mirror of
https://github.com/grafana/grafana.git
synced 2025-07-29 14:42:18 +08:00
a21a232a8e
* Revert "chore: add replDB to team service (#91799)" This reverts commit c6ae2d7999aa6fc797db39e9d66c6fea70278f83. * Revert "experiment: use read replica for Get and Find Dashboards (#91706)" This reverts commit 54177ca619dbb5ded2dcb158405802d8dbdbc982. * Revert "QuotaService: refactor to use ReplDB for Get queries (#91333)" This reverts commit 299c142f6a6e8c5673cfdea9f87b56ac304f9834. * Revert "refactor replCfg to look more like plugins/plugin config (#91142)" This reverts commit ac0b4bb34d495914cbe8daad85b7c75c31e8070d. * Revert "chore (replstore): fix registration with multiple sql drivers, again (#90990)" This reverts commit daedb358dded00d349d9fac6106aaaa6bf18322e. * Revert "Chore (sqlstore): add validation and testing for repl config (#90683)" This reverts commit af19f039b62d9945377292a8e679ee258fd56b3d. * Revert "ReplStore: Add support for round robin load balancing between multiple read replicas (#90530)" This reverts commit 27b52b1507f5218a7b38046b4d96bc004d949d46. * Revert "DashboardStore: Use ReplDB and get dashboard quotas from the ReadReplica (#90235)" This reverts commit 8a6107cd35f6444c0674ee4230d3d6bcfbbd4a58. * Revert "accesscontrol service read replica (#89963)" This reverts commit 77a4869fcadf13827d76d5767d4de74812d6dd6d. * Revert "Fix: add mapping for the new mysqlRepl driver (#89551)" This reverts commit ab5a079bcc5b0f0a6929f0a3742eb2859d4a3498. * Revert "fix: sql instrumentation dual registration error (#89508)" This reverts commit d988f5c3b064fade6e96511e0024190c22d48e50. * Revert "Experimental Feature Toggle: databaseReadReplica (#89232)" This reverts commit 50244ed4a1435cbf3e3c87d4af34fd7937f7c259.
129 lines
3.7 KiB
Go
129 lines
3.7 KiB
Go
package migrator
|
|
|
|
import (
|
|
"context"
|
|
"time"
|
|
|
|
"github.com/grafana/grafana/pkg/infra/db"
|
|
"github.com/grafana/grafana/pkg/infra/log"
|
|
ac "github.com/grafana/grafana/pkg/services/accesscontrol"
|
|
"github.com/grafana/grafana/pkg/services/sqlstore"
|
|
"github.com/grafana/grafana/pkg/services/sqlstore/session"
|
|
)
|
|
|
|
var (
|
|
batchSize = 1000
|
|
)
|
|
|
|
const (
|
|
maxLen = 40
|
|
)
|
|
|
|
func MigrateScopeSplit(db db.DB, log log.Logger) error {
|
|
t := time.Now()
|
|
ctx := context.Background()
|
|
cnt := 0
|
|
|
|
// Search for the permissions to update
|
|
var permissions []ac.Permission
|
|
if errFind := db.WithTransactionalDbSession(ctx, func(sess *sqlstore.DBSession) error {
|
|
return sess.SQL("SELECT * FROM permission WHERE NOT scope = '' AND identifier = ''").Find(&permissions)
|
|
}); errFind != nil {
|
|
log.Error("Could not search for permissions to update", "migration", "scopeSplit", "error", errFind)
|
|
return errFind
|
|
}
|
|
|
|
if len(permissions) == 0 {
|
|
log.Debug("No permission require a scope split", "migration", "scopeSplit")
|
|
return nil
|
|
}
|
|
|
|
errBatchUpdate := batch(len(permissions), batchSize, func(start, end int) error {
|
|
n := end - start
|
|
|
|
// IDs to remove
|
|
delQuery := "DELETE FROM permission WHERE id IN ("
|
|
delArgs := make([]any, 0, n)
|
|
|
|
// Query to insert the updated permissions
|
|
insertQuery := "INSERT INTO permission (id, role_id, action, scope, kind, attribute, identifier, created, updated) VALUES "
|
|
insertArgs := make([]any, 0, 9*n)
|
|
|
|
// Prepare batch of updated permissions
|
|
for i := start; i < end; i++ {
|
|
kind, attribute, identifier := permissions[i].SplitScope()
|
|
|
|
// Trim to max length to avoid bootloop.
|
|
// too long scopes will be truncated and the permission will become invalid.
|
|
kind = trimToMaxLen(kind, maxLen)
|
|
attribute = trimToMaxLen(attribute, maxLen)
|
|
identifier = trimToMaxLen(identifier, maxLen)
|
|
|
|
delQuery += "?,"
|
|
delArgs = append(delArgs, permissions[i].ID)
|
|
|
|
insertQuery += "(?, ?, ?, ?, ?, ?, ?, ?, ?),"
|
|
insertArgs = append(insertArgs, permissions[i].ID, permissions[i].RoleID,
|
|
permissions[i].Action, permissions[i].Scope,
|
|
kind, attribute, identifier,
|
|
permissions[i].Created, t,
|
|
)
|
|
}
|
|
// Remove trailing ','
|
|
insertQuery = insertQuery[:len(insertQuery)-1]
|
|
|
|
// Remove trailing ',' and close brackets
|
|
delQuery = delQuery[:len(delQuery)-1] + ")"
|
|
|
|
// Batch update the permissions
|
|
if errBatchUpdate := db.GetSqlxSession().WithTransaction(ctx, func(tx *session.SessionTx) error {
|
|
if _, errDel := tx.Exec(ctx, delQuery, delArgs...); errDel != nil {
|
|
log.Error("Error deleting permissions", "migration", "scopeSplit", "error", errDel)
|
|
return errDel
|
|
}
|
|
if _, errInsert := tx.Exec(ctx, insertQuery, insertArgs...); errInsert != nil {
|
|
log.Error("Error saving permissions", "migration", "scopeSplit", "error", errInsert)
|
|
return errInsert
|
|
}
|
|
return nil
|
|
}); errBatchUpdate != nil {
|
|
log.Error("Error updating permission batch", "migration", "scopeSplit", "start", start, "end", end)
|
|
return errBatchUpdate
|
|
}
|
|
|
|
cnt += end - start
|
|
return nil
|
|
})
|
|
if errBatchUpdate != nil {
|
|
log.Error("Could not migrate permissions", "migration", "scopeSplit", "total", len(permissions), "succeeded", cnt, "left", len(permissions)-cnt, "error", errBatchUpdate)
|
|
return errBatchUpdate
|
|
}
|
|
|
|
log.Debug("Migrated permissions", "migration", "scopeSplit", "total", len(permissions), "succeeded", cnt, "in", time.Since(t))
|
|
return nil
|
|
}
|
|
|
|
func batch(count, batchSize int, eachFn func(start, end int) error) error {
|
|
for i := 0; i < count; {
|
|
end := i + batchSize
|
|
if end > count {
|
|
end = count
|
|
}
|
|
|
|
if err := eachFn(i, end); err != nil {
|
|
return err
|
|
}
|
|
|
|
i = end
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func trimToMaxLen(s string, maxLen int) string {
|
|
if len(s) > maxLen {
|
|
return s[:maxLen]
|
|
}
|
|
return s
|
|
}
|