Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[usability] have a noticeable flag/message when Granted Fields is empty #18166

Closed
elasticmachine opened this issue Mar 16, 2018 · 2 comments
Closed

[usability] have a noticeable flag/message when Granted Fields is empty #18166

elasticmachine opened this issue Mar 16, 2018 · 2 comments
Labels
enhancement New value added to drive a business result Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@elasticmachine
Copy link
Contributor

Original comment by @AlonaNadler:

The customer went through a long debugging session since the * in granted fields was accidentally removed and the user wasn't able to see any data.

We just spent an hour debugging a problem where a regular user was not seeing data for an index in Discover, but the elastic user could see it. We went through all the roles, role mappings, testing different permissions to try to bisect the problem, etc. What we eventually discovered was that we had inadvertently deleted the "*" in the Granted Fields section of the Role definition, so the user was able to see document metadata but none of the _source fields.

As soon as we went back and added the "" to Granted Fields it worked fine.
That box says it is "Optional", so shouldn't an empty box correlate to "", or at the very least throw a big red flag like "DO YOU REALLY WANT THIS BOX TO BE EMPTY BECAUSE YOU WON'T BE ABLE TO SEE ANY OF YOUR DATA". Maybe with the HTML blink tag or something.
@elasticmachine elasticmachine added the Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! label Apr 24, 2018
@AlonaNadler
Copy link

cc: @elastic/kibana-security

@kobelb kobelb added the enhancement New value added to drive a business result label Apr 25, 2018
legrego added a commit to legrego/kibana that referenced this issue May 18, 2018
@legrego
Fixes elastic#18166 : warn when no fields are granted
92812e5
@legrego legrego mentioned this issue May 18, 2018
Merged
5 tasks
@legrego
Copy link
Member

legrego commented Jan 9, 2019

Resolved via #19035

@legrego legrego closed this as completed Jan 9, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New value added to drive a business result Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kobelb @legrego @elasticmachine @AlonaNadler