[Security Solution] Error toast displayed when first viewing Overview page with minimal permissions

[spong]

This was uncovered in updating demo.elastic.co from 7.7 -> 7.8, and was introduced in 7.8

When first loading the Overview page as a user with minimal permissions (i.e. demo.elastic.co default permissions), and the Detection engine index (.siem-signals-default) has not been created, an error toast will be displayed saying a visualization has errors.

This ends up being the result of the NO_ALERT_INDEX being added to the withSource query to account for the fact that the detection engine index does not exist yet. This was added as part of #72387 to fix an issue with the Timeline where raw events would not be displayed (and ensuring at least one index is specified prevents ES from querying all indices).

As a result, users with minimal permissions will not have read access to this empty/placeholder index 'no-alert-index-049FC71A-4C2C-446F-9901-37XMC5024C51', and will get the below error detailing the user doesn't have read permissions for this index.

Workaround is to add read permissions to 'no-alert-index-049FC71A-4C2C-446F-9901-37XMC5024C51'.

cc @EthanStrider @XavierM @andrew-goldstein @patrykkopycinski

[XavierM]

Yes it looks like a bug in 7.8 but NOT in 7.9 it should not be there anymore because of that line of code https://github.com/elastic/kibana/blob/7.9/x-pack/plugins/security_solution/public/common/containers/source/index.tsx#L134

[spong]

As per @XavierM's comment this has been verified fixed in 7.9 -- closing.

Bug Conversion:

This ticket requires Dev validation

Thanks!!