team: renames teams.CanUpdate teamguardian.CanAdmin

pkg/api/dashboard_test.go

@@ -1028,6 +1028,7 @@ func restoreDashboardVersionScenario(desc string, url string, routePattern strin
 		defer bus.ClearBusHandlers()
 
 		hs := HTTPServer{
+			Cfg: setting.NewCfg(),
 			Bus: bus.GetBus(),
 		}
 

pkg/api/folder_test.go

@@ -142,12 +142,9 @@ func createFolderScenario(desc string, url string, routePattern string, mock *fa
 	Convey(desc+" "+url, func() {
 		defer bus.ClearBusHandlers()
 
-		cfg := setting.NewCfg()
-		cfg.EditorsCanAdmin = true
-
 		hs := HTTPServer{
 			Bus: bus.GetBus(),
-			Cfg: cfg,
+			Cfg: setting.NewCfg(),
 		}
 
 		sc := setupScenarioContext(url)

pkg/api/team.go

@@ -4,7 +4,7 @@ import (
 	"github.com/grafana/grafana/pkg/api/dtos"
 	"github.com/grafana/grafana/pkg/bus"
 	m "github.com/grafana/grafana/pkg/models"
-	"github.com/grafana/grafana/pkg/services/teams"
+	"github.com/grafana/grafana/pkg/services/teamguardian"
 	"github.com/grafana/grafana/pkg/util"
 )
 
@@ -42,7 +42,7 @@ func UpdateTeam(c *m.ReqContext, cmd m.UpdateTeamCommand) Response {
 	cmd.OrgId = c.OrgId
 	cmd.Id = c.ParamsInt64(":teamId")
 
-	if err := teams.CanUpdateTeam(cmd.OrgId, cmd.Id, c.SignedInUser); err != nil {
+	if err := teamguardian.CanAdmin(cmd.OrgId, cmd.Id, c.SignedInUser); err != nil {
 		return Error(403, "Not allowed to update team", err)
 	}
 
@@ -62,7 +62,7 @@ func DeleteTeamByID(c *m.ReqContext) Response {
 	teamId := c.ParamsInt64(":teamId")
 	user := c.SignedInUser
 
-	if err := teams.CanUpdateTeam(orgId, teamId, user); err != nil {
+	if err := teamguardian.CanAdmin(orgId, teamId, user); err != nil {
 		return Error(403, "Not allowed to delete team", err)
 	}
 
@@ -132,7 +132,14 @@ func GetTeamByID(c *m.ReqContext) Response {
 
 // GET /api/teams/:teamId/preferences
 func GetTeamPreferences(c *m.ReqContext) Response {
-	return getPreferencesFor(c.OrgId, 0, c.ParamsInt64(":teamId"))
+	teamId := c.ParamsInt64(":teamId")
+	orgId := c.OrgId
+
+	if err := teamguardian.CanAdmin(orgId, teamId, c.SignedInUser); err != nil {
+		return Error(403, "Not allowed to view team preferences.", err)
+	}
+
+	return getPreferencesFor(orgId, 0, teamId)
 }
 
 // PUT /api/teams/:teamId/preferences
@@ -140,7 +147,7 @@ func UpdateTeamPreferences(c *m.ReqContext, dtoCmd dtos.UpdatePrefsCmd) Response
 	teamId := c.ParamsInt64(":teamId")
 	orgId := c.OrgId
 
-	if err := teams.CanUpdateTeam(orgId, teamId, c.SignedInUser); err != nil {
+	if err := teamguardian.CanAdmin(orgId, teamId, c.SignedInUser); err != nil {
 		return Error(403, "Not allowed to update team preferences.", err)
 	}
 

pkg/api/team_members.go

@@ -4,7 +4,7 @@ import (
 	"github.com/grafana/grafana/pkg/api/dtos"
 	"github.com/grafana/grafana/pkg/bus"
 	m "github.com/grafana/grafana/pkg/models"
-	"github.com/grafana/grafana/pkg/services/teams"
+	"github.com/grafana/grafana/pkg/services/teamguardian"
 	"github.com/grafana/grafana/pkg/setting"
 	"github.com/grafana/grafana/pkg/util"
 )
@@ -34,7 +34,7 @@ func AddTeamMember(c *m.ReqContext, cmd m.AddTeamMemberCommand) Response {
 	teamId := c.ParamsInt64(":teamId")
 	orgId := c.OrgId
 
-	if err := teams.CanUpdateTeam(orgId, teamId, c.SignedInUser); err != nil {
+	if err := teamguardian.CanAdmin(orgId, teamId, c.SignedInUser); err != nil {
 		return Error(403, "Not allowed to add team member", err)
 	}
 
@@ -63,7 +63,7 @@ func UpdateTeamMember(c *m.ReqContext, cmd m.UpdateTeamMemberCommand) Response {
 	teamId := c.ParamsInt64(":teamId")
 	orgId := c.OrgId
 
-	if err := teams.CanUpdateTeam(orgId, teamId, c.SignedInUser); err != nil {
+	if err := teamguardian.CanAdmin(orgId, teamId, c.SignedInUser); err != nil {
 		return Error(403, "Not allowed to update team member", err)
 	}
 
@@ -86,7 +86,7 @@ func RemoveTeamMember(c *m.ReqContext) Response {
 	teamId := c.ParamsInt64(":teamId")
 	userId := c.ParamsInt64(":userId")
 
-	if err := teams.CanUpdateTeam(orgId, teamId, c.SignedInUser); err != nil {
+	if err := teamguardian.CanAdmin(orgId, teamId, c.SignedInUser); err != nil {
 		return Error(403, "Not allowed to remove team member", err)
 	}
 

pkg/services/teamguardian/team.go

@@ -1,11 +1,11 @@
-package teams
+package teamguardian
 
 import (
 	"github.com/grafana/grafana/pkg/bus"
 	m "github.com/grafana/grafana/pkg/models"
 )
 
-func CanUpdateTeam(orgId int64, teamId int64, user *m.SignedInUser) error {
+func CanAdmin(orgId int64, teamId int64, user *m.SignedInUser) error {
 	if user.OrgRole == m.ROLE_ADMIN {
 		return nil
 	}

pkg/services/teamguardian/teams_test.go

@@ -1,4 +1,4 @@
-package teams
+package teamguardian
 
 import (
 	"github.com/grafana/grafana/pkg/bus"
@@ -33,7 +33,7 @@ func TestUpdateTeam(t *testing.T) {
 					return nil
 				})
 
-				err := CanUpdateTeam(testTeam.OrgId, testTeam.Id, &editor)
+				err := CanAdmin(testTeam.OrgId, testTeam.Id, &editor)
 				So(err, ShouldEqual, m.ErrNotAllowedToUpdateTeam)
 			})
 		})
@@ -50,7 +50,7 @@ func TestUpdateTeam(t *testing.T) {
 					return nil
 				})
 
-				err := CanUpdateTeam(testTeam.OrgId, testTeam.Id, &editor)
+				err := CanAdmin(testTeam.OrgId, testTeam.Id, &editor)
 				So(err, ShouldBeNil)
 			})
 		})
@@ -72,14 +72,14 @@ func TestUpdateTeam(t *testing.T) {
 					return nil
 				})
 
-				err := CanUpdateTeam(testTeamOtherOrg.OrgId, testTeamOtherOrg.Id, &editor)
+				err := CanAdmin(testTeamOtherOrg.OrgId, testTeamOtherOrg.Id, &editor)
 				So(err, ShouldEqual, m.ErrNotAllowedToUpdateTeamInDifferentOrg)
 			})
 		})
 
 		Convey("Given an org admin and a team", func() {
 			Convey("Should be able to update the team", func() {
-				err := CanUpdateTeam(testTeam.OrgId, testTeam.Id, &admin)
+				err := CanAdmin(testTeam.OrgId, testTeam.Id, &admin)
 				So(err, ShouldBeNil)
 			})
 		})

public/app/types/acl.ts

@@ -115,6 +115,6 @@ export const teamsPermissionLevels: TeamPermissionInfo[] = [
   {
     value: TeamPermissionLevel.Admin,
     label: 'Admin',
-    description: 'Can add/remove permissions and delete team.',
+    description: 'Can add/remove permissions, members and delete team.',
   },
 ];