[Stack Monitoring][Angular removal] Migrate access denied view

[estermv]

Migrate access denied view.

I'm not really sure when a user ends up on this page. I only saw it once and it was unintentional (I was navigating through SM and I got redirected to access denied, after few seconds I got redirected to the view where I was).

Based on the code, a user is redirected to this page when they receive a 403 from the server .
I've tried a few things to reproduce it:

• I tried to visit stack monitoring with a user that doesn't have the monitoring_user role -> I see this page, that is not implemented in stack monitoring:

• Remove the monitoring_user role from the user while I'm at stack monitoring -> I receive 404 from the server, so the user only sees toasts with an error.
• Visit directly /app/monitoring#/access_denied 😅 -> user is redirected to /app/monitoring#/home (and then to the overview page if they have only one cluster)

[elasticmachine]

Pinging @elastic/logs-metrics-ui (Team:logs-metrics-ui)

[simianhacker]

It looks like this happens when a 403 is caught by the error handler: https://github.com/elastic/kibana/blob/master/x-pack/plugins/monitoring/public/lib/ajax_error_handler.tsx#L39-L41

I'm assuming there are situations where the user will have a browser open for long periods of time and their login credentials expire.

[matschaffer]

I tried removing my session cookie to simulate what @simianhacker mentioned. The next refresh kicked me back to the login page when I was on #114029 - wondering if the error handling might fix this issue. Will check the role modifications.

[matschaffer]

After page refresh with a non-monitoring user worked as expected on monitoring home page

Trying to remove the role after page load next.

[matschaffer]

Removing mid-session on react just fails silently

[matschaffer]

Angular pops up a toast - so seems like there's still some work to do here

[matschaffer]

One thing I noticed that's a little weird on both the react and angular app is the "Go back" on the full page error. Looks like it just rewinds the history which might have more stack monitoring UI URLs.

Once you click it enough times to get back to something you have access to, you get a page. Same behavior between react/angular there

[matschaffer]

I'm not sure how we could get to /app/monitoring#/access_denied but indeed, angular has a page there

[simianhacker]

@matschaffer I added error handling in this PR: #114029

[matschaffer]

Yep, that's what I have running here (mentioned the same number in #111763 (comment)) - I'll comment here if I can figure out why the 404 toast isn't happening.