AccessControl: Use RBACBuiltInRoleAssignmentEnabled in the frontend instead of FeatureToggle (#49261)

* AccessControl: Frontend changes to basic role enablement
2025-02-09 23:16:16 -06:00 · 2022-05-20 08:53:28 +02:00 · 2022-05-20 08:53:28 +02:00 · 689f51599a
commit 689f51599a
parent 59c8c0d56b
6 changed files with 7 additions and 4 deletions
--- a/packages/grafana-data/src/types/config.ts
+++ b/packages/grafana-data/src/types/config.ts
@ -163,6 +163,7 @@ export interface GrafanaConfig {
  verifyEmailEnabled: boolean;
  oauth: OAuthSettings;
  rbacEnabled: boolean;
+  rbacBuiltInRoleAssignmentEnabled: boolean;
  disableUserSignUp: boolean;
  loginHint: string;
  passwordHint: string;
--- a/packages/grafana-runtime/src/config.ts
+++ b/packages/grafana-runtime/src/config.ts
@ -58,6 +58,7 @@ export class GrafanaBootConfig implements GrafanaConfig {
  verifyEmailEnabled = false;
  oauth: OAuthSettings = {};
  rbacEnabled = true;
+  rbacBuiltInRoleAssignmentEnabled = false;
  disableUserSignUp = false;
  loginHint = '';
  passwordHint = '';
--- a/pkg/api/frontendsettings.go
+++ b/pkg/api/frontendsettings.go
@ -106,6 +106,7 @@ func (hs *HTTPServer) getFrontendSettingsMap(c *models.ReqContext) (map[string]i
 		"verifyEmailEnabled":                  setting.VerifyEmailEnabled,
 		"sigV4AuthEnabled":                    setting.SigV4AuthEnabled,
 		"rbacEnabled":                         hs.Cfg.RBACEnabled,
+		"rbacBuiltInRoleAssignmentEnabled":    hs.Cfg.RBACBuiltInRoleAssignmentEnabled,
 		"exploreEnabled":                      setting.ExploreEnabled,
 		"helpEnabled":                         setting.HelpEnabled,
 		"profileEnabled":                      setting.ProfileEnabled,
--- a/public/app/core/services/context_srv.ts
+++ b/public/app/core/services/context_srv.ts
@ -112,8 +112,8 @@ export class ContextSrv {
    return config.rbacEnabled;
  }

-  accessControlBuiltinRefactorEnabled(): boolean {
-    return Boolean(config.featureToggles['accesscontrol-builtins']);
+  accessControlBuiltInRoleAssignmentEnabled(): boolean {
+    return config.rbacBuiltInRoleAssignmentEnabled;
  }

  licensedAccessControlEnabled(): boolean {
--- a/public/app/features/serviceaccounts/state/actions.ts
+++ b/public/app/features/serviceaccounts/state/actions.ts
@ -32,7 +32,7 @@ export function fetchACOptions(): ThunkResult<void> {
        dispatch(acOptionsLoaded(options));
      }
      if (
-        !contextSrv.accessControlBuiltinRefactorEnabled() &&
+        contextSrv.accessControlBuiltInRoleAssignmentEnabled() &&
        contextSrv.licensedAccessControlEnabled() &&
        contextSrv.hasPermission(AccessControlAction.ActionBuiltinRolesList)
      ) {
--- a/public/app/features/users/UsersTable.tsx
+++ b/public/app/features/users/UsersTable.tsx
@ -31,7 +31,7 @@ const UsersTable: FC<Props> = (props) => {
        }

        if (
-          !contextSrv.accessControlBuiltinRefactorEnabled() &&
+          contextSrv.accessControlBuiltInRoleAssignmentEnabled() &&
          contextSrv.hasPermission(AccessControlAction.ActionBuiltinRolesList)
        ) {
          const builtInRoles = await fetchBuiltinRoles(orgId);