Graylog 4 User permission via REST api distinguished from user interface?

I’m happily running Graylog 4 using the community version. Even without Team management, I can manage my own scripts to set user permissions according to whatever logic I need.

While using the rest api, I noticed something odd. I can set permissions from the graphical interface, but those do not seem to overlap the permissions I set through the rest api.

For example… via the Graylog user interface, I can share a given streamA with user1. And that shows up in the user rest api.

{
  "permissions": [
    "streams:read:streamA_ID",
  ]
}

In order to share streamB with user1 via the rest api, I can send this payload:

{
  "permissions": [
    "streams:read:streamB_ID"
  ]
}

And, now, querying user1 from the rest api gives me:

{
  "permissions": [
    "streams:read:streamA_ID",
    "streams:read:streamB_ID"
  ]
}

I can delete permission for streamB sending an empty permission list in the payload or calling the DELETE method, which is supposed to revoke all permissions.

But somehow, deleting permissions via the rest api results in the user still having permissions to streamA.

{
  "permissions": [
    "streams:read:streamA_ID"
  ]
}

So… I am confused now. How does Graylog know which permissions it should remove? It seems to keep permissions manually set via the user interface, and not change them when handling requests via the rest api.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.