[Logs] Authz migration (#206576)

## Summary Closes https://github.com/elastic/kibana/issues/206395. As per [the docs](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization#api-authorization) this route is primarily a wrapper around Saved Objects (via spaces, SOs, and advanced settings) so we opt out of explicit security checks.
2025-04-24 01:38:56 -04:00 · 2025-01-15 11:23:57 +00:00 · 2025-01-15 11:23:57 +00:00 · b18e998b5a
commit b18e998b5a
parent 4304e21933
1 changed files with 11 additions and 1 deletions
--- a/x-pack/platform/plugins/shared/logs_shared/server/routes/deprecations/migrate_log_view_settings.ts
+++ b/x-pack/platform/plugins/shared/logs_shared/server/routes/deprecations/migrate_log_view_settings.ts
@ -22,7 +22,17 @@ export const initMigrateLogViewSettingsRoute = ({
  getStartServices,
 }: LogsSharedBackendLibs) => {
  framework.router.put(
-    { path: MIGRATE_LOG_VIEW_SETTINGS_URL, validate: false },
+    {
+      path: MIGRATE_LOG_VIEW_SETTINGS_URL,
+      validate: false,
+      security: {
+        authz: {
+          enabled: false,
+          reason:
+            'This API delegates security to the currently logged in user and their permissions.',
+        },
+      },
+    },
    async (context, request, response) => {
      try {
        const { elasticsearch, savedObjects } = await context.core;