Skip to content

Commit 670c15d

Browse files
seanstoryseanstory
committed
Fixed the role descriptor for persona api keys
1 parent bd00a1d commit 670c15d

File tree

1 file changed

+36
-29
lines changed

1 file changed

+36
-29
lines changed

example-apps/internal-knowledge-search/app-ui/src/components/SearchApplicationSettings.tsx

Lines changed: 36 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,16 @@ const SearchApplicationSettings: React.FC = () => {
1616
try {
1717
const identitiesIndex = ".search-acl-filter-search-sharepoint" //TODO fix hardcoded
1818
const identitiesPath = searchEndpoint + "/" + identitiesIndex + "/_search"
19-
const response = await fetch(identitiesPath, {headers: {"Authorization": "Basic " + btoa(appUser + ":" + appPassword)}});
19+
const response = await fetch(identitiesPath, {
20+
method: "POST",
21+
headers: {
22+
"Authorization": "Basic " + btoa(appUser + ":" + appPassword),
23+
"Content-Type": "application/json"
24+
},
25+
body: JSON.stringify({
26+
"size": 30 //TODO: fix magic number. This is just how many identities I have in my data
27+
})
28+
});
2029
const jsonData = await response.json();
2130
const ids = jsonData.hits.hits.map((hit) => hit._id)
2231
return ids
@@ -55,9 +64,9 @@ const SearchApplicationSettings: React.FC = () => {
5564
}
5665
}
5766
}
58-
const personaRoleDescriptor = async () => {
67+
const personaRoleDescriptor = async (persona) => {
5968
const identitiesIndex = ".search-acl-filter-search-sharepoint" //TODO fix hardcoded
60-
const identityPath = searchEndpoint + "/" + identitiesIndex + "/_doc/" + searchPersona
69+
const identityPath = searchEndpoint + "/" + identitiesIndex + "/_doc/" + persona
6170
const response = await fetch(identityPath, {headers: {"Authorization": "Basic " + btoa(appUser + ":" + appPassword)}});
6271
const jsonData = await response.json();
6372
console.log("Permissions lookup response is:")
@@ -68,39 +77,37 @@ const SearchApplicationSettings: React.FC = () => {
6877
"cluster": ["all"],
6978
"indices": [
7079
{
71-
"names": ["search-sharepoint"],// TODO: hardcoded
80+
"names": [appName],
7281
"privileges": ["read"],
73-
"query": {
82+
"query" : {
7483
"template": {
7584
"params": {
76-
"permissions": permissions
85+
"access_control": permissions
7786
},
78-
'source': `
79-
{
80-
"bool": {
87+
"source" : `{
88+
"bool": {
8189
"filter": {
82-
"bool": {
83-
"should": [
84-
{
85-
"bool": {
86-
"must_not": {
87-
"exists": {
88-
"field": "_allow_access_control"
90+
"bool": {
91+
"should": [
92+
{
93+
"bool": {
94+
"must_not": {
95+
"exists": {
96+
"field": "_allow_access_control"
97+
}
98+
}
99+
}
100+
},
101+
{
102+
"terms": {
103+
"_allow_access_control.enum": {{#toJson}}access_control{{/toJson}}
104+
}
89105
}
90-
}
91-
}
92-
},
93-
{
94-
"terms": {
95-
"_allow_access_control": {{#toJson}}permissions{{/toJson}}
96-
}
97-
}
98-
]
99-
}
106+
]
107+
}
100108
}
101-
}
102109
}
103-
`
110+
}`
104111
}
105112
}
106113
}
@@ -114,7 +121,7 @@ const SearchApplicationSettings: React.FC = () => {
114121
}
115122
}
116123
const createPersonaAPIKey = async(persona) => {
117-
const roleDescriptor = persona == "admin" ? defaultRoleDescriptor : await personaRoleDescriptor()
124+
const roleDescriptor = persona == "admin" ? defaultRoleDescriptor : await personaRoleDescriptor(persona)
118125
const apiKeyPath = searchEndpoint + "/_security/api_key"
119126
const response = await fetch(apiKeyPath, {
120127
method: "POST",

0 commit comments

Comments
 (0)