Skip to content

Comments

[8.19] [AI4DSOC] Hide security solution pages (#219081)#224034

Merged
tomsonpl merged 4 commits intoelastic:8.19from
tomsonpl:backport/8.19/pr-219081
Jun 24, 2025
Merged

[8.19] [AI4DSOC] Hide security solution pages (#219081)#224034
tomsonpl merged 4 commits intoelastic:8.19from
tomsonpl:backport/8.19/pr-219081

Conversation

@tomsonpl
Copy link
Contributor

Backport

This will backport the following commits from main to 8.19:

Questions ?

Please refer to the Backport tool documentation

## Summary

This PR implements a mechanism to control visibility and access to
Security Solution pages based on user access and PLIs.
It replaces direct usage of the `SecurityRoutePageWrapper` component
with the `withSecurityRoutePageWrapper` higher-order component across
multiple route files in the Security Solution plugin.

## Changes

- Added `cloudSecurityPosture` entry to the `SecurityPageName` enum in
`deep_links.ts`
- Replaced direct usage of `SecurityRoutePageWrapper` with
`withSecurityRoutePageWrapper` HOC in:

| Route | Complete | AiSoc | Comments |

|-------------------------|----------|--------------------------------|----------------------|
| Asset Inventory routes | OK | Redirected to /get_started | |
| Assets routes | OK | OK | Should we hide this one? |
| Cloud Security Posture | Redirected to /get_started | Redirected to
/get_started | Redirected if there's no 'Cloud' Addon (even on Complete)
|
| Dashboards routes | OK | Redirected to /get_started | |
| Exceptions routes | OK | Upselling | Upselling has priority over
redirection |
| Explore routes | OK | Redirected to /get_started | |
| Investigations routes | OK | Redirected to /get_started | |
| Notes routes | OK | Not Working | Should be redirected to get_started
- TBC... |
| Overview routes | OK | Redirected to /get_started | |
| Timelines routes | OK | Redirected to /get_started | |

## Question:
<img width="1227" alt="Screenshot 2025-04-24 at 15 20 52"
src="https://github.com/user-attachments/assets/a57936b9-e954-43d8-a6d0-caf31508461c"
/>
Without `Cloud` Add-on - should we hide the cloud cards ? Eg. in
`Complete` tier?

## Technical Details

The `withSecurityRoutePageWrapper` HOC provides a consistent way to
handle authorization, redirects, and page visibility across the Security
Solution.
This approach allows for more granular control over which pages are
accessible based on user permissions and subscription tier, particularly
important for the **AI for SOC** functionality.

## Testing

- Verified that all Security Solution pages properly respect user
permissions
- Confirmed that unauthorized users are redirected appropriately

Closes: elastic/security-team#12401

---------

Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>
Co-authored-by: Ashokaditya <ashokaditya@elastic.co>
(cherry picked from commit 0a5120b)

# Conflicts:
#	x-pack/solutions/security/plugins/security_solution/public/asset_inventory/links.ts
#	x-pack/solutions/security/plugins/security_solution/public/asset_inventory/routes.tsx
#	x-pack/solutions/security/plugins/security_solution/public/cloud_security_posture/routes.tsx
#	x-pack/solutions/security/plugins/security_solution/public/rules/routes.tsx
#	x-pack/test/security_solution_cypress/cypress/e2e/ai4dsoc/navigation/navigation.cy.ts
@tomsonpl tomsonpl requested a review from kibanamachine as a code owner June 16, 2025 09:37
@tomsonpl tomsonpl added the backport This PR is a backport of another PR label Jun 16, 2025
@tomsonpl tomsonpl enabled auto-merge (squash) June 16, 2025 09:37
@tomsonpl tomsonpl disabled auto-merge June 16, 2025 09:37
@tomsonpl tomsonpl self-assigned this Jun 16, 2025
@elasticmachine
Copy link
Contributor

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] Jest Tests #5 / Category can submit without setting a category

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 9.5MB 9.5MB -192.0B

History

cc @tomsonpl

@tomsonpl tomsonpl enabled auto-merge (squash) June 24, 2025 14:34
@tomsonpl tomsonpl requested a review from semd June 24, 2025 14:34
@tomsonpl
Copy link
Contributor Author

@semd hey 👋 could you take a look at this one? backporting to 8.19 - thanks!

@tomsonpl tomsonpl merged commit 3240b7b into elastic:8.19 Jun 24, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backport This PR is a backport of another PR

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants