE_BASE_PATH } from '@kbn/threat-intelligence-plugin/public';
 import type { SourcererDataView } from '@kbn/threat-intelligence-plugin/public/types';
@@ -31,6 +30,7 @@ import { useGlobalTime } from '../common/containers/use_global_time';
 import { deleteOneQuery, setQuery } from '../common/store/inputs/actions';
 import { InputsModelId } from '../common/store/inputs/constants';
 import { ArtifactFlyout } from '../management/components/artifact_list_page/components/artifact_flyout';
+import { SecurityRoutePageWrapper } from '../common/components/security_route_page_wrapper';
 
 const ThreatIntelligence = memo(() => {
   const { threatIntelligence, http } = useKibana().services;
@@ -85,10 +85,10 @@ const ThreatIntelligence = memo(() => {
   };
 
   return (
-    <TrackApplicationView viewId="threat_intelligence">
+    <SecurityRoutePageWrapper pageName={SecurityPageName.threatIntelligence}>
       <ThreatIntelligencePlugin securitySolutionContext={securitySolutionContext} />
-      <SpyRoute pageName={SecurityPageName.threatIntelligenceIndicators} />
-    </TrackApplicationView>
+      <SpyRoute pageName={SecurityPageName.threatIntelligence} />
+    </SecurityRoutePageWrapper>
   );
 });
 

x-pack/plugins/security_solution/server/lib/app_features/security_kibana_features.ts

@@ -155,6 +155,19 @@ export const getSecurityAppFeaturesConfig = (
       },
     },
 
+    [AppFeatureSecurityKey.threatIntelligence]: {
+      privileges: {
+        all: {
+          ui: ['threat-intelligence'],
+          api: [`${APP_ID}-threat-intelligence`],
+        },
+        read: {
+          ui: ['threat-intelligence'],
+          api: [`${APP_ID}-threat-intelligence`],
+        },
+      },
+    },
+
     [AppFeatureSecurityKey.endpointResponseActions]: {
       subFeatureIds: [
         SecuritySubFeatureId.processOperations,

x-pack/plugins/security_solution_serverless/common/pli/pli_config.ts

@@ -15,7 +15,11 @@ type PliAppFeatures = Readonly<
 export const PLI_APP_FEATURES: PliAppFeatures = {
   security: {
     essentials: [],
-    complete: [AppFeatureKey.advancedInsights, AppFeatureKey.casesConnectors],
+    complete: [
+      AppFeatureKey.advancedInsights,
+      AppFeatureKey.threatIntelligence,
+      AppFeatureKey.casesConnectors,
+    ],
   },
   endpoint: {
     essentials: [AppFeatureKey.endpointExceptions],

x-pack/plugins/security_solution_serverless/public/navigation/side_navigation/categories.ts

@@ -29,7 +29,7 @@ export const CATEGORIES: SeparatorLinkCategory[] = [
     type: LinkCategoryType.separator,
     linkIds: [
       SecurityPageName.timelines,
-      SecurityPageName.threatIntelligenceIndicators,
+      SecurityPageName.threatIntelligence,
       SecurityPageName.exploreLanding,
     ],
   },

x-pack/plugins/security_solution_serverless/public/upselling/pages/threat_intelligence_paywall.tsx

@@ -0,0 +1,47 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+import { EuiEmptyPrompt, EuiIcon } from '@elastic/eui';
+import { FormattedMessage } from '@kbn/i18n-react';
+import type { AppFeatureKey } from '@kbn/security-solution-plugin/common';
+import { useProductTypeByPLI } from '../hooks/use_product_type_by_pli';
+
+const ThreatIntelligencePaywall: React.FC<{ requiredPLI: AppFeatureKey }> = React.memo(
+  function PaywallComponent({ requiredPLI }) {
+    const productTypeRequired = useProductTypeByPLI(requiredPLI);
+
+    return (
+      <EuiEmptyPrompt
+        icon={<EuiIcon type="logoSecurity" size="xl" />}
+        color="subdued"
+        title={
+          <h2>
+            <FormattedMessage
+              id="xpack.securitySolutionServerless.threatIntelligence.paywall.title"
+              defaultMessage="Do more with Security!"
+            />
+          </h2>
+        }
+        body={
+          <p>
+            <FormattedMessage
+              id="xpack.securitySolutionServerless.threatIntelligence.paywall.body"
+              defaultMessage="Upgrade your license to {productTypeRequired} to use threat intelligence."
+              values={{ productTypeRequired }}
+            />
+          </p>
+        }
+      />
+    );
+  }
+);
+
+ThreatIntelligencePaywall.displayName = 'ThreatIntelligencePaywall';
+
+// eslint-disable-next-line import/no-default-export
+export { ThreatIntelligencePaywall as default };

x-pack/plugins/security_solution_serverless/public/upselling/register_upsellings.tsx

@@ -4,16 +4,18 @@
  * 2.0; you may not use this file except in compliance with the Elastic License
  * 2.0.
  */
-import type { SecurityPageName, AppFeatureKey } from '@kbn/security-solution-plugin/common';
+import { SecurityPageName, AppFeatureKey } from '@kbn/security-solution-plugin/common';
 import type {
   UpsellingService,
   PageUpsellings,
   SectionUpsellings,
   UpsellingSectionId,
 } from '@kbn/security-solution-plugin/public';
+import React, { lazy } from 'react';
 import type { SecurityProductTypes } from '../../common/config';
 import { getProductAppFeatures } from '../../common/pli/pli_features';
 
+const ThreatIntelligencePaywallLazy = lazy(() => import('./pages/threat_intelligence_paywall'));
 interface UpsellingsConfig {
   pli: AppFeatureKey;
   component: React.ComponentType;
@@ -61,6 +63,13 @@ export const upsellingPages: UpsellingPages = [
   //   pli: AppFeatureKey.advancedInsights,
   //   component: () => <GenericUpsellingPageLazy requiredPLI={AppFeatureKey.advancedInsights} />,
   // },
+  {
+    pageName: SecurityPageName.threatIntelligence,
+    pli: AppFeatureKey.threatIntelligence,
+    component: () => (
+      <ThreatIntelligencePaywallLazy requiredPLI={AppFeatureKey.threatIntelligence} />
+    ),
+  },
 ];
 
 // Upsellings for sections, linked by arbitrary ids

x-pack/plugins/threat_intelligence/cypress/screens/common.ts

@@ -7,5 +7,5 @@
 
 export const UPDATE_STATUS = `[data-test-subj="updateStatus"]`;
 export const SECURITY_SOLUTION_NAVBAR_MANAGE_ITEM = `[data-test-subj="solutionSideNavItemLink-administration"]`;
-export const SECURITY_SOLUTION_NAVBAR_THREAT_INTELLIGENCE_ITEM = `[data-test-subj="solutionSideNavItemLink-threat_intelligence-indicators"]`;
+export const SECURITY_SOLUTION_NAVBAR_THREAT_INTELLIGENCE_ITEM = `[data-test-subj="solutionSideNavItemLink-threat_intelligence"]`;
 export const MANAGE_NAVIGATION_ITEMS = `.euiLink`;

x-pack/plugins/threat_intelligence/public/constants/navigation.ts

@@ -21,7 +21,7 @@ export const threatIntelligencePages: Record<TIPage, TIPageProperties> = {
     oldNavigationName: INDICATORS,
     newNavigationName: INTELLIGENCE,
     path: `${THREAT_INTELLIGENCE_BASE_PATH}/indicators`,
-    id: 'threat_intelligence-indicators',
+    id: 'threat_intelligence',
     description: DESCRIPTION,
     globalSearchKeywords: [INTELLIGENCE],
     keywords: [INTELLIGENCE],

x-pack/plugins/threat_intelligence/public/types.ts

@@ -174,9 +174,9 @@ export type TIPage = 'indicators';
  * This needs to match the threat intelligence page entries in SecurityPageName` (x-pack/plugins/security_solution/common/constants.ts).
  *
  * Example to add more IDs:
- *   export type TIPageId = 'threat_intelligence-indicators' | 'threat_intelligence-feed';
+ *   export type TIPageId = 'threat_intelligence' | 'threat_intelligence-feed';
  */
-export type TIPageId = 'threat_intelligence-indicators';
+export type TIPageId = 'threat_intelligence';
 
 /**
  * A record of all the properties that will be used to build deeplinks, links and navtabs objects.

x-pack/plugins/translations/translations/fr-FR.json

@@ -4996,7 +4996,6 @@
     "savedObjectsManagement.view.indexPatternDoesNotExistErrorMessage": "La vue de données associée à cet objet n'existe plus.",
     "savedObjectsManagement.view.savedObjectProblemErrorMessage": "Un problème est survenu avec cet objet enregistré.",
     "savedObjectsManagement.view.savedSearchDoesNotExistErrorMessage": "La recherche enregistrée associée à cet objet n'existe plus.",
-    "savedSearch.legacyURLConflict.errorMessage": "Cette recherche a la même URL qu'un alias hérité. Désactiver l'alias pour résoudre cette erreur : {json}",
     "securitySolutionPackages.dataTable.eventsTab.unit": "{totalCount, plural, =1 {alerte} one {alertes} many {alertes} other {alertes}}",
     "securitySolutionPackages.dataTable.unit": "{totalCount, plural, =1 {alerte} one {alertes} many {alertes} other {alertes}}",
     "securitySolutionPackages.ecsDataQualityDashboard.allTab.allFieldsTableTitle": "Tous les champs – {indexName}",