🐛 [BUG] - (ui) watches on unauthorized objects throw constant errors

cloudoperators / greenhouse

Cloud operations platform

https://cloudoperators.github.io/greenhouse/

Apache License 2.0

12 stars 1 forks source link

🐛 [BUG] - (ui) watches on unauthorized objects throw constant errors #293

Closed edda closed 2 months ago

edda commented 3 months ago

Priority

(Medium) I'm annoyed but I'll live

Description

For users who aren't authorized to get secrets the browser console is spammed with failing watch responses and 403 messages.

Expected behaviour: If the user isn't authorized to GET secrets the watch shouldn't be initiated

Reproduction steps

1. As a user who isn't authorized to GET secrets access the Greenhouse dashboard
2. Open the browser console to see the error spam

uwe-mayer commented 3 months ago

Broadening context of the issue: This is not only true for secrets in secrets admin, but it is a general problem. Depending on the users permissions the client might get unauthorized on getting/watching k8s resources. We need to correctly handle the errors and safeguard the watches from retrying when unauthorized.