-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature]Introduces Resource Sharing and Access Control #16030
Closed
DarshitChanpura
wants to merge
68
commits into
opensearch-project:main
from
DarshitChanpura:resource-permissions
Closed
Changes from 1 commit
Commits
Show all changes
68 commits
Select commit
Hold shift + click to select a range
909a85b
Adds a new plugin type named ResourcePlugin and relevant base classes
DarshitChanpura 66a849c
Adds a No-op implementation of ResourcePlugin
DarshitChanpura 08cdcb3
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura d7169e4
Adds a way to configure security plugin for resource access-control
DarshitChanpura 58ae851
Fixes compilation errors and changes debug log-level to info for Reso…
DarshitChanpura fd00243
Replace plugin count check with isEmpty
DarshitChanpura ef8a0b7
Adds package-info
DarshitChanpura e98cb61
Renames a bunch of files
DarshitChanpura 96f09b0
Changes method signatures to be inline with their usage
DarshitChanpura c86dfc9
Adds new method for deleting by entity
DarshitChanpura 7c6ec2a
Adds abstract method definitions for ResourcePlugin interface
DarshitChanpura c04762e
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura f95a67f
Adds toXContent implementations
DarshitChanpura 8b8fffd
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 7e7cd0a
Modifies some method names and comments
DarshitChanpura e1a1b62
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 23fcfba
Fixes license
DarshitChanpura fba48ab
Adds changelog entry
DarshitChanpura 9cb8d0e
Adds a notion of scope
DarshitChanpura 848234e
Modifies sharedwith to accomodate scope
DarshitChanpura eaf0c6e
Adds missing JavaDoc
DarshitChanpura 6a6e6f7
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 566913a
Adds NamedWriteable capability and removes un-needed method
DarshitChanpura b4f876f
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 9baac32
Updates toXContent implementations
DarshitChanpura 0eb47ac
Fix toString implementation
DarshitChanpura e313071
Allows the ability to list resource permissions
DarshitChanpura bd91162
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 2327258
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 774a4a1
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 37cacf0
Adds NamedWriteable implementations
DarshitChanpura 4107407
Adds TODO for Noop Implementation
DarshitChanpura 274c64f
Adds fromValue method to EntityType
DarshitChanpura 014be82
Refactors variables from List to Set
DarshitChanpura 3143796
Updates revokeAccess signature to accept scopes to revoke access from
DarshitChanpura 04a02cb
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura e468f91
Convert sets to lists
DarshitChanpura 3a0b4b1
Upper-case the default scope
DarshitChanpura 0056807
Adds concrete implementation of getResources in Noop RAC plugin
DarshitChanpura 0548fc2
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 193112b
Updates the ResourceAccessControlPlugin to have noop actions, renames…
DarshitChanpura cbbefa6
Adds ReflectPermissions for DefaultResourceAccessControlPlugin
DarshitChanpura d7d1f25
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura a44b06a
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura b58308e
Adds missing package-info
DarshitChanpura b25a9a7
Adds unit and integration tests
DarshitChanpura eb43578
Adds missing experimental annotations
DarshitChanpura bcd0f2b
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 686f037
Uses jackson object-mapper to read resource class and updates the int…
DarshitChanpura 0bf9fd1
Completes the integrations tests
DarshitChanpura 4a073f1
Updates SHAs
DarshitChanpura 34f160c
Comment and code cleanup
DarshitChanpura 1df8e11
Fixes tests
DarshitChanpura eee5ce1
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 77c56be
Adds integration tests for non-default RAC plugin
DarshitChanpura bb584bb
Removes unused dependency licenses
DarshitChanpura 448307b
Adds missing license headers
DarshitChanpura d9f5262
Adds type bounding to Resource
DarshitChanpura 1aff350
Updates Resource to be a serializable
DarshitChanpura f90b165
Adds getResourceName as API contract for Resource
DarshitChanpura 5e6b8ff
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura ce9d5ec
Removes notion of users, roles and backend_roles
DarshitChanpura 7a868cb
Fixes gradle check failures
DarshitChanpura f1d3011
Fixes created by tests
DarshitChanpura 00ba7a7
Adds test for recipient registry
DarshitChanpura 6fb5055
Fixes a bug in toXContent
DarshitChanpura 3dfc16e
Merge remote-tracking branch 'upstream/main' into resource-permissions
DarshitChanpura 532d13a
Moves jackson dependency addition to server build.gradle
DarshitChanpura File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Renames a bunch of files
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
- Loading branch information
commit e98cb61b3711392ef41bc9a737f4e791c93806dc
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,10 +8,64 @@ | |
|
||
package org.opensearch.plugins; | ||
|
||
import org.opensearch.accesscontrol.resources.Resource; | ||
import org.opensearch.accesscontrol.resources.ShareWith; | ||
|
||
import java.util.List; | ||
import java.util.Map; | ||
|
||
/** | ||
* Class to determine presence of security plugin in the cluster. | ||
* This interface determines presence of security plugin in the cluster. | ||
* If yes, security plugin will be used for resource access authorization | ||
* User information is fetched from thread context by security plugin. | ||
* In clusters, where security plugin is disabled these requests will be pass-through via a No-op implementation. | ||
* There are 3 scope of sharing for a resource: Private, Restricted, Public. To learn more visit <a href="https://github.com/opensearch-project/security/issues/4500">...</a> | ||
* If security plugin is disabled, all resources will be considered public by default. | ||
* TODO: add documentation around "how to use" | ||
* | ||
* @opensearch.experimental | ||
*/ | ||
public interface ResourceAccessControlPlugin extends ResourcePlugin {} | ||
public interface ResourceAccessControlPlugin { | ||
/** | ||
* Returns all accessible resources for current user. | ||
* | ||
* @return list of {@link Resource} items accessible by current user. | ||
*/ | ||
List<Resource> listAccessibleResources(); | ||
|
||
/** | ||
* Checks whether current user has permission to given resource. | ||
* | ||
* | ||
* @param resource the resource on which access is to be checked | ||
* @return true if current user has access, false otherwise | ||
*/ | ||
boolean hasPermission(Resource resource); | ||
|
||
/** | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. wdyt about implementing this and the method below as a REST API in the plugin that implements resource access control? i.e. Security plugin could have an API
Does this need to be part of the interface? |
||
* Adds an entity to the share-with. Resource needs to be in restricted mode. | ||
* @param type One of the {@link ShareWith} types | ||
* @param entities List of names with whom to share this resource with | ||
* @return a message whether sharing was successful. | ||
*/ | ||
String shareWith(ShareWith type, List<String> entities); | ||
|
||
/** | ||
* Revokes given permission to a resource | ||
* | ||
* @param resourceId if of the resource to be updated | ||
* @param systemIndexName index where this resource is defined | ||
* @param revokeAccess a map that contains entries of entities whose access should be revoked | ||
* @return true if revoke was successful, false if there was a failure | ||
*/ | ||
boolean revoke(String resourceId, String systemIndexName, Map<ShareWith, List<String>> revokeAccess); | ||
|
||
/** | ||
* Deletes an entry from .resource_sharing index | ||
* @param resource The resource to be removed from the index | ||
* @return true if resource record was deleted, false otherwise | ||
*/ | ||
boolean deleteResourceSharingRecord(Resource resource); | ||
|
||
// TODO: Check whether methods for bulk updates are required | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When thinking about the role of this plugin, I was thinking that its job is to initialize separate Resource(Sharing)Service per resource type and the role of the service would be the method below this one. i.e.
resourceService.hasBeenSharedWith(String resourceId)
- the resourceService is specific to the type of resource and would already have info necessary required to do the lookup.These resourceServices would be assigned back to the ResourcePlugins which can be used to determine if a resource has been shared with the currently authenticated user.
When it comes to re-usable generic actions to get a resource or search for resources, we could consider adding a library that plugins can add a dependency on that has the re-usable generic actions. The ResourcePlugins could need to supply a ResourceParser so that the generic actions would know how to parse entries from the resource index. The jobParser from the job-scheduler has a model for generic parsing: https://github.com/opensearch-project/job-scheduler/blob/main/spi/src/main/java/org/opensearch/jobscheduler/spi/JobSchedulerExtension.java#L30-L33