mirror of
https://github.com/grafana/grafana.git
synced 2025-02-15 10:03:33 -06:00
20bd591bea
Co-authored-by: Alexander Zobnin <alexander.zobnin@grafana.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Arve Knudsen <arve.knudsen@grafana.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@grafana.com>
45 lines
1.7 KiB
Go
45 lines
1.7 KiB
Go
package accesscontrol
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/grafana/grafana/pkg/models"
|
|
)
|
|
|
|
type AccessControl interface {
|
|
Evaluator
|
|
Store
|
|
}
|
|
|
|
type Evaluator interface {
|
|
// Evaluate evaluates access to the given resource
|
|
Evaluate(ctx context.Context, user *models.SignedInUser, permission string, scope ...string) (bool, error)
|
|
}
|
|
|
|
type Store interface {
|
|
// Database access methods
|
|
GetRoles(ctx context.Context, orgID int64) ([]*Role, error)
|
|
GetRole(ctx context.Context, orgID, roleID int64) (*RoleDTO, error)
|
|
GetRoleByUID(ctx context.Context, orgId int64, uid string) (*RoleDTO, error)
|
|
CreateRole(ctx context.Context, cmd CreateRoleCommand) (*Role, error)
|
|
CreateRoleWithPermissions(ctx context.Context, cmd CreateRoleWithPermissionsCommand) (*RoleDTO, error)
|
|
UpdateRole(ctx context.Context, cmd UpdateRoleCommand) (*RoleDTO, error)
|
|
DeleteRole(cmd *DeleteRoleCommand) error
|
|
GetRolePermissions(ctx context.Context, roleID int64) ([]Permission, error)
|
|
CreatePermission(ctx context.Context, cmd CreatePermissionCommand) (*Permission, error)
|
|
UpdatePermission(cmd *UpdatePermissionCommand) (*Permission, error)
|
|
DeletePermission(ctx context.Context, cmd *DeletePermissionCommand) error
|
|
GetTeamRoles(query *GetTeamRolesQuery) ([]*RoleDTO, error)
|
|
GetUserRoles(ctx context.Context, query GetUserRolesQuery) ([]*RoleDTO, error)
|
|
GetUserPermissions(ctx context.Context, query GetUserPermissionsQuery) ([]*Permission, error)
|
|
AddTeamRole(cmd *AddTeamRoleCommand) error
|
|
RemoveTeamRole(cmd *RemoveTeamRoleCommand) error
|
|
AddUserRole(cmd *AddUserRoleCommand) error
|
|
RemoveUserRole(cmd *RemoveUserRoleCommand) error
|
|
AddBuiltinRole(ctx context.Context, orgID, roleID int64, roleName string) error
|
|
}
|
|
|
|
type Seeder interface {
|
|
Seed(ctx context.Context, orgID int64) error
|
|
}
|