public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a3ae83a37a0ca4b5f4a3364be76e773158cee5bc
grafana/pkg
T
History
mohammad-hamid a3ae83a37a IAM: Add disabled field to role permissions 
This change adds support for disabling permissions without removing them
from roles. This allows users to revoke permissions while signaling to
apps that the permission should not be re-granted.

Key changes:
- Add disabled boolean field to RolespecPermission in CUE schema
- Update generated Go types for Role, CoreRole, and GlobalRole
- Add disabled column to permission table via migration
- Filter disabled permissions in Zanzana tuple conversion
- Filter disabled permissions in legacy RBAC queries
- Update SQL queries to persist and retrieve disabled field

When a permission has disabled: true:
- It remains visible in the role definition
- It is NOT written to Zanzana (authorization engine)
- It is NOT returned in RBAC permission queries

This prevents apps from re-granting permissions that users have
explicitly revoked, while maintaining visibility of the permission
in the role.
2025-12-16 11:54:31 -05:00
..
aggregator
Dependencies: Bump Go to v1.25.5 (#114749)
2025-12-03 10:18:31 +01:00
api
Tracing: Fix excluding paths from tracing (#115394)
2025-12-16 11:02:40 +01:00
apimachinery
Advisor: RBAC revamp (#115151)
2025-12-16 11:33:18 +01:00
apis
Snapshots: Migrate API as dashboards k8s subresource (#113552)
2025-12-02 16:26:45 -03:00
apiserver
Auditing: Refactor policy rule provider and add default policy rule evaluator (#115318)
2025-12-16 10:36:46 +01:00
build
e2e: add tests for translations (#114390)
2025-12-08 10:19:44 +01:00
bus
Hackaton: Add more unit tests, take 3 (#101525)
2025-03-05 08:00:12 +01:00
clientauth/middleware
Log error from token exchange middleware (#112125)
2025-10-08 07:59:46 +00:00
cmd
feat: add unified storage data migration step for playlists (#114582)
2025-12-04 15:15:00 +00:00
codegen
Dependencies: Bump Go to v1.25.5 (#114749)
2025-12-03 10:18:31 +01:00
components
docs: use clearly invalid tokens (#114842)
2025-12-04 15:25:59 +01:00
configprovider
Configprovider: Update the interface to propagate errors (#110814)
2025-09-11 17:26:54 +03:00
events
Chore: Remove unused bus.Bus events (#110738)
2025-09-08 10:47:16 +00:00
expr
Plugins: Upgrade github.com/grafana/grafana-plugin-sdk-go v0.283.0 => v0.284.0 (#114400)
2025-11-25 15:46:07 +00:00
extensions
Plugins App: PluginMeta -> Meta (#115034)
2025-12-09 16:01:22 -05:00
generated
Chore: Upgrade k8s.io/api v0.34.1 and grafana-app-sdk v0.43.1 (#111009)
2025-09-16 13:35:20 +03:00
ifaces/gcsifaces
infra
chore: add log and metric before unified migration enforcement (#114598)
2025-12-01 17:56:59 +01:00
kinds
Dashboard : Allow applying variable regex to display text (#114426)
2025-12-09 10:55:51 -05:00
login/social
Chore: Update authlib (#110880)
2025-09-15 12:45:15 +02:00
middleware
Tracing: Fix excluding paths from tracing (#115394)
2025-12-16 11:02:40 +01:00
mocks/mock_gcsifaces
models
Auth: Attach external session info to Grafana session (#93849)
2024-10-08 11:03:29 +02:00
modules
Background Services: Remove dskitBackgroundServices toggle (#111255)
2025-09-26 15:16:06 -04:00
operators
Zanzana: Refactor remote client initialization (#114142)
2025-12-11 10:55:12 +01:00
plugins
Dependencies: Bump Go to v1.25.5 (#114749)
2025-12-03 10:18:31 +01:00
promlib
Dependencies: Bump Go to v1.25.5 (#114749)
2025-12-03 10:18:31 +01:00
registry
IAM: Add disabled field to role permissions
2025-12-16 11:54:31 -05:00
semconv
Dependencies: Bump Go to v1.25.5 (#114749)
2025-12-03 10:18:31 +01:00
server
Advisor: RBAC revamp (#115151)
2025-12-16 11:33:18 +01:00
services
IAM: Add disabled field to role permissions
2025-12-16 11:54:31 -05:00
setting
Alerting: Add limits for the size of expanded notification templates (#115242)
2025-12-15 10:21:24 -05:00
storage
docs: add readme for unified storage on-prem migrations (#114397)
2025-12-16 08:00:22 +00:00
tests
Provisioning: Add Connection resource (#115272)
2025-12-16 14:37:07 +01:00
tsdb
Elasticsearch: Raw query editor for DSL (#114066)
2025-12-15 19:11:05 +00:00
util
fix(unified): in-proc SQLite data migration (#114537)
2025-11-28 13:13:35 +01:00
web
Security: Fixes for CVE-2025-6197 and CVE-2025-6023 (#108330)
2025-07-18 09:06:26 -06:00
README.md
ruleguard.rules.go

README.md

This directory contains the code for the Grafana backend.

The contributor documentation for Grafana's backend is in /contribute/backend/README.md.

Reference in New Issue View Git Blame Copy Permalink