As a user, I want page links (e.g., 'OpenShift', 'Infrastructure' > 'AWS', etc.) in the Insights navigation pane to be hidden when there are no sources and/or I do not have permissions to view data.

Unfortunately, Cost Management's permission requirements are too complex for Insights to support via cloud-services-config. It was recommended by the Insights team (Ryan and Karel) that Cost Management create its own navigation endpoint. Insights would call this new endpoint via cloud-services-config in order to dynamically hide / show navigation links.

For example, the endpoint below could simply return true or false if the user has access to view data. We would also use this to display an empty state when users don't have access to specific Cost Management pages.

/api/cost-management/v1/navigation/?type=OCP

/api/cost-management/v1/navigation/?type=AWS

/api/cost-management/v1/navigation/?type=AZURE

For OpenShift, the user should have access if the following criteria is met.

1. Sources are available via 

/api/cost-management/v1/sources/?type=OCP

2. Is an org admin

3. Or, has one of the following RBAC permissions

cost-management:openshift.cluster:*,
cost-management:openshift.cluster:read,
cost-management:openshift.node:*,
cost-management:openshift.node:read,
cost-management:openshift.project:*,
cost-management:openshift.project:read

For Aws, the user should have access if the following criteria is met.

1. Sources are available via 

/api/cost-management/v1/sources/?type=AWS

2. Is an org admin

3. Or, has one of the following RBAC permissions

'cost-management:aws.account:*'

'cost-management:aws.account:read'

For Azure, the user should have access if the following criteria is met.

1. Sources are available via 

/api/cost-management/v1/sources/?type=AZURE

2. Is an org admin

3. Or, has one of the following RBAC permissions

'cost-management:azure.subscription_guid:*'

'cost-management:azure.subscription_guid:read'