[7.x] [Enterprise Search] Add notices for deactivated users and SMTP callout (#103285)

x-pack/plugins/enterprise_search/public/applications/app_search/components/role_mappings/role_mapping.tsx

@@ -45,6 +45,7 @@ export const RoleMapping: React.FC = () => {
     selectedEngines,
     selectedAuthProviders,
     roleMappingErrors,
+    formLoading,
   } = useValues(RoleMappingsLogic);
 
   const isNew = !roleMapping;
@@ -67,6 +68,7 @@ export const RoleMapping: React.FC = () => {
   return (
     <RoleMappingFlyout
       disabled={attributeValueInvalid || !hasEngineAssignment}
+      formLoading={formLoading}
       isNew={isNew}
       closeUsersAndRolesFlyout={closeUsersAndRolesFlyout}
       handleSaveMapping={handleSaveMapping}

x-pack/plugins/enterprise_search/public/applications/app_search/components/role_mappings/role_mappings_logic.test.ts

@@ -58,6 +58,8 @@ describe('RoleMappingsLogic', () => {
     userCreated: false,
     userFormIsNewUser: true,
     userFormUserIsExisting: true,
+    smtpSettingsPresent: false,
+    formLoading: false,
   };
 
   const mappingsServerProps = {
@@ -70,6 +72,7 @@ describe('RoleMappingsLogic', () => {
     hasAdvancedRoles: false,
     singleUserRoleMappings: [asSingleUserRoleMapping],
     elasticsearchUsers,
+    smtpSettingsPresent: false,
   };
 
   beforeEach(() => {

x-pack/plugins/enterprise_search/public/applications/app_search/components/role_mappings/role_mappings_logic.ts

@@ -7,14 +7,17 @@
 
 import { kea, MakeLogicType } from 'kea';
 
-import { EuiComboBoxOptionOption } from '@elastic/eui';
-
 import {
   clearFlashMessages,
   flashAPIErrors,
   setSuccessMessage,
 } from '../../../shared/flash_messages';
 import { HttpLogic } from '../../../shared/http';
+import {
+  RoleMappingsBaseServerDetails,
+  RoleMappingsBaseActions,
+  RoleMappingsBaseValues,
+} from '../../../shared/role_mapping';
 import { ANY_AUTH_PROVIDER } from '../../../shared/role_mapping/constants';
 import { AttributeName, SingleUserRoleMapping, ElasticsearchUser } from '../../../shared/types';
 import { ASRoleMapping, RoleTypes } from '../../types';
@@ -29,16 +32,11 @@ import {
 
 type UserMapping = SingleUserRoleMapping<ASRoleMapping>;
 
-interface RoleMappingsServerDetails {
+interface RoleMappingsServerDetails extends RoleMappingsBaseServerDetails {
   roleMappings: ASRoleMapping[];
-  attributes: string[];
-  authProviders: string[];
   availableEngines: Engine[];
-  elasticsearchRoles: string[];
-  elasticsearchUsers: ElasticsearchUser[];
-  hasAdvancedRoles: boolean;
-  multipleAuthProvidersConfig: boolean;
   singleUserRoleMappings: UserMapping[];
+  hasAdvancedRoles: boolean;
 }
 
 const getFirstAttributeName = (roleMapping: ASRoleMapping) =>
@@ -47,24 +45,7 @@ const getFirstAttributeValue = (roleMapping: ASRoleMapping) =>
   Object.entries(roleMapping.rules)[0][1] as AttributeName;
 const emptyUser = { username: '', email: '' } as ElasticsearchUser;
 
-interface RoleMappingsActions {
-  handleAccessAllEnginesChange(selected: boolean): { selected: boolean };
-  handleAuthProviderChange(value: string[]): { value: string[] };
-  handleAttributeSelectorChange(
-    value: AttributeName,
-    firstElasticsearchRole: string
-  ): { value: AttributeName; firstElasticsearchRole: string };
-  handleAttributeValueChange(value: string): { value: string };
-  handleDeleteMapping(roleMappingId: string): { roleMappingId: string };
-  handleEngineSelectionChange(engineNames: string[]): { engineNames: string[] };
-  handleRoleChange(roleType: RoleTypes): { roleType: RoleTypes };
-  handleUsernameSelectChange(username: string): { username: string };
-  handleSaveMapping(): void;
-  handleSaveUser(): void;
-  initializeRoleMapping(roleMappingId?: string): { roleMappingId?: string };
-  initializeSingleUserRoleMapping(roleMappingId?: string): { roleMappingId?: string };
-  initializeRoleMappings(): void;
-  resetState(): void;
+interface RoleMappingsActions extends RoleMappingsBaseActions {
   setRoleMapping(roleMapping: ASRoleMapping): { roleMapping: ASRoleMapping };
   setSingleUserRoleMapping(data?: UserMapping): { singleUserRoleMapping: UserMapping };
   setRoleMappings({
@@ -73,48 +54,22 @@ interface RoleMappingsActions {
     roleMappings: ASRoleMapping[];
   }): { roleMappings: ASRoleMapping[] };
   setRoleMappingsData(data: RoleMappingsServerDetails): RoleMappingsServerDetails;
-  setElasticsearchUser(
-    elasticsearchUser?: ElasticsearchUser
-  ): { elasticsearchUser: ElasticsearchUser };
-  openRoleMappingFlyout(): void;
-  openSingleUserRoleMappingFlyout(): void;
-  closeUsersAndRolesFlyout(): void;
-  setRoleMappingErrors(errors: string[]): { errors: string[] };
-  enableRoleBasedAccess(): void;
-  setUserExistingRadioValue(userFormUserIsExisting: boolean): { userFormUserIsExisting: boolean };
-  setElasticsearchUsernameValue(username: string): { username: string };
-  setElasticsearchEmailValue(email: string): { email: string };
-  setUserCreated(): void;
-  setUserFormIsNewUser(userFormIsNewUser: boolean): { userFormIsNewUser: boolean };
+  handleAccessAllEnginesChange(selected: boolean): { selected: boolean };
+  handleEngineSelectionChange(engineNames: string[]): { engineNames: string[] };
+  handleRoleChange(roleType: RoleTypes): { roleType: RoleTypes };
 }
 
-interface RoleMappingsValues {
+interface RoleMappingsValues extends RoleMappingsBaseValues {
   accessAllEngines: boolean;
-  attributeName: AttributeName;
-  attributeValue: string;
-  attributes: string[];
-  availableAuthProviders: string[];
   availableEngines: Engine[];
-  dataLoading: boolean;
-  elasticsearchRoles: string[];
-  elasticsearchUsers: ElasticsearchUser[];
-  elasticsearchUser: ElasticsearchUser;
-  hasAdvancedRoles: boolean;
-  multipleAuthProvidersConfig: boolean;
   roleMapping: ASRoleMapping | null;
   roleMappings: ASRoleMapping[];
   singleUserRoleMapping: UserMapping | null;
   singleUserRoleMappings: UserMapping[];
   roleType: RoleTypes;
   selectedAuthProviders: string[];
   selectedEngines: Set<string>;
-  roleMappingFlyoutOpen: boolean;
-  singleUserRoleMappingFlyoutOpen: boolean;
-  selectedOptions: EuiComboBoxOptionOption[];
-  roleMappingErrors: string[];
-  userFormUserIsExisting: boolean;
-  userCreated: boolean;
-  userFormIsNewUser: boolean;
+  hasAdvancedRoles: boolean;
 }
 
 export const RoleMappingsLogic = kea<MakeLogicType<RoleMappingsValues, RoleMappingsActions>>({
@@ -369,6 +324,21 @@ export const RoleMappingsLogic = kea<MakeLogicType<RoleMappingsValues, RoleMappi
         setUserFormIsNewUser: (_, { userFormIsNewUser }) => userFormIsNewUser,
       },
     ],
+    smtpSettingsPresent: [
+      false,
+      {
+        setRoleMappingsData: (_, { smtpSettingsPresent }) => smtpSettingsPresent,
+      },
+    ],
+    formLoading: [
+      false,
+      {
+        handleSaveMapping: () => true,
+        handleSaveUser: () => true,
+        initializeRoleMappings: () => false,
+        setRoleMappingErrors: () => false,
+      },
+    ],
   },
   selectors: ({ selectors }) => ({
     selectedOptions: [

x-pack/plugins/enterprise_search/public/applications/app_search/components/role_mappings/user.test.tsx

@@ -14,7 +14,12 @@ import React from 'react';
 
 import { shallow } from 'enzyme';
 
-import { UserFlyout, UserAddedInfo, UserInvitationCallout } from '../../../shared/role_mapping';
+import {
+  UserFlyout,
+  UserAddedInfo,
+  UserInvitationCallout,
+  DeactivatedUserCallout,
+} from '../../../shared/role_mapping';
 import { elasticsearchUsers } from '../../../shared/role_mapping/__mocks__/elasticsearch_users';
 import { wsSingleUserRoleMapping } from '../../../shared/role_mapping/__mocks__/roles';
 
@@ -91,6 +96,23 @@ describe('User', () => {
     expect(wrapper.find(UserAddedInfo)).toHaveLength(1);
   });
 
+  it('renders DeactivatedUserCallout', () => {
+    setMockValues({
+      ...mockValues,
+      singleUserRoleMapping: {
+        ...wsSingleUserRoleMapping,
+        invitation: null,
+        elasticsearchUser: {
+          ...wsSingleUserRoleMapping.elasticsearchUser,
+          enabled: false,
+        },
+      },
+    });
+    const wrapper = shallow(<User />);
+
+    expect(wrapper.find(DeactivatedUserCallout)).toHaveLength(1);
+  });
+
   it('disables form when username value not present', () => {
     setMockValues({
       ...mockValues,

x-pack/plugins/enterprise_search/public/applications/app_search/components/role_mappings/user.tsx

@@ -17,6 +17,7 @@ import {
   UserSelector,
   UserAddedInfo,
   UserInvitationCallout,
+  DeactivatedUserCallout,
 } from '../../../shared/role_mapping';
 import { RoleTypes } from '../../types';
 
@@ -48,13 +49,20 @@ export const User: React.FC = () => {
     roleMappingErrors,
     userCreated,
     userFormIsNewUser,
+    smtpSettingsPresent,
+    formLoading,
   } = useValues(RoleMappingsLogic);
 
   const roleTypes = hasAdvancedRoles ? [...standardRoles, ...advancedRoles] : standardRoles;
   const hasEngines = availableEngines.length > 0;
   const showEngineAssignmentSelector = hasEngines && hasAdvancedRoles;
   const flyoutDisabled =
     !userFormUserIsExisting && (!elasticsearchUser.email || !elasticsearchUser.username);
+  const userIsDeactivated = !!(
+    singleUserRoleMapping &&
+    !singleUserRoleMapping.invitation &&
+    !singleUserRoleMapping.elasticsearchUser.enabled
+  );
 
   const userAddedInfo = singleUserRoleMapping && (
     <UserAddedInfo
@@ -76,6 +84,7 @@ export const User: React.FC = () => {
     <EuiForm isInvalid={roleMappingErrors.length > 0} error={roleMappingErrors}>
       <UserSelector
         isNewUser={userFormIsNewUser}
+        smtpSettingsPresent={smtpSettingsPresent}
         elasticsearchUsers={elasticsearchUsers}
         handleRoleChange={handleRoleChange}
         elasticsearchUser={elasticsearchUser}
@@ -94,13 +103,15 @@ export const User: React.FC = () => {
   return (
     <UserFlyout
       disabled={flyoutDisabled}
+      formLoading={formLoading}
       isComplete={userCreated}
       isNew={userFormIsNewUser}
       closeUserFlyout={closeUsersAndRolesFlyout}
       handleSaveUser={handleSaveUser}
     >
       {userCreated ? userAddedInfo : createUserForm}
       {userInvitationCallout}
+      {userIsDeactivated && <DeactivatedUserCallout isNew={userFormIsNewUser} />}
     </UserFlyout>
   );
 };

x-pack/plugins/enterprise_search/public/applications/shared/role_mapping/__mocks__/elasticsearch_users.ts

@@ -9,5 +9,6 @@ export const elasticsearchUsers = [
   {
     email: 'user1@user.com',
     username: 'user1',
+    enabled: true,
   },
 ];

x-pack/plugins/enterprise_search/public/applications/shared/role_mapping/attribute_selector.test.tsx

@@ -9,12 +9,12 @@ import React from 'react';
 
 import { shallow, ShallowWrapper } from 'enzyme';
 
-import { EuiComboBox, EuiFieldText } from '@elastic/eui';
+import { EuiComboBox, EuiFieldText, EuiFormRow } from '@elastic/eui';
 
 import { AttributeName } from '../types';
 
 import { AttributeSelector } from './attribute_selector';
-import { ANY_AUTH_PROVIDER, ANY_AUTH_PROVIDER_OPTION_LABEL } from './constants';
+import { ANY_AUTH_PROVIDER, ANY_AUTH_PROVIDER_OPTION_LABEL, REQUIRED_LABEL } from './constants';
 
 const handleAttributeSelectorChange = jest.fn();
 const handleAttributeValueChange = jest.fn();
@@ -166,5 +166,12 @@ describe('AttributeSelector', () => {
         baseProps.elasticsearchRoles[0]
       );
     });
+
+    it('shows helpText when attributeValueInvalid', () => {
+      const wrapper = shallow(<AttributeSelector {...baseProps} attributeValueInvalid />);
+      const formRow = wrapper.find(EuiFormRow).at(2);
+
+      expect(formRow.prop('helpText')).toEqual(REQUIRED_LABEL);
+    });
   });
 });

x-pack/plugins/enterprise_search/public/applications/shared/role_mapping/attribute_selector.tsx

@@ -21,7 +21,7 @@ import {
   ANY_AUTH_PROVIDER,
   ANY_AUTH_PROVIDER_OPTION_LABEL,
   ATTRIBUTE_VALUE_LABEL,
-  ATTRIBUTE_VALUE_ERROR,
+  REQUIRED_LABEL,
   AUTH_ANY_PROVIDER_LABEL,
   AUTH_INDIVIDUAL_PROVIDER_LABEL,
   AUTH_PROVIDER_LABEL,
@@ -129,8 +129,7 @@ export const AttributeSelector: React.FC<Props> = ({
       <EuiFormRow
         label={ATTRIBUTE_VALUE_LABEL}
         fullWidth
-        isInvalid={attributeValueInvalid}
-        error={[ATTRIBUTE_VALUE_ERROR]}
+        helpText={attributeValueInvalid && REQUIRED_LABEL}
       >
         {attributeName === 'role' ? (
           <EuiSelect

x-pack/plugins/enterprise_search/public/applications/shared/role_mapping/constants.ts

@@ -91,13 +91,6 @@ export const ATTRIBUTE_VALUE_LABEL = i18n.translate(
   }
 );
 
-export const ATTRIBUTE_VALUE_ERROR = i18n.translate(
-  'xpack.enterpriseSearch.roleMapping.attributeValueError',
-  {
-    defaultMessage: 'Attribute value is required',
-  }
-);
-
 export const REMOVE_ROLE_MAPPING_TITLE = i18n.translate(
   'xpack.enterpriseSearch.roleMapping.removeRoleMappingTitle',
   {
@@ -373,6 +366,13 @@ export const UPDATE_USER_DESCRIPTION = i18n.translate(
   }
 );
 
+export const DEACTIVATED_LABEL = i18n.translate(
+  'xpack.enterpriseSearch.roleMapping.deactivatedLabel',
+  {
+    defaultMessage: 'Deactivated',
+  }
+);
+
 export const INVITATION_PENDING_LABEL = i18n.translate(
   'xpack.enterpriseSearch.roleMapping.invitationPendingLabel',
   {
@@ -422,3 +422,29 @@ export const AUTH_PROVIDER_TOOLTIP = i18n.translate(
       'Provider-specific role mapping is still applied, but configuration is now deprecated.',
   }
 );
+
+export const DEACTIVATED_USER_CALLOUT_LABEL = i18n.translate(
+  'xpack.enterpriseSearch.roleMapping.deactivatedUserCalloutLabel',
+  {
+    defaultMessage: 'User deactivated',
+  }
+);
+
+export const DEACTIVATED_USER_CALLOUT_DESCRIPTION = i18n.translate(
+  'xpack.enterpriseSearch.roleMapping.deactivatedUserCalloutDescription',
+  {
+    defaultMessage:
+      'This user is not currently active, and access has been temporarily revoked. Users can be re-activated via the User Management area of the Kibana console.',
+  }
+);
+
+export const SMTP_CALLOUT_LABEL = i18n.translate(
+  'xpack.enterpriseSearch.roleMapping.smtpCalloutLabel',
+  {
+    defaultMessage: 'Personalized invitations will be automatically sent when an Enterprise Search',
+  }
+);
+
+export const SMTP_LINK_LABEL = i18n.translate('xpack.enterpriseSearch.roleMapping.smtpLinkLabel', {
+  defaultMessage: 'SMTP configuration is provided',
+});