Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
24d0b43e
Commit
24d0b43e
authored
Jun 19, 2018
by
Torkel Ödegaard
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix: fixed permission issue with api key with viewer role in dashboards with default permissions
parent
8666c77c
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
28 additions
and
2 deletions
+28
-2
pkg/services/guardian/guardian.go
+1
-1
pkg/services/guardian/guardian_test.go
+6
-1
pkg/services/guardian/guardian_util_test.go
+21
-0
No files found.
pkg/services/guardian/guardian.go
View file @
24d0b43e
...
@@ -83,7 +83,7 @@ func (g *dashboardGuardianImpl) checkAcl(permission m.PermissionType, acl []*m.D
...
@@ -83,7 +83,7 @@ func (g *dashboardGuardianImpl) checkAcl(permission m.PermissionType, acl []*m.D
for
_
,
p
:=
range
acl
{
for
_
,
p
:=
range
acl
{
// user match
// user match
if
!
g
.
user
.
IsAnonymous
{
if
!
g
.
user
.
IsAnonymous
&&
p
.
UserId
>
0
{
if
p
.
UserId
==
g
.
user
.
UserId
&&
p
.
Permission
>=
permission
{
if
p
.
UserId
==
g
.
user
.
UserId
&&
p
.
Permission
>=
permission
{
return
true
,
nil
return
true
,
nil
}
}
...
...
pkg/services/guardian/guardian_test.go
View file @
24d0b43e
...
@@ -162,6 +162,11 @@ func TestGuardianViewer(t *testing.T) {
...
@@ -162,6 +162,11 @@ func TestGuardianViewer(t *testing.T) {
sc
.
parentFolderPermissionScenario
(
VIEWER
,
m
.
PERMISSION_EDIT
,
EDITOR_ACCESS
)
sc
.
parentFolderPermissionScenario
(
VIEWER
,
m
.
PERMISSION_EDIT
,
EDITOR_ACCESS
)
sc
.
parentFolderPermissionScenario
(
VIEWER
,
m
.
PERMISSION_VIEW
,
VIEWER_ACCESS
)
sc
.
parentFolderPermissionScenario
(
VIEWER
,
m
.
PERMISSION_VIEW
,
VIEWER_ACCESS
)
})
})
apiKeyScenario
(
"Given api key with viewer role"
,
t
,
m
.
ROLE_VIEWER
,
func
(
sc
*
scenarioContext
)
{
// dashboard has default permissions
sc
.
defaultPermissionScenario
(
VIEWER
,
m
.
PERMISSION_EDIT
,
VIEWER_ACCESS
)
})
})
})
}
}
...
@@ -267,7 +272,7 @@ func (sc *scenarioContext) verifyExpectedPermissionsFlags() {
...
@@ -267,7 +272,7 @@ func (sc *scenarioContext) verifyExpectedPermissionsFlags() {
actualFlag
=
NO_ACCESS
actualFlag
=
NO_ACCESS
}
}
if
sc
.
expectedFlags
&
actualFlag
!=
sc
.
expectedFlags
{
if
actualFlag
&
sc
.
expectedFlags
!=
actualFlag
{
sc
.
reportFailure
(
tc
,
sc
.
expectedFlags
.
String
(),
actualFlag
.
String
())
sc
.
reportFailure
(
tc
,
sc
.
expectedFlags
.
String
(),
actualFlag
.
String
())
}
}
...
...
pkg/services/guardian/guardian_util_test.go
View file @
24d0b43e
...
@@ -48,6 +48,27 @@ func orgRoleScenario(desc string, t *testing.T, role m.RoleType, fn scenarioFunc
...
@@ -48,6 +48,27 @@ func orgRoleScenario(desc string, t *testing.T, role m.RoleType, fn scenarioFunc
})
})
}
}
func
apiKeyScenario
(
desc
string
,
t
*
testing
.
T
,
role
m
.
RoleType
,
fn
scenarioFunc
)
{
user
:=
&
m
.
SignedInUser
{
UserId
:
0
,
OrgId
:
orgID
,
OrgRole
:
role
,
ApiKeyId
:
10
,
}
guard
:=
New
(
dashboardID
,
orgID
,
user
)
sc
:=
&
scenarioContext
{
t
:
t
,
orgRoleScenario
:
desc
,
givenUser
:
user
,
givenDashboardID
:
dashboardID
,
g
:
guard
,
}
Convey
(
desc
,
func
()
{
fn
(
sc
)
})
}
func
permissionScenario
(
desc
string
,
dashboardID
int64
,
sc
*
scenarioContext
,
permissions
[]
*
m
.
DashboardAclInfoDTO
,
fn
scenarioFunc
)
{
func
permissionScenario
(
desc
string
,
dashboardID
int64
,
sc
*
scenarioContext
,
permissions
[]
*
m
.
DashboardAclInfoDTO
,
fn
scenarioFunc
)
{
bus
.
ClearBusHandlers
()
bus
.
ClearBusHandlers
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment