I created a role which has Read/Edit access to a Stream. The Stream is specific to a GELF Input channel.
If I assign that Role to a user, and the user goes to edit that Stream, and they choose a different Input channel (in my case syslog), then the graylog-web/application.log correctly reports
Cannot invoke the action, ... returned 403 Forbidden body: {"type":"ApiError","message":"Not authorized"}
but the web interface shows the error
Could not retrieve error.... Internal server error
So it looks (from an end-user perspective) like a bug with graylog, whereas to my eyes this is simply an incorrect error message. It is a "403", so couldn't graylog-web be changed to report that as "Not authorized"?
Hi there
I created a role which has Read/Edit access to a Stream. The Stream is specific to a GELF Input channel.
If I assign that Role to a user, and the user goes to edit that Stream, and they choose a different Input channel (in my case syslog), then the graylog-web/application.log correctly reports
Cannot invoke the action, ... returned 403 Forbidden body: {"type":"ApiError","message":"Not authorized"}
but the web interface shows the error
Could not retrieve error.... Internal server error
So it looks (from an end-user perspective) like a bug with graylog, whereas to my eyes this is simply an incorrect error message. It is a "403", so couldn't graylog-web be changed to report that as "Not authorized"?
Thanks
Jason