vector-admin icon indicating copy to clipboard operation
vector-admin copied to clipboard
verified publisher icon Mintplex-Labs

[BUG]: server shutdown when user has insufficient permissions to delete_data

Open wyzzzl opened this issue 11 months ago • 2 comments

How are you running VectorAdmin?

Docker (remote machine)

What happened?

I deploy vector-admin using docker. I delete data in a collectiion on the vector-admin console.

Error: usage error (403): {"error":[{"message":"rbac: authorization, forbidden action: user 'rw-dev' has insufficient permissions to delete_data [ Collection: Article, Tenant: *, Object: a335c5a3-8ac9-2228-0000-08888a424444,]"}]}

then I find the vector-admin console can not be open,It will not recover untill I restart docker. Is there anyone encounter the same issue ?

Are there known steps to reproduce?

No response

wyzzzl avatar Mar 10 '25 12:03 wyzzzl

I know my user does not have enough permission. I just want to avoid server shutdown when user has insufficient permissions.

My user's permissions are as follow:

permissions = [ Permissions.collections( collection="test*", # Applies to all collections starting with "test" create_collection=True, # Allow creating new collections read_config=True, # Allow reading collection info/metadata update_config=True, # Allow updating collection configuration, i.e. update schema properties, when inserting data with new properties delete_collection=True, # Allow deleting collections ), Permissions.tenants( collection="test*", # Applies to all collections starting with "test" create=True, # Allow creating new tenants read=True, # Allow reading tenant info/metadata update=True, # Allow updating tenant states delete=True, # Allow deleting tenants ), Permissions.data( collection="test*", # Applies to all collections starting with "test" create=True, # Allow data inserts read=True, # Allow query and fetch operations update=True, # Allow data updates delete=True, # Allow data deletes ), Permissions.Nodes.verbose( collection="test*", # Applies to all collections starting with "test" read=True, # Allow reading node metadata ), Permissions.cluster(read=True), # Allow reading cluster data # Permissions.Nodes.minimal( # read=True, # Allow reading node metadata # ), Permissions.roles( role="test*", # Applies to all roles starting with "test" read=True, # Allow reading roles # scope=RoleScope.MATCH, # Only allow role management with the current user's permission level scope=RoleScope.ALL # Allow role management with all permissions ), Permissions.users( user="test*", # Applies to all roles starting with "test" read=True, ) ]

wyzzzl avatar Mar 10 '25 12:03 wyzzzl

I use this command to install vectoradmin.

`docker run -d -p 8080:3001
--name vectoradmin
-e SERVER_PORT="3001"
-e JWT_SECRET="your-random-string-here"
-e INNGEST_EVENT_KEY="background_workers"
-e INNGEST_SIGNING_KEY="random-string-goes-here"
-e INNGEST_LANDING_PAGE="true"
-e DATABASE_CONNECTION_STRING="postgresql://postgres:[email protected]:5432/vdbms"
mintplexlabs/vectoradmin

`

wyzzzl avatar Mar 10 '25 13:03 wyzzzl