IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
49505b9a3bc284b1d18bcf5ea1ddf4aa19c6b547
grafana/public/app/features/alerting/unified/utils/access-control.ts
Nathan Rodman 49505b9a3b Alerting: fgac for notification policies and contact points (#46939) 
* add FGAC actions for silences table

* redirect users without permissions

* add permissions checks to routes

* add fgac to notifications and contact points

* fgac for notification policies

* fix mute timing authorization

* use consistent naming for checking grafana alertmanager

* tests for fgac in contact points and notification policies

* bump up timeout on rule editor test

* use new permissions util

* break out route evaluation into util

* Remove test timeout

* Change permissions for the alert-notifiers endpoint

* Use signed in handler for alert-notifiers when unified alerting enabled

Co-authored-by: Konrad Lalik <konrad.lalik@grafana.com>
2022-04-06 18:24:33 +02:00

79 lines
2.5 KiB
TypeScript
Raw Blame History

import { AccessControlAction } from 'app/types';
import { isGrafanaRulesSource } from './datasource';
import { contextSrv } from 'app/core/services/context_srv';
function getAMversion(alertManagerSourceName: string) {
return isGrafanaRulesSource(alertManagerSourceName) ? 'grafana' : 'external';
}
export function getInstancesPermissions(alertManagerSourceName: string) {
const amVersion = getAMversion(alertManagerSourceName);
const permissions = {
read: {
grafana: AccessControlAction.AlertingInstanceRead,
external: AccessControlAction.AlertingInstancesExternalRead,
},
create: {
grafana: AccessControlAction.AlertingInstanceCreate,
external: AccessControlAction.AlertingInstancesExternalWrite,
},
update: {
grafana: AccessControlAction.AlertingInstanceUpdate,
external: AccessControlAction.AlertingInstancesExternalWrite,
},
delete: {
grafana: AccessControlAction.AlertingInstanceUpdate,
external: AccessControlAction.AlertingInstancesExternalWrite,
},
viewSource: {
grafana: AccessControlAction.AlertingInstanceRead,
external: AccessControlAction.DataSourcesExplore,
},
};
return {
read: permissions.read[amVersion],
create: permissions.create[amVersion],
update: permissions.update[amVersion],
delete: permissions.delete[amVersion],
viewSource: permissions.viewSource[amVersion],
};
}
export function getNotificationsPermissions(alertManagerSourceName: string) {
const amVersion = getAMversion(alertManagerSourceName);
const permissions = {
read: {
grafana: AccessControlAction.AlertingNotificationsRead,
external: AccessControlAction.AlertingNotificationsExternalRead,
},
create: {
grafana: AccessControlAction.AlertingNotificationsCreate,
external: AccessControlAction.AlertingNotificationsExternalWrite,
},
update: {
grafana: AccessControlAction.AlertingNotificationsUpdate,
external: AccessControlAction.AlertingNotificationsExternalWrite,
},
delete: {
grafana: AccessControlAction.AlertingNotificationsDelete,
external: AccessControlAction.AlertingNotificationsExternalWrite,
},
};
return {
read: permissions.read[amVersion],
create: permissions.create[amVersion],
update: permissions.update[amVersion],
delete: permissions.delete[amVersion],
};
}
export function evaluateAccess(actions: AccessControlAction[], fallBackUserRoles: string[]) {
return () => {
return contextSrv.evaluatePermission(() => fallBackUserRoles, actions);
};
}
Reference in New Issue View Git Blame Copy Permalink