[Cases] Cases assignees sub feature (elastic#201654)

## Summary

This pr implements a new cases assignee sub-feature, allowing users to
control a role's ability to change the assignee of a case. With the
permission enabled, they can assign any user to any case, with it
disabled, the assignees component is hidden.

Read only + enabled:

![image](https://github.com/user-attachments/assets/ba421784-d976-4ae9-a399-e404c26b3842)


All + assign disabled:

![image](https://github.com/user-attachments/assets/d835b6f9-5a14-4ae0-abed-b3c3252c2692)



### Checklist

- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>

x-pack/platform/packages/private/security/authorization_core/src/privileges/feature_privilege_builder/cases.test.ts

@@ -130,6 +130,7 @@ describe(`cases`, () => {
             "cases:security/updateConfiguration",
             "cases:security/createComment",
             "cases:security/reopenCase",
+            "cases:security/assignCase",
             "cases:obs/getCase",
             "cases:obs/getComment",
             "cases:obs/getTags",
@@ -187,6 +188,7 @@ describe(`cases`, () => {
             "cases:security/updateConfiguration",
             "cases:security/createComment",
             "cases:security/reopenCase",
+            "cases:security/assignCase",
             "cases:other-security/pushCase",
             "cases:other-security/createCase",
             "cases:other-security/getCase",
@@ -203,6 +205,7 @@ describe(`cases`, () => {
             "cases:other-security/updateConfiguration",
             "cases:other-security/createComment",
             "cases:other-security/reopenCase",
+            "cases:other-security/assignCase",
             "cases:obs/getCase",
             "cases:obs/getComment",
             "cases:obs/getTags",

x-pack/platform/packages/private/security/authorization_core/src/privileges/feature_privilege_builder/cases.ts

@@ -37,6 +37,7 @@ const deleteOperations = ['deleteCase', 'deleteComment'] as const;
 const settingsOperations = ['createConfiguration', 'updateConfiguration'] as const;
 const createCommentOperations = ['createComment'] as const;
 const reopenOperations = ['reopenCase'] as const;
+const assignOperations = ['assignCase'] as const;
 const allOperations = [
   ...pushOperations,
   ...createOperations,
@@ -46,6 +47,7 @@ const allOperations = [
   ...settingsOperations,
   ...createCommentOperations,
   ...reopenOperations,
+  ...assignOperations,
 ] as const;
 
 export class FeaturePrivilegeCasesBuilder extends BaseFeaturePrivilegeBuilder {
@@ -71,6 +73,7 @@ export class FeaturePrivilegeCasesBuilder extends BaseFeaturePrivilegeBuilder {
       ...getCasesPrivilege(settingsOperations, privilegeDefinition.cases?.settings),
       ...getCasesPrivilege(createCommentOperations, privilegeDefinition.cases?.createComment),
       ...getCasesPrivilege(reopenOperations, privilegeDefinition.cases?.reopenCase),
+      ...getCasesPrivilege(assignOperations, privilegeDefinition.cases?.assign),
     ]);
   }
 }

x-pack/platform/plugins/shared/cases/common/constants/application.ts

@@ -12,9 +12,11 @@ import { CASE_VIEW_PAGE_TABS } from '../types';
  */
 
 export const APP_ID = 'cases' as const;
-/** @deprecated Please use FEATURE_ID_V2 instead */
+/** @deprecated Please use FEATURE_ID_V3 instead */
 export const FEATURE_ID = 'generalCases' as const;
+/** @deprecated Please use FEATURE_ID_V3 instead */
 export const FEATURE_ID_V2 = 'generalCasesV2' as const;
+export const FEATURE_ID_V3 = 'generalCasesV3' as const;
 export const APP_OWNER = 'cases' as const;
 export const APP_PATH = '/app/management/insightsAndAlerting/cases' as const;
 export const CASES_CREATE_PATH = '/create' as const;

x-pack/platform/plugins/shared/cases/common/constants/index.ts

@@ -185,6 +185,7 @@ export const CASES_SETTINGS_CAPABILITY = 'cases_settings' as const;
 export const CASES_CONNECTORS_CAPABILITY = 'cases_connectors' as const;
 export const CASES_REOPEN_CAPABILITY = 'case_reopen' as const;
 export const CREATE_COMMENT_CAPABILITY = 'create_comment' as const;
+export const ASSIGN_CASE_CAPABILITY = 'cases_assign' as const;
 
 /**
  * Cases API Tags

x-pack/platform/plugins/shared/cases/common/index.ts

@@ -58,6 +58,7 @@ export {
   CASES_SETTINGS_CAPABILITY,
   CREATE_COMMENT_CAPABILITY,
   CASES_REOPEN_CAPABILITY,
+  ASSIGN_CASE_CAPABILITY,
 } from './constants';
 
 export type { AttachmentAttributes } from './types/domain';

x-pack/platform/plugins/shared/cases/common/ui/types.ts

@@ -13,6 +13,7 @@ import type {
   UPDATE_CASES_CAPABILITY,
   CREATE_COMMENT_CAPABILITY,
   CASES_REOPEN_CAPABILITY,
+  ASSIGN_CASE_CAPABILITY,
 } from '..';
 import type {
   CASES_CONNECTORS_CAPABILITY,
@@ -325,6 +326,7 @@ export interface CasesPermissions {
   settings: boolean;
   reopenCase: boolean;
   createComment: boolean;
+  assign: boolean;
 }
 
 export interface CasesCapabilities {
@@ -337,4 +339,5 @@ export interface CasesCapabilities {
   [CASES_SETTINGS_CAPABILITY]: boolean;
   [CREATE_COMMENT_CAPABILITY]: boolean;
   [CASES_REOPEN_CAPABILITY]: boolean;
+  [ASSIGN_CASE_CAPABILITY]: boolean;
 }

x-pack/platform/plugins/shared/cases/common/utils/capabilities.test.tsx

@@ -18,6 +18,9 @@ describe('createUICapabilities', () => {
           "push_cases",
           "cases_connectors",
         ],
+        "assignCase": Array [
+          "cases_assign",
+        ],
         "createComment": Array [
           "create_comment",
         ],

x-pack/platform/plugins/shared/cases/common/utils/capabilities.ts

@@ -15,6 +15,7 @@ import {
   CASES_SETTINGS_CAPABILITY,
   CASES_REOPEN_CAPABILITY,
   CREATE_COMMENT_CAPABILITY,
+  ASSIGN_CASE_CAPABILITY,
 } from '../constants';
 
 export interface CasesUiCapabilities {
@@ -24,6 +25,7 @@ export interface CasesUiCapabilities {
   settings: readonly string[];
   reopenCase: readonly string[];
   createComment: readonly string[];
+  assignCase: readonly string[];
 }
 /**
  * Return the UI capabilities for each type of operation. These strings must match the values defined in the UI
@@ -42,4 +44,5 @@ export const createUICapabilities = (): CasesUiCapabilities => ({
   settings: [CASES_SETTINGS_CAPABILITY] as const,
   reopenCase: [CASES_REOPEN_CAPABILITY] as const,
   createComment: [CREATE_COMMENT_CAPABILITY] as const,
+  assignCase: [ASSIGN_CASE_CAPABILITY] as const,
 });

x-pack/platform/plugins/shared/cases/public/client/helpers/can_use_cases.test.ts

@@ -20,67 +20,67 @@ import { canUseCases } from './can_use_cases';
 
 type CasesCapabilities = Pick<
   ApplicationStart['capabilities'],
-  'securitySolutionCasesV2' | 'observabilityCasesV2' | 'generalCasesV2'
+  'securitySolutionCasesV3' | 'observabilityCasesV3' | 'generalCasesV3'
 >;
 
 const hasAll: CasesCapabilities = {
-  securitySolutionCasesV2: allCasesCapabilities(),
-  observabilityCasesV2: allCasesCapabilities(),
-  generalCasesV2: allCasesCapabilities(),
+  securitySolutionCasesV3: allCasesCapabilities(),
+  observabilityCasesV3: allCasesCapabilities(),
+  generalCasesV3: allCasesCapabilities(),
 };
 
 const hasNone: CasesCapabilities = {
-  securitySolutionCasesV2: noCasesCapabilities(),
-  observabilityCasesV2: noCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: noCasesCapabilities(),
+  observabilityCasesV3: noCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 const hasSecurity: CasesCapabilities = {
-  securitySolutionCasesV2: allCasesCapabilities(),
-  observabilityCasesV2: noCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: allCasesCapabilities(),
+  observabilityCasesV3: noCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 const hasObservability: CasesCapabilities = {
-  securitySolutionCasesV2: noCasesCapabilities(),
-  observabilityCasesV2: allCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: noCasesCapabilities(),
+  observabilityCasesV3: allCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 const hasObservabilityWriteTrue: CasesCapabilities = {
-  securitySolutionCasesV2: noCasesCapabilities(),
-  observabilityCasesV2: writeCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: noCasesCapabilities(),
+  observabilityCasesV3: writeCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 const hasSecurityWriteTrue: CasesCapabilities = {
-  securitySolutionCasesV2: writeCasesCapabilities(),
-  observabilityCasesV2: noCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: writeCasesCapabilities(),
+  observabilityCasesV3: noCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 const hasObservabilityReadTrue: CasesCapabilities = {
-  securitySolutionCasesV2: noCasesCapabilities(),
-  observabilityCasesV2: readCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: noCasesCapabilities(),
+  observabilityCasesV3: readCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 const hasSecurityReadTrue: CasesCapabilities = {
-  securitySolutionCasesV2: readCasesCapabilities(),
-  observabilityCasesV2: noCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: readCasesCapabilities(),
+  observabilityCasesV3: noCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 const hasSecurityWriteAndObservabilityRead: CasesCapabilities = {
-  securitySolutionCasesV2: writeCasesCapabilities(),
-  observabilityCasesV2: readCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: writeCasesCapabilities(),
+  observabilityCasesV3: readCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 const hasSecurityConnectors: CasesCapabilities = {
-  securitySolutionCasesV2: readCasesCapabilities(),
-  observabilityCasesV2: noCasesCapabilities(),
-  generalCasesV2: noCasesCapabilities(),
+  securitySolutionCasesV3: readCasesCapabilities(),
+  observabilityCasesV3: noCasesCapabilities(),
+  generalCasesV3: noCasesCapabilities(),
 };
 
 describe('canUseCases', () => {

x-pack/platform/plugins/shared/cases/public/client/helpers/can_use_cases.ts

@@ -7,7 +7,7 @@
 
 import type { ApplicationStart } from '@kbn/core/public';
 import {
-  FEATURE_ID_V2,
+  FEATURE_ID_V3,
   GENERAL_CASES_OWNER,
   OBSERVABILITY_OWNER,
   SECURITY_SOLUTION_OWNER,
@@ -32,9 +32,9 @@ export const canUseCases =
     owners: CasesOwners[] = [OBSERVABILITY_OWNER, SECURITY_SOLUTION_OWNER, GENERAL_CASES_OWNER]
   ): CasesPermissions => {
     const aggregatedPermissions = owners.reduce<CasesPermissions>(
+      // eslint-disable-next-line complexity
       (acc, owner) => {
         const userCapabilitiesForOwner = getUICapabilities(capabilities[getFeatureID(owner)]);
-
         acc.create = acc.create || userCapabilitiesForOwner.create;
         acc.read = acc.read || userCapabilitiesForOwner.read;
         acc.update = acc.update || userCapabilitiesForOwner.update;
@@ -44,6 +44,7 @@ export const canUseCases =
         acc.settings = acc.settings || userCapabilitiesForOwner.settings;
         acc.reopenCase = acc.reopenCase || userCapabilitiesForOwner.reopenCase;
         acc.createComment = acc.createComment || userCapabilitiesForOwner.createComment;
+        acc.assign = acc.assign || userCapabilitiesForOwner.assign;
 
         const allFromAcc =
           acc.create &&
@@ -54,7 +55,8 @@ export const canUseCases =
           acc.connectors &&
           acc.settings &&
           acc.reopenCase &&
-          acc.createComment;
+          acc.createComment &&
+          acc.assign;
 
         acc.all = acc.all || userCapabilitiesForOwner.all || allFromAcc;
 
@@ -71,6 +73,7 @@ export const canUseCases =
         settings: false,
         reopenCase: false,
         createComment: false,
+        assign: false,
       }
     );
 
@@ -81,8 +84,8 @@ export const canUseCases =
 
 const getFeatureID = (owner: CasesOwners) => {
   if (owner === GENERAL_CASES_OWNER) {
-    return FEATURE_ID_V2;
+    return FEATURE_ID_V3;
   }
 
-  return `${owner}CasesV2`;
+  return `${owner}CasesV3`;
 };

x-pack/platform/plugins/shared/cases/public/client/helpers/capabilities.test.ts

@@ -12,6 +12,7 @@ describe('getUICapabilities', () => {
     expect(getUICapabilities(undefined)).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": false,
         "create": false,
         "createComment": false,
@@ -29,6 +30,7 @@ describe('getUICapabilities', () => {
     expect(getUICapabilities()).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": false,
         "create": false,
         "createComment": false,
@@ -46,6 +48,7 @@ describe('getUICapabilities', () => {
     expect(getUICapabilities({ create_cases: true })).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": false,
         "create": true,
         "createComment": false,
@@ -72,6 +75,7 @@ describe('getUICapabilities', () => {
     ).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": false,
         "create": false,
         "createComment": false,
@@ -89,6 +93,7 @@ describe('getUICapabilities', () => {
     expect(getUICapabilities({})).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": false,
         "create": false,
         "createComment": false,
@@ -115,6 +120,7 @@ describe('getUICapabilities', () => {
     ).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": true,
         "create": false,
         "createComment": false,
@@ -142,6 +148,7 @@ describe('getUICapabilities', () => {
     ).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": false,
         "create": true,
         "createComment": false,
@@ -169,6 +176,7 @@ describe('getUICapabilities', () => {
     ).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": true,
         "create": true,
         "createComment": false,
@@ -186,6 +194,7 @@ describe('getUICapabilities', () => {
     expect(getUICapabilities({ cases_settings: true })).toMatchInlineSnapshot(`
       Object {
         "all": false,
+        "assign": false,
         "connectors": false,
         "create": false,
         "createComment": false,

x-pack/platform/plugins/shared/cases/public/client/helpers/capabilities.ts

@@ -16,6 +16,7 @@ import {
   UPDATE_CASES_CAPABILITY,
   CASES_REOPEN_CAPABILITY,
   CREATE_COMMENT_CAPABILITY,
+  ASSIGN_CASE_CAPABILITY,
 } from '../../../common/constants';
 
 export const getUICapabilities = (
@@ -30,6 +31,7 @@ export const getUICapabilities = (
   const settings = !!featureCapabilities?.[CASES_SETTINGS_CAPABILITY];
   const reopenCase = !!featureCapabilities?.[CASES_REOPEN_CAPABILITY];
   const createComment = !!featureCapabilities?.[CREATE_COMMENT_CAPABILITY];
+  const assignCases = !!featureCapabilities?.[ASSIGN_CASE_CAPABILITY];
 
   const all =
     create &&
@@ -40,7 +42,8 @@ export const getUICapabilities = (
     connectors &&
     settings &&
     reopenCase &&
-    createComment;
+    createComment &&
+    assignCases;
 
   return {
     all,
@@ -53,5 +56,6 @@ export const getUICapabilities = (
     settings,
     reopenCase,
     createComment,
+    assign: assignCases,
   };
 };