2017-05-08 08:35:34 -05:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
2020-11-24 05:10:32 -06:00
|
|
|
"encoding/json"
|
2020-11-13 02:52:38 -06:00
|
|
|
"fmt"
|
2017-05-08 08:35:34 -05:00
|
|
|
"testing"
|
|
|
|
|
2022-03-10 11:19:50 -06:00
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/stretchr/testify/mock"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
|
2018-01-18 07:30:04 -06:00
|
|
|
"github.com/grafana/grafana/pkg/api/dtos"
|
2021-01-15 07:43:20 -06:00
|
|
|
"github.com/grafana/grafana/pkg/api/response"
|
|
|
|
"github.com/grafana/grafana/pkg/api/routing"
|
2023-01-26 02:21:10 -06:00
|
|
|
"github.com/grafana/grafana/pkg/bus"
|
2023-01-18 09:01:25 -06:00
|
|
|
"github.com/grafana/grafana/pkg/infra/db/dbtest"
|
2023-01-26 02:21:10 -06:00
|
|
|
"github.com/grafana/grafana/pkg/infra/tracing"
|
2022-03-10 05:58:18 -06:00
|
|
|
accesscontrolmock "github.com/grafana/grafana/pkg/services/accesscontrol/mock"
|
2023-01-27 01:50:36 -06:00
|
|
|
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
|
2022-03-10 11:19:50 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/dashboards"
|
2022-05-17 13:52:22 -05:00
|
|
|
dashboardservice "github.com/grafana/grafana/pkg/services/dashboards/service"
|
2022-03-03 08:05:47 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/featuremgmt"
|
2023-01-26 02:21:10 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/folder/folderimpl"
|
2023-02-01 07:43:21 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/folder/foldertest"
|
2018-02-26 13:15:57 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/guardian"
|
2022-08-10 04:56:48 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/org"
|
2020-11-24 05:10:32 -06:00
|
|
|
"github.com/grafana/grafana/pkg/setting"
|
2017-05-08 08:35:34 -05:00
|
|
|
)
|
|
|
|
|
2020-11-13 02:52:38 -06:00
|
|
|
func TestDashboardPermissionAPIEndpoint(t *testing.T) {
|
|
|
|
t.Run("Dashboard permissions test", func(t *testing.T) {
|
2020-11-24 05:10:32 -06:00
|
|
|
settings := setting.NewCfg()
|
2022-03-10 11:19:50 -06:00
|
|
|
dashboardStore := &dashboards.FakeDashboardStore{}
|
2023-01-25 03:36:26 -06:00
|
|
|
qResult := &dashboards.Dashboard{}
|
|
|
|
dashboardStore.On("GetDashboard", mock.Anything, mock.AnythingOfType("*dashboards.GetDashboardQuery")).Return(qResult, nil)
|
2022-02-16 07:15:44 -06:00
|
|
|
defer dashboardStore.AssertExpectations(t)
|
|
|
|
|
2022-03-10 05:58:18 -06:00
|
|
|
features := featuremgmt.WithFeatures()
|
2023-01-18 09:01:25 -06:00
|
|
|
mockSQLStore := dbtest.NewFakeDB()
|
2022-06-07 04:02:20 -05:00
|
|
|
ac := accesscontrolmock.New()
|
2022-05-10 08:48:47 -05:00
|
|
|
folderPermissions := accesscontrolmock.NewMockedPermissionsService()
|
|
|
|
dashboardPermissions := accesscontrolmock.NewMockedPermissionsService()
|
2022-02-16 07:15:44 -06:00
|
|
|
|
2023-02-01 07:43:21 -06:00
|
|
|
folderSvc := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), settings, dashboardStore, foldertest.NewFakeFolderStore(t), mockSQLStore, featuremgmt.WithFeatures())
|
2022-02-07 05:43:43 -06:00
|
|
|
hs := &HTTPServer{
|
2022-03-10 05:58:18 -06:00
|
|
|
Cfg: settings,
|
|
|
|
SQLStore: mockSQLStore,
|
|
|
|
Features: features,
|
2023-03-08 13:37:45 -06:00
|
|
|
DashboardService: dashboardservice.ProvideDashboardServiceImpl(
|
2023-03-03 09:56:33 -06:00
|
|
|
settings, dashboardStore, foldertest.NewFakeFolderStore(t), nil, features, folderPermissions, dashboardPermissions, ac,
|
2023-01-26 02:21:10 -06:00
|
|
|
folderSvc,
|
2022-03-10 05:58:18 -06:00
|
|
|
),
|
2022-04-25 03:42:09 -05:00
|
|
|
AccessControl: accesscontrolmock.New().WithDisabled(),
|
2022-02-07 05:43:43 -06:00
|
|
|
}
|
2020-11-24 05:10:32 -06:00
|
|
|
|
2020-11-13 02:52:38 -06:00
|
|
|
t.Run("Given user has no admin permissions", func(t *testing.T) {
|
2018-02-26 13:15:57 -06:00
|
|
|
origNewGuardian := guardian.New
|
2020-11-13 02:52:38 -06:00
|
|
|
t.Cleanup(func() {
|
|
|
|
guardian.New = origNewGuardian
|
|
|
|
})
|
|
|
|
|
2018-02-26 13:15:57 -06:00
|
|
|
guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{CanAdminValue: false})
|
2020-11-13 02:52:38 -06:00
|
|
|
loggedInUserScenarioWithRole(t, "When calling GET on", "GET", "/api/dashboards/id/1/permissions",
|
2022-08-10 04:56:48 -05:00
|
|
|
"/api/dashboards/id/:dashboardId/permissions", org.RoleEditor, func(sc *scenarioContext) {
|
2020-11-24 05:10:32 -06:00
|
|
|
callGetDashboardPermissions(sc, hs)
|
2020-11-13 02:52:38 -06:00
|
|
|
assert.Equal(t, 403, sc.resp.Code)
|
2022-02-07 05:43:43 -06:00
|
|
|
}, mockSQLStore)
|
2018-02-12 02:26:09 -06:00
|
|
|
|
2022-07-18 08:14:58 -05:00
|
|
|
cmd := dtos.UpdateDashboardACLCommand{
|
|
|
|
Items: []dtos.DashboardACLUpdateItem{
|
2023-01-26 07:46:30 -06:00
|
|
|
{UserID: 1000, Permission: dashboards.PERMISSION_ADMIN},
|
2018-02-26 13:15:57 -06:00
|
|
|
},
|
|
|
|
}
|
2018-02-12 02:26:09 -06:00
|
|
|
|
2022-02-16 07:15:44 -06:00
|
|
|
dashboardStore.On("UpdateDashboardACL", mock.Anything, mock.Anything, mock.Anything).Return(nil).Once()
|
2020-11-24 05:10:32 -06:00
|
|
|
updateDashboardPermissionScenario(t, updatePermissionContext{
|
|
|
|
desc: "When calling POST on",
|
|
|
|
url: "/api/dashboards/id/1/permissions",
|
2022-01-14 10:55:57 -06:00
|
|
|
routePattern: "/api/dashboards/id/:dashboardId/permissions",
|
2020-11-24 05:10:32 -06:00
|
|
|
cmd: cmd,
|
|
|
|
fn: func(sc *scenarioContext) {
|
2021-03-17 10:06:10 -05:00
|
|
|
callUpdateDashboardPermissions(t, sc)
|
2020-11-13 02:52:38 -06:00
|
|
|
assert.Equal(t, 403, sc.resp.Code)
|
2020-11-24 05:10:32 -06:00
|
|
|
},
|
|
|
|
}, hs)
|
2020-11-13 02:52:38 -06:00
|
|
|
})
|
2018-02-12 02:26:09 -06:00
|
|
|
|
2020-11-13 02:52:38 -06:00
|
|
|
t.Run("Given user has admin permissions and permissions to update", func(t *testing.T) {
|
|
|
|
origNewGuardian := guardian.New
|
|
|
|
t.Cleanup(func() {
|
2018-02-26 13:15:57 -06:00
|
|
|
guardian.New = origNewGuardian
|
2018-02-12 02:26:09 -06:00
|
|
|
})
|
2017-05-08 08:35:34 -05:00
|
|
|
|
2018-02-26 13:15:57 -06:00
|
|
|
guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
|
|
|
|
CanAdminValue: true,
|
|
|
|
CheckPermissionBeforeUpdateValue: true,
|
2023-01-20 07:58:47 -06:00
|
|
|
GetACLValue: []*dashboards.DashboardACLInfoDTO{
|
2023-01-26 07:46:30 -06:00
|
|
|
{OrgID: 1, DashboardID: 1, UserID: 2, Permission: dashboards.PERMISSION_VIEW},
|
|
|
|
{OrgID: 1, DashboardID: 1, UserID: 3, Permission: dashboards.PERMISSION_EDIT},
|
|
|
|
{OrgID: 1, DashboardID: 1, UserID: 4, Permission: dashboards.PERMISSION_ADMIN},
|
|
|
|
{OrgID: 1, DashboardID: 1, TeamID: 1, Permission: dashboards.PERMISSION_VIEW},
|
|
|
|
{OrgID: 1, DashboardID: 1, TeamID: 2, Permission: dashboards.PERMISSION_ADMIN},
|
2018-02-26 13:15:57 -06:00
|
|
|
},
|
|
|
|
})
|
2017-05-22 03:36:47 -05:00
|
|
|
|
2020-11-13 02:52:38 -06:00
|
|
|
loggedInUserScenarioWithRole(t, "When calling GET on", "GET", "/api/dashboards/id/1/permissions",
|
2022-08-10 04:56:48 -05:00
|
|
|
"/api/dashboards/id/:dashboardId/permissions", org.RoleAdmin, func(sc *scenarioContext) {
|
2020-11-24 05:10:32 -06:00
|
|
|
callGetDashboardPermissions(sc, hs)
|
2020-11-13 02:52:38 -06:00
|
|
|
assert.Equal(t, 200, sc.resp.Code)
|
2020-11-24 05:10:32 -06:00
|
|
|
|
2023-01-20 07:58:47 -06:00
|
|
|
var resp []*dashboards.DashboardACLInfoDTO
|
2020-11-24 05:10:32 -06:00
|
|
|
err := json.Unmarshal(sc.resp.Body.Bytes(), &resp)
|
2020-11-13 02:52:38 -06:00
|
|
|
require.NoError(t, err)
|
2020-11-24 05:10:32 -06:00
|
|
|
|
|
|
|
assert.Len(t, resp, 5)
|
2023-01-20 07:58:47 -06:00
|
|
|
assert.Equal(t, int64(2), resp[0].UserID)
|
2023-01-26 07:46:30 -06:00
|
|
|
assert.Equal(t, dashboards.PERMISSION_VIEW, resp[0].Permission)
|
2022-02-07 05:43:43 -06:00
|
|
|
}, mockSQLStore)
|
2018-01-18 07:30:04 -06:00
|
|
|
|
2022-07-18 08:14:58 -05:00
|
|
|
cmd := dtos.UpdateDashboardACLCommand{
|
|
|
|
Items: []dtos.DashboardACLUpdateItem{
|
2023-01-26 07:46:30 -06:00
|
|
|
{UserID: 1000, Permission: dashboards.PERMISSION_ADMIN},
|
2018-02-26 13:15:57 -06:00
|
|
|
},
|
|
|
|
}
|
2018-01-18 07:30:04 -06:00
|
|
|
|
2020-11-24 05:10:32 -06:00
|
|
|
updateDashboardPermissionScenario(t, updatePermissionContext{
|
|
|
|
desc: "When calling POST on",
|
|
|
|
url: "/api/dashboards/id/1/permissions",
|
2022-01-14 10:55:57 -06:00
|
|
|
routePattern: "/api/dashboards/id/:dashboardId/permissions",
|
2020-11-24 05:10:32 -06:00
|
|
|
cmd: cmd,
|
|
|
|
fn: func(sc *scenarioContext) {
|
2021-03-17 10:06:10 -05:00
|
|
|
callUpdateDashboardPermissions(t, sc)
|
2020-11-13 02:52:38 -06:00
|
|
|
assert.Equal(t, 200, sc.resp.Code)
|
2020-11-24 05:10:32 -06:00
|
|
|
},
|
|
|
|
}, hs)
|
2018-02-26 13:15:57 -06:00
|
|
|
})
|
2018-01-18 07:30:04 -06:00
|
|
|
|
2021-10-13 13:16:58 -05:00
|
|
|
t.Run("When trying to add permissions with both a team and user", func(t *testing.T) {
|
|
|
|
origNewGuardian := guardian.New
|
|
|
|
t.Cleanup(func() {
|
|
|
|
guardian.New = origNewGuardian
|
|
|
|
})
|
|
|
|
|
|
|
|
guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
|
|
|
|
CanAdminValue: true,
|
|
|
|
CheckPermissionBeforeUpdateValue: true,
|
|
|
|
})
|
|
|
|
|
2022-07-18 08:14:58 -05:00
|
|
|
cmd := dtos.UpdateDashboardACLCommand{
|
|
|
|
Items: []dtos.DashboardACLUpdateItem{
|
2023-01-26 07:46:30 -06:00
|
|
|
{UserID: 1000, TeamID: 1, Permission: dashboards.PERMISSION_ADMIN},
|
2021-10-13 13:16:58 -05:00
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
updateDashboardPermissionScenario(t, updatePermissionContext{
|
|
|
|
desc: "When calling POST on",
|
|
|
|
url: "/api/dashboards/id/1/permissions",
|
2022-01-14 10:55:57 -06:00
|
|
|
routePattern: "/api/dashboards/id/:dashboardId/permissions",
|
2021-10-13 13:16:58 -05:00
|
|
|
cmd: cmd,
|
|
|
|
fn: func(sc *scenarioContext) {
|
|
|
|
callUpdateDashboardPermissions(t, sc)
|
|
|
|
assert.Equal(t, 400, sc.resp.Code)
|
|
|
|
respJSON, err := jsonMap(sc.resp.Body.Bytes())
|
|
|
|
require.NoError(t, err)
|
2023-01-26 07:46:30 -06:00
|
|
|
assert.Equal(t, dashboards.ErrPermissionsWithUserAndTeamNotAllowed.Error(), respJSON["error"])
|
2021-10-13 13:16:58 -05:00
|
|
|
},
|
|
|
|
}, hs)
|
|
|
|
})
|
|
|
|
|
2020-11-13 02:52:38 -06:00
|
|
|
t.Run("When trying to update permissions with duplicate permissions", func(t *testing.T) {
|
2018-02-26 13:15:57 -06:00
|
|
|
origNewGuardian := guardian.New
|
2020-11-13 02:52:38 -06:00
|
|
|
t.Cleanup(func() {
|
|
|
|
guardian.New = origNewGuardian
|
|
|
|
})
|
2018-02-26 13:15:57 -06:00
|
|
|
guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
|
|
|
|
CanAdminValue: true,
|
|
|
|
CheckPermissionBeforeUpdateValue: false,
|
2018-02-27 09:03:11 -06:00
|
|
|
CheckPermissionBeforeUpdateError: guardian.ErrGuardianPermissionExists,
|
2018-01-18 07:30:04 -06:00
|
|
|
})
|
|
|
|
|
2022-07-18 08:14:58 -05:00
|
|
|
cmd := dtos.UpdateDashboardACLCommand{
|
|
|
|
Items: []dtos.DashboardACLUpdateItem{
|
2023-01-26 07:46:30 -06:00
|
|
|
{UserID: 1000, Permission: dashboards.PERMISSION_ADMIN},
|
2018-02-26 13:15:57 -06:00
|
|
|
},
|
|
|
|
}
|
2017-06-22 16:01:04 -05:00
|
|
|
|
2020-11-24 05:10:32 -06:00
|
|
|
updateDashboardPermissionScenario(t, updatePermissionContext{
|
|
|
|
desc: "When calling POST on",
|
|
|
|
url: "/api/dashboards/id/1/permissions",
|
2022-01-14 10:55:57 -06:00
|
|
|
routePattern: "/api/dashboards/id/:dashboardId/permissions",
|
2020-11-24 05:10:32 -06:00
|
|
|
cmd: cmd,
|
|
|
|
fn: func(sc *scenarioContext) {
|
2021-03-17 10:06:10 -05:00
|
|
|
callUpdateDashboardPermissions(t, sc)
|
2020-11-13 02:52:38 -06:00
|
|
|
assert.Equal(t, 400, sc.resp.Code)
|
2020-11-24 05:10:32 -06:00
|
|
|
},
|
|
|
|
}, hs)
|
2020-11-13 02:52:38 -06:00
|
|
|
})
|
2017-06-22 16:01:04 -05:00
|
|
|
|
2020-11-18 08:36:41 -06:00
|
|
|
t.Run("When trying to update team or user permissions with a role", func(t *testing.T) {
|
2022-08-10 04:56:48 -05:00
|
|
|
role := org.RoleEditor
|
2022-07-18 08:14:58 -05:00
|
|
|
cmds := []dtos.UpdateDashboardACLCommand{
|
2020-11-18 08:36:41 -06:00
|
|
|
{
|
2022-07-18 08:14:58 -05:00
|
|
|
Items: []dtos.DashboardACLUpdateItem{
|
2023-01-26 07:46:30 -06:00
|
|
|
{UserID: 1000, Permission: dashboards.PERMISSION_ADMIN, Role: &role},
|
2020-11-18 08:36:41 -06:00
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
2022-07-18 08:14:58 -05:00
|
|
|
Items: []dtos.DashboardACLUpdateItem{
|
2023-01-26 07:46:30 -06:00
|
|
|
{TeamID: 1000, Permission: dashboards.PERMISSION_ADMIN, Role: &role},
|
2020-11-18 08:36:41 -06:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, cmd := range cmds {
|
2020-11-24 05:10:32 -06:00
|
|
|
updateDashboardPermissionScenario(t, updatePermissionContext{
|
|
|
|
desc: "When calling POST on",
|
|
|
|
url: "/api/dashboards/id/1/permissions",
|
2022-01-14 10:55:57 -06:00
|
|
|
routePattern: "/api/dashboards/id/:dashboardId/permissions",
|
2020-11-24 05:10:32 -06:00
|
|
|
cmd: cmd,
|
|
|
|
fn: func(sc *scenarioContext) {
|
2021-03-17 10:06:10 -05:00
|
|
|
callUpdateDashboardPermissions(t, sc)
|
2020-11-18 08:36:41 -06:00
|
|
|
assert.Equal(t, 400, sc.resp.Code)
|
|
|
|
respJSON, err := jsonMap(sc.resp.Body.Bytes())
|
|
|
|
require.NoError(t, err)
|
2023-01-26 07:46:30 -06:00
|
|
|
assert.Equal(t, dashboards.ErrPermissionsWithRoleNotAllowed.Error(), respJSON["error"])
|
2020-11-24 05:10:32 -06:00
|
|
|
},
|
|
|
|
}, hs)
|
2020-11-18 08:36:41 -06:00
|
|
|
}
|
|
|
|
})
|
|
|
|
|
2020-11-13 02:52:38 -06:00
|
|
|
t.Run("When trying to override inherited permissions with lower precedence", func(t *testing.T) {
|
|
|
|
origNewGuardian := guardian.New
|
|
|
|
t.Cleanup(func() {
|
2018-02-26 13:15:57 -06:00
|
|
|
guardian.New = origNewGuardian
|
2017-06-22 16:01:04 -05:00
|
|
|
})
|
|
|
|
|
2018-02-26 13:15:57 -06:00
|
|
|
guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
|
|
|
|
CanAdminValue: true,
|
|
|
|
CheckPermissionBeforeUpdateValue: false,
|
2018-02-27 09:03:11 -06:00
|
|
|
CheckPermissionBeforeUpdateError: guardian.ErrGuardianOverride},
|
2018-02-26 13:15:57 -06:00
|
|
|
)
|
|
|
|
|
2022-07-18 08:14:58 -05:00
|
|
|
cmd := dtos.UpdateDashboardACLCommand{
|
|
|
|
Items: []dtos.DashboardACLUpdateItem{
|
2023-01-26 07:46:30 -06:00
|
|
|
{UserID: 1000, Permission: dashboards.PERMISSION_ADMIN},
|
2018-02-26 13:15:57 -06:00
|
|
|
},
|
|
|
|
}
|
2017-05-22 03:36:47 -05:00
|
|
|
|
2020-11-24 05:10:32 -06:00
|
|
|
updateDashboardPermissionScenario(t, updatePermissionContext{
|
|
|
|
desc: "When calling POST on",
|
|
|
|
url: "/api/dashboards/id/1/permissions",
|
2022-01-14 10:55:57 -06:00
|
|
|
routePattern: "/api/dashboards/id/:dashboardId/permissions",
|
2020-11-24 05:10:32 -06:00
|
|
|
cmd: cmd,
|
|
|
|
fn: func(sc *scenarioContext) {
|
2021-03-17 10:06:10 -05:00
|
|
|
callUpdateDashboardPermissions(t, sc)
|
2020-11-13 02:52:38 -06:00
|
|
|
assert.Equal(t, 400, sc.resp.Code)
|
2020-11-24 05:10:32 -06:00
|
|
|
},
|
|
|
|
}, hs)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Getting and updating dashboard permissions with hidden users", func(t *testing.T) {
|
|
|
|
origNewGuardian := guardian.New
|
|
|
|
settings.HiddenUsers = map[string]struct{}{
|
|
|
|
"hiddenUser": {},
|
|
|
|
testUserLogin: {},
|
|
|
|
}
|
|
|
|
t.Cleanup(func() {
|
|
|
|
guardian.New = origNewGuardian
|
|
|
|
settings.HiddenUsers = make(map[string]struct{})
|
|
|
|
})
|
|
|
|
|
2023-01-18 09:01:25 -06:00
|
|
|
mockSQLStore := dbtest.NewFakeDB()
|
2023-01-20 07:58:47 -06:00
|
|
|
var resp []*dashboards.DashboardACLInfoDTO
|
2020-11-24 05:10:32 -06:00
|
|
|
loggedInUserScenarioWithRole(t, "When calling GET on", "GET", "/api/dashboards/id/1/permissions",
|
2022-08-10 04:56:48 -05:00
|
|
|
"/api/dashboards/id/:dashboardId/permissions", org.RoleAdmin, func(sc *scenarioContext) {
|
2020-11-24 05:10:32 -06:00
|
|
|
setUp()
|
2022-03-21 04:49:49 -05:00
|
|
|
guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
|
|
|
|
CanAdminValue: true,
|
|
|
|
CheckPermissionBeforeUpdateValue: true,
|
2023-01-20 07:58:47 -06:00
|
|
|
GetACLValue: []*dashboards.DashboardACLInfoDTO{
|
2023-01-26 07:46:30 -06:00
|
|
|
{OrgID: 1, DashboardID: 1, UserID: 2, UserLogin: "hiddenUser", Permission: dashboards.PERMISSION_VIEW},
|
|
|
|
{OrgID: 1, DashboardID: 1, UserID: 3, UserLogin: testUserLogin, Permission: dashboards.PERMISSION_EDIT},
|
|
|
|
{OrgID: 1, DashboardID: 1, UserID: 4, UserLogin: "user_1", Permission: dashboards.PERMISSION_ADMIN},
|
2022-03-21 04:49:49 -05:00
|
|
|
},
|
2023-01-20 07:58:47 -06:00
|
|
|
GetHiddenACLValue: []*dashboards.DashboardACL{
|
2023-01-26 07:46:30 -06:00
|
|
|
{OrgID: 1, DashboardID: 1, UserID: 2, Permission: dashboards.PERMISSION_VIEW},
|
2022-03-21 04:49:49 -05:00
|
|
|
},
|
|
|
|
})
|
|
|
|
|
2020-11-24 05:10:32 -06:00
|
|
|
callGetDashboardPermissions(sc, hs)
|
|
|
|
assert.Equal(t, 200, sc.resp.Code)
|
|
|
|
|
|
|
|
err := json.Unmarshal(sc.resp.Body.Bytes(), &resp)
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
assert.Len(t, resp, 2)
|
2023-01-20 07:58:47 -06:00
|
|
|
assert.Equal(t, int64(3), resp[0].UserID)
|
2023-01-26 07:46:30 -06:00
|
|
|
assert.Equal(t, dashboards.PERMISSION_EDIT, resp[0].Permission)
|
2023-01-20 07:58:47 -06:00
|
|
|
assert.Equal(t, int64(4), resp[1].UserID)
|
2023-01-26 07:46:30 -06:00
|
|
|
assert.Equal(t, dashboards.PERMISSION_ADMIN, resp[1].Permission)
|
2022-02-07 05:43:43 -06:00
|
|
|
}, mockSQLStore)
|
2020-11-24 05:10:32 -06:00
|
|
|
|
2022-07-18 08:14:58 -05:00
|
|
|
cmd := dtos.UpdateDashboardACLCommand{
|
|
|
|
Items: []dtos.DashboardACLUpdateItem{
|
2023-01-26 07:46:30 -06:00
|
|
|
{UserID: 1000, Permission: dashboards.PERMISSION_ADMIN},
|
2020-11-24 05:10:32 -06:00
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, acl := range resp {
|
2022-07-18 08:14:58 -05:00
|
|
|
cmd.Items = append(cmd.Items, dtos.DashboardACLUpdateItem{
|
2023-01-20 07:58:47 -06:00
|
|
|
UserID: acl.UserID,
|
2020-11-24 05:10:32 -06:00
|
|
|
Permission: acl.Permission,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
assert.Len(t, cmd.Items, 3)
|
|
|
|
|
2023-01-20 07:58:47 -06:00
|
|
|
var numOfItems []*dashboards.DashboardACL
|
2022-02-16 07:15:44 -06:00
|
|
|
dashboardStore.On("UpdateDashboardACL", mock.Anything, mock.Anything, mock.Anything).Run(func(args mock.Arguments) {
|
2023-01-20 07:58:47 -06:00
|
|
|
items := args.Get(2).([]*dashboards.DashboardACL)
|
2022-02-16 07:15:44 -06:00
|
|
|
numOfItems = items
|
|
|
|
}).Return(nil).Once()
|
2020-11-24 05:10:32 -06:00
|
|
|
updateDashboardPermissionScenario(t, updatePermissionContext{
|
|
|
|
desc: "When calling POST on",
|
|
|
|
url: "/api/dashboards/id/1/permissions",
|
2022-01-14 10:55:57 -06:00
|
|
|
routePattern: "/api/dashboards/id/:dashboardId/permissions",
|
2020-11-24 05:10:32 -06:00
|
|
|
cmd: cmd,
|
|
|
|
fn: func(sc *scenarioContext) {
|
|
|
|
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
|
|
|
|
assert.Equal(t, 200, sc.resp.Code)
|
2022-02-16 07:15:44 -06:00
|
|
|
assert.Len(t, numOfItems, 4)
|
2020-11-24 05:10:32 -06:00
|
|
|
},
|
|
|
|
}, hs)
|
2017-05-08 08:35:34 -05:00
|
|
|
})
|
|
|
|
})
|
|
|
|
}
|
2017-06-22 16:01:04 -05:00
|
|
|
|
2020-11-24 05:10:32 -06:00
|
|
|
func callGetDashboardPermissions(sc *scenarioContext, hs *HTTPServer) {
|
|
|
|
sc.handlerFunc = hs.GetDashboardPermissionList
|
2018-02-26 13:15:57 -06:00
|
|
|
sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
|
2017-06-22 16:01:04 -05:00
|
|
|
}
|
2018-01-18 07:30:04 -06:00
|
|
|
|
2021-03-17 10:06:10 -05:00
|
|
|
func callUpdateDashboardPermissions(t *testing.T, sc *scenarioContext) {
|
|
|
|
t.Helper()
|
2018-01-18 07:30:04 -06:00
|
|
|
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
|
|
|
|
}
|
|
|
|
|
2020-11-24 05:10:32 -06:00
|
|
|
type updatePermissionContext struct {
|
|
|
|
desc string
|
|
|
|
url string
|
|
|
|
routePattern string
|
2022-07-18 08:14:58 -05:00
|
|
|
cmd dtos.UpdateDashboardACLCommand
|
2020-11-24 05:10:32 -06:00
|
|
|
fn scenarioFunc
|
|
|
|
}
|
|
|
|
|
|
|
|
func updateDashboardPermissionScenario(t *testing.T, ctx updatePermissionContext, hs *HTTPServer) {
|
|
|
|
t.Run(fmt.Sprintf("%s %s", ctx.desc, ctx.url), func(t *testing.T) {
|
|
|
|
sc := setupScenarioContext(t, ctx.url)
|
2018-01-18 07:30:04 -06:00
|
|
|
|
2023-01-27 01:50:36 -06:00
|
|
|
sc.defaultHandler = routing.Wrap(func(c *contextmodel.ReqContext) response.Response {
|
2021-11-29 03:18:01 -06:00
|
|
|
c.Req.Body = mockRequestBody(ctx.cmd)
|
2022-02-09 06:44:38 -06:00
|
|
|
c.Req.Header.Add("Content-Type", "application/json")
|
2018-01-18 07:30:04 -06:00
|
|
|
sc.context = c
|
2022-08-11 06:28:55 -05:00
|
|
|
sc.context.OrgID = testOrgID
|
|
|
|
sc.context.UserID = testUserID
|
2018-01-18 07:30:04 -06:00
|
|
|
|
2021-11-29 03:18:01 -06:00
|
|
|
return hs.UpdateDashboardPermissions(c)
|
2018-01-18 07:30:04 -06:00
|
|
|
})
|
|
|
|
|
2020-11-24 05:10:32 -06:00
|
|
|
sc.m.Post(ctx.routePattern, sc.defaultHandler)
|
2018-01-18 07:30:04 -06:00
|
|
|
|
2020-11-24 05:10:32 -06:00
|
|
|
ctx.fn(sc)
|
2018-01-18 07:30:04 -06:00
|
|
|
})
|
|
|
|
}
|