rill icon indicating copy to clipboard operation
rill copied to clipboard
verified publisher icon rilldata

custom dashboard accessing restricted dashboard shown in RC

Open royendo opened this issue 1 year ago • 2 comments

Describe the bug My dashboard has the following security policy:

security:
  access: "{{ .user.admin }} "

So non-admin users cannot see, that works good. However, if I have a custom dashboard that is built using the metrics-view of the dashboard it is still visible in the UI. Any access to the custom dashboard leads to a 404, unexpected error.

To Reproduce Steps to reproduce the behavior:

  1. create dashboard.yaml with security policy
  2. Create a rill KPI custom chart based on above dashboard,
  3. Add chart to custom dashboard,
  4. Deploy to UI

Expected behavior

  1. Dont show the custom dashboard at all.
  2. Show the custom dashboard, but block out the restricted KPI
  3. Show the custom dashboard, as normal

It really depends, and maybe this can be an additional setting? It could make sense to have the underlying dashboard blocked but only the KPI showing.

Screenshots

royendo avatar Aug 21 '24 16:08 royendo

@begelundmuller as we discussed when breaking out explore and metrics view we should implement access policies on individual resources such as explore and custom dashboards.

mindspank avatar Aug 26 '24 10:08 mindspank

@mindspank Agreed. We can pick this up as part of or after separation of metrics views and dashboards?

begelundmuller avatar Aug 26 '24 16:08 begelundmuller