[8.19] [AI4DSOC] Hide security solution pages (#219081)#224034
Merged
tomsonpl merged 4 commits intoelastic:8.19from Jun 24, 2025
Merged
[8.19] [AI4DSOC] Hide security solution pages (#219081)#224034tomsonpl merged 4 commits intoelastic:8.19from
tomsonpl merged 4 commits intoelastic:8.19from
Conversation
## Summary This PR implements a mechanism to control visibility and access to Security Solution pages based on user access and PLIs. It replaces direct usage of the `SecurityRoutePageWrapper` component with the `withSecurityRoutePageWrapper` higher-order component across multiple route files in the Security Solution plugin. ## Changes - Added `cloudSecurityPosture` entry to the `SecurityPageName` enum in `deep_links.ts` - Replaced direct usage of `SecurityRoutePageWrapper` with `withSecurityRoutePageWrapper` HOC in: | Route | Complete | AiSoc | Comments | |-------------------------|----------|--------------------------------|----------------------| | Asset Inventory routes | OK | Redirected to /get_started | | | Assets routes | OK | OK | Should we hide this one? | | Cloud Security Posture | Redirected to /get_started | Redirected to /get_started | Redirected if there's no 'Cloud' Addon (even on Complete) | | Dashboards routes | OK | Redirected to /get_started | | | Exceptions routes | OK | Upselling | Upselling has priority over redirection | | Explore routes | OK | Redirected to /get_started | | | Investigations routes | OK | Redirected to /get_started | | | Notes routes | OK | Not Working | Should be redirected to get_started - TBC... | | Overview routes | OK | Redirected to /get_started | | | Timelines routes | OK | Redirected to /get_started | | ## Question: <img width="1227" alt="Screenshot 2025-04-24 at 15 20 52" src="https://github.com/user-attachments/assets/a57936b9-e954-43d8-a6d0-caf31508461c" /> Without `Cloud` Add-on - should we hide the cloud cards ? Eg. in `Complete` tier? ## Technical Details The `withSecurityRoutePageWrapper` HOC provides a consistent way to handle authorization, redirects, and page visibility across the Security Solution. This approach allows for more granular control over which pages are accessible based on user permissions and subscription tier, particularly important for the **AI for SOC** functionality. ## Testing - Verified that all Security Solution pages properly respect user permissions - Confirmed that unauthorized users are redirected appropriately Closes: elastic/security-team#12401 --------- Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com> Co-authored-by: Ashokaditya <ashokaditya@elastic.co> (cherry picked from commit 0a5120b) # Conflicts: # x-pack/solutions/security/plugins/security_solution/public/asset_inventory/links.ts # x-pack/solutions/security/plugins/security_solution/public/asset_inventory/routes.tsx # x-pack/solutions/security/plugins/security_solution/public/cloud_security_posture/routes.tsx # x-pack/solutions/security/plugins/security_solution/public/rules/routes.tsx # x-pack/test/security_solution_cypress/cypress/e2e/ai4dsoc/navigation/navigation.cy.ts
Contributor
💛 Build succeeded, but was flaky
Failed CI StepsTest FailuresMetrics [docs]Async chunks
History
cc @tomsonpl |
Contributor
Author
|
@semd hey 👋 could you take a look at this one? backporting to 8.19 - thanks! |
szwarckonrad
approved these changes
Jun 24, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport
This will backport the following commits from
mainto8.19:Questions ?
Please refer to the Backport tool documentation