Skip to content

N
nexpie-grafana-theme
Commit 2097ed0b by Daniel Lee
Options

WIP: Permission Type as string in permission query

parent 96afb91a
Showing with 65 additions and 19 deletions
pkg/api/dashboard_acl_test.go
......@@ -13,10 +13,10 @@ import (
func TestDashboardAclApiEndpoint(t *testing.T) {
Convey("Given a dashboard acl", t, func() {
mockResult := []*models.DashboardAclInfoDTO{
{Id: 1, OrgId: 1, DashboardId: 1, UserId: 2, Permissions: models.PERMISSION_EDIT},
{Id: 2, OrgId: 1, DashboardId: 1, UserId: 3, Permissions: models.PERMISSION_VIEW},
{Id: 3, OrgId: 1, DashboardId: 1, UserGroupId: 1, Permissions: models.PERMISSION_EDIT},
{Id: 4, OrgId: 1, DashboardId: 1, UserGroupId: 2, Permissions: models.PERMISSION_READ_ONLY_EDIT},
{Id: 1, OrgId: 1, DashboardId: 1, UserId: 2, PermissionType: models.PERMISSION_EDIT},
{Id: 2, OrgId: 1, DashboardId: 1, UserId: 3, PermissionType: models.PERMISSION_VIEW},
{Id: 3, OrgId: 1, DashboardId: 1, UserGroupId: 1, PermissionType: models.PERMISSION_EDIT},
{Id: 4, OrgId: 1, DashboardId: 1, UserGroupId: 2, PermissionType: models.PERMISSION_READ_ONLY_EDIT},
}
bus.AddHandler("test", func(query *models.GetDashboardPermissionsQuery) error {
query.Result = mockResult
......@@ -34,14 +34,14 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.GetIndex(0).Get("userId").MustInt(), ShouldEqual, 2)
So(respJSON.GetIndex(0).Get("permissions").MustInt(), ShouldEqual, models.PERMISSION_EDIT)
So(respJSON.GetIndex(0).Get("permissionType").MustInt(), ShouldEqual, models.PERMISSION_EDIT)
})
})
})
Convey("When user is editor and in the ACL", func() {
loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/1/acl", "/api/dashboards/:id/acl", models.ROLE_EDITOR, func(sc *scenarioContext) {
mockResult = append(mockResult, &models.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permissions: models.PERMISSION_EDIT})
mockResult = append(mockResult, &models.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, PermissionType: models.PERMISSION_EDIT})
bus.AddHandler("test2", func(query *models.GetAllowedDashboardsQuery) error {
query.Result = []int64{1}
......@@ -57,7 +57,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
})
loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/1/acl/user/1", "/api/dashboards/:id/acl/user/:userId", models.ROLE_EDITOR, func(sc *scenarioContext) {
mockResult = append(mockResult, &models.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permissions: models.PERMISSION_EDIT})
mockResult = append(mockResult, &models.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, PermissionType: models.PERMISSION_EDIT})
bus.AddHandler("test3", func(cmd *models.RemoveDashboardPermissionCommand) error {
return nil
......@@ -110,7 +110,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
})
loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/1/acl/user/1", "/api/dashboards/:id/acl/user/:userId", models.ROLE_EDITOR, func(sc *scenarioContext) {
mockResult = append(mockResult, &models.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permissions: models.PERMISSION_VIEW})
mockResult = append(mockResult, &models.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, PermissionType: models.PERMISSION_VIEW})
bus.AddHandler("test3", func(cmd *models.RemoveDashboardPermissionCommand) error {
return nil
})
......
pkg/models/dashboard_acl.go
......@@ -5,11 +5,20 @@ import "time"
type PermissionType int
const (
PERMISSION_EDIT PermissionType = 4
PERMISSION_READ_ONLY_EDIT PermissionType = 2
PERMISSION_VIEW PermissionType = 1
PERMISSION_EDIT PermissionType = 1 << iota
PERMISSION_READ_ONLY_EDIT
PERMISSION_VIEW
)
func (p PermissionType) String() string {
names := map[int]string{
int(PERMISSION_VIEW): "View",
int(PERMISSION_READ_ONLY_EDIT): "Read-only Edit",
int(PERMISSION_EDIT): "Edit",
}
return names[int(p)]
}
// Typed errors
// var (
// ErrDashboardPermissionAlreadyAdded = errors.New("A permission has ")
......@@ -42,7 +51,8 @@ type DashboardAclInfoDTO struct {
UserEmail string `json:"userEmail"`
UserGroupId int64 `json:"userGroupId"`
UserGroup string `json:"userGroup"`
Permissions PermissionType `json:"permissions"`
PermissionType PermissionType `json:"permissionType"`
Permissions string `json:"permissions"`
}
//
......
pkg/models/dashboard_acl_test.go 0 → 100644
package models
import (
"testing"
"fmt"
. "github.com/smartystreets/goconvey/convey"
)
func TestDashboardAclModel(t *testing.T) {
Convey("When printing a PermissionType", t, func() {
view := PERMISSION_VIEW
printed := fmt.Sprint(view)
Convey("Should output a friendly name", func() {
So(printed, ShouldEqual, "View")
})
})
}
pkg/services/guardian/guardian.go
......@@ -57,12 +57,12 @@ func CanDeleteFromAcl(dashboardId int64, role m.RoleType, isGrafanaAdmin bool, o
userGroups, err := getUserGroupsByUser(userId)
for _, p := range permissions {
if p.UserId == userId && p.Permissions == m.PERMISSION_EDIT {
if p.UserId == userId && p.PermissionType == m.PERMISSION_EDIT {
return true, nil
}
for _, ug := range userGroups {
if ug.Id == p.UserGroupId && p.Permissions == m.PERMISSION_EDIT {
if ug.Id == p.UserGroupId && p.PermissionType == m.PERMISSION_EDIT {
return true, nil
}
}
......
pkg/services/sqlstore/dashboard_acl.go
......@@ -3,6 +3,8 @@ package sqlstore
import (
"time"
"fmt"
"github.com/grafana/grafana/pkg/bus"
m "github.com/grafana/grafana/pkg/models"
)
......@@ -79,7 +81,15 @@ func RemoveDashboardPermission(cmd *m.RemoveDashboardPermissionCommand) error {
func GetDashboardPermissions(query *m.GetDashboardPermissionsQuery) error {
rawSQL := `SELECT
da.*,
da.id,
da.org_id,
da.id,
da.dashboard_id,
da.user_id,
da.user_group_id,
da.permissions as permission_type,
da.created,
da.updated,
u.login AS user_login,
u.email AS user_email,
ug.name AS user_group
......@@ -92,5 +102,9 @@ func GetDashboardPermissions(query *m.GetDashboardPermissionsQuery) error {
err := x.SQL(rawSQL, query.DashboardId).Find(&query.Result)
for _, p := range query.Result {
p.Permissions = fmt.Sprint(p.PermissionType)
}
return err
}
pkg/services/sqlstore/dashboard_acl_test.go
......@@ -29,7 +29,8 @@ func TestDashboardAclDataAccess(t *testing.T) {
err = GetDashboardPermissions(q1)
So(err, ShouldBeNil)
So(q1.Result[0].DashboardId, ShouldEqual, savedFolder.Id)
So(q1.Result[0].Permissions, ShouldEqual, m.PERMISSION_EDIT)
So(q1.Result[0].PermissionType, ShouldEqual, m.PERMISSION_EDIT)
So(q1.Result[0].Permissions, ShouldEqual, "Edit")
So(q1.Result[0].UserId, ShouldEqual, currentUser.Id)
So(q1.Result[0].UserLogin, ShouldEqual, currentUser.Login)
So(q1.Result[0].UserEmail, ShouldEqual, currentUser.Email)
......@@ -56,7 +57,7 @@ func TestDashboardAclDataAccess(t *testing.T) {
So(err, ShouldBeNil)
So(len(q3.Result), ShouldEqual, 1)
So(q3.Result[0].DashboardId, ShouldEqual, savedFolder.Id)
So(q3.Result[0].Permissions, ShouldEqual, m.PERMISSION_READ_ONLY_EDIT)
So(q3.Result[0].PermissionType, ShouldEqual, m.PERMISSION_READ_ONLY_EDIT)
So(q3.Result[0].UserId, ShouldEqual, 1)
})
......@@ -94,7 +95,7 @@ func TestDashboardAclDataAccess(t *testing.T) {
err = GetDashboardPermissions(q1)
So(err, ShouldBeNil)
So(q1.Result[0].DashboardId, ShouldEqual, savedFolder.Id)
So(q1.Result[0].Permissions, ShouldEqual, m.PERMISSION_EDIT)
So(q1.Result[0].PermissionType, ShouldEqual, m.PERMISSION_EDIT)
So(q1.Result[0].UserGroupId, ShouldEqual, group1.Result.Id)
})
......@@ -112,7 +113,7 @@ func TestDashboardAclDataAccess(t *testing.T) {
So(err, ShouldBeNil)
So(len(q3.Result), ShouldEqual, 1)
So(q3.Result[0].DashboardId, ShouldEqual, savedFolder.Id)
So(q3.Result[0].Permissions, ShouldEqual, m.PERMISSION_READ_ONLY_EDIT)
So(q3.Result[0].PermissionType, ShouldEqual, m.PERMISSION_READ_ONLY_EDIT)
So(q3.Result[0].UserGroupId, ShouldEqual, group1.Result.Id)
})
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment