public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
44,332 Commits 655 Branches 650 Tags
659a01903e3bf6963da17029cd2b4304f5554bd7
Commit Graph

9 Commits

Author SHA1 Message Date
Kristin Laemmert
e8b8a9e276 chore: move dashboard_acl models into dashboard service (#62151) 2023-01-26 08:46:30 -05:00
Denis Limarev
e6dee8a723 Perfomance: Preallocate slices (#61580) 2023-01-17 11:50:17 +00:00
idafurjes
490a787d9d Chore: Move tem member models to team pkg (#61294) 
* Chore: Move tem member models to team pkg

* Fix test lint
 2023-01-13 09:43:38 +01:00
idafurjes
7dcb502b33 Chore: Remove org model duplicates (#61025) 
Remove org model duplicates
 2023-01-09 14:39:53 +01:00
idafurjes
6afad51761 Move SignedInUser to user service and RoleType and Roles to org (#53445) 
* Move SignedInUser to user service and RoleType and Roles to org

* Use go naming convention for roles

* Fix some imports and leftovers

* Fix ldap debug test

* Fix lint

* Fix lint 2

* Fix lint 3

* Fix type and not needed conversion

* Clean up messages in api tests

* Clean up api tests 2
 2022-08-10 11:56:48 +02:00
Vardan Torosyan
a0553de8dd Rename FGAC to RBAC in the codebase (#48051) 2022-04-21 14:31:02 +02:00
Gabriel MABILLE
9dc06cd21f simplify bulkAssignRoles (#46891) 2022-03-24 18:06:44 +01:00
Karl Persson
4982ca3b1d Access control: Use access control for dashboard and folder (#44702) 
* Add actions and scopes

* add resource service for dashboard and folder

* Add dashboard guardian with fgac permission evaluation

* Add CanDelete function to guardian interface

* Add CanDelete property to folder and dashboard dto and set values

* change to correct function name

* Add accesscontrol to folder endpoints

* add access control to dashboard endpoints

* check access for nav links

* Add fixed roles for dashboard and folders

* use correct package

* add hack to override guardian Constructor if accesscontrol is enabled

* Add services

* Add function to handle api backward compatability

* Add permissionServices to HttpServer

* Set permission when new dashboard is created

* Add default permission when creating new dashboard

* Set default permission when creating folder and dashboard

* Add access control filter for dashboard search

* Add to accept list

* Add accesscontrol to dashboardimport

* Disable access control in tests

* Add check to see if user is allow to create a dashboard

* Use SetPermissions

* Use function to set several permissions at once

* remove permissions for folder and dashboard on delete

* update required permission

* set permission for provisioning

* Add CanCreate to dashboard guardian and set correct permisisons for
provisioning

* Dont set admin on folder / dashboard creation

* Add dashboard and folder permission migrations

* Add tests for CanCreate

* Add roles and update descriptions

* Solve uid to id for dashboard and folder permissions

* Add folder and dashboard actions to permission filter

* Handle viewer_can_edit flag

* set folder and dashboard permissions services

* Add dashboard permissions when importing a new dashboard

* Set access control permissions on provisioning

* Pass feature flags and only set permissions if access control is enabled

* only add default permissions for folders and dashboards without folders

* Batch create permissions in migrations


* Remove `dashboards:edit` action

* Remove unused function from interface

* Update pkg/services/guardian/accesscontrol_guardian_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
 2022-03-03 15:05:47 +01:00
Gabriel MABILLE
bc24fdcf8d AccessControl: Team membership migration (#44065) 
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
 2022-02-01 14:57:26 +01:00