mirror of
https://github.com/grafana/grafana.git
synced 2025-07-29 09:22:21 +08:00
Team access changes for editors when editorsCanAdmin is enabled (#45405)
* filter teams for editors to only show the teams that they are members of * frontend changes to only allow clicking on teams that the user can edit * update frontend test snapshots * extend docs * reword * remove the comment for now * Update backend tests * reword the warning, and add it back in * docs feedback Co-authored-by: gamab <gabi.mabs@gmail.com>
This commit is contained in:
Ieva
@ -40,39 +40,69 @@ func TestTeamAPIEndpoint(t *testing.T) {
|
||||
hs.SQLStore = store
|
||||
mock := &mockstore.SQLStoreMock{}
|
||||
|
||||
loggedInUserScenario(t, "When calling GET on", "/api/teams/search", "/api/teams/search", func(sc *scenarioContext) {
|
||||
_, err := hs.SQLStore.CreateTeam("team1", "", 1)
|
||||
require.NoError(t, err)
|
||||
_, err = hs.SQLStore.CreateTeam("team2", "", 1)
|
||||
require.NoError(t, err)
|
||||
loggedInUserScenarioWithRole(t, "When admin is calling GET on", "GET", "/api/teams/search", "/api/teams/search",
|
||||
models.ROLE_ADMIN, func(sc *scenarioContext) {
|
||||
_, err := hs.SQLStore.CreateTeam("team1", "", 1)
|
||||
require.NoError(t, err)
|
||||
_, err = hs.SQLStore.CreateTeam("team2", "", 1)
|
||||
require.NoError(t, err)
|
||||
|
||||
sc.handlerFunc = hs.SearchTeams
|
||||
sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
|
||||
require.Equal(t, http.StatusOK, sc.resp.Code)
|
||||
var resp models.SearchTeamQueryResult
|
||||
err = json.Unmarshal(sc.resp.Body.Bytes(), &resp)
|
||||
require.NoError(t, err)
|
||||
sc.handlerFunc = hs.SearchTeams
|
||||
sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
|
||||
require.Equal(t, http.StatusOK, sc.resp.Code)
|
||||
var resp models.SearchTeamQueryResult
|
||||
err = json.Unmarshal(sc.resp.Body.Bytes(), &resp)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.EqualValues(t, 2, resp.TotalCount)
|
||||
assert.Equal(t, 2, len(resp.Teams))
|
||||
}, mock)
|
||||
assert.EqualValues(t, 2, resp.TotalCount)
|
||||
assert.Equal(t, 2, len(resp.Teams))
|
||||
}, mock)
|
||||
|
||||
loggedInUserScenario(t, "When calling GET on", "/api/teams/search", "/api/teams/search", func(sc *scenarioContext) {
|
||||
_, err := hs.SQLStore.CreateTeam("team1", "", 1)
|
||||
require.NoError(t, err)
|
||||
_, err = hs.SQLStore.CreateTeam("team2", "", 1)
|
||||
require.NoError(t, err)
|
||||
loggedInUserScenario(t, "When editor (with editors_can_admin) is calling GET on", "/api/teams/search",
|
||||
"/api/teams/search", func(sc *scenarioContext) {
|
||||
team1, err := hs.SQLStore.CreateTeam("team1", "", 1)
|
||||
require.NoError(t, err)
|
||||
_, err = hs.SQLStore.CreateTeam("team2", "", 1)
|
||||
require.NoError(t, err)
|
||||
|
||||
sc.handlerFunc = hs.SearchTeams
|
||||
sc.fakeReqWithParams("GET", sc.url, map[string]string{"perpage": "10", "page": "2"}).exec()
|
||||
require.Equal(t, http.StatusOK, sc.resp.Code)
|
||||
var resp models.SearchTeamQueryResult
|
||||
err = json.Unmarshal(sc.resp.Body.Bytes(), &resp)
|
||||
require.NoError(t, err)
|
||||
// Adding the test user to the teams in order for him to list them
|
||||
err = hs.SQLStore.AddTeamMember(testUserID, testOrgID, team1.Id, false, 0)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.EqualValues(t, 2, resp.TotalCount)
|
||||
assert.Equal(t, 0, len(resp.Teams))
|
||||
}, mock)
|
||||
sc.handlerFunc = hs.SearchTeams
|
||||
sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
|
||||
require.Equal(t, http.StatusOK, sc.resp.Code)
|
||||
var resp models.SearchTeamQueryResult
|
||||
err = json.Unmarshal(sc.resp.Body.Bytes(), &resp)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.EqualValues(t, 1, resp.TotalCount)
|
||||
assert.Equal(t, 1, len(resp.Teams))
|
||||
}, mock)
|
||||
|
||||
loggedInUserScenario(t, "When editor (with editors_can_admin) calling GET with pagination on",
|
||||
"/api/teams/search", "/api/teams/search", func(sc *scenarioContext) {
|
||||
team1, err := hs.SQLStore.CreateTeam("team1", "", 1)
|
||||
require.NoError(t, err)
|
||||
team2, err := hs.SQLStore.CreateTeam("team2", "", 1)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Adding the test user to the teams in order for him to list them
|
||||
err = hs.SQLStore.AddTeamMember(testUserID, testOrgID, team1.Id, false, 0)
|
||||
require.NoError(t, err)
|
||||
err = hs.SQLStore.AddTeamMember(testUserID, testOrgID, team2.Id, false, 0)
|
||||
require.NoError(t, err)
|
||||
|
||||
sc.handlerFunc = hs.SearchTeams
|
||||
sc.fakeReqWithParams("GET", sc.url, map[string]string{"perpage": "10", "page": "2"}).exec()
|
||||
require.Equal(t, http.StatusOK, sc.resp.Code)
|
||||
var resp models.SearchTeamQueryResult
|
||||
err = json.Unmarshal(sc.resp.Body.Bytes(), &resp)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.EqualValues(t, 2, resp.TotalCount)
|
||||
assert.Equal(t, 0, len(resp.Teams))
|
||||
}, mock)
|
||||
})
|
||||
|
||||
t.Run("When creating team with API key", func(t *testing.T) {
|
||||
|
||||
Reference in New Issue
Block a user