Fixed Users tab permissions to hide if CreateUser only User permission (#2426)

Author: jinapurapu

portal-ui/src/common/SecureComponent/permissions.ts

@@ -461,6 +461,21 @@ export const enableUserPermissions = [IAM_SCOPES.ADMIN_ENABLE_USER];
 
 export const disableUserPermissions = [IAM_SCOPES.ADMIN_DISABLE_USER];
 
+//note that adminUserPermissions does NOT include ADMIN_CREATE_USER to allow hiding the Users tab for users wtih only this permission as it is being applied by default
+export const adminUserPermissions = [
+  IAM_SCOPES.ADMIN_LIST_USER_POLICIES,
+  IAM_SCOPES.ADMIN_LIST_USERS,
+  IAM_SCOPES.ADMIN_ADD_USER_TO_GROUP,
+  IAM_SCOPES.ADMIN_REMOVE_USER_FROM_GROUP,
+  IAM_SCOPES.ADMIN_ATTACH_USER_OR_GROUP_POLICY,
+  IAM_SCOPES.ADMIN_LIST_USERS,
+  IAM_SCOPES.ADMIN_DELETE_USER,
+  IAM_SCOPES.ADMIN_ENABLE_USER,
+  IAM_SCOPES.ADMIN_DISABLE_USER,
+  IAM_SCOPES.ADMIN_GET_USER,
+  IAM_SCOPES.ADMIN_LIST_USER_POLICIES,
+];
+
 export const assignIAMPolicyPermissions = [
   IAM_SCOPES.ADMIN_ATTACH_USER_OR_GROUP_POLICY,
   IAM_SCOPES.ADMIN_LIST_USER_POLICIES,

portal-ui/src/screens/Console/valid-routes.ts

@@ -17,6 +17,7 @@
 import { IMenuItem } from "./Menu/types";
 import { NavLink } from "react-router-dom";
 import {
+  adminUserPermissions,
   CONSOLE_UI_RESOURCE,
   IAM_PAGES,
   IAM_PAGES_PERMISSIONS,
@@ -85,8 +86,9 @@ export const validRoutes = (
           id: "users",
           to: IAM_PAGES.USERS,
           customPermissionFnc: () =>
-            hasPermission(CONSOLE_UI_RESOURCE, [IAM_SCOPES.ADMIN_LIST_USERS]) ||
-            hasPermission(S3_ALL_RESOURCES, [IAM_SCOPES.ADMIN_CREATE_USER]),
+            hasPermission(CONSOLE_UI_RESOURCE, adminUserPermissions) ||
+            hasPermission(S3_ALL_RESOURCES, adminUserPermissions) ||
+            hasPermission(CONSOLE_UI_RESOURCE, [IAM_SCOPES.ADMIN_ALL_ACTIONS]),
           name: "Users",
           icon: UsersMenuIcon,
           fsHidden: ldapIsEnabled,