From 64aeb45c615fe640fe4118c5c1e0787cf99e4466 Mon Sep 17 00:00:00 2001
From: StekPerepolnen <arykov@ydb.tech>
Date: Thu, 22 May 2025 18:06:55 +0200
Subject: [PATCH 1/3] maybe allowedsids

---
 ydb/core/mon/mon.cpp       | 2 +-
 ydb/core/mon/mon.h         | 2 +-
 ydb/core/viewer/viewer.cpp | 6 ++++--
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/ydb/core/mon/mon.cpp b/ydb/core/mon/mon.cpp
index de7d94312f37..3c8db21fff32 100644
--- a/ydb/core/mon/mon.cpp
+++ b/ydb/core/mon/mon.cpp
@@ -1450,7 +1450,7 @@ NMonitoring::IMonPage* TMon::RegisterActorPage(TRegisterActorPageFields fields)
         fields.PreTag,
         fields.ActorSystem,
         fields.ActorId,
-        fields.AllowedSIDs ? fields.AllowedSIDs : Config.AllowedSIDs,
+        fields.AllowedSIDs.Defined() ? *fields.AllowedSIDs : Config.AllowedSIDs,
         fields.UseAuth ? Config.Authorizer : TRequestAuthorizer(),
         fields.MonServiceName);
     if (fields.Index) {
diff --git a/ydb/core/mon/mon.h b/ydb/core/mon/mon.h
index e27fece95954..0682c318045c 100644
--- a/ydb/core/mon/mon.h
+++ b/ydb/core/mon/mon.h
@@ -60,7 +60,7 @@ class TMon {
         bool PreTag = false;
         TActorId ActorId;
         bool UseAuth = true;
-        TVector<TString> AllowedSIDs;
+        TMaybe<TVector<TString>> AllowedSIDs;
         bool SortPages = true;
         TString MonServiceName = "utils";
     };
diff --git a/ydb/core/viewer/viewer.cpp b/ydb/core/viewer/viewer.cpp
index 0a85e1e0671a..eae2cd49e7ba 100644
--- a/ydb/core/viewer/viewer.cpp
+++ b/ydb/core/viewer/viewer.cpp
@@ -92,13 +92,15 @@ class TViewer : public TActorBootstrapped<TViewer>, public IViewer {
                 .RelPath = "viewer/whoami",
                 .ActorSystem = ctx.ActorSystem(),
                 .ActorId = ctx.SelfID,
-                .UseAuth = false,
+                .UseAuth = true,
+                .AllowedSIDs = {},
             });
             mon->RegisterActorPage({
                 .RelPath = "viewer/json/whoami", // temporary handling of old paths
                 .ActorSystem = ctx.ActorSystem(),
                 .ActorId = ctx.SelfID,
-                .UseAuth = false,
+                .UseAuth = true,
+                .AllowedSIDs = {},
             });
             mon->RegisterActorPage({
                 .Title = "Viewer",

From 513cd8320191f2f9b838877d0efcdc5c07320550 Mon Sep 17 00:00:00 2001
From: StekPerepolnen <arykov@ydb.tech>
Date: Fri, 23 May 2025 11:39:03 +0200
Subject: [PATCH 2/3] changed {} to  TVector<TString>{}

---
 ydb/core/viewer/viewer.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ydb/core/viewer/viewer.cpp b/ydb/core/viewer/viewer.cpp
index eae2cd49e7ba..3ec8a48a5fc5 100644
--- a/ydb/core/viewer/viewer.cpp
+++ b/ydb/core/viewer/viewer.cpp
@@ -93,14 +93,14 @@ class TViewer : public TActorBootstrapped<TViewer>, public IViewer {
                 .ActorSystem = ctx.ActorSystem(),
                 .ActorId = ctx.SelfID,
                 .UseAuth = true,
-                .AllowedSIDs = {},
+                .AllowedSIDs = TVector<TString>{},
             });
             mon->RegisterActorPage({
                 .RelPath = "viewer/json/whoami", // temporary handling of old paths
                 .ActorSystem = ctx.ActorSystem(),
                 .ActorId = ctx.SelfID,
                 .UseAuth = true,
-                .AllowedSIDs = {},
+                .AllowedSIDs = TVector<TString>{},
             });
             mon->RegisterActorPage({
                 .Title = "Viewer",

From 576e59b5b64c843bce27bb15fbd64067ac56ddd3 Mon Sep 17 00:00:00 2001
From: StekPerepolnen <arykov@ydb.tech>
Date: Fri, 23 May 2025 16:01:51 +0200
Subject: [PATCH 3/3] usefallbackSIDS

---
 ydb/core/mon/mon.cpp       | 2 +-
 ydb/core/mon/mon.h         | 3 ++-
 ydb/core/viewer/viewer.cpp | 4 ++--
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/ydb/core/mon/mon.cpp b/ydb/core/mon/mon.cpp
index 3c8db21fff32..2b26971ec752 100644
--- a/ydb/core/mon/mon.cpp
+++ b/ydb/core/mon/mon.cpp
@@ -1450,7 +1450,7 @@ NMonitoring::IMonPage* TMon::RegisterActorPage(TRegisterActorPageFields fields)
         fields.PreTag,
         fields.ActorSystem,
         fields.ActorId,
-        fields.AllowedSIDs.Defined() ? *fields.AllowedSIDs : Config.AllowedSIDs,
+        (fields.AllowedSIDs || !fields.UseFallbackSIDs) ? fields.AllowedSIDs : Config.AllowedSIDs,
         fields.UseAuth ? Config.Authorizer : TRequestAuthorizer(),
         fields.MonServiceName);
     if (fields.Index) {
diff --git a/ydb/core/mon/mon.h b/ydb/core/mon/mon.h
index 0682c318045c..c2027baaedaa 100644
--- a/ydb/core/mon/mon.h
+++ b/ydb/core/mon/mon.h
@@ -60,7 +60,8 @@ class TMon {
         bool PreTag = false;
         TActorId ActorId;
         bool UseAuth = true;
-        TMaybe<TVector<TString>> AllowedSIDs;
+        TVector<TString> AllowedSIDs;
+        bool UseFallbackSIDs = true;
         bool SortPages = true;
         TString MonServiceName = "utils";
     };
diff --git a/ydb/core/viewer/viewer.cpp b/ydb/core/viewer/viewer.cpp
index 3ec8a48a5fc5..3556b6393f83 100644
--- a/ydb/core/viewer/viewer.cpp
+++ b/ydb/core/viewer/viewer.cpp
@@ -93,14 +93,14 @@ class TViewer : public TActorBootstrapped<TViewer>, public IViewer {
                 .ActorSystem = ctx.ActorSystem(),
                 .ActorId = ctx.SelfID,
                 .UseAuth = true,
-                .AllowedSIDs = TVector<TString>{},
+                .UseFallbackSIDs = false,
             });
             mon->RegisterActorPage({
                 .RelPath = "viewer/json/whoami", // temporary handling of old paths
                 .ActorSystem = ctx.ActorSystem(),
                 .ActorId = ctx.SelfID,
                 .UseAuth = true,
-                .AllowedSIDs = TVector<TString>{},
+                .UseFallbackSIDs = false,
             });
             mon->RegisterActorPage({
                 .Title = "Viewer",