Doc: Add docs for direct mapping of None role for SAML (#76551)

* add: direct mapping of None role for SAML

* Fix docs formatting

* fix spelling

---------

Co-authored-by: Vardan Torosyan <vardants@gmail.com>

contribute/create-pull-request.md

@@ -8,7 +8,7 @@ We know you're excited to create your first pull request. Before we get started,
 
 - Learn how to start [Contributing to Grafana](/CONTRIBUTING.md).
 - Make sure your code follows the relevant [style guides](/contribute/style-guides).
-- It's recommened you [set up precommit hooks](/contribute/developer-guide.md) to auto-format when you commit
+- It's recommended you [set up precommit hooks](/contribute/developer-guide.md) to auto-format when you commit
 
 ## Your first pull request
 

contribute/feature-toggles.md

@@ -5,7 +5,7 @@ This guide helps you get started adding your feature behind a feature flag in Gr
 ## Steps to adding a feature toggle
 
 1. Define the feature toggle in [registry.go](../pkg/services/featuremgmt/registry.go). To see what each feature stage means, look at the comments [here](../pkg/services/featuremgmt/features.go). If you are a community member, use the [CODEOWNERS](../.github/CODEOWNERS) file to determine which team owns the package you are updating.
-2. Run the go tests mentioned at the top of [this file](../pkg/services/featuremgmt/toggles_gen.go). This will generate all the additional files needed: `toggles_gen` for the backend, `grafana-data` for the frontend, and docs. You can run the test by running `go test ./pkg/services/featuremgmt/...`. This will say the tests failed the first time, but it will have generated the right code. If you re-run the testss, it will pass.
+2. Run the go tests mentioned at the top of [this file](../pkg/services/featuremgmt/toggles_gen.go). This will generate all the additional files needed: `toggles_gen` for the backend, `grafana-data` for the frontend, and docs. You can run the test by running `go test ./pkg/services/featuremgmt/...`. This will say the tests failed the first time, but it will have generated the right code. If you re-run the tests, it will pass.
 
 ## How to use it in the code
 

contribute/merge-pull-request.md

@@ -48,7 +48,7 @@ Instead, when it is merged & closed then a bot will look for the most appropriat
 
 That milestone should always reflect the branch that the pull request is merged into.
 For every major and minor release there is a milestone ending with `.x` (e.g. `10.0.x` for the 10.0.x releases).
-Pull requests targetting `main` should use the `.x` milestone of the next minor (or major) version (you can find that version number inside the `package.json` file).
+Pull requests targeting `main` should use the `.x` milestone of the next minor (or major) version (you can find that version number inside the `package.json` file).
 Backport pull requests should use the version of the target branch (e.g. `9.4.x` for the `v9.4.x` branch).
 
 ### Include in changelog and release notes?

docs/sources/setup-grafana/configure-grafana/enterprise-configuration/index.md

@@ -316,6 +316,10 @@ List of comma- or space-separated organizations. Each user must be a member of a
 
 List of comma- or space-separated Organization:OrgId:Role mappings. Organization can be `*` meaning "All users". Role is optional and can have the following values: `Admin`, `Editor` ,`Viewer` or `None`.
 
+### role_values_none
+
+List of comma- or space-separated roles that will be mapped to the None role.
+
 ### role_values_editor
 
 List of comma- or space-separated roles that will be mapped to the Editor role.

docs/sources/setup-grafana/configure-security/configure-authentication/saml/index.md

@@ -194,6 +194,7 @@ The table below describes all SAML configuration options. Continue reading below
 | `assertion_attribute_org`                                  | No       | Friendly name or name of the attribute within the SAML assertion to use as the user organization                                                                                                             |                                                       |
 | `allowed_organizations`                                    | No       | List of comma- or space-separated organizations. User should be a member of at least one organization to log in.                                                                                             |                                                       |
 | `org_mapping`                                              | No       | List of comma- or space-separated Organization:OrgId:Role mappings. Organization can be `*` meaning "All users". Role is optional and can have the following values: `Viewer`, `Editor` or `Admin`.          |                                                       |
+| `role_values_none`                                         | No       | List of comma- or space-separated roles which will be mapped into the None role                                                                                                                              |                                                       |
 | `role_values_editor`                                       | No       | List of comma- or space-separated roles which will be mapped into the Editor role                                                                                                                            |                                                       |
 | `role_values_admin`                                        | No       | List of comma- or space-separated roles which will be mapped into the Admin role                                                                                                                             |                                                       |
 | `role_values_grafana_admin`                                | No       | List of comma- or space-separated roles which will be mapped into the Grafana Admin (Super Admin) role                                                                                                       |                                                       |
@@ -364,6 +365,7 @@ Available in Grafana version 7.0 and later.
 Role sync allows you to map user roles from an identity provider to Grafana. To enable role sync, configure role attribute and possible values for the Editor, Admin, and Grafana Admin roles. For more information about user roles, refer to [Roles and permissions]({{< relref "../../../../administration/roles-and-permissions" >}}).
 
 1. In the configuration file, set [`assertion_attribute_role`]({{< relref "../../../configure-grafana/enterprise-configuration#assertion_attribute_role" >}}) option to the attribute name where the role information will be extracted from.
+1. Set the [`role_values_none`]({{< relref "../../../configure-grafana/enterprise-configuration#role_values_none" >}}) option to the values mapped to the `None` role.
 1. Set the [`role_values_editor`]({{< relref "../../../configure-grafana/enterprise-configuration#role_values_editor" >}}) option to the values mapped to the `Editor` role.
 1. Set the [`role_values_admin`]({{< relref "../../../configure-grafana/enterprise-configuration#role_values_admin" >}}) option to the values mapped to the organization `Admin` role.
 1. Set the [`role_values_grafana_admin`]({{< relref "../../../configure-grafana/enterprise-configuration#role_values_grafana_admin" >}}) option to the values mapped to the `Grafana Admin` role.
@@ -377,6 +379,7 @@ Example configuration:
 ```ini
 [auth.saml]
 assertion_attribute_role = role
+role_values_none = none, external
 role_values_editor = editor, developer
 role_values_admin = admin, operator
 role_values_grafana_admin = superadmin