Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change response for Saved Objects share/unshare operations #74995

Merged
merged 4 commits into from
Aug 20, 2020
Merged

Change response for Saved Objects share/unshare operations #74995

merged 4 commits into from
Aug 20, 2020

Conversation

jportner
Copy link
Contributor

Resolves #74989.

Overview

This makes two changes:

  1. Updates SavedObjectsRepository's addToNamespaces/deleteFromNamespaces methods to return an object's namespaces array
  2. Updates the SecureSavedObjectsClientWrapper to check privileges and filter (redact) any namespaces that the user is not authorized to view

I intentionally left the external APIs unchanged; these will still return an empty HTTP 204 result. My reasoning is that external consumers do not need this information and it would require several changes to integration tests. We only need this change to support an internal consumer (audit logging).

@jportner jportner added v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.10.0 labels Aug 13, 2020
@jportner jportner requested a review from a team August 13, 2020 20:53
@jportner jportner mentioned this pull request Aug 13, 2020
Merged
4 tasks
legrego
legrego approved these changes Aug 14, 2020
View reviewed changes
Copy link
Member

@legrego legrego left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I intentionally left the external APIs unchanged; these will still return an empty HTTP 204 result. My reasoning is that external consumers do not need this information and it would require several changes to integration tests. We only need this change to support an internal consumer (audit logging).

I was initially going to push back on this because we'd be missing the runtime guarantees that we're redacting the namespaces properly, but we do have API tests to verify that we get an empty response back at the API level.

So tl;dr LGTM!

@jportner jportner requested a review from a team August 14, 2020 12:30
@jportner
Copy link
Contributor Author

@elasticmachine merge upstream

@jportner
Copy link
Contributor Author

@elasticmachine merge upstream

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Build metrics

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

pgayvallet
pgayvallet approved these changes Aug 20, 2020
View reviewed changes
Copy link
Contributor

@pgayvallet pgayvallet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM for platform changes

@jportner jportner merged commit 4dd5d63 into elastic:master Aug 20, 2020
@jportner jportner mentioned this pull request Aug 20, 2020
Merged
@jportner jportner deleted the issue-74989-saved-object-share-results branch August 20, 2020 12:36
jportner added a commit that referenced this pull request Aug 20, 2020
@jportner
Change response for Saved Objects share/unshare operations (#74995) (#…
0223c3a 
…75545)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@legrego legrego legrego approved these changes

@pgayvallet pgayvallet pgayvallet approved these changes

Assignees
No one assigned
Labels
backported release_note:skip Skip the PR/issue when compiling release notes v7.10.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Provide results when Saved Objects are shared or unshared
5 participants
@jportner @kibanamachine @pgayvallet @legrego @elasticmachine