diff --git a/src/core/server/saved_objects/migrations/core/build_active_mappings.ts b/src/core/server/saved_objects/migrations/core/build_active_mappings.ts index 05fb534f7a11..a14c33694811 100644 --- a/src/core/server/saved_objects/migrations/core/build_active_mappings.ts +++ b/src/core/server/saved_objects/migrations/core/build_active_mappings.ts @@ -186,18 +186,18 @@ function defaultMapping(): IndexMapping { }, }, }, - workspaces: { - type: 'keyword', - }, - permissions: { - properties: { - read: principals, - write: principals, - management: principals, - library_read: principals, - library_write: principals, - }, - }, + // workspaces: { + // type: 'keyword', + // }, + // permissions: { + // properties: { + // read: principals, + // write: principals, + // management: principals, + // library_read: principals, + // library_write: principals, + // }, + // }, }, }; } diff --git a/src/core/server/saved_objects/types.ts b/src/core/server/saved_objects/types.ts index 90ffcd311fca..b59add586100 100644 --- a/src/core/server/saved_objects/types.ts +++ b/src/core/server/saved_objects/types.ts @@ -29,7 +29,7 @@ */ import { SavedObjectsClient } from './service/saved_objects_client'; -import { SavedObjectsTypeMappingDefinition } from './mappings'; +import { SavedObjectsFieldMapping, SavedObjectsTypeMappingDefinition } from './mappings'; import { SavedObjectMigrationMap } from './migrations'; export { @@ -246,7 +246,7 @@ export interface SavedObjectsType { /** * The {@link SavedObjectsTypeMappingDefinition | mapping definition} for the type. */ - mappings: SavedObjectsTypeMappingDefinition; + mappings: SavedObjectsTypeMappingDefinition | SavedObjectsFieldMapping; /** * An optional map of {@link SavedObjectMigrationFn | migrations} to be used to migrate the type. */ diff --git a/src/plugins/workspace/server/plugin.ts b/src/plugins/workspace/server/plugin.ts index edf785b4a322..76127a38f567 100644 --- a/src/plugins/workspace/server/plugin.ts +++ b/src/plugins/workspace/server/plugin.ts @@ -24,6 +24,7 @@ import { import { registerPermissionCheckRoutes } from './permission_control/routes'; import { ConfigSchema } from '../config'; import { cleanWorkspaceId, getWorkspaceIdFromUrl } from '../../../core/server/utils'; +import { permission, workspaces } from './saved_objects/workspace'; export class WorkspacePlugin implements Plugin<{}, {}> { private readonly logger: Logger; @@ -59,6 +60,8 @@ export class WorkspacePlugin implements Plugin<{}, {}> { config.permission.enabled === undefined ? true : config.permission.enabled; this.client = new WorkspaceClientWithSavedObject(core, this.logger); + core.savedObjects.registerType(permission); + core.savedObjects.registerType(workspaces); await this.client.setup(core); diff --git a/src/plugins/workspace/server/saved_objects/workspace.ts b/src/plugins/workspace/server/saved_objects/workspace.ts index 7ff018a31dd1..e351b56321a4 100644 --- a/src/plugins/workspace/server/saved_objects/workspace.ts +++ b/src/plugins/workspace/server/saved_objects/workspace.ts @@ -3,7 +3,11 @@ * SPDX-License-Identifier: Apache-2.0 */ -import { SavedObjectsType, WORKSPACE_TYPE } from '../../../../core/server'; +import { + SavedObjectsFieldMapping, + SavedObjectsType, + WORKSPACE_TYPE, +} from '../../../../core/server'; export const workspace: SavedObjectsType = { name: WORKSPACE_TYPE, @@ -42,3 +46,47 @@ export const workspace: SavedObjectsType = { }, }, }; + +const principals: SavedObjectsFieldMapping = { + properties: { + users: { + type: 'keyword', + }, + groups: { + type: 'keyword', + }, + }, +}; +export const permission: SavedObjectsType = { + name: 'permission', + namespaceType: 'agnostic', + /** + * Disable operation by using saved objects APIs on workspace metadata + */ + hidden: true, + /** + * workspace won't appear in management page. + */ + mappings: { + dynamic: false, + properties: { + read: principals, + write: principals, + management: principals, + library_read: principals, + library_write: principals, + }, + }, +}; + +export const workspaces: SavedObjectsType = { + name: 'workspaces', + namespaceType: 'agnostic', + /** + * Disable operation by using saved objects APIs on workspace metadata + */ + hidden: true, + mappings: { + type: 'keyword', + }, +};