How do I disable plugin auto install?

ecerulm
ecerulm Registered Posts: 47 ✭✭✭✭✭

I noticed a user requested the install of "Time Series Preparation" plugin and it was automatically approved. It says "APPROVED Approved automaticaly: plugin was installed - 12 minutes ago"

Pasted_Image_2023-08-18__14_18.jpg

Where can I disable this automatic approval?

In Administration > Settings > Other > Misc > Access & requests I can see "Plugins requests : Allow non-admin users to request a plugin installation" but that is not it, that will prevent the user from clicking the "REQUEST INSTALL" button, but that's not what I want.


I don't understand why that plugin was installed without my approval, I have tested with another user and other plugin and that is not "automatically approved".


Operating system used: Amazon Linux 2

Tagged:

Best Answer

  • ecerulm
    ecerulm Registered Posts: 47 ✭✭✭✭✭
    edited July 17 Answer ✓

    I contacted dataiku support about this

    Turn out the message "Approved automatically" means that

    • there was an pending request to install this plugin by user X
    • An administrator installed the plugin, (not approved the request, but installed the plugin directly from the store)
    • then dataiku marks any pending request to install this plugin as "approved automatically" since the plugin is already installed.
    • So it was "automatically approved" but not "automatically installed" , it was "automatically approved" when the admin user installed it.

    In order to find who and when the plugin was installed you need to look into the audit.log and search for "admin-plugin-install-from-store"

    {
    "severity": "INFO",
    "logger": "dku.audit.generic",
    "topic": "generic",
    "message": {
    "callPath": "/api/plugins/install-from-store",
    "auditTopic": "generic",
    "msgType": "admin-plugin-install-from-store",
    "authSource": "USER_FROM_UI",
    "pluginId": "timeseries-preparation",
    "clientIP": "xxx",
    "xForwardedFor": "xxx",
    "authUser": "xxx",
    "originalIP": "xxx"
    },
    "mdc": {
    "apiCall": "/api/plugins/install-from-store",
    "user": "xxx"
    },
    "callTime": 62,
    "timestamp": "2023-08-18T12:05:34.295+0000"
    }

    Unfortunately, when the plugin was installed and by who is not show on the Dataiku UI > Plugins > Time Series Preparation plugin summary (or anywhere else in the UI ) . I've filled a Product Idea at https://community.dataiku.com/t5/Product-Ideas/The-Plugin-summary-page-should-show-when-the-plugin-was/idi-p/36835 to add that kind of information to the UI

Answers

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,088 Neuron

    I wonder if this is because the user belongs to a security group which has the "Develop Plugin" option turned on. Technically speaking if a user can develop a plugin then it should be able to create a new one so therefore that might also translate to installing one too. If this is not the case please raise with Dataiku Support and update the thread once you know more, we are moving to v12 soon so we wouldn't want this automatic approval behavoir either.

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,088 Neuron

    Many thanks for posting the update and raising the product idea. I have voted for it as well as I do think this should have more visibility in the UI. Also there seems to be no way to get this information from the Python API either.

  • Miasm1
    Miasm1 Registered Posts: 7

    Hello,

    You can follow these steps:

    1. Go to Administration > Plugins > Plugin Management.
    2. Find the Automatic Approvals section.
    3. Toggle off auto-approvals for plugin installations.
    4. Save changes and test to confirm.

    Thanks!

  • ecerulm
    ecerulm Registered Posts: 47 ✭✭✭✭✭

    @Miasm1

    I can't find the option that you talk about in DSS 12.1.3

    Under Administration there is only (License, Connection, Security, Clusters, Code Studios, Code Envs, Monitoring, Maintenance, Settings), there is no "Administration > Plugins"

    Pasted_Image_2023-08-26__11_39.jpg

    I wonder, what version of DSS are you using, can you post a screenshot?

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,088 Neuron

    @ecerulm
    I am afraid you have been duped by most likely an AI spam bot. We had few of these over the last few months post in the Community. They are very hard to detect as you can see but for the moment most will have a single URL link to Levono . com or igmguru . com somewhere in the post. They are usually on subject and come up with "meaningful" answers or even questions as well.

    No doubt it's going to get even harder to discern human content from AI content in the next few years. Maybe Dataiku should create an adversarial neural network to fight the AI bots? Who knows in a few years humans might be gone from this forum and it will only have posts from AI bots teaching themselves how to use Dataiku

    The irony of a machine learning user forum being attacked by an AI bot...

    CC @LisaB
    @MichaelG

Setup Info
    Tags
      Help me…