首頁 探索 說明
註冊 登入
oscarleiva
/
energylink
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
瀏覽代碼

folders: changed api urls for dashboard acls

Torkel Ödegaard 8 年之前
父節點
c4a1803060
當前提交
aaf2a897b0
共有 6 個文件被更改,包括 37 次插入61 次删除
分割檢視 顯示文件統計
  1. 11 11
      pkg/api/api.go
  2. 6 25
      pkg/api/dashboard_acl.go
  3. 12 12
      pkg/api/dashboard_acl_test.go
  4. 2 5
      pkg/models/dashboard_acl.go
  5. 2 2
      pkg/services/sqlstore/dashboard_acl.go
  6. 4 6
      pkg/services/sqlstore/dashboard_acl_test.go

+ 11 - 11
pkg/api/api.go
查看文件 

@@ -235,24 +235,24 @@ func (hs *HttpServer) registerRoutes() {
 
 		// Dashboard
 
 		r.Group("/dashboards", func() {
 
 			r.Combo("/db/:slug").Get(wrap(GetDashboard)).Delete(wrap(DeleteDashboard))
 
-
 
-			r.Get("/id/:dashboardId/versions", wrap(GetDashboardVersions))
 
-			r.Get("/id/:dashboardId/versions/:id", wrap(GetDashboardVersion))
 
-			r.Post("/id/:dashboardId/restore", reqEditorRole, bind(dtos.RestoreDashboardVersionCommand{}), wrap(RestoreDashboardVersion))
 
+			r.Post("/db", bind(m.SaveDashboardCommand{}), wrap(PostDashboard))
 
 
 			r.Post("/calculate-diff", bind(dtos.CalculateDiffOptions{}), wrap(CalculateDashboardDiff))
 
-
 
-			r.Post("/db", bind(m.SaveDashboardCommand{}), wrap(PostDashboard))
 
 			r.Get("/file/:file", GetDashboardFromJsonFile)
 
 			r.Get("/home", wrap(GetHomeDashboard))
 
 			r.Get("/tags", GetDashboardTags)
 
 			r.Post("/import", bind(dtos.ImportDashboardCommand{}), wrap(ImportDashboard))
 
 
-			r.Group("/:id/acl", func() {
 
-				r.Get("/", wrap(GetDashboardAcl))
 
-				r.Post("/", quota("acl"), bind(m.SetDashboardAclCommand{}), wrap(PostDashboardAcl))
 
-				r.Delete("/user/:userId", wrap(DeleteDashboardAclByUser))
 
-				r.Delete("/user-group/:userGroupId", wrap(DeleteDashboardAclByUserGroup))
 
+			r.Group("/id/:dashboardId", func() {
 
+				r.Get("/versions", wrap(GetDashboardVersions))
 
+				r.Get("/versions/:id", wrap(GetDashboardVersion))
 
+				r.Post("/restore", bind(dtos.RestoreDashboardVersionCommand{}), wrap(RestoreDashboardVersion))
 
+
 
+				r.Group("/acl", func() {
 
+					r.Get("/", wrap(GetDashboardAclList))
 
+					r.Post("/", bind(m.SetDashboardAclCommand{}), wrap(PostDashboardAcl))
 
+					r.Delete("/:aclId", wrap(DeleteDashboardAcl))
 
+				})
 
 			}, reqSignedIn)
 
 		})

+ 6 - 25
pkg/api/dashboard_acl.go
查看文件 

@@ -9,8 +9,8 @@ import (
 
 	"github.com/grafana/grafana/pkg/util"
 
 )
 
 
-func GetDashboardAcl(c *middleware.Context) Response {
 
-	dashId := c.ParamsInt64(":id")
 
+func GetDashboardAclList(c *middleware.Context) Response {
 
+	dashId := c.ParamsInt64(":dashboardId")
 
 
 	guardian := guardian.NewDashboardGuardian(dashId, c.OrgId, c.SignedInUser)
 
 
@@ -52,35 +52,16 @@ func PostDashboardAcl(c *middleware.Context, cmd m.SetDashboardAclCommand) Respo
 
 	})
 
 }
 
 
-func DeleteDashboardAclByUser(c *middleware.Context) Response {
 
-	dashId := c.ParamsInt64(":id")
 
-	userId := c.ParamsInt64(":userId")
 
-
 
-	guardian := guardian.NewDashboardGuardian(dashId, c.OrgId, c.SignedInUser)
 
-	if canSave, err := guardian.CanSave(); err != nil || !canSave {
 
-		return dashboardGuardianResponse(err)
 
-	}
 
-
 
-	cmd := m.RemoveDashboardAclCommand{DashboardId: dashId, UserId: userId, OrgId: c.OrgId}
 
-
 
-	if err := bus.Dispatch(&cmd); err != nil {
 
-		return ApiError(500, "Failed to delete permission for user", err)
 
-	}
 
-
 
-	return Json(200, "")
 
-}
 
-
 
-func DeleteDashboardAclByUserGroup(c *middleware.Context) Response {
 
-	dashId := c.ParamsInt64(":id")
 
-	userGroupId := c.ParamsInt64(":userGroupId")
 
+func DeleteDashboardAcl(c *middleware.Context) Response {
 
+	dashId := c.ParamsInt64(":dashboardId")
 
+	aclId := c.ParamsInt64(":aclId")
 
 
 	guardian := guardian.NewDashboardGuardian(dashId, c.OrgId, c.SignedInUser)
 
 	if canSave, err := guardian.CanSave(); err != nil || !canSave {
 
 		return dashboardGuardianResponse(err)
 
 	}
 
 
-	cmd := m.RemoveDashboardAclCommand{DashboardId: dashId, UserGroupId: userGroupId, OrgId: c.OrgId}
 
-
 
+	cmd := m.RemoveDashboardAclCommand{OrgId: c.OrgId, AclId: aclId}
 
 	if err := bus.Dispatch(&cmd); err != nil {
 
 		return ApiError(500, "Failed to delete permission for user", err)
 
 	}

+ 12 - 12
pkg/api/dashboard_acl_test.go
查看文件 

@@ -42,9 +42,9 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
 
 		})
 
 
 		Convey("When user is org admin", func() {
 
-			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/1/acl", "/api/dashboards/:id/acl", models.ROLE_ADMIN, func(sc *scenarioContext) {
 
+			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardsId/acl", models.ROLE_ADMIN, func(sc *scenarioContext) {
 
 				Convey("Should be able to access ACL", func() {
 
-					sc.handlerFunc = GetDashboardAcl
 
+					sc.handlerFunc = GetDashboardAclList
 
 					sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
 
 
 					So(sc.resp.Code, ShouldEqual, 200)
 
@@ -58,18 +58,18 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
 
 		})
 
 
 		Convey("When user is editor and in the ACL", func() {
 
-			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/1/acl", "/api/dashboards/:id/acl", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
+			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardId/acl", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
 				mockResult = append(mockResult, &models.DashboardAcl{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permissions: models.PERMISSION_EDIT})
 
 
 				Convey("Should be able to access ACL", func() {
 
-					sc.handlerFunc = GetDashboardAcl
 
+					sc.handlerFunc = GetDashboardAclList
 
 					sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
 
 
 					So(sc.resp.Code, ShouldEqual, 200)
 
 				})
 
 			})
 
 
-			loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/1/acl/user/1", "/api/dashboards/:id/acl/user/:userId", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
+			loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/id/1/acl/1", "/api/dashboards/id/:dashboardId/acl/:aclId", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
 				mockResult = append(mockResult, &models.DashboardAcl{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permissions: models.PERMISSION_EDIT})
 
 
 				bus.AddHandler("test3", func(cmd *models.RemoveDashboardAclCommand) error {
 
@@ -77,7 +77,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
 
 				})
 
 
 				Convey("Should be able to delete permission", func() {
 
-					sc.handlerFunc = DeleteDashboardAclByUser
 
+					sc.handlerFunc = DeleteDashboardAcl
 
 					sc.fakeReqWithParams("DELETE", sc.url, map[string]string{}).exec()
 
 
 					So(sc.resp.Code, ShouldEqual, 200)
 
@@ -85,7 +85,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
 
 			})
 
 
 			Convey("When user is a member of a user group in the ACL with edit permission", func() {
 
-				loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/1/acl/user/1", "/api/dashboards/:id/acl/user/:userId", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
+				loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/id/1/acl/1", "/api/dashboards/id/:dashboardsId/acl/:aclId", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
 					userGroupResp = append(userGroupResp, &models.UserGroup{Id: 1, OrgId: 1, Name: "UG1"})
 
 
 					bus.AddHandler("test3", func(cmd *models.RemoveDashboardAclCommand) error {
 
@@ -93,7 +93,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
 
 					})
 
 
 					Convey("Should be able to delete permission", func() {
 
-						sc.handlerFunc = DeleteDashboardAclByUser
 
+						sc.handlerFunc = DeleteDashboardAcl
 
 						sc.fakeReqWithParams("DELETE", sc.url, map[string]string{}).exec()
 
 
 						So(sc.resp.Code, ShouldEqual, 200)
 
@@ -103,24 +103,24 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
 
 		})
 
 
 		Convey("When user is editor and not in the ACL", func() {
 
-			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/1/acl", "/api/dashboards/:id/acl", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
+			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardsId/acl", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
 
 				Convey("Should not be able to access ACL", func() {
 
-					sc.handlerFunc = GetDashboardAcl
 
+					sc.handlerFunc = GetDashboardAclList
 
 					sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
 
 
 					So(sc.resp.Code, ShouldEqual, 403)
 
 				})
 
 			})
 
 
-			loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/1/acl/user/1", "/api/dashboards/:id/acl/user/:userId", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
+			loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/id/1/acl/user/1", "/api/dashboards/id/:dashboardsId/acl/user/:userId", models.ROLE_EDITOR, func(sc *scenarioContext) {
 
 				mockResult = append(mockResult, &models.DashboardAcl{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permissions: models.PERMISSION_VIEW})
 
 				bus.AddHandler("test3", func(cmd *models.RemoveDashboardAclCommand) error {
 
 					return nil
 
 				})
 
 
 				Convey("Should be not be able to delete permission", func() {
 
-					sc.handlerFunc = DeleteDashboardAclByUser
 
+					sc.handlerFunc = DeleteDashboardAcl
 
 					sc.fakeReqWithParams("DELETE", sc.url, map[string]string{}).exec()
 
 
 					So(sc.resp.Code, ShouldEqual, 403)

+ 2 - 5
pkg/models/dashboard_acl.go
查看文件 

@@ -73,11 +73,8 @@ type SetDashboardAclCommand struct {
 
 }
 
 
 type RemoveDashboardAclCommand struct {
 
-	DashboardId int64 `json:"dashboardId" binding:"Required"`
 
-	UserId      int64 `json:"userId"`
 
-	UserGroupId int64 `json:"userGroupId"`
 
-
 
-	OrgId int64 `json:"-"`
 
+	AclId int64
 
+	OrgId int64
 
 }
 
 
 //

+ 2 - 2
pkg/services/sqlstore/dashboard_acl.go
查看文件 

@@ -76,8 +76,8 @@ func SetDashboardAcl(cmd *m.SetDashboardAclCommand) error {
 
 
 func RemoveDashboardAcl(cmd *m.RemoveDashboardAclCommand) error {
 
 	return inTransaction(func(sess *DBSession) error {
 
-		var rawSQL = "DELETE FROM " + dialect.Quote("dashboard_acl") + " WHERE dashboard_id =? and (user_group_id=? or user_id=?)"
 
-		_, err := sess.Exec(rawSQL, cmd.DashboardId, cmd.UserGroupId, cmd.UserId)
 
+		var rawSQL = "DELETE FROM " + dialect.Quote("dashboard_acl") + " WHERE org_id =? and id=?"
 
+		_, err := sess.Exec(rawSQL, cmd.OrgId, cmd.AclId)
 
 		if err != nil {
 
 			return err
 
 		}

+ 4 - 6
pkg/services/sqlstore/dashboard_acl_test.go
查看文件 

@@ -114,9 +114,8 @@ func TestDashboardAclDataAccess(t *testing.T) {
 
 
 				Convey("Should be able to delete an existing permission", func() {
 
 					err := RemoveDashboardAcl(&m.RemoveDashboardAclCommand{
 
-						OrgId:       1,
 
-						UserId:      1,
 
-						DashboardId: savedFolder.Id,
 
+						OrgId: 1,
 
+						AclId: 1,
 
 					})
 
 					So(err, ShouldBeNil)
 
 
@@ -170,9 +169,8 @@ func TestDashboardAclDataAccess(t *testing.T) {
 
 
 				Convey("Should be able to delete an existing permission for a user group", func() {
 
 					err := RemoveDashboardAcl(&m.RemoveDashboardAclCommand{
 
-						OrgId:       1,
 
-						UserGroupId: group1.Result.Id,
 
-						DashboardId: savedFolder.Id,
 
+						OrgId: 1,
 
+						AclId: 1,
 
 					})
 
 					So(err, ShouldBeNil)