grafana/pkg/api/folder_permission.go

package api

import (
	"errors"
	"net/http"
	"time"

	"github.com/grafana/grafana/pkg/api/apierrors"
	"github.com/grafana/grafana/pkg/api/dtos"
	"github.com/grafana/grafana/pkg/api/response"
	"github.com/grafana/grafana/pkg/models"
	"github.com/grafana/grafana/pkg/services/dashboards"
	"github.com/grafana/grafana/pkg/services/folder"
	"github.com/grafana/grafana/pkg/services/guardian"
	"github.com/grafana/grafana/pkg/util"
	"github.com/grafana/grafana/pkg/web"
)

// swagger:route GET /folders/{folder_uid}/permissions folder_permissions getFolderPermissionList
//
// Gets all existing permissions for the folder with the given `uid`.
//
// Responses:
// 200: getFolderPermissionListResponse
// 401: unauthorisedError
// 403: forbiddenError
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) GetFolderPermissionList(c *models.ReqContext) response.Response {
	uid := web.Params(c.Req)[":uid"]
	folder, err := hs.folderService.Get(c.Req.Context(), &folder.GetFolderQuery{OrgID: c.OrgID, UID: &uid, SignedInUser: c.SignedInUser})

	if err != nil {
		return apierrors.ToFolderErrorResponse(err)
	}

	g, err := guardian.New(c.Req.Context(), folder.ID, c.OrgID, c.SignedInUser)
	if err != nil {
		return response.Err(err)
	}

	if canAdmin, err := g.CanAdmin(); err != nil || !canAdmin {
		return apierrors.ToFolderErrorResponse(dashboards.ErrFolderAccessDenied)
	}

	acl, err := g.GetACL()
	if err != nil {
		return response.Error(500, "Failed to get folder permissions", err)
	}

	filteredACLs := make([]*dashboards.DashboardACLInfoDTO, 0, len(acl))
	for _, perm := range acl {
		if perm.UserID > 0 && dtos.IsHiddenUser(perm.UserLogin, c.SignedInUser, hs.Cfg) {
			continue
		}

		perm.FolderID = folder.ID
		perm.DashboardID = 0

		perm.UserAvatarURL = dtos.GetGravatarUrl(perm.UserEmail)

		if perm.TeamID > 0 {
			perm.TeamAvatarURL = dtos.GetGravatarUrlWithDefault(perm.TeamEmail, perm.Team)
		}

		if perm.Slug != "" {
			perm.URL = dashboards.GetDashboardFolderURL(perm.IsFolder, perm.UID, perm.Slug)
		}

		filteredACLs = append(filteredACLs, perm)
	}

	return response.JSON(http.StatusOK, filteredACLs)
}

// swagger:route POST /folders/{folder_uid}/permissions folder_permissions updateFolderPermissions
//
// Updates permissions for a folder. This operation will remove existing permissions if they’re not included in the request.
//
// Responses:
// 200: okResponse
// 401: unauthorisedError
// 403: forbiddenError
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) UpdateFolderPermissions(c *models.ReqContext) response.Response {
	apiCmd := dtos.UpdateDashboardACLCommand{}
	if err := web.Bind(c.Req, &apiCmd); err != nil {
		return response.Error(http.StatusBadRequest, "bad request data", err)
	}
	if err := validatePermissionsUpdate(apiCmd); err != nil {
		return response.Error(400, err.Error(), err)
	}

	uid := web.Params(c.Req)[":uid"]
	folder, err := hs.folderService.Get(c.Req.Context(), &folder.GetFolderQuery{OrgID: c.OrgID, UID: &uid, SignedInUser: c.SignedInUser})
	if err != nil {
		return apierrors.ToFolderErrorResponse(err)
	}

	g, err := guardian.New(c.Req.Context(), folder.ID, c.OrgID, c.SignedInUser)
	if err != nil {
		return response.Err(err)
	}

	canAdmin, err := g.CanAdmin()
	if err != nil {
		return apierrors.ToFolderErrorResponse(err)
	}

	if !canAdmin {
		return apierrors.ToFolderErrorResponse(dashboards.ErrFolderAccessDenied)
	}

	items := make([]*dashboards.DashboardACL, 0, len(apiCmd.Items))
	for _, item := range apiCmd.Items {
		items = append(items, &dashboards.DashboardACL{
			OrgID:       c.OrgID,
			DashboardID: folder.ID,
			UserID:      item.UserID,
			TeamID:      item.TeamID,
			Role:        item.Role,
			Permission:  item.Permission,
			Created:     time.Now(),
			Updated:     time.Now(),
		})
	}

	hiddenACL, err := g.GetHiddenACL(hs.Cfg)
	if err != nil {
		return response.Error(500, "Error while retrieving hidden permissions", err)
	}
	items = append(items, hiddenACL...)

	if okToUpdate, err := g.CheckPermissionBeforeUpdate(dashboards.PERMISSION_ADMIN, items); err != nil || !okToUpdate {
		if err != nil {
			if errors.Is(err, guardian.ErrGuardianPermissionExists) ||
				errors.Is(err, guardian.ErrGuardianOverride) {
				return response.Error(400, err.Error(), err)
			}

			return response.Error(500, "Error while checking folder permissions", err)
		}

		return response.Error(403, "Cannot remove own admin permission for a folder", nil)
	}

	if !hs.AccessControl.IsDisabled() {
		old, err := g.GetACL()
		if err != nil {
			return response.Error(500, "Error while checking dashboard permissions", err)
		}
		if err := hs.updateDashboardAccessControl(c.Req.Context(), c.OrgID, folder.UID, true, items, old); err != nil {
			return response.Error(500, "Failed to create permission", err)
		}
		return response.Success("Dashboard permissions updated")
	}

	if err := hs.DashboardService.UpdateDashboardACL(c.Req.Context(), folder.ID, items); err != nil {
		if errors.Is(err, dashboards.ErrDashboardACLInfoMissing) {
			err = dashboards.ErrFolderACLInfoMissing
		}
		if errors.Is(err, dashboards.ErrDashboardPermissionDashboardEmpty) {
			err = dashboards.ErrFolderPermissionFolderEmpty
		}

		if errors.Is(err, dashboards.ErrFolderACLInfoMissing) || errors.Is(err, dashboards.ErrFolderPermissionFolderEmpty) {
			return response.Error(409, err.Error(), err)
		}

		return response.Error(500, "Failed to create permission", err)
	}

	return response.JSON(http.StatusOK, util.DynMap{
		"message": "Folder permissions updated",
		"id":      folder.ID,
		"title":   folder.Title,
	})
}

// swagger:parameters getFolderPermissionList
type GetFolderPermissionListParams struct {
	// in:path
	// required:true
	FolderUID string `json:"folder_uid"`
}

// swagger:parameters updateFolderPermissions
type UpdateFolderPermissionsParams struct {
	// in:path
	// required:true
	FolderUID string `json:"folder_uid"`
	// in:body
	// required:true
	Body dtos.UpdateDashboardACLCommand
}

// swagger:response getFolderPermissionListResponse
type GetFolderPermissionsResponse struct {
	// in: body
	Body []*dashboards.DashboardACLInfoDTO `json:"body"`
}
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+								package api
 								import (
-												Chore: Handle wrapped errors (#29223)

* Chore: Handle wrapped errors

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
											
										
										
											2020-11-19 06:34:28 -06:00
+									"errors"
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+									"net/http"
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									"time"
-												Migrate to Wire for dependency injection (#32289)

Fixes #30144

Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2021-08-25 08:11:22 -05:00
+									"github.com/grafana/grafana/pkg/api/apierrors"
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									"github.com/grafana/grafana/pkg/api/dtos"
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+									"github.com/grafana/grafana/pkg/api/response"
-												Chore: Avoid aliasing importing models in api package (#22492)



											
										
										
											2020-03-04 05:57:20 -06:00
+									"github.com/grafana/grafana/pkg/models"
-												chore/backend: move dashboard errors to dashboard service (#51593)

* chore/backend: move dashboard errors to dashboard service

Dashboard-related models are slowly moving out of the models package and into dashboard services. This commit moves dashboard-related errors; the rest will come in later commits.

There are no logical code changes, this is only a structural (package) move.

* lint lint lint
											
										
										
											2022-06-30 08:31:54 -05:00
+									"github.com/grafana/grafana/pkg/services/dashboards"
-												Nested Folders: Support getting of nested folder in folder service wh… (#58597)

* Nested Folders: Support getting of nested folder in folder service when feature flag is set

* Fix lint

* Fix some tests

* Fix ngalert test

* ngalert fix

* Fix API tests

* Fix some tests and lint

* Fix lint 2

* Fix library elements and panels

* Add access control to get folder

* Cleanup and minor test change
											
										
										
											2022-11-11 07:28:24 -06:00
+									"github.com/grafana/grafana/pkg/services/folder"
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									"github.com/grafana/grafana/pkg/services/guardian"
-												API: return resource ID for auth key creation, folder permissions update and user invite complete endpoints (#27419)

* API: add ID to auth key and folder endpoints

* API: add test for folder permissions update

* API: add created user id for /invite/complete endpoint
											
										
										
											2020-09-07 10:06:11 -05:00
+									"github.com/grafana/grafana/pkg/util"
-												Chore: replace macaron with web package (#40136)

* replace macaron with web package

* add web.go
											
										
										
											2021-10-11 07:30:59 -05:00
+									"github.com/grafana/grafana/pkg/web"
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+								)
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route GET /folders/{folder_uid}/permissions folder_permissions getFolderPermissionList
 								//
 								// Gets all existing permissions for the folder with the given `uid`.
 								//
 								// Responses:
 								// 200: getFolderPermissionListResponse
 								// 401: unauthorisedError
 								// 403: forbiddenError
 								// 404: notFoundError
 								// 500: internalServerError
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+								func (hs *HTTPServer) GetFolderPermissionList(c *models.ReqContext) response.Response {
-												Nested Folders: Support getting of nested folder in folder service wh… (#58597)

* Nested Folders: Support getting of nested folder in folder service when feature flag is set

* Fix lint

* Fix some tests

* Fix ngalert test

* ngalert fix

* Fix API tests

* Fix some tests and lint

* Fix lint 2

* Fix library elements and panels

* Add access control to get folder

* Cleanup and minor test change
											
										
										
											2022-11-11 07:28:24 -06:00
+									uid := web.Params(c.Req)[":uid"]
-												Nested Folders: Set user in the API level (#59148)


											
										
										
											2022-11-23 03:13:47 -06:00
+									folder, err := hs.folderService.Get(c.Req.Context(), &folder.GetFolderQuery{OrgID: c.OrgID, UID: &uid, SignedInUser: c.SignedInUser})
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
 									if err != nil {
-												Migrate to Wire for dependency injection (#32289)

Fixes #30144

Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2021-08-25 08:11:22 -05:00
+										return apierrors.ToFolderErrorResponse(err)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									}
-												Guardian: Introduce additional constructors (#59577)

* Guardian: Use dashboard UID instead of ID

* Apply suggestions from code review

Introduce several guardian constructors and each time use
the most appropriate one.
											
										
										
											2022-12-15 08:34:17 -06:00
+									g, err := guardian.New(c.Req.Context(), folder.ID, c.OrgID, c.SignedInUser)
 									if err != nil {
 										return response.Err(err)
 									}
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
-												folders: handle new guardian error responses and add tests

											
										
										
											2018-02-26 13:14:21 -06:00
+									if canAdmin, err := g.CanAdmin(); err != nil || !canAdmin {
-												chore/backend: move dashboard errors to dashboard service (#51593)

* chore/backend: move dashboard errors to dashboard service

Dashboard-related models are slowly moving out of the models package and into dashboard services. This commit moves dashboard-related errors; the rest will come in later commits.

There are no logical code changes, this is only a structural (package) move.

* lint lint lint
											
										
										
											2022-06-30 08:31:54 -05:00
+										return apierrors.ToFolderErrorResponse(dashboards.ErrFolderAccessDenied)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									}
-												Rename Acl to ACL (#52342)

* Rename Acl to ACL

* Fix yaml files

* Add xorm tags and fix test
											
										
										
											2022-07-18 08:14:58 -05:00
+									acl, err := g.GetACL()
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									if err != nil {
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+										return response.Error(500, "Failed to get folder permissions", err)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									}
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+									filteredACLs := make([]*dashboards.DashboardACLInfoDTO, 0, len(acl))
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									for _, perm := range acl {
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+										if perm.UserID > 0 && dtos.IsHiddenUser(perm.UserLogin, c.SignedInUser, hs.Cfg) {
-												Add an option to hide certain users in the UI (#28942)

* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2020-11-24 05:10:32 -06:00
+											continue
 										}
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+										perm.FolderID = folder.ID
 										perm.DashboardID = 0
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+										perm.UserAvatarURL = dtos.GetGravatarUrl(perm.UserEmail)
-												permissions: return user and team avatar in folder permissions api

											
										
										
											2018-04-04 08:51:19 -05:00
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+										if perm.TeamID > 0 {
 											perm.TeamAvatarURL = dtos.GetGravatarUrlWithDefault(perm.TeamEmail, perm.Team)
-												permissions: return user and team avatar in folder permissions api

											
										
										
											2018-04-04 08:51:19 -05:00
+										}
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+										if perm.Slug != "" {
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+											perm.URL = dashboards.GetDashboardFolderURL(perm.IsFolder, perm.UID, perm.Slug)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+										}
-												Add an option to hide certain users in the UI (#28942)

* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2020-11-24 05:10:32 -06:00
-												Rename Acl to ACL (#52342)

* Rename Acl to ACL

* Fix yaml files

* Add xorm tags and fix test
											
										
										
											2022-07-18 08:14:58 -05:00
+										filteredACLs = append(filteredACLs, perm)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									}
-												Rename Acl to ACL (#52342)

* Rename Acl to ACL

* Fix yaml files

* Add xorm tags and fix test
											
										
										
											2022-07-18 08:14:58 -05:00
+									return response.JSON(http.StatusOK, filteredACLs)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route POST /folders/{folder_uid}/permissions folder_permissions updateFolderPermissions
 								//
 								// Updates permissions for a folder. This operation will remove existing permissions if they’re not included in the request.
 								//
 								// Responses:
 								// 200: okResponse
 								// 401: unauthorisedError
 								// 403: forbiddenError
 								// 404: notFoundError
 								// 500: internalServerError
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+								func (hs *HTTPServer) UpdateFolderPermissions(c *models.ReqContext) response.Response {
-												Rename Acl to ACL (#52342)

* Rename Acl to ACL

* Fix yaml files

* Add xorm tags and fix test
											
										
										
											2022-07-18 08:14:58 -05:00
+									apiCmd := dtos.UpdateDashboardACLCommand{}
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+									if err := web.Bind(c.Req, &apiCmd); err != nil {
 										return response.Error(http.StatusBadRequest, "bad request data", err)
 									}
-												Permissions: Validate against Team/User permission role update (#29101)

* validate against role field update

* lowercase error string

* make all msgs consistent style

* fix wording

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* sayonara simple json

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2020-11-18 08:36:41 -06:00
+									if err := validatePermissionsUpdate(apiCmd); err != nil {
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+										return response.Error(400, err.Error(), err)
-												Permissions: Validate against Team/User permission role update (#29101)

* validate against role field update

* lowercase error string

* make all msgs consistent style

* fix wording

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* sayonara simple json

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2020-11-18 08:36:41 -06:00
+									}
-												Nested Folders: Support getting of nested folder in folder service wh… (#58597)

* Nested Folders: Support getting of nested folder in folder service when feature flag is set

* Fix lint

* Fix some tests

* Fix ngalert test

* ngalert fix

* Fix API tests

* Fix some tests and lint

* Fix lint 2

* Fix library elements and panels

* Add access control to get folder

* Cleanup and minor test change
											
										
										
											2022-11-11 07:28:24 -06:00
+									uid := web.Params(c.Req)[":uid"]
-												Nested Folders: Set user in the API level (#59148)


											
										
										
											2022-11-23 03:13:47 -06:00
+									folder, err := hs.folderService.Get(c.Req.Context(), &folder.GetFolderQuery{OrgID: c.OrgID, UID: &uid, SignedInUser: c.SignedInUser})
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									if err != nil {
-												Migrate to Wire for dependency injection (#32289)

Fixes #30144

Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2021-08-25 08:11:22 -05:00
+										return apierrors.ToFolderErrorResponse(err)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									}
-												Guardian: Introduce additional constructors (#59577)

* Guardian: Use dashboard UID instead of ID

* Apply suggestions from code review

Introduce several guardian constructors and each time use
the most appropriate one.
											
										
										
											2022-12-15 08:34:17 -06:00
+									g, err := guardian.New(c.Req.Context(), folder.ID, c.OrgID, c.SignedInUser)
 									if err != nil {
 										return response.Err(err)
 									}
-												folders: handle new guardian error responses and add tests

											
										
										
											2018-02-26 13:14:21 -06:00
+									canAdmin, err := g.CanAdmin()
-												folders: folder permissions api tests

											
										
										
											2018-02-20 11:11:50 -06:00
+									if err != nil {
-												Migrate to Wire for dependency injection (#32289)

Fixes #30144

Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2021-08-25 08:11:22 -05:00
+										return apierrors.ToFolderErrorResponse(err)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									}
-												folders: folder permissions api tests

											
										
										
											2018-02-20 11:11:50 -06:00
+									if !canAdmin {
-												chore/backend: move dashboard errors to dashboard service (#51593)

* chore/backend: move dashboard errors to dashboard service

Dashboard-related models are slowly moving out of the models package and into dashboard services. This commit moves dashboard-related errors; the rest will come in later commits.

There are no logical code changes, this is only a structural (package) move.

* lint lint lint
											
										
										
											2022-06-30 08:31:54 -05:00
+										return apierrors.ToFolderErrorResponse(dashboards.ErrFolderAccessDenied)
-												folders: folder permissions api tests

											
										
										
											2018-02-20 11:11:50 -06:00
+									}
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+									items := make([]*dashboards.DashboardACL, 0, len(apiCmd.Items))
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									for _, item := range apiCmd.Items {
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+										items = append(items, &dashboards.DashboardACL{
-												Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343)

* Chore: Add user service method SetUsingOrg

* Chore: Add user service method GetSignedInUserWithCacheCtx

* Use method GetSignedInUserWithCacheCtx from user service

* Fix lint after rebase

* Fix lint

* Fix lint error

* roll back some changes

* Roll back changes in api and middleware

* Add xorm tags to SignedInUser ID fields
											
										
										
											2022-08-11 06:28:55 -05:00
+											OrgID:       c.OrgID,
-												Nested Folders: Support getting of nested folder in folder service wh… (#58597)

* Nested Folders: Support getting of nested folder in folder service when feature flag is set

* Fix lint

* Fix some tests

* Fix ngalert test

* ngalert fix

* Fix API tests

* Fix some tests and lint

* Fix lint 2

* Fix library elements and panels

* Add access control to get folder

* Cleanup and minor test change
											
										
										
											2022-11-11 07:28:24 -06:00
+											DashboardID: folder.ID,
-												Backend: Rename variables for style conformance (#29097)

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2020-11-17 10:09:14 -06:00
+											UserID:      item.UserID,
 											TeamID:      item.TeamID,
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+											Role:        item.Role,
 											Permission:  item.Permission,
 											Created:     time.Now(),
 											Updated:     time.Now(),
 										})
 									}
-												Add an option to hide certain users in the UI (#28942)

* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2020-11-24 05:10:32 -06:00
+									hiddenACL, err := g.GetHiddenACL(hs.Cfg)
 									if err != nil {
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+										return response.Error(500, "Error while retrieving hidden permissions", err)
-												Add an option to hide certain users in the UI (#28942)

* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2020-11-24 05:10:32 -06:00
+									}
-												PluginManager: Make Plugins, Renderer and DataSources non-global (#31866)

* PluginManager: Make Plugins and DataSources non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix integration tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Replace outdated command

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* DashboardService: Ensure it gets constructed with necessary parameters

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix build

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* DashboardService: Ensure it gets constructed with necessary parameters

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove dead code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove FocusConvey

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove dead code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Undo interface changes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Backend: Move tsdbifaces.RequestHandler to plugins.DataRequestHandler

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Rename to DataSourceCount

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Consolidate dashboard interfaces into one

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix dashboard integration tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-03-17 10:06:10 -05:00
+									items = append(items, hiddenACL...)
-												Add an option to hide certain users in the UI (#28942)

* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
											
										
										
											2020-11-24 05:10:32 -06:00
-												chore: move dashboard_acl models into dashboard service (#62151)


											
										
										
											2023-01-26 07:46:30 -06:00
+									if okToUpdate, err := g.CheckPermissionBeforeUpdate(dashboards.PERMISSION_ADMIN, items); err != nil || !okToUpdate {
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+										if err != nil {
-												Chore: Handle wrapped errors (#29223)

* Chore: Handle wrapped errors

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
											
										
										
											2020-11-19 06:34:28 -06:00
+											if errors.Is(err, guardian.ErrGuardianPermissionExists) ||
 												errors.Is(err, guardian.ErrGuardianOverride) {
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+												return response.Error(400, err.Error(), err)
-												folders: handle new guardian error responses and add tests

											
										
										
											2018-02-26 13:14:21 -06:00
+											}
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+											return response.Error(500, "Error while checking folder permissions", err)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+										}
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+										return response.Error(403, "Cannot remove own admin permission for a folder", nil)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									}
-												Access control: refactor RBAC checks (#48107)

* refactor RBAC checks

* fix a test

* another test fix

* and another
											
										
										
											2022-04-25 03:42:09 -05:00
+									if !hs.AccessControl.IsDisabled() {
-												Rename Acl to ACL (#52342)

* Rename Acl to ACL

* Fix yaml files

* Add xorm tags and fix test
											
										
										
											2022-07-18 08:14:58 -05:00
+										old, err := g.GetACL()
-												Access control: Use access control for dashboard and folder (#44702)

* Add actions and scopes

* add resource service for dashboard and folder

* Add dashboard guardian with fgac permission evaluation

* Add CanDelete function to guardian interface

* Add CanDelete property to folder and dashboard dto and set values

* change to correct function name

* Add accesscontrol to folder endpoints

* add access control to dashboard endpoints

* check access for nav links

* Add fixed roles for dashboard and folders

* use correct package

* add hack to override guardian Constructor if accesscontrol is enabled

* Add services

* Add function to handle api backward compatability

* Add permissionServices to HttpServer

* Set permission when new dashboard is created

* Add default permission when creating new dashboard

* Set default permission when creating folder and dashboard

* Add access control filter for dashboard search

* Add to accept list

* Add accesscontrol to dashboardimport

* Disable access control in tests

* Add check to see if user is allow to create a dashboard

* Use SetPermissions

* Use function to set several permissions at once

* remove permissions for folder and dashboard on delete

* update required permission

* set permission for provisioning

* Add CanCreate to dashboard guardian and set correct permisisons for
provisioning

* Dont set admin on folder / dashboard creation

* Add dashboard and folder permission migrations

* Add tests for CanCreate

* Add roles and update descriptions

* Solve uid to id for dashboard and folder permissions

* Add folder and dashboard actions to permission filter

* Handle viewer_can_edit flag

* set folder and dashboard permissions services

* Add dashboard permissions when importing a new dashboard

* Set access control permissions on provisioning

* Pass feature flags and only set permissions if access control is enabled

* only add default permissions for folders and dashboards without folders

* Batch create permissions in migrations


* Remove `dashboards:edit` action

* Remove unused function from interface

* Update pkg/services/guardian/accesscontrol_guardian_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-03-03 08:05:47 -06:00
+										if err != nil {
 											return response.Error(500, "Error while checking dashboard permissions", err)
 										}
-												Nested Folders: Support getting of nested folder in folder service wh… (#58597)

* Nested Folders: Support getting of nested folder in folder service when feature flag is set

* Fix lint

* Fix some tests

* Fix ngalert test

* ngalert fix

* Fix API tests

* Fix some tests and lint

* Fix lint 2

* Fix library elements and panels

* Add access control to get folder

* Cleanup and minor test change
											
										
										
											2022-11-11 07:28:24 -06:00
+										if err := hs.updateDashboardAccessControl(c.Req.Context(), c.OrgID, folder.UID, true, items, old); err != nil {
-												Access control: Use access control for dashboard and folder (#44702)

* Add actions and scopes

* add resource service for dashboard and folder

* Add dashboard guardian with fgac permission evaluation

* Add CanDelete function to guardian interface

* Add CanDelete property to folder and dashboard dto and set values

* change to correct function name

* Add accesscontrol to folder endpoints

* add access control to dashboard endpoints

* check access for nav links

* Add fixed roles for dashboard and folders

* use correct package

* add hack to override guardian Constructor if accesscontrol is enabled

* Add services

* Add function to handle api backward compatability

* Add permissionServices to HttpServer

* Set permission when new dashboard is created

* Add default permission when creating new dashboard

* Set default permission when creating folder and dashboard

* Add access control filter for dashboard search

* Add to accept list

* Add accesscontrol to dashboardimport

* Disable access control in tests

* Add check to see if user is allow to create a dashboard

* Use SetPermissions

* Use function to set several permissions at once

* remove permissions for folder and dashboard on delete

* update required permission

* set permission for provisioning

* Add CanCreate to dashboard guardian and set correct permisisons for
provisioning

* Dont set admin on folder / dashboard creation

* Add dashboard and folder permission migrations

* Add tests for CanCreate

* Add roles and update descriptions

* Solve uid to id for dashboard and folder permissions

* Add folder and dashboard actions to permission filter

* Handle viewer_can_edit flag

* set folder and dashboard permissions services

* Add dashboard permissions when importing a new dashboard

* Set access control permissions on provisioning

* Pass feature flags and only set permissions if access control is enabled

* only add default permissions for folders and dashboards without folders

* Batch create permissions in migrations


* Remove `dashboards:edit` action

* Remove unused function from interface

* Update pkg/services/guardian/accesscontrol_guardian_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-03-03 08:05:47 -06:00
+											return response.Error(500, "Failed to create permission", err)
 										}
 										return response.Success("Dashboard permissions updated")
 									}
-												Nested Folders: Support getting of nested folder in folder service wh… (#58597)

* Nested Folders: Support getting of nested folder in folder service when feature flag is set

* Fix lint

* Fix some tests

* Fix ngalert test

* ngalert fix

* Fix API tests

* Fix some tests and lint

* Fix lint 2

* Fix library elements and panels

* Add access control to get folder

* Cleanup and minor test change
											
										
										
											2022-11-11 07:28:24 -06:00
+									if err := hs.DashboardService.UpdateDashboardACL(c.Req.Context(), folder.ID, items); err != nil {
-												chore: move dashboard_acl models into dashboard service (#62151)


											
										
										
											2023-01-26 07:46:30 -06:00
+										if errors.Is(err, dashboards.ErrDashboardACLInfoMissing) {
 											err = dashboards.ErrFolderACLInfoMissing
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+										}
-												chore: move dashboard_acl models into dashboard service (#62151)


											
										
										
											2023-01-26 07:46:30 -06:00
+										if errors.Is(err, dashboards.ErrDashboardPermissionDashboardEmpty) {
 											err = dashboards.ErrFolderPermissionFolderEmpty
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+										}
-												chore: move dashboard_acl models into dashboard service (#62151)


											
										
										
											2023-01-26 07:46:30 -06:00
+										if errors.Is(err, dashboards.ErrFolderACLInfoMissing) || errors.Is(err, dashboards.ErrFolderPermissionFolderEmpty) {
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+											return response.Error(409, err.Error(), err)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+										}
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+										return response.Error(500, "Failed to create permission", err)
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+									}
-												fix status code 200 (#47818)


											
										
										
											2022-04-15 07:01:58 -05:00
+									return response.JSON(http.StatusOK, util.DynMap{
-												API: return resource ID for auth key creation, folder permissions update and user invite complete endpoints (#27419)

* API: add ID to auth key and folder endpoints

* API: add test for folder permissions update

* API: add created user id for /invite/complete endpoint
											
										
										
											2020-09-07 10:06:11 -05:00
+										"message": "Folder permissions updated",
-												Nested Folders: Support getting of nested folder in folder service wh… (#58597)

* Nested Folders: Support getting of nested folder in folder service when feature flag is set

* Fix lint

* Fix some tests

* Fix ngalert test

* ngalert fix

* Fix API tests

* Fix some tests and lint

* Fix lint 2

* Fix library elements and panels

* Add access control to get folder

* Cleanup and minor test change
											
										
										
											2022-11-11 07:28:24 -06:00
+										"id":      folder.ID,
-												API: return resource ID for auth key creation, folder permissions update and user invite complete endpoints (#27419)

* API: add ID to auth key and folder endpoints

* API: add test for folder permissions update

* API: add created user id for /invite/complete endpoint
											
										
										
											2020-09-07 10:06:11 -05:00
+										"title":   folder.Title,
 									})
-												folders: folder permission api routes

											
										
										
											2018-02-20 08:25:16 -06:00
+								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
 								// swagger:parameters getFolderPermissionList
 								type GetFolderPermissionListParams struct {
 									// in:path
 									// required:true
 									FolderUID string `json:"folder_uid"`
 								}
 								// swagger:parameters updateFolderPermissions
 								type UpdateFolderPermissionsParams struct {
 									// in:path
 									// required:true
 									FolderUID string `json:"folder_uid"`
 									// in:body
 									// required:true
 									Body dtos.UpdateDashboardACLCommand
 								}
 								// swagger:response getFolderPermissionListResponse
 								type GetFolderPermissionsResponse struct {
 									// in: body
-												Chore: Remove dashboard ACL from models (#61749)

* Remove dashboard ACL from models

* Remove unused comment
											
										
										
											2023-01-20 07:58:47 -06:00
+									Body []*dashboards.DashboardACLInfoDTO `json:"body"`
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								}