From 0103ac66504e10f395c1d3403208597cbeb0ca68 Mon Sep 17 00:00:00 2001 From: Lin Wang Date: Thu, 13 Jul 2023 09:28:46 +0800 Subject: [PATCH] feat: add workspace permission control interface (#41) * feat: add workspace permission control interface Signed-off-by: Lin Wang * feat: add request parameter for workspace permission control Signed-off-by: Lin Wang --------- Signed-off-by: Lin Wang --- src/core/server/workspaces/index.ts | 2 ++ .../workspace_permission_control.ts | 23 +++++++++++++++++++ .../server/workspaces/workspaces_service.ts | 11 +++++++++ 3 files changed, 36 insertions(+) create mode 100644 src/core/server/workspaces/workspace_permission_control.ts diff --git a/src/core/server/workspaces/index.ts b/src/core/server/workspaces/index.ts index b9f765e4bba3..5441216c7314 100644 --- a/src/core/server/workspaces/index.ts +++ b/src/core/server/workspaces/index.ts @@ -11,3 +11,5 @@ export { } from './workspaces_service'; export { WorkspaceAttribute, WorkspaceFindOptions } from './types'; + +export { WorkspacePermissionControl } from './workspace_permission_control'; diff --git a/src/core/server/workspaces/workspace_permission_control.ts b/src/core/server/workspaces/workspace_permission_control.ts new file mode 100644 index 000000000000..bf85562c4669 --- /dev/null +++ b/src/core/server/workspaces/workspace_permission_control.ts @@ -0,0 +1,23 @@ +/* + * Copyright OpenSearch Contributors + * SPDX-License-Identifier: Apache-2.0 + */ + +import { OpenSearchDashboardsRequest } from '../http'; + +export enum WorkspacePermissionMode { + Read, + Admin, +} + +export class WorkspacePermissionControl { + public async validate( + workspaceId: string, + permissionModeOrModes: WorkspacePermissionMode | WorkspacePermissionMode[], + request: OpenSearchDashboardsRequest + ) { + return true; + } + + public async setup() {} +} diff --git a/src/core/server/workspaces/workspaces_service.ts b/src/core/server/workspaces/workspaces_service.ts index 7aa01db34beb..887cf46af86a 100644 --- a/src/core/server/workspaces/workspaces_service.ts +++ b/src/core/server/workspaces/workspaces_service.ts @@ -14,13 +14,16 @@ import { } from '../saved_objects'; import { IWorkspaceDBImpl } from './types'; import { WorkspacesClientWithSavedObject } from './workspaces_client'; +import { WorkspacePermissionControl } from './workspace_permission_control'; export interface WorkspacesServiceSetup { client: IWorkspaceDBImpl; + permissionControl: WorkspacePermissionControl; } export interface WorkspacesServiceStart { client: IWorkspaceDBImpl; + permissionControl: WorkspacePermissionControl; } export interface WorkspacesSetupDeps { @@ -40,6 +43,8 @@ export class WorkspacesService implements CoreService { private logger: Logger; private client?: IWorkspaceDBImpl; + private permissionControl?: WorkspacePermissionControl; + constructor(coreContext: CoreContext) { this.logger = coreContext.logger.get('workspaces-service'); } @@ -65,7 +70,11 @@ export class WorkspacesService this.logger.debug('Setting up Workspaces service'); this.client = new WorkspacesClientWithSavedObject(setupDeps); + this.permissionControl = new WorkspacePermissionControl(); + await this.client.setup(setupDeps); + await this.permissionControl.setup(); + this.proxyWorkspaceTrafficToRealHandler(setupDeps); registerRoutes({ @@ -76,6 +85,7 @@ export class WorkspacesService return { client: this.client, + permissionControl: this.permissionControl, }; } @@ -84,6 +94,7 @@ export class WorkspacesService return { client: this.client as IWorkspaceDBImpl, + permissionControl: this.permissionControl as WorkspacePermissionControl, }; }