mirror of
https://github.com/grafana/grafana.git
synced 2025-07-29 09:32:21 +08:00
537 lines
17 KiB
Go
537 lines
17 KiB
Go
package api
|
|
|
|
import (
|
|
"github.com/grafana/grafana/pkg/models"
|
|
"github.com/grafana/grafana/pkg/services/dashboards"
|
|
)
|
|
|
|
// import (
|
|
// "encoding/json"
|
|
// "path/filepath"
|
|
// "testing"
|
|
|
|
// "github.com/go-macaron/session"
|
|
// "github.com/grafana/grafana/pkg/api/dtos"
|
|
// "github.com/grafana/grafana/pkg/bus"
|
|
// "github.com/grafana/grafana/pkg/middleware"
|
|
// m "github.com/grafana/grafana/pkg/models"
|
|
// "github.com/grafana/grafana/pkg/services/dashboards"
|
|
// macaron "gopkg.in/macaron.v1"
|
|
|
|
// . "github.com/smartystreets/goconvey/convey"
|
|
// )
|
|
|
|
// func TestFoldersApiEndpoint(t *testing.T) {
|
|
// Convey("Given a dashboard", t, func() {
|
|
// fakeDash := m.NewDashboard("Child dash")
|
|
// fakeDash.Id = 1
|
|
// fakeDash.FolderId = 1
|
|
// fakeDash.HasAcl = false
|
|
|
|
// var getDashboardQueries []*m.GetDashboardQuery
|
|
|
|
// bus.AddHandler("test", func(query *m.GetDashboardQuery) error {
|
|
// query.Result = fakeDash
|
|
// getDashboardQueries = append(getDashboardQueries, query)
|
|
// return nil
|
|
// })
|
|
|
|
// updateFolderCmd := m.UpdateFolderCommand{}
|
|
|
|
// Convey("When user is an Org Editor", func() {
|
|
// role := m.ROLE_EDITOR
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// callGetFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 404)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/1", "/api/folders/:id", role, func(sc *scenarioContext) {
|
|
// callGetFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 404)
|
|
|
|
// Convey("Should lookup folder by id", func() {
|
|
// So(getDashboardQueries[0].Id, ShouldEqual, 1)
|
|
// })
|
|
// })
|
|
|
|
// updateFolderScenario("When calling PUT on", "/api/folders/uid", "/api/folders/:uid", role, updateFolderCmd, func(sc *scenarioContext) {
|
|
// callUpdateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 404)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// callDeleteFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 404)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
// })
|
|
// })
|
|
|
|
// Convey("Given a folder which does not have an acl", t, func() {
|
|
// fakeFolder := m.NewDashboardFolder("Folder")
|
|
// fakeFolder.Id = 1
|
|
// fakeFolder.HasAcl = false
|
|
|
|
// var getDashboardQueries []*m.GetDashboardQuery
|
|
|
|
// bus.AddHandler("test", func(query *m.GetDashboardQuery) error {
|
|
// query.Result = fakeFolder
|
|
// getDashboardQueries = append(getDashboardQueries, query)
|
|
// return nil
|
|
// })
|
|
|
|
// viewerRole := m.ROLE_VIEWER
|
|
// editorRole := m.ROLE_EDITOR
|
|
|
|
// aclMockResp := []*m.DashboardAclInfoDTO{
|
|
// {Role: &viewerRole, Permission: m.PERMISSION_VIEW},
|
|
// {Role: &editorRole, Permission: m.PERMISSION_EDIT},
|
|
// }
|
|
|
|
// bus.AddHandler("test", func(query *m.GetDashboardAclInfoListQuery) error {
|
|
// query.Result = aclMockResp
|
|
// return nil
|
|
// })
|
|
|
|
// bus.AddHandler("test", func(query *m.GetTeamsByUserQuery) error {
|
|
// query.Result = []*m.Team{}
|
|
// return nil
|
|
// })
|
|
|
|
// cmd := m.CreateFolderCommand{
|
|
// Title: fakeFolder.Title,
|
|
// }
|
|
|
|
// updateFolderCmd := m.UpdateFolderCommand{
|
|
// Title: fakeFolder.Title,
|
|
// }
|
|
|
|
// Convey("When user is an Org Viewer", func() {
|
|
// role := m.ROLE_VIEWER
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// folder := getFolderShouldReturn200(sc)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
|
|
// Convey("Should not be able to edit or save folder", func() {
|
|
// So(folder.CanEdit, ShouldBeFalse)
|
|
// So(folder.CanSave, ShouldBeFalse)
|
|
// So(folder.CanAdmin, ShouldBeFalse)
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/1", "/api/folders/:id", role, func(sc *scenarioContext) {
|
|
// folder := getFolderShouldReturn200(sc)
|
|
|
|
// Convey("Should lookup folder by id", func() {
|
|
// So(getDashboardQueries[0].Id, ShouldEqual, 1)
|
|
// })
|
|
|
|
// Convey("Should not be able to edit or save folder", func() {
|
|
// So(folder.CanEdit, ShouldBeFalse)
|
|
// So(folder.CanSave, ShouldBeFalse)
|
|
// So(folder.CanAdmin, ShouldBeFalse)
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// callDeleteFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
|
|
// createFolderScenario("When calling POST on", "/api/folders", "/api/folders", role, cmd, func(sc *scenarioContext) {
|
|
// callCreateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
// })
|
|
|
|
// updateFolderScenario("When calling PUT on", "/api/folders/uid", "/api/folders/:uid", role, updateFolderCmd, func(sc *scenarioContext) {
|
|
// callUpdateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
// })
|
|
|
|
// Convey("When user is an Org Editor", func() {
|
|
// role := m.ROLE_EDITOR
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// folder := getFolderShouldReturn200(sc)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
|
|
// Convey("Should be able to edit or save folder", func() {
|
|
// So(folder.CanEdit, ShouldBeTrue)
|
|
// So(folder.CanSave, ShouldBeTrue)
|
|
// So(folder.CanAdmin, ShouldBeFalse)
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/1", "/api/folders/:id", role, func(sc *scenarioContext) {
|
|
// folder := getFolderShouldReturn200(sc)
|
|
|
|
// Convey("Should lookup folder by id", func() {
|
|
// So(getDashboardQueries[0].Id, ShouldEqual, 1)
|
|
// })
|
|
|
|
// Convey("Should be able to edit or save folder", func() {
|
|
// So(folder.CanEdit, ShouldBeTrue)
|
|
// So(folder.CanSave, ShouldBeTrue)
|
|
// So(folder.CanAdmin, ShouldBeFalse)
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// callDeleteFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 200)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
|
|
// createFolderScenario("When calling POST on", "/api/folders", "/api/folders", role, cmd, func(sc *scenarioContext) {
|
|
// callCreateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 200)
|
|
// })
|
|
|
|
// updateFolderScenario("When calling PUT on", "/api/folders/uid", "/api/folders/:uid", role, updateFolderCmd, func(sc *scenarioContext) {
|
|
// callUpdateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 200)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
// })
|
|
// })
|
|
|
|
// Convey("Given a folder which have an acl", t, func() {
|
|
// fakeFolder := m.NewDashboardFolder("Folder")
|
|
// fakeFolder.Id = 1
|
|
// fakeFolder.HasAcl = true
|
|
|
|
// var getDashboardQueries []*m.GetDashboardQuery
|
|
|
|
// bus.AddHandler("test", func(query *m.GetDashboardQuery) error {
|
|
// query.Result = fakeFolder
|
|
// getDashboardQueries = append(getDashboardQueries, query)
|
|
// return nil
|
|
// })
|
|
|
|
// aclMockResp := []*m.DashboardAclInfoDTO{
|
|
// {
|
|
// DashboardId: 1,
|
|
// Permission: m.PERMISSION_EDIT,
|
|
// UserId: 200,
|
|
// },
|
|
// }
|
|
|
|
// bus.AddHandler("test", func(query *m.GetDashboardAclInfoListQuery) error {
|
|
// query.Result = aclMockResp
|
|
// return nil
|
|
// })
|
|
|
|
// bus.AddHandler("test", func(query *m.GetTeamsByUserQuery) error {
|
|
// query.Result = []*m.Team{}
|
|
// return nil
|
|
// })
|
|
|
|
// cmd := m.CreateFolderCommand{
|
|
// Title: fakeFolder.Title,
|
|
// }
|
|
|
|
// updateFolderCmd := m.UpdateFolderCommand{
|
|
// Title: fakeFolder.Title,
|
|
// }
|
|
|
|
// Convey("When user is an Org Viewer and has no permissions for this folder", func() {
|
|
// role := m.ROLE_VIEWER
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// callGetFolder(sc)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
|
|
// Convey("Should be denied access", func() {
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/1", "/api/folders/:id", role, func(sc *scenarioContext) {
|
|
// callGetFolder(sc)
|
|
|
|
// Convey("Should lookup folder by id", func() {
|
|
// So(getDashboardQueries[0].Id, ShouldEqual, 1)
|
|
// })
|
|
|
|
// Convey("Should be denied access", func() {
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// callDeleteFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
|
|
// createFolderScenario("When calling POST on", "/api/folders", "/api/folders", role, cmd, func(sc *scenarioContext) {
|
|
// callCreateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
// })
|
|
|
|
// updateFolderScenario("When calling PUT on", "/api/folders/uid", "/api/folders/:uid", role, updateFolderCmd, func(sc *scenarioContext) {
|
|
// callUpdateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
// })
|
|
|
|
// Convey("When user is an Org Editor and has no permissions for this folder", func() {
|
|
// role := m.ROLE_EDITOR
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// callGetFolder(sc)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
|
|
// Convey("Should be denied access", func() {
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/folders/1", "/api/folders/:id", role, func(sc *scenarioContext) {
|
|
// callGetFolder(sc)
|
|
|
|
// Convey("Should lookup folder by id", func() {
|
|
// So(getDashboardQueries[0].Id, ShouldEqual, 1)
|
|
// })
|
|
|
|
// Convey("Should be denied access", func() {
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
// })
|
|
// })
|
|
|
|
// loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/folders/uid", "/api/folders/:uid", role, func(sc *scenarioContext) {
|
|
// callDeleteFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
|
|
// createFolderScenario("When calling POST on", "/api/folders", "/api/folders", role, cmd, func(sc *scenarioContext) {
|
|
// callCreateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
// })
|
|
|
|
// updateFolderScenario("When calling PUT on", "/api/folders/uid", "/api/folders/:uid", role, updateFolderCmd, func(sc *scenarioContext) {
|
|
// callUpdateFolder(sc)
|
|
// So(sc.resp.Code, ShouldEqual, 403)
|
|
|
|
// Convey("Should lookup folder by uid", func() {
|
|
// So(getDashboardQueries[0].Uid, ShouldEqual, "uid")
|
|
// })
|
|
// })
|
|
// })
|
|
// })
|
|
// }
|
|
|
|
// func getFolderShouldReturn200(sc *scenarioContext) dtos.Folder {
|
|
// callGetFolder(sc)
|
|
|
|
// So(sc.resp.Code, ShouldEqual, 200)
|
|
|
|
// folder := dtos.Folder{}
|
|
// err := json.NewDecoder(sc.resp.Body).Decode(&folder)
|
|
// So(err, ShouldBeNil)
|
|
|
|
// return folder
|
|
// }
|
|
|
|
// func callGetFolder(sc *scenarioContext) {
|
|
// sc.handlerFunc = GetFolder
|
|
// sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
|
|
// }
|
|
|
|
// func callDeleteFolder(sc *scenarioContext) {
|
|
// bus.AddHandler("test", func(cmd *m.DeleteDashboardCommand) error {
|
|
// return nil
|
|
// })
|
|
|
|
// sc.handlerFunc = DeleteFolder
|
|
// sc.fakeReqWithParams("DELETE", sc.url, map[string]string{}).exec()
|
|
// }
|
|
|
|
// func callCreateFolder(sc *scenarioContext) {
|
|
// bus.AddHandler("test", func(cmd *m.SaveDashboardCommand) error {
|
|
// cmd.Result = &m.Dashboard{Id: 1, Slug: "folder", Version: 2}
|
|
// return nil
|
|
// })
|
|
|
|
// sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
|
|
// }
|
|
|
|
// func callUpdateFolder(sc *scenarioContext) {
|
|
// bus.AddHandler("test", func(cmd *m.SaveDashboardCommand) error {
|
|
// cmd.Result = &m.Dashboard{Id: 1, Slug: "folder", Version: 2}
|
|
// return nil
|
|
// })
|
|
|
|
// sc.fakeReqWithParams("PUT", sc.url, map[string]string{}).exec()
|
|
// }
|
|
|
|
// func createFolderScenario(desc string, url string, routePattern string, role m.RoleType, cmd m.CreateFolderCommand, fn scenarioFunc) {
|
|
// Convey(desc+" "+url, func() {
|
|
// defer bus.ClearBusHandlers()
|
|
|
|
// sc := &scenarioContext{
|
|
// url: url,
|
|
// }
|
|
// viewsPath, _ := filepath.Abs("../../public/views")
|
|
|
|
// sc.m = macaron.New()
|
|
// sc.m.Use(macaron.Renderer(macaron.RenderOptions{
|
|
// Directory: viewsPath,
|
|
// Delims: macaron.Delims{Left: "[[", Right: "]]"},
|
|
// }))
|
|
|
|
// sc.m.Use(middleware.GetContextHandler())
|
|
// sc.m.Use(middleware.Sessioner(&session.Options{}))
|
|
|
|
// sc.defaultHandler = wrap(func(c *middleware.Context) Response {
|
|
// sc.context = c
|
|
// sc.context.UserId = TestUserID
|
|
// sc.context.OrgId = TestOrgID
|
|
// sc.context.OrgRole = role
|
|
|
|
// return CreateFolder(c, cmd)
|
|
// })
|
|
|
|
// fakeRepo = &fakeDashboardRepo{}
|
|
// dashboards.SetRepository(fakeRepo)
|
|
|
|
// sc.m.Post(routePattern, sc.defaultHandler)
|
|
|
|
// fn(sc)
|
|
// })
|
|
// }
|
|
|
|
// func updateFolderScenario(desc string, url string, routePattern string, role m.RoleType, cmd m.UpdateFolderCommand, fn scenarioFunc) {
|
|
// Convey(desc+" "+url, func() {
|
|
// defer bus.ClearBusHandlers()
|
|
|
|
// sc := &scenarioContext{
|
|
// url: url,
|
|
// }
|
|
// viewsPath, _ := filepath.Abs("../../public/views")
|
|
|
|
// sc.m = macaron.New()
|
|
// sc.m.Use(macaron.Renderer(macaron.RenderOptions{
|
|
// Directory: viewsPath,
|
|
// Delims: macaron.Delims{Left: "[[", Right: "]]"},
|
|
// }))
|
|
|
|
// sc.m.Use(middleware.GetContextHandler())
|
|
// sc.m.Use(middleware.Sessioner(&session.Options{}))
|
|
|
|
// sc.defaultHandler = wrap(func(c *middleware.Context) Response {
|
|
// sc.context = c
|
|
// sc.context.UserId = TestUserID
|
|
// sc.context.OrgId = TestOrgID
|
|
// sc.context.OrgRole = role
|
|
|
|
// return UpdateFolder(c, cmd)
|
|
// })
|
|
|
|
// fakeRepo = &fakeDashboardRepo{}
|
|
// dashboards.SetRepository(fakeRepo)
|
|
|
|
// sc.m.Put(routePattern, sc.defaultHandler)
|
|
|
|
// fn(sc)
|
|
// })
|
|
// }
|
|
|
|
type fakeFolderService struct {
|
|
GetFoldersResult []*models.Folder
|
|
GetFoldersError error
|
|
GetFolderByUidResult *models.Folder
|
|
GetFolderByUidError error
|
|
GetFolderByIdResult *models.Folder
|
|
GetFolderByIdError error
|
|
CreateFolderError error
|
|
UpdateFolderError error
|
|
DeleteFolderResult *models.Folder
|
|
DeleteFolderError error
|
|
CreatedFolders []*models.CreateFolderCommand
|
|
UpdatedFolders []*models.UpdateFolderCommand
|
|
DeletedFolderUids []string
|
|
}
|
|
|
|
func (s *fakeFolderService) GetFolders(limit int) ([]*models.Folder, error) {
|
|
return s.GetFoldersResult, s.GetFoldersError
|
|
}
|
|
|
|
func (s *fakeFolderService) GetFolderById(id int64) (*models.Folder, error) {
|
|
return s.GetFolderByIdResult, s.GetFolderByIdError
|
|
}
|
|
|
|
func (s *fakeFolderService) GetFolderByUid(uid string) (*models.Folder, error) {
|
|
return s.GetFolderByUidResult, s.GetFolderByUidError
|
|
}
|
|
|
|
func (s *fakeFolderService) CreateFolder(cmd *models.CreateFolderCommand) error {
|
|
return s.CreateFolderError
|
|
}
|
|
|
|
func (s *fakeFolderService) UpdateFolder(existingUid string, cmd *models.UpdateFolderCommand) error {
|
|
return s.UpdateFolderError
|
|
}
|
|
|
|
func (s *fakeFolderService) DeleteFolder(uid string) (*models.Folder, error) {
|
|
s.DeletedFolderUids = append(s.DeletedFolderUids, uid)
|
|
return s.DeleteFolderResult, s.DeleteFolderError
|
|
}
|
|
|
|
func mockFolderService(mock *fakeFolderService) {
|
|
dashboards.NewFolderService = func(orgId int64, user *models.SignedInUser) dashboards.FolderService {
|
|
return mock
|
|
}
|
|
}
|