Skip to content

Commit

Permalink
[Saved Objects] Adds config flag to toggle hiddenFromHttpApis SO type…
Browse files Browse the repository at this point in the history
…s conditionally (#151512)

Co-authored-by: Kibana Machine <[email protected]>
  • Loading branch information
TinaHeiligers and kibanamachine authored Feb 22, 2023
1 parent 20ee302 commit a8f10ed
Show file tree
Hide file tree
Showing 40 changed files with 1,133 additions and 60 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,13 @@ export const savedObjectsMigrationConfig: ServiceConfigDescriptor<SavedObjectsMi
const soSchema = schema.object({
maxImportPayloadBytes: schema.byteSize({ defaultValue: 26_214_400 }),
maxImportExportSize: schema.number({ defaultValue: 10_000 }),
/* @internal Conditionally set default, dependening on if kibana's running from a dist build or not */
allowHttpApiAccess: schema.conditional(
schema.contextRef('dist'),
true,
schema.boolean({ defaultValue: true }),
schema.boolean({ defaultValue: false })
),
});

export type SavedObjectsConfigType = TypeOf<typeof soSchema>;
Expand All @@ -50,11 +57,11 @@ export const savedObjectsConfig: ServiceConfigDescriptor<SavedObjectsConfigType>
path: 'savedObjects',
schema: soSchema,
};

export class SavedObjectConfig {
public maxImportPayloadBytes: number;
public maxImportExportSize: number;

/* @internal depend on env: see https://github.com/elastic/dev/issues/2200 */
public allowHttpApiAccess: boolean;
public migration: SavedObjectsMigrationConfigType;

constructor(
Expand All @@ -64,5 +71,6 @@ export class SavedObjectConfig {
this.maxImportPayloadBytes = rawConfig.maxImportPayloadBytes.getValueInBytes();
this.maxImportExportSize = rawConfig.maxImportExportSize;
this.migration = rawMigrationConfig;
this.allowHttpApiAccess = rawConfig.allowHttpApiAccess;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,23 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwIfAnyTypeNotVisibleByAPI } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerBulkCreateRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const { allowHttpApiAccess } = config;
router.post(
{
path: '/_bulk_create',
Expand Down Expand Up @@ -62,7 +65,9 @@ export const registerBulkCreateRoute = (
const { savedObjects } = await context.core;

const typesToCheck = [...new Set(req.body.map(({ type }) => type))];
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);
if (!allowHttpApiAccess) {
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);
}
const result = await savedObjects.client.bulkCreate(req.body, { overwrite });
return res.ok({ body: result });
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,23 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwIfAnyTypeNotVisibleByAPI } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerBulkDeleteRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const { allowHttpApiAccess } = config;
router.post(
{
path: '/_bulk_delete',
Expand All @@ -47,8 +50,9 @@ export const registerBulkDeleteRoute = (
const { savedObjects } = await context.core;

const typesToCheck = [...new Set(req.body.map(({ type }) => type))];
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);

if (!allowHttpApiAccess) {
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);
}
const statuses = await savedObjects.client.bulkDelete(req.body, { force });
return res.ok({ body: statuses });
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,23 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwIfAnyTypeNotVisibleByAPI } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerBulkGetRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const { allowHttpApiAccess } = config;
router.post(
{
path: '/_bulk_get',
Expand All @@ -42,8 +45,9 @@ export const registerBulkGetRoute = (

const { savedObjects } = await context.core;
const typesToCheck = [...new Set(req.body.map(({ type }) => type))];
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);

if (!allowHttpApiAccess) {
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);
}
const result = await savedObjects.client.bulkGet(req.body);
return res.ok({ body: result });
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,23 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwIfAnyTypeNotVisibleByAPI } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerBulkResolveRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const { allowHttpApiAccess } = config;
router.post(
{
path: '/_bulk_resolve',
Expand All @@ -42,7 +45,9 @@ export const registerBulkResolveRoute = (

const { savedObjects } = await context.core;
const typesToCheck = [...new Set(req.body.map(({ type }) => type))];
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);
if (!allowHttpApiAccess) {
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);
}
const result = await savedObjects.client.bulkResolve(req.body);
return res.ok({ body: result });
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,23 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwIfAnyTypeNotVisibleByAPI } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerBulkUpdateRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const { allowHttpApiAccess } = config;
router.put(
{
path: '/_bulk_update',
Expand Down Expand Up @@ -55,8 +58,9 @@ export const registerBulkUpdateRoute = (
const { savedObjects } = await context.core;

const typesToCheck = [...new Set(req.body.map(({ type }) => type))];
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);

if (!allowHttpApiAccess) {
throwIfAnyTypeNotVisibleByAPI(typesToCheck, savedObjects.typeRegistry);
}
const savedObject = await savedObjects.client.bulkUpdate(req.body);
return res.ok({ body: savedObject });
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,23 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwIfTypeNotVisibleByAPI } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerCreateRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const { allowHttpApiAccess } = config;
router.post(
{
path: '/{type}/{id?}',
Expand Down Expand Up @@ -60,9 +63,9 @@ export const registerCreateRoute = (
usageStatsClient.incrementSavedObjectsCreate({ request: req }).catch(() => {});

const { savedObjects } = await context.core;

throwIfTypeNotVisibleByAPI(type, savedObjects.typeRegistry);

if (!allowHttpApiAccess) {
throwIfTypeNotVisibleByAPI(type, savedObjects.typeRegistry);
}
const options = {
id,
overwrite,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,23 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwIfTypeNotVisibleByAPI } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerDeleteRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const { allowHttpApiAccess } = config;
router.delete(
{
path: '/{type}/{id}',
Expand All @@ -42,8 +45,9 @@ export const registerDeleteRoute = (

const usageStatsClient = coreUsageData.getClient();
usageStatsClient.incrementSavedObjectsDelete({ request: req }).catch(() => {});
throwIfTypeNotVisibleByAPI(type, typeRegistry);

if (!allowHttpApiAccess) {
throwIfTypeNotVisibleByAPI(type, typeRegistry);
}
const client = getClient();
const result = await client.delete(type, id, { force });
return res.ok({ body: result });
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,21 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwOnHttpHiddenTypes } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerFindRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const referenceSchema = schema.object({
type: schema.string(),
Expand All @@ -28,7 +30,7 @@ export const registerFindRoute = (
const searchOperatorSchema = schema.oneOf([schema.literal('OR'), schema.literal('AND')], {
defaultValue: 'OR',
});

const { allowHttpApiAccess } = config;
router.get(
{
path: '/_find',
Expand Down Expand Up @@ -95,7 +97,7 @@ export const registerFindRoute = (
return fullType.name;
}
});
if (unsupportedTypes.length > 0) {
if (unsupportedTypes.length > 0 && !allowHttpApiAccess) {
throwOnHttpHiddenTypes(unsupportedTypes);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,20 +7,23 @@
*/

import { schema } from '@kbn/config-schema';
import { SavedObjectConfig } from '@kbn/core-saved-objects-base-server-internal';
import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal';
import type { Logger } from '@kbn/logging';
import type { InternalSavedObjectRouter } from '../internal_types';
import { catchAndReturnBoomErrors, throwIfTypeNotVisibleByAPI } from './utils';

interface RouteDependencies {
config: SavedObjectConfig;
coreUsageData: InternalCoreUsageDataSetup;
logger: Logger;
}

export const registerGetRoute = (
router: InternalSavedObjectRouter,
{ coreUsageData, logger }: RouteDependencies
{ config, coreUsageData, logger }: RouteDependencies
) => {
const { allowHttpApiAccess } = config;
router.get(
{
path: '/{type}/{id}',
Expand All @@ -39,7 +42,10 @@ export const registerGetRoute = (
usageStatsClient.incrementSavedObjectsGet({ request: req }).catch(() => {});

const { savedObjects } = await context.core;
throwIfTypeNotVisibleByAPI(type, savedObjects.typeRegistry);

if (!allowHttpApiAccess) {
throwIfTypeNotVisibleByAPI(type, savedObjects.typeRegistry);
}

const object = await savedObjects.client.get(type, id);
return res.ok({ body: object });
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,17 +53,17 @@ export function registerRoutes({
const router =
http.createRouter<InternalSavedObjectsRequestHandlerContext>('/api/saved_objects/');

registerGetRoute(router, { coreUsageData, logger });
registerResolveRoute(router, { coreUsageData, logger });
registerCreateRoute(router, { coreUsageData, logger });
registerDeleteRoute(router, { coreUsageData, logger });
registerFindRoute(router, { coreUsageData, logger });
registerUpdateRoute(router, { coreUsageData, logger });
registerBulkGetRoute(router, { coreUsageData, logger });
registerBulkCreateRoute(router, { coreUsageData, logger });
registerBulkResolveRoute(router, { coreUsageData, logger });
registerBulkUpdateRoute(router, { coreUsageData, logger });
registerBulkDeleteRoute(router, { coreUsageData, logger });
registerGetRoute(router, { config, coreUsageData, logger });
registerResolveRoute(router, { config, coreUsageData, logger });
registerCreateRoute(router, { config, coreUsageData, logger });
registerDeleteRoute(router, { config, coreUsageData, logger });
registerFindRoute(router, { config, coreUsageData, logger });
registerUpdateRoute(router, { config, coreUsageData, logger });
registerBulkGetRoute(router, { config, coreUsageData, logger });
registerBulkCreateRoute(router, { config, coreUsageData, logger });
registerBulkResolveRoute(router, { config, coreUsageData, logger });
registerBulkUpdateRoute(router, { config, coreUsageData, logger });
registerBulkDeleteRoute(router, { config, coreUsageData, logger });
registerExportRoute(router, { config, coreUsageData });
registerImportRoute(router, { config, coreUsageData });
registerResolveImportErrorsRoute(router, { config, coreUsageData });
Expand Down
Loading

0 comments on commit a8f10ed

Please sign in to comment.