Commit 699f9095 by Daniel Lee

WIP: remove permissions when deleting global user

parent 41662b85
...@@ -36,8 +36,8 @@ func PostDashboardAcl(c *middleware.Context, cmd m.AddOrUpdateDashboardPermissio ...@@ -36,8 +36,8 @@ func PostDashboardAcl(c *middleware.Context, cmd m.AddOrUpdateDashboardPermissio
cmd.DashboardId = c.ParamsInt64(":id") cmd.DashboardId = c.ParamsInt64(":id")
if err := bus.Dispatch(&cmd); err != nil { if err := bus.Dispatch(&cmd); err != nil {
if err == m.ErrDashboardPermissionAlreadyAdded { if err == m.ErrDashboardPermissionUserOrUserGroupEmpty {
return ApiError(409, "Permission for user/user group already exists", err) return ApiError(409, err.Error(), err)
} }
return ApiError(500, "Failed to create permission", err) return ApiError(500, "Failed to create permission", err)
} }
......
...@@ -24,7 +24,7 @@ func (p PermissionType) String() string { ...@@ -24,7 +24,7 @@ func (p PermissionType) String() string {
// Typed errors // Typed errors
var ( var (
ErrDashboardPermissionAlreadyAdded = errors.New("A permission for this user/user group already exists.") ErrDashboardPermissionUserOrUserGroupEmpty = errors.New("User id and user group id cannot both be empty for a dashboard permission.")
) )
// Dashboard ACL model // Dashboard ACL model
......
...@@ -17,6 +17,10 @@ func init() { ...@@ -17,6 +17,10 @@ func init() {
func AddOrUpdateDashboardPermission(cmd *m.AddOrUpdateDashboardPermissionCommand) error { func AddOrUpdateDashboardPermission(cmd *m.AddOrUpdateDashboardPermissionCommand) error {
return inTransaction(func(sess *DBSession) error { return inTransaction(func(sess *DBSession) error {
if cmd.UserId == 0 && cmd.UserGroupId == 0 {
return m.ErrDashboardPermissionUserOrUserGroupEmpty
}
if res, err := sess.Query("SELECT 1 from "+dialect.Quote("dashboard_acl")+" WHERE dashboard_id =? and (user_group_id=? or user_id=?)", cmd.DashboardId, cmd.UserGroupId, cmd.UserId); err != nil { if res, err := sess.Query("SELECT 1 from "+dialect.Quote("dashboard_acl")+" WHERE dashboard_id =? and (user_group_id=? or user_id=?)", cmd.DashboardId, cmd.UserGroupId, cmd.UserId); err != nil {
return err return err
} else if len(res) == 1 { } else if len(res) == 1 {
......
...@@ -16,6 +16,15 @@ func TestDashboardAclDataAccess(t *testing.T) { ...@@ -16,6 +16,15 @@ func TestDashboardAclDataAccess(t *testing.T) {
savedFolder := insertTestDashboard("1 test dash folder", 1, 0, true, "prod", "webapp") savedFolder := insertTestDashboard("1 test dash folder", 1, 0, true, "prod", "webapp")
childDash := insertTestDashboard("2 test dash", 1, savedFolder.Id, false, "prod", "webapp") childDash := insertTestDashboard("2 test dash", 1, savedFolder.Id, false, "prod", "webapp")
Convey("When adding dashboard permission with userId and userGroupId set to 0", func() {
err := AddOrUpdateDashboardPermission(&m.AddOrUpdateDashboardPermissionCommand{
OrgId: 1,
DashboardId: savedFolder.Id,
PermissionType: m.PERMISSION_EDIT,
})
So(err, ShouldEqual, m.ErrDashboardPermissionUserOrUserGroupEmpty)
})
Convey("Should be able to add dashboard permission", func() { Convey("Should be able to add dashboard permission", func() {
err := AddOrUpdateDashboardPermission(&m.AddOrUpdateDashboardPermissionCommand{ err := AddOrUpdateDashboardPermission(&m.AddOrUpdateDashboardPermissionCommand{
OrgId: 1, OrgId: 1,
......
...@@ -396,6 +396,9 @@ func DeleteUser(cmd *m.DeleteUserCommand) error { ...@@ -396,6 +396,9 @@ func DeleteUser(cmd *m.DeleteUserCommand) error {
deletes := []string{ deletes := []string{
"DELETE FROM star WHERE user_id = ?", "DELETE FROM star WHERE user_id = ?",
"DELETE FROM " + dialect.Quote("user") + " WHERE id = ?", "DELETE FROM " + dialect.Quote("user") + " WHERE id = ?",
"DELETE FROM org_user WHERE user_id = ?",
"DELETE FROM dashboard_acl WHERE user_id = ?",
"DELETE FROM preferences WHERE user_id = ?",
} }
for _, sql := range deletes { for _, sql := range deletes {
......
...@@ -14,80 +14,134 @@ func TestUserDataAccess(t *testing.T) { ...@@ -14,80 +14,134 @@ func TestUserDataAccess(t *testing.T) {
Convey("Testing DB", t, func() { Convey("Testing DB", t, func() {
InitTestDB(t) InitTestDB(t)
var err error Convey("Given 5 users", func() {
for i := 0; i < 5; i++ { var err error
err = CreateUser(&models.CreateUserCommand{ var cmd *models.CreateUserCommand
Email: fmt.Sprint("user", i, "@test.com"), users := []models.User{}
Name: fmt.Sprint("user", i), for i := 0; i < 5; i++ {
Login: fmt.Sprint("loginuser", i), cmd = &models.CreateUserCommand{
Email: fmt.Sprint("user", i, "@test.com"),
Name: fmt.Sprint("user", i),
Login: fmt.Sprint("loginuser", i),
}
err = CreateUser(cmd)
So(err, ShouldBeNil)
users = append(users, cmd.Result)
}
Convey("Can return the first page of users and a total count", func() {
query := models.SearchUsersQuery{Query: "", Page: 1, Limit: 3}
err = SearchUsers(&query)
So(err, ShouldBeNil)
So(len(query.Result.Users), ShouldEqual, 3)
So(query.Result.TotalCount, ShouldEqual, 5)
}) })
So(err, ShouldBeNil)
}
Convey("Can return the first page of users and a total count", func() { Convey("Can return the second page of users and a total count", func() {
query := models.SearchUsersQuery{Query: "", Page: 1, Limit: 3} query := models.SearchUsersQuery{Query: "", Page: 2, Limit: 3}
err = SearchUsers(&query) err = SearchUsers(&query)
So(err, ShouldBeNil) So(err, ShouldBeNil)
So(len(query.Result.Users), ShouldEqual, 3) So(len(query.Result.Users), ShouldEqual, 2)
So(query.Result.TotalCount, ShouldEqual, 5) So(query.Result.TotalCount, ShouldEqual, 5)
}) })
Convey("Can return the second page of users and a total count", func() { Convey("Can return list of users matching query on user name", func() {
query := models.SearchUsersQuery{Query: "", Page: 2, Limit: 3} query := models.SearchUsersQuery{Query: "use", Page: 1, Limit: 3}
err = SearchUsers(&query) err = SearchUsers(&query)
So(err, ShouldBeNil) So(err, ShouldBeNil)
So(len(query.Result.Users), ShouldEqual, 2) So(len(query.Result.Users), ShouldEqual, 3)
So(query.Result.TotalCount, ShouldEqual, 5) So(query.Result.TotalCount, ShouldEqual, 5)
})
Convey("Can return list of users matching query on user name", func() { query = models.SearchUsersQuery{Query: "ser1", Page: 1, Limit: 3}
query := models.SearchUsersQuery{Query: "use", Page: 1, Limit: 3} err = SearchUsers(&query)
err = SearchUsers(&query)
So(err, ShouldBeNil) So(err, ShouldBeNil)
So(len(query.Result.Users), ShouldEqual, 3) So(len(query.Result.Users), ShouldEqual, 1)
So(query.Result.TotalCount, ShouldEqual, 5) So(query.Result.TotalCount, ShouldEqual, 1)
query = models.SearchUsersQuery{Query: "ser1", Page: 1, Limit: 3} query = models.SearchUsersQuery{Query: "USER1", Page: 1, Limit: 3}
err = SearchUsers(&query) err = SearchUsers(&query)
So(err, ShouldBeNil) So(err, ShouldBeNil)
So(len(query.Result.Users), ShouldEqual, 1) So(len(query.Result.Users), ShouldEqual, 1)
So(query.Result.TotalCount, ShouldEqual, 1) So(query.Result.TotalCount, ShouldEqual, 1)
query = models.SearchUsersQuery{Query: "USER1", Page: 1, Limit: 3} query = models.SearchUsersQuery{Query: "idontexist", Page: 1, Limit: 3}
err = SearchUsers(&query) err = SearchUsers(&query)
So(err, ShouldBeNil) So(err, ShouldBeNil)
So(len(query.Result.Users), ShouldEqual, 1) So(len(query.Result.Users), ShouldEqual, 0)
So(query.Result.TotalCount, ShouldEqual, 1) So(query.Result.TotalCount, ShouldEqual, 0)
})
query = models.SearchUsersQuery{Query: "idontexist", Page: 1, Limit: 3} Convey("Can return list of users matching query on email", func() {
err = SearchUsers(&query) query := models.SearchUsersQuery{Query: "ser1@test.com", Page: 1, Limit: 3}
err = SearchUsers(&query)
So(err, ShouldBeNil) So(err, ShouldBeNil)
So(len(query.Result.Users), ShouldEqual, 0) So(len(query.Result.Users), ShouldEqual, 1)
So(query.Result.TotalCount, ShouldEqual, 0) So(query.Result.TotalCount, ShouldEqual, 1)
}) })
Convey("Can return list of users matching query on email", func() { Convey("Can return list of users matching query on login name", func() {
query := models.SearchUsersQuery{Query: "ser1@test.com", Page: 1, Limit: 3} query := models.SearchUsersQuery{Query: "loginuser1", Page: 1, Limit: 3}
err = SearchUsers(&query) err = SearchUsers(&query)
So(err, ShouldBeNil) So(err, ShouldBeNil)
So(len(query.Result.Users), ShouldEqual, 1) So(len(query.Result.Users), ShouldEqual, 1)
So(query.Result.TotalCount, ShouldEqual, 1) So(query.Result.TotalCount, ShouldEqual, 1)
}) })
Convey("when a user is an org member and has been assigned permissions", func() {
err = AddOrgUser(&models.AddOrgUserCommand{LoginOrEmail: users[0].Login, Role: models.ROLE_VIEWER, OrgId: users[0].OrgId})
So(err, ShouldBeNil)
err = AddOrUpdateDashboardPermission(&models.AddOrUpdateDashboardPermissionCommand{DashboardId: 1, OrgId: users[0].OrgId, UserId: users[0].Id, PermissionType: models.PERMISSION_EDIT})
So(err, ShouldBeNil)
Convey("Can return list of users matching query on login name", func() { err = SavePreferences(&models.SavePreferencesCommand{UserId: users[0].Id, OrgId: users[0].OrgId, HomeDashboardId: 1, Theme: "dark"})
query := models.SearchUsersQuery{Query: "loginuser1", Page: 1, Limit: 3} So(err, ShouldBeNil)
err = SearchUsers(&query)
So(err, ShouldBeNil) Convey("when the user is deleted", func() {
So(len(query.Result.Users), ShouldEqual, 1) err = DeleteUser(&models.DeleteUserCommand{UserId: users[0].Id})
So(query.Result.TotalCount, ShouldEqual, 1) So(err, ShouldBeNil)
Convey("Should delete connected org users and permissions", func() {
query := &models.GetOrgUsersQuery{OrgId: 1}
err = GetOrgUsersForTest(query)
So(err, ShouldBeNil)
So(len(query.Result), ShouldEqual, 1)
permQuery := &models.GetDashboardPermissionsQuery{DashboardId: 1}
err = GetDashboardPermissions(permQuery)
So(err, ShouldBeNil)
So(len(permQuery.Result), ShouldEqual, 0)
prefsQuery := &models.GetPreferencesQuery{OrgId: users[0].OrgId, UserId: users[0].Id}
err = GetPreferences(prefsQuery)
So(err, ShouldBeNil)
So(prefsQuery.Result.OrgId, ShouldEqual, 0)
So(prefsQuery.Result.UserId, ShouldEqual, 0)
})
})
})
}) })
}) })
} }
func GetOrgUsersForTest(query *models.GetOrgUsersQuery) error {
query.Result = make([]*models.OrgUserDTO, 0)
sess := x.Table("org_user")
sess.Join("LEFT ", "user", fmt.Sprintf("org_user.user_id=%s.id", x.Dialect().Quote("user")))
sess.Where("org_user.org_id=?", query.OrgId)
sess.Cols("org_user.org_id", "org_user.user_id", "user.email", "user.login", "org_user.role")
err := sess.Find(&query.Result)
return err
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment