[BUG] Misleading error message - Search error instead of Permission denied in dashboards about security-dashboards-plugin HOT 6 CLOSED

@peternied can you please assign this issue to me, i'm willing to work on this ?

Thanks,

from security-dashboards-plugin.

[Triage] Thanks for filing, this does not look like the expected behavior - we'd be happy to accept a pull request to clean this up

from security-dashboards-plugin.

@mrudrego Thanks - I've assigned this issue to you, looking forward to seeing a PR

from security-dashboards-plugin.

@peternied , the behaviour on the main branch of code has changed. When a user tries to access an index for which they do not have permission, we get Forbidden message as below.

I hope this is expected behaviour.

Only small concern/query is about the stacktrace showing the complete source code of the file. Can this cause any security issue?

Thanks,

from security-dashboards-plugin.

@mrudrego That code is executed on the client side - there is no way to keep the call stack 'hidden' because the browser is executing it, nothing unexpected there - good question.

from security-dashboards-plugin.

@peternied thanks for the response.
So i think we can close this bug since the fix is already available in the main branch and working as expected.

from security-dashboards-plugin.