mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
chore: move user_auth models to (mostly) login service (#62269)
* chore: move user_auth models to (mostly) login service
This commit is contained in:
Kristin Laemmert
GitHub
@@ -9,10 +9,10 @@ import (
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/models"
|
||||
"github.com/grafana/grafana/pkg/services/auth"
|
||||
"github.com/grafana/grafana/pkg/services/auth/authtest"
|
||||
"github.com/grafana/grafana/pkg/services/authn"
|
||||
"github.com/grafana/grafana/pkg/services/login"
|
||||
"github.com/grafana/grafana/pkg/services/oauthtoken/oauthtokentest"
|
||||
"github.com/grafana/grafana/pkg/services/user"
|
||||
)
|
||||
@@ -22,7 +22,7 @@ func TestOauthTokenSync_SyncOauthToken(t *testing.T) {
|
||||
desc string
|
||||
identity *authn.Identity
|
||||
|
||||
expectedHasEntryToken *models.UserAuth
|
||||
expectedHasEntryToken *login.UserAuth
|
||||
expectHasEntryCalled bool
|
||||
|
||||
expectedTryRefreshErr error
|
||||
@@ -52,26 +52,26 @@ func TestOauthTokenSync_SyncOauthToken(t *testing.T) {
|
||||
desc: "should skip sync for when access token don't have expire time",
|
||||
identity: &authn.Identity{ID: "user:1", SessionToken: &auth.UserToken{}},
|
||||
expectHasEntryCalled: true,
|
||||
expectedHasEntryToken: &models.UserAuth{},
|
||||
expectedHasEntryToken: &login.UserAuth{},
|
||||
},
|
||||
{
|
||||
desc: "should skip sync when access token has no expired yet",
|
||||
identity: &authn.Identity{ID: "user:1", SessionToken: &auth.UserToken{}},
|
||||
expectHasEntryCalled: true,
|
||||
expectedHasEntryToken: &models.UserAuth{OAuthExpiry: time.Now().Add(10 * time.Minute)},
|
||||
expectedHasEntryToken: &login.UserAuth{OAuthExpiry: time.Now().Add(10 * time.Minute)},
|
||||
},
|
||||
{
|
||||
desc: "should skip sync when access token has no expired yet",
|
||||
identity: &authn.Identity{ID: "user:1", SessionToken: &auth.UserToken{}},
|
||||
expectHasEntryCalled: true,
|
||||
expectedHasEntryToken: &models.UserAuth{OAuthExpiry: time.Now().Add(10 * time.Minute)},
|
||||
expectedHasEntryToken: &login.UserAuth{OAuthExpiry: time.Now().Add(10 * time.Minute)},
|
||||
},
|
||||
{
|
||||
desc: "should refresh access token when is has expired",
|
||||
identity: &authn.Identity{ID: "user:1", SessionToken: &auth.UserToken{}},
|
||||
expectHasEntryCalled: true,
|
||||
expectTryRefreshTokenCalled: true,
|
||||
expectedHasEntryToken: &models.UserAuth{OAuthExpiry: time.Now().Add(-10 * time.Minute)},
|
||||
expectedHasEntryToken: &login.UserAuth{OAuthExpiry: time.Now().Add(-10 * time.Minute)},
|
||||
},
|
||||
{
|
||||
desc: "should invalidate access token and session token if access token can't be refreshed",
|
||||
@@ -81,7 +81,7 @@ func TestOauthTokenSync_SyncOauthToken(t *testing.T) {
|
||||
expectTryRefreshTokenCalled: true,
|
||||
expectInvalidateOauthTokensCalled: true,
|
||||
expectRevokeTokenCalled: true,
|
||||
expectedHasEntryToken: &models.UserAuth{OAuthExpiry: time.Now().Add(-10 * time.Minute)},
|
||||
expectedHasEntryToken: &login.UserAuth{OAuthExpiry: time.Now().Add(-10 * time.Minute)},
|
||||
expectedErr: errExpiredAccessToken,
|
||||
},
|
||||
}
|
||||
@@ -96,15 +96,15 @@ func TestOauthTokenSync_SyncOauthToken(t *testing.T) {
|
||||
)
|
||||
|
||||
service := &oauthtokentest.MockOauthTokenService{
|
||||
HasOAuthEntryFunc: func(ctx context.Context, usr *user.SignedInUser) (*models.UserAuth, bool, error) {
|
||||
HasOAuthEntryFunc: func(ctx context.Context, usr *user.SignedInUser) (*login.UserAuth, bool, error) {
|
||||
hasEntryCalled = true
|
||||
return tt.expectedHasEntryToken, tt.expectedHasEntryToken != nil, nil
|
||||
},
|
||||
InvalidateOAuthTokensFunc: func(ctx context.Context, usr *models.UserAuth) error {
|
||||
InvalidateOAuthTokensFunc: func(ctx context.Context, usr *login.UserAuth) error {
|
||||
invalidateTokensCalled = true
|
||||
return nil
|
||||
},
|
||||
TryTokenRefreshFunc: func(ctx context.Context, usr *models.UserAuth) error {
|
||||
TryTokenRefreshFunc: func(ctx context.Context, usr *login.UserAuth) error {
|
||||
tryRefreshCalled = true
|
||||
return tt.expectedTryRefreshErr
|
||||
},
|
||||
|
||||
@@ -4,17 +4,18 @@ import (
|
||||
"context"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/models"
|
||||
"github.com/grafana/grafana/pkg/models/roletype"
|
||||
"github.com/grafana/grafana/pkg/services/accesscontrol"
|
||||
"github.com/grafana/grafana/pkg/services/accesscontrol/actest"
|
||||
"github.com/grafana/grafana/pkg/services/authn"
|
||||
"github.com/grafana/grafana/pkg/services/login"
|
||||
"github.com/grafana/grafana/pkg/services/org"
|
||||
"github.com/grafana/grafana/pkg/services/org/orgtest"
|
||||
"github.com/grafana/grafana/pkg/services/user"
|
||||
"github.com/grafana/grafana/pkg/services/user/usertest"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func TestOrgSync_SyncOrgUser(t *testing.T) {
|
||||
@@ -79,7 +80,7 @@ func TestOrgSync_SyncOrgUser(t *testing.T) {
|
||||
IsGrafanaAdmin: ptrBool(false),
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: ptrString("test"),
|
||||
Login: nil,
|
||||
@@ -97,7 +98,7 @@ func TestOrgSync_SyncOrgUser(t *testing.T) {
|
||||
IsGrafanaAdmin: ptrBool(false),
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: ptrString("test"),
|
||||
Login: nil,
|
||||
|
||||
@@ -6,7 +6,6 @@ import (
|
||||
"fmt"
|
||||
|
||||
"github.com/grafana/grafana/pkg/infra/log"
|
||||
"github.com/grafana/grafana/pkg/models"
|
||||
"github.com/grafana/grafana/pkg/services/authn"
|
||||
"github.com/grafana/grafana/pkg/services/login"
|
||||
"github.com/grafana/grafana/pkg/services/org"
|
||||
@@ -140,7 +139,7 @@ func (s *UserSync) updateAuthInfo(ctx context.Context, id *authn.Identity) error
|
||||
return fmt.Errorf("invalid namespace %q for user ID %q", namespace, userID)
|
||||
}
|
||||
|
||||
updateCmd := &models.UpdateAuthInfoCommand{
|
||||
updateCmd := &login.UpdateAuthInfoCommand{
|
||||
AuthModule: id.AuthModule,
|
||||
AuthId: id.AuthID,
|
||||
UserId: userID,
|
||||
@@ -222,7 +221,7 @@ func (s *UserSync) createUser(ctx context.Context, id *authn.Identity) (*user.Us
|
||||
}
|
||||
|
||||
if id.AuthModule != "" && id.AuthID != "" {
|
||||
if errSetAuth := s.authInfoService.SetAuthInfo(ctx, &models.SetAuthInfoCommand{
|
||||
if errSetAuth := s.authInfoService.SetAuthInfo(ctx, &login.SetAuthInfoCommand{
|
||||
UserId: usr.ID,
|
||||
AuthModule: id.AuthModule,
|
||||
AuthId: id.AuthID,
|
||||
@@ -241,10 +240,10 @@ func (s *UserSync) createUser(ctx context.Context, id *authn.Identity) (*user.Us
|
||||
func (s *UserSync) UserInDB(ctx context.Context,
|
||||
authID *string,
|
||||
authModule *string,
|
||||
params models.UserLookupParams) (*user.User, error) {
|
||||
params login.UserLookupParams) (*user.User, error) {
|
||||
// Check authinfo table
|
||||
if authID != nil && authModule != nil {
|
||||
query := &models.GetAuthInfoQuery{
|
||||
query := &login.GetAuthInfoQuery{
|
||||
AuthModule: *authModule,
|
||||
AuthId: *authID,
|
||||
}
|
||||
@@ -269,7 +268,7 @@ func (s *UserSync) UserInDB(ctx context.Context,
|
||||
return s.LookupByOneOf(ctx, ¶ms)
|
||||
}
|
||||
|
||||
func (s *UserSync) LookupByOneOf(ctx context.Context, params *models.UserLookupParams) (*user.User, error) {
|
||||
func (s *UserSync) LookupByOneOf(ctx context.Context, params *login.UserLookupParams) (*user.User, error) {
|
||||
var usr *user.User
|
||||
var err error
|
||||
|
||||
|
||||
@@ -4,7 +4,8 @@ import (
|
||||
"context"
|
||||
"testing"
|
||||
|
||||
"github.com/grafana/grafana/pkg/models"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/grafana/grafana/pkg/services/authn"
|
||||
"github.com/grafana/grafana/pkg/services/login"
|
||||
"github.com/grafana/grafana/pkg/services/login/authinfoservice"
|
||||
@@ -13,7 +14,6 @@ import (
|
||||
"github.com/grafana/grafana/pkg/services/quota/quotatest"
|
||||
"github.com/grafana/grafana/pkg/services/user"
|
||||
"github.com/grafana/grafana/pkg/services/user/usertest"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func ptrString(s string) *string {
|
||||
@@ -34,17 +34,17 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
authFakeNil := &logintest.AuthInfoServiceFake{
|
||||
ExpectedUser: nil,
|
||||
ExpectedError: user.ErrUserNotFound,
|
||||
SetAuthInfoFn: func(ctx context.Context, cmd *models.SetAuthInfoCommand) error {
|
||||
SetAuthInfoFn: func(ctx context.Context, cmd *login.SetAuthInfoCommand) error {
|
||||
return nil
|
||||
},
|
||||
UpdateAuthInfoFn: func(ctx context.Context, cmd *models.UpdateAuthInfoCommand) error {
|
||||
UpdateAuthInfoFn: func(ctx context.Context, cmd *login.UpdateAuthInfoCommand) error {
|
||||
return nil
|
||||
},
|
||||
}
|
||||
authFakeUserID := &logintest.AuthInfoServiceFake{
|
||||
ExpectedUser: nil,
|
||||
ExpectedError: nil,
|
||||
ExpectedUserAuth: &models.UserAuth{
|
||||
ExpectedUserAuth: &login.UserAuth{
|
||||
AuthModule: "oauth",
|
||||
AuthId: "2032",
|
||||
UserId: 1,
|
||||
@@ -111,7 +111,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
Name: "test",
|
||||
Email: "test",
|
||||
ClientParams: authn.ClientParams{
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: ptrString("test"),
|
||||
Login: nil,
|
||||
@@ -126,7 +126,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
Name: "test",
|
||||
Email: "test",
|
||||
ClientParams: authn.ClientParams{
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: ptrString("test"),
|
||||
Login: nil,
|
||||
@@ -150,7 +150,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
Email: "test",
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: ptrString("test"),
|
||||
Login: nil,
|
||||
@@ -167,7 +167,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
IsGrafanaAdmin: ptrBool(false),
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: ptrString("test"),
|
||||
Login: nil,
|
||||
@@ -191,7 +191,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
Email: "test",
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: nil,
|
||||
Login: ptrString("test"),
|
||||
@@ -207,7 +207,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
Email: "test",
|
||||
IsGrafanaAdmin: ptrBool(false),
|
||||
ClientParams: authn.ClientParams{
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: nil,
|
||||
Login: ptrString("test"),
|
||||
@@ -232,7 +232,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
Email: "test",
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: ptrInt64(1),
|
||||
Email: nil,
|
||||
Login: nil,
|
||||
@@ -249,7 +249,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
IsGrafanaAdmin: ptrBool(false),
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: ptrInt64(1),
|
||||
Email: nil,
|
||||
Login: nil,
|
||||
@@ -274,7 +274,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
Email: "test",
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: nil,
|
||||
Login: nil,
|
||||
@@ -291,7 +291,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
IsGrafanaAdmin: ptrBool(false),
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: nil,
|
||||
Login: nil,
|
||||
@@ -317,7 +317,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
AuthID: "2032",
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: nil,
|
||||
Login: nil,
|
||||
@@ -348,7 +348,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
SyncUser: true,
|
||||
AllowSignUp: true,
|
||||
EnableDisabledUsers: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: ptrString("test_create"),
|
||||
Login: nil,
|
||||
@@ -369,7 +369,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
SyncUser: true,
|
||||
AllowSignUp: true,
|
||||
EnableDisabledUsers: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: nil,
|
||||
Email: ptrString("test_create"),
|
||||
Login: nil,
|
||||
@@ -396,7 +396,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
EnableDisabledUsers: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: ptrInt64(3),
|
||||
Email: nil,
|
||||
Login: nil,
|
||||
@@ -415,7 +415,7 @@ func TestUserSync_SyncUser(t *testing.T) {
|
||||
ClientParams: authn.ClientParams{
|
||||
SyncUser: true,
|
||||
EnableDisabledUsers: true,
|
||||
LookUpParams: models.UserLookupParams{
|
||||
LookUpParams: login.UserLookupParams{
|
||||
UserID: ptrInt64(3),
|
||||
Email: nil,
|
||||
Login: nil,
|
||||
|
||||
Reference in New Issue
Block a user