github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[ML] Fixing saved object authorization check when security is disabled (#89850)

Browse source 
* [ML] Fixing saved object authorization check when security is disabled

* updating to use mode.useRbacForRequest for check
This commit is contained in:
James Gowdy 2021-02-01 16:19:56 +00:00 committed by GitHub
parent 19332c097a
commit 178637ce29
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
x-pack/plugins/ml/server/saved_objects/authorization.ts
View file

@ -10,6 +10,15 @@ import { ML_SAVED_OBJECT_TYPE } from '../../common/types/saved_objects';
export function authorizationProvider(authorization: SecurityPluginSetup['authz']) {
async function authorizationCheck(request: KibanaRequest) {
const shouldAuthorizeRequest = authorization?.mode.useRbacForRequest(request) ?? false;
if (shouldAuthorizeRequest === false) {
return {
canCreateGlobally: true,
canCreateAtSpace: true,
};
}
const checkPrivilegesWithRequest = authorization.checkPrivilegesWithRequest(request);
// Checking privileges "dynamically" will check against the current space, if spaces are enabled.
// If spaces are disabled, then this will check privileges globally instead.