[8.x] [Security Solution] Allows editing and exporting prebuilt rules from the Rule Management and Rule Details pages (#198202) (#200103)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution] Allows editing and exporting prebuilt rules from
the Rule Management and Rule Details pages
(#198202)](#198202)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Davis
Plumlee","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-13T22:11:48Z","message":"[Security
Solution] Allows editing and exporting prebuilt rules from the Rule
Management and Rule Details pages (#198202)\n\n**Resolves:
https://github.com/elastic/kibana/issues/180171**\r\n**Resolves:
https://github.com/elastic/kibana/issues/180176**\r\n**Resolves:
https://github.com/elastic/kibana/issues/180173**\r\n\r\n##
Summary\r\n\r\n> [!NOTE] \r\n> Feature is behind the
`prebuiltRulesCustomizationEnabled` feature\r\nflag.\r\n\r\nAdds logic
to allow users to edit and export prebuilt rules from both\r\nthe Rule
management page and Rule details page via the bulk action menu\r\nand
the singular overflow menu\r\n\r\n\r\n### Acceptance criteria\r\n\r\n-
[x] Feature is hidden behind prebuiltRulesCustomizationEnabled
feature\r\nflag\r\n- [x] Modified components still work as expected when
feature flag is\r\noff\r\n- [x] Bulk actions are able to performed on
all rule types from Rule\r\nmanagement page bulk actions menu\r\n - [x]
Editing\r\n - [x] Index patterns\r\n - [x] Tags\r\n - [x] Highlighted
fields\r\n - [x] Schedule\r\n - [x] Export\r\n- [x] Singular rule
actions are able to be performed on all rule types\r\nfrom rule
management page overflow column\r\n - [x] Export\r\n- [x] Singular rule
actions are able to be performed on all rule types\r\nfrom rule details
page\r\n - [x] Export\r\n \r\n\r\n### Screenshots\r\n***\r\n\r\n### Rule
management table overflow menu\r\n\r\n#### Before\r\n**Export button is
disabled for prebuilt rules**\r\n![Screenshot 2024-11-07 at 7
38\r\n12 PM](https://github.com/user-attachments/assets/13f8cd87-a9e5-486c-ab0f-d206de8bab4b)\r\n\r\n\r\n####
After\r\n**Export button is enabled for all rule types**\r\n![Screenshot
2024-11-07 at 7
34\r\n27 PM](https://github.com/user-attachments/assets/4b3d9364-02d5-406a-9f8a-c9ad8fed8486)\r\n\r\n###
Rule details page overflow menu\r\n\r\n#### Before\r\n**Export button is
disabled for prebuilt rules**\r\n![Screenshot 2024-11-07 at 7
37\r\n40 PM](https://github.com/user-attachments/assets/621b56e3-1f47-49db-aedb-fd05a3b75007)\r\n\r\n\r\n####
After\r\n**Export button is enabled for all rule types**\r\n![Screenshot
2024-11-07 at 7
34\r\n38 PM](https://github.com/user-attachments/assets/d533f288-4393-4acf-ba88-91c32ab32955)\r\n\r\n---------\r\n\r\nCo-authored-by:
Elastic Machine
<[email protected]>","sha":"02e4edc458749ca286c2b03eb71c248c7ef5b335","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Prebuilt Detection
Rules","backport:version","v8.17.0"],"title":"[Security Solution] Allows
editing and exporting prebuilt rules from the Rule Management and Rule
Details
pages","number":198202,"url":"https://github.com/elastic/kibana/pull/198202","mergeCommit":{"message":"[Security
Solution] Allows editing and exporting prebuilt rules from the Rule
Management and Rule Details pages (#198202)\n\n**Resolves:
https://github.com/elastic/kibana/issues/180171**\r\n**Resolves:
https://github.com/elastic/kibana/issues/180176**\r\n**Resolves:
https://github.com/elastic/kibana/issues/180173**\r\n\r\n##
Summary\r\n\r\n> [!NOTE] \r\n> Feature is behind the
`prebuiltRulesCustomizationEnabled` feature\r\nflag.\r\n\r\nAdds logic
to allow users to edit and export prebuilt rules from both\r\nthe Rule
management page and Rule details page via the bulk action menu\r\nand
the singular overflow menu\r\n\r\n\r\n### Acceptance criteria\r\n\r\n-
[x] Feature is hidden behind prebuiltRulesCustomizationEnabled
feature\r\nflag\r\n- [x] Modified components still work as expected when
feature flag is\r\noff\r\n- [x] Bulk actions are able to performed on
all rule types from Rule\r\nmanagement page bulk actions menu\r\n - [x]
Editing\r\n - [x] Index patterns\r\n - [x] Tags\r\n - [x] Highlighted
fields\r\n - [x] Schedule\r\n - [x] Export\r\n- [x] Singular rule
actions are able to be performed on all rule types\r\nfrom rule
management page overflow column\r\n - [x] Export\r\n- [x] Singular rule
actions are able to be performed on all rule types\r\nfrom rule details
page\r\n - [x] Export\r\n \r\n\r\n### Screenshots\r\n***\r\n\r\n### Rule
management table overflow menu\r\n\r\n#### Before\r\n**Export button is
disabled for prebuilt rules**\r\n![Screenshot 2024-11-07 at 7
38\r\n12 PM](https://github.com/user-attachments/assets/13f8cd87-a9e5-486c-ab0f-d206de8bab4b)\r\n\r\n\r\n####
After\r\n**Export button is enabled for all rule types**\r\n![Screenshot
2024-11-07 at 7
34\r\n27 PM](https://github.com/user-attachments/assets/4b3d9364-02d5-406a-9f8a-c9ad8fed8486)\r\n\r\n###
Rule details page overflow menu\r\n\r\n#### Before\r\n**Export button is
disabled for prebuilt rules**\r\n![Screenshot 2024-11-07 at 7
37\r\n40 PM](https://github.com/user-attachments/assets/621b56e3-1f47-49db-aedb-fd05a3b75007)\r\n\r\n\r\n####
After\r\n**Export button is enabled for all rule types**\r\n![Screenshot
2024-11-07 at 7
34\r\n38 PM](https://github.com/user-attachments/assets/d533f288-4393-4acf-ba88-91c32ab32955)\r\n\r\n---------\r\n\r\nCo-authored-by:
Elastic Machine
<[email protected]>","sha":"02e4edc458749ca286c2b03eb71c248c7ef5b335"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/198202","number":198202,"mergeCommit":{"message":"[Security
Solution] Allows editing and exporting prebuilt rules from the Rule
Management and Rule Details pages (#198202)\n\n**Resolves:
https://github.com/elastic/kibana/issues/180171**\r\n**Resolves:
https://github.com/elastic/kibana/issues/180176**\r\n**Resolves:
https://github.com/elastic/kibana/issues/180173**\r\n\r\n##
Summary\r\n\r\n> [!NOTE] \r\n> Feature is behind the
`prebuiltRulesCustomizationEnabled` feature\r\nflag.\r\n\r\nAdds logic
to allow users to edit and export prebuilt rules from both\r\nthe Rule
management page and Rule details page via the bulk action menu\r\nand
the singular overflow menu\r\n\r\n\r\n### Acceptance criteria\r\n\r\n-
[x] Feature is hidden behind prebuiltRulesCustomizationEnabled
feature\r\nflag\r\n- [x] Modified components still work as expected when
feature flag is\r\noff\r\n- [x] Bulk actions are able to performed on
all rule types from Rule\r\nmanagement page bulk actions menu\r\n - [x]
Editing\r\n - [x] Index patterns\r\n - [x] Tags\r\n - [x] Highlighted
fields\r\n - [x] Schedule\r\n - [x] Export\r\n- [x] Singular rule
actions are able to be performed on all rule types\r\nfrom rule
management page overflow column\r\n - [x] Export\r\n- [x] Singular rule
actions are able to be performed on all rule types\r\nfrom rule details
page\r\n - [x] Export\r\n \r\n\r\n### Screenshots\r\n***\r\n\r\n### Rule
management table overflow menu\r\n\r\n#### Before\r\n**Export button is
disabled for prebuilt rules**\r\n![Screenshot 2024-11-07 at 7
38\r\n12 PM](https://github.com/user-attachments/assets/13f8cd87-a9e5-486c-ab0f-d206de8bab4b)\r\n\r\n\r\n####
After\r\n**Export button is enabled for all rule types**\r\n![Screenshot
2024-11-07 at 7
34\r\n27 PM](https://github.com/user-attachments/assets/4b3d9364-02d5-406a-9f8a-c9ad8fed8486)\r\n\r\n###
Rule details page overflow menu\r\n\r\n#### Before\r\n**Export button is
disabled for prebuilt rules**\r\n![Screenshot 2024-11-07 at 7
37\r\n40 PM](https://github.com/user-attachments/assets/621b56e3-1f47-49db-aedb-fd05a3b75007)\r\n\r\n\r\n####
After\r\n**Export button is enabled for all rule types**\r\n![Screenshot
2024-11-07 at 7
34\r\n38 PM](https://github.com/user-attachments/assets/d533f288-4393-4acf-ba88-91c32ab32955)\r\n\r\n---------\r\n\r\nCo-authored-by:
Elastic Machine
<[email protected]>","sha":"02e4edc458749ca286c2b03eb71c248c7ef5b335"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Davis Plumlee <[email protected]>

Author: kibanamachine

x-pack/plugins/security_solution/public/detection_engine/rule_management_ui/components/rules_table/use_rules_table_actions.tsx

@@ -25,6 +25,7 @@ import { useDownloadExportedRules } from '../../../rule_management/logic/bulk_ac
 import { useHasActionsPrivileges } from './use_has_actions_privileges';
 import type { TimeRange } from '../../../rule_gaps/types';
 import { useScheduleRuleRun } from '../../../rule_gaps/logic/use_schedule_rule_run';
+import { useIsPrebuiltRulesCustomizationEnabled } from '../../../rule_management/hooks/use_is_prebuilt_rules_customization_enabled';
 import { ManualRuleRunEventTypes } from '../../../../common/lib/telemetry';
 
 export const useRulesTableActions = ({
@@ -46,6 +47,7 @@ export const useRulesTableActions = ({
   const { bulkExport } = useBulkExport();
   const downloadExportedRules = useDownloadExportedRules();
   const { scheduleRuleRun } = useScheduleRuleRun();
+  const isPrebuiltRulesCustomizationEnabled = useIsPrebuiltRulesCustomizationEnabled();
 
   return [
     {
@@ -116,7 +118,7 @@ export const useRulesTableActions = ({
           await downloadExportedRules(response);
         }
       },
-      enabled: (rule: Rule) => !rule.immutable,
+      enabled: (rule: Rule) => isPrebuiltRulesCustomizationEnabled || !rule.immutable,
     },
     {
       type: 'icon',

x-pack/plugins/security_solution/public/detections/components/rules/rule_actions_overflow/index.tsx

@@ -14,6 +14,7 @@ import {
 } from '@elastic/eui';
 import React, { useCallback, useMemo } from 'react';
 import styled from 'styled-components';
+import { useIsPrebuiltRulesCustomizationEnabled } from '../../../../detection_engine/rule_management/hooks/use_is_prebuilt_rules_customization_enabled';
 import { useScheduleRuleRun } from '../../../../detection_engine/rule_gaps/logic/use_schedule_rule_run';
 import type { TimeRange } from '../../../../detection_engine/rule_gaps/types';
 import { APP_UI_ID, SecurityPageName } from '../../../../../common/constants';
@@ -72,6 +73,7 @@ const RuleActionsOverflowComponent = ({
     application: { navigateToApp },
     telemetry,
   } = useKibana().services;
+  const isPrebuiltRulesCustomizationEnabled = useIsPrebuiltRulesCustomizationEnabled();
   const { startTransaction } = useStartTransaction();
   const { executeBulkAction } = useExecuteBulkAction({ suppressSuccessToast: true });
   const { bulkExport } = useBulkExport();
@@ -137,7 +139,10 @@ const RuleActionsOverflowComponent = ({
             <EuiContextMenuItem
               key={i18nActions.EXPORT_RULE}
               icon="exportAction"
-              disabled={!userHasPermissions || rule.immutable}
+              disabled={
+                !userHasPermissions ||
+                (isPrebuiltRulesCustomizationEnabled === false && rule.immutable)
+              }
               data-test-subj="rules-details-export-rule"
               onClick={async () => {
                 startTransaction({ name: SINGLE_RULE_ACTIONS.EXPORT });
@@ -203,21 +208,22 @@ const RuleActionsOverflowComponent = ({
           ]
         : [],
     [
-      bulkExport,
+      rule,
       canDuplicateRuleWithActions,
+      userHasPermissions,
+      isPrebuiltRulesCustomizationEnabled,
+      startTransaction,
       closePopover,
+      showBulkDuplicateExceptionsConfirmation,
       executeBulkAction,
       navigateToApp,
-      onRuleDeletedCallback,
-      rule,
-      showBulkDuplicateExceptionsConfirmation,
-      showManualRuleRunConfirmation,
-      startTransaction,
-      userHasPermissions,
+      bulkExport,
       downloadExportedRules,
-      confirmDeletion,
-      scheduleRuleRun,
+      showManualRuleRunConfirmation,
       telemetry,
+      scheduleRuleRun,
+      confirmDeletion,
+      onRuleDeletedCallback,
     ]
   );