mirror of
https://github.com/grafana/grafana.git
synced 2025-02-20 11:48:34 -06:00
4982ca3b1d
* Add actions and scopes * add resource service for dashboard and folder * Add dashboard guardian with fgac permission evaluation * Add CanDelete function to guardian interface * Add CanDelete property to folder and dashboard dto and set values * change to correct function name * Add accesscontrol to folder endpoints * add access control to dashboard endpoints * check access for nav links * Add fixed roles for dashboard and folders * use correct package * add hack to override guardian Constructor if accesscontrol is enabled * Add services * Add function to handle api backward compatability * Add permissionServices to HttpServer * Set permission when new dashboard is created * Add default permission when creating new dashboard * Set default permission when creating folder and dashboard * Add access control filter for dashboard search * Add to accept list * Add accesscontrol to dashboardimport * Disable access control in tests * Add check to see if user is allow to create a dashboard * Use SetPermissions * Use function to set several permissions at once * remove permissions for folder and dashboard on delete * update required permission * set permission for provisioning * Add CanCreate to dashboard guardian and set correct permisisons for provisioning * Dont set admin on folder / dashboard creation * Add dashboard and folder permission migrations * Add tests for CanCreate * Add roles and update descriptions * Solve uid to id for dashboard and folder permissions * Add folder and dashboard actions to permission filter * Handle viewer_can_edit flag * set folder and dashboard permissions services * Add dashboard permissions when importing a new dashboard * Set access control permissions on provisioning * Pass feature flags and only set permissions if access control is enabled * only add default permissions for folders and dashboards without folders * Batch create permissions in migrations * Remove `dashboards:edit` action * Remove unused function from interface * Update pkg/services/guardian/accesscontrol_guardian_test.go Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
47 lines
2.1 KiB
Go
47 lines
2.1 KiB
Go
package mock
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/stretchr/testify/mock"
|
|
|
|
"github.com/grafana/grafana/pkg/models"
|
|
"github.com/grafana/grafana/pkg/services/accesscontrol"
|
|
)
|
|
|
|
var _ accesscontrol.PermissionsService = new(MockPermissionsService)
|
|
|
|
type MockPermissionsService struct {
|
|
mock.Mock
|
|
}
|
|
|
|
func (m *MockPermissionsService) GetPermissions(ctx context.Context, user *models.SignedInUser, resourceID string) ([]accesscontrol.ResourcePermission, error) {
|
|
mockedArgs := m.Called(ctx, user, resourceID)
|
|
return mockedArgs.Get(0).([]accesscontrol.ResourcePermission), mockedArgs.Error(1)
|
|
}
|
|
|
|
func (m *MockPermissionsService) SetUserPermission(ctx context.Context, orgID int64, user accesscontrol.User, resourceID, permission string) (*accesscontrol.ResourcePermission, error) {
|
|
mockedArgs := m.Called(ctx, orgID, user, resourceID, permission)
|
|
return mockedArgs.Get(0).(*accesscontrol.ResourcePermission), mockedArgs.Error(1)
|
|
}
|
|
|
|
func (m *MockPermissionsService) SetTeamPermission(ctx context.Context, orgID, teamID int64, resourceID, permission string) (*accesscontrol.ResourcePermission, error) {
|
|
mockedArgs := m.Called(ctx, orgID, teamID, resourceID, permission)
|
|
return mockedArgs.Get(0).(*accesscontrol.ResourcePermission), mockedArgs.Error(1)
|
|
}
|
|
|
|
func (m *MockPermissionsService) SetBuiltInRolePermission(ctx context.Context, orgID int64, builtInRole, resourceID, permission string) (*accesscontrol.ResourcePermission, error) {
|
|
mockedArgs := m.Called(ctx, orgID, builtInRole, resourceID, permission)
|
|
return mockedArgs.Get(0).(*accesscontrol.ResourcePermission), mockedArgs.Error(1)
|
|
}
|
|
|
|
func (m *MockPermissionsService) SetPermissions(ctx context.Context, orgID int64, resourceID string, commands ...accesscontrol.SetResourcePermissionCommand) ([]accesscontrol.ResourcePermission, error) {
|
|
mockedArgs := m.Called(ctx, orgID, resourceID, commands)
|
|
return mockedArgs.Get(0).([]accesscontrol.ResourcePermission), mockedArgs.Error(1)
|
|
}
|
|
|
|
func (m *MockPermissionsService) MapActions(permission accesscontrol.ResourcePermission) string {
|
|
mockedArgs := m.Called(permission)
|
|
return mockedArgs.Get(0).(string)
|
|
}
|