Commit 9eccb4e7 by Daniel Lee

WIP: API - add dash permission

parent bc6aa744
...@@ -250,6 +250,7 @@ func (hs *HttpServer) registerRoutes() { ...@@ -250,6 +250,7 @@ func (hs *HttpServer) registerRoutes() {
r.Group("/:id/acl", func() { r.Group("/:id/acl", func() {
r.Get("/", wrap(GetDashboardAcl)) r.Get("/", wrap(GetDashboardAcl))
r.Post("/", quota("acl"), bind(m.AddOrUpdateDashboardPermissionCommand{}), wrap(PostDashboardAcl))
r.Delete("/user/:userId", wrap(DeleteDashboardAclByUser)) r.Delete("/user/:userId", wrap(DeleteDashboardAclByUser))
r.Delete("/user-group/:userGroupId", wrap(DeleteDashboardAclByUserGroup)) r.Delete("/user-group/:userGroupId", wrap(DeleteDashboardAclByUserGroup))
}, reqSignedIn) }, reqSignedIn)
......
...@@ -2,6 +2,7 @@ package api ...@@ -2,6 +2,7 @@ package api
import ( import (
"github.com/grafana/grafana/pkg/bus" "github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/metrics"
"github.com/grafana/grafana/pkg/middleware" "github.com/grafana/grafana/pkg/middleware"
m "github.com/grafana/grafana/pkg/models" m "github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/guardian" "github.com/grafana/grafana/pkg/services/guardian"
...@@ -30,6 +31,25 @@ func GetDashboardAcl(c *middleware.Context) Response { ...@@ -30,6 +31,25 @@ func GetDashboardAcl(c *middleware.Context) Response {
return Json(200, &query.Result) return Json(200, &query.Result)
} }
func PostDashboardAcl(c *middleware.Context, cmd m.AddOrUpdateDashboardPermissionCommand) Response {
cmd.OrgId = c.OrgId
cmd.DashboardId = c.ParamsInt64(":id")
if err := bus.Dispatch(&cmd); err != nil {
if err == m.ErrDashboardPermissionAlreadyAdded {
return ApiError(409, "Permission for user/user group already exists", err)
}
return ApiError(500, "Failed to create permission", err)
}
metrics.M_Api_Dashboard_Acl_Create.Inc(1)
return Json(200, &util.DynMap{
"permissionId": cmd.Result.Id,
"message": "Permission created",
})
}
func DeleteDashboardAclByUser(c *middleware.Context) Response { func DeleteDashboardAclByUser(c *middleware.Context) Response {
dashboardId := c.ParamsInt64(":id") dashboardId := c.ParamsInt64(":id")
userId := c.ParamsInt64(":userId") userId := c.ParamsInt64(":userId")
......
...@@ -36,6 +36,7 @@ var ( ...@@ -36,6 +36,7 @@ var (
M_Api_Dashboard_Snapshot_External Counter M_Api_Dashboard_Snapshot_External Counter
M_Api_Dashboard_Snapshot_Get Counter M_Api_Dashboard_Snapshot_Get Counter
M_Api_UserGroup_Create Counter M_Api_UserGroup_Create Counter
M_Api_Dashboard_Acl_Create Counter
M_Models_Dashboard_Insert Counter M_Models_Dashboard_Insert Counter
M_Alerting_Result_State_Alerting Counter M_Alerting_Result_State_Alerting Counter
M_Alerting_Result_State_Ok Counter M_Alerting_Result_State_Ok Counter
...@@ -94,6 +95,7 @@ func initMetricVars(settings *MetricSettings) { ...@@ -94,6 +95,7 @@ func initMetricVars(settings *MetricSettings) {
M_Api_User_SignUpInvite = RegCounter("api.user.signup_invite") M_Api_User_SignUpInvite = RegCounter("api.user.signup_invite")
M_Api_UserGroup_Create = RegCounter("api.usergroup.create") M_Api_UserGroup_Create = RegCounter("api.usergroup.create")
M_Api_Dashboard_Acl_Create = RegCounter("api.dashboard.acl.create")
M_Api_Dashboard_Save = RegTimer("api.dashboard.save") M_Api_Dashboard_Save = RegTimer("api.dashboard.save")
M_Api_Dashboard_Get = RegTimer("api.dashboard.get") M_Api_Dashboard_Get = RegTimer("api.dashboard.get")
......
package models package models
import "time" import (
"errors"
"time"
)
type PermissionType int type PermissionType int
const ( const (
PERMISSION_EDIT PermissionType = 1 << iota PERMISSION_VIEW PermissionType = 1 << iota
PERMISSION_READ_ONLY_EDIT PERMISSION_READ_ONLY_EDIT
PERMISSION_VIEW PERMISSION_EDIT
) )
func (p PermissionType) String() string { func (p PermissionType) String() string {
...@@ -20,9 +23,9 @@ func (p PermissionType) String() string { ...@@ -20,9 +23,9 @@ func (p PermissionType) String() string {
} }
// Typed errors // Typed errors
// var ( var (
// ErrDashboardPermissionAlreadyAdded = errors.New("A permission has ") ErrDashboardPermissionAlreadyAdded = errors.New("A permission for this user/user group already exists.")
// ) )
// Dashboard ACL model // Dashboard ACL model
type DashboardAcl struct { type DashboardAcl struct {
...@@ -60,11 +63,13 @@ type DashboardAclInfoDTO struct { ...@@ -60,11 +63,13 @@ type DashboardAclInfoDTO struct {
// //
type AddOrUpdateDashboardPermissionCommand struct { type AddOrUpdateDashboardPermissionCommand struct {
DashboardId int64 `json:"dashboardId" binding:"Required"` DashboardId int64 `json:"-"`
OrgId int64 `json:"-"` OrgId int64 `json:"-"`
UserId int64 `json:"userId"` UserId int64 `json:"userId"`
UserGroupId int64 `json:"userGroupId"` UserGroupId int64 `json:"userGroupId"`
PermissionType PermissionType `json:"permissionType" binding:"Required"` PermissionType PermissionType `json:"permissionType" binding:"Required"`
Result DashboardAcl `json:"-"`
} }
type RemoveDashboardPermissionCommand struct { type RemoveDashboardPermissionCommand struct {
......
...@@ -51,11 +51,14 @@ func AddOrUpdateDashboardPermission(cmd *m.AddOrUpdateDashboardPermissionCommand ...@@ -51,11 +51,14 @@ func AddOrUpdateDashboardPermission(cmd *m.AddOrUpdateDashboardPermissionCommand
cols = append(cols, "user_group_id") cols = append(cols, "user_group_id")
} }
_, err := sess.Cols(cols...).Insert(&entity) entityId, err := sess.Cols(cols...).Insert(&entity)
if err != nil { if err != nil {
return err return err
} }
cmd.Result = entity
cmd.Result.Id = entityId
// Update dashboard HasAcl flag
dashboard := m.Dashboard{ dashboard := m.Dashboard{
HasAcl: true, HasAcl: true,
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment