Alerting: update authorization logic to use proper legacy roles when fine-grained access is disabled (#46931)

* require legacy Editor for post, put, delete endpoints * require user to be signed in on group level because handler that checks that user has role Editor does not check it is signed in
2025-02-25 18:55:37 -06:00 · 2022-03-24 17:13:47 -04:00
parent 8868848e93
commit 15e4556c2f
10 changed files with 39 additions and 62 deletions
--- a/pkg/services/ngalert/api/generated_base_api_testing.go
+++ b/pkg/services/ngalert/api/generated_base_api_testing.go
@@ -12,6 +12,7 @@ import (

 	"github.com/grafana/grafana/pkg/api/response"
 	"github.com/grafana/grafana/pkg/api/routing"
+	"github.com/grafana/grafana/pkg/middleware"
 	"github.com/grafana/grafana/pkg/models"
 	apimodels "github.com/grafana/grafana/pkg/services/ngalert/api/tooling/definitions"
 	"github.com/grafana/grafana/pkg/services/ngalert/metrics"
@@ -80,5 +81,5 @@ func (api *API) RegisterTestingApiEndpoints(srv TestingApiForkingService, m *met
 				m,
 			),
 		)
-	})
+	}, middleware.ReqSignedIn)
 }