grafana/pkg/services/ngalert/accesscontrol/models.go

package accesscontrol

import (
	"fmt"

	"github.com/grafana/grafana/pkg/services/accesscontrol"
	"github.com/grafana/grafana/pkg/util/errutil"
)

var (
	ErrAuthorizationBase = errutil.Forbidden("alerting.unauthorized")
)

func NewAuthorizationErrorWithPermissions(action string, eval accesscontrol.Evaluator) error {
	msg := fmt.Sprintf("user is not authorized to %s", action)
	err := ErrAuthorizationBase.Errorf(msg)
	err.PublicMessage = msg
	if eval != nil {
		err.PublicPayload = map[string]any{
			"permissions": eval.GoString(),
		}
	}
	return err
}

func NewAuthorizationErrorGeneric(action string) error {
	return NewAuthorizationErrorWithPermissions(action, nil)
}
Alerting: Extract alerting rules authorization logic to a service (#77006) * extract alerting authorization logic to separate package * convert authorization logic to service 2023-11-15 10:54:54 -06:00			`package accesscontrol`

			`import (`
Alerting: Update rule access control to return errutil errors (#78284) * update rule access control to return errutil errors * use alerting in msgID 2023-12-01 17:42:11 -06:00			`"fmt"`

			`"github.com/grafana/grafana/pkg/services/accesscontrol"`
			`"github.com/grafana/grafana/pkg/util/errutil"`
Alerting: Extract alerting rules authorization logic to a service (#77006) * extract alerting authorization logic to separate package * convert authorization logic to service 2023-11-15 10:54:54 -06:00			`)`

			`var (`
Alerting: Alerting accesscontrol utilities (#84508) * create fake for accesscontrol.RuleService * make errAuthorizationGeneric public 2024-03-14 13:03:53 -05:00			`ErrAuthorizationBase = errutil.Forbidden("alerting.unauthorized")`
Alerting: Extract alerting rules authorization logic to a service (#77006) * extract alerting authorization logic to separate package * convert authorization logic to service 2023-11-15 10:54:54 -06:00			`)`
Alerting: Update rule access control to return errutil errors (#78284) * update rule access control to return errutil errors * use alerting in msgID 2023-12-01 17:42:11 -06:00
			`func NewAuthorizationErrorWithPermissions(action string, eval accesscontrol.Evaluator) error {`
			`msg := fmt.Sprintf("user is not authorized to %s", action)`
Alerting: Alerting accesscontrol utilities (#84508) * create fake for accesscontrol.RuleService * make errAuthorizationGeneric public 2024-03-14 13:03:53 -05:00			`err := ErrAuthorizationBase.Errorf(msg)`
Alerting: Update rule access control to return errutil errors (#78284) * update rule access control to return errutil errors * use alerting in msgID 2023-12-01 17:42:11 -06:00			`err.PublicMessage = msg`
			`if eval != nil {`
			`err.PublicPayload = map[string]any{`
			`"permissions": eval.GoString(),`
			`}`
			`}`
			`return err`
			`}`

			`func NewAuthorizationErrorGeneric(action string) error {`
			`return NewAuthorizationErrorWithPermissions(action, nil)`
			`}`