mirror of
https://github.com/grafana/grafana.git
synced 2025-01-09 15:43:23 -06:00
87c3703a0d
* show data source menu to users who only have access to create a data source * return early if missing permissions
51 lines
1.7 KiB
Go
51 lines
1.7 KiB
Go
package datasources
|
|
|
|
import "github.com/grafana/grafana/pkg/services/accesscontrol"
|
|
|
|
const (
|
|
ScopeRoot = "datasources"
|
|
ScopePrefix = ScopeRoot + ":uid:"
|
|
|
|
ActionRead = "datasources:read"
|
|
ActionQuery = "datasources:query"
|
|
ActionCreate = "datasources:create"
|
|
ActionWrite = "datasources:write"
|
|
ActionDelete = "datasources:delete"
|
|
ActionIDRead = "datasources.id:read"
|
|
ActionPermissionsRead = "datasources.permissions:read"
|
|
ActionPermissionsWrite = "datasources.permissions:write"
|
|
)
|
|
|
|
var (
|
|
ScopeID = accesscontrol.Scope("datasources", "id", accesscontrol.Parameter(":datasourceId"))
|
|
ScopeAll = accesscontrol.GetResourceAllScope(ScopeRoot)
|
|
ScopeProvider = accesscontrol.NewScopeProvider(ScopeRoot)
|
|
)
|
|
|
|
var (
|
|
// ConfigurationPageAccess is used to protect the "Configure > Data sources" tab access
|
|
ConfigurationPageAccess = accesscontrol.EvalAny(
|
|
accesscontrol.EvalPermission(accesscontrol.ActionDatasourcesExplore),
|
|
accesscontrol.EvalPermission(ActionCreate),
|
|
accesscontrol.EvalAll(
|
|
accesscontrol.EvalPermission(ActionRead),
|
|
accesscontrol.EvalAny(
|
|
accesscontrol.EvalPermission(ActionDelete),
|
|
accesscontrol.EvalPermission(ActionWrite),
|
|
),
|
|
),
|
|
)
|
|
|
|
// NewPageAccess is used to protect the "Configure > Data sources > New" page access
|
|
NewPageAccess = accesscontrol.EvalAll(
|
|
accesscontrol.EvalPermission(ActionRead),
|
|
accesscontrol.EvalPermission(ActionCreate),
|
|
)
|
|
|
|
// EditPageAccess is used to protect the "Configure > Data sources > Edit" page access
|
|
EditPageAccess = accesscontrol.EvalAll(
|
|
accesscontrol.EvalPermission(ActionRead),
|
|
accesscontrol.EvalPermission(ActionWrite),
|
|
)
|
|
)
|