grafana/pkg/services/ngalert/accesscontrol
Matthew Jacobson 32f06c6d9c
Alerting: Receiver API complete core implementation (#91738)
* Replace global authz abstraction with one compatible with uid scope

* Replace GettableApiReceiver with models.Receiver in receiver_svc

* GrafanaIntegrationConfig -> models.Integration

* Implement Create/Update methods

* Add optimistic concurrency to receiver API

* Add scope to ReceiversRead & ReceiversReadSecrets

migrates existing permissions to include implicit global scope

* Add receiver create, update, delete actions

* Check if receiver is used by rules before delete

* On receiver name change update in routes and notification settings

* Improve errors

* Linting

* Include read permissions are requirements for create/update/delete

* Alias ngalert/models to ngmodels to differentiate from v0alpha1 model

* Ensure integration UIDs are valid, unique, and generated if empty

* Validate integration settings on create/update

* Leverage UidToName to GetReceiver instead of GetReceivers

* Remove some unnecessary uses of simplejson

* alerting.notifications.receiver -> alerting.notifications.receivers

* validator -> provenanceValidator

* Only validate the modified receiver

stops existing invalid receivers from preventing modification of a valid
receiver.

* Improve error in Integration.Encrypt

* Remove scope from alert.notifications.receivers:create

* Add todos for receiver renaming

* Use receiverAC precondition checks in k8s api

* Linting

* Optional optimistic concurrency for delete

* make update-workspace

* More specific auth checks in k8s authorize.go

* Add debug log when delete optimistic concurrency is skipped

* Improve error message on authorizer.DecisionDeny

* Keep error for non-forbidden errutil errors
2024-08-26 10:47:53 -04:00
..
fakes Alerting: Update alerting state history API to authorize access using RBAC (#89579) 2024-06-26 10:25:37 -04:00
accesscontrol.go Chore: Move identity and errutil to apimachinery module (#89116) 2024-06-13 07:11:35 +03:00
models.go Alerting: Receiver API complete core implementation (#91738) 2024-08-26 10:47:53 -04:00
receivers.go Alerting: Receiver API complete core implementation (#91738) 2024-08-26 10:47:53 -04:00
rules_test.go Alerting: Update alerting state history API to authorize access using RBAC (#89579) 2024-06-26 10:25:37 -04:00
rules.go Alerting: Update alerting state history API to authorize access using RBAC (#89579) 2024-06-26 10:25:37 -04:00
silences_test.go Chore: Move identity and errutil to apimachinery module (#89116) 2024-06-13 07:11:35 +03:00
silences.go Chore: Move identity and errutil to apimachinery module (#89116) 2024-06-13 07:11:35 +03:00
testing.go Chore: Move identity and errutil to apimachinery module (#89116) 2024-06-13 07:11:35 +03:00