IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2024-11-23 09:26:43 -06:00
Code Issues Packages Projects Releases Wiki Activity

Auth: Move Org service to SignedInUser interface (#72720)

Browse Source 
add identity interface for org service
This commit is contained in:
Jo 2023-08-03 11:02:38 +02:00 committed by GitHub
parent 1e8879a041
commit 2ef334def7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/services/org/model.go
View File

@ -6,7 +6,7 @@ import (
"time" "time"
"github.com/grafana/grafana/pkg/models/roletype" "github.com/grafana/grafana/pkg/models/roletype"
"github.com/grafana/grafana/pkg/services/user" "github.com/grafana/grafana/pkg/services/auth/identity"
"github.com/grafana/grafana/pkg/util/errutil" "github.com/grafana/grafana/pkg/util/errutil"
) )
@ -174,7 +174,7 @@ type GetOrgUsersQuery struct {
// Flag used to allow oss edition to query users without access control // Flag used to allow oss edition to query users without access control
DontEnforceAccessControl bool DontEnforceAccessControl bool
User *user.SignedInUser User identity.Requester
} }
type SearchOrgUsersQuery struct { type SearchOrgUsersQuery struct {
@ -186,7 +186,7 @@ type SearchOrgUsersQuery struct {
// Flag used to allow oss edition to query users without access control // Flag used to allow oss edition to query users without access control
DontEnforceAccessControl bool DontEnforceAccessControl bool
User *user.SignedInUser User identity.Requester
} }
type SearchOrgUsersQueryResult struct { type SearchOrgUsersQueryResult struct {

9
pkg/services/org/orgimpl/store_test.go
View File

@ -12,6 +12,7 @@ import (
"github.com/grafana/grafana/pkg/infra/db" "github.com/grafana/grafana/pkg/infra/db"
"github.com/grafana/grafana/pkg/services/accesscontrol" "github.com/grafana/grafana/pkg/services/accesscontrol"
"github.com/grafana/grafana/pkg/services/auth/identity"
"github.com/grafana/grafana/pkg/services/org" "github.com/grafana/grafana/pkg/services/org"
"github.com/grafana/grafana/pkg/services/quota/quotaimpl" "github.com/grafana/grafana/pkg/services/quota/quotaimpl"
"github.com/grafana/grafana/pkg/services/sqlstore" "github.com/grafana/grafana/pkg/services/sqlstore"
@ -614,7 +615,7 @@ func TestIntegration_SQLStore_GetOrgUsers(t *testing.T) {
if !hasWildcardScope(tt.query.User, accesscontrol.ActionOrgUsersRead) { if !hasWildcardScope(tt.query.User, accesscontrol.ActionOrgUsersRead) {
for _, u := range result.OrgUsers { for _, u := range result.OrgUsers {
assert.Contains(t, tt.query.User.Permissions[tt.query.User.OrgID][accesscontrol.ActionOrgUsersRead], fmt.Sprintf("users:id:%d", u.UserID)) assert.Contains(t, tt.query.User.GetPermissions(tt.query.User.GetOrgID())[accesscontrol.ActionOrgUsersRead], fmt.Sprintf("users:id:%d", u.UserID))
} }
} }
}) })
@ -645,8 +646,8 @@ func seedOrgUsers(t *testing.T, orgUserStore store, store *sqlstore.SQLStore, nu
} }
} }
func hasWildcardScope(user *user.SignedInUser, action string) bool { func hasWildcardScope(user identity.Requester, action string) bool {
for _, scope := range user.Permissions[user.OrgID][action] { for _, scope := range user.GetPermissions(user.GetOrgID())[action] {
if strings.HasSuffix(scope, ":*") { if strings.HasSuffix(scope, ":*") {
return true return true
} }
@ -791,7 +792,7 @@ func TestIntegration_SQLStore_SearchOrgUsers(t *testing.T) {
if !hasWildcardScope(tt.query.User, accesscontrol.ActionOrgUsersRead) { if !hasWildcardScope(tt.query.User, accesscontrol.ActionOrgUsersRead) {
for _, u := range result.OrgUsers { for _, u := range result.OrgUsers {
assert.Contains(t, tt.query.User.Permissions[tt.query.User.OrgID][accesscontrol.ActionOrgUsersRead], fmt.Sprintf("users:id:%d", u.UserID)) assert.Contains(t, tt.query.User.GetPermissions(tt.query.User.GetOrgID())[accesscontrol.ActionOrgUsersRead], fmt.Sprintf("users:id:%d", u.UserID))
} }
} }
}) })