mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
Access Control: Add test flag to enable access control (#46780)
* Add feature flags options to test db
This commit is contained in:
Karl Persson
GitHub
parent
552b447946
commit
ee9badecdf
@ -231,16 +231,16 @@ func setupAccessControlScenarioContext(t *testing.T, cfg *setting.Cfg, url strin
|
|||||||
cfg.IsFeatureToggleEnabled = features.IsEnabled
|
cfg.IsFeatureToggleEnabled = features.IsEnabled
|
||||||
cfg.Quota.Enabled = false
|
cfg.Quota.Enabled = false
|
||||||
|
|
||||||
mockStore := sqlstore.InitTestDB(t)
|
store := sqlstore.InitTestDB(t)
|
||||||
hs := &HTTPServer{
|
hs := &HTTPServer{
|
||||||
Cfg: cfg,
|
Cfg: cfg,
|
||||||
Bus: bus.GetBus(),
|
Bus: bus.GetBus(),
|
||||||
Live: newTestLive(t),
|
Live: newTestLive(t, store),
|
||||||
Features: features,
|
Features: features,
|
||||||
QuotaService: "a.QuotaService{Cfg: cfg},
|
QuotaService: "a.QuotaService{Cfg: cfg},
|
||||||
RouteRegister: routing.NewRouteRegister(),
|
RouteRegister: routing.NewRouteRegister(),
|
||||||
AccessControl: accesscontrolmock.New().WithPermissions(permissions),
|
AccessControl: accesscontrolmock.New().WithPermissions(permissions),
|
||||||
searchUsersService: searchusers.ProvideUsersService(mockStore, filters.ProvideOSSSearchUserFilter()),
|
searchUsersService: searchusers.ProvideUsersService(store, filters.ProvideOSSSearchUserFilter()),
|
||||||
ldapGroups: ldap.ProvideGroupsService(),
|
ldapGroups: ldap.ProvideGroupsService(),
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -352,8 +352,11 @@ func setupHTTPServerWithMockDb(t *testing.T, useFakeAccessControl bool, enableAc
|
|||||||
}
|
}
|
||||||
|
|
||||||
func setupHTTPServerWithCfg(t *testing.T, useFakeAccessControl, enableAccessControl bool, cfg *setting.Cfg) accessControlScenarioContext {
|
func setupHTTPServerWithCfg(t *testing.T, useFakeAccessControl, enableAccessControl bool, cfg *setting.Cfg) accessControlScenarioContext {
|
||||||
db := sqlstore.InitTestDB(t)
|
var featureFlags []string
|
||||||
db.Cfg = cfg
|
if enableAccessControl {
|
||||||
|
featureFlags = append(featureFlags, featuremgmt.FlagAccesscontrol)
|
||||||
|
}
|
||||||
|
db := sqlstore.InitTestDB(t, sqlstore.InitTestDBOpt{FeatureFlags: featureFlags})
|
||||||
return setupHTTPServerWithCfgDb(t, useFakeAccessControl, enableAccessControl, cfg, db, db)
|
return setupHTTPServerWithCfgDb(t, useFakeAccessControl, enableAccessControl, cfg, db, db)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -374,7 +377,7 @@ func setupHTTPServerWithCfgDb(t *testing.T, useFakeAccessControl, enableAccessCo
|
|||||||
Cfg: cfg,
|
Cfg: cfg,
|
||||||
Features: features,
|
Features: features,
|
||||||
Bus: bus.GetBus(),
|
Bus: bus.GetBus(),
|
||||||
Live: newTestLive(t),
|
Live: newTestLive(t, db),
|
||||||
QuotaService: "a.QuotaService{Cfg: cfg},
|
QuotaService: "a.QuotaService{Cfg: cfg},
|
||||||
RouteRegister: routeRegister,
|
RouteRegister: routeRegister,
|
||||||
SQLStore: store,
|
SQLStore: store,
|
||||||
|
|||||||
@ -85,14 +85,14 @@ func TestGetHomeDashboard(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func newTestLive(t *testing.T) *live.GrafanaLive {
|
func newTestLive(t *testing.T, store *sqlstore.SQLStore) *live.GrafanaLive {
|
||||||
features := featuremgmt.WithFeatures()
|
features := featuremgmt.WithFeatures()
|
||||||
cfg := &setting.Cfg{AppURL: "http://localhost:3000/"}
|
cfg := &setting.Cfg{AppURL: "http://localhost:3000/"}
|
||||||
cfg.IsFeatureToggleEnabled = features.IsEnabled
|
cfg.IsFeatureToggleEnabled = features.IsEnabled
|
||||||
gLive, err := live.ProvideService(nil, cfg,
|
gLive, err := live.ProvideService(nil, cfg,
|
||||||
routing.NewRouteRegister(),
|
routing.NewRouteRegister(),
|
||||||
nil, nil, nil,
|
nil, nil, nil,
|
||||||
sqlstore.InitTestDB(t),
|
store,
|
||||||
nil,
|
nil,
|
||||||
&usagestats.UsageStatsMock{T: t},
|
&usagestats.UsageStatsMock{T: t},
|
||||||
nil,
|
nil,
|
||||||
@ -216,10 +216,11 @@ func TestDashboardAPIEndpoint(t *testing.T) {
|
|||||||
|
|
||||||
cfg := setting.NewCfg()
|
cfg := setting.NewCfg()
|
||||||
features := featuremgmt.WithFeatures()
|
features := featuremgmt.WithFeatures()
|
||||||
dashboardStore := database.ProvideDashboardStore(sqlstore.InitTestDB(t))
|
sql := sqlstore.InitTestDB(t)
|
||||||
|
dashboardStore := database.ProvideDashboardStore(sql)
|
||||||
hs := &HTTPServer{
|
hs := &HTTPServer{
|
||||||
Cfg: cfg,
|
Cfg: cfg,
|
||||||
Live: newTestLive(t),
|
Live: newTestLive(t, sql),
|
||||||
LibraryPanelService: &mockLibraryPanelService{},
|
LibraryPanelService: &mockLibraryPanelService{},
|
||||||
LibraryElementService: &mockLibraryElementService{},
|
LibraryElementService: &mockLibraryElementService{},
|
||||||
SQLStore: mockSQLStore,
|
SQLStore: mockSQLStore,
|
||||||
@ -1005,7 +1006,7 @@ func postDashboardScenario(t *testing.T, desc string, url string, routePattern s
|
|||||||
Bus: bus.GetBus(),
|
Bus: bus.GetBus(),
|
||||||
Cfg: cfg,
|
Cfg: cfg,
|
||||||
ProvisioningService: provisioning.NewProvisioningServiceMock(context.Background()),
|
ProvisioningService: provisioning.NewProvisioningServiceMock(context.Background()),
|
||||||
Live: newTestLive(t),
|
Live: newTestLive(t, sqlstore.InitTestDB(t)),
|
||||||
QuotaService: "a.QuotaService{
|
QuotaService: "a.QuotaService{
|
||||||
Cfg: cfg,
|
Cfg: cfg,
|
||||||
},
|
},
|
||||||
@ -1042,7 +1043,7 @@ func postDiffScenario(t *testing.T, desc string, url string, routePattern string
|
|||||||
Cfg: cfg,
|
Cfg: cfg,
|
||||||
Bus: bus.GetBus(),
|
Bus: bus.GetBus(),
|
||||||
ProvisioningService: provisioning.NewProvisioningServiceMock(context.Background()),
|
ProvisioningService: provisioning.NewProvisioningServiceMock(context.Background()),
|
||||||
Live: newTestLive(t),
|
Live: newTestLive(t, sqlstore.InitTestDB(t)),
|
||||||
QuotaService: "a.QuotaService{Cfg: cfg},
|
QuotaService: "a.QuotaService{Cfg: cfg},
|
||||||
LibraryPanelService: &mockLibraryPanelService{},
|
LibraryPanelService: &mockLibraryPanelService{},
|
||||||
LibraryElementService: &mockLibraryElementService{},
|
LibraryElementService: &mockLibraryElementService{},
|
||||||
@ -1079,7 +1080,7 @@ func restoreDashboardVersionScenario(t *testing.T, desc string, url string, rout
|
|||||||
Cfg: cfg,
|
Cfg: cfg,
|
||||||
Bus: bus.GetBus(),
|
Bus: bus.GetBus(),
|
||||||
ProvisioningService: provisioning.NewProvisioningServiceMock(context.Background()),
|
ProvisioningService: provisioning.NewProvisioningServiceMock(context.Background()),
|
||||||
Live: newTestLive(t),
|
Live: newTestLive(t, sqlstore.InitTestDB(t)),
|
||||||
QuotaService: "a.QuotaService{Cfg: cfg},
|
QuotaService: "a.QuotaService{Cfg: cfg},
|
||||||
LibraryPanelService: &mockLibraryPanelService{},
|
LibraryPanelService: &mockLibraryPanelService{},
|
||||||
LibraryElementService: &mockLibraryElementService{},
|
LibraryElementService: &mockLibraryElementService{},
|
||||||
|
|||||||
@ -217,8 +217,6 @@ func TestTeamAPIEndpoint_CreateTeam_FGAC(t *testing.T) {
|
|||||||
|
|
||||||
func TestTeamAPIEndpoint_SearchTeams_FGAC(t *testing.T) {
|
func TestTeamAPIEndpoint_SearchTeams_FGAC(t *testing.T) {
|
||||||
sc := setupHTTPServer(t, true, true)
|
sc := setupHTTPServer(t, true, true)
|
||||||
sc.db = sqlstore.InitTestDB(t)
|
|
||||||
|
|
||||||
// Seed three teams
|
// Seed three teams
|
||||||
for i := 1; i <= 3; i++ {
|
for i := 1; i <= 3; i++ {
|
||||||
_, err := sc.db.CreateTeam(fmt.Sprintf("team%d", i), fmt.Sprintf("team%d@example.org", i), 1)
|
_, err := sc.db.CreateTeam(fmt.Sprintf("team%d", i), fmt.Sprintf("team%d@example.org", i), 1)
|
||||||
|
|||||||
@ -61,8 +61,7 @@ func TestSQLStore_GetOrgUsers(t *testing.T) {
|
|||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
store := InitTestDB(t)
|
store := InitTestDB(t, InitTestDBOpt{FeatureFlags: []string{featuremgmt.FlagAccesscontrol}})
|
||||||
store.Cfg.IsFeatureToggleEnabled = featuremgmt.WithFeatures(featuremgmt.FlagAccesscontrol).IsEnabled
|
|
||||||
seedOrgUsers(t, store, 10)
|
seedOrgUsers(t, store, 10)
|
||||||
|
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
@ -127,8 +126,7 @@ func TestSQLStore_SearchOrgUsers(t *testing.T) {
|
|||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
store := InitTestDB(t)
|
store := InitTestDB(t, InitTestDBOpt{FeatureFlags: []string{featuremgmt.FlagAccesscontrol}})
|
||||||
store.Cfg.IsFeatureToggleEnabled = featuremgmt.WithFeatures(featuremgmt.FlagAccesscontrol).IsEnabled
|
|
||||||
seedOrgUsers(t, store, 10)
|
seedOrgUsers(t, store, 10)
|
||||||
|
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
|
|||||||
@ -460,6 +460,7 @@ var testSQLStoreMutex sync.Mutex
|
|||||||
type InitTestDBOpt struct {
|
type InitTestDBOpt struct {
|
||||||
// EnsureDefaultOrgAndUser flags whether to ensure that default org and user exist.
|
// EnsureDefaultOrgAndUser flags whether to ensure that default org and user exist.
|
||||||
EnsureDefaultOrgAndUser bool
|
EnsureDefaultOrgAndUser bool
|
||||||
|
FeatureFlags []string
|
||||||
}
|
}
|
||||||
|
|
||||||
var featuresEnabledDuringTests = []string{
|
var featuresEnabledDuringTests = []string{
|
||||||
@ -490,13 +491,22 @@ func InitTestDB(t ITestDB, opts ...InitTestDBOpt) *SQLStore {
|
|||||||
func initTestDB(migration registry.DatabaseMigrator, opts ...InitTestDBOpt) (*SQLStore, error) {
|
func initTestDB(migration registry.DatabaseMigrator, opts ...InitTestDBOpt) (*SQLStore, error) {
|
||||||
testSQLStoreMutex.Lock()
|
testSQLStoreMutex.Lock()
|
||||||
defer testSQLStoreMutex.Unlock()
|
defer testSQLStoreMutex.Unlock()
|
||||||
|
|
||||||
|
if len(opts) == 0 {
|
||||||
|
opts = []InitTestDBOpt{{EnsureDefaultOrgAndUser: false, FeatureFlags: []string{}}}
|
||||||
|
}
|
||||||
|
|
||||||
|
features := make([]string, len(featuresEnabledDuringTests))
|
||||||
|
copy(features, featuresEnabledDuringTests)
|
||||||
|
for _, opt := range opts {
|
||||||
|
if len(opt.FeatureFlags) > 0 {
|
||||||
|
features = append(features, opt.FeatureFlags...)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if testSQLStore == nil {
|
if testSQLStore == nil {
|
||||||
dbType := migrator.SQLite
|
dbType := migrator.SQLite
|
||||||
|
|
||||||
if len(opts) == 0 {
|
|
||||||
opts = []InitTestDBOpt{{EnsureDefaultOrgAndUser: false}}
|
|
||||||
}
|
|
||||||
|
|
||||||
// environment variable present for test db?
|
// environment variable present for test db?
|
||||||
if db, present := os.LookupEnv("GRAFANA_TEST_DB"); present {
|
if db, present := os.LookupEnv("GRAFANA_TEST_DB"); present {
|
||||||
dbType = db
|
dbType = db
|
||||||
@ -504,13 +514,12 @@ func initTestDB(migration registry.DatabaseMigrator, opts ...InitTestDBOpt) (*SQ
|
|||||||
|
|
||||||
// set test db config
|
// set test db config
|
||||||
cfg := setting.NewCfg()
|
cfg := setting.NewCfg()
|
||||||
cfg.IsFeatureToggleEnabled = func(requestedFeature string) bool {
|
cfg.IsFeatureToggleEnabled = func(key string) bool {
|
||||||
for _, enabledFeature := range featuresEnabledDuringTests {
|
for _, enabledFeature := range features {
|
||||||
if enabledFeature == requestedFeature {
|
if enabledFeature == key {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
sec, err := cfg.Raw.NewSection("database")
|
sec, err := cfg.Raw.NewSection("database")
|
||||||
@ -520,7 +529,6 @@ func initTestDB(migration registry.DatabaseMigrator, opts ...InitTestDBOpt) (*SQ
|
|||||||
if _, err := sec.NewKey("type", dbType); err != nil {
|
if _, err := sec.NewKey("type", dbType); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
switch dbType {
|
switch dbType {
|
||||||
case "mysql":
|
case "mysql":
|
||||||
if _, err := sec.NewKey("connection_string", sqlutil.MySQLTestDB().ConnStr); err != nil {
|
if _, err := sec.NewKey("connection_string", sqlutil.MySQLTestDB().ConnStr); err != nil {
|
||||||
@ -587,6 +595,15 @@ func initTestDB(migration registry.DatabaseMigrator, opts ...InitTestDBOpt) (*SQ
|
|||||||
return testSQLStore, nil
|
return testSQLStore, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
testSQLStore.Cfg.IsFeatureToggleEnabled = func(key string) bool {
|
||||||
|
for _, enabledFeature := range features {
|
||||||
|
if enabledFeature == key {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
if err := dialect.TruncateDBTables(); err != nil {
|
if err := dialect.TruncateDBTables(); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|||||||
@ -396,8 +396,7 @@ func TestSQLStore_SearchTeams(t *testing.T) {
|
|||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
store := InitTestDB(t)
|
store := InitTestDB(t, InitTestDBOpt{FeatureFlags: []string{featuremgmt.FlagAccesscontrol}})
|
||||||
store.Cfg.IsFeatureToggleEnabled = featuremgmt.WithFeatures(featuremgmt.FlagAccesscontrol).IsEnabled
|
|
||||||
|
|
||||||
// Seed 10 teams
|
// Seed 10 teams
|
||||||
for i := 1; i <= 10; i++ {
|
for i := 1; i <= 10; i++ {
|
||||||
@ -456,9 +455,7 @@ func TestSQLStore_GetTeamMembers_ACFilter(t *testing.T) {
|
|||||||
require.NoError(t, errAddMember)
|
require.NoError(t, errAddMember)
|
||||||
}
|
}
|
||||||
|
|
||||||
store := InitTestDB(t)
|
store := InitTestDB(t, InitTestDBOpt{FeatureFlags: []string{featuremgmt.FlagAccesscontrol}})
|
||||||
store.Cfg.IsFeatureToggleEnabled = featuremgmt.WithFeatures(featuremgmt.FlagAccesscontrol).IsEnabled
|
|
||||||
|
|
||||||
setup(store)
|
setup(store)
|
||||||
|
|
||||||
type getTeamMembersTestCase struct {
|
type getTeamMembersTestCase struct {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user