-
Notifications
You must be signed in to change notification settings - Fork 158
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature] Show / hide menu entries based on user permissions #857
Comments
Let's transfer this to security-dashboards-plugin repo. https://github.com/opensearch-project/security-dashboards-plugin |
Hello @shansb-dev, thanks for opening this. Yeah to @seanneumann point it requires roles from the security plugin so we will transfer it there even though it might require cross plugin/core cooperation to implement. |
was there any progress concerning this feature? It would be very good to a proper UI permission system working. It is very confusing from an user persepective that you get error messages while accessing feature where you don't have permissions. |
We're working on workspace feature which allows workspace admin to config which plugins will be available in the workspace, so once in the workspace, user only see plugins they choose. However to support show/hide menu entries based on user permission is still under investigation. |
Linking/closing in favor of the conversation around workspaces |
Is your feature request related to a problem? Please describe.
One common requirement in production are different user roles, with granular access rights, for example:
Currently there is only the option to either show all menu entries or restrict them to only show
Dashboards
with thekibana_read_only
role.These are suited for the Admin User and the Limited User use case.
All other users see the full menu and after they click on a menu item without having the neccessary permissions they are presented with an empty list and different red error messages.
Especially for user that are new to opensearch and need to get used to it without being overhelmed, this behaviour is off-puting gives a "buggy" first impression.
Describe the solution you'd like
It would be beneficial for users to only see the menu entries, that are available to them.
Describe alternatives you've considered
A whitelist to define a subset of the menu entries to be shown, optionally configurable for each role.
Additional context
Related thread from opensearch forum
Full Menu:
Example Error Messages:
Read Only Menu:
The text was updated successfully, but these errors were encountered: