diff --git a/kv/dashboard.go b/kv/dashboard.go index f8df5e2b77..7d9a93deb3 100644 --- a/kv/dashboard.go +++ b/kv/dashboard.go @@ -8,6 +8,7 @@ import ( influxdb "github.com/influxdata/influxdb" icontext "github.com/influxdata/influxdb/context" + "go.uber.org/zap" ) var ( @@ -301,7 +302,15 @@ func (s *Service) CreateDashboard(ctx context.Context, d *influxdb.Dashboard) er // TODO(desa): don't populate this here. use the first/last methods of the oplog to get meta fields. d.Meta.CreatedAt = s.time() - return s.putDashboardWithMeta(ctx, tx, d) + if err := s.putDashboardWithMeta(ctx, tx, d); err != nil { + return err + } + + if err := s.addDashboardOwner(ctx, tx, d.ID); err != nil { + s.Logger.Info("failed to make user owner of organization", zap.Error(err)) + } + + return nil }) if err != nil { return &influxdb.Error{ @@ -311,6 +320,12 @@ func (s *Service) CreateDashboard(ctx context.Context, d *influxdb.Dashboard) er return nil } +// addDashboardOwner attempts to create a user resource mapping for the user on the +// authorizer found on context. If no authorizer is found on context if returns an error. +func (s *Service) addDashboardOwner(ctx context.Context, tx Tx, orgID influxdb.ID) error { + return s.addResourceOwner(ctx, tx, influxdb.DashboardsResourceType, orgID) +} + func (s *Service) createCellView(ctx context.Context, tx Tx, dashID, cellID influxdb.ID, view *influxdb.View) error { if view == nil { // If not view exists create the view diff --git a/kv/org.go b/kv/org.go index 70f2579062..33105d4552 100644 --- a/kv/org.go +++ b/kv/org.go @@ -8,6 +8,7 @@ import ( influxdb "github.com/influxdata/influxdb" icontext "github.com/influxdata/influxdb/context" + "go.uber.org/zap" ) var ( @@ -213,10 +214,26 @@ func (s *Service) FindOrganizations(ctx context.Context, filter influxdb.Organiz // CreateOrganization creates a influxdb organization and sets b.ID. func (s *Service) CreateOrganization(ctx context.Context, o *influxdb.Organization) error { return s.kv.Update(func(tx Tx) error { - return s.createOrganization(ctx, tx, o) + if err := s.createOrganization(ctx, tx, o); err != nil { + return err + } + + // Attempt to add user as owner of organization, if that is not possible allow the + // organization to be created anyways. + if err := s.addOrgOwner(ctx, tx, o.ID); err != nil { + s.Logger.Info("failed to make user owner of organization", zap.Error(err)) + } + + return nil }) } +// addOrgOwner attempts to create a user resource mapping for the user on the +// authorizer found on context. If no authorizer is found on context if returns an error. +func (s *Service) addOrgOwner(ctx context.Context, tx Tx, orgID influxdb.ID) error { + return s.addResourceOwner(ctx, tx, influxdb.OrgsResourceType, orgID) +} + func (s *Service) createOrganization(ctx context.Context, tx Tx, o *influxdb.Organization) error { if err := s.uniqueOrganizationName(ctx, tx, o); err != nil { return err diff --git a/kv/urm.go b/kv/urm.go index b4e0e41106..bd11e751a2 100644 --- a/kv/urm.go +++ b/kv/urm.go @@ -6,6 +6,7 @@ import ( "fmt" "github.com/influxdata/influxdb" + icontext "github.com/influxdata/influxdb/context" ) var ( @@ -358,3 +359,30 @@ func (s *Service) deleteOrgDependentMappings(ctx context.Context, tx Tx, m *infl return nil } + +func (s *Service) addResourceOwner(ctx context.Context, tx Tx, rt influxdb.ResourceType, id influxdb.ID) error { + a, err := icontext.GetAuthorizer(ctx) + if err != nil { + return &influxdb.Error{ + Code: influxdb.EInternal, + Msg: fmt.Sprintf("could not find authorizer on context when adding user to resource type %s", rt), + } + } + + urm := &influxdb.UserResourceMapping{ + ResourceID: id, + ResourceType: rt, + UserID: a.GetUserID(), + UserType: influxdb.Owner, + } + + if err := s.createUserResourceMapping(ctx, tx, urm); err != nil { + return &influxdb.Error{ + Code: influxdb.EInternal, + Msg: "could not create user resource mapping", + Err: err, + } + } + + return nil +}