IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Access control: Improve annotation delete performance (#85068)

Browse Source 
* Access control: Improve annotation delete performance

* simplify query string

* Refactor

* remove unnecessary join
This commit is contained in:
Alexander Zobnin 2024-03-26 11:50:51 +01:00 committed by GitHub
parent 2f5e3023c2
commit 02606be3ed
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
pkg/services/annotations/accesscontrol/accesscontrol.go
View File

@ -59,6 +59,14 @@ func (authz *AuthService) Authorize(ctx context.Context, orgID int64, query *ann
var visibleDashboards map[string]int64
var err error
if canAccessDashAnnotations {
if query.AnnotationID != 0 {
annotationDashboardID, err := authz.getAnnotationDashboard(ctx, query, orgID)
if err != nil {
return nil, ErrAccessControlInternal.Errorf("failed to fetch annotations: %w", err)
}
query.DashboardID = annotationDashboardID
}
visibleDashboards, err = authz.dashboardsWithVisibleAnnotations(ctx, query, orgID)
if err != nil {
return nil, ErrAccessControlInternal.Errorf("failed to fetch dashboards: %w", err)
@ -72,6 +80,32 @@ func (authz *AuthService) Authorize(ctx context.Context, orgID int64, query *ann
}, nil
}
func (authz *AuthService) getAnnotationDashboard(ctx context.Context, query *annotations.ItemQuery, orgID int64) (int64, error) {
var items []annotations.Item
params := make([]any, 0)
err := authz.db.WithDbSession(ctx, func(sess *db.Session) error {
sql := `
SELECT
a.id,
a.org_id,
a.dashboard_id
FROM annotation as a
WHERE a.org_id = ? AND a.id = ?
`
params = append(params, orgID, query.AnnotationID)
return sess.SQL(sql, params...).Find(&items)
})
if err != nil {
return 0, err
}
if len(items) == 0 {
return 0, ErrAccessControlInternal.Errorf("annotation not found")
}
return items[0].DashboardID, nil
}
func (authz *AuthService) dashboardsWithVisibleAnnotations(ctx context.Context, query *annotations.ItemQuery, orgID int64) (map[string]int64, error) {
recursiveQueriesSupported, err := authz.db.RecursiveQueriesAreSupported()
if err != nil {