public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
53,031 Commits 655 Branches 650 Tags
d5ee8add4d44ddbd8ede7e2d6612da910b1f3c21
Commit Graph

18 Commits

Author SHA1 Message Date
grafana-delivery-bot[bot] 4115a67a42 [v11.2.x] Zanzana: Evaluate dashboard and folder permissions (#92253) 
Zanzana: Evaluate dashboard and folder permissions (#91539)

* Zanzana: basic folder permissions checks

* Fix managed permissions for teams

* fix sync batch size

* add dashboards actions translations

* migrate folder tree

* migrate dashboard folders

* remove action sets from schema

* Adding more dashboard and folder-related permissions

* refactor

* Correctly translate dashboard permissions in folders

* fix dashboard parent permissions

(cherry picked from commit 1cc438a56c)

Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
 2024-08-21 17:54:50 -04:00
Gabriel MABILLE c76d1e04e8 Authz: Fix on-prem grpc authentication (#91341) 
* Authz: Fix on-prem grpc authentication

Co-authored-by: Claudiu Dragalina-Paraipan <claudiu.dragalina@grafana.com>

* Remove noAuth override

---------

Co-authored-by: Claudiu Dragalina-Paraipan <claudiu.dragalina@grafana.com>
 2024-08-01 16:30:13 +03:00
Claudiu Dragalina-Paraipan cf55ac5813 authz: set authzv1.ReadResponse.Found (#91212) 
Co-authored-by: Gabriel MABILLE <gabriel.mabille@grafana.com>
 2024-07-30 18:26:54 +03:00
Claudiu Dragalina-Paraipan 05ab4cdd1f [authz]: use authlib client (#91205) 
authz: use authlib client

Co-authored-by: Gabriel MABILLE <gabriel.mabille@grafana.com>
 2024-07-30 17:49:46 +03:00
Ryan McKinley 9db3bc926e Identity: Rename "namespace" to "type" in the requester interface (#90567) 2024-07-25 12:52:14 +03:00
Karl Persson c04be62b65 Zanzana: client integration test (#89997) 
* Restructure

* Zanzana: Add integration tests for client

* skip mysql 5.7 integration tests
 2024-07-04 11:23:48 +02:00
Karl Persson cbbc12a31b Zanzana: Sync team memberships (#89983) 
* Zanzana: Use uid for users and teams

* Zanzana: Team membership migrator

---------

Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
 2024-07-03 13:37:26 +02:00
Karl Persson e568b86ac0 Zanzana: Initial work to allow partial data migrations (#89919) 
* Zanana: Add Write method to interface

* Zanzana: Add utilities for translating RBAC to openFGA tuple keys

* RBAC: Add zanzana synchronizer

* Run zanzana sync in access controll provider
 2024-07-02 14:45:25 +02:00
Alexander Zobnin f1968bbcbb Zanzana: Run OpenFGA HTTP server in standalone mode (#89914) 
* Zanzana: Listen http to handle fga cli requests.

* make configurable

* start http server during service run

* wait for GRPC server is ready

* remove unnecessary logs

* fix linter errors

* run only in devenv

* make address configurable
 2024-07-02 11:14:09 +02:00
Alexander Zobnin 190892bc88 Zanzana: Initial schema loading (#89492) 
* Zanzana: Dummy schema loading

* Load authorzation model for client

---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
 2024-06-27 13:57:06 +02:00
Karl Persson eea7319a67 Zanzana: sqlite data store (#89486) 
* Zanzana: Add sqlite3 store

* Zanzana: Initilize sqlite store with migrations
 2024-06-25 09:52:33 +02:00
Ryan McKinley 5e95c1bdf8 Storage: Move grpc helper from entity store to resource store (#89490) 2024-06-20 22:32:19 +03:00
Alexander Zobnin ba16c37126 Zanzana: Simple openfga client wrapper (#89430) 2024-06-20 10:37:16 +02:00
Karl Persson 3fe29809be Zanzana: database migrations (#89390) 
* Zanana: Use grafana migrations to run openFGA migration files and initilize store.

* Add feature toggle

* Zanzana: return noop client if feature toggle is disabled
 2024-06-19 15:59:47 +02:00
Alexander Zobnin b3907ca5ec Zanzana: Simple logger wrapper for openfga (#89396) 
* Zanzana: Simple logger wrapper for openfga

* don't export
 2024-06-19 13:55:31 +02:00
Karl Persson 606a74d0af Zanzana: Initial work to run openFGA as embedded or standalone service (#89211) 
* Zanana: Initial work to run zanana as ebeddedn or standalone

* Add addr settings for when remote client is used.

* sync dependencies

* Lock mysql driver version
---------

Co-authored-by: Dan Cech <dcech@grafana.com>
 2024-06-18 10:04:18 +02:00
Gabriel MABILLE 5f83fdef2c AuthZ: GRPC client init and config options (#89161) 2024-06-18 06:13:24 +02:00
Gabriel MABILLE afcb5a855c AuthZ: embed an authorization server (#89018) 
* AuthZ: embed an authorization server

* CODEOWNERS

* Remove swagger

* WIP

* Flatten structure and inject wireset

* sync mod files

* Rename authorization package

* Fix swagger gen

* CODEOWNERS

* Use itf instead of impl

---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
 2024-06-13 11:41:35 +02:00