[Cases] Case action tries to create stack cases on serverless project where stack case are not available

[cnasikas]

Summary

In serverless, based on the project type, there is only one place where you can manage cases. For security, security solution cases and for o11y, o11y cases. For the search project cases are not available. Also, stack cases are not available to all project types. Now, if a user tries to create a stack rule with a case action from the stack management rule's page the case action will try to create a stack case. Because stack cases are not available the case action will fail with a 403 error.

Details

Each case has an owner. The owner denotes to which solution the case belongs to. Cases have their own RBAC model based on the owner. This means that cases created in security solution cannot be viewed or created in o11y and vice-versa. The case action uses the rule's consumer to deduct to where it should create the case. If it an o11y in o11y, if it is a security rule in security, and if it is a stack rule it depends on the role visibility selection.

DoD

• When a user creates a stack rule from a serverless project where only the solution's cases are available create the cases in the solution cases.
• Throw a 400 error instead of a 403 error

[elasticmachine]

Pinging @elastic/response-ops (Team:ResponseOps)

[elasticmachine]

Pinging @elastic/response-ops-cases (Feature:Cases)