github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[9.0] Unauthorized route migration for routes owned by kibana-esql (#214781) (#214836)

Browse source 
# Backport

This will backport the following commits from `main` to `9.0`:
- [Unauthorized route migration for routes owned by kibana-esql
(#214781)](https://github.com/elastic/kibana/pull/214781)

<!--- Backport version: 9.6.6 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sorenlouv/backport)

<!--BACKPORT [{"author":{"name":"Elena
Shostak","email":"165678770+elena-shostak@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-03-17T17:05:36Z","message":"Unauthorized
route migration for routes owned by kibana-esql (#214781)\n\n### Authz
API migration for unauthorized routes\n\nThis PR migrates last
unauthorized routes owned by your team to a new\nsecurity
configuration.\nPlease refer to the documentation for more information:
[Authorization\nAPI](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization)\n\n###
**Before migration:**\n```ts\nrouter.get({\n path: '/api/path',\n
...\n}, handler);\n```\n\n### **After
migration:**\n```ts\nrouter.get({\n path: '/api/path',\n security: {\n
authz: {\n enabled: false,\n reason: 'This route is opted out from
authorization because ...',\n },\n },\n ...\n},
handler);\n```","sha":"a46e7cbfa398f8bcd4b74680bcd2799019902537","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["enhancement","release_note:skip","Feature:Security/Authorization","backport:prev-minor","Team:ESQL","backport:version","Authz:
API migration","v9.1.0","v8.19.0"],"title":"Unauthorized route migration
for routes owned by
kibana-esql","number":214781,"url":"https://github.com/elastic/kibana/pull/214781","mergeCommit":{"message":"Unauthorized
route migration for routes owned by kibana-esql (#214781)\n\n### Authz
API migration for unauthorized routes\n\nThis PR migrates last
unauthorized routes owned by your team to a new\nsecurity
configuration.\nPlease refer to the documentation for more information:
[Authorization\nAPI](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization)\n\n###
**Before migration:**\n```ts\nrouter.get({\n path: '/api/path',\n
...\n}, handler);\n```\n\n### **After
migration:**\n```ts\nrouter.get({\n path: '/api/path',\n security: {\n
authz: {\n enabled: false,\n reason: 'This route is opted out from
authorization because ...',\n },\n },\n ...\n},
handler);\n```","sha":"a46e7cbfa398f8bcd4b74680bcd2799019902537"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/214781","number":214781,"mergeCommit":{"message":"Unauthorized
route migration for routes owned by kibana-esql (#214781)\n\n### Authz
API migration for unauthorized routes\n\nThis PR migrates last
unauthorized routes owned by your team to a new\nsecurity
configuration.\nPlease refer to the documentation for more information:
[Authorization\nAPI](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization)\n\n###
**Before migration:**\n```ts\nrouter.get({\n path: '/api/path',\n
...\n}, handler);\n```\n\n### **After
migration:**\n```ts\nrouter.get({\n path: '/api/path',\n security: {\n
authz: {\n enabled: false,\n reason: 'This route is opted out from
authorization because ...',\n },\n },\n ...\n},
handler);\n```","sha":"a46e7cbfa398f8bcd4b74680bcd2799019902537"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Elena Shostak <165678770+elena-shostak@users.noreply.github.com>
This commit is contained in:
Kibana Machine 2025-03-17 19:51:03 +01:00 committed by GitHub
parent 1b42e77e99
commit 9ea96f353a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/platform/plugins/shared/esql/server/routes/get_join_indices.ts
View file

@ -19,6 +19,12 @@ export const registerGetJoinIndicesRoute = (
{
path: '/internal/esql/autocomplete/join/indices',
validate: {},
security: {
authz: {
enabled: false,
reason: 'This route delegates authorization to the scoped ES client',
},
},
},
async (requestHandlerContext, request, response) => {
try {