From 98d21a6724c6959d7241044d64f082002d7341ed Mon Sep 17 00:00:00 2001
From: Lin Wang <wonglam@amazon.com>
Date: Tue, 17 Oct 2023 14:27:22 +0800
Subject: [PATCH] feat: init permission control in workspace plugin

Signed-off-by: Lin Wang <wonglam@amazon.com>
---
 src/plugins/workspace/server/plugin.ts | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/plugins/workspace/server/plugin.ts b/src/plugins/workspace/server/plugin.ts
index 5b756ca077d4..9e516882518a 100644
--- a/src/plugins/workspace/server/plugin.ts
+++ b/src/plugins/workspace/server/plugin.ts
@@ -16,10 +16,15 @@ import { WorkspaceClientWithSavedObject } from './workspace_client';
 import { registerRoutes } from './routes';
 import { WorkspaceSavedObjectsClientWrapper } from './saved_objects';
 import { cleanWorkspaceId, getWorkspaceIdFromUrl } from '../../../core/server/utils';
+import {
+  SavedObjectsPermissionControl,
+  SavedObjectsPermissionControlContract,
+} from './permission_control/client';
 
 export class WorkspacePlugin implements Plugin<{}, {}> {
   private readonly logger: Logger;
   private client?: IWorkspaceDBImpl;
+  private permissionControl?: SavedObjectsPermissionControlContract;
 
   private proxyWorkspaceTrafficToRealHandler(setupDeps: CoreSetup) {
     /**
@@ -49,7 +54,11 @@ export class WorkspacePlugin implements Plugin<{}, {}> {
     await this.client.setup(core);
 
     this.proxyWorkspaceTrafficToRealHandler(core);
-    const workspaceSavedObjectsClientWrapper = new WorkspaceSavedObjectsClientWrapper();
+    this.permissionControl = new SavedObjectsPermissionControl(this.logger);
+
+    const workspaceSavedObjectsClientWrapper = new WorkspaceSavedObjectsClientWrapper(
+      this.permissionControl
+    );
 
     core.savedObjects.addClientWrapper(
       0,
@@ -70,6 +79,7 @@ export class WorkspacePlugin implements Plugin<{}, {}> {
 
   public start(core: CoreStart) {
     this.logger.debug('Starting Workspace service');
+    this.permissionControl?.setup(core.savedObjects.getScopedClient);
     this.client?.setSavedObjects(core.savedObjects);
 
     return {