-
Notifications
You must be signed in to change notification settings - Fork 161
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle other permission group types #1715
Handle other permission group types #1715
Conversation
Signed-off-by: Craig Perkins <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1715 +/- ##
=======================================
Coverage 67.09% 67.09%
=======================================
Files 94 94
Lines 2404 2404
Branches 318 318
=======================================
Hits 1613 1613
Misses 713 713
Partials 78 78 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this change.
The underlying bug is pretty bad worse as action groups are customizable. In the distribution we have a set that we include by default, but they can be customized by the cluster operators to whatever they'd like. Unknowingly action groups might have been created that were hidden from the UX.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah I missed this - I thought they would just use * for all access?
@derek-ho I just checked on the UI and its not possible to assign cluster or index permissions unless they appear in the dropdown so its not possible to assign I wonder if it should allow wildcard matches as long as the value entered matches at least 1 action. |
Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit ac38d9d)
Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit ac38d9d) Co-authored-by: Craig Perkins <[email protected]>
Description
Slightly updates the logic for calculating
Other permission groups
in the permissions dropdowns to ensure that groups withtype
not belonging to['cluster', 'index', 'kibana']
are accounted for. The linked PR handles the case for custom action groups wheretype
is never assigned, but doesn't account for the static action group unlimited that belongs to the "all" type. This is the only pre-defined action group that does not belong tocluster
,index
orkibana
type.Category
Bug fix
Issues Resolved
Related PR and issue:
Testing
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.