ruanyl · SuZhou-Joe · Apr 8, 2024 · Mar 13, 2024 · Mar 13, 2024 · Mar 13, 2024
@@ -65,7 +65,7 @@ export interface SavedObjectsCreateOptions {
   /** {@inheritDoc SavedObjectsMigrationVersion} */
   migrationVersion?: SavedObjectsMigrationVersion;
   references?: SavedObjectReference[];
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 }
 
 /**
@@ -83,7 +83,7 @@ export interface SavedObjectsBulkCreateObject<T = unknown> extends SavedObjectsC
 export interface SavedObjectsBulkCreateOptions {
   /** If a document with the given `id` already exists, overwrite it's contents (default=false). */
   overwrite?: boolean;
-  workspaces?: string[];
+  workspaces?: SavedObjectsCreateOptions['workspaces'];
 }
 
 /** @public */

@@ -61,7 +61,7 @@ export interface SavedObjectsExportOptions {
   /** optional namespace to override the namespace used by the savedObjectsClient. */
   namespace?: string;
   /** optional workspaces to override the workspaces used by the savedObjectsClient. */
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 }
 
 /**
@@ -97,7 +97,7 @@ async function fetchObjectsToExport({
   exportSizeLimit: number;
   savedObjectsClient: SavedObjectsClientContract;
   namespace?: string;
-  workspaces?: string[];
+  workspaces?: SavedObjectsExportOptions['workspaces'];
 }) {
   if ((types?.length ?? 0) > 0 && (objects?.length ?? 0) > 0) {
     throw Boom.badRequest(`Can't specify both "types" and "objects" properties when exporting`);

@@ -44,7 +44,7 @@ interface CheckConflictsParams {
   ignoreRegularConflicts?: boolean;
   retries?: SavedObjectsImportRetry[];
   createNewCopies?: boolean;
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 }
 
 const isUnresolvableConflict = (error: SavedObjectError) =>
@@ -79,7 +79,7 @@ export async function checkConflicts({
   });
   const checkConflictsResult = await savedObjectsClient.checkConflicts(objectsToCheck, {
     namespace,
-    workspaces,
+    ...(workspaces ? { workspaces } : {}),
   });
   const errorMap = checkConflictsResult.errors.reduce(
     (acc, { type, id, error }) => acc.set(`${type}:${id}`, error),

@@ -41,7 +41,7 @@ interface CreateSavedObjectsParams<T> {
   overwrite?: boolean;
   dataSourceId?: string;
   dataSourceTitle?: string;
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 }
 interface CreateSavedObjectsResult<T> {
   createdObjects: Array<CreatedObject<T>>;

@@ -190,7 +190,7 @@ export interface SavedObjectsImportOptions {
   dataSourceId?: string;
   dataSourceTitle?: string;
   /** if specified, will import in given workspaces */
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 }
 
 /**
@@ -215,7 +215,7 @@ export interface SavedObjectsResolveImportErrorsOptions {
   dataSourceId?: string;
   dataSourceTitle?: string;
   /** if specified, will import in given workspaces */
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 }
 
 export type CreatedObject<T> = SavedObject<T> & { destinationId?: string };
@@ -70,7 +70,7 @@ export const registerBulkCreateRoute = (router: IRouter) => {
         : undefined;
       const result = await context.core.savedObjects.client.bulkCreate(req.body, {
         overwrite,
-        workspaces,
+        ...(workspaces ? { workspaces } : {}),
       });
       return res.ok({ body: result });
     })

@@ -71,7 +71,7 @@ export const registerCreateRoute = (router: IRouter) => {
         migrationVersion,
         references,
         initialNamespaces,
-        workspaces,
+        ...(workspaces ? { workspaces } : {}),
       };
       const result = await context.core.savedObjects.client.create(type, attributes, options);
       return res.ok({ body: result });

@@ -106,7 +106,7 @@ export const registerExportRoute = (router: IRouter, config: SavedObjectConfig)
         exportSizeLimit: maxImportExportSize,
         includeReferencesDeep,
         excludeExportDetails,
-        workspaces,
+        ...(workspaces ? { workspaces } : {}),
       });
 
       const docsToExport: string[] = await createPromiseFromStreams([

@@ -85,7 +85,7 @@ export const registerFindRoute = (router: IRouter) => {
         fields: typeof query.fields === 'string' ? [query.fields] : query.fields,
         filter: query.filter,
         namespaces,
-        workspaces,
+        ...(workspaces ? { workspaces } : {}),
       });
 
       return res.ok({ body: result });

@@ -29,7 +29,7 @@
  */
 
 import { Permissions } from '../permission_control';
-import { SavedObjectsMigrationVersion, SavedObjectReference } from '../types';
+import { SavedObjectsMigrationVersion, SavedObjectReference, SavedObject } from '../types';
 
 /**
  * A raw document as represented directly in the saved object index.
@@ -53,7 +53,7 @@ export interface SavedObjectsRawDocSource {
   updated_at?: string;
   references?: SavedObjectReference[];
   originId?: string;
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 
   [typeMapping: string]: any;
 }
@@ -71,7 +71,7 @@ interface SavedObjectDoc<T = unknown> {
   version?: string;
   updated_at?: string;
   originId?: string;
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
   permissions?: Permissions;
 }
 

@@ -167,7 +167,7 @@ interface QueryParams {
   defaultSearchOperator?: string;
   hasReference?: HasReferenceQueryParams;
   kueryNode?: KueryNode;
-  workspaces?: string[];
+  workspaces?: SavedObjectsFindOptions['workspaces'];
   workspacesSearchOperator?: 'AND' | 'OR';
   ACLSearchParams?: SavedObjectsFindOptions['ACLSearchParams'];
 }

@@ -53,7 +53,7 @@ interface GetSearchDslOptions {
     id: string;
   };
   kueryNode?: KueryNode;
-  workspaces?: string[];
+  workspaces?: SavedObjectsFindOptions['workspaces'];
   workspacesSearchOperator?: 'AND' | 'OR';
   ACLSearchParams?: SavedObjectsFindOptions['ACLSearchParams'];
 }

@@ -69,10 +69,6 @@ export interface SavedObjectsCreateOptions extends SavedObjectsBaseOptions {
    * Note: this can only be used for multi-namespace object types.
    */
   initialNamespaces?: string[];
-  /**
-   * workspaces the new created objects belong to
-   */
-  workspaces?: string[];
   /** permission control describe by ACL object */
   permissions?: Permissions;
 }
@@ -101,7 +97,7 @@ export interface SavedObjectsBulkCreateObject<T = unknown> {
   /**
    * workspaces the objects belong to, will only be used when overwrite is enabled.
    */
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 }
 
 /**

@@ -112,7 +112,7 @@ export interface SavedObjectsFindOptions {
   /** An optional OpenSearch preference value to be used for the query **/
   preference?: string;
   /** If specified, will only retrieve objects that are in the workspaces */
-  workspaces?: string[];
+  workspaces?: SavedObjectsBaseOptions['workspaces'];
   /** By default the operator will be 'AND' */
   workspacesSearchOperator?: 'AND' | 'OR';
   /**
@@ -132,7 +132,7 @@ export interface SavedObjectsBaseOptions {
   /** Specify the namespace for this operation */
   namespace?: string;
   /** Specify the workspaces for this operation */
-  workspaces?: string[];
+  workspaces?: SavedObject['workspaces'];
 }
 
 /**

diff --git a/src/core/types/saved_objects.ts b/src/core/types/saved_objects.ts
@@ -115,7 +115,7 @@ export interface SavedObject<T = unknown> {
    */
   originId?: string;
   /** Workspaces that this saved object exists in. */
-  workspaces?: string[];
+  workspaces?: string[] | null;
   /** Permissions that this saved objects exists in. */
   permissions?: Permissions;
 }

@@ -60,14 +60,6 @@ declare module 'hapi' {
   }
 }
 
-declare module '@hapi/hapi' {
-  interface PluginsStates {
-    workspace?: {
-      id?: string;
-    };
-  }
-}
-
 type OsdMixinFunc = (osdServer: OsdServer, server: Server, config: any) => Promise<any> | void;
 
 export interface PluginsSetup {

@@ -20,3 +20,5 @@ export enum WorkspacePermissionMode {
   LibraryRead = 'library_read',
   LibraryWrite = 'library_write',
 }
+
+export const WORKSPACE_ID_CONSUMER_WRAPPER_ID = 'workspace_id_consumer';
@@ -3,8 +3,10 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { coreMock } from '../../../core/server/mocks';
+import { OnPreRoutingHandler } from 'src/core/server';
+import { coreMock, httpServerMock } from '../../../core/server/mocks';
 import { WorkspacePlugin } from './plugin';
+import { getWorkspaceState } from '../../../core/server/utils';
 
 describe('Workspace server plugin', () => {
   it('#setup', async () => {
@@ -24,5 +26,66 @@ describe('Workspace server plugin', () => {
         },
       }
     `);
+    expect(setupMock.savedObjects.addClientWrapper).toBeCalledTimes(3);
+  });
+
+  it('#proxyWorkspaceTrafficToRealHandler', async () => {
+    const setupMock = coreMock.createSetup();
+    const initializerContextConfigMock = coreMock.createPluginInitializerContext({
+      enabled: true,
+      permission: {
+        enabled: true,
+      },
+    });
+    let onPreRoutingFn: OnPreRoutingHandler = () => httpServerMock.createResponseFactory().ok();
+    setupMock.http.registerOnPreRouting.mockImplementation((fn) => {
+      onPreRoutingFn = fn;
+      return fn;
+    });
+    const workspacePlugin = new WorkspacePlugin(initializerContextConfigMock);
+    await workspacePlugin.setup(setupMock);
+    const toolKitMock = httpServerMock.createToolkit();
+
+    const requestWithWorkspaceInUrl = httpServerMock.createOpenSearchDashboardsRequest({
+      path: '/w/foo/app',
+    });
+    onPreRoutingFn(requestWithWorkspaceInUrl, httpServerMock.createResponseFactory(), toolKitMock);
+    expect(toolKitMock.rewriteUrl).toBeCalledWith('http://localhost/app');
+    expect(toolKitMock.next).toBeCalledTimes(0);
+    expect(getWorkspaceState(requestWithWorkspaceInUrl)).toEqual({
+      id: 'foo',
+    });
+
+    const requestWithoutWorkspaceInUrl = httpServerMock.createOpenSearchDashboardsRequest({
+      path: '/app',
+    });
+    onPreRoutingFn(
+      requestWithoutWorkspaceInUrl,
+      httpServerMock.createResponseFactory(),
+      toolKitMock
+    );
+    expect(toolKitMock.next).toBeCalledTimes(1);
+  });
+
+  it('#start', async () => {
+    const setupMock = coreMock.createSetup();
+    const startMock = coreMock.createStart();
+    const initializerContextConfigMock = coreMock.createPluginInitializerContext({
+      enabled: true,
+      permission: {
+        enabled: true,
+      },
+    });
+
+    const workspacePlugin = new WorkspacePlugin(initializerContextConfigMock);
+    await workspacePlugin.setup(setupMock);
+    await workspacePlugin.start(startMock);
+    expect(startMock.savedObjects.createSerializer).toBeCalledTimes(1);
+  });
+
+  it('#stop', () => {
+    const initializerContextConfigMock = coreMock.createPluginInitializerContext();
+    const workspacePlugin = new WorkspacePlugin(initializerContextConfigMock);
+    workspacePlugin.stop();
   });
 });
@@ -16,17 +16,23 @@ import {
 import {
   WORKSPACE_SAVED_OBJECTS_CLIENT_WRAPPER_ID,
   WORKSPACE_CONFLICT_CONTROL_SAVED_OBJECTS_CLIENT_WRAPPER_ID,
+  WORKSPACE_ID_CONSUMER_WRAPPER_ID,
 } from '../common/constants';
-import { cleanWorkspaceId, getWorkspaceIdFromUrl } from '../../../core/server/utils';
 import { IWorkspaceClientImpl, WorkspacePluginSetup, WorkspacePluginStart } from './types';
 import { WorkspaceClient } from './workspace_client';
 import { registerRoutes } from './routes';
 import { WorkspaceSavedObjectsClientWrapper } from './saved_objects';
+import {
+  cleanWorkspaceId,
+  getWorkspaceIdFromUrl,
+  updateWorkspaceState,
+} from '../../../core/server/utils';
 import { WorkspaceConflictSavedObjectsClientWrapper } from './saved_objects/saved_objects_wrapper_for_check_workspace_conflict';
 import {
   SavedObjectsPermissionControl,
   SavedObjectsPermissionControlContract,
 } from './permission_control/client';
+import { WorkspaceIdConsumerWrapper } from './saved_objects/workspace_id_consumer_wrapper';
 
 export class WorkspacePlugin implements Plugin<WorkspacePluginSetup, WorkspacePluginStart> {
   private readonly logger: Logger;
@@ -47,6 +53,9 @@ export class WorkspacePlugin implements Plugin<WorkspacePluginSetup, WorkspacePl
       );
 
       if (workspaceId) {
+        updateWorkspaceState(request, {
+          requestWorkspaceId: workspaceId,
+        });
         const requestUrl = new URL(request.url.toString());
         requestUrl.pathname = cleanWorkspaceId(requestUrl.pathname);
         return toolkit.rewriteUrl(requestUrl.toString());
@@ -78,6 +87,12 @@ export class WorkspacePlugin implements Plugin<WorkspacePluginSetup, WorkspacePl
       this.workspaceConflictControl.wrapperFactory
     );
 
+    core.savedObjects.addClientWrapper(
+      -2,
+      WORKSPACE_ID_CONSUMER_WRAPPER_ID,
+      new WorkspaceIdConsumerWrapper().wrapperFactory
+    );
+
     this.logger.info('Workspace permission control enabled:' + isPermissionControlEnabled);
     if (isPermissionControlEnabled) {
       this.permissionControl = new SavedObjectsPermissionControl(this.logger);