* Remove Result field from AddDataSourceCommand
* Remove DatasourcesPermissionFilterQuery Result
* Remove GetDataSourceQuery Result
* Remove GetDataSourcesByTypeQuery Result
* Remove GetDataSourcesQuery Result
* Remove GetDefaultDataSourceQuery Result
* Remove UpdateDataSourceCommand Result
* add bundle registry service to avoid dependency cycles
* move user support bundle collector to user service
* move usage stat bundle implementation to usage stats
* add info for background service
* fix remaining imports
* whitespace
* extend IsInherited function to work for nested folders
* add tests
* update tests and logic
* process inherited permissions seprately to correctly grey them out in the frontend
* add nested folder scope inheritance to managed permission services
* add a more specific erorr
* remove circular dependencies
* use errutil for returning erorr
* fix tests
* fix tests
* define a new error in ac package
* Add checker and update the resource filter function for new search
* Add tests for checker
* small fixes
* handle location for panels correctly
* clean up checker code and extend the tests for it
* more fixes, but tests don't quite work yet
* a small change to return error
* cleanup
* more simplification
* fix tests
* correct wrong argument ordering & use constant
* Apply suggestions from code review
Co-authored-by: Artur Wierzbicki <artur.wierzbicki@grafana.com>
* import
* check general folder from permission checker function
* handle root folder aka general folder properly
* update tests
* clean up
* lint
* add fix from main
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Artur Wierzbicki <artur.wierzbicki@grafana.com>
* Chore: Move team models to models pkg
* Fix ACL tests
* More ACL tests
* Change Id to ID in conflict user command test
* Remove team from models
* Fix ac test lint
* RBAC: Add fake for permissions service
* ServiceAccount: Rewrite create api tests
* ServiceAccount: Rewrite api delete tests
* ServiceAccount: Rewrite api test for RetriveServiceAccount
* ServiceAccount: Refactor UpdateServiceAccount api test
* ServiceAccount: Refactor CreateToken api test
* ServiceAccount: refactor delete token api tests
* ServiceAccount: rewrite list tokens api test
* Remove test helper that is not used any more
* ServiceAccount: remove unused test helpers
* initial commit
* clean up
* fix a bug and add tests
* more tests
* undo some unintended changes
* undo some unintended changes
* linting
* PR feedback - add user ID to search options
* simplify the query
* Apply suggestions from code review
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* remove unneeded formatting changes
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* RBAC: Add benchmarks to search all users given a specific permission
* Add missing time
* Inline benchmarks
* Make bench setup memory efficient
* fix user id
* comment
* Ran 10K_10k and got a better time this time
* change comment to pass linting
* change comment to pass linting
* Update pkg/services/accesscontrol/acimpl/service_bench_test.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* refactor: renaming of files from database to store
* refactor: make service account store private
- moves store interface to manager package
- adds an interface to the ProvideAPI constructor
- refactors tests to use the store when necessary
- adds mocks for the new interface implementations in the tests package
* wip
* refactor: make fakestore in service
* wip
* wip
* wip
* working tests
* trailing whitespaces
* Update pkg/services/serviceaccounts/api/api.go
* Update pkg/services/serviceaccounts/tests/common.go
* Update pkg/services/serviceaccounts/tests/common.go
* refactor: doc string for retriever
* fix import unused
* remove: serviceaccount from featuretoggle
* added: back legacy serviceaccounts feature toggle
* added: docs
* refactor: make query for the SearchQuery
* add: validation of service input fields
* add validation
* RBAC: add viewer grand if dspermissions enforcement is not enabled
* RBAC: Change permissions based on role prefix
* RBAC: Add option to for permission service to add a license middleware
* RBAC: Remove actions from query struct
* RBAC: Add an endpoint to see all user permissions
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
* Fix mock
* Add feature flag
* Fix merging
* Return normal permissions instead of simplified ones
* Fix test
* Fix tests
* Fix tests
* Create benchtests
* Split function to get basic roles
* Comments
* Reorg
* Add two more tests to the bench
* bench comment
* Re-ran the test
* Rename GetUsersPermissions to SearchUsersPermissions and prepare search options
* Remove from model unused struct
* Start adding option to get permissions by Action+Scope
* Wrong import
* Action and Scope
* slightly tweak users permissions actionPrefix query param validation logic
* Fix xor check
* Lint
* Account for suggeston
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Add search
* Remove comment on global scope
* use union all and update test to make it run on all dbs
* Fix MySQL needs a space
* Account for suggestion.
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
Co-authored-by: Joey Orlando <joseph.t.orlando@gmail.com>
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* remove legacy createorg from org service
* remove another createorg from orgimpl
* remove createorg from api pref tests
* remove createorg from api org tests
* fix tests
* remove createorg from annotations test
* remove createorg from team tests
* remove createorg from service accounts
* remove createorg from accesscontrol tests
* remove createorg from provisioning
* Use quotaservice from sc.hs
* Auth: move interface to its own file
* Auth: move to test package
* Auth: move quota consts to auth file
* Auth: move service to impl package
* Auth: move interfaces and related models to auth package
* Auth: Create sub package and type alias to avoid circular dependency
* RBAC: Remove name from role registration
* Inline accesscontrol service
* test fix
* use fmt
Co-Authored-By: marefr <marcus.efraimsson@gmail.com>
Co-authored-by: marefr <marcus.efraimsson@gmail.com>
* clean up and document integration test convention
* clarify integration test conventions
* clean up integration tests that don't follow convention
* mark testIntegration* functions as helpers to avoid confusion
* RBAC: Remove the access control evaluator fake
* API: Change to use access control implementation instead of mocks with
rbac disabled in tests
* Tests: Set cfg and access control defaults after applying options
* Tests: Rewrite team legacy access control tests
* Tests: Add helper function to create user with permissions
* Tests: set fake quota service as default
* Team: Add ExpectedTeamDTO and set in query result
* RBAC: Revert change
* RBAC: Add deprecation notice to mock
* chore: add alias for InitTestDB and Session
Adds an alias for the sqlstore InitTestDB and Session, and updates tests using these to reduce dependencies on the sqlstore.Store.
* next pass of removing sqlstore imports
* last little bit
* remove mockstore where possible
