IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2024-11-28 11:44:26 -06:00
Code Issues Packages Projects Releases Wiki Activity
8a2c368031
grafana/pkg/services/accesscontrol
History
Karl Persson a5e4a533fa
Access control: use uid for dashboard and folder scopes (#46807) 
* use uid:s for folder and dashboard permissions

* evaluate folder and dashboard permissions based on uids

* add dashboard.uid to accept list

* Check for exact suffix

* Check parent folder on create

* update test

* drop dashboard:create actions with dashboard scope

* fix typo

* AccessControl: test id 0 scope conversion

* AccessControl: store only parent folder UID

* AccessControl: extract general as a constant

* FolderServices: Prevent creation of a folder uid'd general

* FolderServices: Test folder creation prevention

* Update pkg/services/guardian/accesscontrol_guardian.go

* FolderServices: fix mock call expect

* FolderServices: remove uneeded mocks

Co-authored-by: jguer <joao.guerreiro@grafana.com>
2022-03-30 15:14:26 +02:00
..
api AccessControl: Add endpoint to get user permissions (#45309) 2022-02-11 17:40:43 +01:00
database Access Control: Support other attributes than id for resource permissions (#46727) 2022-03-21 17:58:18 +01:00
middleware AccessControl: Fix locked role picker in orgs/edit page (#46539) 2022-03-24 08:58:10 +01:00
mock Adding FGAC annotations validation for creation and deletion (#46736) 2022-03-21 14:28:39 -03:00
ossaccesscontrol Access control: use uid for dashboard and folder scopes (#46807) 2022-03-30 15:14:26 +02:00
resourcepermissions Access Control: Support other attributes than id for resource permissions (#46727) 2022-03-21 17:58:18 +01:00
accesscontrol_bench_test.go Access Control: Support other attributes than id for resource permissions (#46727) 2022-03-21 17:58:18 +01:00
accesscontrol_test.go Access Control: Support other attributes than id for resource permissions (#46727) 2022-03-21 17:58:18 +01:00
accesscontrol.go Access Control: Support other attributes than id for resource permissions (#46727) 2022-03-21 17:58:18 +01:00
errors.go AccessControl: Resolve attribute based scopes to id based scopes (#40742) 2022-01-18 17:34:35 +01:00
evaluator_test.go AccessControl: Resolve attribute based scopes to id based scopes (#40742) 2022-01-18 17:34:35 +01:00
evaluator.go AccessControl: improve denied message (#44551) 2022-01-28 12:17:24 +01:00
filter_bench_test.go Access Control: Support other attributes than id for resource permissions (#46727) 2022-03-21 17:58:18 +01:00
filter_test.go Access Control: Correctly check for id suffix (#46824) 2022-03-22 13:48:15 +01:00
filter.go Access control: use uid for dashboard and folder scopes (#46807) 2022-03-30 15:14:26 +02:00
models.go Access control: use uid for dashboard and folder scopes (#46807) 2022-03-30 15:14:26 +02:00
roles_test.go Access Control: Rename fixed roles (#41288) 2021-11-17 15:40:39 +01:00
roles.go Access Control: Rename global users scope (#46794) 2022-03-22 12:48:46 +01:00
scope_test.go AccessControl: Handle ':' in attribute resolution (#46742) 2022-03-23 08:48:32 +01:00
scope.go AccessControl: Handle ':' in attribute resolution (#46742) 2022-03-23 08:48:32 +01:00