Restrict visibility to alerts

permissions
alerts
teams

(Olivier) #1

Hello community,

I try to figure out how I can restrict the visibility of the alerts to other teams.
The current set up of team_2 contains the user_B with has restricted access to service_B.
If I log in as user_B and go to the incident page the user can only see incidents from service_B.
But on the alerts page it will display all alerts from all other services… this is what I want to restrict so only alerts from service_B will be displayed.

Is this something I can achieve with permissions or what is the reason to display all alerts even though the user / team is not assigned to the service?

Thanks in advance :slight_smile:


(Thomas Roach) #2

That would be a feature request – permissions currently do not restrict access to the Alerts or Incidents page (or any of the alerts or incidents). I’ll submit this on your behalf to our Product team, and if there’s anything you’d like to add, do let me know.


(Olivier) #3

Thanks for your quick reply Tom.

With my current set up it restricts access only to incidents but not to alerts. For example if I copy the URL from an incident (i.e. https://***.pagerduty.com/incidents/PVU7XVQ) and open it in a different browser where user_B with restricted access to team_b is logged in I get a “Access Denied: You may have lost access to this incident if it has been resolved” error.
But with alerts it doesn’t work like this which is kind of inconsistent and sounds more like a bug to me. Or is there a reason for this?

Let me know when you need more information about my setup.


(Chiedu Uraih) #4

@Oliver,

So the beauty of Advance Permissions is that you can restrict access to Team objects
by making the Team Private. In this way, none Team members will not be able to
access Alerts. Mre on that feature here Let me know if that helps.

Cheers


(Olivier) #5

@chiedu,

Thanks for the info but this did not solve my problem.
You are right, the access to the alert / incident details from other teams are restricted. My problem is that when I open the Alerts page logged in as an user belonging to team B (and not team A) it shows the alerts from services user B (Responder role) does not have access to in the overview which it should not. When I click the link to open the alert details a “Access Denied” error pops up and the incident page is displayed.

I try to make it more clear with some screenshots:

  1. This screenshot shows the incident page of team b. Only incidents from services team b has access to are displayed. This works as expected.

  2. This screenshot shows the alerts page. This is my issue: alerts from other services the user does not have access to are displayed. Like for example “eqx_warnings”. I would expect here only alerts from service “tt_alerts”

  3. This screenshot shows what happens when I try to open an alert from the previous screen. “Access denied” even though the alert is displayed in the list…

So why are alerts shown in the overview page but I can’t open the details of them? My expected behaviour is that only alerts from services the user / team has access to are displayed (like the Incident page).

I hope I made it more clear :wink:


(Thomas Roach) #6

Thanks for the added clarity, Olivier.

As I mentioned, this is a feature request, so I’ll go ahead and submit that to our Product team. Unfortunately, there aren’t any workarounds we can suggest for this at the moment.


(Olivier) #7

Cheers Tom.

Can you give an estimate how long the implementation of this new feature takes? I personally still would call this a bug :wink:

Kind regards,
Olivier


(Thomas Roach) #8

We aren’t able to provide ETA’s unfortunately, as our engineering team is always working on improving PagerDuty, but if you can give me your email address (or email us at support@pagerduty.com), I can attach your email to the request if/when it does make it into PagerDuty!


(Olivier) #9

Hi Tom,

Not sure if you got my private message, anyways I’ll send it again as a reply.

Here my email address to attach to the request.
olivier.liechti@ipscape.com.au

Thanks and kind regards,
Olivier


(Thomas Roach) #10

Thanks for that! I’ll attach that to the feature request.


(system) #11

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.