This repository was archived by the owner on Mar 21, 2023. It is now read-only.
This repository was archived by the owner on Mar 21, 2023. It is now read-only.
Problem with read permissions per pipeline connection #251
Description
Problem description
When I add read permission for particular Pipeline connection to role by REST API, user with that role isn't able to manage this Pipelines. Page http://<Graylog_node>:9000/system/pipelines isn't available. User get error:
Could not retrieve pipeline connections
Fetching pipeline connections failed with status: cannot GET http://graylog:9000/api/plugins/org.graylog.plugins.pipelineprocessor/system/pipelines/connections (403)
Steps to reproduce the problem
- Create Stream, Pipeline. Connect them.
- Create role with full permission for created Stream, Pipeline and read permission for their Pipeline connection, but without permission to read all Pipeline rules. Created role must contain line like this in the permission list:
"pipeline_connection:read:<Pipeline_connection_id>",
And this role shouldn't contain line:
"pipeline_connection:read",
- Add user to created role
- Try to open page http://<Graylog_node>:9000/system/pipelines by created user
Environment
- Graylog Version: v2.4.6+ceaa7e4
- Pipeline Processor plugin version: 2.4.6
- Elasticsearch Version: 5.6.10
- MongoDB Version: v3.6.6
- Operating System: Debian 9
- Browser version: Chrome 69