Permissions for managing event definitions

Hi,

I want to give a user permission to create and edit event definitions. Beside the default role Reader, I gave the user the roles Alerts Manager, Event Definition Creator and Event Notification Creator.
Now the user can see and edit event definitions BUT he can’t save the changes.
Graylog switches to an error with Missing Permissions: You do not have the required permissions to view this resource (There was an error fetching a resource: Forbidden. Additional information: Not authorized).

Even using the Share button and setting the user as Owner didn’t help.

We are using Graylog 4.1.5.

What am I doing wrong?

Hello

I did a test with your Configurations as shown below and I see what you saying.

User called test.user with roles.

Below the test.users login the Web UI, then navigating to Alerts and try to edit the event definitions.
Here is the event definition configuration looks like, notice there is no streams. I did that on purpose.

When trying to edit the event Definition I received this error.

I navigate to “All Messages” streams, click the SHARE button and added the test.user with a role. Since I don’t have a specific stream in my event definition I added “All Messages” stream and now I need to give test.user permissions to a stream. I have chosen " Owner" role for test.user on that stream then click save. I received the same results

The permissions check for the following request failed,
while trying to access /alerts/definitions/618f0866952d330c0d2c84a8/edit.
There was an error fetching a resource: Forbidden. Additional information: Not authorized

I think its the “reader” role prevent this and since you have to either have Reader and/or Admin role its not allowing to save. So this requires you to use the SHARE button on either Stream and Event Definition.

EDIT: For a better understanding I used the above for an example. I created stream called “test stream”.

image

User has the same roles like you stated above.

I create a test Event definition with the test.user as owner.
;

image

But this time I logged out and back in with the test.user and it seams to work now. maybe because I gave ownership/manager to the event definition to test.user.
This test was done that had a Event Definition already created. I was able to create a event definition with test.user also. I can say for sure its your permissions problem with streams and/or Event definition if there already created. I did a couple more test to make sure. I haven’t had a issue once the event definition was created. I added a collaborator " test.user" as manager for that Event definition and if there is a stream in the Event definition I had to added test.user to that steam also should be good

Hope that helps

Thank you for providing a solution.

It was a permission error on the stream. The default stream was only shared with Everyone as Viewer, which seemed to be wrong. So I made the user Manager. Additional you must explicitly choose this specific stream for this event, otherwise you can’t save or create an event.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.