[SIEM] [Detection engine] Add user permission to detection engine (#53778) (#53988)

* add logic to see if we can show signals or create signal index for user

* fix unit test

* fix spelling set up

* Update msg from review

* review II

* fix type

* review III

* fix bug found by Garrett

* fix snapshot

Author: XavierM

x-pack/legacy/plugins/siem/public/components/empty_page/__snapshots__/index.test.tsx.snap

@@ -46,8 +46,8 @@ export const EmptyPage = React.memo<EmptyPageProps>(
       title={<h2>{title}</h2>}
       body={message && <p>{message}</p>}
       actions={
-        <EuiFlexGroup>
-          <EuiFlexItem>
+        <EuiFlexGroup justifyContent="center">
+          <EuiFlexItem grow={false}>
             <EuiButton
               fill
               href={actionPrimaryUrl}
@@ -59,7 +59,7 @@ export const EmptyPage = React.memo<EmptyPageProps>(
           </EuiFlexItem>
 
           {actionSecondaryLabel && actionSecondaryUrl && (
-            <EuiFlexItem>
+            <EuiFlexItem grow={false}>
               <EuiButton
                 href={actionSecondaryUrl}
                 iconType={actionSecondaryIcon}

x-pack/legacy/plugins/siem/public/components/empty_page/index.tsx

@@ -10,11 +10,7 @@ import * as i18n from './translations';
 import { MlError } from '../types';
 import { SetupMlResponse } from '../../ml_popover/types';
 
-export interface MessageBody {
-  error?: string;
-  message?: string;
-  statusCode?: number;
-}
+export { MessageBody, parseJsonFromBody } from '../../../utils/api';
 
 export interface MlStartJobError {
   error: MlError;
@@ -35,15 +31,6 @@ export class ToasterErrors extends Error implements ToasterErrorsType {
   }
 }
 
-export const parseJsonFromBody = async (response: Response): Promise<MessageBody | null> => {
-  try {
-    const text = await response.text();
-    return JSON.parse(text);
-  } catch (error) {
-    return null;
-  }
-};
-
 export const tryParseResponse = (response: string): string => {
   try {
     return JSON.stringify(JSON.parse(response), null, 2);

x-pack/legacy/plugins/siem/public/components/ml/api/throw_if_not_ok.ts

@@ -10,14 +10,27 @@ import { throwIfNotOk } from '../../../hooks/api/api';
 import {
   DETECTION_ENGINE_QUERY_SIGNALS_URL,
   DETECTION_ENGINE_SIGNALS_STATUS_URL,
+  DETECTION_ENGINE_INDEX_URL,
+  DETECTION_ENGINE_PRIVILEGES_URL,
 } from '../../../../common/constants';
-import { QuerySignals, SignalSearchResponse, UpdateSignalStatusProps } from './types';
+import {
+  QuerySignals,
+  SignalSearchResponse,
+  UpdateSignalStatusProps,
+  SignalsIndex,
+  SignalIndexError,
+  Privilege,
+  PostSignalError,
+  BasicSignals,
+} from './types';
+import { parseJsonFromBody } from '../../../utils/api';
 
 /**
  * Fetch Signals by providing a query
  *
  * @param query String to match a dsl
  * @param kbnVersion current Kibana Version to use for headers
+ * @param signal AbortSignal for cancelling request
  */
 export const fetchQuerySignals = async <Hit, Aggregations>({
   query,
@@ -46,7 +59,7 @@ export const fetchQuerySignals = async <Hit, Aggregations>({
  * @param query of signals to update
  * @param status to update to('open' / 'closed')
  * @param kbnVersion current Kibana Version to use for headers
- * @param signal to cancel request
+ * @param signal AbortSignal for cancelling request
  */
 export const updateSignalStatus = async ({
   query,
@@ -69,3 +82,90 @@ export const updateSignalStatus = async ({
   await throwIfNotOk(response);
   return response.json();
 };
+
+/**
+ * Fetch Signal Index
+ *
+ * @param kbnVersion current Kibana Version to use for headers
+ * @param signal AbortSignal for cancelling request
+ */
+export const getSignalIndex = async ({
+  kbnVersion,
+  signal,
+}: BasicSignals): Promise<SignalsIndex | null> => {
+  const response = await fetch(`${chrome.getBasePath()}${DETECTION_ENGINE_INDEX_URL}`, {
+    method: 'GET',
+    credentials: 'same-origin',
+    headers: {
+      'content-type': 'application/json',
+      'kbn-version': kbnVersion,
+      'kbn-xsrf': kbnVersion,
+    },
+    signal,
+  });
+  if (response.ok) {
+    const signalIndex = await response.json();
+    return signalIndex;
+  }
+  const error = await parseJsonFromBody(response);
+  if (error != null) {
+    throw new SignalIndexError(error);
+  }
+  return null;
+};
+
+/**
+ * Get User Privileges
+ *
+ * @param kbnVersion current Kibana Version to use for headers
+ * @param signal AbortSignal for cancelling request
+ */
+export const getUserPrivilege = async ({
+  kbnVersion,
+  signal,
+}: BasicSignals): Promise<Privilege | null> => {
+  const response = await fetch(`${chrome.getBasePath()}${DETECTION_ENGINE_PRIVILEGES_URL}`, {
+    method: 'GET',
+    credentials: 'same-origin',
+    headers: {
+      'content-type': 'application/json',
+      'kbn-version': kbnVersion,
+      'kbn-xsrf': kbnVersion,
+    },
+    signal,
+  });
+
+  await throwIfNotOk(response);
+  return response.json();
+};
+
+/**
+ * Create Signal Index if needed it
+ *
+ * @param kbnVersion current Kibana Version to use for headers
+ * @param signal AbortSignal for cancelling request
+ */
+export const createSignalIndex = async ({
+  kbnVersion,
+  signal,
+}: BasicSignals): Promise<SignalsIndex | null> => {
+  const response = await fetch(`${chrome.getBasePath()}${DETECTION_ENGINE_INDEX_URL}`, {
+    method: 'POST',
+    credentials: 'same-origin',
+    headers: {
+      'content-type': 'application/json',
+      'kbn-version': kbnVersion,
+      'kbn-xsrf': kbnVersion,
+    },
+    signal,
+  });
+  if (response.ok) {
+    const signalIndex = await response.json();
+    return signalIndex;
+  }
+  const error = await parseJsonFromBody(response);
+  if (error != null) {
+    throw new PostSignalError(error);
+  }
+  return null;
+};

x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/api.ts

@@ -0,0 +1,24 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { MessageBody } from '../../../../components/ml/api/throw_if_not_ok';
+
+export class SignalIndexError extends Error {
+  message: string = '';
+  statusCode: number = -1;
+  error: string = '';
+
+  constructor(errObj: MessageBody) {
+    super(errObj.message);
+    this.message = errObj.message ?? '';
+    this.statusCode = errObj.statusCode ?? -1;
+    this.error = errObj.error ?? '';
+    this.name = 'SignalIndexError';
+
+    // Set the prototype explicitly.
+    Object.setPrototypeOf(this, SignalIndexError.prototype);
+  }
+}

x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/errors_types/get_index_error.ts

@@ -0,0 +1,9 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export * from './get_index_error';
+export * from './post_index_error';
+export * from './privilege_user_error';

x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/errors_types/index.ts

@@ -0,0 +1,24 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { MessageBody } from '../../../../components/ml/api/throw_if_not_ok';
+
+export class PostSignalError extends Error {
+  message: string = '';
+  statusCode: number = -1;
+  error: string = '';
+
+  constructor(errObj: MessageBody) {
+    super(errObj.message);
+    this.message = errObj.message ?? '';
+    this.statusCode = errObj.statusCode ?? -1;
+    this.error = errObj.error ?? '';
+    this.name = 'PostSignalError';
+
+    // Set the prototype explicitly.
+    Object.setPrototypeOf(this, PostSignalError.prototype);
+  }
+}

x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/errors_types/post_index_error.ts

@@ -0,0 +1,24 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { MessageBody } from '../../../../components/ml/api/throw_if_not_ok';
+
+export class PrivilegeUserError extends Error {
+  message: string = '';
+  statusCode: number = -1;
+  error: string = '';
+
+  constructor(errObj: MessageBody) {
+    super(errObj.message);
+    this.message = errObj.message ?? '';
+    this.statusCode = errObj.statusCode ?? -1;
+    this.error = errObj.error ?? '';
+    this.name = 'PrivilegeUserError';
+
+    // Set the prototype explicitly.
+    Object.setPrototypeOf(this, PrivilegeUserError.prototype);
+  }
+}

x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/errors_types/privilege_user_error.ts

@@ -4,11 +4,15 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 
-export interface QuerySignals {
-  query: string;
+export * from './errors_types';
+
+export interface BasicSignals {
   kbnVersion: string;
   signal: AbortSignal;
 }
+export interface QuerySignals extends BasicSignals {
+  query: string;
+}
 
 export interface SignalsResponse {
   took: number;
@@ -38,3 +42,60 @@ export interface UpdateSignalStatusProps {
   kbnVersion: string;
   signal?: AbortSignal; // TODO: implement cancelling
 }
+
+export interface SignalsIndex {
+  name: string;
+}
+
+export interface Privilege {
+  username: string;
+  has_all_requested: boolean;
+  cluster: {
+    monitor_ml: boolean;
+    manage_ccr: boolean;
+    manage_index_templates: boolean;
+    monitor_watcher: boolean;
+    monitor_transform: boolean;
+    read_ilm: boolean;
+    manage_api_key: boolean;
+    manage_security: boolean;
+    manage_own_api_key: boolean;
+    manage_saml: boolean;
+    all: boolean;
+    manage_ilm: boolean;
+    manage_ingest_pipelines: boolean;
+    read_ccr: boolean;
+    manage_rollup: boolean;
+    monitor: boolean;
+    manage_watcher: boolean;
+    manage: boolean;
+    manage_transform: boolean;
+    manage_token: boolean;
+    manage_ml: boolean;
+    manage_pipeline: boolean;
+    monitor_rollup: boolean;
+    transport_client: boolean;
+    create_snapshot: boolean;
+  };
+  index: {
+    [indexName: string]: {
+      all: boolean;
+      manage_ilm: boolean;
+      read: boolean;
+      create_index: boolean;
+      read_cross_cluster: boolean;
+      index: boolean;
+      monitor: boolean;
+      delete: boolean;
+      manage: boolean;
+      delete_index: boolean;
+      create_doc: boolean;
+      view_index_metadata: boolean;
+      create: boolean;
+      manage_follow_index: boolean;
+      manage_leader_index: boolean;
+      write: boolean;
+    };
+  };
+  isAuthenticated: boolean;
+}