mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
WIP: Add or update Dashboard ACL
SQL Integration Tests for the guardian class too.
This commit is contained in:
Daniel Lee
71
pkg/services/sqlstore/dashboard_acl.go
Normal file
71
pkg/services/sqlstore/dashboard_acl.go
Normal file
@@ -0,0 +1,71 @@
|
||||
package sqlstore
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/go-xorm/xorm"
|
||||
"github.com/grafana/grafana/pkg/bus"
|
||||
m "github.com/grafana/grafana/pkg/models"
|
||||
)
|
||||
|
||||
func init() {
|
||||
bus.AddHandler("sql", AddOrUpdateDashboardPermission)
|
||||
bus.AddHandler("sql", GetDashboardPermissions)
|
||||
}
|
||||
|
||||
func AddOrUpdateDashboardPermission(cmd *m.AddOrUpdateDashboardPermissionCommand) error {
|
||||
return inTransaction(func(sess *xorm.Session) error {
|
||||
if res, err := sess.Query("SELECT 1 from dashboard_acl WHERE dashboard_id =? and (user_group_id=? or user_id=?)", cmd.DashboardId, cmd.UserGroupId, cmd.UserId); err != nil {
|
||||
return err
|
||||
} else if len(res) == 1 {
|
||||
entity := m.DashboardAcl{
|
||||
Permissions: cmd.PermissionType,
|
||||
}
|
||||
if _, err := sess.Cols("permissions").Where("dashboard_id =? and (user_group_id=? or user_id=?)", cmd.DashboardId, cmd.UserGroupId, cmd.UserId).Update(&entity); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
entity := m.DashboardAcl{
|
||||
OrgId: cmd.OrgId,
|
||||
UserGroupId: cmd.UserGroupId,
|
||||
UserId: cmd.UserId,
|
||||
Created: time.Now(),
|
||||
Updated: time.Now(),
|
||||
DashboardId: cmd.DashboardId,
|
||||
Permissions: cmd.PermissionType,
|
||||
}
|
||||
|
||||
cols := []string{"org_id", "created", "updated", "dashboard_id", "permissions"}
|
||||
|
||||
if cmd.UserId != 0 {
|
||||
cols = append(cols, "user_id")
|
||||
}
|
||||
|
||||
if cmd.UserGroupId != 0 {
|
||||
cols = append(cols, "user_group_id")
|
||||
}
|
||||
|
||||
_, err := sess.Cols(cols...).Insert(&entity)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
dashboard := m.Dashboard{
|
||||
HasAcl: true,
|
||||
}
|
||||
if _, err := sess.Cols("has_acl").Where("id=? OR parent_id=?", cmd.DashboardId, cmd.DashboardId).Update(&dashboard); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
})
|
||||
}
|
||||
|
||||
func GetDashboardPermissions(query *m.GetDashboardPermissionsQuery) error {
|
||||
sess := x.Where("dashboard_id=?", query.DashboardId)
|
||||
query.Result = make([]*m.DashboardAcl, 0)
|
||||
return sess.Find(&query.Result)
|
||||
}
|
||||
Reference in New Issue
Block a user