IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

RBAC: add kind, attribute and identifier to annotation permissions during the migration (#83299)

Browse Source 
add kind, attribute and identifier to annotation permissions during the migration
This commit is contained in:
Ieva 2024-02-23 16:03:23 +00:00 committed by GitHub
parent b2601d71d5
commit 65534e62a6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 37 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pkg/services/sqlstore/migrations/accesscontrol/dashboard_permissions.go
View File

@ -730,6 +730,11 @@ func (m *managedDashboardAnnotationActionsMigrator) Exec(sess *xorm.Session, mg
for roleId, mappedPermissions := range mapped {
for scope, roleActions := range mappedPermissions {
// Create a temporary permission to split the scope into kind, attribute and identifier
tempPerm := ac.Permission{
Scope: scope,
}
kind, attribute, identifier := tempPerm.SplitScope()
if roleActions[dashboards.ActionDashboardsRead] {
if !roleActions[ac.ActionAnnotationsRead] {
toAdd = append(toAdd, ac.Permission{
@ -738,6 +743,9 @@ func (m *managedDashboardAnnotationActionsMigrator) Exec(sess *xorm.Session, mg
Created: now,
Scope: scope,
Action: ac.ActionAnnotationsRead,
Kind: kind,
Attribute: attribute,
Identifier: identifier,
})
}
}
@ -750,6 +758,9 @@ func (m *managedDashboardAnnotationActionsMigrator) Exec(sess *xorm.Session, mg
Created: now,
Scope: scope,
Action: ac.ActionAnnotationsCreate,
Kind: kind,
Attribute: attribute,
Identifier: identifier,
})
}
if !roleActions[ac.ActionAnnotationsDelete] {
@ -759,6 +770,9 @@ func (m *managedDashboardAnnotationActionsMigrator) Exec(sess *xorm.Session, mg
Created: now,
Scope: scope,
Action: ac.ActionAnnotationsDelete,
Kind: kind,
Attribute: attribute,
Identifier: identifier,
})
}
if !roleActions[ac.ActionAnnotationsWrite] {
@ -768,6 +782,9 @@ func (m *managedDashboardAnnotationActionsMigrator) Exec(sess *xorm.Session, mg
Created: now,
Scope: scope,
Action: ac.ActionAnnotationsWrite,
Kind: kind,
Attribute: attribute,
Identifier: identifier,
})
}
}