Graylog 2.3.0
ES 5.5.1
I manually created a “Power user” role, with the goal of: Enabling search tab for non-admin users on all streams, allowing users to view as many system properties as possible, and to edit all saved searches, dashboards, and decorators.
This works great so far, except for editing dashboards. I can create dashboards. I can read all the dashboards available on the system, but I can’t edit any of them - including the ones I create. Am I doing something wrong, or is this a bug?
My testuser is assigned the “Reader” role, and the “xp_powerusers” Role.
Here is the output from /api/roles/xp_powerusers
{
"name": "xp_powerusers",
"description": "Activates Search menu, allows read access to all streams, allows users to create and modify dashboards, searches, and decorators",
"permissions": [
"searches:keyword",
"messagecount:read",
"users:read",
"journal:read",
"searches:absolute",
"metrics:read",
"savedsearches:edit",
"bundle:read",
"systemjobs:read",
"sources:read",
"ssoauthconfig:read",
"metrics:readall",
"metrics:allkeys",
"notifications:read",
"outputs:read",
"decorators:read",
"savedsearches:read",
"metrics:readhistory",
"messages:read",
"dashboards:read",
"streams:read",
"decorators:create",
"pipeline_connection:read",
"collectors:read",
"lookuptables:read",
"messages:analyze",
"inputs:read",
"roles:read",
"deflector:read",
"dashboards:edit",
"indices:failures",
"dashboards:create",
"decorators:edit",
"fieldnames:read",
"pipeline:read",
"buffers:read",
"indexranges:read",
"system:read",
"savedsearches:create",
"searches:relative",
"stream_outputs:read",
"pipelinerule:read",
"indices:read",
"jvmstats:read",
"loggers:read",
"throughput:read"
],
"read_only": false
}
BTW, I just want to say how awesome the API browser is. It really makes it easy to dig through the API. Thanks.