How to specify role when using search API

nadirHafs · July 27, 2018, 3:47pm

Hello,

I'm using elasticSearch with a nodejs/mongodb application. I want to set up permission and role on documents. I saw that X-pack was doing what i want.

I have a problem, i try the following permission :

POST /_xpack/security/role/dept_role
{
"indices" : [
{
"names" : [ "*" ],
"privileges" : [ "read" ],
"query" : {
"term" : { "department_id" : 12 }
}
}
]
}

But when i'm using the search api on elasticsearch i don't know how to specify my role? Maybe i don't understand how it's working. Can someone help me? Thanks.

EDIT : More details : in my nodejs app , when i want to search document i use the search API (GET /myIndex/_search/ {myQuery}) When i search i want to specify my role that i defined in x-pack) . Sorry if my english is bad

Albert_Zaharovits · July 29, 2018, 9:16pm

Hello @nadirHafs ,

But when i'm using the search api on elasticsearch i don't know how to specify my role?

Roles pertain to users by a process called Role mapping and there is an API to configure it. In a request you identify as a user in a realm which will then have roles assigned to it which subsequently grant the user privileges over indices, docs and fields.

nadirHafs · July 30, 2018, 9:58am

Thanks for you reply, i didn't have the knowledege about realm . But i still want to specify my user in that kind of query :

Passing a full request definition in the Elasticsearch’s Query DSL as a Hash.
const response = await client.search({
index: 'myindex',
body: {
query: {
match: {
title: 'test'
}
},
facets: {
tags: {
terms: {
field: 'tags'
}
}
}
}
});

When you say "you identify as a user in a realm" , how can i do that in my javascript query? Thanks

PS : Here in SOAP UI i can add authentication (left bottom corner)

I want to do the same with the javascript client.

Albert_Zaharovits · July 30, 2018, 11:48am

When you say "you identify as a user in a realm" , how can i do that in my javascript query?

The short answer is that the HTTPS request needs to have attached the BASIC AUTH HTTP Header. In curl that will be the -u option.
But you really need to cover the docs on these topics:

nadirHafs · July 30, 2018, 12:03pm

Ok thanks you very much i think its all clear : )

system · August 27, 2018, 12:03pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Submit the Query with Role defined using Document Level Security Elasticsearch	2	375	December 21, 2019
Use roles instead of ApiKey for Search Applications Elastic Search elastic-app-search	8	43	November 17, 2024
Config a role in roles.yml but cannot specify some privileges Elasticsearch elastic-stack-security	4	624	August 13, 2019
Role Vs User for Query Elasticsearch	1	317	September 17, 2019
X-pack and Active directory integration Elasticsearch	6	1824	March 30, 2017

How to specify role when using search API

Related topics