RBAC in 6.4 introduced the "legacy fallback" which continues to use callWithRequest to access the .kibana index using the SavedObjectsClient when the security plugin is enabled if the user doesn't have any application privileges. When the user logs into Kibana with these users/roles, a deprecation warning is currently logged. We want to remove this legacy fallback behavior in 7.0.
RBAC in 6.4 introduced the "legacy fallback" which continues to use
callWithRequestto access the.kibanaindex using theSavedObjectsClientwhen the security plugin is enabled if the user doesn't have any application privileges. When the user logs into Kibana with these users/roles, a deprecation warning is currently logged. We want to remove this legacy fallback behavior in 7.0.