From 56693672ada4dd9851eb16a2bc8dd3034407aa56 Mon Sep 17 00:00:00 2001 From: "Grot (@grafanabot)" <43478413+grafanabot@users.noreply.github.com> Date: Mon, 22 Nov 2021 02:06:21 -0500 Subject: [PATCH] Access control: Fix permission required to invite users (prevent access error) (#41943) (#42026) * Fix permission required to invite users (prevent access error) * Use hasAccess method with fallback * Fix tests (cherry picked from commit 6c3c82d1325447592a58c8d6debc87df0460269d) Co-authored-by: Alexander Zobnin --- public/app/features/users/UsersActionBar.test.tsx | 1 + public/app/features/users/UsersActionBar.tsx | 4 ++-- .../__snapshots__/UsersActionBar.test.tsx.snap | 15 +++++++++++++++ public/app/features/users/state/actions.ts | 2 +- 4 files changed, 19 insertions(+), 3 deletions(-) diff --git a/public/app/features/users/UsersActionBar.test.tsx b/public/app/features/users/UsersActionBar.test.tsx index d22c12b3a57..ea04bb7cbdb 100644 --- a/public/app/features/users/UsersActionBar.test.tsx +++ b/public/app/features/users/UsersActionBar.test.tsx @@ -7,6 +7,7 @@ import { setUsersSearchQuery } from './state/reducers'; jest.mock('app/core/core', () => ({ contextSrv: { hasPermission: () => true, + hasAccess: () => true, }, })); diff --git a/public/app/features/users/UsersActionBar.tsx b/public/app/features/users/UsersActionBar.tsx index 53bc6ccc08c..7e505218622 100644 --- a/public/app/features/users/UsersActionBar.tsx +++ b/public/app/features/users/UsersActionBar.tsx @@ -33,7 +33,7 @@ export class UsersActionBar extends PureComponent { { label: 'Users', value: 'users' }, { label: `Pending Invites (${pendingInvitesCount})`, value: 'invites' }, ]; - const canAddToOrg = contextSrv.hasPermission(AccessControlAction.OrgUsersAdd); + const canAddToOrg = contextSrv.hasAccess(AccessControlAction.UsersCreate, canInvite); return (
@@ -49,7 +49,7 @@ export class UsersActionBar extends PureComponent {
)} - {canInvite && canAddToOrg && Invite} + {canAddToOrg && Invite} {externalUserMngLinkUrl && ( {externalUserMngLinkName} diff --git a/public/app/features/users/__snapshots__/UsersActionBar.test.tsx.snap b/public/app/features/users/__snapshots__/UsersActionBar.test.tsx.snap index 575a2ef0e61..130561cec2c 100644 --- a/public/app/features/users/__snapshots__/UsersActionBar.test.tsx.snap +++ b/public/app/features/users/__snapshots__/UsersActionBar.test.tsx.snap @@ -13,6 +13,11 @@ exports[`Render should render component 1`] = ` value="" /> + + Invite + `; @@ -53,6 +58,11 @@ exports[`Render should render pending invites button 1`] = ` value="users" /> + + Invite + `; @@ -69,6 +79,11 @@ exports[`Render should show external user management button 1`] = ` value="" /> + + Invite + { export function loadInvitees(): ThunkResult { return async (dispatch) => { - if (!contextSrv.hasPermission(AccessControlAction.OrgUsersAdd)) { + if (!contextSrv.hasPermission(AccessControlAction.UsersCreate)) { return; }