Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
892bdecb
Commit
892bdecb
authored
Feb 20, 2018
by
Marcus Efraimsson
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
folders: folder permission api routes
parent
717d8d0c
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
113 additions
and
4 deletions
+113
-4
pkg/api/api.go
+11
-3
pkg/api/folder_acl.go
+98
-0
pkg/models/dashboard_acl.go
+4
-1
No files found.
pkg/api/api.go
View file @
892bdecb
...
...
@@ -249,11 +249,19 @@ func (hs *HttpServer) registerRoutes() {
// Folders
apiRoute
.
Group
(
"/folders"
,
func
(
folderRoute
RouteRegister
)
{
folderRoute
.
Get
(
"/"
,
wrap
(
GetFolders
))
folderRoute
.
Get
(
"/:uid"
,
wrap
(
GetFolderByUid
))
folderRoute
.
Get
(
"/id/:id"
,
wrap
(
GetFolderById
))
folderRoute
.
Post
(
"/"
,
bind
(
m
.
CreateFolderCommand
{}),
wrap
(
CreateFolder
))
folderRoute
.
Put
(
"/:uid"
,
bind
(
m
.
UpdateFolderCommand
{}),
wrap
(
UpdateFolder
))
folderRoute
.
Delete
(
"/:uid"
,
wrap
(
DeleteFolder
))
folderRoute
.
Group
(
"/:uid"
,
func
(
folderUidRoute
RouteRegister
)
{
folderUidRoute
.
Get
(
"/"
,
wrap
(
GetFolderByUid
))
folderUidRoute
.
Put
(
"/"
,
bind
(
m
.
UpdateFolderCommand
{}),
wrap
(
UpdateFolder
))
folderUidRoute
.
Delete
(
"/"
,
wrap
(
DeleteFolder
))
folderUidRoute
.
Group
(
"/permissions"
,
func
(
folderAclRoute
RouteRegister
)
{
folderAclRoute
.
Get
(
"/"
,
wrap
(
GetFolderPermissionList
))
folderAclRoute
.
Post
(
"/"
,
bind
(
dtos
.
UpdateDashboardAclCommand
{}),
wrap
(
UpdateFolderPermissions
))
})
})
})
// Dashboard
...
...
pkg/api/folder_acl.go
0 → 100644
View file @
892bdecb
package
api
import
(
"time"
"github.com/grafana/grafana/pkg/api/dtos"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/middleware"
m
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/dashboards"
"github.com/grafana/grafana/pkg/services/guardian"
)
func
GetFolderPermissionList
(
c
*
middleware
.
Context
)
Response
{
s
:=
dashboards
.
NewFolderService
(
c
.
OrgId
,
c
.
SignedInUser
)
folder
,
err
:=
s
.
GetFolderByUid
(
c
.
Params
(
":uid"
))
if
err
!=
nil
{
return
toFolderError
(
err
)
}
guardian
:=
guardian
.
New
(
folder
.
Id
,
c
.
OrgId
,
c
.
SignedInUser
)
if
canAdmin
,
err
:=
guardian
.
CanAdmin
();
err
!=
nil
||
!
canAdmin
{
return
toFolderError
(
m
.
ErrFolderAccessDenied
)
}
acl
,
err
:=
guardian
.
GetAcl
()
if
err
!=
nil
{
return
ApiError
(
500
,
"Failed to get folder permissions"
,
err
)
}
for
_
,
perm
:=
range
acl
{
perm
.
FolderId
=
folder
.
Id
perm
.
DashboardId
=
0
if
perm
.
Slug
!=
""
{
perm
.
Url
=
m
.
GetDashboardFolderUrl
(
perm
.
IsFolder
,
perm
.
Uid
,
perm
.
Slug
)
}
}
return
Json
(
200
,
acl
)
}
func
UpdateFolderPermissions
(
c
*
middleware
.
Context
,
apiCmd
dtos
.
UpdateDashboardAclCommand
)
Response
{
s
:=
dashboards
.
NewFolderService
(
c
.
OrgId
,
c
.
SignedInUser
)
folder
,
err
:=
s
.
GetFolderByUid
(
c
.
Params
(
":uid"
))
if
err
!=
nil
{
return
toFolderError
(
err
)
}
guardian
:=
guardian
.
New
(
folder
.
Id
,
c
.
OrgId
,
c
.
SignedInUser
)
if
canAdmin
,
err
:=
guardian
.
CanAdmin
();
err
!=
nil
||
!
canAdmin
{
return
toFolderError
(
err
)
}
cmd
:=
m
.
UpdateDashboardAclCommand
{}
cmd
.
DashboardId
=
folder
.
Id
for
_
,
item
:=
range
apiCmd
.
Items
{
cmd
.
Items
=
append
(
cmd
.
Items
,
&
m
.
DashboardAcl
{
OrgId
:
c
.
OrgId
,
DashboardId
:
folder
.
Id
,
UserId
:
item
.
UserId
,
TeamId
:
item
.
TeamId
,
Role
:
item
.
Role
,
Permission
:
item
.
Permission
,
Created
:
time
.
Now
(),
Updated
:
time
.
Now
(),
})
}
if
okToUpdate
,
err
:=
guardian
.
CheckPermissionBeforeUpdate
(
m
.
PERMISSION_ADMIN
,
cmd
.
Items
);
err
!=
nil
||
!
okToUpdate
{
if
err
!=
nil
{
return
ApiError
(
500
,
"Error while checking folder permissions"
,
err
)
}
return
ApiError
(
403
,
"Cannot remove own admin permission for a folder"
,
nil
)
}
if
err
:=
bus
.
Dispatch
(
&
cmd
);
err
!=
nil
{
if
err
==
m
.
ErrDashboardAclInfoMissing
{
err
=
m
.
ErrFolderAclInfoMissing
}
if
err
==
m
.
ErrDashboardPermissionDashboardEmpty
{
err
=
m
.
ErrFolderPermissionFolderEmpty
}
if
err
==
m
.
ErrFolderAclInfoMissing
||
err
==
m
.
ErrFolderPermissionFolderEmpty
{
return
ApiError
(
409
,
err
.
Error
(),
err
)
}
return
ApiError
(
500
,
"Failed to create permission"
,
err
)
}
return
ApiSuccess
(
"Folder acl updated"
)
}
pkg/models/dashboard_acl.go
View file @
892bdecb
...
...
@@ -26,6 +26,8 @@ func (p PermissionType) String() string {
var
(
ErrDashboardAclInfoMissing
=
errors
.
New
(
"User id and team id cannot both be empty for a dashboard permission."
)
ErrDashboardPermissionDashboardEmpty
=
errors
.
New
(
"Dashboard Id must be greater than zero for a dashboard permission."
)
ErrFolderAclInfoMissing
=
errors
.
New
(
"User id and team id cannot both be empty for a folder permission."
)
ErrFolderPermissionFolderEmpty
=
errors
.
New
(
"Folder Id must be greater than zero for a folder permission."
)
)
// Dashboard ACL model
...
...
@@ -45,7 +47,8 @@ type DashboardAcl struct {
type
DashboardAclInfoDTO
struct
{
OrgId
int64
`json:"-"`
DashboardId
int64
`json:"dashboardId"`
DashboardId
int64
`json:"dashboardId,omitempty"`
FolderId
int64
`json:"folderId,omitempty"`
Created
time
.
Time
`json:"created"`
Updated
time
.
Time
`json:"updated"`
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment