IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Auth: Add SignedIn user interface NamespacedID (#72944)

Browse Source 
* wip

* scope active user to 1 org

* remove TODOs

* add render auth namespace

* import cycle fix

* make condition more readable

* convert Evaluate to user Requester

* only use active OrgID for SearchUserPermissions

* add cache key to interface definition

* change final SignedInUsers to interface

* fix api key managed roles fetch

* fix anon auth id parsing

* Update pkg/services/accesscontrol/acimpl/accesscontrol.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
This commit is contained in:
Jo
2023-08-09 09:35:50 +02:00
committed by GitHub
parent 144e4887ee
commit bd1a856d33
13 changed files with 128 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
pkg/services/accesscontrol/actest/fake.go
View File

@@ -4,6 +4,7 @@ import (
"context"
"github.com/grafana/grafana/pkg/services/accesscontrol"
"github.com/grafana/grafana/pkg/services/auth/identity"
"github.com/grafana/grafana/pkg/services/user"
)
@@ -23,11 +24,11 @@ func (f FakeService) GetUsageStats(ctx context.Context) map[string]interface{} {
return map[string]interface{}{}
}
func (f FakeService) GetUserPermissions(ctx context.Context, user *user.SignedInUser, options accesscontrol.Options) ([]accesscontrol.Permission, error) {
func (f FakeService) GetUserPermissions(ctx context.Context, user identity.Requester, options accesscontrol.Options) ([]accesscontrol.Permission, error) {
return f.ExpectedPermissions, f.ExpectedErr
}
func (f FakeService) SearchUsersPermissions(ctx context.Context, user *user.SignedInUser, orgID int64, options accesscontrol.SearchOptions) (map[int64][]accesscontrol.Permission, error) {
func (f FakeService) SearchUsersPermissions(ctx context.Context, user identity.Requester, options accesscontrol.SearchOptions) (map[int64][]accesscontrol.Permission, error) {
return f.ExpectedUsersPermissions, f.ExpectedErr
}
@@ -35,7 +36,7 @@ func (f FakeService) SearchUserPermissions(ctx context.Context, orgID int64, sea
return f.ExpectedFilteredUserPermissions, f.ExpectedErr
}
func (f FakeService) ClearUserPermissionCache(user *user.SignedInUser) {}
func (f FakeService) ClearUserPermissionCache(user identity.Requester) {}
func (f FakeService) DeleteUserPermissions(ctx context.Context, orgID, userID int64) error {
return f.ExpectedErr
@@ -69,7 +70,7 @@ type FakeAccessControl struct {
ExpectedEvaluate bool
}
func (f FakeAccessControl) Evaluate(ctx context.Context, user *user.SignedInUser, evaluator accesscontrol.Evaluator) (bool, error) {
func (f FakeAccessControl) Evaluate(ctx context.Context, user identity.Requester, evaluator accesscontrol.Evaluator) (bool, error) {
return f.ExpectedEvaluate, f.ExpectedErr
}