Commit 9eccb4e7 by Daniel Lee

WIP: API - add dash permission

parent bc6aa744
......@@ -250,6 +250,7 @@ func (hs *HttpServer) registerRoutes() {
r.Group("/:id/acl", func() {
r.Get("/", wrap(GetDashboardAcl))
r.Post("/", quota("acl"), bind(m.AddOrUpdateDashboardPermissionCommand{}), wrap(PostDashboardAcl))
r.Delete("/user/:userId", wrap(DeleteDashboardAclByUser))
r.Delete("/user-group/:userGroupId", wrap(DeleteDashboardAclByUserGroup))
}, reqSignedIn)
......
......@@ -2,6 +2,7 @@ package api
import (
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/metrics"
"github.com/grafana/grafana/pkg/middleware"
m "github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/guardian"
......@@ -30,6 +31,25 @@ func GetDashboardAcl(c *middleware.Context) Response {
return Json(200, &query.Result)
}
func PostDashboardAcl(c *middleware.Context, cmd m.AddOrUpdateDashboardPermissionCommand) Response {
cmd.OrgId = c.OrgId
cmd.DashboardId = c.ParamsInt64(":id")
if err := bus.Dispatch(&cmd); err != nil {
if err == m.ErrDashboardPermissionAlreadyAdded {
return ApiError(409, "Permission for user/user group already exists", err)
}
return ApiError(500, "Failed to create permission", err)
}
metrics.M_Api_Dashboard_Acl_Create.Inc(1)
return Json(200, &util.DynMap{
"permissionId": cmd.Result.Id,
"message": "Permission created",
})
}
func DeleteDashboardAclByUser(c *middleware.Context) Response {
dashboardId := c.ParamsInt64(":id")
userId := c.ParamsInt64(":userId")
......
......@@ -36,6 +36,7 @@ var (
M_Api_Dashboard_Snapshot_External Counter
M_Api_Dashboard_Snapshot_Get Counter
M_Api_UserGroup_Create Counter
M_Api_Dashboard_Acl_Create Counter
M_Models_Dashboard_Insert Counter
M_Alerting_Result_State_Alerting Counter
M_Alerting_Result_State_Ok Counter
......@@ -94,6 +95,7 @@ func initMetricVars(settings *MetricSettings) {
M_Api_User_SignUpInvite = RegCounter("api.user.signup_invite")
M_Api_UserGroup_Create = RegCounter("api.usergroup.create")
M_Api_Dashboard_Acl_Create = RegCounter("api.dashboard.acl.create")
M_Api_Dashboard_Save = RegTimer("api.dashboard.save")
M_Api_Dashboard_Get = RegTimer("api.dashboard.get")
......
package models
import "time"
import (
"errors"
"time"
)
type PermissionType int
const (
PERMISSION_EDIT PermissionType = 1 << iota
PERMISSION_VIEW PermissionType = 1 << iota
PERMISSION_READ_ONLY_EDIT
PERMISSION_VIEW
PERMISSION_EDIT
)
func (p PermissionType) String() string {
......@@ -20,9 +23,9 @@ func (p PermissionType) String() string {
}
// Typed errors
// var (
// ErrDashboardPermissionAlreadyAdded = errors.New("A permission has ")
// )
var (
ErrDashboardPermissionAlreadyAdded = errors.New("A permission for this user/user group already exists.")
)
// Dashboard ACL model
type DashboardAcl struct {
......@@ -60,11 +63,13 @@ type DashboardAclInfoDTO struct {
//
type AddOrUpdateDashboardPermissionCommand struct {
DashboardId int64 `json:"dashboardId" binding:"Required"`
DashboardId int64 `json:"-"`
OrgId int64 `json:"-"`
UserId int64 `json:"userId"`
UserGroupId int64 `json:"userGroupId"`
PermissionType PermissionType `json:"permissionType" binding:"Required"`
Result DashboardAcl `json:"-"`
}
type RemoveDashboardPermissionCommand struct {
......
......@@ -51,11 +51,14 @@ func AddOrUpdateDashboardPermission(cmd *m.AddOrUpdateDashboardPermissionCommand
cols = append(cols, "user_group_id")
}
_, err := sess.Cols(cols...).Insert(&entity)
entityId, err := sess.Cols(cols...).Insert(&entity)
if err != nil {
return err
}
cmd.Result = entity
cmd.Result.Id = entityId
// Update dashboard HasAcl flag
dashboard := m.Dashboard{
HasAcl: true,
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment