[SIEM] Provide consistent messaging when user has read-only permissions

[spong]

When a user has read-only permissions to certain pieces of functionality we have different messaging and warning/info callouts. These callouts also re-appear on each page load, which can be disruptive to read-only users and on demo deployments.

Perhaps we can standardize on the blue info callout, and persist the dismissal of the callout to local storage so it is not shown for the remainder of the user's session.

cc @MikePaquette @benskelker @EthanStrider

Detection Engine:
Banner: Warning/Yellow

Signals index permissions required You are currently missing the required permissions to update signals. Please contact your administrator for further assistance

Timeline
Banner: Warning/Yellow

You require permission to auto-save timelines within the SIEM application, though you may continue to use the timeline to search and filter security events

Case
Banner: Info/Blue

You have read-only feature privileges You are only allowed to view cases. If you need to open and update cases, contact your Kibana administrator

[elasticmachine]

Pinging @elastic/siem (Team:SIEM)

[EthanStrider]

++ Very nice suggestion. I like the idea of persisting in local storage. It will make for a much better user experience.

[benskelker]

Thanks @spong - initial suggestions:

Cases

You cannot open new or update existing cases
You only have permissions to view cases. If you need to open and update cases, contact your Kibana administrator.

Signals

You cannot change signal states
You only have permissions to view signals. If you need to update signal states (open or close signals), contact your Kibana administrator.

Timeline

You cannot save timelines
You can use Timeline to investigate events, but you do not have the required permissions to save timelines for future use. If you need to save timelines, contact your Kibana administrator.

[cnasikas]

This PR #68372 persists the dismissal of case's callouts to local storage. It can be used by signals and probably by the timeline. @spong I can work on this issue in this PR and fix coloring and context.

[XavierM]

For the timeline's call out, the team agreed that it should always be there so user know that it is not being persisted.
For case's call out, we agreed that we should only do it for info call out and we will keep the other ones since it can be an error/warning that we want the user to be aware of.

[cnasikas]

Resolved by #68372

Only cases' info callouts are being persistent to the local storage. The PR introduces a new hook where other sub plugins, like Alerts, can use it to persist their callouts to their needs.

[threat-punter]

@XavierM the call out in the attached image is loaded each time the Cases tab is loaded. Is this expected behavior?

[cnasikas]

@threat-punter Yes, this is expected behavior. For cases, only the info callouts (blue) are being persistent in the local storage. Warning (yellow) and error (red) messages are loaded each time.

[threat-punter]

Thanks for confirming that, @cnasikas

[cnasikas]

@spong Should we close this issue?

[spong]

Yeah I think so @cnasikas. @threat-punter we have this issue (#76587) for changing those callouts from warning to info so their dismissal will be persisted (to improve UX for less-permissive users and on demo.elastic.co / events like CTF :)