Chore: Refactor securedata to remove global encryption calls from dashboard snapshots (#38714)

* Add encryption service

* Add tests for encryption service

* Inject encryption service into http server

* Replace encryption global function usage in login tests

* Migrate to Wire

* Move Encryption bindings to OSS Wire set

* Chore: Refactor securedata to remove global encryption calls from dashboard snapshots

* Fix dashboard snapshot tests

* Remove no longer user test

* Add dashboard snapshots service tests

* Refactor service initialization

* Set up dashboard snapshots service as a background service

Co-authored-by: Tania B <yalyna.ts@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

pkg/api/dashboard_snapshot.go

@@ -160,13 +160,8 @@ func GetDashboardSnapshot(c *models.ReqContext) response.Response {
 		return response.Error(404, "Dashboard snapshot not found", err)
 	}
 
-	dashboard, err := snapshot.DashboardJSON()
-	if err != nil {
-		return response.Error(500, "Failed to get dashboard data for dashboard snapshot", err)
-	}
-
 	dto := dtos.DashboardFullWithMeta{
-		Dashboard: dashboard,
+		Dashboard: snapshot.Dashboard,
 		Meta: dtos.DashboardMeta{
 			Type:       models.DashTypeSnapshot,
 			IsSnapshot: true,
@@ -256,11 +251,7 @@ func DeleteDashboardSnapshot(c *models.ReqContext) response.Response {
 		return response.Error(404, "Failed to get dashboard snapshot", nil)
 	}
 
-	dashboard, err := query.Result.DashboardJSON()
-	if err != nil {
-		return response.Error(500, "Failed to get dashboard data for dashboard snapshot", err)
-	}
-	dashboardID := dashboard.Get("id").MustInt64()
+	dashboardID := query.Result.Dashboard.Get("id").MustInt64()
 
 	guardian := guardian.New(dashboardID, c.OrgId, c.SignedInUser)
 	canEdit, err := guardian.CanEdit()

pkg/api/dashboard_snapshot_test.go

@@ -8,14 +8,11 @@ import (
 	"testing"
 	"time"
 
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-
 	"github.com/grafana/grafana/pkg/bus"
-	"github.com/grafana/grafana/pkg/components/securedata"
 	"github.com/grafana/grafana/pkg/components/simplejson"
 	"github.com/grafana/grafana/pkg/models"
-	"github.com/grafana/grafana/pkg/setting"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestDashboardSnapshotAPIEndpoint_singleSnapshot(t *testing.T) {
@@ -250,46 +247,5 @@ func TestDashboardSnapshotAPIEndpoint_singleSnapshot(t *testing.T) {
 
 				assert.Equal(t, int64(100), id.MustInt64())
 			})
-
-		loggedInUserScenarioWithRole(t, "Should be able to read a snapshot's encrypted data When calling GET on",
-			"GET", "/api/snapshots/12345", "/api/snapshots/:key", models.ROLE_EDITOR, func(sc *scenarioContext) {
-				origSecret := setting.SecretKey
-				setting.SecretKey = "dashboard_snapshot_api_test"
-				t.Cleanup(func() {
-					setting.SecretKey = origSecret
-				})
-
-				const dashboardID int64 = 123
-				jsonModel, err := simplejson.NewJson([]byte(fmt.Sprintf(`{"id":%d}`, dashboardID)))
-				require.NoError(t, err)
-
-				jsonModelEncoded, err := jsonModel.Encode()
-				require.NoError(t, err)
-
-				encrypted, err := securedata.Encrypt(jsonModelEncoded)
-				require.NoError(t, err)
-
-				// mock snapshot with encrypted dashboard info
-				mockSnapshotResult := &models.DashboardSnapshot{
-					Key:                "12345",
-					DashboardEncrypted: encrypted,
-					Expires:            time.Now().Add(time.Duration(1000) * time.Second),
-				}
-
-				setUpSnapshotTest(t)
-
-				bus.AddHandler("test", func(query *models.GetDashboardSnapshotQuery) error {
-					query.Result = mockSnapshotResult
-					return nil
-				})
-
-				sc.handlerFunc = GetDashboardSnapshot
-				sc.fakeReqWithParams("GET", sc.url, map[string]string{"key": "12345"}).exec()
-
-				assert.Equal(t, 200, sc.resp.Code)
-				respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
-				require.NoError(t, err)
-				assert.Equal(t, dashboardID, respJSON.Get("dashboard").Get("id").MustInt64())
-			})
 	})
 }