Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-49184

[RBAC][UI] Some services accessible via UI even though user has insufficient privileges

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 7.1.0
    • 7.1.0
    • UI
    • Enterprise Edition 7.1.0 build 1558

    Description

      STEPS
      Following are the list of users present in the cluster.
      https://issues.couchbase.com/secure/attachment/165996/Screenshot%202021-10-27%20at%205.48.16%20PM.png

      Login as user4.
      FTS and eventing services are accessible via UI even though user has only view admin role.
      https://issues.couchbase.com/secure/attachment/165998/Screenshot%202021-10-27%20at%205.54.39%20PM.png

      Login as user1.
      FTS and eventing services are accessible via UI even though user has only cluster admin role.
      https://issues.couchbase.com/secure/attachment/165997/Screenshot%202021-10-27%20at%205.54.14%20PM.png

      Attachments

        For Gerrit Dashboard: MB-49184
        # Subject Branch Project Status CR V
        166244,19 MB-49184: allow user without xdcr.remote_clusters!read to open XDCR master ns_server Status: MERGED +2 +1
        166245,11 MB-49184: disable 'Enable Bloom Filter' if no cluster.settings.write master ns_server Status: MERGED +2 +1
        166246,11 MB-49184: hasWritePermissions should be defined before use master ns_server Status: MERGED +2 +1
        166247,11 MB-49184: cluster.settings!read is required by Alerts page master ns_server Status: MERGED +2 +1
        166248,11 MB-49184: cluster.settings!read is required by Sample Bucket page master ns_server Status: MERGED +2 +1
        166335,5 MB-49184: completely hide footer if user has no permissions master ns_server Status: MERGED +2 +1
        166336,5 MB-49184: permissions: disable sample buckets checkboxes master ns_server Status: MERGED +2 +1
        166337,5 MB-49184: permissions: disable sample buckets sumbit btn master ns_server Status: MERGED +2 +1
        166341,5 MB-49184: use right permissions to protect Views section master ns_server Status: MERGED +2 +1
        166342,6 MB-49184: permissions: hide General Settings Analytics Replicas field master ns_server Status: MERGED +2 +1

        Activity

          People

            pavel Pavel Blagodov
            sujay.gad Sujay Gad
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              PagerDuty