I have a role which has read only access to a single index pattern (not an alias) and is granted access to a subset of fields in the index. However when logged in as a user with only this role all fields in the index are suggested in the Search bar and in the Add Filter > Field dropdown
I've tried both including only the field i want the user to see, and excluding the fields i want to hide, but in both cases the field names leak out through Search and Filter.
i've tried excluding fields with
"field_security" : {
"grant" : [
"*"
],
"except" : [
"response.headers.*"
]
}
and including fields with
"field_security" : {
"grant" : [
"@timestamp",
"_id",
"url",
],
"except" : [ ]
}
I also noticed that if you exclude a field that is not included, the role management ui does not complain but users with the role will get a very unfriendly error dumped to the browser if they are logged in
{"statusCode":500,"error":"Internal Server Error","message":"[exception] unable to compute field permissions"}
If they are not logged in, this breaks the login page and they are unable to login at all.
This second one looks like a bug, but is there anyway to fix the field names leaking in kibana that i've missed ?