Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Workbench] Validation is allowed even without the capability "Create / Update knowledge" #8962

Closed
Lhorus6 opened this issue Nov 9, 2024 · 1 comment · Fixed by #9047
Closed

[Workbench] Validation is allowed even without the capability "Create / Update knowledge" #8962

Lhorus6 opened this issue Nov 9, 2024 · 1 comment · Fixed by #9047
Assignees
@labo-flg
Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 6.4.1

Comments

@Lhorus6
Copy link

Lhorus6 commented Nov 9, 2024

Description

The "Import knowledge" capability allows access to the workbench.
The "Create / Update knowledge" allow ingest the data, i.e. to validate the workbench and write the data into the database.

If you only have "Import knowledge", you can still validate the workbench, but nothing will happen (the data will not be created). Moreover, a validation message is displayed, despite the fact that it will not work, which is very confusing:

Image

Environment

OCTI 6.3.11

Reproducible Steps

Steps to create the smallest reproducible scenario:

  1. With an admin user, create a report A, import a pdf in the report A's Data tab, and generate a workbench (if it has not been generated automatically).
  2. Create a User B with all marking allowed and only "Access knowledge" and "Import knowledge" capabilities
  3. Log in with user B
  4. Go on the report A's Data tab.
  5. Click on the workbench.
  6. Validate the workbench.
  7. Check that entities in the workbench that did not exist in the platform are still non-existent

Expected Output

The validation button should be grayed out, or an error message should be displayed after clicking the button if you don't have the "Create / Update knowledge" capability.
@Lhorus6 Lhorus6 added bug use for describing something not working as expected needs triage use to identify issue needing triage from Filigran Product team labels Nov 9, 2024
@nino-filigran
Copy link

Got spot @Lhorus6 , user without validate knowledge should not be able to validate a workbench at all!

@nino-filigran nino-filigran removed the needs triage use to identify issue needing triage from Filigran Product team label Nov 12, 2024
labo-flg added a commit that referenced this issue Nov 17, 2024
@labo-flg
[frontend] Show validate workbench button according to capabilities (#…
6b33497 
…8962)
@labo-flg labo-flg mentioned this issue Nov 17, 2024
Merged
@labo-flg labo-flg added this to the Release 6.4.1 milestone Nov 17, 2024
@labo-flg labo-flg self-assigned this Nov 17, 2024
labo-flg added a commit that referenced this issue Nov 19, 2024
@labo-flg
[frontend] Show validate workbench button according to capabilities (#…
f338875 
…8962)
@SamuelHassine SamuelHassine added the solved use to identify issue that has been solved (must be linked to the solving PR) label Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@labo-flg labo-flg

Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 6.4.1
Development

Successfully merging a pull request may close this issue.

[frontend] Show validate workbench button according to capabilities (… OpenCTI-Platform/opencti
4 participants
@SamuelHassine @Lhorus6 @labo-flg @nino-filigran