Fix #7646 UI: Non-admin user should not be allowed to add a bot (#7681)

* Fix #7646 UI: Non-admin user should not be allowed to add a bot

* Add tests

openmetadata-ui/src/main/resources/ui/src/components/BotListV1/BotListV1.component.tsx

@@ -59,10 +59,15 @@ const BotListV1 = ({
   const [handleErrorPlaceholder, setHandleErrorPlaceholder] = useState(false);
   const [searchedData, setSearchedData] = useState<Bot[]>([]);
 
-  const createPermission = checkPermission(
+  /**
-    Operation.Create,
+   * Bot creation is two step process so here we should check for
-    ResourceEntity.BOT,
+   * Create User and Create Bot both permissions
-    permissions
+   */
+  const createPermission = useMemo(
+    () =>
+      checkPermission(Operation.Create, ResourceEntity.BOT, permissions) &&
+      checkPermission(Operation.Create, ResourceEntity.USER, permissions),
+    [permissions]
   );
 
   const deletePermission = useMemo(

openmetadata-ui/src/main/resources/ui/src/components/Users/Users.component.test.tsx

@@ -105,6 +105,32 @@ const mockUserData = {
   ],
 };
 
+const mockUserRole = {
+  data: [
+    {
+      id: '3ed7b995-ce8b-4720-9beb-6f4a9c626920',
+      name: 'DataConsumer',
+      fullyQualifiedName: 'DataConsumer',
+      displayName: 'Data Consumer',
+      description:
+        'Users with Data Consumer role use different data assets for their day to day work.',
+      version: 0.1,
+      updatedAt: 1663825430544,
+      updatedBy: 'admin',
+      href: 'http://localhost:8585/api/v1/roles/3ed7b995-ce8b-4720-9beb-6f4a9c626920',
+      allowDelete: false,
+      deleted: false,
+    },
+  ],
+  paging: {
+    total: 1,
+  },
+};
+
+jest.mock('../../axiosAPIs/rolesAPIV1.ts', () => ({
+  getRoles: jest.fn().mockImplementation(() => Promise.resolve(mockUserRole)),
+}));
+
 jest.mock('../common/ProfilePicture/ProfilePicture', () => {
   return jest.fn().mockReturnValue(<p>ProfilePicture</p>);
 });

openmetadata-ui/src/main/resources/ui/src/jsons/en.ts

@@ -25,6 +25,7 @@ const jsonData = {
 
     'check-status-airflow': 'Error while connecting to Airflow instance!',
     'create-user-error': 'Error while creating user!',
+    'create-bot-error': 'Error while creating bot!',
     'create-conversation-error': 'Error while creating conversation!',
     'create-message-error': 'Error while creating message!',
     'create-role-error': 'Error While creating role!',

openmetadata-ui/src/main/resources/ui/src/pages/CreateUserPage/CreateUserPage.component.tsx

@@ -87,7 +87,8 @@ const CreateUserPage = () => {
               name: res.name,
               displayName: res.displayName,
               description: res.description,
-            } as Bot).then((res) => {
+            } as Bot)
+              .then((res) => {
                 setStatus('success');
                 res && showSuccessToast(`Bot created successfully`);
                 setTimeout(() => {
@@ -95,6 +96,12 @@ const CreateUserPage = () => {
 
                   goToUserListPage();
                 }, 500);
+              })
+              .catch((err: AxiosError) => {
+                handleSaveFailure(
+                  err,
+                  jsonData['api-error-messages']['create-bot-error']
+                );
               });
           } else {
             setStatus('success');

openmetadata-ui/src/main/resources/ui/src/pages/CreateUserPage/CreateUserPage.test.tsx

@@ -23,6 +23,32 @@ import { MemoryRouter } from 'react-router-dom';
 import { createUser } from '../../axiosAPIs/userAPI';
 import AddUserPageComponent from './CreateUserPage.component';
 
+const mockUserRole = {
+  data: [
+    {
+      id: '3ed7b995-ce8b-4720-9beb-6f4a9c626920',
+      name: 'DataConsumer',
+      fullyQualifiedName: 'DataConsumer',
+      displayName: 'Data Consumer',
+      description:
+        'Users with Data Consumer role use different data assets for their day to day work.',
+      version: 0.1,
+      updatedAt: 1663825430544,
+      updatedBy: 'admin',
+      href: 'http://localhost:8585/api/v1/roles/3ed7b995-ce8b-4720-9beb-6f4a9c626920',
+      allowDelete: false,
+      deleted: false,
+    },
+  ],
+  paging: {
+    total: 1,
+  },
+};
+
+jest.mock('../../axiosAPIs/rolesAPIV1', () => ({
+  getRoles: jest.fn().mockImplementation(() => Promise.resolve(mockUserRole)),
+}));
+
 jest.mock('../../components/containers/PageContainerV1', () => {
   return jest
     .fn()
@@ -53,7 +79,6 @@ jest.mock('../../axiosAPIs/userAPI', () => ({
 
 jest.mock('../../AppState', () =>
   jest.fn().mockReturnValue({
-    userRoles: [],
     userTeams: [],
   })
 );

openmetadata-ui/src/main/resources/ui/src/router/AuthenticatedAppRouter.tsx

@@ -238,6 +238,13 @@ const AuthenticatedAppRouter: FunctionComponent = () => {
     [permissions]
   );
 
+  const createBotPermission = useMemo(
+    () =>
+      checkPermission(Operation.Create, ResourceEntity.USER, permissions) &&
+      checkPermission(Operation.Create, ResourceEntity.BOT, permissions),
+    [permissions]
+  );
+
   return (
     <Switch>
       <Route exact component={MyDataPage} path={ROUTES.MY_DATA} />
@@ -412,11 +419,7 @@ const AuthenticatedAppRouter: FunctionComponent = () => {
       <AdminProtectedRoute
         exact
         component={CreateUserPage}
-        hasPermission={checkPermission(
+        hasPermission={createBotPermission}
-          Operation.Create,
-          ResourceEntity.BOT,
-          permissions
-        )}
         path={ROUTES.CREATE_USER_WITH_BOT}
       />
       <Route exact component={BotDetailsPage} path={ROUTES.BOTS_PROFILE} />