19 lines
No EOL
558 B
YAML
19 lines
No EOL
558 B
YAML
_meta:
|
|
type: "roles"
|
|
config_version: 2
|
|
|
|
gendb_user_role:
|
|
description: "DLS: user can read/write docs they own or are allowed on"
|
|
cluster_permissions:
|
|
- "indices:data/write/bulk"
|
|
index_permissions:
|
|
- index_patterns: ["documents", "documents*"]
|
|
allowed_actions:
|
|
- crud
|
|
- create_index
|
|
dls: >
|
|
{"bool":{"should":[
|
|
{"term":{"owner":"${user.name}"}},
|
|
{"term":{"allowed_users":"${user.name}"}},
|
|
{"bool":{"must_not":{"exists":{"field":"owner"}}}}
|
|
],"minimum_should_match":1}} |