IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2024-11-30 12:44:10 -06:00
Code Issues Packages Projects Releases Wiki Activity
e855efb13d
grafana/pkg/services/team/model.go

182 lines
5.1 KiB
Go
Raw Normal View History

Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
package team
WIP: rough prototype of dashboard folders Breaks some stuff like selected dash in the search result. In dashboard search, if the user is not searching then the result is returned as a tree structure. No ACL's or user group ux yet.
2017-03-27 07:36:28 -05:00
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
import (
"errors"
"time"
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2
2022-08-10 04:56:48 -05:00
Auth: Move Team service to SignedInUserInterface (#72674) * move SignedInUser to specific file * add primitive interface for signedInUser
2023-08-02 03:43:56 -05:00
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
Kinds: Use apimachinery ObjectMeta for metadata (#68668)
2023-05-24 11:13:44 -05:00
"github.com/grafana/grafana/pkg/kinds/team"
Auth: Move Team service to SignedInUserInterface (#72674) * move SignedInUser to specific file * add primitive interface for signedInUser
2023-08-02 03:43:56 -05:00
"github.com/grafana/grafana/pkg/services/auth/identity"
chore: move dashboard_acl models into dashboard service (#62151)
2023-01-26 07:46:30 -06:00
"github.com/grafana/grafana/pkg/services/dashboards"
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
)
// Typed errors
var (
Chore: Fix staticcheck issues (#28860) * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Undo changes Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix test Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix test Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-05 06:07:06 -06:00
ErrTeamNotFound = errors.New("team not found")
ErrTeamNameTaken = errors.New("team name is taken")
ErrTeamMemberNotFound = errors.New("team member not found")
ErrLastTeamAdmin = errors.New("not allowed to remove last admin")
ErrNotAllowedToUpdateTeam = errors.New("user not allowed to update team")
ErrNotAllowedToUpdateTeamInDifferentOrg = errors.New("user not allowed to update team in another org")
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2023-01-13 02:43:38 -06:00
ErrTeamMemberAlreadyAdded = errors.New("user is already added to this team")
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
)
WIP: rough prototype of dashboard folders Breaks some stuff like selected dash in the search result. In dashboard search, if the user is not searching then the result is returned as a tree structure. No ACL's or user group ux yet.
2017-03-27 07:36:28 -05:00
refactor: rename User Groups to Teams
2017-12-08 09:25:45 -06:00
// Team model
type Team struct {
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
ID int64 `json:"id" xorm:"pk autoincr 'id'"`
add uid to team table (#66920) * add uid to team table * concat * add prefix to transition uids --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2023-05-09 12:03:28 -05:00
UID string `json:"uid" xorm:"uid"`
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
OrgID int64 `json:"orgId" xorm:"org_id"`
WIP: add user group search
2017-04-09 18:24:16 -05:00
Name string `json:"name"`
Add avatar to team and team members page (#10305) * teams: add db migration for email column in teams table * teams: /teams should render index page with a 200 OK * teams: additional backend functionality for team and team members Possibility to save/update email for teams. Possibility to retrive avatar url when searching for teams. Possibility to retrive avatar url when searching for team members. * teams: display team avatar and team member avatars Possibility to save and update email for a team * teams: create team on separate page instead of modal dialog
2017-12-20 14:20:12 -06:00
Email string `json:"email"`
WIP: rough prototype of dashboard folders Breaks some stuff like selected dash in the search result. In dashboard search, if the user is not searching then the result is returned as a tree structure. No ACL's or user group ux yet.
2017-03-27 07:36:28 -05:00
WIP: add user group search
2017-04-09 18:24:16 -05:00
Created time.Time `json:"created"`
Updated time.Time `json:"updated"`
WIP: rough prototype of dashboard folders Breaks some stuff like selected dash in the search result. In dashboard search, if the user is not searching then the result is returned as a tree structure. No ACL's or user group ux yet.
2017-03-27 07:36:28 -05:00
}
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
Kinds: Use apimachinery ObjectMeta for metadata (#68668)
2023-05-24 11:13:44 -05:00
func (t *Team) ToResource() team.K8sResource {
r := team.NewK8sResource(t.UID, &team.Spec{
Name: t.Name,
})
r.Metadata.CreationTimestamp = v1.NewTime(t.Created)
r.Metadata.SetUpdatedTimestamp(&t.Updated)
if t.Email != "" {
r.Spec.Email = &t.Email
}
return r
}
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
// ---------------------
// COMMANDS
refactor: rename User Groups to Teams
2017-12-08 09:25:45 -06:00
type CreateTeamCommand struct {
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
Name string `json:"name" binding:"Required"`
Add avatar to team and team members page (#10305) * teams: add db migration for email column in teams table * teams: /teams should render index page with a 200 OK * teams: additional backend functionality for team and team members Possibility to save/update email for teams. Possibility to retrive avatar url when searching for teams. Possibility to retrive avatar url when searching for team members. * teams: display team avatar and team member avatars Possibility to save and update email for a team * teams: create team on separate page instead of modal dialog
2017-12-20 14:20:12 -06:00
Email string `json:"email"`
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
OrgID int64 `json:"-"`
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
}
refactor: rename User Groups to Teams
2017-12-08 09:25:45 -06:00
type UpdateTeamCommand struct {
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
ID int64
Add avatar to team and team members page (#10305) * teams: add db migration for email column in teams table * teams: /teams should render index page with a 200 OK * teams: additional backend functionality for team and team members Possibility to save/update email for teams. Possibility to retrive avatar url when searching for teams. Possibility to retrive avatar url when searching for team members. * teams: display team avatar and team member avatars Possibility to save and update email for a team * teams: create team on separate page instead of modal dialog
2017-12-20 14:20:12 -06:00
Name string
Email string
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
OrgID int64 `json:"-"`
WIP: add update user group command
2017-04-18 08:01:05 -05:00
}
refactor: rename User Groups to Teams
2017-12-08 09:25:45 -06:00
type DeleteTeamCommand struct {
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
OrgID int64
ID int64
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
}
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
type GetTeamByIDQuery struct {
OrgID int64
ID int64
Auth: Move Team service to SignedInUserInterface (#72674) * move SignedInUser to specific file * add primitive interface for signedInUser
2023-08-02 03:43:56 -05:00
SignedInUser identity.Requester
Add an option to hide certain users in the UI (#28942) * Add an option to hide certain users in the UI * revert changes for admin users routes * fix sqlstore function name * Improve slice management Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Hidden users: convert slice to map * filter with user logins instead of IDs * put HiddenUsers in Cfg struct * hide hidden users from dashboards/folders permissions list * Update conf/defaults.ini Co-authored-by: Torkel Ödegaard <torkel@grafana.com> * fix params order * fix tests * fix dashboard/folder update with hidden user * add team tests * add dashboard and folder permissions tests * fixes after merge * fix tests * API: add test for org users endpoints * update hidden users management for dashboard / folder permissions * improve dashboard / folder permissions tests * fixes after merge * Guardian: add hidden acl tests * API: add team members tests * fix team sql syntax for postgres * api tests update * fix linter error * fix tests errors after merge Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Torkel Ödegaard <torkel@grafana.com> Co-authored-by: Leonard Gram <leo@xlson.com>
2020-11-24 05:10:32 -06:00
HiddenUsers map[string]struct{}
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
}
Security: Sync security changes on main (#45083) * * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search * Teams: Ensure that users searching for teams are only able see teams they have access to * Teams: Require teamGuardian admin privileges to list team members * Teams: Prevent org viewers from administering teams * Teams: Add org_id condition to team count query * Teams: clarify permission requirements in teams api docs * Teams: expand scenarios for team search tests * Teams: mock teamGuardian in tests Co-authored-by: Dan Cech <dcech@grafana.com> * remove duplicate WHERE statement * Fix for CVE-2022-21702 (cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e) * Lint and test fixes (cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981) * check content type properly (cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98) * basic csrf origin check (cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1) * compare origin to host (cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42) * simplify url parsing (cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d) * check csrf for GET requests, only compare origin (cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709) * parse content type properly (cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0) * mentioned get in the comment (cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345) * add content-type: application/json to test HTTP requests * fix pluginproxy test * Fix linter when comparing errors Co-authored-by: Kevin Minehart <kmineh0151@gmail.com> Co-authored-by: Dan Cech <dcech@grafana.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com> Co-authored-by: Vardan Torosyan <vardants@gmail.com>
2022-02-09 06:44:38 -06:00
// FilterIgnoreUser is used in a get / search teams query when the caller does not want to filter teams by user ID / membership
const FilterIgnoreUser int64 = 0
refactor: rename User Groups to Teams
2017-12-08 09:25:45 -06:00
type GetTeamsByUserQuery struct {
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
OrgID int64
UserID int64 `json:"userId"`
Auth: Move Team service to SignedInUserInterface (#72674) * move SignedInUser to specific file * add primitive interface for signedInUser
2023-08-02 03:43:56 -05:00
SignedInUser identity.Requester
WIP: user group additions
2017-05-22 03:33:17 -05:00
}
refactor: rename User Groups to Teams
2017-12-08 09:25:45 -06:00
type SearchTeamsQuery struct {
teams: team listing shows only your teams (editors).
2019-03-11 08:40:57 -05:00
Query string
Name string
Limit int
Page int
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2023-01-11 07:20:09 -06:00
OrgID int64 `xorm:"org_id"`
Auth: Move Team service to SignedInUserInterface (#72674) * move SignedInUser to specific file * add primitive interface for signedInUser
2023-08-02 03:43:56 -05:00
SignedInUser identity.Requester
Add an option to hide certain users in the UI (#28942) * Add an option to hide certain users in the UI * revert changes for admin users routes * fix sqlstore function name * Improve slice management Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Hidden users: convert slice to map * filter with user logins instead of IDs * put HiddenUsers in Cfg struct * hide hidden users from dashboards/folders permissions list * Update conf/defaults.ini Co-authored-by: Torkel Ödegaard <torkel@grafana.com> * fix params order * fix tests * fix dashboard/folder update with hidden user * add team tests * add dashboard and folder permissions tests * fixes after merge * fix tests * API: add test for org users endpoints * update hidden users management for dashboard / folder permissions * improve dashboard / folder permissions tests * fixes after merge * Guardian: add hidden acl tests * API: add team members tests * fix team sql syntax for postgres * api tests update * fix linter error * fix tests errors after merge Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Torkel Ödegaard <torkel@grafana.com> Co-authored-by: Leonard Gram <leo@xlson.com>
2020-11-24 05:10:32 -06:00
HiddenUsers map[string]struct{}
WIP: add user group search
2017-04-09 18:24:16 -05:00
}
Refactor team pages to react & design change (#12574) * Rewriting team pages in react * teams to react progress * teams: getting team by id returns same DTO as search, needed for AvatarUrl * teams: progress on new team pages * fix: team test * listing team members and removing team members now works * teams: team member page now works * ux: fixed adding team member issue * refactoring TeamPicker to conform to react coding styles better * teams: very close to being done with team page rewrite * minor style tweak * ux: polish to team pages * feature: team pages in react & everything working * fix: removed flickering when changing tabs by always rendering PageHeader
2018-07-11 13:23:07 -05:00
type TeamDTO struct {
chore: move dashboard_acl models into dashboard service (#62151)
2023-01-26 07:46:30 -06:00
ID int64 `json:"id" xorm:"id"`
add uid to team table (#66920) * add uid to team table * concat * add prefix to transition uids --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2023-05-09 12:03:28 -05:00
UID string `json:"uid" xorm:"uid"`
chore: move dashboard_acl models into dashboard service (#62151)
2023-01-26 07:46:30 -06:00
OrgID int64 `json:"orgId" xorm:"org_id"`
Name string `json:"name"`
Email string `json:"email"`
AvatarURL string `json:"avatarUrl"`
MemberCount int64 `json:"memberCount"`
Permission dashboards.PermissionType `json:"permission"`
AccessControl map[string]bool `json:"accessControl"`
teams: add team count when searching for team closes #10207
2017-12-14 10:22:45 -06:00
}
refactor: rename User Groups to Teams
2017-12-08 09:25:45 -06:00
type SearchTeamQueryResult struct {
Refactor team pages to react & design change (#12574) * Rewriting team pages in react * teams to react progress * teams: getting team by id returns same DTO as search, needed for AvatarUrl * teams: progress on new team pages * fix: team test * listing team members and removing team members now works * teams: team member page now works * ux: fixed adding team member issue * refactoring TeamPicker to conform to react coding styles better * teams: very close to being done with team page rewrite * minor style tweak * ux: polish to team pages * feature: team pages in react & everything working * fix: removed flickering when changing tabs by always rendering PageHeader
2018-07-11 13:23:07 -05:00
TotalCount int64 `json:"totalCount"`
Teams []*TeamDTO `json:"teams"`
Page int `json:"page"`
PerPage int `json:"perPage"`
WIP: add usergroup commands and queries
2017-04-08 17:55:07 -05:00
}
API: Restrict anonymous user information access (#18422) Existing /api/alert-notifications now requires at least editor access. Existing /api/alert-notifiers now requires at least editor access. New /api/alert-notifications/lookup returns less information than /api/alert-notifications and can be access by any authenticated user. Existing /api/org/users now requires org admin role. New /api/org/users/lookup returns less information than /api/org/users and can be access by users that are org admins, admin in any folder or admin of any team. UserPicker component now uses /api/org/users/lookup instead of /api/org/users. Fixes #17318
2019-08-12 13:03:48 -05:00
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2023-01-13 02:43:38 -06:00
// TeamMember model
type TeamMember struct {
ID int64 `xorm:"pk autoincr 'id'"`
OrgID int64 `xorm:"org_id"`
TeamID int64 `xorm:"team_id"`
UserID int64 `xorm:"user_id"`
External bool // Signals that the membership has been created by an external systems, such as LDAP
chore: move dashboard_acl models into dashboard service (#62151)
2023-01-26 07:46:30 -06:00
Permission dashboards.PermissionType
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2023-01-13 02:43:38 -06:00
Created time.Time
Updated time.Time
}
// ---------------------
// COMMANDS
type AddTeamMemberCommand struct {
chore: move dashboard_acl models into dashboard service (#62151)
2023-01-26 07:46:30 -06:00
UserID int64 `json:"userId" binding:"Required"`
OrgID int64 `json:"-"`
TeamID int64 `json:"-"`
External bool `json:"-"`
Permission dashboards.PermissionType `json:"-"`
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2023-01-13 02:43:38 -06:00
}
type UpdateTeamMemberCommand struct {
chore: move dashboard_acl models into dashboard service (#62151)
2023-01-26 07:46:30 -06:00
UserID int64 `json:"-"`
OrgID int64 `json:"-"`
TeamID int64 `json:"-"`
Permission dashboards.PermissionType `json:"permission"`
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2023-01-13 02:43:38 -06:00
}
type RemoveTeamMemberCommand struct {
OrgID int64 `json:"-"`
UserID int64
TeamID int64
}
// ----------------------
// QUERIES
type GetTeamMembersQuery struct {
OrgID int64
TeamID int64
add uid to team table (#66920) * add uid to team table * concat * add prefix to transition uids --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2023-05-09 12:03:28 -05:00
TeamUID string
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2023-01-13 02:43:38 -06:00
UserID int64
External bool
Chore: Implement requester in util pkg (#74105) implement requester changes that do not impact functionality
2023-08-31 02:46:55 -05:00
SignedInUser identity.Requester
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2023-01-13 02:43:38 -06:00
}
// ----------------------
// Projections and DTOs
type TeamMemberDTO struct {
chore: move dashboard_acl models into dashboard service (#62151)
2023-01-26 07:46:30 -06:00
OrgID int64 `json:"orgId" xorm:"org_id"`
TeamID int64 `json:"teamId" xorm:"team_id"`
add uid to team table (#66920) * add uid to team table * concat * add prefix to transition uids --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2023-05-09 12:03:28 -05:00
TeamUID string `json:"teamUID" xorm:"uid"`
chore: move dashboard_acl models into dashboard service (#62151)
2023-01-26 07:46:30 -06:00
UserID int64 `json:"userId" xorm:"user_id"`
External bool `json:"-"`
AuthModule string `json:"auth_module"`
Email string `json:"email"`
Name string `json:"name"`
Login string `json:"login"`
AvatarURL string `json:"avatarUrl" xorm:"avatar_url"`
Labels []string `json:"labels"`
Permission dashboards.PermissionType `json:"permission"`
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2023-01-13 02:43:38 -06:00
}
Reference in New Issue Copy Permalink