IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-14 17:43:35 -06:00
Code Issues Packages Projects Releases Wiki Activity
4982ca3b1d
grafana/pkg/api
History
Karl Persson 4982ca3b1d
Access control: Use access control for dashboard and folder (#44702) 
* Add actions and scopes

* add resource service for dashboard and folder

* Add dashboard guardian with fgac permission evaluation

* Add CanDelete function to guardian interface

* Add CanDelete property to folder and dashboard dto and set values

* change to correct function name

* Add accesscontrol to folder endpoints

* add access control to dashboard endpoints

* check access for nav links

* Add fixed roles for dashboard and folders

* use correct package

* add hack to override guardian Constructor if accesscontrol is enabled

* Add services

* Add function to handle api backward compatability

* Add permissionServices to HttpServer

* Set permission when new dashboard is created

* Add default permission when creating new dashboard

* Set default permission when creating folder and dashboard

* Add access control filter for dashboard search

* Add to accept list

* Add accesscontrol to dashboardimport

* Disable access control in tests

* Add check to see if user is allow to create a dashboard

* Use SetPermissions

* Use function to set several permissions at once

* remove permissions for folder and dashboard on delete

* update required permission

* set permission for provisioning

* Add CanCreate to dashboard guardian and set correct permisisons for
provisioning

* Dont set admin on folder / dashboard creation

* Add dashboard and folder permission migrations

* Add tests for CanCreate

* Add roles and update descriptions

* Solve uid to id for dashboard and folder permissions

* Add folder and dashboard actions to permission filter

* Handle viewer_can_edit flag

* set folder and dashboard permissions services

* Add dashboard permissions when importing a new dashboard

* Set access control permissions on provisioning

* Pass feature flags and only set permissions if access control is enabled

* only add default permissions for folders and dashboards without folders

* Batch create permissions in migrations


* Remove `dashboards:edit` action

* Remove unused function from interface

* Update pkg/services/guardian/accesscontrol_guardian_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2022-03-03 15:05:47 +01:00
..
apierrors Plugins: Refactor plugin dashboards (#44315) 2022-01-28 10:28:33 +01:00
avatar remove the global log error/warn etc functions (#41404) 2021-11-08 17:56:56 +01:00
datasource Check for empty URLs when creating/updating a data source (#42837) 2022-01-31 12:39:55 -03:00
docs API: Extract OpenAPI specification from source code using go-swagger (#40528) 2022-02-08 13:38:43 +01:00
dtos Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
frontendlogging Logger migration from log15 to gokit/log (#41636) 2022-01-06 22:28:05 +08:00
navlinks show admin nav link it the user only has permissions to view licensing and not other pages under admin node (#41948) 2021-11-19 11:02:13 +00:00
pluginproxy Plugins: Refactor plugin settings service (#45967) 2022-03-03 11:39:15 +01:00
response [Alerting] Forking LoTex ruler (#32138) 2021-03-19 10:32:13 -04:00
routing Instrumentation: Fix HTTP request instrumentation of authentication failures (#44234) 2022-02-02 18:48:46 +01:00
static API: Extract OpenAPI specification from source code using go-swagger (#40528) 2022-02-08 13:38:43 +01:00
accesscontrol.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
admin_provisioning_test.go Chore: Add context to org (#40685) 2021-11-03 11:31:56 +01:00
admin_provisioning.go Chore: Remove Dispatch and AddHandler (#42603) 2021-12-02 18:08:59 +01:00
admin_test.go Chore: Remove bus from admin (#44920) 2022-02-04 17:53:58 +01:00
admin_users_test.go Security: Sync security changes on main (#45083) 2022-02-09 13:44:38 +01:00
admin_users.go Chore: Remove bus from admin users (#44869) 2022-02-04 13:45:42 -05:00
admin.go Chore: Remove bus from admin (#44920) 2022-02-04 17:53:58 +01:00
alerting_test.go Security: Sync security changes on main (#45083) 2022-02-09 13:44:38 +01:00
alerting.go Fix alerting methods using AlertNotificationService (#45477) 2022-02-16 18:54:29 +01:00
annotations_test.go Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102) 2022-02-11 15:43:29 -03:00
annotations.go Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102) 2022-02-11 15:43:29 -03:00
api.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
apikey.go Separate API key store from SA token store (#45862) 2022-02-28 11:30:45 +01:00
app_routes.go Chore: Remove bus from plugin proxy api (#44899) 2022-02-04 17:35:00 +01:00
basic_auth_test.go Macaron: remove custom Request type (#37874) 2021-09-01 11:18:30 +02:00
basic_auth.go Macaron: remove custom Request type (#37874) 2021-09-01 11:18:30 +02:00
comments.go Comments: support live comments in dashboards and annotations (#44980) 2022-02-22 10:47:42 +03:00
common_test.go Bus: Tests cleanup (#46025) 2022-03-02 11:05:31 +01:00
dashboard_permission_test.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
dashboard_permission.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
dashboard_snapshot_test.go add dashboardsnap as service of http server (#45461) 2022-02-17 09:31:26 +01:00
dashboard_snapshot.go add dashboardsnap as service of http server (#45461) 2022-02-17 09:31:26 +01:00
dashboard_test.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
dashboard.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
dataproxy.go Data Source Proxy: Migrate proxy to its own service and make more extensible (#31927) 2021-03-17 13:10:40 -04:00
datasources_test.go Dashboard Alert Extractor: Create service for dashboard extractor and remove bus (#45518) 2022-02-28 09:54:56 +01:00
datasources.go Dashboard Extractor: Don't fail when using default OSS implementation (#46024) 2022-03-02 11:04:29 +01:00
fakes.go Plugins: Plugin Store API returns DTO model (#41340) 2021-11-17 12:04:22 +01:00
folder_permission_test.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
folder_permission.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
folder_test.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
folder.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
frontend_logging_test.go Security: Sync security changes on main (#45083) 2022-02-09 13:44:38 +01:00
frontend_logging.go Logger migration from log15 to gokit/log (#41636) 2022-01-06 22:28:05 +08:00
frontend_metrics.go Chore: Report frontend metrics for JS/CSS load time (#42421) 2021-12-02 09:34:39 +01:00
frontendsettings_test.go Plugins: Refactor Grafana and Plugin version update checkers (#44529) 2022-01-31 16:06:16 +01:00
frontendsettings.go Previews: capability check (#44601) 2022-02-16 21:49:50 +04:00
grafana_com_proxy.go Plugins Catalog: Install and show the latest compatible version of a plugin (#41003) 2021-11-12 11:07:12 +01:00
health_test.go Chore: Remove bus from health api (#44897) 2022-02-04 14:33:35 +01:00
health.go Chore: Remove bus from health api (#44897) 2022-02-04 14:33:35 +01:00
http_server_test.go Tests: Batch of GoConvey to Testify conversions (#27008) 2020-08-14 14:43:25 +02:00
http_server.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
index.go Access control: Use access control for dashboard and folder (#44702) 2022-03-03 15:05:47 +01:00
ldap_debug_test.go ldap debug bus removal (#45014) 2022-02-09 11:45:31 +01:00
ldap_debug.go ldap debug bus removal (#45014) 2022-02-09 11:45:31 +01:00
login_oauth_test.go Chore: Move remaining web framework code to pkg/web, remove macaron binding module (#43018) 2021-12-13 15:56:14 +01:00
login_oauth.go Chore: add setting to skip org assignment for external users (#34834) 2022-02-21 17:34:47 +01:00
login_test.go remove bus from login (#44995) 2022-02-09 17:17:09 +01:00
login.go Configuration: Add ability to customize okta login button name and icon (#44079) 2022-02-16 11:35:00 -05:00
metrics.go Live: support query execution with live RPC (#43118) 2021-12-14 18:38:20 +01:00
org_invite.go Remove bus from org invite api (#44530) 2022-01-31 17:24:52 +01:00
org_test.go AccessControl: Remove scopes from orgs endpoints (#41709) 2021-11-17 10:12:28 +01:00
org_users_test.go Dashboards: Refactor service to make it injectable by wire (#44588) 2022-02-16 14:15:44 +01:00
org_users.go AccessControl: Compute metadata from context permissions (#45578) 2022-02-18 11:27:00 +01:00
org.go Chore: Remove bus.Dispatch from provisioning services (#44989) 2022-02-23 11:12:37 +01:00
password.go Chore: Remove bus from password (#44482) 2022-02-03 10:33:46 +01:00
playlist_play.go Chore: Remove bus from signup and playlist api (#44485) 2022-01-27 10:33:02 +01:00
playlist.go Chore: Remove bus from signup and playlist api (#44485) 2022-01-27 10:33:02 +01:00
plugins_test.go Security: Sync security changes on main (#45083) 2022-02-09 13:44:38 +01:00
plugins.go Use PluginSettingsService instead of SQLStore methods in plugins (#45480) 2022-02-25 11:29:18 +01:00
preferences_test.go AccessControl: Remove scopes from orgs endpoints (#41709) 2021-11-17 10:12:28 +01:00
preferences.go Remove bus from quota, preferences, plugins, user_token (#44762) 2022-02-03 09:20:20 +01:00
quota_test.go AccessControl: Remove scopes from orgs endpoints (#41709) 2021-11-17 10:12:28 +01:00
quota.go Remove bus from quota, preferences, plugins, user_token (#44762) 2022-02-03 09:20:20 +01:00
render.go Dash previews: populate crawler queue from SQL query (#44083) 2022-02-09 13:23:32 +04:00
search.go remove bus from search service (#44825) 2022-02-03 18:46:38 +01:00
short_url_test.go Security: Sync security changes on main (#45083) 2022-02-09 13:44:38 +01:00
short_url.go Chore: Refactor api handlers to use web.Bind (#42199) 2021-11-29 10:18:01 +01:00
signup.go Remove bus from org invite api (#44530) 2022-01-31 17:24:52 +01:00
stars.go Chore: Remove bus from team (#44218) 2022-01-24 11:52:35 +01:00
swagger.go API: Extract OpenAPI specification from source code using go-swagger (#40528) 2022-02-08 13:38:43 +01:00
team_members_test.go AccessControl: Implement SQL filters for team members filtering (#44898) 2022-02-09 17:46:37 +01:00
team_members.go Access control: Set default permissions for data sources when using access control (#45482) 2022-02-17 14:03:45 +01:00
team_test.go Access control: Set default permissions for data sources when using access control (#45482) 2022-02-17 14:03:45 +01:00
team.go AccessControl: Compute metadata from context permissions (#45578) 2022-02-18 11:27:00 +01:00
user_test.go Bus: Tests cleanup (#46025) 2022-03-02 11:05:31 +01:00
user_token_test.go Chore: Remove bus from Alerting API (#44894) 2022-02-04 13:41:15 +01:00
user_token.go Remove bus from quota, preferences, plugins, user_token (#44762) 2022-02-03 09:20:20 +01:00
user.go AccessControl: Compute metadata from context permissions (#45578) 2022-02-18 11:27:00 +01:00
utils.go Permissions: Validate against Team/User permission role update (#29101) 2020-11-18 15:36:41 +01:00