Commit 13314f23 by Daniel Lee

WIP: Can remove dashboard permission - sql

parent 890ebcbb
......@@ -41,6 +41,13 @@ type AddOrUpdateDashboardPermissionCommand struct {
PermissionType PermissionType `json:"permissionType" binding:"Required"`
}
type RemoveDashboardPermissionCommand struct {
DashboardId int64 `json:"dashboardId" binding:"Required"`
OrgId int64 `json:"-"`
UserId int64 `json:"userId"`
UserGroupId int64 `json:"userGroupId"`
}
//
// QUERIES
//
......
......@@ -10,6 +10,7 @@ import (
func init() {
bus.AddHandler("sql", AddOrUpdateDashboardPermission)
bus.AddHandler("sql", RemoveDashboardPermission)
bus.AddHandler("sql", GetDashboardPermissions)
}
......@@ -64,6 +65,18 @@ func AddOrUpdateDashboardPermission(cmd *m.AddOrUpdateDashboardPermissionCommand
})
}
func RemoveDashboardPermission(cmd *m.RemoveDashboardPermissionCommand) error {
return inTransaction(func(sess *xorm.Session) error {
var rawSql = "DELETE FROM dashboard_acl WHERE dashboard_id =? and (user_group_id=? or user_id=?)"
_, err := sess.Exec(rawSql, cmd.DashboardId, cmd.UserGroupId, cmd.UserId)
if err != nil {
return err
}
return err
})
}
func GetDashboardPermissions(query *m.GetDashboardPermissionsQuery) error {
sess := x.Where("dashboard_id=?", query.DashboardId)
query.Result = make([]*m.DashboardAcl, 0)
......
......@@ -51,11 +51,82 @@ func TestDashboardAclDataAccess(t *testing.T) {
q3 := &m.GetDashboardPermissionsQuery{DashboardId: savedFolder.Id}
err = GetDashboardPermissions(q3)
So(err, ShouldBeNil)
So(len(q3.Result), ShouldEqual, 1)
So(q3.Result[0].DashboardId, ShouldEqual, savedFolder.Id)
So(q3.Result[0].Permissions, ShouldEqual, m.PERMISSION_READ_ONLY_EDIT)
So(q3.Result[0].UserId, ShouldEqual, 1)
})
Convey("Should be able to delete an existing permission", func() {
err := RemoveDashboardPermission(&m.RemoveDashboardPermissionCommand{
OrgId: 1,
UserId: 1,
DashboardId: savedFolder.Id,
})
So(err, ShouldBeNil)
q3 := &m.GetDashboardPermissionsQuery{DashboardId: savedFolder.Id}
err = GetDashboardPermissions(q3)
So(err, ShouldBeNil)
So(len(q3.Result), ShouldEqual, 0)
})
})
Convey("Given a user group", func() {
group1 := m.CreateUserGroupCommand{Name: "group1 name", OrgId: 1}
err := CreateUserGroup(&group1)
So(err, ShouldBeNil)
Convey("Should be able to add a user permission for a user group", func() {
err := AddOrUpdateDashboardPermission(&m.AddOrUpdateDashboardPermissionCommand{
OrgId: 1,
UserGroupId: group1.Result.Id,
DashboardId: savedFolder.Id,
PermissionType: m.PERMISSION_EDIT,
})
So(err, ShouldBeNil)
q1 := &m.GetDashboardPermissionsQuery{DashboardId: savedFolder.Id}
err = GetDashboardPermissions(q1)
So(err, ShouldBeNil)
So(q1.Result[0].DashboardId, ShouldEqual, savedFolder.Id)
So(q1.Result[0].Permissions, ShouldEqual, m.PERMISSION_EDIT)
So(q1.Result[0].UserGroupId, ShouldEqual, group1.Result.Id)
})
Convey("Should be able to update an existing permission for a user group", func() {
err := AddOrUpdateDashboardPermission(&m.AddOrUpdateDashboardPermissionCommand{
OrgId: 1,
UserGroupId: group1.Result.Id,
DashboardId: savedFolder.Id,
PermissionType: m.PERMISSION_READ_ONLY_EDIT,
})
So(err, ShouldBeNil)
q3 := &m.GetDashboardPermissionsQuery{DashboardId: savedFolder.Id}
err = GetDashboardPermissions(q3)
So(err, ShouldBeNil)
So(len(q3.Result), ShouldEqual, 1)
So(q3.Result[0].DashboardId, ShouldEqual, savedFolder.Id)
So(q3.Result[0].Permissions, ShouldEqual, m.PERMISSION_READ_ONLY_EDIT)
So(q3.Result[0].UserGroupId, ShouldEqual, group1.Result.Id)
})
Convey("Should be able to delete an existing permission for a user group", func() {
err := RemoveDashboardPermission(&m.RemoveDashboardPermissionCommand{
OrgId: 1,
UserGroupId: group1.Result.Id,
DashboardId: savedFolder.Id,
})
So(err, ShouldBeNil)
q3 := &m.GetDashboardPermissionsQuery{DashboardId: savedFolder.Id}
err = GetDashboardPermissions(q3)
So(err, ShouldBeNil)
So(len(q3.Result), ShouldEqual, 0)
})
})
})
})
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment