WIP: API - add dash permission

pkg/api/api.go

@@ -250,6 +250,7 @@ func (hs *HttpServer) registerRoutes() {
 
 			r.Group("/:id/acl", func() {
 				r.Get("/", wrap(GetDashboardAcl))
+				r.Post("/", quota("acl"), bind(m.AddOrUpdateDashboardPermissionCommand{}), wrap(PostDashboardAcl))
 				r.Delete("/user/:userId", wrap(DeleteDashboardAclByUser))
 				r.Delete("/user-group/:userGroupId", wrap(DeleteDashboardAclByUserGroup))
 			}, reqSignedIn)

pkg/api/dashboard_acl.go

@@ -2,6 +2,7 @@ package api
 
 import (
 	"github.com/grafana/grafana/pkg/bus"
+	"github.com/grafana/grafana/pkg/metrics"
 	"github.com/grafana/grafana/pkg/middleware"
 	m "github.com/grafana/grafana/pkg/models"
 	"github.com/grafana/grafana/pkg/services/guardian"
@@ -30,6 +31,25 @@ func GetDashboardAcl(c *middleware.Context) Response {
 	return Json(200, &query.Result)
 }
 
+func PostDashboardAcl(c *middleware.Context, cmd m.AddOrUpdateDashboardPermissionCommand) Response {
+	cmd.OrgId = c.OrgId
+	cmd.DashboardId = c.ParamsInt64(":id")
+
+	if err := bus.Dispatch(&cmd); err != nil {
+		if err == m.ErrDashboardPermissionAlreadyAdded {
+			return ApiError(409, "Permission for user/user group already exists", err)
+		}
+		return ApiError(500, "Failed to create permission", err)
+	}
+
+	metrics.M_Api_Dashboard_Acl_Create.Inc(1)
+
+	return Json(200, &util.DynMap{
+		"permissionId": cmd.Result.Id,
+		"message":      "Permission created",
+	})
+}
+
 func DeleteDashboardAclByUser(c *middleware.Context) Response {
 	dashboardId := c.ParamsInt64(":id")
 	userId := c.ParamsInt64(":userId")

pkg/metrics/metrics.go

@@ -36,6 +36,7 @@ var (
 	M_Api_Dashboard_Snapshot_External      Counter
 	M_Api_Dashboard_Snapshot_Get           Counter
 	M_Api_UserGroup_Create                 Counter
+	M_Api_Dashboard_Acl_Create             Counter
 	M_Models_Dashboard_Insert              Counter
 	M_Alerting_Result_State_Alerting       Counter
 	M_Alerting_Result_State_Ok             Counter
@@ -94,6 +95,7 @@ func initMetricVars(settings *MetricSettings) {
 	M_Api_User_SignUpInvite = RegCounter("api.user.signup_invite")
 
 	M_Api_UserGroup_Create = RegCounter("api.usergroup.create")
+	M_Api_Dashboard_Acl_Create = RegCounter("api.dashboard.acl.create")
 
 	M_Api_Dashboard_Save = RegTimer("api.dashboard.save")
 	M_Api_Dashboard_Get = RegTimer("api.dashboard.get")

pkg/models/dashboard_acl.go

@@ -1,13 +1,16 @@
 package models
 
-import "time"
+import (
+	"errors"
+	"time"
+)
 
 type PermissionType int
 
 const (
-	PERMISSION_EDIT PermissionType = 1 << iota
+	PERMISSION_VIEW PermissionType = 1 << iota
 	PERMISSION_READ_ONLY_EDIT
-	PERMISSION_VIEW
+	PERMISSION_EDIT
 )
 
 func (p PermissionType) String() string {
@@ -20,9 +23,9 @@ func (p PermissionType) String() string {
 }
 
 // Typed errors
-// var (
-// 	ErrDashboardPermissionAlreadyAdded = errors.New("A permission has  ")
-// )
+var (
+	ErrDashboardPermissionAlreadyAdded = errors.New("A permission for this user/user group already exists.")
+)
 
 // Dashboard ACL model
 type DashboardAcl struct {
@@ -60,11 +63,13 @@ type DashboardAclInfoDTO struct {
 //
 
 type AddOrUpdateDashboardPermissionCommand struct {
-	DashboardId    int64          `json:"dashboardId" binding:"Required"`
+	DashboardId    int64          `json:"-"`
 	OrgId          int64          `json:"-"`
 	UserId         int64          `json:"userId"`
 	UserGroupId    int64          `json:"userGroupId"`
 	PermissionType PermissionType `json:"permissionType" binding:"Required"`
+
+	Result DashboardAcl `json:"-"`
 }
 
 type RemoveDashboardPermissionCommand struct {

pkg/services/sqlstore/dashboard_acl.go

@@ -51,11 +51,14 @@ func AddOrUpdateDashboardPermission(cmd *m.AddOrUpdateDashboardPermissionCommand
 			cols = append(cols, "user_group_id")
 		}
 
-		_, err := sess.Cols(cols...).Insert(&entity)
+		entityId, err := sess.Cols(cols...).Insert(&entity)
 		if err != nil {
 			return err
 		}
+		cmd.Result = entity
+		cmd.Result.Id = entityId
 
+		// Update dashboard HasAcl flag
 		dashboard := m.Dashboard{
 			HasAcl: true,
 		}