grafana/pkg/services/sqlstore/sqlbuilder.go

package sqlstore

import (
	"bytes"

	"github.com/grafana/grafana/pkg/models"
	ac "github.com/grafana/grafana/pkg/services/accesscontrol"
	"github.com/grafana/grafana/pkg/services/sqlstore/permissions"
	"github.com/grafana/grafana/pkg/services/user"
	"github.com/grafana/grafana/pkg/setting"
)

func NewSqlBuilder(cfg *setting.Cfg) SQLBuilder {
	return SQLBuilder{cfg: cfg}
}

type SQLBuilder struct {
	cfg    *setting.Cfg
	sql    bytes.Buffer
	params []interface{}
}

func (sb *SQLBuilder) Write(sql string, params ...interface{}) {
	sb.sql.WriteString(sql)

	if len(params) > 0 {
		sb.params = append(sb.params, params...)
	}
}

func (sb *SQLBuilder) GetSQLString() string {
	return sb.sql.String()
}

func (sb *SQLBuilder) GetParams() []interface{} {
	return sb.params
}

func (sb *SQLBuilder) AddParams(params ...interface{}) {
	sb.params = append(sb.params, params...)
}

func (sb *SQLBuilder) WriteDashboardPermissionFilter(user *user.SignedInUser, permission models.PermissionType) {
	var (
		sql    string
		params []interface{}
	)
	if !ac.IsDisabled(sb.cfg) {
		sql, params = permissions.NewAccessControlDashboardPermissionFilter(user, permission, "").Where()
	} else {
		sql, params = permissions.DashboardPermissionFilter{
			OrgRole:         user.OrgRole,
			Dialect:         dialect,
			UserId:          user.UserID,
			OrgId:           user.OrgID,
			PermissionLevel: permission,
		}.Where()
	}

	sb.sql.WriteString(" AND " + sql)
	sb.params = append(sb.params, params...)
}
fix: initial fix for #10822 2018-02-07 10:54:21 -06:00			`package sqlstore`

			`import (`
			`"bytes"`

chore: avoid aliasing imports in services (#22499) 2020-02-29 06:35:15 -06:00			`"github.com/grafana/grafana/pkg/models"`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 2022-08-10 03:32:03 -05:00			`ac "github.com/grafana/grafana/pkg/services/accesscontrol"`
			`"github.com/grafana/grafana/pkg/services/sqlstore/permissions"`
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2 2022-08-10 04:56:48 -05:00			`"github.com/grafana/grafana/pkg/services/user"`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 2022-08-10 03:32:03 -05:00			`"github.com/grafana/grafana/pkg/setting"`
fix: initial fix for #10822 2018-02-07 10:54:21 -06:00			`)`

RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 2022-08-10 03:32:03 -05:00			`func NewSqlBuilder(cfg *setting.Cfg) SQLBuilder {`
			`return SQLBuilder{cfg: cfg}`
			`}`

Chore: Fix SQL related Go variable naming (#28887) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 2020-11-10 23:21:08 -06:00			`type SQLBuilder struct {`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 2022-08-10 03:32:03 -05:00			`cfg *setting.Cfg`
fix: initial fix for #10822 2018-02-07 10:54:21 -06:00			`sql bytes.Buffer`
			`params []interface{}`
			`}`

Chore: Fix SQL related Go variable naming (#28887) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 2020-11-10 23:21:08 -06:00			`func (sb *SQLBuilder) Write(sql string, params ...interface{}) {`
refactoring: alert rule query refactoring (#10941) 2018-02-16 06:56:04 -06:00			`sb.sql.WriteString(sql)`

			`if len(params) > 0 {`
			`sb.params = append(sb.params, params...)`
			`}`
			`}`

Chore: Fix SQL related Go variable naming (#28887) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 2020-11-10 23:21:08 -06:00			`func (sb *SQLBuilder) GetSQLString() string {`
refactoring: alert rule query refactoring (#10941) 2018-02-16 06:56:04 -06:00			`return sb.sql.String()`
			`}`

LibraryPanels: Adds permissions to getAllHandler (#31416) * LibraryPanels: Adds permissions to getAllHandler * Chore: adds a test to verify the permissions * Chore: tests refactor 2021-02-24 07:06:22 -06:00			`func (sb *SQLBuilder) GetParams() []interface{} {`
			`return sb.params`
			`}`

Chore: Fix SQL related Go variable naming (#28887) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 2020-11-10 23:21:08 -06:00			`func (sb *SQLBuilder) AddParams(params ...interface{}) {`
refactoring: alert rule query refactoring (#10941) 2018-02-16 06:56:04 -06:00			`sb.params = append(sb.params, params...)`
			`}`

Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2 2022-08-10 04:56:48 -05:00			`func (sb SQLBuilder) WriteDashboardPermissionFilter(user user.SignedInUser, permission models.PermissionType) {`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 2022-08-10 03:32:03 -05:00			`var (`
			`sql string`
			`params []interface{}`
			`)`
			`if !ac.IsDisabled(sb.cfg) {`
			`sql, params = permissions.NewAccessControlDashboardPermissionFilter(user, permission, "").Where()`
			`} else {`
			`sql, params = permissions.DashboardPermissionFilter{`
			`OrgRole: user.OrgRole,`
			`Dialect: dialect,`
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields 2022-08-11 06:28:55 -05:00			`UserId: user.UserID,`
			`OrgId: user.OrgID,`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 2022-08-10 03:32:03 -05:00			`PermissionLevel: permission,`
			`}.Where()`
fix: initial fix for #10822 2018-02-07 10:54:21 -06:00			`}`

RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 2022-08-10 03:32:03 -05:00			`sb.sql.WriteString(" AND " + sql)`
			`sb.params = append(sb.params, params...)`
fix: initial fix for #10822 2018-02-07 10:54:21 -06:00			`}`