Description
The BucketAdmin role allows access to buckets other than the one(s) specified to be accessible by the user.
I loaded three buckets on a cluster
I then created a user "BucketAdmin" with Bucket Admin role for the travel-sample bucket
I then logged into the UI as the "BucketAdmin" and the dashboard only lets me see the travel-sample (expected behavior).
I then go to the Cluster > Bucket dashboard and am able to see all the buckets
And I'm only allowed to edit "travel-sample" (as expected)
I feel the dashboard allowing me to see all the buckets is a violation of the permissions for the role. Here's the definition of the bucket_admin role in the ns_server code. The line marked "<<<<<" is the line that allows seeing all the buckets.
{bucket_admin, [bucket_name],
|
[{name, <<"Bucket Admin">>}, |
{folder, bucket},
|
{desc, <<"Can manage ALL bucket features for a given bucket (including " |
"start/stop XDCR). This user can access the web console. This " |
"user cannot read data.">>}], |
[{[{bucket, bucket_name}, xdcr], [read, execute]},
|
{[{bucket, bucket_name}, data], none},
|
{[{bucket, bucket_name}, views], none},
|
{[{bucket, bucket_name}, n1ql], none},
|
{[{bucket, bucket_name}, fts], none},
|
{[{bucket, any}, analytics], none},
|
{[{bucket, bucket_name}], all},
|
{[{bucket, any}, settings], [read]}, <<<<<<<<<<<<<<<<<<<<
|
{[{bucket, any}], none},
|
{[xdcr], none},
|
{[admin], none},
|
{[eventing], none},
|
{[analytics], none},
|
{[backup], none},
|
{[settings, metrics], none},
|
{[], [read]}]},
|
Here's the use of a rest endpoint as BucketAdmin where it returns buckets where I don't have permission
$ curl -s -u BucketAdmin:asdasd localhost:9000/pools/default/buckets | jq | grep '"name":'
|
"name": "default",
|
"name": "gamesim-sample",
|
"name": "travel-sample",
|
I would like to remove the above <<<<<<< line which would make it such that the Bucket Admin would only see the authorized buckets.