apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

RBAC: inherit folder permissions when resolving managed permissions (#62244)

Browse Source 
* add nested folder scope inheritance to managed permission services

* add a more specific erorr

* remove circular dependencies

* use errutil for returning erorr

* fix tests

* fix tests

* define a new error in ac package
pull/61868/head^2
Ieva 2 years ago committed by GitHub
parent 3bda112c5f
commit ee3d742c7d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 71 additions and 56 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      pkg/api/dashboard_permission_test.go
  2. 2
      pkg/api/dashboard_test.go
  3. 32
      pkg/api/folder.go
  4. 3
      pkg/api/folder_test.go
  5. 3
      pkg/services/accesscontrol/models.go
  6. 16
      pkg/services/accesscontrol/ossaccesscontrol/permissions_services.go
  7. 11
      pkg/services/dashboards/accesscontrol.go
  8. 26
      pkg/services/folder/folderimpl/folder.go
  9. 4
      pkg/services/folder/folderimpl/folder_test.go
  10. 4
      pkg/services/guardian/accesscontrol_guardian_test.go
  11. 5
      pkg/services/libraryelements/libraryelements_test.go
  12. 7
      pkg/services/librarypanels/librarypanels_test.go
  13. 2
      pkg/services/ngalert/tests/util.go

2
pkg/api/dashboard_permission_test.go
Unescape View File

@ -40,7 +40,7 @@ func TestDashboardPermissionAPIEndpoint(t *testing.T) {
folderPermissions := accesscontrolmock.NewMockedPermissionsService() folderPermissions := accesscontrolmock.NewMockedPermissionsService()
dashboardPermissions := accesscontrolmock.NewMockedPermissionsService() dashboardPermissions := accesscontrolmock.NewMockedPermissionsService()
folderSvc := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), settings, dashboardStore, dashboards.NewFakeFolderStore(t), mockSQLStore, featuremgmt.WithFeatures(), nil) folderSvc := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), settings, dashboardStore, dashboards.NewFakeFolderStore(t), mockSQLStore, featuremgmt.WithFeatures())
hs := &HTTPServer{ hs := &HTTPServer{
Cfg: settings, Cfg: settings,
SQLStore: mockSQLStore, SQLStore: mockSQLStore,

2
pkg/api/dashboard_test.go
Unescape View File

@ -983,7 +983,7 @@ func getDashboardShouldReturn200WithConfig(t *testing.T, sc *scenarioContext, pr
dashboardPermissions := accesscontrolmock.NewMockedPermissionsService() dashboardPermissions := accesscontrolmock.NewMockedPermissionsService()
features := featuremgmt.WithFeatures() features := featuremgmt.WithFeatures()
folderSvc := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, dashboardStore, folderStore, db.InitTestDB(t), featuremgmt.WithFeatures(), nil) folderSvc := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, dashboardStore, folderStore, db.InitTestDB(t), featuremgmt.WithFeatures())
if dashboardService == nil { if dashboardService == nil {
dashboardService = service.ProvideDashboardService( dashboardService = service.ProvideDashboardService(

32
pkg/api/folder.go
Unescape View File

@ -1,6 +1,7 @@
package api package api
import ( import (
"context"
"errors" "errors"
"net/http" "net/http"
"strconv" "strconv"
@ -8,13 +9,16 @@ import (
"github.com/grafana/grafana/pkg/api/apierrors" "github.com/grafana/grafana/pkg/api/apierrors"
"github.com/grafana/grafana/pkg/api/dtos" "github.com/grafana/grafana/pkg/api/dtos"
"github.com/grafana/grafana/pkg/api/response" "github.com/grafana/grafana/pkg/api/response"
"github.com/grafana/grafana/pkg/services/accesscontrol"
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model" contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
"github.com/grafana/grafana/pkg/services/dashboards" "github.com/grafana/grafana/pkg/services/dashboards"
"github.com/grafana/grafana/pkg/services/featuremgmt" "github.com/grafana/grafana/pkg/services/featuremgmt"
"github.com/grafana/grafana/pkg/services/folder" "github.com/grafana/grafana/pkg/services/folder"
"github.com/grafana/grafana/pkg/services/guardian" "github.com/grafana/grafana/pkg/services/guardian"
"github.com/grafana/grafana/pkg/services/libraryelements" "github.com/grafana/grafana/pkg/services/libraryelements"
"github.com/grafana/grafana/pkg/services/org"
"github.com/grafana/grafana/pkg/services/search" "github.com/grafana/grafana/pkg/services/search"
"github.com/grafana/grafana/pkg/services/user"
"github.com/grafana/grafana/pkg/web" "github.com/grafana/grafana/pkg/web"
) )
@ -152,6 +156,10 @@ func (hs *HTTPServer) CreateFolder(c *contextmodel.ReqContext) response.Response
return apierrors.ToFolderErrorResponse(err) return apierrors.ToFolderErrorResponse(err)
} }
if err := hs.setDefaultFolderPermissions(c.Req.Context(), cmd.OrgID, cmd.SignedInUser, folder); err != nil {
hs.log.Error("Could not set the default folder permissions", "folder", folder.Title, "user", cmd.SignedInUser, "error", err)
}
// Clear permission cache for the user who's created the folder, so that new permissions are fetched for their next call // Clear permission cache for the user who's created the folder, so that new permissions are fetched for their next call
// Required for cases when caller wants to immediately interact with the newly created object // Required for cases when caller wants to immediately interact with the newly created object
if !hs.AccessControl.IsDisabled() { if !hs.AccessControl.IsDisabled() {
@ -167,6 +175,30 @@ func (hs *HTTPServer) CreateFolder(c *contextmodel.ReqContext) response.Response
return response.JSON(http.StatusOK, hs.newToFolderDto(c, g, folder)) return response.JSON(http.StatusOK, hs.newToFolderDto(c, g, folder))
} }
func (hs *HTTPServer) setDefaultFolderPermissions(ctx context.Context, orgID int64, user *user.SignedInUser, folder *folder.Folder) error {
// Set default folder permissions
var permissionErr error
if !accesscontrol.IsDisabled(hs.Cfg) {
var permissions []accesscontrol.SetResourcePermissionCommand
if user.IsRealUser() && !user.IsAnonymous {
permissions = append(permissions, accesscontrol.SetResourcePermissionCommand{
UserID: user.UserID, Permission: dashboards.PERMISSION_ADMIN.String(),
})
}
permissions = append(permissions, []accesscontrol.SetResourcePermissionCommand{
{BuiltinRole: string(org.RoleEditor), Permission: dashboards.PERMISSION_EDIT.String()},
{BuiltinRole: string(org.RoleViewer), Permission: dashboards.PERMISSION_VIEW.String()},
}...)
_, permissionErr = hs.folderPermissionsService.SetPermissions(ctx, orgID, folder.UID, permissions...)
return permissionErr
} else if hs.Cfg.EditorsCanAdmin && user.IsRealUser() && !user.IsAnonymous {
return hs.folderService.MakeUserAdmin(ctx, orgID, user.UserID, folder.ID, true)
}
return nil
}
func (hs *HTTPServer) MoveFolder(c *contextmodel.ReqContext) response.Response { func (hs *HTTPServer) MoveFolder(c *contextmodel.ReqContext) response.Response {
if hs.Features.IsEnabled(featuremgmt.FlagNestedFolders) { if hs.Features.IsEnabled(featuremgmt.FlagNestedFolders) {
cmd := folder.MoveFolderCommand{} cmd := folder.MoveFolderCommand{}

3
pkg/api/folder_test.go
Unescape View File

@ -248,12 +248,15 @@ func createFolderScenario(t *testing.T, desc string, url string, routePattern st
dashSvc.On("GetDashboard", mock.Anything, mock.AnythingOfType("*dashboards.GetDashboardQuery")).Return(qResult, nil) dashSvc.On("GetDashboard", mock.Anything, mock.AnythingOfType("*dashboards.GetDashboardQuery")).Return(qResult, nil)
store := dbtest.NewFakeDB() store := dbtest.NewFakeDB()
guardian.InitLegacyGuardian(store, dashSvc, teamSvc) guardian.InitLegacyGuardian(store, dashSvc, teamSvc)
folderPermissions := acmock.NewMockedPermissionsService()
folderPermissions.On("SetPermissions", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return([]accesscontrol.ResourcePermission{}, nil)
hs := HTTPServer{ hs := HTTPServer{
AccessControl: acmock.New(), AccessControl: acmock.New(),
folderService: folderService, folderService: folderService,
Cfg: setting.NewCfg(), Cfg: setting.NewCfg(),
Features: featuremgmt.WithFeatures(), Features: featuremgmt.WithFeatures(),
accesscontrolService: actest.FakeService{}, accesscontrolService: actest.FakeService{},
folderPermissionsService: folderPermissions,
} }
sc := setupScenarioContext(t, url) sc := setupScenarioContext(t, url)

3
pkg/services/accesscontrol/models.go
Unescape View File

@ -8,8 +8,11 @@ import (
"github.com/grafana/grafana/pkg/services/annotations" "github.com/grafana/grafana/pkg/services/annotations"
"github.com/grafana/grafana/pkg/services/org" "github.com/grafana/grafana/pkg/services/org"
"github.com/grafana/grafana/pkg/util/errutil"
) )
var ErrInternal = errutil.NewBase(errutil.StatusInternal, "accesscontrol.internal")
// RoleRegistration stores a role and its assignments to built-in roles // RoleRegistration stores a role and its assignments to built-in roles
// (Viewer, Editor, Admin, Grafana Admin) // (Viewer, Editor, Admin, Grafana Admin)
type RoleRegistration struct { type RoleRegistration struct {

16
pkg/services/accesscontrol/ossaccesscontrol/permissions_services.go
Unescape View File

@ -11,6 +11,7 @@ import (
"github.com/grafana/grafana/pkg/services/accesscontrol" "github.com/grafana/grafana/pkg/services/accesscontrol"
"github.com/grafana/grafana/pkg/services/accesscontrol/resourcepermissions" "github.com/grafana/grafana/pkg/services/accesscontrol/resourcepermissions"
"github.com/grafana/grafana/pkg/services/dashboards" "github.com/grafana/grafana/pkg/services/dashboards"
"github.com/grafana/grafana/pkg/services/folder"
"github.com/grafana/grafana/pkg/services/licensing" "github.com/grafana/grafana/pkg/services/licensing"
"github.com/grafana/grafana/pkg/services/serviceaccounts" "github.com/grafana/grafana/pkg/services/serviceaccounts"
"github.com/grafana/grafana/pkg/services/serviceaccounts/retriever" "github.com/grafana/grafana/pkg/services/serviceaccounts/retriever"
@ -114,7 +115,7 @@ var DashboardAdminActions = append(DashboardEditActions, []string{dashboards.Act
func ProvideDashboardPermissions( func ProvideDashboardPermissions(
cfg *setting.Cfg, router routing.RouteRegister, sql db.DB, ac accesscontrol.AccessControl, cfg *setting.Cfg, router routing.RouteRegister, sql db.DB, ac accesscontrol.AccessControl,
license licensing.Licensing, dashboardStore dashboards.Store, service accesscontrol.Service, license licensing.Licensing, dashboardStore dashboards.Store, folderService folder.Service, service accesscontrol.Service,
teamService team.Service, userService user.Service, teamService team.Service, userService user.Service,
) (*DashboardPermissionsService, error) { ) (*DashboardPermissionsService, error) {
getDashboard := func(ctx context.Context, orgID int64, resourceID string) (*dashboards.Dashboard, error) { getDashboard := func(ctx context.Context, orgID int64, resourceID string) (*dashboards.Dashboard, error) {
@ -152,7 +153,13 @@ func ProvideDashboardPermissions(
if err != nil { if err != nil {
return nil, err return nil, err
} }
return []string{dashboards.ScopeFoldersProvider.GetResourceScopeUID(queryResult.UID)}, nil parentScope := dashboards.ScopeFoldersProvider.GetResourceScopeUID(queryResult.UID)
nestedScopes, err := dashboards.GetInheritedScopes(ctx, orgID, queryResult.UID, folderService)
if err != nil {
return nil, err
}
return append([]string{parentScope}, nestedScopes...), nil
} }
return []string{}, nil return []string{}, nil
}, },
@ -195,7 +202,7 @@ var FolderAdminActions = append(FolderEditActions, []string{dashboards.ActionFol
func ProvideFolderPermissions( func ProvideFolderPermissions(
cfg *setting.Cfg, router routing.RouteRegister, sql db.DB, accesscontrol accesscontrol.AccessControl, cfg *setting.Cfg, router routing.RouteRegister, sql db.DB, accesscontrol accesscontrol.AccessControl,
license licensing.Licensing, dashboardStore dashboards.Store, service accesscontrol.Service, license licensing.Licensing, dashboardStore dashboards.Store, folderService folder.Service, service accesscontrol.Service,
teamService team.Service, userService user.Service, teamService team.Service, userService user.Service,
) (*FolderPermissionsService, error) { ) (*FolderPermissionsService, error) {
options := resourcepermissions.Options{ options := resourcepermissions.Options{
@ -214,6 +221,9 @@ func ProvideFolderPermissions(
return nil return nil
}, },
InheritedScopesSolver: func(ctx context.Context, orgID int64, resourceID string) ([]string, error) {
return dashboards.GetInheritedScopes(ctx, orgID, resourceID, folderService)
},
Assignments: resourcepermissions.Assignments{ Assignments: resourcepermissions.Assignments{
Users: true, Users: true,
Teams: true, Teams: true,

11
pkg/services/dashboards/accesscontrol.go
Unescape View File

@ -54,7 +54,7 @@ func NewFolderNameScopeResolver(db Store, folderDB FolderStore, folderSvc folder
return nil, err return nil, err
} }
result, err := getInheritedScopes(ctx, folder.OrgID, folder.UID, folderSvc) result, err := GetInheritedScopes(ctx, folder.OrgID, folder.UID, folderSvc)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -86,7 +86,7 @@ func NewFolderIDScopeResolver(db Store, folderDB FolderStore, folderSvc folder.S
return nil, err return nil, err
} }
result, err := getInheritedScopes(ctx, folder.OrgID, folder.UID, folderSvc) result, err := GetInheritedScopes(ctx, folder.OrgID, folder.UID, folderSvc)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -158,7 +158,7 @@ func resolveDashboardScope(ctx context.Context, db Store, folderDB FolderStore,
folderUID = folder.UID folderUID = folder.UID
} }
result, err := getInheritedScopes(ctx, orgID, folderUID, folderSvc) result, err := GetInheritedScopes(ctx, orgID, folderUID, folderSvc)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -173,15 +173,14 @@ func resolveDashboardScope(ctx context.Context, db Store, folderDB FolderStore,
return result, nil return result, nil
} }
func getInheritedScopes(ctx context.Context, orgID int64, folderUID string, folderSvc folder.Service) ([]string, error) { func GetInheritedScopes(ctx context.Context, orgID int64, folderUID string, folderSvc folder.Service) ([]string, error) {
ancestors, err := folderSvc.GetParents(ctx, folder.GetParentsQuery{ ancestors, err := folderSvc.GetParents(ctx, folder.GetParentsQuery{
UID: folderUID, UID: folderUID,
OrgID: orgID, OrgID: orgID,
}) })
if err != nil { if err != nil {
// TODO return a specific error return nil, ac.ErrInternal.Errorf("could not retrieve folder parents: %w", err)
return nil, err
} }
result := make([]string, 0, len(ancestors)) result := make([]string, 0, len(ancestors))

26
pkg/services/folder/folderimpl/folder.go
Unescape View File

@ -32,7 +32,6 @@ type Service struct {
dashboardStore dashboards.Store dashboardStore dashboards.Store
dashboardFolderStore dashboards.FolderStore dashboardFolderStore dashboards.FolderStore
features featuremgmt.FeatureToggles features featuremgmt.FeatureToggles
permissions accesscontrol.FolderPermissionsService
accessControl accesscontrol.AccessControl accessControl accesscontrol.AccessControl
// bus is currently used to publish events that cause scheduler to update rules. // bus is currently used to publish events that cause scheduler to update rules.
@ -47,7 +46,6 @@ func ProvideService(
folderStore dashboards.FolderStore, folderStore dashboards.FolderStore,
db db.DB, // DB for the (new) nested folder store db db.DB, // DB for the (new) nested folder store
features featuremgmt.FeatureToggles, features featuremgmt.FeatureToggles,
folderPermissionsService accesscontrol.FolderPermissionsService,
) folder.Service { ) folder.Service {
store := ProvideStore(db, cfg, features) store := ProvideStore(db, cfg, features)
svr := &Service{ svr := &Service{
@ -57,7 +55,6 @@ func ProvideService(
dashboardFolderStore: folderStore, dashboardFolderStore: folderStore,
store: store, store: store,
features: features, features: features,
permissions: folderPermissionsService,
accessControl: ac, accessControl: ac,
bus: bus, bus: bus,
} }
@ -311,29 +308,6 @@ func (s *Service) Create(ctx context.Context, cmd *folder.CreateFolderCommand) (
return nil, err return nil, err
} }
var permissionErr error
if !accesscontrol.IsDisabled(s.cfg) {
var permissions []accesscontrol.SetResourcePermissionCommand
if user.IsRealUser() && !user.IsAnonymous {
permissions = append(permissions, accesscontrol.SetResourcePermissionCommand{
UserID: userID, Permission: dashboards.PERMISSION_ADMIN.String(),
})
}
permissions = append(permissions, []accesscontrol.SetResourcePermissionCommand{
{BuiltinRole: string(org.RoleEditor), Permission: dashboards.PERMISSION_EDIT.String()},
{BuiltinRole: string(org.RoleViewer), Permission: dashboards.PERMISSION_VIEW.String()},
}...)
_, permissionErr = s.permissions.SetPermissions(ctx, cmd.OrgID, createdFolder.UID, permissions...)
} else if s.cfg.EditorsCanAdmin && user.IsRealUser() && !user.IsAnonymous {
permissionErr = s.MakeUserAdmin(ctx, cmd.OrgID, userID, createdFolder.ID, true)
}
if permissionErr != nil {
logger.Error("Could not make user admin", "folder", createdFolder.Title, "user", userID, "error", permissionErr)
}
var nestedFolder *folder.Folder var nestedFolder *folder.Folder
if s.features.IsEnabled(featuremgmt.FlagNestedFolders) { if s.features.IsEnabled(featuremgmt.FlagNestedFolders) {
cmd := &folder.CreateFolderCommand{ cmd := &folder.CreateFolderCommand{

4
pkg/services/folder/folderimpl/folder_test.go
Unescape View File

@ -37,7 +37,7 @@ func TestIntegrationProvideFolderService(t *testing.T) {
t.Run("should register scope resolvers", func(t *testing.T) { t.Run("should register scope resolvers", func(t *testing.T) {
cfg := setting.NewCfg() cfg := setting.NewCfg()
ac := acmock.New() ac := acmock.New()
ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, nil, nil, nil, &featuremgmt.FeatureManager{}, nil) ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, nil, nil, nil, &featuremgmt.FeatureManager{})
require.Len(t, ac.Calls.RegisterAttributeScopeResolver, 2) require.Len(t, ac.Calls.RegisterAttributeScopeResolver, 2)
}) })
@ -57,7 +57,6 @@ func TestIntegrationFolderService(t *testing.T) {
cfg := setting.NewCfg() cfg := setting.NewCfg()
cfg.RBACEnabled = false cfg.RBACEnabled = false
features := featuremgmt.WithFeatures() features := featuremgmt.WithFeatures()
folderPermissions := acmock.NewMockedPermissionsService()
service := &Service{ service := &Service{
cfg: cfg, cfg: cfg,
@ -66,7 +65,6 @@ func TestIntegrationFolderService(t *testing.T) {
dashboardFolderStore: folderStore, dashboardFolderStore: folderStore,
store: nestedFolderStore, store: nestedFolderStore,
features: features, features: features,
permissions: folderPermissions,
bus: bus.ProvideBus(tracing.InitializeTracerForTest()), bus: bus.ProvideBus(tracing.InitializeTracerForTest()),
} }

4
pkg/services/guardian/accesscontrol_guardian_test.go
Unescape View File

@ -610,10 +610,10 @@ func setupAccessControlGuardianTest(t *testing.T, uid string, permissions []acce
require.NoError(t, err) require.NoError(t, err)
folderPermissions, err := ossaccesscontrol.ProvideFolderPermissions( folderPermissions, err := ossaccesscontrol.ProvideFolderPermissions(
setting.NewCfg(), routing.NewRouteRegister(), store, ac, license, &dashboards.FakeDashboardStore{}, ac, teamSvc, userSvc) setting.NewCfg(), routing.NewRouteRegister(), store, ac, license, &dashboards.FakeDashboardStore{}, foldertest.NewFakeService(), ac, teamSvc, userSvc)
require.NoError(t, err) require.NoError(t, err)
dashboardPermissions, err := ossaccesscontrol.ProvideDashboardPermissions( dashboardPermissions, err := ossaccesscontrol.ProvideDashboardPermissions(
setting.NewCfg(), routing.NewRouteRegister(), store, ac, license, &dashboards.FakeDashboardStore{}, ac, teamSvc, userSvc) setting.NewCfg(), routing.NewRouteRegister(), store, ac, license, &dashboards.FakeDashboardStore{}, foldertest.NewFakeService(), ac, teamSvc, userSvc)
require.NoError(t, err) require.NoError(t, err)
if dashboardSvc == nil { if dashboardSvc == nil {
fakeDashboardService := dashboards.NewFakeDashboardService(t) fakeDashboardService := dashboards.NewFakeDashboardService(t)

5
pkg/services/libraryelements/libraryelements_test.go
Unescape View File

@ -313,12 +313,11 @@ func createFolderWithACL(t *testing.T, sqlStore db.DB, title string, user user.S
features := featuremgmt.WithFeatures() features := featuremgmt.WithFeatures()
cfg.IsFeatureToggleEnabled = features.IsEnabled cfg.IsFeatureToggleEnabled = features.IsEnabled
ac := acmock.New() ac := acmock.New()
folderPermissions := acmock.NewMockedPermissionsService()
quotaService := quotatest.New(false, nil) quotaService := quotatest.New(false, nil)
dashboardStore, err := database.ProvideDashboardStore(sqlStore, cfg, featuremgmt.WithFeatures(), tagimpl.ProvideService(sqlStore, cfg), quotaService) dashboardStore, err := database.ProvideDashboardStore(sqlStore, cfg, featuremgmt.WithFeatures(), tagimpl.ProvideService(sqlStore, cfg), quotaService)
require.NoError(t, err) require.NoError(t, err)
s := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, dashboardStore, dashboardStore, nil, features, folderPermissions) s := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, dashboardStore, dashboardStore, nil, features)
t.Logf("Creating folder with title and UID %q", title) t.Logf("Creating folder with title and UID %q", title)
ctx := appcontext.WithUser(context.Background(), &user) ctx := appcontext.WithUser(context.Background(), &user)
folder, err := s.Create(ctx, &folder.CreateFolderCommand{ folder, err := s.Create(ctx, &folder.CreateFolderCommand{
@ -447,7 +446,7 @@ func testScenario(t *testing.T, desc string, fn func(t *testing.T, sc scenarioCo
service := LibraryElementService{ service := LibraryElementService{
Cfg: sqlStore.Cfg, Cfg: sqlStore.Cfg,
SQLStore: sqlStore, SQLStore: sqlStore,
folderService: folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), sqlStore.Cfg, dashboardStore, dashboardStore, nil, features, folderPermissions), folderService: folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), sqlStore.Cfg, dashboardStore, dashboardStore, nil, features),
} }
// deliberate difference between signed in user and user in db to make it crystal clear // deliberate difference between signed in user and user in db to make it crystal clear

7
pkg/services/librarypanels/librarypanels_test.go
Unescape View File

@ -725,11 +725,10 @@ func createFolderWithACL(t *testing.T, sqlStore db.DB, title string, user *user.
cfg.RBACEnabled = false cfg.RBACEnabled = false
cfg.IsFeatureToggleEnabled = featuremgmt.WithFeatures().IsEnabled cfg.IsFeatureToggleEnabled = featuremgmt.WithFeatures().IsEnabled
features := featuremgmt.WithFeatures() features := featuremgmt.WithFeatures()
folderPermissions := acmock.NewMockedPermissionsService()
quotaService := quotatest.New(false, nil) quotaService := quotatest.New(false, nil)
dashboardStore, err := database.ProvideDashboardStore(sqlStore, cfg, featuremgmt.WithFeatures(), tagimpl.ProvideService(sqlStore, cfg), quotaService) dashboardStore, err := database.ProvideDashboardStore(sqlStore, cfg, featuremgmt.WithFeatures(), tagimpl.ProvideService(sqlStore, cfg), quotaService)
require.NoError(t, err) require.NoError(t, err)
s := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, dashboardStore, dashboardStore, nil, features, folderPermissions) s := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, dashboardStore, dashboardStore, nil, features)
t.Logf("Creating folder with title and UID %q", title) t.Logf("Creating folder with title and UID %q", title)
ctx := appcontext.WithUser(context.Background(), user) ctx := appcontext.WithUser(context.Background(), user)
@ -837,9 +836,7 @@ func testScenario(t *testing.T, desc string, fn func(t *testing.T, sc scenarioCo
features := featuremgmt.WithFeatures() features := featuremgmt.WithFeatures()
ac := acmock.New() ac := acmock.New()
folderPermissions := acmock.NewMockedPermissionsService() folderService := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, dashboardStore, dashboardStore, nil, features)
folderService := folderimpl.ProvideService(ac, bus.ProvideBus(tracing.InitializeTracerForTest()), cfg, dashboardStore, dashboardStore, nil, features, folderPermissions)
elementService := libraryelements.ProvideService(cfg, sqlStore, routing.NewRouteRegister(), folderService) elementService := libraryelements.ProvideService(cfg, sqlStore, routing.NewRouteRegister(), folderService)
service := LibraryPanelService{ service := LibraryPanelService{

2
pkg/services/ngalert/tests/util.go
Unescape View File

@ -87,7 +87,7 @@ func SetupTestEnv(tb testing.TB, baseInterval time.Duration) (*ngalert.AlertNG,
tracer := tracing.InitializeTracerForTest() tracer := tracing.InitializeTracerForTest()
bus := bus.ProvideBus(tracer) bus := bus.ProvideBus(tracer)
folderService := folderimpl.ProvideService(ac, bus, cfg, dashboardStore, dashboardStore, nil, features, folderPermissions) folderService := folderimpl.ProvideService(ac, bus, cfg, dashboardStore, dashboardStore, nil, features)
ng, err := ngalert.ProvideService( ng, err := ngalert.ProvideService(
cfg, featuremgmt.WithFeatures(), nil, nil, routing.NewRouteRegister(), sqlStore, nil, nil, nil, quotatest.New(false, nil), cfg, featuremgmt.WithFeatures(), nil, nil, routing.NewRouteRegister(), sqlStore, nil, nil, nil, quotatest.New(false, nil),

Write Preview
Loading…
Cancel
Save