AccessControl: Rename builtin role roles to basic roles (#48519)

* AccessControl: Rename grafana:builtins roles to basic * AccessControl: rename macro references to basic Co-authored-by: gamab <gabi.mabs@gmail.com>
2025-02-25 18:55:37 -06:00 · 2022-05-03 11:59:16 +00:00 · 2022-05-03 11:59:16 +00:00 · 6a303bb6b8
commit 6a303bb6b8
parent 20f62e1841
4 changed files with 18 additions and 18 deletions
--- a/pkg/services/accesscontrol/models.go
+++ b/pkg/services/accesscontrol/models.go
@ -272,8 +272,8 @@ const (
 	GlobalOrgID        = 0
 	FixedRolePrefix    = "fixed:"
 	ManagedRolePrefix  = "managed:"
-	BasicRolePrefix    = "grafana:builtins:"
-	BasicRoleUIDPrefix = "grafana_builtins_"
+	BasicRolePrefix    = "basic:"
+	BasicRoleUIDPrefix = "basic_"
 	RoleGrafanaAdmin   = "Grafana Admin"

 	GeneralFolderUID = "general"
--- a/pkg/services/accesscontrol/ossaccesscontrol/ossaccesscontrol.go
+++ b/pkg/services/accesscontrol/ossaccesscontrol/ossaccesscontrol.go
@ -37,7 +37,7 @@ func ProvideOSSAccessControl(features featuremgmt.FeatureToggles, provider acces
 		provider:       provider,
 		log:            log.New("accesscontrol"),
 		scopeResolvers: accesscontrol.NewScopeResolvers(),
-		roles:          accesscontrol.BuildMacroRoleDefinitions(),
+		roles:          accesscontrol.BuildBasicRoleDefinitions(),
 	}

 	return s
@ -141,9 +141,9 @@ func (ac *OSSAccessControlService) getFixedPermissions(ctx context.Context, user
 	permissions := make([]*accesscontrol.Permission, 0)

 	for _, builtin := range ac.GetUserBuiltInRoles(user) {
-		if macroRole, ok := ac.roles[builtin]; ok {
-			for i := range macroRole.Permissions {
-				permissions = append(permissions, &macroRole.Permissions[i])
+		if basicRole, ok := ac.roles[builtin]; ok {
+			for i := range basicRole.Permissions {
+				permissions = append(permissions, &basicRole.Permissions[i])
 			}
 		}
 	}
@ -184,8 +184,8 @@ func (ac *OSSAccessControlService) RegisterFixedRoles(ctx context.Context) error
 // RegisterFixedRole saves a fixed role and assigns it to built-in roles
 func (ac *OSSAccessControlService) registerFixedRole(role accesscontrol.RoleDTO, builtInRoles []string) {
 	for br := range accesscontrol.BuiltInRolesWithParents(builtInRoles) {
-		if macroRole, ok := ac.roles[br]; ok {
-			macroRole.Permissions = append(macroRole.Permissions, role.Permissions...)
+		if basicRole, ok := ac.roles[br]; ok {
+			basicRole.Permissions = append(basicRole.Permissions, role.Permissions...)
 		} else {
 			ac.log.Error("Unknown builtin role", "builtInRole", br)
 		}
--- a/pkg/services/accesscontrol/ossaccesscontrol/ossaccesscontrol_test.go
+++ b/pkg/services/accesscontrol/ossaccesscontrol/ossaccesscontrol_test.go
@ -25,7 +25,7 @@ func setupTestEnv(t testing.TB) *OSSAccessControlService {
 		registrations:  accesscontrol.RegistrationList{},
 		scopeResolvers: accesscontrol.NewScopeResolvers(),
 		provider:       database.ProvideService(sqlstore.InitTestDB(t)),
-		roles:          accesscontrol.BuildMacroRoleDefinitions(),
+		roles:          accesscontrol.BuildBasicRoleDefinitions(),
 	}
 	require.NoError(t, ac.RegisterFixedRoles(context.Background()))
 	return ac
--- a/pkg/services/accesscontrol/roles.go
+++ b/pkg/services/accesscontrol/roles.go
@ -278,11 +278,11 @@ func (m *RegistrationList) Range(f func(registration RoleRegistration) bool) {
 	}
 }

-func BuildMacroRoleDefinitions() map[string]*RoleDTO {
+func BuildBasicRoleDefinitions() map[string]*RoleDTO {
 	return map[string]*RoleDTO{
 		string(models.ROLE_ADMIN): {
-			Name:        "grafana:builtins:admin",
-			UID:         "grafana_builtins_admin",
+			Name:        BasicRolePrefix + "admin",
+			UID:         BasicRoleUIDPrefix + "admin",
 			OrgID:       GlobalOrgID,
 			Version:     1,
 			DisplayName: string(models.ROLE_ADMIN),
@ -292,8 +292,8 @@ func BuildMacroRoleDefinitions() map[string]*RoleDTO {
 			Hidden:      true,
 		},
 		string(models.ROLE_EDITOR): {
-			Name:        "grafana:builtins:editor",
-			UID:         "grafana_builtins_editor",
+			Name:        BasicRolePrefix + "editor",
+			UID:         BasicRoleUIDPrefix + "editor",
 			OrgID:       GlobalOrgID,
 			Version:     1,
 			DisplayName: string(models.ROLE_EDITOR),
@ -303,8 +303,8 @@ func BuildMacroRoleDefinitions() map[string]*RoleDTO {
 			Hidden:      true,
 		},
 		string(models.ROLE_VIEWER): {
-			Name:        "grafana:builtins:viewer",
-			UID:         "grafana_builtins_viewer",
+			Name:        BasicRolePrefix + "viewer",
+			UID:         BasicRoleUIDPrefix + "viewer",
 			OrgID:       GlobalOrgID,
 			Version:     1,
 			DisplayName: string(models.ROLE_VIEWER),
@ -314,8 +314,8 @@ func BuildMacroRoleDefinitions() map[string]*RoleDTO {
 			Hidden:      true,
 		},
 		RoleGrafanaAdmin: {
-			Name:        "grafana:builtins:grafana_admin",
-			UID:         "grafana_builtins_grafana_admin",
+			Name:        BasicRolePrefix + "grafana_admin",
+			UID:         BasicRoleUIDPrefix + "grafana_admin",
 			OrgID:       GlobalOrgID,
 			Version:     1,
 			DisplayName: RoleGrafanaAdmin,