RBAC: Permission check performance improvements for the new search (#60729)

* Add checker and update the resource filter function for new search * Add tests for checker * small fixes * handle location for panels correctly * clean up checker code and extend the tests for it * more fixes, but tests don't quite work yet * a small change to return error * cleanup * more simplification * fix tests * correct wrong argument ordering & use constant * Apply suggestions from code review Co-authored-by: Artur Wierzbicki <artur.wierzbicki@grafana.com> * import * check general folder from permission checker function * handle root folder aka general folder properly * update tests * clean up * lint * add fix from main Co-authored-by: Karl Persson <kalle.persson@grafana.com> Co-authored-by: Artur Wierzbicki <artur.wierzbicki@grafana.com>
2025-02-25 18:55:37 -06:00 · 2023-01-27 12:12:30 +00:00
parent dab3fac01b
commit eb9ef34272
27 changed files with 289 additions and 119 deletions
--- a/pkg/services/searchV2/index_test.go
+++ b/pkg/services/searchV2/index_test.go
@@ -9,14 +9,13 @@ import (
 	"github.com/grafana/grafana-plugin-sdk-go/backend"
 	"github.com/grafana/grafana-plugin-sdk-go/data"

+	"github.com/grafana/grafana/pkg/infra/log"
 	"github.com/grafana/grafana/pkg/infra/tracing"
 	"github.com/grafana/grafana/pkg/services/featuremgmt"
+	"github.com/grafana/grafana/pkg/services/store"
 	"github.com/grafana/grafana/pkg/services/store/entity"
 	"github.com/grafana/grafana/pkg/setting"

-	"github.com/grafana/grafana/pkg/infra/log"
-	"github.com/grafana/grafana/pkg/services/store"
-
 	"github.com/blugelabs/bluge"
 	"github.com/grafana/grafana-plugin-sdk-go/experimental"
 	"github.com/stretchr/testify/require"
@@ -32,11 +31,11 @@ func (t *testDashboardLoader) LoadDashboards(_ context.Context, _ int64, _ strin

 var testLogger = log.New("index-test-logger")

-var testAllowAllFilter = func(uid string) bool {
+var testAllowAllFilter = func(kind entityKind, uid, parent string) bool {
 	return true
 }

-var testDisallowAllFilter = func(uid string) bool {
+var testDisallowAllFilter = func(kind entityKind, uid, parent string) bool {
 	return false
 }

@@ -430,8 +429,8 @@ var dashboardsWithFolders = []dashboard{
 		summary: &entity.EntitySummary{
 			Name: "Dashboard in folder 1",
 			Nested: []*entity.EntitySummary{
-				newNestedPanel(1, "Panel 1"),
-				newNestedPanel(2, "Panel 2"),
+				newNestedPanel(1, 2, "Panel 1"),
+				newNestedPanel(2, 2, "Panel 2"),
 			},
 		},
 	},
@@ -442,7 +441,7 @@ var dashboardsWithFolders = []dashboard{
 		summary: &entity.EntitySummary{
 			Name: "Dashboard in folder 2",
 			Nested: []*entity.EntitySummary{
-				newNestedPanel(3, "Panel 3"),
+				newNestedPanel(3, 3, "Panel 3"),
 			},
 		},
 	},
@@ -452,7 +451,7 @@ var dashboardsWithFolders = []dashboard{
 		summary: &entity.EntitySummary{
 			Name: "One more dash",
 			Nested: []*entity.EntitySummary{
-				newNestedPanel(4, "Panel 4"),
+				newNestedPanel(4, 4, "Panel 4"),
 			},
 		},
 	},
@@ -509,17 +508,17 @@ var dashboardsWithPanels = []dashboard{
 		summary: &entity.EntitySummary{
 			Name: "My Dash",
 			Nested: []*entity.EntitySummary{
-				newNestedPanel(1, "Panel 1"),
-				newNestedPanel(2, "Panel 2"),
+				newNestedPanel(1, 1, "Panel 1"),
+				newNestedPanel(2, 1, "Panel 2"),
 			},
 		},
 	},
 }

-func newNestedPanel(id int64, name string) *entity.EntitySummary {
+func newNestedPanel(id, dashId int64, name string) *entity.EntitySummary {
 	summary := &entity.EntitySummary{
 		Kind: "panel",
-		UID:  fmt.Sprintf("???#%d", id),
+		UID:  fmt.Sprintf("%d#%d", dashId, id),
 	}
 	summary.Name = name
 	return summary