mirror of
https://github.com/grafana/grafana.git
synced 2024-11-30 04:34:23 -06:00
207a55be66
* AuthN: Add flag to control org role syncs * JWT: Only sync org roles if the skip flag for jwt is false * LDAP: Only sync org role if skip flag for ldap is false * OAuth: Skip org roles sync if no roles were provided by upstream service * Grafana: Set SyncOrgRoles to true for authentication through proxy with grafana as backend
31 lines
802 B
Go
31 lines
802 B
Go
package clients
|
|
|
|
import (
|
|
"github.com/grafana/grafana/pkg/services/org"
|
|
"github.com/grafana/grafana/pkg/setting"
|
|
)
|
|
|
|
// roleExtractor should return the org role, optional isGrafanaAdmin or an error
|
|
type roleExtractor func() (org.RoleType, *bool, error)
|
|
|
|
// getRoles only handles one org role for now, could be subject to change
|
|
func getRoles(cfg *setting.Cfg, extract roleExtractor) (map[int64]org.RoleType, *bool, error) {
|
|
role, isGrafanaAdmin, err := extract()
|
|
orgRoles := make(map[int64]org.RoleType, 0)
|
|
if err != nil {
|
|
return orgRoles, nil, err
|
|
}
|
|
|
|
if role == "" || !role.IsValid() {
|
|
return orgRoles, nil, nil
|
|
}
|
|
|
|
orgID := int64(1)
|
|
if cfg.AutoAssignOrg && cfg.AutoAssignOrgId > 0 {
|
|
orgID = int64(cfg.AutoAssignOrgId)
|
|
}
|
|
orgRoles[orgID] = role
|
|
|
|
return orgRoles, isGrafanaAdmin, nil
|
|
}
|