Karl Persson
7329d2c34b
* Extract "PermissionStore" from general store interface * Add static and union permission stores * Add GetStaticRoles * Use accesscontrol.Service for inproc to provide static permissions
29 lines
938 B
Go
29 lines
938 B
Go
package authz
|
|
|
|
import (
|
|
authzv1 "github.com/grafana/authlib/authz/proto/v1"
|
|
|
|
"github.com/grafana/grafana/pkg/infra/log"
|
|
"github.com/grafana/grafana/pkg/infra/tracing"
|
|
"github.com/grafana/grafana/pkg/registry/apis/iam/legacy"
|
|
authzextv1 "github.com/grafana/grafana/pkg/services/authz/proto/v1"
|
|
"github.com/grafana/grafana/pkg/services/authz/rbac"
|
|
"github.com/grafana/grafana/pkg/services/authz/rbac/store"
|
|
"github.com/grafana/grafana/pkg/services/grpcserver"
|
|
"github.com/grafana/grafana/pkg/storage/legacysql"
|
|
)
|
|
|
|
func RegisterRBACAuthZService(handler grpcserver.Provider, db legacysql.LegacyDatabaseProvider, tracer tracing.Tracer) {
|
|
server := rbac.NewService(
|
|
db,
|
|
legacy.NewLegacySQLStores(db),
|
|
store.NewSQLPermissionStore(db, tracer),
|
|
log.New("authz-grpc-server"),
|
|
tracer,
|
|
)
|
|
|
|
srv := handler.GetServer()
|
|
authzv1.RegisterAuthzServiceServer(srv, server)
|
|
authzextv1.RegisterAuthzExtentionServiceServer(srv, server)
|
|
}
|