Merge branch 'main' into feat/input-buffer3

openobserve · May 13, 2024 · 4b4608f · 4b4608f
2 parents e08f2bb + 901e9bc
commit 4b4608f
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 5 deletions.
diff --git a/src/common/utils/auth.rs b/src/common/utils/auth.rs
@@ -66,6 +66,7 @@ pub(crate) fn is_root_user(user_id: &str) -> bool {
 #[cfg(feature = "enterprise")]
 pub async fn set_ownership(org_id: &str, obj_type: &str, obj: Authz) {
     use o2_enterprise::enterprise::common::infra::config::O2_CONFIG;
+
     if O2_CONFIG.openfga.enabled {
         use o2_enterprise::enterprise::openfga::{authorizer, meta::mapping::OFGA_MODELS};
 
@@ -77,6 +78,23 @@ pub async fn set_ownership(org_id: &str, obj_type: &str, obj: Authz) {
             OFGA_MODELS.get(obj.parent_type.as_str()).unwrap().key
         };
 
+        // Default folder is already created in case of new org, this handles the case for old org
+        if obj_type.eq("folders")
+            && authorizer::authz::check_folder_exists(org_id, &obj.obj_id).await
+        {
+            // If the folder tuples are missing, it automatically creates them
+            // So we can return here
+            log::debug!(
+                "folder tuples already exists for org: {org_id}; folder: {}",
+                &obj.obj_id
+            );
+            return;
+        } else if obj.parent_type.eq("folders") {
+            log::debug!("checking parent folder tuples for folder: {}", &obj.parent);
+            // In case of dashboard, we need to check if the tuples for its folder exist
+            // If not, the below function creates the proper tuples for the folder
+            authorizer::authz::check_folder_exists(org_id, &obj.parent).await;
+        }
         authorizer::authz::set_ownership(org_id, &obj_str, &obj.parent, parent_type).await;
     }
 }

diff --git a/src/handler/http/request/search/mod.rs b/src/handler/http/request/search/mod.rs
@@ -205,7 +205,6 @@ pub async fn search(
     }
 
     let mut query_fn = req.query.query_fn.and_then(|v| base64::decode_url(&v).ok());
-
     if let Some(vrl_function) = &query_fn {
         if !vrl_function.trim().ends_with('.') {
             query_fn = Some(format!("{} \n .", vrl_function));
@@ -420,9 +419,14 @@ pub async fn around(
         Some(v) => v.parse::<i64>().unwrap_or(0),
         None => return Ok(MetaHttpResponse::bad_request("around key is empty")),
     };
-    let query_fn = query
+    let mut query_fn = query
         .get("query_fn")
         .and_then(|v| base64::decode_url(v).ok());
+    if let Some(vrl_function) = &query_fn {
+        if !vrl_function.trim().ends_with('.') {
+            query_fn = Some(format!("{} \n .", vrl_function));
+        }
+    }
 
     let default_sql = format!("SELECT * FROM \"{}\" ", stream_name);
     let around_sql = match query.get("sql") {

diff --git a/src/service/dashboards/folders.rs b/src/service/dashboards/folders.rs
@@ -60,9 +60,7 @@ pub async fn save_folder(
 
     match db::dashboards::folders::put(org_id, folder).await {
         Ok(folder) => {
-            if folder.folder_id != DEFAULT_FOLDER {
-                set_ownership(org_id, "folders", Authz::new(&folder.folder_id)).await;
-            }
+            set_ownership(org_id, "folders", Authz::new(&folder.folder_id)).await;
             Ok(HttpResponse::Ok().json(folder))
         }
         Err(error) => Ok(