Adding manage_own_api_key privilege to apiKey creation validation

elastic · Jun 8, 2023 · a552963 · a552963
1 parent 8d4a710
commit a552963
Showing 1 changed file with 8 additions and 23 deletions.
diff --git a/...servability_onboarding/server/routes/custom_logs/api_key/has_log_monitoring_privileges.ts b/...servability_onboarding/server/routes/custom_logs/api_key/has_log_monitoring_privileges.ts
@@ -6,32 +6,17 @@
  */
 
 import { ElasticsearchClient } from '@kbn/core/server';
-import { every } from 'lodash';
-import { cluster, indices, privileges } from './monitoring_config';
+import { cluster, indices } from './monitoring_config';
 
 export async function hasLogMonitoringPrivileges(
   esClient: ElasticsearchClient
 ) {
-  const { index, cluster: clusterMonitor } =
-    await esClient.security.hasPrivileges({
-      body: {
-        index: indices,
-        cluster,
-      },
-    });
+  const res = await esClient.security.hasPrivileges({
+    body: {
+      index: indices,
+      cluster: [...cluster, 'manage_own_api_key'],
+    },
+  });
 
-  const hasPrivileges =
-    clusterMonitor.monitor &&
-    every(
-      index,
-      privileges.reduce(
-        (result, privilege) => ({
-          ...result,
-          [privilege]: true,
-        }),
-        {}
-      )
-    );
-
-  return hasPrivileges;
+  return res.has_all_requested;
 }