2018-01-30 06:17:48 -06:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
2021-11-29 03:18:01 -06:00
|
|
|
"bytes"
|
2021-09-27 09:43:16 -05:00
|
|
|
"context"
|
2021-11-29 03:18:01 -06:00
|
|
|
"encoding/json"
|
2020-05-12 06:04:18 -05:00
|
|
|
"fmt"
|
2021-10-27 06:13:59 -05:00
|
|
|
"io"
|
2018-01-30 06:17:48 -06:00
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
|
|
|
"path/filepath"
|
2020-05-12 06:04:18 -05:00
|
|
|
"testing"
|
2018-01-30 06:17:48 -06:00
|
|
|
|
2022-05-17 13:52:22 -05:00
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
|
2021-01-15 07:43:20 -06:00
|
|
|
"github.com/grafana/grafana/pkg/api/response"
|
|
|
|
"github.com/grafana/grafana/pkg/api/routing"
|
2022-10-19 08:02:15 -05:00
|
|
|
"github.com/grafana/grafana/pkg/infra/db"
|
2020-12-15 12:09:04 -06:00
|
|
|
"github.com/grafana/grafana/pkg/infra/fs"
|
2022-01-20 04:10:12 -06:00
|
|
|
"github.com/grafana/grafana/pkg/infra/tracing"
|
2023-08-01 07:04:37 -05:00
|
|
|
"github.com/grafana/grafana/pkg/models/usertoken"
|
2021-08-24 04:36:28 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/accesscontrol"
|
2022-09-05 11:15:47 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/accesscontrol/acimpl"
|
2022-09-19 02:54:37 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/annotations/annotationstest"
|
2022-11-18 02:56:06 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/auth/authtest"
|
2023-08-01 07:04:37 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/authn"
|
2022-12-02 08:10:03 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/authn/authntest"
|
2020-12-11 04:44:44 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/contexthandler"
|
2023-01-27 01:50:36 -06:00
|
|
|
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
|
2022-05-25 03:41:51 -05:00
|
|
|
dashver "github.com/grafana/grafana/pkg/services/dashboardversion"
|
2022-01-26 11:44:20 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/featuremgmt"
|
2022-05-25 06:43:58 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/licensing"
|
2022-11-29 08:20:28 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/login"
|
2022-04-04 13:36:15 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/login/logintest"
|
2022-08-10 04:56:48 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/org"
|
2022-10-20 02:11:47 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/quota/quotatest"
|
2022-08-03 10:17:26 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/search"
|
2023-01-30 08:17:53 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/search/model"
|
2021-11-17 03:12:28 -06:00
|
|
|
"github.com/grafana/grafana/pkg/services/searchusers"
|
2022-08-02 09:58:05 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/user"
|
2022-08-04 06:22:43 -05:00
|
|
|
"github.com/grafana/grafana/pkg/services/user/usertest"
|
2020-12-11 04:44:44 -06:00
|
|
|
"github.com/grafana/grafana/pkg/setting"
|
2021-10-11 07:30:59 -05:00
|
|
|
"github.com/grafana/grafana/pkg/web"
|
2022-03-10 11:38:04 -06:00
|
|
|
"github.com/grafana/grafana/pkg/web/webtest"
|
2018-01-30 06:17:48 -06:00
|
|
|
)
|
|
|
|
|
2022-12-13 04:03:36 -06:00
|
|
|
func loggedInUserScenario(t *testing.T, desc string, url string, routePattern string, fn scenarioFunc, sqlStore db.DB) {
|
2022-08-10 04:56:48 -05:00
|
|
|
loggedInUserScenarioWithRole(t, desc, "GET", url, routePattern, org.RoleEditor, fn, sqlStore)
|
2018-01-30 06:17:48 -06:00
|
|
|
}
|
|
|
|
|
2022-12-13 04:03:36 -06:00
|
|
|
func loggedInUserScenarioWithRole(t *testing.T, desc string, method string, url string, routePattern string, role org.RoleType, fn scenarioFunc, sqlStore db.DB) {
|
2020-11-13 02:52:38 -06:00
|
|
|
t.Run(fmt.Sprintf("%s %s", desc, url), func(t *testing.T) {
|
|
|
|
sc := setupScenarioContext(t, url)
|
2022-02-03 02:20:20 -06:00
|
|
|
sc.sqlStore = sqlStore
|
2022-08-04 06:22:43 -05:00
|
|
|
sc.userService = usertest.NewUserServiceFake()
|
2023-01-27 01:50:36 -06:00
|
|
|
sc.defaultHandler = routing.Wrap(func(c *contextmodel.ReqContext) response.Response {
|
2018-01-30 06:17:48 -06:00
|
|
|
sc.context = c
|
2022-08-11 06:28:55 -05:00
|
|
|
sc.context.UserID = testUserID
|
|
|
|
sc.context.OrgID = testOrgID
|
2020-11-24 05:10:32 -06:00
|
|
|
sc.context.Login = testUserLogin
|
2018-01-30 06:17:48 -06:00
|
|
|
sc.context.OrgRole = role
|
2023-08-09 01:54:52 -05:00
|
|
|
sc.context.IsAnonymous = false
|
2018-01-30 06:17:48 -06:00
|
|
|
if sc.handlerFunc != nil {
|
|
|
|
return sc.handlerFunc(sc.context)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
switch method {
|
|
|
|
case "GET":
|
|
|
|
sc.m.Get(routePattern, sc.defaultHandler)
|
|
|
|
case "DELETE":
|
|
|
|
sc.m.Delete(routePattern, sc.defaultHandler)
|
|
|
|
}
|
|
|
|
fn(sc)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2020-11-13 02:52:38 -06:00
|
|
|
func anonymousUserScenario(t *testing.T, desc string, method string, url string, routePattern string, fn scenarioFunc) {
|
|
|
|
t.Run(fmt.Sprintf("%s %s", desc, url), func(t *testing.T) {
|
|
|
|
sc := setupScenarioContext(t, url)
|
2023-01-27 01:50:36 -06:00
|
|
|
sc.defaultHandler = routing.Wrap(func(c *contextmodel.ReqContext) response.Response {
|
2018-05-24 01:55:16 -05:00
|
|
|
sc.context = c
|
|
|
|
if sc.handlerFunc != nil {
|
|
|
|
return sc.handlerFunc(sc.context)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
|
|
|
|
switch method {
|
|
|
|
case "GET":
|
|
|
|
sc.m.Get(routePattern, sc.defaultHandler)
|
|
|
|
case "DELETE":
|
|
|
|
sc.m.Delete(routePattern, sc.defaultHandler)
|
|
|
|
}
|
|
|
|
|
|
|
|
fn(sc)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2018-01-30 06:17:48 -06:00
|
|
|
func (sc *scenarioContext) fakeReq(method, url string) *scenarioContext {
|
|
|
|
sc.resp = httptest.NewRecorder()
|
|
|
|
req, err := http.NewRequest(method, url, nil)
|
2020-11-13 02:52:38 -06:00
|
|
|
require.NoError(sc.t, err)
|
2022-02-09 06:44:38 -06:00
|
|
|
req.Header.Add("Content-Type", "application/json")
|
2018-01-30 06:17:48 -06:00
|
|
|
sc.req = req
|
|
|
|
|
|
|
|
return sc
|
|
|
|
}
|
|
|
|
|
|
|
|
func (sc *scenarioContext) fakeReqWithParams(method, url string, queryParams map[string]string) *scenarioContext {
|
|
|
|
sc.resp = httptest.NewRecorder()
|
|
|
|
req, err := http.NewRequest(method, url, nil)
|
2020-05-12 06:04:18 -05:00
|
|
|
// TODO: Depend on sc.t
|
|
|
|
if sc.t != nil {
|
|
|
|
require.NoError(sc.t, err)
|
|
|
|
} else if err != nil {
|
|
|
|
panic(fmt.Sprintf("Making request failed: %s", err))
|
|
|
|
}
|
|
|
|
|
2022-02-09 06:44:38 -06:00
|
|
|
req.Header.Add("Content-Type", "application/json")
|
|
|
|
|
2018-01-30 06:17:48 -06:00
|
|
|
q := req.URL.Query()
|
|
|
|
for k, v := range queryParams {
|
|
|
|
q.Add(k, v)
|
|
|
|
}
|
|
|
|
req.URL.RawQuery = q.Encode()
|
|
|
|
sc.req = req
|
|
|
|
return sc
|
|
|
|
}
|
|
|
|
|
2019-07-09 01:37:24 -05:00
|
|
|
func (sc *scenarioContext) fakeReqNoAssertions(method, url string) *scenarioContext {
|
|
|
|
sc.resp = httptest.NewRecorder()
|
|
|
|
req, _ := http.NewRequest(method, url, nil)
|
2022-02-09 06:44:38 -06:00
|
|
|
req.Header.Add("Content-Type", "application/json")
|
2019-07-09 01:37:24 -05:00
|
|
|
sc.req = req
|
|
|
|
|
|
|
|
return sc
|
|
|
|
}
|
|
|
|
|
|
|
|
func (sc *scenarioContext) fakeReqNoAssertionsWithCookie(method, url string, cookie http.Cookie) *scenarioContext {
|
|
|
|
sc.resp = httptest.NewRecorder()
|
|
|
|
http.SetCookie(sc.resp, &cookie)
|
|
|
|
|
|
|
|
req, _ := http.NewRequest(method, url, nil)
|
|
|
|
req.Header = http.Header{"Cookie": sc.resp.Header()["Set-Cookie"]}
|
2022-02-09 06:44:38 -06:00
|
|
|
req.Header.Add("Content-Type", "application/json")
|
2019-07-09 01:37:24 -05:00
|
|
|
sc.req = req
|
|
|
|
|
|
|
|
return sc
|
|
|
|
}
|
|
|
|
|
2018-01-30 06:17:48 -06:00
|
|
|
type scenarioContext struct {
|
2022-05-25 03:41:51 -05:00
|
|
|
t *testing.T
|
|
|
|
cfg *setting.Cfg
|
|
|
|
m *web.Mux
|
2023-01-27 01:50:36 -06:00
|
|
|
context *contextmodel.ReqContext
|
2022-05-25 03:41:51 -05:00
|
|
|
resp *httptest.ResponseRecorder
|
|
|
|
handlerFunc handlerFunc
|
|
|
|
defaultHandler web.Handler
|
|
|
|
req *http.Request
|
|
|
|
url string
|
2022-11-18 02:56:06 -06:00
|
|
|
userAuthTokenService *authtest.FakeUserAuthTokenService
|
2022-12-13 04:03:36 -06:00
|
|
|
sqlStore db.DB
|
2022-05-25 03:41:51 -05:00
|
|
|
authInfoService *logintest.AuthInfoServiceFake
|
|
|
|
dashboardVersionService dashver.Service
|
2022-08-02 09:58:05 -05:00
|
|
|
userService user.Service
|
2023-08-01 07:04:37 -05:00
|
|
|
ctxHdlr *contexthandler.ContextHandler
|
2018-01-30 06:17:48 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
func (sc *scenarioContext) exec() {
|
|
|
|
sc.m.ServeHTTP(sc.resp, sc.req)
|
|
|
|
}
|
|
|
|
|
|
|
|
type scenarioFunc func(c *scenarioContext)
|
2023-01-27 01:50:36 -06:00
|
|
|
type handlerFunc func(c *contextmodel.ReqContext) response.Response
|
2018-01-30 06:17:48 -06:00
|
|
|
|
2020-12-15 12:09:04 -06:00
|
|
|
func getContextHandler(t *testing.T, cfg *setting.Cfg) *contexthandler.ContextHandler {
|
2020-12-11 04:44:44 -06:00
|
|
|
t.Helper()
|
|
|
|
|
2020-12-15 12:09:04 -06:00
|
|
|
if cfg == nil {
|
|
|
|
cfg = setting.NewCfg()
|
|
|
|
}
|
|
|
|
|
2023-08-09 08:17:59 -05:00
|
|
|
return contexthandler.ProvideService(
|
|
|
|
cfg,
|
2023-09-27 02:51:57 -05:00
|
|
|
tracing.InitializeTracerForTest(),
|
2023-08-09 08:17:59 -05:00
|
|
|
featuremgmt.WithFeatures(),
|
2023-09-29 02:10:33 -05:00
|
|
|
&authntest.FakeService{ExpectedIdentity: &authn.Identity{ID: authn.AnonymousNamespaceID, SessionToken: &usertoken.UserToken{}}},
|
2023-08-09 08:17:59 -05:00
|
|
|
)
|
2020-12-11 04:44:44 -06:00
|
|
|
}
|
|
|
|
|
2020-11-13 02:52:38 -06:00
|
|
|
func setupScenarioContext(t *testing.T, url string) *scenarioContext {
|
2020-12-15 12:09:04 -06:00
|
|
|
cfg := setting.NewCfg()
|
2023-08-01 07:04:37 -05:00
|
|
|
ctxHdlr := getContextHandler(t, cfg)
|
2018-01-30 06:17:48 -06:00
|
|
|
sc := &scenarioContext{
|
2023-08-01 07:04:37 -05:00
|
|
|
url: url,
|
|
|
|
t: t,
|
|
|
|
cfg: cfg,
|
|
|
|
ctxHdlr: ctxHdlr,
|
2018-01-30 06:17:48 -06:00
|
|
|
}
|
2020-12-11 04:44:44 -06:00
|
|
|
viewsPath, err := filepath.Abs("../../public/views")
|
|
|
|
require.NoError(t, err)
|
2020-12-15 12:09:04 -06:00
|
|
|
exists, err := fs.Exists(viewsPath)
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.Truef(t, exists, "Views should be in %q", viewsPath)
|
2018-01-30 06:17:48 -06:00
|
|
|
|
2021-10-11 07:30:59 -05:00
|
|
|
sc.m = web.New()
|
|
|
|
sc.m.UseMiddleware(web.Renderer(viewsPath, "[[", "]]"))
|
2023-08-01 07:04:37 -05:00
|
|
|
sc.m.Use(ctxHdlr.Middleware)
|
2018-01-30 06:17:48 -06:00
|
|
|
|
|
|
|
return sc
|
|
|
|
}
|
2020-12-11 04:44:44 -06:00
|
|
|
|
2023-08-28 03:42:24 -05:00
|
|
|
// FIXME: This user should not be anonymous
|
|
|
|
func authedUserWithPermissions(userID, orgID int64, permissions []accesscontrol.Permission) *user.SignedInUser {
|
|
|
|
return &user.SignedInUser{UserID: userID, OrgID: orgID, OrgRole: org.RoleViewer, Permissions: map[int64]map[string][]string{orgID: accesscontrol.GroupScopesByAction(permissions)}}
|
|
|
|
}
|
|
|
|
|
2023-08-09 05:33:35 -05:00
|
|
|
// FIXME: This user should not be anonymous
|
2022-10-20 02:11:47 -05:00
|
|
|
func userWithPermissions(orgID int64, permissions []accesscontrol.Permission) *user.SignedInUser {
|
2023-08-09 05:33:35 -05:00
|
|
|
return &user.SignedInUser{IsAnonymous: true, OrgID: orgID, OrgRole: org.RoleViewer, Permissions: map[int64]map[string][]string{orgID: accesscontrol.GroupScopesByAction(permissions)}}
|
2022-10-20 02:11:47 -05:00
|
|
|
}
|
|
|
|
|
2022-01-26 11:44:20 -06:00
|
|
|
func setupSimpleHTTPServer(features *featuremgmt.FeatureManager) *HTTPServer {
|
|
|
|
if features == nil {
|
|
|
|
features = featuremgmt.WithFeatures()
|
|
|
|
}
|
|
|
|
cfg := setting.NewCfg()
|
|
|
|
cfg.IsFeatureToggleEnabled = features.IsEnabled
|
|
|
|
|
|
|
|
return &HTTPServer{
|
2022-09-19 02:54:37 -05:00
|
|
|
Cfg: cfg,
|
|
|
|
Features: features,
|
|
|
|
License: &licensing.OSSLicensingService{},
|
2022-10-20 02:11:47 -05:00
|
|
|
AccessControl: acimpl.ProvideAccessControl(cfg),
|
2022-09-19 02:54:37 -05:00
|
|
|
annotationsRepo: annotationstest.NewFakeAnnotationsRepo(),
|
2022-11-29 08:20:28 -06:00
|
|
|
authInfoService: &logintest.AuthInfoServiceFake{
|
|
|
|
ExpectedLabels: map[int64]string{int64(1): login.GetAuthProviderLabel(login.LDAPAuthModule)},
|
|
|
|
},
|
2022-01-26 11:44:20 -06:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-08-30 10:46:47 -05:00
|
|
|
func mockRequestBody(v any) io.ReadCloser {
|
2021-11-29 03:18:01 -06:00
|
|
|
b, _ := json.Marshal(v)
|
|
|
|
return io.NopCloser(bytes.NewReader(b))
|
|
|
|
}
|
2022-03-10 11:38:04 -06:00
|
|
|
|
|
|
|
// APITestServerOption option func for customizing HTTPServer configuration
|
|
|
|
// when setting up an API test server via SetupAPITestServer.
|
|
|
|
type APITestServerOption func(hs *HTTPServer)
|
|
|
|
|
|
|
|
// SetupAPITestServer sets up a webtest.Server ready for testing all
|
|
|
|
// routes registered via HTTPServer.registerRoutes().
|
|
|
|
// Optionally customize HTTPServer configuration by providing APITestServerOption
|
|
|
|
// option(s).
|
|
|
|
func SetupAPITestServer(t *testing.T, opts ...APITestServerOption) *webtest.Server {
|
|
|
|
t.Helper()
|
|
|
|
|
|
|
|
hs := &HTTPServer{
|
|
|
|
RouteRegister: routing.NewRouteRegister(),
|
2022-05-25 13:40:41 -05:00
|
|
|
License: &licensing.OSSLicensingService{},
|
2022-03-10 11:38:04 -06:00
|
|
|
Features: featuremgmt.WithFeatures(),
|
2022-11-14 13:08:10 -06:00
|
|
|
QuotaService: quotatest.New(false, nil),
|
2022-03-10 11:38:04 -06:00
|
|
|
searchUsersService: &searchusers.OSSService{},
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, opt := range opts {
|
|
|
|
opt(hs)
|
|
|
|
}
|
|
|
|
|
2022-10-20 02:11:47 -05:00
|
|
|
if hs.Cfg == nil {
|
|
|
|
hs.Cfg = setting.NewCfg()
|
|
|
|
}
|
|
|
|
|
|
|
|
if hs.AccessControl == nil {
|
|
|
|
hs.AccessControl = acimpl.ProvideAccessControl(hs.Cfg)
|
|
|
|
}
|
|
|
|
|
2022-03-10 11:38:04 -06:00
|
|
|
hs.registerRoutes()
|
2023-01-23 06:09:09 -06:00
|
|
|
|
2022-03-10 11:38:04 -06:00
|
|
|
s := webtest.NewServer(t, hs.RouteRegister)
|
2023-08-09 01:54:52 -05:00
|
|
|
|
|
|
|
viewsPath, err := filepath.Abs("../../public/views")
|
|
|
|
require.NoError(t, err)
|
|
|
|
s.Mux.UseMiddleware(web.Renderer(viewsPath, "[[", "]]"))
|
|
|
|
|
2022-03-10 11:38:04 -06:00
|
|
|
return s
|
|
|
|
}
|
2022-08-03 10:17:26 -05:00
|
|
|
|
2023-01-30 08:17:53 -06:00
|
|
|
type mockSearchService struct{ ExpectedResult model.HitList }
|
2022-08-03 10:17:26 -05:00
|
|
|
|
2023-03-30 04:28:12 -05:00
|
|
|
func (mss *mockSearchService) SearchHandler(_ context.Context, q *search.Query) (model.HitList, error) {
|
|
|
|
return mss.ExpectedResult, nil
|
2022-08-03 10:17:26 -05:00
|
|
|
}
|
|
|
|
|
2023-08-24 08:37:54 -05:00
|
|
|
func (mss *mockSearchService) SortOptions() []model.SortOption { return nil }
|