Merge pull request #37 from grafana/support-datasource-permissions

julienduchesne · web-flow · commit 0933c3ff8528 · 2021-11-23T21:27:55.000-05:00
Support datasource permissions
diff --git a/datasource_permissions.go b/datasource_permissions.go
@@ -0,0 +1,95 @@
+package gapi
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+)
+
+type DatasourcePermissionType int
+
+const (
+	_ DatasourcePermissionType = iota // 0 is not a valid permission
+	DatasourcePermissionQuery
+)
+
+// DatasourcePermission has information such as a datasource, user, team, role and permission.
+type DatasourcePermission struct {
+	ID           int64  `json:"id"`
+	DatasourceID int64  `json:"datasourceId"`
+	UserID       int64  `json:"userId"`
+	UserEmail    string `json:"userEmail"`
+	TeamID       int64  `json:"teamId"`
+
+	// Permission levels are
+	// 1 = Query
+	Permission     DatasourcePermissionType `json:"permission"`
+	PermissionName string                   `json:"permissionName"`
+}
+
+type DatasourcePermissionsResponse struct {
+	DatasourceID int64                   `json:"datasourceId"`
+	Enabled      bool                    `json:"enabled"`
+	Permissions  []*DatasourcePermission `json:"permissions"`
+}
+
+type DatasourcePermissionAddPayload struct {
+	UserID     int64                    `json:"userId"`
+	TeamID     int64                    `json:"teamId"`
+	Permission DatasourcePermissionType `json:"permission"`
+}
+
+// EnableDatasourcePermissions enables the datasource permissions (this is a datasource setting)
+func (c *Client) EnableDatasourcePermissions(id int64) error {
+	path := fmt.Sprintf("/api/datasources/%d/enable-permissions", id)
+	if err := c.request("POST", path, nil, nil, nil); err != nil {
+		return fmt.Errorf("error enabling permissions at %s: %w", path, err)
+	}
+	return nil
+}
+
+// DisableDatasourcePermissions disables the datasource permissions (this is a datasource setting)
+func (c *Client) DisableDatasourcePermissions(id int64) error {
+	path := fmt.Sprintf("/api/datasources/%d/disable-permissions", id)
+	if err := c.request("POST", path, nil, nil, nil); err != nil {
+		return fmt.Errorf("error disabling permissions at %s: %w", path, err)
+	}
+	return nil
+}
+
+// DatasourcePermissions fetches and returns the permissions for the datasource whose ID it's passed.
+func (c *Client) DatasourcePermissions(id int64) (*DatasourcePermissionsResponse, error) {
+	path := fmt.Sprintf("/api/datasources/%d/permissions", id)
+	var out *DatasourcePermissionsResponse
+	err := c.request("GET", path, nil, nil, &out)
+	if err != nil {
+		return out, fmt.Errorf("error getting permissions at %s: %w", path, err)
+	}
+
+	return out, nil
+}
+
+// AddDatasourcePermission adds the given permission item
+func (c *Client) AddDatasourcePermission(id int64, item *DatasourcePermissionAddPayload) error {
+	path := fmt.Sprintf("/api/datasources/%d/permissions", id)
+	data, err := json.Marshal(item)
+	if err != nil {
+		return fmt.Errorf("marshal err: %w", err)
+	}
+
+	if err = c.request("POST", path, nil, bytes.NewBuffer(data), nil); err != nil {
+		return fmt.Errorf("error adding permissions at %s: %w", path, err)
+	}
+
+	return nil
+}
+
+// RemoveDatasourcePermission removes the permission with the given id
+func (c *Client) RemoveDatasourcePermission(id, permissionID int64) error {
+	path := fmt.Sprintf("/api/datasources/%d/permissions/%d", id, permissionID)
+	if err := c.request("DELETE", path, nil, nil, nil); err != nil {
+		return fmt.Errorf("error deleting permissions at %s: %w", path, err)
+	}
+
+	return nil
+}
diff --git a/datasource_permissions_test.go b/datasource_permissions_test.go
@@ -0,0 +1,102 @@
+package gapi
+
+import (
+	"testing"
+
+	"github.com/gobs/pretty"
+)
+
+const (
+	getDatasourcePermissionsJSON = `{
+	"datasourceId": 1,
+	"enabled": true,
+	"permissions": [
+		{
+			"datasourceId": 1,
+			"userId": 1,
+			"userLogin": "user",
+			"userEmail": "user@test.com",
+			"userAvatarUrl": "/avatar/46d229b033af06a191ff2267bca9ae56",
+			"permission": 1,
+			"permissionName": "Query",
+			"created": "2017-06-20T02:00:00+02:00",
+			"updated": "2017-06-20T02:00:00+02:00"
+		},
+		{
+			"datasourceId": 2,
+			"teamId": 1,
+			"team": "A Team",
+			"teamAvatarUrl": "/avatar/46d229b033af06a191ff2267bca9ae56",
+			"permission": 1,
+			"permissionName": "Query",
+			"created": "2017-06-20T02:00:00+02:00",
+			"updated": "2017-06-20T02:00:00+02:00"
+		}
+	]
+}`
+	addDatasourcePermissionsJSON = `{
+	"message": "Datasource permission added"
+}`
+)
+
+func TestDatasourcePermissions(t *testing.T) {
+	server, client := gapiTestTools(t, 200, getDatasourcePermissionsJSON)
+	defer server.Close()
+
+	resp, err := client.DatasourcePermissions(1)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	t.Log(pretty.PrettyFormat(resp))
+
+	expects := []*DatasourcePermission{
+		{
+			DatasourceID:   1,
+			UserID:         1,
+			TeamID:         0,
+			Permission:     1,
+			PermissionName: "Query",
+		},
+		{
+			DatasourceID:   2,
+			UserID:         0,
+			TeamID:         1,
+			Permission:     1,
+			PermissionName: "Query",
+		},
+	}
+
+	for i, expect := range expects {
+		t.Run("check data", func(t *testing.T) {
+			if resp.Permissions[i].DatasourceID != expect.DatasourceID ||
+				resp.Permissions[i].UserID != expect.UserID ||
+				resp.Permissions[i].TeamID != expect.TeamID ||
+				resp.Permissions[i].Permission != expect.Permission ||
+				resp.Permissions[i].PermissionName != expect.PermissionName {
+				t.Error("Not correctly parsing returned datasource permission")
+			}
+		})
+	}
+}
+
+func TestAddDatasourcePermissions(t *testing.T) {
+	server, client := gapiTestTools(t, 200, addDatasourcePermissionsJSON)
+	defer server.Close()
+
+	for _, item := range []*DatasourcePermissionAddPayload{
+		{
+			TeamID:     1,
+			Permission: 1,
+		},
+		{
+			UserID:     11,
+			Permission: 1,
+		},
+	} {
+		err := client.AddDatasourcePermission(1, item)
+		if err != nil {
+			t.Error(err)
+		}
+	}
+}
