IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

LibraryPanels/RBAC: Fix issue where folder scopes weren't being correctly inherited (#82700)

Browse Source
This commit is contained in:
kay delaney
2024-02-16 14:17:41 +00:00
committed by GitHub
parent 7b415cf79e
commit 82e3e2e558
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/services/libraryelements/database.go
View File

@@ -21,6 +21,7 @@ import (
"github.com/grafana/grafana/pkg/services/org" "github.com/grafana/grafana/pkg/services/org"
"github.com/grafana/grafana/pkg/services/search" "github.com/grafana/grafana/pkg/services/search"
"github.com/grafana/grafana/pkg/services/sqlstore/migrator" "github.com/grafana/grafana/pkg/services/sqlstore/migrator"
"github.com/grafana/grafana/pkg/services/sqlstore/searchstore"
"github.com/grafana/grafana/pkg/setting" "github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/util" "github.com/grafana/grafana/pkg/util"
) )
@@ -283,7 +284,7 @@ func (l *LibraryElementService) getLibraryElements(c context.Context, store db.D
builder := db.NewSqlBuilder(cfg, features, store.GetDialect(), recursiveQueriesAreSupported) builder := db.NewSqlBuilder(cfg, features, store.GetDialect(), recursiveQueriesAreSupported)
builder.Write(selectLibraryElementDTOWithMeta) builder.Write(selectLibraryElementDTOWithMeta)
builder.Write(", ? as folder_name ", cmd.FolderName) builder.Write(", ? as folder_name ", cmd.FolderName)
builder.Write(", '' as folder_uid ") builder.Write(", COALESCE((SELECT folder.uid FROM folder WHERE folder.id = le.folder_id), '') as folder_uid ")
builder.Write(getFromLibraryElementDTOWithMeta(store.GetDialect())) builder.Write(getFromLibraryElementDTOWithMeta(store.GetDialect()))
metrics.MFolderIDsServiceCount.WithLabelValues(metrics.LibraryElements).Inc() metrics.MFolderIDsServiceCount.WithLabelValues(metrics.LibraryElements).Inc()
// nolint:staticcheck // nolint:staticcheck
@@ -295,7 +296,7 @@ func (l *LibraryElementService) getLibraryElements(c context.Context, store db.D
builder.Write(getFromLibraryElementDTOWithMeta(store.GetDialect())) builder.Write(getFromLibraryElementDTOWithMeta(store.GetDialect()))
builder.Write(" INNER JOIN dashboard AS dashboard on le.folder_id = dashboard.id AND le.folder_id <> 0") builder.Write(" INNER JOIN dashboard AS dashboard on le.folder_id = dashboard.id AND le.folder_id <> 0")
writeParamSelectorSQL(&builder, params...) writeParamSelectorSQL(&builder, params...)
builder.WriteDashboardPermissionFilter(signedInUser, dashboardaccess.PERMISSION_VIEW, "") builder.WriteDashboardPermissionFilter(signedInUser, dashboardaccess.PERMISSION_VIEW, searchstore.TypeFolder)
builder.Write(` OR dashboard.id=0`) builder.Write(` OR dashboard.id=0`)
if err := session.SQL(builder.GetSQLString(), builder.GetParams()...).Find(&libraryElements); err != nil { if err := session.SQL(builder.GetSQLString(), builder.GetParams()...).Find(&libraryElements); err != nil {
return err return err
@@ -321,11 +322,15 @@ func (l *LibraryElementService) getLibraryElements(c context.Context, store db.D
} }
metrics.MFolderIDsServiceCount.WithLabelValues(metrics.LibraryElements).Inc() metrics.MFolderIDsServiceCount.WithLabelValues(metrics.LibraryElements).Inc()
folderUID := libraryElement.FolderUID
if libraryElement.FolderID == 0 { // nolint:staticcheck
folderUID = ac.GeneralFolderUID
}
leDtos[i] = model.LibraryElementDTO{ leDtos[i] = model.LibraryElementDTO{
ID: libraryElement.ID, ID: libraryElement.ID,
OrgID: libraryElement.OrgID, OrgID: libraryElement.OrgID,
FolderID: libraryElement.FolderID, // nolint:staticcheck FolderID: libraryElement.FolderID, // nolint:staticcheck
FolderUID: libraryElement.FolderUID, FolderUID: folderUID,
UID: libraryElement.UID, UID: libraryElement.UID,
Name: libraryElement.Name, Name: libraryElement.Name,
Kind: libraryElement.Kind, Kind: libraryElement.Kind,