grafana/pkg/api/search.go
Karl Persson 34be8f28b9
AccessControl: Add metadata to search result (#48879)
* Add access control metadata to search hits if access control query string is passed
2022-05-17 15:51:44 +02:00

131 lines
3.5 KiB
Go

package api
import (
"net/http"
"strconv"
"github.com/grafana/grafana/pkg/api/response"
"github.com/grafana/grafana/pkg/infra/metrics"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/accesscontrol"
"github.com/grafana/grafana/pkg/services/dashboards"
"github.com/grafana/grafana/pkg/services/search"
"github.com/grafana/grafana/pkg/util"
)
func (hs *HTTPServer) Search(c *models.ReqContext) response.Response {
query := c.Query("query")
tags := c.QueryStrings("tag")
starred := c.Query("starred")
limit := c.QueryInt64("limit")
page := c.QueryInt64("page")
dashboardType := c.Query("type")
sort := c.Query("sort")
permission := models.PERMISSION_VIEW
if limit > 5000 {
return response.Error(422, "Limit is above maximum allowed (5000), use page parameter to access hits beyond limit", nil)
}
if c.Query("permission") == "Edit" {
permission = models.PERMISSION_EDIT
}
dbIDs := make([]int64, 0)
for _, id := range c.QueryStrings("dashboardIds") {
dashboardID, err := strconv.ParseInt(id, 10, 64)
if err == nil {
dbIDs = append(dbIDs, dashboardID)
}
}
folderIDs := make([]int64, 0)
for _, id := range c.QueryStrings("folderIds") {
folderID, err := strconv.ParseInt(id, 10, 64)
if err == nil {
folderIDs = append(folderIDs, folderID)
}
}
searchQuery := search.Query{
Title: query,
Tags: tags,
SignedInUser: c.SignedInUser,
Limit: limit,
Page: page,
IsStarred: starred == "true",
OrgId: c.OrgId,
DashboardIds: dbIDs,
Type: dashboardType,
FolderIds: folderIDs,
Permission: permission,
Sort: sort,
}
err := hs.SearchService.SearchHandler(c.Req.Context(), &searchQuery)
if err != nil {
return response.Error(500, "Search failed", err)
}
defer c.TimeRequest(metrics.MApiDashboardSearch)
if !c.QueryBool("accesscontrol") {
return response.JSON(http.StatusOK, searchQuery.Result)
}
return hs.searchHitsWithMetadata(c, searchQuery.Result)
}
func (hs *HTTPServer) searchHitsWithMetadata(c *models.ReqContext, hits models.HitList) response.Response {
folderUIDs := make(map[string]bool)
dashboardUIDs := make(map[string]bool)
for _, hit := range hits {
if hit.Type == models.DashHitFolder {
folderUIDs[hit.UID] = true
} else {
dashboardUIDs[hit.UID] = true
folderUIDs[hit.FolderUID] = true
}
}
folderMeta := hs.getMultiAccessControlMetadata(c, c.OrgId, dashboards.ScopeFoldersPrefix, folderUIDs)
dashboardMeta := hs.getMultiAccessControlMetadata(c, c.OrgId, dashboards.ScopeDashboardsPrefix, dashboardUIDs)
// search hit with access control metadata attached
type hitWithMeta struct {
*models.Hit
AccessControl accesscontrol.Metadata `json:"accessControl,omitempty"`
}
hitsWithMeta := make([]hitWithMeta, 0, len(hits))
for _, hit := range hits {
var meta accesscontrol.Metadata
if hit.Type == models.DashHitFolder {
meta = folderMeta[hit.UID]
} else {
meta = accesscontrol.MergeMeta("dashboards", dashboardMeta[hit.UID], folderMeta[hit.FolderUID])
}
hitsWithMeta = append(hitsWithMeta, hitWithMeta{hit, meta})
}
return response.JSON(http.StatusOK, hitsWithMeta)
}
func (hs *HTTPServer) ListSortOptions(c *models.ReqContext) response.Response {
opts := hs.SearchService.SortOptions()
res := []util.DynMap{}
for _, o := range opts {
res = append(res, util.DynMap{
"name": o.Name,
"displayName": o.DisplayName,
"description": o.Description,
"meta": o.MetaName,
})
}
return response.JSON(http.StatusOK, util.DynMap{
"sortOptions": res,
})
}