-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Fields Metadata] Restrict access to integration fields by privileges (…
…#199774) ## 📓 Summary Related to #198349 Disabling authorization on fields metadata `find API` implies every user would have access to the integration fields since we use the internal user to retrieve the package information. On the other hand, requiring API root-level privileges for `fleet` and `fleetv2` would restrict more use cases since other apps might rely on this service to consume field metadata from ECS only, with no need for integration permissions (Discover, etc.). To keep the door open to all these use cases, we'll check the available user privileges on a per-request basis and allow integration fields only when they have access to fleet and integrations, without fully restricting the service. https://github.com/user-attachments/assets/49b9953a-f1e1-410a-8c7f-c38d87408fcc --------- Co-authored-by: Marco Antonio Ghiani <[email protected]>
- Loading branch information
1 parent
0f5aecf
commit 45056f3
Showing
7 changed files
with
54 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters