feat: [UIE-9734] - IAM: fix perm check (#13160)

* feat: [UIE-9734] - IAM: fix perm check

* update perm check

Author: aaleksee-akamai

packages/manager/src/features/Firewalls/FirewallDetail/Devices/RemoveDeviceDialog.tsx

@@ -55,7 +55,8 @@ export const RemoveDeviceDialog = React.memo((props: Props) => {
   const { data: firewallPermissions } = usePermissions(
     'firewall',
     ['delete_firewall_device'],
-    firewallId
+    firewallId,
+    firewallId !== -1
   );
 
   const { data: linodePermissions } = usePermissions(

packages/manager/src/features/Linodes/LinodesDetail/LinodeNetworking/LinodeFirewalls/LinodeFirewalls.test.tsx

@@ -26,6 +26,7 @@ const queryMocks = vi.hoisted(() => ({
   userPermissions: vi.fn(() => ({
     data: {
       apply_linode_firewalls: false,
+      update_linode: false,
       delete_firewall_device: false,
     },
   })),
@@ -96,10 +97,11 @@ describe('LinodeFirewalls', () => {
     expect(addFirewallBtn).toBeDisabled();
   });
 
-  it("should enable 'Unassign' button if the user has delete_firewall_device permission", async () => {
+  it("should enable 'Unassign' button if the user has update_linode and delete_firewall_device permission", async () => {
     queryMocks.userPermissions.mockReturnValue({
       data: {
         ...queryMocks.userPermissions().data,
+        update_linode: true,
         delete_firewall_device: true,
       },
     });
@@ -120,10 +122,11 @@ describe('LinodeFirewalls', () => {
     expect(unassignFirewallBtn).toBeEnabled();
   });
 
-  it("should disable 'Unassign' button if the user doesn't have delete_firewall_device permission", async () => {
+  it("should disable 'Unassign' button if the user doesn't have update_linode and delete_firewall_device permission", async () => {
     queryMocks.userPermissions.mockReturnValue({
       data: {
         ...queryMocks.userPermissions().data,
+        update_linode: false,
         delete_firewall_device: false,
       },
     });

packages/manager/src/features/Linodes/LinodesDetail/LinodeNetworking/LinodeFirewalls/LinodeFirewallsActionMenu.tsx

@@ -8,22 +8,31 @@ import type { Action } from 'src/components/ActionMenu/ActionMenu';
 
 interface LinodeFirewallsActionMenuProps {
   firewallID: number;
+  linodeID: number;
   onUnassign: () => void;
 }
 
 export const LinodeFirewallsActionMenu = (
   props: LinodeFirewallsActionMenuProps
 ) => {
-  const { firewallID, onUnassign } = props;
+  const { onUnassign, linodeID, firewallID } = props;
 
-  const { data: permissions } = usePermissions(
+  const { data: linodePermissions } = usePermissions(
+    'linode',
+    ['update_linode'],
+    linodeID
+  );
+
+  const { data: firewallPermissions } = usePermissions(
     'firewall',
     ['delete_firewall_device'],
-    firewallID,
-    true
+    firewallID
   );
 
-  const disabledProps = !permissions.delete_firewall_device
+  const disabledProps = !(
+    linodePermissions?.update_linode &&
+    firewallPermissions?.delete_firewall_device
+  )
     ? {
         disabled: true,
         tooltip: NO_PERMISSIONS_TOOLTIP_TEXT,

packages/manager/src/features/Linodes/LinodesDetail/LinodeNetworking/LinodeFirewalls/LinodeFirewallsRow.tsx

@@ -50,6 +50,7 @@ export const LinodeFirewallsRow = (props: LinodeFirewallsRowProps) => {
       <TableCell actionCell>
         <LinodeFirewallsActionMenu
           firewallID={firewallID}
+          linodeID={linodeID}
           onUnassign={() => onClickUnassign(firewallDevice, firewall)}
         />
       </TableCell>