[8.11] [Security Solution][Investigations] - Add check for changing a…

…lert status from bulk options (#170584) (#170780)

# Backport

This will backport the following commits from `main` to `8.11`:
- [[Security Solution][Investigations] - Add check for changing alert
status from bulk options
(#170584)](#170584)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Michael
Olorunnisola","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-11-07T17:01:23Z","message":"[Security
Solution][Investigations] - Add check for changing alert status from
bulk options (#170584)\n\n## Summary\r\nAddresses
https://github.com/elastic/kibana/issues/169684\r\n\r\nThis PR is a
re-do of: https://github.com/elastic/kibana/pull/169723\r\n(With cypress
tests currently skipped until proper role is available).\r\nThe alert
privileges needs to be added for the alert table as it wasn't\r\nadded
when the migration took place. An example of the privileges\r\nelsewhere
is
below:\r\n\r\nhttps://github.com/elastic/kibana/blob/75e9d46b4b3a6ff5be4ffc324ba282cea0faea0c/x-pack/plugins/security_solution/public/detections/components/alerts_table/timeline_actions/use_alerts_actions.tsx#L33\r\n\r\n\r\nFix:\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/17211684/7b354906-9b96-4ba8-b30f-4080cf7e7c2f\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<[email protected]>","sha":"36515713a69f6021db8b959b95f7a8ff851b0aa7","branchLabelMapping":{"^v8.12.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Threat
Hunting:Investigations","v8.12.0","v8.11.1","v8.10.5"],"number":170584,"url":"https://github.com/elastic/kibana/pull/170584","mergeCommit":{"message":"[Security
Solution][Investigations] - Add check for changing alert status from
bulk options (#170584)\n\n## Summary\r\nAddresses
https://github.com/elastic/kibana/issues/169684\r\n\r\nThis PR is a
re-do of: https://github.com/elastic/kibana/pull/169723\r\n(With cypress
tests currently skipped until proper role is available).\r\nThe alert
privileges needs to be added for the alert table as it wasn't\r\nadded
when the migration took place. An example of the privileges\r\nelsewhere
is
below:\r\n\r\nhttps://github.com/elastic/kibana/blob/75e9d46b4b3a6ff5be4ffc324ba282cea0faea0c/x-pack/plugins/security_solution/public/detections/components/alerts_table/timeline_actions/use_alerts_actions.tsx#L33\r\n\r\n\r\nFix:\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/17211684/7b354906-9b96-4ba8-b30f-4080cf7e7c2f\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<[email protected]>","sha":"36515713a69f6021db8b959b95f7a8ff851b0aa7"}},"sourceBranch":"main","suggestedTargetBranches":["8.11","8.10"],"targetPullRequestStates":[{"branch":"main","label":"v8.12.0","labelRegex":"^v8.12.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/170584","number":170584,"mergeCommit":{"message":"[Security
Solution][Investigations] - Add check for changing alert status from
bulk options (#170584)\n\n## Summary\r\nAddresses
https://github.com/elastic/kibana/issues/169684\r\n\r\nThis PR is a
re-do of: https://github.com/elastic/kibana/pull/169723\r\n(With cypress
tests currently skipped until proper role is available).\r\nThe alert
privileges needs to be added for the alert table as it wasn't\r\nadded
when the migration took place. An example of the privileges\r\nelsewhere
is
below:\r\n\r\nhttps://github.com/elastic/kibana/blob/75e9d46b4b3a6ff5be4ffc324ba282cea0faea0c/x-pack/plugins/security_solution/public/detections/components/alerts_table/timeline_actions/use_alerts_actions.tsx#L33\r\n\r\n\r\nFix:\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/17211684/7b354906-9b96-4ba8-b30f-4080cf7e7c2f\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<[email protected]>","sha":"36515713a69f6021db8b959b95f7a8ff851b0aa7"}},{"branch":"8.11","label":"v8.11.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.10","label":"v8.10.5","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Kibana Machine <[email protected]>

x-pack/plugins/security_solution/public/common/components/toolbar/bulk_actions/use_bulk_alert_tags_items.test.tsx

@@ -19,6 +19,12 @@ import { useUiSetting$ } from '../../../lib/kibana';
 
 jest.mock('./use_set_alert_tags');
 jest.mock('../../../lib/kibana');
+jest.mock(
+  '../../../../detections/containers/detection_engine/alerts/use_alerts_privileges',
+  () => ({
+    useAlertsPrivileges: jest.fn().mockReturnValue({ hasIndexWrite: true }),
+  })
+);
 
 const defaultProps: UseBulkAlertTagsItemsProps = {
   refetch: () => {},

x-pack/plugins/security_solution/public/common/components/toolbar/bulk_actions/use_bulk_alert_tags_items.tsx

@@ -8,6 +8,7 @@
 import { EuiFlexGroup, EuiIconTip, EuiFlexItem } from '@elastic/eui';
 import type { RenderContentPanelProps } from '@kbn/triggers-actions-ui-plugin/public/types';
 import React, { useCallback, useMemo } from 'react';
+import { useAlertsPrivileges } from '../../../../detections/containers/detection_engine/alerts/use_alerts_privileges';
 import { BulkAlertTagsPanel } from './alert_bulk_tags';
 import * as i18n from './translations';
 import { useSetAlertTags } from './use_set_alert_tags';
@@ -24,6 +25,7 @@ export interface UseBulkAlertTagsPanel {
 }
 
 export const useBulkAlertTagsItems = ({ refetch }: UseBulkAlertTagsItemsProps) => {
+  const { hasIndexWrite } = useAlertsPrivileges();
   const setAlertTags = useSetAlertTags();
   const handleOnAlertTagsSubmit = useCallback(
     async (tags, ids, onSuccess, setIsLoading) => {
@@ -34,16 +36,22 @@ export const useBulkAlertTagsItems = ({ refetch }: UseBulkAlertTagsItemsProps) =
     [setAlertTags]
   );
 
-  const alertTagsItems = [
-    {
-      key: 'manage-alert-tags',
-      'data-test-subj': 'alert-tags-context-menu-item',
-      name: i18n.ALERT_TAGS_CONTEXT_MENU_ITEM_TITLE,
-      panel: 1,
-      label: i18n.ALERT_TAGS_CONTEXT_MENU_ITEM_TITLE,
-      disableOnQuery: true,
-    },
-  ];
+  const alertTagsItems = useMemo(
+    () =>
+      hasIndexWrite
+        ? [
+            {
+              key: 'manage-alert-tags',
+              'data-test-subj': 'alert-tags-context-menu-item',
+              name: i18n.ALERT_TAGS_CONTEXT_MENU_ITEM_TITLE,
+              panel: 1,
+              label: i18n.ALERT_TAGS_CONTEXT_MENU_ITEM_TITLE,
+              disableOnQuery: true,
+            },
+          ]
+        : [],
+    [hasIndexWrite]
+  );
 
   const TitleContent = useMemo(
     () => (
@@ -79,15 +87,18 @@ export const useBulkAlertTagsItems = ({ refetch }: UseBulkAlertTagsItemsProps) =
   );
 
   const alertTagsPanels: UseBulkAlertTagsPanel[] = useMemo(
-    () => [
-      {
-        id: 1,
-        title: TitleContent,
-        'data-test-subj': 'alert-tags-context-menu-panel',
-        renderContent,
-      },
-    ],
-    [TitleContent, renderContent]
+    () =>
+      hasIndexWrite
+        ? [
+            {
+              id: 1,
+              title: TitleContent,
+              'data-test-subj': 'alert-tags-context-menu-panel',
+              renderContent,
+            },
+          ]
+        : [],
+    [TitleContent, hasIndexWrite, renderContent]
   );
 
   return {

x-pack/plugins/security_solution/public/detections/hooks/trigger_actions_alert_table/use_alert_actions.tsx

@@ -19,6 +19,7 @@ import type { AlertWorkflowStatus } from '../../../common/types';
 import { FILTER_CLOSED, FILTER_OPEN, FILTER_ACKNOWLEDGED } from '../../../../common/types';
 import * as i18n from '../translations';
 import { buildTimeRangeFilter } from '../../components/alerts_table/helpers';
+import { useAlertsPrivileges } from '../../containers/detection_engine/alerts/use_alerts_privileges';
 
 interface UseBulkAlertActionItemsArgs {
   /* Table ID for which this hook is being used */
@@ -41,6 +42,7 @@ export const useBulkAlertActionItems = ({
   to,
   refetch: refetchProp,
 }: UseBulkAlertActionItemsArgs) => {
+  const { hasIndexWrite } = useAlertsPrivileges();
   const { startTransaction } = useStartTransaction();
 
   const { addSuccess, addError, addWarning } = useAppToasts();
@@ -172,7 +174,9 @@ export const useBulkAlertActionItems = ({
     [getOnAction]
   );
 
-  return [FILTER_OPEN, FILTER_CLOSED, FILTER_ACKNOWLEDGED].map((status) =>
-    getUpdateAlertStatusAction(status as AlertWorkflowStatus)
-  );
+  return hasIndexWrite
+    ? [FILTER_OPEN, FILTER_CLOSED, FILTER_ACKNOWLEDGED].map((status) =>
+        getUpdateAlertStatusAction(status as AlertWorkflowStatus)
+      )
+    : [];
 };