Closed Its-Ankush closed 1 week ago
scrawfor99
commented
1 week ago [Triage] Hi @Its-Ankush, thank you for filing this issue. OpenSearch follows the JSON Patch RFC (information for which can be found here: https://jsonpatch.com/). As a result, the behavior of replacing the entire config field is expected. Going to close this issue as this is not a Bug but the intended behavior.
Its-Ankush
commented
1 week ago Just in case if anyone wants to achieve this -
Change this
curl -k -u "username":"password" -XPATCH "https://IP:9200/_plugins/_security/api/rolesmapping/manage_snapshots" -H 'Content-Type:application/json' -d '[{"op":"add","path":"/backend_roles","value":["ghi"]}]'To this
curl -k -u "username":"password" -XPATCH "https://IP:9200/_plugins/_security/api/rolesmapping/manage_snapshots" -H 'Content-Type:application/json' -d '[{"op":"add","path":"/backend_roles/-","value":"ghi"}]'
What is the bug? Using the Patch role mapping API, it doesnt actually add
backend_rolesorusers. The API erases/replaces everything and adds that one role which you mention with the APIHow can one reproduce the bug? Steps to reproduce the behavior:
What is the expected behavior?
The same behaviour is for
"op": "replace/add"and the backend roles are always erased and then added.The ask is - to actually allow adding and stop erasing the existing backend roles/users. This will eliminate an extra
GETcall to fetch the pre-exisitng backend roles/users.What is your host/environment?
Do you have any screenshots? Yes, attached above
Do you have any additional context? n/a