DELETE in "Any request" tab needs confirmation

[yu55]

We are starting to use elasticsearch in our company with elasticsearch-head as primary UI, and we like it very much.

Unfortunately we removed whole data several times because of lack of protection against sending accidental DELETE request in "Any request" tab. We index lots of data and we really don't want this to happen on production environment.

Fix for issue #65 is not enough in our opinion.

A simple "type in DELETE" confirmation prompt would be sufficient.

[baldurh]

This literally happened to me 10 minutes ago! This would definitely be helpful 👍

[yu55]

baldurh, there is a pull request for that: #146 but mobz is not interested in merging it or even discussing it.
Maybe add a comment to this pull request #146 if You're interested and mobz will respond... maybe.

[mobz]

The idea of the "Any request" tab is that it's a replacement for using curl on the command line (curl does not prompt for -XDELETE ) so adding additional user interaction to perform an operation is not desirable. For example, a user may wish to delete 100 documents with this interface. Forcing them to type D E L E T E before each action is too burdensome.
I am keen to help users where i can though. Perhaps there would be another solution that was not too invasive, but still help people avoid mistakes?
Perhaps make the 'Request' button or the query window red, or have some other visual indication of a potential destructive action? What do you think?

[yu55]

We decided that using curl on production environment is so dangerous that
on-duty officers will use special scripts to do some operations related
with our data. Only in super bad situations curl usage will be permitted.
It's just too much data to lost and too much time to index them again.
I was thinking that HEADs "Any request" tab could have additional checkbox
called "Prompt DELETE" which is enabled only when DELETE method is chosen.
And every time You change from any method to DELETE method this checkbox
will be automatically set enabled AND checked. When checkbox is checked and
user will try to execute this request, HEAD will always prompt "This is
potentially dangerous operation. Are You sure?". If user wants to do this
operation many times checkbox must be unchecked and there will be no more
prompts. I think this makes DELETE operations more save.
What do You think?

2014-08-13 0:28 GMT+02:00 Ben Birch [email protected]:

The idea of the "Any request" tab is that it's a replacement for using
curl on the command line (curl does not prompt for -XDELETE ) so I'm not
keen to add additional user interaction to perform an operation is not
desirable. For example, a user may wish to delete 100 documents with this
interface. Forcing them to type D E L E T E before each action is too
burdensome.
I am keen to help users where i can though. Perhaps there would be another
solution that was not too invasive, but still help people avoid mistakes?
Perhaps make the 'Request' button or the query window red, or have some
other visual indication of a potential destructive action? What do you
think?

—
Reply to this email directly or view it on GitHub
#145 (comment)
.

Marcin P

[mobz]

One option I was considering a while ago is the ability to open a cluster in 'production' mode. This would have a few effects

• can not perform destructive operations
• obfuscate data is search results (hide client data)
• others??

production mode does not provide real security, just a sort of shim for using head in production mode that is a bit more careful.

This feature would prevent the delete operation or put it behind a confirm dialog

[yu55]

Production mode idea seems OK. How will You configure HEAD on production to
always open in "production mode" and not in "destroyer" mode?

2014-08-19 2:42 GMT+02:00 Ben Birch [email protected]:

One option I was considering a while ago is the ability to open a cluster
in 'production' mode. This would have a few effects

• can not perform destructive operations
• obfuscate data is search results (hide client data)
• others??

production mode does not provide real security, just a sort of shim for
using head in production mode that is a bit more careful.

This feature would prevent the delete operation or put it behind a confirm
dialog

—
Reply to this email directly or view it on GitHub
#145 (comment)
.

Marcin P