IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

RBAC: Remove builtin role code (#53767)

Browse Source 
* remove rbacBuiltInRoleAssignmentEnabled from frontendsettings

* RBAC: Remove RBACBuiltInRoleAssignmentEnabled

* RBAC: Remove code for builtin role

* RolePicker: Remove unused prop

* RolePicker: Rename builtinRole to basicRole

* RolePicker: Rename onBuiltinRoleChange to onBasicRoleChange

* RolePicker: Rename properties
This commit is contained in:
Karl Persson
2022-08-18 12:25:37 +02:00
committed by GitHub
parent 8145caf554
commit 4ff4aaab23
27 changed files with 86 additions and 185 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
public/app/features/admin/UserOrgs.tsx
View File

@@ -144,7 +144,6 @@ class UnThemedOrgRow extends PureComponent<OrgRowProps> {
currentRole: this.props.org.role,
isChangingRole: false,
roleOptions: [],
builtInRoles: {},
};
componentDidMount() {
@@ -179,7 +178,7 @@ class UnThemedOrgRow extends PureComponent<OrgRowProps> {
this.setState({ isChangingRole: false });
};
onBuiltinRoleChange = (newRole: OrgRole) => {
onBasicRoleChange = (newRole: OrgRole) => {
this.props.onOrgRoleChange(this.props.org.orgId, newRole);
};
@@ -205,11 +204,10 @@ class UnThemedOrgRow extends PureComponent<OrgRowProps> {
<UserRolePicker
userId={user?.id || 0}
orgId={org.orgId}
builtInRole={org.role}
basicRole={org.role}
roleOptions={this.state.roleOptions}
builtInRoles={this.state.builtInRoles}
onBuiltinRoleChange={this.onBuiltinRoleChange}
builtinRolesDisabled={rolePickerDisabled}
onBasicRoleChange={this.onBasicRoleChange}
basicRoleDisabled={rolePickerDisabled}
/>
</div>
{isExternalUser && <ExternalUserTooltip />}
@@ -377,9 +375,9 @@ export class AddToOrgModal extends PureComponent<AddToOrgModalProps, AddToOrgMod
<UserRolePicker
userId={user?.id || 0}
orgId={selectedOrg?.id}
builtInRole={role}
onBuiltinRoleChange={this.onOrgRoleChange}
builtinRolesDisabled={false}
basicRole={role}
onBasicRoleChange={this.onOrgRoleChange}
basicRoleDisabled={false}
roleOptions={roleOptions}
apply={true}
onApplyRoles={this.onRoleUpdate}

16
public/app/features/serviceaccounts/ServiceAccountCreatePage.tsx
View File

@@ -4,7 +4,7 @@ import { getBackendSrv, locationService } from '@grafana/runtime';
import { Form, Button, Input, Field, FieldSet } from '@grafana/ui';
import { Page } from 'app/core/components/Page/Page';
import { UserRolePicker } from 'app/core/components/RolePicker/UserRolePicker';
import { fetchBuiltinRoles, fetchRoleOptions, updateUserRoles } from 'app/core/components/RolePicker/api';
import { fetchRoleOptions, updateUserRoles } from 'app/core/components/RolePicker/api';
import { contextSrv } from 'app/core/core';
import { AccessControlAction, OrgRole, Role, ServiceAccountCreateApiResponse, ServiceAccountDTO } from 'app/types';
@@ -23,7 +23,6 @@ const updateServiceAccount = async (id: number, sa: ServiceAccountDTO) =>
export const ServiceAccountCreatePage = ({}: Props): JSX.Element => {
const [roleOptions, setRoleOptions] = useState<Role[]>([]);
const [builtinRoles, setBuiltinRoles] = useState<{ [key: string]: Role[] }>({});
const [pendingRoles, setPendingRoles] = useState<Role[]>([]);
const currentOrgId = contextSrv.user.orgId;
@@ -46,14 +45,6 @@ export const ServiceAccountCreatePage = ({}: Props): JSX.Element => {
let options = await fetchRoleOptions(currentOrgId);
setRoleOptions(options);
}
if (
contextSrv.accessControlBuiltInRoleAssignmentEnabled() &&
contextSrv.hasPermission(AccessControlAction.ActionBuiltinRolesList)
) {
const builtInRoles = await fetchBuiltinRoles(currentOrgId);
setBuiltinRoles(builtInRoles);
}
} catch (e) {
console.error('Error loading options', e);
}
@@ -131,9 +122,8 @@ export const ServiceAccountCreatePage = ({}: Props): JSX.Element => {
apply
userId={serviceAccount.id || 0}
orgId={serviceAccount.orgId}
builtInRole={serviceAccount.role}
builtInRoles={builtinRoles}
onBuiltinRoleChange={onRoleChange}
basicRole={serviceAccount.role}
onBasicRoleChange={onRoleChange}
roleOptions={roleOptions}
onApplyRoles={onPendingRolesUpdate}
pendingRoles={pendingRoles}

1
public/app/features/serviceaccounts/ServiceAccountPage.test.tsx
View File

@@ -26,7 +26,6 @@ const setup = (propOverrides: Partial<Props>) => {
const props: Props = {
serviceAccount: {} as ServiceAccountDTO,
tokens: [],
builtInRoles: {},
isLoading: false,
roleOptions: [],
match: {

4
public/app/features/serviceaccounts/ServiceAccountPage.tsx
View File

@@ -28,7 +28,6 @@ interface OwnProps extends GrafanaRouteComponentProps<{ id: string }> {
tokens: ApiKey[];
isLoading: boolean;
roleOptions: Role[];
builtInRoles: Record<string, Role[]>;
}
function mapStateToProps(state: StoreState) {
@@ -37,7 +36,6 @@ function mapStateToProps(state: StoreState) {
tokens: state.serviceAccountProfile.tokens,
isLoading: state.serviceAccountProfile.isLoading,
roleOptions: state.serviceAccounts.roleOptions,
builtInRoles: state.serviceAccounts.builtInRoles,
timezone: getTimeZone(state.user),
};
}
@@ -62,7 +60,6 @@ export const ServiceAccountPageUnconnected = ({
timezone,
isLoading,
roleOptions,
builtInRoles,
createServiceAccountToken,
deleteServiceAccount,
deleteServiceAccountToken,
@@ -187,7 +184,6 @@ export const ServiceAccountPageUnconnected = ({
serviceAccount={serviceAccount}
timeZone={timezone}
roleOptions={roleOptions}
builtInRoles={builtInRoles}
onChange={onProfileChange}
/>
)}

1
public/app/features/serviceaccounts/ServiceAccountsListPage.test.tsx
View File

@@ -26,7 +26,6 @@ const setup = (propOverrides: Partial<Props>) => {
const getApiKeysMigrationInfoMock = jest.fn();
const closeApiKeysMigrationInfoMock = jest.fn();
const props: Props = {
builtInRoles: {},
isLoading: false,
page: 0,
perPage: 10,

2
public/app/features/serviceaccounts/ServiceAccountsListPage.tsx
View File

@@ -55,7 +55,6 @@ export const ServiceAccountsListPageUnconnected = ({
serviceAccounts,
isLoading,
roleOptions,
builtInRoles,
query,
serviceAccountStateFilter,
apiKeysMigrated,
@@ -268,7 +267,6 @@ export const ServiceAccountsListPageUnconnected = ({
<ServiceAccountListItem
serviceAccount={serviceAccount}
key={serviceAccount.id}
builtInRoles={builtInRoles}
roleOptions={roleOptions}
onRoleChange={onRoleChange}
onRemoveButtonClick={onRemoveButtonClick}

10
public/app/features/serviceaccounts/components/ServiceAccountProfile.tsx
View File

@@ -13,17 +13,10 @@ interface Props {
serviceAccount: ServiceAccountDTO;
timeZone: TimeZone;
roleOptions: Role[];
builtInRoles: Record<string, Role[]>;
onChange: (serviceAccount: ServiceAccountDTO) => void;
}
export function ServiceAccountProfile({
serviceAccount,
timeZone,
roleOptions,
builtInRoles,
onChange,
}: Props): JSX.Element {
export function ServiceAccountProfile({ serviceAccount, timeZone, roleOptions, onChange }: Props): JSX.Element {
const styles = useStyles2(getStyles);
const ableToWrite = contextSrv.hasPermission(AccessControlAction.ServiceAccountsWrite);
@@ -51,7 +44,6 @@ export function ServiceAccountProfile({
label="Roles"
serviceAccount={serviceAccount}
onRoleChange={onRoleChange}
builtInRoles={builtInRoles}
roleOptions={roleOptions}
/>
<ServiceAccountProfileRow

16
public/app/features/serviceaccounts/components/ServiceAccountRoleRow.tsx
View File

@@ -11,16 +11,9 @@ interface Props {
serviceAccount: ServiceAccountDTO;
onRoleChange: (role: OrgRole) => void;
roleOptions: Role[];
builtInRoles: Record<string, Role[]>;
}
export const ServiceAccountRoleRow = ({
label,
serviceAccount,
roleOptions,
builtInRoles,
onRoleChange,
}: Props): JSX.Element => {
export const ServiceAccountRoleRow = ({ label, serviceAccount, roleOptions, onRoleChange }: Props): JSX.Element => {
const inputId = `${label}-input`;
const canUpdateRole = contextSrv.hasPermissionInMetadata(AccessControlAction.ServiceAccountsWrite, serviceAccount);
@@ -34,11 +27,10 @@ export const ServiceAccountRoleRow = ({
<UserRolePicker
userId={serviceAccount.id}
orgId={serviceAccount.orgId}
builtInRole={serviceAccount.role}
onBuiltinRoleChange={onRoleChange}
basicRole={serviceAccount.role}
onBasicRoleChange={onRoleChange}
roleOptions={roleOptions}
builtInRoles={builtInRoles}
builtinRolesDisabled={!canUpdateRole}
basicRoleDisabled={!canUpdateRole}
disabled={serviceAccount.isDisabled}
/>
</td>

9
public/app/features/serviceaccounts/components/ServiceAccountsListItem.tsx
View File

@@ -12,7 +12,6 @@ type ServiceAccountListItemProps = {
serviceAccount: ServiceAccountDTO;
onRoleChange: (role: OrgRole, serviceAccount: ServiceAccountDTO) => void;
roleOptions: Role[];
builtInRoles: Record<string, Role[]>;
onRemoveButtonClick: (serviceAccount: ServiceAccountDTO) => void;
onDisable: (serviceAccount: ServiceAccountDTO) => void;
onEnable: (serviceAccount: ServiceAccountDTO) => void;
@@ -28,7 +27,6 @@ const ServiceAccountListItem = memo(
serviceAccount,
onRoleChange,
roleOptions,
builtInRoles,
onRemoveButtonClick,
onDisable,
onEnable,
@@ -78,11 +76,10 @@ const ServiceAccountListItem = memo(
<UserRolePicker
userId={serviceAccount.id}
orgId={serviceAccount.orgId}
builtInRole={serviceAccount.role}
onBuiltinRoleChange={(newRole) => onRoleChange(newRole, serviceAccount)}
basicRole={serviceAccount.role}
onBasicRoleChange={(newRole) => onRoleChange(newRole, serviceAccount)}
roleOptions={roleOptions}
builtInRoles={builtInRoles}
builtinRolesDisabled={!canUpdateRole}
basicRoleDisabled={!canUpdateRole}
disabled={serviceAccount.isDisabled}
/>
)}

11
public/app/features/serviceaccounts/state/actions.ts
View File

@@ -1,7 +1,7 @@
import { debounce } from 'lodash';
import { getBackendSrv } from '@grafana/runtime';
import { fetchBuiltinRoles, fetchRoleOptions } from 'app/core/components/RolePicker/api';
import { fetchRoleOptions } from 'app/core/components/RolePicker/api';
import { contextSrv } from 'app/core/services/context_srv';
import store from 'app/core/store';
import { AccessControlAction, ServiceAccountDTO, ServiceAccountStateFilter, ThunkResult } from 'app/types';
@@ -11,7 +11,6 @@ import { API_KEYS_MIGRATION_INFO_STORAGE_KEY } from '../constants';
import {
acOptionsLoaded,
builtInRolesLoaded,
pageChanged,
queryChanged,
serviceAccountsFetchBegin,
@@ -31,14 +30,6 @@ export function fetchACOptions(): ThunkResult<void> {
const options = await fetchRoleOptions();
dispatch(acOptionsLoaded(options));
}
if (
contextSrv.accessControlBuiltInRoleAssignmentEnabled() &&
contextSrv.licensedAccessControlEnabled() &&
contextSrv.hasPermission(AccessControlAction.ActionBuiltinRolesList)
) {
const builtInRoles = await fetchBuiltinRoles();
dispatch(builtInRolesLoaded(builtInRoles));
}
} catch (error) {
console.error(error);
}

5
public/app/features/serviceaccounts/state/reducers.ts
View File

@@ -43,7 +43,6 @@ export const { serviceAccountLoaded, serviceAccountTokensLoaded, serviceAccountF
export const initialStateList: ServiceAccountsState = {
serviceAccounts: [] as ServiceAccountDTO[],
isLoading: true,
builtInRoles: {},
roleOptions: [],
query: '',
page: 0,
@@ -88,9 +87,6 @@ const serviceAccountsSlice = createSlice({
acOptionsLoaded: (state, action: PayloadAction<Role[]>): ServiceAccountsState => {
return { ...state, roleOptions: action.payload };
},
builtInRolesLoaded: (state, action: PayloadAction<Record<string, Role[]>>): ServiceAccountsState => {
return { ...state, builtInRoles: action.payload };
},
apiKeysMigrationStatusLoaded: (state, action): ServiceAccountsState => {
return { ...state, apiKeysMigrated: action.payload };
},
@@ -121,7 +117,6 @@ export const {
serviceAccountsFetchEnd,
serviceAccountsFetched,
acOptionsLoaded,
builtInRolesLoaded,
apiKeysMigrationStatusLoaded,
showApiKeysMigrationInfoLoaded,
pageChanged,

20
public/app/features/users/UsersTable.tsx
View File

@@ -3,7 +3,7 @@ import React, { FC, useEffect, useState } from 'react';
import { OrgRole } from '@grafana/data';
import { Button, ConfirmModal } from '@grafana/ui';
import { UserRolePicker } from 'app/core/components/RolePicker/UserRolePicker';
import { fetchBuiltinRoles, fetchRoleOptions } from 'app/core/components/RolePicker/api';
import { fetchRoleOptions } from 'app/core/components/RolePicker/api';
import { contextSrv } from 'app/core/core';
import { AccessControlAction, OrgUser, Role } from 'app/types';
@@ -20,7 +20,6 @@ const UsersTable: FC<Props> = (props) => {
const { users, orgId, onRoleChange, onRemoveUser } = props;
const [userToRemove, setUserToRemove] = useState<OrgUser | null>(null);
const [roleOptions, setRoleOptions] = useState<Role[]>([]);
const [builtinRoles, setBuiltinRoles] = useState<{ [key: string]: Role[] }>({});
useEffect(() => {
async function fetchOptions() {
@@ -29,14 +28,6 @@ const UsersTable: FC<Props> = (props) => {
let options = await fetchRoleOptions(orgId);
setRoleOptions(options);
}
if (
contextSrv.accessControlBuiltInRoleAssignmentEnabled() &&
contextSrv.hasPermission(AccessControlAction.ActionBuiltinRolesList)
) {
const builtInRoles = await fetchBuiltinRoles(orgId);
setBuiltinRoles(builtInRoles);
}
} catch (e) {
console.error('Error loading options');
}
@@ -92,12 +83,9 @@ const UsersTable: FC<Props> = (props) => {
userId={user.userId}
orgId={orgId}
roleOptions={roleOptions}
builtInRoles={builtinRoles}
builtInRole={user.role}
onBuiltinRoleChange={(newRole) => onRoleChange(newRole, user)}
builtinRolesDisabled={
!contextSrv.hasPermissionInMetadata(AccessControlAction.OrgUsersWrite, user)
}
basicRole={user.role}
onBasicRoleChange={(newRole) => onRoleChange(newRole, user)}
basicRoleDisabled={!contextSrv.hasPermissionInMetadata(AccessControlAction.OrgUsersWrite, user)}
/>
) : (
<OrgRolePicker