dashboard: only admin permission added to dashboard in folder.

2025-01-21 22:13:38 -06:00 · 2019-03-11 15:34:32 +01:00 · 2019-03-11 15:34:32 +01:00 · 0b209de5d1
commit 0b209de5d1
parent d593ffe3c1
3 changed files with 25 additions and 19 deletions
--- a/pkg/api/dashboard.go
+++ b/pkg/api/dashboard.go
@ -279,7 +279,8 @@ func (hs *HTTPServer) PostDashboard(c *m.ReqContext, cmd m.SaveDashboardCommand)

 	if hs.Cfg.EditorsCanOwn && newDashboard {
 		aclService := dashboards.NewAclService()
-		err := aclService.MakeUserAdmin(cmd.OrgId, cmd.UserId, dashboard.Id)
+		inFolder := cmd.FolderId > 0
+		err := aclService.MakeUserAdmin(cmd.OrgId, cmd.UserId, dashboard.Id, !inFolder)
 		if err != nil {
 			hs.log.Error("Could not make user admin", "dashboard", cmd.Result.Title, "user", c.SignedInUser.UserId, "error", err)
 			return Error(500, "Failed to make user admin of dashboard", err)
--- a/pkg/api/folder.go
+++ b/pkg/api/folder.go
@ -63,7 +63,7 @@ func (hs *HTTPServer) CreateFolder(c *m.ReqContext, cmd m.CreateFolderCommand) R

 	if hs.Cfg.EditorsCanOwn {
 		aclService := dashboards.NewAclService()
-		if err := aclService.MakeUserAdmin(c.OrgId, c.SignedInUser.UserId, cmd.Result.Id); err != nil {
+		if err := aclService.MakeUserAdmin(c.OrgId, c.SignedInUser.UserId, cmd.Result.Id, true); err != nil {
 			hs.log.Error("Could not make user admin", "folder", cmd.Result.Title, "user", c.SignedInUser.UserId, "error", err)
 			return Error(500, "Failed to make user admin of folder", err)
 		}
--- a/pkg/services/dashboards/acl_service.go
+++ b/pkg/services/dashboards/acl_service.go
@ -18,7 +18,7 @@ type AclService struct {
 	log log.Logger
 }

-func (as *AclService) MakeUserAdmin(orgId int64, userId int64, dashboardId int64) error {
+func (as *AclService) MakeUserAdmin(orgId int64, userId int64, dashboardId int64, setViewAndEditPermissions bool) error {
 	rtEditor := models.ROLE_EDITOR
 	rtViewer := models.ROLE_VIEWER

@ -31,22 +31,27 @@ func (as *AclService) MakeUserAdmin(orgId int64, userId int64, dashboardId int64
 			Created:     time.Now(),
 			Updated:     time.Now(),
 		},
-		{
-			OrgId:       orgId,
-			DashboardId: dashboardId,
-			Role:        &rtEditor,
-			Permission:  models.PERMISSION_EDIT,
-			Created:     time.Now(),
-			Updated:     time.Now(),
-		},
-		{
-			OrgId:       orgId,
-			DashboardId: dashboardId,
-			Role:        &rtViewer,
-			Permission:  models.PERMISSION_VIEW,
-			Created:     time.Now(),
-			Updated:     time.Now(),
-		},
+	}
+
+	if setViewAndEditPermissions {
+		items = append(items,
+			&models.DashboardAcl{
+				OrgId:       orgId,
+				DashboardId: dashboardId,
+				Role:        &rtEditor,
+				Permission:  models.PERMISSION_EDIT,
+				Created:     time.Now(),
+				Updated:     time.Now(),
+			},
+			&models.DashboardAcl{
+				OrgId:       orgId,
+				DashboardId: dashboardId,
+				Role:        &rtViewer,
+				Permission:  models.PERMISSION_VIEW,
+				Created:     time.Now(),
+				Updated:     time.Now(),
+			},
+		)
 	}

 	aclCmd := &models.UpdateDashboardAclCommand{