grafana/pkg/services/ngalert/api/testing.go

package api

import (
	"context"
	"fmt"
	"sync"
	"testing"
	"time"

	"github.com/grafana/grafana-plugin-sdk-go/data"

	"github.com/grafana/grafana/pkg/services/accesscontrol"
	"github.com/grafana/grafana/pkg/services/auth/identity"
	"github.com/grafana/grafana/pkg/services/ngalert/eval"
	"github.com/grafana/grafana/pkg/services/ngalert/models"
	"github.com/grafana/grafana/pkg/services/ngalert/state"
	"github.com/grafana/grafana/pkg/services/ngalert/store"
	"github.com/grafana/grafana/pkg/services/user"
)

type fakeAlertInstanceManager struct {
	mtx sync.Mutex
	// orgID -> RuleID -> States
	states map[int64]map[string][]*state.State
}

func NewFakeAlertInstanceManager(t *testing.T) *fakeAlertInstanceManager {
	t.Helper()

	return &fakeAlertInstanceManager{
		states: map[int64]map[string][]*state.State{},
	}
}

func (f *fakeAlertInstanceManager) GetAll(orgID int64) []*state.State {
	f.mtx.Lock()
	defer f.mtx.Unlock()
	var s []*state.State

	for orgID := range f.states {
		for _, states := range f.states[orgID] {
			s = append(s, states...)
		}
	}

	return s
}

func (f *fakeAlertInstanceManager) GetStatesForRuleUID(orgID int64, alertRuleUID string) []*state.State {
	f.mtx.Lock()
	defer f.mtx.Unlock()
	return f.states[orgID][alertRuleUID]
}

// forEachState represents the callback used when generating alert instances that allows us to modify the generated result
type forEachState func(s *state.State) *state.State

func (f *fakeAlertInstanceManager) GenerateAlertInstances(orgID int64, alertRuleUID string, count int, callbacks ...forEachState) {
	f.mtx.Lock()
	defer f.mtx.Unlock()

	evaluationTime := timeNow()
	evaluationDuration := 1 * time.Minute

	for i := 0; i < count; i++ {
		_, ok := f.states[orgID]
		if !ok {
			f.states[orgID] = map[string][]*state.State{}
		}
		_, ok = f.states[orgID][alertRuleUID]
		if !ok {
			f.states[orgID][alertRuleUID] = []*state.State{}
		}

		newState := &state.State{
			AlertRuleUID: alertRuleUID,
			OrgID:        1,
			Labels: data.Labels{
				"__alert_rule_namespace_uid__": "test_namespace_uid",
				"__alert_rule_uid__":           fmt.Sprintf("test_alert_rule_uid_%v", i),
				"alertname":                    fmt.Sprintf("test_title_%v", i),
				"label":                        "test",
				"instance_label":               "test",
			},
			State: eval.Normal,
			Results: []state.Evaluation{
				{
					EvaluationTime:  evaluationTime,
					EvaluationState: eval.Normal,
					Values:          make(map[string]*float64),
				},
				{
					EvaluationTime:  evaluationTime.Add(1 * time.Minute),
					EvaluationState: eval.Normal,
					Values:          make(map[string]*float64),
				},
			},
			LastEvaluationTime: evaluationTime.Add(1 * time.Minute),
			EvaluationDuration: evaluationDuration,
			Annotations:        map[string]string{"annotation": "test"},
		}

		if len(callbacks) != 0 {
			for _, cb := range callbacks {
				newState = cb(newState)
			}
		}

		f.states[orgID][alertRuleUID] = append(f.states[orgID][alertRuleUID], newState)
	}
}

type recordingAccessControlFake struct {
	Disabled           bool
	EvaluateRecordings []struct {
		User      *user.SignedInUser
		Evaluator accesscontrol.Evaluator
	}
	Callback func(user *user.SignedInUser, evaluator accesscontrol.Evaluator) (bool, error)
}

func (a *recordingAccessControlFake) Evaluate(ctx context.Context, ur identity.Requester, evaluator accesscontrol.Evaluator) (bool, error) {
	u := ur.(*user.SignedInUser)
	a.EvaluateRecordings = append(a.EvaluateRecordings, struct {
		User      *user.SignedInUser
		Evaluator accesscontrol.Evaluator
	}{User: u, Evaluator: evaluator})
	if a.Callback == nil {
		return false, nil
	}
	return a.Callback(u, evaluator)
}

func (a *recordingAccessControlFake) RegisterScopeAttributeResolver(prefix string, resolver accesscontrol.ScopeAttributeResolver) {
	// TODO implement me
	panic("implement me")
}

func (a *recordingAccessControlFake) IsDisabled() bool {
	return a.Disabled
}

var _ accesscontrol.AccessControl = &recordingAccessControlFake{}

type fakeRuleAccessControlService struct {
}

func (f fakeRuleAccessControlService) HasAccessToRuleGroup(ctx context.Context, user identity.Requester, rules models.RulesGroup) (bool, error) {
	return true, nil
}

func (f fakeRuleAccessControlService) AuthorizeAccessToRuleGroup(ctx context.Context, user identity.Requester, rules models.RulesGroup) error {
	return nil
}

func (f fakeRuleAccessControlService) AuthorizeRuleChanges(ctx context.Context, user identity.Requester, change *store.GroupDelta) error {
	return nil
}

func (f fakeRuleAccessControlService) AuthorizeDatasourceAccessForRule(ctx context.Context, user identity.Requester, rule *models.AlertRule) error {
	return nil
}
Alerting: Allow configuration of non-ready alertmanagers (#43063) * Create API test for overwriting invalid alertmanager config * Avoid requiring alertmanager readiness for config changes * AlertmanagerSrv depends on functionality rather than concrete types * Add test for non-ready alertmanagers * Additional cleanup and polish * Back out previous integration test changes * Refactor of tests incorrectly caused a test to become redundant * Use pre-existing fake secret service * Drop unused interface * Test against concrete MultiOrgAlertmanager re-using fake infra from other tests * Fix linter error * Empty commit to rerun checks 2021-12-27 17:01:17 -06:00			`package api`

			`import (`
Alerting: Export contact points to check access control action instead legacy role (#71990) * introduce a new action "alert.provisioning.secrets:read" and role "fixed:alerting.provisioning.secrets:reader" * update alerting API authorization layer to let the user read provisioning with the new action * let new action use decrypt flag * add action and role to docs 2023-08-08 11:29:34 -05:00			`"context"`
Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`"fmt"`
			`"sync"`
Alerting: Allow configuration of non-ready alertmanagers (#43063) * Create API test for overwriting invalid alertmanager config * Avoid requiring alertmanager readiness for config changes * AlertmanagerSrv depends on functionality rather than concrete types * Add test for non-ready alertmanagers * Additional cleanup and polish * Back out previous integration test changes * Refactor of tests incorrectly caused a test to become redundant * Use pre-existing fake secret service * Drop unused interface * Test against concrete MultiOrgAlertmanager re-using fake infra from other tests * Fix linter error * Empty commit to rerun checks 2021-12-27 17:01:17 -06:00			`"testing"`
Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`"time"`
Alerting: Allow configuration of non-ready alertmanagers (#43063) * Create API test for overwriting invalid alertmanager config * Avoid requiring alertmanager readiness for config changes * AlertmanagerSrv depends on functionality rather than concrete types * Add test for non-ready alertmanagers * Additional cleanup and polish * Back out previous integration test changes * Refactor of tests incorrectly caused a test to become redundant * Use pre-existing fake secret service * Drop unused interface * Test against concrete MultiOrgAlertmanager re-using fake infra from other tests * Fix linter error * Empty commit to rerun checks 2021-12-27 17:01:17 -06:00
Chore: Fix goimports grouping in alerting (#62424) * fix goimports * fix goimports order 2023-01-30 02:55:35 -06:00			`"github.com/grafana/grafana-plugin-sdk-go/data"`

Alerting: Export contact points to check access control action instead legacy role (#71990) * introduce a new action "alert.provisioning.secrets:read" and role "fixed:alerting.provisioning.secrets:reader" * update alerting API authorization layer to let the user read provisioning with the new action * let new action use decrypt flag * add action and role to docs 2023-08-08 11:29:34 -05:00			`"github.com/grafana/grafana/pkg/services/accesscontrol"`
Chore: Fix ngalert Evaluate signature change (#73084) fix ngalert Evaluate sig change 2023-08-09 04:27:14 -05:00			`"github.com/grafana/grafana/pkg/services/auth/identity"`
Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`"github.com/grafana/grafana/pkg/services/ngalert/eval"`
Alerting: Extract alerting rules authorization logic to a service (#77006) * extract alerting authorization logic to separate package * convert authorization logic to service 2023-11-15 10:54:54 -06:00			`"github.com/grafana/grafana/pkg/services/ngalert/models"`
Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`"github.com/grafana/grafana/pkg/services/ngalert/state"`
Alerting: Extract alerting rules authorization logic to a service (#77006) * extract alerting authorization logic to separate package * convert authorization logic to service 2023-11-15 10:54:54 -06:00			`"github.com/grafana/grafana/pkg/services/ngalert/store"`
Alerting: Export contact points to check access control action instead legacy role (#71990) * introduce a new action "alert.provisioning.secrets:read" and role "fixed:alerting.provisioning.secrets:reader" * update alerting API authorization layer to let the user read provisioning with the new action * let new action use decrypt flag * add action and role to docs 2023-08-08 11:29:34 -05:00			`"github.com/grafana/grafana/pkg/services/user"`
Alerting: Allow configuration of non-ready alertmanagers (#43063) * Create API test for overwriting invalid alertmanager config * Avoid requiring alertmanager readiness for config changes * AlertmanagerSrv depends on functionality rather than concrete types * Add test for non-ready alertmanagers * Additional cleanup and polish * Back out previous integration test changes * Refactor of tests incorrectly caused a test to become redundant * Use pre-existing fake secret service * Drop unused interface * Test against concrete MultiOrgAlertmanager re-using fake infra from other tests * Fix linter error * Empty commit to rerun checks 2021-12-27 17:01:17 -06:00			`)`

Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`type fakeAlertInstanceManager struct {`
			`mtx sync.Mutex`
			`// orgID -> RuleID -> States`
			`states map[int64]map[string][]*state.State`
			`}`

			`func NewFakeAlertInstanceManager(t testing.T) fakeAlertInstanceManager {`
			`t.Helper()`

			`return &fakeAlertInstanceManager{`
			`states: map[int64]map[string][]*state.State{},`
			`}`
			`}`

			`func (f fakeAlertInstanceManager) GetAll(orgID int64) []state.State {`
			`f.mtx.Lock()`
			`defer f.mtx.Unlock()`
			`var s []*state.State`

			`for orgID := range f.states {`
			`for _, states := range f.states[orgID] {`
			`s = append(s, states...)`
			`}`
			`}`

			`return s`
			`}`

			`func (f fakeAlertInstanceManager) GetStatesForRuleUID(orgID int64, alertRuleUID string) []state.State {`
			`f.mtx.Lock()`
			`defer f.mtx.Unlock()`
			`return f.states[orgID][alertRuleUID]`
			`}`

Alerting: Display query from grafana-managed alert rules on `/api/v1/rules` (#45969) * Aleting: Extract query from alerting rule model for api/v1/rules * more changes and fixtures * appease the linter 2022-03-14 05:39:20 -05:00			`// forEachState represents the callback used when generating alert instances that allows us to modify the generated result`
			`type forEachState func(s state.State) state.State`

			`func (f *fakeAlertInstanceManager) GenerateAlertInstances(orgID int64, alertRuleUID string, count int, callbacks ...forEachState) {`
Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`f.mtx.Lock()`
			`defer f.mtx.Unlock()`

Alerting: Display query from grafana-managed alert rules on `/api/v1/rules` (#45969) * Aleting: Extract query from alerting rule model for api/v1/rules * more changes and fixtures * appease the linter 2022-03-14 05:39:20 -05:00			`evaluationTime := timeNow()`
Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`evaluationDuration := 1 * time.Minute`

			`for i := 0; i < count; i++ {`
			`_, ok := f.states[orgID]`
			`if !ok {`
			`f.states[orgID] = map[string][]*state.State{}`
			`}`
			`_, ok = f.states[orgID][alertRuleUID]`
			`if !ok {`
			`f.states[orgID][alertRuleUID] = []*state.State{}`
			`}`

Alerting: Display query from grafana-managed alert rules on `/api/v1/rules` (#45969) * Aleting: Extract query from alerting rule model for api/v1/rules * more changes and fixtures * appease the linter 2022-03-14 05:39:20 -05:00			`newState := &state.State{`
			`AlertRuleUID: alertRuleUID,`
Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`OrgID: 1,`
			`Labels: data.Labels{`
			`"__alert_rule_namespace_uid__": "test_namespace_uid",`
			`"__alert_rule_uid__": fmt.Sprintf("test_alert_rule_uid_%v", i),`
			`"alertname": fmt.Sprintf("test_title_%v", i),`
			`"label": "test",`
			`"instance_label": "test",`
			`},`
			`State: eval.Normal,`
			`Results: []state.Evaluation{`
			`{`
			`EvaluationTime: evaluationTime,`
			`EvaluationState: eval.Normal,`
			`Values: make(map[string]*float64),`
			`},`
			`{`
			`EvaluationTime: evaluationTime.Add(1 * time.Minute),`
			`EvaluationState: eval.Normal,`
			`Values: make(map[string]*float64),`
			`},`
			`},`
			`LastEvaluationTime: evaluationTime.Add(1 * time.Minute),`
			`EvaluationDuration: evaluationDuration,`
			`Annotations: map[string]string{"annotation": "test"},`
Alerting: Display query from grafana-managed alert rules on `/api/v1/rules` (#45969) * Aleting: Extract query from alerting rule model for api/v1/rules * more changes and fixtures * appease the linter 2022-03-14 05:39:20 -05:00			`}`

			`if len(callbacks) != 0 {`
			`for _, cb := range callbacks {`
			`newState = cb(newState)`
			`}`
			`}`

			`f.states[orgID][alertRuleUID] = append(f.states[orgID][alertRuleUID], newState)`
Alerting: Include annotations in prometheus Alert response. (#45970) * Alerting: Include annotations in prometheus Alert response. * add tests * re-order depedencies 2022-03-09 12:20:29 -06:00			`}`
			`}`
Alerting: Export contact points to check access control action instead legacy role (#71990) * introduce a new action "alert.provisioning.secrets:read" and role "fixed:alerting.provisioning.secrets:reader" * update alerting API authorization layer to let the user read provisioning with the new action * let new action use decrypt flag * add action and role to docs 2023-08-08 11:29:34 -05:00
			`type recordingAccessControlFake struct {`
			`Disabled bool`
			`EvaluateRecordings []struct {`
			`User *user.SignedInUser`
			`Evaluator accesscontrol.Evaluator`
			`}`
			`Callback func(user *user.SignedInUser, evaluator accesscontrol.Evaluator) (bool, error)`
			`}`

Chore: Fix ngalert Evaluate signature change (#73084) fix ngalert Evaluate sig change 2023-08-09 04:27:14 -05:00			`func (a *recordingAccessControlFake) Evaluate(ctx context.Context, ur identity.Requester, evaluator accesscontrol.Evaluator) (bool, error) {`
			`u := ur.(*user.SignedInUser)`
Alerting: Export contact points to check access control action instead legacy role (#71990) * introduce a new action "alert.provisioning.secrets:read" and role "fixed:alerting.provisioning.secrets:reader" * update alerting API authorization layer to let the user read provisioning with the new action * let new action use decrypt flag * add action and role to docs 2023-08-08 11:29:34 -05:00			`a.EvaluateRecordings = append(a.EvaluateRecordings, struct {`
			`User *user.SignedInUser`
			`Evaluator accesscontrol.Evaluator`
			`}{User: u, Evaluator: evaluator})`
			`if a.Callback == nil {`
			`return false, nil`
			`}`
			`return a.Callback(u, evaluator)`
			`}`

			`func (a *recordingAccessControlFake) RegisterScopeAttributeResolver(prefix string, resolver accesscontrol.ScopeAttributeResolver) {`
			`// TODO implement me`
			`panic("implement me")`
			`}`

			`func (a *recordingAccessControlFake) IsDisabled() bool {`
			`return a.Disabled`
			`}`

			`var _ accesscontrol.AccessControl = &recordingAccessControlFake{}`
Alerting: Extract alerting rules authorization logic to a service (#77006) * extract alerting authorization logic to separate package * convert authorization logic to service 2023-11-15 10:54:54 -06:00
			`type fakeRuleAccessControlService struct {`
			`}`

Alerting: Update rule access control to return errutil errors (#78284) * update rule access control to return errutil errors * use alerting in msgID 2023-12-01 17:42:11 -06:00			`func (f fakeRuleAccessControlService) HasAccessToRuleGroup(ctx context.Context, user identity.Requester, rules models.RulesGroup) (bool, error) {`
			`return true, nil`
			`}`

			`func (f fakeRuleAccessControlService) AuthorizeAccessToRuleGroup(ctx context.Context, user identity.Requester, rules models.RulesGroup) error {`
			`return nil`
Alerting: Extract alerting rules authorization logic to a service (#77006) * extract alerting authorization logic to separate package * convert authorization logic to service 2023-11-15 10:54:54 -06:00			`}`

			`func (f fakeRuleAccessControlService) AuthorizeRuleChanges(ctx context.Context, user identity.Requester, change *store.GroupDelta) error {`
			`return nil`
			`}`
Alerting: Update rule access control to return errutil errors (#78284) * update rule access control to return errutil errors * use alerting in msgID 2023-12-01 17:42:11 -06:00
			`func (f fakeRuleAccessControlService) AuthorizeDatasourceAccessForRule(ctx context.Context, user identity.Requester, rule *models.AlertRule) error {`
			`return nil`
			`}`