Setting Granular Permissions


(Beth) #1

Hi,

I have several streams and dashboards. For one stream, I would like to create a role where the users can Manage Alerts, but not Manage Rules. If I allow the people in the Role to Manage Rules, I am afraid they could modify the rules so they can view systems where they should not have access.

I took a look at http://docs.graylog.org/en/2.2/pages/users_and_roles/system_users.html which summarizes the rest call api, then looked at the RestPermissions class at https://github.com/Graylog2/graylog2-server/blob/2.1.0/graylog2-server/src/main/java/org/graylog2/shared/security/RestPermissions.java, but did not see a granular permission that would allow me to restrict a user’s ability to Manage Alerts, but not Manage Rules. I think the STREAMS_EDIT role would allow both activities.

Is there anyway I can do what I want?

Thank you,

Beth


(Jochen) #2

No, that’s currently not supported.