Skip to content

Commit

Permalink
fix public workspace query when permission is not enabled
Browse files Browse the repository at this point in the history 
Signed-off-by: Hailong Cui <ihailong@amazon.com>
  • Loading branch information
@Hailong-am
Hailong-am committed Apr 16, 2024
1 parent 748da60 commit 49b1617
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 5 deletions.
2 changes: 1 addition & 1 deletion src/plugins/workspace/server/plugin.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ export class WorkspacePlugin implements Plugin<WorkspacePluginSetup, WorkspacePl
core.savedObjects.addClientWrapper(
PRIORITY_FOR_WORKSPACE_ID_CONSUMER_WRAPPER,
WORKSPACE_ID_CONSUMER_WRAPPER_ID,
new WorkspaceIdConsumerWrapper().wrapperFactory
new WorkspaceIdConsumerWrapper(isPermissionControlEnabled).wrapperFactory
);

const maxImportExportSize = core.savedObjects.getImportExportObjectLimit();
Expand Down
18 changes: 18 additions & 0 deletions src/plugins/workspace/server/saved_objects/workspace_id_consumer_wrapper.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,24 @@ describe('WorkspaceIdConsumerWrapper', () => {

it(`Should set workspacesSearchOperator when search with public workspace`, async () => {
await wrapperClient.find({
type: 'dashboard',
workspaces: [PUBLIC_WORKSPACE_ID],
});
expect(mockedClient.find).toBeCalledWith({
type: 'dashboard',
workspaces: [PUBLIC_WORKSPACE_ID],
workspacesSearchOperator: 'OR',
});
});

it(`Should remove public workspace when permission control is enabled`, async () => {
const consumer = new WorkspaceIdConsumerWrapper(true);
const client = consumer.wrapperFactory({
client: mockedClient,
typeRegistry: requestHandlerContext.savedObjects.typeRegistry,
request: workspaceEnabledMockRequest,
});
await client.find({
type: 'dashboard',
workspaces: ['bar', PUBLIC_WORKSPACE_ID],
});
Expand Down
13 changes: 9 additions & 4 deletions src/plugins/workspace/server/saved_objects/workspace_id_consumer_wrapper.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,13 +66,18 @@ export class WorkspaceIdConsumerWrapper {
delete: wrapperOptions.client.delete,
find: (options: SavedObjectsFindOptions) => {
const findOptions = this.formatWorkspaceIdParams(wrapperOptions.request, options);

// `PUBLIC_WORKSPACE_ID` includes both saved objects without any workspace and with `PUBLIC_WORKSPACE_ID` workspace
const index = findOptions.workspaces?.indexOf(PUBLIC_WORKSPACE_ID) || -1;
const index = findOptions.workspaces
? findOptions.workspaces.indexOf(PUBLIC_WORKSPACE_ID)
: -1;
if (!findOptions.workspacesSearchOperator && findOptions.workspaces && index !== -1) {
findOptions.workspacesSearchOperator = 'OR';
// remove public workspace to make sure we can pass permission control validation, more details in `WorkspaceSavedObjectsClientWrapper`
// remove this deletion logic when public workspace becomes to real
findOptions.workspaces.splice(index, 1);
if (this.isPermissionControlEnabled) {
// remove public workspace to make sure we can pass permission control validation, more details in `WorkspaceSavedObjectsClientWrapper`
findOptions.workspaces.splice(index, 1);
}
}
return wrapperOptions.client.find(findOptions);
},
Expand All @@ -86,5 +91,5 @@ export class WorkspaceIdConsumerWrapper {
};
};

constructor() {}
constructor(private isPermissionControlEnabled?: boolean) {}
}

0 comments on commit 49b1617

Please sign in to comment.