opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-30 03:42:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

sqlstore split: dashboard permissions (#49962)

Browse Source 
* backend/sqlstore split: remove unused GetDashboardPermissionsForUser from sqlstore
* remove debugging line
* backend/sqlstore: move dashboard permission related functions to dashboard service
This commit is contained in:
Kristin Laemmert
2022-06-01 14:16:26 -04:00
committed by GitHub
parent bb94681d5a
commit 2edfbb7767
30 changed files with 557 additions and 481 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
pkg/services/dashboards/database/database_folder_test.go
View File

@ -310,24 +310,6 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
require.Equal(t, query.Result[1].ID, folder2.Id)
})
t.Run("should have write access to all folders and dashboards", func(t *testing.T) {
query := models.GetDashboardPermissionsForUserQuery{
DashboardIds: []int64{folder1.Id, folder2.Id},
OrgId: 1,
UserId: adminUser.Id,
OrgRole: models.ROLE_ADMIN,
}
err := sqlStore.GetDashboardPermissionsForUser(context.Background(), &query)
require.NoError(t, err)
require.Equal(t, len(query.Result), 2)
require.Equal(t, query.Result[0].DashboardId, folder1.Id)
require.Equal(t, query.Result[0].Permission, models.PERMISSION_ADMIN)
require.Equal(t, query.Result[1].DashboardId, folder2.Id)
require.Equal(t, query.Result[1].Permission, models.PERMISSION_ADMIN)
})
t.Run("should have edit permission in folders", func(t *testing.T) {
query := &models.HasEditPermissionInFoldersQuery{
SignedInUser: &models.SignedInUser{UserId: adminUser.Id, OrgId: 1, OrgRole: models.ROLE_ADMIN},
@ -363,24 +345,6 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
require.Equal(t, query.Result[1].ID, folder2.Id)
})
t.Run("should have edit access to folders with default ACL", func(t *testing.T) {
query := models.GetDashboardPermissionsForUserQuery{
DashboardIds: []int64{folder1.Id, folder2.Id},
OrgId: 1,
UserId: editorUser.Id,
OrgRole: models.ROLE_EDITOR,
}
err := sqlStore.GetDashboardPermissionsForUser(context.Background(), &query)
require.NoError(t, err)
require.Equal(t, len(query.Result), 2)
require.Equal(t, query.Result[0].DashboardId, folder1.Id)
require.Equal(t, query.Result[0].Permission, models.PERMISSION_EDIT)
require.Equal(t, query.Result[1].DashboardId, folder2.Id)
require.Equal(t, query.Result[1].Permission, models.PERMISSION_EDIT)
})
t.Run("Should have write access to one dashboard folder if default role changed to view for one folder", func(t *testing.T) {
err := updateDashboardAcl(t, dashboardStore, folder1.Id, models.DashboardAcl{
DashboardID: folder1.Id, OrgID: 1, UserID: editorUser.Id, Permission: models.PERMISSION_VIEW,
@ -427,26 +391,6 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
require.Equal(t, len(query.Result), 0)
})
t.Run("should have view access to folders with default ACL", func(t *testing.T) {
setup3()
query := models.GetDashboardPermissionsForUserQuery{
DashboardIds: []int64{folder1.Id, folder2.Id},
OrgId: 1,
UserId: viewerUser.Id,
OrgRole: models.ROLE_VIEWER,
}
err := sqlStore.GetDashboardPermissionsForUser(context.Background(), &query)
require.NoError(t, err)
require.Equal(t, len(query.Result), 2)
require.Equal(t, query.Result[0].DashboardId, folder1.Id)
require.Equal(t, query.Result[0].Permission, models.PERMISSION_VIEW)
require.Equal(t, query.Result[1].DashboardId, folder2.Id)
require.Equal(t, query.Result[1].Permission, models.PERMISSION_VIEW)
})
t.Run("Should be able to get one dashboard folder if default role changed to edit for one folder", func(t *testing.T) {
err := updateDashboardAcl(t, dashboardStore, folder1.Id, models.DashboardAcl{
DashboardID: folder1.Id, OrgID: 1, UserID: viewerUser.Id, Permission: models.PERMISSION_EDIT,