diff --git a/pkg/services/org/model.go b/pkg/services/org/model.go index 4f6a327334e..6837ed97dc6 100644 --- a/pkg/services/org/model.go +++ b/pkg/services/org/model.go @@ -6,7 +6,7 @@ import ( "time" "github.com/grafana/grafana/pkg/models/roletype" - "github.com/grafana/grafana/pkg/services/user" + "github.com/grafana/grafana/pkg/services/auth/identity" "github.com/grafana/grafana/pkg/util/errutil" ) @@ -174,7 +174,7 @@ type GetOrgUsersQuery struct { // Flag used to allow oss edition to query users without access control DontEnforceAccessControl bool - User *user.SignedInUser + User identity.Requester } type SearchOrgUsersQuery struct { @@ -186,7 +186,7 @@ type SearchOrgUsersQuery struct { // Flag used to allow oss edition to query users without access control DontEnforceAccessControl bool - User *user.SignedInUser + User identity.Requester } type SearchOrgUsersQueryResult struct { diff --git a/pkg/services/org/orgimpl/store_test.go b/pkg/services/org/orgimpl/store_test.go index 3262b7c24b5..5cb9f5e4aeb 100644 --- a/pkg/services/org/orgimpl/store_test.go +++ b/pkg/services/org/orgimpl/store_test.go @@ -12,6 +12,7 @@ import ( "github.com/grafana/grafana/pkg/infra/db" "github.com/grafana/grafana/pkg/services/accesscontrol" + "github.com/grafana/grafana/pkg/services/auth/identity" "github.com/grafana/grafana/pkg/services/org" "github.com/grafana/grafana/pkg/services/quota/quotaimpl" "github.com/grafana/grafana/pkg/services/sqlstore" @@ -614,7 +615,7 @@ func TestIntegration_SQLStore_GetOrgUsers(t *testing.T) { if !hasWildcardScope(tt.query.User, accesscontrol.ActionOrgUsersRead) { for _, u := range result.OrgUsers { - assert.Contains(t, tt.query.User.Permissions[tt.query.User.OrgID][accesscontrol.ActionOrgUsersRead], fmt.Sprintf("users:id:%d", u.UserID)) + assert.Contains(t, tt.query.User.GetPermissions(tt.query.User.GetOrgID())[accesscontrol.ActionOrgUsersRead], fmt.Sprintf("users:id:%d", u.UserID)) } } }) @@ -645,8 +646,8 @@ func seedOrgUsers(t *testing.T, orgUserStore store, store *sqlstore.SQLStore, nu } } -func hasWildcardScope(user *user.SignedInUser, action string) bool { - for _, scope := range user.Permissions[user.OrgID][action] { +func hasWildcardScope(user identity.Requester, action string) bool { + for _, scope := range user.GetPermissions(user.GetOrgID())[action] { if strings.HasSuffix(scope, ":*") { return true } @@ -791,7 +792,7 @@ func TestIntegration_SQLStore_SearchOrgUsers(t *testing.T) { if !hasWildcardScope(tt.query.User, accesscontrol.ActionOrgUsersRead) { for _, u := range result.OrgUsers { - assert.Contains(t, tt.query.User.Permissions[tt.query.User.OrgID][accesscontrol.ActionOrgUsersRead], fmt.Sprintf("users:id:%d", u.UserID)) + assert.Contains(t, tt.query.User.GetPermissions(tt.query.User.GetOrgID())[accesscontrol.ActionOrgUsersRead], fmt.Sprintf("users:id:%d", u.UserID)) } } })