Reason why unavailable options aren't hidden

Karim · May 21, 2019, 12:50pm

Hi there,

I was just setting up a user account with limited access to the Rancher UI and I noticed that the API correctly denies access to, say, adding a new cluster. However, the UI still shows the button and form. Same goes for everything else. The UI suggests that you have the ability to do so, but the API won’t let you once you hit the button.

Is that something that has been designed like that deliberately or just something that hasn’t yet been implemented? Because frankly it’s quite confusing to see all the options just to then be disappointed that you can’t do anything.

Thanks!

Karim

vincent · May 21, 2019, 3:58pm

The UI can’t easily parse the many role bindings and flatten them out to determine what effective permissions the current user has, and can’t do it at all if the user can’t see the role bindings and roles themselves. So this requires API support, which doesn’t exist. https://github.com/rancher/rancher/issues/11165

Karim · May 22, 2019, 5:26am

Thanks for letting me know! I’ll subscribe to that issue then.

Topic		Replies	Views
Is there anyway to visit Rancher UI without login?	2	661	July 24, 2018
Active directory vs users roles Rancher	2	607	February 11, 2019
[WARNING] Every environment at try.rancher.com is currently visible Rancher 1.x	4	1665	March 24, 2017
Rancher UI not accessible	2	769	June 29, 2018
Functioning Cluster Wont Talk to UI Rancher	1	380	January 19, 2022

Reason why unavailable options aren't hidden

Related topics