[BUG] Read only user seeing 403 error when viewing Dashboards #873
Comments
|
Identified not fixable in security plugin. Need to transfer to suitable owner |
|
Managed to reproduce this issue and found out the error message was “no permissions for [indices:data/write/update]”. This is expected because you only gives read permission for global tenant but in cluster permission setting part, both write and read permission are given. This conflict causes the error message shows up. If you give both read and write permission to global tenant, error message disappears. |
|
Such behavior is identified being triggered in the function Called by an anonymous function: https://github.com/elastic/kibana/blob/v7.10.2/src/plugins/dashboard/public/application/legacy_app.js#L148 |
|
@hsiang9431-amzn does this issue need to be transferred to the https://github.com/opensearch-project/OpenSearch-Dashboards repository? |
|
@tmarkley Yes, please transfer it to https://github.com/opensearch-project/OpenSearch-Dashboards |
|
@opensearch-project/admin please transfer this to the OpenSearch-Dashboards repository. |
tmarkley
added
bug
# [24.0.0](elastic/elastic-charts@v23.2.1...v24.0.0) (2020-10-19) ### Bug Fixes * **annotation:** annotation rendering with no yDomain or groupId ([opensearch-project#842](elastic/elastic-charts#842)) ([6bad0d7](elastic/elastic-charts@6bad0d7)), closes [opensearch-project#438](elastic/elastic-charts#438) [opensearch-project#798](elastic/elastic-charts#798) ### Features * **bar_chart:** add Alignment offset to value labels ([opensearch-project#784](elastic/elastic-charts#784)) ([106d924](elastic/elastic-charts@106d924)) * **bar_chart:** add shadow prop for value labels ([opensearch-project#785](elastic/elastic-charts#785)) ([de95b44](elastic/elastic-charts@de95b44)) * **bar_chart:** scaled font size for value labels ([opensearch-project#789](elastic/elastic-charts#789)) ([8b74a9d](elastic/elastic-charts@8b74a9d)), closes [opensearch-project#788](elastic/elastic-charts#788) * **heatmap:** allow fixed right margin ([opensearch-project#873](elastic/elastic-charts#873)) ([dd34574](elastic/elastic-charts@dd34574)) ### BREAKING CHANGES * **bar_chart:** The `DisplayValueStyle` `fontSize` property can now express an upper and lower bound as size, used for the automatic scaling. * **bar_chart:** The `DisplayValueStyle` `fill` property can now express a border color and width, or let the library pick the best match based on contrast using the textInvertible parameter.
|
Hello @hsiang9431-amzn, Sorry about the delay on this. Could expand on what we can do here from the OpenSearch Dashboards. It would appear based @zhyuanqi findings it's dealing with how the role is being duplicated and the cluster settings? We wouldn't be able to update this functionality about ensuring a default index on the system index we use because Core OpenSearch Dashboards currently has no insight on the roles and would also break current workflows. |
Describe the bug
When logging in as a read only user,
403error with message "Unable to update UI setting" is shown in the browser app.To Reproduce
Steps to reproduce the behavior:
kibana_usertokibana_user_global_rokibana_user_global_roso that it has read only permission onglobal_tenantExpected behavior
No error shall be shown
Plugins
security frontend and backend
Screenshots
The text was updated successfully, but these errors were encountered: