Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add indices:admin/get permission to the wazuh_ui_user role #1446

Closed
alberpilot opened this issue Apr 8, 2022 · 3 comments
Closed

Add indices:admin/get permission to the wazuh_ui_user role #1446

alberpilot opened this issue Apr 8, 2022 · 3 comments
Assignees
Milestone

Comments

@alberpilot
Copy link
Contributor

alberpilot commented Apr 8, 2022

@Desvelao asked us to add the permission indices:admin/get to the wazuh_ui_user role in the file: https://github.com/wazuh/wazuh-packages/blob/4.3/unattended_installer/config/indexer/roles/roles.yml

Source: wazuh/wazuh-dashboard-plugins#3620

@alberpilot alberpilot self-assigned this Apr 8, 2022
@gdiazlo gdiazlo moved this to Triage in Release 4.4.0 Aug 30, 2022
@vikman90 vikman90 modified the milestone: Release 4.4.0 Aug 31, 2022
@davidjiglesias davidjiglesias moved this from Triage to Todo in Release 4.4.0 Sep 6, 2022
@miguelfdez99 miguelfdez99 self-assigned this Sep 7, 2022
@okynos okynos moved this from Todo to Blocked in Release 4.4.0 Sep 9, 2022
@miguelfdez99
Copy link
Contributor

miguelfdez99 commented Sep 9, 2022

Blocked until we have a concrete answer on what we need to implement from @wazuh/frontend

The users wazuh_admin and wazuh_user were removed from internal_users.yml and the role wazuh_ui_user was removed from roles.yml. Related PR #1697

The issue is about adding permission to a role that no longer exists.
We need to know exactly what roles and users must be added to complete this issue.

@Machi3mfl
Copy link
Member

Machi3mfl commented Sep 22, 2022

Hi @miguelfdez99.
Sorry for the delay, I was testing the new roles in our last plugin version 4.3.7 with Opensearch 1.2.0-1.24 (Wazuh Dashboard) and the app works as we expect.
With the new roles, we can make all the necessary requests to show the UI. I leave more details in this comment

Secondly, in the case mentioned in the issue wazuh-kibana-app/#3620. If the user creates a custom role with read-only privileges, the case will continue to happen. I consider that isn't a default user and is out of our scope.

But if you reconsider to re-add the read-only role by default, the user must have permissions to the following sample alerts indexes:

  • wazuh-alerts-4.x-sample-auditing-policy-monitoring
  • wazuh-alerts-4.x-sample-threat-detection
  • wazuh-alerts-4.x-sample-security

The indexes are separated into groups, and these groups contain all the modules:
image

If you need something else, please, feel free to contact me.

@gdiazlo
Copy link
Member

gdiazlo commented Sep 26, 2022

Superseded by wazuh/wazuh-dashboard-plugins#4584

@gdiazlo gdiazlo closed this as not planned Won't fix, can't repro, duplicate, stale Sep 26, 2022
Repository owner moved this from Blocked to Done in Release 4.4.0 Sep 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
No open projects
Status: Done
Development

No branches or pull requests

5 participants