[Synthetics] Private locations - Add agent policy prompt appears when user does not have permissions to add agent policy #150725
Assignees
Labels
bug
Fixes for quality problems that affect the customer experience
Team:Uptime - DEPRECATED
Synthetics & RUM sub-team of Application Observability
v8.7.0
v8.8.0
Comments
dominiqueclarke
added
bug
|
Pinging @elastic/uptime (Team:uptime) |
dominiqueclarke
changed the title
3 tasks
dominiqueclarke
added a commit
that referenced
this issue
Mar 1, 2023
## Summary Resolves #150725 Adds `Integrations: All` permissions requirement for interacting with Private locations A user without permissions <img width="1500" alt="Screen Shot 2023-02-23 at 3 26 15 PM" src="https://user-images.githubusercontent.com/11356435/221023579-adc41aa9-2a57-4d97-89ef-048b757a3442.png"> <img width="354" alt="Screen Shot 2023-02-23 at 3 26 06 PM" src="https://user-images.githubusercontent.com/11356435/221023582-7025f9f7-068d-4d86-af2b-4699f51322d8.png"> <img width="359" alt="Screen Shot 2023-02-23 at 3 26 01 PM" src="https://user-images.githubusercontent.com/11356435/221023585-fb53b3fb-39e6-4340-b2dc-709168e66fc5.png"> <img width="1510" alt="Screen Shot 2023-02-23 at 2 36 02 PM" src="https://user-images.githubusercontent.com/11356435/221023588-582aa339-f14b-405c-86e8-8e22df5b9527.png"> <img width="1521" alt="Screen Shot 2023-02-23 at 1 16 38 PM" src="https://user-images.githubusercontent.com/11356435/221023590-2634a673-90a9-4e52-9725-4a2a50fa400e.png"> <img width="1509" alt="Screen Shot 2023-02-23 at 12 28 08 PM" src="https://user-images.githubusercontent.com/11356435/221023592-7acd7bcc-8dd7-40ba-a563-e84e0a0f1e92.png"> A user with permissions <img width="1520" alt="Screen Shot 2023-02-23 at 1 22 11 PM" src="https://user-images.githubusercontent.com/11356435/221023589-1cca1bf4-c9b5-4776-887d-73eb07b73862.png"> ### Testing 1. Create a user with the following permissions ``` Index: synthetics-*: read Kibana: Uptime/Synthetics: All. Integrations: All ``` 2. Log in as that user 3. Navigate to Private locations in Synthetics settings. Confirm the add agent button is disabled and the need permission notice appears 4. Log in as a super user, create a private location 5. Log out, log in as the regular Uptime user 6. Navigate to Private locations in Synthetics settings. Confirm the create location button is disabled and the need permission notice appears --------- Co-authored-by: florent-leborgne <florent.leborgne@elastic.co>
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Mar 1, 2023
## Summary Resolves elastic#150725 Adds `Integrations: All` permissions requirement for interacting with Private locations A user without permissions <img width="1500" alt="Screen Shot 2023-02-23 at 3 26 15 PM" src="https://user-images.githubusercontent.com/11356435/221023579-adc41aa9-2a57-4d97-89ef-048b757a3442.png"> <img width="354" alt="Screen Shot 2023-02-23 at 3 26 06 PM" src="https://user-images.githubusercontent.com/11356435/221023582-7025f9f7-068d-4d86-af2b-4699f51322d8.png"> <img width="359" alt="Screen Shot 2023-02-23 at 3 26 01 PM" src="https://user-images.githubusercontent.com/11356435/221023585-fb53b3fb-39e6-4340-b2dc-709168e66fc5.png"> <img width="1510" alt="Screen Shot 2023-02-23 at 2 36 02 PM" src="https://user-images.githubusercontent.com/11356435/221023588-582aa339-f14b-405c-86e8-8e22df5b9527.png"> <img width="1521" alt="Screen Shot 2023-02-23 at 1 16 38 PM" src="https://user-images.githubusercontent.com/11356435/221023590-2634a673-90a9-4e52-9725-4a2a50fa400e.png"> <img width="1509" alt="Screen Shot 2023-02-23 at 12 28 08 PM" src="https://user-images.githubusercontent.com/11356435/221023592-7acd7bcc-8dd7-40ba-a563-e84e0a0f1e92.png"> A user with permissions <img width="1520" alt="Screen Shot 2023-02-23 at 1 22 11 PM" src="https://user-images.githubusercontent.com/11356435/221023589-1cca1bf4-c9b5-4776-887d-73eb07b73862.png"> ### Testing 1. Create a user with the following permissions ``` Index: synthetics-*: read Kibana: Uptime/Synthetics: All. Integrations: All ``` 2. Log in as that user 3. Navigate to Private locations in Synthetics settings. Confirm the add agent button is disabled and the need permission notice appears 4. Log in as a super user, create a private location 5. Log out, log in as the regular Uptime user 6. Navigate to Private locations in Synthetics settings. Confirm the create location button is disabled and the need permission notice appears --------- Co-authored-by: florent-leborgne <florent.leborgne@elastic.co> (cherry picked from commit d86f2f8)
kibanamachine
referenced
this issue
Mar 1, 2023
…#152409) # Backport This will backport the following commits from `main` to `8.7`: - [[Synthetics] adjust permissions for private locations (#152037)](#152037) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Dominique Clarke","email":"dominique.clarke@elastic.co"},"sourceCommit":{"committedDate":"2023-03-01T00:40:49Z","message":"[Synthetics] adjust permissions for private locations (#152037)\n\n## Summary\r\n\r\nResolves https://github.com/elastic/kibana/issues/150725\r\n\r\nAdds `Integrations: All` permissions requirement for interacting with\r\nPrivate locations\r\n\r\nA user without permissions\r\n<img width=\"1500\" alt=\"Screen Shot 2023-02-23 at 3 26 15 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023579-adc41aa9-2a57-4d97-89ef-048b757a3442.png\">\r\n<img width=\"354\" alt=\"Screen Shot 2023-02-23 at 3 26 06 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023582-7025f9f7-068d-4d86-af2b-4699f51322d8.png\">\r\n<img width=\"359\" alt=\"Screen Shot 2023-02-23 at 3 26 01 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023585-fb53b3fb-39e6-4340-b2dc-709168e66fc5.png\">\r\n<img width=\"1510\" alt=\"Screen Shot 2023-02-23 at 2 36 02 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023588-582aa339-f14b-405c-86e8-8e22df5b9527.png\">\r\n<img width=\"1521\" alt=\"Screen Shot 2023-02-23 at 1 16 38 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023590-2634a673-90a9-4e52-9725-4a2a50fa400e.png\">\r\n<img width=\"1509\" alt=\"Screen Shot 2023-02-23 at 12 28 08 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023592-7acd7bcc-8dd7-40ba-a563-e84e0a0f1e92.png\">\r\n\r\nA user with permissions\r\n<img width=\"1520\" alt=\"Screen Shot 2023-02-23 at 1 22 11 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023589-1cca1bf4-c9b5-4776-887d-73eb07b73862.png\">\r\n\r\n### Testing\r\n\r\n1. Create a user with the following permissions\r\n```\r\nIndex: synthetics-*: read\r\nKibana: Uptime/Synthetics: All. Integrations: All\r\n```\r\n2. Log in as that user\r\n3. Navigate to Private locations in Synthetics settings. Confirm the add\r\nagent button is disabled and the need permission notice appears\r\n4. Log in as a super user, create a private location\r\n5. Log out, log in as the regular Uptime user\r\n6. Navigate to Private locations in Synthetics settings. Confirm the\r\ncreate location button is disabled and the need permission notice\r\nappears\r\n\r\n---------\r\n\r\nCo-authored-by: florent-leborgne <florent.leborgne@elastic.co>","sha":"d86f2f8eb95f03b5fff44410a3371b169ec27e31","branchLabelMapping":{"^v8.8.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","Team:uptime","release_note:skip","v8.7.0","v8.8.0"],"number":152037,"url":"https://github.com/elastic/kibana/pull/152037","mergeCommit":{"message":"[Synthetics] adjust permissions for private locations (#152037)\n\n## Summary\r\n\r\nResolves https://github.com/elastic/kibana/issues/150725\r\n\r\nAdds `Integrations: All` permissions requirement for interacting with\r\nPrivate locations\r\n\r\nA user without permissions\r\n<img width=\"1500\" alt=\"Screen Shot 2023-02-23 at 3 26 15 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023579-adc41aa9-2a57-4d97-89ef-048b757a3442.png\">\r\n<img width=\"354\" alt=\"Screen Shot 2023-02-23 at 3 26 06 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023582-7025f9f7-068d-4d86-af2b-4699f51322d8.png\">\r\n<img width=\"359\" alt=\"Screen Shot 2023-02-23 at 3 26 01 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023585-fb53b3fb-39e6-4340-b2dc-709168e66fc5.png\">\r\n<img width=\"1510\" alt=\"Screen Shot 2023-02-23 at 2 36 02 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023588-582aa339-f14b-405c-86e8-8e22df5b9527.png\">\r\n<img width=\"1521\" alt=\"Screen Shot 2023-02-23 at 1 16 38 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023590-2634a673-90a9-4e52-9725-4a2a50fa400e.png\">\r\n<img width=\"1509\" alt=\"Screen Shot 2023-02-23 at 12 28 08 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023592-7acd7bcc-8dd7-40ba-a563-e84e0a0f1e92.png\">\r\n\r\nA user with permissions\r\n<img width=\"1520\" alt=\"Screen Shot 2023-02-23 at 1 22 11 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023589-1cca1bf4-c9b5-4776-887d-73eb07b73862.png\">\r\n\r\n### Testing\r\n\r\n1. Create a user with the following permissions\r\n```\r\nIndex: synthetics-*: read\r\nKibana: Uptime/Synthetics: All. Integrations: All\r\n```\r\n2. Log in as that user\r\n3. Navigate to Private locations in Synthetics settings. Confirm the add\r\nagent button is disabled and the need permission notice appears\r\n4. Log in as a super user, create a private location\r\n5. Log out, log in as the regular Uptime user\r\n6. Navigate to Private locations in Synthetics settings. Confirm the\r\ncreate location button is disabled and the need permission notice\r\nappears\r\n\r\n---------\r\n\r\nCo-authored-by: florent-leborgne <florent.leborgne@elastic.co>","sha":"d86f2f8eb95f03b5fff44410a3371b169ec27e31"}},"sourceBranch":"main","suggestedTargetBranches":["8.7"],"targetPullRequestStates":[{"branch":"8.7","label":"v8.7.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.8.0","labelRegex":"^v8.8.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/152037","number":152037,"mergeCommit":{"message":"[Synthetics] adjust permissions for private locations (#152037)\n\n## Summary\r\n\r\nResolves https://github.com/elastic/kibana/issues/150725\r\n\r\nAdds `Integrations: All` permissions requirement for interacting with\r\nPrivate locations\r\n\r\nA user without permissions\r\n<img width=\"1500\" alt=\"Screen Shot 2023-02-23 at 3 26 15 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023579-adc41aa9-2a57-4d97-89ef-048b757a3442.png\">\r\n<img width=\"354\" alt=\"Screen Shot 2023-02-23 at 3 26 06 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023582-7025f9f7-068d-4d86-af2b-4699f51322d8.png\">\r\n<img width=\"359\" alt=\"Screen Shot 2023-02-23 at 3 26 01 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023585-fb53b3fb-39e6-4340-b2dc-709168e66fc5.png\">\r\n<img width=\"1510\" alt=\"Screen Shot 2023-02-23 at 2 36 02 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023588-582aa339-f14b-405c-86e8-8e22df5b9527.png\">\r\n<img width=\"1521\" alt=\"Screen Shot 2023-02-23 at 1 16 38 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023590-2634a673-90a9-4e52-9725-4a2a50fa400e.png\">\r\n<img width=\"1509\" alt=\"Screen Shot 2023-02-23 at 12 28 08 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023592-7acd7bcc-8dd7-40ba-a563-e84e0a0f1e92.png\">\r\n\r\nA user with permissions\r\n<img width=\"1520\" alt=\"Screen Shot 2023-02-23 at 1 22 11 PM\"\r\nsrc=\"https://user-images.githubusercontent.com/11356435/221023589-1cca1bf4-c9b5-4776-887d-73eb07b73862.png\">\r\n\r\n### Testing\r\n\r\n1. Create a user with the following permissions\r\n```\r\nIndex: synthetics-*: read\r\nKibana: Uptime/Synthetics: All. Integrations: All\r\n```\r\n2. Log in as that user\r\n3. Navigate to Private locations in Synthetics settings. Confirm the add\r\nagent button is disabled and the need permission notice appears\r\n4. Log in as a super user, create a private location\r\n5. Log out, log in as the regular Uptime user\r\n6. Navigate to Private locations in Synthetics settings. Confirm the\r\ncreate location button is disabled and the need permission notice\r\nappears\r\n\r\n---------\r\n\r\nCo-authored-by: florent-leborgne <florent.leborgne@elastic.co>","sha":"d86f2f8eb95f03b5fff44410a3371b169ec27e31"}}]}] BACKPORT--> Co-authored-by: Dominique Clarke <dominique.clarke@elastic.co>
|
Post FF bug fix moving to Done Done |
bmorelli25
pushed a commit
to bmorelli25/kibana
that referenced
this issue
Mar 10, 2023
![https://user-images.githubusercontent.com/11356435/221023579-adc41aa9-2a57-4d97-89ef-048b757a3442.png\">\r\n<img](https://user-images.githubusercontent.com/11356435/221023579-adc41aa9-2a57-4d97-89ef-048b757a3442.png\">\r\n<img){kind=link}
![https://user-images.githubusercontent.com/11356435/221023582-7025f9f7-068d-4d86-af2b-4699f51322d8.png\">\r\n<img](https://user-images.githubusercontent.com/11356435/221023582-7025f9f7-068d-4d86-af2b-4699f51322d8.png\">\r\n<img){kind=link}
![https://user-images.githubusercontent.com/11356435/221023585-fb53b3fb-39e6-4340-b2dc-709168e66fc5.png\">\r\n<img](https://user-images.githubusercontent.com/11356435/221023585-fb53b3fb-39e6-4340-b2dc-709168e66fc5.png\">\r\n<img){kind=link}
![https://user-images.githubusercontent.com/11356435/221023588-582aa339-f14b-405c-86e8-8e22df5b9527.png\">\r\n<img](https://user-images.githubusercontent.com/11356435/221023588-582aa339-f14b-405c-86e8-8e22df5b9527.png\">\r\n<img){kind=link}
![https://user-images.githubusercontent.com/11356435/221023590-2634a673-90a9-4e52-9725-4a2a50fa400e.png\">\r\n<img](https://user-images.githubusercontent.com/11356435/221023590-2634a673-90a9-4e52-9725-4a2a50fa400e.png\">\r\n<img){kind=link}
![https://user-images.githubusercontent.com/11356435/221023592-7acd7bcc-8dd7-40ba-a563-e84e0a0f1e92.png\">\r\n\r\nA](https://user-images.githubusercontent.com/11356435/221023592-7acd7bcc-8dd7-40ba-a563-e84e0a0f1e92.png\">\r\n\r\nA){kind=link}
![https://user-images.githubusercontent.com/11356435/221023589-1cca1bf4-c9b5-4776-887d-73eb07b73862.png\">\r\n\r\n###](https://user-images.githubusercontent.com/11356435/221023589-1cca1bf4-c9b5-4776-887d-73eb07b73862.png\">\r\n\r\n###){kind=link}
## Summary Resolves elastic#150725 Adds `Integrations: All` permissions requirement for interacting with Private locations A user without permissions <img width="1500" alt="Screen Shot 2023-02-23 at 3 26 15 PM" src="https://user-images.githubusercontent.com/11356435/221023579-adc41aa9-2a57-4d97-89ef-048b757a3442.png"> <img width="354" alt="Screen Shot 2023-02-23 at 3 26 06 PM" src="https://user-images.githubusercontent.com/11356435/221023582-7025f9f7-068d-4d86-af2b-4699f51322d8.png"> <img width="359" alt="Screen Shot 2023-02-23 at 3 26 01 PM" src="https://user-images.githubusercontent.com/11356435/221023585-fb53b3fb-39e6-4340-b2dc-709168e66fc5.png"> <img width="1510" alt="Screen Shot 2023-02-23 at 2 36 02 PM" src="https://user-images.githubusercontent.com/11356435/221023588-582aa339-f14b-405c-86e8-8e22df5b9527.png"> <img width="1521" alt="Screen Shot 2023-02-23 at 1 16 38 PM" src="https://user-images.githubusercontent.com/11356435/221023590-2634a673-90a9-4e52-9725-4a2a50fa400e.png"> <img width="1509" alt="Screen Shot 2023-02-23 at 12 28 08 PM" src="https://user-images.githubusercontent.com/11356435/221023592-7acd7bcc-8dd7-40ba-a563-e84e0a0f1e92.png"> A user with permissions <img width="1520" alt="Screen Shot 2023-02-23 at 1 22 11 PM" src="https://user-images.githubusercontent.com/11356435/221023589-1cca1bf4-c9b5-4776-887d-73eb07b73862.png"> ### Testing 1. Create a user with the following permissions ``` Index: synthetics-*: read Kibana: Uptime/Synthetics: All. Integrations: All ``` 2. Log in as that user 3. Navigate to Private locations in Synthetics settings. Confirm the add agent button is disabled and the need permission notice appears 4. Log in as a super user, create a private location 5. Log out, log in as the regular Uptime user 6. Navigate to Private locations in Synthetics settings. Confirm the create location button is disabled and the need permission notice appears --------- Co-authored-by: florent-leborgne <florent.leborgne@elastic.co>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Kibana version: 8.7.0
Description of the problem including expected versus actual behavior:
In the private locations setting in Synthetics, the add agent policy prompt appears when the user does not have sufficient permissions to add an agent policy.
Settings-Synthetics---Kibana.webm
This appears when the user has
Fleet: Allpermissions but notIntegrations: All.These are the Kibana permissions I had set for this user
Note, the proper error flow does show up when the user ONLY has
Synthetics/Uptime: Allpermissions, as well as when the user hasSynthetics/Uptime: Allpermissions andIntegrations: Allpermissions, but notFleet: Allpermissions.Steps to reproduce:
synthetics-*ES permissions, and Uptime/Synthetics All and Fleet All permissions. Leave out Integrations permissions. Create a user with that role.The text was updated successfully, but these errors were encountered: