[8.x] [Cases] [Security Solution] New cases subfeatures, add comments and reopen cases (#194898)

packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml

@@ -46,7 +46,7 @@ viewer:
         - feature_siem.read
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
-        - feature_securitySolutionCases.read
+        - feature_securitySolutionCasesV2.read
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.read
@@ -126,7 +126,7 @@ editor:
         - feature_siem.process_operations_all
         - feature_siem.actions_log_management_all # Response actions history
         - feature_siem.file_operations_all
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.read
@@ -175,7 +175,7 @@ t1_analyst:
         - feature_siem.read
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
-        - feature_securitySolutionCases.read
+        - feature_securitySolutionCasesV2.read
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.read
@@ -230,7 +230,7 @@ t2_analyst:
         - feature_siem.read
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.read
@@ -300,7 +300,7 @@ t3_analyst:
         - feature_siem.actions_log_management_all # Response actions history
         - feature_siem.file_operations_all
         - feature_siem.scan_operations_all
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.read
@@ -362,7 +362,7 @@ threat_intelligence_analyst:
         - feature_siem.all
         - feature_siem.endpoint_list_read
         - feature_siem.blocklist_all
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.read
@@ -430,7 +430,7 @@ rule_author:
         - feature_siem.host_isolation_exceptions_read
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_siem.actions_log_management_read
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.read
@@ -502,7 +502,7 @@ soc_manager:
         - feature_siem.file_operations_all
         - feature_siem.execute_operations_all
         - feature_siem.scan_operations_all
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.all
@@ -562,7 +562,7 @@ detections_admin:
         - feature_siem.all
         - feature_siem.read_alerts
         - feature_siem.crud_alerts
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.all
@@ -621,7 +621,7 @@ platform_engineer:
         - feature_siem.host_isolation_exceptions_all
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_siem.actions_log_management_read
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.all
@@ -694,7 +694,7 @@ endpoint_operations_analyst:
         - feature_siem.file_operations_all
         - feature_siem.execute_operations_all
         - feature_siem.scan_operations_all
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.all
@@ -769,7 +769,7 @@ endpoint_policy_manager:
         - feature_siem.event_filters_all
         - feature_siem.host_isolation_exceptions_all
         - feature_siem.blocklist_all # Elastic Defend Policy Management
-        - feature_securitySolutionCases.all
+        - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
         - feature_actions.all

packages/kbn-es/src/serverless_resources/security_roles.json

@@ -35,7 +35,7 @@
           "siem": ["read", "read_alerts"],
           "securitySolutionAssistant": ["all"],
           "securitySolutionAttackDiscovery": ["all"],
-          "securitySolutionCases": ["read"],
+          "securitySolutionCasesV2": ["read"],
           "actions": ["read"],
           "builtInAlerts": ["read"]
         },
@@ -82,7 +82,7 @@
           "siem": ["read", "read_alerts"],
           "securitySolutionAssistant": ["all"],
           "securitySolutionAttackDiscovery": ["all"],
-          "securitySolutionCases": ["read"],
+          "securitySolutionCasesV2": ["read"],
           "actions": ["read"],
           "builtInAlerts": ["read"]
         },
@@ -150,7 +150,7 @@
             "actions_log_management_all",
             "file_operations_all"
           ],
-          "securitySolutionCases": ["all"],
+          "securitySolutionCasesV2": ["all"],
           "securitySolutionAssistant": ["all"],
           "securitySolutionAttackDiscovery": ["all"],
           "actions": ["read"],
@@ -210,7 +210,7 @@
           "siem": ["all", "read_alerts", "crud_alerts"],
           "securitySolutionAssistant": ["all"],
           "securitySolutionAttackDiscovery": ["all"],
-          "securitySolutionCases": ["all"],
+          "securitySolutionCasesV2": ["all"],
           "actions": ["read"],
           "builtInAlerts": ["all"]
         },
@@ -263,7 +263,7 @@
           "siem": ["all", "read_alerts", "crud_alerts"],
           "securitySolutionAssistant": ["all"],
           "securitySolutionAttackDiscovery": ["all"],
-          "securitySolutionCases": ["all"],
+          "securitySolutionCasesV2": ["all"],
           "actions": ["all"],
           "builtInAlerts": ["all"]
         },
@@ -311,7 +311,7 @@
           "siem": ["all", "read_alerts", "crud_alerts"],
           "securitySolutionAssistant": ["all"],
           "securitySolutionAttackDiscovery": ["all"],
-          "securitySolutionCases": ["all"],
+          "securitySolutionCasesV2": ["all"],
           "actions": ["read"],
           "builtInAlerts": ["all"],
           "dev_tools": ["all"]
@@ -366,7 +366,7 @@
           "siem": ["all", "read_alerts", "crud_alerts"],
           "securitySolutionAssistant": ["all"],
           "securitySolutionAttackDiscovery": ["all"],
-          "securitySolutionCases": ["all"],
+          "securitySolutionCasesV2": ["all"],
           "actions": ["all"],
           "builtInAlerts": ["all"]
         },

x-pack/packages/security-solution/features/product_features.ts

@@ -6,6 +6,6 @@
  */
 
 export { getSecurityFeature } from './src/security';
-export { getCasesFeature } from './src/cases';
+export { getCasesFeature, getCasesV2Feature } from './src/cases';
 export { getAssistantFeature } from './src/assistant';
 export { getAttackDiscoveryFeature } from './src/attack_discovery';

x-pack/packages/security-solution/features/src/cases/index.ts

@@ -6,14 +6,33 @@
  */
 import type { CasesSubFeatureId } from '../product_features_keys';
 import type { ProductFeatureParams } from '../types';
-import { getCasesBaseKibanaFeature } from './kibana_features';
-import { getCasesBaseKibanaSubFeatureIds, getCasesSubFeaturesMap } from './kibana_sub_features';
+import { getCasesBaseKibanaFeature } from './v1_features/kibana_features';
+import {
+  getCasesBaseKibanaSubFeatureIds,
+  getCasesSubFeaturesMap,
+} from './v1_features/kibana_sub_features';
 import type { CasesFeatureParams } from './types';
+import { getCasesBaseKibanaFeatureV2 } from './v2_features/kibana_features';
+import {
+  getCasesBaseKibanaSubFeatureIdsV2,
+  getCasesSubFeaturesMapV2,
+} from './v2_features/kibana_sub_features';
 
+/**
+ * @deprecated Use getCasesV2Feature instead
+ */
 export const getCasesFeature = (
   params: CasesFeatureParams
 ): ProductFeatureParams<CasesSubFeatureId> => ({
   baseKibanaFeature: getCasesBaseKibanaFeature(params),
   baseKibanaSubFeatureIds: getCasesBaseKibanaSubFeatureIds(),
   subFeaturesMap: getCasesSubFeaturesMap(params),
 });
+
+export const getCasesV2Feature = (
+  params: CasesFeatureParams
+): ProductFeatureParams<CasesSubFeatureId> => ({
+  baseKibanaFeature: getCasesBaseKibanaFeatureV2(params),
+  baseKibanaSubFeatureIds: getCasesBaseKibanaSubFeatureIdsV2(),
+  subFeaturesMap: getCasesSubFeaturesMapV2(params),
+});

x-pack/packages/security-solution/features/src/cases/types.ts

@@ -4,7 +4,6 @@
  * 2.0; you may not use this file except in compliance with the Elastic License
  * 2.0.
  */
-
 import type { CasesUiCapabilities, CasesApiTags } from '@kbn/cases-plugin/common';
 import type { ProductFeatureCasesKey, CasesSubFeatureId } from '../product_features_keys';
 import type { ProductFeatureKibanaConfig } from '../types';

x-pack/packages/security-solution/features/src/cases/v1_features/kibana_features.ts

@@ -0,0 +1,98 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { i18n } from '@kbn/i18n';
+
+import { DEFAULT_APP_CATEGORIES } from '@kbn/core-application-common';
+import { KibanaFeatureScope } from '@kbn/features-plugin/common';
+import type { BaseKibanaFeatureConfig } from '../../types';
+import { APP_ID, CASES_FEATURE_ID, CASES_FEATURE_ID_V2 } from '../../constants';
+import type { CasesFeatureParams } from '../types';
+
+/**
+ * @deprecated Use getCasesBaseKibanaFeatureV2 instead
+ */
+export const getCasesBaseKibanaFeature = ({
+  uiCapabilities,
+  apiTags,
+  savedObjects,
+}: CasesFeatureParams): BaseKibanaFeatureConfig => {
+  return {
+    deprecated: {
+      notice: i18n.translate(
+        'securitySolutionPackages.features.featureRegistry.linkSecuritySolutionCase.deprecationMessage',
+        {
+          defaultMessage:
+            'The {currentId} permissions are deprecated, please see {casesFeatureIdV2}.',
+          values: {
+            currentId: CASES_FEATURE_ID,
+            casesFeatureIdV2: CASES_FEATURE_ID_V2,
+          },
+        }
+      ),
+    },
+    id: CASES_FEATURE_ID,
+    name: i18n.translate(
+      'securitySolutionPackages.features.featureRegistry.linkSecuritySolutionCaseTitleDeprecated',
+      {
+        defaultMessage: 'Cases (Deprecated)',
+      }
+    ),
+    order: 1100,
+    category: DEFAULT_APP_CATEGORIES.security,
+    scope: [KibanaFeatureScope.Spaces, KibanaFeatureScope.Security],
+    app: [CASES_FEATURE_ID, 'kibana'],
+    catalogue: [APP_ID],
+    cases: [APP_ID],
+    privileges: {
+      all: {
+        api: [...apiTags.all, ...apiTags.createComment],
+        app: [CASES_FEATURE_ID, 'kibana'],
+        catalogue: [APP_ID],
+        cases: {
+          create: [APP_ID],
+          read: [APP_ID],
+          update: [APP_ID],
+          push: [APP_ID],
+          createComment: [APP_ID],
+          reopenCase: [APP_ID],
+        },
+        savedObject: {
+          all: [...savedObjects.files],
+          read: [...savedObjects.files],
+        },
+        ui: uiCapabilities.all,
+        replacedBy: {
+          default: [{ feature: CASES_FEATURE_ID_V2, privileges: ['all'] }],
+          minimal: [
+            {
+              feature: CASES_FEATURE_ID_V2,
+              privileges: ['minimal_all', 'create_comment', 'case_reopen'],
+            },
+          ],
+        },
+      },
+      read: {
+        api: apiTags.read,
+        app: [CASES_FEATURE_ID, 'kibana'],
+        catalogue: [APP_ID],
+        cases: {
+          read: [APP_ID],
+        },
+        savedObject: {
+          all: [],
+          read: [...savedObjects.files],
+        },
+        ui: uiCapabilities.read,
+        replacedBy: {
+          default: [{ feature: CASES_FEATURE_ID_V2, privileges: ['read'] }],
+          minimal: [{ feature: CASES_FEATURE_ID_V2, privileges: ['minimal_read'] }],
+        },
+      },
+    },
+  };
+};

x-pack/packages/security-solution/features/src/cases/kibana_sub_features.ts → x-pack/packages/security-solution/features/src/cases/v1_features/kibana_sub_features.ts

@@ -7,9 +7,9 @@
 
 import { i18n } from '@kbn/i18n';
 import type { SubFeatureConfig } from '@kbn/features-plugin/common';
-import { CasesSubFeatureId } from '../product_features_keys';
-import { APP_ID } from '../constants';
-import type { CasesFeatureParams } from './types';
+import { CasesSubFeatureId } from '../../product_features_keys';
+import { APP_ID, CASES_FEATURE_ID_V2 } from '../../constants';
+import type { CasesFeatureParams } from '../types';
 
 /**
  * Sub-features that will always be available for Security Cases
@@ -21,7 +21,8 @@ export const getCasesBaseKibanaSubFeatureIds = (): CasesSubFeatureId[] => [
 ];
 
 /**
- * Defines all the Security Assistant subFeatures available.
+ * @deprecated Use getCasesSubFeaturesMapV2 instead
+ * @description - Defines all the Security Solution Cases available.
  * The order of the subFeatures is the order they will be displayed
  */
 export const getCasesSubFeaturesMap = ({
@@ -55,6 +56,7 @@ export const getCasesSubFeaturesMap = ({
               delete: [APP_ID],
             },
             ui: uiCapabilities.delete,
+            replacedBy: [{ feature: CASES_FEATURE_ID_V2, privileges: ['cases_delete'] }],
           },
         ],
       },
@@ -89,6 +91,7 @@ export const getCasesSubFeaturesMap = ({
               settings: [APP_ID],
             },
             ui: uiCapabilities.settings,
+            replacedBy: [{ feature: CASES_FEATURE_ID_V2, privileges: ['cases_settings'] }],
           },
         ],
       },

x-pack/packages/security-solution/features/src/cases/v1_features/types.ts

@@ -0,0 +1,14 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { ProductFeatureCasesKey, CasesSubFeatureId } from '../../product_features_keys';
+import type { ProductFeatureKibanaConfig } from '../../types';
+
+export type DefaultCasesProductFeaturesConfig = Record<
+  ProductFeatureCasesKey,
+  ProductFeatureKibanaConfig<CasesSubFeatureId>
+>;