Skip to content

RBAC: Can't edit topic while having inherited edit permissions #260

New issue
New issue
Open
Open
RBAC: Can't edit topic while having inherited edit permissions#260
Assignees
Haarolean
Labels
area/rbacRelated to Role Based Access Control featuregood first issueUp for grabshacktoberfestIssues good for hacktoberfest goalscope/backendRelated to backend changesstatus/triage/completedAutomatic triage completedtype/bugSomething isn't working
@fallen-up

Description

@fallen-up
fallen-up
opened on Apr 1, 2024

Issue submitter TODO list

  • I've looked up my issue in FAQ
  • I've searched for an already existing issues here
  • I've tried running main-labeled docker image and the issue still persists there
  • I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

              permissions:
                - resource: applicationconfig
                  actions: [ "view" ]
                - resource: clusterconfig
                  actions: [ "view" ]
                - resource: topic
                  value: ".*"
                  actions: [ "view", "messages_read", "messages_delete" ]

don't block "edit" in UI (ghcr.io/kafbat/kafka-ui:v1.0.0)
same config in provectuslabs/kafka-ui:v0.7.1 works properly

Expected behavior

No response

Your installation details

v1.0.0

Steps to reproduce

enable rbac and use such config:

      roles.yml: |
        rbac:
          roles:
            - name: "role-name-ro"
              clusters:
                - cluster-name
              subjects:
                - provider: oauth
                  type: role
                  value: "rolename-ro"
              permissions:
                - resource: applicationconfig
                  actions: [ "view" ]
                - resource: clusterconfig
                  actions: [ "view" ]
                - resource: topic
                  value: ".*"
                  actions: [ "view", "messages_read", "messages_delete" ]

Screenshots

image

Logs

No response

Additional context

No response

Metadata

Metadata

Assignees

Labels

area/rbacRelated to Role Based Access Control featuregood first issueUp for grabshacktoberfestIssues good for hacktoberfest goalscope/backendRelated to backend changesstatus/triage/completedAutomatic triage completedtype/bugSomething isn't working

Projects

Up for grabs

Status

Todo

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions