Closed DarshitChanpura closed 1 month ago
Attention: Patch coverage is 58.46154%
with 54 lines
in your changes are missing coverage. Please review.
Project coverage is 70.61%. Comparing base (
c41a480
) to head (d158733
).
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
@cwperks @derek-ho I'm marking conversations as resolved. Please re-open them if any comment requires more discussion.
@scrawfor99 addressed all comments and resolved conversations that were duplicates. Please resolve or comment on the open items so we can address those and bring them to closure.
@DarshitChanpura Small nit on design. Can the "You do not have permissions text" be centered in the container?
The change LGTM otherwise. Thank you @DarshitChanpura!
@cwperks The alignment is handled by parent component in this case. AccessErrorComponent uses EuiPageContent, which defaults to center justified. If we want to align it correctly we will have to adjust parent component, since all the wrapper component align the text as left justified. IMO, it is fine to leave it as is and get the PR merged since making changes to parent component is not feasible.
The backport to 2.x
failed:
The process '/usr/bin/git' failed with exit code 1
To backport manually, run these commands in your terminal:
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-2.x 2.x
# Navigate to the new working tree
cd .worktrees/backport-2.x
# Create a new branch
git switch --create backport/backport-1964-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 b3e444fa6f3af1410c10a937a44cb1b2fe0127cb
# Push it to GitHub
git push --set-upstream origin backport/backport-1964-to-2.x
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-2.x
Then, create a pull request where the base
branch is 2.x
and the compare
/head
branch is backport/backport-1964-to-2.x
.
Description
When a user with multi-data-source feature enabled tries to access the cluster, the Security tab will be rendered based on whether the user has access to connected OpenSearch cluster, and not on whether they have access to remote cluster. This is an inconsistent behavior. To fix this we will display Security tab always when
dataSource.enabled
feature flag is set to true.Changes addressed:
Category
New feature
Why these changes are required?
To promote seamless experience for multi-data-source users.
What is the old behavior before changes and new behavior after changes?
Before, admins of remote data-source could not access the security configuration features via dashboard. With this change, admins will have config screen access to clusters it has access to. If they don't have access, a message along the lines
You do not have permission to view the data for <cluster-name>.
will be displayed.Issues Resolved
Testing
1. Only access to Remote DataSource using admin credentials
https://github.com/opensearch-project/security-dashboards-plugin/assets/35282393/dcb4af89-4980-4973-b122-2d16f2502a8e
https://github.com/opensearch-project/security-dashboards-plugin/assets/35282393/2003cabc-e9dd-4731-8f37-6893a9fc5bea
2. Only access to Local DataSource (also remote data-source using admin credentials)
https://github.com/opensearch-project/security-dashboards-plugin/assets/35282393/491fc4df-1380-48ad-9b1c-03d4599a2921
https://github.com/opensearch-project/security-dashboards-plugin/assets/35282393/ba2d5f18-1d91-4201-aec7-125e73676764
Currently, the remote data-source connection uses stored credentials to interact with remote data-source.
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.