add isExportable SO export API

[pgayvallet]

Summary

Fix #99680

• Add a new isExportable property to SavedObjectsTypeManagementDefinition to let type owners have per-object exportability control.
• Adapt SO export to use this new feature
• Add generic support for SO type attributes when registering a SO type (SavedObjectsType and underlying types)

Checklist

• Unit or functional tests were updated or added to match the most common scenarios

[pgayvallet]

See #99680 (comment) about the logic of the order.

[pgayvallet]

Added generic for the attributes on SavedObjectsType, SavedObjectsTypeManagementDefinition and underlying types. However for BWC, I was forced to default to any instead of unknown for the public API.

[joshdover]

How much does this break if we switch to unknown? I'm guessing a lot 😓

[pgayvallet]

Yea, basically all types registering a getUrl or getTitle management handler, which is a lot. This is why I don't think we should do it in this PR. I can open a follow-up and ping the teams, though

[pgayvallet]

Took me a while to understand why adding the new properties at the end of the definition was still causing a failure. TIL, for some test suites, we're asserting against the stringified so the properties needs to be in the exact same order.

[legrego]

🤔 @jportner do recall why we are doing a stringified test here? Can we make this more robust by sorting the keys before stringifying, and switch to using json-stable-stringify instead?

[jportner]

IIRC it's because the export API returns Content-Type: application/ndjson and the current approach was cleaner. Otherwise we would have to do this

diff --git a/x-pack/test/saved_object_api_integration/common/suites/export.ts b/x-pack/test/saved_object_api_integration/common/suites/export.ts
index d9ebbac8102..ea474a88092 100644
--- a/x-pack/test/saved_object_api_integration/common/suites/export.ts
+++ b/x-pack/test/saved_object_api_integration/common/suites/export.ts
@@ -135,8 +135,6 @@ export const createRequest = ({ type, id }: ExportTestCase) =>
 const getTestTitle = ({ failure, title }: ExportTestCase) =>
   `${failure?.reason || 'success'} ["${title}"]`;
 
-const EMPTY_RESULT = { exportedCount: 0, missingRefCount: 0, missingReferences: [] };
-
 export function exportTestSuiteFactory(esArchiver: any, supertest: SuperTest<any>) {
   const expectSavedObjectForbiddenBulkGet = expectResponses.forbiddenTypes('bulk_get');
   const expectResponseBody = (testCase: ExportTestCase): ExpectResponseBody => async (
@@ -151,7 +149,12 @@ export function exportTestSuiteFactory(esArchiver: any, supertest: SuperTest<any
       } else if (failure.statusCode === 200) {
         // "find" was unauthorized, which returns an empty result
         expect(response.body).not.to.have.property('error');
-        expect(response.text).to.equal(JSON.stringify(EMPTY_RESULT));
+        const exportDetails = JSON.parse(response.text);
+        expect(exportDetails).to.eql({
+          exportedCount: 0,
+          missingRefCount: 0,
+          missingReferences: [],
+        });
       } else {
         throw new Error(`Unexpected failure status code: ${failure.statusCode}`);
       }

The success case assertions further down also have to parse the ndjson.

[elasticmachine]

Pinging @elastic/kibana-core (Team:Core)

[joshdover]

• Do we have a known use case for async isExportable implementations? If not, this could be something we opt not to support at this time to avoid any performance issues with this new hook.

[joshdover]

How much does this break if we switch to unknown? I'm guessing a lot 😓

[joshdover]

Ugh all these snapshots shakes fist

[legrego]

A few nits below, and a general comment:

I want to make sure that we don't use this new isExportable function to enforce authorization/access control. We currently grant users with the Saved Objects Management feature access to any exportable saved object type, so if we start relying on isExportable to refine that authorization, then we will have a mismatch of expectations. It doesn't sound like that's the intent here, but I wanted to double check.

[legrego]

If saved object migrations have taught me anything, it's that plugin authors can/will create buggy functions to interrogate their saved objects. Can we be defensive here, and handle any thrown errors explicitly? I'm open to suggestions, but I'm thinking we could either:

1. fail open, and treat failed checks as "exportable"
2. fail closed, and treat failed checks as "unexportable"
3. raise our own error in response to a failed check

Option 3 is my least favorite, because it prevents administrators from exporting saved objects due to a bug in our code, without any recourse. That said, I don't know the intent of preventing objects from being excluded, so I don't know if it's safe for us to always fail open/closed.

Perhaps the safest option is to "fail closed", and report the failure within the export metadata and/or in a server log entry. What do you think?

[pgayvallet]

If saved object migrations have taught me anything, it's that plugin authors can/will create buggy functions to interrogate their saved objects

Can't disagree on that

Perhaps the safest option is to "fail closed", and report the failure within the export metadata and/or in a server log entry

That's a perfect use case for the currently unused SavedObjectsExportExcludedObject.reason

[legrego]

🤔 @jportner do recall why we are doing a stringified test here? Can we make this more robust by sorting the keys before stringifying, and switch to using json-stable-stringify instead?

[pgayvallet]

@legrego

We currently grant users with the Saved Objects Management feature access to any exportable saved object type, so if we start relying on isExportable to refine that authorization, then we will have a mismatch of expectations. It doesn't sound like that's the intent here, but I wanted to double check.

I confirm that it is not the intent at all. This is only required for the '8.0 exportability' project, and AFAIK it may even be only temporary. See #99680 and #50266 (comment) for more context.

[pgayvallet]

@joshdover @legrego I think I addressed all of your feedbacks. PTAL

[legrego]

LGTM, thanks for the edits!

[joshdover]

LGTM

[kibanamachine]

💚 Build Succeeded

• continuous-integration/kibana-ci/pull-request
• Commit: b49ef4f
• Storybooks Preview

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id	before	after	diff
core	1053	1054	+1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
savedObjectsManagement	138.5KB	138.9KB	+430.0B

Public APIs missing exports

Total count of every type that is part of your API that should be exported but is not. This will cause broken links in the API documentation system. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats exports for more detailed information.

id	before	after	diff
core	26	27	+1

Unknown metric groups

API count

id	before	after	diff
core	2276	2283	+7

History

• 💚 Build #132399 succeeded 17dd0d1
• 💚 Build #132025 succeeded 7fef467
• 💚 Build #131570 succeeded 5b0ff7e
• 💔 Build #131503 failed a8ad0b6
• 💔 Build #131474 failed 55f03c2

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream