Details
Description
Need to double-check this, so this is sort of a to-do to double-check the theory...
When the user tries to define or access/search an index alias, according to the permission definitions...
https://github.com/couchbase/cbft/blob/master/rest_perm.go#L23
GET /api/index/{indexName}
|
cluster.bucket[<sourceName>].fts!read
|
The index alias does not actually have a sourceName (indeed, the index alias might have >= 0 target indexes, which in turn would each have a sourceName).
So the permission, according to my reading of the code, would devolve or collapse down to...
cluster.bucket.fts!read
|
...which might be the right permission for an index alias just to get a DP out the door.
But, a better permission for an index alias would be the union of the permissions of the target indexes that the index alias is to pointing to.