I started to use ReadonlyREST a few days ago and I was having a very good experience.
I’ve installed to use Elasticsearch as a Multi-Tenant enviorement.
Everything was going really fine, until I found an unexpected problem.
I have two indexes: testea and testeb.
So, I’ve created an Index Pattern in Kibana with the name teste*.
After that, I built some visualizations with the “teste*” as the source and putted them on a dashboard.
I was planning to use 3 users:
- teste: Allowed to visualize testea and testeb.
- testea: Allowed to visualize testea.
- testeb: Allowed to visualize testeb.
The my intention was to use the same dashboard to login with the 3 users and have distinct access.
And my plan is working and is not working.
The histogram and metric are working perfectly on the dashboard (they are providing only the values for the allowed index).
However, the pies and bars are returning the information of all indexes, even the forbidden ones.
The strangest thing is that it only happens in the dashboard page, when I click to check the visualization on the visualization page of the pies and the bars, it works as it is expected.
I’ve already tried to rebuild the dashboard, visualization and nothing.
Would you please help me to clarify?
Follow the elasticsearch.yml:
enable: true ssl: enable: false response_if_req_forbidden: Forbidden by ReadonlyREST ES plugin access_control_rules: - name: "::LOGSTASH::" auth_key: logstash:logstash actions: ["cluster:monitor/main","indices:admin/types/exists","indices:data/read/*","indices:data/write/*","indices:admin/template/*","indices:admin/create"] - name: "ADMIN" auth_key_sha1: bbf1cd559a7b422b91cc2eff0ff5f033244e1885 - name: "Teste" auth_key: teste:teste kibana_access: ro indices: [".kibana", "testea", "testeb"] - name: "Testea" auth_key: testea:testea kibana_access: ro indices: [".kibana", "testea"] - name: "Testeb" auth_key: testeb:testeb kibana_access: ro indices: [".kibana", "testeb"]