Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fleet]: Forbidden error is displayed on clicking Get Uninstall command for user role Agents: None. #192055

Closed
amolnater-qasource opened this issue Sep 4, 2024 · 5 comments · Fixed by #195185
Closed

[Fleet]: Forbidden error is displayed on clicking Get Uninstall command for user role Agents: None. #192055

amolnater-qasource opened this issue Sep 4, 2024 · 5 comments · Fixed by #195185
Assignees
@nchaulet
Labels
bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Fleet Team label for Observability Data Collection Fleet team

Comments

@amolnater-qasource
Copy link

amolnater-qasource commented Sep 4, 2024
edited
Loading

Kibana Build details:

VERSION: 8.16.0 SNAPSHOT
BUILD: 77913
COMMIT: f2aba4624160124344e98dac19d5eefd83fa79ce

Role:

Integrations: All
Fleet: Read
Agents: None
Agent policies: All
Settings: All

Image

Preconditions:

  1. 8.16.0-SNAPSHOT Kibana cloud environment should be available.
  2. New User should be created with above defined role.

Steps to reproduce:

  1. Login with the above user.
  2. Navigate to Agent policies tab>policy with Elastic Defend.
  3. Navigate to policy settings enable Tamper protection and click Get Uninstall command.
  4. Observe forbidden error is displayed under Agents tab for custom user with Agent policies: None.

Expected Result:
Forbidden error shouldn't displayed on clicking Get Uninstall command/ or Get Uninstall command should be disabled for user role Agents: None.

Screen Recording:

Agent.policies.-.Fleet.-.Elastic.-.Google.Chrome.2024-09-03.19-12-02.mp4

Feature:
https://github.com/elastic/ingest-dev/issues/2903
@amolnater-qasource amolnater-qasource added bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team:Fleet Team label for Observability Data Collection Fleet team labels Sep 4, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

@amolnater-qasource
Copy link
Author

@muskangulati-qasource Please review.

@muskangulati-qasource
Copy link

Secondary review on this ticket is Done!

@nchaulet
Copy link
Member

Uninstall tokens should only be available for user with Agents:All we should hide the button if the user do not have the required permissions

@nchaulet nchaulet self-assigned this Oct 7, 2024
@nchaulet nchaulet mentioned this issue Oct 7, 2024
Merged
@amolnater-qasource amolnater-qasource added the QA:Ready for Testing Code is merged and ready for QA to validate label Oct 7, 2024
@amolnater-qasource
Copy link
Author

Hi Team,

We have revalidated this issue on latest 8.17.0-SNAPSHOT kibana cloud environment and found it fixed now.

Observations:

  • Uninstall command link is disabled under agent policy settings for user role Agents: None.

Build details:
VERSION: 8.17.0 SNAPSHOT
BUILD: 80188
COMMIT: fdb16ae

Screen Recording:

Agent.policy.5.-.Agent.policies.-.Fleet.-.Elastic.-.Google.Chrome.2024-11-19.16-10-08.mp4

Hence we are marking this issue as QA:Validated.

Thanks!

@amolnater-qasource amolnater-qasource added QA:Validated Issue has been validated by QA and removed QA:Ready for Testing Code is merged and ready for QA to validate labels Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nchaulet nchaulet

Labels
bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Fleet Team label for Observability Data Collection Fleet team
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Fleet] Do not enable uninstall command link without Agents:All nchaulet/kibana
4 participants
@nchaulet @elasticmachine @muskangulati-qasource @amolnater-qasource