Skip to content

[BUG]Upgrade APIs not working as expected #5364

New issue
New issue
Closed
#5385
Closed
[BUG]Upgrade APIs not working as expected#5364
#5385
Labels
bugSomething isn't workingtriagedIssues labeled as 'Triaged' have been reviewed and are deemed actionable.
@kumjiten

Description

@kumjiten
kumjiten
opened on May 26, 2025

What is the bug?
The user created a role with the same name as the predefined one, and when the user runs the upgrade API, it will override the user-defined role. Furthermore, upgrade APIs should give users the choice to select which roles to upgrade and also show which permissions are getting removed or added; currently, it just gives add, modify, etc.

How can one reproduce the bug?
Steps to reproduce the behavior:

  1. Create a role with the same name as the predefined role (e.g., a role added in a higher version) with permissions different from the predefined role in the higher version.
  2. Trigger Upgrade check API to upgrade the role; it will override the user defined permissions instead of adding

What is the expected behavior?

  1. Upgrade APIs should not consider roles that are user-defined, even if they are predefined.
  2. Upgrade should allow user to pick which role to upgrade instead of updating all

What is your host/environment?

  • OS: [Linux]
  • Version [OpenSearch 2.15+]
  • Plugins [Security plugin]

Do you have any screenshots?
If applicable, add screenshots to help explain your problem.

Do you have any additional context?
Add any other context about the problem.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingtriagedIssues labeled as 'Triaged' have been reviewed and are deemed actionable.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions