diff --git a/public/api-merged.json b/public/api-merged.json index 6363d81a3ff..d086d918ca4 100644 --- a/public/api-merged.json +++ b/public/api-merged.json @@ -124,7 +124,7 @@ "enterprise" ], "summary": "Update a custom role.", - "operationId": "updateRoleWithPermissions", + "operationId": "updateRole", "parameters": [ { "name": "body", @@ -166,7 +166,7 @@ "enterprise" ], "summary": "Delete a custom role.", - "operationId": "deleteCustomRole", + "operationId": "deleteRole", "parameters": [ { "type": "boolean", @@ -201,6 +201,78 @@ } } }, + "/access-control/roles/{roleUID}/assignments": { + "get": { + "description": "Get role assignments for the role with the given UID.\n\nYou need to have a permission with action `teams.roles:list` and scope `teams:id:*` and `users.roles:list` and scope `users:id:*`.", + "tags": [ + "access_control", + "enterprise" + ], + "summary": "Get role assignments.", + "operationId": "getRoleAssignments", + "parameters": [ + { + "type": "string", + "name": "roleUID", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "$ref": "#/responses/getRoleAssignmentsResponse" + }, + "403": { + "$ref": "#/responses/forbiddenError" + }, + "404": { + "$ref": "#/responses/notFoundError" + }, + "500": { + "$ref": "#/responses/internalServerError" + } + } + }, + "put": { + "description": "Set role assignments for the role with the given UID.\n\nYou need to have a permission with action `teams.roles:add` and `teams.roles:remove` and scope `permissions:type:delegate`, and `users.roles:add` and `users.roles:remove` and scope `permissions:type:delegate`.", + "tags": [ + "access_control", + "enterprise" + ], + "summary": "Set role assignments.", + "operationId": "setRoleAssignments", + "parameters": [ + { + "type": "string", + "name": "roleUID", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/SetRoleAssignmentsCommand" + } + } + ], + "responses": { + "200": { + "$ref": "#/responses/setRoleAssignmentsResponse" + }, + "403": { + "$ref": "#/responses/forbiddenError" + }, + "404": { + "$ref": "#/responses/notFoundError" + }, + "500": { + "$ref": "#/responses/internalServerError" + } + } + } + }, "/access-control/status": { "get": { "description": "Returns an indicator to check if fine-grained access control is enabled or not.\n\nYou need to have a permission with action `status:accesscontrol` and scope `services:accesscontrol`.", @@ -553,7 +625,7 @@ "tags": [ "ldap_debug" ], - "summary": "Returns the current state of the LDAP background sync integration", + "summary": "Returns the current state of the LDAP background sync integration.", "operationId": "getSyncStatus", "responses": { "200": { @@ -4095,9 +4167,7 @@ "name": "DatasourceProxyParam", "in": "body", "required": true, - "schema": { - "type": "object" - } + "schema": {} }, { "type": "string", @@ -4236,9 +4306,7 @@ "name": "DatasourceProxyParam", "in": "body", "required": true, - "schema": { - "type": "object" - } + "schema": {} }, { "type": "string", @@ -7630,11 +7698,11 @@ }, "/recording-rules/writer": { "get": { - "description": "Return the prometheus remote write target", "tags": [ "recording_rules", "enterprise" ], + "summary": "Return the prometheus remote write target.", "operationId": "getRecordingRuleWriteTarget", "responses": { "200": { @@ -7655,7 +7723,7 @@ } }, "post": { - "description": "It returns a 422 if there is not an existing prometheus data source configured", + "description": "It returns a 422 if there is not an existing prometheus data source configured.", "tags": [ "recording_rules", "enterprise" @@ -7757,7 +7825,7 @@ }, "/reports": { "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports:read` with scope `reports:*`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports:read` with scope `reports:*`.", "tags": [ "reports", "enterprise" @@ -7982,7 +8050,7 @@ }, "/reports/settings": { "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.settings:read`x.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.settings:read`x.", "tags": [ "reports", "enterprise" @@ -8005,7 +8073,7 @@ } }, "post": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.settings:write`xx.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.settings:write`xx.", "tags": [ "reports", "enterprise" @@ -8084,7 +8152,7 @@ }, "/reports/{id}": { "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports:read` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports:read` with scope `reports:id:\u003creport ID\u003e`.", "tags": [ "reports", "enterprise" @@ -8122,7 +8190,7 @@ } }, "put": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.admin:write` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.admin:write` with scope `reports:id:\u003creport ID\u003e`.", "tags": [ "reports", "enterprise" @@ -8168,7 +8236,7 @@ } }, "delete": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.delete` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.delete` with scope `reports:id:\u003creport ID\u003e`.", "tags": [ "reports", "enterprise" @@ -8456,7 +8524,7 @@ "tags": [ "service_accounts" ], - "summary": "# Create service account", + "summary": "Create service account", "operationId": "createServiceAccount", "parameters": [ { @@ -8492,7 +8560,7 @@ "tags": [ "service_accounts" ], - "summary": "# Search service accounts with paging", + "summary": "Search service accounts with paging", "operationId": "searchOrgServiceAccountsWithPaging", "parameters": [ { @@ -8548,7 +8616,7 @@ "tags": [ "service_accounts" ], - "summary": "# Get single serviceaccount by Id", + "summary": "Get single serviceaccount by Id", "operationId": "retrieveServiceAccount", "parameters": [ { @@ -8585,7 +8653,7 @@ "tags": [ "service_accounts" ], - "summary": "# Delete service account", + "summary": "Delete service account", "operationId": "deleteServiceAccount", "parameters": [ { @@ -8619,7 +8687,7 @@ "tags": [ "service_accounts" ], - "summary": "# Update service account", + "summary": "Update service account", "operationId": "updateServiceAccount", "parameters": [ { @@ -8665,7 +8733,7 @@ "tags": [ "service_accounts" ], - "summary": "# Get service account tokens", + "summary": "Get service account tokens", "operationId": "listTokens", "parameters": [ { @@ -8699,7 +8767,7 @@ "tags": [ "service_accounts" ], - "summary": "# CreateNewToken adds a token to a service account", + "summary": "CreateNewToken adds a token to a service account", "operationId": "createToken", "parameters": [ { @@ -8748,7 +8816,7 @@ "tags": [ "service_accounts" ], - "summary": "# DeleteToken deletes service account tokens", + "summary": "DeleteToken deletes service account tokens", "operationId": "deleteToken", "parameters": [ { @@ -10957,9 +11025,7 @@ "AlertTestResultLog": { "type": "object", "properties": { - "data": { - "type": "object" - }, + "data": {}, "message": { "type": "string" } @@ -11023,6 +11089,19 @@ } } }, + "AlertingStatus": { + "type": "object", + "properties": { + "alertmanagersChoice": { + "type": "string", + "enum": [ + "all", + "internal", + "external" + ] + } + } + }, "AnnotationActions": { "type": "object", "properties": { @@ -12601,7 +12680,7 @@ } }, "value": { - "$ref": "#/definitions/Float" + "type": "string" } } }, @@ -12692,16 +12771,12 @@ "color": { "description": "Map values to a display color\nNOTE: this interface is under development in the frontend... so simple map for now", "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": false }, "custom": { "description": "Panel Specific Values", "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": false }, "decimals": { "type": "integer", @@ -12777,20 +12852,6 @@ } } }, - "Float": { - "description": "It does not consider zero values to be null.\nIt will decode to null, not zero, if null.", - "type": "object", - "title": "Float is a nullable float64.", - "properties": { - "Float64": { - "type": "number", - "format": "double" - }, - "Valid": { - "type": "boolean" - } - } - }, "Folder": { "type": "object", "properties": { @@ -12905,8 +12966,7 @@ "type": "string" }, "custom": { - "description": "Custom datasource specific values.", - "type": "object" + "description": "Custom datasource specific values." }, "dataTopic": { "$ref": "#/definitions/DataTopic" @@ -14964,9 +15024,7 @@ "data": { "type": "string" }, - "tags": { - "type": "object" - }, + "tags": {}, "what": { "type": "string" }, @@ -15599,16 +15657,12 @@ "color": { "description": "Map values to a display color\nNOTE: this interface is under development in the frontend... so simple map for now", "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": false }, "custom": { "description": "Panel Specific Values", "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": false }, "decimals": { "type": "integer", @@ -15800,9 +15854,7 @@ "type": "array", "items": { "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": false } }, "range": { @@ -15900,6 +15952,35 @@ } } }, + "RoleAssignmentsDTO": { + "type": "object", + "properties": { + "role_uid": { + "type": "string" + }, + "service_accounts": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + }, + "teams": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + }, + "users": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + } + } + }, "RoleDTO": { "type": "object", "properties": { @@ -16459,6 +16540,32 @@ } } }, + "SetRoleAssignmentsCommand": { + "type": "object", + "properties": { + "service_accounts": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + }, + "teams": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + }, + "users": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + } + } + }, "SetUserRolesCommand": { "type": "object", "properties": { @@ -19404,6 +19511,12 @@ } } }, + "getRoleAssignmentsResponse": { + "description": "(empty)", + "schema": { + "$ref": "#/definitions/RoleAssignmentsDTO" + } + }, "getRoleResponse": { "description": "(empty)", "schema": { @@ -19809,6 +19922,12 @@ "$ref": "#/definitions/SearchUserQueryResult" } }, + "setRoleAssignmentsResponse": { + "description": "(empty)", + "schema": { + "$ref": "#/definitions/RoleAssignmentsDTO" + } + }, "testAlertResponse": { "description": "(empty)", "schema": { diff --git a/public/api-spec.json b/public/api-spec.json index 8fc0de6753e..5b44edb4c90 100644 --- a/public/api-spec.json +++ b/public/api-spec.json @@ -124,7 +124,7 @@ "enterprise" ], "summary": "Update a custom role.", - "operationId": "updateRoleWithPermissions", + "operationId": "updateRole", "parameters": [ { "name": "body", @@ -166,7 +166,7 @@ "enterprise" ], "summary": "Delete a custom role.", - "operationId": "deleteCustomRole", + "operationId": "deleteRole", "parameters": [ { "type": "boolean", @@ -201,6 +201,78 @@ } } }, + "/access-control/roles/{roleUID}/assignments": { + "get": { + "description": "Get role assignments for the role with the given UID.\n\nYou need to have a permission with action `teams.roles:list` and scope `teams:id:*` and `users.roles:list` and scope `users:id:*`.", + "tags": [ + "access_control", + "enterprise" + ], + "summary": "Get role assignments.", + "operationId": "getRoleAssignments", + "parameters": [ + { + "type": "string", + "name": "roleUID", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "$ref": "#/responses/getRoleAssignmentsResponse" + }, + "403": { + "$ref": "#/responses/forbiddenError" + }, + "404": { + "$ref": "#/responses/notFoundError" + }, + "500": { + "$ref": "#/responses/internalServerError" + } + } + }, + "put": { + "description": "Set role assignments for the role with the given UID.\n\nYou need to have a permission with action `teams.roles:add` and `teams.roles:remove` and scope `permissions:type:delegate`, and `users.roles:add` and `users.roles:remove` and scope `permissions:type:delegate`.", + "tags": [ + "access_control", + "enterprise" + ], + "summary": "Set role assignments.", + "operationId": "setRoleAssignments", + "parameters": [ + { + "type": "string", + "name": "roleUID", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/SetRoleAssignmentsCommand" + } + } + ], + "responses": { + "200": { + "$ref": "#/responses/setRoleAssignmentsResponse" + }, + "403": { + "$ref": "#/responses/forbiddenError" + }, + "404": { + "$ref": "#/responses/notFoundError" + }, + "500": { + "$ref": "#/responses/internalServerError" + } + } + } + }, "/access-control/status": { "get": { "description": "Returns an indicator to check if fine-grained access control is enabled or not.\n\nYou need to have a permission with action `status:accesscontrol` and scope `services:accesscontrol`.", @@ -553,7 +625,7 @@ "tags": [ "ldap_debug" ], - "summary": "Returns the current state of the LDAP background sync integration", + "summary": "Returns the current state of the LDAP background sync integration.", "operationId": "getSyncStatus", "responses": { "200": { @@ -3448,9 +3520,7 @@ "name": "DatasourceProxyParam", "in": "body", "required": true, - "schema": { - "type": "object" - } + "schema": {} }, { "type": "string", @@ -3589,9 +3659,7 @@ "name": "DatasourceProxyParam", "in": "body", "required": true, - "schema": { - "type": "object" - } + "schema": {} }, { "type": "string", @@ -6983,11 +7051,11 @@ }, "/recording-rules/writer": { "get": { - "description": "Return the prometheus remote write target", "tags": [ "recording_rules", "enterprise" ], + "summary": "Return the prometheus remote write target.", "operationId": "getRecordingRuleWriteTarget", "responses": { "200": { @@ -7008,7 +7076,7 @@ } }, "post": { - "description": "It returns a 422 if there is not an existing prometheus data source configured", + "description": "It returns a 422 if there is not an existing prometheus data source configured.", "tags": [ "recording_rules", "enterprise" @@ -7110,7 +7178,7 @@ }, "/reports": { "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports:read` with scope `reports:*`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports:read` with scope `reports:*`.", "tags": [ "reports", "enterprise" @@ -7335,7 +7403,7 @@ }, "/reports/settings": { "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.settings:read`x.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.settings:read`x.", "tags": [ "reports", "enterprise" @@ -7358,7 +7426,7 @@ } }, "post": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.settings:write`xx.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.settings:write`xx.", "tags": [ "reports", "enterprise" @@ -7437,7 +7505,7 @@ }, "/reports/{id}": { "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports:read` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports:read` with scope `reports:id:\u003creport ID\u003e`.", "tags": [ "reports", "enterprise" @@ -7475,7 +7543,7 @@ } }, "put": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.admin:write` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.admin:write` with scope `reports:id:\u003creport ID\u003e`.", "tags": [ "reports", "enterprise" @@ -7521,7 +7589,7 @@ } }, "delete": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.delete` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.delete` with scope `reports:id:\u003creport ID\u003e`.", "tags": [ "reports", "enterprise" @@ -7809,7 +7877,7 @@ "tags": [ "service_accounts" ], - "summary": "# Create service account", + "summary": "Create service account", "operationId": "createServiceAccount", "parameters": [ { @@ -7845,7 +7913,7 @@ "tags": [ "service_accounts" ], - "summary": "# Search service accounts with paging", + "summary": "Search service accounts with paging", "operationId": "searchOrgServiceAccountsWithPaging", "parameters": [ { @@ -7901,7 +7969,7 @@ "tags": [ "service_accounts" ], - "summary": "# Get single serviceaccount by Id", + "summary": "Get single serviceaccount by Id", "operationId": "retrieveServiceAccount", "parameters": [ { @@ -7938,7 +8006,7 @@ "tags": [ "service_accounts" ], - "summary": "# Delete service account", + "summary": "Delete service account", "operationId": "deleteServiceAccount", "parameters": [ { @@ -7972,7 +8040,7 @@ "tags": [ "service_accounts" ], - "summary": "# Update service account", + "summary": "Update service account", "operationId": "updateServiceAccount", "parameters": [ { @@ -8018,7 +8086,7 @@ "tags": [ "service_accounts" ], - "summary": "# Get service account tokens", + "summary": "Get service account tokens", "operationId": "listTokens", "parameters": [ { @@ -8052,7 +8120,7 @@ "tags": [ "service_accounts" ], - "summary": "# CreateNewToken adds a token to a service account", + "summary": "CreateNewToken adds a token to a service account", "operationId": "createToken", "parameters": [ { @@ -8101,7 +8169,7 @@ "tags": [ "service_accounts" ], - "summary": "# DeleteToken deletes service account tokens", + "summary": "DeleteToken deletes service account tokens", "operationId": "deleteToken", "parameters": [ { @@ -10143,9 +10211,7 @@ "AlertTestResultLog": { "type": "object", "properties": { - "data": { - "type": "object" - }, + "data": {}, "message": { "type": "string" } @@ -11468,7 +11534,7 @@ } }, "value": { - "$ref": "#/definitions/Float" + "type": "string" } } }, @@ -11508,16 +11574,12 @@ "color": { "description": "Map values to a display color\nNOTE: this interface is under development in the frontend... so simple map for now", "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": {} }, "custom": { "description": "Panel Specific Values", "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": {} }, "decimals": { "type": "integer", @@ -11593,20 +11655,6 @@ } } }, - "Float": { - "description": "It does not consider zero values to be null.\nIt will decode to null, not zero, if null.", - "type": "object", - "title": "Float is a nullable float64.", - "properties": { - "Float64": { - "type": "number", - "format": "double" - }, - "Valid": { - "type": "boolean" - } - } - }, "Folder": { "type": "object", "properties": { @@ -11721,8 +11769,7 @@ "type": "string" }, "custom": { - "description": "Custom datasource specific values.", - "type": "object" + "description": "Custom datasource specific values." }, "dataTopic": { "$ref": "#/definitions/DataTopic" @@ -12880,9 +12927,7 @@ "data": { "type": "string" }, - "tags": { - "type": "object" - }, + "tags": {}, "what": { "type": "string" }, @@ -13059,16 +13104,12 @@ "color": { "description": "Map values to a display color\nNOTE: this interface is under development in the frontend... so simple map for now", "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": {} }, "custom": { "description": "Panel Specific Values", "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": {} }, "decimals": { "type": "integer", @@ -13190,9 +13231,7 @@ "type": "array", "items": { "type": "object", - "additionalProperties": { - "type": "object" - } + "additionalProperties": {} } }, "range": { @@ -13265,6 +13304,35 @@ } } }, + "RoleAssignmentsDTO": { + "type": "object", + "properties": { + "role_uid": { + "type": "string" + }, + "service_accounts": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + }, + "teams": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + }, + "users": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + } + } + }, "RoleDTO": { "type": "object", "properties": { @@ -13568,6 +13636,32 @@ } } }, + "SetRoleAssignmentsCommand": { + "type": "object", + "properties": { + "service_accounts": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + }, + "teams": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + }, + "users": { + "type": "array", + "items": { + "type": "integer", + "format": "int64" + } + } + } + }, "SetUserRolesCommand": { "type": "object", "properties": { @@ -15442,6 +15536,12 @@ } } }, + "getRoleAssignmentsResponse": { + "description": "", + "schema": { + "$ref": "#/definitions/RoleAssignmentsDTO" + } + }, "getRoleResponse": { "description": "", "schema": { @@ -15847,6 +15947,12 @@ "$ref": "#/definitions/SearchUserQueryResult" } }, + "setRoleAssignmentsResponse": { + "description": "", + "schema": { + "$ref": "#/definitions/RoleAssignmentsDTO" + } + }, "testAlertResponse": { "description": "", "schema": { diff --git a/public/openapi3.json b/public/openapi3.json index 669e529fead..0cdcac6eb1a 100644 --- a/public/openapi3.json +++ b/public/openapi3.json @@ -1056,6 +1056,16 @@ }, "description": "(empty)" }, + "getRoleAssignmentsResponse": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/RoleAssignmentsDTO" + } + } + }, + "description": "(empty)" + }, "getRoleResponse": { "content": { "application/json": { @@ -1617,6 +1627,16 @@ }, "description": "(empty)" }, + "setRoleAssignmentsResponse": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/RoleAssignmentsDTO" + } + } + }, + "description": "(empty)" + }, "testAlertResponse": { "content": { "application/json": { @@ -2447,9 +2467,7 @@ }, "AlertTestResultLog": { "properties": { - "data": { - "type": "object" - }, + "data": {}, "message": { "type": "string" } @@ -2514,6 +2532,19 @@ ], "type": "object" }, + "AlertingStatus": { + "properties": { + "alertmanagersChoice": { + "enum": [ + "all", + "internal", + "external" + ], + "type": "string" + } + }, + "type": "object" + }, "AnnotationActions": { "properties": { "canAdd": { @@ -4091,7 +4122,7 @@ "type": "object" }, "value": { - "$ref": "#/components/schemas/Float" + "type": "string" } }, "type": "object" @@ -4179,16 +4210,12 @@ "FieldConfig": { "properties": { "color": { - "additionalProperties": { - "type": "object" - }, + "additionalProperties": false, "description": "Map values to a display color\nNOTE: this interface is under development in the frontend... so simple map for now", "type": "object" }, "custom": { - "additionalProperties": { - "type": "object" - }, + "additionalProperties": false, "description": "Panel Specific Values", "type": "object" }, @@ -4268,20 +4295,6 @@ "title": "FindTagsResult is the result of a tags search.", "type": "object" }, - "Float": { - "description": "It does not consider zero values to be null.\nIt will decode to null, not zero, if null.", - "properties": { - "Float64": { - "format": "double", - "type": "number" - }, - "Valid": { - "type": "boolean" - } - }, - "title": "Float is a nullable float64.", - "type": "object" - }, "Folder": { "properties": { "accessControl": { @@ -4394,8 +4407,7 @@ "type": "string" }, "custom": { - "description": "Custom datasource specific values.", - "type": "object" + "description": "Custom datasource specific values." }, "dataTopic": { "$ref": "#/components/schemas/DataTopic" @@ -6453,9 +6465,7 @@ "data": { "type": "string" }, - "tags": { - "type": "object" - }, + "tags": {}, "what": { "type": "string" }, @@ -7085,16 +7095,12 @@ "description": "The embedded FieldConfig's display name must be set.\nIt corresponds to the QueryResultMetaStat on the frontend (https://github.com/grafana/grafana/blob/master/packages/grafana-data/src/types/data.ts#L53).", "properties": { "color": { - "additionalProperties": { - "type": "object" - }, + "additionalProperties": false, "description": "Map values to a display color\nNOTE: this interface is under development in the frontend... so simple map for now", "type": "object" }, "custom": { - "additionalProperties": { - "type": "object" - }, + "additionalProperties": false, "description": "Panel Specific Values", "type": "object" }, @@ -7287,9 +7293,7 @@ }, "queries": { "items": { - "additionalProperties": { - "type": "object" - }, + "additionalProperties": false, "type": "object" }, "type": "array" @@ -7390,6 +7394,35 @@ }, "type": "object" }, + "RoleAssignmentsDTO": { + "properties": { + "role_uid": { + "type": "string" + }, + "service_accounts": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "teams": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "users": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + } + }, + "type": "object" + }, "RoleDTO": { "properties": { "created": { @@ -7948,6 +7981,32 @@ }, "type": "object" }, + "SetRoleAssignmentsCommand": { + "properties": { + "service_accounts": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "teams": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + }, + "users": { + "items": { + "format": "int64", + "type": "integer" + }, + "type": "array" + } + }, + "type": "object" + }, "SetUserRolesCommand": { "properties": { "global": { @@ -10249,7 +10308,7 @@ "/access-control/roles/{roleUID}": { "delete": { "description": "Delete a role with the given UID, and it’s permissions. If the role is assigned to a built-in role, the deletion operation will fail, unless force query param is set to true, and in that case all assignments will also be deleted.\n\nYou need to have a permission with action `roles:delete` and scope `permissions:type:delegate`. `permissions:type:delegate` scope ensures that users can only delete a custom role with the same, or a subset of permissions which the user has. For example, if a user does not have required permissions for creating users, they won’t be able to delete a custom role which allows to do that.", - "operationId": "deleteCustomRole", + "operationId": "deleteRole", "parameters": [ { "in": "query", @@ -10326,7 +10385,7 @@ }, "put": { "description": "You need to have a permission with action `roles:write` and scope `permissions:type:delegate`. `permissions:type:delegate` scope ensures that users can only create custom roles with the same, or a subset of permissions which the user has.", - "operationId": "updateRoleWithPermissions", + "operationId": "updateRole", "parameters": [ { "in": "path", @@ -10372,6 +10431,85 @@ ] } }, + "/access-control/roles/{roleUID}/assignments": { + "get": { + "description": "Get role assignments for the role with the given UID.\n\nYou need to have a permission with action `teams.roles:list` and scope `teams:id:*` and `users.roles:list` and scope `users:id:*`.", + "operationId": "getRoleAssignments", + "parameters": [ + { + "in": "path", + "name": "roleUID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "$ref": "#/components/responses/getRoleAssignmentsResponse" + }, + "403": { + "$ref": "#/components/responses/forbiddenError" + }, + "404": { + "$ref": "#/components/responses/notFoundError" + }, + "500": { + "$ref": "#/components/responses/internalServerError" + } + }, + "summary": "Get role assignments.", + "tags": [ + "access_control", + "enterprise" + ] + }, + "put": { + "description": "Set role assignments for the role with the given UID.\n\nYou need to have a permission with action `teams.roles:add` and `teams.roles:remove` and scope `permissions:type:delegate`, and `users.roles:add` and `users.roles:remove` and scope `permissions:type:delegate`.", + "operationId": "setRoleAssignments", + "parameters": [ + { + "in": "path", + "name": "roleUID", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SetRoleAssignmentsCommand" + } + } + }, + "required": true, + "x-originalParamName": "body" + }, + "responses": { + "200": { + "$ref": "#/components/responses/setRoleAssignmentsResponse" + }, + "403": { + "$ref": "#/components/responses/forbiddenError" + }, + "404": { + "$ref": "#/components/responses/notFoundError" + }, + "500": { + "$ref": "#/components/responses/internalServerError" + } + }, + "summary": "Set role assignments.", + "tags": [ + "access_control", + "enterprise" + ] + } + }, "/access-control/status": { "get": { "description": "Returns an indicator to check if fine-grained access control is enabled or not.\n\nYou need to have a permission with action `status:accesscontrol` and scope `services:accesscontrol`.", @@ -10767,7 +10905,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "Returns the current state of the LDAP background sync integration", + "summary": "Returns the current state of the LDAP background sync integration.", "tags": [ "ldap_debug" ] @@ -14666,9 +14804,7 @@ "requestBody": { "content": { "application/json": { - "schema": { - "type": "object" - } + "schema": {} } }, "required": true, @@ -14820,9 +14956,7 @@ "requestBody": { "content": { "application/json": { - "schema": { - "type": "object" - } + "schema": {} } }, "required": true, @@ -18434,7 +18568,6 @@ ] }, "get": { - "description": "Return the prometheus remote write target", "operationId": "getRecordingRuleWriteTarget", "responses": { "200": { @@ -18453,13 +18586,14 @@ "$ref": "#/components/responses/internalServerError" } }, + "summary": "Return the prometheus remote write target.", "tags": [ "recording_rules", "enterprise" ] }, "post": { - "description": "It returns a 422 if there is not an existing prometheus data source configured", + "description": "It returns a 422 if there is not an existing prometheus data source configured.", "operationId": "createRecordingRuleWriteTarget", "requestBody": { "content": { @@ -18539,7 +18673,7 @@ }, "/reports": { "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports:read` with scope `reports:*`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports:read` with scope `reports:*`.", "operationId": "getReports", "responses": { "200": { @@ -18781,7 +18915,7 @@ }, "/reports/settings": { "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.settings:read`x.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.settings:read`x.", "operationId": "getReportSettings", "responses": { "200": { @@ -18804,7 +18938,7 @@ ] }, "post": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.settings:write`xx.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.settings:write`xx.", "operationId": "saveReportSettings", "requestBody": { "content": { @@ -18885,7 +19019,7 @@ }, "/reports/{id}": { "delete": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.delete` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.delete` with scope `reports:id:\u003creport ID\u003e`.", "operationId": "deleteReport", "parameters": [ { @@ -18925,7 +19059,7 @@ ] }, "get": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports:read` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports:read` with scope `reports:id:\u003creport ID\u003e`.", "operationId": "getReport", "parameters": [ { @@ -18965,7 +19099,7 @@ ] }, "put": { - "description": "Available to org admins only and with a valid or expired license\n\nYou need to have a permission with action `reports.admin:write` with scope `reports:id:\u003creport ID\u003e`.", + "description": "Available to org admins only and with a valid or expired license.\n\nYou need to have a permission with action `reports.admin:write` with scope `reports:id:\u003creport ID\u003e`.", "operationId": "updateReport", "parameters": [ { @@ -19315,7 +19449,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "# Create service account", + "summary": "Create service account", "tags": [ "service_accounts" ] @@ -19381,7 +19515,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "# Search service accounts with paging", + "summary": "Search service accounts with paging", "tags": [ "service_accounts" ] @@ -19419,7 +19553,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "# Delete service account", + "summary": "Delete service account", "tags": [ "service_accounts" ] @@ -19458,7 +19592,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "# Get single serviceaccount by Id", + "summary": "Get single serviceaccount by Id", "tags": [ "service_accounts" ] @@ -19507,7 +19641,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "# Update service account", + "summary": "Update service account", "tags": [ "service_accounts" ] @@ -19545,7 +19679,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "# Get service account tokens", + "summary": "Get service account tokens", "tags": [ "service_accounts" ] @@ -19597,7 +19731,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "# CreateNewToken adds a token to a service account", + "summary": "CreateNewToken adds a token to a service account", "tags": [ "service_accounts" ] @@ -19647,7 +19781,7 @@ "$ref": "#/components/responses/internalServerError" } }, - "summary": "# DeleteToken deletes service account tokens", + "summary": "DeleteToken deletes service account tokens", "tags": [ "service_accounts" ]