IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343)

Browse Source 
* Chore: Add user service method SetUsingOrg

* Chore: Add user service method GetSignedInUserWithCacheCtx

* Use method GetSignedInUserWithCacheCtx from user service

* Fix lint after rebase

* Fix lint

* Fix lint error

* roll back some changes

* Roll back changes in api and middleware

* Add xorm tags to SignedInUser ID fields
This commit is contained in:
idafurjes 2022-08-11 13:28:55 +02:00 committed by GitHub
parent ca72cd570e
commit a14621fff6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
191 changed files with 1108 additions and 1049 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/api/admin_users.go
View File

@ -303,7 +303,7 @@ func (hs *HTTPServer) AdminLogoutUser(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
if c.UserId == userID {
if c.UserID == userID {
return response.Error(400, "You cannot logout yourself", nil)
}

22
pkg/api/admin_users_test.go
View File

@ -251,8 +251,8 @@ func putAdminScenario(t *testing.T, desc string, url string, routePattern string
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = role
return hs.AdminUpdateUserPermissions(c)
@ -276,8 +276,8 @@ func adminLogoutUserScenario(t *testing.T, desc string, url string, routePattern
t.Log("Route handler invoked", "url", c.Req.URL)
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = org.RoleAdmin
return hs.AdminLogoutUser(c)
@ -304,8 +304,8 @@ func adminRevokeUserAuthTokenScenario(t *testing.T, desc string, url string, rou
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = org.RoleAdmin
return hs.AdminRevokeUserAuthToken(c)
@ -330,8 +330,8 @@ func adminGetUserAuthTokensScenario(t *testing.T, desc string, url string, route
sc.userAuthTokenService = fakeAuthTokenService
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = org.RoleAdmin
return hs.AdminGetUserAuthTokens(c)
@ -360,7 +360,7 @@ func adminDisableUserScenario(t *testing.T, desc string, action string, url stri
sc.authInfoService = authInfoService
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
sc.context = c
sc.context.UserId = testUserID
sc.context.UserID = testUserID
if action == "enable" {
return hs.AdminEnableUser(c)
@ -386,7 +386,7 @@ func adminDeleteUserScenario(t *testing.T, desc string, url string, routePattern
sc.authInfoService = &logintest.AuthInfoServiceFake{}
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
sc.context = c
sc.context.UserId = testUserID
sc.context.UserID = testUserID
return hs.AdminDeleteUser(c)
})
@ -414,7 +414,7 @@ func adminCreateUserScenario(t *testing.T, desc string, url string, routePattern
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.UserId = testUserID
sc.context.UserID = testUserID
return hs.AdminCreateUser(c)
})

34
pkg/api/alerting.go
View File

@ -33,7 +33,7 @@ func (hs *HTTPServer) ValidateOrgAlert(c *models.ReqContext) {
return
}
if c.OrgId != query.Result.OrgId {
if c.OrgID != query.Result.OrgId {
c.JsonApiErr(403, "You are not allowed to edit/view alert", nil)
return
}
@ -56,7 +56,7 @@ func (hs *HTTPServer) GetAlertStatesForDashboard(c *models.ReqContext) response.
}
query := models.GetAlertStatesForDashboardQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
DashboardId: c.QueryInt64("dashboardId"),
}
@ -103,7 +103,7 @@ func (hs *HTTPServer) GetAlerts(c *models.ReqContext) response.Response {
Tags: dashboardTags,
SignedInUser: c.SignedInUser,
Limit: 1000,
OrgId: c.OrgId,
OrgId: c.OrgID,
DashboardIds: dashboardIDs,
Type: string(models.DashHitDB),
FolderIds: folderIDs,
@ -128,7 +128,7 @@ func (hs *HTTPServer) GetAlerts(c *models.ReqContext) response.Response {
}
query := models.GetAlertsQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
DashboardIDs: dashboardIDs,
PanelId: c.QueryInt64("panelId"),
Limit: c.QueryInt64("limit"),
@ -171,7 +171,7 @@ func (hs *HTTPServer) AlertTest(c *models.ReqContext) response.Response {
return response.Error(400, "The dashboard needs to be saved at least once before you can test an alert rule", nil)
}
res, err := hs.AlertEngine.AlertTest(c.OrgId, dto.Dashboard, dto.PanelId, c.SignedInUser)
res, err := hs.AlertEngine.AlertTest(c.OrgID, dto.Dashboard, dto.PanelId, c.SignedInUser)
if err != nil {
var validationErr alerting.ValidationError
if errors.As(err, &validationErr) {
@ -294,7 +294,7 @@ func (hs *HTTPServer) GetAlertNotifications(c *models.ReqContext) response.Respo
}
func (hs *HTTPServer) getAlertNotificationsInternal(c *models.ReqContext) ([]*models.AlertNotification, error) {
query := &models.GetAllAlertNotificationsQuery{OrgId: c.OrgId}
query := &models.GetAllAlertNotificationsQuery{OrgId: c.OrgID}
if err := hs.AlertNotificationService.GetAllAlertNotifications(c.Req.Context(), query); err != nil {
return nil, err
@ -321,7 +321,7 @@ func (hs *HTTPServer) GetAlertNotificationByID(c *models.ReqContext) response.Re
return response.Error(http.StatusBadRequest, "notificationId is invalid", err)
}
query := &models.GetAlertNotificationsQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
Id: notificationId,
}
@ -354,7 +354,7 @@ func (hs *HTTPServer) GetAlertNotificationByID(c *models.ReqContext) response.Re
// 500: internalServerError
func (hs *HTTPServer) GetAlertNotificationByUID(c *models.ReqContext) response.Response {
query := &models.GetAlertNotificationsWithUidQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
Uid: web.Params(c.Req)[":uid"],
}
@ -390,7 +390,7 @@ func (hs *HTTPServer) CreateAlertNotification(c *models.ReqContext) response.Res
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
if err := hs.AlertNotificationService.CreateAlertNotificationCommand(c.Req.Context(), &cmd); err != nil {
if errors.Is(err, models.ErrAlertNotificationWithSameNameExists) || errors.Is(err, models.ErrAlertNotificationWithSameUIDExists) {
@ -423,7 +423,7 @@ func (hs *HTTPServer) UpdateAlertNotification(c *models.ReqContext) response.Res
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
err := hs.fillWithSecureSettingsData(c.Req.Context(), &cmd)
if err != nil {
@ -442,7 +442,7 @@ func (hs *HTTPServer) UpdateAlertNotification(c *models.ReqContext) response.Res
}
query := models.GetAlertNotificationsQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
Id: cmd.Id,
}
@ -470,7 +470,7 @@ func (hs *HTTPServer) UpdateAlertNotificationByUID(c *models.ReqContext) respons
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
cmd.Uid = web.Params(c.Req)[":uid"]
err := hs.fillWithSecureSettingsDataByUID(c.Req.Context(), &cmd)
@ -572,7 +572,7 @@ func (hs *HTTPServer) DeleteAlertNotification(c *models.ReqContext) response.Res
}
cmd := models.DeleteAlertNotificationCommand{
OrgId: c.OrgId,
OrgId: c.OrgID,
Id: notificationId,
}
@ -600,7 +600,7 @@ func (hs *HTTPServer) DeleteAlertNotification(c *models.ReqContext) response.Res
// 500: internalServerError
func (hs *HTTPServer) DeleteAlertNotificationByUID(c *models.ReqContext) response.Response {
cmd := models.DeleteAlertNotificationWithUidCommand{
OrgId: c.OrgId,
OrgId: c.OrgID,
Uid: web.Params(c.Req)[":uid"],
}
@ -636,7 +636,7 @@ func (hs *HTTPServer) NotificationTest(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd := &alerting.NotificationTestCommand{
OrgID: c.OrgId,
OrgID: c.OrgID,
ID: dto.ID,
Name: dto.Name,
Type: dto.Type,
@ -693,7 +693,7 @@ func (hs *HTTPServer) PauseAlert(legacyAlertingEnabled *bool) func(c *models.Req
return response.Error(500, "Get Alert failed", err)
}
guardian := guardian.New(c.Req.Context(), query.Result.DashboardId, c.OrgId, c.SignedInUser)
guardian := guardian.New(c.Req.Context(), query.Result.DashboardId, c.OrgID, c.SignedInUser)
if canEdit, err := guardian.CanEdit(); err != nil || !canEdit {
if err != nil {
return response.Error(500, "Error while checking permissions for Alert", err)
@ -714,7 +714,7 @@ func (hs *HTTPServer) PauseAlert(legacyAlertingEnabled *bool) func(c *models.Req
}
cmd := models.PauseAlertCommand{
OrgId: c.OrgId,
OrgId: c.OrgID,
AlertIds: []int64{alertID},
Paused: dto.Paused,
}

42
pkg/api/annotations.go
View File

@ -34,7 +34,7 @@ func (hs *HTTPServer) GetAnnotations(c *models.ReqContext) response.Response {
query := &annotations.ItemQuery{
From: c.QueryInt64("from"),
To: c.QueryInt64("to"),
OrgId: c.OrgId,
OrgId: c.OrgID,
UserId: c.QueryInt64("userId"),
AlertId: c.QueryInt64("alertId"),
DashboardId: c.QueryInt64("dashboardId"),
@ -49,7 +49,7 @@ func (hs *HTTPServer) GetAnnotations(c *models.ReqContext) response.Response {
// When dashboard UID present in the request, we ignore dashboard ID
if query.DashboardUid != "" {
dq := models.GetDashboardQuery{Uid: query.DashboardUid, OrgId: c.OrgId}
dq := models.GetDashboardQuery{Uid: query.DashboardUid, OrgId: c.OrgID}
err := hs.DashboardService.GetDashboard(c.Req.Context(), &dq)
if err != nil {
return response.Error(http.StatusBadRequest, "Invalid dashboard UID in the request", err)
@ -75,7 +75,7 @@ func (hs *HTTPServer) GetAnnotations(c *models.ReqContext) response.Response {
if val, ok := dashboardCache[item.DashboardId]; ok {
item.DashboardUID = val
} else {
query := models.GetDashboardQuery{Id: item.DashboardId, OrgId: c.OrgId}
query := models.GetDashboardQuery{Id: item.DashboardId, OrgId: c.OrgID}
err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
if err == nil && query.Result != nil {
item.DashboardUID = &query.Result.Uid
@ -118,7 +118,7 @@ func (hs *HTTPServer) PostAnnotation(c *models.ReqContext) response.Response {
// overwrite dashboardId when dashboardUID is not empty
if cmd.DashboardUID != "" {
query := models.GetDashboardQuery{OrgId: c.OrgId, Uid: cmd.DashboardUID}
query := models.GetDashboardQuery{OrgId: c.OrgID, Uid: cmd.DashboardUID}
err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
if err == nil {
cmd.DashboardId = query.Result.Id
@ -137,8 +137,8 @@ func (hs *HTTPServer) PostAnnotation(c *models.ReqContext) response.Response {
}
item := annotations.Item{
OrgId: c.OrgId,
UserId: c.UserId,
OrgId: c.OrgID,
UserId: c.UserID,
DashboardId: cmd.DashboardId,
PanelId: cmd.PanelId,
Epoch: cmd.Time,
@ -221,8 +221,8 @@ func (hs *HTTPServer) PostGraphiteAnnotation(c *models.ReqContext) response.Resp
}
item := annotations.Item{
OrgId: c.OrgId,
UserId: c.UserId,
OrgId: c.OrgID,
UserId: c.UserID,
Epoch: cmd.When * 1000,
Text: text,
Tags: tagsArray,
@ -273,8 +273,8 @@ func (hs *HTTPServer) UpdateAnnotation(c *models.ReqContext) response.Response {
}
item := annotations.Item{
OrgId: c.OrgId,
UserId: c.UserId,
OrgId: c.OrgID,
UserId: c.UserID,
Id: annotationID,
Epoch: cmd.Time,
EpochEnd: cmd.TimeEnd,
@ -325,8 +325,8 @@ func (hs *HTTPServer) PatchAnnotation(c *models.ReqContext) response.Response {
}
existing := annotations.Item{
OrgId: c.OrgId,
UserId: c.UserId,
OrgId: c.OrgID,
UserId: c.UserID,
Id: annotationID,
Epoch: annotation.Time,
EpochEnd: annotation.TimeEnd,
@ -373,7 +373,7 @@ func (hs *HTTPServer) MassDeleteAnnotations(c *models.ReqContext) response.Respo
}
if cmd.DashboardUID != "" {
query := models.GetDashboardQuery{OrgId: c.OrgId, Uid: cmd.DashboardUID}
query := models.GetDashboardQuery{OrgId: c.OrgID, Uid: cmd.DashboardUID}
err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
if err == nil {
cmd.DashboardId = query.Result.Id
@ -400,13 +400,13 @@ func (hs *HTTPServer) MassDeleteAnnotations(c *models.ReqContext) response.Respo
}
dashboardId = annotation.DashboardId
deleteParams = &annotations.DeleteParams{
OrgId: c.OrgId,
OrgId: c.OrgID,
Id: cmd.AnnotationId,
}
} else {
dashboardId = cmd.DashboardId
deleteParams = &annotations.DeleteParams{
OrgId: c.OrgId,
OrgId: c.OrgID,
DashboardId: cmd.DashboardId,
PanelId: cmd.PanelId,
}
@ -418,7 +418,7 @@ func (hs *HTTPServer) MassDeleteAnnotations(c *models.ReqContext) response.Respo
}
} else { // legacy permissions
deleteParams = &annotations.DeleteParams{
OrgId: c.OrgId,
OrgId: c.OrgID,
Id: cmd.AnnotationId,
DashboardId: cmd.DashboardId,
PanelId: cmd.PanelId,
@ -491,7 +491,7 @@ func (hs *HTTPServer) DeleteAnnotationByID(c *models.ReqContext) response.Respon
}
err = repo.Delete(c.Req.Context(), &annotations.DeleteParams{
OrgId: c.OrgId,
OrgId: c.OrgID,
Id: annotationID,
})
if err != nil {
@ -513,7 +513,7 @@ func (hs *HTTPServer) canSaveAnnotation(c *models.ReqContext, annotation *annota
}
func canEditDashboard(c *models.ReqContext, dashboardID int64) (bool, error) {
guard := guardian.New(c.Req.Context(), dashboardID, c.OrgId, c.SignedInUser)
guard := guardian.New(c.Req.Context(), dashboardID, c.OrgID, c.SignedInUser)
if canEdit, err := guard.CanEdit(); err != nil || !canEdit {
return false, err
}
@ -524,7 +524,7 @@ func canEditDashboard(c *models.ReqContext, dashboardID int64) (bool, error) {
func findAnnotationByID(ctx context.Context, repo annotations.Repository, annotationID int64, user *user.SignedInUser) (*annotations.ItemDTO, response.Response) {
query := &annotations.ItemQuery{
AnnotationId: annotationID,
OrgId: user.OrgId,
OrgId: user.OrgID,
SignedInUser: user,
}
items, err := repo.Find(ctx, query)
@ -552,7 +552,7 @@ func findAnnotationByID(ctx context.Context, repo annotations.Repository, annota
// 500: internalServerError
func (hs *HTTPServer) GetAnnotationTags(c *models.ReqContext) response.Response {
query := &annotations.TagsQuery{
OrgID: c.OrgId,
OrgID: c.OrgID,
Tag: c.Query("tag"),
Limit: c.QueryInt64("limit"),
}
@ -586,7 +586,7 @@ func AnnotationTypeScopeResolver() (string, accesscontrol.ScopeAttributeResolver
// tempUser is used to resolve annotation type.
// The annotation doesn't get returned to the real user, so real user's permissions don't matter here.
tempUser := &user.SignedInUser{
OrgId: orgID,
OrgID: orgID,
Permissions: map[int64]map[string][]string{
orgID: {
dashboards.ActionDashboardsRead: {dashboards.ScopeDashboardsAll},

20
pkg/api/annotations_test.go
View File

@ -351,8 +351,8 @@ func postAnnotationScenario(t *testing.T, desc string, url string, routePattern
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = role
return hs.PostAnnotation(c)
@ -380,8 +380,8 @@ func putAnnotationScenario(t *testing.T, desc string, url string, routePattern s
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = role
return hs.UpdateAnnotation(c)
@ -408,8 +408,8 @@ func patchAnnotationScenario(t *testing.T, desc string, url string, routePattern
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = role
return hs.PatchAnnotation(c)
@ -436,8 +436,8 @@ func deleteAnnotationsScenario(t *testing.T, desc string, url string, routePatte
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = role
return hs.MassDeleteAnnotations(c)
@ -789,7 +789,7 @@ func TestAPI_Annotations_AccessControl(t *testing.T) {
setUpRBACGuardian(t)
sc.acmock.
RegisterScopeAttributeResolver(AnnotationTypeScopeResolver())
setAccessControlPermissions(sc.acmock, tt.args.permissions, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, tt.args.permissions, sc.initCtx.OrgID)
r := callAPI(sc.server, tt.args.method, tt.args.url, tt.args.body, t)
assert.Equalf(t, tt.want, r.Code, "Annotations API(%v)", tt.args.url)
@ -982,7 +982,7 @@ func TestAPI_MassDeleteAnnotations_AccessControl(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
setUpRBACGuardian(t)
setAccessControlPermissions(sc.acmock, tt.args.permissions, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, tt.args.permissions, sc.initCtx.OrgID)
dashboardAnnotation := &annotations.Item{Id: 1, DashboardId: 1}
organizationAnnotation := &annotations.Item{Id: 2, DashboardId: 0}

8
pkg/api/apikey.go
View File

@ -27,7 +27,7 @@ import (
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) GetAPIKeys(c *models.ReqContext) response.Response {
query := apikey.GetApiKeysQuery{OrgId: c.OrgId, User: c.SignedInUser, IncludeExpired: c.QueryBool("includeExpired")}
query := apikey.GetApiKeysQuery{OrgId: c.OrgID, User: c.SignedInUser, IncludeExpired: c.QueryBool("includeExpired")}
if err := hs.apiKeyService.GetAPIKeys(c.Req.Context(), &query); err != nil {
return response.Error(500, "Failed to list api keys", err)
@ -50,7 +50,7 @@ func (hs *HTTPServer) GetAPIKeys(c *models.ReqContext) response.Response {
}
}
metadata := hs.getMultiAccessControlMetadata(c, c.OrgId, "apikeys:id", ids)
metadata := hs.getMultiAccessControlMetadata(c, c.OrgID, "apikeys:id", ids)
if len(metadata) > 0 {
for _, key := range result {
key.AccessControl = metadata[strconv.FormatInt(key.Id, 10)]
@ -76,7 +76,7 @@ func (hs *HTTPServer) DeleteAPIKey(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
cmd := &apikey.DeleteCommand{Id: id, OrgId: c.OrgId}
cmd := &apikey.DeleteCommand{Id: id, OrgId: c.OrgID}
err = hs.apiKeyService.DeleteApiKey(c.Req.Context(), cmd)
if err != nil {
var status int
@ -125,7 +125,7 @@ func (hs *HTTPServer) AddAPIKey(c *models.ReqContext) response.Response {
}
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
newKeyInfo, err := apikeygen.New(cmd.OrgId, cmd.Name)
if err != nil {

6
pkg/api/comments.go
View File

@ -17,7 +17,7 @@ func (hs *HTTPServer) commentsGet(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
items, err := hs.commentsService.Get(c.Req.Context(), c.OrgId, c.SignedInUser, cmd)
items, err := hs.commentsService.Get(c.Req.Context(), c.OrgID, c.SignedInUser, cmd)
if err != nil {
if errors.Is(err, comments.ErrPermissionDenied) {
return response.Error(http.StatusForbidden, "permission denied", err)
@ -34,10 +34,10 @@ func (hs *HTTPServer) commentsCreate(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
if c.SignedInUser.UserId == 0 && !c.SignedInUser.HasRole(org.RoleAdmin) {
if c.SignedInUser.UserID == 0 && !c.SignedInUser.HasRole(org.RoleAdmin) {
return response.Error(http.StatusForbidden, "admin role required", nil)
}
comment, err := hs.commentsService.Create(c.Req.Context(), c.OrgId, c.SignedInUser, cmd)
comment, err := hs.commentsService.Create(c.Req.Context(), c.OrgID, c.SignedInUser, cmd)
if err != nil {
if errors.Is(err, comments.ErrPermissionDenied) {
return response.Error(http.StatusForbidden, "permission denied", err)

12
pkg/api/common_test.go
View File

@ -66,8 +66,8 @@ func loggedInUserScenarioWithRole(t *testing.T, desc string, method string, url
sc.userService = usertest.NewUserServiceFake()
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.Login = testUserLogin
sc.context.OrgRole = role
if sc.handlerFunc != nil {
@ -297,7 +297,7 @@ type accessControlScenarioContext struct {
func setAccessControlPermissions(acmock *accesscontrolmock.Mock, perms []accesscontrol.Permission, org int64) {
acmock.GetUserPermissionsFunc =
func(_ context.Context, u *user.SignedInUser, _ accesscontrol.Options) ([]accesscontrol.Permission, error) {
if u.OrgId == org {
if u.OrgID == org {
return perms, nil
}
return nil, nil
@ -312,17 +312,17 @@ func setInitCtxSignedInUser(initCtx *models.ReqContext, user user.SignedInUser)
func setInitCtxSignedInViewer(initCtx *models.ReqContext) {
initCtx.IsSignedIn = true
initCtx.SignedInUser = &user.SignedInUser{UserId: testUserID, OrgId: 1, OrgRole: org.RoleViewer, Login: testUserLogin}
initCtx.SignedInUser = &user.SignedInUser{UserID: testUserID, OrgID: 1, OrgRole: org.RoleViewer, Login: testUserLogin}
}
func setInitCtxSignedInEditor(initCtx *models.ReqContext) {
initCtx.IsSignedIn = true
initCtx.SignedInUser = &user.SignedInUser{UserId: testUserID, OrgId: 1, OrgRole: org.RoleEditor, Login: testUserLogin}
initCtx.SignedInUser = &user.SignedInUser{UserID: testUserID, OrgID: 1, OrgRole: org.RoleEditor, Login: testUserLogin}
}
func setInitCtxSignedInOrgAdmin(initCtx *models.ReqContext) {
initCtx.IsSignedIn = true
initCtx.SignedInUser = &user.SignedInUser{UserId: testUserID, OrgId: 1, OrgRole: org.RoleAdmin, Login: testUserLogin}
initCtx.SignedInUser = &user.SignedInUser{UserID: testUserID, OrgID: 1, OrgRole: org.RoleAdmin, Login: testUserLogin}
}
func setupSimpleHTTPServer(features *featuremgmt.FeatureManager) *HTTPServer {

62
pkg/api/dashboard.go
View File

@ -43,7 +43,7 @@ func (hs *HTTPServer) isDashboardStarredByUser(c *models.ReqContext, dashID int6
return false, nil
}
query := star.IsStarredByUserQuery{UserID: c.UserId, DashboardID: dashID}
query := star.IsStarredByUserQuery{UserID: c.UserID, DashboardID: dashID}
return hs.starService.IsStarredByUser(c.Req.Context(), &query)
}
@ -94,7 +94,7 @@ func (hs *HTTPServer) TrimDashboard(c *models.ReqContext) response.Response {
// 500: internalServerError
func (hs *HTTPServer) GetDashboard(c *models.ReqContext) response.Response {
uid := web.Params(c.Req)[":uid"]
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgId, 0, uid)
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgID, 0, uid)
if rsp != nil {
return rsp
}
@ -123,7 +123,7 @@ func (hs *HTTPServer) GetDashboard(c *models.ReqContext) response.Response {
return response.Error(500, "Error while loading dashboard, dashboard data is invalid", nil)
}
}
guardian := guardian.New(c.Req.Context(), dash.Id, c.OrgId, c.SignedInUser)
guardian := guardian.New(c.Req.Context(), dash.Id, c.OrgID, c.SignedInUser)
if canView, err := guardian.CanView(); err != nil || !canView {
return dashboardGuardianResponse(err)
}
@ -177,7 +177,7 @@ func (hs *HTTPServer) GetDashboard(c *models.ReqContext) response.Response {
// lookup folder title
if dash.FolderId > 0 {
query := models.GetDashboardQuery{Id: dash.FolderId, OrgId: c.OrgId}
query := models.GetDashboardQuery{Id: dash.FolderId, OrgId: c.OrgID}
if err := hs.DashboardService.GetDashboard(c.Req.Context(), &query); err != nil {
if errors.Is(err, dashboards.ErrFolderNotFound) {
return response.Error(404, "Folder not found", err)
@ -293,11 +293,11 @@ func (hs *HTTPServer) DeleteDashboardByUID(c *models.ReqContext) response.Respon
}
func (hs *HTTPServer) deleteDashboard(c *models.ReqContext) response.Response {
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgId, 0, web.Params(c.Req)[":uid"])
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgID, 0, web.Params(c.Req)[":uid"])
if rsp != nil {
return rsp
}
guardian := guardian.New(c.Req.Context(), dash.Id, c.OrgId, c.SignedInUser)
guardian := guardian.New(c.Req.Context(), dash.Id, c.OrgID, c.SignedInUser)
if canDelete, err := guardian.CanDelete(); err != nil || !canDelete {
return dashboardGuardianResponse(err)
}
@ -305,10 +305,10 @@ func (hs *HTTPServer) deleteDashboard(c *models.ReqContext) response.Response {
// disconnect all library elements for this dashboard
err := hs.LibraryElementService.DisconnectElementsFromDashboard(c.Req.Context(), dash.Id)
if err != nil {
hs.log.Error("Failed to disconnect library elements", "dashboard", dash.Id, "user", c.SignedInUser.UserId, "error", err)
hs.log.Error("Failed to disconnect library elements", "dashboard", dash.Id, "user", c.SignedInUser.UserID, "error", err)
}
err = hs.DashboardService.DeleteDashboard(c.Req.Context(), dash.Id, c.OrgId)
err = hs.DashboardService.DeleteDashboard(c.Req.Context(), dash.Id, c.OrgID)
if err != nil {
var dashboardErr dashboards.DashboardErr
if ok := errors.As(err, &dashboardErr); ok {
@ -320,7 +320,7 @@ func (hs *HTTPServer) deleteDashboard(c *models.ReqContext) response.Response {
}
if hs.Live != nil {
err := hs.Live.GrafanaScope.Dashboards.DashboardDeleted(c.OrgId, c.ToUserDisplayDTO(), dash.Uid)
err := hs.Live.GrafanaScope.Dashboards.DashboardDeleted(c.OrgID, c.ToUserDisplayDTO(), dash.Uid)
if err != nil {
hs.log.Error("Failed to broadcast delete info", "dashboard", dash.Uid, "error", err)
}
@ -380,10 +380,10 @@ func (hs *HTTPServer) PostDashboard(c *models.ReqContext) response.Response {
func (hs *HTTPServer) postDashboard(c *models.ReqContext, cmd models.SaveDashboardCommand) response.Response {
ctx := c.Req.Context()
var err error
cmd.OrgId = c.OrgId
cmd.UserId = c.UserId
cmd.OrgId = c.OrgID
cmd.UserId = c.UserID
if cmd.FolderUid != "" {
folder, err := hs.folderService.GetFolderByUID(ctx, c.SignedInUser, c.OrgId, cmd.FolderUid)
folder, err := hs.folderService.GetFolderByUID(ctx, c.SignedInUser, c.OrgID, cmd.FolderUid)
if err != nil {
if errors.Is(err, dashboards.ErrFolderNotFound) {
return response.Error(400, "Folder not found", err)
@ -434,7 +434,7 @@ func (hs *HTTPServer) postDashboard(c *models.ReqContext, cmd models.SaveDashboa
dashItem := &dashboards.SaveDashboardDTO{
Dashboard: dash,
Message: cmd.Message,
OrgId: c.OrgId,
OrgId: c.OrgID,
User: c.SignedInUser,
Overwrite: cmd.Overwrite,
}
@ -450,10 +450,10 @@ func (hs *HTTPServer) postDashboard(c *models.ReqContext, cmd models.SaveDashboa
// This will broadcast all save requests only if a `gitops` observer exists.
// gitops is useful when trying to save dashboards in an environment where the user can not save
channel := hs.Live.GrafanaScope.Dashboards
liveerr := channel.DashboardSaved(c.SignedInUser.OrgId, c.SignedInUser.ToUserDisplayDTO(), cmd.Message, dashboard, err)
liveerr := channel.DashboardSaved(c.SignedInUser.OrgID, c.SignedInUser.ToUserDisplayDTO(), cmd.Message, dashboard, err)
// When an error exists, but the value broadcast to a gitops listener return 202
if liveerr == nil && err != nil && channel.HasGitOpsObserver(c.SignedInUser.OrgId) {
if liveerr == nil && err != nil && channel.HasGitOpsObserver(c.SignedInUser.OrgID) {
return response.JSON(202, util.DynMap{
"status": "pending",
"message": "changes were broadcast to the gitops listener",
@ -495,7 +495,7 @@ func (hs *HTTPServer) postDashboard(c *models.ReqContext, cmd models.SaveDashboa
// 401: unauthorisedError
// 500: internalServerError
func (hs *HTTPServer) GetHomeDashboard(c *models.ReqContext) response.Response {
prefsQuery := pref.GetPreferenceWithDefaultsQuery{OrgID: c.OrgId, UserID: c.SignedInUser.UserId, Teams: c.Teams}
prefsQuery := pref.GetPreferenceWithDefaultsQuery{OrgID: c.OrgID, UserID: c.SignedInUser.UserID, Teams: c.Teams}
homePage := hs.Cfg.HomePage
preference, err := hs.preferenceService.GetWithDefaults(c.Req.Context(), &prefsQuery)
@ -617,7 +617,7 @@ func (hs *HTTPServer) GetDashboardVersions(c *models.ReqContext) response.Respon
}
} else {
q := models.GetDashboardQuery{
OrgId: c.SignedInUser.OrgId,
OrgId: c.SignedInUser.OrgID,
Uid: dashUID,
}
if err := hs.DashboardService.GetDashboard(c.Req.Context(), &q); err != nil {
@ -625,13 +625,13 @@ func (hs *HTTPServer) GetDashboardVersions(c *models.ReqContext) response.Respon
}
dashID = q.Result.Id
}
guardian := guardian.New(c.Req.Context(), dashID, c.OrgId, c.SignedInUser)
guardian := guardian.New(c.Req.Context(), dashID, c.OrgID, c.SignedInUser)
if canSave, err := guardian.CanSave(); err != nil || !canSave {
return dashboardGuardianResponse(err)
}
query := dashver.ListDashboardVersionsQuery{
OrgID: c.OrgId,
OrgID: c.OrgID,
DashboardID: dashID,
DashboardUID: dashUID,
Limit: c.QueryInt("limit"),
@ -700,7 +700,7 @@ func (hs *HTTPServer) GetDashboardVersion(c *models.ReqContext) response.Respons
}
} else {
q := models.GetDashboardQuery{
OrgId: c.SignedInUser.OrgId,
OrgId: c.SignedInUser.OrgID,
Uid: dashUID,
}
if err := hs.DashboardService.GetDashboard(c.Req.Context(), &q); err != nil {
@ -709,14 +709,14 @@ func (hs *HTTPServer) GetDashboardVersion(c *models.ReqContext) response.Respons
dashID = q.Result.Id
}
guardian := guardian.New(c.Req.Context(), dashID, c.OrgId, c.SignedInUser)
guardian := guardian.New(c.Req.Context(), dashID, c.OrgID, c.SignedInUser)
if canSave, err := guardian.CanSave(); err != nil || !canSave {
return dashboardGuardianResponse(err)
}
version, _ := strconv.ParseInt(web.Params(c.Req)[":id"], 10, 32)
query := dashver.GetDashboardVersionQuery{
OrgID: c.OrgId,
OrgID: c.OrgID,
DashboardID: dashID,
Version: int(version),
}
@ -765,20 +765,20 @@ func (hs *HTTPServer) CalculateDashboardDiff(c *models.ReqContext) response.Resp
if err := web.Bind(c.Req, &apiOptions); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
guardianBase := guardian.New(c.Req.Context(), apiOptions.Base.DashboardId, c.OrgId, c.SignedInUser)
guardianBase := guardian.New(c.Req.Context(), apiOptions.Base.DashboardId, c.OrgID, c.SignedInUser)
if canSave, err := guardianBase.CanSave(); err != nil || !canSave {
return dashboardGuardianResponse(err)
}
if apiOptions.Base.DashboardId != apiOptions.New.DashboardId {
guardianNew := guardian.New(c.Req.Context(), apiOptions.New.DashboardId, c.OrgId, c.SignedInUser)
guardianNew := guardian.New(c.Req.Context(), apiOptions.New.DashboardId, c.OrgID, c.SignedInUser)
if canSave, err := guardianNew.CanSave(); err != nil || !canSave {
return dashboardGuardianResponse(err)
}
}
options := dashdiffs.Options{
OrgId: c.OrgId,
OrgId: c.OrgID,
DiffType: dashdiffs.ParseDiffType(apiOptions.DiffType),
Base: dashdiffs.DiffTarget{
DashboardId: apiOptions.Base.DashboardId,
@ -881,7 +881,7 @@ func (hs *HTTPServer) RestoreDashboardVersion(c *models.ReqContext) response.Res
}
}
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgId, dashID, dashUID)
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgID, dashID, dashUID)
if rsp != nil {
return rsp
}
@ -890,12 +890,12 @@ func (hs *HTTPServer) RestoreDashboardVersion(c *models.ReqContext) response.Res
dashID = dash.Id
}
guardian := guardian.New(c.Req.Context(), dashID, c.OrgId, c.SignedInUser)
guardian := guardian.New(c.Req.Context(), dashID, c.OrgID, c.SignedInUser)
if canSave, err := guardian.CanSave(); err != nil || !canSave {
return dashboardGuardianResponse(err)
}
versionQuery := dashver.GetDashboardVersionQuery{DashboardID: dashID, Version: apiCmd.Version, OrgID: c.OrgId}
versionQuery := dashver.GetDashboardVersionQuery{DashboardID: dashID, Version: apiCmd.Version, OrgID: c.OrgID}
version, err := hs.dashboardVersionService.Get(c.Req.Context(), &versionQuery)
if err != nil {
return response.Error(404, "Dashboard version not found", nil)
@ -903,8 +903,8 @@ func (hs *HTTPServer) RestoreDashboardVersion(c *models.ReqContext) response.Res
saveCmd := models.SaveDashboardCommand{}
saveCmd.RestoredFrom = version.Version
saveCmd.OrgId = c.OrgId
saveCmd.UserId = c.UserId
saveCmd.OrgId = c.OrgID
saveCmd.UserId = c.UserID
saveCmd.Dashboard = version.Data
saveCmd.Dashboard.Set("version", dash.Version)
saveCmd.Dashboard.Set("uid", dash.Uid)
@ -923,7 +923,7 @@ func (hs *HTTPServer) RestoreDashboardVersion(c *models.ReqContext) response.Res
// 401: unauthorisedError
// 500: internalServerError
func (hs *HTTPServer) GetDashboardTags(c *models.ReqContext) {
query := models.GetDashboardTagsQuery{OrgId: c.OrgId}
query := models.GetDashboardTagsQuery{OrgId: c.OrgID}
err := hs.DashboardService.GetDashboardTags(c.Req.Context(), &query)
if err != nil {
c.JsonApiErr(500, "Failed to get tags from database", err)

10
pkg/api/dashboard_permission.go
View File

@ -51,7 +51,7 @@ func (hs *HTTPServer) GetDashboardPermissionList(c *models.ReqContext) response.
}
}
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgId, dashID, dashUID)
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgID, dashID, dashUID)
if rsp != nil {
return rsp
}
@ -60,7 +60,7 @@ func (hs *HTTPServer) GetDashboardPermissionList(c *models.ReqContext) response.
dashID = dash.Id
}
g := guardian.New(c.Req.Context(), dashID, c.OrgId, c.SignedInUser)
g := guardian.New(c.Req.Context(), dashID, c.OrgID, c.SignedInUser)
if canAdmin, err := g.CanAdmin(); err != nil || !canAdmin {
return dashboardGuardianResponse(err)
@ -142,7 +142,7 @@ func (hs *HTTPServer) UpdateDashboardPermissions(c *models.ReqContext) response.
}
}
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgId, dashID, dashUID)
dash, rsp := hs.getDashboardHelper(c.Req.Context(), c.OrgID, dashID, dashUID)
if rsp != nil {
return rsp
}
@ -151,7 +151,7 @@ func (hs *HTTPServer) UpdateDashboardPermissions(c *models.ReqContext) response.
dashID = dash.Id
}
g := guardian.New(c.Req.Context(), dashID, c.OrgId, c.SignedInUser)
g := guardian.New(c.Req.Context(), dashID, c.OrgID, c.SignedInUser)
if canAdmin, err := g.CanAdmin(); err != nil || !canAdmin {
return dashboardGuardianResponse(err)
}
@ -159,7 +159,7 @@ func (hs *HTTPServer) UpdateDashboardPermissions(c *models.ReqContext) response.
var items []*models.DashboardACL
for _, item := range apiCmd.Items {
items = append(items, &models.DashboardACL{
OrgID: c.OrgId,
OrgID: c.OrgID,
DashboardID: dashID,
UserID: item.UserID,
TeamID: item.TeamID,

4
pkg/api/dashboard_permission_test.go
View File

@ -352,8 +352,8 @@ func updateDashboardPermissionScenario(t *testing.T, ctx updatePermissionContext
c.Req.Body = mockRequestBody(ctx.cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.OrgId = testOrgID
sc.context.UserId = testUserID
sc.context.OrgID = testOrgID
sc.context.UserID = testUserID
return hs.UpdateDashboardPermissions(c)
})

10
pkg/api/dashboard_snapshot.go
View File

@ -106,8 +106,8 @@ func (hs *HTTPServer) CreateDashboardSnapshot(c *models.ReqContext) response.Res
var url string
cmd.ExternalUrl = ""
cmd.OrgId = c.OrgId
cmd.UserId = c.UserId
cmd.OrgId = c.OrgID
cmd.UserId = c.UserID
if cmd.External {
if !setting.ExternalEnabled {
@ -325,14 +325,14 @@ func (hs *HTTPServer) DeleteDashboardSnapshot(c *models.ReqContext) response.Res
// all permissions must be explicit, so the lack of a rule for dashboard 0 means the guardian will reject.
dashboardID := query.Result.Dashboard.Get("id").MustInt64()
guardian := guardian.New(c.Req.Context(), dashboardID, c.OrgId, c.SignedInUser)
guardian := guardian.New(c.Req.Context(), dashboardID, c.OrgID, c.SignedInUser)
canEdit, err := guardian.CanEdit()
// check for permissions only if the dahboard is found
if err != nil && !errors.Is(err, dashboards.ErrDashboardNotFound) {
return response.Error(500, "Error while checking permissions for snapshot", err)
}
if !canEdit && query.Result.UserId != c.SignedInUser.UserId && !errors.Is(err, dashboards.ErrDashboardNotFound) {
if !canEdit && query.Result.UserId != c.SignedInUser.UserID && !errors.Is(err, dashboards.ErrDashboardNotFound) {
return response.Error(403, "Access denied to this snapshot", nil)
}
}
@ -367,7 +367,7 @@ func (hs *HTTPServer) SearchDashboardSnapshots(c *models.ReqContext) response.Re
searchQuery := dashboardsnapshots.GetDashboardSnapshotsQuery{
Name: query,
Limit: limit,
OrgId: c.OrgId,
OrgId: c.OrgID,
SignedInUser: c.SignedInUser,
}

10
pkg/api/dashboard_test.go
View File

@ -1034,7 +1034,7 @@ func postDashboardScenario(t *testing.T, desc string, url string, routePattern s
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.SignedInUser = &user.SignedInUser{OrgId: cmd.OrgId, UserId: cmd.UserId}
sc.context.SignedInUser = &user.SignedInUser{OrgID: cmd.OrgId, UserID: cmd.UserId}
return hs.PostDashboard(c)
})
@ -1068,8 +1068,8 @@ func postDiffScenario(t *testing.T, desc string, url string, routePattern string
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.SignedInUser = &user.SignedInUser{
OrgId: testOrgID,
UserId: testUserID,
OrgID: testOrgID,
UserID: testUserID,
}
sc.context.OrgRole = role
@ -1109,8 +1109,8 @@ func restoreDashboardVersionScenario(t *testing.T, desc string, url string, rout
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.SignedInUser = &user.SignedInUser{
OrgId: testOrgID,
UserId: testUserID,
OrgID: testOrgID,
UserID: testUserID,
}
sc.context.OrgRole = org.RoleAdmin

48
pkg/api/datasources.go
View File

@ -41,7 +41,7 @@ var secretsPluginError datasources.ErrDatasourceSecretsPluginUserFriendly
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetDataSources(c *models.ReqContext) response.Response {
query := datasources.GetDataSourcesQuery{OrgId: c.OrgId, DataSourceLimit: hs.Cfg.DataSourceLimit}
query := datasources.GetDataSourcesQuery{OrgId: c.OrgID, DataSourceLimit: hs.Cfg.DataSourceLimit}
if err := hs.DataSourcesService.GetDataSources(c.Req.Context(), &query); err != nil {
return response.Error(500, "Failed to query datasources", err)
@ -111,7 +111,7 @@ func (hs *HTTPServer) GetDataSourceById(c *models.ReqContext) response.Response
}
query := datasources.GetDataSourceQuery{
Id: id,
OrgId: c.OrgId,
OrgId: c.OrgID,
}
if err := hs.DataSourcesService.GetDataSource(c.Req.Context(), &query); err != nil {
@ -127,7 +127,7 @@ func (hs *HTTPServer) GetDataSourceById(c *models.ReqContext) response.Response
dto := hs.convertModelToDtos(c.Req.Context(), query.Result)
// Add accesscontrol metadata
dto.AccessControl = hs.getAccessControlMetadata(c, c.OrgId, datasources.ScopePrefix, dto.UID)
dto.AccessControl = hs.getAccessControlMetadata(c, c.OrgID, datasources.ScopePrefix, dto.UID)
return response.JSON(http.StatusOK, &dto)
}
@ -159,7 +159,7 @@ func (hs *HTTPServer) DeleteDataSourceById(c *models.ReqContext) response.Respon
return response.Error(400, "Missing valid datasource id", nil)
}
ds, err := hs.getRawDataSourceById(c.Req.Context(), id, c.OrgId)
ds, err := hs.getRawDataSourceById(c.Req.Context(), id, c.OrgID)
if err != nil {
if errors.Is(err, datasources.ErrDataSourceNotFound) {
return response.Error(404, "Data source not found", nil)
@ -171,7 +171,7 @@ func (hs *HTTPServer) DeleteDataSourceById(c *models.ReqContext) response.Respon
return response.Error(403, "Cannot delete read-only data source", nil)
}
cmd := &datasources.DeleteDataSourceCommand{ID: id, OrgID: c.OrgId, Name: ds.Name}
cmd := &datasources.DeleteDataSourceCommand{ID: id, OrgID: c.OrgID, Name: ds.Name}
err = hs.DataSourcesService.DeleteDataSource(c.Req.Context(), cmd)
if err != nil {
@ -181,7 +181,7 @@ func (hs *HTTPServer) DeleteDataSourceById(c *models.ReqContext) response.Respon
return response.Error(500, "Failed to delete datasource", err)
}
hs.Live.HandleDatasourceDelete(c.OrgId, ds.Uid)
hs.Live.HandleDatasourceDelete(c.OrgID, ds.Uid)
return response.Success("Data source deleted")
}
@ -201,7 +201,7 @@ func (hs *HTTPServer) DeleteDataSourceById(c *models.ReqContext) response.Respon
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) GetDataSourceByUID(c *models.ReqContext) response.Response {
ds, err := hs.getRawDataSourceByUID(c.Req.Context(), web.Params(c.Req)[":uid"], c.OrgId)
ds, err := hs.getRawDataSourceByUID(c.Req.Context(), web.Params(c.Req)[":uid"], c.OrgID)
if err != nil {
if errors.Is(err, datasources.ErrDataSourceNotFound) {
@ -213,7 +213,7 @@ func (hs *HTTPServer) GetDataSourceByUID(c *models.ReqContext) response.Response
dto := hs.convertModelToDtos(c.Req.Context(), ds)
// Add accesscontrol metadata
dto.AccessControl = hs.getAccessControlMetadata(c, c.OrgId, datasources.ScopePrefix, dto.UID)
dto.AccessControl = hs.getAccessControlMetadata(c, c.OrgID, datasources.ScopePrefix, dto.UID)
return response.JSON(http.StatusOK, &dto)
}
@ -238,7 +238,7 @@ func (hs *HTTPServer) DeleteDataSourceByUID(c *models.ReqContext) response.Respo
return response.Error(400, "Missing datasource uid", nil)
}
ds, err := hs.getRawDataSourceByUID(c.Req.Context(), uid, c.OrgId)
ds, err := hs.getRawDataSourceByUID(c.Req.Context(), uid, c.OrgID)
if err != nil {
if errors.Is(err, datasources.ErrDataSourceNotFound) {
return response.Error(404, "Data source not found", nil)
@ -250,7 +250,7 @@ func (hs *HTTPServer) DeleteDataSourceByUID(c *models.ReqContext) response.Respo
return response.Error(403, "Cannot delete read-only data source", nil)
}
cmd := &datasources.DeleteDataSourceCommand{UID: uid, OrgID: c.OrgId, Name: ds.Name}
cmd := &datasources.DeleteDataSourceCommand{UID: uid, OrgID: c.OrgID, Name: ds.Name}
err = hs.DataSourcesService.DeleteDataSource(c.Req.Context(), cmd)
if err != nil {
@ -260,7 +260,7 @@ func (hs *HTTPServer) DeleteDataSourceByUID(c *models.ReqContext) response.Respo
return response.Error(500, "Failed to delete datasource", err)
}
hs.Live.HandleDatasourceDelete(c.OrgId, ds.Uid)
hs.Live.HandleDatasourceDelete(c.OrgID, ds.Uid)
return response.JSON(http.StatusOK, util.DynMap{
"message": "Data source deleted",
@ -288,7 +288,7 @@ func (hs *HTTPServer) DeleteDataSourceByName(c *models.ReqContext) response.Resp
return response.Error(400, "Missing valid datasource name", nil)
}
getCmd := &datasources.GetDataSourceQuery{Name: name, OrgId: c.OrgId}
getCmd := &datasources.GetDataSourceQuery{Name: name, OrgId: c.OrgID}
if err := hs.DataSourcesService.GetDataSource(c.Req.Context(), getCmd); err != nil {
if errors.Is(err, datasources.ErrDataSourceNotFound) {
return response.Error(404, "Data source not found", nil)
@ -300,7 +300,7 @@ func (hs *HTTPServer) DeleteDataSourceByName(c *models.ReqContext) response.Resp
return response.Error(403, "Cannot delete read-only data source", nil)
}
cmd := &datasources.DeleteDataSourceCommand{Name: name, OrgID: c.OrgId}
cmd := &datasources.DeleteDataSourceCommand{Name: name, OrgID: c.OrgID}
err := hs.DataSourcesService.DeleteDataSource(c.Req.Context(), cmd)
if err != nil {
if errors.As(err, &secretsPluginError) {
@ -309,7 +309,7 @@ func (hs *HTTPServer) DeleteDataSourceByName(c *models.ReqContext) response.Resp
return response.Error(500, "Failed to delete datasource", err)
}
hs.Live.HandleDatasourceDelete(c.OrgId, getCmd.Result.Uid)
hs.Live.HandleDatasourceDelete(c.OrgID, getCmd.Result.Uid)
return response.JSON(http.StatusOK, util.DynMap{
"message": "Data source deleted",
@ -350,8 +350,8 @@ func (hs *HTTPServer) AddDataSource(c *models.ReqContext) response.Response {
}
datasourcesLogger.Debug("Received command to add data source", "url", cmd.Url)
cmd.OrgId = c.OrgId
cmd.UserId = c.UserId
cmd.OrgId = c.OrgID
cmd.UserId = c.UserID
if cmd.Url != "" {
if resp := validateURL(cmd.Type, cmd.Url); resp != nil {
return resp
@ -406,7 +406,7 @@ func (hs *HTTPServer) UpdateDataSourceByID(c *models.ReqContext) response.Respon
return response.Error(http.StatusBadRequest, "bad request data", err)
}
datasourcesLogger.Debug("Received command to update data source", "url", cmd.Url)
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
var err error
if cmd.Id, err = strconv.ParseInt(web.Params(c.Req)[":id"], 10, 64); err != nil {
return response.Error(http.StatusBadRequest, "id is invalid", err)
@ -447,12 +447,12 @@ func (hs *HTTPServer) UpdateDataSourceByUID(c *models.ReqContext) response.Respo
return response.Error(http.StatusBadRequest, "bad request data", err)
}
datasourcesLogger.Debug("Received command to update data source", "url", cmd.Url)
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
if resp := validateURL(cmd.Type, cmd.Url); resp != nil {
return resp
}
ds, err := hs.getRawDataSourceByUID(c.Req.Context(), web.Params(c.Req)[":uid"], c.OrgId)
ds, err := hs.getRawDataSourceByUID(c.Req.Context(), web.Params(c.Req)[":uid"], c.OrgID)
if err != nil {
if errors.Is(err, datasources.ErrDataSourceNotFound) {
return response.Error(http.StatusNotFound, "Data source not found", nil)
@ -482,7 +482,7 @@ func (hs *HTTPServer) updateDataSourceByID(c *models.ReqContext, ds *datasources
query := datasources.GetDataSourceQuery{
Id: cmd.Id,
OrgId: c.OrgId,
OrgId: c.OrgID,
}
if err := hs.DataSourcesService.GetDataSource(c.Req.Context(), &query); err != nil {
@ -494,7 +494,7 @@ func (hs *HTTPServer) updateDataSourceByID(c *models.ReqContext, ds *datasources
datasourceDTO := hs.convertModelToDtos(c.Req.Context(), query.Result)
hs.Live.HandleDatasourceUpdate(c.OrgId, datasourceDTO.UID)
hs.Live.HandleDatasourceUpdate(c.OrgID, datasourceDTO.UID)
return response.JSON(http.StatusOK, util.DynMap{
"message": "Datasource updated",
@ -543,7 +543,7 @@ func (hs *HTTPServer) getRawDataSourceByUID(ctx context.Context, uid string, org
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetDataSourceByName(c *models.ReqContext) response.Response {
query := datasources.GetDataSourceQuery{Name: web.Params(c.Req)[":name"], OrgId: c.OrgId}
query := datasources.GetDataSourceQuery{Name: web.Params(c.Req)[":name"], OrgId: c.OrgID}
if err := hs.DataSourcesService.GetDataSource(c.Req.Context(), &query); err != nil {
if errors.Is(err, datasources.ErrDataSourceNotFound) {
@ -570,7 +570,7 @@ func (hs *HTTPServer) GetDataSourceByName(c *models.ReqContext) response.Respons
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) GetDataSourceIdByName(c *models.ReqContext) response.Response {
query := datasources.GetDataSourceQuery{Name: web.Params(c.Req)[":name"], OrgId: c.OrgId}
query := datasources.GetDataSourceQuery{Name: web.Params(c.Req)[":name"], OrgId: c.OrgID}
if err := hs.DataSourcesService.GetDataSource(c.Req.Context(), &query); err != nil {
if errors.Is(err, datasources.ErrDataSourceNotFound) {
@ -768,7 +768,7 @@ func (hs *HTTPServer) checkDatasourceHealth(c *models.ReqContext, ds *datasource
req := &backend.CheckHealthRequest{
PluginContext: backend.PluginContext{
User: adapters.BackendUserFromSignedInUser(c.SignedInUser),
OrgID: c.OrgId,
OrgID: c.OrgID,
PluginID: plugin.ID,
DataSourceInstanceSettings: dsInstanceSettings,
},

4
pkg/api/datasources_test.go
View File

@ -518,8 +518,8 @@ func TestAPI_Datasources_AccessControl(t *testing.T) {
// Create a middleware to pretend user is logged in
pretendSignInMiddleware := func(c *models.ReqContext) {
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.Login = testUserLogin
sc.context.OrgRole = org.RoleViewer
sc.context.IsSignedIn = true

24
pkg/api/folder.go
View File

@ -29,7 +29,7 @@ import (
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetFolders(c *models.ReqContext) response.Response {
folders, err := hs.folderService.GetFolders(c.Req.Context(), c.SignedInUser, c.OrgId, c.QueryInt64("limit"), c.QueryInt64("page"))
folders, err := hs.folderService.GetFolders(c.Req.Context(), c.SignedInUser, c.OrgID, c.QueryInt64("limit"), c.QueryInt64("page"))
if err != nil {
return apierrors.ToFolderErrorResponse(err)
@ -46,7 +46,7 @@ func (hs *HTTPServer) GetFolders(c *models.ReqContext) response.Response {
})
}
metadata := hs.getMultiAccessControlMetadata(c, c.OrgId, dashboards.ScopeFoldersPrefix, uids)
metadata := hs.getMultiAccessControlMetadata(c, c.OrgID, dashboards.ScopeFoldersPrefix, uids)
if len(metadata) > 0 {
for i := range result {
result[i].AccessControl = metadata[result[i].Uid]
@ -67,12 +67,12 @@ func (hs *HTTPServer) GetFolders(c *models.ReqContext) response.Response {
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) GetFolderByUID(c *models.ReqContext) response.Response {
folder, err := hs.folderService.GetFolderByUID(c.Req.Context(), c.SignedInUser, c.OrgId, web.Params(c.Req)[":uid"])
folder, err := hs.folderService.GetFolderByUID(c.Req.Context(), c.SignedInUser, c.OrgID, web.Params(c.Req)[":uid"])
if err != nil {
return apierrors.ToFolderErrorResponse(err)
}
g := guardian.New(c.Req.Context(), folder.Id, c.OrgId, c.SignedInUser)
g := guardian.New(c.Req.Context(), folder.Id, c.OrgID, c.SignedInUser)
return response.JSON(http.StatusOK, hs.toFolderDto(c, g, folder))
}
@ -93,12 +93,12 @@ func (hs *HTTPServer) GetFolderByID(c *models.ReqContext) response.Response {
if err != nil {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
folder, err := hs.folderService.GetFolderByID(c.Req.Context(), c.SignedInUser, id, c.OrgId)
folder, err := hs.folderService.GetFolderByID(c.Req.Context(), c.SignedInUser, id, c.OrgID)
if err != nil {
return apierrors.ToFolderErrorResponse(err)
}
g := guardian.New(c.Req.Context(), folder.Id, c.OrgId, c.SignedInUser)
g := guardian.New(c.Req.Context(), folder.Id, c.OrgID, c.SignedInUser)
return response.JSON(http.StatusOK, hs.toFolderDto(c, g, folder))
}
@ -118,12 +118,12 @@ func (hs *HTTPServer) CreateFolder(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
folder, err := hs.folderService.CreateFolder(c.Req.Context(), c.SignedInUser, c.OrgId, cmd.Title, cmd.Uid)
folder, err := hs.folderService.CreateFolder(c.Req.Context(), c.SignedInUser, c.OrgID, cmd.Title, cmd.Uid)
if err != nil {
return apierrors.ToFolderErrorResponse(err)
}
g := guardian.New(c.Req.Context(), folder.Id, c.OrgId, c.SignedInUser)
g := guardian.New(c.Req.Context(), folder.Id, c.OrgID, c.SignedInUser)
return response.JSON(http.StatusOK, hs.toFolderDto(c, g, folder))
}
@ -144,11 +144,11 @@ func (hs *HTTPServer) UpdateFolder(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
err := hs.folderService.UpdateFolder(c.Req.Context(), c.SignedInUser, c.OrgId, web.Params(c.Req)[":uid"], &cmd)
err := hs.folderService.UpdateFolder(c.Req.Context(), c.SignedInUser, c.OrgID, web.Params(c.Req)[":uid"], &cmd)
if err != nil {
return apierrors.ToFolderErrorResponse(err)
}
g := guardian.New(c.Req.Context(), cmd.Result.Id, c.OrgId, c.SignedInUser)
g := guardian.New(c.Req.Context(), cmd.Result.Id, c.OrgID, c.SignedInUser)
return response.JSON(http.StatusOK, hs.toFolderDto(c, g, cmd.Result))
}
@ -175,7 +175,7 @@ func (hs *HTTPServer) DeleteFolder(c *models.ReqContext) response.Response { //
}
uid := web.Params(c.Req)[":uid"]
f, err := hs.folderService.DeleteFolder(c.Req.Context(), c.SignedInUser, c.OrgId, uid, c.QueryBool("forceDeleteRules"))
f, err := hs.folderService.DeleteFolder(c.Req.Context(), c.SignedInUser, c.OrgID, uid, c.QueryBool("forceDeleteRules"))
if err != nil {
return apierrors.ToFolderErrorResponse(err)
}
@ -217,7 +217,7 @@ func (hs *HTTPServer) toFolderDto(c *models.ReqContext, g guardian.DashboardGuar
UpdatedBy: updater,
Updated: folder.Updated,
Version: folder.Version,
AccessControl: hs.getAccessControlMetadata(c, c.OrgId, dashboards.ScopeFoldersPrefix, folder.Uid),
AccessControl: hs.getAccessControlMetadata(c, c.OrgID, dashboards.ScopeFoldersPrefix, folder.Uid),
}
}

12
pkg/api/folder_permission.go
View File

@ -26,13 +26,13 @@ import (
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) GetFolderPermissionList(c *models.ReqContext) response.Response {
folder, err := hs.folderService.GetFolderByUID(c.Req.Context(), c.SignedInUser, c.OrgId, web.Params(c.Req)[":uid"])
folder, err := hs.folderService.GetFolderByUID(c.Req.Context(), c.SignedInUser, c.OrgID, web.Params(c.Req)[":uid"])
if err != nil {
return apierrors.ToFolderErrorResponse(err)
}
g := guardian.New(c.Req.Context(), folder.Id, c.OrgId, c.SignedInUser)
g := guardian.New(c.Req.Context(), folder.Id, c.OrgID, c.SignedInUser)
if canAdmin, err := g.CanAdmin(); err != nil || !canAdmin {
return apierrors.ToFolderErrorResponse(dashboards.ErrFolderAccessDenied)
@ -87,12 +87,12 @@ func (hs *HTTPServer) UpdateFolderPermissions(c *models.ReqContext) response.Res
return response.Error(400, err.Error(), err)
}
folder, err := hs.folderService.GetFolderByUID(c.Req.Context(), c.SignedInUser, c.OrgId, web.Params(c.Req)[":uid"])
folder, err := hs.folderService.GetFolderByUID(c.Req.Context(), c.SignedInUser, c.OrgID, web.Params(c.Req)[":uid"])
if err != nil {
return apierrors.ToFolderErrorResponse(err)
}
g := guardian.New(c.Req.Context(), folder.Id, c.OrgId, c.SignedInUser)
g := guardian.New(c.Req.Context(), folder.Id, c.OrgID, c.SignedInUser)
canAdmin, err := g.CanAdmin()
if err != nil {
return apierrors.ToFolderErrorResponse(err)
@ -105,7 +105,7 @@ func (hs *HTTPServer) UpdateFolderPermissions(c *models.ReqContext) response.Res
var items []*models.DashboardACL
for _, item := range apiCmd.Items {
items = append(items, &models.DashboardACL{
OrgID: c.OrgId,
OrgID: c.OrgID,
DashboardID: folder.Id,
UserID: item.UserID,
TeamID: item.TeamID,
@ -140,7 +140,7 @@ func (hs *HTTPServer) UpdateFolderPermissions(c *models.ReqContext) response.Res
if err != nil {
return response.Error(500, "Error while checking dashboard permissions", err)
}
if err := hs.updateDashboardAccessControl(c.Req.Context(), c.OrgId, folder.Uid, true, items, old); err != nil {
if err := hs.updateDashboardAccessControl(c.Req.Context(), c.OrgID, folder.Uid, true, items, old); err != nil {
return response.Error(500, "Failed to create permission", err)
}
return response.Success("Dashboard permissions updated")

4
pkg/api/folder_permission_test.go
View File

@ -363,8 +363,8 @@ func updateFolderPermissionScenario(t *testing.T, ctx updatePermissionContext, h
c.Req.Body = mockRequestBody(ctx.cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.OrgId = testOrgID
sc.context.UserId = testUserID
sc.context.OrgID = testOrgID
sc.context.UserID = testUserID
return hs.UpdateFolderPermissions(c)
})

10
pkg/api/folder_test.go
View File

@ -156,7 +156,7 @@ func TestHTTPServer_FolderMetadata(t *testing.T) {
}, nil)
req := server.NewGetRequest("/api/folders?accesscontrol=true")
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserId: 1, OrgId: 1, Permissions: map[int64]map[string][]string{
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, Permissions: map[int64]map[string][]string{
1: accesscontrol.GroupScopesByAction([]accesscontrol.Permission{
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersAll},
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("2")},
@ -185,7 +185,7 @@ func TestHTTPServer_FolderMetadata(t *testing.T) {
folderService.On("GetFolderByUID", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(&models.Folder{Uid: "folderUid"}, nil)
req := server.NewGetRequest("/api/folders/folderUid?accesscontrol=true")
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserId: 1, OrgId: 1, Permissions: map[int64]map[string][]string{
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, Permissions: map[int64]map[string][]string{
1: accesscontrol.GroupScopesByAction([]accesscontrol.Permission{
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersAll},
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("folderUid")},
@ -208,7 +208,7 @@ func TestHTTPServer_FolderMetadata(t *testing.T) {
folderService.On("GetFolderByUID", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(&models.Folder{Uid: "folderUid"}, nil)
req := server.NewGetRequest("/api/folders/folderUid")
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserId: 1, OrgId: 1, Permissions: map[int64]map[string][]string{
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, Permissions: map[int64]map[string][]string{
1: accesscontrol.GroupScopesByAction([]accesscontrol.Permission{
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersAll},
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("folderUid")},
@ -256,7 +256,7 @@ func createFolderScenario(t *testing.T, desc string, url string, routePattern st
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.SignedInUser = &user.SignedInUser{OrgId: testOrgID, UserId: testUserID}
sc.context.SignedInUser = &user.SignedInUser{OrgID: testOrgID, UserID: testUserID}
return hs.CreateFolder(c)
})
@ -286,7 +286,7 @@ func updateFolderScenario(t *testing.T, desc string, url string, routePattern st
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.SignedInUser = &user.SignedInUser{OrgId: testOrgID, UserId: testUserID}
sc.context.SignedInUser = &user.SignedInUser{OrgID: testOrgID, UserID: testUserID}
return hs.UpdateFolder(c)
})

6
pkg/api/frontendsettings.go
View File

@ -29,7 +29,7 @@ func (hs *HTTPServer) GetFrontendSettings(c *models.ReqContext) {
// getFrontendSettingsMap returns a json object with all the settings needed for front end initialisation.
func (hs *HTTPServer) getFrontendSettingsMap(c *models.ReqContext) (map[string]interface{}, error) {
enabledPlugins, err := hs.enabledPlugins(c.Req.Context(), c.OrgId)
enabledPlugins, err := hs.enabledPlugins(c.Req.Context(), c.OrgID)
if err != nil {
return nil, err
}
@ -203,8 +203,8 @@ func (hs *HTTPServer) getFrontendSettingsMap(c *models.ReqContext) (map[string]i
func (hs *HTTPServer) getFSDataSources(c *models.ReqContext, enabledPlugins EnabledPlugins) (map[string]plugins.DataSourceDTO, error) {
orgDataSources := make([]*datasources.DataSource, 0)
if c.OrgId != 0 {
query := datasources.GetDataSourcesQuery{OrgId: c.OrgId, DataSourceLimit: hs.Cfg.DataSourceLimit}
if c.OrgID != 0 {
query := datasources.GetDataSourcesQuery{OrgId: c.OrgID, DataSourceLimit: hs.Cfg.DataSourceLimit}
err := hs.DataSourcesService.GetDataSources(c.Req.Context(), &query)
if err != nil {

20
pkg/api/index.go
View File

@ -78,7 +78,7 @@ func (hs *HTTPServer) getProfileNode(c *models.ReqContext) *dtos.NavLink {
func (hs *HTTPServer) getAppLinks(c *models.ReqContext) ([]*dtos.NavLink, error) {
hasAccess := ac.HasAccess(hs.AccessControl, c)
enabledPlugins, err := hs.enabledPlugins(c.Req.Context(), c.OrgId)
enabledPlugins, err := hs.enabledPlugins(c.Req.Context(), c.OrgID)
if err != nil {
return nil, err
}
@ -220,7 +220,7 @@ func (hs *HTTPServer) getNavTree(c *models.ReqContext, hasEditPerm bool, prefs *
navTree = hs.addProfile(navTree, c)
_, uaIsDisabledForOrg := hs.Cfg.UnifiedAlerting.DisabledOrgs[c.OrgId]
_, uaIsDisabledForOrg := hs.Cfg.UnifiedAlerting.DisabledOrgs[c.OrgID]
uaVisibleForOrg := hs.Cfg.UnifiedAlerting.IsEnabled() && !uaIsDisabledForOrg
if setting.AlertingEnabled != nil && *setting.AlertingEnabled {
@ -305,8 +305,8 @@ func (hs *HTTPServer) getNavTree(c *models.ReqContext, hasEditPerm bool, prefs *
})
}
hideApiKeys, _, _ := hs.kvStore.Get(c.Req.Context(), c.OrgId, "serviceaccounts", "hideApiKeys")
apiKeys := hs.apiKeyService.GetAllAPIKeys(c.Req.Context(), c.OrgId)
hideApiKeys, _, _ := hs.kvStore.Get(c.Req.Context(), c.OrgID, "serviceaccounts", "hideApiKeys")
apiKeys := hs.apiKeyService.GetAllAPIKeys(c.Req.Context(), c.OrgID)
apiKeysHidden := hideApiKeys == "1" && len(apiKeys) == 0
if hasAccess(ac.ReqOrgAdmin, apiKeyAccessEvaluator) && !apiKeysHidden {
configNodes = append(configNodes, &dtos.NavLink{
@ -423,7 +423,7 @@ func (hs *HTTPServer) buildStarredItemsNavLinks(c *models.ReqContext, prefs *pre
starredItemsChildNavs := []*dtos.NavLink{}
query := star.GetUserStarsQuery{
UserID: c.SignedInUser.UserId,
UserID: c.SignedInUser.UserID,
}
starredDashboardResult, err := hs.starService.GetByUser(c.Req.Context(), &query)
@ -441,7 +441,7 @@ func (hs *HTTPServer) buildStarredItemsNavLinks(c *models.ReqContext, prefs *pre
starredDashboardsCounter++
query := &models.GetDashboardQuery{
Id: dashboardId,
OrgId: c.OrgId,
OrgId: c.OrgID,
}
err := hs.DashboardService.GetDashboard(c.Req.Context(), query)
if err == nil {
@ -728,7 +728,7 @@ func (hs *HTTPServer) setIndexViewData(c *models.ReqContext) (*dtos.IndexViewDat
settings["dateFormats"] = hs.Cfg.DateFormats
prefsQuery := pref.GetPreferenceWithDefaultsQuery{UserID: c.UserId, OrgID: c.OrgId, Teams: c.Teams}
prefsQuery := pref.GetPreferenceWithDefaultsQuery{UserID: c.UserID, OrgID: c.OrgID, Teams: c.Teams}
prefs, err := hs.preferenceService.GetWithDefaults(c.Req.Context(), &prefsQuery)
if err != nil {
return nil, err
@ -768,14 +768,14 @@ func (hs *HTTPServer) setIndexViewData(c *models.ReqContext) (*dtos.IndexViewDat
data := dtos.IndexViewData{
User: &dtos.CurrentUser{
Id: c.UserId,
Id: c.UserID,
IsSignedIn: c.IsSignedIn,
Login: c.Login,
Email: c.Email,
ExternalUserId: c.SignedInUser.ExternalAuthId,
ExternalUserId: c.SignedInUser.ExternalAuthID,
Name: c.Name,
OrgCount: c.OrgCount,
OrgId: c.OrgId,
OrgId: c.OrgID,
OrgName: c.OrgName,
OrgRole: c.OrgRole,
GravatarUrl: dtos.GetGravatarUrl(c.Email),

4
pkg/api/login.go
View File

@ -122,7 +122,7 @@ func (hs *HTTPServer) LoginView(c *models.ReqContext) {
if c.IsSignedIn {
// Assign login token to auth proxy users if enable_login_token = true
if hs.Cfg.AuthProxyEnabled && hs.Cfg.AuthProxyEnableLoginToken {
user := &user.User{ID: c.SignedInUser.UserId, Email: c.SignedInUser.Email, Login: c.SignedInUser.Login}
user := &user.User{ID: c.SignedInUser.UserID, Email: c.SignedInUser.Email, Login: c.SignedInUser.Login}
err := hs.loginUserWithUser(user, c)
if err != nil {
c.Handle(hs.Cfg, http.StatusInternalServerError, "Failed to sign in user", err)
@ -290,7 +290,7 @@ func (hs *HTTPServer) loginUserWithUser(user *user.User, c *models.ReqContext) e
func (hs *HTTPServer) Logout(c *models.ReqContext) {
// If SAML is enabled and this is a SAML user use saml logout
if hs.samlSingleLogoutEnabled() {
getAuthQuery := models.GetAuthInfoQuery{UserId: c.UserId}
getAuthQuery := models.GetAuthInfoQuery{UserId: c.UserID}
if err := hs.authInfoService.GetAuthInfo(c.Req.Context(), &getAuthQuery); err == nil {
if getAuthQuery.Result.AuthModule == loginService.SAMLAuthModule {
c.Redirect(hs.Cfg.AppSubURL + "/logout/saml")

4
pkg/api/login_test.go
View File

@ -154,7 +154,7 @@ func TestLoginViewRedirect(t *testing.T) {
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
c.IsSignedIn = true
c.SignedInUser = &user.SignedInUser{
UserId: 10,
UserID: 10,
}
hs.LoginView(c)
return response.Empty(http.StatusOK)
@ -571,7 +571,7 @@ func setupAuthProxyLoginTest(t *testing.T, enableLoginToken bool) *scenarioConte
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
c.IsSignedIn = true
c.SignedInUser = &user.SignedInUser{
UserId: 10,
UserID: 10,
}
hs.LoginView(c)
return response.Empty(http.StatusOK)

6
pkg/api/metrics_test.go
View File

@ -99,7 +99,7 @@ func TestAPIEndpoint_Metrics_QueryMetricsV2(t *testing.T) {
t.Run("Status code is 400 when data source response has an error and feature toggle is disabled", func(t *testing.T) {
req := serverFeatureDisabled.NewPostRequest("/api/ds/query", strings.NewReader(queryDatasourceInput))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserId: 1, OrgId: 1, OrgRole: org.RoleViewer})
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, OrgRole: org.RoleViewer})
resp, err := serverFeatureDisabled.SendJSON(req)
require.NoError(t, err)
require.NoError(t, resp.Body.Close())
@ -108,7 +108,7 @@ func TestAPIEndpoint_Metrics_QueryMetricsV2(t *testing.T) {
t.Run("Status code is 207 when data source response has an error and feature toggle is enabled", func(t *testing.T) {
req := serverFeatureEnabled.NewPostRequest("/api/ds/query", strings.NewReader(queryDatasourceInput))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserId: 1, OrgId: 1, OrgRole: org.RoleViewer})
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, OrgRole: org.RoleViewer})
resp, err := serverFeatureEnabled.SendJSON(req)
require.NoError(t, err)
require.NoError(t, resp.Body.Close())
@ -142,7 +142,7 @@ func TestAPIEndpoint_Metrics_PluginDecryptionFailure(t *testing.T) {
t.Run("Status code is 500 and a secrets plugin error is returned if there is a problem getting secrets from the remote plugin", func(t *testing.T) {
req := httpServer.NewPostRequest("/api/ds/query", strings.NewReader(queryDatasourceInput))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserId: 1, OrgId: 1, OrgRole: org.RoleViewer})
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, OrgRole: org.RoleViewer})
resp, err := httpServer.SendJSON(req)
require.NoError(t, err)
require.Equal(t, http.StatusInternalServerError, resp.StatusCode)

10
pkg/api/org.go
View File

@ -25,7 +25,7 @@ import (
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetCurrentOrg(c *models.ReqContext) response.Response {
return hs.getOrgHelper(c.Req.Context(), c.OrgId)
return hs.getOrgHelper(c.Req.Context(), c.OrgID)
}
// swagger:route GET /orgs/{org_id} orgs getOrgByID
@ -134,7 +134,7 @@ func (hs *HTTPServer) CreateOrg(c *models.ReqContext) response.Response {
return response.Error(http.StatusForbidden, "Access denied", nil)
}
cmd.UserId = c.UserId
cmd.UserId = c.UserID
if err := hs.SQLStore.CreateOrg(c.Req.Context(), &cmd); err != nil {
if errors.Is(err, models.ErrOrgNameTaken) {
return response.Error(http.StatusConflict, "Organization name taken", err)
@ -165,7 +165,7 @@ func (hs *HTTPServer) UpdateCurrentOrg(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &form); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
return hs.updateOrgHelper(c.Req.Context(), form, c.OrgId)
return hs.updateOrgHelper(c.Req.Context(), form, c.OrgID)
}
// swagger:route PUT /orgs/{org_id} orgs updateOrg
@ -220,7 +220,7 @@ func (hs *HTTPServer) UpdateCurrentOrgAddress(c *models.ReqContext) response.Res
if err := web.Bind(c.Req, &form); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
return hs.updateOrgAddressHelper(c.Req.Context(), form, c.OrgId)
return hs.updateOrgAddressHelper(c.Req.Context(), form, c.OrgID)
}
// swagger:route PUT /orgs/{org_id}/address orgs updateOrgAddress
@ -285,7 +285,7 @@ func (hs *HTTPServer) DeleteOrgByID(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "orgId is invalid", err)
}
// before deleting an org, check if user does not belong to the current org
if c.OrgId == orgID {
if c.OrgID == orgID {
return response.Error(http.StatusBadRequest, "Can not delete org for current user", nil)
}

14
pkg/api/org_invite.go
View File

@ -29,7 +29,7 @@ import (
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetPendingOrgInvites(c *models.ReqContext) response.Response {
query := models.GetTempUsersQuery{OrgId: c.OrgId, Status: models.TmpUserInvitePending}
query := models.GetTempUsersQuery{OrgId: c.OrgID, Status: models.TmpUserInvitePending}
if err := hs.SQLStore.GetTempUsersQuery(c.Req.Context(), &query); err != nil {
return response.Error(500, "Failed to get invites from db", err)
@ -90,11 +90,11 @@ func (hs *HTTPServer) AddOrgInvite(c *models.ReqContext) response.Response {
}
cmd := models.CreateTempUserCommand{}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
cmd.Email = inviteDto.LoginOrEmail
cmd.Name = inviteDto.Name
cmd.Status = models.TmpUserInvitePending
cmd.InvitedByUserId = c.UserId
cmd.InvitedByUserId = c.UserID
cmd.Code, err = util.GetRandomString(30)
if err != nil {
return response.Error(500, "Could not generate random string", err)
@ -141,7 +141,7 @@ func (hs *HTTPServer) AddOrgInvite(c *models.ReqContext) response.Response {
func (hs *HTTPServer) inviteExistingUserToOrg(c *models.ReqContext, user *user.User, inviteDto *dtos.AddInviteForm) response.Response {
// user exists, add org role
createOrgUserCmd := models.AddOrgUserCommand{OrgId: c.OrgId, UserId: user.ID, Role: inviteDto.Role}
createOrgUserCmd := models.AddOrgUserCommand{OrgId: c.OrgID, UserId: user.ID, Role: inviteDto.Role}
if err := hs.SQLStore.AddOrgUser(c.Req.Context(), &createOrgUserCmd); err != nil {
if errors.Is(err, models.ErrOrgUserAlreadyAdded) {
return response.Error(412, fmt.Sprintf("User %s is already added to organization", inviteDto.LoginOrEmail), err)
@ -285,9 +285,9 @@ func (hs *HTTPServer) updateTempUserStatus(ctx context.Context, code string, sta
return true, nil
}
func (hs *HTTPServer) applyUserInvite(ctx context.Context, user *user.User, invite *models.TempUserDTO, setActive bool) (bool, response.Response) {
func (hs *HTTPServer) applyUserInvite(ctx context.Context, usr *user.User, invite *models.TempUserDTO, setActive bool) (bool, response.Response) {
// add to org
addOrgUserCmd := models.AddOrgUserCommand{OrgId: invite.OrgId, UserId: user.ID, Role: invite.Role}
addOrgUserCmd := models.AddOrgUserCommand{OrgId: invite.OrgId, UserId: usr.ID, Role: invite.Role}
if err := hs.SQLStore.AddOrgUser(ctx, &addOrgUserCmd); err != nil {
if !errors.Is(err, models.ErrOrgUserAlreadyAdded) {
return false, response.Error(500, "Error while trying to create org user", err)
@ -301,7 +301,7 @@ func (hs *HTTPServer) applyUserInvite(ctx context.Context, user *user.User, invi
if setActive {
// set org to active
if err := hs.SQLStore.SetUsingOrg(ctx, &models.SetUsingOrgCommand{OrgId: invite.OrgId, UserId: user.ID}); err != nil {
if err := hs.SQLStore.SetUsingOrg(ctx, &models.SetUsingOrgCommand{OrgId: invite.OrgId, UserId: usr.ID}); err != nil {
return false, response.Error(500, "Failed to set org as active", err)
}
}

2
pkg/api/org_invite_test.go
View File

@ -73,7 +73,7 @@ func TestOrgInvitesAPIEndpointAccess(t *testing.T) {
sc.hs.userService = userService
setInitCtxSignedInViewer(sc.initCtx)
setupOrgUsersDBForAccessControlTests(t, sc.db)
setAccessControlPermissions(sc.acmock, test.permissions, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, test.permissions, sc.initCtx.OrgID)
input := strings.NewReader(test.input)
response := callAPI(sc.server, test.method, test.url, input, t)

16
pkg/api/org_test.go
View File

@ -70,7 +70,7 @@ func TestAPIEndpoint_GetCurrentOrg_AccessControl(t *testing.T) {
require.NoError(t, err)
t.Run("AccessControl allows viewing CurrentOrg with correct permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsRead}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsRead}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodGet, getCurrentOrgURL, nil, t)
assert.Equal(t, http.StatusOK, response.Code)
})
@ -80,7 +80,7 @@ func TestAPIEndpoint_GetCurrentOrg_AccessControl(t *testing.T) {
assert.Equal(t, http.StatusForbidden, response.Code)
})
t.Run("AccessControl prevents viewing CurrentOrg with incorrect permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodGet, getCurrentOrgURL, nil, t)
assert.Equal(t, http.StatusForbidden, response.Code)
})
@ -111,12 +111,12 @@ func TestAPIEndpoint_PutCurrentOrg_AccessControl(t *testing.T) {
sc := setupHTTPServer(t, true, true)
setInitCtxSignedInViewer(sc.initCtx)
_, err := sc.db.CreateOrgWithMember("TestOrg", sc.initCtx.UserId)
_, err := sc.db.CreateOrgWithMember("TestOrg", sc.initCtx.UserID)
require.NoError(t, err)
input := strings.NewReader(testUpdateOrgNameForm)
t.Run("AccessControl allows updating current org with correct permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsWrite}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsWrite}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodPut, putCurrentOrgURL, input, t)
assert.Equal(t, http.StatusOK, response.Code)
})
@ -128,7 +128,7 @@ func TestAPIEndpoint_PutCurrentOrg_AccessControl(t *testing.T) {
})
t.Run("AccessControl prevents updating current org with incorrect permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodPut, putCurrentOrgURL, input, t)
assert.Equal(t, http.StatusForbidden, response.Code)
})
@ -164,7 +164,7 @@ func TestAPIEndpoint_PutCurrentOrgAddress_AccessControl(t *testing.T) {
input := strings.NewReader(testUpdateOrgAddressForm)
t.Run("AccessControl allows updating current org address with correct permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsWrite}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsWrite}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodPut, putCurrentOrgAddressURL, input, t)
assert.Equal(t, http.StatusOK, response.Code)
})
@ -177,7 +177,7 @@ func TestAPIEndpoint_PutCurrentOrgAddress_AccessControl(t *testing.T) {
})
t.Run("AccessControl prevents updating current org address with incorrect permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodPut, putCurrentOrgAddressURL, input, t)
assert.Equal(t, http.StatusForbidden, response.Code)
})
@ -196,7 +196,7 @@ func setupOrgsDBForAccessControlTests(t *testing.T, db sqlstore.Store, usr user.
for i := 1; i <= orgsCount; i++ {
_, err = db.CreateOrgWithMember(fmt.Sprintf("TestOrg%v", i), 0)
require.NoError(t, err)
err = db.AddOrgUser(context.Background(), &models.AddOrgUserCommand{LoginOrEmail: usr.Login, Role: usr.OrgRole, OrgId: int64(i), UserId: usr.UserId})
err = db.AddOrgUser(context.Background(), &models.AddOrgUserCommand{LoginOrEmail: usr.Login, Role: usr.OrgRole, OrgId: int64(i), UserId: usr.UserID})
require.NoError(t, err)
}
}

12
pkg/api/org_users.go
View File

@ -34,7 +34,7 @@ func (hs *HTTPServer) AddOrgUserToCurrentOrg(c *models.ReqContext) response.Resp
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
return hs.addOrgUserHelper(c, cmd)
}
@ -113,7 +113,7 @@ func (hs *HTTPServer) addOrgUserHelper(c *models.ReqContext, cmd models.AddOrgUs
// 500: internalServerError
func (hs *HTTPServer) GetOrgUsersForCurrentOrg(c *models.ReqContext) response.Response {
result, err := hs.getOrgUsersHelper(c, &models.GetOrgUsersQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
Query: c.Query("query"),
Limit: c.QueryInt("limit"),
User: c.SignedInUser,
@ -142,7 +142,7 @@ func (hs *HTTPServer) GetOrgUsersForCurrentOrg(c *models.ReqContext) response.Re
func (hs *HTTPServer) GetOrgUsersForCurrentOrgLookup(c *models.ReqContext) response.Response {
orgUsers, err := hs.getOrgUsersHelper(c, &models.GetOrgUsersQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
Query: c.Query("query"),
Limit: c.QueryInt("limit"),
User: c.SignedInUser,
@ -244,7 +244,7 @@ func (hs *HTTPServer) SearchOrgUsersWithPaging(c *models.ReqContext) response.Re
}
query := &models.SearchOrgUsersQuery{
OrgID: c.OrgId,
OrgID: c.OrgID,
Query: c.Query("query"),
Page: page,
Limit: perPage,
@ -290,7 +290,7 @@ func (hs *HTTPServer) UpdateOrgUserForCurrentOrg(c *models.ReqContext) response.
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
var err error
cmd.UserId, err = strconv.ParseInt(web.Params(c.Req)[":userId"], 10, 64)
if err != nil {
@ -367,7 +367,7 @@ func (hs *HTTPServer) RemoveOrgUserForCurrentOrg(c *models.ReqContext) response.
return hs.removeOrgUserHelper(c.Req.Context(), &models.RemoveOrgUserCommand{
UserId: userId,
OrgId: c.OrgId,
OrgId: c.OrgID,
ShouldDeleteOrphanedUser: true,
})
}

104
pkg/api/org_users_test.go
View File

@ -226,7 +226,7 @@ func TestOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
t.Run(test.desc, func(t *testing.T) {
sc := setupHTTPServer(t, true, true)
setInitCtxSignedInViewer(sc.initCtx)
setAccessControlPermissions(sc.acmock, test.permissions, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, test.permissions, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodGet, test.url, nil, t)
assert.Equal(t, test.expectedCode, response.Code)
@ -236,8 +236,8 @@ func TestOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
var (
testServerAdminViewer = user.SignedInUser{
UserId: 1,
OrgId: 1,
UserID: 1,
OrgID: 1,
OrgName: "TestOrg1",
OrgRole: org.RoleViewer,
Login: "testServerAdmin",
@ -249,8 +249,8 @@ var (
}
testAdminOrg2 = user.SignedInUser{
UserId: 2,
OrgId: 2,
UserID: 2,
OrgID: 2,
OrgName: "TestOrg2",
OrgRole: org.RoleAdmin,
Login: "testAdmin",
@ -262,8 +262,8 @@ var (
}
testEditorOrg1 = user.SignedInUser{
UserId: 3,
OrgId: 1,
UserID: 3,
OrgID: 1,
OrgName: "TestOrg1",
OrgRole: org.RoleEditor,
Login: "testEditor",
@ -291,14 +291,14 @@ func setupOrgUsersDBForAccessControlTests(t *testing.T, db sqlstore.Store) {
require.NoError(t, err)
// Create both orgs with server admin
_, err = db.CreateOrgWithMember(testServerAdminViewer.OrgName, testServerAdminViewer.UserId)
_, err = db.CreateOrgWithMember(testServerAdminViewer.OrgName, testServerAdminViewer.UserID)
require.NoError(t, err)
_, err = db.CreateOrgWithMember(testAdminOrg2.OrgName, testServerAdminViewer.UserId)
_, err = db.CreateOrgWithMember(testAdminOrg2.OrgName, testServerAdminViewer.UserID)
require.NoError(t, err)
err = db.AddOrgUser(context.Background(), &models.AddOrgUserCommand{LoginOrEmail: testAdminOrg2.Login, Role: testAdminOrg2.OrgRole, OrgId: testAdminOrg2.OrgId, UserId: testAdminOrg2.UserId})
err = db.AddOrgUser(context.Background(), &models.AddOrgUserCommand{LoginOrEmail: testAdminOrg2.Login, Role: testAdminOrg2.OrgRole, OrgId: testAdminOrg2.OrgID, UserId: testAdminOrg2.UserID})
require.NoError(t, err)
err = db.AddOrgUser(context.Background(), &models.AddOrgUserCommand{LoginOrEmail: testEditorOrg1.Login, Role: testEditorOrg1.OrgRole, OrgId: testEditorOrg1.OrgId, UserId: testEditorOrg1.UserId})
err = db.AddOrgUser(context.Background(), &models.AddOrgUserCommand{LoginOrEmail: testEditorOrg1.Login, Role: testEditorOrg1.OrgRole, OrgId: testEditorOrg1.OrgID, UserId: testEditorOrg1.UserID})
require.NoError(t, err)
}
@ -320,7 +320,7 @@ func TestGetOrgUsersAPIEndpoint_AccessControlMetadata(t *testing.T) {
expectedCode: http.StatusOK,
expectedMetadata: nil,
user: testServerAdminViewer,
targetOrg: testServerAdminViewer.OrgId,
targetOrg: testServerAdminViewer.OrgID,
},
{
name: "access control metadata requested",
@ -332,7 +332,7 @@ func TestGetOrgUsersAPIEndpoint_AccessControlMetadata(t *testing.T) {
"org.users:read": true,
"org.users:remove": true},
user: testServerAdminViewer,
targetOrg: testServerAdminViewer.OrgId,
targetOrg: testServerAdminViewer.OrgID,
},
}
@ -377,7 +377,7 @@ func TestGetOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
expectedCode: http.StatusOK,
expectedUserCount: 2,
user: testServerAdminViewer,
targetOrg: testServerAdminViewer.OrgId,
targetOrg: testServerAdminViewer.OrgID,
},
{
name: "server admin can get users in another org (legacy)",
@ -392,7 +392,7 @@ func TestGetOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
enableAccessControl: false,
expectedCode: http.StatusForbidden,
user: testAdminOrg2,
targetOrg: testAdminOrg2.OrgId,
targetOrg: testAdminOrg2.OrgID,
},
{
name: "org admin cannot get users in another org (legacy)",
@ -407,7 +407,7 @@ func TestGetOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
expectedCode: http.StatusOK,
expectedUserCount: 2,
user: testServerAdminViewer,
targetOrg: testServerAdminViewer.OrgId,
targetOrg: testServerAdminViewer.OrgID,
},
{
name: "server admin can get users in another org",
@ -423,7 +423,7 @@ func TestGetOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
expectedCode: http.StatusOK,
expectedUserCount: 2,
user: testAdminOrg2,
targetOrg: testAdminOrg2.OrgId,
targetOrg: testAdminOrg2.OrgID,
},
{
name: "org admin cannot get users in another org",
@ -470,7 +470,7 @@ func TestPostOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can add users to his org (legacy)",
enableAccessControl: false,
user: testServerAdminViewer,
targetOrg: testServerAdminViewer.OrgId,
targetOrg: testServerAdminViewer.OrgID,
input: `{"loginOrEmail": "` + testAdminOrg2.Login + `", "role": "` + string(testAdminOrg2.OrgRole) + `"}`,
expectedCode: http.StatusOK,
},
@ -487,7 +487,7 @@ func TestPostOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
enableAccessControl: false,
expectedCode: http.StatusForbidden,
user: testAdminOrg2,
targetOrg: testAdminOrg2.OrgId,
targetOrg: testAdminOrg2.OrgID,
input: `{"loginOrEmail": "` + testEditorOrg1.Login + `", "role": "` + string(testEditorOrg1.OrgRole) + `"}`,
},
{
@ -502,7 +502,7 @@ func TestPostOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can add users to his org",
enableAccessControl: true,
user: testServerAdminViewer,
targetOrg: testServerAdminViewer.OrgId,
targetOrg: testServerAdminViewer.OrgID,
input: `{"loginOrEmail": "` + testAdminOrg2.Login + `", "role": "` + string(testAdminOrg2.OrgRole) + `"}`,
expectedCode: http.StatusOK,
},
@ -518,7 +518,7 @@ func TestPostOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "org admin can add users to his org",
enableAccessControl: true,
user: testAdminOrg2,
targetOrg: testAdminOrg2.OrgId,
targetOrg: testAdminOrg2.OrgID,
input: `{"loginOrEmail": "` + testEditorOrg1.Login + `", "role": "` + string(testEditorOrg1.OrgRole) + `"}`,
expectedCode: http.StatusOK,
},
@ -555,7 +555,7 @@ func TestPostOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
require.NoError(t, err)
getUsersQuery := models.GetOrgUsersQuery{OrgId: tc.targetOrg, User: &user.SignedInUser{
OrgId: tc.targetOrg,
OrgID: tc.targetOrg,
Permissions: map[int64]map[string][]string{tc.targetOrg: {"org.users:read": {"users:*"}}},
}}
err = sc.db.GetOrgUsers(context.Background(), &getUsersQuery)
@ -610,7 +610,7 @@ func TestOrgUsersAPIEndpointWithSetPerms_AccessControl(t *testing.T) {
{
expectedCode: http.StatusOK,
desc: "org viewer with the correct permissions can update a user's role to a viewer in his org",
url: fmt.Sprintf("/api/org/users/%d", testEditorOrg1.UserId),
url: fmt.Sprintf("/api/org/users/%d", testEditorOrg1.UserID),
method: http.MethodPatch,
permissions: []accesscontrol.Permission{{Action: accesscontrol.ActionOrgUsersWrite, Scope: accesscontrol.ScopeUsersAll}},
input: `{"role": "` + string(org.RoleViewer) + `"}`,
@ -618,7 +618,7 @@ func TestOrgUsersAPIEndpointWithSetPerms_AccessControl(t *testing.T) {
{
expectedCode: http.StatusForbidden,
desc: "org viewer with the correct permissions cannot update a user's role to a viewer in his org",
url: fmt.Sprintf("/api/org/users/%d", testEditorOrg1.UserId),
url: fmt.Sprintf("/api/org/users/%d", testEditorOrg1.UserID),
method: http.MethodPatch,
permissions: []accesscontrol.Permission{{Action: accesscontrol.ActionOrgUsersWrite, Scope: accesscontrol.ScopeUsersAll}},
input: `{"role": "` + string(org.RoleEditor) + `"}`,
@ -626,7 +626,7 @@ func TestOrgUsersAPIEndpointWithSetPerms_AccessControl(t *testing.T) {
{
expectedCode: http.StatusOK,
desc: "org viewer with the correct permissions can update a user's role to a viewer in his org",
url: fmt.Sprintf("/api/orgs/1/users/%d", testEditorOrg1.UserId),
url: fmt.Sprintf("/api/orgs/1/users/%d", testEditorOrg1.UserID),
method: http.MethodPatch,
permissions: []accesscontrol.Permission{{Action: accesscontrol.ActionOrgUsersWrite, Scope: accesscontrol.ScopeUsersAll}},
input: `{"role": "` + string(org.RoleViewer) + `"}`,
@ -634,7 +634,7 @@ func TestOrgUsersAPIEndpointWithSetPerms_AccessControl(t *testing.T) {
{
expectedCode: http.StatusForbidden,
desc: "org viewer with the correct permissions cannot update a user's role to a viewer in his org",
url: fmt.Sprintf("/api/orgs/1/users/%d", testEditorOrg1.UserId),
url: fmt.Sprintf("/api/orgs/1/users/%d", testEditorOrg1.UserID),
method: http.MethodPatch,
permissions: []accesscontrol.Permission{{Action: accesscontrol.ActionOrgUsersWrite, Scope: accesscontrol.ScopeUsersAll}},
input: `{"role": "` + string(org.RoleEditor) + `"}`,
@ -665,7 +665,7 @@ func TestOrgUsersAPIEndpointWithSetPerms_AccessControl(t *testing.T) {
sc.hs.userService = userService
setInitCtxSignedInViewer(sc.initCtx)
setupOrgUsersDBForAccessControlTests(t, sc.db)
setAccessControlPermissions(sc.acmock, test.permissions, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, test.permissions, sc.initCtx.OrgID)
input := strings.NewReader(test.input)
response := callAPI(sc.server, test.method, test.url, input, t)
@ -693,8 +693,8 @@ func TestPatchOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can update users in his org (legacy)",
enableAccessControl: false,
user: testServerAdminViewer,
targetUserId: testEditorOrg1.UserId,
targetOrg: testServerAdminViewer.OrgId,
targetUserId: testEditorOrg1.UserID,
targetOrg: testServerAdminViewer.OrgID,
input: `{"role": "Viewer"}`,
expectedCode: http.StatusOK,
expectedMessage: util.DynMap{"message": "Organization user updated"},
@ -704,7 +704,7 @@ func TestPatchOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can update users in another org (legacy)",
enableAccessControl: false,
user: testServerAdminViewer,
targetUserId: testServerAdminViewer.UserId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: 2,
input: `{"role": "Editor"}`,
expectedCode: http.StatusOK,
@ -715,8 +715,8 @@ func TestPatchOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "org admin cannot update users in his org (legacy)",
enableAccessControl: false,
user: testAdminOrg2,
targetUserId: testServerAdminViewer.UserId,
targetOrg: testAdminOrg2.OrgId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: testAdminOrg2.OrgID,
input: `{"role": "Editor"}`,
expectedCode: http.StatusForbidden,
},
@ -724,7 +724,7 @@ func TestPatchOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "org admin cannot update users in another org (legacy)",
enableAccessControl: false,
user: testAdminOrg2,
targetUserId: testServerAdminViewer.UserId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: 1,
input: `{"role": "Editor"}`,
expectedCode: http.StatusForbidden,
@ -733,8 +733,8 @@ func TestPatchOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can update users in his org",
enableAccessControl: true,
user: testServerAdminViewer,
targetUserId: testEditorOrg1.UserId,
targetOrg: testServerAdminViewer.OrgId,
targetUserId: testEditorOrg1.UserID,
targetOrg: testServerAdminViewer.OrgID,
input: `{"role": "Viewer"}`,
expectedCode: http.StatusOK,
expectedMessage: util.DynMap{"message": "Organization user updated"},
@ -744,7 +744,7 @@ func TestPatchOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can update users in another org",
enableAccessControl: true,
user: testServerAdminViewer,
targetUserId: testServerAdminViewer.UserId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: 2,
input: `{"role": "Editor"}`,
expectedCode: http.StatusOK,
@ -755,8 +755,8 @@ func TestPatchOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "org admin can update users in his org",
enableAccessControl: true,
user: testAdminOrg2,
targetUserId: testServerAdminViewer.UserId,
targetOrg: testAdminOrg2.OrgId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: testAdminOrg2.OrgID,
input: `{"role": "Editor"}`,
expectedCode: http.StatusOK,
expectedMessage: util.DynMap{"message": "Organization user updated"},
@ -766,7 +766,7 @@ func TestPatchOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "org admin cannot update users in another org",
enableAccessControl: true,
user: testAdminOrg2,
targetUserId: testServerAdminViewer.UserId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: 1,
input: `{"role": "Editor"}`,
expectedCode: http.StatusForbidden,
@ -821,8 +821,8 @@ func TestDeleteOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can delete users from his org (legacy)",
enableAccessControl: false,
user: testServerAdminViewer,
targetUserId: testEditorOrg1.UserId,
targetOrg: testServerAdminViewer.OrgId,
targetUserId: testEditorOrg1.UserID,
targetOrg: testServerAdminViewer.OrgID,
expectedCode: http.StatusOK,
expectedMessage: util.DynMap{"message": "User removed from organization"},
expectedUserCount: 1,
@ -831,7 +831,7 @@ func TestDeleteOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can delete users from another org (legacy)",
enableAccessControl: false,
user: testServerAdminViewer,
targetUserId: testServerAdminViewer.UserId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: 2,
expectedCode: http.StatusOK,
expectedMessage: util.DynMap{"message": "User removed from organization"},
@ -841,15 +841,15 @@ func TestDeleteOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "org admin can delete users from his org (legacy)",
enableAccessControl: false,
user: testAdminOrg2,
targetUserId: testServerAdminViewer.UserId,
targetOrg: testAdminOrg2.OrgId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: testAdminOrg2.OrgID,
expectedCode: http.StatusForbidden,
},
{
name: "org admin cannot delete users from another org (legacy)",
enableAccessControl: false,
user: testAdminOrg2,
targetUserId: testEditorOrg1.UserId,
targetUserId: testEditorOrg1.UserID,
targetOrg: 1,
expectedCode: http.StatusForbidden,
},
@ -857,8 +857,8 @@ func TestDeleteOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can delete users from his org",
enableAccessControl: true,
user: testServerAdminViewer,
targetUserId: testEditorOrg1.UserId,
targetOrg: testServerAdminViewer.OrgId,
targetUserId: testEditorOrg1.UserID,
targetOrg: testServerAdminViewer.OrgID,
expectedCode: http.StatusOK,
expectedMessage: util.DynMap{"message": "User removed from organization"},
expectedUserCount: 1,
@ -867,7 +867,7 @@ func TestDeleteOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "server admin can delete users from another org",
enableAccessControl: true,
user: testServerAdminViewer,
targetUserId: testServerAdminViewer.UserId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: 2,
expectedCode: http.StatusOK,
expectedMessage: util.DynMap{"message": "User removed from organization"},
@ -877,8 +877,8 @@ func TestDeleteOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "org admin can delete users from his org",
enableAccessControl: true,
user: testAdminOrg2,
targetUserId: testServerAdminViewer.UserId,
targetOrg: testAdminOrg2.OrgId,
targetUserId: testServerAdminViewer.UserID,
targetOrg: testAdminOrg2.OrgID,
expectedCode: http.StatusOK,
expectedMessage: util.DynMap{"message": "User removed from organization"},
expectedUserCount: 1,
@ -887,7 +887,7 @@ func TestDeleteOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
name: "org admin cannot delete users from another org",
enableAccessControl: true,
user: testAdminOrg2,
targetUserId: testEditorOrg1.UserId,
targetUserId: testEditorOrg1.UserID,
targetOrg: 1,
expectedCode: http.StatusForbidden,
},
@ -911,7 +911,7 @@ func TestDeleteOrgUsersAPIEndpoint_AccessControl(t *testing.T) {
getUsersQuery := models.GetOrgUsersQuery{
OrgId: tc.targetOrg,
User: &user.SignedInUser{
OrgId: tc.targetOrg,
OrgID: tc.targetOrg,
Permissions: map[int64]map[string][]string{tc.targetOrg: {accesscontrol.ActionOrgUsersRead: {accesscontrol.ScopeUsersAll}}},
},
}

22
pkg/api/playlist.go
View File

@ -13,7 +13,7 @@ import (
func (hs *HTTPServer) ValidateOrgPlaylist(c *models.ReqContext) {
uid := web.Params(c.Req)[":uid"]
query := playlist.GetPlaylistByUidQuery{UID: uid, OrgId: c.OrgId}
query := playlist.GetPlaylistByUidQuery{UID: uid, OrgId: c.OrgID}
p, err := hs.playlistService.Get(c.Req.Context(), &query)
if err != nil {
@ -26,7 +26,7 @@ func (hs *HTTPServer) ValidateOrgPlaylist(c *models.ReqContext) {
return
}
if p.OrgId != c.OrgId {
if p.OrgId != c.OrgID {
c.JsonApiErr(403, "You are not allowed to edit/view playlist", nil)
return
}
@ -50,7 +50,7 @@ func (hs *HTTPServer) SearchPlaylists(c *models.ReqContext) response.Response {
searchQuery := playlist.GetPlaylistsQuery{
Name: query,
Limit: limit,
OrgId: c.OrgId,
OrgId: c.OrgID,
}
playlists, err := hs.playlistService.Search(c.Req.Context(), &searchQuery)
@ -73,14 +73,14 @@ func (hs *HTTPServer) SearchPlaylists(c *models.ReqContext) response.Response {
// 500: internalServerError
func (hs *HTTPServer) GetPlaylist(c *models.ReqContext) response.Response {
uid := web.Params(c.Req)[":uid"]
cmd := playlist.GetPlaylistByUidQuery{UID: uid, OrgId: c.OrgId}
cmd := playlist.GetPlaylistByUidQuery{UID: uid, OrgId: c.OrgID}
p, err := hs.playlistService.Get(c.Req.Context(), &cmd)
if err != nil {
return response.Error(500, "Playlist not found", err)
}
playlistDTOs, _ := hs.LoadPlaylistItemDTOs(c.Req.Context(), uid, c.OrgId)
playlistDTOs, _ := hs.LoadPlaylistItemDTOs(c.Req.Context(), uid, c.OrgID)
dto := &playlist.PlaylistDTO{
Id: p.Id,
@ -140,7 +140,7 @@ func (hs *HTTPServer) LoadPlaylistItems(ctx context.Context, uid string, orgId i
func (hs *HTTPServer) GetPlaylistItems(c *models.ReqContext) response.Response {
uid := web.Params(c.Req)[":uid"]
playlistDTOs, err := hs.LoadPlaylistItemDTOs(c.Req.Context(), uid, c.OrgId)
playlistDTOs, err := hs.LoadPlaylistItemDTOs(c.Req.Context(), uid, c.OrgID)
if err != nil {
return response.Error(500, "Could not load playlist items", err)
@ -162,7 +162,7 @@ func (hs *HTTPServer) GetPlaylistItems(c *models.ReqContext) response.Response {
func (hs *HTTPServer) GetPlaylistDashboards(c *models.ReqContext) response.Response {
playlistUID := web.Params(c.Req)[":uid"]
playlists, err := hs.LoadPlaylistDashboards(c.Req.Context(), c.OrgId, c.SignedInUser, playlistUID)
playlists, err := hs.LoadPlaylistDashboards(c.Req.Context(), c.OrgID, c.SignedInUser, playlistUID)
if err != nil {
return response.Error(500, "Could not load dashboards", err)
}
@ -183,7 +183,7 @@ func (hs *HTTPServer) GetPlaylistDashboards(c *models.ReqContext) response.Respo
func (hs *HTTPServer) DeletePlaylist(c *models.ReqContext) response.Response {
uid := web.Params(c.Req)[":uid"]
cmd := playlist.DeletePlaylistCommand{UID: uid, OrgId: c.OrgId}
cmd := playlist.DeletePlaylistCommand{UID: uid, OrgId: c.OrgID}
if err := hs.playlistService.Delete(c.Req.Context(), &cmd); err != nil {
return response.Error(500, "Failed to delete playlist", err)
}
@ -206,7 +206,7 @@ func (hs *HTTPServer) CreatePlaylist(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
p, err := hs.playlistService.Create(c.Req.Context(), &cmd)
if err != nil {
@ -231,7 +231,7 @@ func (hs *HTTPServer) UpdatePlaylist(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
cmd.UID = web.Params(c.Req)[":uid"]
p, err := hs.playlistService.Update(c.Req.Context(), &cmd)
@ -239,7 +239,7 @@ func (hs *HTTPServer) UpdatePlaylist(c *models.ReqContext) response.Response {
return response.Error(500, "Failed to save playlist", err)
}
playlistDTOs, err := hs.LoadPlaylistItemDTOs(c.Req.Context(), cmd.UID, c.OrgId)
playlistDTOs, err := hs.LoadPlaylistItemDTOs(c.Req.Context(), cmd.UID, c.OrgID)
if err != nil {
return response.Error(500, "Failed to save playlist", err)
}

2
pkg/api/plugin_dashboards.go
View File

@ -18,7 +18,7 @@ func (hs *HTTPServer) GetPluginDashboards(c *models.ReqContext) response.Respons
pluginID := web.Params(c.Req)[":pluginId"]
listReq := &plugindashboards.ListPluginDashboardsRequest{
OrgID: c.OrgId,
OrgID: c.OrgID,
PluginID: pluginID,
}
list, err := hs.pluginDashboardService.ListPluginDashboards(c.Req.Context(), listReq)

6
pkg/api/plugin_dashboards_test.go
View File

@ -54,7 +54,7 @@ func TestGetPluginDashboards(t *testing.T) {
t.Run("Signed in and not org admin should return 403 Forbidden", func(t *testing.T) {
user := &user.SignedInUser{
UserId: 1,
UserID: 1,
OrgRole: org.RoleEditor,
}
@ -66,8 +66,8 @@ func TestGetPluginDashboards(t *testing.T) {
t.Run("Signed in and org admin", func(t *testing.T) {
user := &user.SignedInUser{
UserId: 1,
OrgId: 1,
UserID: 1,
OrgID: 1,
OrgRole: org.RoleAdmin,
}

10
pkg/api/pluginproxy/ds_proxy.go
View File

@ -88,8 +88,8 @@ func (proxy *DataSourceProxy) HandleRequest() {
traceID := tracing.TraceIDFromContext(proxy.ctx.Req.Context(), false)
proxyErrorLogger := logger.New(
"userId", proxy.ctx.UserId,
"orgId", proxy.ctx.OrgId,
"userId", proxy.ctx.UserID,
"orgId", proxy.ctx.OrgID,
"uname", proxy.ctx.Login,
"path", proxy.ctx.Req.URL.Path,
"remote_addr", proxy.ctx.RemoteAddr(),
@ -142,7 +142,7 @@ func (proxy *DataSourceProxy) HandleRequest() {
span.SetAttributes("datasource_name", proxy.ds.Name, attribute.Key("datasource_name").String(proxy.ds.Name))
span.SetAttributes("datasource_type", proxy.ds.Type, attribute.Key("datasource_type").String(proxy.ds.Type))
span.SetAttributes("user", proxy.ctx.SignedInUser.Login, attribute.Key("user").String(proxy.ctx.SignedInUser.Login))
span.SetAttributes("org_id", proxy.ctx.SignedInUser.OrgId, attribute.Key("org_id").Int64(proxy.ctx.SignedInUser.OrgId))
span.SetAttributes("org_id", proxy.ctx.SignedInUser.OrgID, attribute.Key("org_id").Int64(proxy.ctx.SignedInUser.OrgID))
proxy.addTraceFromHeaderValue(span, "X-Panel-Id", "panel_id")
proxy.addTraceFromHeaderValue(span, "X-Dashboard-Id", "dashboard_id")
@ -332,8 +332,8 @@ func (proxy *DataSourceProxy) logRequest() {
}
logger.Info("Proxying incoming request",
"userid", proxy.ctx.UserId,
"orgid", proxy.ctx.OrgId,
"userid", proxy.ctx.UserID,
"orgid", proxy.ctx.OrgID,
"username", proxy.ctx.Login,
"datasource", proxy.ds.Type,
"uri", proxy.ctx.Req.RequestURI,

2
pkg/api/pluginproxy/ds_proxy_test.go
View File

@ -482,7 +482,7 @@ func TestDataSourceProxy_routeRule(t *testing.T) {
req, err := http.NewRequest("GET", "http://localhost/asd", nil)
require.NoError(t, err)
ctx := &models.ReqContext{
SignedInUser: &user.SignedInUser{UserId: 1},
SignedInUser: &user.SignedInUser{UserID: 1},
Context: &web.Context{Req: req},
}

10
pkg/api/pluginproxy/pluginproxy.go
View File

@ -27,8 +27,8 @@ func NewApiPluginProxy(ctx *models.ReqContext, proxyPath string, route *plugins.
appID string, cfg *setting.Cfg, pluginSettingsService pluginsettings.Service,
secretsService secrets.Service) *httputil.ReverseProxy {
appProxyLogger := logger.New(
"userId", ctx.UserId,
"orgId", ctx.OrgId,
"userId", ctx.UserID,
"orgId", ctx.OrgID,
"uname", ctx.Login,
"app", appID,
"path", ctx.Req.URL.Path,
@ -37,7 +37,7 @@ func NewApiPluginProxy(ctx *models.ReqContext, proxyPath string, route *plugins.
)
director := func(req *http.Request) {
query := pluginsettings.GetByPluginIDArgs{OrgID: ctx.OrgId, PluginID: appID}
query := pluginsettings.GetByPluginIDArgs{OrgID: ctx.OrgID, PluginID: appID}
ps, err := pluginSettingsService.GetPluginSettingByPluginID(ctx.Req.Context(), &query)
if err != nil {
ctx.JsonApiErr(500, "Failed to fetch plugin settings", err)
@ -115,8 +115,8 @@ func logAppPluginProxyRequest(appID string, cfg *setting.Cfg, c *models.ReqConte
}
logger.Info("Proxying incoming request",
"userid", c.UserId,
"orgid", c.OrgId,
"userid", c.UserID,
"orgid", c.OrgID,
"username", c.Login,
"app", appID,
"uri", c.Req.RequestURI,

6
pkg/api/plugins.go
View File

@ -42,7 +42,7 @@ func (hs *HTTPServer) GetPluginList(c *models.ReqContext) response.Response {
coreFilter = "1"
}
pluginSettingsMap, err := hs.pluginSettings(c.Req.Context(), c.OrgId)
pluginSettingsMap, err := hs.pluginSettings(c.Req.Context(), c.OrgID)
if err != nil {
return response.Error(500, "Failed to get list of plugins", err)
}
@ -155,7 +155,7 @@ func (hs *HTTPServer) GetPluginSettingByID(c *models.ReqContext) response.Respon
ps, err := hs.PluginSettings.GetPluginSettingByPluginID(c.Req.Context(), &pluginsettings.GetByPluginIDArgs{
PluginID: pluginID,
OrgID: c.OrgId,
OrgID: c.OrgID,
})
if err != nil {
if !errors.Is(err, models.ErrPluginSettingNotFound) {
@ -187,7 +187,7 @@ func (hs *HTTPServer) UpdatePluginSetting(c *models.ReqContext) response.Respons
return response.Error(404, "Plugin not installed", nil)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
cmd.PluginId = pluginID
if err := hs.PluginSettings.UpdatePluginSetting(c.Req.Context(), &pluginsettings.UpdateArgs{
Enabled: cmd.Enabled,

4
pkg/api/plugins_test.go
View File

@ -61,7 +61,7 @@ func Test_PluginsInstallAndUninstall(t *testing.T) {
t.Run(testName("Install", tc), func(t *testing.T) {
req := srv.NewPostRequest("/api/plugins/test/install", strings.NewReader("{ \"version\": \"1.0.2\" }"))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserId: 1, OrgId: 1, OrgRole: org.RoleEditor, IsGrafanaAdmin: true})
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, OrgRole: org.RoleEditor, IsGrafanaAdmin: true})
resp, err := srv.SendJSON(req)
require.NoError(t, err)
@ -79,7 +79,7 @@ func Test_PluginsInstallAndUninstall(t *testing.T) {
t.Run(testName("Uninstall", tc), func(t *testing.T) {
req := srv.NewPostRequest("/api/plugins/test/uninstall", strings.NewReader("{}"))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserId: 1, OrgId: 1, OrgRole: org.RoleViewer, IsGrafanaAdmin: true})
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, OrgRole: org.RoleViewer, IsGrafanaAdmin: true})
resp, err := srv.SendJSON(req)
require.NoError(t, err)

16
pkg/api/preferences.go
View File

@ -23,8 +23,8 @@ func (hs *HTTPServer) SetHomeDashboard(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.UserID = c.UserId
cmd.OrgID = c.OrgId
cmd.UserID = c.UserID
cmd.OrgID = c.OrgID
// the default value of HomeDashboardID is taken from input, when HomeDashboardID is set also,
// UID is used in preference to identify dashboard
@ -56,7 +56,7 @@ func (hs *HTTPServer) SetHomeDashboard(c *models.ReqContext) response.Response {
// 401: unauthorisedError
// 500: internalServerError
func (hs *HTTPServer) GetUserPreferences(c *models.ReqContext) response.Response {
return hs.getPreferencesFor(c.Req.Context(), c.OrgId, c.UserId, 0)
return hs.getPreferencesFor(c.Req.Context(), c.OrgID, c.UserID, 0)
}
func (hs *HTTPServer) getPreferencesFor(ctx context.Context, orgID, userID, teamID int64) response.Response {
@ -111,7 +111,7 @@ func (hs *HTTPServer) UpdateUserPreferences(c *models.ReqContext) response.Respo
if err := web.Bind(c.Req, &dtoCmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
return hs.updatePreferencesFor(c.Req.Context(), c.OrgId, c.UserId, 0, &dtoCmd)
return hs.updatePreferencesFor(c.Req.Context(), c.OrgID, c.UserID, 0, &dtoCmd)
}
func (hs *HTTPServer) updatePreferencesFor(ctx context.Context, orgID, userID, teamId int64, dtoCmd *dtos.UpdatePrefsCmd) response.Response {
@ -164,7 +164,7 @@ func (hs *HTTPServer) PatchUserPreferences(c *models.ReqContext) response.Respon
if err := web.Bind(c.Req, &dtoCmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
return hs.patchPreferencesFor(c.Req.Context(), c.OrgId, c.UserId, 0, &dtoCmd)
return hs.patchPreferencesFor(c.Req.Context(), c.OrgID, c.UserID, 0, &dtoCmd)
}
func (hs *HTTPServer) patchPreferencesFor(ctx context.Context, orgID, userID, teamId int64, dtoCmd *dtos.PatchPrefsCmd) response.Response {
@ -214,7 +214,7 @@ func (hs *HTTPServer) patchPreferencesFor(ctx context.Context, orgID, userID, te
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetOrgPreferences(c *models.ReqContext) response.Response {
return hs.getPreferencesFor(c.Req.Context(), c.OrgId, 0, 0)
return hs.getPreferencesFor(c.Req.Context(), c.OrgID, 0, 0)
}
// swagger:route PUT /org/preferences org_preferences updateOrgPreferences
@ -233,7 +233,7 @@ func (hs *HTTPServer) UpdateOrgPreferences(c *models.ReqContext) response.Respon
return response.Error(http.StatusBadRequest, "bad request data", err)
}
return hs.updatePreferencesFor(c.Req.Context(), c.OrgId, 0, 0, &dtoCmd)
return hs.updatePreferencesFor(c.Req.Context(), c.OrgID, 0, 0, &dtoCmd)
}
// swagger:route PATCH /org/preferences org_preferences patchOrgPreferences
@ -251,7 +251,7 @@ func (hs *HTTPServer) PatchOrgPreferences(c *models.ReqContext) response.Respons
if err := web.Bind(c.Req, &dtoCmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
return hs.patchPreferencesFor(c.Req.Context(), c.OrgId, 0, 0, &dtoCmd)
return hs.patchPreferencesFor(c.Req.Context(), c.OrgID, 0, 0, &dtoCmd)
}
// swagger:parameters updateUserPreferences

8
pkg/api/preferences_test.go
View File

@ -79,7 +79,7 @@ func TestAPIEndpoint_GetCurrentOrgPreferences_AccessControl(t *testing.T) {
require.NoError(t, err)
t.Run("AccessControl allows getting org preferences with correct permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsPreferencesRead}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsPreferencesRead}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodGet, getOrgPreferencesURL, nil, t)
assert.Equal(t, http.StatusOK, response.Code)
})
@ -89,7 +89,7 @@ func TestAPIEndpoint_GetCurrentOrgPreferences_AccessControl(t *testing.T) {
assert.Equal(t, http.StatusForbidden, response.Code)
})
t.Run("AccessControl prevents getting org preferences with incorrect permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodGet, getOrgPreferencesURL, nil, t)
assert.Equal(t, http.StatusForbidden, response.Code)
})
@ -125,7 +125,7 @@ func TestAPIEndpoint_PutCurrentOrgPreferences_AccessControl(t *testing.T) {
input := strings.NewReader(testUpdateOrgPreferencesCmd)
t.Run("AccessControl allows updating org preferences with correct permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsPreferencesWrite}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsPreferencesWrite}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodPut, putOrgPreferencesURL, input, t)
assert.Equal(t, http.StatusOK, response.Code)
})
@ -139,7 +139,7 @@ func TestAPIEndpoint_PutCurrentOrgPreferences_AccessControl(t *testing.T) {
input = strings.NewReader(testUpdateOrgPreferencesCmd)
t.Run("AccessControl prevents updating org preferences with incorrect permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodPut, putOrgPreferencesURL, input, t)
assert.Equal(t, http.StatusForbidden, response.Code)
})

2
pkg/api/quota.go
View File

@ -11,7 +11,7 @@ import (
)
func (hs *HTTPServer) GetCurrentOrgQuotas(c *models.ReqContext) response.Response {
return hs.getOrgQuotasHelper(c, c.OrgId)
return hs.getOrgQuotasHelper(c, c.OrgID)
}
// swagger:route GET /orgs/{org_id}/quotas orgs getOrgQuota

4
pkg/api/quota_test.go
View File

@ -66,7 +66,7 @@ func TestAPIEndpoint_GetCurrentOrgQuotas_AccessControl(t *testing.T) {
setupDBAndSettingsForAccessControlQuotaTests(t, sc)
t.Run("AccessControl allows viewing CurrentOrgQuotas with correct permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsQuotasRead}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: ActionOrgsQuotasRead}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodGet, getCurrentOrgQuotasURL, nil, t)
assert.Equal(t, http.StatusOK, response.Code)
})
@ -76,7 +76,7 @@ func TestAPIEndpoint_GetCurrentOrgQuotas_AccessControl(t *testing.T) {
assert.Equal(t, http.StatusForbidden, response.Code)
})
t.Run("AccessControl prevents viewing CurrentOrgQuotas with incorrect permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgId)
setAccessControlPermissions(sc.acmock, []accesscontrol.Permission{{Action: "orgs:invalid"}}, sc.initCtx.OrgID)
response := callAPI(sc.server, http.MethodGet, getCurrentOrgQuotasURL, nil, t)
assert.Equal(t, http.StatusForbidden, response.Code)
})

4
pkg/api/render.go
View File

@ -57,8 +57,8 @@ func (hs *HTTPServer) RenderToPng(c *models.ReqContext) {
Timeout: time.Duration(timeout) * time.Second,
},
AuthOpts: rendering.AuthOpts{
OrgID: c.OrgId,
UserID: c.UserId,
OrgID: c.OrgID,
UserID: c.UserID,
OrgRole: c.OrgRole,
},
Width: width,

6
pkg/api/search.go
View File

@ -71,7 +71,7 @@ func (hs *HTTPServer) Search(c *models.ReqContext) response.Response {
Limit: limit,
Page: page,
IsStarred: starred == "true",
OrgId: c.OrgId,
OrgId: c.OrgID,
DashboardIds: dbIDs,
DashboardUIDs: dbUIDs,
Type: dashboardType,
@ -107,8 +107,8 @@ func (hs *HTTPServer) searchHitsWithMetadata(c *models.ReqContext, hits models.H
}
}
folderMeta := hs.getMultiAccessControlMetadata(c, c.OrgId, dashboards.ScopeFoldersPrefix, folderUIDs)
dashboardMeta := hs.getMultiAccessControlMetadata(c, c.OrgId, dashboards.ScopeDashboardsPrefix, dashboardUIDs)
folderMeta := hs.getMultiAccessControlMetadata(c, c.OrgID, dashboards.ScopeFoldersPrefix, folderUIDs)
dashboardMeta := hs.getMultiAccessControlMetadata(c, c.OrgID, dashboards.ScopeDashboardsPrefix, dashboardUIDs)
// search hit with access control metadata attached
type hitWithMeta struct {

2
pkg/api/short_url.go
View File

@ -25,7 +25,7 @@ func (hs *HTTPServer) createShortURL(c *models.ReqContext) response.Response {
return response.Err(err)
}
url := fmt.Sprintf("%s/goto/%s?orgId=%d", strings.TrimSuffix(setting.AppUrl, "/"), shortURL.Uid, c.OrgId)
url := fmt.Sprintf("%s/goto/%s?orgId=%d", strings.TrimSuffix(setting.AppUrl, "/"), shortURL.Uid, c.OrgID)
c.Logger.Debug("Created short URL", "url", url)
dto := dtos.ShortURL{

2
pkg/api/short_url_test.go
View File

@ -65,7 +65,7 @@ func createShortURLScenario(t *testing.T, desc string, url string, routePattern
c.Req.Body = mockRequestBody(cmd)
c.Req.Header.Add("Content-Type", "application/json")
sc.context = c
sc.context.SignedInUser = &user.SignedInUser{OrgId: testOrgID, UserId: testUserID}
sc.context.SignedInUser = &user.SignedInUser{OrgID: testOrgID, UserID: testUserID}
return hs.createShortURL(c)
})

2
pkg/api/signup.go
View File

@ -44,7 +44,7 @@ func (hs *HTTPServer) SignUp(c *models.ReqContext) response.Response {
cmd.OrgId = -1
cmd.Email = form.Email
cmd.Status = models.TmpUserSignUpStarted
cmd.InvitedByUserId = c.UserId
cmd.InvitedByUserId = c.UserID
cmd.Code, err = util.GetRandomString(20)
if err != nil {
return response.Error(500, "Failed to generate random string", err)

8
pkg/api/stars.go
View File

@ -12,7 +12,7 @@ import (
func (hs *HTTPServer) GetStars(c *models.ReqContext) response.Response {
query := star.GetUserStarsQuery{
UserID: c.SignedInUser.UserId,
UserID: c.SignedInUser.UserID,
}
iuserstars, err := hs.starService.GetByUser(c.Req.Context(), &query)
@ -24,7 +24,7 @@ func (hs *HTTPServer) GetStars(c *models.ReqContext) response.Response {
for dashboardId := range iuserstars.UserStars {
query := &models.GetDashboardQuery{
Id: dashboardId,
OrgId: c.OrgId,
OrgId: c.OrgID,
}
err := hs.DashboardService.GetDashboard(c.Req.Context(), query)
@ -53,7 +53,7 @@ func (hs *HTTPServer) StarDashboard(c *models.ReqContext) response.Response {
if err != nil {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
cmd := star.StarDashboardCommand{UserID: c.UserId, DashboardID: id}
cmd := star.StarDashboardCommand{UserID: c.UserID, DashboardID: id}
if cmd.DashboardID <= 0 {
return response.Error(400, "Missing dashboard id", nil)
@ -83,7 +83,7 @@ func (hs *HTTPServer) UnstarDashboard(c *models.ReqContext) response.Response {
if err != nil {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
cmd := star.UnstarDashboardCommand{UserID: c.UserId, DashboardID: id}
cmd := star.UnstarDashboardCommand{UserID: c.UserID, DashboardID: id}
if cmd.DashboardID <= 0 {
return response.Error(400, "Missing dashboard id", nil)

22
pkg/api/team.go
View File

@ -33,7 +33,7 @@ func (hs *HTTPServer) CreateTeam(c *models.ReqContext) response.Response {
return response.Error(403, "Not allowed to create team.", nil)
}
team, err := hs.SQLStore.CreateTeam(cmd.Name, cmd.Email, c.OrgId)
team, err := hs.SQLStore.CreateTeam(cmd.Name, cmd.Email, c.OrgID)
if err != nil {
if errors.Is(err, models.ErrTeamNameTaken) {
return response.Error(409, "Team name taken", err)
@ -46,7 +46,7 @@ func (hs *HTTPServer) CreateTeam(c *models.ReqContext) response.Response {
// the SignedInUser is an empty struct therefore
// an additional check whether it is an actual user is required
if c.SignedInUser.IsRealUser() {
if err := addOrUpdateTeamMember(c.Req.Context(), hs.teamPermissionsService, c.SignedInUser.UserId, c.OrgId, team.Id, models.PERMISSION_ADMIN.String()); err != nil {
if err := addOrUpdateTeamMember(c.Req.Context(), hs.teamPermissionsService, c.SignedInUser.UserID, c.OrgID, team.Id, models.PERMISSION_ADMIN.String()); err != nil {
c.Logger.Error("Could not add creator to team", "error", err)
}
} else {
@ -76,7 +76,7 @@ func (hs *HTTPServer) UpdateTeam(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
cmd.Id, err = strconv.ParseInt(web.Params(c.Req)[":teamId"], 10, 64)
if err != nil {
return response.Error(http.StatusBadRequest, "teamId is invalid", err)
@ -109,7 +109,7 @@ func (hs *HTTPServer) UpdateTeam(c *models.ReqContext) response.Response {
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) DeleteTeamByID(c *models.ReqContext) response.Response {
orgId := c.OrgId
orgId := c.OrgID
teamId, err := strconv.ParseInt(web.Params(c.Req)[":teamId"], 10, 64)
if err != nil {
return response.Error(http.StatusBadRequest, "teamId is invalid", err)
@ -157,7 +157,7 @@ func (hs *HTTPServer) SearchTeams(c *models.ReqContext) response.Response {
}
query := models.SearchTeamsQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
Query: c.Query("query"),
Name: c.Query("name"),
UserIdFilter: userIdFilter,
@ -177,7 +177,7 @@ func (hs *HTTPServer) SearchTeams(c *models.ReqContext) response.Response {
teamIDs[strconv.FormatInt(team.Id, 10)] = true
}
metadata := hs.getMultiAccessControlMetadata(c, c.OrgId, "teams:id:", teamIDs)
metadata := hs.getMultiAccessControlMetadata(c, c.OrgID, "teams:id:", teamIDs)
if len(metadata) > 0 {
for _, team := range query.Result.Teams {
team.AccessControl = metadata[strconv.FormatInt(team.Id, 10)]
@ -194,7 +194,7 @@ func (hs *HTTPServer) SearchTeams(c *models.ReqContext) response.Response {
// 1. If the user is a viewer or editor, this will return the user's ID.
// 2. If the user is an admin, this will return models.FilterIgnoreUser (0)
func userFilter(c *models.ReqContext) int64 {
userIdFilter := c.SignedInUser.UserId
userIdFilter := c.SignedInUser.UserID
if c.OrgRole == org.RoleAdmin {
userIdFilter = models.FilterIgnoreUser
}
@ -224,7 +224,7 @@ func (hs *HTTPServer) GetTeamByID(c *models.ReqContext) response.Response {
}
query := models.GetTeamByIdQuery{
OrgId: c.OrgId,
OrgId: c.OrgID,
Id: teamId,
SignedInUser: c.SignedInUser,
HiddenUsers: hs.Cfg.HiddenUsers,
@ -240,7 +240,7 @@ func (hs *HTTPServer) GetTeamByID(c *models.ReqContext) response.Response {
}
// Add accesscontrol metadata
query.Result.AccessControl = hs.getAccessControlMetadata(c, c.OrgId, "teams:id:", strconv.FormatInt(query.Result.Id, 10))
query.Result.AccessControl = hs.getAccessControlMetadata(c, c.OrgID, "teams:id:", strconv.FormatInt(query.Result.Id, 10))
query.Result.AvatarUrl = dtos.GetGravatarUrlWithDefault(query.Result.Email, query.Result.Name)
return response.JSON(http.StatusOK, &query.Result)
@ -260,7 +260,7 @@ func (hs *HTTPServer) GetTeamPreferences(c *models.ReqContext) response.Response
return response.Error(http.StatusBadRequest, "teamId is invalid", err)
}
orgId := c.OrgId
orgId := c.OrgID
if hs.AccessControl.IsDisabled() {
if err := hs.teamGuardian.CanAdmin(c.Req.Context(), orgId, teamId, c.SignedInUser); err != nil {
@ -291,7 +291,7 @@ func (hs *HTTPServer) UpdateTeamPreferences(c *models.ReqContext) response.Respo
return response.Error(http.StatusBadRequest, "teamId is invalid", err)
}
orgId := c.OrgId
orgId := c.OrgID
if hs.AccessControl.IsDisabled() {
if err := hs.teamGuardian.CanAdmin(c.Req.Context(), orgId, teamId, c.SignedInUser); err != nil {

10
pkg/api/team_members.go
View File

@ -32,7 +32,7 @@ func (hs *HTTPServer) GetTeamMembers(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "teamId is invalid", err)
}
query := models.GetTeamMembersQuery{OrgId: c.OrgId, TeamId: teamId, SignedInUser: c.SignedInUser}
query := models.GetTeamMembersQuery{OrgId: c.OrgID, TeamId: teamId, SignedInUser: c.SignedInUser}
// With accesscontrol the permission check has been done at middleware layer
// and the membership filtering will be done at DB layer based on user permissions
@ -82,7 +82,7 @@ func (hs *HTTPServer) AddTeamMember(c *models.ReqContext) response.Response {
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
cmd.TeamId, err = strconv.ParseInt(web.Params(c.Req)[":teamId"], 10, 64)
if err != nil {
return response.Error(http.StatusBadRequest, "teamId is invalid", err)
@ -94,7 +94,7 @@ func (hs *HTTPServer) AddTeamMember(c *models.ReqContext) response.Response {
}
}
isTeamMember, err := hs.SQLStore.IsTeamMember(c.OrgId, cmd.TeamId, cmd.UserId)
isTeamMember, err := hs.SQLStore.IsTeamMember(c.OrgID, cmd.TeamId, cmd.UserId)
if err != nil {
return response.Error(500, "Failed to add team member.", err)
}
@ -135,7 +135,7 @@ func (hs *HTTPServer) UpdateTeamMember(c *models.ReqContext) response.Response {
if err != nil {
return response.Error(http.StatusBadRequest, "userId is invalid", err)
}
orgId := c.OrgId
orgId := c.OrgID
if hs.AccessControl.IsDisabled() {
if err := hs.teamGuardian.CanAdmin(c.Req.Context(), orgId, teamId, c.SignedInUser); err != nil {
@ -179,7 +179,7 @@ func getPermissionName(permission models.PermissionType) string {
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) RemoveTeamMember(c *models.ReqContext) response.Response {
orgId := c.OrgId
orgId := c.OrgID
teamId, err := strconv.ParseInt(web.Params(c.Req)[":teamId"], 10, 64)
if err != nil {
return response.Error(http.StatusBadRequest, "teamId is invalid", err)

12
pkg/api/team_members_test.go
View File

@ -175,7 +175,7 @@ func TestAddTeamMembersAPIEndpoint_LegacyAccessControl(t *testing.T) {
assert.Equal(t, http.StatusForbidden, response.Code)
})
err := sc.db.AddTeamMember(sc.initCtx.UserId, 1, 1, false, 0)
err := sc.db.AddTeamMember(sc.initCtx.UserID, 1, 1, false, 0)
require.NoError(t, err)
input = strings.NewReader(fmt.Sprintf(createTeamMemberCmd, newUserId))
t.Run("Team members cannot add team members", func(t *testing.T) {
@ -184,7 +184,7 @@ func TestAddTeamMembersAPIEndpoint_LegacyAccessControl(t *testing.T) {
})
err = sc.db.UpdateTeamMember(context.Background(), &models.UpdateTeamMemberCommand{
UserId: sc.initCtx.UserId,
UserId: sc.initCtx.UserID,
OrgId: 1,
TeamId: 1,
Permission: models.PERMISSION_ADMIN,
@ -309,7 +309,7 @@ func TestUpdateTeamMembersAPIEndpoint_LegacyAccessControl(t *testing.T) {
assert.Equal(t, http.StatusForbidden, response.Code)
})
err := sc.db.AddTeamMember(sc.initCtx.UserId, 1, 1, false, 0)
err := sc.db.AddTeamMember(sc.initCtx.UserID, 1, 1, false, 0)
require.NoError(t, err)
input = strings.NewReader(fmt.Sprintf(updateTeamMemberCmd, 0))
t.Run("Team members cannot update team members", func(t *testing.T) {
@ -318,7 +318,7 @@ func TestUpdateTeamMembersAPIEndpoint_LegacyAccessControl(t *testing.T) {
})
err = sc.db.UpdateTeamMember(context.Background(), &models.UpdateTeamMemberCommand{
UserId: sc.initCtx.UserId,
UserId: sc.initCtx.UserID,
OrgId: 1,
TeamId: 1,
Permission: models.PERMISSION_ADMIN,
@ -385,7 +385,7 @@ func TestDeleteTeamMembersAPIEndpoint_LegacyAccessControl(t *testing.T) {
assert.Equal(t, http.StatusForbidden, response.Code)
})
err := sc.db.AddTeamMember(sc.initCtx.UserId, 1, 1, false, 0)
err := sc.db.AddTeamMember(sc.initCtx.UserID, 1, 1, false, 0)
require.NoError(t, err)
t.Run("Team members cannot remove team members", func(t *testing.T) {
response := callAPI(sc.server, http.MethodDelete, fmt.Sprintf(teamMemberDeleteRoute, "1", "3"), nil, t)
@ -393,7 +393,7 @@ func TestDeleteTeamMembersAPIEndpoint_LegacyAccessControl(t *testing.T) {
})
err = sc.db.UpdateTeamMember(context.Background(), &models.UpdateTeamMemberCommand{
UserId: sc.initCtx.UserId,
UserId: sc.initCtx.UserID,
OrgId: 1,
TeamId: 1,
Permission: models.PERMISSION_ADMIN,

2
pkg/api/team_test.go
View File

@ -136,7 +136,7 @@ func TestTeamAPIEndpoint(t *testing.T) {
logger := &logtest.Fake{}
c := &models.ReqContext{
Context: &web.Context{Req: req},
SignedInUser: &user.SignedInUser{UserId: 42},
SignedInUser: &user.SignedInUser{UserID: 42},
Logger: logger,
}
c.OrgRole = org.RoleEditor

28
pkg/api/user.go
View File

@ -27,7 +27,7 @@ import (
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) GetSignedInUser(c *models.ReqContext) response.Response {
return hs.getUserUserProfile(c, c.UserId)
return hs.getUserUserProfile(c, c.UserID)
}
// swagger:route GET /users/{user_id} users getUserByID
@ -66,7 +66,7 @@ func (hs *HTTPServer) getUserUserProfile(c *models.ReqContext, userID int64) res
query.Result.IsExternal = true
}
query.Result.AccessControl = hs.getAccessControlMetadata(c, c.OrgId, "global.users:id:", strconv.FormatInt(userID, 10))
query.Result.AccessControl = hs.getAccessControlMetadata(c, c.OrgID, "global.users:id:", strconv.FormatInt(userID, 10))
query.Result.AvatarUrl = dtos.GetGravatarUrl(query.Result.Email)
return response.JSON(http.StatusOK, query.Result)
@ -127,7 +127,7 @@ func (hs *HTTPServer) UpdateSignedInUser(c *models.ReqContext) response.Response
return response.Error(400, "Not allowed to change username when auth proxy is using username property", nil)
}
}
cmd.UserID = c.UserId
cmd.UserID = c.UserID
return hs.handleUpdateUser(c.Req.Context(), cmd)
}
@ -213,7 +213,7 @@ func (hs *HTTPServer) handleUpdateUser(ctx context.Context, cmd user.UpdateUserC
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetSignedInUserOrgList(c *models.ReqContext) response.Response {
return hs.getUserOrgList(c.Req.Context(), c.UserId)
return hs.getUserOrgList(c.Req.Context(), c.UserID)
}
// swagger:route GET /user/teams signed_in_user getSignedInUserTeamList
@ -228,7 +228,7 @@ func (hs *HTTPServer) GetSignedInUserOrgList(c *models.ReqContext) response.Resp
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetSignedInUserTeamList(c *models.ReqContext) response.Response {
return hs.getUserTeamList(c, c.OrgId, c.UserId)
return hs.getUserTeamList(c, c.OrgID, c.UserID)
}
// swagger:route GET /users/{user_id}/teams users getUserTeams
@ -248,7 +248,7 @@ func (hs *HTTPServer) GetUserTeams(c *models.ReqContext) response.Response {
if err != nil {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
return hs.getUserTeamList(c, c.OrgId, id)
return hs.getUserTeamList(c, c.OrgID, id)
}
func (hs *HTTPServer) getUserTeamList(c *models.ReqContext, orgID int64, userID int64) response.Response {
@ -330,11 +330,11 @@ func (hs *HTTPServer) UserSetUsingOrg(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "id is invalid", err)
}
if !hs.validateUsingOrg(c.Req.Context(), c.UserId, orgID) {
if !hs.validateUsingOrg(c.Req.Context(), c.UserID, orgID) {
return response.Error(401, "Not a valid organization", nil)
}
cmd := models.SetUsingOrgCommand{UserId: c.UserId, OrgId: orgID}
cmd := models.SetUsingOrgCommand{UserId: c.UserID, OrgId: orgID}
if err := hs.SQLStore.SetUsingOrg(c.Req.Context(), &cmd); err != nil {
return response.Error(500, "Failed to change active organization", err)
@ -351,11 +351,11 @@ func (hs *HTTPServer) ChangeActiveOrgAndRedirectToHome(c *models.ReqContext) {
return
}
if !hs.validateUsingOrg(c.Req.Context(), c.UserId, orgID) {
if !hs.validateUsingOrg(c.Req.Context(), c.UserID, orgID) {
hs.NotFoundHandler(c)
}
cmd := models.SetUsingOrgCommand{UserId: c.UserId, OrgId: orgID}
cmd := models.SetUsingOrgCommand{UserId: c.UserID, OrgId: orgID}
if err := hs.SQLStore.SetUsingOrg(c.Req.Context(), &cmd); err != nil {
hs.NotFoundHandler(c)
@ -385,7 +385,7 @@ func (hs *HTTPServer) ChangeUserPassword(c *models.ReqContext) response.Response
return response.Error(http.StatusBadRequest, "bad request data", err)
}
userQuery := user.GetUserByIDQuery{ID: c.UserId}
userQuery := user.GetUserByIDQuery{ID: c.UserID}
user, err := hs.userService.GetByID(c.Req.Context(), &userQuery)
if err != nil {
@ -413,7 +413,7 @@ func (hs *HTTPServer) ChangeUserPassword(c *models.ReqContext) response.Response
return response.Error(400, "New password is too short", nil)
}
cmd.UserID = c.UserId
cmd.UserID = c.UserID
cmd.NewPassword, err = util.EncodePassword(cmd.NewPassword, user.Salt)
if err != nil {
return response.Error(500, "Failed to encode password", err)
@ -450,7 +450,7 @@ func (hs *HTTPServer) SetHelpFlag(c *models.ReqContext) response.Response {
bitmask.AddFlag(user.HelpFlags1(flag))
cmd := models.SetUserHelpFlagCommand{
UserId: c.UserId,
UserId: c.UserID,
HelpFlags1: *bitmask,
}
@ -472,7 +472,7 @@ func (hs *HTTPServer) SetHelpFlag(c *models.ReqContext) response.Response {
// 500: internalServerError
func (hs *HTTPServer) ClearHelpFlags(c *models.ReqContext) response.Response {
cmd := models.SetUserHelpFlagCommand{
UserId: c.UserId,
UserId: c.UserID,
HelpFlags1: user.HelpFlags1(0),
}

4
pkg/api/user_token.go
View File

@ -27,7 +27,7 @@ import (
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) GetUserAuthTokens(c *models.ReqContext) response.Response {
return hs.getUserAuthTokensInternal(c, c.UserId)
return hs.getUserAuthTokensInternal(c, c.UserID)
}
// swagger:route POST /user/revoke-auth-token signed_in_user revokeUserAuthToken
@ -47,7 +47,7 @@ func (hs *HTTPServer) RevokeUserAuthToken(c *models.ReqContext) response.Respons
if err := web.Bind(c.Req, &cmd); err != nil {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
return hs.revokeUserAuthTokenInternal(c, c.UserId, cmd)
return hs.revokeUserAuthTokenInternal(c, c.UserID, cmd)
}
func (hs *HTTPServer) logoutUserFromAllDevicesInternal(ctx context.Context, userID int64) response.Response {

20
pkg/api/user_token_test.go
View File

@ -160,8 +160,8 @@ func revokeUserAuthTokenScenario(t *testing.T, desc string, url string, routePat
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
c.Req.Body = mockRequestBody(cmd)
sc.context = c
sc.context.UserId = userId
sc.context.OrgId = testOrgID
sc.context.UserID = userId
sc.context.OrgID = testOrgID
sc.context.OrgRole = org.RoleAdmin
return hs.RevokeUserAuthToken(c)
@ -186,8 +186,8 @@ func getUserAuthTokensScenario(t *testing.T, desc string, url string, routePatte
sc.userAuthTokenService = fakeAuthTokenService
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
sc.context = c
sc.context.UserId = userId
sc.context.OrgId = testOrgID
sc.context.UserID = userId
sc.context.OrgID = testOrgID
sc.context.OrgRole = org.RoleAdmin
return hs.GetUserAuthTokens(c)
@ -209,8 +209,8 @@ func logoutUserFromAllDevicesInternalScenario(t *testing.T, desc string, userId
sc := setupScenarioContext(t, "/")
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = org.RoleAdmin
return hs.logoutUserFromAllDevicesInternal(context.Background(), userId)
@ -236,8 +236,8 @@ func revokeUserAuthTokenInternalScenario(t *testing.T, desc string, cmd models.R
sc.userAuthTokenService = fakeAuthTokenService
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = org.RoleAdmin
sc.context.UserToken = token
@ -261,8 +261,8 @@ func getUserAuthTokensInternalScenario(t *testing.T, desc string, token *models.
sc.userAuthTokenService = fakeAuthTokenService
sc.defaultHandler = routing.Wrap(func(c *models.ReqContext) response.Response {
sc.context = c
sc.context.UserId = testUserID
sc.context.OrgId = testOrgID
sc.context.UserID = testUserID
sc.context.OrgID = testOrgID
sc.context.OrgRole = org.RoleAdmin
sc.context.UserToken = token

2
pkg/infra/usagestats/service/api_test.go
View File

@ -57,7 +57,7 @@ func TestApi_getUsageStats(t *testing.T) {
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
uss.Cfg.ReportingEnabled = tt.enabled
server := setupTestServer(t, &user.SignedInUser{OrgId: 1, IsGrafanaAdmin: tt.IsGrafanaAdmin}, uss)
server := setupTestServer(t, &user.SignedInUser{OrgID: 1, IsGrafanaAdmin: tt.IsGrafanaAdmin}, uss)
usageStats, recorder := getUsageStats(t, server)
require.Equal(t, tt.expectedStatus, recorder.Code)

2
pkg/middleware/auth.go
View File

@ -104,7 +104,7 @@ func Auth(options *AuthOptions) web.Handler {
if !forceLogin {
orgIDValue := c.Req.URL.Query().Get("orgId")
orgID, err := strconv.ParseInt(orgIDValue, 10, 64)
if err == nil && orgID > 0 && orgID != c.OrgId {
if err == nil && orgID > 0 && orgID != c.OrgID {
forceLogin = true
}
}

15
pkg/middleware/middleware_basic_auth_test.go
View File

@ -10,7 +10,6 @@ import (
"github.com/grafana/grafana/pkg/services/login/logintest"
"github.com/grafana/grafana/pkg/services/org"
"github.com/grafana/grafana/pkg/services/user"
"github.com/grafana/grafana/pkg/services/user/usertest"
"github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/util"
"github.com/stretchr/testify/assert"
@ -37,7 +36,7 @@ func TestMiddlewareBasicAuth(t *testing.T) {
assert.Equal(t, 200, sc.resp.Code)
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, orgID, sc.context.OrgID)
assert.Equal(t, org.RoleEditor, sc.context.OrgRole)
}, configure)
@ -45,14 +44,14 @@ func TestMiddlewareBasicAuth(t *testing.T) {
const password = "MyPass"
const orgID int64 = 2
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: orgID, UserId: id}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: orgID, UserID: id}
authHeader := util.GetBasicAuthHeader("myUser", password)
sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, id, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgID)
assert.Equal(t, id, sc.context.UserID)
}, configure)
middlewareScenario(t, "Auth sequence", func(t *testing.T, sc *scenarioContext) {
@ -63,15 +62,15 @@ func TestMiddlewareBasicAuth(t *testing.T) {
require.NoError(t, err)
sc.mockSQLStore.ExpectedUser = &user.User{Password: encoded, ID: id, Salt: salt}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserId: id}
login.ProvideService(sc.mockSQLStore, &logintest.LoginServiceFake{}, usertest.NewUserServiceFake())
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserID: id}
login.ProvideService(sc.mockSQLStore, &logintest.LoginServiceFake{}, sc.userService)
authHeader := util.GetBasicAuthHeader("myUser", password)
sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
require.NotNil(t, sc.context)
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, id, sc.context.UserId)
assert.Equal(t, id, sc.context.UserID)
}, configure)
middlewareScenario(t, "Should return error if user is not found", func(t *testing.T, sc *scenarioContext) {

18
pkg/middleware/middleware_jwt_auth_test.go
View File

@ -46,14 +46,14 @@ func TestMiddlewareJWTAuth(t *testing.T) {
"foo-username": myUsername,
}, nil
}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserId: id, OrgId: orgID, Login: myUsername}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserID: id, OrgID: orgID, Login: myUsername}
sc.fakeReq("GET", "/").withJWTAuthHeader(token).exec()
assert.Equal(t, verifiedToken, token)
assert.Equal(t, 200, sc.resp.Code)
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, id, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgID)
assert.Equal(t, id, sc.context.UserID)
assert.Equal(t, myUsername, sc.context.Login)
}, configure, configureUsernameClaim)
@ -67,14 +67,14 @@ func TestMiddlewareJWTAuth(t *testing.T) {
"foo-email": myEmail,
}, nil
}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserId: id, OrgId: orgID, Email: myEmail}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserID: id, OrgID: orgID, Email: myEmail}
sc.fakeReq("GET", "/").withJWTAuthHeader(token).exec()
assert.Equal(t, verifiedToken, token)
assert.Equal(t, 200, sc.resp.Code)
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, id, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgID)
assert.Equal(t, id, sc.context.UserID)
assert.Equal(t, myEmail, sc.context.Email)
}, configure, configureEmailClaim)
@ -108,14 +108,14 @@ func TestMiddlewareJWTAuth(t *testing.T) {
"foo-email": myEmail,
}, nil
}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserId: id, OrgId: orgID, Email: myEmail}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserID: id, OrgID: orgID, Email: myEmail}
sc.fakeReq("GET", "/").withJWTAuthHeader(token).exec()
assert.Equal(t, verifiedToken, token)
assert.Equal(t, 200, sc.resp.Code)
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, id, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgID)
assert.Equal(t, id, sc.context.UserID)
assert.Equal(t, myEmail, sc.context.Email)
}, configure, configureEmailClaim, configureAutoSignUp)

59
pkg/middleware/middleware_test.go
View File

@ -161,7 +161,7 @@ func TestMiddlewareContext(t *testing.T) {
require.Equal(t, 200, sc.resp.Code)
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, orgID, sc.context.OrgID)
assert.Equal(t, org.RoleEditor, sc.context.OrgRole)
})
@ -195,7 +195,7 @@ func TestMiddlewareContext(t *testing.T) {
const userID int64 = 12
sc.withTokenSessionCookie("token")
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: 2, UserId: userID}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: 2, UserID: userID}
sc.userAuthTokenService.LookupTokenProvider = func(ctx context.Context, unhashedToken string) (*models.UserToken, error) {
return &models.UserToken{
@ -209,7 +209,7 @@ func TestMiddlewareContext(t *testing.T) {
require.NotNil(t, sc.context)
require.NotNil(t, sc.context.UserToken)
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, userID, sc.context.UserToken.UserId)
assert.Equal(t, "token", sc.context.UserToken.UnhashedToken)
assert.Empty(t, sc.resp.Header().Get("Set-Cookie"))
@ -219,7 +219,7 @@ func TestMiddlewareContext(t *testing.T) {
const userID int64 = 12
sc.withTokenSessionCookie("token")
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: 2, UserId: userID}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: 2, UserID: userID}
sc.userAuthTokenService.LookupTokenProvider = func(ctx context.Context, unhashedToken string) (*models.UserToken, error) {
return &models.UserToken{
@ -266,7 +266,7 @@ func TestMiddlewareContext(t *testing.T) {
sc.fakeReq("GET", "/").exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, userID, sc.context.UserToken.UserId)
assert.Equal(t, "rotated", sc.context.UserToken.UnhashedToken)
assert.Equal(t, expectedCookie.String(), sc.resp.Header().Get("Set-Cookie"))
@ -311,7 +311,7 @@ func TestMiddlewareContext(t *testing.T) {
sc.fakeReq("GET", "/").exec()
assert.False(t, sc.context.IsSignedIn)
assert.Equal(t, int64(0), sc.context.UserId)
assert.Equal(t, int64(0), sc.context.UserID)
assert.Nil(t, sc.context.UserToken)
})
@ -321,8 +321,8 @@ func TestMiddlewareContext(t *testing.T) {
require.NoError(t, err)
sc.fakeReq("GET", "/").exec()
assert.Equal(t, int64(0), sc.context.UserId)
assert.Equal(t, orga.Id, sc.context.OrgId)
assert.Equal(t, int64(0), sc.context.UserID)
assert.Equal(t, orga.Id, sc.context.OrgID)
assert.Equal(t, org.RoleEditor, sc.context.OrgRole)
assert.False(t, sc.context.IsSignedIn)
}, func(cfg *setting.Cfg) {
@ -350,7 +350,7 @@ func TestMiddlewareContext(t *testing.T) {
const group = "grafana-core-team"
middlewareScenario(t, "Should not sync the user if it's in the cache", func(t *testing.T, sc *scenarioContext) {
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: orgID, UserId: userID}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: orgID, UserID: userID}
h, err := authproxy.HashCacheKey(hdrName + "-" + group)
require.NoError(t, err)
@ -364,8 +364,8 @@ func TestMiddlewareContext(t *testing.T) {
sc.exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, orgID, sc.context.OrgID)
}, configure)
middlewareScenario(t, "Should respect auto signup option", func(t *testing.T, sc *scenarioContext) {
@ -390,7 +390,7 @@ func TestMiddlewareContext(t *testing.T) {
})
middlewareScenario(t, "Should create an user from a header", func(t *testing.T, sc *scenarioContext) {
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: orgID, UserId: userID}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: orgID, UserID: userID}
sc.loginService.ExpectedUser = &user.User{ID: userID}
sc.fakeReq("GET", "/")
@ -398,8 +398,8 @@ func TestMiddlewareContext(t *testing.T) {
sc.exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, orgID, sc.context.OrgID)
}, func(cfg *setting.Cfg) {
configure(cfg)
cfg.LDAPEnabled = false
@ -410,7 +410,7 @@ func TestMiddlewareContext(t *testing.T) {
var storedRoleInfo map[int64]org.RoleType = nil
sc.loginService.ExpectedUserFunc = func(cmd *models.UpsertUserCommand) *user.User {
storedRoleInfo = cmd.ExternalUser.OrgRoles
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: defaultOrgId, UserId: userID, OrgRole: storedRoleInfo[defaultOrgId]}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: defaultOrgId, UserID: userID, OrgRole: storedRoleInfo[defaultOrgId]}
return &user.User{ID: userID}
}
@ -420,8 +420,8 @@ func TestMiddlewareContext(t *testing.T) {
sc.exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, defaultOrgId, sc.context.OrgId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, defaultOrgId, sc.context.OrgID)
assert.Equal(t, orgRole, string(sc.context.OrgRole))
}, func(cfg *setting.Cfg) {
configure(cfg)
@ -433,7 +433,7 @@ func TestMiddlewareContext(t *testing.T) {
var storedRoleInfo map[int64]org.RoleType = nil
sc.loginService.ExpectedUserFunc = func(cmd *models.UpsertUserCommand) *user.User {
storedRoleInfo = cmd.ExternalUser.OrgRoles
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: orgID, UserId: userID, OrgRole: storedRoleInfo[orgID]}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: orgID, UserID: userID, OrgRole: storedRoleInfo[orgID]}
return &user.User{ID: userID}
}
@ -444,8 +444,8 @@ func TestMiddlewareContext(t *testing.T) {
sc.exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, orgID, sc.context.OrgID)
// For non-default org, the user role should be empty
assert.Equal(t, "", string(sc.context.OrgRole))
@ -457,7 +457,7 @@ func TestMiddlewareContext(t *testing.T) {
middlewareScenario(t, "Should use organisation specified by targetOrgId parameter", func(t *testing.T, sc *scenarioContext) {
var targetOrgID int64 = 123
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: targetOrgID, UserId: userID}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: targetOrgID, UserID: userID}
sc.loginService.ExpectedUser = &user.User{ID: userID}
sc.fakeReq("GET", fmt.Sprintf("/?targetOrgId=%d", targetOrgID))
@ -465,8 +465,8 @@ func TestMiddlewareContext(t *testing.T) {
sc.exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, targetOrgID, sc.context.OrgId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, targetOrgID, sc.context.OrgID)
}, func(cfg *setting.Cfg) {
configure(cfg)
cfg.LDAPEnabled = false
@ -531,7 +531,7 @@ func TestMiddlewareContext(t *testing.T) {
const userID int64 = 12
const orgID int64 = 2
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: orgID, UserId: userID}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: orgID, UserID: userID}
sc.loginService.ExpectedUser = &user.User{ID: userID}
sc.fakeReq("GET", "/")
@ -539,15 +539,15 @@ func TestMiddlewareContext(t *testing.T) {
sc.exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, orgID, sc.context.OrgID)
}, func(cfg *setting.Cfg) {
configure(cfg)
cfg.LDAPEnabled = false
})
middlewareScenario(t, "Should allow the request from whitelist IP", func(t *testing.T, sc *scenarioContext) {
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: orgID, UserId: userID}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: orgID, UserID: userID}
sc.loginService.ExpectedUser = &user.User{ID: userID}
sc.fakeReq("GET", "/")
@ -556,8 +556,8 @@ func TestMiddlewareContext(t *testing.T) {
sc.exec()
assert.True(t, sc.context.IsSignedIn)
assert.Equal(t, userID, sc.context.UserId)
assert.Equal(t, orgID, sc.context.OrgId)
assert.Equal(t, userID, sc.context.UserID)
assert.Equal(t, orgID, sc.context.OrgID)
}, func(cfg *setting.Cfg) {
configure(cfg)
cfg.AuthProxyWhitelist = "192.168.1.0/24, 2001::0/120"
@ -636,6 +636,7 @@ func middlewareScenario(t *testing.T, desc string, fn scenarioFunc, cbs ...func(
sc.sqlStore = ctxHdlr.SQLStore
sc.contextHandler = ctxHdlr
sc.m.Use(ctxHdlr.Middleware)
sc.userService = usertest.NewUserServiceFake()
sc.m.Use(OrgRedirect(sc.cfg, sc.mockSQLStore))
sc.userAuthTokenService = ctxHdlr.AuthTokenService.(*auth.FakeUserAuthTokenService)

4
pkg/middleware/org_redirect.go
View File

@ -29,11 +29,11 @@ func OrgRedirect(cfg *setting.Cfg, store sqlstore.Store) web.Handler {
return
}
if orgId == ctx.OrgId {
if orgId == ctx.OrgID {
return
}
cmd := models.SetUsingOrgCommand{UserId: ctx.UserId, OrgId: orgId}
cmd := models.SetUsingOrgCommand{UserId: ctx.UserID, OrgId: orgId}
if err := store.SetUsingOrg(ctx.Req.Context(), &cmd); err != nil {
if ctx.IsApiRequest() {
ctx.JsonApiErr(404, "Not found", nil)

4
pkg/middleware/org_redirect_test.go
View File

@ -46,7 +46,7 @@ func TestOrgRedirectMiddleware(t *testing.T) {
for _, tc := range testCases {
middlewareScenario(t, tc.desc, func(t *testing.T, sc *scenarioContext) {
sc.withTokenSessionCookie("token")
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: 1, UserId: 12}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: 1, UserID: 12}
sc.userAuthTokenService.LookupTokenProvider = func(ctx context.Context, unhashedToken string) (*models.UserToken, error) {
return &models.UserToken{
UserId: 0,
@ -65,7 +65,7 @@ func TestOrgRedirectMiddleware(t *testing.T) {
middlewareScenario(t, "when setting an invalid org for user", func(t *testing.T, sc *scenarioContext) {
sc.withTokenSessionCookie("token")
sc.mockSQLStore.ExpectedSetUsingOrgError = fmt.Errorf("")
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgId: 1, UserId: 12}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{OrgID: 1, UserID: 12}
sc.userAuthTokenService.LookupTokenProvider = func(ctx context.Context, unhashedToken string) (*models.UserToken, error) {
return &models.UserToken{

2
pkg/middleware/quota_test.go
View File

@ -61,7 +61,7 @@ func TestMiddlewareQuota(t *testing.T) {
const quotaUsed = 4
setUp := func(sc *scenarioContext) {
sc.withTokenSessionCookie("token")
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserId: 12}
sc.mockSQLStore.ExpectedSignedInUser = &user.SignedInUser{UserID: 12}
sc.userAuthTokenService.LookupTokenProvider = func(ctx context.Context, unhashedToken string) (*models.UserToken, error) {
return &models.UserToken{
UserId: 12,

3
pkg/middleware/testing.go
View File

@ -14,6 +14,7 @@ import (
"github.com/grafana/grafana/pkg/services/login/loginservice"
"github.com/grafana/grafana/pkg/services/sqlstore"
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
"github.com/grafana/grafana/pkg/services/user/usertest"
"github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/web"
"github.com/stretchr/testify/require"
@ -41,6 +42,7 @@ type scenarioContext struct {
contextHandler *contexthandler.ContextHandler
loginService *loginservice.LoginServiceMock
apiKeyService *apikeytest.Service
userService *usertest.FakeUserService
req *http.Request
}
@ -119,7 +121,6 @@ func (sc *scenarioContext) exec() {
Value: sc.tokenSessionCookie,
})
}
sc.m.ServeHTTP(sc.resp, sc.req)
if sc.resp.Header().Get("Content-Type") == "application/json; charset=UTF-8" {

6
pkg/plugins/plugincontext/plugincontext.go
View File

@ -95,7 +95,7 @@ func (p *Provider) pluginContext(ctx context.Context, pluginID string, user *use
}
return backend.PluginContext{
OrgID: user.OrgId,
OrgID: user.OrgID,
PluginID: plugin.ID,
User: adapters.BackendUserFromSignedInUser(user),
AppInstanceSettings: &backend.AppInstanceSettings{
@ -111,14 +111,14 @@ func (p *Provider) getCachedPluginSettings(ctx context.Context, pluginID string,
if cached, found := p.cacheService.Get(cacheKey); found {
ps := cached.(*pluginsettings.DTO)
if ps.OrgID == user.OrgId {
if ps.OrgID == user.OrgID {
return ps, nil
}
}
ps, err := p.pluginSettingsService.GetPluginSettingByPluginID(ctx, &pluginsettings.GetByPluginIDArgs{
PluginID: pluginID,
OrgID: user.OrgId,
OrgID: user.OrgID,
})
if err != nil {
return nil, err

2
pkg/services/accesscontrol/accesscontrol.go
View File

@ -103,7 +103,7 @@ func HasGlobalAccess(ac AccessControl, c *models.ReqContext) func(fallback func(
}
userCopy := *c.SignedInUser
userCopy.OrgId = GlobalOrgID
userCopy.OrgID = GlobalOrgID
userCopy.OrgRole = ""
userCopy.OrgName = ""
hasAccess, err := ac.Evaluate(c.Req.Context(), &userCopy, evaluator)

2
pkg/services/accesscontrol/database/resource_permissions_bench_test.go
View File

@ -57,7 +57,7 @@ func getDSPermissions(b *testing.B, store *AccessControlStore, dataSources []int
dsId := dataSources[0]
permissions, err := store.GetResourcePermissions(context.Background(), accesscontrol.GlobalOrgID, types.GetResourcePermissionsQuery{
User: &user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{1: {"org.users:read": {"users:*"}, "teams:read": {"teams:*"}}}},
User: &user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{1: {"org.users:read": {"users:*"}, "teams:read": {"teams:*"}}}},
Actions: []string{dsAction},
Resource: dsResource,
ResourceID: strconv.Itoa(int(dsId)),

8
pkg/services/accesscontrol/database/resource_permissions_test.go
View File

@ -351,7 +351,7 @@ func TestAccessControlStore_GetResourcePermissions(t *testing.T) {
{
desc: "should return permissions for resource id",
user: &user.SignedInUser{
OrgId: 1,
OrgID: 1,
Permissions: map[int64]map[string][]string{
1: {accesscontrol.ActionOrgUsersRead: {accesscontrol.ScopeUsersAll}},
}},
@ -364,7 +364,7 @@ func TestAccessControlStore_GetResourcePermissions(t *testing.T) {
{
desc: "should return manage permissions for all resource ids",
user: &user.SignedInUser{
OrgId: 1,
OrgID: 1,
Permissions: map[int64]map[string][]string{
1: {accesscontrol.ActionOrgUsersRead: {accesscontrol.ScopeUsersAll}},
}},
@ -383,7 +383,7 @@ func TestAccessControlStore_GetResourcePermissions(t *testing.T) {
err := sql.WithDbSession(context.Background(), func(sess *sqlstore.DBSession) error {
role := &accesscontrol.Role{
OrgID: test.user.OrgId,
OrgID: test.user.OrgID,
UID: "seeded",
Name: "seeded",
Updated: time.Now(),
@ -418,7 +418,7 @@ func TestAccessControlStore_GetResourcePermissions(t *testing.T) {
seedResourcePermissions(t, store, sql, test.actions, test.resource, test.resourceID, test.resourceAttribute, test.numUsers)
permissions, err := store.GetResourcePermissions(context.Background(), test.user.OrgId, types.GetResourcePermissionsQuery{
permissions, err := store.GetResourcePermissions(context.Background(), test.user.OrgID, types.GetResourcePermissionsQuery{
User: test.user,
Actions: test.actions,
Resource: test.resource,

4
pkg/services/accesscontrol/filter.go
View File

@ -37,14 +37,14 @@ func Filter(user *user.SignedInUser, sqlID, prefix string, actions ...string) (S
if _, ok := sqlIDAcceptList[sqlID]; !ok {
return denyQuery, errors.New("sqlID is not in the accept list")
}
if user == nil || user.Permissions == nil || user.Permissions[user.OrgId] == nil {
if user == nil || user.Permissions == nil || user.Permissions[user.OrgID] == nil {
return denyQuery, errors.New("missing permissions")
}
wildcards := 0
result := make(map[interface{}]int)
for _, a := range actions {
ids, hasWildcard := ParseScopes(prefix, user.Permissions[user.OrgId][a])
ids, hasWildcard := ParseScopes(prefix, user.Permissions[user.OrgID][a])
if hasWildcard {
wildcards += 1
continue

2
pkg/services/accesscontrol/filter_bench_test.go
View File

@ -33,7 +33,7 @@ func benchmarkFilter(b *testing.B, numDs, numPermissions int) {
for i := 0; i < b.N; i++ {
baseSql := `SELECT data_source.* FROM data_source WHERE`
acFilter, err := accesscontrol.Filter(
&user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(permissions)}},
&user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(permissions)}},
"data_source.id",
"datasources:id:",
"datasources:read",

2
pkg/services/accesscontrol/filter_test.go
View File

@ -178,7 +178,7 @@ func TestFilter_Datasources(t *testing.T) {
baseSql := `SELECT data_source.* FROM data_source WHERE`
acFilter, err := accesscontrol.Filter(
&user.SignedInUser{
OrgId: 1,
OrgID: 1,
Permissions: map[int64]map[string][]string{1: tt.permissions},
},
tt.sqlID,

15
pkg/services/accesscontrol/middleware.go
View File

@ -28,7 +28,7 @@ func Middleware(ac AccessControl) func(web.Handler, Evaluator) web.Handler {
func authorize(c *models.ReqContext, ac AccessControl, user *user.SignedInUser, evaluator Evaluator) {
injected, err := evaluator.MutateScopes(c.Req.Context(), ScopeInjector(ScopeParams{
OrgID: c.OrgId,
OrgID: c.OrgID,
URLParams: web.Params(c.Req),
}))
if err != nil {
@ -50,7 +50,7 @@ func deny(c *models.ReqContext, evaluator Evaluator, err error) {
} else {
c.Logger.Info(
"Access denied",
"userID", c.UserId,
"userID", c.UserID,
"accessErrorID", id,
"permissions", evaluator.GoString(),
)
@ -110,16 +110,17 @@ func AuthorizeInOrgMiddleware(ac AccessControl, cache userCache) func(web.Handle
return
}
if orgID == GlobalOrgID {
userCopy.OrgId = orgID
userCopy.OrgID = orgID
userCopy.OrgName = ""
userCopy.OrgRole = ""
} else {
query := models.GetSignedInUserQuery{UserId: c.UserId, OrgId: orgID}
if err := cache.GetSignedInUserWithCacheCtx(c.Req.Context(), &query); err != nil {
query := models.GetSignedInUserQuery{UserId: c.UserID, OrgId: orgID}
err := cache.GetSignedInUserWithCacheCtx(c.Req.Context(), &query)
if err != nil {
deny(c, nil, fmt.Errorf("failed to authenticate user in target org: %w", err))
return
}
userCopy.OrgId = query.Result.OrgId
userCopy.OrgID = query.Result.OrgID
userCopy.OrgName = query.Result.OrgName
userCopy.OrgRole = query.Result.OrgRole
}
@ -163,6 +164,6 @@ func LoadPermissionsMiddleware(ac AccessControl) web.Handler {
if c.SignedInUser.Permissions == nil {
c.SignedInUser.Permissions = make(map[int64]map[string][]string)
}
c.SignedInUser.Permissions[c.OrgId] = GroupScopesByAction(permissions)
c.SignedInUser.Permissions[c.OrgID] = GroupScopesByAction(permissions)
}
}

14
pkg/services/accesscontrol/mock/mock.go
View File

@ -84,27 +84,27 @@ func (m Mock) WithBuiltInRoles(builtInRoles []string) *Mock {
// Evaluate evaluates access to the given resource.
// This mock uses GetUserPermissions to then call the evaluator Evaluate function.
func (m *Mock) Evaluate(ctx context.Context, user *user.SignedInUser, evaluator accesscontrol.Evaluator) (bool, error) {
m.Calls.Evaluate = append(m.Calls.Evaluate, []interface{}{ctx, user, evaluator})
func (m *Mock) Evaluate(ctx context.Context, usr *user.SignedInUser, evaluator accesscontrol.Evaluator) (bool, error) {
m.Calls.Evaluate = append(m.Calls.Evaluate, []interface{}{ctx, usr, evaluator})
// Use override if provided
if m.EvaluateFunc != nil {
return m.EvaluateFunc(ctx, user, evaluator)
return m.EvaluateFunc(ctx, usr, evaluator)
}
var permissions map[string][]string
if user.Permissions != nil && user.Permissions[user.OrgId] != nil {
permissions = user.Permissions[user.OrgId]
if usr.Permissions != nil && usr.Permissions[usr.OrgID] != nil {
permissions = usr.Permissions[usr.OrgID]
}
if permissions == nil {
userPermissions, err := m.GetUserPermissions(ctx, user, accesscontrol.Options{ReloadCache: true})
userPermissions, err := m.GetUserPermissions(ctx, usr, accesscontrol.Options{ReloadCache: true})
if err != nil {
return false, err
}
permissions = accesscontrol.GroupScopesByAction(userPermissions)
}
attributeMutator := m.scopeResolvers.GetScopeAttributeMutator(user.OrgId)
attributeMutator := m.scopeResolvers.GetScopeAttributeMutator(usr.OrgID)
resolvedEvaluator, err := evaluator.MutateScopes(ctx, attributeMutator)
if err != nil {
return false, err

12
pkg/services/accesscontrol/ossaccesscontrol/ossaccesscontrol.go
View File

@ -86,20 +86,20 @@ func (ac *OSSAccessControlService) Evaluate(ctx context.Context, user *user.Sign
user.Permissions = map[int64]map[string][]string{}
}
if _, ok := user.Permissions[user.OrgId]; !ok {
if _, ok := user.Permissions[user.OrgID]; !ok {
permissions, err := ac.GetUserPermissions(ctx, user, accesscontrol.Options{ReloadCache: true})
if err != nil {
return false, err
}
user.Permissions[user.OrgId] = accesscontrol.GroupScopesByAction(permissions)
user.Permissions[user.OrgID] = accesscontrol.GroupScopesByAction(permissions)
}
attributeMutator := ac.scopeResolvers.GetScopeAttributeMutator(user.OrgId)
attributeMutator := ac.scopeResolvers.GetScopeAttributeMutator(user.OrgID)
resolvedEvaluator, err := evaluator.MutateScopes(ctx, attributeMutator)
if err != nil {
return false, err
}
return resolvedEvaluator.Evaluate(user.Permissions[user.OrgId]), nil
return resolvedEvaluator.Evaluate(user.Permissions[user.OrgID]), nil
}
// GetUserPermissions returns user permissions based on built-in roles
@ -110,8 +110,8 @@ func (ac *OSSAccessControlService) GetUserPermissions(ctx context.Context, user
permissions := ac.getFixedPermissions(ctx, user)
dbPermissions, err := ac.store.GetUserPermissions(ctx, accesscontrol.GetUserPermissionsQuery{
OrgID: user.OrgId,
UserID: user.UserId,
OrgID: user.OrgID,
UserID: user.UserID,
Roles: accesscontrol.GetOrgRoles(ac.cfg, user),
Actions: append(TeamAdminActions, append(DashboardAdminActions, FolderAdminActions...)...),
})

12
pkg/services/accesscontrol/ossaccesscontrol/ossaccesscontrol_test.go
View File

@ -102,8 +102,8 @@ func TestEvaluatingPermissions(t *testing.T) {
require.NoError(t, errRegisterRoles)
user := &user.SignedInUser{
UserId: 1,
OrgId: 1,
UserID: 1,
OrgID: 1,
Name: tc.user.name,
OrgRole: tc.user.orgRole,
IsGrafanaAdmin: tc.user.isGrafanaAdmin,
@ -360,8 +360,8 @@ func TestOSSAccessControlService_RegisterFixedRoles(t *testing.T) {
func TestOSSAccessControlService_GetUserPermissions(t *testing.T) {
testUser := user.SignedInUser{
UserId: 2,
OrgId: 3,
UserID: 2,
OrgID: 3,
OrgName: "TestOrg",
OrgRole: org.RoleViewer,
Login: "testUser",
@ -422,8 +422,8 @@ func TestOSSAccessControlService_GetUserPermissions(t *testing.T) {
func TestOSSAccessControlService_Evaluate(t *testing.T) {
testUser := user.SignedInUser{
UserId: 2,
OrgId: 3,
UserID: 2,
OrgID: 3,
OrgName: "TestOrg",
OrgRole: org.RoleViewer,
Login: "testUser",

2
pkg/services/accesscontrol/resolvers.go
View File

@ -136,5 +136,5 @@ func ScopeInjector(params ScopeParams) ScopeAttributeMutator {
}
var userSelfResolver = ScopeKeywordResolverFunc(func(ctx context.Context, user *user.SignedInUser) (string, error) {
return Scope("users", "id", fmt.Sprintf("%v", user.UserId)), nil
return Scope("users", "id", fmt.Sprintf("%v", user.UserID)), nil
})

4
pkg/services/accesscontrol/resolvers_test.go
View File

@ -52,8 +52,8 @@ func TestResolveKeywordScope(t *testing.T) {
}
var testUser = &user.SignedInUser{
UserId: 2,
OrgId: 3,
UserID: 2,
OrgID: 3,
OrgName: "TestOrg",
OrgRole: org.RoleViewer,
Login: "testUser",

6
pkg/services/accesscontrol/resourcepermissions/api.go
View File

@ -146,7 +146,7 @@ func (a *api) setUserPermission(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
_, err = a.service.SetUserPermission(c.Req.Context(), c.OrgId, accesscontrol.User{ID: userID}, resourceID, cmd.Permission)
_, err = a.service.SetUserPermission(c.Req.Context(), c.OrgID, accesscontrol.User{ID: userID}, resourceID, cmd.Permission)
if err != nil {
return response.Error(http.StatusBadRequest, "failed to set user permission", err)
}
@ -166,7 +166,7 @@ func (a *api) setTeamPermission(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
_, err = a.service.SetTeamPermission(c.Req.Context(), c.OrgId, teamID, resourceID, cmd.Permission)
_, err = a.service.SetTeamPermission(c.Req.Context(), c.OrgID, teamID, resourceID, cmd.Permission)
if err != nil {
return response.Error(http.StatusBadRequest, "failed to set team permission", err)
}
@ -183,7 +183,7 @@ func (a *api) setBuiltinRolePermission(c *models.ReqContext) response.Response {
return response.Error(http.StatusBadRequest, "bad request data", err)
}
_, err := a.service.SetBuiltInRolePermission(c.Req.Context(), c.OrgId, builtInRole, resourceID, cmd.Permission)
_, err := a.service.SetBuiltInRolePermission(c.Req.Context(), c.OrgID, builtInRole, resourceID, cmd.Permission)
if err != nil {
return response.Error(http.StatusBadRequest, "failed to set role permission", err)
}

10
pkg/services/accesscontrol/resourcepermissions/api_test.go
View File

@ -113,7 +113,7 @@ func TestApi_getDescription(t *testing.T) {
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
service, _ := setupTestEnvironment(t, tt.permissions, tt.options)
server := setupTestServer(t, &user.SignedInUser{OrgId: 1}, service)
server := setupTestServer(t, &user.SignedInUser{OrgID: 1}, service)
req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("/api/access-control/%s/description", tt.options.Resource), nil)
require.NoError(t, err)
@ -160,7 +160,7 @@ func TestApi_getPermissions(t *testing.T) {
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
service, sql := setupTestEnvironment(t, tt.permissions, testOptions)
server := setupTestServer(t, &user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(tt.permissions)}}, service)
server := setupTestServer(t, &user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(tt.permissions)}}, service)
seedPermissions(t, tt.resourceID, sql, service)
@ -237,7 +237,7 @@ func TestApi_setBuiltinRolePermission(t *testing.T) {
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
service, _ := setupTestEnvironment(t, tt.permissions, testOptions)
server := setupTestServer(t, &user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(tt.permissions)}}, service)
server := setupTestServer(t, &user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(tt.permissions)}}, service)
recorder := setPermission(t, server, testOptions.Resource, tt.resourceID, tt.permission, "builtInRoles", tt.builtInRole)
assert.Equal(t, tt.expectedStatus, recorder.Code)
@ -315,7 +315,7 @@ func TestApi_setTeamPermission(t *testing.T) {
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
service, sql := setupTestEnvironment(t, tt.permissions, testOptions)
server := setupTestServer(t, &user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(tt.permissions)}}, service)
server := setupTestServer(t, &user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(tt.permissions)}}, service)
// seed team
_, err := sql.CreateTeam("test", "test@test.com", 1)
@ -398,7 +398,7 @@ func TestApi_setUserPermission(t *testing.T) {
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
service, sql := setupTestEnvironment(t, tt.permissions, testOptions)
server := setupTestServer(t, &user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(tt.permissions)}}, service)
server := setupTestServer(t, &user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{1: accesscontrol.GroupScopesByAction(tt.permissions)}}, service)
// seed user
_, err := sql.CreateUser(context.Background(), user.CreateUserCommand{Login: "test", OrgID: 1})

2
pkg/services/accesscontrol/resourcepermissions/middleware.go
View File

@ -15,7 +15,7 @@ func solveInheritedScopes(solve InheritedScopesSolver) web.Handler {
return func(c *models.ReqContext) {
if solve != nil && util.IsValidShortUID(web.Params(c.Req)[":resourceID"]) {
params := web.Params(c.Req)
scopes, err := solve(c.Req.Context(), c.OrgId, params[":resourceID"])
scopes, err := solve(c.Req.Context(), c.OrgID, params[":resourceID"])
if err != nil {
c.JsonApiErr(http.StatusNotFound, "Resource not found", err)
return

4
pkg/services/accesscontrol/resourcepermissions/service.go
View File

@ -111,13 +111,13 @@ func (s *Service) GetPermissions(ctx context.Context, user *user.SignedInUser, r
var inheritedScopes []string
if s.options.InheritedScopesSolver != nil {
var err error
inheritedScopes, err = s.options.InheritedScopesSolver(ctx, user.OrgId, resourceID)
inheritedScopes, err = s.options.InheritedScopesSolver(ctx, user.OrgID, resourceID)
if err != nil {
return nil, err
}
}
return s.store.GetResourcePermissions(ctx, user.OrgId, types.GetResourcePermissionsQuery{
return s.store.GetResourcePermissions(ctx, user.OrgID, types.GetResourcePermissionsQuery{
User: user,
Actions: s.actions,
Resource: s.options.Resource,

2
pkg/services/alerting/store_test.go
View File

@ -154,7 +154,7 @@ func TestIntegrationAlertingDataAccess(t *testing.T) {
t.Run("Viewer can read alerts", func(t *testing.T) {
setup(t)
viewerUser := &user.SignedInUser{OrgRole: org.RoleViewer, OrgId: 1}
viewerUser := &user.SignedInUser{OrgRole: org.RoleViewer, OrgID: 1}
alertQuery := models.GetAlertsQuery{DashboardIDs: []int64{testDash.Id}, PanelId: 1, OrgId: 1, User: viewerUser}
err2 := store.HandleAlertsQuery(context.Background(), &alertQuery)

8
pkg/services/apikey/apikeyimpl/store_test.go
View File

@ -142,7 +142,7 @@ func TestIntegrationApiKeyDataAccess(t *testing.T) {
timeNow()
testUser := &user.SignedInUser{
OrgId: 1,
OrgID: 1,
Permissions: map[int64]map[string][]string{
1: {accesscontrol.ActionAPIKeyRead: []string{accesscontrol.ScopeAPIKeysAll}},
},
@ -219,21 +219,21 @@ func TestIntegrationSQLStore_GetAPIKeys(t *testing.T) {
tests := []getApiKeysTestCase{
{
desc: "expect all keys for wildcard scope",
user: &user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{
user: &user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{
1: {"apikeys:read": {"apikeys:*"}},
}},
expectedNumKeys: 10,
},
{
desc: "expect only api keys that user have scopes for",
user: &user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{
user: &user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{
1: {"apikeys:read": {"apikeys:id:1", "apikeys:id:3"}},
}},
expectedNumKeys: 2,
},
{
desc: "expect no keys when user have no scopes",
user: &user.SignedInUser{OrgId: 1, Permissions: map[int64]map[string][]string{
user: &user.SignedInUser{OrgID: 1, Permissions: map[int64]map[string][]string{
1: {"apikeys:read": {}},
}},
expectedNumKeys: 0,

8
pkg/services/comments/handlers.go
View File

@ -97,9 +97,9 @@ func (s *Service) Create(ctx context.Context, orgID int64, signedInUser *user.Si
}
userMap := make(map[int64]*commentmodel.CommentUser, 1)
if signedInUser.UserId > 0 {
userMap[signedInUser.UserId] = &commentmodel.CommentUser{
Id: signedInUser.UserId,
if signedInUser.UserID > 0 {
userMap[signedInUser.UserID] = &commentmodel.CommentUser{
Id: signedInUser.UserID,
Name: signedInUser.Name,
Login: signedInUser.Login,
Email: signedInUser.Email,
@ -107,7 +107,7 @@ func (s *Service) Create(ctx context.Context, orgID int64, signedInUser *user.Si
}
}
m, err := s.storage.Create(ctx, orgID, cmd.ObjectType, cmd.ObjectID, signedInUser.UserId, cmd.Content)
m, err := s.storage.Create(ctx, orgID, cmd.ObjectType, cmd.ObjectID, signedInUser.UserID, cmd.Content)
if err != nil {
return nil, err
}

3
pkg/services/contexthandler/auth_jwt.go
View File

@ -83,7 +83,8 @@ func (h *ContextHandler) initContextWithJWT(ctx *models.ReqContext, orgId int64)
}
}
if err := h.SQLStore.GetSignedInUserWithCacheCtx(ctx.Req.Context(), &query); err != nil {
err = h.SQLStore.GetSignedInUserWithCacheCtx(ctx.Req.Context(), &query)
if err != nil {
if errors.Is(err, user.ErrUserNotFound) {
ctx.Logger.Debug(
"Failed to find user using JWT claims",

6
pkg/services/contexthandler/auth_proxy_test.go
View File

@ -52,7 +52,7 @@ func TestInitContextWithAuthProxy_CachedInvalidUserID(t *testing.T) {
authEnabled := svc.initContextWithAuthProxy(ctx, orgID)
require.True(t, authEnabled)
require.Equal(t, userID, ctx.SignedInUser.UserId)
require.Equal(t, userID, ctx.SignedInUser.UserID)
require.True(t, ctx.IsSignedIn)
i, err := svc.RemoteCache.Get(context.Background(), key)
@ -100,8 +100,8 @@ func (f *FakeGetSignUserStore) GetSignedInUser(ctx context.Context, query *model
}
query.Result = &user.SignedInUser{
UserId: userID,
OrgId: orgID,
UserID: userID,
OrgID: orgID,
}
return nil
}

34
pkg/services/contexthandler/contexthandler.go
View File

@ -152,19 +152,19 @@ func (h *ContextHandler) Middleware(mContext *web.Context) {
case h.initContextWithAnonymousUser(reqContext):
}
reqContext.Logger = reqContext.Logger.New("userId", reqContext.UserId, "orgId", reqContext.OrgId, "uname", reqContext.Login)
reqContext.Logger = reqContext.Logger.New("userId", reqContext.UserID, "orgId", reqContext.OrgID, "uname", reqContext.Login)
span.AddEvents(
[]string{"uname", "orgId", "userId"},
[]tracing.EventValue{
{Str: reqContext.Login},
{Num: reqContext.OrgId},
{Num: reqContext.UserId}},
{Num: reqContext.OrgID},
{Num: reqContext.UserID}},
)
// update last seen every 5min
if reqContext.ShouldUpdateLastSeenAt() {
reqContext.Logger.Debug("Updating last user_seen_at", "user_id", reqContext.UserId)
if err := h.userService.UpdateLastSeenAt(mContext.Req.Context(), &user.UpdateUserLastSeenAtCommand{UserID: reqContext.UserId}); err != nil {
reqContext.Logger.Debug("Updating last user_seen_at", "user_id", reqContext.UserID)
if err := h.userService.UpdateLastSeenAt(mContext.Req.Context(), &user.UpdateUserLastSeenAtCommand{UserID: reqContext.UserID}); err != nil {
reqContext.Logger.Error("Failed to update last_seen_at", "error", err)
}
}
@ -188,7 +188,7 @@ func (h *ContextHandler) initContextWithAnonymousUser(reqContext *models.ReqCont
reqContext.AllowAnonymous = true
reqContext.SignedInUser = &user.SignedInUser{IsAnonymous: true}
reqContext.OrgRole = org.RoleType(h.Cfg.AnonymousOrgRole)
reqContext.OrgId = orga.Id
reqContext.OrgID = orga.Id
reqContext.OrgName = orga.Name
return true
}
@ -291,8 +291,8 @@ func (h *ContextHandler) initContextWithAPIKey(reqContext *models.ReqContext) bo
//Use the old APIkey method. This provides backwards compatibility.
reqContext.SignedInUser = &user.SignedInUser{}
reqContext.OrgRole = apikey.Role
reqContext.ApiKeyId = apikey.Id
reqContext.OrgId = apikey.OrgId
reqContext.ApiKeyID = apikey.Id
reqContext.OrgID = apikey.OrgId
reqContext.IsSignedIn = true
return true
}
@ -301,7 +301,8 @@ func (h *ContextHandler) initContextWithAPIKey(reqContext *models.ReqContext) bo
//Use service account linked to API key as the signed in user
querySignedInUser := models.GetSignedInUserQuery{UserId: *apikey.ServiceAccountId, OrgId: apikey.OrgId}
if err := h.SQLStore.GetSignedInUserWithCacheCtx(reqContext.Req.Context(), &querySignedInUser); err != nil {
err := h.SQLStore.GetSignedInUserWithCacheCtx(reqContext.Req.Context(), &querySignedInUser)
if err != nil {
reqContext.Logger.Error(
"Failed to link API key to service account in",
"id", querySignedInUser.UserId,
@ -365,7 +366,8 @@ func (h *ContextHandler) initContextWithBasicAuth(reqContext *models.ReqContext,
usr := authQuery.User
query := models.GetSignedInUserQuery{UserId: usr.ID, OrgId: orgID}
if err := h.SQLStore.GetSignedInUserWithCacheCtx(ctx, &query); err != nil {
err = h.SQLStore.GetSignedInUserWithCacheCtx(ctx, &query)
if err != nil {
reqContext.Logger.Error(
"Failed at user signed in",
"id", usr.ID,
@ -401,7 +403,8 @@ func (h *ContextHandler) initContextWithToken(reqContext *models.ReqContext, org
}
query := models.GetSignedInUserQuery{UserId: token.UserId, OrgId: orgID}
if err := h.SQLStore.GetSignedInUserWithCacheCtx(ctx, &query); err != nil {
err = h.SQLStore.GetSignedInUserWithCacheCtx(ctx, &query)
if err != nil {
reqContext.Logger.Error("Failed to get user with id", "userId", token.UserId, "error", err)
return false
}
@ -468,15 +471,16 @@ func (h *ContextHandler) initContextWithRenderAuth(reqContext *models.ReqContext
}
reqContext.SignedInUser = &user.SignedInUser{
OrgId: renderUser.OrgID,
UserId: renderUser.UserID,
OrgID: renderUser.OrgID,
UserID: renderUser.UserID,
OrgRole: org.RoleType(renderUser.OrgRole),
}
// UserID can be 0 for background tasks and, in this case, there is no user info to retrieve
if renderUser.UserID != 0 {
query := models.GetSignedInUserQuery{UserId: renderUser.UserID, OrgId: renderUser.OrgID}
if err := h.SQLStore.GetSignedInUserWithCacheCtx(ctx, &query); err == nil {
err := h.SQLStore.GetSignedInUserWithCacheCtx(ctx, &query)
if err == nil {
reqContext.SignedInUser = query.Result
}
}
@ -577,7 +581,7 @@ func (h *ContextHandler) initContextWithAuthProxy(reqContext *models.ReqContext,
}
}
logger.Debug("Successfully got user info", "userID", user.UserId, "username", user.Login)
logger.Debug("Successfully got user info", "userID", user.UserID, "username", user.Login)
// Add user info to context
reqContext.SignedInUser = user

6
pkg/services/correlations/api.go
View File

@ -42,7 +42,7 @@ func (s *CorrelationsService) createHandler(c *models.ReqContext) response.Respo
return response.Error(http.StatusBadRequest, "bad request data", err)
}
cmd.SourceUID = web.Params(c.Req)[":uid"]
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
correlation, err := s.CreateCorrelation(c.Req.Context(), cmd)
if err != nil {
@ -90,7 +90,7 @@ func (s *CorrelationsService) deleteHandler(c *models.ReqContext) response.Respo
cmd := DeleteCorrelationCommand{
UID: web.Params(c.Req)[":correlationUID"],
SourceUID: web.Params(c.Req)[":uid"],
OrgId: c.OrgId,
OrgId: c.OrgID,
}
err := s.DeleteCorrelation(c.Req.Context(), cmd)
@ -148,7 +148,7 @@ func (s *CorrelationsService) updateHandler(c *models.ReqContext) response.Respo
cmd.UID = web.Params(c.Req)[":correlationUID"]
cmd.SourceUID = web.Params(c.Req)[":uid"]
cmd.OrgId = c.OrgId
cmd.OrgId = c.OrgID
correlation, err := s.UpdateCorrelation(c.Req.Context(), cmd)
if err != nil {

10
pkg/services/dashboardimport/api/api_test.go
View File

@ -52,7 +52,7 @@ func TestImportDashboardAPI(t *testing.T) {
require.NoError(t, err)
req := s.NewPostRequest("/api/dashboards/import", bytes.NewReader(jsonBytes))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{
UserId: 1,
UserID: 1,
})
resp, err := s.SendJSON(req)
require.NoError(t, err)
@ -68,7 +68,7 @@ func TestImportDashboardAPI(t *testing.T) {
require.NoError(t, err)
req := s.NewPostRequest("/api/dashboards/import", bytes.NewReader(jsonBytes))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{
UserId: 1,
UserID: 1,
})
resp, err := s.SendJSON(req)
require.NoError(t, err)
@ -85,7 +85,7 @@ func TestImportDashboardAPI(t *testing.T) {
require.NoError(t, err)
req := s.NewPostRequest("/api/dashboards/import?trimdefaults=true", bytes.NewReader(jsonBytes))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{
UserId: 1,
UserID: 1,
})
resp, err := s.SendJSON(req)
require.NoError(t, err)
@ -117,7 +117,7 @@ func TestImportDashboardAPI(t *testing.T) {
require.NoError(t, err)
req := s.NewPostRequest("/api/dashboards/import?trimdefaults=true", bytes.NewReader(jsonBytes))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{
UserId: 1,
UserID: 1,
})
resp, err := s.SendJSON(req)
require.NoError(t, err)
@ -143,7 +143,7 @@ func TestImportDashboardAPI(t *testing.T) {
require.NoError(t, err)
req := s.NewPostRequest("/api/dashboards/import", bytes.NewReader(jsonBytes))
webtest.RequestWithSignedInUser(req, &user.SignedInUser{
UserId: 1,
UserID: 1,
})
resp, err := s.SendJSON(req)
require.NoError(t, err)

4
pkg/services/dashboardimport/service/service.go
View File

@ -82,8 +82,8 @@ func (s *ImportDashboardService) ImportDashboard(ctx context.Context, req *dashb
saveCmd := models.SaveDashboardCommand{
Dashboard: generatedDash,
OrgId: req.User.OrgId,
UserId: req.User.UserId,
OrgId: req.User.OrgID,
UserId: req.User.UserID,
Overwrite: req.Overwrite,
PluginId: req.PluginId,
FolderId: req.FolderId,

8
pkg/services/dashboardimport/service/service_test.go
View File

@ -65,7 +65,7 @@ func TestImportDashboardService(t *testing.T) {
Inputs: []dashboardimport.ImportDashboardInput{
{Name: "*", Type: "datasource", Value: "prom"},
},
User: &user.SignedInUser{UserId: 2, OrgRole: org.RoleAdmin, OrgId: 3},
User: &user.SignedInUser{UserID: 2, OrgRole: org.RoleAdmin, OrgID: 3},
FolderId: 5,
}
resp, err := s.ImportDashboard(context.Background(), req)
@ -75,7 +75,7 @@ func TestImportDashboardService(t *testing.T) {
require.NotNil(t, importDashboardArg)
require.Equal(t, int64(3), importDashboardArg.OrgId)
require.Equal(t, int64(2), importDashboardArg.User.UserId)
require.Equal(t, int64(2), importDashboardArg.User.UserID)
require.Equal(t, "prometheus", importDashboardArg.Dashboard.PluginId)
require.Equal(t, int64(5), importDashboardArg.Dashboard.FolderId)
@ -122,7 +122,7 @@ func TestImportDashboardService(t *testing.T) {
Inputs: []dashboardimport.ImportDashboardInput{
{Name: "*", Type: "datasource", Value: "prom"},
},
User: &user.SignedInUser{UserId: 2, OrgRole: org.RoleAdmin, OrgId: 3},
User: &user.SignedInUser{UserID: 2, OrgRole: org.RoleAdmin, OrgID: 3},
FolderId: 5,
}
resp, err := s.ImportDashboard(context.Background(), req)
@ -132,7 +132,7 @@ func TestImportDashboardService(t *testing.T) {
require.NotNil(t, importDashboardArg)
require.Equal(t, int64(3), importDashboardArg.OrgId)
require.Equal(t, int64(2), importDashboardArg.User.UserId)
require.Equal(t, int64(2), importDashboardArg.User.UserID)
require.Equal(t, "", importDashboardArg.Dashboard.PluginId)
require.Equal(t, int64(5), importDashboardArg.Dashboard.FolderId)

4
pkg/services/dashboards/database/acl.go
View File

@ -105,7 +105,7 @@ func (d *DashboardStore) HasEditPermissionInFolders(ctx context.Context, query *
builder := sqlstore.NewSqlBuilder(d.sqlStore.Cfg)
builder.Write("SELECT COUNT(dashboard.id) AS count FROM dashboard WHERE dashboard.org_id = ? AND dashboard.is_folder = ?",
query.SignedInUser.OrgId, d.dialect.BooleanStr(true))
query.SignedInUser.OrgID, d.dialect.BooleanStr(true))
builder.WriteDashboardPermissionFilter(query.SignedInUser, models.PERMISSION_EDIT)
type folderCount struct {
@ -132,7 +132,7 @@ func (d *DashboardStore) HasAdminPermissionInDashboardsOrFolders(ctx context.Con
}
builder := sqlstore.NewSqlBuilder(d.sqlStore.Cfg)
builder.Write("SELECT COUNT(dashboard.id) AS count FROM dashboard WHERE dashboard.org_id = ?", query.SignedInUser.OrgId)
builder.Write("SELECT COUNT(dashboard.id) AS count FROM dashboard WHERE dashboard.org_id = ?", query.SignedInUser.OrgID)
builder.WriteDashboardPermissionFilter(query.SignedInUser, models.PERMISSION_ADMIN)
type folderCount struct {

10
pkg/services/dashboards/database/database.go
View File

@ -932,9 +932,9 @@ func (d *DashboardStore) FindDashboards(ctx context.Context, query *models.FindP
filters := []interface{}{
permissions.DashboardPermissionFilter{
OrgRole: query.SignedInUser.OrgRole,
OrgId: query.SignedInUser.OrgId,
OrgId: query.SignedInUser.OrgID,
Dialect: d.dialect,
UserId: query.SignedInUser.UserId,
UserId: query.SignedInUser.UserID,
PermissionLevel: query.Permission,
},
}
@ -954,8 +954,8 @@ func (d *DashboardStore) FindDashboards(ctx context.Context, query *models.FindP
if query.OrgId != 0 {
filters = append(filters, searchstore.OrgFilter{OrgId: query.OrgId})
} else if query.SignedInUser.OrgId != 0 {
filters = append(filters, searchstore.OrgFilter{OrgId: query.SignedInUser.OrgId})
} else if query.SignedInUser.OrgID != 0 {
filters = append(filters, searchstore.OrgFilter{OrgId: query.SignedInUser.OrgID})
}
if len(query.Tags) > 0 {
@ -969,7 +969,7 @@ func (d *DashboardStore) FindDashboards(ctx context.Context, query *models.FindP
}
if query.IsStarred {
filters = append(filters, searchstore.StarredFilter{UserId: query.SignedInUser.UserId})
filters = append(filters, searchstore.StarredFilter{UserId: query.SignedInUser.UserID})
}
if len(query.Title) > 0 {

50
pkg/services/dashboards/database/database_folder_test.go
View File

@ -44,7 +44,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("and no acls are set", func(t *testing.T) {
t.Run("should return all dashboards", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{UserId: currentUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: currentUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
OrgId: 1,
DashboardIds: []int64{folder.Id, dashInRoot.Id},
}
@ -68,7 +68,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should not return folder", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{UserId: currentUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: currentUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
OrgId: 1, DashboardIds: []int64{folder.Id, dashInRoot.Id},
}
err := testSearchDashboards(dashboardStore, query)
@ -86,7 +86,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should be able to access folder", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{UserId: currentUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: currentUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
OrgId: 1,
DashboardIds: []int64{folder.Id, dashInRoot.Id},
}
@ -102,8 +102,8 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should be able to access folder", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{
UserId: currentUser.ID,
OrgId: 1,
UserID: currentUser.ID,
OrgID: 1,
OrgRole: org.RoleAdmin,
},
OrgId: 1,
@ -129,7 +129,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should not return folder or child", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{UserId: currentUser.ID, OrgId: 1, OrgRole: org.RoleViewer}, OrgId: 1, DashboardIds: []int64{folder.Id, childDash.Id, dashInRoot.Id},
SignedInUser: &user.SignedInUser{UserID: currentUser.ID, OrgID: 1, OrgRole: org.RoleViewer}, OrgId: 1, DashboardIds: []int64{folder.Id, childDash.Id, dashInRoot.Id},
}
err := testSearchDashboards(dashboardStore, query)
require.NoError(t, err)
@ -144,7 +144,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
require.NoError(t, err)
t.Run("should be able to search for child dashboard but not folder", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{SignedInUser: &user.SignedInUser{UserId: currentUser.ID, OrgId: 1, OrgRole: org.RoleViewer}, OrgId: 1, DashboardIds: []int64{folder.Id, childDash.Id, dashInRoot.Id}}
query := &models.FindPersistedDashboardsQuery{SignedInUser: &user.SignedInUser{UserID: currentUser.ID, OrgID: 1, OrgRole: org.RoleViewer}, OrgId: 1, DashboardIds: []int64{folder.Id, childDash.Id, dashInRoot.Id}}
err := testSearchDashboards(dashboardStore, query)
require.NoError(t, err)
require.Equal(t, len(query.Result), 2)
@ -157,8 +157,8 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should be able to search for child dash and folder", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{
UserId: currentUser.ID,
OrgId: 1,
UserID: currentUser.ID,
OrgID: 1,
OrgRole: org.RoleAdmin,
},
OrgId: 1,
@ -198,8 +198,8 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should return dashboards in root and expanded folder", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
FolderIds: []int64{
rootFolderId, folder1.Id}, SignedInUser: &user.SignedInUser{UserId: currentUser.ID,
OrgId: 1, OrgRole: org.RoleViewer,
rootFolderId, folder1.Id}, SignedInUser: &user.SignedInUser{UserID: currentUser.ID,
OrgID: 1, OrgRole: org.RoleViewer,
},
OrgId: 1,
}
@ -225,7 +225,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should not return folder with acl or its children", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{UserId: currentUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: currentUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
OrgId: 1,
DashboardIds: []int64{folder1.Id, childDash1.Id, childDash2.Id, dashInRoot.Id},
}
@ -241,7 +241,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should return folder without acl and its children", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{UserId: currentUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: currentUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
OrgId: 1,
DashboardIds: []int64{folder2.Id, childDash1.Id, childDash2.Id, dashInRoot.Id},
}
@ -265,7 +265,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should return folder without acl but not the dashboard with acl", func(t *testing.T) {
query := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{UserId: currentUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: currentUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
OrgId: 1,
DashboardIds: []int64{folder2.Id, childDash1.Id, childDash2.Id, dashInRoot.Id},
}
@ -303,7 +303,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("Should have write access to all dashboard folders in their org", func(t *testing.T) {
query := models.FindPersistedDashboardsQuery{
OrgId: 1,
SignedInUser: &user.SignedInUser{UserId: adminUser.ID, OrgRole: org.RoleAdmin, OrgId: 1},
SignedInUser: &user.SignedInUser{UserID: adminUser.ID, OrgRole: org.RoleAdmin, OrgID: 1},
Permission: models.PERMISSION_VIEW,
Type: "dash-folder",
}
@ -318,7 +318,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should have edit permission in folders", func(t *testing.T) {
query := &models.HasEditPermissionInFoldersQuery{
SignedInUser: &user.SignedInUser{UserId: adminUser.ID, OrgId: 1, OrgRole: org.RoleAdmin},
SignedInUser: &user.SignedInUser{UserID: adminUser.ID, OrgID: 1, OrgRole: org.RoleAdmin},
}
err := dashboardStore.HasEditPermissionInFolders(context.Background(), query)
require.NoError(t, err)
@ -327,7 +327,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should have admin permission in folders", func(t *testing.T) {
query := &models.HasAdminPermissionInDashboardsOrFoldersQuery{
SignedInUser: &user.SignedInUser{UserId: adminUser.ID, OrgId: 1, OrgRole: org.RoleAdmin},
SignedInUser: &user.SignedInUser{UserID: adminUser.ID, OrgID: 1, OrgRole: org.RoleAdmin},
}
err := dashboardStore.HasAdminPermissionInDashboardsOrFolders(context.Background(), query)
require.NoError(t, err)
@ -338,7 +338,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("Editor users", func(t *testing.T) {
query := models.FindPersistedDashboardsQuery{
OrgId: 1,
SignedInUser: &user.SignedInUser{UserId: editorUser.ID, OrgRole: org.RoleEditor, OrgId: 1},
SignedInUser: &user.SignedInUser{UserID: editorUser.ID, OrgRole: org.RoleEditor, OrgID: 1},
Permission: models.PERMISSION_EDIT,
}
@ -366,7 +366,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should have edit permission in folders", func(t *testing.T) {
query := &models.HasEditPermissionInFoldersQuery{
SignedInUser: &user.SignedInUser{UserId: editorUser.ID, OrgId: 1, OrgRole: org.RoleEditor},
SignedInUser: &user.SignedInUser{UserID: editorUser.ID, OrgID: 1, OrgRole: org.RoleEditor},
}
err := dashboardStore.HasEditPermissionInFolders(context.Background(), query)
go require.NoError(t, err)
@ -375,7 +375,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should not have admin permission in folders", func(t *testing.T) {
query := &models.HasAdminPermissionInDashboardsOrFoldersQuery{
SignedInUser: &user.SignedInUser{UserId: adminUser.ID, OrgId: 1, OrgRole: org.RoleEditor},
SignedInUser: &user.SignedInUser{UserID: adminUser.ID, OrgID: 1, OrgRole: org.RoleEditor},
}
err := dashboardStore.HasAdminPermissionInDashboardsOrFolders(context.Background(), query)
require.NoError(t, err)
@ -386,7 +386,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("Viewer users", func(t *testing.T) {
query := models.FindPersistedDashboardsQuery{
OrgId: 1,
SignedInUser: &user.SignedInUser{UserId: viewerUser.ID, OrgRole: org.RoleViewer, OrgId: 1},
SignedInUser: &user.SignedInUser{UserID: viewerUser.ID, OrgRole: org.RoleViewer, OrgID: 1},
Permission: models.PERMISSION_EDIT,
}
@ -414,7 +414,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
setup3()
query := &models.HasEditPermissionInFoldersQuery{
SignedInUser: &user.SignedInUser{UserId: viewerUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: viewerUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
}
err := dashboardStore.HasEditPermissionInFolders(context.Background(), query)
go require.NoError(t, err)
@ -423,7 +423,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should not have admin permission in folders", func(t *testing.T) {
query := &models.HasAdminPermissionInDashboardsOrFoldersQuery{
SignedInUser: &user.SignedInUser{UserId: adminUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: adminUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
}
err := dashboardStore.HasAdminPermissionInDashboardsOrFolders(context.Background(), query)
require.NoError(t, err)
@ -438,7 +438,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should have edit permission in folders", func(t *testing.T) {
query := &models.HasEditPermissionInFoldersQuery{
SignedInUser: &user.SignedInUser{UserId: viewerUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: viewerUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
}
err := dashboardStore.HasEditPermissionInFolders(context.Background(), query)
go require.NoError(t, err)
@ -454,7 +454,7 @@ func TestIntegrationDashboardFolderDataAccess(t *testing.T) {
t.Run("should have edit permission in folders", func(t *testing.T) {
query := &models.HasEditPermissionInFoldersQuery{
SignedInUser: &user.SignedInUser{UserId: viewerUser.ID, OrgId: 1, OrgRole: org.RoleViewer},
SignedInUser: &user.SignedInUser{UserID: viewerUser.ID, OrgID: 1, OrgRole: org.RoleViewer},
}
err := dashboardStore.HasEditPermissionInFolders(context.Background(), query)
go require.NoError(t, err)

32
pkg/services/dashboards/database/database_test.go
View File

@ -308,7 +308,7 @@ func TestIntegrationDashboardDataAccess(t *testing.T) {
Title: "1 test dash folder",
OrgId: 1,
SignedInUser: &user.SignedInUser{
OrgId: 1,
OrgID: 1,
OrgRole: org.RoleEditor,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionFoldersRead: []string{dashboards.ScopeFoldersAll}},
@ -332,7 +332,7 @@ func TestIntegrationDashboardDataAccess(t *testing.T) {
OrgId: 1,
Limit: 1,
SignedInUser: &user.SignedInUser{
OrgId: 1,
OrgID: 1,
OrgRole: org.RoleEditor,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionFoldersRead: []string{dashboards.ScopeFoldersAll}},
@ -354,7 +354,7 @@ func TestIntegrationDashboardDataAccess(t *testing.T) {
Limit: 1,
Page: 2,
SignedInUser: &user.SignedInUser{
OrgId: 1,
OrgID: 1,
OrgRole: org.RoleEditor,
Permissions: map[int64]map[string][]string{
1: {
@ -379,7 +379,7 @@ func TestIntegrationDashboardDataAccess(t *testing.T) {
Type: "dash-db",
Tags: []string{"prod"},
SignedInUser: &user.SignedInUser{
OrgId: 1,
OrgID: 1,
OrgRole: org.RoleEditor,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionDashboardsRead: []string{dashboards.ScopeDashboardsAll}},
@ -400,7 +400,7 @@ func TestIntegrationDashboardDataAccess(t *testing.T) {
OrgId: 1,
FolderIds: []int64{savedFolder.Id},
SignedInUser: &user.SignedInUser{
OrgId: 1,
OrgID: 1,
OrgRole: org.RoleEditor,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionDashboardsRead: []string{dashboards.ScopeDashboardsAll}},
@ -426,7 +426,7 @@ func TestIntegrationDashboardDataAccess(t *testing.T) {
query := models.FindPersistedDashboardsQuery{
DashboardIds: []int64{savedDash.Id, savedDash2.Id},
SignedInUser: &user.SignedInUser{
OrgId: 1,
OrgID: 1,
OrgRole: org.RoleEditor,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionDashboardsRead: []string{dashboards.ScopeDashboardsAll}},
@ -463,8 +463,8 @@ func TestIntegrationDashboardDataAccess(t *testing.T) {
query := models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{
UserId: 10,
OrgId: 1,
UserID: 10,
OrgID: 1,
OrgRole: org.RoleEditor,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionDashboardsRead: []string{dashboards.ScopeDashboardsAll}},
@ -515,8 +515,8 @@ func TestIntegrationDashboard_SortingOptions(t *testing.T) {
assert.Less(t, dashB.Id, dashA.Id)
qNoSort := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{
OrgId: 1,
UserId: 1,
OrgID: 1,
UserID: 1,
OrgRole: org.RoleAdmin,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionDashboardsRead: []string{dashboards.ScopeDashboardsAll}},
@ -531,8 +531,8 @@ func TestIntegrationDashboard_SortingOptions(t *testing.T) {
qSort := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{
OrgId: 1,
UserId: 1,
OrgID: 1,
UserID: 1,
OrgRole: org.RoleAdmin,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionDashboardsRead: []string{dashboards.ScopeDashboardsAll}},
@ -561,8 +561,8 @@ func TestIntegrationDashboard_Filter(t *testing.T) {
dashB := insertTestDashboard(t, dashboardStore, "Beta", 1, 0, false)
qNoFilter := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{
OrgId: 1,
UserId: 1,
OrgID: 1,
UserID: 1,
OrgRole: org.RoleAdmin,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionDashboardsRead: []string{dashboards.ScopeDashboardsAll}},
@ -575,8 +575,8 @@ func TestIntegrationDashboard_Filter(t *testing.T) {
qFilter := &models.FindPersistedDashboardsQuery{
SignedInUser: &user.SignedInUser{
OrgId: 1,
UserId: 1,
OrgID: 1,
UserID: 1,
OrgRole: org.RoleAdmin,
Permissions: map[int64]map[string][]string{
1: {dashboards.ActionDashboardsRead: []string{dashboards.ScopeDashboardsAll}},

20
pkg/services/dashboards/service/dashboard_service.go
View File

@ -162,7 +162,7 @@ func (dr *DashboardServiceImpl) BuildSaveDashboardCommand(ctx context.Context, d
Message: dto.Message,
OrgId: dto.OrgId,
Overwrite: dto.Overwrite,
UserId: dto.User.UserId,
UserId: dto.User.UserID,
FolderId: dash.FolderId,
IsFolder: dash.IsFolder,
PluginId: dash.PluginId,
@ -219,9 +219,9 @@ func (dr *DashboardServiceImpl) SaveProvisionedDashboard(ctx context.Context, dt
}
dto.User = &user.SignedInUser{
UserId: 0,
UserID: 0,
OrgRole: org.RoleAdmin,
OrgId: dto.OrgId,
OrgID: dto.OrgId,
Permissions: map[int64]map[string][]string{
dto.OrgId: provisionerPermissions,
},
@ -260,7 +260,7 @@ func (dr *DashboardServiceImpl) SaveProvisionedDashboard(ctx context.Context, dt
if dto.Dashboard.Id == 0 {
if err := dr.setDefaultPermissions(ctx, dto, dash, true); err != nil {
dr.log.Error("Could not make user admin", "dashboard", dash.Title, "user", dto.User.UserId, "error", err)
dr.log.Error("Could not make user admin", "dashboard", dash.Title, "user", dto.User.UserID, "error", err)
}
}
@ -269,7 +269,7 @@ func (dr *DashboardServiceImpl) SaveProvisionedDashboard(ctx context.Context, dt
func (dr *DashboardServiceImpl) SaveFolderForProvisionedDashboards(ctx context.Context, dto *dashboards.SaveDashboardDTO) (*models.Dashboard, error) {
dto.User = &user.SignedInUser{
UserId: 0,
UserID: 0,
OrgRole: org.RoleAdmin,
Permissions: map[int64]map[string][]string{dto.OrgId: provisionerPermissions},
}
@ -304,7 +304,7 @@ func (dr *DashboardServiceImpl) SaveFolderForProvisionedDashboards(ctx context.C
if dto.Dashboard.Id == 0 {
if err := dr.setDefaultPermissions(ctx, dto, dash, true); err != nil {
dr.log.Error("Could not make user admin", "dashboard", dash.Title, "user", dto.User.UserId, "error", err)
dr.log.Error("Could not make user admin", "dashboard", dash.Title, "user", dto.User.UserID, "error", err)
}
}
@ -352,7 +352,7 @@ func (dr *DashboardServiceImpl) SaveDashboard(ctx context.Context, dto *dashboar
// new dashboard created
if dto.Dashboard.Id == 0 {
if err := dr.setDefaultPermissions(ctx, dto, dash, false); err != nil {
dr.log.Error("Could not make user admin", "dashboard", dash.Title, "user", dto.User.UserId, "error", err)
dr.log.Error("Could not make user admin", "dashboard", dash.Title, "user", dto.User.UserID, "error", err)
}
}
@ -452,7 +452,7 @@ func (dr *DashboardServiceImpl) ImportDashboard(ctx context.Context, dto *dashbo
}
if err := dr.setDefaultPermissions(ctx, dto, dash, false); err != nil {
dr.log.Error("Could not make user admin", "dashboard", dash.Title, "user", dto.User.UserId, "error", err)
dr.log.Error("Could not make user admin", "dashboard", dash.Title, "user", dto.User.UserID, "error", err)
}
return dash, nil
@ -474,7 +474,7 @@ func (dr *DashboardServiceImpl) setDefaultPermissions(ctx context.Context, dto *
var permissions []accesscontrol.SetResourcePermissionCommand
if !provisioned && dto.User.IsRealUser() && !dto.User.IsAnonymous {
permissions = append(permissions, accesscontrol.SetResourcePermissionCommand{
UserID: dto.User.UserId, Permission: models.PERMISSION_ADMIN.String(),
UserID: dto.User.UserID, Permission: models.PERMISSION_ADMIN.String(),
})
}
@ -495,7 +495,7 @@ func (dr *DashboardServiceImpl) setDefaultPermissions(ctx context.Context, dto *
return err
}
} else if dr.cfg.EditorsCanAdmin && !provisioned && dto.User.IsRealUser() && !dto.User.IsAnonymous {
if err := dr.MakeUserAdmin(ctx, dto.OrgId, dto.User.UserId, dash.Id, !inFolder); err != nil {
if err := dr.MakeUserAdmin(ctx, dto.OrgId, dto.User.UserID, dash.Id, !inFolder); err != nil {
return err
}
}

26
pkg/services/dashboards/service/dashboard_service_integration_test.go
View File

@ -107,7 +107,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, int64(0), sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When creating a new dashboard in other folder, it should create dashboard guardian for other folder with correct arguments and rsult in access denied error",
@ -127,7 +127,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.otherSavedFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When creating a new dashboard by existing title in folder, it should create dashboard guardian for dashboard with correct arguments and result in access denied error",
@ -147,7 +147,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.savedDashInFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When creating a new dashboard by existing UID in folder, it should create dashboard guardian for dashboard with correct arguments and result in access denied error",
@ -168,7 +168,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.savedDashInFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When updating a dashboard by existing id in the General folder, it should create dashboard guardian for dashboard with correct arguments and result in access denied error",
@ -189,7 +189,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.savedDashInGeneralFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When updating a dashboard by existing id in other folder, it should create dashboard guardian for dashboard with correct arguments and result in access denied error",
@ -210,7 +210,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.savedDashInFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When moving a dashboard by existing ID to other folder from General folder, it should create dashboard guardian for dashboard with correct arguments and result in access denied error",
@ -231,7 +231,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.savedDashInGeneralFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When moving a dashboard by existing id to the General folder from other folder, it should create dashboard guardian for dashboard with correct arguments and result in access denied error",
@ -252,7 +252,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.savedDashInFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When moving a dashboard by existing uid to other folder from General folder, it should create dashboard guardian for dashboard with correct arguments and result in access denied error",
@ -273,7 +273,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.savedDashInGeneralFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
permissionScenario(t, "When moving a dashboard by existing UID to the General folder from other folder, it should create dashboard guardian for dashboard with correct arguments and result in access denied error",
@ -294,7 +294,7 @@ func TestIntegrationIntegratedDashboardService(t *testing.T) {
assert.Equal(t, sc.savedDashInFolder.Id, sc.dashboardGuardianMock.DashId)
assert.Equal(t, cmd.OrgId, sc.dashboardGuardianMock.OrgId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserId)
assert.Equal(t, cmd.UserId, sc.dashboardGuardianMock.User.UserID)
})
})
@ -919,7 +919,7 @@ func saveTestDashboard(t *testing.T, title string, orgID, folderID int64, sqlSto
OrgId: orgID,
Dashboard: cmd.GetDashboardModel(),
User: &user.SignedInUser{
UserId: 1,
UserID: 1,
OrgRole: org.RoleAdmin,
},
}
@ -956,7 +956,7 @@ func saveTestFolder(t *testing.T, title string, orgID int64, sqlStore *sqlstore.
OrgId: orgID,
Dashboard: cmd.GetDashboardModel(),
User: &user.SignedInUser{
UserId: 1,
UserID: 1,
OrgRole: org.RoleAdmin,
},
}
@ -984,7 +984,7 @@ func toSaveDashboardDto(cmd models.SaveDashboardCommand) dashboards.SaveDashboar
Dashboard: dash,
Message: cmd.Message,
OrgId: cmd.OrgId,
User: &user.SignedInUser{UserId: cmd.UserId},
User: &user.SignedInUser{UserID: cmd.UserId},
Overwrite: cmd.Overwrite,
}
}

12
pkg/services/dashboards/service/dashboard_service_test.go
View File

@ -93,7 +93,7 @@ func TestDashboardService(t *testing.T) {
dto.Dashboard = models.NewDashboard("Dash")
dto.Dashboard.SetId(3)
dto.User = &user.SignedInUser{UserId: 1}
dto.User = &user.SignedInUser{UserID: 1}
_, err := service.SaveDashboard(context.Background(), dto, false)
require.Equal(t, err, dashboards.ErrDashboardCannotSaveProvisionedDashboard)
})
@ -104,7 +104,7 @@ func TestDashboardService(t *testing.T) {
dto.Dashboard = models.NewDashboard("Dash")
dto.Dashboard.SetId(3)
dto.User = &user.SignedInUser{UserId: 1}
dto.User = &user.SignedInUser{UserID: 1}
_, err := service.SaveDashboard(context.Background(), dto, true)
require.NoError(t, err)
})
@ -130,7 +130,7 @@ func TestDashboardService(t *testing.T) {
fakeStore.On("SaveAlerts", mock.Anything, mock.Anything, mock.Anything).Return(errors.New("alert validation error")).Once()
dto.Dashboard = models.NewDashboard("Dash")
dto.User = &user.SignedInUser{UserId: 1}
dto.User = &user.SignedInUser{UserID: 1}
_, err := service.SaveDashboard(context.Background(), dto, false)
require.Error(t, err)
require.Equal(t, err.Error(), "alert validation error")
@ -146,7 +146,7 @@ func TestDashboardService(t *testing.T) {
dto.Dashboard = models.NewDashboard("Dash")
dto.Dashboard.SetId(3)
dto.User = &user.SignedInUser{UserId: 1}
dto.User = &user.SignedInUser{UserID: 1}
_, err := service.SaveProvisionedDashboard(context.Background(), dto, nil)
require.NoError(t, err)
})
@ -161,7 +161,7 @@ func TestDashboardService(t *testing.T) {
dto.Dashboard = models.NewDashboard("Dash")
dto.Dashboard.SetId(3)
dto.User = &user.SignedInUser{UserId: 1}
dto.User = &user.SignedInUser{UserID: 1}
dto.Dashboard.Data.Set("refresh", "1s")
_, err := service.SaveProvisionedDashboard(context.Background(), dto, nil)
require.NoError(t, err)
@ -178,7 +178,7 @@ func TestDashboardService(t *testing.T) {
dto.Dashboard = models.NewDashboard("Dash")
dto.Dashboard.SetId(3)
dto.User = &user.SignedInUser{UserId: 1}
dto.User = &user.SignedInUser{UserID: 1}
_, err := service.ImportDashboard(context.Background(), dto)
require.Equal(t, err, dashboards.ErrDashboardCannotSaveProvisionedDashboard)
})

6
pkg/services/dashboards/service/folder_service.go
View File

@ -145,7 +145,7 @@ func (f *FolderServiceImpl) CreateFolder(ctx context.Context, user *user.SignedI
}
dashFolder.SetUid(trimmedUID)
userID := user.UserId
userID := user.UserID
if userID == 0 {
userID = -1
}
@ -214,7 +214,7 @@ func (f *FolderServiceImpl) UpdateFolder(ctx context.Context, user *user.SignedI
return dashboards.ErrFolderNotFound
}
cmd.UpdateDashboardModel(dashFolder, orgID, user.UserId)
cmd.UpdateDashboardModel(dashFolder, orgID, user.UserID)
dto := &dashboards.SaveDashboardDTO{
Dashboard: dashFolder,
@ -248,7 +248,7 @@ func (f *FolderServiceImpl) UpdateFolder(ctx context.Context, user *user.SignedI
UID: dash.Uid,
OrgID: orgID,
}); err != nil {
f.log.Error("failed to publish FolderTitleUpdated event", "folder", folder.Title, "user", user.UserId, "error", err)
f.log.Error("failed to publish FolderTitleUpdated event", "folder", folder.Title, "user", user.UserID, "error", err)
}
}

2
pkg/services/dashboards/service/folder_service_test.go
View File

@ -22,7 +22,7 @@ import (
)
var orgID = int64(1)
var usr = &user.SignedInUser{UserId: 1}
var usr = &user.SignedInUser{UserID: 1}
func TestIntegrationProvideFolderService(t *testing.T) {
if testing.Short() {

Some files were not shown because too many files have changed in this diff Show More