[Security Solution][Detections] Handle RBAC edge case for Related Integration on the FE side

x-pack/plugins/security_solution/public/detections/components/rules/related_integrations/utils.test.tsx → x-pack/plugins/security_solution/public/detections/components/rules/related_integrations/integration_details.test.ts

@@ -5,59 +5,25 @@
  * 2.0.
  */
 
-import {
-  integrationDetailsEnabled,
-  integrationDetailsInstalled,
-  integrationDetailsUninstalled,
-} from './mock';
-import { render } from '@testing-library/react';
-import { getInstalledRelatedIntegrations, getIntegrationLink } from './utils';
+import { calculateIntegrationDetails } from './integration_details';
+import { IntegrationPrivileges } from './integration_privileges';
 
-describe('Related Integrations Utilities', () => {
-  describe('#getIntegrationLink', () => {
-    describe('it returns a correctly formatted integrations link', () => {
-      test('given an uninstalled integrationDetails', () => {
-        const link = getIntegrationLink(integrationDetailsUninstalled, 'http://localhost');
-        const { container } = render(link);
+describe('Integration Details', () => {
+  describe('calculateIntegrationDetails', () => {
+    const stubPrivileges: IntegrationPrivileges = {
+      canReadInstalledIntegrations: true,
+    };
 
-        expect(container.firstChild).toHaveProperty(
-          'href',
-          'http://localhost/app/integrations/detail/test-1.2.3/overview?integration=integration'
-        );
-      });
-
-      test('given an installed integrationDetails', () => {
-        const link = getIntegrationLink(integrationDetailsInstalled, 'http://localhost');
-        const { container } = render(link);
-
-        expect(container.firstChild).toHaveProperty(
-          'href',
-          'http://localhost/app/integrations/detail/test-1.2.3/overview?integration=integration'
-        );
-      });
-
-      test('given an enabled integrationDetails with an unsatisfied version', () => {
-        const link = getIntegrationLink(integrationDetailsEnabled, 'http://localhost');
-        const { container } = render(link);
-
-        expect(container.firstChild).toHaveProperty(
-          'href',
-          'http://localhost/app/integrations/detail/test-1.3.3/overview?integration=integration'
-        );
-      });
-    });
-  });
-
-  describe('#getInstalledRelatedIntegrations', () => {
     test('it returns a the correct integrationDetails', () => {
-      const integrationDetails = getInstalledRelatedIntegrations([], []);
+      const integrationDetails = calculateIntegrationDetails(stubPrivileges, [], []);
 
       expect(integrationDetails.length).toEqual(0);
     });
 
     describe('version is correctly computed', () => {
       test('Unknown integration that does not exist', () => {
-        const integrationDetails = getInstalledRelatedIntegrations(
+        const integrationDetails = calculateIntegrationDetails(
+          stubPrivileges,
           [
             {
               package: 'foo1',
@@ -75,13 +41,14 @@ describe('Related Integrations Utilities', () => {
           []
         );
 
-        expect(integrationDetails[0].target_version).toEqual('1.2.3');
-        expect(integrationDetails[1].target_version).toEqual('1.2.3');
-        expect(integrationDetails[2].target_version).toEqual('1.2.0');
+        expect(integrationDetails[0].targetVersion).toEqual('1.2.3');
+        expect(integrationDetails[1].targetVersion).toEqual('1.2.3');
+        expect(integrationDetails[2].targetVersion).toEqual('1.2.0');
       });
 
       test('Integration that is not installed', () => {
-        const integrationDetails = getInstalledRelatedIntegrations(
+        const integrationDetails = calculateIntegrationDetails(
+          stubPrivileges,
           [
             {
               package: 'aws',
@@ -96,12 +63,13 @@ describe('Related Integrations Utilities', () => {
           []
         );
 
-        expect(integrationDetails[0].target_version).toEqual('1.2.3');
-        expect(integrationDetails[1].target_version).toEqual('1.2.3');
+        expect(integrationDetails[0].targetVersion).toEqual('1.2.3');
+        expect(integrationDetails[1].targetVersion).toEqual('1.2.3');
       });
 
       test('Integration that is installed, and its version matches required version', () => {
-        const integrationDetails = getInstalledRelatedIntegrations(
+        const integrationDetails = calculateIntegrationDetails(
+          stubPrivileges,
           [
             {
               package: 'aws',
@@ -131,15 +99,22 @@ describe('Related Integrations Utilities', () => {
           ]
         );
 
-        // Since version is satisfied, we check `package_version`
-        expect(integrationDetails[0].version_satisfied).toEqual(true);
-        expect(integrationDetails[0].package_version).toEqual('1.3.0');
-        expect(integrationDetails[1].version_satisfied).toEqual(true);
-        expect(integrationDetails[1].package_version).toEqual('1.2.5');
+        expect(integrationDetails[0].installationStatus.isKnown).toEqual(true);
+        if (integrationDetails[0].installationStatus.isKnown) {
+          expect(integrationDetails[0].installationStatus.isVersionMismatch).toEqual(false);
+          expect(integrationDetails[0].installationStatus.installedVersion).toEqual('1.3.0');
+        }
+
+        expect(integrationDetails[1].installationStatus.isKnown).toEqual(true);
+        if (integrationDetails[1].installationStatus.isKnown) {
+          expect(integrationDetails[1].installationStatus.isVersionMismatch).toEqual(false);
+          expect(integrationDetails[1].installationStatus.installedVersion).toEqual('1.2.5');
+        }
       });
 
       test('Integration that is installed, and its version is less than required version', () => {
-        const integrationDetails = getInstalledRelatedIntegrations(
+        const integrationDetails = calculateIntegrationDetails(
+          stubPrivileges,
           [
             {
               package: 'aws',
@@ -169,12 +144,13 @@ describe('Related Integrations Utilities', () => {
           ]
         );
 
-        expect(integrationDetails[0].target_version).toEqual('1.2.3');
-        expect(integrationDetails[1].target_version).toEqual('1.2.3');
+        expect(integrationDetails[0].targetVersion).toEqual('1.2.3');
+        expect(integrationDetails[1].targetVersion).toEqual('1.2.3');
       });
 
       test('Integration that is installed, and its version is greater than required version', () => {
-        const integrationDetails = getInstalledRelatedIntegrations(
+        const integrationDetails = calculateIntegrationDetails(
+          stubPrivileges,
           [
             {
               package: 'aws',
@@ -204,8 +180,8 @@ describe('Related Integrations Utilities', () => {
           ]
         );
 
-        expect(integrationDetails[0].target_version).toEqual('1.2.3');
-        expect(integrationDetails[1].target_version).toEqual('1.2.3');
+        expect(integrationDetails[0].targetVersion).toEqual('1.2.3');
+        expect(integrationDetails[1].targetVersion).toEqual('1.2.3');
       });
     });
   });

x-pack/plugins/security_solution/public/detections/components/rules/related_integrations/integration_details.ts

@@ -0,0 +1,195 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { capitalize } from 'lodash';
+import semver from 'semver';
+import {
+  InstalledIntegration,
+  InstalledIntegrationArray,
+  RelatedIntegration,
+  RelatedIntegrationArray,
+} from '../../../../../common/detection_engine/schemas/common';
+import { IntegrationPrivileges } from './integration_privileges';
+
+export interface IntegrationDetails {
+  packageName: string;
+  integrationName: string | null;
+  integrationTitle: string;
+
+  requiredVersion: string;
+  targetVersion: string;
+  targetUrl: string;
+
+  installationStatus: KnownInstallationStatus | UnknownInstallationStatus;
+}
+
+export interface KnownInstallationStatus {
+  isKnown: true;
+  isInstalled: boolean;
+  isEnabled: boolean;
+  isVersionMismatch: boolean;
+  installedVersion: string;
+}
+
+export interface UnknownInstallationStatus {
+  isKnown: false;
+}
+
+/**
+ * Given an array of integrations and an array of installed integrations this will return an
+ * array of integrations augmented with install details like targetVersion, and `version_satisfied`
+ * has.
+ */
+export const calculateIntegrationDetails = (
+  privileges: IntegrationPrivileges,
+  relatedIntegrations: RelatedIntegrationArray,
+  installedIntegrations: InstalledIntegrationArray | undefined
+): IntegrationDetails[] => {
+  const integrationMatches = findIntegrationMatches(relatedIntegrations, installedIntegrations);
+  const integrationDetails = integrationMatches.map((integration) => {
+    return createIntegrationDetails(integration, privileges);
+  });
+
+  return integrationDetails.sort((a, b) => {
+    return a.integrationTitle.localeCompare(b.integrationTitle);
+  });
+};
+
+interface IntegrationMatch {
+  related: RelatedIntegration;
+  installed: InstalledIntegration | null;
+  isLoaded: boolean;
+}
+
+const findIntegrationMatches = (
+  relatedIntegrations: RelatedIntegrationArray,
+  installedIntegrations: InstalledIntegrationArray | undefined
+): IntegrationMatch[] => {
+  return relatedIntegrations.map((ri: RelatedIntegration) => {
+    if (installedIntegrations == null) {
+      return {
+        related: ri,
+        installed: null,
+        isLoaded: false,
+      };
+    } else {
+      const match = installedIntegrations.find(
+        (ii: InstalledIntegration) =>
+          ii.package_name === ri.package && ii?.integration_name === ri?.integration
+      );
+      return {
+        related: ri,
+        installed: match ?? null,
+        isLoaded: true,
+      };
+    }
+  });
+};
+
+const createIntegrationDetails = (
+  integration: IntegrationMatch,
+  privileges: IntegrationPrivileges
+): IntegrationDetails => {
+  const { related, installed, isLoaded } = integration;
+  const { canReadInstalledIntegrations } = privileges;
+
+  const packageName = related.package;
+  const integrationName = related.integration ?? null;
+  const requiredVersion = related.version;
+
+  // We don't know whether the integration is installed or not.
+  if (!canReadInstalledIntegrations || !isLoaded) {
+    const integrationTitle = getCapitalizedTitle(packageName, integrationName);
+    const targetVersion = getMinimumConcreteVersionMatchingSemver(requiredVersion);
+    const targetUrl = buildTargetUrl(packageName, integrationName, targetVersion);
+
+    return {
+      packageName,
+      integrationName,
+      integrationTitle,
+      requiredVersion,
+      targetVersion,
+      targetUrl,
+      installationStatus: {
+        isKnown: false,
+      },
+    };
+  }
+
+  // We know that the integration is not installed
+  if (installed == null) {
+    const integrationTitle = getCapitalizedTitle(packageName, integrationName);
+    const targetVersion = getMinimumConcreteVersionMatchingSemver(requiredVersion);
+    const targetUrl = buildTargetUrl(packageName, integrationName, targetVersion);
+
+    return {
+      packageName,
+      integrationName,
+      integrationTitle,
+      requiredVersion,
+      targetVersion,
+      targetUrl,
+      installationStatus: {
+        isKnown: true,
+        isInstalled: false,
+        isEnabled: false,
+        isVersionMismatch: false,
+        installedVersion: '',
+      },
+    };
+  }
+
+  // We know that the integration is installed
+  {
+    const integrationTitle = installed.integration_title ?? installed.package_title;
+
+    // Version check e.g. installed version `1.2.3` satisfies required version `~1.2.1`
+    const installedVersion = installed.package_version;
+    const isVersionSatisfied = semver.satisfies(installedVersion, requiredVersion);
+    const targetVersion = isVersionSatisfied
+      ? installedVersion
+      : getMinimumConcreteVersionMatchingSemver(requiredVersion);
+
+    const targetUrl = buildTargetUrl(packageName, integrationName, targetVersion);
+
+    return {
+      packageName,
+      integrationName,
+      integrationTitle,
+      requiredVersion,
+      targetVersion,
+      targetUrl,
+      installationStatus: {
+        isKnown: true,
+        isInstalled: true,
+        isEnabled: installed.is_enabled,
+        isVersionMismatch: !isVersionSatisfied,
+        installedVersion,
+      },
+    };
+  }
+};
+
+const getCapitalizedTitle = (packageName: string, integrationName: string | null): string => {
+  return integrationName == null
+    ? `${capitalize(packageName)}`
+    : `${capitalize(packageName)} ${capitalize(integrationName)}`;
+};
+
+const getMinimumConcreteVersionMatchingSemver = (semverString: string): string => {
+  return semver.valid(semver.coerce(semverString)) ?? '';
+};
+
+const buildTargetUrl = (
+  packageName: string,
+  integrationName: string | null,
+  targetVersion: string
+): string => {
+  const packageSegment = targetVersion ? `${packageName}-${targetVersion}` : packageName;
+  const query = integrationName ? `?integration=${integrationName}` : '';
+  return `app/integrations/detail/${packageSegment}/overview${query}`;
+};

x-pack/plugins/security_solution/public/detections/components/rules/related_integrations/integration_privileges.ts

@@ -0,0 +1,10 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export interface IntegrationPrivileges {
+  canReadInstalledIntegrations: boolean;
+}