From 770a26ac25bd1205f9d775436f06e01c441bb445 Mon Sep 17 00:00:00 2001
From: Ryan Liang <jiallian@amazon.com>
Date: Tue, 20 Dec 2022 13:33:08 -0500
Subject: [PATCH 1/3] Fix tenant label for custom tenant when both Global and
 Private tenants are disabled

Signed-off-by: Ryan Liang <jiallian@amazon.com>
---
 server/multitenancy/tenant_resolver.ts | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/server/multitenancy/tenant_resolver.ts b/server/multitenancy/tenant_resolver.ts
index 9a2ad989d..9194b2d02 100755
--- a/server/multitenancy/tenant_resolver.ts
+++ b/server/multitenancy/tenant_resolver.ts
@@ -17,7 +17,7 @@ import { isEmpty, findKey, cloneDeep } from 'lodash';
 import { OpenSearchDashboardsRequest } from '../../../../src/core/server';
 import { SecuritySessionCookie } from '../session/security_cookie';
 import { SecurityPluginConfigType } from '..';
-import { GLOBAL_TENANT_SYMBOL, PRIVATE_TENANT_SYMBOL } from '../../common';
+import { GLOBAL_TENANT_SYMBOL, PRIVATE_TENANT_SYMBOL, globalTenantName } from '../../common';
 
 export const PRIVATE_TENANTS: string[] = [PRIVATE_TENANT_SYMBOL, 'private'];
 export const GLOBAL_TENANTS: string[] = ['global', GLOBAL_TENANT_SYMBOL];
@@ -143,7 +143,18 @@ function resolve(
     return PRIVATE_TENANT_SYMBOL;
   }
 
-  // fall back to the first tenant in the available tenants
+  /**
+   * fall back to the first tenant in the available tenants
+   * Under the condition of enabling multitenancy, if the user has disabled both 'Global' and 'Private' tenants:
+   * it will remove the default global tenant key for custom tenant.
+   */
+  if (
+    Object.keys(availableTenantsClone).length > 1 &&
+    availableTenantsClone.hasOwnProperty(globalTenantName)
+  ) {
+    delete availableTenantsClone[globalTenantName];
+    return findKey(availableTenantsClone, () => true);
+  }
   return findKey(availableTenantsClone, () => true);
 }
 

From 56dd695180e8d6eda8b1b0b1dbdfe8df9dcd23f0 Mon Sep 17 00:00:00 2001
From: Ryan Liang <jiallian@amazon.com>
Date: Wed, 21 Dec 2022 13:23:29 -0500
Subject: [PATCH 2/3] Update the distribution version for Prerequisite test

Signed-off-by: Ryan Liang <jiallian@amazon.com>
---
 server/multitenancy/tenant_resolver.ts        |  5 +-
 .../multitenancy/test/tenant_resolver.test.ts | 57 +++++++++++++++++++
 2 files changed, 59 insertions(+), 3 deletions(-)
 create mode 100644 server/multitenancy/test/tenant_resolver.test.ts

diff --git a/server/multitenancy/tenant_resolver.ts b/server/multitenancy/tenant_resolver.ts
index 9194b2d02..7894e49db 100755
--- a/server/multitenancy/tenant_resolver.ts
+++ b/server/multitenancy/tenant_resolver.ts
@@ -79,7 +79,7 @@ export function resolveTenant(
   );
 }
 
-function resolve(
+export function resolve(
   username: string,
   requestedTenant: string | undefined,
   preferredTenants: string[] | undefined,
@@ -144,7 +144,7 @@ function resolve(
   }
 
   /**
-   * fall back to the first tenant in the available tenants
+   * Fall back to the first tenant in the available tenants
    * Under the condition of enabling multitenancy, if the user has disabled both 'Global' and 'Private' tenants:
    * it will remove the default global tenant key for custom tenant.
    */
@@ -153,7 +153,6 @@ function resolve(
     availableTenantsClone.hasOwnProperty(globalTenantName)
   ) {
     delete availableTenantsClone[globalTenantName];
-    return findKey(availableTenantsClone, () => true);
   }
   return findKey(availableTenantsClone, () => true);
 }
diff --git a/server/multitenancy/test/tenant_resolver.test.ts b/server/multitenancy/test/tenant_resolver.test.ts
new file mode 100644
index 000000000..29b563efd
--- /dev/null
+++ b/server/multitenancy/test/tenant_resolver.test.ts
@@ -0,0 +1,57 @@
+/*
+ *   Copyright OpenSearch Contributors
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License").
+ *   You may not use this file except in compliance with the License.
+ *   A copy of the License is located at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   or in the "license" file accompanying this file. This file is distributed
+ *   on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ *   express or implied. See the License for the specific language governing
+ *   permissions and limitations under the License.
+ */
+
+import { resolve } from '../tenant_resolver';
+
+describe("Resolve tenants when multitenancy is enabled and both 'Global' and 'Private' tenants are disabled", () => {
+  function resolveWithConfig(config: any) {
+    return resolve(
+      config.username,
+      config.requestedTenant,
+      config.preferredTenants,
+      config.availableTenants,
+      config.globalTenantEnabled,
+      config.privateTenantEnabled
+    );
+  }
+
+  it('Resolve tenants list for admin user', () => {
+    const adminConfig = {
+      username: 'admin',
+      requestedTenant: 'admin_tenant',
+      preferredTenants: undefined,
+      availableTenants: { global_tenant: true, admin_tenant: true, test_tenant: true, admin: true },
+      globalTenantEnabled: false,
+      privateTenantEnabled: false,
+    };
+
+    const adminResult = resolveWithConfig(adminConfig);
+    expect(adminResult).toEqual('admin_tenant');
+  });
+
+  it('Resolve tenants list for non-admin user', () => {
+    const nonadminConfig = {
+      username: 'testuser',
+      requestedTenant: undefined,
+      preferredTenants: undefined,
+      availableTenants: { global_tenant: true, testuser: true },
+      globalTenantEnabled: false,
+      privateTenantEnabled: false,
+    };
+
+    const nonadminResult = resolveWithConfig(nonadminConfig);
+    expect(nonadminResult).toEqual('global_tenant');
+  });
+});

From 627e2f2cbdad9b76ddc4cde8646797c62952c2ad Mon Sep 17 00:00:00 2001
From: Ryan Liang <jiallian@amazon.com>
Date: Wed, 21 Dec 2022 14:52:48 -0500
Subject: [PATCH 3/3] Rename test cases

Signed-off-by: Ryan Liang <jiallian@amazon.com>
---
 server/multitenancy/test/tenant_resolver.test.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/server/multitenancy/test/tenant_resolver.test.ts b/server/multitenancy/test/tenant_resolver.test.ts
index 29b563efd..d8544d024 100644
--- a/server/multitenancy/test/tenant_resolver.test.ts
+++ b/server/multitenancy/test/tenant_resolver.test.ts
@@ -27,7 +27,7 @@ describe("Resolve tenants when multitenancy is enabled and both 'Global' and 'Pr
     );
   }
 
-  it('Resolve tenants list for admin user', () => {
+  it('Resolve tenant with custom tenants, Global and Private disabled', () => {
     const adminConfig = {
       username: 'admin',
       requestedTenant: 'admin_tenant',
@@ -41,7 +41,7 @@ describe("Resolve tenants when multitenancy is enabled and both 'Global' and 'Pr
     expect(adminResult).toEqual('admin_tenant');
   });
 
-  it('Resolve tenants list for non-admin user', () => {
+  it('Resolve tenant without custom tenants, Global and Private disabled', () => {
     const nonadminConfig = {
       username: 'testuser',
       requestedTenant: undefined,