chore: sqlstore cleanup (#60415)

* chore: remove unused test helper from sqlstore TimeNow() is no longer used in any tests in this package. * chore: move sqlstore.SQLBuilder to the infra/db package This required some minor refactoring; we need to be a little more explicit about passing around the dialect and engine. On the other hand, that's a few fewer uses of the `dialect` global constant! * chore: move UserDeletions into the only package using it * cleanup around moving sqlbuilder * remove dialect and sqlog global vars * rename userDeletions to serviceAccountDeletions
2022-12-16 17:09:06 +01:00
parent d332dab3ec
commit cc007e9727
12 changed files with 67 additions and 88 deletions
@@ -9,11 +9,12 @@ import (

 	"xorm.io/xorm"

+	"github.com/mattn/go-sqlite3"
+
 	"github.com/grafana/grafana/pkg/infra/log"
 	"github.com/grafana/grafana/pkg/services/sqlstore/migrator"
 	"github.com/grafana/grafana/pkg/util/errutil"
 	"github.com/grafana/grafana/pkg/util/retryer"
-	"github.com/mattn/go-sqlite3"
 )

 var sessionLogger = log.New("sqlstore.session")
@@ -116,7 +117,7 @@ func (ss *SQLStore) withDbSession(ctx context.Context, engine *xorm.Engine, call
 	return retryer.Retry(ss.retryOnLocks(ctx, callback, sess, retry), ss.dbCfg.QueryRetries, time.Millisecond*time.Duration(10), time.Second)
 }

-func (sess *DBSession) InsertId(bean interface{}) (int64, error) {
+func (sess *DBSession) InsertId(bean interface{}, dialect migrator.Dialect) (int64, error) {
 	table := sess.DB().Mapper.Obj2Table(getTypeName(bean))

 	if err := dialect.PreInsertId(table, sess.Session); err != nil {
@@ -1,62 +0,0 @@
-package sqlstore
-
-import (
-	"bytes"
-
-	"github.com/grafana/grafana/pkg/models"
-	ac "github.com/grafana/grafana/pkg/services/accesscontrol"
-	"github.com/grafana/grafana/pkg/services/sqlstore/permissions"
-	"github.com/grafana/grafana/pkg/services/user"
-	"github.com/grafana/grafana/pkg/setting"
-)
-
-func NewSqlBuilder(cfg *setting.Cfg) SQLBuilder {
-	return SQLBuilder{cfg: cfg}
-}
-
-type SQLBuilder struct {
-	cfg    *setting.Cfg
-	sql    bytes.Buffer
-	params []interface{}
-}
-
-func (sb *SQLBuilder) Write(sql string, params ...interface{}) {
-	sb.sql.WriteString(sql)
-
-	if len(params) > 0 {
-		sb.params = append(sb.params, params...)
-	}
-}
-
-func (sb *SQLBuilder) GetSQLString() string {
-	return sb.sql.String()
-}
-
-func (sb *SQLBuilder) GetParams() []interface{} {
-	return sb.params
-}
-
-func (sb *SQLBuilder) AddParams(params ...interface{}) {
-	sb.params = append(sb.params, params...)
-}
-
-func (sb *SQLBuilder) WriteDashboardPermissionFilter(user *user.SignedInUser, permission models.PermissionType) {
-	var (
-		sql    string
-		params []interface{}
-	)
-	if !ac.IsDisabled(sb.cfg) {
-		sql, params = permissions.NewAccessControlDashboardPermissionFilter(user, permission, "").Where()
-	} else {
-		sql, params = permissions.DashboardPermissionFilter{
-			OrgRole:         user.OrgRole,
-			Dialect:         dialect,
-			UserId:          user.UserID,
-			OrgId:           user.OrgID,
-			PermissionLevel: permission,
-		}.Where()
-	}
-
-	sb.sql.WriteString(" AND " + sql)
-	sb.params = append(sb.params, params...)
-}
@@ -1,422 +0,0 @@
-package sqlstore
-
-import (
-	"context"
-	"fmt"
-	"math/rand"
-	"strconv"
-	"testing"
-	"time"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-
-	"github.com/grafana/grafana/pkg/components/simplejson"
-	"github.com/grafana/grafana/pkg/models"
-	"github.com/grafana/grafana/pkg/services/dashboards"
-	dashver "github.com/grafana/grafana/pkg/services/dashboardversion"
-	"github.com/grafana/grafana/pkg/services/org"
-	"github.com/grafana/grafana/pkg/services/user"
-	"github.com/grafana/grafana/pkg/util"
-)
-
-func TestIntegrationSQLBuilder(t *testing.T) {
-	if testing.Short() {
-		t.Skip("skipping integration test")
-	}
-	t.Run("WriteDashboardPermissionFilter", func(t *testing.T) {
-		t.Run("user ACL", func(t *testing.T) {
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{User: true, Permission: models.PERMISSION_VIEW},
-				Search{UserFromACL: true, RequiredPermission: models.PERMISSION_VIEW},
-				shouldFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{User: true, Permission: models.PERMISSION_VIEW},
-				Search{UserFromACL: true, RequiredPermission: models.PERMISSION_EDIT},
-				shouldNotFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{User: true, Permission: models.PERMISSION_EDIT},
-				Search{UserFromACL: true, RequiredPermission: models.PERMISSION_EDIT},
-				shouldFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{User: true, Permission: models.PERMISSION_VIEW},
-				Search{RequiredPermission: models.PERMISSION_VIEW},
-				shouldNotFind,
-			)
-		})
-
-		t.Run("role ACL", func(t *testing.T) {
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{Role: org.RoleViewer, Permission: models.PERMISSION_VIEW},
-				Search{UsersOrgRole: org.RoleViewer, RequiredPermission: models.PERMISSION_VIEW},
-				shouldFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{Role: org.RoleViewer, Permission: models.PERMISSION_VIEW},
-				Search{UsersOrgRole: org.RoleViewer, RequiredPermission: models.PERMISSION_EDIT},
-				shouldNotFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{Role: org.RoleEditor, Permission: models.PERMISSION_VIEW},
-				Search{UsersOrgRole: org.RoleViewer, RequiredPermission: models.PERMISSION_VIEW},
-				shouldNotFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{Role: org.RoleEditor, Permission: models.PERMISSION_VIEW},
-				Search{UsersOrgRole: org.RoleViewer, RequiredPermission: models.PERMISSION_VIEW},
-				shouldNotFind,
-			)
-		})
-
-		t.Run("team ACL", func(t *testing.T) {
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{Team: true, Permission: models.PERMISSION_VIEW},
-				Search{UserFromACL: true, RequiredPermission: models.PERMISSION_VIEW},
-				shouldFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{Team: true, Permission: models.PERMISSION_VIEW},
-				Search{UserFromACL: true, RequiredPermission: models.PERMISSION_EDIT},
-				shouldNotFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{Team: true, Permission: models.PERMISSION_EDIT},
-				Search{UserFromACL: true, RequiredPermission: models.PERMISSION_EDIT},
-				shouldFind,
-			)
-
-			test(t,
-				DashboardProps{},
-				&DashboardPermission{Team: true, Permission: models.PERMISSION_EDIT},
-				Search{UserFromACL: false, RequiredPermission: models.PERMISSION_EDIT},
-				shouldNotFind,
-			)
-		})
-
-		t.Run("defaults for user ACL", func(t *testing.T) {
-			test(t,
-				DashboardProps{},
-				nil,
-				Search{OrgId: -1, UsersOrgRole: org.RoleViewer, RequiredPermission: models.PERMISSION_VIEW},
-				shouldNotFind,
-			)
-
-			test(t,
-				DashboardProps{OrgId: -1},
-				nil,
-				Search{OrgId: -1, UsersOrgRole: org.RoleViewer, RequiredPermission: models.PERMISSION_VIEW},
-				shouldFind,
-			)
-
-			test(t,
-				DashboardProps{OrgId: -1},
-				nil,
-				Search{OrgId: -1, UsersOrgRole: org.RoleEditor, RequiredPermission: models.PERMISSION_EDIT},
-				shouldFind,
-			)
-
-			test(t,
-				DashboardProps{OrgId: -1},
-				nil,
-				Search{OrgId: -1, UsersOrgRole: org.RoleViewer, RequiredPermission: models.PERMISSION_EDIT},
-				shouldNotFind,
-			)
-		})
-	})
-}
-
-const shouldFind = true
-const shouldNotFind = false
-
-type DashboardProps struct {
-	OrgId int64
-}
-
-type DashboardPermission struct {
-	User       bool
-	Team       bool
-	Role       org.RoleType
-	Permission models.PermissionType
-}
-
-type Search struct {
-	UsersOrgRole       org.RoleType
-	UserFromACL        bool
-	RequiredPermission models.PermissionType
-	OrgId              int64
-}
-
-type dashboardResponse struct {
-	Id int64
-}
-
-func test(t *testing.T, dashboardProps DashboardProps, dashboardPermission *DashboardPermission, search Search, shouldFind bool) {
-	t.Helper()
-
-	t.Run("", func(t *testing.T) {
-		// Will also cleanup the db
-		sqlStore := InitTestDB(t)
-
-		dashboard := createDummyDashboard(t, sqlStore, dashboardProps)
-
-		var aclUserID int64
-		if dashboardPermission != nil {
-			aclUserID = createDummyACL(t, sqlStore, dashboardPermission, search, dashboard.Id)
-			t.Logf("Created ACL with user ID %d\n", aclUserID)
-		}
-		dashboards := getDashboards(t, sqlStore, search, aclUserID)
-
-		if shouldFind {
-			require.Len(t, dashboards, 1, "Should return one dashboard")
-			assert.Equal(t, dashboard.Id, dashboards[0].Id, "Should return created dashboard")
-		} else {
-			assert.Empty(t, dashboards, "Should not return any dashboard")
-		}
-	})
-}
-
-func createDummyUser(t *testing.T, sqlStore *SQLStore) *user.User {
-	t.Helper()
-
-	uid := strconv.Itoa(rand.Intn(9999999))
-	usr := &user.User{
-		Email:         uid + "@example.com",
-		Login:         uid,
-		Name:          uid,
-		Company:       "",
-		Password:      uid,
-		EmailVerified: true,
-		IsAdmin:       false,
-		Created:       time.Now(),
-		Updated:       time.Now(),
-	}
-
-	var id int64
-	err := sqlStore.WithDbSession(context.Background(), func(sess *DBSession) error {
-		sess.UseBool("is_admin")
-		var err error
-		id, err = sess.Insert(usr)
-		return err
-	})
-	require.NoError(t, err)
-	usr.ID = id
-	return usr
-}
-
-func createDummyDashboard(t *testing.T, sqlStore *SQLStore, dashboardProps DashboardProps) *models.Dashboard {
-	t.Helper()
-
-	json, err := simplejson.NewJson([]byte(`{"schemaVersion":17,"title":"gdev dashboards","uid":"","version":1}`))
-	require.NoError(t, err)
-
-	saveDashboardCmd := models.SaveDashboardCommand{
-		Dashboard:    json,
-		UserId:       0,
-		Overwrite:    false,
-		Message:      "",
-		RestoredFrom: 0,
-		PluginId:     "",
-		FolderId:     0,
-		IsFolder:     false,
-		UpdatedAt:    time.Time{},
-	}
-	if dashboardProps.OrgId != 0 {
-		saveDashboardCmd.OrgId = dashboardProps.OrgId
-	} else {
-		saveDashboardCmd.OrgId = 1
-	}
-
-	dash := insertTestDashboard(t, sqlStore, "", saveDashboardCmd.OrgId, 0, false, nil)
-	require.NoError(t, err)
-
-	t.Logf("Created dashboard with ID %d and org ID %d\n", dash.Id, dash.OrgId)
-	return dash
-}
-
-func createDummyACL(t *testing.T, sqlStore *SQLStore, dashboardPermission *DashboardPermission, search Search, dashboardID int64) int64 {
-	t.Helper()
-
-	acl := &models.DashboardACL{
-		OrgID:       1,
-		Created:     time.Now(),
-		Updated:     time.Now(),
-		Permission:  dashboardPermission.Permission,
-		DashboardID: dashboardID,
-	}
-
-	var user *user.User
-	if dashboardPermission.User {
-		t.Logf("Creating user")
-		user = createDummyUser(t, sqlStore)
-
-		acl.UserID = user.ID
-	}
-
-	if dashboardPermission.Team {
-		// TODO: Restore/refactor sqlBuilder tests after user, org and team services are split
-		t.Skip("Creating team: skip, team service is moved")
-	}
-
-	if len(string(dashboardPermission.Role)) > 0 {
-		acl.Role = &dashboardPermission.Role
-	}
-
-	err := updateDashboardACL(t, sqlStore, dashboardID, acl)
-	require.NoError(t, err)
-	if user != nil {
-		return user.ID
-	}
-	return 0
-}
-
-func getDashboards(t *testing.T, sqlStore *SQLStore, search Search, aclUserID int64) []*dashboardResponse {
-	t.Helper()
-
-	old := sqlStore.Cfg.RBACEnabled
-	sqlStore.Cfg.RBACEnabled = false
-	defer func() {
-		sqlStore.Cfg.RBACEnabled = old
-	}()
-
-	builder := NewSqlBuilder(sqlStore.Cfg)
-	signedInUser := &user.SignedInUser{
-		UserID: 9999999999,
-	}
-
-	if search.OrgId == 0 {
-		signedInUser.OrgID = 1
-	} else {
-		signedInUser.OrgID = search.OrgId
-	}
-
-	if len(string(search.UsersOrgRole)) > 0 {
-		signedInUser.OrgRole = search.UsersOrgRole
-	} else {
-		signedInUser.OrgRole = org.RoleViewer
-	}
-	if search.UserFromACL {
-		signedInUser.UserID = aclUserID
-	}
-
-	var res []*dashboardResponse
-	builder.Write("SELECT * FROM dashboard WHERE true")
-	builder.WriteDashboardPermissionFilter(signedInUser, search.RequiredPermission)
-	t.Logf("Searching for dashboards, SQL: %q\n", builder.GetSQLString())
-	err := sqlStore.engine.SQL(builder.GetSQLString(), builder.params...).Find(&res)
-	require.NoError(t, err)
-	return res
-}
-
-// TODO: Use FakeDashboardStore when org has its own service
-func insertTestDashboard(t *testing.T, sqlStore *SQLStore, title string, orgId int64,
-	folderId int64, isFolder bool, tags ...interface{}) *models.Dashboard {
-	t.Helper()
-	cmd := models.SaveDashboardCommand{
-		OrgId:    orgId,
-		FolderId: folderId,
-		IsFolder: isFolder,
-		Dashboard: simplejson.NewFromAny(map[string]interface{}{
-			"id":    nil,
-			"title": title,
-			"tags":  tags,
-		}),
-	}
-
-	var dash *models.Dashboard
-	err := sqlStore.WithDbSession(context.Background(), func(sess *DBSession) error {
-		dash = cmd.GetDashboardModel()
-		dash.SetVersion(1)
-		dash.Created = time.Now()
-		dash.Updated = time.Now()
-		dash.Uid = util.GenerateShortUID()
-		_, err := sess.Insert(dash)
-		return err
-	})
-
-	require.NoError(t, err)
-	require.NotNil(t, dash)
-	dash.Data.Set("id", dash.Id)
-	dash.Data.Set("uid", dash.Uid)
-
-	err = sqlStore.WithDbSession(context.Background(), func(sess *DBSession) error {
-		dashVersion := &dashver.DashboardVersion{
-			DashboardID:   dash.Id,
-			ParentVersion: dash.Version,
-			RestoredFrom:  cmd.RestoredFrom,
-			Version:       dash.Version,
-			Created:       time.Now(),
-			CreatedBy:     dash.UpdatedBy,
-			Message:       cmd.Message,
-			Data:          dash.Data,
-		}
-		require.NoError(t, err)
-
-		if affectedRows, err := sess.Insert(dashVersion); err != nil {
-			return err
-		} else if affectedRows == 0 {
-			return dashboards.ErrDashboardNotFound
-		}
-
-		return nil
-	})
-	require.NoError(t, err)
-
-	return dash
-}
-
-// TODO: Use FakeDashboardStore when org has its own service
-func updateDashboardACL(t *testing.T, sqlStore *SQLStore, dashboardID int64, items ...*models.DashboardACL) error {
-	t.Helper()
-
-	err := sqlStore.WithDbSession(context.Background(), func(sess *DBSession) error {
-		_, err := sess.Exec("DELETE FROM dashboard_acl WHERE dashboard_id=?", dashboardID)
-		if err != nil {
-			return fmt.Errorf("deleting from dashboard_acl failed: %w", err)
-		}
-
-		for _, item := range items {
-			item.Created = time.Now()
-			item.Updated = time.Now()
-			if item.UserID == 0 && item.TeamID == 0 && (item.Role == nil || !item.Role.IsValid()) {
-				return models.ErrDashboardACLInfoMissing
-			}
-
-			if item.DashboardID == 0 {
-				return models.ErrDashboardPermissionDashboardEmpty
-			}
-
-			sess.Nullable("user_id", "team_id")
-			if _, err := sess.Insert(item); err != nil {
-				return err
-			}
-		}
-
-		// Update dashboard HasACL flag
-		dashboard := models.Dashboard{HasACL: true}
-		_, err = sess.Cols("has_acl").Where("id=?", dashboardID).Update(&dashboard)
-		return err
-	})
-	return err
-}
@@ -36,12 +36,6 @@ import (
 	"github.com/grafana/grafana/pkg/util"
 )

-var (
-	dialect migrator.Dialect
-
-	sqlog log.Logger = log.New("sqlstore")
-)
-
 // ContextSessionKey is used as key to save values in `context.Context`
 type ContextSessionKey struct{}

@@ -117,8 +111,6 @@ func newSQLStore(cfg *setting.Cfg, cacheService *localcache.CacheService, engine

 	ss.Dialect = migrator.NewDialect(ss.engine)

-	dialect = ss.Dialect
-
 	// if err := ss.Reset(); err != nil {
 	// 	return nil, err
 	// }
@@ -188,6 +180,10 @@ func (ss *SQLStore) GetDBType() core.DbType {
 	return ss.engine.Dialect().DBType()
 }

+func (ss *SQLStore) GetEngine() *xorm.Engine {
+	return ss.engine
+}
+
 func (ss *SQLStore) Bus() bus.Bus {
 	return ss.bus
 }
@@ -209,7 +205,7 @@ func (ss *SQLStore) ensureMainOrgAndAdminUser(test bool) error {
 			var stats models.SystemUserCountStats
 			// TODO: Should be able to rename "Count" to "count", for more standard SQL style
 			// Just have to make sure it gets deserialized properly into models.SystemUserCountStats
-			rawSQL := `SELECT COUNT(id) AS Count FROM ` + dialect.Quote("user")
+			rawSQL := `SELECT COUNT(id) AS Count FROM ` + ss.Dialect.Quote("user")
 			if _, err := sess.SQL(rawSQL).Get(&stats); err != nil {
 				return fmt.Errorf("could not determine if admin user exists: %w", err)
 			}
@@ -354,7 +350,7 @@ func (ss *SQLStore) buildConnectionString() (string, error) {
 // initEngine initializes ss.engine.
 func (ss *SQLStore) initEngine(engine *xorm.Engine) error {
 	if ss.engine != nil {
-		sqlog.Debug("Already connected to database")
+		ss.log.Debug("Already connected to database")
 		return nil
 	}

@@ -367,7 +363,7 @@ func (ss *SQLStore) initEngine(engine *xorm.Engine) error {
 		ss.dbCfg.Type = WrapDatabaseDriverWithHooks(ss.dbCfg.Type, ss.tracer)
 	}

-	sqlog.Info("Connecting to DB", "dbtype", ss.dbCfg.Type)
+	ss.log.Info("Connecting to DB", "dbtype", ss.dbCfg.Type)
 	if ss.dbCfg.Type == migrator.SQLite && strings.HasPrefix(connectionString, "file:") &&
 		!strings.HasPrefix(connectionString, "file::memory:") {
 		exists, err := fs.Exists(ss.dbCfg.Path)
@@ -614,7 +610,7 @@ func initTestDB(migration registry.DatabaseMigrator, opts ...InitTestDBOpt) (*SQ
 			return nil, err
 		}

-		if err := dialect.TruncateDBTables(); err != nil {
+		if err := testSQLStore.Dialect.TruncateDBTables(); err != nil {
 			return nil, err
 		}

@@ -630,8 +626,6 @@ func initTestDB(migration registry.DatabaseMigrator, opts ...InitTestDBOpt) (*SQ
 			}
 		}

-		// temp global var until we get rid of global vars
-		dialect = testSQLStore.Dialect
 		return testSQLStore, nil
 	}

@@ -644,7 +638,7 @@ func initTestDB(migration registry.DatabaseMigrator, opts ...InitTestDBOpt) (*SQ
 		return false
 	}

-	if err := dialect.TruncateDBTables(); err != nil {
+	if err := testSQLStore.Dialect.TruncateDBTables(); err != nil {
 		return nil, err
 	}
 	if err := testSQLStore.Reset(); err != nil {
@@ -1,16 +0,0 @@
-package sqlstore
-
-import "time"
-
-// TimeNow makes it possible to test usage of time
-var TimeNow = time.Now
-
-func MockTimeNow(constTime time.Time) {
-	TimeNow = func() time.Time {
-		return constTime
-	}
-}
-
-func ResetTimeNow() {
-	TimeNow = time.Now
-}
@@ -72,9 +72,9 @@ func (ss *SQLStore) createUser(ctx context.Context, sess *DBSession, args user.C
 		Login:      args.Login,
 		IsAdmin:    args.IsAdmin,
 		OrgID:      orgID,
-		Created:    TimeNow(),
-		Updated:    TimeNow(),
-		LastSeenAt: TimeNow().AddDate(-10, 0, 0),
+		Created:    time.Now(),
+		Updated:    time.Now(),
+		LastSeenAt: time.Now().AddDate(-10, 0, 0),
 	}

 	salt, err := util.GetRandomString(10)
@@ -114,8 +114,8 @@ func (ss *SQLStore) createUser(ctx context.Context, sess *DBSession, args user.C
 		OrgId:   orgID,
 		UserId:  usr.ID,
 		Role:    org.RoleAdmin,
-		Created: TimeNow(),
-		Updated: TimeNow(),
+		Created: time.Now(),
+		Updated: time.Now(),
 	}

 	if ss.Cfg.AutoAssignOrg && !usr.IsAdmin {
@@ -133,21 +133,6 @@ func (ss *SQLStore) createUser(ctx context.Context, sess *DBSession, args user.C
 	return usr, nil
 }

-func UserDeletions() []string {
-	deletes := []string{
-		"DELETE FROM star WHERE user_id = ?",
-		"DELETE FROM " + dialect.Quote("user") + " WHERE id = ?",
-		"DELETE FROM org_user WHERE user_id = ?",
-		"DELETE FROM dashboard_acl WHERE user_id = ?",
-		"DELETE FROM preferences WHERE user_id = ?",
-		"DELETE FROM team_member WHERE user_id = ?",
-		"DELETE FROM user_auth WHERE user_id = ?",
-		"DELETE FROM user_auth_token WHERE user_id = ?",
-		"DELETE FROM quota WHERE user_id = ?",
-	}
-	return deletes
-}
-
 func verifyExistingOrg(sess *DBSession, orgId int64) error {
 	var org models.Org
 	has, err := sess.Where("id=?", orgId).Get(&org)
@@ -188,7 +173,7 @@ func (ss *SQLStore) getOrCreateOrg(sess *DBSession, orgName string) (int64, erro
 	org.Updated = time.Now()

 	if org.Id != 0 {
-		if _, err := sess.InsertId(&org); err != nil {
+		if _, err := sess.InsertId(&org, ss.Dialect); err != nil {
 			return 0, err
 		}
 	} else {