Chore: Implement requester in util pkg (#74105)

implement requester changes that do not impact functionality
This commit is contained in:
Jo 2023-08-31 09:46:55 +02:00 committed by GitHub
parent f97e1c81e6
commit dcf06658eb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 16 additions and 9 deletions

View File

@ -9,7 +9,6 @@ import (
"github.com/grafana/grafana/pkg/kinds/team"
"github.com/grafana/grafana/pkg/services/auth/identity"
"github.com/grafana/grafana/pkg/services/dashboards"
"github.com/grafana/grafana/pkg/services/user"
)
// Typed errors
@ -160,7 +159,7 @@ type GetTeamMembersQuery struct {
TeamUID string
UserID int64
External bool
SignedInUser *user.SignedInUser
SignedInUser identity.Requester
}
// ----------------------

View File

@ -12,6 +12,7 @@ import (
"github.com/grafana/grafana/pkg/infra/db"
ac "github.com/grafana/grafana/pkg/services/accesscontrol"
"github.com/grafana/grafana/pkg/services/auth/identity"
"github.com/grafana/grafana/pkg/services/dashboards"
"github.com/grafana/grafana/pkg/services/org/orgimpl"
"github.com/grafana/grafana/pkg/services/quota/quotaimpl"
@ -573,7 +574,7 @@ func TestIntegrationSQLStore_GetTeamMembers_ACFilter(t *testing.T) {
if !hasWildcardScope(tt.query.SignedInUser, ac.ActionOrgUsersRead) {
for _, member := range queryResult {
assert.Contains(t,
tt.query.SignedInUser.Permissions[tt.query.SignedInUser.OrgID][ac.ActionOrgUsersRead],
tt.query.SignedInUser.GetPermissions()[ac.ActionOrgUsersRead],
ac.Scope("users", "id", fmt.Sprintf("%d", member.UserID)),
)
}
@ -582,8 +583,8 @@ func TestIntegrationSQLStore_GetTeamMembers_ACFilter(t *testing.T) {
}
}
func hasWildcardScope(user *user.SignedInUser, action string) bool {
for _, scope := range user.Permissions[user.OrgID][action] {
func hasWildcardScope(user identity.Requester, action string) bool {
for _, scope := range user.GetPermissions()[action] {
if strings.HasSuffix(scope, ":*") {
return true
}

View File

@ -7,7 +7,7 @@ import (
"sort"
"strings"
"github.com/grafana/grafana/pkg/services/user"
"github.com/grafana/grafana/pkg/services/auth/identity"
)
// UserHeaderName name of the header used when forwarding the Grafana user login.
@ -103,9 +103,16 @@ func SetViaHeader(header http.Header, major, minor int) {
}
// ApplyUserHeader Set the X-Grafana-User header if needed (and remove if not).
func ApplyUserHeader(sendUserHeader bool, req *http.Request, user *user.SignedInUser) {
func ApplyUserHeader(sendUserHeader bool, req *http.Request, user identity.Requester) {
req.Header.Del(UserHeaderName)
if sendUserHeader && user != nil && !user.IsAnonymous {
req.Header.Set(UserHeaderName, user.Login)
if !sendUserHeader || user == nil || user.IsNil() {
return
}
namespace, _ := user.GetNamespacedID()
switch namespace {
case identity.NamespaceUser, identity.NamespaceServiceAccount:
req.Header.Set(UserHeaderName, user.GetLogin())
}
}