forked from grafana/grafana-api-golang-client
-
Notifications
You must be signed in to change notification settings - Fork 0
/
datasource_permissions.go
151 lines (130 loc) · 4.91 KB
/
datasource_permissions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package gapi
import (
"encoding/json"
"fmt"
)
type DatasourcePermissionType int
const (
_ DatasourcePermissionType = iota // 0 is not a valid permission
DatasourcePermissionQuery
DatasourcePermissionEdit
)
// DatasourcePermission has information such as a datasource, user, team, role and permission.
type DatasourcePermission struct {
ID int64 `json:"id"`
DatasourceID int64 `json:"datasourceId"`
UserID int64 `json:"userId"`
UserEmail string `json:"userEmail"`
TeamID int64 `json:"teamId"`
BuiltInRole string `json:"builtInRole"`
// Permission levels are
// 1 = Query
// 2 = Edit
Permission DatasourcePermissionType `json:"permission"`
PermissionName string `json:"permissionName"`
}
type DatasourcePermissionsResponse struct {
DatasourceID int64 `json:"datasourceId"`
Enabled bool `json:"enabled"`
Permissions []*DatasourcePermission `json:"permissions"`
}
type DatasourcePermissionAddPayload struct {
UserID int64 `json:"userId"`
TeamID int64 `json:"teamId"`
BuiltInRole string `json:"builtinRole"`
Permission DatasourcePermissionType `json:"permission"`
}
// EnableDatasourcePermissions enables the datasource permissions (this is a datasource setting)
func (c *Client) EnableDatasourcePermissions(id int64) error {
path := fmt.Sprintf("/api/datasources/%d/enable-permissions", id)
if err := c.request("POST", path, nil, nil, nil); err != nil {
return fmt.Errorf("error enabling permissions at %s: %w", path, err)
}
return nil
}
// DisableDatasourcePermissions disables the datasource permissions (this is a datasource setting)
func (c *Client) DisableDatasourcePermissions(id int64) error {
path := fmt.Sprintf("/api/datasources/%d/disable-permissions", id)
if err := c.request("POST", path, nil, nil, nil); err != nil {
return fmt.Errorf("error disabling permissions at %s: %w", path, err)
}
return nil
}
// DatasourcePermissions fetches and returns the permissions for the datasource whose ID it's passed.
func (c *Client) DatasourcePermissions(id int64) (*DatasourcePermissionsResponse, error) {
path := fmt.Sprintf("/api/datasources/%d/permissions", id)
var out *DatasourcePermissionsResponse
err := c.request("GET", path, nil, nil, &out)
if err != nil {
return out, fmt.Errorf("error getting permissions at %s: %w", path, err)
}
return out, nil
}
// AddDatasourcePermission adds the given permission item
func (c *Client) AddDatasourcePermission(id int64, item *DatasourcePermissionAddPayload) error {
path := fmt.Sprintf("/api/datasources/%d/permissions", id)
data, err := json.Marshal(item)
if err != nil {
return fmt.Errorf("marshal err: %w", err)
}
if err = c.request("POST", path, nil, data, nil); err != nil {
return fmt.Errorf("error adding permissions at %s: %w", path, err)
}
return nil
}
// RemoveDatasourcePermission removes the permission with the given id
func (c *Client) RemoveDatasourcePermission(id, permissionID int64) error {
path := fmt.Sprintf("/api/datasources/%d/permissions/%d", id, permissionID)
if err := c.request("DELETE", path, nil, nil, nil); err != nil {
return fmt.Errorf("error deleting permissions at %s: %w", path, err)
}
return nil
}
func (c *Client) ListDatasourceResourcePermissions(uid string) ([]*ResourcePermission, error) {
return c.listResourcePermissions(DatasourcesResource, ResourceUID(uid))
}
func (c *Client) SetDatasourceResourcePermissions(uid string, body SetResourcePermissionsBody) (*SetResourcePermissionsResponse, error) {
return c.setResourcePermissions(DatasourcesResource, ResourceUID(uid), body)
}
func (c *Client) SetUserDatasourceResourcePermissions(datasourceUID string, userID int64, permission string) (*SetResourcePermissionsResponse, error) {
return c.setResourcePermissionByAssignment(
DatasourcesResource,
ResourceUID(datasourceUID),
UsersResource,
ResourceID(userID),
SetResourcePermissionBody{
Permission: SetResourcePermissionItem{
UserID: userID,
Permission: permission,
},
},
)
}
func (c *Client) SetTeamDatasourceResourcePermissions(datasourceUID string, teamID int64, permission string) (*SetResourcePermissionsResponse, error) {
return c.setResourcePermissionByAssignment(
DatasourcesResource,
ResourceUID(datasourceUID),
TeamsResource,
ResourceID(teamID),
SetResourcePermissionBody{
Permission: SetResourcePermissionItem{
TeamID: teamID,
Permission: permission,
},
},
)
}
func (c *Client) SetBuiltInRoleDatasourceResourcePermissions(datasourceUID string, builtInRole string, permission string) (*SetResourcePermissionsResponse, error) {
return c.setResourcePermissionByAssignment(
DatasourcesResource,
ResourceUID(datasourceUID),
BuiltInRolesResource,
ResourceUID(builtInRole),
SetResourcePermissionBody{
Permission: SetResourcePermissionItem{
BuiltinRole: builtInRole,
Permission: permission,
},
},
)
}