mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
2e38329026
* Unexport store and create new constructor function * Add ResourceAuthorizer and LegacyAccessClient * Configure checks for user store * List with checks if AccessClient is configured * Allow system user service account to read all users --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
40 lines
1.2 KiB
Go
40 lines
1.2 KiB
Go
package accesscontrol
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/grafana/grafana/pkg/apimachinery/identity"
|
|
"github.com/grafana/grafana/pkg/services/accesscontrol"
|
|
)
|
|
|
|
type recordingAccessControlFake struct {
|
|
Disabled bool
|
|
EvaluateRecordings []struct {
|
|
Permissions map[string][]string
|
|
Evaluator accesscontrol.Evaluator
|
|
}
|
|
Callback func(user identity.Requester, evaluator accesscontrol.Evaluator) (bool, error)
|
|
}
|
|
|
|
func (a *recordingAccessControlFake) Evaluate(_ context.Context, ur identity.Requester, evaluator accesscontrol.Evaluator) (bool, error) {
|
|
a.EvaluateRecordings = append(a.EvaluateRecordings, struct {
|
|
Permissions map[string][]string
|
|
Evaluator accesscontrol.Evaluator
|
|
}{Permissions: ur.GetPermissions(), Evaluator: evaluator})
|
|
if a.Callback == nil {
|
|
return evaluator.Evaluate(ur.GetPermissions()), nil
|
|
}
|
|
return a.Callback(ur, evaluator)
|
|
}
|
|
|
|
func (a *recordingAccessControlFake) RegisterScopeAttributeResolver(prefix string, resolver accesscontrol.ScopeAttributeResolver) {
|
|
// TODO implement me
|
|
panic("implement me")
|
|
}
|
|
|
|
func (a *recordingAccessControlFake) WithoutResolvers() accesscontrol.AccessControl {
|
|
panic("unimplemented")
|
|
}
|
|
|
|
var _ accesscontrol.AccessControl = &recordingAccessControlFake{}
|