mirror of
https://github.com/grafana/grafana.git
synced 2025-01-18 20:43:26 -06:00
34be8f28b9
* Add access control metadata to search hits if access control query string is passed
131 lines
3.5 KiB
Go
131 lines
3.5 KiB
Go
package api
|
|
|
|
import (
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"github.com/grafana/grafana/pkg/api/response"
|
|
"github.com/grafana/grafana/pkg/infra/metrics"
|
|
"github.com/grafana/grafana/pkg/models"
|
|
"github.com/grafana/grafana/pkg/services/accesscontrol"
|
|
"github.com/grafana/grafana/pkg/services/dashboards"
|
|
"github.com/grafana/grafana/pkg/services/search"
|
|
"github.com/grafana/grafana/pkg/util"
|
|
)
|
|
|
|
func (hs *HTTPServer) Search(c *models.ReqContext) response.Response {
|
|
query := c.Query("query")
|
|
tags := c.QueryStrings("tag")
|
|
starred := c.Query("starred")
|
|
limit := c.QueryInt64("limit")
|
|
page := c.QueryInt64("page")
|
|
dashboardType := c.Query("type")
|
|
sort := c.Query("sort")
|
|
permission := models.PERMISSION_VIEW
|
|
|
|
if limit > 5000 {
|
|
return response.Error(422, "Limit is above maximum allowed (5000), use page parameter to access hits beyond limit", nil)
|
|
}
|
|
|
|
if c.Query("permission") == "Edit" {
|
|
permission = models.PERMISSION_EDIT
|
|
}
|
|
|
|
dbIDs := make([]int64, 0)
|
|
for _, id := range c.QueryStrings("dashboardIds") {
|
|
dashboardID, err := strconv.ParseInt(id, 10, 64)
|
|
if err == nil {
|
|
dbIDs = append(dbIDs, dashboardID)
|
|
}
|
|
}
|
|
|
|
folderIDs := make([]int64, 0)
|
|
for _, id := range c.QueryStrings("folderIds") {
|
|
folderID, err := strconv.ParseInt(id, 10, 64)
|
|
if err == nil {
|
|
folderIDs = append(folderIDs, folderID)
|
|
}
|
|
}
|
|
|
|
searchQuery := search.Query{
|
|
Title: query,
|
|
Tags: tags,
|
|
SignedInUser: c.SignedInUser,
|
|
Limit: limit,
|
|
Page: page,
|
|
IsStarred: starred == "true",
|
|
OrgId: c.OrgId,
|
|
DashboardIds: dbIDs,
|
|
Type: dashboardType,
|
|
FolderIds: folderIDs,
|
|
Permission: permission,
|
|
Sort: sort,
|
|
}
|
|
|
|
err := hs.SearchService.SearchHandler(c.Req.Context(), &searchQuery)
|
|
if err != nil {
|
|
return response.Error(500, "Search failed", err)
|
|
}
|
|
|
|
defer c.TimeRequest(metrics.MApiDashboardSearch)
|
|
|
|
if !c.QueryBool("accesscontrol") {
|
|
return response.JSON(http.StatusOK, searchQuery.Result)
|
|
}
|
|
|
|
return hs.searchHitsWithMetadata(c, searchQuery.Result)
|
|
}
|
|
|
|
func (hs *HTTPServer) searchHitsWithMetadata(c *models.ReqContext, hits models.HitList) response.Response {
|
|
folderUIDs := make(map[string]bool)
|
|
dashboardUIDs := make(map[string]bool)
|
|
|
|
for _, hit := range hits {
|
|
if hit.Type == models.DashHitFolder {
|
|
folderUIDs[hit.UID] = true
|
|
} else {
|
|
dashboardUIDs[hit.UID] = true
|
|
folderUIDs[hit.FolderUID] = true
|
|
}
|
|
}
|
|
|
|
folderMeta := hs.getMultiAccessControlMetadata(c, c.OrgId, dashboards.ScopeFoldersPrefix, folderUIDs)
|
|
dashboardMeta := hs.getMultiAccessControlMetadata(c, c.OrgId, dashboards.ScopeDashboardsPrefix, dashboardUIDs)
|
|
|
|
// search hit with access control metadata attached
|
|
type hitWithMeta struct {
|
|
*models.Hit
|
|
AccessControl accesscontrol.Metadata `json:"accessControl,omitempty"`
|
|
}
|
|
hitsWithMeta := make([]hitWithMeta, 0, len(hits))
|
|
for _, hit := range hits {
|
|
var meta accesscontrol.Metadata
|
|
if hit.Type == models.DashHitFolder {
|
|
meta = folderMeta[hit.UID]
|
|
} else {
|
|
meta = accesscontrol.MergeMeta("dashboards", dashboardMeta[hit.UID], folderMeta[hit.FolderUID])
|
|
}
|
|
hitsWithMeta = append(hitsWithMeta, hitWithMeta{hit, meta})
|
|
}
|
|
|
|
return response.JSON(http.StatusOK, hitsWithMeta)
|
|
}
|
|
|
|
func (hs *HTTPServer) ListSortOptions(c *models.ReqContext) response.Response {
|
|
opts := hs.SearchService.SortOptions()
|
|
|
|
res := []util.DynMap{}
|
|
for _, o := range opts {
|
|
res = append(res, util.DynMap{
|
|
"name": o.Name,
|
|
"displayName": o.DisplayName,
|
|
"description": o.Description,
|
|
"meta": o.MetaName,
|
|
})
|
|
}
|
|
|
|
return response.JSON(http.StatusOK, util.DynMap{
|
|
"sortOptions": res,
|
|
})
|
|
}
|