AC: Remove legacy AC from dashboard permissions API (#71524)

* remove IsDisabled from org API * remove IsDisabled from dashboard_permissions API
2025-02-25 18:55:37 -06:00 · 2023-07-17 17:54:39 +02:00
parent 43f4e55a76
commit a7d905c03b
3 changed files with 18 additions and 38 deletions
--- a/pkg/api/dashboard_permission.go
+++ b/pkg/api/dashboard_permission.go
@@ -172,41 +172,29 @@ func (hs *HTTPServer) UpdateDashboardPermissions(c *contextmodel.ReqContext) res

 	hiddenACL, err := g.GetHiddenACL(hs.Cfg)
 	if err != nil {
-		return response.Error(500, "Error while retrieving hidden permissions", err)
+		return response.Error(http.StatusInternalServerError, "Error while retrieving hidden permissions", err)
 	}
 	items = append(items, hiddenACL...)

 	if okToUpdate, err := g.CheckPermissionBeforeUpdate(dashboards.PERMISSION_ADMIN, items); err != nil || !okToUpdate {
 		if err != nil {
 			if errors.Is(err, guardian.ErrGuardianPermissionExists) || errors.Is(err, guardian.ErrGuardianOverride) {
-				return response.Error(400, err.Error(), err)
+				return response.Error(http.StatusBadRequest, err.Error(), err)
 			}

-			return response.Error(500, "Error while checking dashboard permissions", err)
+			return response.Error(http.StatusInternalServerError, "Error while checking dashboard permissions", err)
 		}

-		return response.Error(403, "Cannot remove own admin permission for a folder", nil)
+		return response.Error(http.StatusForbidden, "Cannot remove own admin permission for a folder", nil)
 	}

-	if !hs.AccessControl.IsDisabled() {
-		old, err := g.GetACL()
-		if err != nil {
-			return response.Error(500, "Error while checking dashboard permissions", err)
-		}
-		if err := hs.updateDashboardAccessControl(c.Req.Context(), dash.OrgID, dash.UID, false, items, old); err != nil {
-			return response.Error(500, "Failed to update permissions", err)
-		}
-		return response.Success("Dashboard permissions updated")
+	old, err := g.GetACL()
+	if err != nil {
+		return response.Error(http.StatusInternalServerError, "Error while checking dashboard permissions", err)
 	}
-
-	if err := hs.DashboardService.UpdateDashboardACL(c.Req.Context(), dashID, items); err != nil {
-		if errors.Is(err, dashboards.ErrDashboardACLInfoMissing) ||
-			errors.Is(err, dashboards.ErrDashboardPermissionDashboardEmpty) {
-			return response.Error(409, err.Error(), err)
-		}
-		return response.Error(500, "Failed to create permission", err)
+	if err := hs.updateDashboardAccessControl(c.Req.Context(), dash.OrgID, dash.UID, false, items, old); err != nil {
+		return response.Error(http.StatusInternalServerError, "Failed to update permissions", err)
 	}
-
 	return response.Success("Dashboard permissions updated")
 }