RBAC: Allow role registration for plugins (#57387)

* Picking role registration from OnCall POC branch * Fix test * Remove include actions from this PR * Removing unused permission * Adding test to DeclarePluginRoles * Add testcase to RegisterFixed role * Additional test case * Adding tests to validate plugins roles * Add test to plugin loader * Nit. * Scuemata validation * Changing the design to decouple accesscontrol from plugin management Co-authored-by: Kalle Persson <kalle.persson@grafana.com> * Fixing tests Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Add missing files Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Remove feature toggle check from loader * Remove feature toggleimport * Feedback Co-Authored-By: marefr <marcus.efraimsson@gmail.com> * Fix test' * Make plugins.RoleRegistry interface typed * Remove comment question * No need for json tags anymore * Nit. log * Adding the schema validation * Remove group to take plugin Name instead * Revert sqlstore -> db * Nit. * Nit. on tests Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Update pkg/services/accesscontrol/plugins.go Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> * Log message Co-Authored-By: marefr <marcus.efraimsson@gmail.com> * Log message Co-Authored-By: marefr <marcus.efraimsson@gmail.com> * Remove unecessary method. Update test name. Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Fix linting * Update cue descriptions * Fix test Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Jguer <joao.guerreiro@grafana.com> Co-authored-by: marefr <marcus.efraimsson@gmail.com> Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
2022-11-07 11:30:45 +01:00
parent 334b498632
commit 30fae33f66
22 changed files with 852 additions and 32 deletions
@@ -0,0 +1,31 @@
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+{
+  "manifestVersion": "2.0.0",
+  "signatureType": "private",
+  "signedByOrg": "gabrielmabille",
+  "signedByOrgName": "gabrielmabille",
+  "rootUrls": [
+    "http://localhost:3000/"
+  ],
+  "plugin": "test-app",
+  "version": "1.0.0",
+  "time": 1666953431573,
+  "keyId": "7e4d0c6a708866e7",
+  "files": {
+    "plugin.json": "8017d19868809409e54e70eab116366de263005aa70960d44a12dc4dc5582cee"
+  }
+}
+-----BEGIN PGP SIGNATURE-----
+Version: OpenPGP.js v4.10.10
+Comment: https://openpgpjs.org
+
+wrgEARMKAAYFAmNbsNcAIQkQfk0ManCIZucWIQTzOyW2kQdOhGNlcPN+TQxq
+cIhm5z2+AgYqtKZ4tU/VBo8kOI49LfV85JKunAxPOvfaU3pRseRnWSyRBS0X
+pKI2ekKebOSRZIs+zDPA0qTl1ihOY9bKe52pwwIJAf1IDq1P7G861dFilTuF
+jCHQq6aS3NGy5o1N480Xof8PZdrI/xYDqSoy2F+688FR76ShyAM4B00Skt7c
+9YSCsLx+
+=cVti
+-----END PGP SIGNATURE-----
@@ -0,0 +1,45 @@
+{
+  "type": "app",
+  "name": "Test App",
+  "id": "test-app",
+  "info": {
+    "description": "Test App",
+    "author": {
+      "name": "Test Inc.",
+      "url": "http://test.com"
+    },
+    "keywords": ["test"],
+    "links": [],
+    "version": "1.0.0",
+    "updated": "2015-02-10"
+  },
+  "includes": [],
+  "roles": [
+    {
+      "role": {
+        "name": "plugins.app:test-app:reader",
+        "displayName": "test-app reader",
+        "description": "View everything in the test-app plugin",
+        "permissions": [
+          {
+            "action": "plugins.app:access",
+            "scope": "plugins.app:id:test-app"
+          },
+          {
+            "action": "test-app.resource:read",
+            "scope": "resources:*"
+          },
+          {
+            "action": "test-app.otherresource:toggle"
+          }
+        ]
+      },
+      "grants": [
+        "Admin"
+      ]
+    }
+  ],
+  "dependencies": {
+    "grafanaDependency": ">=8.0.0"
+  }
+}