Add manage search query rules permission#97941
Conversation
kderusso
added
>non-issue
:Security/Authorization
|
Documentation preview: |
|
Pinging @elastic/es-security (Team:Security) |
|
Pinging @elastic/ent-search-eng (Team:Enterprise Search) |
|
Relates to PR to manage synonyms: #97853 |
kderusso
force-pushed
the
kderusso/add-manage-query-rules-privilege
branch
from
602accf to
b6f38ee
Compare
kderusso
force-pushed
the
kderusso/add-manage-query-rules-privilege
branch
from
a052b63 to
c8e0204
Compare
|
|
||
| public static final DeleteQueryRulesetAction INSTANCE = new DeleteQueryRulesetAction(); | ||
| public static final String NAME = "cluster:admin/xpack/query_rules/delete"; | ||
| public static final String NAME = "cluster:admin/search/query_rules/delete"; |
There was a problem hiding this comment.
I renamed this based on the discussion we had to make a manage search privilege that these fall under. If we don't want to do this I can change it back to xpack. WDYT?
There was a problem hiding this comment.
As mentioned in #97853, I don't think that's necessary. I also don't see a common grouping like that in the rest of the actions. I'd vote for keeping as is unless we have a good reason not to.
There was a problem hiding this comment.
OK, I'll change them back. My bad, I misunderstood the goal.
There was a problem hiding this comment.
On second thought, should it be xpack/search/query_rules?
There was a problem hiding this comment.
I'd still say that we don't need the /search/ prefix. I find them more descriptive without it. Not a strong opinion though.
++. We could probably achieve this by adding auth headers to all the existing tests, and adding an additional use case with a user with no permissions. |
4 participants
Adds a permission to manage search query rules.