* AccessControl: Add access control actions and scopes to team update and delete
* AccessControl: Add tests for AC guards in update/delete
* AccessControl: add fixed role for team writer
* AccessControl: ensure team related AC is deleted with team
* Update pkg/api/team_test.go
* Moved flux case to its own return
* Added missing template replaces for limit, slimit, tz
* Added missing template replaces for select
* Added missing template replaces for group by
* Added tests
* PR changes
* Chore: Remove bus from user api
* Adu authinfoservice interface
* User authinfoservice.Service instead of authinfoservice.Implementation in HTTPServer
* Rename Implementation to authInfoService
* pass notification service down to the notifiers
* add ns to all notifiers
* remove bus from ngalert notifiers
* use smaller interfaces for notificationservice
* attempt to fix the tests
* remove unused struct field
* simplify notification service mock
* trying to resolve issues in the tests
* make linter happy
* make linter even happier
* linter, you are annoying
* AccessControl: cover team permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Add background service as a consumer to resource_services
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Define actions in roles.go
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Remove action from accesscontrol model
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* As suggested by kalle
* move some changes from branch to the skeleton PR
* Add background service as a consumer to resource_services
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* moving resourceservice to the main wire file pt2
* move team related actions so that they can be reused
* PR feedback
* fix
* typo
* Access Control: adding hooks for team member endpoints (#43991)
* AccessControl: cover team permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Add background service as a consumer to resource_services
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Define actions in roles.go
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Remove action from accesscontrol model
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* As suggested by kalle
* add access control to list and add team member endpoint, and hooks for adding team members
* member permission type is 0
* add ID scope for team permission checks
* add more team actions, use Member for member permission name
* protect team member update endpoint with FGAC permissions
* update SQL functions for teams and the corresponding tests
* also protect team member removal endpoint with FGAC permissions and add a hook to permission service
* a few small fixes, provide team permission service to test setup
* AccessControl: cover team permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Add background service as a consumer to resource_services
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Define actions in roles.go
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Remove action from accesscontrol model
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* As suggested by kalle
* move some changes from branch to the skeleton PR
* remove resource services from wireexts
* remove unneeded actions
* linting fix
* remove comments
* feedback fixes
* feedback
* simplifying
* remove team member within the same transaction
* fix a mistake with the error
* call the correct sql fction
* linting
* Access control: tests for team member endpoints (#44177)
* tests for team member endpoints
* clean up and fix the tests
* fixing tests take 2
* don't import enterprise test license
* don't import enterprise test license
* remove unused variable
Co-authored-by: gamab <gabi.mabs@gmail.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Fix duplicate validation when multiple organizations have been configured.
This makes sure that all duplicate validation is being made for each organization.
Fixes#44126
* Refactor: Change sqlstore.inTransaction to SQLStore.WithTransactionalDBSession in misc files
* Refactor: Change .inTransaction in org.go file
* Refactor: Update init() to proper SQLStore handlers
* Refactor: Update funcs in tests to be sqlStore methods
* Refactor: Update API funcs to receive HTTPServer
* Fix: define methods on sqlstore
* Adjust GetSignedInUser calls
* Refactor: Add sqlStore to Service struct
* Chore: Add back black spaces to remove file from PR
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
