Home Explore Help
Sign In
lqb
/
elasticsearch
mirror of https://gitee.com/mirrors/elasticsearch.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Add risk_score indexes for kibana_system_user (#96348)

* Add risk_score  indexes for kibana_system_user

* Fix typeo

* Java fix

* Change formatting
Khristinin Nikita 2 years ago
parent
d1d7aea720
commit
4fa7a94b2f
2 changed files with 5 additions and 1 deletions
Split View Show Diff Stats
  1. 2 1
      x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStore.java
  2. 3 0
      x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStoreTests.java

+ 2 - 1
x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStore.java
View File 

@@ -924,7 +924,8 @@ public class ReservedRolesStore implements BiConsumer<Set<String>, ActionListene
 
                         "logs-cloud_security_posture.vulnerabilities_latest-default*"
 
                     )
 
                     .privileges("create_index", "read", "index", "delete", IndicesAliasesAction.NAME, UpdateSettingsAction.NAME)
 
-                    .build() },
 
+                    .build(),
 
+                RoleDescriptor.IndicesPrivileges.builder().indices("risk-score.risk-*").privileges("all").build() },
 
             null,
 
             new ConfigurableClusterPrivilege[] {
 
                 new ManageApplicationPrivileges(Set.of("kibana-*")),

+ 3 - 0
x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStoreTests.java
View File 

@@ -1245,6 +1245,9 @@ public class ReservedRolesStoreTests extends ESTestCase {
 
                 is(true)
 
             );
 
         });
 
+
 
+        Arrays.asList("risk-score.risk-score-" + randomAlphaOfLength(randomIntBetween(0, 13)))
 
+            .forEach(indexName -> assertAllIndicesAccessAllowed(kibanaRole, indexName));
 
     }
 
 
     public void testKibanaAdminRole() {