apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

User: support setting org and help flags though update function (#86535)

Browse Source 
* User: Support setting active org through update function

* User: add support to update help flags through update function
pull/86862/head
Karl Persson 1 year ago committed by GitHub
parent 7077a5850e
commit c4cfee8d96
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
14 changed files with 178 additions and 372 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      pkg/api/org_invite.go
  2. 30
      pkg/api/user.go
  3. 3
      pkg/middleware/org_redirect.go
  4. 2
      pkg/middleware/org_redirect_test.go
  5. 8
      pkg/services/authn/authnimpl/sync/org_sync.go
  6. 8
      pkg/services/authn/authnimpl/sync/org_sync_test.go
  7. 20
      pkg/services/user/model.go
  8. 2
      pkg/services/user/user.go
  9. 130
      pkg/services/user/userimpl/store.go
  10. 147
      pkg/services/user/userimpl/store_test.go
  11. 46
      pkg/services/user/userimpl/user.go
  12. 108
      pkg/services/user/userimpl/user_test.go
  13. 8
      pkg/services/user/usertest/fake.go
  14. 36
      pkg/services/user/usertest/mock.go

2
pkg/api/org_invite.go
Unescape View File

@ -338,7 +338,7 @@ func (hs *HTTPServer) applyUserInvite(ctx context.Context, usr *user.User, invit
if setActive { if setActive {
// set org to active // set org to active
if err := hs.userService.SetUsingOrg(ctx, &user.SetUsingOrgCommand{OrgID: invite.OrgID, UserID: usr.ID}); err != nil { if err := hs.userService.Update(ctx, &user.UpdateUserCommand{OrgID: &invite.OrgID, UserID: usr.ID}); err != nil {
return false, response.Error(http.StatusInternalServerError, "Failed to set org as active", err) return false, response.Error(http.StatusInternalServerError, "Failed to set org as active", err)
} }
} }

30
pkg/api/user.go
Unescape View File

@ -215,9 +215,7 @@ func (hs *HTTPServer) UpdateUserActiveOrg(c *contextmodel.ReqContext) response.R
return response.Error(http.StatusUnauthorized, "Not a valid organization", nil) return response.Error(http.StatusUnauthorized, "Not a valid organization", nil)
} }
cmd := user.SetUsingOrgCommand{UserID: userID, OrgID: orgID} if err := hs.userService.Update(c.Req.Context(), &user.UpdateUserCommand{UserID: userID, OrgID: &orgID}); err != nil {
if err := hs.userService.SetUsingOrg(c.Req.Context(), &cmd); err != nil {
return response.Error(http.StatusInternalServerError, "Failed to change active organization", err) return response.Error(http.StatusInternalServerError, "Failed to change active organization", err)
} }
@ -493,9 +491,7 @@ func (hs *HTTPServer) UserSetUsingOrg(c *contextmodel.ReqContext) response.Respo
return response.Error(http.StatusUnauthorized, "Not a valid organization", nil) return response.Error(http.StatusUnauthorized, "Not a valid organization", nil)
} }
cmd := user.SetUsingOrgCommand{UserID: userID, OrgID: orgID} if err := hs.userService.Update(c.Req.Context(), &user.UpdateUserCommand{UserID: userID, OrgID: &orgID}); err != nil {
if err := hs.userService.SetUsingOrg(c.Req.Context(), &cmd); err != nil {
return response.Error(http.StatusInternalServerError, "Failed to change active organization", err) return response.Error(http.StatusInternalServerError, "Failed to change active organization", err)
} }
@ -527,8 +523,7 @@ func (hs *HTTPServer) ChangeActiveOrgAndRedirectToHome(c *contextmodel.ReqContex
return return
} }
cmd := user.SetUsingOrgCommand{UserID: userID, OrgID: orgID} if err := hs.userService.Update(c.Req.Context(), &user.UpdateUserCommand{UserID: userID, OrgID: &orgID}); err != nil {
if err := hs.userService.SetUsingOrg(c.Req.Context(), &cmd); err != nil {
hs.NotFoundHandler(c) hs.NotFoundHandler(c)
return return
} }
@ -606,16 +601,11 @@ func (hs *HTTPServer) SetHelpFlag(c *contextmodel.ReqContext) response.Response
bitmask := &usr.HelpFlags1 bitmask := &usr.HelpFlags1
bitmask.AddFlag(user.HelpFlags1(flag)) bitmask.AddFlag(user.HelpFlags1(flag))
cmd := user.SetUserHelpFlagCommand{ if err := hs.userService.Update(c.Req.Context(), &user.UpdateUserCommand{UserID: userID, HelpFlags1: bitmask}); err != nil {
UserID: userID,
HelpFlags1: *bitmask,
}
if err := hs.userService.SetUserHelpFlag(c.Req.Context(), &cmd); err != nil {
return response.Error(http.StatusInternalServerError, "Failed to update help flag", err) return response.Error(http.StatusInternalServerError, "Failed to update help flag", err)
} }
return response.JSON(http.StatusOK, &util.DynMap{"message": "Help flag set", "helpFlags1": cmd.HelpFlags1}) return response.JSON(http.StatusOK, &util.DynMap{"message": "Help flag set", "helpFlags1": *bitmask})
} }
// swagger:route GET /user/helpflags/clear signed_in_user clearHelpFlags // swagger:route GET /user/helpflags/clear signed_in_user clearHelpFlags
@ -633,16 +623,12 @@ func (hs *HTTPServer) ClearHelpFlags(c *contextmodel.ReqContext) response.Respon
return errResponse return errResponse
} }
cmd := user.SetUserHelpFlagCommand{ flags := user.HelpFlags1(0)
UserID: userID, if err := hs.userService.Update(c.Req.Context(), &user.UpdateUserCommand{UserID: userID, HelpFlags1: &flags}); err != nil {
HelpFlags1: user.HelpFlags1(0),
}
if err := hs.userService.SetUserHelpFlag(c.Req.Context(), &cmd); err != nil {
return response.Error(http.StatusInternalServerError, "Failed to update help flag", err) return response.Error(http.StatusInternalServerError, "Failed to update help flag", err)
} }
return response.JSON(http.StatusOK, &util.DynMap{"message": "Help flag set", "helpFlags1": cmd.HelpFlags1}) return response.JSON(http.StatusOK, &util.DynMap{"message": "Help flag set", "helpFlags1": flags})
} }
func getUserID(c *contextmodel.ReqContext) (int64, *response.NormalResponse) { func getUserID(c *contextmodel.ReqContext) (int64, *response.NormalResponse) {

3
pkg/middleware/org_redirect.go
Unescape View File

@ -32,8 +32,7 @@ func OrgRedirect(cfg *setting.Cfg, userSvc user.Service) web.Handler {
return return
} }
cmd := user.SetUsingOrgCommand{UserID: ctx.UserID, OrgID: orgId} if err := userSvc.Update(ctx.Req.Context(), &user.UpdateUserCommand{UserID: ctx.UserID, OrgID: &orgId}); err != nil {
if err := userSvc.SetUsingOrg(ctx.Req.Context(), &cmd); err != nil {
if ctx.IsApiRequest() { if ctx.IsApiRequest() {
ctx.JsonApiErr(404, "Not found", nil) ctx.JsonApiErr(404, "Not found", nil)
} else { } else {

2
pkg/middleware/org_redirect_test.go
Unescape View File

@ -55,7 +55,7 @@ func TestOrgRedirectMiddleware(t *testing.T) {
middlewareScenario(t, "when setting an invalid org for user", func(t *testing.T, sc *scenarioContext) { middlewareScenario(t, "when setting an invalid org for user", func(t *testing.T, sc *scenarioContext) {
sc.withIdentity(&authn.Identity{}) sc.withIdentity(&authn.Identity{})
sc.userService.ExpectedSetUsingOrgError = fmt.Errorf("") sc.userService.ExpectedError = fmt.Errorf("")
sc.m.Get("/", sc.defaultHandler) sc.m.Get("/", sc.defaultHandler)
sc.fakeReq("GET", "/?orgId=1").exec() sc.fakeReq("GET", "/?orgId=1").exec()

8
pkg/services/authn/authnimpl/sync/org_sync.go
Unescape View File

@ -120,9 +120,9 @@ func (s *OrgSync) SyncOrgRolesHook(ctx context.Context, id *authn.Identity, _ *a
if _, ok := id.OrgRoles[id.OrgID]; !ok { if _, ok := id.OrgRoles[id.OrgID]; !ok {
if len(orgIDs) > 0 { if len(orgIDs) > 0 {
id.OrgID = orgIDs[0] id.OrgID = orgIDs[0]
return s.userService.SetUsingOrg(ctx, &user.SetUsingOrgCommand{ return s.userService.Update(ctx, &user.UpdateUserCommand{
UserID: userID, UserID: userID,
OrgID: id.OrgID, OrgID: &id.OrgID,
}) })
} }
} }
@ -159,8 +159,8 @@ func (s *OrgSync) SetDefaultOrgHook(ctx context.Context, currentIdentity *authn.
return return
} }
cmd := user.SetUsingOrgCommand{UserID: userID, OrgID: s.cfg.LoginDefaultOrgId} cmd := user.UpdateUserCommand{UserID: userID, OrgID: &s.cfg.LoginDefaultOrgId}
if svcErr := s.userService.SetUsingOrg(ctx, &cmd); svcErr != nil { if svcErr := s.userService.Update(ctx, &cmd); svcErr != nil {
ctxLogger.Error("Failed to set default org", "id", currentIdentity.ID, "err", svcErr) ctxLogger.Error("Failed to set default org", "id", currentIdentity.ID, "err", svcErr)
} }
} }

8
pkg/services/authn/authnimpl/sync/org_sync_test.go
Unescape View File

@ -139,8 +139,8 @@ func TestOrgSync_SetDefaultOrgHook(t *testing.T) {
defaultOrgSetting: 2, defaultOrgSetting: 2,
identity: &authn.Identity{ID: authn.MustParseNamespaceID("user:1")}, identity: &authn.Identity{ID: authn.MustParseNamespaceID("user:1")},
setupMock: func(userService *usertest.MockService, orgService *orgtest.FakeOrgService) { setupMock: func(userService *usertest.MockService, orgService *orgtest.FakeOrgService) {
userService.On("SetUsingOrg", mock.Anything, mock.MatchedBy(func(cmd *user.SetUsingOrgCommand) bool { userService.On("Update", mock.Anything, mock.MatchedBy(func(cmd *user.UpdateUserCommand) bool {
return cmd.UserID == 1 && cmd.OrgID == 2 return cmd.UserID == 1 && *cmd.OrgID == 2
})).Return(nil) })).Return(nil)
}, },
}, },
@ -188,7 +188,7 @@ func TestOrgSync_SetDefaultOrgHook(t *testing.T) {
defaultOrgSetting: 2, defaultOrgSetting: 2,
identity: &authn.Identity{ID: authn.MustParseNamespaceID("user:1")}, identity: &authn.Identity{ID: authn.MustParseNamespaceID("user:1")},
setupMock: func(userService *usertest.MockService, orgService *orgtest.FakeOrgService) { setupMock: func(userService *usertest.MockService, orgService *orgtest.FakeOrgService) {
userService.On("SetUsingOrg", mock.Anything, mock.Anything).Return(fmt.Errorf("error")) userService.On("Update", mock.Anything, mock.Anything).Return(fmt.Errorf("error"))
}, },
}, },
} }
@ -217,8 +217,6 @@ func TestOrgSync_SetDefaultOrgHook(t *testing.T) {
} }
s.SetDefaultOrgHook(context.Background(), tt.identity, nil, tt.inputErr) s.SetDefaultOrgHook(context.Background(), tt.identity, nil, tt.inputErr)
userService.AssertExpectations(t)
}) })
} }
} }

20
pkg/services/user/model.go
Unescape View File

@ -39,7 +39,7 @@ type User struct {
Company string Company string
EmailVerified bool EmailVerified bool
Theme string Theme string
HelpFlags1 HelpFlags1 HelpFlags1 HelpFlags1 `xorm:"help_flags1"`
IsDisabled bool IsDisabled bool
IsAdmin bool IsAdmin bool
@ -86,9 +86,13 @@ type UpdateUserCommand struct {
IsDisabled *bool `json:"-"` IsDisabled *bool `json:"-"`
EmailVerified *bool `json:"-"` EmailVerified *bool `json:"-"`
IsGrafanaAdmin *bool `json:"-"` IsGrafanaAdmin *bool `json:"-"`
// If password is included it will be validated, hashed and updated for user.
Password *Password `json:"-"` Password *Password `json:"-"`
// If old password is included it will be validated against users current password.
OldPassword *Password `json:"-"` OldPassword *Password `json:"-"`
// If OrgID is included update current org for user
OrgID *int64 `json:"-"`
HelpFlags1 *HelpFlags1 `json:"-"`
} }
type UpdateUserLastSeenAtCommand struct { type UpdateUserLastSeenAtCommand struct {
@ -96,11 +100,6 @@ type UpdateUserLastSeenAtCommand struct {
OrgID int64 OrgID int64
} }
type SetUsingOrgCommand struct {
UserID int64
OrgID int64
}
type SearchUsersQuery struct { type SearchUsersQuery struct {
SignedInUser identity.Requester SignedInUser identity.Requester
OrgID int64 `xorm:"org_id"` OrgID int64 `xorm:"org_id"`
@ -179,11 +178,6 @@ type BatchDisableUsersCommand struct {
IsDisabled bool IsDisabled bool
} }
type SetUserHelpFlagCommand struct {
HelpFlags1 HelpFlags1
UserID int64 `xorm:"user_id"`
}
type GetSignedInUserQuery struct { type GetSignedInUserQuery struct {
UserID int64 `xorm:"user_id"` UserID int64 `xorm:"user_id"`
Login string Login string

2
pkg/services/user/user.go
Unescape View File

@ -17,12 +17,10 @@ type Service interface {
GetByEmail(context.Context, *GetUserByEmailQuery) (*User, error) GetByEmail(context.Context, *GetUserByEmailQuery) (*User, error)
Update(context.Context, *UpdateUserCommand) error Update(context.Context, *UpdateUserCommand) error
UpdateLastSeenAt(context.Context, *UpdateUserLastSeenAtCommand) error UpdateLastSeenAt(context.Context, *UpdateUserLastSeenAtCommand) error
SetUsingOrg(context.Context, *SetUsingOrgCommand) error
GetSignedInUserWithCacheCtx(context.Context, *GetSignedInUserQuery) (*SignedInUser, error) GetSignedInUserWithCacheCtx(context.Context, *GetSignedInUserQuery) (*SignedInUser, error)
GetSignedInUser(context.Context, *GetSignedInUserQuery) (*SignedInUser, error) GetSignedInUser(context.Context, *GetSignedInUserQuery) (*SignedInUser, error)
Search(context.Context, *SearchUsersQuery) (*SearchUserQueryResult, error) Search(context.Context, *SearchUsersQuery) (*SearchUserQueryResult, error)
BatchDisableUsers(context.Context, *BatchDisableUsersCommand) error BatchDisableUsers(context.Context, *BatchDisableUsersCommand) error
SetUserHelpFlag(context.Context, *SetUserHelpFlagCommand) error
GetProfile(context.Context, *GetUserProfileQuery) (*UserProfileDTO, error) GetProfile(context.Context, *GetUserProfileQuery) (*UserProfileDTO, error)
} }

130
pkg/services/user/userimpl/store.go
Unescape View File

@ -19,20 +19,16 @@ import (
type store interface { type store interface {
Insert(context.Context, *user.User) (int64, error) Insert(context.Context, *user.User) (int64, error)
Get(context.Context, *user.User) (*user.User, error)
GetByID(context.Context, int64) (*user.User, error) GetByID(context.Context, int64) (*user.User, error)
GetNotServiceAccount(context.Context, int64) (*user.User, error) GetByLogin(context.Context, *user.GetUserByLoginQuery) (*user.User, error)
GetByEmail(context.Context, *user.GetUserByEmailQuery) (*user.User, error)
Delete(context.Context, int64) error Delete(context.Context, int64) error
LoginConflict(ctx context.Context, login, email string) error LoginConflict(ctx context.Context, login, email string) error
CaseInsensitiveLoginConflict(context.Context, string, string) error CaseInsensitiveLoginConflict(context.Context, string, string) error
GetByLogin(context.Context, *user.GetUserByLoginQuery) (*user.User, error)
GetByEmail(context.Context, *user.GetUserByEmailQuery) (*user.User, error)
Update(context.Context, *user.UpdateUserCommand) error Update(context.Context, *user.UpdateUserCommand) error
UpdateLastSeenAt(context.Context, *user.UpdateUserLastSeenAtCommand) error UpdateLastSeenAt(context.Context, *user.UpdateUserLastSeenAtCommand) error
GetSignedInUser(context.Context, *user.GetSignedInUserQuery) (*user.SignedInUser, error) GetSignedInUser(context.Context, *user.GetSignedInUserQuery) (*user.SignedInUser, error)
UpdateUser(context.Context, *user.User) error
GetProfile(context.Context, *user.GetUserProfileQuery) (*user.UserProfileDTO, error) GetProfile(context.Context, *user.GetUserProfileQuery) (*user.UserProfileDTO, error)
SetHelpFlag(context.Context, *user.SetUserHelpFlagCommand) error
BatchDisableUsers(context.Context, *user.BatchDisableUsersCommand) error BatchDisableUsers(context.Context, *user.BatchDisableUsersCommand) error
Search(context.Context, *user.SearchUsersQuery) (*user.SearchUserQueryResult, error) Search(context.Context, *user.SearchUsersQuery) (*user.SearchUserQueryResult, error)
Count(ctx context.Context) (int64, error) Count(ctx context.Context) (int64, error)
@ -87,30 +83,6 @@ func (ss *sqlStore) Insert(ctx context.Context, cmd *user.User) (int64, error) {
return cmd.ID, nil return cmd.ID, nil
} }
func (ss *sqlStore) Get(ctx context.Context, usr *user.User) (*user.User, error) {
ret := &user.User{}
err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
// enforcement of lowercase due to forcement of caseinsensitive login
login := strings.ToLower(usr.Login)
email := strings.ToLower(usr.Email)
where := "email=? OR login=?"
exists, err := sess.Where(where, email, login).Get(ret)
if !exists {
return user.ErrUserNotFound
}
if err != nil {
return err
}
return nil
})
if err != nil {
return nil, err
}
return ret, nil
}
func (ss *sqlStore) Delete(ctx context.Context, userID int64) error { func (ss *sqlStore) Delete(ctx context.Context, userID int64) error {
err := ss.db.WithDbSession(ctx, func(sess *db.Session) error { err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
var rawSQL = "DELETE FROM " + ss.dialect.Quote("user") + " WHERE id = ?" var rawSQL = "DELETE FROM " + ss.dialect.Quote("user") + " WHERE id = ?"
@ -123,21 +95,6 @@ func (ss *sqlStore) Delete(ctx context.Context, userID int64) error {
return nil return nil
} }
func (ss *sqlStore) GetNotServiceAccount(ctx context.Context, userID int64) (*user.User, error) {
usr := user.User{ID: userID}
err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
has, err := sess.Where(ss.notServiceAccountFilter()).Get(&usr)
if err != nil {
return err
}
if !has {
return user.ErrUserNotFound
}
return nil
})
return &usr, err
}
func (ss *sqlStore) GetByID(ctx context.Context, userID int64) (*user.User, error) { func (ss *sqlStore) GetByID(ctx context.Context, userID int64) (*user.User, error) {
var usr user.User var usr user.User
@ -254,12 +211,12 @@ func (ss *sqlStore) GetByEmail(ctx context.Context, query *user.GetUserByEmailQu
// sensitive. // sensitive.
func (ss *sqlStore) LoginConflict(ctx context.Context, login, email string) error { func (ss *sqlStore) LoginConflict(ctx context.Context, login, email string) error {
err := ss.db.WithDbSession(ctx, func(sess *db.Session) error { err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
return ss.loginConflict(ctx, sess, login, email) return ss.loginConflict(sess, login, email)
}) })
return err return err
} }
func (ss *sqlStore) loginConflict(ctx context.Context, sess *db.Session, login, email string) error { func (ss *sqlStore) loginConflict(sess *db.Session, login, email string) error {
users := make([]user.User, 0) users := make([]user.User, 0)
where := "LOWER(email)=LOWER(?) OR LOWER(login)=LOWER(?)" where := "LOWER(email)=LOWER(?) OR LOWER(login)=LOWER(?)"
login = strings.ToLower(login) login = strings.ToLower(login)
@ -289,52 +246,49 @@ func (ss *sqlStore) Update(ctx context.Context, cmd *user.UpdateUserCommand) err
cmd.Email = strings.ToLower(cmd.Email) cmd.Email = strings.ToLower(cmd.Email)
return ss.db.WithTransactionalDbSession(ctx, func(sess *db.Session) error { return ss.db.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
user := user.User{ usr := user.User{
Name: cmd.Name, Name: cmd.Name,
Theme: cmd.Theme,
Email: strings.ToLower(cmd.Email), Email: strings.ToLower(cmd.Email),
Login: strings.ToLower(cmd.Login), Login: strings.ToLower(cmd.Login),
Theme: cmd.Theme,
Updated: time.Now(), Updated: time.Now(),
} }
q := sess.ID(cmd.UserID).Where(ss.notServiceAccountFilter()) q := sess.ID(cmd.UserID).Where(ss.notServiceAccountFilter())
if cmd.Password != nil { setOptional(cmd.OrgID, func(v int64) { usr.OrgID = v })
user.Password = *cmd.Password setOptional(cmd.Password, func(v user.Password) { usr.Password = v })
} setOptional(cmd.IsDisabled, func(v bool) {
q = q.UseBool("is_disabled")
if cmd.IsDisabled != nil { usr.IsDisabled = v
sess.UseBool("is_disabled") })
user.IsDisabled = *cmd.IsDisabled setOptional(cmd.EmailVerified, func(v bool) {
} q = q.UseBool("email_verified")
usr.EmailVerified = v
if cmd.EmailVerified != nil { })
q.UseBool("email_verified") setOptional(cmd.IsGrafanaAdmin, func(v bool) {
user.EmailVerified = *cmd.EmailVerified q = q.UseBool("is_admin")
} usr.IsAdmin = v
})
if cmd.IsGrafanaAdmin != nil { setOptional(cmd.HelpFlags1, func(v user.HelpFlags1) { usr.HelpFlags1 = *cmd.HelpFlags1 })
q.UseBool("is_admin")
user.IsAdmin = *cmd.IsGrafanaAdmin
}
if _, err := q.Update(&user); err != nil { if _, err := q.Update(&usr); err != nil {
return err return err
} }
if cmd.IsGrafanaAdmin != nil && !*cmd.IsGrafanaAdmin { if cmd.IsGrafanaAdmin != nil && !*cmd.IsGrafanaAdmin {
// validate that after update there is at least one server admin // validate that after update there is at least one server admin
if err := validateOneAdminLeft(ctx, sess); err != nil { if err := validateOneAdminLeft(sess); err != nil {
return err return err
} }
} }
sess.PublishAfterCommit(&events.UserUpdated{ sess.PublishAfterCommit(&events.UserUpdated{
Timestamp: user.Created, Timestamp: usr.Created,
Id: user.ID, Id: usr.ID,
Name: user.Name, Name: usr.Name,
Login: user.Login, Login: usr.Login,
Email: user.Email, Email: usr.Email,
}) })
return nil return nil
@ -412,13 +366,6 @@ func (ss *sqlStore) GetSignedInUser(ctx context.Context, query *user.GetSignedIn
return &signedInUser, err return &signedInUser, err
} }
func (ss *sqlStore) UpdateUser(ctx context.Context, user *user.User) error {
return ss.db.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
_, err := sess.ID(user.ID).Update(user)
return err
})
}
func (ss *sqlStore) GetProfile(ctx context.Context, query *user.GetUserProfileQuery) (*user.UserProfileDTO, error) { func (ss *sqlStore) GetProfile(ctx context.Context, query *user.GetUserProfileQuery) (*user.UserProfileDTO, error) {
var usr user.User var usr user.User
var userProfile user.UserProfileDTO var userProfile user.UserProfileDTO
@ -450,19 +397,6 @@ func (ss *sqlStore) GetProfile(ctx context.Context, query *user.GetUserProfileQu
return &userProfile, err return &userProfile, err
} }
func (ss *sqlStore) SetHelpFlag(ctx context.Context, cmd *user.SetUserHelpFlagCommand) error {
return ss.db.WithTransactionalDbSession(ctx, func(sess *db.Session) error {
user := user.User{
ID: cmd.UserID,
HelpFlags1: cmd.HelpFlags1,
Updated: time.Now(),
}
_, err := sess.ID(cmd.UserID).Cols("help_flags1").Update(&user)
return err
})
}
func (ss *sqlStore) Count(ctx context.Context) (int64, error) { func (ss *sqlStore) Count(ctx context.Context) (int64, error) {
type result struct { type result struct {
Count int64 Count int64
@ -501,7 +435,7 @@ func (ss *sqlStore) CountUserAccountsWithEmptyRole(ctx context.Context) (int64,
} }
// validateOneAdminLeft validate that there is an admin user left // validateOneAdminLeft validate that there is an admin user left
func validateOneAdminLeft(ctx context.Context, sess *db.Session) error { func validateOneAdminLeft(sess *db.Session) error {
count, err := sess.Where("is_admin=?", true).Count(&user.User{}) count, err := sess.Where("is_admin=?", true).Count(&user.User{})
if err != nil { if err != nil {
return err return err
@ -673,3 +607,9 @@ func (ss *sqlStore) getAnyUserType(ctx context.Context, userID int64) (*user.Use
}) })
return &usr, err return &usr, err
} }
func setOptional[T any](v *T, add func(v T)) {
if v != nil {
add(*v)
}
}

147
pkg/services/user/userimpl/store_test.go
Unescape View File

@ -27,81 +27,6 @@ func TestMain(m *testing.M) {
testsuite.Run(m) testsuite.Run(m)
} }
func TestIntegrationUserGet(t *testing.T) {
testCases := []struct {
name string
wantErr error
searchLogin string
searchEmail string
}{
{
name: "user found non exact",
wantErr: nil,
searchLogin: "test",
searchEmail: "Test@email.com",
},
{
name: "user found exact",
wantErr: nil,
searchLogin: "test",
searchEmail: "test@email.com",
},
{
name: "user found exact - case insensitive",
wantErr: nil,
searchLogin: "Test",
searchEmail: "Test@email.com",
},
{
name: "user not found - case insensitive",
wantErr: user.ErrUserNotFound,
searchLogin: "Test_login",
searchEmail: "Test*@email.com",
},
}
if testing.Short() {
t.Skip("skipping integration test")
}
ss, cfg := db.InitTestDBWithCfg(t)
userStore := ProvideStore(ss, cfg)
_, errUser := userStore.Insert(context.Background(),
&user.User{
Email: "test@email.com",
Name: "test",
Login: "test",
Created: time.Now(),
Updated: time.Now(),
},
)
require.NoError(t, errUser)
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
if db.IsTestDbMySQL() {
t.Skip("mysql is always case insensitive")
}
usr, err := userStore.Get(context.Background(),
&user.User{
Email: tc.searchEmail,
Login: tc.searchLogin,
},
)
if tc.wantErr != nil {
require.Error(t, err)
require.Nil(t, usr)
} else {
require.NoError(t, err)
require.NotNil(t, usr)
require.NotEmpty(t, usr.UID)
}
})
}
}
func TestIntegrationUserDataAccess(t *testing.T) { func TestIntegrationUserDataAccess(t *testing.T) {
if testing.Short() { if testing.Short() {
t.Skip("skipping integration test") t.Skip("skipping integration test")
@ -120,12 +45,8 @@ func TestIntegrationUserDataAccess(t *testing.T) {
} }
t.Run("user not found", func(t *testing.T) { t.Run("user not found", func(t *testing.T) {
_, err := userStore.Get(context.Background(), _, err := userStore.GetByEmail(context.Background(),
&user.User{ &user.GetUserByEmailQuery{Email: "test@email.com"},
Email: "test@email.com",
Name: "test1",
Login: "test1",
},
) )
require.Error(t, err, user.ErrUserNotFound) require.Error(t, err, user.ErrUserNotFound)
}) })
@ -143,6 +64,13 @@ func TestIntegrationUserDataAccess(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
}) })
t.Run("get user", func(t *testing.T) {
_, err := userStore.GetByEmail(context.Background(),
&user.GetUserByEmailQuery{Email: "test@email.com"},
)
require.NoError(t, err)
})
t.Run("insert user (with known UID)", func(t *testing.T) { t.Run("insert user (with known UID)", func(t *testing.T) {
ctx := context.Background() ctx := context.Background()
id, err := userStore.Insert(ctx, id, err := userStore.Insert(ctx,
@ -169,17 +97,6 @@ func TestIntegrationUserDataAccess(t *testing.T) {
require.Equal(t, "abcd", siu.UserUID) require.Equal(t, "abcd", siu.UserUID)
}) })
t.Run("get user", func(t *testing.T) {
_, err := userStore.Get(context.Background(),
&user.User{
Email: "test@email.com",
Name: "test1",
Login: "test1",
},
)
require.NoError(t, err)
})
t.Run("Testing DB - creates and loads user", func(t *testing.T) { t.Run("Testing DB - creates and loads user", func(t *testing.T) {
ss := db.InitTestDB(t) ss := db.InitTestDB(t)
_, usrSvc := createOrgAndUserSvc(t, ss, cfg) _, usrSvc := createOrgAndUserSvc(t, ss, cfg)
@ -458,15 +375,6 @@ func TestIntegrationUserDataAccess(t *testing.T) {
} }
}) })
t.Run("update user", func(t *testing.T) {
err := userStore.UpdateUser(context.Background(), &user.User{ID: 1, Name: "testtestest", Login: "loginloginlogin"})
require.NoError(t, err)
result, err := userStore.GetByID(context.Background(), 1)
require.NoError(t, err)
assert.Equal(t, result.Name, "testtestest")
assert.Equal(t, result.Login, "loginloginlogin")
})
t.Run("Testing DB - grafana admin users", func(t *testing.T) { t.Run("Testing DB - grafana admin users", func(t *testing.T) {
ss := db.InitTestDB(t) ss := db.InitTestDB(t)
_, usrSvc := createOrgAndUserSvc(t, ss, cfg) _, usrSvc := createOrgAndUserSvc(t, ss, cfg)
@ -483,7 +391,7 @@ func TestIntegrationUserDataAccess(t *testing.T) {
UserID: usr.ID, UserID: usr.ID,
IsGrafanaAdmin: boolPtr(false), IsGrafanaAdmin: boolPtr(false),
}) })
require.ErrorIs(t, user.ErrLastGrafanaAdmin, err) require.ErrorIs(t, err, user.ErrLastGrafanaAdmin)
usr, err = userStore.GetByID(context.Background(), usr.ID) usr, err = userStore.GetByID(context.Background(), usr.ID)
require.NoError(t, err) require.NoError(t, err)
@ -518,9 +426,28 @@ func TestIntegrationUserDataAccess(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
}) })
t.Run("SetHelpFlag", func(t *testing.T) { t.Run("Update HelpFlags", func(t *testing.T) {
err := userStore.SetHelpFlag(context.Background(), &user.SetUserHelpFlagCommand{UserID: 1, HelpFlags1: user.HelpFlags1(1)}) id, err := userStore.Insert(context.Background(), &user.User{
Email: "help@test.com",
Name: "help",
Login: "help",
Updated: time.Now(),
Created: time.Now(),
LastSeenAt: time.Now(),
})
require.NoError(t, err)
original, err := userStore.GetByID(context.Background(), id)
require.NoError(t, err)
helpflags := user.HelpFlags1(1)
err = userStore.Update(context.Background(), &user.UpdateUserCommand{UserID: id, HelpFlags1: &helpflags})
require.NoError(t, err) require.NoError(t, err)
got, err := userStore.GetByID(context.Background(), id)
require.NoError(t, err)
original.HelpFlags1 = helpflags
assertEqualUser(t, original, got)
}) })
t.Run("Testing DB - return list users based on their is_disabled flag", func(t *testing.T) { t.Run("Testing DB - return list users based on their is_disabled flag", func(t *testing.T) {
@ -1013,6 +940,18 @@ func TestMetricsUsage(t *testing.T) {
}) })
} }
func assertEqualUser(t *testing.T, expected, got *user.User) {
// zero out time fields
expected.Updated = time.Time{}
expected.Created = time.Time{}
expected.LastSeenAt = time.Time{}
got.Updated = time.Time{}
got.Created = time.Time{}
got.LastSeenAt = time.Time{}
assert.Equal(t, expected, got)
}
func createOrgAndUserSvc(t *testing.T, store db.DB, cfg *setting.Cfg) (org.Service, user.Service) { func createOrgAndUserSvc(t *testing.T, store db.DB, cfg *setting.Cfg) (org.Service, user.Service) {
t.Helper() t.Helper()

46
pkg/services/user/userimpl/user.go
Unescape View File

@ -202,7 +202,7 @@ func (s *Service) Create(ctx context.Context, cmd *user.CreateUserCommand) (*use
} }
func (s *Service) Delete(ctx context.Context, cmd *user.DeleteUserCommand) error { func (s *Service) Delete(ctx context.Context, cmd *user.DeleteUserCommand) error {
_, err := s.store.GetNotServiceAccount(ctx, cmd.UserID) _, err := s.store.GetByID(ctx, cmd.UserID)
if err != nil { if err != nil {
return err return err
} }
@ -251,6 +251,24 @@ func (s *Service) Update(ctx context.Context, cmd *user.UpdateUserCommand) error
cmd.Password = &hashed cmd.Password = &hashed
} }
if cmd.OrgID != nil {
orgs, err := s.orgService.GetUserOrgList(ctx, &org.GetUserOrgListQuery{UserID: cmd.UserID})
if err != nil {
return err
}
valid := false
for _, org := range orgs {
if org.OrgID == *cmd.OrgID {
valid = true
}
}
if !valid {
return fmt.Errorf("user does not belong to org")
}
}
return s.store.Update(ctx, cmd) return s.store.Update(ctx, cmd)
} }
@ -275,28 +293,6 @@ func shouldUpdateLastSeen(t time.Time) bool {
return time.Since(t) > time.Minute*5 return time.Since(t) > time.Minute*5
} }
func (s *Service) SetUsingOrg(ctx context.Context, cmd *user.SetUsingOrgCommand) error {
getOrgsForUserCmd := &org.GetUserOrgListQuery{UserID: cmd.UserID}
orgsForUser, err := s.orgService.GetUserOrgList(ctx, getOrgsForUserCmd)
if err != nil {
return err
}
valid := false
for _, other := range orgsForUser {
if other.OrgID == cmd.OrgID {
valid = true
}
}
if !valid {
return fmt.Errorf("user does not belong to org")
}
return s.store.UpdateUser(ctx, &user.User{
ID: cmd.UserID,
OrgID: cmd.OrgID,
})
}
func (s *Service) GetSignedInUserWithCacheCtx(ctx context.Context, query *user.GetSignedInUserQuery) (*user.SignedInUser, error) { func (s *Service) GetSignedInUserWithCacheCtx(ctx context.Context, query *user.GetSignedInUserQuery) (*user.SignedInUser, error) {
var signedInUser *user.SignedInUser var signedInUser *user.SignedInUser
@ -350,10 +346,6 @@ func (s *Service) BatchDisableUsers(ctx context.Context, cmd *user.BatchDisableU
return s.store.BatchDisableUsers(ctx, cmd) return s.store.BatchDisableUsers(ctx, cmd)
} }
func (s *Service) SetUserHelpFlag(ctx context.Context, cmd *user.SetUserHelpFlagCommand) error {
return s.store.SetHelpFlag(ctx, cmd)
}
func (s *Service) GetProfile(ctx context.Context, query *user.GetUserProfileQuery) (*user.UserProfileDTO, error) { func (s *Service) GetProfile(ctx context.Context, query *user.GetUserProfileQuery) (*user.UserProfileDTO, error) {
result, err := s.store.GetProfile(ctx, query) result, err := s.store.GetProfile(ctx, query)
return result, err return result, err

108
pkg/services/user/userimpl/user_test.go
Unescape View File

@ -126,58 +126,82 @@ func TestUserService(t *testing.T) {
assert.Equal(t, query2.OrgID, result2.OrgID) assert.Equal(t, query2.OrgID, result2.OrgID)
}) })
t.Run("Can set using org", func(t *testing.T) { t.Run("SignedInUserQuery with a different org", func(t *testing.T) {
cmd := user.SetUsingOrgCommand{UserID: 2, OrgID: 1} query := user.GetSignedInUserQuery{UserID: 2}
orgService.ExpectedUserOrgDTO = []*org.UserOrgDTO{{OrgID: 1}} userStore.ExpectedSignedInUser = &user.SignedInUser{
OrgID: 1,
Email: "ac2@test.com",
Name: "ac2 name",
Login: "ac2",
OrgName: "ac1@test.com",
}
userStore.ExpectedError = nil userStore.ExpectedError = nil
err := userService.SetUsingOrg(context.Background(), &cmd) queryResult, err := userService.GetSignedInUser(context.Background(), &query)
require.NoError(t, err)
t.Run("SignedInUserQuery with a different org", func(t *testing.T) { require.NoError(t, err)
query := user.GetSignedInUserQuery{UserID: 2} require.EqualValues(t, queryResult.OrgID, 1)
userStore.ExpectedSignedInUser = &user.SignedInUser{ require.Equal(t, queryResult.Email, "ac2@test.com")
OrgID: 1, require.Equal(t, queryResult.Name, "ac2 name")
Email: "ac2@test.com", require.Equal(t, queryResult.Login, "ac2")
Name: "ac2 name", require.Equal(t, queryResult.OrgName, "ac1@test.com")
Login: "ac2",
OrgName: "ac1@test.com",
}
queryResult, err := userService.GetSignedInUser(context.Background(), &query)
require.NoError(t, err)
require.EqualValues(t, queryResult.OrgID, 1)
require.Equal(t, queryResult.Email, "ac2@test.com")
require.Equal(t, queryResult.Name, "ac2 name")
require.Equal(t, queryResult.Login, "ac2")
require.Equal(t, queryResult.OrgName, "ac1@test.com")
})
}) })
} }
func TestService_Update(t *testing.T) { func TestService_Update(t *testing.T) {
setup := func(opts ...func(svc *Service)) *Service {
service := &Service{store: &FakeUserStore{}}
for _, o := range opts {
o(service)
}
return service
}
t.Run("should return error if old password does not match stored password", func(t *testing.T) { t.Run("should return error if old password does not match stored password", func(t *testing.T) {
stored, err := user.Password("test").Hash("salt") service := setup(func(svc *Service) {
require.NoError(t, err) stored, err := user.Password("test").Hash("salt")
service := &Service{store: &FakeUserStore{ExpectedUser: &user.User{Password: stored, Salt: "salt"}}} require.NoError(t, err)
err = service.Update(context.Background(), &user.UpdateUserCommand{ svc.store = &FakeUserStore{ExpectedUser: &user.User{Password: stored, Salt: "salt"}}
OldPassword: passwordPtr("test123"),
}) })
err := service.Update(context.Background(), &user.UpdateUserCommand{
OldPassword: passwordPtr("test123"),
})
assert.ErrorIs(t, err, user.ErrPasswordMissmatch) assert.ErrorIs(t, err, user.ErrPasswordMissmatch)
}) })
t.Run("should return error new password is not valid", func(t *testing.T) { t.Run("should return error new password is not valid", func(t *testing.T) {
stored, err := user.Password("test").Hash("salt") service := setup(func(svc *Service) {
require.NoError(t, err) stored, err := user.Password("test").Hash("salt")
service := &Service{cfg: setting.NewCfg(), store: &FakeUserStore{ExpectedUser: &user.User{Password: stored, Salt: "salt"}}} require.NoError(t, err)
svc.cfg = setting.NewCfg()
svc.store = &FakeUserStore{ExpectedUser: &user.User{Password: stored, Salt: "salt"}}
})
err = service.Update(context.Background(), &user.UpdateUserCommand{ err := service.Update(context.Background(), &user.UpdateUserCommand{
OldPassword: passwordPtr("test"), OldPassword: passwordPtr("test"),
Password: passwordPtr("asd"), Password: passwordPtr("asd"),
}) })
require.ErrorIs(t, err, user.ErrPasswordTooShort) require.ErrorIs(t, err, user.ErrPasswordTooShort)
}) })
t.Run("Can set using org", func(t *testing.T) {
orgID := int64(1)
service := setup(func(svc *Service) {
svc.orgService = &orgtest.FakeOrgService{ExpectedUserOrgDTO: []*org.UserOrgDTO{{OrgID: orgID}}}
})
err := service.Update(context.Background(), &user.UpdateUserCommand{UserID: 2, OrgID: &orgID})
require.NoError(t, err)
})
t.Run("Cannot set using org when user is not member of it", func(t *testing.T) {
orgID := int64(1)
service := setup(func(svc *Service) {
svc.orgService = &orgtest.FakeOrgService{ExpectedUserOrgDTO: []*org.UserOrgDTO{{OrgID: 2}}}
})
err := service.Update(context.Background(), &user.UpdateUserCommand{UserID: 2, OrgID: &orgID})
require.Error(t, err)
})
} }
func TestMetrics(t *testing.T) { func TestMetrics(t *testing.T) {
@ -220,10 +244,6 @@ func newUserStoreFake() *FakeUserStore {
return &FakeUserStore{} return &FakeUserStore{}
} }
func (f *FakeUserStore) Get(ctx context.Context, query *user.User) (*user.User, error) {
return f.ExpectedUser, f.ExpectedError
}
func (f *FakeUserStore) Insert(ctx context.Context, query *user.User) (int64, error) { func (f *FakeUserStore) Insert(ctx context.Context, query *user.User) (int64, error) {
return 0, f.ExpectedError return 0, f.ExpectedError
} }
@ -232,10 +252,6 @@ func (f *FakeUserStore) Delete(ctx context.Context, userID int64) error {
return f.ExpectedDeleteUserError return f.ExpectedDeleteUserError
} }
func (f *FakeUserStore) GetNotServiceAccount(ctx context.Context, userID int64) (*user.User, error) {
return f.ExpectedUser, f.ExpectedError
}
func (f *FakeUserStore) GetByID(context.Context, int64) (*user.User, error) { func (f *FakeUserStore) GetByID(context.Context, int64) (*user.User, error) {
return f.ExpectedUser, f.ExpectedError return f.ExpectedUser, f.ExpectedError
} }
@ -268,22 +284,10 @@ func (f *FakeUserStore) GetSignedInUser(ctx context.Context, query *user.GetSign
return f.ExpectedSignedInUser, f.ExpectedError return f.ExpectedSignedInUser, f.ExpectedError
} }
func (f *FakeUserStore) UpdateUser(ctx context.Context, user *user.User) error {
return f.ExpectedError
}
func (f *FakeUserStore) GetProfile(ctx context.Context, query *user.GetUserProfileQuery) (*user.UserProfileDTO, error) { func (f *FakeUserStore) GetProfile(ctx context.Context, query *user.GetUserProfileQuery) (*user.UserProfileDTO, error) {
return f.ExpectedUserProfile, f.ExpectedError return f.ExpectedUserProfile, f.ExpectedError
} }
func (f *FakeUserStore) SetHelpFlag(ctx context.Context, cmd *user.SetUserHelpFlagCommand) error {
return f.ExpectedError
}
func (f *FakeUserStore) UpdatePermissions(ctx context.Context, userID int64, isAdmin bool) error {
return f.ExpectedError
}
func (f *FakeUserStore) BatchDisableUsers(ctx context.Context, cmd *user.BatchDisableUsersCommand) error { func (f *FakeUserStore) BatchDisableUsers(ctx context.Context, cmd *user.BatchDisableUsersCommand) error {
return f.ExpectedError return f.ExpectedError
} }

8
pkg/services/user/usertest/fake.go
Unescape View File

@ -71,10 +71,6 @@ func (f *FakeUserService) UpdateLastSeenAt(ctx context.Context, cmd *user.Update
return f.ExpectedError return f.ExpectedError
} }
func (f *FakeUserService) SetUsingOrg(ctx context.Context, cmd *user.SetUsingOrgCommand) error {
return f.ExpectedSetUsingOrgError
}
func (f *FakeUserService) GetSignedInUserWithCacheCtx(ctx context.Context, query *user.GetSignedInUserQuery) (*user.SignedInUser, error) { func (f *FakeUserService) GetSignedInUserWithCacheCtx(ctx context.Context, query *user.GetSignedInUserQuery) (*user.SignedInUser, error) {
return f.GetSignedInUser(ctx, query) return f.GetSignedInUser(ctx, query)
} }
@ -104,10 +100,6 @@ func (f *FakeUserService) BatchDisableUsers(ctx context.Context, cmd *user.Batch
return f.ExpectedError return f.ExpectedError
} }
func (f *FakeUserService) SetUserHelpFlag(ctx context.Context, cmd *user.SetUserHelpFlagCommand) error {
return f.ExpectedError
}
func (f *FakeUserService) GetProfile(ctx context.Context, query *user.GetUserProfileQuery) (*user.UserProfileDTO, error) { func (f *FakeUserService) GetProfile(ctx context.Context, query *user.GetUserProfileQuery) (*user.UserProfileDTO, error) {
if f.ExpectedUserProfileDTO != nil { if f.ExpectedUserProfileDTO != nil {
return f.ExpectedUserProfileDTO, f.ExpectedError return f.ExpectedUserProfileDTO, f.ExpectedError

36
pkg/services/user/usertest/mock.go
Unescape View File

@ -340,42 +340,6 @@ func (_m *MockService) Search(_a0 context.Context, _a1 *user.SearchUsersQuery) (
return r0, r1 return r0, r1
} }
// SetUserHelpFlag provides a mock function with given fields: _a0, _a1
func (_m *MockService) SetUserHelpFlag(_a0 context.Context, _a1 *user.SetUserHelpFlagCommand) error {
ret := _m.Called(_a0, _a1)
if len(ret) == 0 {
panic("no return value specified for SetUserHelpFlag")
}
var r0 error
if rf, ok := ret.Get(0).(func(context.Context, *user.SetUserHelpFlagCommand) error); ok {
r0 = rf(_a0, _a1)
} else {
r0 = ret.Error(0)
}
return r0
}
// SetUsingOrg provides a mock function with given fields: _a0, _a1
func (_m *MockService) SetUsingOrg(_a0 context.Context, _a1 *user.SetUsingOrgCommand) error {
ret := _m.Called(_a0, _a1)
if len(ret) == 0 {
panic("no return value specified for SetUsingOrg")
}
var r0 error
if rf, ok := ret.Get(0).(func(context.Context, *user.SetUsingOrgCommand) error); ok {
r0 = rf(_a0, _a1)
} else {
r0 = ret.Error(0)
}
return r0
}
// Update provides a mock function with given fields: _a0, _a1 // Update provides a mock function with given fields: _a0, _a1
func (_m *MockService) Update(_a0 context.Context, _a1 *user.UpdateUserCommand) error { func (_m *MockService) Update(_a0 context.Context, _a1 *user.UpdateUserCommand) error {
ret := _m.Called(_a0, _a1) ret := _m.Called(_a0, _a1)

Write Preview
Loading…
Cancel
Save