Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-4461

Non-admin user with 'view' role can't see logs in 'Logs' view

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Normal Normal
    • None
    • Logging 5.8.0
    • Log Console
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • NEW
    • NEW
    • Bug Fix

      Description of problem: 

      When the non-admin user with view role tires to see the application logs in Logs and Aggregated Logs page, it shows "Forbidden" whereas the same user can see the 'Dashboards' and 'Metrics' data.

      Version-Release number of selected component (if applicable):

      Logging 5.8

      How reproducible:

      Always

      Steps to Reproduce:

      1.  Deploy Logging 5.8 with Loki/Vector and enable Logging console plugin according to  https://docs.openshift.com/container-platform/4.13/logging/cluster-logging-loki.html#logging-loki-deploy_cluster-logging-loki 
      2. Assign view rule to a non-admin user (ex: testuser-0)
        $ oc adm policy add-cluster-role-to-user view testuser-0
      3. Create application logs with testuser-0
      4. Login to web console with testuser-0

      Actual results:

      Error: Missing permissions to get logs

      Expected results:

      Query for "application" logs shows logs that the user has permission to see, i.e. logs for contains that the user can view using 'oc logs'

        1. image-2023-08-21-15-42-29-957.png
          image-2023-08-21-15-42-29-957.png
          70 kB

              Unassigned Unassigned
              gkarager Giriyamma Karagere Ramaswamy (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: