update dashboard implementation (#1348)

nikhilsinhaparseable · web-flow · commit b8a9bd0a9299 · 2025-06-30T14:56:39.000+05:30
- New Features

Added the ability to add tiles to existing dashboards.
Introduced support for dashboard types and more flexible tile definitions.
Improved error handling with clearer unauthorized access messages.

- Bug Fixes

Enhanced validation for dashboard and tile IDs to ensure uniqueness and correctness.

- Refactor

Simplified dashboard data model and removed legacy migration logic.
Centralized and streamlined dashboard creation, updating, and deletion processes.
Improved ownership enforcement for dashboard modifications.
Restructured dashboard API routes for clearer and more organized access.
Updated dashboard listing to return summaries instead of full dashboards.
Removed manual ID and version assignments, relying on centralized methods.
Updated search functionality to use dashboard titles for improved matching.

- Style

Updated naming conventions for dashboard-related actions for better clarity.
diff --git a/src/handlers/http/modal/server.rs b/src/handlers/http/modal/server.rs
@@ -270,31 +270,41 @@ impl Server {
                 web::resource("")
                     .route(
                         web::post()
-                            .to(dashboards::post)
+                            .to(dashboards::create_dashboard)
                             .authorize(Action::CreateDashboard),
                     )
                     .route(
                         web::get()
-                            .to(dashboards::list)
+                            .to(dashboards::list_dashboards)
                             .authorize(Action::ListDashboard),
                     ),
             )
             .service(
-                web::resource("/{dashboard_id}")
-                    .route(
-                        web::get()
-                            .to(dashboards::get)
-                            .authorize(Action::GetDashboard),
-                    )
-                    .route(
-                        web::delete()
-                            .to(dashboards::delete)
-                            .authorize(Action::DeleteDashboard),
+                web::scope("/{dashboard_id}")
+                    .service(
+                        web::resource("")
+                            .route(
+                                web::get()
+                                    .to(dashboards::get_dashboard)
+                                    .authorize(Action::GetDashboard),
+                            )
+                            .route(
+                                web::delete()
+                                    .to(dashboards::delete_dashboard)
+                                    .authorize(Action::DeleteDashboard),
+                            )
+                            .route(
+                                web::put()
+                                    .to(dashboards::update_dashboard)
+                                    .authorize(Action::CreateDashboard),
+                            ),
                     )
-                    .route(
-                        web::put()
-                            .to(dashboards::update)
-                            .authorize(Action::CreateDashboard),
+                    .service(
+                        web::resource("/add_tile").route(
+                            web::put()
+                                .to(dashboards::add_tile)
+                                .authorize(Action::CreateDashboard),
+                        ),
                     ),
             )
     }
diff --git a/src/handlers/http/users/dashboards.rs b/src/handlers/http/users/dashboards.rs
@@ -18,140 +18,131 @@
 
 use crate::{
     handlers::http::rbac::RBACError,
-    parseable::PARSEABLE,
-    storage::{object_storage::dashboard_path, ObjectStorageError},
-    users::dashboards::{Dashboard, CURRENT_DASHBOARD_VERSION, DASHBOARDS},
-    utils::{actix::extract_session_key_from_req, get_hash, get_user_from_request},
+    storage::ObjectStorageError,
+    users::dashboards::{validate_dashboard_id, Dashboard, Tile, DASHBOARDS},
+    utils::{get_hash, get_user_from_request},
 };
 use actix_web::{
     http::header::ContentType,
     web::{self, Json, Path},
     HttpRequest, HttpResponse, Responder,
 };
-use bytes::Bytes;
-use rand::distributions::DistString;
-
-use chrono::Utc;
 use http::StatusCode;
 use serde_json::Error as SerdeError;
 
-pub async fn list(req: HttpRequest) -> Result<impl Responder, DashboardError> {
-    let key =
-        extract_session_key_from_req(&req).map_err(|e| DashboardError::Custom(e.to_string()))?;
-    let dashboards = DASHBOARDS.list_dashboards(&key).await;
+pub async fn list_dashboards() -> Result<impl Responder, DashboardError> {
+    let dashboards = DASHBOARDS.list_dashboards().await;
+    let dashboard_summaries = dashboards
+        .iter()
+        .map(|dashboard| dashboard.to_summary())
+        .collect::<Vec<_>>();
 
-    Ok((web::Json(dashboards), StatusCode::OK))
+    Ok((web::Json(dashboard_summaries), StatusCode::OK))
 }
 
-pub async fn get(
-    req: HttpRequest,
-    dashboard_id: Path<String>,
-) -> Result<impl Responder, DashboardError> {
-    let user_id = get_user_from_request(&req)?;
-    let dashboard_id = dashboard_id.into_inner();
+pub async fn get_dashboard(dashboard_id: Path<String>) -> Result<impl Responder, DashboardError> {
+    let dashboard_id = validate_dashboard_id(dashboard_id.into_inner())?;
 
-    if let Some(dashboard) = DASHBOARDS
-        .get_dashboard(&dashboard_id, &get_hash(&user_id))
+    let dashboard = DASHBOARDS
+        .get_dashboard(dashboard_id)
         .await
-    {
-        return Ok((web::Json(dashboard), StatusCode::OK));
-    }
+        .ok_or_else(|| DashboardError::Metadata("Dashboard does not exist"))?;
 
-    Err(DashboardError::Metadata("Dashboard does not exist"))
+    Ok((web::Json(dashboard), StatusCode::OK))
 }
 
-pub async fn post(
+pub async fn create_dashboard(
     req: HttpRequest,
     Json(mut dashboard): Json<Dashboard>,
 ) -> Result<impl Responder, DashboardError> {
-    let mut user_id = get_user_from_request(&req)?;
-    user_id = get_hash(&user_id);
-    let dashboard_id = get_hash(Utc::now().timestamp_micros().to_string().as_str());
-    dashboard.dashboard_id = Some(dashboard_id.clone());
-    dashboard.version = Some(CURRENT_DASHBOARD_VERSION.to_string());
-
-    dashboard.user_id = Some(user_id.clone());
-    for tile in dashboard.tiles.iter_mut() {
-        tile.tile_id = Some(get_hash(
-            format!(
-                "{}{}",
-                rand::distributions::Alphanumeric.sample_string(&mut rand::thread_rng(), 8),
-                Utc::now().timestamp_micros()
-            )
-            .as_str(),
-        ));
+    if dashboard.title.is_empty() {
+        return Err(DashboardError::Metadata("Title must be provided"));
     }
-    DASHBOARDS.update(&dashboard).await;
-
-    let path = dashboard_path(&user_id, &format!("{dashboard_id}.json"));
 
-    let store = PARSEABLE.storage.get_object_store();
-    let dashboard_bytes = serde_json::to_vec(&dashboard)?;
-    store
-        .put_object(&path, Bytes::from(dashboard_bytes))
-        .await?;
+    let user_id = get_hash(&get_user_from_request(&req)?);
 
+    DASHBOARDS.create(&user_id, &mut dashboard).await?;
     Ok((web::Json(dashboard), StatusCode::OK))
 }
 
-pub async fn update(
+pub async fn update_dashboard(
     req: HttpRequest,
     dashboard_id: Path<String>,
     Json(mut dashboard): Json<Dashboard>,
 ) -> Result<impl Responder, DashboardError> {
-    let mut user_id = get_user_from_request(&req)?;
-    user_id = get_hash(&user_id);
-    let dashboard_id = dashboard_id.into_inner();
+    let user_id = get_hash(&get_user_from_request(&req)?);
+    let dashboard_id = validate_dashboard_id(dashboard_id.into_inner())?;
 
-    if DASHBOARDS
-        .get_dashboard(&dashboard_id, &user_id)
-        .await
-        .is_none()
-    {
-        return Err(DashboardError::Metadata("Dashboard does not exist"));
-    }
-    dashboard.dashboard_id = Some(dashboard_id.to_string());
-    dashboard.user_id = Some(user_id.clone());
-    dashboard.version = Some(CURRENT_DASHBOARD_VERSION.to_string());
-    for tile in dashboard.tiles.iter_mut() {
-        if tile.tile_id.is_none() {
-            tile.tile_id = Some(get_hash(Utc::now().timestamp_micros().to_string().as_str()));
+    // Validate all tiles have valid IDs
+    if let Some(tiles) = &dashboard.tiles {
+        if tiles.iter().any(|tile| tile.tile_id.is_nil()) {
+            return Err(DashboardError::Metadata("Tile ID must be provided"));
         }
     }
-    DASHBOARDS.update(&dashboard).await;
 
-    let path = dashboard_path(&user_id, &format!("{dashboard_id}.json"));
+    // Check if tile_id are unique
+    if let Some(tiles) = &dashboard.tiles {
+        let unique_tiles: Vec<_> = tiles
+            .iter()
+            .map(|tile| tile.tile_id)
+            .collect::<std::collections::HashSet<_>>()
+            .into_iter()
+            .collect();
+
+        if unique_tiles.len() != tiles.len() {
+            return Err(DashboardError::Metadata("Tile IDs must be unique"));
+        }
+    }
 
-    let store = PARSEABLE.storage.get_object_store();
-    let dashboard_bytes = serde_json::to_vec(&dashboard)?;
-    store
-        .put_object(&path, Bytes::from(dashboard_bytes))
+    DASHBOARDS
+        .update(&user_id, dashboard_id, &mut dashboard)
         .await?;
 
     Ok((web::Json(dashboard), StatusCode::OK))
 }
 
-pub async fn delete(
+pub async fn delete_dashboard(
     req: HttpRequest,
     dashboard_id: Path<String>,
 ) -> Result<HttpResponse, DashboardError> {
-    let mut user_id = get_user_from_request(&req)?;
-    user_id = get_hash(&user_id);
-    let dashboard_id = dashboard_id.into_inner();
-    if DASHBOARDS
-        .get_dashboard(&dashboard_id, &user_id)
+    let user_id = get_hash(&get_user_from_request(&req)?);
+    let dashboard_id = validate_dashboard_id(dashboard_id.into_inner())?;
+
+    DASHBOARDS.delete_dashboard(&user_id, dashboard_id).await?;
+
+    Ok(HttpResponse::Ok().finish())
+}
+
+pub async fn add_tile(
+    req: HttpRequest,
+    dashboard_id: Path<String>,
+    Json(tile): Json<Tile>,
+) -> Result<impl Responder, DashboardError> {
+    if tile.tile_id.is_nil() {
+        return Err(DashboardError::Metadata("Tile ID must be provided"));
+    }
+
+    let user_id = get_hash(&get_user_from_request(&req)?);
+    let dashboard_id = validate_dashboard_id(dashboard_id.into_inner())?;
+
+    let mut dashboard = DASHBOARDS
+        .get_dashboard_by_user(dashboard_id, &user_id)
         .await
-        .is_none()
-    {
-        return Err(DashboardError::Metadata("Dashboard does not exist"));
+        .ok_or(DashboardError::Unauthorized)?;
+
+    let tiles = dashboard.tiles.get_or_insert_with(Vec::new);
+
+    // check if the tile already exists
+    if tiles.iter().any(|t| t.tile_id == tile.tile_id) {
+        return Err(DashboardError::Metadata("Tile already exists"));
     }
-    let path = dashboard_path(&user_id, &format!("{dashboard_id}.json"));
-    let store = PARSEABLE.storage.get_object_store();
-    store.delete_object(&path).await?;
+    tiles.push(tile);
 
-    DASHBOARDS.delete_dashboard(&dashboard_id).await;
+    DASHBOARDS
+        .update(&user_id, dashboard_id, &mut dashboard)
+        .await?;
 
-    Ok(HttpResponse::Ok().finish())
+    Ok((web::Json(dashboard), StatusCode::OK))
 }
 
 #[derive(Debug, thiserror::Error)]
@@ -166,6 +157,8 @@ pub enum DashboardError {
     UserDoesNotExist(#[from] RBACError),
     #[error("Error: {0}")]
     Custom(String),
+    #[error("Dashboard does not exist or is not accessible")]
+    Unauthorized,
 }
 
 impl actix_web::ResponseError for DashboardError {
@@ -176,6 +169,7 @@ impl actix_web::ResponseError for DashboardError {
             Self::Metadata(_) => StatusCode::BAD_REQUEST,
             Self::UserDoesNotExist(_) => StatusCode::NOT_FOUND,
             Self::Custom(_) => StatusCode::INTERNAL_SERVER_ERROR,
+            Self::Unauthorized => StatusCode::UNAUTHORIZED,
         }
     }
 
diff --git a/src/prism/home/mod.rs b/src/prism/home/mod.rs
@@ -270,7 +270,7 @@ pub async fn generate_home_search_response(
     let (alert_titles, correlation_titles, dashboard_titles, filter_titles, stream_titles) = tokio::join!(
         get_alert_titles(key, query_value),
         get_correlation_titles(key, query_value),
-        get_dashboard_titles(key, query_value),
+        get_dashboard_titles(query_value),
         get_filter_titles(key, query_value),
         get_stream_titles(key)
     );
@@ -368,22 +368,20 @@ async fn get_correlation_titles(
     Ok(correlations)
 }
 
-async fn get_dashboard_titles(
-    key: &SessionKey,
-    query_value: &str,
-) -> Result<Vec<Resource>, PrismHomeError> {
+async fn get_dashboard_titles(query_value: &str) -> Result<Vec<Resource>, PrismHomeError> {
     let dashboard_titles = DASHBOARDS
-        .list_dashboards(key)
+        .list_dashboards()
         .await
         .iter()
         .filter_map(|dashboard| {
-            let dashboard_id = dashboard.dashboard_id.as_ref().unwrap().clone();
-            if dashboard.name.to_lowercase().contains(query_value)
+            let dashboard_id = *dashboard.dashboard_id.as_ref().unwrap();
+            let dashboard_id = dashboard_id.to_string();
+            if dashboard.title.to_lowercase().contains(query_value)
                 || dashboard_id.to_lowercase().contains(query_value)
             {
                 Some(Resource {
                     id: dashboard_id,
-                    name: dashboard.name.clone(),
+                    name: dashboard.title.clone(),
                     resource_type: ResourceType::Dashboard,
                 })
             } else {
diff --git a/src/users/dashboards.rs b/src/users/dashboards.rs
