Move SignedInUser to user service and RoleType and Roles to org (#53445)

* Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2
2025-02-25 18:55:37 -06:00 · 2022-08-10 11:56:48 +02:00
parent 46004037e2
commit 6afad51761
278 changed files with 1758 additions and 1543 deletions
--- a/pkg/services/sqlstore/migrations/accesscontrol/managed_permission_migrator.go
+++ b/pkg/services/sqlstore/migrations/accesscontrol/managed_permission_migrator.go
@@ -13,8 +13,8 @@ import (
 	"time"

 	"github.com/grafana/grafana/pkg/infra/log"
-	"github.com/grafana/grafana/pkg/models"
 	"github.com/grafana/grafana/pkg/services/accesscontrol"
+	"github.com/grafana/grafana/pkg/services/org"
 	"github.com/grafana/grafana/pkg/services/sqlstore/migrator"
 	"golang.org/x/text/cases"
 	"golang.org/x/text/language"
@@ -80,7 +80,7 @@ func (sp *managedPermissionMigrator) Exec(sess *xorm.Session, mg *migrator.Migra

 		// Add parent roles + permissions to the map as "true" -- need to be inserted
 		basicRoleName := ParseRoleFromName(roleName)
-		for _, parent := range models.RoleType(basicRoleName).Parents() {
+		for _, parent := range org.RoleType(basicRoleName).Parents() {
 			parentManagedRoleName := "managed:builtins:" + strings.ToLower(string(parent)) + ":permissions"

 			if _, ok := permissionMap[p.OrgID][parentManagedRoleName]; !ok {
--- a/pkg/services/sqlstore/migrations/accesscontrol/team_membership.go
+++ b/pkg/services/sqlstore/migrations/accesscontrol/team_membership.go
@@ -9,6 +9,7 @@ import (

 	"github.com/grafana/grafana/pkg/models"
 	"github.com/grafana/grafana/pkg/services/accesscontrol"
+	"github.com/grafana/grafana/pkg/services/org"
 	"github.com/grafana/grafana/pkg/services/sqlstore/migrator"
 )

@@ -209,7 +210,7 @@ func (p *teamPermissionMigrator) generateAssociatedPermissions(teamMemberships [
 		// only admins or editors (when editorsCanAdmin option is enabled)
 		// can access team administration endpoints
 		if m.Permission == models.PERMISSION_ADMIN {
-			if userRolesByOrg[m.OrgId][m.UserId] == string(models.ROLE_VIEWER) || (userRolesByOrg[m.OrgId][m.UserId] == string(models.ROLE_EDITOR) && !p.editorsCanAdmin) {
+			if userRolesByOrg[m.OrgId][m.UserId] == string(org.RoleViewer) || (userRolesByOrg[m.OrgId][m.UserId] == string(org.RoleEditor) && !p.editorsCanAdmin) {
 				m.Permission = 0

 				if _, err := p.sess.Cols("permission").Where("org_id=? and team_id=? and user_id=?", m.OrgId, m.TeamId, m.UserId).Update(m); err != nil {
--- a/pkg/services/sqlstore/migrations/accesscontrol/test/ac_test.go
+++ b/pkg/services/sqlstore/migrations/accesscontrol/test/ac_test.go
@@ -11,6 +11,7 @@ import (
 	"github.com/grafana/grafana/pkg/infra/log"
 	"github.com/grafana/grafana/pkg/models"
 	"github.com/grafana/grafana/pkg/services/accesscontrol"
+	"github.com/grafana/grafana/pkg/services/org"
 	"github.com/grafana/grafana/pkg/services/sqlstore/migrations"
 	acmig "github.com/grafana/grafana/pkg/services/sqlstore/migrations/accesscontrol"
 	"github.com/grafana/grafana/pkg/services/sqlstore/migrator"
@@ -276,35 +277,35 @@ func setupTeams(t *testing.T, x *xorm.Engine) {
 		{
 			OrgId:   1,
 			UserId:  1,
-			Role:    models.ROLE_VIEWER,
+			Role:    org.RoleViewer,
 			Created: now,
 			Updated: now,
 		},
 		{
 			OrgId:   1,
 			UserId:  2,
-			Role:    models.ROLE_VIEWER,
+			Role:    org.RoleViewer,
 			Created: now,
 			Updated: now,
 		},
 		{
 			OrgId:   1,
 			UserId:  3,
-			Role:    models.ROLE_EDITOR,
+			Role:    org.RoleEditor,
 			Created: now,
 			Updated: now,
 		},
 		{
 			OrgId:   1,
 			UserId:  4,
-			Role:    models.ROLE_ADMIN,
+			Role:    org.RoleAdmin,
 			Created: now,
 			Updated: now,
 		},
 		{
 			OrgId:   2,
 			UserId:  5,
-			Role:    models.ROLE_EDITOR,
+			Role:    org.RoleEditor,
 			Created: now,
 			Updated: now,
 		},