Closed derek-ho closed 3 weeks ago
What is the bug? Some APIs which DNFOF should work for do not. Namely: GET _cat/aliases
A similar issue was fixed for cat/indices here: https://github.com/opensearch-project/security/pull/3236. It seems like the initial issue also called out aliases as a bug, but that was not addressed: https://github.com/opensearch-project/security/issues/1815
How can one reproduce the bug? Create a user without access to some of the following list, would expect DNFOF setting to work, but it does not
What is the expected behavior? DNFOF should work
What is your host/environment?
Do you have any screenshots? If applicable, add screenshots to help explain your problem.
Do you have any additional context? Add any other context about the problem.
[Triage] Hi @derek-ho, thank you for filing this issue. This seems like a good addition based on the past discussion.
What is the bug? Some APIs which DNFOF should work for do not. Namely: GET _cat/aliases
A similar issue was fixed for cat/indices here: https://github.com/opensearch-project/security/pull/3236. It seems like the initial issue also called out aliases as a bug, but that was not addressed: https://github.com/opensearch-project/security/issues/1815
How can one reproduce the bug? Create a user without access to some of the following list, would expect DNFOF setting to work, but it does not
What is the expected behavior? DNFOF should work
What is your host/environment?
Do you have any screenshots? If applicable, add screenshots to help explain your problem.
Do you have any additional context? Add any other context about the problem.