grafana/pkg/services/accesscontrol
Alexander Zobnin 959ebf82da
Folders: Show dashboards and folders with directly assigned permissions in "Shared" folder (#78465)
* Folders: Show folders user has access to at the root level

* Refactor

* Refactor

* Hide parent folders user has no access to

* Skip expensive computation if possible

* Fix tests

* Fix potential nil access

* Fix duplicated folders

* Fix linter error

* Fix querying folders if no managed permissions set

* Update benchmark

* Add special shared with me folder and fetch available non-root folders on demand

* Fix parents query

* Improve db query for folders

* Reset benchmark changes

* Fix permissions for shared with me folder

* Simplify dedup

* Add option to include shared folder permission to user's permissions

* Fix nil UID

* Remove duplicated folders from shared list

* Folders: Fix fetching empty folder

* Nested folders: Show dashboards with directly assigned permissions

* Fix slow dashboards fetch

* Refactor

* Fix cycle dependencies

* Move shared folder to models

* Fix shared folder links

* Refactor

* Use feature flag for permissions

* Use feature flag

* Review comments

* Expose shared folder UID through frontend settings

* Add frontend type for sharedWithMeFolderUID option

* Refactor: apply review suggestions

* Fix parent uid for shared folder

* Fix listing shared dashboards for users with access to all folders

* Prevent creating folder with "shared" UID

* Add tests for shared folders

* Add test for shared dashboards

* Fix linter

* Add metrics for shared with me folder

* Add metrics for shared with me dashboards

* Fix tests

* Tests: add metrics as a dependency

* Fix access control metadata for shared with me folder

* Use constant for shared with me

* Optimize parent folders access check, fetch all folders in one query.

* Use labels for metrics
2023-12-05 16:13:31 +01:00
..
acimpl Folders: Show dashboards and folders with directly assigned permissions in "Shared" folder (#78465) 2023-12-05 16:13:31 +01:00
actest Chore: remove IsDisabled method for access control (#74340) 2023-09-05 11:04:39 +01:00
api FeatureToggles: Add context and and an explicit global check (#78081) 2023-11-14 12:50:27 -08:00
database ExtSvcAuth: Assign roles locally (#78669) 2023-11-29 12:12:30 +01:00
migrator Chore: capitalise log message for auth packages (#74332) 2023-09-04 18:49:47 +02:00
mock Auth: Implement requester interface in access control module (#74289) 2023-09-06 11:16:10 +02:00
ossaccesscontrol Authz: Remove use of SignedInUser copy for permission evaluation (#78448) 2023-11-22 14:20:22 +01:00
pluginutils Plugins: Migrate licensing and access control to pkg/services/pluginsintegration package (#65258) 2023-03-27 11:15:37 +02:00
resourcepermissions RBAC: Fix filter so that check for access on service account is correct (#78907) 2023-11-30 17:32:04 +02:00
accesscontrol_test.go AuthN: Embed an OAuth2 server for external service authentication (#68086) 2023-05-25 15:38:30 +02:00
accesscontrol.go RBAC: GrafanaAdmin users are admins of the Global Organization (#78559) 2023-11-23 12:17:28 +01:00
authorize_in_org_test.go Authz: Remove use of SignedInUser copy for permission evaluation (#78448) 2023-11-22 14:20:22 +01:00
checker_test.go Chore: Fix goimports grouping (#62426) 2023-01-30 09:34:18 +01:00
checker.go RBAC: Permission check performance improvements for the new search (#60729) 2023-01-27 12:12:30 +00:00
errors.go Auth: Add empty role definition (#64694) 2023-07-06 15:40:06 +02:00
evaluator_test.go RBAC: Split up service into several components (#54002) 2022-08-24 13:29:17 +02:00
evaluator.go Chore: capitalise log message for auth packages (#74332) 2023-09-04 18:49:47 +02:00
filter_bench_test.go Chore: Remove Result field from datasources (#63048) 2023-02-09 15:49:44 +01:00
filter_test.go Chore: Remove Result field from datasources (#63048) 2023-02-09 15:49:44 +01:00
filter.go Chore: use any rather than interface{} (#74066) 2023-08-30 18:46:47 +03:00
metadata_bench_test.go RBAC: Add function to generate wildcards from prefix (#54275) 2022-08-26 17:10:35 +02:00
metadata_test.go RBAC: Add function to generate wildcards from prefix (#54275) 2022-08-26 17:10:35 +02:00
metadata.go RBAC: Add function to generate wildcards from prefix (#54275) 2022-08-26 17:10:35 +02:00
middleware_test.go AccessControl: Remove acmock.New from accesscontrol service tests (#71942) 2023-07-20 10:00:46 +02:00
middleware.go Authz: Remove use of SignedInUser copy for permission evaluation (#78448) 2023-11-22 14:20:22 +01:00
models_test.go ExtSvcAuth: Assign roles locally (#78669) 2023-11-29 12:12:30 +01:00
models.go ExtSvcAuth: Assign roles locally (#78669) 2023-11-29 12:12:30 +01:00
resolvers_test.go Chore: Fix goimports grouping (#62426) 2023-01-30 09:34:18 +01:00
resolvers.go Chore: capitalise log message for auth packages (#74332) 2023-09-04 18:49:47 +02:00
roles_test.go AccessControl: Remove package lists for roles and grants (#47141) 2022-04-06 09:31:14 +02:00
roles.go RBAC: Add OAuth provider scopes separately to fixed:authentication.config:writer (#78202) 2023-11-16 09:15:51 +01:00
scope_test.go RBAC: Add function to generate wildcards from prefix (#54275) 2022-08-26 17:10:35 +02:00
scope.go RBAC: Permission check performance improvements for the new search (#60729) 2023-01-27 12:12:30 +00:00