Cleaned up roles.xml
Also updated the default roles test (to include marvel) Original commit: elastic/x-pack-elasticsearch@5fb320273f
This commit is contained in:
parent
c7e927734c
commit
4c2df8ff3e
|
@ -103,7 +103,7 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
|
|||
Path path = Paths.get(getClass().getResource("default_roles.yml").toURI());
|
||||
Map<String, Permission.Global> roles = FileRolesStore.parseFile(path, logger, mock(AuthorizationService.class));
|
||||
assertThat(roles, notNullValue());
|
||||
assertThat(roles.size(), is(6));
|
||||
assertThat(roles.size(), is(8));
|
||||
|
||||
assertThat(roles, hasKey("admin"));
|
||||
assertThat(roles, hasKey("power_user"));
|
||||
|
@ -111,6 +111,8 @@ public class FileRolesStoreTests extends ElasticsearchTestCase {
|
|||
assertThat(roles, hasKey("kibana3"));
|
||||
assertThat(roles, hasKey("kibana4"));
|
||||
assertThat(roles, hasKey("logstash"));
|
||||
assertThat(roles, hasKey("marvel_user"));
|
||||
assertThat(roles, hasKey("marvel_agent"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -20,17 +20,29 @@ kibana3:
|
|||
cluster: cluster:monitor/nodes/info
|
||||
indices:
|
||||
'*': indices:data/read/search, indices:data/read/get, indices:admin/get
|
||||
'kibana-int': indices:data/read/get, indices:data/read/search, indices:data/write/delete, indices:data/write/index, create_index
|
||||
'kibana-int': indices:data/read/search, indices:data/read/get, indices:data/write/delete, indices:data/write/index, create_index
|
||||
|
||||
# The required role for kibana 4 users
|
||||
kibana4:
|
||||
cluster: cluster:monitor/nodes/info
|
||||
indices:
|
||||
'*': indices:data/read/search, indices:data/read/get, indices:admin/get
|
||||
'.kibana': indices:data/read/get, indices:data/read/search, indices:data/write/delete, indices:data/write/index, create_index
|
||||
'.kibana': indices:data/read/search, indices:data/read/get, indices:data/write/delete, indices:data/write/index, create_index
|
||||
|
||||
# The required role for logstash users
|
||||
logstash:
|
||||
cluster: indices:admin/template/get, indices:admin/template/put
|
||||
indices:
|
||||
'logstash-*': indices:data/write/bulk, indices:data/write/delete, indices:data/write/update, create_index
|
||||
'logstash-*': indices:data/write/bulk, indices:data/write/delete, indices:data/write/update, create_index
|
||||
|
||||
# Marvel role, allowing all operations
|
||||
# on the marvel indices
|
||||
marvel_user:
|
||||
indices:
|
||||
'.marvel-*': all
|
||||
|
||||
# Marvel Agent users
|
||||
marvel_agent:
|
||||
cluster: indices:admin/template/get, indices:admin/template/put
|
||||
indices:
|
||||
'.marvel-*': indices:data/write/bulk, create_index
|
||||
|
|
Loading…
Reference in New Issue