public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Access control: FGAC for team sync endpoints (#44673)

Browse Source 
* add actions for team group sync

* extend the hook to allow specifying whether the user is external

* move user struct to type package

* interface for permission service to allow mocking it

* reuse existing permissions

* test fix

* refactor

* linting
This commit is contained in:
Ieva
2022-02-03 15:27:05 +00:00
committed by GitHub
parent bc7e55d99b
commit 602d62ebcc
14 changed files with 76 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/services/accesscontrol/database/database_test.go
+1 -2
View File
@@ -5,7 +5,6 @@ import (
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/grafana/grafana/pkg/models"
@@ -81,7 +80,7 @@ func TestAccessControlStore_GetUserPermissions(t *testing.T) {
user, team := createUserAndTeam(t, sql, tt.orgID)
for _, id := range tt.userPermissions {
_, err := store.SetUserResourcePermission(context.Background(), tt.orgID, user.Id, accesscontrol.SetResourcePermissionCommand{
_, err := store.SetUserResourcePermission(context.Background(), tt.orgID, accesscontrol.User{ID: user.Id}, accesscontrol.SetResourcePermissionCommand{
Actions: []string{"dashboards:write"},
Resource: "dashboards",
ResourceID: id,