From 95727e9c00c1c5a701f40dd85ad5c187adae64a8 Mon Sep 17 00:00:00 2001 From: KurolZ Date: Fri, 16 Sep 2022 15:03:12 +0800 Subject: [PATCH] feat: support for sharing dashboards (#1150) * feat: support for sharing dashboards * merge dashboard get interface * update read-only permission verification --- docker/initsql/a-n9e.sql | 1 + src/models/board.go | 1 + src/webapi/router/router.go | 3 ++- src/webapi/router/router_board.go | 27 +++++++++++++++++++++++++++ src/webapi/router/router_mw.go | 2 +- 5 files changed, 32 insertions(+), 2 deletions(-) diff --git a/docker/initsql/a-n9e.sql b/docker/initsql/a-n9e.sql index 3418f594..e098ea3f 100644 --- a/docker/initsql/a-n9e.sql +++ b/docker/initsql/a-n9e.sql @@ -166,6 +166,7 @@ CREATE TABLE `board` ( `group_id` bigint not null default 0 comment 'busi group id', `name` varchar(191) not null, `tags` varchar(255) not null comment 'split by space', + `public` tinyint(1) not null default 0 comment '0:false 1:true', `create_at` bigint not null default 0, `create_by` varchar(64) not null default '', `update_at` bigint not null default 0, diff --git a/src/models/board.go b/src/models/board.go index 77fc1fc9..ed20d11a 100644 --- a/src/models/board.go +++ b/src/models/board.go @@ -19,6 +19,7 @@ type Board struct { UpdateAt int64 `json:"update_at"` UpdateBy string `json:"update_by"` Configs string `json:"configs" gorm:"-"` + Public int `json:"public"` // 0: false, 1: true } func (b *Board) TableName() string { diff --git a/src/webapi/router/router.go b/src/webapi/router/router.go index c6a200bc..1e2ff4a2 100644 --- a/src/webapi/router/router.go +++ b/src/webapi/router/router.go @@ -195,10 +195,11 @@ func configRoute(r *gin.Engine, version string) { pages.POST("/busi-group/:id/boards", auth(), user(), perm("/dashboards/add"), bgrw(), boardAdd) pages.POST("/busi-group/:id/board/:bid/clone", auth(), user(), perm("/dashboards/add"), bgrw(), boardClone) - pages.GET("/board/:bid", auth(), user(), boardGet) + pages.GET("/board/:bid", boardGet) pages.GET("/board/:bid/pure", boardPureGet) pages.PUT("/board/:bid", auth(), user(), perm("/dashboards/put"), boardPut) pages.PUT("/board/:bid/configs", auth(), user(), perm("/dashboards/put"), boardPutConfigs) + pages.PUT("/board/:bid/public", auth(), user(), perm("/dashboards/put"), boardPutPublic) pages.DELETE("/boards", auth(), user(), perm("/dashboards/del"), boardDel) // migrate v5.8.0 diff --git a/src/webapi/router/router_board.go b/src/webapi/router/router_board.go index e98ebb7a..e2877882 100644 --- a/src/webapi/router/router_board.go +++ b/src/webapi/router/router_board.go @@ -13,6 +13,7 @@ type boardForm struct { Name string `json:"name"` Tags string `json:"tags"` Configs string `json:"configs"` + Public int `json:"public"` } func boardAdd(c *gin.Context) { @@ -48,6 +49,13 @@ func boardGet(c *gin.Context) { ginx.Bomb(http.StatusNotFound, "No such dashboard") } + if board.Public == 0 { + auth()(c) + user()(c) + + bgroCheck(c, board.GroupId) + } + ginx.NewRender(c).Data(board, nil) } @@ -139,6 +147,25 @@ func boardPutConfigs(c *gin.Context) { ginx.NewRender(c).Data(bo, nil) } +// bgrwCheck +func boardPutPublic(c *gin.Context) { + var f boardForm + ginx.BindJSON(c, &f) + + me := c.MustGet("user").(*models.User) + bo := Board(ginx.UrlParamInt64(c, "bid")) + + // check permission + bgrwCheck(c, bo.GroupId) + + bo.Public = f.Public + bo.UpdateBy = me.Username + bo.UpdateAt = time.Now().Unix() + + err := bo.Update("public", "update_by", "update_at") + ginx.NewRender(c).Data(bo, err) +} + func boardGets(c *gin.Context) { bgid := ginx.UrlParamInt64(c, "id") query := ginx.QueryStr(c, "query", "") diff --git a/src/webapi/router/router_mw.go b/src/webapi/router/router_mw.go index 3d71a020..8bb8035f 100644 --- a/src/webapi/router/router_mw.go +++ b/src/webapi/router/router_mw.go @@ -225,7 +225,7 @@ func bgroCheck(c *gin.Context, bgid int64) { me := c.MustGet("user").(*models.User) bg := BusiGroup(bgid) - can, err := me.CanDoBusiGroup(bg, "ro") + can, err := me.CanDoBusiGroup(bg) ginx.Dangerous(err) if !can {