Dashboards: Allow updating a dashboard if the user doesn't have access to the parent folder #78075
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
IevaVasiljeva
requested review from
mildwonkey,
undef1nd and
suntala
and removed request for
a team
IevaVasiljeva
commented
Nov 13, 2023
Comment on lines
-389
to
-409
| // nolint:staticcheck | ||
| if cmd.FolderUID != "" || cmd.FolderID != 0 { | ||
| folder, err := hs.folderService.Get(ctx, &folder.GetFolderQuery{ | ||
| OrgID: c.SignedInUser.GetOrgID(), | ||
| UID: &cmd.FolderUID, | ||
| // nolint:staticcheck | ||
| ID: &cmd.FolderID, | ||
| SignedInUser: c.SignedInUser, | ||
| }) | ||
| if err != nil { | ||
| if errors.Is(err, dashboards.ErrFolderNotFound) { | ||
| return response.Error(http.StatusBadRequest, "Folder not found", err) | ||
| } | ||
| return response.Error(http.StatusInternalServerError, "Error while checking folder ID", err) | ||
| } | ||
| // nolint:staticcheck | ||
| cmd.FolderID = folder.ID | ||
| cmd.FolderUID = folder.UID | ||
| } |
There was a problem hiding this comment.
This logic is now carried out here.
IevaVasiljeva
commented
Nov 13, 2023
Comment on lines
-333
to
-315
| if dash.FolderID > 0 { | ||
| var existingFolder dashboards.Dashboard | ||
| folderExists, err := sess.Where("org_id=? AND id=? AND is_folder=?", dash.OrgID, dash.FolderID, | ||
| dialect.BooleanStr(true)).Get(&existingFolder) | ||
| if err != nil { | ||
| return false, fmt.Errorf("SQL query for folder failed: %w", err) | ||
| } | ||
|
|
||
| if !folderExists { | ||
| return false, dashboards.ErrDashboardFolderNotFound | ||
| } | ||
| } |
There was a problem hiding this comment.
This logic is now carried out here for dashboards and here for folders.
IevaVasiljeva
commented
Nov 13, 2023
Comment on lines
-859
to
-863
| if dash.IsFolder && dash.FolderID > 0 { | ||
| return nil, dashboards.ErrDashboardFolderCannotHaveParent |
There was a problem hiding this comment.
Cleanup: this is an outdated check - we support nested folders now.
IevaVasiljeva
commented
Nov 13, 2023
| } | ||
|
|
||
| if dash.IsFolder && strings.EqualFold(dash.Title, dashboards.RootFolderName) { |
There was a problem hiding this comment.
Cleanup: safe to remove dash.IsFolder, as this code is a part of the folder service, so we know that dash.IsFolder is true.
IevaVasiljeva
changed the title
Jguer
approved these changes
Nov 16, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What is this feature?
Refactors the code to allow updating a dashboard if the user doesn't have access to the parent folder:
Why do we need this feature?
To allow users to update dashboards if they don't have access to the parent folder.
Who is this feature for?
Everyone.
Which issue(s) does this PR fix?:
Fixes #76068
Special notes for your reviewer:
Please check that: