UAA users can see logs but not supporting documents #314
Comments
|
Anyone seen this or able to point me in the right direction? |
|
The root cause of the issue is in routes.js — whenever a user is not a member of the system org, the original request to Elasticsearch that is generated by Kibana is modified by injecting two logsearch-for-cloudfoundry/src/kibana-cf_authentication/server/routes.js Lines 144 to 152 in 06dcccb This works well for regular searches, but fails for this specific case, since for View single document link Kibana generates a query with |
UAA users are able to see logs for the orgs they are associated with. However when they select the "View Surrounding Documents" they receive the following error
If the user is part of the system org (global admin) they are able to see all logs without any problems.
current version of logsearch 209.0.1
If they select "View single document" they receive a similar error with an Unknown Id error.
Users are setup as a mixture of Org Admins and Org Auditors.
I've also tried this with user set as a Space Developer. adding this makes no impact to the outcome
Are there additional levels of security or configuration required to enable this?
The text was updated successfully, but these errors were encountered: