ES plugin - filter

AlexG · December 20, 2022, 12:49pm

Hello! This is the config of ROR

readonlyrest:
  prompt_for_basic_auth: false
  access_control_rules:
  - name: "Full Admin Kibana"
    groups: ["full-admin"]
    indices: ["*"]
    kibana_access: "admin"
  - name: "Full Admin Users"
    groups: ["full-admin"]
    indices: ["*"]
    actions: ["*"]
  - name: "Client Admin Group Kibana"
    groups: ["client_admin"]
    indices: [".kibana_client_admin", "*"]
    kibana_access: "rw"
    kibana_index: ".kibana_client_admin"
  - name: "Client Admin Group 0"
    groups: ["client_admin"]
    indices: ["*"]
    actions: ["*"]
  - name: "filtru Kibana"
    groups: ["filtru"]
    indices: ["*"]
    filter: "{\n  \"bool\": {\n   \"must\": [\n       {\"term\":{\"df_country.keyword\": \"Ivory Coast\"}}\n       ]\n }\n }"
    kibana_access: "rw"
    kibana_index: ".kibana_filtru"
  - name: "filtru Kibana 1"
    groups: ["filtru"]
    indices: [".kibana_filtru" ,"*"]
    kibana_access: "rw"
    kibana_index: ".kibana_filtru"
  proxy_auth_configs:
  - name: "px1"
    user_id_header: "x-forwarded-user"
  users:
  - username: "fulladmin"
    groups: ["full-admin"]
    auth_key_sha256: "*****"
  - username: "user"
    groups: ["client_admin", "filtru"]
    proxy_auth:
      proxy_auth_config: "px1"
      users: ["user"]
  - username: "kibana"
    groups: ["full-admin"]
    auth_key_sha256: "*****"
  - username: "user2"
    groups: ["full-admin"]
    auth_key_sha256: "*****"
  jwt:
  - name: "jwt_provider"
    signature_algo: "RSA"
    signature_key: "*****"
    user_claim: "sub"
    header_name: "Authorization"

Also I have installed this version readonlyrest-1.45.0-pre5_es7.12.1 for each es node. Again, if I put in filter config “ must_not”, it works but “must” returns error.

|statusCode|500|
|error|Internal Server Error|
|message|An internal server error occurred.|

Thank you !

AlexG · January 11, 2023, 8:28am

Hello ! some updates about this issue ?

sscarduzio · January 11, 2023, 3:20pm

@coutoPL this should be easy to reproduce, WDYT?

coutoPL · January 11, 2023, 4:42pm

I’m going to take care of this one this week.

coutoPL · January 11, 2023, 9:25pm

@AlexG I’ve checked it and it works for me, but … maybe I see it differently because:

you didn’t tell us how you interact with the ES (directly using ES REST API or using Kibana)
2a. if using API - what endpoint do you call
2b. if using Kibana - what do you do when you see the error?
do you see logs related to the issue? in ES logs or Kibana logs?
the error code is 500 or 503? (in one post you tell us about 503 but in the next about 500)
when you talk about “filter” do you mean the ROR filter rule or Elasticsearch Query filter (in the body of the _search request)?

sscarduzio · January 16, 2023, 9:16am

@AlexG are you able to give us more material follow up on this?

AlexG · January 18, 2023, 9:04am

Hello !
It seems that this issue has been solved. The config of filter doesn’t permit the configuration of indices on all indices like this(*),
in this case you should select a specific index Ex.:“country” and the configuration of filter is {“bool”:{“must”:[{“term”:{“df_country.keyword”: “Ivory Coast”}}]}}

Thank you !