Access control: endpoint for searching single user permissions (#59669)

* initial commit * clean up * fix a bug and add tests * more tests * undo some unintended changes * undo some unintended changes * linting * PR feedback - add user ID to search options * simplify the query * Apply suggestions from code review Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * remove unneeded formatting changes Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2025-02-25 18:55:37 -06:00 · 2022-12-14 10:53:25 +00:00
parent d9d94ebc56
commit 6aa5a79cad
8 changed files with 363 additions and 21 deletions
--- a/pkg/services/accesscontrol/actest/fake.go
+++ b/pkg/services/accesscontrol/actest/fake.go
@@ -11,10 +11,12 @@ var _ accesscontrol.Service = new(FakeService)
 var _ accesscontrol.RoleRegistry = new(FakeService)

 type FakeService struct {
-	ExpectedErr              error
-	ExpectedDisabled         bool
-	ExpectedPermissions      []accesscontrol.Permission
-	ExpectedUsersPermissions map[int64][]accesscontrol.Permission
+	ExpectedErr                     error
+	ExpectedDisabled                bool
+	ExpectedCachedPermissions       bool
+	ExpectedPermissions             []accesscontrol.Permission
+	ExpectedFilteredUserPermissions []accesscontrol.Permission
+	ExpectedUsersPermissions        map[int64][]accesscontrol.Permission
 }

 func (f FakeService) GetUsageStats(ctx context.Context) map[string]interface{} {
@@ -29,6 +31,10 @@ func (f FakeService) SearchUsersPermissions(ctx context.Context, user *user.Sign
 	return f.ExpectedUsersPermissions, f.ExpectedErr
 }

+func (f FakeService) SearchUserPermissions(ctx context.Context, orgID int64, searchOptions accesscontrol.SearchOptions) ([]accesscontrol.Permission, error) {
+	return f.ExpectedFilteredUserPermissions, f.ExpectedErr
+}
+
 func (f FakeService) ClearUserPermissionCache(user *user.SignedInUser) {}

 func (f FakeService) DeleteUserPermissions(ctx context.Context, orgID, userID int64) error {
@@ -81,7 +87,7 @@ func (f FakeStore) SearchUsersPermissions(ctx context.Context, orgID int64, opti
 	return f.ExpectedUsersPermissions, f.ExpectedErr
 }

-func (f FakeStore) GetUsersBasicRoles(ctx context.Context, orgID int64) (map[int64][]string, error) {
+func (f FakeStore) GetUsersBasicRoles(ctx context.Context, userFilter []int64, orgID int64) (map[int64][]string, error) {
 	return f.ExpectedUsersRoles, f.ExpectedErr
 }