Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix API key role descriptors rewrite bug for upgraded clusters #62917

Merged
merged 2 commits into from Sep 30, 2020
Merged

Fix API key role descriptors rewrite bug for upgraded clusters #62917

merged 2 commits into from Sep 30, 2020

Conversation

ywangd
Copy link
Member

@ywangd ywangd commented Sep 26, 2020

This PR ensures that API key role descriptors are always rewritten to a target node compatible format before a request is sent.

Resolves: #62911

@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (:Security/Authorization)

@elasticmachine elasticmachine added the Team:Security Meta label for security team label Sep 26, 2020
albertzaharovits
albertzaharovits approved these changes Sep 28, 2020
View reviewed changes
Copy link
Contributor

@albertzaharovits albertzaharovits left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM good catch and fix!

@ywangd ywangd merged commit feab123 into elastic:master Sep 30, 2020
ywangd added a commit to ywangd/elasticsearch that referenced this pull request Sep 30, 2020
@ywangd
Fix API key role descriptors rewrite bug for upgraded clusters (elast…
5306e93 
…ic#62917)

This PR ensures that API key role descriptors are always rewritten to a target node
compatible format before a request is sent.
ywangd added a commit to ywangd/elasticsearch that referenced this pull request Sep 30, 2020
@ywangd
Fix API key role descriptors rewrite bug for upgraded clusters (elast…
49de127 
…ic#62917)

This PR ensures that API key role descriptors are always rewritten to a target node
compatible format before a request is sent.
ywangd added a commit that referenced this pull request Sep 30, 2020
@ywangd
Fix API key role descriptors rewrite bug for upgraded clusters (#62917)…
e31bef4 
… (#63042)

This PR ensures that API key role descriptors are always rewritten to a target node
compatible format before a request is sent.
ywangd added a commit that referenced this pull request Sep 30, 2020
@ywangd
Fix API key role descriptors rewrite bug for upgraded clusters (#62917)…
9b87774 
… (#63043)

This PR ensures that API key role descriptors are always rewritten to a target node
compatible format before a request is sent.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@albertzaharovits albertzaharovits albertzaharovits approved these changes

Assignees
No one assigned
Labels
>bug :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Security Meta label for security team v7.9.3 v7.10.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Wrong format of API key role descriptors used for node requests after cluster upgrade
4 participants
@ywangd @elasticmachine @albertzaharovits @jakelandis