IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

dashboard acl work

Browse Source
This commit is contained in:
Torkel Ödegaard 2017-06-20 17:18:20 -04:00
parent 408c37170f
commit 43ffe826fa
6 changed files with 90 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
pkg/api/dashboard_acl.go
View File

@ -23,7 +23,39 @@ func GetDashboardAclList(c *middleware.Context) Response {
return ApiError(500, "Failed to get Dashboard ACL", err) return ApiError(500, "Failed to get Dashboard ACL", err)
} }
return Json(200, &query.Result) list := query.Result
hasViewRoleAcl := false
hasEditRoleAcl := false
for _, item := range list {
if item.Role == m.ROLE_EDITOR {
hasEditRoleAcl = true
}
if item.Role == m.ROLE_VIEWER {
hasViewRoleAcl = true
}
}
if !hasEditRoleAcl {
tmpList := append([]*m.DashboardAclInfoDTO{}, &m.DashboardAclInfoDTO{
Id: 0,
Role: m.ROLE_EDITOR,
Permissions: m.PERMISSION_EDIT,
PermissionName: "Edit",
})
list = append(tmpList, list...)
}
if !hasViewRoleAcl {
tmpList := append([]*m.DashboardAclInfoDTO{}, &m.DashboardAclInfoDTO{
Id: 0,
Role: m.ROLE_VIEWER,
Permissions: m.PERMISSION_VIEW,
PermissionName: "View",
})
list = append(tmpList, list...)
}
return Json(200, list)
} }
func PostDashboardAcl(c *middleware.Context, cmd m.SetDashboardAclCommand) Response { func PostDashboardAcl(c *middleware.Context, cmd m.SetDashboardAclCommand) Response {

11
pkg/models/dashboard_acl.go
View File

@ -8,16 +8,18 @@ import (
type PermissionType int type PermissionType int
const ( const (
PERMISSION_NONE = 0
PERMISSION_VIEW PermissionType = 1 << iota PERMISSION_VIEW PermissionType = 1 << iota
PERMISSION_READ_ONLY_EDIT
PERMISSION_EDIT PERMISSION_EDIT
PERMISSION_ADMIN
) )
func (p PermissionType) String() string { func (p PermissionType) String() string {
names := map[int]string{ names := map[int]string{
int(PERMISSION_VIEW): "View", int(PERMISSION_NONE): "None",
int(PERMISSION_READ_ONLY_EDIT): "Read-only Edit", int(PERMISSION_VIEW): "View",
int(PERMISSION_EDIT): "Edit", int(PERMISSION_EDIT): "Edit",
int(PERMISSION_ADMIN): "Admin",
} }
return names[int(p)] return names[int(p)]
} }
@ -55,6 +57,7 @@ type DashboardAclInfoDTO struct {
UserEmail string `json:"userEmail"` UserEmail string `json:"userEmail"`
UserGroupId int64 `json:"userGroupId"` UserGroupId int64 `json:"userGroupId"`
UserGroup string `json:"userGroup"` UserGroup string `json:"userGroup"`
Role RoleType `json:"role"`
Permissions PermissionType `json:"permissions"` Permissions PermissionType `json:"permissions"`
PermissionName string `json:"permissionName"` PermissionName string `json:"permissionName"`
} }

2
pkg/services/guardian/guardian.go
View File

@ -29,7 +29,7 @@ func (g *DashboardGuardian) CanSave() (bool, error) {
} }
func (g *DashboardGuardian) CanEdit() (bool, error) { func (g *DashboardGuardian) CanEdit() (bool, error) {
return g.HasPermission(m.PERMISSION_READ_ONLY_EDIT, m.ROLE_READ_ONLY_EDITOR) return g.HasPermission(m.PERMISSION_EDIT, m.ROLE_READ_ONLY_EDITOR)
} }
func (g *DashboardGuardian) CanView() (bool, error) { func (g *DashboardGuardian) CanView() (bool, error) {

8
public/app/core/directives/dash_edit_link.js
View File

@ -22,6 +22,7 @@ function ($, angular, coreModule, _) {
restrict: 'A', restrict: 'A',
link: function(scope, elem) { link: function(scope, elem) {
var editorScope; var editorScope;
var modalScope;
var lastEditView; var lastEditView;
function hideEditorPane(hideToShowOtherView) { function hideEditorPane(hideToShowOtherView) {
@ -47,6 +48,11 @@ function ($, angular, coreModule, _) {
editorScope = options.scope ? options.scope.$new() : scope.$new(); editorScope = options.scope ? options.scope.$new() : scope.$new();
editorScope.dismiss = function(hideToShowOtherView) { editorScope.dismiss = function(hideToShowOtherView) {
if (modalScope) {
modalScope.dismiss();
modalScope = null;
}
editorScope.$destroy(); editorScope.$destroy();
lastEditView = null; lastEditView = null;
editorScope = null; editorScope = null;
@ -73,7 +79,7 @@ function ($, angular, coreModule, _) {
}; };
if (options.isModal) { if (options.isModal) {
var modalScope = $rootScope.$new(); modalScope = $rootScope.$new();
modalScope.$on("$destroy", function() { modalScope.$on("$destroy", function() {
editorScope.dismiss(); editorScope.dismiss();
}); });

76
public/app/features/dashboard/acl/acl.html
View File

@ -36,53 +36,27 @@
<!-- </div> --> <!-- </div> -->
<!-- </form> --> <!-- </form> -->
<div> <table class="filter-table">
<div class="section"> <tr ng-repeat="acl in ctrl.aclItems">
<h5 class="section-heading">Groups & Users</h5> <td style="width: 100%;">
<div class="gf-form" ng-repeat="acl in ctrl.userAcl"> <i class="{{acl.icon}}"></i>
<span class="gf-form-label width-15"> <span ng-bind-html="acl.nameHtml"></span>
<i class="fa fa-fw fa-user"></i> </td>
{{acl.userLogin}} <td>can...</td>
</span> <td class="dropdown">
<div class="gf-form-select-wrapper"> <a class="pointer" style="white-space: nowrap">
<select class="gf-form-input gf-size-auto" ng-model="acl.permissions" ng-options="p.value as p.text for p in ctrl.permissionTypeOptions" ng-change="ctrl.updatePermission(permission)"></select> {{acl.permissionName}}
</div> <i class="fa fa-caret-down"></i>
<button class="btn btn-inverse gf-form-btn" ng-click="ctrl.addQuery()" ng-hide="ctrl.current.meta.mixed"> </a>
</td>
<td>
<a class="btn btn-inverse btn-small" ng-show="revision.version !== ctrl.dashboard.version" ng-click="ctrl.restore(revision.version)">
<i class="fa fa-remove"></i> <i class="fa fa-remove"></i>
</button> </a>
</div> </td>
<div class="gf-form dropdown"> </tr>
<button class="btn btn-inverse gf-form-btn" data-toggle="dropdown"> </table>
<i class="fa fa-fw fa-plus"></i> Add Permission
</button>
<ul class="dropdown-menu dropdown-menu--new">
<li>
<a class="pointer" ng-click="ctrl.addUserGroup()">
<i class="fa fa-fw fa-users"></i> User Group
</a>
</li>
<li>
<a class="pointer" ng-click="ctrl.addUserAcl()">
<i class="fa fa-fw fa-user"></i> User
</a>
</li>
</ul>
</div>
</div>
<div class="section pull-right">
<h5 class="section-heading">Built-in roles</h5>
<div class="gf-form" ng-repeat="roleAcl in ctrl.roles">
<span class="gf-form-label width-5">
{{roleAcl.name}}
</span>
<div class="gf-form-select-wrapper">
<select class="gf-form-input gf-size-auto" ng-model="roleAcl.permissions" ng-options="p.value as p.text for p in ctrl.roleOptions" ng-change="ctrl.updatePermission(permission)"></select>
</div>
</div>
</div>
</div>
<div class="clearfix"></div>
<div class="gf-form-button-row text-center"> <div class="gf-form-button-row text-center">
<button type="submit" class="btn btn-danger" ng-disabled="!ctrl.canUpdate">Update Permissions</button> <button type="submit" class="btn btn-danger" ng-disabled="!ctrl.canUpdate">Update Permissions</button>
@ -136,11 +110,11 @@
<!-- <td>{{role.name}}</td> --> <!-- <td>{{role.name}}</td> -->
<!-- <td><select class="gf&#45;form&#45;input gf&#45;size&#45;auto" ng&#45;model="role.permissions" ng&#45;options="p.value as p.text for p in ctrl.roleOptions" ng&#45;change="ctrl.updatePermission(role)"></select></td> --> <!-- <td><select class="gf&#45;form&#45;input gf&#45;size&#45;auto" ng&#45;model="role.permissions" ng&#45;options="p.value as p.text for p in ctrl.roleOptions" ng&#45;change="ctrl.updatePermission(role)"></select></td> -->
<!-- <td class="text&#45;right"> --> <!-- <td class="text&#45;right"> -->
<!-- --> <!-- -->
<!-- </td> --> <!-- </td> -->
<!-- </tr> --> <!-- </tr> -->
<!-- </tbody> --> <!-- </tbody> -->
<!-- </table> --> <!-- </table> -->
<!-- </div> --> <!-- </div> -->
<!-- </div> --> <!-- </div> -->
<!-- </div> --> <!-- </div> -->

43
public/app/features/dashboard/acl/acl.ts
View File

@ -6,32 +6,21 @@ import _ from 'lodash';
export class AclCtrl { export class AclCtrl {
dashboard: any; dashboard: any;
userAcl: DashboardAcl[]; aclItems: DashboardAcl[];
groupAcl: DashboardAcl[]; permissionOptions = [
permissionTypeOptions = [
{value: 1, text: 'View'}, {value: 1, text: 'View'},
{value: 2, text: 'Edit'}, {value: 2, text: 'Edit'},
{value: 4, text: 'Admin'} {value: 4, text: 'Admin'}
]; ];
roleOptions = [
{value: 0, text: 'No Access'},
{value: 1, text: 'View'},
{value: 2, text: 'Edit'},
{value: 4, text: 'Admin'}
];
roles = [];
type = 'User Group'; type = 'User Group';
permission = 1; permission = 1;
userId: number; userId: number;
userGroupId: number; userGroupId: number;
/** @ngInject */ /** @ngInject */
constructor(private backendSrv, private dashboardSrv) { constructor(private backendSrv, private dashboardSrv, private $sce) {
this.userAcl = []; this.aclItems = [];
this.groupAcl = [];
this.dashboard = dashboardSrv.getCurrent(); this.dashboard = dashboardSrv.getCurrent();
this.get(this.dashboard.id); this.get(this.dashboard.id);
} }
@ -39,20 +28,22 @@ export class AclCtrl {
get(dashboardId: number) { get(dashboardId: number) {
return this.backendSrv.get(`/api/dashboards/id/${dashboardId}/acl`) return this.backendSrv.get(`/api/dashboards/id/${dashboardId}/acl`)
.then(result => { .then(result => {
this.userAcl = _.filter(result, p => { return p.userId > 0;}); this.aclItems = _.map(result, item => {
this.groupAcl = _.filter(result, p => { return p.userGroupId > 0;}); if (item.userId > 0) {
this.roles = this.setRoles(result); item.icon = "fa fa-fw fa-user";
item.nameHtml = this.$sce.trustAsHtml(item.userLogin);
} else if (item.userGroupId > 0) {
item.icon = "fa fa-fw fa-users";
item.nameHtml = this.$sce.trustAsHtml(item.userGroup);
} else if (item.role) {
item.icon = "fa fa-fw fa-street-view";
item.nameHtml = this.$sce.trustAsHtml(`Everyone with <span class="query-keyword">${item.role}</span> Role`);
}
return item;
});
}); });
} }
setRoles(result: any) {
return [
{name: 'Viewer', permissions: 1},
{name: 'Editor', permissions: 2},
{name: 'Admin', permissions: 4}
];
}
addPermission() { addPermission() {
if (this.type === 'User') { if (this.type === 'User') {
if (!this.userId) { if (!this.userId) {