IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
49,866 Commits 5,454 Branches 554 Tags 1.9 GiB
5ebf2d08f6
Commit Graph

15 Commits

Author SHA1 Message Date
Karl Persson
d4e802dd47
Authn: Add function to resolve identity from org and namespace id (#84555) 
* Add function to get the namespaced id

* Add function to resolve an identity through authn.Service from org and namespace id

* Switch to resolve identity for re-authenticate in another org
 2024-03-15 15:08:15 +01:00
Ryan McKinley
9c9e5e68c8
User: Add uid colum to user table (#81615) 2024-02-01 18:14:10 -08:00
Gabriel MABILLE
3df0611f81
RBAC: Fix authorize in org (#81552) 
* RBAC: Fix authorize in org

* Implement option 2

* Fix typo

* Fix alerting test

* Add test to cover the not member case
 2024-02-01 12:37:01 +01:00
Jo
40c8e2fc75
Live: Move empty orgRole safety valve (#78531) 
move empty orgRole safety valve
 2023-11-22 15:51:11 +01:00
Karl Persson
b9b4246432
IDForwarding: Add auth hook to generate id token (#75555) 
* AuthN: Move identity struct to its own file

* IDForwarding: Add IDToken property to usr and identity structs and add GetIDToken to requester interface

* Inject IDService into background services

* IDForwarding: Register post auth hook when feature toggle is enabled
 2023-09-28 09:22:05 +02:00
Karl Persson
cebae4fb9a
Requester: Update GetCacheKey (#74834) 
* AuthN: re-export all namespaces

* Identity: Change signature of GetCacheKey

* User: check HasUniqueID

* Default to org role None if role is empty
 2023-09-14 09:19:33 +02:00
linoman
0e8f19ca6a
Auth: Reduce restriction with non-user accounts (#74397) 
* Reduce restrictions with non-user accounts

* Revert restrictions on anonymous accounts

* Change log level from warning to debug

* Change log messages to upper case
 2023-09-06 13:37:54 +02:00
linoman
13f4382214
Auth: Implement requester interface in access control module (#74289) 
* Implement requester interface in the access control module
 2023-09-06 11:16:10 +02:00
linoman
1b8e9b51b2
Replace signed in user for identity.requester (#74048) 
* Make identity.Requester available at Context

* Clean pkg/services/guardian/guardian.go

* Clean guardian provider and guardian AC

* Clean pkg/api/team.go

* Clean ctxhandler, datasources, plugin and live

* Clean dashboards and guardian

* Implement NewUserDisplayDTOFromRequester

* Change status code numbers for http constants

* Upgrade signature of ngalert services

* log parsing errors instead of throwing error
 2023-08-30 16:51:18 +02:00
Jo
fe1563882a
Chore: Port oauth token service to identity requester (#73988) 
* port oauth token service to identity requester

* fix broken test

* no need to check for render
 2023-08-29 11:55:58 +02:00
Jo
a307582212
Revert "Replace signed in user for identity.requester (#73750)" (#73962) 
This reverts commit 9b9c9e83dc.
 2023-08-28 21:05:59 +02:00
linoman
9b9c9e83dc
Replace signed in user for identity.requester (#73750) 
* Make identity.Requester available at Context

* Clean pkg/services/guardian/guardian.go

* Clean guardian provider and guardian AC

* Clean pkg/api/team.go

* Clean ctxhandler, datasources, plugin and live

* Question: what to do with the UserDisplayDTO?

* Clean dashboards and guardian

* Remove identity.Requester from ReqContext

* Implement NewUserDisplayDTOFromRequester

* Fix tests

* Change status code numbers for http constants

* Upgrade signature of ngalert services

* log parsing errors instead of throwing error

* Fix tests and add logs

* linting
 2023-08-28 12:04:36 -05:00
Jo
5d8e6aa162
Auth: Org Invite and Team API SignedInUser interfacing (#73085) 
* fix ngalert Evaluate sig change

* interface for teams and org invites

* Update pkg/api/org_invite.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
 2023-08-09 12:33:35 +02:00
Jo
bd1a856d33
Auth: Add SignedIn user interface NamespacedID (#72944) 
* wip

* scope active user to 1 org

* remove TODOs

* add render auth namespace

* import cycle fix

* make condition more readable

* convert Evaluate to user Requester

* only use active OrgID for SearchUserPermissions

* add cache key to interface definition

* change final SignedInUsers to interface

* fix api key managed roles fetch

* fix anon auth id parsing

* Update pkg/services/accesscontrol/acimpl/accesscontrol.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
 2023-08-09 09:35:50 +02:00
Jo
30274a4f88
Auth: Move Team service to SignedInUserInterface (#72674) 
* move SignedInUser to specific file

* add primitive interface for signedInUser
 2023-08-02 10:43:56 +02:00