RoR Enterprise: URL shortening forbidden

RoR 1.31.0
Elasticsearch 7.12.1
Kibana 7.12.1
Also tried with RoR 1.32.0 on Kibana (with 1.31.0 on Elasticsearch (more difficult to temp upgrade), also gives forbidden.

User with RW permissions on Kibana is not allowed to shorten URL’s.
I would asume even user with only RO permission on Kibana is allowed to shorten URL.

Dummy config:

  - name: "Allow team X read access to all indices"
    kibana_access: rw
    kibana_hide_apps: ["Analytics|Maps", "Analytics|Overview", "Observability", "Security", "readonlyrest_kbn", "Management", "Enterprise Search"]
    groups: ["X"]

  - username: theusersusersname
    auth_key_sha256: his-sha-hash
    groups: ["X"]

Results in:

[Allow team X read access to all indices-> RULES:[groups->true
 kibana_access->false] RESOLVED:[user=theusersusersname;group=X;av_groups=X;indices=.kibana_7.12.1]]

The audit event shows it as:

PUT indices:data/write/index IndexRequest /.kibana_7.12.1/_create/url:462a9265e68b04ce59dfb0cc4b428c1b

A user with level unrestricted is allowed to shorten URL’s.

Could you please check?
Is my assumption that even a RO Kibana user should be able to shorten URL’s correct?

@ronald.vanboven I’d suggest you try 1.33.0 (released yesterday) as we reworked this part of code.
It’ ok to experiment this new Kibana plugin while keeping the older Elasticsearch plugin in this occasion, having looked at the changelog, it should be safe to do so.

Oke, I will try and let you know.

1 Like

I tested this on 7.14.0 in combination with 1.33.1 and there it works.
For me this case can be closed.

1 Like

Glad to hear, thanks for bringing this up!