diff --git a/x-pack/plugins/reporting/server/config/schema.test.ts b/x-pack/plugins/reporting/server/config/schema.test.ts index e532a2eb8426a6..14ed1886e91364 100644 --- a/x-pack/plugins/reporting/server/config/schema.test.ts +++ b/x-pack/plugins/reporting/server/config/schema.test.ts @@ -112,4 +112,14 @@ describe('Reporting Config Schema', () => { ConfigSchema.validate({ export_types: { csv: { enabled: true } } }, { dev: true }) ).not.toThrow(); }); + + describe('roles', () => { + it('should have roles enabled set to false for serverless by default', () => { + expect(ConfigSchema.validate({}, { serverless: true }).roles.enabled).toBe(false); + }); + + it('should have roles enabled set to true for non-serverless by default', () => { + expect(ConfigSchema.validate({}).roles.enabled).toBe(true); + }); + }); }); diff --git a/x-pack/plugins/reporting/server/config/schema.ts b/x-pack/plugins/reporting/server/config/schema.ts index 35d77703a24486..4790a3fb6b7aae 100644 --- a/x-pack/plugins/reporting/server/config/schema.ts +++ b/x-pack/plugins/reporting/server/config/schema.ts @@ -84,8 +84,18 @@ const EncryptionKeySchema = schema.conditional( ); const RolesSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), // true: use ES API for access control (deprecated in 7.x). false: use Kibana API for application features (8.0) - allow: schema.arrayOf(schema.string(), { defaultValue: ['reporting_user'] }), + enabled: schema.conditional( + schema.contextRef('serverless'), + true, + schema.boolean({ defaultValue: false }), + schema.boolean({ defaultValue: true }) + ), // true: use ES API for access control (deprecated in 7.x). false: use Kibana API for application features (8.0) + allow: schema.conditional( + schema.contextRef('serverless'), + true, + schema.arrayOf(schema.string(), { defaultValue: [] }), + schema.arrayOf(schema.string(), { defaultValue: ['reporting_user'] }) + ), }); // Browser side polling: job completion notifier, management table auto-refresh