public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Anonymous: Enforce org role Viewer setting (#102070)

Browse Source 
* Anon: Remove org role setting

* remove from ini

* remove setting from documentation
This commit is contained in:
Eric Leijonmarck
2025-03-27 09:10:30 +00:00
committed by GitHub
parent 9ca1d8bca7
commit e216c2f29d
8 changed files with 5 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/services/anonymous/anonimpl/client.go
+1 -14
View File
@@ -4,7 +4,6 @@ import (
"context"
"errors"
"net/http"
"strings"
claims "github.com/grafana/authlib/types"
"github.com/grafana/grafana/pkg/apimachinery/errutil"
@@ -94,18 +93,6 @@ func (a *Anonymous) ResolveIdentity(ctx context.Context, orgID int64, typ claims
return a.newAnonymousIdentity(o), nil
}
func (a *Anonymous) UsageStatFn(ctx context.Context) (map[string]any, error) {
m := map[string]any{}
// Add stats about anonymous auth
m["stats.anonymous.customized_role.count"] = 0
if !strings.EqualFold(a.cfg.Anonymous.OrgRole, "Viewer") {
m["stats.anonymous.customized_role.count"] = 1
}
return m, nil
}
func (a *Anonymous) Priority() uint {
return 100
}
@@ -116,7 +103,7 @@ func (a *Anonymous) newAnonymousIdentity(o *org.Org) *authn.Identity {
Type: claims.TypeAnonymous,
OrgID: o.ID,
OrgName: o.Name,
OrgRoles: map[int64]org.RoleType{o.ID: org.RoleType(a.cfg.Anonymous.OrgRole)},
OrgRoles: map[int64]org.RoleType{o.ID: org.RoleViewer},
ClientParams: authn.ClientParams{SyncPermissions: true},
}
}
pkg/services/anonymous/anonimpl/client_test.go
-3
View File
@@ -31,7 +31,6 @@ func TestAnonymous_Authenticate(t *testing.T) {
org: &org.Org{ID: 1, Name: "some org"},
cfg: &setting.Cfg{
Anonymous: setting.AnonymousSettings{
OrgRole: "Viewer",
OrgName: "some org",
},
},
@@ -41,7 +40,6 @@ func TestAnonymous_Authenticate(t *testing.T) {
err: fmt.Errorf("some error"),
cfg: &setting.Cfg{
Anonymous: setting.AnonymousSettings{
OrgRole: "Viewer",
OrgName: "some org",
},
},
@@ -67,7 +65,6 @@ func TestAnonymous_Authenticate(t *testing.T) {
assert.Equal(t, "anonymous:0", user.GetID())
assert.Equal(t, tt.org.ID, user.OrgID)
assert.Equal(t, tt.org.Name, user.OrgName)
assert.Equal(t, tt.cfg.Anonymous.OrgRole, string(user.GetOrgRole()))
}
})
}