opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-01 07:32:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

new property for current user indicating if edit permissions in folders

Browse Source
This commit is contained in:
Marcus Efraimsson
2018-04-30 15:34:31 +02:00
parent 4f7791b9fa
commit 770acee56a
5 changed files with 123 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/api/dtos/models.go
View File

@ -37,6 +37,7 @@ type CurrentUser struct {
Timezone string `json:"timezone"` Timezone string `json:"timezone"`
Locale string `json:"locale"` Locale string `json:"locale"`
HelpFlags1 m.HelpFlags1 `json:"helpFlags1"` HelpFlags1 m.HelpFlags1 `json:"helpFlags1"`
HasEditPermissionInFolders bool `json:"hasEditPermissionInFolders"`
} }
type MetricRequest struct { type MetricRequest struct {

6
pkg/api/index.go
View File

@ -42,6 +42,11 @@ func setIndexViewData(c *m.ReqContext) (*dtos.IndexViewData, error) {
settings["appSubUrl"] = "" settings["appSubUrl"] = ""
} }
hasEditPermissionInFoldersQuery := m.HasEditPermissionInFoldersQuery{SignedInUser: c.SignedInUser}
if err := bus.Dispatch(&hasEditPermissionInFoldersQuery); err != nil {
return nil, err
}
var data = dtos.IndexViewData{ var data = dtos.IndexViewData{
User: &dtos.CurrentUser{ User: &dtos.CurrentUser{
Id: c.UserId, Id: c.UserId,
@ -59,6 +64,7 @@ func setIndexViewData(c *m.ReqContext) (*dtos.IndexViewData, error) {
Timezone: prefs.Timezone, Timezone: prefs.Timezone,
Locale: locale, Locale: locale,
HelpFlags1: c.HelpFlags1, HelpFlags1: c.HelpFlags1,
HasEditPermissionInFolders: hasEditPermissionInFoldersQuery.Result,
}, },
Settings: settings, Settings: settings,
Theme: prefs.Theme, Theme: prefs.Theme,

9
pkg/models/folders.go
View File

@ -89,3 +89,12 @@ type UpdateFolderCommand struct {
Result *Folder Result *Folder
} }
//
// QUERIES
//
type HasEditPermissionInFoldersQuery struct {
SignedInUser *SignedInUser
Result bool
}

25
pkg/services/sqlstore/dashboard.go
View File

@ -24,6 +24,7 @@ func init() {
bus.AddHandler("sql", GetDashboardPermissionsForUser) bus.AddHandler("sql", GetDashboardPermissionsForUser)
bus.AddHandler("sql", GetDashboardsBySlug) bus.AddHandler("sql", GetDashboardsBySlug)
bus.AddHandler("sql", ValidateDashboardBeforeSave) bus.AddHandler("sql", ValidateDashboardBeforeSave)
bus.AddHandler("sql", HasEditPermissionInFolders)
} }
var generateNewUid func() string = util.GenerateShortUid var generateNewUid func() string = util.GenerateShortUid
@ -614,3 +615,27 @@ func ValidateDashboardBeforeSave(cmd *m.ValidateDashboardBeforeSaveCommand) (err
return nil return nil
}) })
} }
func HasEditPermissionInFolders(query *m.HasEditPermissionInFoldersQuery) error {
if query.SignedInUser.HasRole(m.ROLE_EDITOR) {
query.Result = true
return nil
}
builder := &SqlBuilder{}
builder.Write("SELECT COUNT(dashboard.id) AS count FROM dashboard WHERE dashboard.org_id = ? AND dashboard.is_folder = ?", query.SignedInUser.OrgId, dialect.BooleanStr(true))
builder.writeDashboardPermissionFilter(query.SignedInUser, m.PERMISSION_EDIT)
type folderCount struct {
Count int64
}
resp := make([]*folderCount, 0)
if err := x.Sql(builder.GetSqlString(), builder.params...).Find(&resp); err != nil {
return err
}
query.Result = len(resp) > 0 && resp[0].Count > 0
return nil
}

53
pkg/services/sqlstore/dashboard_folder_test.go
View File

@ -221,7 +221,6 @@ func TestDashboardFolderDataAccess(t *testing.T) {
}) })
Convey("Given two dashboard folders", func() { Convey("Given two dashboard folders", func() {
folder1 := insertTestDashboard("1 test dash folder", 1, 0, true, "prod") folder1 := insertTestDashboard("1 test dash folder", 1, 0, true, "prod")
folder2 := insertTestDashboard("2 test dash folder", 1, 0, true, "prod") folder2 := insertTestDashboard("2 test dash folder", 1, 0, true, "prod")
insertTestDashboard("folder in another org", 2, 0, true, "prod") insertTestDashboard("folder in another org", 2, 0, true, "prod")
@ -264,6 +263,15 @@ func TestDashboardFolderDataAccess(t *testing.T) {
So(query.Result[1].DashboardId, ShouldEqual, folder2.Id) So(query.Result[1].DashboardId, ShouldEqual, folder2.Id)
So(query.Result[1].Permission, ShouldEqual, m.PERMISSION_ADMIN) So(query.Result[1].Permission, ShouldEqual, m.PERMISSION_ADMIN)
}) })
Convey("should have edit permission in folders", func() {
query := &m.HasEditPermissionInFoldersQuery{
SignedInUser: &m.SignedInUser{UserId: adminUser.Id, OrgId: 1, OrgRole: m.ROLE_ADMIN},
}
err := HasEditPermissionInFolders(query)
So(err, ShouldBeNil)
So(query.Result, ShouldBeTrue)
})
}) })
Convey("Editor users", func() { Convey("Editor users", func() {
@ -310,6 +318,14 @@ func TestDashboardFolderDataAccess(t *testing.T) {
So(query.Result[0].Id, ShouldEqual, folder2.Id) So(query.Result[0].Id, ShouldEqual, folder2.Id)
}) })
Convey("should have edit permission in folders", func() {
query := &m.HasEditPermissionInFoldersQuery{
SignedInUser: &m.SignedInUser{UserId: editorUser.Id, OrgId: 1, OrgRole: m.ROLE_EDITOR},
}
err := HasEditPermissionInFolders(query)
So(err, ShouldBeNil)
So(query.Result, ShouldBeTrue)
})
}) })
Convey("Viewer users", func() { Convey("Viewer users", func() {
@ -353,6 +369,41 @@ func TestDashboardFolderDataAccess(t *testing.T) {
So(len(query.Result), ShouldEqual, 1) So(len(query.Result), ShouldEqual, 1)
So(query.Result[0].Id, ShouldEqual, folder1.Id) So(query.Result[0].Id, ShouldEqual, folder1.Id)
}) })
Convey("should not have edit permission in folders", func() {
query := &m.HasEditPermissionInFoldersQuery{
SignedInUser: &m.SignedInUser{UserId: viewerUser.Id, OrgId: 1, OrgRole: m.ROLE_VIEWER},
}
err := HasEditPermissionInFolders(query)
So(err, ShouldBeNil)
So(query.Result, ShouldBeFalse)
})
Convey("and admin permission is given for user with org role viewer in one dashboard folder", func() {
testHelperUpdateDashboardAcl(folder1.Id, m.DashboardAcl{DashboardId: folder1.Id, OrgId: 1, UserId: viewerUser.Id, Permission: m.PERMISSION_ADMIN})
Convey("should have edit permission in folders", func() {
query := &m.HasEditPermissionInFoldersQuery{
SignedInUser: &m.SignedInUser{UserId: viewerUser.Id, OrgId: 1, OrgRole: m.ROLE_VIEWER},
}
err := HasEditPermissionInFolders(query)
So(err, ShouldBeNil)
So(query.Result, ShouldBeTrue)
})
})
Convey("and edit permission is given for user with org role viewer in one dashboard folder", func() {
testHelperUpdateDashboardAcl(folder1.Id, m.DashboardAcl{DashboardId: folder1.Id, OrgId: 1, UserId: viewerUser.Id, Permission: m.PERMISSION_EDIT})
Convey("should have edit permission in folders", func() {
query := &m.HasEditPermissionInFoldersQuery{
SignedInUser: &m.SignedInUser{UserId: viewerUser.Id, OrgId: 1, OrgRole: m.ROLE_VIEWER},
}
err := HasEditPermissionInFolders(query)
So(err, ShouldBeNil)
So(query.Result, ShouldBeTrue)
})
})
}) })
}) })
}) })