/internal/uptime/index_status request returns 403 error
#186838
Labels
bug
Fixes for quality problems that affect the customer experience
Team:obs-ux-management
Observability Management User Experience Team
uptime
Comments
jennypavlova
added
the
bug
jennypavlova
added
the
Team:obs-ux-infra_services
|
Pinging @elastic/obs-ux-infra_services-team (Team:obs-ux-infra_services) |
smith
added
Team:obs-ux-management
|
Pinging @elastic/obs-ux-management-team (Team:obs-ux-management) |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Jul 31, 2024
…ptime privileges (elastic#189540) ## Summary Resolves elastic#186838 Prevents checking for Uptime data on plugin register when the user does not have Uptime privileges ## Background Context Uptime is hidden by default. However, there are two ways that the Uptime app can become accessible. 1. Turning on the Uptime app in the advanced settings 2. If you have data in your Uptime indices within the past 7 days. The data check present in Uptime plugin register is intended to enable Uptime if there is Uptime data within the past 7 days. However, there's no need to check this data if the user does not have privileges. ### Testing 1. Create a user without Uptime Kibana privileges 2. Open up the network tab in dev tools 3. Refresh any page in Kibana 4. You should not see a call to `internal/uptime/index_status` (cherry picked from commit 65a99a5)
kibanamachine
referenced
this issue
Jul 31, 2024
…r has uptime privileges (#189540) (#189635) # Backport This will backport the following commits from `main` to `8.15`: - [[Uptime] only check index status on plugin register if the user has uptime privileges (#189540)](#189540) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Dominique Clarke","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-07-31T13:55:37Z","message":"[Uptime] only check index status on plugin register if the user has uptime privileges (#189540)\n\n## Summary\r\n\r\nResolves https://github.com/elastic/kibana/issues/186838\r\n\r\nPrevents checking for Uptime data on plugin register when the user does\r\nnot have Uptime privileges\r\n\r\n## Background Context\r\nUptime is hidden by default. However, there are two ways that the Uptime\r\napp can become accessible.\r\n1. Turning on the Uptime app in the advanced settings\r\n2. If you have data in your Uptime indices within the past 7 days.\r\n\r\nThe data check present in Uptime plugin register is intended to enable\r\nUptime if there is Uptime data within the past 7 days. However, there's\r\nno need to check this data if the user does not have privileges.\r\n\r\n### Testing\r\n1. Create a user without Uptime Kibana privileges\r\n2. Open up the network tab in dev tools\r\n3. Refresh any page in Kibana\r\n4. You should not see a call to `internal/uptime/index_status`","sha":"65a99a51152fa0c02693730f205680b5e4869842","branchLabelMapping":{"^v8.16.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","uptime","ci:project-deploy-observability","Team:obs-ux-management","v8.15.0","v8.16.0"],"title":"[Uptime] only check index status on plugin register if the user has uptime privileges","number":189540,"url":"https://github.com/elastic/kibana/pull/189540","mergeCommit":{"message":"[Uptime] only check index status on plugin register if the user has uptime privileges (#189540)\n\n## Summary\r\n\r\nResolves https://github.com/elastic/kibana/issues/186838\r\n\r\nPrevents checking for Uptime data on plugin register when the user does\r\nnot have Uptime privileges\r\n\r\n## Background Context\r\nUptime is hidden by default. However, there are two ways that the Uptime\r\napp can become accessible.\r\n1. Turning on the Uptime app in the advanced settings\r\n2. If you have data in your Uptime indices within the past 7 days.\r\n\r\nThe data check present in Uptime plugin register is intended to enable\r\nUptime if there is Uptime data within the past 7 days. However, there's\r\nno need to check this data if the user does not have privileges.\r\n\r\n### Testing\r\n1. Create a user without Uptime Kibana privileges\r\n2. Open up the network tab in dev tools\r\n3. Refresh any page in Kibana\r\n4. You should not see a call to `internal/uptime/index_status`","sha":"65a99a51152fa0c02693730f205680b5e4869842"}},"sourceBranch":"main","suggestedTargetBranches":["8.15"],"targetPullRequestStates":[{"branch":"8.15","label":"v8.15.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/189540","number":189540,"mergeCommit":{"message":"[Uptime] only check index status on plugin register if the user has uptime privileges (#189540)\n\n## Summary\r\n\r\nResolves https://github.com/elastic/kibana/issues/186838\r\n\r\nPrevents checking for Uptime data on plugin register when the user does\r\nnot have Uptime privileges\r\n\r\n## Background Context\r\nUptime is hidden by default. However, there are two ways that the Uptime\r\napp can become accessible.\r\n1. Turning on the Uptime app in the advanced settings\r\n2. If you have data in your Uptime indices within the past 7 days.\r\n\r\nThe data check present in Uptime plugin register is intended to enable\r\nUptime if there is Uptime data within the past 7 days. However, there's\r\nno need to check this data if the user does not have privileges.\r\n\r\n### Testing\r\n1. Create a user without Uptime Kibana privileges\r\n2. Open up the network tab in dev tools\r\n3. Refresh any page in Kibana\r\n4. You should not see a call to `internal/uptime/index_status`","sha":"65a99a51152fa0c02693730f205680b5e4869842"}}]}] BACKPORT--> Co-authored-by: Dominique Clarke <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Relates to https://github.com/elastic/sdh-kibana/issues/4765
**Kibana version:**8.14.1
Describe the bug:
On each load for any Kibana page there's a 403 request to that /internal/uptime/index_status endpoint.
Steps to reproduce:
readandview_index_metadatatokibana*indices and to the new space in read mode for Analytics apps.The text was updated successfully, but these errors were encountered: