apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Folders/k8s: Enable all dualwriter modes on remaining integration tests (#107992)

Browse Source 
Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
pull/108026/head
maicon 1 week ago committed by GitHub
parent c9b2126c4a
commit ce73e5126a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 213 additions and 189 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      pkg/api/apierrors/folder.go
  2. 4
      pkg/registry/apis/folders/folder_storage.go
  3. 9
      pkg/registry/apis/folders/register.go
  4. 386
      pkg/tests/apis/folder/folders_test.go

3
pkg/api/apierrors/folder.go
Unescape View File

@ -41,7 +41,8 @@ func ToFolderErrorResponse(err error) response.Response {
return response.Error(http.StatusConflict, err.Error(), nil)
}
if errors.Is(err, dashboards.ErrFolderVersionMismatch) {
if errors.Is(err, dashboards.ErrFolderVersionMismatch) ||
k8sErrors.IsAlreadyExists(err) {
return response.JSON(http.StatusPreconditionFailed, util.DynMap{"status": "version-mismatch", "message": dashboards.ErrFolderVersionMismatch.Error()})
}

4
pkg/registry/apis/folders/folder_storage.go
Unescape View File

@ -11,6 +11,7 @@ import (
claims "github.com/grafana/authlib/types"
folders "github.com/grafana/grafana/apps/folder/pkg/apis/folder/v1beta1"
"github.com/grafana/grafana/pkg/api/apierrors"
"github.com/grafana/grafana/pkg/apimachinery/identity"
"github.com/grafana/grafana/pkg/apimachinery/utils"
grafanarest "github.com/grafana/grafana/pkg/apiserver/rest"
@ -79,7 +80,8 @@ func (s *folderStorage) Create(ctx context.Context,
) (runtime.Object, error) {
obj, err := s.store.Create(ctx, obj, createValidation, options)
if err != nil {
return nil, err
statusErr := apierrors.ToFolderStatusError(err)
return nil, &statusErr
}
info, err := request.NamespaceInfoFrom(ctx, true)

9
pkg/registry/apis/folders/register.go
Unescape View File

@ -34,6 +34,7 @@ import (
"github.com/grafana/grafana/pkg/storage/unified/apistore"
"github.com/grafana/grafana/pkg/storage/unified/resource"
"github.com/grafana/grafana/pkg/storage/unified/resourcepb"
"github.com/grafana/grafana/pkg/util"
)
var _ builder.APIGroupBuilder = (*FolderAPIBuilder)(nil)
@ -302,6 +303,14 @@ func (b *FolderAPIBuilder) validateOnCreate(ctx context.Context, id string, obj
}
}
if !util.IsValidShortUID(id) {
return dashboards.ErrDashboardInvalidUid
}
if util.IsShortUIDTooLong(id) {
return dashboards.ErrDashboardUidTooLong
}
f, ok := obj.(*folders.Folder)
if !ok {
return fmt.Errorf("obj is not folders.Folder")

386
pkg/tests/apis/folder/folders_test.go
Unescape View File

@ -664,52 +664,56 @@ func TestIntegrationFolderCreatePermissions(t *testing.T) {
},
}
for _, tc := range tcs {
t.Run(tc.description, func(t *testing.T) {
helper := apis.NewK8sTestHelper(t, testinfra.GrafanaOpts{
AppModeProduction: true,
DisableAnonymous: true,
APIServerStorageType: "unified",
UnifiedStorageConfig: map[string]setting.UnifiedStorageConfig{
folders.RESOURCEGROUP: {
DualWriterMode: grafanarest.Mode1,
// test on all dualwriter modes
for mode := 0; mode <= 4; mode++ {
for _, tc := range tcs {
t.Run(fmt.Sprintf("[Mode: %v] "+tc.description, mode), func(t *testing.T) {
modeDw := grafanarest.DualWriterMode(mode)
helper := apis.NewK8sTestHelper(t, testinfra.GrafanaOpts{
AppModeProduction: true,
DisableAnonymous: true,
APIServerStorageType: "unified",
UnifiedStorageConfig: map[string]setting.UnifiedStorageConfig{
folders.RESOURCEGROUP: {
DualWriterMode: modeDw,
},
},
},
EnableFeatureToggles: []string{
featuremgmt.FlagNestedFolders,
featuremgmt.FlagKubernetesClientDashboardsFolders,
},
})
EnableFeatureToggles: []string{
featuremgmt.FlagNestedFolders,
featuremgmt.FlagKubernetesClientDashboardsFolders,
},
})
user := helper.CreateUser("user", apis.Org1, org.RoleViewer, tc.permissions)
user := helper.CreateUser("user", apis.Org1, org.RoleViewer, tc.permissions)
parentPayload := `{
parentPayload := `{
"title": "Test/parent",
"uid": "parentuid"
}`
parentCreate := apis.DoRequest(helper, apis.RequestParams{
User: helper.Org1.Admin,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(parentPayload),
}, &folder.Folder{})
require.NotNil(t, parentCreate.Result)
parentUID := parentCreate.Result.UID
require.NotEmpty(t, parentUID)
resp := apis.DoRequest(helper, apis.RequestParams{
User: user,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(tc.input),
}, &dtos.Folder{})
require.Equal(t, tc.expectedCode, resp.Response.StatusCode)
if tc.expectedCode == http.StatusOK {
require.Equal(t, "uid", resp.Result.UID)
require.Equal(t, "Folder", resp.Result.Title)
}
})
parentCreate := apis.DoRequest(helper, apis.RequestParams{
User: helper.Org1.Admin,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(parentPayload),
}, &folder.Folder{})
require.NotNil(t, parentCreate.Result)
parentUID := parentCreate.Result.UID
require.NotEmpty(t, parentUID)
resp := apis.DoRequest(helper, apis.RequestParams{
User: user,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(tc.input),
}, &dtos.Folder{})
require.Equal(t, tc.expectedCode, resp.Response.StatusCode)
if tc.expectedCode == http.StatusOK {
require.Equal(t, "uid", resp.Result.UID)
require.Equal(t, "Folder", resp.Result.Title)
}
})
}
}
}
@ -768,100 +772,104 @@ func TestIntegrationFolderGetPermissions(t *testing.T) {
},
}
for _, tc := range tcs {
t.Run(tc.description, func(t *testing.T) {
helper := apis.NewK8sTestHelper(t, testinfra.GrafanaOpts{
AppModeProduction: true,
DisableAnonymous: true,
APIServerStorageType: "unified",
UnifiedStorageConfig: map[string]setting.UnifiedStorageConfig{
folders.RESOURCEGROUP: {
DualWriterMode: grafanarest.Mode1,
// test on all dualwriter modes
for mode := 0; mode <= 4; mode++ {
for _, tc := range tcs {
t.Run(fmt.Sprintf("[Mode: %v] "+tc.description, mode), func(t *testing.T) {
modeDw := grafanarest.DualWriterMode(mode)
helper := apis.NewK8sTestHelper(t, testinfra.GrafanaOpts{
AppModeProduction: true,
DisableAnonymous: true,
APIServerStorageType: "unified",
UnifiedStorageConfig: map[string]setting.UnifiedStorageConfig{
folders.RESOURCEGROUP: {
DualWriterMode: modeDw,
},
},
},
EnableFeatureToggles: []string{
featuremgmt.FlagNestedFolders,
featuremgmt.FlagKubernetesClientDashboardsFolders,
},
})
EnableFeatureToggles: []string{
featuremgmt.FlagNestedFolders,
featuremgmt.FlagKubernetesClientDashboardsFolders,
},
})
// Create parent folder
parentPayload := `{
// Create parent folder
parentPayload := `{
"title": "testparent",
"uid": "parentuid"
}`
parentCreate := apis.DoRequest(helper, apis.RequestParams{
User: helper.Org1.Admin,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(parentPayload),
}, &folder.Folder{})
require.NotNil(t, parentCreate.Result)
parentUID := parentCreate.Result.UID
require.NotEmpty(t, parentUID)
// Create descendant folder
payload := "{ \"uid\": \"descuid\", \"title\": \"Folder\", \"parentUid\": \"parentuid\"}"
resp := apis.DoRequest(helper, apis.RequestParams{
User: helper.Org1.Admin,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(payload),
}, &dtos.Folder{})
require.Equal(t, http.StatusOK, resp.Response.StatusCode)
user := helper.CreateUser("user", apis.Org1, org.RoleNone, tc.permissions)
// Get with accesscontrol disabled
getResp := apis.DoRequest(helper, apis.RequestParams{
User: user,
Method: http.MethodGet,
Path: "/api/folders/descuid",
}, &dtos.Folder{})
require.Equal(t, tc.expectedCode, getResp.Response.StatusCode)
require.NotNil(t, getResp.Result)
require.False(t, getResp.Result.AccessControl[dashboards.ActionFoldersRead])
require.False(t, getResp.Result.AccessControl[dashboards.ActionFoldersWrite])
parents := getResp.Result.Parents
require.Equal(t, len(tc.expectedParentUIDs), len(parents))
require.Equal(t, len(tc.expectedParentTitles), len(parents))
for i := 0; i < len(tc.expectedParentUIDs); i++ {
require.Equal(t, tc.expectedParentUIDs[i], parents[i].UID)
require.Equal(t, tc.expectedParentTitles[i], parents[i].Title)
}
// Get with accesscontrol enabled
if tc.checkAccessControl {
acPerms := []resourcepermissions.SetResourcePermissionCommand{
{
Actions: []string{dashboards.ActionFoldersRead},
Resource: "folders",
ResourceAttribute: "uid",
ResourceID: "*",
},
{
Actions: []string{dashboards.ActionFoldersWrite},
Resource: "folders",
ResourceAttribute: "uid",
ResourceID: "parentuid",
},
}
acUser := helper.CreateUser("acuser", apis.Org1, org.RoleNone, acPerms)
parentCreate := apis.DoRequest(helper, apis.RequestParams{
User: helper.Org1.Admin,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(parentPayload),
}, &folder.Folder{})
require.NotNil(t, parentCreate.Result)
parentUID := parentCreate.Result.UID
require.NotEmpty(t, parentUID)
// Create descendant folder
payload := "{ \"uid\": \"descuid\", \"title\": \"Folder\", \"parentUid\": \"parentuid\"}"
resp := apis.DoRequest(helper, apis.RequestParams{
User: helper.Org1.Admin,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(payload),
}, &dtos.Folder{})
require.Equal(t, http.StatusOK, resp.Response.StatusCode)
user := helper.CreateUser("user", apis.Org1, org.RoleNone, tc.permissions)
getWithAC := apis.DoRequest(helper, apis.RequestParams{
User: acUser,
// Get with accesscontrol disabled
getResp := apis.DoRequest(helper, apis.RequestParams{
User: user,
Method: http.MethodGet,
Path: "/api/folders/descuid?accesscontrol=true",
Path: "/api/folders/descuid",
}, &dtos.Folder{})
require.Equal(t, tc.expectedCode, getWithAC.Response.StatusCode)
require.NotNil(t, getWithAC.Result)
require.Equal(t, tc.expectedCode, getResp.Response.StatusCode)
require.NotNil(t, getResp.Result)
require.False(t, getResp.Result.AccessControl[dashboards.ActionFoldersRead])
require.False(t, getResp.Result.AccessControl[dashboards.ActionFoldersWrite])
parents := getResp.Result.Parents
require.Equal(t, len(tc.expectedParentUIDs), len(parents))
require.Equal(t, len(tc.expectedParentTitles), len(parents))
for i := 0; i < len(tc.expectedParentUIDs); i++ {
require.Equal(t, tc.expectedParentUIDs[i], parents[i].UID)
require.Equal(t, tc.expectedParentTitles[i], parents[i].Title)
}
require.True(t, getWithAC.Result.AccessControl[dashboards.ActionFoldersRead])
require.True(t, getWithAC.Result.AccessControl[dashboards.ActionFoldersWrite])
}
})
// Get with accesscontrol enabled
if tc.checkAccessControl {
acPerms := []resourcepermissions.SetResourcePermissionCommand{
{
Actions: []string{dashboards.ActionFoldersRead},
Resource: "folders",
ResourceAttribute: "uid",
ResourceID: "*",
},
{
Actions: []string{dashboards.ActionFoldersWrite},
Resource: "folders",
ResourceAttribute: "uid",
ResourceID: "parentuid",
},
}
acUser := helper.CreateUser("acuser", apis.Org1, org.RoleNone, acPerms)
getWithAC := apis.DoRequest(helper, apis.RequestParams{
User: acUser,
Method: http.MethodGet,
Path: "/api/folders/descuid?accesscontrol=true",
}, &dtos.Folder{})
require.Equal(t, tc.expectedCode, getWithAC.Response.StatusCode)
require.NotNil(t, getWithAC.Result)
require.True(t, getWithAC.Result.AccessControl[dashboards.ActionFoldersRead])
require.True(t, getWithAC.Result.AccessControl[dashboards.ActionFoldersWrite])
}
})
}
}
}
@ -948,76 +956,80 @@ func TestIntegrationFoldersCreateAPIEndpointK8S(t *testing.T) {
},
}
for _, tc := range tcs {
t.Run(testDescription(tc.description, tc.expectedFolderSvcError), func(t *testing.T) {
helper := apis.NewK8sTestHelper(t, testinfra.GrafanaOpts{
AppModeProduction: true,
DisableAnonymous: true,
APIServerStorageType: "unified",
UnifiedStorageConfig: map[string]setting.UnifiedStorageConfig{
folders.RESOURCEGROUP: {
DualWriterMode: grafanarest.Mode1,
// test on all dualwriter modes
for mode := 0; mode <= 4; mode++ {
for _, tc := range tcs {
t.Run(fmt.Sprintf("[Mode: %v] "+testDescription(tc.description, tc.expectedFolderSvcError), mode), func(t *testing.T) {
modeDw := grafanarest.DualWriterMode(mode)
helper := apis.NewK8sTestHelper(t, testinfra.GrafanaOpts{
AppModeProduction: true,
DisableAnonymous: true,
APIServerStorageType: "unified",
UnifiedStorageConfig: map[string]setting.UnifiedStorageConfig{
folders.RESOURCEGROUP: {
DualWriterMode: modeDw,
},
},
},
EnableFeatureToggles: []string{
featuremgmt.FlagNestedFolders,
featuremgmt.FlagKubernetesClientDashboardsFolders,
},
})
EnableFeatureToggles: []string{
featuremgmt.FlagNestedFolders,
featuremgmt.FlagKubernetesClientDashboardsFolders,
},
})
userTest := helper.CreateUser("user", apis.Org1, org.RoleViewer, tc.permissions)
userTest := helper.CreateUser("user", apis.Org1, org.RoleViewer, tc.permissions)
if tc.createSecondRecord {
client := helper.GetResourceClient(apis.ResourceClientArgs{
User: helper.Org1.Admin,
GVR: gvr,
})
create2 := apis.DoRequest(helper, apis.RequestParams{
User: client.Args.User,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(tc.input),
}, &folder.Folder{})
require.NotEmpty(t, create2.Response)
require.Equal(t, http.StatusOK, create2.Response.StatusCode)
}
addr := helper.GetEnv().Server.HTTPServer.Listener.Addr()
login := userTest.Identity.GetLogin()
baseUrl := fmt.Sprintf("http://%s:%s@%s", login, user.Password("user"), addr)
req, err := http.NewRequest(http.MethodPost, fmt.Sprintf(
"%s%s",
baseUrl,
"/api/folders",
), bytes.NewBuffer([]byte(tc.input)))
require.NoError(t, err)
req.Header.Set("Content-Type", "application/json")
if tc.createSecondRecord {
client := helper.GetResourceClient(apis.ResourceClientArgs{
User: helper.Org1.Admin,
GVR: gvr,
})
create2 := apis.DoRequest(helper, apis.RequestParams{
User: client.Args.User,
Method: http.MethodPost,
Path: "/api/folders",
Body: []byte(tc.input),
}, &folder.Folder{})
require.NotEmpty(t, create2.Response)
require.Equal(t, http.StatusOK, create2.Response.StatusCode)
}
resp, err := http.DefaultClient.Do(req)
require.NoError(t, err)
require.NotNil(t, resp)
require.Equal(t, tc.expectedCode, resp.StatusCode)
addr := helper.GetEnv().Server.HTTPServer.Listener.Addr()
login := userTest.Identity.GetLogin()
baseUrl := fmt.Sprintf("http://%s:%s@%s", login, user.Password("user"), addr)
type folderWithMessage struct {
dtos.Folder
Message string `json:"message"`
}
req, err := http.NewRequest(http.MethodPost, fmt.Sprintf(
"%s%s",
baseUrl,
"/api/folders",
), bytes.NewBuffer([]byte(tc.input)))
require.NoError(t, err)
req.Header.Set("Content-Type", "application/json")
folder := folderWithMessage{}
err = json.NewDecoder(resp.Body).Decode(&folder)
require.NoError(t, err)
require.NoError(t, resp.Body.Close())
resp, err := http.DefaultClient.Do(req)
require.NoError(t, err)
require.NotNil(t, resp)
require.Equal(t, tc.expectedCode, resp.StatusCode)
if tc.expectedCode == http.StatusOK {
require.Equal(t, "uid", folder.UID)
require.Equal(t, "Folder", folder.Title)
}
type folderWithMessage struct {
dtos.Folder
Message string `json:"message"`
}
if tc.expectedMessage != "" {
require.Equal(t, tc.expectedMessage, folder.Message)
}
})
folder := folderWithMessage{}
err = json.NewDecoder(resp.Body).Decode(&folder)
require.NoError(t, err)
require.NoError(t, resp.Body.Close())
if tc.expectedCode == http.StatusOK {
require.Equal(t, "uid", folder.UID)
require.Equal(t, "Folder", folder.Title)
}
if tc.expectedMessage != "" {
require.Equal(t, tc.expectedMessage, folder.Message)
}
})
}
}
}

Write Preview
Loading…
Cancel
Save