grafana/pkg/infra/db/sqlbuilder.go

package db

import (
	"bytes"

	"github.com/grafana/grafana/pkg/models"
	ac "github.com/grafana/grafana/pkg/services/accesscontrol"
	"github.com/grafana/grafana/pkg/services/sqlstore/migrator"
	"github.com/grafana/grafana/pkg/services/sqlstore/permissions"
	"github.com/grafana/grafana/pkg/services/user"
	"github.com/grafana/grafana/pkg/setting"
)

func NewSqlBuilder(cfg *setting.Cfg, dialect migrator.Dialect) SQLBuilder {
	return SQLBuilder{cfg: cfg, dialect: dialect}
}

type SQLBuilder struct {
	cfg     *setting.Cfg
	sql     bytes.Buffer
	params  []interface{}
	dialect migrator.Dialect
}

func (sb *SQLBuilder) Write(sql string, params ...interface{}) {
	sb.sql.WriteString(sql)

	if len(params) > 0 {
		sb.params = append(sb.params, params...)
	}
}

func (sb *SQLBuilder) GetSQLString() string {
	return sb.sql.String()
}

func (sb *SQLBuilder) GetParams() []interface{} {
	return sb.params
}

func (sb *SQLBuilder) AddParams(params ...interface{}) {
	sb.params = append(sb.params, params...)
}

func (sb *SQLBuilder) WriteDashboardPermissionFilter(user *user.SignedInUser, permission models.PermissionType) {
	var (
		sql    string
		params []interface{}
	)
	if !ac.IsDisabled(sb.cfg) {
		sql, params = permissions.NewAccessControlDashboardPermissionFilter(user, permission, "").Where()
	} else {
		sql, params = permissions.DashboardPermissionFilter{
			OrgRole:         user.OrgRole,
			Dialect:         sb.dialect,
			UserId:          user.UserID,
			OrgId:           user.OrgID,
			PermissionLevel: permission,
		}.Where()
	}

	sb.sql.WriteString(" AND " + sql)
	sb.params = append(sb.params, params...)
}
chore: sqlstore cleanup (#60415) * chore: remove unused test helper from sqlstore TimeNow() is no longer used in any tests in this package. * chore: move sqlstore.SQLBuilder to the infra/db package This required some minor refactoring; we need to be a little more explicit about passing around the dialect and engine. On the other hand, that's a few fewer uses of the `dialect` global constant! * chore: move UserDeletions into the only package using it * cleanup around moving sqlbuilder * remove dialect and sqlog global vars * rename userDeletions to serviceAccountDeletions 3 years ago			`package db`
fix: initial fix for #10822 8 years ago
			`import (`
			`"bytes"`

chore: avoid aliasing imports in services (#22499) 6 years ago			`"github.com/grafana/grafana/pkg/models"`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 3 years ago			`ac "github.com/grafana/grafana/pkg/services/accesscontrol"`
chore: sqlstore cleanup (#60415) * chore: remove unused test helper from sqlstore TimeNow() is no longer used in any tests in this package. * chore: move sqlstore.SQLBuilder to the infra/db package This required some minor refactoring; we need to be a little more explicit about passing around the dialect and engine. On the other hand, that's a few fewer uses of the `dialect` global constant! * chore: move UserDeletions into the only package using it * cleanup around moving sqlbuilder * remove dialect and sqlog global vars * rename userDeletions to serviceAccountDeletions 3 years ago			`"github.com/grafana/grafana/pkg/services/sqlstore/migrator"`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 3 years ago			`"github.com/grafana/grafana/pkg/services/sqlstore/permissions"`
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2 3 years ago			`"github.com/grafana/grafana/pkg/services/user"`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 3 years ago			`"github.com/grafana/grafana/pkg/setting"`
fix: initial fix for #10822 8 years ago			`)`

chore: sqlstore cleanup (#60415) * chore: remove unused test helper from sqlstore TimeNow() is no longer used in any tests in this package. * chore: move sqlstore.SQLBuilder to the infra/db package This required some minor refactoring; we need to be a little more explicit about passing around the dialect and engine. On the other hand, that's a few fewer uses of the `dialect` global constant! * chore: move UserDeletions into the only package using it * cleanup around moving sqlbuilder * remove dialect and sqlog global vars * rename userDeletions to serviceAccountDeletions 3 years ago			`func NewSqlBuilder(cfg *setting.Cfg, dialect migrator.Dialect) SQLBuilder {`
			`return SQLBuilder{cfg: cfg, dialect: dialect}`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 3 years ago			`}`

Chore: Fix SQL related Go variable naming (#28887) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 5 years ago			`type SQLBuilder struct {`
chore: sqlstore cleanup (#60415) * chore: remove unused test helper from sqlstore TimeNow() is no longer used in any tests in this package. * chore: move sqlstore.SQLBuilder to the infra/db package This required some minor refactoring; we need to be a little more explicit about passing around the dialect and engine. On the other hand, that's a few fewer uses of the `dialect` global constant! * chore: move UserDeletions into the only package using it * cleanup around moving sqlbuilder * remove dialect and sqlog global vars * rename userDeletions to serviceAccountDeletions 3 years ago			`cfg *setting.Cfg`
			`sql bytes.Buffer`
			`params []interface{}`
			`dialect migrator.Dialect`
fix: initial fix for #10822 8 years ago			`}`

Chore: Fix SQL related Go variable naming (#28887) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 5 years ago			`func (sb *SQLBuilder) Write(sql string, params ...interface{}) {`
refactoring: alert rule query refactoring (#10941) 8 years ago			`sb.sql.WriteString(sql)`

			`if len(params) > 0 {`
			`sb.params = append(sb.params, params...)`
			`}`
			`}`

Chore: Fix SQL related Go variable naming (#28887) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 5 years ago			`func (sb *SQLBuilder) GetSQLString() string {`
refactoring: alert rule query refactoring (#10941) 8 years ago			`return sb.sql.String()`
			`}`

LibraryPanels: Adds permissions to getAllHandler (#31416) * LibraryPanels: Adds permissions to getAllHandler * Chore: adds a test to verify the permissions * Chore: tests refactor 5 years ago			`func (sb *SQLBuilder) GetParams() []interface{} {`
			`return sb.params`
			`}`

Chore: Fix SQL related Go variable naming (#28887) * Chore: Fix variable naming Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> 5 years ago			`func (sb *SQLBuilder) AddParams(params ...interface{}) {`
refactoring: alert rule query refactoring (#10941) 8 years ago			`sb.params = append(sb.params, params...)`
			`}`

Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2 3 years ago			`func (sb SQLBuilder) WriteDashboardPermissionFilter(user user.SignedInUser, permission models.PermissionType) {`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 3 years ago			`var (`
			`sql string`
			`params []interface{}`
			`)`
			`if !ac.IsDisabled(sb.cfg) {`
			`sql, params = permissions.NewAccessControlDashboardPermissionFilter(user, permission, "").Where()`
			`} else {`
			`sql, params = permissions.DashboardPermissionFilter{`
			`OrgRole: user.OrgRole,`
chore: sqlstore cleanup (#60415) * chore: remove unused test helper from sqlstore TimeNow() is no longer used in any tests in this package. * chore: move sqlstore.SQLBuilder to the infra/db package This required some minor refactoring; we need to be a little more explicit about passing around the dialect and engine. On the other hand, that's a few fewer uses of the `dialect` global constant! * chore: move UserDeletions into the only package using it * cleanup around moving sqlbuilder * remove dialect and sqlog global vars * rename userDeletions to serviceAccountDeletions 3 years ago			`Dialect: sb.dialect,`
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields 3 years ago			`UserId: user.UserID,`
			`OrgId: user.OrgID,`
RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 3 years ago			`PermissionLevel: permission,`
			`}.Where()`
fix: initial fix for #10822 8 years ago			`}`

RBAC: Fix dashboard filter in SQLBuilder (#53379) * Reuse DasbhoardPermissionFilter * Use rbac dashboard filter if enabled 3 years ago			`sb.sql.WriteString(" AND " + sql)`
			`sb.params = append(sb.params, params...)`
fix: initial fix for #10822 8 years ago			`}`