Access control: Fix permission required to invite users (prevent access error) (#41943)

* Fix permission required to invite users (prevent access error) * Use hasAccess method with fallback * Fix tests
2025-02-11 16:15:42 -06:00 · 2021-11-22 09:40:52 +03:00 · 2021-11-22 09:40:52 +03:00 · 6c3c82d132
commit 6c3c82d132
parent 44d7d6546f
4 changed files with 19 additions and 3 deletions
--- a/public/app/features/users/UsersActionBar.test.tsx
+++ b/public/app/features/users/UsersActionBar.test.tsx
@ -7,6 +7,7 @@ import { setUsersSearchQuery } from './state/reducers';
 jest.mock('app/core/core', () => ({
  contextSrv: {
    hasPermission: () => true,
+    hasAccess: () => true,
  },
 }));

--- a/public/app/features/users/UsersActionBar.tsx
+++ b/public/app/features/users/UsersActionBar.tsx
@ -33,7 +33,7 @@ export class UsersActionBar extends PureComponent<Props> {
      { label: 'Users', value: 'users' },
      { label: `Pending Invites (${pendingInvitesCount})`, value: 'invites' },
    ];
-    const canAddToOrg = contextSrv.hasPermission(AccessControlAction.OrgUsersAdd);
+    const canAddToOrg = contextSrv.hasAccess(AccessControlAction.UsersCreate, canInvite);

    return (
      <div className="page-action-bar">
@ -49,7 +49,7 @@ export class UsersActionBar extends PureComponent<Props> {
            <RadioButtonGroup value={showInvites ? 'invites' : 'users'} options={options} onChange={onShowInvites} />
          </div>
        )}
-        {canInvite && canAddToOrg && <LinkButton href="org/users/invite">Invite</LinkButton>}
+        {canAddToOrg && <LinkButton href="org/users/invite">Invite</LinkButton>}
        {externalUserMngLinkUrl && (
          <LinkButton href={externalUserMngLinkUrl} target="_blank" rel="noopener">
            {externalUserMngLinkName}
--- a/public/app/features/users/snapshots/UsersActionBar.test.tsx.snap
+++ b/public/app/features/users/snapshots/UsersActionBar.test.tsx.snap
@ -13,6 +13,11 @@ exports[`Render should render component 1`] = `
      value=""
    />
  </div>
+  <LinkButton
+    href="org/users/invite"
+  >
+    Invite
+  </LinkButton>
 </div>
 `;

@ -53,6 +58,11 @@ exports[`Render should render pending invites button 1`] = `
      value="users"
    />
  </div>
+  <LinkButton
+    href="org/users/invite"
+  >
+    Invite
+  </LinkButton>
 </div>
 `;

@ -69,6 +79,11 @@ exports[`Render should show external user management button 1`] = `
      value=""
    />
  </div>
+  <LinkButton
+    href="org/users/invite"
+  >
+    Invite
+  </LinkButton>
  <LinkButton
    href="some/url"
    rel="noopener"
--- a/public/app/features/users/state/actions.ts
+++ b/public/app/features/users/state/actions.ts
@ -13,7 +13,7 @@ export function loadUsers(): ThunkResult<void> {

 export function loadInvitees(): ThunkResult<void> {
  return async (dispatch) => {
-    if (!contextSrv.hasPermission(AccessControlAction.OrgUsersAdd)) {
+    if (!contextSrv.hasPermission(AccessControlAction.UsersCreate)) {
      return;
    }