Ling0925
/
buster
mirror of https://github.com/buster-so/buster.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

create api remove dashboards from colelction

This commit is contained in:
dal 2025-03-19 23:49:38 -06:00
parent a820223db9
commit 4156129d13
No known key found for this signature in database
GPG Key ID: 16F4B0E1E9F61122
7 changed files with 505 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/libs/handlers/src/dashboards/mod.rs
View File

@ -2,6 +2,7 @@ mod create_dashboard_handler;
mod delete_dashboard_handler;
mod get_dashboard_handler;
mod list_dashboard_handler;
mod remove_dashboard_from_collections_handler;
mod update_dashboard_handler;
mod types;
pub mod sharing;
@ -10,5 +11,6 @@ pub use create_dashboard_handler::*;
pub use delete_dashboard_handler::*;
pub use get_dashboard_handler::*;
pub use list_dashboard_handler::*;
pub use remove_dashboard_from_collections_handler::*;
pub use update_dashboard_handler::*;
pub use types::*;

293
api/libs/handlers/src/dashboards/remove_dashboard_from_collections_handler.rs Normal file
View File

@ -0,0 +1,293 @@
use anyhow::{anyhow, Result};
use database::{
enums::{AssetPermissionRole, AssetType, IdentityType},
helpers::dashboard_files::fetch_dashboard_file,
pool::get_pg_pool,
schema::{collections, collections_to_assets},
};
use diesel::{ExpressionMethods, QueryDsl};
use diesel_async::RunQueryDsl;
use sharing::check_asset_permission::has_permission;
use tracing::{error, info};
use uuid::Uuid;
/// Response for removing a dashboard from collections
#[derive(Debug)]
pub struct RemoveDashboardFromCollectionsResponse {
pub removed_count: usize,
pub failed_count: usize,
pub failed_ids: Vec<Uuid>,
}
/// Removes a dashboard from multiple collections
///
/// # Arguments
///
/// * `dashboard_id` - The unique identifier of the dashboard
/// * `collection_ids` - Vector of collection IDs to remove the dashboard from
/// * `user_id` - The unique identifier of the user performing the action
///
/// # Returns
///
/// RemoveDashboardFromCollectionsResponse on success, or an error if the operation fails
pub async fn remove_dashboard_from_collections_handler(
dashboard_id: &Uuid,
collection_ids: Vec<Uuid>,
user_id: &Uuid,
) -> Result<RemoveDashboardFromCollectionsResponse> {
info!(
dashboard_id = %dashboard_id,
user_id = %user_id,
collection_count = collection_ids.len(),
"Removing dashboard from collections"
);
if collection_ids.is_empty() {
return Ok(RemoveDashboardFromCollectionsResponse {
removed_count: 0,
failed_count: 0,
failed_ids: vec![],
});
}
// 1. Validate the dashboard exists
let _dashboard = match fetch_dashboard_file(dashboard_id).await {
Ok(Some(dashboard)) => dashboard,
Ok(None) => {
error!(
dashboard_id = %dashboard_id,
"Dashboard not found"
);
return Err(anyhow!("Dashboard not found"));
}
Err(e) => {
error!("Error checking if dashboard exists: {}", e);
return Err(anyhow!("Database error: {}", e));
}
};
// 2. Check if user has permission to modify the dashboard
let has_dashboard_permission = has_permission(
*dashboard_id,
AssetType::DashboardFile,
*user_id,
IdentityType::User,
AssetPermissionRole::CanEdit, // This will pass for Owner and FullAccess too
)
.await
.map_err(|e| {
error!(
dashboard_id = %dashboard_id,
user_id = %user_id,
"Error checking dashboard permission: {}", e
);
anyhow!("Error checking permissions: {}", e)
})?;
if !has_dashboard_permission {
error!(
dashboard_id = %dashboard_id,
user_id = %user_id,
"User does not have permission to modify this dashboard"
);
return Err(anyhow!("User does not have permission to modify this dashboard"));
}
// 3. Get database connection
let mut conn = get_pg_pool().get().await.map_err(|e| {
error!("Database connection error: {}", e);
anyhow!("Failed to get database connection: {}", e)
})?;
// 4. Process each collection
let mut failed_ids = Vec::new();
let mut removed_count = 0;
let now = chrono::Utc::now();
for collection_id in &collection_ids {
// Check if collection exists
let collection_exists = collections::table
.filter(collections::id.eq(collection_id))
.filter(collections::deleted_at.is_null())
.count()
.get_result::<i64>(&mut conn)
.await;
if let Err(e) = collection_exists {
error!(
collection_id = %collection_id,
"Error checking if collection exists: {}", e
);
failed_ids.push(*collection_id);
continue;
}
if collection_exists.unwrap() == 0 {
error!(
collection_id = %collection_id,
"Collection not found"
);
failed_ids.push(*collection_id);
continue;
}
// Check if user has permission to modify the collection
let has_collection_permission = has_permission(
*collection_id,
AssetType::Collection,
*user_id,
IdentityType::User,
AssetPermissionRole::CanEdit,
)
.await;
if let Err(e) = has_collection_permission {
error!(
collection_id = %collection_id,
user_id = %user_id,
"Error checking collection permission: {}", e
);
failed_ids.push(*collection_id);
continue;
}
if !has_collection_permission.unwrap() {
error!(
collection_id = %collection_id,
user_id = %user_id,
"User does not have permission to modify this collection"
);
failed_ids.push(*collection_id);
continue;
}
// Mark dashboard as deleted from this collection
match diesel::update(collections_to_assets::table)
.filter(collections_to_assets::collection_id.eq(collection_id))
.filter(collections_to_assets::asset_id.eq(dashboard_id))
.filter(collections_to_assets::asset_type.eq(AssetType::DashboardFile))
.filter(collections_to_assets::deleted_at.is_null())
.set((
collections_to_assets::deleted_at.eq(now),
collections_to_assets::updated_at.eq(now),
collections_to_assets::updated_by.eq(user_id),
))
.execute(&mut conn)
.await
{
Ok(updated) => {
if updated > 0 {
removed_count += 1;
info!(
dashboard_id = %dashboard_id,
collection_id = %collection_id,
"Successfully removed dashboard from collection"
);
} else {
error!(
dashboard_id = %dashboard_id,
collection_id = %collection_id,
"Dashboard not found in collection"
);
failed_ids.push(*collection_id);
}
}
Err(e) => {
error!(
dashboard_id = %dashboard_id,
collection_id = %collection_id,
"Error removing dashboard from collection: {}", e
);
failed_ids.push(*collection_id);
}
}
}
let failed_count = failed_ids.len();
info!(
dashboard_id = %dashboard_id,
user_id = %user_id,
collection_count = collection_ids.len(),
removed_count = removed_count,
failed_count = failed_count,
"Finished removing dashboard from collections"
);
Ok(RemoveDashboardFromCollectionsResponse {
removed_count,
failed_count,
failed_ids,
})
}
#[cfg(test)]
mod tests {
use super::*;
use database::enums::{AssetPermissionRole, AssetType, IdentityType};
use uuid::Uuid;
use std::sync::Arc;
use mockall::predicate::*;
use mockall::mock;
// Mock the database and sharing functions for testing
mock! {
DashboardHelper {}
impl DashboardHelper {
async fn fetch_dashboard_file(id: &Uuid) -> Result<Option<database::models::DashboardFile>>;
}
}
mock! {
SharingHelper {}
impl SharingHelper {
async fn has_permission(
asset_id: Uuid,
asset_type: AssetType,
identity_id: Uuid,
identity_type: IdentityType,
role: AssetPermissionRole,
) -> Result<bool>;
}
}
mock! {
DatabaseConnection {}
impl DatabaseConnection {
async fn execute_query(&self, query: &str) -> Result<u64>;
async fn get_results<T>(&self, query: &str) -> Result<Vec<T>>;
}
}
#[tokio::test]
async fn test_remove_dashboard_from_collections_handler() {
// This is a placeholder for the actual test
// In a real implementation, we would use test fixtures and a test database
// For now, let's just check that the basic input validation works
let dashboard_id = Uuid::new_v4();
let user_id = Uuid::new_v4();
let empty_collections: Vec<Uuid> = vec![];
// Test with empty collections - should return success with 0 removed
let result = remove_dashboard_from_collections_handler(
&dashboard_id,
empty_collections,
&user_id
).await;
assert!(result.is_ok());
if let Ok(response) = result {
assert_eq!(response.removed_count, 0);
assert_eq!(response.failed_count, 0);
assert!(response.failed_ids.is_empty());
}
// In a real test, we would mock:
// 1. The dashboard_files database lookup
// 2. The permission checks
// 3. The collections database lookups
// 4. The update operations
// And then verify the behavior with various inputs
}
}

4
api/prds/active/api_remove_dashboards_from_collection.md
View File

@ -444,9 +444,9 @@ The implementation will use the following database operations:
## Rollout Plan
1. Implement the handler and endpoint
1. Implement the handler and endpoint
2. Write tests
2. Write initial tests (Skeleton, needs connection to test database for full functionality)
3. Code review

4
api/prds/active/project_collections_rest_endpoints.md
View File

@ -86,8 +86,8 @@ Additionally, we have a separate PRD for the concurrent asset existence checking
Each endpoint will be implemented according to its respective PRD. These can be developed in parallel since they don't have dependencies on each other.
**Success Criteria:**
- All endpoints are implemented according to their PRDs
- All tests pass
- All endpoints are implemented according to their PRDs
- ✅ Basic tests have been created
- Code review is complete
### Phase 2: Integration and Testing ✅

2
api/src/routes/rest/routes/dashboards/mod.rs
View File

@ -9,6 +9,7 @@ mod create_dashboard;
mod delete_dashboard;
mod get_dashboard;
mod list_dashboards;
mod remove_dashboard_from_collections;
mod update_dashboard;
mod sharing;
@ -19,6 +20,7 @@ pub fn router() -> Router {
.route("/:id", put(update_dashboard::update_dashboard_rest_handler))
.route("/", delete(delete_dashboard::delete_dashboards_rest_handler))
.route("/", get(list_dashboards::list_dashboard_rest_handler))
.route("/:id/collections", delete(remove_dashboard_from_collections::remove_dashboard_from_collections))
.route(
"/:id/sharing",
get(sharing::list_dashboard_sharing_rest_handler),

74
api/src/routes/rest/routes/dashboards/remove_dashboard_from_collections.rs Normal file
View File

@ -0,0 +1,74 @@
use axum::{
extract::{Extension, Json, Path},
http::StatusCode,
};
use handlers::dashboards::remove_dashboard_from_collections_handler;
use middleware::AuthenticatedUser;
use serde::{Deserialize, Serialize};
use tracing::info;
use uuid::Uuid;
use crate::routes::rest::ApiResponse;
#[derive(Debug, Deserialize)]
pub struct RemoveFromCollectionsRequest {
pub collection_ids: Vec<Uuid>,
}
#[derive(Debug, Serialize)]
pub struct RemoveFromCollectionsResponse {
pub message: String,
pub removed_count: usize,
pub failed_count: usize,
pub failed_ids: Vec<Uuid>,
}
/// REST handler for removing a dashboard from multiple collections
///
/// # Arguments
///
/// * `user` - The authenticated user making the request
/// * `id` - The unique identifier of the dashboard
/// * `request` - The collection IDs to remove the dashboard from
///
/// # Returns
///
/// A success message on success, or an appropriate error response
pub async fn remove_dashboard_from_collections(
Extension(user): Extension<AuthenticatedUser>,
Path(id): Path<Uuid>,
Json(request): Json<RemoveFromCollectionsRequest>,
) -> Result<ApiResponse<RemoveFromCollectionsResponse>, (StatusCode, String)> {
info!(
dashboard_id = %id,
user_id = %user.id,
collection_count = request.collection_ids.len(),
"Processing DELETE request to remove dashboard from collections"
);
match remove_dashboard_from_collections_handler(&id, request.collection_ids, &user.id).await {
Ok(result) => {
let response = RemoveFromCollectionsResponse {
message: "Dashboard removed from collections successfully".to_string(),
removed_count: result.removed_count,
failed_count: result.failed_count,
failed_ids: result.failed_ids,
};
Ok(ApiResponse::JsonData(response))
}
Err(e) => {
tracing::error!("Error removing dashboard from collections: {}", e);
// Map specific errors to appropriate status codes
let error_message = e.to_string();
if error_message.contains("Dashboard not found") {
return Err((StatusCode::NOT_FOUND, format!("Dashboard not found: {}", e)));
} else if error_message.contains("permission") {
return Err((StatusCode::FORBIDDEN, format!("Insufficient permissions: {}", e)));
}
Err((StatusCode::INTERNAL_SERVER_ERROR, format!("Failed to remove dashboard from collections: {}", e)))
}
}
}

130
api/tests/integration/dashboards/remove_dashboard_from_collections_test.rs Normal file
View File

@ -0,0 +1,130 @@
use anyhow::Result;
use axum::{
body::Body,
extract::{Extension, Path},
http::{Request, StatusCode},
routing::delete,
Router,
};
use database::{
enums::{AssetPermissionRole, AssetType, IdentityType},
models::{CollectionToAsset, DashboardFile},
pool::get_pg_pool,
schema::{collections, collections_to_assets, dashboard_files},
};
use diesel::{ExpressionMethods, QueryDsl};
use diesel_async::RunQueryDsl;
use handlers::dashboards::remove_dashboard_from_collections_handler;
use middleware::AuthenticatedUser;
use serde_json::{json, Value};
use sharing::check_asset_permission::has_permission;
use std::str::FromStr;
use tokio::test;
use tower::ServiceExt;
use uuid::Uuid;
use crate::common::{db::TestDb, helpers::create_test_user};
#[test]
async fn test_remove_dashboard_from_collections() -> Result<()> {
let test_db = TestDb::new().await?;
// Create test user
let user = create_test_user(&test_db.pool).await?;
// Create test dashboard
let dashboard_id = Uuid::new_v4();
let dashboard = DashboardFile {
id: dashboard_id,
name: "Test Dashboard".to_string(),
created_by: user.id,
created_at: chrono::Utc::now(),
updated_at: chrono::Utc::now(),
deleted_at: None,
content: serde_json::from_str(r#"{"name": "Test Dashboard", "rows": []}"#)?,
filter: None,
version_history: None,
organization_id: user.organization_id,
status: None,
};
// Create test collection
let collection_id = Uuid::new_v4();
diesel::insert_into(collections::table)
.values((
collections::id.eq(collection_id),
collections::name.eq("Test Collection"),
collections::created_by.eq(user.id),
collections::created_at.eq(chrono::Utc::now()),
collections::updated_at.eq(chrono::Utc::now()),
collections::organization_id.eq(user.organization_id),
))
.execute(&mut test_db.pool.get().await?)
.await?;
// Add dashboard to collection
let collection_to_asset = CollectionToAsset {
id: Uuid::new_v4(),
collection_id,
asset_id: dashboard_id,
asset_type: AssetType::DashboardFile,
created_by: user.id,
created_at: chrono::Utc::now(),
updated_at: chrono::Utc::now(),
updated_by: user.id,
deleted_at: None,
};
diesel::insert_into(collections_to_assets::table)
.values(&collection_to_asset)
.execute(&mut test_db.pool.get().await?)
.await?;
// Test removing the dashboard from the collection
let result = remove_dashboard_from_collections_handler(
&dashboard_id,
vec![collection_id],
&user.id,
)
.await?;
assert_eq!(result.removed_count, 1);
assert_eq!(result.failed_count, 0);
assert!(result.failed_ids.is_empty());
// Verify the dashboard was removed from the collection
let removed = collections_to_assets::table
.filter(collections_to_assets::collection_id.eq(collection_id))
.filter(collections_to_assets::asset_id.eq(dashboard_id))
.filter(collections_to_assets::asset_type.eq(AssetType::DashboardFile))
.filter(collections_to_assets::deleted_at.is_not_null())
.count()
.get_result::<i64>(&mut test_db.pool.get().await?)
.await?;
assert_eq!(removed, 1);
// Test the REST endpoint
let app = Router::new().route(
"/:id/collections",
delete(crate::src::routes::rest::routes::dashboards::remove_dashboard_from_collections::remove_dashboard_from_collections),
);
let request_body = json!({
"collection_ids": [collection_id]
});
let request = Request::builder()
.uri(format!("/{}/collections", dashboard_id))
.method("DELETE")
.header("Content-Type", "application/json")
.body(Body::from(serde_json::to_string(&request_body)?))?;
let response = app
.oneshot(request)
.await?;
assert_eq!(response.status(), StatusCode::OK);
Ok(())
}