Skip to content

Commit e4593d2

Browse files
Neo opensource patc
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
1 parent 2151e12 commit e4593d2

File tree

1 file changed

+280
-0
lines changed

1 file changed

+280
-0
lines changed

opensource.patch

Lines changed: 280 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,280 @@
1+
diff --git a/common/index.ts b/common/index.ts
2+
index b33c099..84abfd2 100644
3+
--- a/common/index.ts
4+
+++ b/common/index.ts
5+
@@ -65,6 +65,8 @@ export const ESTIMATED_IRON_COOKIE_OVERHEAD = 1.5;
6+
7+
export const LOCAL_CLUSTER_ID = '';
8+
9+
+export const MAX_CHARS_GENERAL_STRING_FIELDS = 254; // RFC 5321
10+
+
11+
export enum AuthType {
12+
BASIC = 'basicauth',
13+
OPEN_ID = 'openid',
14+
diff --git a/public/apps/configuration/constants.tsx b/public/apps/configuration/constants.tsx
15+
index a1a79cb..0deef7d 100644
16+
--- a/public/apps/configuration/constants.tsx
17+
+++ b/public/apps/configuration/constants.tsx
18+
@@ -432,3 +432,7 @@ export const MIN_NUMBER_OF_CHARS_IN_RESOURCE_NAME = 2;
19+
export const MAX_NUMBER_OF_CHARS_IN_RESOURCE_NAME = 50;
20+
21+
export const LIMIT_WIDTH_INPUT_CLASS = 'limit-width-input';
22+
+
23+
+export const MAX_CHARS_GENERAL_STRING_FIELDS = 254; // RFC 5321
24+
+
25+
+
26+
diff --git a/public/apps/configuration/panels/internal-user-edit/backend-role-panel.tsx b/public/apps/configuration/panels/internal-user-edit/backend-role-panel.tsx
27+
index 2176b72..cfbef55 100644
28+
--- a/public/apps/configuration/panels/internal-user-edit/backend-role-panel.tsx
29+
+++ b/public/apps/configuration/panels/internal-user-edit/backend-role-panel.tsx
30+
@@ -20,6 +20,7 @@ import {
31+
EuiFlexItem,
32+
EuiSpacer,
33+
EuiCompressedFormRow,
34+
+ EuiTextColor,
35+
} from '@elastic/eui';
36+
import { isEmpty } from 'lodash';
37+
import React, { Dispatch, Fragment, SetStateAction, useState } from 'react';
38+
@@ -29,7 +30,8 @@ import {
39+
updateElementInArrayHandler,
40+
} from '../../utils/array-state-utils';
41+
import { PanelWithHeader } from '../../utils/panel-with-header';
42+
-import { DocLinks, LIMIT_WIDTH_INPUT_CLASS } from '../../constants';
43+
+import { DocLinks, LIMIT_WIDTH_INPUT_CLASS, MAX_CHARS_GENERAL_STRING_FIELDS } from '../../constants';
44+
+import { i18n } from '@osd/i18n';
45+
46+
function generateBackendRolesPanels(
47+
backendRoles: string[],
48+
@@ -39,17 +41,31 @@ function generateBackendRolesPanels(
49+
setRoleEmptyErrorMessage: Dispatch<SetStateAction<string>>
50+
) {
51+
const panels = backendRoles.map((backendRole, arrayIndex) => {
52+
+ const leftCharacters = MAX_CHARS_GENERAL_STRING_FIELDS - (backendRole.length);
53+
+ const charactersOverflow = leftCharacters < 0;
54+
return (
55+
<Fragment key={`backend-role-${arrayIndex}`}>
56+
<EuiFlexGroup>
57+
<EuiFlexItem className={LIMIT_WIDTH_INPUT_CLASS}>
58+
<EuiCompressedFormRow
59+
- label={arrayIndex === 0 ? 'Backend role' : ''}
60+
- error={roleEmptyErrorMessage}
61+
- isInvalid={arrayIndex === emptyRoleIndex && !isEmpty(roleEmptyErrorMessage)}
62+
- >
63+
+ label={arrayIndex === 0 ? 'Backend role' : ''}
64+
+ error={roleEmptyErrorMessage}
65+
+ isInvalid={(arrayIndex === emptyRoleIndex && !isEmpty(roleEmptyErrorMessage)) || charactersOverflow}
66+
+ helpText={
67+
+ <>
68+
+ <EuiTextColor color={charactersOverflow ? 'danger' : 'subdued'}>
69+
+ {i18n.translate('security.rolesMapping.backendRoles.charactersLeft', {
70+
+ defaultMessage: '{leftCharacters} characters left.',
71+
+ values: {
72+
+ leftCharacters,
73+
+ },
74+
+ })}
75+
+ </EuiTextColor>
76+
+ </>
77+
+ }
78+
+ >
79+
<EuiCompressedFieldText
80+
- isInvalid={arrayIndex === emptyRoleIndex && !isEmpty(roleEmptyErrorMessage)}
81+
+ isInvalid={(arrayIndex === emptyRoleIndex && !isEmpty(roleEmptyErrorMessage)) || (backendRole.length > MAX_CHARS_GENERAL_STRING_FIELDS)}
82+
id={`backend-role-${arrayIndex}`}
83+
value={backendRole}
84+
onChange={(e) => {
85+
diff --git a/public/apps/configuration/panels/role-list.tsx b/public/apps/configuration/panels/role-list.tsx
86+
index 11e4cbf..f6d78fb 100644
87+
--- a/public/apps/configuration/panels/role-list.tsx
88+
+++ b/public/apps/configuration/panels/role-list.tsx
89+
@@ -91,11 +91,6 @@ const columns: Array<EuiBasicTableColumn<RoleListing>> = [
90+
name: 'Backend roles',
91+
render: truncatedListView(tableItemsUIProps),
92+
},
93+
- {
94+
- field: 'tenantPermissions',
95+
- name: 'Tenants',
96+
- render: truncatedListView(tableItemsUIProps),
97+
- },
98+
{
99+
field: 'reserved',
100+
name: 'Customization',
101+
@@ -235,13 +230,6 @@ export function RoleList(props: AppDependencies) {
102+
multiSelect: 'or',
103+
options: buildSearchFilterOptions(roleData, 'backendRoles'),
104+
},
105+
- {
106+
- type: 'field_value_selection',
107+
- field: 'tenantPermissions',
108+
- name: 'Tenants',
109+
- multiSelect: 'or',
110+
- options: buildSearchFilterOptions(roleData, 'tenantPermissions'),
111+
- },
112+
{
113+
type: 'field_value_selection',
114+
field: 'reserved',
115+
@@ -283,7 +271,7 @@ export function RoleList(props: AppDependencies) {
116+
Roles are the core way of controlling access to your cluster. Roles contain any
117+
combination of cluster-wide permission, index-
118+
<br />
119+
- specific permissions, document- and field-level security, and tenants. Then you map users
120+
+ specific permissions, document- and field-level security. Then you map users
121+
to these roles so that users <br />
122+
gain those permissions. <ExternalLink href={DocLinks.UsersAndRolesDoc} />
123+
</EuiText>
124+
@@ -334,7 +322,7 @@ export function RoleList(props: AppDependencies) {
125+
<EuiText size="xs" color="subdued">
126+
Roles are the core way of controlling access to your cluster. Roles contain any
127+
combination of cluster-wide permission, index-specific permissions, document- and
128+
- field-level security, and tenants. Then you map users to these roles so that users
129+
+ field-level security. Then you map users to these roles so that users
130+
gain those permissions. <ExternalLink href={DocLinks.UsersAndRolesDoc} />
131+
</EuiText>
132+
</EuiPageContentHeaderSection>
133+
diff --git a/public/apps/configuration/panels/role-mapping/external-identities-panel.tsx b/public/apps/configuration/panels/role-mapping/external-identities-panel.tsx
134+
index 73ccd43..d1c9763 100644
135+
--- a/public/apps/configuration/panels/role-mapping/external-identities-panel.tsx
136+
+++ b/public/apps/configuration/panels/role-mapping/external-identities-panel.tsx
137+
@@ -21,6 +21,7 @@ import {
138+
EuiSmallButton,
139+
EuiCompressedFormRow,
140+
EuiSpacer,
141+
+ EuiTextColor,
142+
} from '@elastic/eui';
143+
import { isEmpty, map } from 'lodash';
144+
import { PanelWithHeader } from '../../utils/panel-with-header';
145+
@@ -31,7 +32,8 @@ import {
146+
updateElementInArrayHandler,
147+
} from '../../utils/array-state-utils';
148+
import { ExternalIdentityStateClass } from './types';
149+
-import { DocLinks } from '../../constants';
150+
+import { DocLinks, MAX_CHARS_GENERAL_STRING_FIELDS } from '../../constants';
151+
+import { i18n } from '@osd/i18n';
152+
153+
export function unbuildExternalIdentityState(
154+
externalIdentities: ExternalIdentityStateClass[]
155+
@@ -67,18 +69,35 @@ export function ExternalIdentitiesPanel(props: {
156+
const onValueChangeHandler = (externalIdentityToUpdate: string) =>
157+
updateElementInArrayHandler(setExternalIdentities, [arrayIndex, externalIdentityToUpdate]);
158+
159+
+ const leftCharacters = MAX_CHARS_GENERAL_STRING_FIELDS - (externalIdentity.externalIdentity.length);
160+
+ const charactersOverflow = leftCharacters < 0;
161+
return (
162+
<Fragment key={`externalIdentity-${arrayIndex}`}>
163+
<EuiFlexGroup>
164+
<EuiFlexItem style={{ maxWidth: '400px' }}>
165+
- <FormRow headerText={arrayIndex === 0 ? 'Backend roles' : ''}>
166+
+ <EuiCompressedFormRow
167+
+ label={arrayIndex === 0 ? 'Backend roles' : ''}
168+
+ helpText={
169+
+ <>
170+
+ <EuiTextColor color={charactersOverflow ? 'danger' : 'subdued'}>
171+
+ {i18n.translate('security.rolesMapping.backendRoles.charactersLeft', {
172+
+ defaultMessage: '{leftCharacters} characters left.',
173+
+ values: {
174+
+ leftCharacters,
175+
+ },
176+
+ })}
177+
+ </EuiTextColor>
178+
+ </>
179+
+ }
180+
+ isInvalid={charactersOverflow}
181+
+ >
182+
<EuiCompressedFieldText
183+
id={`externalIdentity-${arrayIndex}`}
184+
value={externalIdentity.externalIdentity}
185+
onChange={(e) => onValueChangeHandler('externalIdentity')(e.target.value)}
186+
placeholder="Type in backend role"
187+
/>
188+
- </FormRow>
189+
+ </EuiCompressedFormRow>
190+
</EuiFlexItem>
191+
<EuiFlexItem grow={false}>
192+
<EuiCompressedFormRow hasEmptyLabelSpace={arrayIndex === 0 ? true : false}>
193+
diff --git a/public/apps/configuration/panels/role-mapping/role-edit-mapped-user.tsx b/public/apps/configuration/panels/role-mapping/role-edit-mapped-user.tsx
194+
index 1c77265..687a1c8 100644
195+
--- a/public/apps/configuration/panels/role-mapping/role-edit-mapped-user.tsx
196+
+++ b/public/apps/configuration/panels/role-mapping/role-edit-mapped-user.tsx
197+
@@ -46,6 +46,7 @@ import { SecurityPluginTopNavMenu } from '../../top-nav-menu';
198+
import { DataSourceContext } from '../../app-router';
199+
import { getClusterInfo } from '../../../../utils/datasource-utils';
200+
import { PageHeader } from '../../header/header-components';
201+
+import { constructErrorMessageAndLog } from '../../../error-utils';
202+
203+
interface RoleEditMappedUserProps extends BreadcrumbsPageDependencies {
204+
roleName: string;
205+
@@ -147,7 +148,7 @@ export function RoleEditMappedUser(props: RoleEditMappedUserProps) {
206+
);
207+
} catch (e) {
208+
if (e.message) {
209+
- addToast(createErrorToast('saveRoleMappingFailed', 'save error', e.message));
210+
+ addToast(createErrorToast('saveRoleMappingFailed', 'save error', constructErrorMessageAndLog(e, '')));
211+
} else {
212+
addToast(createUnknownErrorToast('saveRoleMappingFailed', 'save ' + props.roleName));
213+
console.error(e);
214+
diff --git a/public/apps/configuration/panels/role-mapping/users-panel.tsx b/public/apps/configuration/panels/role-mapping/users-panel.tsx
215+
index 19e1fb1..5c52162 100644
216+
--- a/public/apps/configuration/panels/role-mapping/users-panel.tsx
217+
+++ b/public/apps/configuration/panels/role-mapping/users-panel.tsx
218+
@@ -22,7 +22,7 @@ import { buildHashUrl } from '../../utils/url-builder';
219+
import { Action } from '../../types';
220+
import { ResourceType } from '../../../../../common';
221+
import { ExternalLinkButton } from '../../utils/display-utils';
222+
-import { DocLinks } from '../../constants';
223+
+import { DocLinks, MAX_CHARS_GENERAL_STRING_FIELDS } from '../../constants';
224+
import { appendOptionToComboBoxHandler } from '../../utils/combo-box-utils';
225+
226+
export function InternalUsersPanel(props: {
227+
@@ -43,7 +43,7 @@ export function InternalUsersPanel(props: {
228+
<EuiForm>
229+
<FormRow
230+
headerText="Users"
231+
- helpText="Look up by user name. You can also create new internal user or enter external user."
232+
+ helpText={"Look up by user name. You can also create new internal user or enter external user. External user name should not exceed " + MAX_CHARS_GENERAL_STRING_FIELDS + " chars."}
233+
>
234+
<EuiFlexGroup>
235+
<EuiFlexItem style={{ maxWidth: '400px' }}>
236+
@@ -51,7 +51,9 @@ export function InternalUsersPanel(props: {
237+
options={optionUniverse}
238+
selectedOptions={state}
239+
onChange={setState}
240+
- onCreateOption={appendOptionToComboBoxHandler(setState, [])}
241+
+ onCreateOption={(e) => {
242+
+ e.length <= MAX_CHARS_GENERAL_STRING_FIELDS && appendOptionToComboBoxHandler(setState, [], e);
243+
+ }}
244+
/>
245+
</EuiFlexItem>
246+
<EuiFlexItem grow={false}>
247+
diff --git a/server/routes/index.ts b/server/routes/index.ts
248+
index fcb0704..35d1cd7 100644
249+
--- a/server/routes/index.ts
250+
+++ b/server/routes/index.ts
251+
@@ -22,14 +22,14 @@ import {
252+
RequestHandlerContext,
253+
OpenSearchDashboardsRequest,
254+
} from 'opensearch-dashboards/server';
255+
-import { API_PREFIX, CONFIGURATION_API_PREFIX, isValidResourceName } from '../../common';
256+
+import { API_PREFIX, CONFIGURATION_API_PREFIX, isValidResourceName, MAX_CHARS_GENERAL_STRING_FIELDS } from '../../common';
257+
258+
// TODO: consider to extract entity CRUD operations and put it into a client class
259+
export function defineRoutes(router: IRouter, dataSourceEnabled: boolean) {
260+
const internalUserSchema = schema.object({
261+
description: schema.maybe(schema.string()),
262+
password: schema.maybe(schema.string()),
263+
- backend_roles: schema.arrayOf(schema.string(), { defaultValue: [] }),
264+
+ backend_roles: schema.arrayOf(schema.string({maxLength: MAX_CHARS_GENERAL_STRING_FIELDS}), { defaultValue: [] }),
265+
attributes: schema.any({ defaultValue: {} }),
266+
});
267+
268+
@@ -46,9 +46,9 @@ export function defineRoutes(router: IRouter, dataSourceEnabled: boolean) {
269+
270+
const roleMappingSchema = schema.object({
271+
description: schema.maybe(schema.string()),
272+
- backend_roles: schema.arrayOf(schema.string(), { defaultValue: [] }),
273+
- hosts: schema.arrayOf(schema.string(), { defaultValue: [] }),
274+
- users: schema.arrayOf(schema.string(), { defaultValue: [] }),
275+
+ backend_roles: schema.arrayOf(schema.string({maxLength: MAX_CHARS_GENERAL_STRING_FIELDS}), { defaultValue: [] }),
276+
+ hosts: schema.arrayOf(schema.string({maxLength: MAX_CHARS_GENERAL_STRING_FIELDS}), { defaultValue: [] }),
277+
+ users: schema.arrayOf(schema.string({maxLength: MAX_CHARS_GENERAL_STRING_FIELDS}), { defaultValue: [] }),
278+
});
279+
280+
const roleSchema = schema.object({

0 commit comments

Comments
 (0)