Those patterns are written in the “.kibana” index. So ANY user with “rw” or “admin” kibana access can configure them from the “management” tab.
It’s natural that with ROR PRO (or the ES plugin alone) some users will not be allowed to query for some of those indices. The ES plugin will just return rewrite the request to include only the indices they can see, or nothing at all.
This discrepancy is the result of the fact that users with different index privileges are accessing the same “.kibana” index. The only real thing to do if you want to hide any reference to indices that are not allowed, is to use multi-tenancy (each user can have their own “.kibana” index), which is something we offer in ROR Enterprise.