[Security Solution][Endpoint] Add authz to file/download apis in support of SentinelOne processes response action

[paul-tavares]

Summary

The following changes were done for Response actions:

• The file access APIs (file info + file download) were refactored to ensure they properly validate the required authz for each type of action
  • Now that these APIs are being used for different response actions, we need to add logic that ensures that a user with access to one response action (ex. running-processes for SentinelOne) is not allowed to access file information for a different type of action (ex. get-file)
• The Response Actions History Log was updated so that the output of a processes response action is now displayed to the user when the response action row in the table is expanded
  • Note that for SentinelOne hosts, the output of the processes response action is a file download - which will only be visible if user has authz to Processes operations
  • The height of the expandable row was also increased in order to provide a larger viewing area for the content that is displayed inside of it (the action results)

---

Checklist

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Unit or functional tests were updated or added to match the most common scenarios

[paul-tavares]

/ci

[paul-tavares]

/ci

[paul-tavares]

/ci

[elasticmachine]

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

[ashokaditya]

Looks good. I also tested it out. Needs that small change in css argument, else it's good to 🚢 .

[ashokaditya]

Suggested change

	'font-size': 'inherit',
	fontSize: 'inherit',

else you get this error on console

[paul-tavares]

Thanks. I don't remember getting this warning 🤔

When you made the change, did you check the UI to ensure it was picking up the correct font size? (no worries if you did not... I can test it out)

[ashokaditya]

yeah the font size was correct with the change.

[paul-tavares]

cool. thanks.
I'll make this change in the next PR - since I got all approvals here and a green build. Hope that is cool with you.

[ashokaditya]

Yeah that's alright.

[kibana-ci]

💛 Build succeeded, but was flaky

• Buildkite Build
• Commit: 9c744a5

Failed CI Steps

• Jest Tests #17
• Jest Integration Tests #3
• Jest Integration Tests #4
• FTR Configs #24
• FTR Configs #46
• FTR Configs #48
• FTR Configs #50
• FTR Configs #58
• FTR Configs #77

Test Failures

• [job] [logs] Jest Integration Tests #4 / Basic smoke test it can start Kibana running against serverless ES

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
securitySolution	5621	5623	+2

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
securitySolution	20.4MB	20.5MB	+16.0KB

History

• 💔 Build #224632 failed c35cb86
• 💔 Build #224506 failed d090968
• 💔 Build #224431 failed 9641dfb
• 💔 Build #224392 failed 8a6c440
• 💔 Build #223914 failed d5a7b12

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @paul-tavares