root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 160 Packages Projects Releases Wiki Activity
grafana/pkg/api/folder_test.go

680 lines
25 KiB
Go
Raw Normal View History

WIP: folder api. #10630
2018-01-29 20:51:01 +08:00
package api
folders: folder permissions api tests
2018-02-21 01:11:50 +08:00
import (
Add auth spans and remove deduplication code for scopes (#89804) Adds more spans for timing in accesscontrol and remove permission deduplicating code after benchmarking --------- Signed-off-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2024-07-03 14:08:57 +08:00
"context"
folders: folder api tests
2018-02-21 18:24:54 +08:00
"encoding/json"
"fmt"
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
"net/http"
Unistore: Update Folders Endpoint (#97317) * Add route for update folders via apiserver Signed-off-by: Maicon Costa <maiconscosta@gmail.com> --------- Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-12-04 02:33:01 +08:00
"net/http/httptest"
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
"strings"
folders: folder api tests
2018-02-21 18:24:54 +08:00
"testing"
chore/backend: move dashboard errors to dashboard service (#51593) * chore/backend: move dashboard errors to dashboard service Dashboard-related models are slowly moving out of the models package and into dashboard services. This commit moves dashboard-related errors; the rest will come in later commits. There are no logical code changes, this is only a structural (package) move. * lint lint lint
2022-06-30 21:31:54 +08:00
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/mock"
"github.com/stretchr/testify/require"
Unistore: Update Folders Endpoint (#97317) * Add route for update folders via apiserver Signed-off-by: Maicon Costa <maiconscosta@gmail.com> --------- Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-12-04 02:33:01 +08:00
clientrest "k8s.io/client-go/rest"
chore/backend: move dashboard errors to dashboard service (#51593) * chore/backend: move dashboard errors to dashboard service Dashboard-related models are slowly moving out of the models package and into dashboard services. This commit moves dashboard-related errors; the rest will come in later commits. There are no logical code changes, this is only a structural (package) move. * lint lint lint
2022-06-30 21:31:54 +08:00
folders: folder api tests
2018-02-21 18:24:54 +08:00
"github.com/grafana/grafana/pkg/api/dtos"
Unistore: Update Folders Endpoint (#97317) * Add route for update folders via apiserver Signed-off-by: Maicon Costa <maiconscosta@gmail.com> --------- Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-12-04 02:33:01 +08:00
folderv0alpha1 "github.com/grafana/grafana/pkg/apis/folder/v0alpha1"
grafanarest "github.com/grafana/grafana/pkg/apiserver/rest"
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
"github.com/grafana/grafana/pkg/services/accesscontrol"
Access Control: Clear user's permission cache after resource creation (#59101) * refresh user's permission cache after resource creation * clear the cache instead of reloading the permissions * don't error if can't clear cache * fix tests * fix tests again
2022-11-24 22:38:55 +08:00
"github.com/grafana/grafana/pkg/services/accesscontrol/actest"
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
acmock "github.com/grafana/grafana/pkg/services/accesscontrol/mock"
Unistore: Update Folders Endpoint (#97317) * Add route for update folders via apiserver Signed-off-by: Maicon Costa <maiconscosta@gmail.com> --------- Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-12-04 02:33:01 +08:00
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
move Context and session out of middleware
2018-03-07 06:59:45 +08:00
"github.com/grafana/grafana/pkg/services/dashboards"
Access control: Use access control for dashboard and folder (#44702) * Add actions and scopes * add resource service for dashboard and folder * Add dashboard guardian with fgac permission evaluation * Add CanDelete function to guardian interface * Add CanDelete property to folder and dashboard dto and set values * change to correct function name * Add accesscontrol to folder endpoints * add access control to dashboard endpoints * check access for nav links * Add fixed roles for dashboard and folders * use correct package * add hack to override guardian Constructor if accesscontrol is enabled * Add services * Add function to handle api backward compatability * Add permissionServices to HttpServer * Set permission when new dashboard is created * Add default permission when creating new dashboard * Set default permission when creating folder and dashboard * Add access control filter for dashboard search * Add to accept list * Add accesscontrol to dashboardimport * Disable access control in tests * Add check to see if user is allow to create a dashboard * Use SetPermissions * Use function to set several permissions at once * remove permissions for folder and dashboard on delete * update required permission * set permission for provisioning * Add CanCreate to dashboard guardian and set correct permisisons for provisioning * Dont set admin on folder / dashboard creation * Add dashboard and folder permission migrations * Add tests for CanCreate * Add roles and update descriptions * Solve uid to id for dashboard and folder permissions * Add folder and dashboard actions to permission filter * Handle viewer_can_edit flag * set folder and dashboard permissions services * Add dashboard permissions when importing a new dashboard * Set access control permissions on provisioning * Pass feature flags and only set permissions if access control is enabled * only add default permissions for folders and dashboards without folders * Batch create permissions in migrations * Remove `dashboards:edit` action * Remove unused function from interface * Update pkg/services/guardian/accesscontrol_guardian_test.go Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2022-03-03 22:05:47 +08:00
"github.com/grafana/grafana/pkg/services/featuremgmt"
Chore: Move folder service into a separate package (#56591) * Chore: move folder service interface into a separate package * copy implementation into a standalone package * move implementation and tests to the new folder package * remove leftovers from wire * add test doubles for folder service * fix tests in library panels/elements * fix provideservice in ngalert
2022-10-11 03:47:53 +08:00
"github.com/grafana/grafana/pkg/services/folder"
"github.com/grafana/grafana/pkg/services/folder/foldertest"
Nested folders: Fix folder hierarchy in folder responses (#74516) Nested folders: Fix hierarchy in folder response
2023-09-08 15:43:41 +08:00
"github.com/grafana/grafana/pkg/services/guardian"
Add delete user from other services/stores (#51912) * Remove user from preferences, stars, orguser, team member * Fix lint * Add Delete user from org and dashboard acl * Delete user from user auth * Add DeleteUser to quota * Add test files and adjust user auth store * Rename package in wire for user auth * Import Quota Service interface in other services * do the same in tests * fix lint tests * Fix tests * Add some tests * Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser * Rename DeleteUser to DeleteByUser in quota * changing a method name in few additional places * Fix in other places * Fix lint * Fix tests * Rename DeleteOrgUser to DeleteUserFromAll * Update pkg/services/org/orgimpl/org_test.go Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Update pkg/services/preference/prefimpl/inmemory_test.go Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Rename Acl to ACL * Fix wire after merge with main * Move test to uni test Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2022-07-16 00:06:44 +08:00
"github.com/grafana/grafana/pkg/services/quota/quotatest"
Chore: Move search model from models package to search service (#62215) * Chore: Move search model from models package to search service * Remove unused imports * Cleanup after merge
2023-01-30 22:17:53 +08:00
"github.com/grafana/grafana/pkg/services/search/model"
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2
2022-08-10 17:56:48 +08:00
"github.com/grafana/grafana/pkg/services/user"
Unistore: Update Folders Endpoint (#97317) * Add route for update folders via apiserver Signed-off-by: Maicon Costa <maiconscosta@gmail.com> --------- Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-12-04 02:33:01 +08:00
"github.com/grafana/grafana/pkg/services/user/usertest"
teams: make test cases pass again
2019-03-06 15:09:34 +08:00
"github.com/grafana/grafana/pkg/setting"
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
"github.com/grafana/grafana/pkg/web/webtest"
folders: folder permissions api tests
2018-02-21 01:11:50 +08:00
)
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
func TestFoldersCreateAPIEndpoint(t *testing.T) {
Chore: Move folder service into a separate package (#56591) * Chore: move folder service interface into a separate package * copy implementation into a standalone package * move implementation and tests to the new folder package * remove leftovers from wire * add test doubles for folder service * fix tests in library panels/elements * fix provideservice in ngalert
2022-10-11 03:47:53 +08:00
folderService := &foldertest.FakeService{}
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
setUpRBACGuardian(t)
Dashboards: Refactor service to make it injectable by wire (#44588) * Add providers to folder and dashboard services * Refactor folder and dashboard services * Move store implementation to its own file due wire cannot allow us to cast to SQLStore * Add store in some places and more missing dependencies * Bad merge fix * Remove old functions from tests and few fixes * Fix provisioning * Remove store from http server and some test fixes * Test fixes * Fix dashboard and folder tests * Fix library tests * Fix provisioning tests * Fix plugins manager tests * Fix alert and org users tests * Refactor service package and more test fixes * Fix dashboard_test tets * Fix api tests * Some lint fixes * Fix lint * More lint :/ * Move dashboard integration tests to dashboards service and fix dependencies * Lint + tests * More integration tests fixes * Lint * Lint again * Fix tests again and again anda again * Update searchstore_test * Fix goimports * More go imports * More imports fixes * Fix lint * Move UnprovisionDashboard function into dashboard service and remove bus * Use search service instead of bus * Fix test * Fix go imports * Use nil in tests
2022-02-16 21:15:44 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
folderWithoutParentInput := "{ \"uid\": \"uid\", \"title\": \"Folder\"}"
type testCase struct {
description string
expectedCode int
expectedFolder *folder.Folder
expectedFolderSvcError error
permissions []accesscontrol.Permission
withNestedFolders bool
input string
}
tcs := []testCase{
{
description: "folder creation succeeds given the correct request for creating a folder",
input: folderWithoutParentInput,
expectedCode: http.StatusOK,
Remove deprecated FolderID from api tests (#79466) * Remove deprecated FolderID from api tests * Removed unused const
2023-12-20 22:12:05 +08:00
expectedFolder: &folder.Folder{UID: "uid", Title: "Folder"},
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersCreate}},
},
{
description: "folder creation fails without permissions to create a folder",
input: folderWithoutParentInput,
expectedCode: http.StatusForbidden,
permissions: []accesscontrol.Permission{},
},
{
description: "folder creation fails given folder service error %s",
input: folderWithoutParentInput,
expectedCode: http.StatusConflict,
expectedFolderSvcError: dashboards.ErrFolderWithSameUIDExists,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersCreate}},
},
{
description: "folder creation fails given folder service error %s",
input: folderWithoutParentInput,
expectedCode: http.StatusBadRequest,
expectedFolderSvcError: dashboards.ErrFolderTitleEmpty,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersCreate}},
},
{
description: "folder creation fails given folder service error %s",
input: folderWithoutParentInput,
expectedCode: http.StatusBadRequest,
expectedFolderSvcError: dashboards.ErrDashboardInvalidUid,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersCreate}},
},
{
description: "folder creation fails given folder service error %s",
input: folderWithoutParentInput,
expectedCode: http.StatusBadRequest,
expectedFolderSvcError: dashboards.ErrDashboardUidTooLong,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersCreate}},
},
{
description: "folder creation fails given folder service error %s",
input: folderWithoutParentInput,
expectedCode: http.StatusForbidden,
expectedFolderSvcError: dashboards.ErrFolderAccessDenied,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersCreate}},
},
{
description: "folder creation fails given folder service error %s",
input: folderWithoutParentInput,
expectedCode: http.StatusNotFound,
expectedFolderSvcError: dashboards.ErrFolderNotFound,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersCreate}},
},
{
description: "folder creation fails given folder service error %s",
input: folderWithoutParentInput,
expectedCode: http.StatusPreconditionFailed,
expectedFolderSvcError: dashboards.ErrFolderVersionMismatch,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersCreate}},
},
}
for _, tc := range tcs {
folderService.ExpectedFolder = tc.expectedFolder
folderService.ExpectedError = tc.expectedFolderSvcError
folderPermService := acmock.NewMockedPermissionsService()
folderPermService.On("SetPermissions", mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return([]accesscontrol.ResourcePermission{}, nil)
srv := SetupAPITestServer(t, func(hs *HTTPServer) {
Chore: prepare for removing `RBACenabled` config option (#73845) prepare for removing RBACenabled config option
2023-08-25 23:13:46 +08:00
hs.Cfg = setting.NewCfg()
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
if tc.withNestedFolders {
hs.Features = featuremgmt.WithFeatures(featuremgmt.FlagNestedFolders)
}
hs.folderService = folderService
hs.folderPermissionsService = folderPermService
hs.accesscontrolService = actest.FakeService{}
})
t.Run(testDescription(tc.description, tc.expectedFolderSvcError), func(t *testing.T) {
input := strings.NewReader(tc.input)
req := srv.NewPostRequest("/api/folders", input)
req = webtest.RequestWithSignedInUser(req, userWithPermissions(1, tc.permissions))
resp, err := srv.SendJSON(req)
require.NoError(t, err)
require.Equal(t, tc.expectedCode, resp.StatusCode)
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
folder := dtos.Folder{}
err = json.NewDecoder(resp.Body).Decode(&folder)
require.NoError(t, err)
require.NoError(t, resp.Body.Close())
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
if tc.expectedCode == http.StatusOK {
Fix capitalising Folder structs (#79207) * Fix capitalising Folder structs * Add swagger and fix api dashboard test * Add swagger files with bingo installed
2023-12-07 20:15:58 +08:00
assert.Equal(t, "uid", folder.UID)
Chore: Convert API tests to standard Go lib (#29009) * Chore: Convert tests to standard Go lib Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-11-13 16:52:38 +08:00
assert.Equal(t, "Folder", folder.Title)
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
}
Chore: Move folder service into a separate package (#56591) * Chore: move folder service interface into a separate package * copy implementation into a standalone package * move implementation and tests to the new folder package * remove leftovers from wire * add test doubles for folder service * fix tests in library panels/elements * fix provideservice in ngalert
2022-10-11 03:47:53 +08:00
})
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
}
}
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
func TestFoldersUpdateAPIEndpoint(t *testing.T) {
folderService := &foldertest.FakeService{}
setUpRBACGuardian(t)
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
type testCase struct {
description string
expectedCode int
expectedFolder *folder.Folder
expectedFolderSvcError error
permissions []accesscontrol.Permission
}
tcs := []testCase{
{
description: "folder updating succeeds given the correct request and permissions to update a folder",
expectedCode: http.StatusOK,
Remove deprecated FolderID from api tests (#79466) * Remove deprecated FolderID from api tests * Removed unused const
2023-12-20 22:12:05 +08:00
expectedFolder: &folder.Folder{UID: "uid", Title: "Folder upd"},
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersAll}},
},
{
description: "folder updating fails without permissions to update a folder",
expectedCode: http.StatusForbidden,
permissions: []accesscontrol.Permission{},
},
{
description: "folder updating fails given folder service error %s",
expectedCode: http.StatusConflict,
expectedFolderSvcError: dashboards.ErrFolderWithSameUIDExists,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersAll}},
},
{
description: "folder updating fails given folder service error %s",
expectedCode: http.StatusBadRequest,
expectedFolderSvcError: dashboards.ErrFolderTitleEmpty,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersAll}},
},
{
description: "folder updating fails given folder service error %s",
expectedCode: http.StatusBadRequest,
expectedFolderSvcError: dashboards.ErrDashboardInvalidUid,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersAll}},
},
{
description: "folder updating fails given folder service error %s",
expectedCode: http.StatusBadRequest,
expectedFolderSvcError: dashboards.ErrDashboardUidTooLong,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersAll}},
},
{
description: "folder updating fails given folder service error %s",
expectedCode: http.StatusForbidden,
expectedFolderSvcError: dashboards.ErrFolderAccessDenied,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersAll}},
},
{
description: "folder updating fails given folder service error %s",
expectedCode: http.StatusNotFound,
expectedFolderSvcError: dashboards.ErrFolderNotFound,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersAll}},
},
{
description: "folder updating fails given folder service error %s",
expectedCode: http.StatusPreconditionFailed,
expectedFolderSvcError: dashboards.ErrFolderVersionMismatch,
permissions: []accesscontrol.Permission{{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersAll}},
},
}
for _, tc := range tcs {
folderService.ExpectedFolder = tc.expectedFolder
folderService.ExpectedError = tc.expectedFolderSvcError
srv := SetupAPITestServer(t, func(hs *HTTPServer) {
Chore: prepare for removing `RBACenabled` config option (#73845) prepare for removing RBACenabled config option
2023-08-25 23:13:46 +08:00
hs.Cfg = setting.NewCfg()
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
hs.folderService = folderService
})
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
t.Run(testDescription(tc.description, tc.expectedFolderSvcError), func(t *testing.T) {
input := strings.NewReader("{ \"uid\": \"uid\", \"title\": \"Folder upd\" }")
req := srv.NewRequest(http.MethodPut, "/api/folders/uid", input)
req = webtest.RequestWithSignedInUser(req, userWithPermissions(1, tc.permissions))
resp, err := srv.SendJSON(req)
require.NoError(t, err)
require.Equal(t, tc.expectedCode, resp.StatusCode)
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
folder := dtos.Folder{}
err = json.NewDecoder(resp.Body).Decode(&folder)
require.NoError(t, err)
require.NoError(t, resp.Body.Close())
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
if tc.expectedCode == http.StatusOK {
Fix capitalising Folder structs (#79207) * Fix capitalising Folder structs * Add swagger and fix api dashboard test * Add swagger files with bingo installed
2023-12-07 20:15:58 +08:00
assert.Equal(t, "uid", folder.UID)
Chore: Convert API tests to standard Go lib (#29009) * Chore: Convert tests to standard Go lib Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-11-13 16:52:38 +08:00
assert.Equal(t, "Folder upd", folder.Title)
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
}
})
}
}
folders: folder api tests
2018-02-21 18:24:54 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
func testDescription(description string, expectedErr error) string {
if expectedErr != nil {
return fmt.Sprintf(description, expectedErr.Error())
} else {
return description
}
folders: folder api tests
2018-02-21 18:24:54 +08:00
}
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
func TestHTTPServer_FolderMetadata(t *testing.T) {
setUpRBACGuardian(t)
Chore: Move folder service into a separate package (#56591) * Chore: move folder service interface into a separate package * copy implementation into a standalone package * move implementation and tests to the new folder package * remove leftovers from wire * add test doubles for folder service * fix tests in library panels/elements * fix provideservice in ngalert
2022-10-11 03:47:53 +08:00
folderService := &foldertest.FakeService{}
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
features := featuremgmt.WithFeatures(featuremgmt.FlagNestedFolders)
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
server := SetupAPITestServer(t, func(hs *HTTPServer) {
Chore: prepare for removing `RBACenabled` config option (#73845) prepare for removing RBACenabled config option
2023-08-25 23:13:46 +08:00
hs.Cfg = setting.NewCfg()
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
hs.folderService = folderService
Chore: Refactor quota service (#58643) Chore: Refactor quota service (#57586) * Chore: refactore quota service * Apply suggestions from code review
2022-11-15 03:08:10 +08:00
hs.QuotaService = quotatest.New(false, nil)
Chore: Drop search service dependency from folder service (#61789) * Chore: Drop search service dependency from folder service
2023-01-23 20:09:09 +08:00
hs.SearchService = &mockSearchService{
Chore: Move search model from models package to search service (#62215) * Chore: Move search model from models package to search service * Remove unused imports * Cleanup after merge
2023-01-30 22:17:53 +08:00
ExpectedResult: model.HitList{},
Chore: Drop search service dependency from folder service (#61789) * Chore: Drop search service dependency from folder service
2023-01-23 20:09:09 +08:00
}
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
hs.Features = features
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
})
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
t.Run("Should attach access control metadata to folder response", func(t *testing.T) {
folderService.ExpectedFolder = &folder.Folder{UID: "folderUid"}
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
req := server.NewGetRequest("/api/folders/folderUid?accesscontrol=true")
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields
2022-08-11 19:28:55 +08:00
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, Permissions: map[int64]map[string][]string{
Add auth spans and remove deduplication code for scopes (#89804) Adds more spans for timing in accesscontrol and remove permission deduplicating code after benchmarking --------- Signed-off-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2024-07-03 14:08:57 +08:00
1: accesscontrol.GroupScopesByActionContext(context.Background(), []accesscontrol.Permission{
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersAll},
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("folderUid")},
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
}),
}})
res, err := server.Send(req)
require.NoError(t, err)
assert.Equal(t, http.StatusOK, res.StatusCode)
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
defer func() { require.NoError(t, res.Body.Close()) }()
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
body := dtos.Folder{}
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
require.NoError(t, json.NewDecoder(res.Body).Decode(&body))
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
assert.True(t, body.AccessControl[dashboards.ActionFoldersRead])
assert.True(t, body.AccessControl[dashboards.ActionFoldersWrite])
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
})
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
t.Run("Should attach access control metadata to folder response with permissions cascading from nested folders", func(t *testing.T) {
API: Support creating a nested folder (#58508) * API: Support nested folder creation * Update swagger * fixup * Update pkg/api/dtos/folder.go Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com> * Fix some tests * create legacy folder url from title and uid Co-authored-by: idafurjes <36131195+idafurjes@users.noreply.github.com> Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com> Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
2022-11-10 17:41:03 +08:00
folderService.ExpectedFolder = &folder.Folder{UID: "folderUid"}
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
folderService.ExpectedFolders = []*folder.Folder{{UID: "parentUid"}}
features = featuremgmt.WithFeatures(featuremgmt.FlagNestedFolders)
defer func() {
features = featuremgmt.WithFeatures()
folderService.ExpectedFolders = nil
}()
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
req := server.NewGetRequest("/api/folders/folderUid?accesscontrol=true")
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields
2022-08-11 19:28:55 +08:00
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, Permissions: map[int64]map[string][]string{
Add auth spans and remove deduplication code for scopes (#89804) Adds more spans for timing in accesscontrol and remove permission deduplicating code after benchmarking --------- Signed-off-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2024-07-03 14:08:57 +08:00
1: accesscontrol.GroupScopesByActionContext(context.Background(), []accesscontrol.Permission{
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersAll},
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("parentUid")},
{Action: dashboards.ActionDashboardsCreate, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("folderUid")},
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
}),
}})
res, err := server.Send(req)
require.NoError(t, err)
assert.Equal(t, http.StatusOK, res.StatusCode)
defer func() { require.NoError(t, res.Body.Close()) }()
body := dtos.Folder{}
require.NoError(t, json.NewDecoder(res.Body).Decode(&body))
assert.True(t, body.AccessControl[dashboards.ActionFoldersRead])
assert.True(t, body.AccessControl[dashboards.ActionFoldersWrite])
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
assert.True(t, body.AccessControl[dashboards.ActionDashboardsCreate])
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
})
RBAC: Make access control metadata for folders work with nested folders (#66464) * remove metadata for single folder listing * extendTests * remove ac metadata from dash and folder search results * remove test * remove one more test * put ac metadata back for single folder API responses * extend tests * remove ac metadata from folder frontend object * undo unneeded change * PR feedback Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 22:05:11 +08:00
t.Run("Should not attach access control metadata to folder response", func(t *testing.T) {
API: Support creating a nested folder (#58508) * API: Support nested folder creation * Update swagger * fixup * Update pkg/api/dtos/folder.go Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com> * Fix some tests * create legacy folder url from title and uid Co-authored-by: idafurjes <36131195+idafurjes@users.noreply.github.com> Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com> Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
2022-11-10 17:41:03 +08:00
folderService.ExpectedFolder = &folder.Folder{UID: "folderUid"}
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
req := server.NewGetRequest("/api/folders/folderUid")
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields
2022-08-11 19:28:55 +08:00
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, Permissions: map[int64]map[string][]string{
Add auth spans and remove deduplication code for scopes (#89804) Adds more spans for timing in accesscontrol and remove permission deduplicating code after benchmarking --------- Signed-off-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2024-07-03 14:08:57 +08:00
1: accesscontrol.GroupScopesByActionContext(context.Background(), []accesscontrol.Permission{
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersAll},
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("folderUid")},
}),
}})
res, err := server.Send(req)
require.NoError(t, err)
assert.Equal(t, http.StatusOK, res.StatusCode)
defer func() { require.NoError(t, res.Body.Close()) }()
body := dtos.Folder{}
require.NoError(t, json.NewDecoder(res.Body).Decode(&body))
assert.False(t, body.AccessControl[dashboards.ActionFoldersRead])
assert.False(t, body.AccessControl[dashboards.ActionFoldersWrite])
})
}
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
func TestFolderMoveAPIEndpoint(t *testing.T) {
Nested folders: Fix move (#65526) * Nested Folders: Fix move response Fix JSON tags to be consistent with the GET endpoint * Add API test for moving to root folder * Allow move to root folder * Fix failure message * Update OpenAPI specification
2023-03-30 16:46:11 +08:00
folderService := &foldertest.FakeService{
ExpectedFolder: &folder.Folder{},
}
RBAC: Add access control metadata to folder dtos (#51158) * RBAC: Add access control metadata to Folder dto * Add access control metadata to folder dto response * Add test to verify that access control metadata is attached * Attach access control metadata to multiple folders * Add access control metadata to frontend folder dto
2022-06-22 16:29:26 +08:00
setUpRBACGuardian(t)
teams: make test cases pass again
2019-03-06 15:09:34 +08:00
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
type testCase struct {
description string
expectedCode int
permissions []accesscontrol.Permission
newParentUid string
}
tcs := []testCase{
{
description: "can move folder to another folder with specific permissions",
newParentUid: "newParentUid",
expectedCode: http.StatusOK,
permissions: []accesscontrol.Permission{
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("uid")},
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("newParentUid")},
},
},
Nested folders: Fix move (#65526) * Nested Folders: Fix move response Fix JSON tags to be consistent with the GET endpoint * Add API test for moving to root folder * Allow move to root folder * Fix failure message * Update OpenAPI specification
2023-03-30 16:46:11 +08:00
{
description: "can move folder to the root folder with specific permissions",
newParentUid: "",
expectedCode: http.StatusOK,
permissions: []accesscontrol.Permission{
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("uid")},
},
},
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
{
description: "forbidden to move folder to another folder without the write access on the folder being moved",
newParentUid: "newParentUid",
expectedCode: http.StatusForbidden,
permissions: []accesscontrol.Permission{
{Action: dashboards.ActionFoldersWrite, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("newParentUid")},
},
},
}
for _, tc := range tcs {
srv := SetupAPITestServer(t, func(hs *HTTPServer) {
Chore: prepare for removing `RBACenabled` config option (#73845) prepare for removing RBACenabled config option
2023-08-25 23:13:46 +08:00
hs.Cfg = setting.NewCfg()
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
hs.Features = featuremgmt.WithFeatures(featuremgmt.FlagNestedFolders)
hs.folderService = folderService
folders: folder api tests
2018-02-21 18:24:54 +08:00
})
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
t.Run(tc.description, func(t *testing.T) {
input := strings.NewReader(fmt.Sprintf("{ \"parentUid\": \"%s\"}", tc.newParentUid))
req := srv.NewRequest(http.MethodPost, "/api/folders/uid/move", input)
req = webtest.RequestWithSignedInUser(req, userWithPermissions(1, tc.permissions))
resp, err := srv.SendJSON(req)
require.NoError(t, err)
require.Equal(t, tc.expectedCode, resp.StatusCode)
require.NoError(t, resp.Body.Close())
folders: folder api tests
2018-02-21 18:24:54 +08:00
})
RBAC: protect folder creation and moving (#64636) * protect moving folders to a subfolder and creating folders in a subfolder * folder update endpoint isn't used for folder parent update * lint * move permission check logic to services, fix tests * linting
2023-03-20 19:04:22 +08:00
}
folders: folder api tests
2018-02-21 18:24:54 +08:00
}
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
func TestFolderGetAPIEndpoint(t *testing.T) {
folderService := &foldertest.FakeService{
ExpectedFolder: &folder.Folder{
UID: "uid",
Title: "uid title",
},
ExpectedFolders: []*folder.Folder{
{
UID: "parent",
Title: "parent title",
},
{
UID: "subfolder",
Title: "subfolder title",
},
},
}
type testCase struct {
description string
URL string
FeatureFlags: Use interface rather than manager (#80000)
2024-01-10 02:38:06 +08:00
features featuremgmt.FeatureToggles
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
expectedCode int
expectedParentUIDs []string
Chore: Remove FolderID from DTO Folder (#78420) * Chore: Remove FolderID from DTO Folder * chore: add OrgID field to an instance of SaveDashboardCommand * chore: add another OrgID to pair with the FolderUID: * chore: add OrgId to Folder struct and expectedParentOrgIDs to testCase struct, unsure if last part is necessary * Fix folder test, add expected orgID * chore: regen specs --------- Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
2023-12-07 20:56:04 +08:00
expectedParentOrgIDs []int64
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
expectedParentTitles []string
permissions []accesscontrol.Permission
Nested folders: Fix folder hierarchy in folder responses (#74516) Nested folders: Fix hierarchy in folder response
2023-09-08 15:43:41 +08:00
g *guardian.FakeDashboardGuardian
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
}
tcs := []testCase{
{
description: "get folder by UID should return parent folders if nested folder are enabled",
URL: "/api/folders/uid",
expectedCode: http.StatusOK,
features: featuremgmt.WithFeatures(featuremgmt.FlagNestedFolders),
expectedParentUIDs: []string{"parent", "subfolder"},
Chore: Remove FolderID from DTO Folder (#78420) * Chore: Remove FolderID from DTO Folder * chore: add OrgID field to an instance of SaveDashboardCommand * chore: add another OrgID to pair with the FolderUID: * chore: add OrgId to Folder struct and expectedParentOrgIDs to testCase struct, unsure if last part is necessary * Fix folder test, add expected orgID * chore: regen specs --------- Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
2023-12-07 20:56:04 +08:00
expectedParentOrgIDs: []int64{0, 0},
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
expectedParentTitles: []string{"parent title", "subfolder title"},
permissions: []accesscontrol.Permission{
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("uid")},
},
Nested folders: Fix folder hierarchy in folder responses (#74516) Nested folders: Fix hierarchy in folder response
2023-09-08 15:43:41 +08:00
g: &guardian.FakeDashboardGuardian{CanViewValue: true},
},
{
description: "get folder by UID should return parent folders redacted if nested folder are enabled and user does not have read access to parent folders",
URL: "/api/folders/uid",
expectedCode: http.StatusOK,
features: featuremgmt.WithFeatures(featuremgmt.FlagNestedFolders),
expectedParentUIDs: []string{REDACTED, REDACTED},
Chore: Remove FolderID from DTO Folder (#78420) * Chore: Remove FolderID from DTO Folder * chore: add OrgID field to an instance of SaveDashboardCommand * chore: add another OrgID to pair with the FolderUID: * chore: add OrgId to Folder struct and expectedParentOrgIDs to testCase struct, unsure if last part is necessary * Fix folder test, add expected orgID * chore: regen specs --------- Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
2023-12-07 20:56:04 +08:00
expectedParentOrgIDs: []int64{0, 0},
Nested folders: Fix folder hierarchy in folder responses (#74516) Nested folders: Fix hierarchy in folder response
2023-09-08 15:43:41 +08:00
expectedParentTitles: []string{REDACTED, REDACTED},
permissions: []accesscontrol.Permission{
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("uid")},
},
g: &guardian.FakeDashboardGuardian{CanViewValue: false},
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
},
{
description: "get folder by UID should not return parent folders if nested folder are disabled",
URL: "/api/folders/uid",
expectedCode: http.StatusOK,
features: featuremgmt.WithFeatures(),
expectedParentUIDs: []string{},
Chore: Remove FolderID from DTO Folder (#78420) * Chore: Remove FolderID from DTO Folder * chore: add OrgID field to an instance of SaveDashboardCommand * chore: add another OrgID to pair with the FolderUID: * chore: add OrgId to Folder struct and expectedParentOrgIDs to testCase struct, unsure if last part is necessary * Fix folder test, add expected orgID * chore: regen specs --------- Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
2023-12-07 20:56:04 +08:00
expectedParentOrgIDs: []int64{0, 0},
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
expectedParentTitles: []string{},
permissions: []accesscontrol.Permission{
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersProvider.GetResourceScopeUID("uid")},
},
Nested folders: Fix folder hierarchy in folder responses (#74516) Nested folders: Fix hierarchy in folder response
2023-09-08 15:43:41 +08:00
g: &guardian.FakeDashboardGuardian{CanViewValue: true},
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
},
}
for _, tc := range tcs {
srv := SetupAPITestServer(t, func(hs *HTTPServer) {
Chore: prepare for removing `RBACenabled` config option (#73845) prepare for removing RBACenabled config option
2023-08-25 23:13:46 +08:00
hs.Cfg = setting.NewCfg()
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
hs.Features = tc.features
hs.folderService = folderService
})
t.Run(tc.description, func(t *testing.T) {
Nested folders: Fix folder hierarchy in folder responses (#74516) Nested folders: Fix hierarchy in folder response
2023-09-08 15:43:41 +08:00
origNewGuardian := guardian.New
t.Cleanup(func() {
guardian.New = origNewGuardian
})
guardian.MockDashboardGuardian(tc.g)
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
req := srv.NewGetRequest(tc.URL)
req = webtest.RequestWithSignedInUser(req, userWithPermissions(1, tc.permissions))
resp, err := srv.Send(req)
require.NoError(t, err)
require.Equal(t, tc.expectedCode, resp.StatusCode)
folder := dtos.Folder{}
err = json.NewDecoder(resp.Body).Decode(&folder)
require.NoError(t, err)
require.Equal(t, len(folder.Parents), len(tc.expectedParentUIDs))
require.Equal(t, len(folder.Parents), len(tc.expectedParentTitles))
for i := 0; i < len(tc.expectedParentUIDs); i++ {
Fix capitalising Folder structs (#79207) * Fix capitalising Folder structs * Add swagger and fix api dashboard test * Add swagger files with bingo installed
2023-12-07 20:15:58 +08:00
assert.Equal(t, tc.expectedParentUIDs[i], folder.Parents[i].UID)
Chore: Remove FolderID from DTO Folder (#78420) * Chore: Remove FolderID from DTO Folder * chore: add OrgID field to an instance of SaveDashboardCommand * chore: add another OrgID to pair with the FolderUID: * chore: add OrgId to Folder struct and expectedParentOrgIDs to testCase struct, unsure if last part is necessary * Fix folder test, add expected orgID * chore: regen specs --------- Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
2023-12-07 20:56:04 +08:00
assert.Equal(t, tc.expectedParentOrgIDs[i], folder.Parents[i].OrgID)
NestedFolders: Return full folder hierarchy in Folder response (#66835) * Delete redundant struct * Include parent folders in DTO * Add test * Update swagger
2023-04-25 16:22:20 +08:00
assert.Equal(t, tc.expectedParentTitles[i], folder.Parents[i].Title)
}
require.NoError(t, resp.Body.Close())
})
}
}
Unistore: Update Folders Endpoint (#97317) * Add route for update folders via apiserver Signed-off-by: Maicon Costa <maiconscosta@gmail.com> --------- Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-12-04 02:33:01 +08:00
type mockClientConfigProvider struct {
host string
}
func (m mockClientConfigProvider) GetDirectRestConfig(c *contextmodel.ReqContext) *clientrest.Config {
return &clientrest.Config{
Host: m.host,
}
}
func (m mockClientConfigProvider) DirectlyServeHTTP(w http.ResponseWriter, r *http.Request) {}
UniStore: Get Folder Handler return Root Folder (general) (#98127) Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-12-19 09:31:55 +08:00
// for now, test only the general folder
func TestGetFolderLegacyAndUnifiedStorage(t *testing.T) {
testuser := &user.User{ID: 99, UID: "fdxsqt7t5ryf4a", Login: "testuser"}
legacyFolder := *folder.RootFolder
expectedFolder := dtos.Folder{
UID: legacyFolder.UID,
OrgID: 0,
Title: legacyFolder.Title,
URL: legacyFolder.URL,
HasACL: false,
CanSave: false,
CanEdit: true,
CanAdmin: false,
CanDelete: false,
CreatedBy: "Anonymous",
UpdatedBy: "Anonymous",
}
mux := http.NewServeMux()
folderApiServerMock := httptest.NewServer(mux)
defer folderApiServerMock.Close()
t.Run("happy path", func(t *testing.T) {
type testCase struct {
description string
folderUID string
legacyFolder folder.Folder
expectedFolder dtos.Folder
expectedFolderServiceError error
unifiedStorageEnabled bool
unifiedStorageMode grafanarest.DualWriterMode
expectedCode int
}
tcs := []testCase{
{
description: "General folder - Legacy",
expectedCode: http.StatusOK,
legacyFolder: legacyFolder,
folderUID: legacyFolder.UID,
expectedFolder: expectedFolder,
unifiedStorageEnabled: false,
},
{
description: "General folder - Unified storage, mode 1",
expectedCode: http.StatusOK,
legacyFolder: legacyFolder,
folderUID: legacyFolder.UID,
expectedFolder: expectedFolder,
unifiedStorageEnabled: true,
unifiedStorageMode: grafanarest.Mode1,
},
{
description: "General folder - Unified storage, mode 2",
expectedCode: http.StatusOK,
legacyFolder: legacyFolder,
folderUID: legacyFolder.UID,
expectedFolder: expectedFolder,
unifiedStorageEnabled: true,
unifiedStorageMode: grafanarest.Mode2,
},
{
description: "General folder - Unified storage, mode 3",
expectedCode: http.StatusOK,
legacyFolder: legacyFolder,
folderUID: legacyFolder.UID,
expectedFolder: expectedFolder,
unifiedStorageEnabled: true,
unifiedStorageMode: grafanarest.Mode3,
},
{
description: "General folder - Unified storage, mode 4",
expectedCode: http.StatusOK,
legacyFolder: legacyFolder,
folderUID: legacyFolder.UID,
expectedFolder: expectedFolder,
unifiedStorageEnabled: true,
unifiedStorageMode: grafanarest.Mode4,
},
}
for _, tc := range tcs {
t.Run(tc.description, func(t *testing.T) {
setUpRBACGuardian(t)
cfg := setting.NewCfg()
cfg.UnifiedStorage = map[string]setting.UnifiedStorageConfig{
folderv0alpha1.RESOURCEGROUP: {
DualWriterMode: tc.unifiedStorageMode,
},
}
featuresArr := []any{featuremgmt.FlagNestedFolders}
if tc.unifiedStorageEnabled {
K8s: Move to one feature toggle for folders and dashboards (#100911)
2025-02-19 07:11:26 +08:00
featuresArr = append(featuresArr, featuremgmt.FlagKubernetesClientDashboardsFolders)
UniStore: Get Folder Handler return Root Folder (general) (#98127) Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-12-19 09:31:55 +08:00
}
server := SetupAPITestServer(t, func(hs *HTTPServer) {
hs.Cfg = cfg
hs.folderService = &foldertest.FakeService{
ExpectedFolder: &tc.legacyFolder,
ExpectedError: tc.expectedFolderServiceError,
}
hs.QuotaService = quotatest.New(false, nil)
hs.SearchService = &mockSearchService{
ExpectedResult: model.HitList{},
}
hs.userService = &usertest.FakeUserService{
ExpectedUser: testuser,
}
hs.Features = featuremgmt.WithFeatures(
featuresArr...,
)
hs.clientConfigProvider = mockClientConfigProvider{
host: folderApiServerMock.URL,
}
})
req := server.NewRequest(http.MethodGet, fmt.Sprintf("/api/folders/%s", tc.folderUID), nil)
req.Header.Set("Content-Type", "application/json")
webtest.RequestWithSignedInUser(req, &user.SignedInUser{UserID: 1, OrgID: 1, Permissions: map[int64]map[string][]string{
1: accesscontrol.GroupScopesByActionContext(context.Background(), []accesscontrol.Permission{
{Action: dashboards.ActionFoldersRead, Scope: dashboards.ScopeFoldersAll},
}),
}})
res, err := server.Send(req)
require.NoError(t, err)
require.Equal(t, tc.expectedCode, res.StatusCode)
defer func() { require.NoError(t, res.Body.Close()) }()
if tc.expectedCode == http.StatusOK {
body := dtos.Folder{}
require.NoError(t, json.NewDecoder(res.Body).Decode(&body))
//nolint:staticcheck
body.ID = 0
body.Version = 0
tc.expectedFolder.Version = 0
require.Equal(t, tc.expectedFolder, body)
}
})
}
})
}