Fix improperly authenticated access to advanced settings and share URL #9214
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
|
@jbudz says LGTM, but he had to head out |
spalger
force-pushed
the
fix/ui-settings+short-url/surface-es-errors
branch
from
24d0e04 to
9c9b551
Compare
tylersmalley
approved these changes
Nov 23, 2016
This was referenced Nov 23, 2016
elastic-jasper
added a commit
that referenced
this pull request
Nov 23, 2016
Backports PR #9214 **Commit 1:** [server/uiSettings+shortUrl] surface errors from es * Original sha: 9c9b551 * Authored by spalger <[email protected]> on 2016-11-16T01:56:38Z **Commit 2:** [uiExports/replaceInjectedVars] update the uiSettings stub * Original sha: 65b1e0a * Authored by spalger <[email protected]> on 2016-11-23T23:38:04Z **Commit 3:** [uiSettings] correct test cases after moving from 401 -> 403 * Original sha: c2c7fdb * Authored by spalger <[email protected]> on 2016-11-23T23:41:08Z
elastic-jasper
added a commit
that referenced
this pull request
Nov 23, 2016
Backports PR #9214 **Commit 1:** [server/uiSettings+shortUrl] surface errors from es * Original sha: 9c9b551 * Authored by spalger <[email protected]> on 2016-11-16T01:56:38Z **Commit 2:** [uiExports/replaceInjectedVars] update the uiSettings stub * Original sha: 65b1e0a * Authored by spalger <[email protected]> on 2016-11-23T23:38:04Z **Commit 3:** [uiSettings] correct test cases after moving from 401 -> 403 * Original sha: c2c7fdb * Authored by spalger <[email protected]> on 2016-11-23T23:41:08Z
spalger
pushed a commit
to spalger/kibana
that referenced
this pull request
Nov 24, 2016
Backports PR elastic#9214 **Commit 1:** [server/uiSettings+shortUrl] surface errors from es * Original sha: 9c9b551 * Authored by spalger <[email protected]> on 2016-11-16T01:56:38Z **Commit 2:** [uiExports/replaceInjectedVars] update the uiSettings stub * Original sha: 65b1e0a * Authored by spalger <[email protected]> on 2016-11-23T23:38:04Z **Commit 3:** [uiSettings] correct test cases after moving from 401 -> 403 * Original sha: c2c7fdb * Authored by spalger <[email protected]> on 2016-11-23T23:41:08Z
spalger
pushed a commit
that referenced
this pull request
Nov 24, 2016
Backports PR #9214 **Commit 1:** [server/uiSettings+shortUrl] surface errors from es * Original sha: 9c9b551 * Authored by spalger <[email protected]> on 2016-11-16T01:56:38Z **Commit 2:** [uiExports/replaceInjectedVars] update the uiSettings stub * Original sha: 65b1e0a * Authored by spalger <[email protected]> on 2016-11-23T23:38:04Z **Commit 3:** [uiSettings] correct test cases after moving from 401 -> 403 * Original sha: c2c7fdb * Authored by spalger <[email protected]> on 2016-11-23T23:41:08Z
spalger
pushed a commit
that referenced
this pull request
Nov 24, 2016
Backports PR #9214 **Commit 1:** [server/uiSettings+shortUrl] surface errors from es * Original sha: 9c9b551 * Authored by spalger <[email protected]> on 2016-11-16T01:56:38Z **Commit 2:** [uiExports/replaceInjectedVars] update the uiSettings stub * Original sha: 65b1e0a * Authored by spalger <[email protected]> on 2016-11-23T23:38:04Z **Commit 3:** [uiSettings] correct test cases after moving from 401 -> 403 * Original sha: c2c7fdb * Authored by spalger <[email protected]> on 2016-11-23T23:41:08Z
spalger
pushed a commit
that referenced
this pull request
Nov 24, 2016
Backports PR #9214 **Commit 1:** [server/uiSettings+shortUrl] surface errors from es * Original sha: 9c9b551 * Authored by spalger <[email protected]> on 2016-11-16T01:56:38Z **Commit 2:** [uiExports/replaceInjectedVars] update the uiSettings stub * Original sha: 65b1e0a * Authored by spalger <[email protected]> on 2016-11-23T23:38:04Z **Commit 3:** [uiSettings] correct test cases after moving from 401 -> 403 * Original sha: c2c7fdb * Authored by spalger <[email protected]> on 2016-11-23T23:41:08Z
epixa
changed the title
epixa
changed the title
airow
pushed a commit
to airow/kibana
that referenced
this pull request
Feb 16, 2017
Backports PR elastic#9214 **Commit 1:** [server/uiSettings+shortUrl] surface errors from es * Original sha: 9c9b551 * Authored by spalger <[email protected]> on 2016-11-16T01:56:38Z **Commit 2:** [uiExports/replaceInjectedVars] update the uiSettings stub * Original sha: 65b1e0a * Authored by spalger <[email protected]> on 2016-11-23T23:38:04Z **Commit 3:** [uiSettings] correct test cases after moving from 401 -> 403 * Original sha: c2c7fdb * Authored by spalger <[email protected]> on 2016-11-23T23:41:08Z Former-commit-id: 4f22595
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Kibana 5.0.0 and 5.0.1 were making requests to advanced settings and the short
URL service on behalf of the kibana server rather than the current user, which
means that being authenticated at all was sufficient to have both read and
write access to the advanced settings and short URLs.
Kibana 5.0.2 now authenticates requests for each service on behalf of the
current user.
ESA-2016-10