Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sidebar sections do not match user capabilities #6328

Closed
rattat0r opened this issue Mar 13, 2024 · 4 comments
Closed

Sidebar sections do not match user capabilities #6328

rattat0r opened this issue Mar 13, 2024 · 4 comments
Assignees
@SouadHadjiat
Labels
bug use for describing something not working as expected duplicate use to identify issue already existing

Comments

@rattat0r
Copy link

Description

When the "Access administration" right is disabled, the "Processing" section is still displayed in the sidebar. If you try to go to the "Processing" section, you will be redirected to the authorization page. (see screenshots)

Environment

  1. OS: Ubuntu 20.04.6
  2. OpenCTI version: OpenCTI 6.0.4
  3. OpenCTI client: frontend

Reproducible Steps

Steps to create the smallest reproducible scenario:

  1. Remove the "Access administration" right from the user role.
    image
  2. The "Processing" section is still displayed on the sidebar, but it is of no use because there is no access to it. Clicking on this section will redirect you to the login page.
    image

Expected Output

The sidebar shows only available sections. In this case, without the "Processing" section.

Actual Output

The sidebar displays sections that are not available for interaction.
@rattat0r rattat0r added bug use for describing something not working as expected needs triage use to identify issue needing triage from Filigran Product team labels Mar 13, 2024
@SamuelHassine SamuelHassine added this to the Release 6.0.7 milestone Mar 13, 2024
@nino-filigran
Copy link

nino-filigran commented Mar 14, 2024
edited

@rattat0r can you please confirm that you do not have the following right: manage CSV mapper? and Bypass all capabilities? I guess you don't but just want to confirm this. At the same time, could you please provide the rights that your user have, so that I can reproduce the exact same case?

@nino-filigran nino-filigran added needs more info Intel needed about the use case and removed needs triage use to identify issue needing triage from Filigran Product team labels Mar 14, 2024
@nino-filigran
Copy link

I'm able to reproduce this bug with a user having the following rights

image

@nino-filigran nino-filigran removed the needs more info Intel needed about the use case label Mar 14, 2024
@nino-filigran nino-filigran mentioned this issue Mar 14, 2024
Closed
@SouadHadjiat SouadHadjiat self-assigned this Mar 14, 2024
@SouadHadjiat SouadHadjiat mentioned this issue Mar 14, 2024
Merged
5 tasks
@SouadHadjiat
Copy link
Member

Processing menu should still be displayed to be able to access to "CSV mappers" and/or "Tasks" depending on the capabilities (for tasks you only need to have "Create / Update knowledge" capability").

This issue is a duplicate of #6312

@SouadHadjiat SouadHadjiat added the duplicate use to identify issue already existing label Mar 14, 2024
@Jipegien Jipegien modified the milestones: Release 6.0.7, Release 6.0.8 Mar 14, 2024
SouadHadjiat added a commit that referenced this issue Mar 14, 2024
@SouadHadjiat
[frontend] Fix Data > Ingestion and Processing menus access (#6312) (#…
7b2a771 
…6328) (#6329)
@SouadHadjiat
Copy link
Member

solved with #6340

@SouadHadjiat SouadHadjiat added the solved use to identify issue that has been solved (must be linked to the solving PR) label Mar 14, 2024
@SamuelHassine SamuelHassine removed the solved use to identify issue that has been solved (must be linked to the solving PR) label Mar 14, 2024
@SamuelHassine SamuelHassine removed this from the Release 6.0.7 milestone Mar 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SouadHadjiat SouadHadjiat

Labels
bug use for describing something not working as expected duplicate use to identify issue already existing
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@SouadHadjiat @SamuelHassine @Jipegien @rattat0r @nino-filigran