Skip to content

Commit

Permalink
[DataSource] Restrict to manage data source on the DSM UI (opensearch…
Browse files Browse the repository at this point in the history
…-project#7214)

* restrict to edit data source on the UI

Signed-off-by: yubonluo <yubonluo@amazon.com>

* Changeset file for PR opensearch-project#7214 created/updated

* restrict user to edit data source in management page

Signed-off-by: yubonluo <yubonluo@amazon.com>

* optimize the code

Signed-off-by: yubonluo <yubonluo@amazon.com>

* optimize the code

Signed-off-by: yubonluo <yubonluo@amazon.com>

* optimize the code

Signed-off-by: yubonluo <yubonluo@amazon.com>

---------

Signed-off-by: yubonluo <yubonluo@amazon.com>
Co-authored-by: opensearch-changeset-bot[bot] <154024398+opensearch-changeset-bot[bot]@users.noreply.github.com>
  • Loading branch information
yubonluo and opensearch-changeset-bot[bot] authored Jul 17, 2024
1 parent d67d6ba commit 41900a0
Show file tree
Hide file tree
Showing 17 changed files with 1,278 additions and 31 deletions.
2 changes: 2 additions & 0 deletions changelogs/fragments/7214.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
feat:
- [DataSource] Restrict to edit data source on the DSM UI. ([#7214](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/7214))
6 changes: 6 additions & 0 deletions config/opensearch_dashboards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -321,6 +321,12 @@
# AWSSigV4:
# enabled: true

# Optional setting that controls the permissions of data source to create, update and delete.
# "none": The data source is readonly for all users.
# "dashboard_admin": The data source can only be managed by dashboard admin.
# "all": The data source can be managed by all users. Default to "all".
# data_source.manageableBy: "all"

# Set the value of this setting to false to hide the help menu link to the OpenSearch Dashboards user survey
# opensearchDashboards.survey.url: "https://survey.opensearch.org"

Expand Down
6 changes: 6 additions & 0 deletions src/plugins/data_source/common/data_sources/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -60,3 +60,9 @@ export enum DataSourceEngineType {
Elasticsearch = 'Elasticsearch',
NA = 'No Engine Type Available',
}

export enum ManageableBy {
All = 'all',
DashboardAdmin = 'dashboard_admin',
None = 'none',
}
4 changes: 4 additions & 0 deletions src/plugins/data_source/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,10 @@ export const configSchema = schema.object({
enabled: schema.boolean({ defaultValue: true }),
}),
}),
manageableBy: schema.oneOf(
[schema.literal('all'), schema.literal('dashboard_admin'), schema.literal('none')],
{ defaultValue: 'all' }
),
});

export type DataSourcePluginConfigType = TypeOf<typeof configSchema>;
21 changes: 21 additions & 0 deletions src/plugins/data_source/server/plugin.ts
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ import { registerTestConnectionRoute } from './routes/test_connection';
import { registerFetchDataSourceMetaDataRoute } from './routes/fetch_data_source_metadata';
import { AuthenticationMethodRegistry, IAuthenticationMethodRegistry } from './auth_registry';
import { CustomApiSchemaRegistry } from './schema_registry';
import { ManageableBy } from '../common/data_sources';
import { getWorkspaceState } from '../../../../src/core/server/utils';

export class DataSourcePlugin implements Plugin<DataSourcePluginSetup, DataSourcePluginStart> {
private readonly logger: Logger;
Expand Down Expand Up @@ -81,6 +83,25 @@ export class DataSourcePlugin implements Plugin<DataSourcePluginSetup, DataSourc
dataSourceSavedObjectsClientWrapper.wrapperFactory
);

const { manageableBy } = config;
core.capabilities.registerProvider(() => ({
dataSource: {
canManage: false,
},
}));

core.capabilities.registerSwitcher((request) => {
const { requestWorkspaceId, isDashboardAdmin } = getWorkspaceState(request);
// User can not manage data source in the workspace.
const canManage =
(manageableBy === ManageableBy.All && !requestWorkspaceId) ||
(manageableBy === ManageableBy.DashboardAdmin &&
isDashboardAdmin !== false &&
!requestWorkspaceId);

return { dataSource: { canManage } };
});

core.logging.configure(
this.config$.pipe<LoggerContextConfigInput>(
map((dataSourceConfig) => ({
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ describe('DataSourceHomePanel', () => {
http: {},
savedObjects: {},
uiSettings: {},
application: { capabilities: { dataSource: { canManage: true } } },
},
};

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,17 @@ export const DataSourceHomePanel: React.FC<DataSourceHomePanelProps> = ({
featureFlagStatus,
...props
}) => {
const { setBreadcrumbs, notifications, http, savedObjects, uiSettings } = useOpenSearchDashboards<
DataSourceManagementContext
>().services;
const {
setBreadcrumbs,
notifications,
http,
savedObjects,
uiSettings,
application,
} = useOpenSearchDashboards<DataSourceManagementContext>().services;

const [selectedTabId, setSelectedTabId] = useState('manageDirectQueryDataSources');
const canManageDataSource = !!application.capabilities?.dataSource?.canManage;

useEffect(() => {
setBreadcrumbs(getListBreadcrumbs());
Expand Down Expand Up @@ -80,9 +86,11 @@ export const DataSourceHomePanel: React.FC<DataSourceHomePanelProps> = ({
<EuiFlexItem grow={false}>
<DataSourceHeader history={props.history} />
</EuiFlexItem>
<EuiFlexItem grow={false}>
<CreateButton history={props.history} dataTestSubj="createDataSourceButton" />
</EuiFlexItem>
{canManageDataSource ? (
<EuiFlexItem grow={false}>
<CreateButton history={props.history} dataTestSubj="createDataSourceButton" />
</EuiFlexItem>
) : null}
</EuiFlexGroup>
</EuiPageHeader>
</EuiFlexItem>
Expand Down
Loading

0 comments on commit 41900a0

Please sign in to comment.