diff --git a/pkg/services/dashboards/dashboard.go b/pkg/services/dashboards/dashboard.go index 0190b48da68..86342d88084 100644 --- a/pkg/services/dashboards/dashboard.go +++ b/pkg/services/dashboards/dashboard.go @@ -22,7 +22,6 @@ type DashboardService interface { GetDashboardTags(ctx context.Context, query *GetDashboardTagsQuery) ([]*DashboardTagCloudItem, error) GetDashboardUIDByID(ctx context.Context, query *GetDashboardRefByIDQuery) (*DashboardRef, error) ImportDashboard(ctx context.Context, dto *SaveDashboardDTO) (*Dashboard, error) - MakeUserAdmin(ctx context.Context, orgID int64, userID, dashboardID int64, setViewAndEditPermissions bool) error SaveDashboard(ctx context.Context, dto *SaveDashboardDTO, allowUiUpdate bool) (*Dashboard, error) SearchDashboards(ctx context.Context, query *FindPersistedDashboardsQuery) (model.HitList, error) UpdateDashboardACL(ctx context.Context, uid int64, items []*DashboardACL) error diff --git a/pkg/services/dashboards/dashboard_service_mock.go b/pkg/services/dashboards/dashboard_service_mock.go index 734eee4866b..2ad05c430b9 100644 --- a/pkg/services/dashboards/dashboard_service_mock.go +++ b/pkg/services/dashboards/dashboard_service_mock.go @@ -42,23 +42,23 @@ func (_m *FakeDashboardService) BuildSaveDashboardCommand(ctx context.Context, d return r0, r1 } -// CountInFolder provides a mock function with given fields: ctx, orgID, uid, _a3 -func (_m *FakeDashboardService) CountInFolder(ctx context.Context, orgID int64, uid string, _a3 *user.SignedInUser) (int64, error) { - ret := _m.Called(ctx, orgID, uid, _a3) +// CountInFolder provides a mock function with given fields: ctx, orgID, folderUID, _a3 +func (_m *FakeDashboardService) CountInFolder(ctx context.Context, orgID int64, folderUID string, _a3 *user.SignedInUser) (int64, error) { + ret := _m.Called(ctx, orgID, folderUID, _a3) var r0 int64 var r1 error if rf, ok := ret.Get(0).(func(context.Context, int64, string, *user.SignedInUser) (int64, error)); ok { - return rf(ctx, orgID, uid, _a3) + return rf(ctx, orgID, folderUID, _a3) } if rf, ok := ret.Get(0).(func(context.Context, int64, string, *user.SignedInUser) int64); ok { - r0 = rf(ctx, orgID, uid, _a3) + r0 = rf(ctx, orgID, folderUID, _a3) } else { r0 = ret.Get(0).(int64) } if rf, ok := ret.Get(1).(func(context.Context, int64, string, *user.SignedInUser) error); ok { - r1 = rf(ctx, orgID, uid, _a3) + r1 = rf(ctx, orgID, folderUID, _a3) } else { r1 = ret.Error(1) } @@ -276,20 +276,6 @@ func (_m *FakeDashboardService) ImportDashboard(ctx context.Context, dto *SaveDa return r0, r1 } -// MakeUserAdmin provides a mock function with given fields: ctx, orgID, userID, dashboardID, setViewAndEditPermissions -func (_m *FakeDashboardService) MakeUserAdmin(ctx context.Context, orgID int64, userID int64, dashboardID int64, setViewAndEditPermissions bool) error { - ret := _m.Called(ctx, orgID, userID, dashboardID, setViewAndEditPermissions) - - var r0 error - if rf, ok := ret.Get(0).(func(context.Context, int64, int64, int64, bool) error); ok { - r0 = rf(ctx, orgID, userID, dashboardID, setViewAndEditPermissions) - } else { - r0 = ret.Error(0) - } - - return r0 -} - // SaveDashboard provides a mock function with given fields: ctx, dto, allowUiUpdate func (_m *FakeDashboardService) SaveDashboard(ctx context.Context, dto *SaveDashboardDTO, allowUiUpdate bool) (*Dashboard, error) { ret := _m.Called(ctx, dto, allowUiUpdate) diff --git a/pkg/services/dashboards/service/dashboard_service.go b/pkg/services/dashboards/service/dashboard_service.go index 8c1c29d7142..24d2fb37082 100644 --- a/pkg/services/dashboards/service/dashboard_service.go +++ b/pkg/services/dashboards/service/dashboard_service.go @@ -4,7 +4,6 @@ import ( "context" "fmt" "strings" - "time" "github.com/grafana/grafana-plugin-sdk-go/backend/gtime" @@ -403,49 +402,6 @@ func (dr *DashboardServiceImpl) GetDashboardByPublicUid(ctx context.Context, das return nil, nil } -func (dr *DashboardServiceImpl) MakeUserAdmin(ctx context.Context, orgID int64, userID int64, dashboardID int64, setViewAndEditPermissions bool) error { - rtEditor := org.RoleEditor - rtViewer := org.RoleViewer - - items := []*dashboards.DashboardACL{ - { - OrgID: orgID, - DashboardID: dashboardID, - UserID: userID, - Permission: dashboards.PERMISSION_ADMIN, - Created: time.Now(), - Updated: time.Now(), - }, - } - - if setViewAndEditPermissions { - items = append(items, - &dashboards.DashboardACL{ - OrgID: orgID, - DashboardID: dashboardID, - Role: &rtEditor, - Permission: dashboards.PERMISSION_EDIT, - Created: time.Now(), - Updated: time.Now(), - }, - &dashboards.DashboardACL{ - OrgID: orgID, - DashboardID: dashboardID, - Role: &rtViewer, - Permission: dashboards.PERMISSION_VIEW, - Created: time.Now(), - Updated: time.Now(), - }, - ) - } - - if err := dr.dashboardStore.UpdateDashboardACL(ctx, dashboardID, items); err != nil { - return err - } - - return nil -} - // DeleteProvisionedDashboard removes dashboard from the DB even if it is provisioned. func (dr *DashboardServiceImpl) DeleteProvisionedDashboard(ctx context.Context, dashboardId int64, orgId int64) error { return dr.deleteDashboard(ctx, dashboardId, orgId, false) @@ -504,34 +460,29 @@ func (dr *DashboardServiceImpl) GetDashboardsByPluginID(ctx context.Context, que func (dr *DashboardServiceImpl) setDefaultPermissions(ctx context.Context, dto *dashboards.SaveDashboardDTO, dash *dashboards.Dashboard, provisioned bool) error { inFolder := dash.FolderID > 0 - if !accesscontrol.IsDisabled(dr.cfg) { - var permissions []accesscontrol.SetResourcePermissionCommand - if !provisioned && dto.User.IsRealUser() && !dto.User.IsAnonymous { - permissions = append(permissions, accesscontrol.SetResourcePermissionCommand{ - UserID: dto.User.UserID, Permission: dashboards.PERMISSION_ADMIN.String(), - }) - } + var permissions []accesscontrol.SetResourcePermissionCommand - if !inFolder { - permissions = append(permissions, []accesscontrol.SetResourcePermissionCommand{ - {BuiltinRole: string(org.RoleEditor), Permission: dashboards.PERMISSION_EDIT.String()}, - {BuiltinRole: string(org.RoleViewer), Permission: dashboards.PERMISSION_VIEW.String()}, - }...) - } + if !provisioned && dto.User.IsRealUser() && !dto.User.IsAnonymous { + permissions = append(permissions, accesscontrol.SetResourcePermissionCommand{ + UserID: dto.User.UserID, Permission: dashboards.PERMISSION_ADMIN.String(), + }) + } - svc := dr.dashboardPermissions - if dash.IsFolder { - svc = dr.folderPermissions - } + if !inFolder { + permissions = append(permissions, []accesscontrol.SetResourcePermissionCommand{ + {BuiltinRole: string(org.RoleEditor), Permission: dashboards.PERMISSION_EDIT.String()}, + {BuiltinRole: string(org.RoleViewer), Permission: dashboards.PERMISSION_VIEW.String()}, + }...) + } - _, err := svc.SetPermissions(ctx, dto.OrgID, dash.UID, permissions...) - if err != nil { - return err - } - } else if dr.cfg.EditorsCanAdmin && !provisioned && dto.User.IsRealUser() && !dto.User.IsAnonymous { - if err := dr.MakeUserAdmin(ctx, dto.OrgID, dto.User.UserID, dash.ID, !inFolder); err != nil { - return err - } + svc := dr.dashboardPermissions + if dash.IsFolder { + svc = dr.folderPermissions + } + + _, err := svc.SetPermissions(ctx, dto.OrgID, dash.UID, permissions...) + if err != nil { + return err } return nil diff --git a/pkg/services/folder/folderimpl/folder.go b/pkg/services/folder/folderimpl/folder.go index 30dd5f34322..98193ab0d9f 100644 --- a/pkg/services/folder/folderimpl/folder.go +++ b/pkg/services/folder/folderimpl/folder.go @@ -6,7 +6,6 @@ import ( "fmt" "strings" "sync" - "time" "github.com/grafana/grafana/pkg/bus" "github.com/grafana/grafana/pkg/events" @@ -17,7 +16,6 @@ import ( "github.com/grafana/grafana/pkg/services/featuremgmt" "github.com/grafana/grafana/pkg/services/folder" "github.com/grafana/grafana/pkg/services/guardian" - "github.com/grafana/grafana/pkg/services/org" "github.com/grafana/grafana/pkg/services/sqlstore" "github.com/grafana/grafana/pkg/services/sqlstore/migrator" "github.com/grafana/grafana/pkg/services/store/entity" @@ -711,50 +709,6 @@ func (s *Service) getNestedFolders(ctx context.Context, orgID int64, uid string) return result, nil } -// MakeUserAdmin is copy of DashboardServiceImpl.MakeUserAdmin -func (s *Service) MakeUserAdmin(ctx context.Context, orgID int64, userID, folderID int64, setViewAndEditPermissions bool) error { - rtEditor := org.RoleEditor - rtViewer := org.RoleViewer - - items := []*dashboards.DashboardACL{ - { - OrgID: orgID, - DashboardID: folderID, - UserID: userID, - Permission: dashboards.PERMISSION_ADMIN, - Created: time.Now(), - Updated: time.Now(), - }, - } - - if setViewAndEditPermissions { - items = append(items, - &dashboards.DashboardACL{ - OrgID: orgID, - DashboardID: folderID, - Role: &rtEditor, - Permission: dashboards.PERMISSION_EDIT, - Created: time.Now(), - Updated: time.Now(), - }, - &dashboards.DashboardACL{ - OrgID: orgID, - DashboardID: folderID, - Role: &rtViewer, - Permission: dashboards.PERMISSION_VIEW, - Created: time.Now(), - Updated: time.Now(), - }, - ) - } - - if err := s.dashboardStore.UpdateDashboardACL(ctx, folderID, items); err != nil { - return err - } - - return nil -} - // BuildSaveDashboardCommand is a simplified version on DashboardServiceImpl.BuildSaveDashboardCommand // keeping only the meaningful functionality for folders func (s *Service) BuildSaveDashboardCommand(ctx context.Context, dto *dashboards.SaveDashboardDTO) (*dashboards.SaveDashboardCommand, error) { diff --git a/pkg/services/folder/foldertest/foldertest.go b/pkg/services/folder/foldertest/foldertest.go index dd865b07b36..a1fbf4368bb 100644 --- a/pkg/services/folder/foldertest/foldertest.go +++ b/pkg/services/folder/foldertest/foldertest.go @@ -39,9 +39,6 @@ func (s *FakeService) Update(ctx context.Context, cmd *folder.UpdateFolderComman func (s *FakeService) Delete(ctx context.Context, cmd *folder.DeleteFolderCommand) error { return s.ExpectedError } -func (s *FakeService) MakeUserAdmin(ctx context.Context, orgID int64, userID, folderID int64, setViewAndEditPermissions bool) error { - return s.ExpectedError -} func (s *FakeService) Move(ctx context.Context, cmd *folder.MoveFolderCommand) (*folder.Folder, error) { return s.ExpectedFolder, s.ExpectedError diff --git a/pkg/services/folder/service.go b/pkg/services/folder/service.go index 90dcd7b7f83..0d7a8218651 100644 --- a/pkg/services/folder/service.go +++ b/pkg/services/folder/service.go @@ -22,7 +22,6 @@ type Service interface { // a folder's parent folder, use Move. Update(ctx context.Context, cmd *UpdateFolderCommand) (*Folder, error) Delete(ctx context.Context, cmd *DeleteFolderCommand) error - MakeUserAdmin(ctx context.Context, orgID int64, userID, folderID int64, setViewAndEditPermissions bool) error // Move changes a folder's parent folder to the requested new parent. Move(ctx context.Context, cmd *MoveFolderCommand) (*Folder, error) RegisterService(service RegistryService) error