Skip to content

Commit

Permalink
Patch/acl (#231)
Browse files Browse the repository at this point in the history 
* consume permissions in repository

Signed-off-by: SuZhou-Joe <suzhou@amazon.com>

* feat: consume permissions in serializer

Signed-off-by: SuZhou-Joe <suzhou@amazon.com>

* Add unit tests for consuming permissions in repository

Signed-off-by: gaobinlong <gbinlong@amazon.com>

* feat: update

Signed-off-by: SuZhou-Joe <suzhou@amazon.com>

* fix: unit test

Signed-off-by: SuZhou-Joe <suzhou@amazon.com>

---------

Signed-off-by: SuZhou-Joe <suzhou@amazon.com>
Signed-off-by: gaobinlong <gbinlong@amazon.com>
Co-authored-by: gaobinlong <gbinlong@amazon.com>
  • Loading branch information
@SuZhou-Joe @gaobinlong
SuZhou-Joe and gaobinlong committed Mar 18, 2024
1 parent 132447b commit 63e8e9d
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 5 deletions.
30 changes: 30 additions & 0 deletions src/core/server/saved_objects/service/lib/repository.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -460,6 +460,14 @@ describe('SavedObjectsRepository', () => {
},
};
const workspace = 'foo-workspace';
const permissions = {
read: {
users: ['user1'],
},
write: {
groups: ['groups1'],
},
};

const getMockBulkCreateResponse = (objects, namespace) => {
return {
Expand Down Expand Up @@ -774,6 +782,18 @@ describe('SavedObjectsRepository', () => {
expect.anything()
);
});

it(`accepts permissions property when providing permissions info`, async () => {
const objects = [obj1, obj2].map((obj) => ({ ...obj, permissions: permissions }));
await bulkCreateSuccess(objects);
const expected = expect.objectContaining({ permissions });
const body = [expect.any(Object), expected, expect.any(Object), expected];
expect(client.bulk).toHaveBeenCalledWith(
expect.objectContaining({ body }),
expect.anything()
);
client.bulk.mockClear();
});
});

describe('errors', () => {
Expand Down Expand Up @@ -2269,6 +2289,16 @@ describe('SavedObjectsRepository', () => {
expect.anything()
);
});

it(`accepts permissions property`, async () => {
await createSuccess(type, attributes, { id, permissions });
expect(client.create).toHaveBeenCalledWith(
expect.objectContaining({
body: expect.objectContaining({ permissions }),
}),
expect.anything()
);
});
});

describe('errors', () => {
Expand Down
4 changes: 3 additions & 1 deletion src/core/server/saved_objects/service/lib/repository.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1064,7 +1064,7 @@ export class SavedObjectsRepository {
throw SavedObjectsErrorHelpers.createGenericNotFoundError(type, id);
}

const { originId, updated_at: updatedAt, permissions, workspaces } = body._source;
const { originId, updated_at: updatedAt, workspaces, permissions } = body._source;

let namespaces: string[] = [];
if (!this._registry.isNamespaceAgnostic(type)) {
Expand All @@ -1081,6 +1081,7 @@ export class SavedObjectsRepository {
...(updatedAt && { updated_at: updatedAt }),
...(permissions && { permissions }),
...(workspaces && { workspaces }),
...(permissions && { permissions }),
version: encodeHitVersion(body),
attributes: body._source[type],
references: body._source.references || [],
Expand Down Expand Up @@ -1163,6 +1164,7 @@ export class SavedObjectsRepository {
...(originId && { originId }),
...(permissions && { permissions }),
...(workspaces && { workspaces }),
...(permissions && { permissions }),
references,
attributes,
};
Expand Down
4 changes: 0 additions & 4 deletions src/core/server/saved_objects/service/saved_objects_client.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,10 +69,6 @@ export interface SavedObjectsCreateOptions extends SavedObjectsBaseOptions {
* Note: this can only be used for multi-namespace object types.
*/
initialNamespaces?: string[];
/**
* workspaces the new created objects belong to
*/
workspaces?: string[];
/** permission control describe by ACL object */
permissions?: Permissions;
}
Expand Down

0 comments on commit 63e8e9d

Please sign in to comment.