public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

RBAC: Refactor RBAC plugin interface code (#90679)

Browse Source 
move plugin RBAC registration ifaces to pluginsintegrations
This commit is contained in:
Ieva
2024-07-22 09:31:36 +01:00
committed by GitHub
parent 63cc01fe80
commit 4c7d8c8cdd
9 changed files with 34 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/services/pluginsintegration/pluginaccesscontrol/accesscontrol.go
+13
View File
@@ -1,6 +1,9 @@
package pluginaccesscontrol
import (
"context"
"github.com/grafana/grafana/pkg/plugins"
ac "github.com/grafana/grafana/pkg/services/accesscontrol"
contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
"github.com/grafana/grafana/pkg/services/featuremgmt"
@@ -23,6 +26,16 @@ var (
AdminAccessEvaluator = ac.EvalAny(ac.EvalPermission(ActionWrite), ac.EvalPermission(ActionInstall))
)
// RoleRegistry handles the plugin RBAC roles and their assignments
type RoleRegistry interface {
DeclarePluginRoles(ctx context.Context, ID, name string, registrations []plugins.RoleRegistration) error
}
// ActionSetRegistry handles the plugin RBAC actionsets
type ActionSetRegistry interface {
RegisterActionSets(ctx context.Context, ID string, registrations []plugins.ActionSet) error
}
func ReqCanAdminPlugins(cfg *setting.Cfg) func(rc *contextmodel.ReqContext) bool {
// Legacy handler that protects access to the Configuration > Plugins page
return func(rc *contextmodel.ReqContext) bool {