diff --git a/src/core/server/saved_objects/migrations/core/__snapshots__/build_active_mappings.test.ts.snap b/src/core/server/saved_objects/migrations/core/__snapshots__/build_active_mappings.test.ts.snap index 6f67893104e7..f8ef47cae894 100644 --- a/src/core/server/saved_objects/migrations/core/__snapshots__/build_active_mappings.test.ts.snap +++ b/src/core/server/saved_objects/migrations/core/__snapshots__/build_active_mappings.test.ts.snap @@ -10,7 +10,6 @@ Object { "namespace": "2f4316de49999235636386fe51dc06c1", "namespaces": "2f4316de49999235636386fe51dc06c1", "originId": "2f4316de49999235636386fe51dc06c1", - "permissions": "07c04cdd060494956fdddaa7ef86e8ac", "references": "7997cf5a56cc02bdc9c93361bde732b0", "type": "2f4316de49999235636386fe51dc06c1", "updated_at": "00da57df13e94e9d98437d13ace4bfe0", @@ -37,60 +36,6 @@ Object { "originId": Object { "type": "keyword", }, - "permissions": Object { - "properties": Object { - "library_read": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "library_write": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "management": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "read": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "write": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - }, - }, "references": Object { "properties": Object { "id": Object { @@ -124,7 +69,6 @@ Object { "namespace": "2f4316de49999235636386fe51dc06c1", "namespaces": "2f4316de49999235636386fe51dc06c1", "originId": "2f4316de49999235636386fe51dc06c1", - "permissions": "07c04cdd060494956fdddaa7ef86e8ac", "references": "7997cf5a56cc02bdc9c93361bde732b0", "secondType": "72d57924f415fbadb3ee293b67d233ab", "thirdType": "510f1f0adb69830cf8a1c5ce2923ed82", @@ -155,60 +99,6 @@ Object { "originId": Object { "type": "keyword", }, - "permissions": Object { - "properties": Object { - "library_read": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "library_write": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "management": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "read": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "write": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - }, - }, "references": Object { "properties": Object { "id": Object { diff --git a/src/core/server/saved_objects/migrations/core/build_active_mappings.ts b/src/core/server/saved_objects/migrations/core/build_active_mappings.ts index efedd9351a22..55b73daabc3e 100644 --- a/src/core/server/saved_objects/migrations/core/build_active_mappings.ts +++ b/src/core/server/saved_objects/migrations/core/build_active_mappings.ts @@ -171,16 +171,6 @@ function findChangedProp(actual: any, expected: any) { * @returns {IndexMapping} */ function defaultMapping(): IndexMapping { - const principals: SavedObjectsFieldMapping = { - properties: { - users: { - type: 'keyword', - }, - groups: { - type: 'keyword', - }, - }, - }; return { dynamic: 'strict', properties: { @@ -219,15 +209,6 @@ function defaultMapping(): IndexMapping { }, }, }, - permissions: { - properties: { - read: principals, - write: principals, - management: principals, - library_read: principals, - library_write: principals, - }, - }, }, }; } diff --git a/src/core/server/saved_objects/migrations/core/index_migrator.test.ts b/src/core/server/saved_objects/migrations/core/index_migrator.test.ts index f22234fc8996..8b1f5df9640a 100644 --- a/src/core/server/saved_objects/migrations/core/index_migrator.test.ts +++ b/src/core/server/saved_objects/migrations/core/index_migrator.test.ts @@ -227,7 +227,6 @@ describe('IndexMigrator', () => { namespace: '2f4316de49999235636386fe51dc06c1', namespaces: '2f4316de49999235636386fe51dc06c1', originId: '2f4316de49999235636386fe51dc06c1', - permissions: '07c04cdd060494956fdddaa7ef86e8ac', references: '7997cf5a56cc02bdc9c93361bde732b0', type: '2f4316de49999235636386fe51dc06c1', updated_at: '00da57df13e94e9d98437d13ace4bfe0', @@ -241,40 +240,6 @@ describe('IndexMigrator', () => { originId: { type: 'keyword' }, type: { type: 'keyword' }, updated_at: { type: 'date' }, - permissions: { - properties: { - library_read: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - library_write: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - management: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - read: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - write: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - }, - }, references: { type: 'nested', properties: { @@ -379,7 +344,6 @@ describe('IndexMigrator', () => { namespace: '2f4316de49999235636386fe51dc06c1', namespaces: '2f4316de49999235636386fe51dc06c1', originId: '2f4316de49999235636386fe51dc06c1', - permissions: '07c04cdd060494956fdddaa7ef86e8ac', references: '7997cf5a56cc02bdc9c93361bde732b0', type: '2f4316de49999235636386fe51dc06c1', updated_at: '00da57df13e94e9d98437d13ace4bfe0', @@ -394,40 +358,6 @@ describe('IndexMigrator', () => { originId: { type: 'keyword' }, type: { type: 'keyword' }, updated_at: { type: 'date' }, - permissions: { - properties: { - library_read: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - library_write: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - management: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - read: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - write: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - }, - }, references: { type: 'nested', properties: { @@ -475,7 +405,6 @@ describe('IndexMigrator', () => { namespace: '2f4316de49999235636386fe51dc06c1', namespaces: '2f4316de49999235636386fe51dc06c1', originId: '2f4316de49999235636386fe51dc06c1', - permissions: '07c04cdd060494956fdddaa7ef86e8ac', references: '7997cf5a56cc02bdc9c93361bde732b0', type: '2f4316de49999235636386fe51dc06c1', updated_at: '00da57df13e94e9d98437d13ace4bfe0', @@ -490,40 +419,6 @@ describe('IndexMigrator', () => { originId: { type: 'keyword' }, type: { type: 'keyword' }, updated_at: { type: 'date' }, - permissions: { - properties: { - library_read: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - library_write: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - management: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - read: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - write: { - properties: { - users: { type: 'keyword' }, - groups: { type: 'keyword' }, - }, - }, - }, - }, references: { type: 'nested', properties: { diff --git a/src/core/server/saved_objects/migrations/opensearch_dashboards/__snapshots__/opensearch_dashboards_migrator.test.ts.snap b/src/core/server/saved_objects/migrations/opensearch_dashboards/__snapshots__/opensearch_dashboards_migrator.test.ts.snap index 5e39af788d79..baebb7848798 100644 --- a/src/core/server/saved_objects/migrations/opensearch_dashboards/__snapshots__/opensearch_dashboards_migrator.test.ts.snap +++ b/src/core/server/saved_objects/migrations/opensearch_dashboards/__snapshots__/opensearch_dashboards_migrator.test.ts.snap @@ -10,7 +10,6 @@ Object { "namespace": "2f4316de49999235636386fe51dc06c1", "namespaces": "2f4316de49999235636386fe51dc06c1", "originId": "2f4316de49999235636386fe51dc06c1", - "permissions": "07c04cdd060494956fdddaa7ef86e8ac", "references": "7997cf5a56cc02bdc9c93361bde732b0", "type": "2f4316de49999235636386fe51dc06c1", "updated_at": "00da57df13e94e9d98437d13ace4bfe0", @@ -45,60 +44,6 @@ Object { "originId": Object { "type": "keyword", }, - "permissions": Object { - "properties": Object { - "library_read": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "library_write": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "management": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "read": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - "write": Object { - "properties": Object { - "groups": Object { - "type": "keyword", - }, - "users": Object { - "type": "keyword", - }, - }, - }, - }, - }, "references": Object { "properties": Object { "id": Object { diff --git a/src/core/server/saved_objects/service/lib/repository.ts b/src/core/server/saved_objects/service/lib/repository.ts index 5a9e0696e840..61da059f7839 100644 --- a/src/core/server/saved_objects/service/lib/repository.ts +++ b/src/core/server/saved_objects/service/lib/repository.ts @@ -292,8 +292,8 @@ export class SavedObjectsRepository { migrationVersion, updated_at: time, ...(Array.isArray(references) && { references }), - ...(permissions && { permissions }), ...(Array.isArray(workspaces) && { workspaces }), + ...(permissions && { permissions }), }); const raw = this._serializer.savedObjectToRaw(migrated as SavedObjectSanitizedDoc); @@ -476,8 +476,8 @@ export class SavedObjectsRepository { updated_at: time, references: object.references || [], originId: object.originId, - ...(object.permissions && { permissions: object.permissions }), ...(savedObjectWorkspaces && { workspaces: savedObjectWorkspaces }), + ...(object.permissions && { permissions: object.permissions }), }) as SavedObjectSanitizedDoc ), }; diff --git a/src/core/server/saved_objects/service/saved_objects_client.ts b/src/core/server/saved_objects/service/saved_objects_client.ts index 7ebe525df0ed..e1c3d16a9258 100644 --- a/src/core/server/saved_objects/service/saved_objects_client.ts +++ b/src/core/server/saved_objects/service/saved_objects_client.ts @@ -69,12 +69,12 @@ export interface SavedObjectsCreateOptions extends SavedObjectsBaseOptions { * Note: this can only be used for multi-namespace object types. */ initialNamespaces?: string[]; - /** permission control describe by ACL object */ - permissions?: Permissions; /** * workspaces the new created objects belong to */ workspaces?: string[]; + /** permission control describe by ACL object */ + permissions?: Permissions; } /** diff --git a/src/plugins/workspace/server/integration_tests/routes.test.ts b/src/plugins/workspace/server/integration_tests/routes.test.ts index 8eeb010b4a21..0c6e55101b7f 100644 --- a/src/plugins/workspace/server/integration_tests/routes.test.ts +++ b/src/plugins/workspace/server/integration_tests/routes.test.ts @@ -34,6 +34,11 @@ describe('workspace service', () => { enabled: false, }, }, + savedObjects: { + permission: { + enabled: true, + }, + }, migrations: { skip: false }, }, }, diff --git a/src/plugins/workspace/server/saved_objects/integration_tests/saved_objects_wrapper_for_check_workspace_conflict.test.ts b/src/plugins/workspace/server/saved_objects/integration_tests/saved_objects_wrapper_for_check_workspace_conflict.test.ts index 75b19bb225b0..ec5259608c72 100644 --- a/src/plugins/workspace/server/saved_objects/integration_tests/saved_objects_wrapper_for_check_workspace_conflict.test.ts +++ b/src/plugins/workspace/server/saved_objects/integration_tests/saved_objects_wrapper_for_check_workspace_conflict.test.ts @@ -35,6 +35,11 @@ describe('saved_objects_wrapper_for_check_workspace_conflict integration test', workspace: { enabled: true, }, + savedObjects: { + permission: { + enabled: true, + }, + }, migrations: { skip: false, }, diff --git a/src/plugins/workspace/server/saved_objects/integration_tests/workspace_saved_objects_client_wrapper.test.ts b/src/plugins/workspace/server/saved_objects/integration_tests/workspace_saved_objects_client_wrapper.test.ts index 9f4f46b4dc99..2a7fb0e440b5 100644 --- a/src/plugins/workspace/server/saved_objects/integration_tests/workspace_saved_objects_client_wrapper.test.ts +++ b/src/plugins/workspace/server/saved_objects/integration_tests/workspace_saved_objects_client_wrapper.test.ts @@ -69,6 +69,8 @@ describe('WorkspaceSavedObjectsClientWrapper', () => { osd: { workspace: { enabled: true, + }, + savedObjects: { permission: { enabled: true, },