public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
29,898 Commits 655 Branches 650 Tags
7a96df875b7c272f7cf8cd366529ed056eb6a42e
Commit Graph

8 Commits

Author SHA1 Message Date
Grot (@grafanabot) ba85b954e1 Access control: Rename predefined roles to fixed roles (code) (#34469) (#34663) 
* s/grafana:roles:/fixed:/

* Update free text references to predefined roles

(cherry picked from commit 0f4806db8a)

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
 2021-05-26 13:22:44 +02:00
Vardan Torosyan 1d15686bdf Access control: Add a role for provisioning admins (#33787) 2021-05-10 11:46:42 +02:00
Emil Tullstedt 4496ae496e Access control: Clean up users scopes (#33532) 
Following discussion in grafana/grafana-enterprise#1292, removing
org-scoped users scopes to make it clear that the local organization is
the default and the alternative to that is a global scope (for a select
few endpoints)
 2021-05-03 10:27:12 +02:00
Vardan Torosyan 5bf6d7dad8 Access control: Update evaluator to authorize when at least one of the scopes is a match (#33393) 2021-04-27 18:22:18 +02:00
Vardan Torosyan bf83fb80b7 Access control: Combine permissions through predefined roles (#33275) 
* Access control: Combine permissions through predefined roles

When certain permission is required for built-in role, instead of adding those permissions to the existing predefined roles, we need to have granular predefined roles with those permissions.

* Better copy...

* Adding and fixing tests

* Remove duplicated permission
 2021-04-23 15:44:42 +02:00
Alexander Zobnin dd9f701cd9 Access control: Fix predefined roles (#33260) 2021-04-22 12:49:24 +02:00
Alexander Zobnin a7e721e987 Access control: Make Admin/Users UI working with the permissions (#33176) 
* API: authorize admin/users views

* Render admin/users components based on user's permissions

* Add LDAP permissions (required by admin/user page)

* Extend default admin role by LDAP permissions

* Show/hide LDAP debug views

* Render LDAP debug page if user has access

* Authorize LDAP debug view

* fix permissions definitions

* Add LDAP page permissions

* remove ambiguous permissions check

* Hide logout buttons in sessions table

* Add org/users permissions

* Use org permissions for managing user roles in orgs

* Apply permissions to org/users

* Apply suggestions from review

* Fix tests

* remove scopes from the frontend

* Tweaks according to review

* Handle /invites endpoints
 2021-04-22 13:19:41 +03:00
Vardan Torosyan 9f82eac833 Access control: Add access control based permissions to admins/users (#32409) 
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
 2021-04-14 16:31:27 +02:00