From 812112f2f6b33dae0e3c1452af94f2216d71fd0b Mon Sep 17 00:00:00 2001
From: Daniel Lee <dan.limerick@gmail.com>
Date: Tue, 20 Jun 2017 00:34:25 +0200
Subject: [PATCH] WIP: fix acl route

---
 pkg/api/dashboard_acl.go               | 4 ++--
 pkg/models/dashboard_acl.go            | 1 +
 pkg/services/sqlstore/dashboard_acl.go | 4 ++++
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/pkg/api/dashboard_acl.go b/pkg/api/dashboard_acl.go
index 4be7f57b139..28a59723db3 100644
--- a/pkg/api/dashboard_acl.go
+++ b/pkg/api/dashboard_acl.go
@@ -27,7 +27,7 @@ func GetDashboardAclList(c *middleware.Context) Response {
 }
 
 func PostDashboardAcl(c *middleware.Context, cmd m.SetDashboardAclCommand) Response {
-	dashId := c.ParamsInt64(":id")
+	dashId := c.ParamsInt64(":dashboardId")
 
 	guardian := guardian.NewDashboardGuardian(dashId, c.OrgId, c.SignedInUser)
 	if canSave, err := guardian.CanSave(); err != nil || !canSave {
@@ -38,7 +38,7 @@ func PostDashboardAcl(c *middleware.Context, cmd m.SetDashboardAclCommand) Respo
 	cmd.DashboardId = dashId
 
 	if err := bus.Dispatch(&cmd); err != nil {
-		if err == m.ErrDashboardPermissionUserOrUserGroupEmpty {
+		if err == m.ErrDashboardPermissionUserOrUserGroupEmpty || err == m.ErrDashboardPermissionDashboardEmpty {
 			return ApiError(409, err.Error(), err)
 		}
 		return ApiError(500, "Failed to create permission", err)
diff --git a/pkg/models/dashboard_acl.go b/pkg/models/dashboard_acl.go
index 8dde5f5623b..39180f2871f 100644
--- a/pkg/models/dashboard_acl.go
+++ b/pkg/models/dashboard_acl.go
@@ -25,6 +25,7 @@ func (p PermissionType) String() string {
 // Typed errors
 var (
 	ErrDashboardPermissionUserOrUserGroupEmpty = errors.New("User id and user group id cannot both be empty for a dashboard permission.")
+	ErrDashboardPermissionDashboardEmpty       = errors.New("Dashboard Id must be greater than zero for a dashboard permission.")
 )
 
 // Dashboard ACL model
diff --git a/pkg/services/sqlstore/dashboard_acl.go b/pkg/services/sqlstore/dashboard_acl.go
index d7d2f958910..227a27d58fe 100644
--- a/pkg/services/sqlstore/dashboard_acl.go
+++ b/pkg/services/sqlstore/dashboard_acl.go
@@ -20,6 +20,10 @@ func SetDashboardAcl(cmd *m.SetDashboardAclCommand) error {
 			return m.ErrDashboardPermissionUserOrUserGroupEmpty
 		}
 
+		if cmd.DashboardId == 0 {
+			return m.ErrDashboardPermissionDashboardEmpty
+		}
+
 		if res, err := sess.Query("SELECT 1 from "+dialect.Quote("dashboard_acl")+" WHERE dashboard_id =? and (user_group_id=? or user_id=?)", cmd.DashboardId, cmd.UserGroupId, cmd.UserId); err != nil {
 			return err
 		} else if len(res) == 1 {