apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Chore: Remove bus.Dispatch from guardian package (#46711)

Browse Source 
* replace bus in guardian with sqlstore

* fix a couple of tests

* replace bus in the rest of the tests

* allow init guardian from other packages

* make linter happy

* init guardian in library elements

* fix another test in libraryelements

* fix more tests

* move guardian mock one level deeper

* fix more tests

* rename init functions
pull/46772/head
Serge Zaitsev 4 years ago committed by GitHub
parent 788fde7ead
commit fec634a091
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 108 additions and 140 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 13
      pkg/api/alerting_test.go
  2. 15
      pkg/api/annotations_test.go
  3. 26
      pkg/api/dashboard_permission_test.go
  4. 2
      pkg/api/dashboard_snapshot_test.go
  5. 51
      pkg/api/dashboard_test.go
  6. 1
      pkg/services/dashboards/manager/dashboard_service_integration_test.go
  7. 4
      pkg/services/guardian/accesscontrol_guardian.go
  8. 18
      pkg/services/guardian/guardian.go
  9. 51
      pkg/services/guardian/guardian_test.go
  10. 39
      pkg/services/guardian/guardian_util_test.go
  11. 18
      pkg/services/guardian/provider.go
  12. 5
      pkg/services/libraryelements/libraryelements_test.go
  13. 4
      pkg/services/librarypanels/librarypanels_test.go
  14. 1
      pkg/services/sqlstore/mockstore/mockstore.go

13
pkg/api/alerting_test.go
Unescape View File

@ -11,6 +11,7 @@ import (
"github.com/grafana/grafana/pkg/api/response"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/guardian"
"github.com/grafana/grafana/pkg/services/search"
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
"github.com/stretchr/testify/assert"
@ -46,15 +47,9 @@ func setUp(confs ...setUpConf) *HTTPServer {
aclMockResp = c.aclMockResp
}
}
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = aclMockResp
return nil
})
bus.AddHandler("test", func(ctx context.Context, query *models.GetTeamsByUserQuery) error {
query.Result = []*models.TeamDTO{}
return nil
})
store.ExpectedDashboardAclInfoList = aclMockResp
store.ExpectedTeamsByUser = []*models.TeamDTO{}
guardian.InitLegacyGuardian(store)
return hs
}

15
pkg/api/annotations_test.go
Unescape View File

@ -17,6 +17,7 @@ import (
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/accesscontrol"
"github.com/grafana/grafana/pkg/services/annotations"
"github.com/grafana/grafana/pkg/services/guardian"
"github.com/grafana/grafana/pkg/services/sqlstore"
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
)
@ -536,14 +537,8 @@ func setUpACL() {
{Role: &viewerRole, Permission: models.PERMISSION_VIEW},
{Role: &editorRole, Permission: models.PERMISSION_EDIT},
}
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = aclMockResp
return nil
})
bus.AddHandler("test", func(ctx context.Context, query *models.GetTeamsByUserQuery) error {
query.Result = []*models.TeamDTO{}
return nil
})
store := mockstore.NewSQLStoreMock()
store.ExpectedDashboardAclInfoList = aclMockResp
store.ExpectedTeamsByUser = []*models.TeamDTO{}
guardian.InitLegacyGuardian(store)
}

26
pkg/api/dashboard_permission_test.go
Unescape View File

@ -266,24 +266,24 @@ func TestDashboardPermissionAPIEndpoint(t *testing.T) {
settings.HiddenUsers = make(map[string]struct{})
})
guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
CanAdminValue: true,
CheckPermissionBeforeUpdateValue: true,
GetAclValue: []*models.DashboardAclInfoDTO{
{OrgId: 1, DashboardId: 1, UserId: 2, UserLogin: "hiddenUser", Permission: models.PERMISSION_VIEW},
{OrgId: 1, DashboardId: 1, UserId: 3, UserLogin: testUserLogin, Permission: models.PERMISSION_EDIT},
{OrgId: 1, DashboardId: 1, UserId: 4, UserLogin: "user_1", Permission: models.PERMISSION_ADMIN},
},
GetHiddenAclValue: []*models.DashboardAcl{
{OrgID: 1, DashboardID: 1, UserID: 2, Permission: models.PERMISSION_VIEW},
},
})
mockSQLStore := mockstore.NewSQLStoreMock()
var resp []*models.DashboardAclInfoDTO
loggedInUserScenarioWithRole(t, "When calling GET on", "GET", "/api/dashboards/id/1/permissions",
"/api/dashboards/id/:dashboardId/permissions", models.ROLE_ADMIN, func(sc *scenarioContext) {
setUp()
guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
CanAdminValue: true,
CheckPermissionBeforeUpdateValue: true,
GetAclValue: []*models.DashboardAclInfoDTO{
{OrgId: 1, DashboardId: 1, UserId: 2, UserLogin: "hiddenUser", Permission: models.PERMISSION_VIEW},
{OrgId: 1, DashboardId: 1, UserId: 3, UserLogin: testUserLogin, Permission: models.PERMISSION_EDIT},
{OrgId: 1, DashboardId: 1, UserId: 4, UserLogin: "user_1", Permission: models.PERMISSION_ADMIN},
},
GetHiddenAclValue: []*models.DashboardAcl{
{OrgID: 1, DashboardID: 1, UserID: 2, Permission: models.PERMISSION_VIEW},
},
})
callGetDashboardPermissions(sc, hs)
assert.Equal(t, 200, sc.resp.Code)

2
pkg/api/dashboard_snapshot_test.go
Unescape View File

@ -13,6 +13,7 @@ import (
"github.com/grafana/grafana/pkg/components/simplejson"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/dashboardsnapshots"
"github.com/grafana/grafana/pkg/services/guardian"
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
@ -70,6 +71,7 @@ func TestDashboardSnapshotAPIEndpoint_singleSnapshot(t *testing.T) {
})
mockSnapshotResult.ExternalDeleteUrl = ts.URL
sc.handlerFunc = hs.DeleteDashboardSnapshot
guardian.InitLegacyGuardian(sc.sqlStore)
sc.fakeReqWithParams("DELETE", sc.url, map[string]string{"key": "12345"}).exec()
assert.Equal(t, 403, sc.resp.Code)

51
pkg/api/dashboard_test.go
Unescape View File

@ -26,6 +26,7 @@ import (
"github.com/grafana/grafana/pkg/services/dashboards/database"
service "github.com/grafana/grafana/pkg/services/dashboards/manager"
"github.com/grafana/grafana/pkg/services/featuremgmt"
"github.com/grafana/grafana/pkg/services/guardian"
"github.com/grafana/grafana/pkg/services/libraryelements"
"github.com/grafana/grafana/pkg/services/live"
"github.com/grafana/grafana/pkg/services/provisioning"
@ -132,11 +133,8 @@ func TestDashboardAPIEndpoint(t *testing.T) {
{Role: &viewerRole, Permission: models.PERMISSION_VIEW},
{Role: &editorRole, Permission: models.PERMISSION_EDIT},
}
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = aclMockResp
return nil
})
mockSQLStore.ExpectedDashboardAclInfoList = aclMockResp
guardian.InitLegacyGuardian(mockSQLStore)
}
// This tests two scenarios:
@ -246,10 +244,8 @@ func TestDashboardAPIEndpoint(t *testing.T) {
},
}
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = aclMockResp
return nil
})
mockSQLStore.ExpectedDashboardAclInfoList = aclMockResp
guardian.InitLegacyGuardian(mockSQLStore)
}
// This tests six scenarios:
@ -345,10 +341,7 @@ func TestDashboardAPIEndpoint(t *testing.T) {
setUpInner := func() {
setUp()
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = mockResult
return nil
})
mockSQLStore.ExpectedDashboardAclInfoList = mockResult
}
loggedInUserScenarioWithRole(t, "When calling GET on", "GET", "/api/dashboards/uid/abcdefghi",
@ -404,11 +397,7 @@ func TestDashboardAPIEndpoint(t *testing.T) {
mockResult := []*models.DashboardAclInfoDTO{
{OrgId: 1, DashboardId: 2, UserId: 1, Permission: models.PERMISSION_VIEW},
}
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = mockResult
return nil
})
mockSQLStore.ExpectedDashboardAclInfoList = mockResult
origCanEdit := setting.ViewersCanEdit
t.Cleanup(func() {
@ -446,10 +435,7 @@ func TestDashboardAPIEndpoint(t *testing.T) {
mockResult := []*models.DashboardAclInfoDTO{
{OrgId: 1, DashboardId: 2, UserId: 1, Permission: models.PERMISSION_ADMIN},
}
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = mockResult
return nil
})
mockSQLStore.ExpectedDashboardAclInfoList = mockResult
}
loggedInUserScenarioWithRole(t, "When calling GET on", "GET", "/api/dashboards/uid/abcdefghi", "/api/dashboards/uid/:uid", role, func(sc *scenarioContext) {
@ -494,10 +480,7 @@ func TestDashboardAPIEndpoint(t *testing.T) {
mockResult := []*models.DashboardAclInfoDTO{
{OrgId: 1, DashboardId: 2, UserId: 1, Permission: models.PERMISSION_VIEW},
}
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = mockResult
return nil
})
mockSQLStore.ExpectedDashboardAclInfoList = mockResult
}
loggedInUserScenarioWithRole(t, "When calling GET on", "GET", "/api/dashboards/uid/abcdefghi", "/api/dashboards/uid/:uid", role, func(sc *scenarioContext) {
@ -744,10 +727,7 @@ func TestDashboardAPIEndpoint(t *testing.T) {
sqlmock := mockstore.SQLStoreMock{ExpectedDashboardVersions: dashboardvs}
setUp := func() {
mockResult := []*models.DashboardAclInfoDTO{}
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = mockResult
return nil
})
sqlmock.ExpectedDashboardAclInfoList = mockResult
}
cmd := dtos.CalculateDiffOptions{
@ -863,16 +843,13 @@ func TestDashboardAPIEndpoint(t *testing.T) {
})
t.Run("Given provisioned dashboard", func(t *testing.T) {
mockSQLStore := mockstore.NewSQLStoreMock()
setUp := func() {
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = []*models.DashboardAclInfoDTO{
{OrgId: testOrgID, DashboardId: 1, UserId: testUserID, Permission: models.PERMISSION_EDIT},
}
return nil
})
mockSQLStore.ExpectedDashboardAclInfoList = []*models.DashboardAclInfoDTO{
{OrgId: testOrgID, DashboardId: 1, UserId: testUserID, Permission: models.PERMISSION_EDIT},
}
}
mockSQLStore := mockstore.NewSQLStoreMock()
dataValue, err := simplejson.NewJson([]byte(`{"id": 1, "editable": true, "style": "dark"}`))
require.NoError(t, err)
mockSQLStore.ExpectedDashboard = &models.Dashboard{Id: 1, Data: dataValue}

1
pkg/services/dashboards/manager/dashboard_service_integration_test.go
Unescape View File

@ -812,6 +812,7 @@ func permissionScenario(t *testing.T, desc string, canSave bool, fn permissionSc
t.Run(desc, func(t *testing.T) {
sqlStore := sqlstore.InitTestDB(t)
guardian.InitLegacyGuardian(sqlStore)
savedFolder := saveTestFolder(t, "Saved folder", testOrgID, sqlStore)
savedDashInFolder := saveTestDashboard(t, "Saved dash in folder", testOrgID, savedFolder.Id, sqlStore)

4
pkg/services/guardian/accesscontrol_guardian.go
Unescape View File

@ -22,7 +22,7 @@ var _ DashboardGuardian = new(AccessControlDashboardGuardian)
func NewAccessControlDashboardGuardian(
ctx context.Context, dashboardId int64, user *models.SignedInUser,
store *sqlstore.SQLStore, ac accesscontrol.AccessControl, permissionsServices accesscontrol.PermissionsServices,
store sqlstore.Store, ac accesscontrol.AccessControl, permissionsServices accesscontrol.PermissionsServices,
) *AccessControlDashboardGuardian {
return &AccessControlDashboardGuardian{
ctx: ctx,
@ -41,7 +41,7 @@ type AccessControlDashboardGuardian struct {
dashboardID int64
dashboard *models.Dashboard
user *models.SignedInUser
store *sqlstore.SQLStore
store sqlstore.Store
ac accesscontrol.AccessControl
permissionServices accesscontrol.PermissionsServices
}

18
pkg/services/guardian/guardian.go
Unescape View File

@ -4,9 +4,9 @@ import (
"context"
"errors"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/infra/log"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/sqlstore"
"github.com/grafana/grafana/pkg/setting"
)
@ -43,17 +43,23 @@ type dashboardGuardianImpl struct {
teams []*models.TeamDTO
log log.Logger
ctx context.Context
store sqlstore.Store
}
// New factory for creating a new dashboard guardian instance
// When using access control this function is replaced on startup and the AccessControlDashboardGuardian is returned
var New = func(ctx context.Context, dashId int64, orgId int64, user *models.SignedInUser) DashboardGuardian {
panic("no guardian factory implementation provided")
}
func newDashboardGuardian(ctx context.Context, dashId int64, orgId int64, user *models.SignedInUser, store sqlstore.Store) *dashboardGuardianImpl {
return &dashboardGuardianImpl{
user: user,
dashId: dashId,
orgId: orgId,
log: log.New("dashboard.permissions"),
ctx: ctx,
store: store,
}
}
@ -146,7 +152,7 @@ func (g *dashboardGuardianImpl) checkAcl(permission models.PermissionType, acl [
}
// load teams
teams, err := g.getTeams(g.ctx)
teams, err := g.getTeams()
if err != nil {
return false, err
}
@ -216,10 +222,9 @@ func (g *dashboardGuardianImpl) GetAcl() ([]*models.DashboardAclInfoDTO, error)
}
query := models.GetDashboardAclInfoListQuery{DashboardID: g.dashId, OrgID: g.orgId}
if err := bus.Dispatch(g.ctx, &query); err != nil {
if err := g.store.GetDashboardAclInfoList(g.ctx, &query); err != nil {
return nil, err
}
g.acl = query.Result
return g.acl, nil
}
@ -260,14 +265,13 @@ func (g *dashboardGuardianImpl) GetACLWithoutDuplicates() ([]*models.DashboardAc
return result, nil
}
func (g *dashboardGuardianImpl) getTeams(ctx context.Context) ([]*models.TeamDTO, error) {
func (g *dashboardGuardianImpl) getTeams() ([]*models.TeamDTO, error) {
if g.teams != nil {
return g.teams, nil
}
query := models.GetTeamsByUserQuery{OrgId: g.orgId, UserId: g.user.UserId}
// TODO: Use bus.Dispatch(g.Ctx, &query) when GetTeamsByUserQuery supports context.
err := bus.Dispatch(ctx, &query)
err := g.store.GetTeamsByUser(g.ctx, &query)
g.teams = query.Result
return query.Result, err

51
pkg/services/guardian/guardian_test.go
Unescape View File

@ -7,8 +7,8 @@ import (
"runtime"
"testing"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
"github.com/grafana/grafana/pkg/setting"
"github.com/stretchr/testify/require"
@ -682,16 +682,12 @@ func (sc *scenarioContext) verifyUpdateChildDashboardPermissionsWithOverrideShou
func TestGuardianGetHiddenACL(t *testing.T) {
t.Run("Get hidden ACL tests", func(t *testing.T) {
bus.ClearBusHandlers()
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = []*models.DashboardAclInfoDTO{
{Inherited: false, UserId: 1, UserLogin: "user1", Permission: models.PERMISSION_EDIT},
{Inherited: false, UserId: 2, UserLogin: "user2", Permission: models.PERMISSION_ADMIN},
{Inherited: true, UserId: 3, UserLogin: "user3", Permission: models.PERMISSION_VIEW},
}
return nil
})
store := mockstore.NewSQLStoreMock()
store.ExpectedDashboardAclInfoList = []*models.DashboardAclInfoDTO{
{Inherited: false, UserId: 1, UserLogin: "user1", Permission: models.PERMISSION_EDIT},
{Inherited: false, UserId: 2, UserLogin: "user2", Permission: models.PERMISSION_ADMIN},
{Inherited: true, UserId: 3, UserLogin: "user3", Permission: models.PERMISSION_VIEW},
}
cfg := setting.NewCfg()
cfg.HiddenUsers = map[string]struct{}{"user2": {}}
@ -702,7 +698,7 @@ func TestGuardianGetHiddenACL(t *testing.T) {
UserId: 1,
Login: "user1",
}
g := New(context.Background(), dashboardID, orgID, user)
g := newDashboardGuardian(context.Background(), dashboardID, orgID, user, store)
hiddenACL, err := g.GetHiddenACL(cfg)
require.NoError(t, err)
@ -718,7 +714,7 @@ func TestGuardianGetHiddenACL(t *testing.T) {
Login: "user1",
IsGrafanaAdmin: true,
}
g := New(context.Background(), dashboardID, orgID, user)
g := newDashboardGuardian(context.Background(), dashboardID, orgID, user, store)
hiddenACL, err := g.GetHiddenACL(cfg)
require.NoError(t, err)
@ -730,21 +726,18 @@ func TestGuardianGetHiddenACL(t *testing.T) {
func TestGuardianGetAclWithoutDuplicates(t *testing.T) {
t.Run("Get hidden ACL tests", func(t *testing.T) {
t.Cleanup(bus.ClearBusHandlers)
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = []*models.DashboardAclInfoDTO{
{Inherited: true, UserId: 3, UserLogin: "user3", Permission: models.PERMISSION_EDIT},
{Inherited: false, UserId: 3, UserLogin: "user3", Permission: models.PERMISSION_VIEW},
{Inherited: false, UserId: 2, UserLogin: "user2", Permission: models.PERMISSION_ADMIN},
{Inherited: true, UserId: 4, UserLogin: "user4", Permission: models.PERMISSION_ADMIN},
{Inherited: false, UserId: 4, UserLogin: "user4", Permission: models.PERMISSION_ADMIN},
{Inherited: false, UserId: 5, UserLogin: "user5", Permission: models.PERMISSION_EDIT},
{Inherited: true, UserId: 6, UserLogin: "user6", Permission: models.PERMISSION_VIEW},
{Inherited: false, UserId: 6, UserLogin: "user6", Permission: models.PERMISSION_EDIT},
}
return nil
})
store := mockstore.NewSQLStoreMock()
store.ExpectedDashboardAclInfoList = []*models.DashboardAclInfoDTO{
{Inherited: true, UserId: 3, UserLogin: "user3", Permission: models.PERMISSION_EDIT},
{Inherited: false, UserId: 3, UserLogin: "user3", Permission: models.PERMISSION_VIEW},
{Inherited: false, UserId: 2, UserLogin: "user2", Permission: models.PERMISSION_ADMIN},
{Inherited: true, UserId: 4, UserLogin: "user4", Permission: models.PERMISSION_ADMIN},
{Inherited: false, UserId: 4, UserLogin: "user4", Permission: models.PERMISSION_ADMIN},
{Inherited: false, UserId: 5, UserLogin: "user5", Permission: models.PERMISSION_EDIT},
{Inherited: true, UserId: 6, UserLogin: "user6", Permission: models.PERMISSION_VIEW},
{Inherited: false, UserId: 6, UserLogin: "user6", Permission: models.PERMISSION_EDIT},
}
t.Run("Should get acl without duplicates", func(t *testing.T) {
user := &models.SignedInUser{
@ -752,7 +745,7 @@ func TestGuardianGetAclWithoutDuplicates(t *testing.T) {
UserId: 1,
Login: "user1",
}
g := New(context.Background(), dashboardID, orgID, user)
g := newDashboardGuardian(context.Background(), dashboardID, orgID, user, store)
acl, err := g.GetACLWithoutDuplicates()
require.NoError(t, err)

39
pkg/services/guardian/guardian_util_test.go
Unescape View File

@ -7,8 +7,8 @@ import (
"strings"
"testing"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
"github.com/stretchr/testify/assert"
)
@ -36,7 +36,8 @@ func orgRoleScenario(desc string, t *testing.T, role models.RoleType, fn scenari
OrgId: orgID,
OrgRole: role,
}
guard := New(context.Background(), dashboardID, orgID, user)
store := mockstore.NewSQLStoreMock()
guard := newDashboardGuardian(context.Background(), dashboardID, orgID, user, store)
sc := &scenarioContext{
t: t,
@ -57,7 +58,8 @@ func apiKeyScenario(desc string, t *testing.T, role models.RoleType, fn scenario
OrgRole: role,
ApiKeyId: 10,
}
guard := New(context.Background(), dashboardID, orgID, user)
store := mockstore.NewSQLStoreMock()
guard := newDashboardGuardian(context.Background(), dashboardID, orgID, user, store)
sc := &scenarioContext{
t: t,
orgRoleScenario: desc,
@ -73,20 +75,8 @@ func apiKeyScenario(desc string, t *testing.T, role models.RoleType, fn scenario
func permissionScenario(desc string, dashboardID int64, sc *scenarioContext,
permissions []*models.DashboardAclInfoDTO, fn scenarioFunc) {
sc.t.Run(desc, func(t *testing.T) {
bus.ClearBusHandlers()
bus.AddHandler("test", func(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
if query.OrgID != sc.givenUser.OrgId {
sc.reportFailure("Invalid organization id for GetDashboardAclInfoListQuery", sc.givenUser.OrgId, query.OrgID)
}
if query.DashboardID != sc.givenDashboardID {
sc.reportFailure("Invalid dashboard id for GetDashboardAclInfoListQuery", sc.givenDashboardID, query.DashboardID)
}
query.Result = permissions
return nil
})
store := mockstore.NewSQLStoreMock()
store.ExpectedDashboardAclInfoList = permissions
teams := []*models.TeamDTO{}
for _, p := range permissions {
@ -94,21 +84,10 @@ func permissionScenario(desc string, dashboardID int64, sc *scenarioContext,
teams = append(teams, &models.TeamDTO{Id: p.TeamId})
}
}
bus.AddHandler("test", func(ctx context.Context, query *models.GetTeamsByUserQuery) error {
if query.OrgId != sc.givenUser.OrgId {
sc.reportFailure("Invalid organization id for GetTeamsByUserQuery", sc.givenUser.OrgId, query.OrgId)
}
if query.UserId != sc.givenUser.UserId {
sc.reportFailure("Invalid user id for GetTeamsByUserQuery", sc.givenUser.UserId, query.UserId)
}
query.Result = teams
return nil
})
store.ExpectedTeamsByUser = teams
sc.permissionScenario = desc
sc.g = New(context.Background(), dashboardID, sc.givenUser.OrgId, sc.givenUser)
sc.g = newDashboardGuardian(context.Background(), dashboardID, sc.givenUser.OrgId, sc.givenUser, store)
sc.givenDashboardID = dashboardID
sc.givenPermissions = permissions
sc.givenTeams = teams

18
pkg/services/guardian/provider.go
Unescape View File

@ -14,9 +14,21 @@ type Provider struct{}
func ProvideService(store *sqlstore.SQLStore, ac accesscontrol.AccessControl, permissionsServices accesscontrol.PermissionsServices, features featuremgmt.FeatureToggles) *Provider {
if features.IsEnabled(featuremgmt.FlagAccesscontrol) {
// TODO: Fix this hack, see https://github.com/grafana/grafana-enterprise/issues/2935
New = func(ctx context.Context, dashId int64, orgId int64, user *models.SignedInUser) DashboardGuardian {
return NewAccessControlDashboardGuardian(ctx, dashId, user, store, ac, permissionsServices)
}
InitAcessControlGuardian(store, ac, permissionsServices)
} else {
InitLegacyGuardian(store)
}
return &Provider{}
}
func InitLegacyGuardian(store sqlstore.Store) {
New = func(ctx context.Context, dashId int64, orgId int64, user *models.SignedInUser) DashboardGuardian {
return newDashboardGuardian(ctx, dashId, orgId, user, store)
}
}
func InitAcessControlGuardian(store sqlstore.Store, ac accesscontrol.AccessControl, permissionsServices accesscontrol.PermissionsServices) {
New = func(ctx context.Context, dashId int64, orgId int64, user *models.SignedInUser) DashboardGuardian {
return NewAccessControlDashboardGuardian(ctx, dashId, user, store, ac, permissionsServices)
}
}

5
pkg/services/libraryelements/libraryelements_test.go
Unescape View File

@ -21,7 +21,9 @@ import (
"github.com/grafana/grafana/pkg/services/dashboards/database"
dashboardservice "github.com/grafana/grafana/pkg/services/dashboards/manager"
"github.com/grafana/grafana/pkg/services/featuremgmt"
"github.com/grafana/grafana/pkg/services/guardian"
"github.com/grafana/grafana/pkg/services/sqlstore"
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
"github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/web"
)
@ -286,6 +288,8 @@ func validateAndUnMarshalArrayResponse(t *testing.T, resp response.Response) lib
func scenarioWithPanel(t *testing.T, desc string, fn func(t *testing.T, sc scenarioContext)) {
t.Helper()
store := mockstore.NewSQLStoreMock()
guardian.InitLegacyGuardian(store)
testScenario(t, desc, func(t *testing.T, sc scenarioContext) {
command := getCreatePanelCommand(sc.folder.Id, "Text - Library Panel")
@ -311,6 +315,7 @@ func testScenario(t *testing.T, desc string, fn func(t *testing.T, sc scenarioCo
orgID := int64(1)
role := models.ROLE_ADMIN
sqlStore := sqlstore.InitTestDB(t)
guardian.InitLegacyGuardian(sqlStore)
dashboardStore := database.ProvideDashboardStore(sqlStore)
dashboardService := dashboardservice.ProvideDashboardService(
setting.NewCfg(), dashboardStore, nil,

4
pkg/services/librarypanels/librarypanels_test.go
Unescape View File

@ -19,8 +19,10 @@ import (
"github.com/grafana/grafana/pkg/services/dashboards/database"
dashboardservice "github.com/grafana/grafana/pkg/services/dashboards/manager"
"github.com/grafana/grafana/pkg/services/featuremgmt"
"github.com/grafana/grafana/pkg/services/guardian"
"github.com/grafana/grafana/pkg/services/libraryelements"
"github.com/grafana/grafana/pkg/services/sqlstore"
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
"github.com/grafana/grafana/pkg/setting"
)
@ -1477,6 +1479,8 @@ func updateFolderACL(t *testing.T, dashboardStore *database.DashboardStore, fold
}
func scenarioWithLibraryPanel(t *testing.T, desc string, fn func(t *testing.T, sc scenarioContext)) {
store := mockstore.NewSQLStoreMock()
guardian.InitLegacyGuardian(store)
t.Helper()
testScenario(t, desc, func(t *testing.T, sc scenarioContext) {

1
pkg/services/sqlstore/mockstore/mockstore.go
Unescape View File

@ -380,6 +380,7 @@ func (m *SQLStoreMock) DeleteExpiredVersions(ctx context.Context, cmd *models.De
}
func (m SQLStoreMock) GetDashboardAclInfoList(ctx context.Context, query *models.GetDashboardAclInfoListQuery) error {
query.Result = m.ExpectedDashboardAclInfoList
return m.ExpectedError
}

Write Preview
Loading…
Cancel
Save