* feat(add): datasources:query support for using the authlib/authzservice
* added test for datasources
* refactor to create the translation right away
* Update pkg/services/authz/rbac/mapper.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* fix tests
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Anonymous access: Allow setting org role in new authz service
* back out change that is not needed; rename struct
* cleanup
* Fix tests
---------
Co-authored-by: Gabriel Mabille <gabriel.mabille@grafana.com>
* Authz: Test List
* Anonymous case
* Cover rendering
* Authz: Check namespace is set in the context
* Explicitly request a namespace check in the storage functions
* Revert logic
* Add FolderStore interface
* Authz: add implementation to use folders api and use it inproc with loopback config
* Add tracing and add rest.Config for talking with folder api using access tokens
* Restructure test to get rid of circular dependencies in tests
* use correct group version kind
---------
Co-authored-by: gamab <gabriel.mabille@grafana.com>
* Refactor folder tree to its own structure
* Make it possible to json encode the tree
* Use iterations for Ancestors and Children
---------
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
* add metrics for authZ MT service
* remove metrics that are already tracked by the GRPC server metrics
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* undo unneeded change
* test fix
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Extract "PermissionStore" from general store interface
* Add static and union permission stores
* Add GetStaticRoles
* Use accesscontrol.Service for inproc to provide static permissions
* listing implementation pt 1
* validate list request
* register GRPC endpoint, pass the correct user UID and return folder identifiers not scopes
* uncomment code that was only commented out for testing
* fix tests
* remove unneeded changes
* remove unused import
* Update pkg/services/authz/rbac/service.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* refactor to improve efficiency
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* use variable names when logging
* adding tests for listing
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* AuthZ Service: Add caching
* split in functions
* Test getUserTeams
* Add tests to getUserBasicRole
* Test getUserPermissions
* Cache user identifiers
* fix test
* implement perm check with direct db access
* add tests
* more tests
* Update pkg/services/authz/rbac/service.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Update pkg/services/authz/rbac/service.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* allow fetching permissions for a user who is not a member of the org
* linting
* fix typo
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Gabriel MABILLE
mohammad-hamid
Eric Leijonmarck
Stephanie Hingtgen
Ieva
Karl Persson
Ryan McKinley