github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Search] Return empty array when checking api keys for unauthorized user (#173823)

Browse source 
## Summary

Instead of returning an obnoxious error on every Search page when
fetching an unauthorized user's API keys, we just return an empty array.
This commit is contained in:
Sander Philipse 2023-12-21 14:58:25 +01:00 committed by GitHub
parent 306debfb43
commit 1a0dcf60fc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

16
x-pack/plugins/enterprise_search/server/routes/enterprise_search/api_keys.ts
View file

@ -54,9 +54,19 @@ export function registerApiKeysRoutes(
const { client } = (await context.core).elasticsearch;
const user = security.authc.getCurrentUser(request);
if (user) {
const apiKeys = await client.asCurrentUser.security.getApiKey({ username: user.username });
const validKeys = apiKeys.api_keys.filter(({ invalidated }) => !invalidated);
return response.ok({ body: { api_keys: validKeys } });
try {
const apiKeys = await client.asCurrentUser.security.getApiKey({
username: user.username,
});
const validKeys = apiKeys.api_keys.filter(({ invalidated }) => !invalidated);
return response.ok({ body: { api_keys: validKeys } });
} catch {
// Ideally we check the error response here for unauthorized user
// Unfortunately the error response is not structured enough for us to filter those
// Always returning an empty array should also be fine, and deals with transient errors
return response.ok({ body: { api_keys: [] } });
}
}
return response.customError({
body: 'Could not retrieve current user, security plugin is not ready',