Skip to content

Commit

Permalink
Fix tenant label for custom tenant when both Global and Private tenan… (
Browse files Browse the repository at this point in the history
#1277)

* Fix tenant label for custom tenant when both Global and Private tenants are disabled

Signed-off-by: Ryan Liang <[email protected]>
(cherry picked from commit 1cffd90)
  • Loading branch information
RyanL1997 authored and github-actions[bot] committed Dec 22, 2022
1 parent f728d33 commit 198fd97
Show file tree
Hide file tree
Showing 2 changed files with 70 additions and 3 deletions.
16 changes: 13 additions & 3 deletions server/multitenancy/tenant_resolver.ts
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import { isEmpty, findKey, cloneDeep } from 'lodash';
import { OpenSearchDashboardsRequest } from '../../../../src/core/server';
import { SecuritySessionCookie } from '../session/security_cookie';
import { SecurityPluginConfigType } from '..';
import { GLOBAL_TENANT_SYMBOL, PRIVATE_TENANT_SYMBOL } from '../../common';
import { GLOBAL_TENANT_SYMBOL, PRIVATE_TENANT_SYMBOL, globalTenantName } from '../../common';

export const PRIVATE_TENANTS: string[] = [PRIVATE_TENANT_SYMBOL, 'private'];
export const GLOBAL_TENANTS: string[] = ['global', GLOBAL_TENANT_SYMBOL];
Expand Down Expand Up @@ -79,7 +79,7 @@ export function resolveTenant(
);
}

function resolve(
export function resolve(
username: string,
requestedTenant: string | undefined,
preferredTenants: string[] | undefined,
Expand Down Expand Up @@ -143,7 +143,17 @@ function resolve(
return PRIVATE_TENANT_SYMBOL;
}

// fall back to the first tenant in the available tenants
/**
* Fall back to the first tenant in the available tenants
* Under the condition of enabling multitenancy, if the user has disabled both 'Global' and 'Private' tenants:
* it will remove the default global tenant key for custom tenant.
*/
if (
Object.keys(availableTenantsClone).length > 1 &&
availableTenantsClone.hasOwnProperty(globalTenantName)
) {
delete availableTenantsClone[globalTenantName];
}
return findKey(availableTenantsClone, () => true);
}

Expand Down
57 changes: 57 additions & 0 deletions server/multitenancy/test/tenant_resolver.test.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
/*
* Copyright OpenSearch Contributors
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/

import { resolve } from '../tenant_resolver';

describe("Resolve tenants when multitenancy is enabled and both 'Global' and 'Private' tenants are disabled", () => {
function resolveWithConfig(config: any) {
return resolve(
config.username,
config.requestedTenant,
config.preferredTenants,
config.availableTenants,
config.globalTenantEnabled,
config.privateTenantEnabled
);
}

it('Resolve tenant with custom tenants, Global and Private disabled', () => {
const adminConfig = {
username: 'admin',
requestedTenant: 'admin_tenant',
preferredTenants: undefined,
availableTenants: { global_tenant: true, admin_tenant: true, test_tenant: true, admin: true },
globalTenantEnabled: false,
privateTenantEnabled: false,
};

const adminResult = resolveWithConfig(adminConfig);
expect(adminResult).toEqual('admin_tenant');
});

it('Resolve tenant without custom tenants, Global and Private disabled', () => {
const nonadminConfig = {
username: 'testuser',
requestedTenant: undefined,
preferredTenants: undefined,
availableTenants: { global_tenant: true, testuser: true },
globalTenantEnabled: false,
privateTenantEnabled: false,
};

const nonadminResult = resolveWithConfig(nonadminConfig);
expect(nonadminResult).toEqual('global_tenant');
});
});

0 comments on commit 198fd97

Please sign in to comment.