grafana/pkg/models/team_member.go

package models

import (
	"errors"
	"time"
)

// Typed errors
var (
	ErrTeamMemberAlreadyAdded = errors.New("User is already added to this team")
)

// TeamMember model
type TeamMember struct {
	Id         int64
	OrgId      int64
	TeamId     int64
	UserId     int64
	External   bool // Signals that the membership has been created by an external systems, such as LDAP
	Permission PermissionType

	Created time.Time
	Updated time.Time
}

// ---------------------
// COMMANDS

type AddTeamMemberCommand struct {
	UserId     int64          `json:"userId" binding:"Required"`
	OrgId      int64          `json:"-"`
	TeamId     int64          `json:"-"`
	External   bool           `json:"-"`
	Permission PermissionType `json:"-"`
}

type UpdateTeamMemberCommand struct {
	UserId     int64          `json:"-"`
	OrgId      int64          `json:"-"`
	TeamId     int64          `json:"-"`
	Permission PermissionType `json:"permission"`
}

type RemoveTeamMemberCommand struct {
	OrgId  int64 `json:"-"`
	UserId int64
	TeamId int64
}

// ----------------------
// QUERIES

type GetTeamMembersQuery struct {
	OrgId        int64
	TeamId       int64
	UserId       int64
	External     bool
	SignedInUser *SignedInUser
	Result       []*TeamMemberDTO
}

// ----------------------
// Projections and DTOs

type TeamMemberDTO struct {
	OrgId      int64          `json:"orgId"`
	TeamId     int64          `json:"teamId"`
	UserId     int64          `json:"userId"`
	External   bool           `json:"-"`
	AuthModule string         `json:"auth_module"`
	Email      string         `json:"email"`
	Name       string         `json:"name"`
	Login      string         `json:"login"`
	AvatarUrl  string         `json:"avatarUrl"`
	Labels     []string       `json:"labels"`
	Permission PermissionType `json:"permission"`
}
WIP: add usergroup commands and queries 2017-04-08 17:55:07 -05:00			`package models`

			`import (`
			`"errors"`
			`"time"`
			`)`

			`// Typed errors`
			`var (`
refactor: rename User Groups to Teams 2017-12-08 09:25:45 -06:00			`ErrTeamMemberAlreadyAdded = errors.New("User is already added to this team")`
WIP: add usergroup commands and queries 2017-04-08 17:55:07 -05:00			`)`

refactor: rename User Groups to Teams 2017-12-08 09:25:45 -06:00			`// TeamMember model`
			`type TeamMember struct {`
teams: editor added as admin for created teams. 2019-03-06 04:47:18 -06:00			`Id int64`
			`OrgId int64`
			`TeamId int64`
			`UserId int64`
teams: explains the external property of a team membership. 2019-03-18 10:26:06 -05:00			`External bool // Signals that the membership has been created by an external systems, such as LDAP`
team: uses PermissionType instead of int64 for permissions. 2019-03-12 11:24:18 -05:00			`Permission PermissionType`
WIP: add usergroup commands and queries 2017-04-08 17:55:07 -05:00
			`Created time.Time`
			`Updated time.Time`
			`}`

			`// ---------------------`
			`// COMMANDS`

refactor: rename User Groups to Teams 2017-12-08 09:25:45 -06:00			`type AddTeamMemberCommand struct {`
team: uses PermissionType instead of int64 for permissions. 2019-03-12 11:24:18 -05:00			UserId int64 `json:"userId" binding:"Required"`
			OrgId int64 `json:"-"`
			TeamId int64 `json:"-"`
			External bool `json:"-"`
			Permission PermissionType `json:"-"`
WIP: add usergroup commands and queries 2017-04-08 17:55:07 -05:00			`}`

teams: can update team members permission. 2019-03-06 08:37:37 -06:00			`type UpdateTeamMemberCommand struct {`
AccessControl: Implement teams resource service (#43951) * AccessControl: cover team permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Add background service as a consumer to resource_services Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Define actions in roles.go Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Remove action from accesscontrol model Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * As suggested by kalle * move some changes from branch to the skeleton PR * Add background service as a consumer to resource_services Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * moving resourceservice to the main wire file pt2 * move team related actions so that they can be reused * PR feedback * fix * typo * Access Control: adding hooks for team member endpoints (#43991) * AccessControl: cover team permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Add background service as a consumer to resource_services Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Define actions in roles.go Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Remove action from accesscontrol model Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * As suggested by kalle * add access control to list and add team member endpoint, and hooks for adding team members * member permission type is 0 * add ID scope for team permission checks * add more team actions, use Member for member permission name * protect team member update endpoint with FGAC permissions * update SQL functions for teams and the corresponding tests * also protect team member removal endpoint with FGAC permissions and add a hook to permission service * a few small fixes, provide team permission service to test setup * AccessControl: cover team permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Add background service as a consumer to resource_services Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Define actions in roles.go Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Remove action from accesscontrol model Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * As suggested by kalle * move some changes from branch to the skeleton PR * remove resource services from wireexts * remove unneeded actions * linting fix * remove comments * feedback fixes * feedback * simplifying * remove team member within the same transaction * fix a mistake with the error * call the correct sql fction * linting * Access control: tests for team member endpoints (#44177) * tests for team member endpoints * clean up and fix the tests * fixing tests take 2 * don't import enterprise test license * don't import enterprise test license * remove unused variable Co-authored-by: gamab <gabi.mabs@gmail.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> 2022-01-26 08:48:41 -06:00			UserId int64 `json:"-"`
			OrgId int64 `json:"-"`
			TeamId int64 `json:"-"`
			Permission PermissionType `json:"permission"`
teams: can update team members permission. 2019-03-06 08:37:37 -06:00			`}`

refactor: rename User Groups to Teams 2017-12-08 09:25:45 -06:00			`type RemoveTeamMemberCommand struct {`
AccessControl: Implement teams resource service (#43951) * AccessControl: cover team permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Add background service as a consumer to resource_services Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Define actions in roles.go Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Remove action from accesscontrol model Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * As suggested by kalle * move some changes from branch to the skeleton PR * Add background service as a consumer to resource_services Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * moving resourceservice to the main wire file pt2 * move team related actions so that they can be reused * PR feedback * fix * typo * Access Control: adding hooks for team member endpoints (#43991) * AccessControl: cover team permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Add background service as a consumer to resource_services Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Define actions in roles.go Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Remove action from accesscontrol model Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * As suggested by kalle * add access control to list and add team member endpoint, and hooks for adding team members * member permission type is 0 * add ID scope for team permission checks * add more team actions, use Member for member permission name * protect team member update endpoint with FGAC permissions * update SQL functions for teams and the corresponding tests * also protect team member removal endpoint with FGAC permissions and add a hook to permission service * a few small fixes, provide team permission service to test setup * AccessControl: cover team permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Add background service as a consumer to resource_services Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Define actions in roles.go Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * Remove action from accesscontrol model Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> * As suggested by kalle * move some changes from branch to the skeleton PR * remove resource services from wireexts * remove unneeded actions * linting fix * remove comments * feedback fixes * feedback * simplifying * remove team member within the same transaction * fix a mistake with the error * call the correct sql fction * linting * Access control: tests for team member endpoints (#44177) * tests for team member endpoints * clean up and fix the tests * fixing tests take 2 * don't import enterprise test license * don't import enterprise test license * remove unused variable Co-authored-by: gamab <gabi.mabs@gmail.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> 2022-01-26 08:48:41 -06:00			OrgId int64 `json:"-"`
			`UserId int64`
			`TeamId int64`
WIP: add usergroup commands and queries 2017-04-08 17:55:07 -05:00			`}`

			`// ----------------------`
			`// QUERIES`

refactor: rename User Groups to Teams 2017-12-08 09:25:45 -06:00			`type GetTeamMembersQuery struct {`
AccessControl: Implement SQL filters for team members filtering (#44898) * AccessControl: Filter team members * Modify GetTeamMembersByUser comment * Fix postgres failing test due to quoting * Rename GetTeamMembersByUser to GetUserTeamMemberships * Update TeamStore interface 2022-02-09 10:46:37 -06:00			`OrgId int64`
			`TeamId int64`
			`UserId int64`
			`External bool`
			`SignedInUser *SignedInUser`
			`Result []*TeamMemberDTO`
WIP: add usergroup commands and queries 2017-04-08 17:55:07 -05:00			`}`

			`// ----------------------`
			`// Projections and DTOs`

refactor: rename User Groups to Teams 2017-12-08 09:25:45 -06:00			`type TeamMemberDTO struct {`
teams: cleanup. 2019-03-13 10:32:59 -05:00			OrgId int64 `json:"orgId"`
			TeamId int64 `json:"teamId"`
			UserId int64 `json:"userId"`
			External bool `json:"-"`
Teams: show proper label for each auth provider (#17860) * Teams: show proper label for each auth provider Teams: don't sore AuthModule in team_member table, use JOIN to get it instead * Teams: fix AddTeamMember after last changes * Teams: add more auth provider labels * Teams: show external sync badge if LDAP is not enabled * Teams: tests for getting auth module 2019-07-03 08:52:10 -05:00			AuthModule string `json:"auth_module"`
teams: cleanup. 2019-03-13 10:32:59 -05:00			Email string `json:"email"`
UserTableView: Show user name in table view (#18108) * refactor to multiple rows * added name for org user struct * added name getorgusers * added user name to tableview * made test pass * updated userMocks to user name field * added missing UsersTable snapshot * added name on teammembers page, be able to search query for name, login and email * added the updated snapshots * conform to same sorting as output form * conform to previous way of using it * sort first by login and after by email, as it was before 2019-11-21 04:44:46 -06:00			Name string `json:"name"`
teams: cleanup. 2019-03-13 10:32:59 -05:00			Login string `json:"login"`
			AvatarUrl string `json:"avatarUrl"`
			Labels []string `json:"labels"`
			Permission PermissionType `json:"permission"`
WIP: add usergroup commands and queries 2017-04-08 17:55:07 -05:00			`}`