[AI4DSOC] Hide security solution pages by tomsonpl · Pull Request #219081 · elastic/kibana

tomsonpl · 2025-04-24T12:18:38Z

Summary

This PR implements a mechanism to control visibility and access to Security Solution pages based on user access and PLIs.
It replaces direct usage of the SecurityRoutePageWrapper component with the withSecurityRoutePageWrapper higher-order component across multiple route files in the Security Solution plugin.

Changes

Added cloudSecurityPosture entry to the SecurityPageName enum in deep_links.ts
Replaced direct usage of SecurityRoutePageWrapper with withSecurityRoutePageWrapper HOC in:

Route	Complete	AiSoc	Comments
Asset Inventory routes	OK	Redirected to /get_started
Assets routes	OK	OK	Should we hide this one?
Cloud Security Posture	Redirected to /get_started	Redirected to /get_started	Redirected if there's no 'Cloud' Addon (even on Complete)
Dashboards routes	OK	Redirected to /get_started
Exceptions routes	OK	Upselling	Upselling has priority over redirection
Explore routes	OK	Redirected to /get_started
Investigations routes	OK	Redirected to /get_started
Notes routes	OK	Not Working	Should be redirected to get_started - TBC...
Overview routes	OK	Redirected to /get_started
Timelines routes	OK	Redirected to /get_started

Question:

Without `Cloud` Add-on - should we hide the cloud cards ? Eg. in `Complete` tier?

Technical Details

The withSecurityRoutePageWrapper HOC provides a consistent way to handle authorization, redirects, and page visibility across the Security Solution.
This approach allows for more granular control over which pages are accessible based on user permissions and subscription tier, particularly important for the AI for SOC functionality.

Testing

Verified that all Security Solution pages properly respect user permissions
Confirmed that unauthorized users are redirected appropriately

Closes: https://github.com/elastic/security-team/issues/12401

tomsonpl · 2025-04-24T12:18:44Z

/ci

tomsonpl · 2025-04-24T13:53:56Z

/ci

tomsonpl · 2025-04-24T14:56:12Z

/ci

tomsonpl · 2025-04-24T15:56:53Z

/ci

ashokaditya · 2025-04-25T07:37:25Z

/ci

x-pack/solutions/security/plugins/security_solution/public/cloud_security_posture/routes.tsx

ashokaditya · 2025-04-28T11:14:44Z

/ci

ashokaditya · 2025-04-28T13:45:08Z

/ci

elasticmachine · 2025-05-07T09:57:53Z

💛 Build succeeded, but was flaky

Buildkite Build
Commit: 4f88971

Failed CI Steps

Test Failures

[job] [logs] FTR Configs #115 / Cloud Security Posture Findings Page - Alerts "before each" hook for "Creates a detection rule from the Take Action button and navigates to rule page"
[job] [logs] FTR Configs #123 / Visualizations - Group 3 lens app - TSVB Open in Lens Table should convert color ranges

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
`securitySolution`	9.1MB	9.1MB	-217.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
`securitySolution`	88.0KB	88.0KB	-33.0B

History

💛 Build #298876 was flaky 790e425
💛 Build #298555 was flaky b5b72b3
💔 Build #298524 failed cbd965f
💔 Build #298225 failed 041e97f
💛 Build #297864 was flaky 9bd7656
💔 Build #297787 failed fe377a0

cc @ashokaditya @tomsonpl

## Summary This PR implements a mechanism to control visibility and access to Security Solution pages based on user access and PLIs. It replaces direct usage of the `SecurityRoutePageWrapper` component with the `withSecurityRoutePageWrapper` higher-order component across multiple route files in the Security Solution plugin. ## Changes - Added `cloudSecurityPosture` entry to the `SecurityPageName` enum in `deep_links.ts` - Replaced direct usage of `SecurityRoutePageWrapper` with `withSecurityRoutePageWrapper` HOC in: | Route | Complete | AiSoc | Comments | |-------------------------|----------|--------------------------------|----------------------| | Asset Inventory routes | OK | Redirected to /get_started | | | Assets routes | OK | OK | Should we hide this one? | | Cloud Security Posture | Redirected to /get_started | Redirected to /get_started | Redirected if there's no 'Cloud' Addon (even on Complete) | | Dashboards routes | OK | Redirected to /get_started | | | Exceptions routes | OK | Upselling | Upselling has priority over redirection | | Explore routes | OK | Redirected to /get_started | | | Investigations routes | OK | Redirected to /get_started | | | Notes routes | OK | Not Working | Should be redirected to get_started - TBC... | | Overview routes | OK | Redirected to /get_started | | | Timelines routes | OK | Redirected to /get_started | | ## Question: <img width="1227" alt="Screenshot 2025-04-24 at 15 20 52" src="https://github.com/user-attachments/assets/a57936b9-e954-43d8-a6d0-caf31508461c" /> Without `Cloud` Add-on - should we hide the cloud cards ? Eg. in `Complete` tier? ## Technical Details The `withSecurityRoutePageWrapper` HOC provides a consistent way to handle authorization, redirects, and page visibility across the Security Solution. This approach allows for more granular control over which pages are accessible based on user permissions and subscription tier, particularly important for the **AI for SOC** functionality. ## Testing - Verified that all Security Solution pages properly respect user permissions - Confirmed that unauthorized users are redirected appropriately Closes: elastic/security-team#12401 --------- Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com> Co-authored-by: Ashokaditya <ashokaditya@elastic.co>

kibanamachine · 2025-06-06T15:21:58Z

Starting backport for target branches: 8.19

https://github.com/elastic/kibana/actions/runs/15493992160

kibanamachine · 2025-06-06T15:22:03Z

Starting backport for target branches: 8.19

https://github.com/elastic/kibana/actions/runs/15493992158

kibanamachine · 2025-06-06T15:28:23Z

💔 All backports failed

Status	Branch	Result
❌	8.19	Backport failed because of merge conflicts You might need to backport the following PRs to 8.19: - [AI4DSOC] Change rules and alerts capabilities (#215148)

Manual backport

To create the backport manually run:

node scripts/backport --pr 219081

Questions ?

Please refer to the Backport tool documentation

kibanamachine · 2025-06-06T15:28:36Z

💔 All backports failed

Status	Branch	Result
❌	8.19	Backport failed because of merge conflicts You might need to backport the following PRs to 8.19: - [AI4DSOC] Change rules and alerts capabilities (#215148)

Manual backport

To create the backport manually run:

node scripts/backport --pr 219081

Questions ?

Please refer to the Backport tool documentation

kibanamachine · 2025-06-09T15:48:50Z

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219081 locally
cc: @ashokaditya

kibanamachine · 2025-06-10T16:49:04Z

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219081 locally
cc: @ashokaditya

kibanamachine · 2025-06-11T16:50:43Z

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219081 locally
cc: @ashokaditya

kibanamachine · 2025-06-12T18:01:45Z

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219081 locally
cc: @ashokaditya

kibanamachine · 2025-06-13T18:48:47Z

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add a backport:* label or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 219081 locally
cc: @ashokaditya

tomsonpl · 2025-06-16T09:37:52Z

💚 All backports created successfully

Status	Branch	Result
✅	8.19

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

## Summary This PR implements a mechanism to control visibility and access to Security Solution pages based on user access and PLIs. It replaces direct usage of the `SecurityRoutePageWrapper` component with the `withSecurityRoutePageWrapper` higher-order component across multiple route files in the Security Solution plugin. ## Changes - Added `cloudSecurityPosture` entry to the `SecurityPageName` enum in `deep_links.ts` - Replaced direct usage of `SecurityRoutePageWrapper` with `withSecurityRoutePageWrapper` HOC in: | Route | Complete | AiSoc | Comments | |-------------------------|----------|--------------------------------|----------------------| | Asset Inventory routes | OK | Redirected to /get_started | | | Assets routes | OK | OK | Should we hide this one? | | Cloud Security Posture | Redirected to /get_started | Redirected to /get_started | Redirected if there's no 'Cloud' Addon (even on Complete) | | Dashboards routes | OK | Redirected to /get_started | | | Exceptions routes | OK | Upselling | Upselling has priority over redirection | | Explore routes | OK | Redirected to /get_started | | | Investigations routes | OK | Redirected to /get_started | | | Notes routes | OK | Not Working | Should be redirected to get_started - TBC... | | Overview routes | OK | Redirected to /get_started | | | Timelines routes | OK | Redirected to /get_started | | ## Question: <img width="1227" alt="Screenshot 2025-04-24 at 15 20 52" src="https://github.com/user-attachments/assets/a57936b9-e954-43d8-a6d0-caf31508461c" /> Without `Cloud` Add-on - should we hide the cloud cards ? Eg. in `Complete` tier? ## Technical Details The `withSecurityRoutePageWrapper` HOC provides a consistent way to handle authorization, redirects, and page visibility across the Security Solution. This approach allows for more granular control over which pages are accessible based on user permissions and subscription tier, particularly important for the **AI for SOC** functionality. ## Testing - Verified that all Security Solution pages properly respect user permissions - Confirmed that unauthorized users are redirected appropriately Closes: elastic/security-team#12401 --------- Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com> Co-authored-by: Ashokaditya <ashokaditya@elastic.co> (cherry picked from commit 0a5120b) # Conflicts: # x-pack/solutions/security/plugins/security_solution/public/asset_inventory/links.ts # x-pack/solutions/security/plugins/security_solution/public/asset_inventory/routes.tsx # x-pack/solutions/security/plugins/security_solution/public/cloud_security_posture/routes.tsx # x-pack/solutions/security/plugins/security_solution/public/rules/routes.tsx # x-pack/test/security_solution_cypress/cypress/e2e/ai4dsoc/navigation/navigation.cy.ts

kibanamachine · 2025-06-16T18:49:46Z