grafana/pkg/api/dashboard_permission_test.go

package api

import (
	"testing"

	"github.com/grafana/grafana/pkg/api/dtos"
	"github.com/grafana/grafana/pkg/bus"
	"github.com/grafana/grafana/pkg/components/simplejson"
	m "github.com/grafana/grafana/pkg/models"
	"github.com/grafana/grafana/pkg/services/guardian"

	. "github.com/smartystreets/goconvey/convey"
)

func TestDashboardPermissionApiEndpoint(t *testing.T) {
	Convey("Dashboard permissions test", t, func() {
		Convey("Given dashboard not exists", func() {
			bus.AddHandler("test", func(query *m.GetDashboardQuery) error {
				return m.ErrDashboardNotFound
			})

			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", m.ROLE_EDITOR, func(sc *scenarioContext) {
				callGetDashboardPermissions(sc)
				So(sc.resp.Code, ShouldEqual, 404)
			})

			cmd := dtos.UpdateDashboardAclCommand{
				Items: []dtos.DashboardAclUpdateItem{
					{UserId: 1000, Permission: m.PERMISSION_ADMIN},
				},
			}

			updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {
				callUpdateDashboardPermissions(sc)
				So(sc.resp.Code, ShouldEqual, 404)
			})
		})

		Convey("Given user has no admin permissions", func() {
			origNewGuardian := guardian.New
			guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{CanAdminValue: false})

			getDashboardQueryResult := m.NewDashboard("Dash")
			bus.AddHandler("test", func(query *m.GetDashboardQuery) error {
				query.Result = getDashboardQueryResult
				return nil
			})

			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", m.ROLE_EDITOR, func(sc *scenarioContext) {
				callGetDashboardPermissions(sc)
				So(sc.resp.Code, ShouldEqual, 403)
			})

			cmd := dtos.UpdateDashboardAclCommand{
				Items: []dtos.DashboardAclUpdateItem{
					{UserId: 1000, Permission: m.PERMISSION_ADMIN},
				},
			}

			updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {
				callUpdateDashboardPermissions(sc)
				So(sc.resp.Code, ShouldEqual, 403)
			})

			Reset(func() {
				guardian.New = origNewGuardian
			})
		})

		Convey("Given user has admin permissions and permissions to update", func() {
			origNewGuardian := guardian.New
			guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
				CanAdminValue:                    true,
				CheckPermissionBeforeUpdateValue: true,
				GetAclValue: []*m.DashboardAclInfoDTO{
					{OrgId: 1, DashboardId: 1, UserId: 2, Permission: m.PERMISSION_VIEW},
					{OrgId: 1, DashboardId: 1, UserId: 3, Permission: m.PERMISSION_EDIT},
					{OrgId: 1, DashboardId: 1, UserId: 4, Permission: m.PERMISSION_ADMIN},
					{OrgId: 1, DashboardId: 1, TeamId: 1, Permission: m.PERMISSION_VIEW},
					{OrgId: 1, DashboardId: 1, TeamId: 2, Permission: m.PERMISSION_ADMIN},
				},
			})

			getDashboardQueryResult := m.NewDashboard("Dash")
			bus.AddHandler("test", func(query *m.GetDashboardQuery) error {
				query.Result = getDashboardQueryResult
				return nil
			})

			loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", m.ROLE_ADMIN, func(sc *scenarioContext) {
				callGetDashboardPermissions(sc)
				So(sc.resp.Code, ShouldEqual, 200)
				respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
				So(err, ShouldBeNil)
				So(len(respJSON.MustArray()), ShouldEqual, 5)
				So(respJSON.GetIndex(0).Get("userId").MustInt(), ShouldEqual, 2)
				So(respJSON.GetIndex(0).Get("permission").MustInt(), ShouldEqual, m.PERMISSION_VIEW)
			})

			cmd := dtos.UpdateDashboardAclCommand{
				Items: []dtos.DashboardAclUpdateItem{
					{UserId: 1000, Permission: m.PERMISSION_ADMIN},
				},
			}

			updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {
				callUpdateDashboardPermissions(sc)
				So(sc.resp.Code, ShouldEqual, 200)
			})

			Reset(func() {
				guardian.New = origNewGuardian
			})
		})

		Convey("When trying to update permissions with duplicate permissions", func() {
			origNewGuardian := guardian.New
			guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
				CanAdminValue:                    true,
				CheckPermissionBeforeUpdateValue: false,
				CheckPermissionBeforeUpdateError: guardian.ErrGuardianPermissionExists,
			})

			getDashboardQueryResult := m.NewDashboard("Dash")
			bus.AddHandler("test", func(query *m.GetDashboardQuery) error {
				query.Result = getDashboardQueryResult
				return nil
			})

			cmd := dtos.UpdateDashboardAclCommand{
				Items: []dtos.DashboardAclUpdateItem{
					{UserId: 1000, Permission: m.PERMISSION_ADMIN},
				},
			}

			updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {
				callUpdateDashboardPermissions(sc)
				So(sc.resp.Code, ShouldEqual, 400)
			})

			Reset(func() {
				guardian.New = origNewGuardian
			})
		})

		Convey("When trying to override inherited permissions with lower precedence", func() {
			origNewGuardian := guardian.New
			guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{
				CanAdminValue:                    true,
				CheckPermissionBeforeUpdateValue: false,
				CheckPermissionBeforeUpdateError: guardian.ErrGuardianOverride},
			)

			getDashboardQueryResult := m.NewDashboard("Dash")
			bus.AddHandler("test", func(query *m.GetDashboardQuery) error {
				query.Result = getDashboardQueryResult
				return nil
			})

			cmd := dtos.UpdateDashboardAclCommand{
				Items: []dtos.DashboardAclUpdateItem{
					{UserId: 1000, Permission: m.PERMISSION_ADMIN},
				},
			}

			updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {
				callUpdateDashboardPermissions(sc)
				So(sc.resp.Code, ShouldEqual, 400)
			})

			Reset(func() {
				guardian.New = origNewGuardian
			})
		})
	})
}

func callGetDashboardPermissions(sc *scenarioContext) {
	sc.handlerFunc = GetDashboardPermissionList
	sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
}

func callUpdateDashboardPermissions(sc *scenarioContext) {
	bus.AddHandler("test", func(cmd *m.UpdateDashboardAclCommand) error {
		return nil
	})

	sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
}

func updateDashboardPermissionScenario(desc string, url string, routePattern string, cmd dtos.UpdateDashboardAclCommand, fn scenarioFunc) {
	Convey(desc+" "+url, func() {
		defer bus.ClearBusHandlers()

		sc := setupScenarioContext(url)

		sc.defaultHandler = Wrap(func(c *m.ReqContext) Response {
			sc.context = c
			sc.context.OrgId = TestOrgID
			sc.context.UserId = TestUserID

			return UpdateDashboardPermissions(c, cmd)
		})

		sc.m.Post(routePattern, sc.defaultHandler)

		fn(sc)
	})
}
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00			`package api`

			`import (`
			`"testing"`

dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00			`"github.com/grafana/grafana/pkg/api/dtos"`
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00			`"github.com/grafana/grafana/pkg/bus"`
			`"github.com/grafana/grafana/pkg/components/simplejson"`
dashboard acl fixes 2017-06-23 05:43:55 +08:00			`m "github.com/grafana/grafana/pkg/models"`
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`"github.com/grafana/grafana/pkg/services/guardian"`
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00
			`. "github.com/smartystreets/goconvey/convey"`
			`)`

dashboards: change api route for dashboard permissions From /api/dashboards/id/:id/acl to /api/dashboards/id/:id/permissions 2018-02-21 18:42:54 +08:00			`func TestDashboardPermissionApiEndpoint(t *testing.T) {`
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`Convey("Dashboard permissions test", t, func() {`
			`Convey("Given dashboard not exists", func() {`
			`bus.AddHandler("test", func(query *m.GetDashboardQuery) error {`
			`return m.ErrDashboardNotFound`
			`})`
dashboard: always make sure dashboard exist in dashboard acl http api (#10856) 2018-02-12 16:26:09 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", m.ROLE_EDITOR, func(sc *scenarioContext) {`
			`callGetDashboardPermissions(sc)`
			`So(sc.resp.Code, ShouldEqual, 404)`
			`})`
refactoring dashboard folder security checks 2017-06-20 03:22:42 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`cmd := dtos.UpdateDashboardAclCommand{`
			`Items: []dtos.DashboardAclUpdateItem{`
			`{UserId: 1000, Permission: m.PERMISSION_ADMIN},`
			`},`
			`}`
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {`
			`callUpdateDashboardPermissions(sc)`
			`So(sc.resp.Code, ShouldEqual, 404)`
			`})`
WIP: add permission check for GetDashboard 2017-06-12 21:48:55 +08:00			`})`

dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`Convey("Given user has no admin permissions", func() {`
			`origNewGuardian := guardian.New`
			`guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{CanAdminValue: false})`
dashfolders: adds comment for dashboard acl test 2018-01-30 20:28:00 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`getDashboardQueryResult := m.NewDashboard("Dash")`
			`bus.AddHandler("test", func(query *m.GetDashboardQuery) error {`
			`query.Result = getDashboardQueryResult`
			`return nil`
			`})`
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", m.ROLE_EDITOR, func(sc *scenarioContext) {`
			`callGetDashboardPermissions(sc)`
			`So(sc.resp.Code, ShouldEqual, 403)`
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00			`})`
dashboard: always make sure dashboard exist in dashboard acl http api (#10856) 2018-02-12 16:26:09 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`cmd := dtos.UpdateDashboardAclCommand{`
			`Items: []dtos.DashboardAclUpdateItem{`
			`{UserId: 1000, Permission: m.PERMISSION_ADMIN},`
			`},`
			`}`
dashboard: always make sure dashboard exist in dashboard acl http api (#10856) 2018-02-12 16:26:09 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {`
			`callUpdateDashboardPermissions(sc)`
			`So(sc.resp.Code, ShouldEqual, 403)`
dashboard: always make sure dashboard exist in dashboard acl http api (#10856) 2018-02-12 16:26:09 +08:00			`})`

dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`Reset(func() {`
			`guardian.New = origNewGuardian`
dashboard: always make sure dashboard exist in dashboard acl http api (#10856) 2018-02-12 16:26:09 +08:00			`})`
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00			`})`

dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`Convey("Given user has admin permissions and permissions to update", func() {`
			`origNewGuardian := guardian.New`
			`guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{`
			`CanAdminValue: true,`
			`CheckPermissionBeforeUpdateValue: true,`
			`GetAclValue: []*m.DashboardAclInfoDTO{`
			`{OrgId: 1, DashboardId: 1, UserId: 2, Permission: m.PERMISSION_VIEW},`
			`{OrgId: 1, DashboardId: 1, UserId: 3, Permission: m.PERMISSION_EDIT},`
			`{OrgId: 1, DashboardId: 1, UserId: 4, Permission: m.PERMISSION_ADMIN},`
			`{OrgId: 1, DashboardId: 1, TeamId: 1, Permission: m.PERMISSION_VIEW},`
			`{OrgId: 1, DashboardId: 1, TeamId: 2, Permission: m.PERMISSION_ADMIN},`
			`},`
			`})`
WIP: delete permission in API 2017-05-22 16:36:47 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`getDashboardQueryResult := m.NewDashboard("Dash")`
			`bus.AddHandler("test", func(query *m.GetDashboardQuery) error {`
			`query.Result = getDashboardQueryResult`
			`return nil`
WIP: delete permission in API 2017-05-22 16:36:47 +08:00			`})`

dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", m.ROLE_ADMIN, func(sc *scenarioContext) {`
			`callGetDashboardPermissions(sc)`
			`So(sc.resp.Code, ShouldEqual, 200)`
			`respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())`
			`So(err, ShouldBeNil)`
			`So(len(respJSON.MustArray()), ShouldEqual, 5)`
			`So(respJSON.GetIndex(0).Get("userId").MustInt(), ShouldEqual, 2)`
			`So(respJSON.GetIndex(0).Get("permission").MustInt(), ShouldEqual, m.PERMISSION_VIEW)`
			`})`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`cmd := dtos.UpdateDashboardAclCommand{`
			`Items: []dtos.DashboardAclUpdateItem{`
			`{UserId: 1000, Permission: m.PERMISSION_ADMIN},`
			`},`
			`}`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {`
			`callUpdateDashboardPermissions(sc)`
			`So(sc.resp.Code, ShouldEqual, 200)`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00			`})`

dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`Reset(func() {`
			`guardian.New = origNewGuardian`
			`})`
			`})`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`Convey("When trying to update permissions with duplicate permissions", func() {`
			`origNewGuardian := guardian.New`
			`guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{`
			`CanAdminValue: true,`
			`CheckPermissionBeforeUpdateValue: false,`
dashboards: change dashboard/folder permission error messages 2018-02-27 23:03:11 +08:00			`CheckPermissionBeforeUpdateError: guardian.ErrGuardianPermissionExists,`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00			`})`

dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`getDashboardQueryResult := m.NewDashboard("Dash")`
			`bus.AddHandler("test", func(query *m.GetDashboardQuery) error {`
			`query.Result = getDashboardQueryResult`
			`return nil`
			`})`
WIP: delete permission in API 2017-05-22 16:36:47 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`cmd := dtos.UpdateDashboardAclCommand{`
			`Items: []dtos.DashboardAclUpdateItem{`
			`{UserId: 1000, Permission: m.PERMISSION_ADMIN},`
			`},`
			`}`
dashfolders: new admin permission needed to view/change acl 2017-06-23 05:01:04 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {`
			`callUpdateDashboardPermissions(sc)`
			`So(sc.resp.Code, ShouldEqual, 400)`
			`})`
dashfolders: new admin permission needed to view/change acl 2017-06-23 05:01:04 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`Reset(func() {`
			`guardian.New = origNewGuardian`
dashfolders: new admin permission needed to view/change acl 2017-06-23 05:01:04 +08:00			`})`
			`})`

Merge branch 'master' into dashboard-acl-ux2 2018-03-29 17:32:24 +08:00			`Convey("When trying to override inherited permissions with lower precedence", func() {`
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`origNewGuardian := guardian.New`
			`guardian.MockDashboardGuardian(&guardian.FakeDashboardGuardian{`
			`CanAdminValue: true,`
			`CheckPermissionBeforeUpdateValue: false,`
dashboards: change dashboard/folder permission error messages 2018-02-27 23:03:11 +08:00			`CheckPermissionBeforeUpdateError: guardian.ErrGuardianOverride},`
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`)`

			`getDashboardQueryResult := m.NewDashboard("Dash")`
			`bus.AddHandler("test", func(query *m.GetDashboardQuery) error {`
			`query.Result = getDashboardQueryResult`
			`return nil`
			`})`

			`cmd := dtos.UpdateDashboardAclCommand{`
			`Items: []dtos.DashboardAclUpdateItem{`
			`{UserId: 1000, Permission: m.PERMISSION_ADMIN},`
			`},`
			`}`
WIP: delete permission in API 2017-05-22 16:36:47 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`updateDashboardPermissionScenario("When calling POST on", "/api/dashboards/id/1/permissions", "/api/dashboards/id/:id/permissions", cmd, func(sc *scenarioContext) {`
			`callUpdateDashboardPermissions(sc)`
			`So(sc.resp.Code, ShouldEqual, 400)`
			`})`
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`Reset(func() {`
			`guardian.New = origNewGuardian`
WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard. 2017-05-08 21:35:34 +08:00			`})`
			`})`
			`})`
			`}`
dashfolders: new admin permission needed to view/change acl 2017-06-23 05:01:04 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`func callGetDashboardPermissions(sc *scenarioContext) {`
			`sc.handlerFunc = GetDashboardPermissionList`
			`sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()`
dashfolders: new admin permission needed to view/change acl 2017-06-23 05:01:04 +08:00			`}`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`func callUpdateDashboardPermissions(sc *scenarioContext) {`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00			`bus.AddHandler("test", func(cmd *m.UpdateDashboardAclCommand) error {`
			`return nil`
			`})`

			`sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()`
			`}`

dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`func updateDashboardPermissionScenario(desc string, url string, routePattern string, cmd dtos.UpdateDashboardAclCommand, fn scenarioFunc) {`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00			`Convey(desc+" "+url, func() {`
			`defer bus.ClearBusHandlers()`

api: extract api test code to common_test.go 2018-01-30 20:17:48 +08:00			`sc := setupScenarioContext(url)`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00
test: fixed usage of wrap in tests. 2018-07-02 23:13:59 +08:00			`sc.defaultHandler = Wrap(func(c *m.ReqContext) Response {`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00			`sc.context = c`
			`sc.context.OrgId = TestOrgID`
dashboards: handle new guardian error responses and update tests Using a mocked guardian instead and relies on the actual guardian tests for verifying permission handling correctness 2018-02-27 03:15:57 +08:00			`sc.context.UserId = TestUserID`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00
dashboards: change api route for dashboard permissions From /api/dashboards/id/:id/acl to /api/dashboards/id/:id/permissions 2018-02-21 18:42:54 +08:00			`return UpdateDashboardPermissions(c, cmd)`
dashfolders: stop user locking themselves out of a folder 2018-01-18 21:30:04 +08:00			`})`

			`sc.m.Post(routePattern, sc.defaultHandler)`

			`fn(sc)`
			`})`
			`}`