apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
52231 Commits
6022 Branches
596 Tags
1.8 GiB
Tag: Branch: Tree: c8ce20a807
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c8ce20a807'
${ noResults }
grafana/pkg/services/team/model.go

177 lines
5.0 KiB
Raw Normal View History Unescape

Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
package team
WIP: rough prototype of dashboard folders Breaks some stuff like selected dash in the search result. In dashboard search, if the user is not searching then the result is returned as a tree structure. No ACL's or user group ux yet.
8 years ago
WIP: add usergroup commands and queries
8 years ago
import (
"errors"
"time"
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2
3 years ago
Chore: Move identity and errutil to apimachinery module (#89116)
12 months ago
"github.com/grafana/grafana/pkg/apimachinery/identity"
Authz: Remove use of SignedInUser copy for permission evaluation (#78448) * remove use of SignedInUserCopies * add extra safety to not cross assign permissions unwind circular dependency dashboardacl->dashboardaccess fix missing import * correctly set teams for permissions * fix missing inits * nit: check err * exit early for api keys
2 years ago
"github.com/grafana/grafana/pkg/services/dashboards/dashboardaccess"
Team: Support `sort` query param for teams search endpoint (#75622) * Teams: Implement backend sorting * Add docs * Make name ordering case insensitive * lint * Fix no lowercasing on memberCount * Add test to double check the filters or correctly OrderBy
2 years ago
"github.com/grafana/grafana/pkg/services/search/model"
WIP: add usergroup commands and queries
8 years ago
)
// Typed errors
var (
Chore: Fix staticcheck issues (#28860) * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Undo changes Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix test Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix test Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
5 years ago
ErrTeamNotFound = errors.New("team not found")
ErrTeamNameTaken = errors.New("team name is taken")
ErrTeamMemberNotFound = errors.New("team member not found")
ErrLastTeamAdmin = errors.New("not allowed to remove last admin")
ErrNotAllowedToUpdateTeam = errors.New("user not allowed to update team")
ErrNotAllowedToUpdateTeamInDifferentOrg = errors.New("user not allowed to update team in another org")
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
ErrTeamMemberAlreadyAdded = errors.New("user is already added to this team")
WIP: add usergroup commands and queries
8 years ago
)
WIP: rough prototype of dashboard folders Breaks some stuff like selected dash in the search result. In dashboard search, if the user is not searching then the result is returned as a tree structure. No ACL's or user group ux yet.
8 years ago
Chore: Clean up team membership code (#86914) remove unused code, clean up commands
1 year ago
const MemberPermissionName = "Member"
Team: Add an endpoint for bulk team membership updates (#87441) * add an endpoint for bulk team membership updates * update comment * schema gen * test fix * add swagger parameter definition
1 year ago
const AdminPermissionName = "Admin"
Chore: Clean up team membership code (#86914) remove unused code, clean up commands
1 year ago
refactor: rename User Groups to Teams
8 years ago
// Team model
type Team struct {
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
ID int64 `json:"id" xorm:"pk autoincr 'id'"`
add uid to team table (#66920) * add uid to team table * concat * add prefix to transition uids --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2 years ago
UID string `json:"uid" xorm:"uid"`
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
OrgID int64 `json:"orgId" xorm:"org_id"`
WIP: add user group search
8 years ago
Name string `json:"name"`
Add avatar to team and team members page (#10305) * teams: add db migration for email column in teams table * teams: /teams should render index page with a 200 OK * teams: additional backend functionality for team and team members Possibility to save/update email for teams. Possibility to retrive avatar url when searching for teams. Possibility to retrive avatar url when searching for team members. * teams: display team avatar and team member avatars Possibility to save and update email for a team * teams: create team on separate page instead of modal dialog
8 years ago
Email string `json:"email"`
WIP: rough prototype of dashboard folders Breaks some stuff like selected dash in the search result. In dashboard search, if the user is not searching then the result is returned as a tree structure. No ACL's or user group ux yet.
8 years ago
WIP: add user group search
8 years ago
Created time.Time `json:"created"`
Updated time.Time `json:"updated"`
WIP: rough prototype of dashboard folders Breaks some stuff like selected dash in the search result. In dashboard search, if the user is not searching then the result is returned as a tree structure. No ACL's or user group ux yet.
8 years ago
}
WIP: add usergroup commands and queries
8 years ago
// ---------------------
// COMMANDS
refactor: rename User Groups to Teams
8 years ago
type CreateTeamCommand struct {
WIP: add usergroup commands and queries
8 years ago
Name string `json:"name" binding:"Required"`
Add avatar to team and team members page (#10305) * teams: add db migration for email column in teams table * teams: /teams should render index page with a 200 OK * teams: additional backend functionality for team and team members Possibility to save/update email for teams. Possibility to retrive avatar url when searching for teams. Possibility to retrive avatar url when searching for team members. * teams: display team avatar and team member avatars Possibility to save and update email for a team * teams: create team on separate page instead of modal dialog
8 years ago
Email string `json:"email"`
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
OrgID int64 `json:"-"`
WIP: add usergroup commands and queries
8 years ago
}
refactor: rename User Groups to Teams
8 years ago
type UpdateTeamCommand struct {
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
ID int64
Add avatar to team and team members page (#10305) * teams: add db migration for email column in teams table * teams: /teams should render index page with a 200 OK * teams: additional backend functionality for team and team members Possibility to save/update email for teams. Possibility to retrive avatar url when searching for teams. Possibility to retrive avatar url when searching for team members. * teams: display team avatar and team member avatars Possibility to save and update email for a team * teams: create team on separate page instead of modal dialog
8 years ago
Name string
Email string
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
OrgID int64 `json:"-"`
WIP: add update user group command
8 years ago
}
refactor: rename User Groups to Teams
8 years ago
type DeleteTeamCommand struct {
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
OrgID int64
ID int64
WIP: add usergroup commands and queries
8 years ago
}
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
type GetTeamByIDQuery struct {
OrgID int64
ID int64
Auth: Move Team service to SignedInUserInterface (#72674) * move SignedInUser to specific file * add primitive interface for signedInUser
2 years ago
SignedInUser identity.Requester
Add an option to hide certain users in the UI (#28942) * Add an option to hide certain users in the UI * revert changes for admin users routes * fix sqlstore function name * Improve slice management Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Hidden users: convert slice to map * filter with user logins instead of IDs * put HiddenUsers in Cfg struct * hide hidden users from dashboards/folders permissions list * Update conf/defaults.ini Co-authored-by: Torkel Ödegaard <torkel@grafana.com> * fix params order * fix tests * fix dashboard/folder update with hidden user * add team tests * add dashboard and folder permissions tests * fixes after merge * fix tests * API: add test for org users endpoints * update hidden users management for dashboard / folder permissions * improve dashboard / folder permissions tests * fixes after merge * Guardian: add hidden acl tests * API: add team members tests * fix team sql syntax for postgres * api tests update * fix linter error * fix tests errors after merge Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Torkel Ödegaard <torkel@grafana.com> Co-authored-by: Leonard Gram <leo@xlson.com>
5 years ago
HiddenUsers map[string]struct{}
WIP: add usergroup commands and queries
8 years ago
}
Security: Sync security changes on main (#45083) * * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search * Teams: Ensure that users searching for teams are only able see teams they have access to * Teams: Require teamGuardian admin privileges to list team members * Teams: Prevent org viewers from administering teams * Teams: Add org_id condition to team count query * Teams: clarify permission requirements in teams api docs * Teams: expand scenarios for team search tests * Teams: mock teamGuardian in tests Co-authored-by: Dan Cech <dcech@grafana.com> * remove duplicate WHERE statement * Fix for CVE-2022-21702 (cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e) * Lint and test fixes (cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981) * check content type properly (cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98) * basic csrf origin check (cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1) * compare origin to host (cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42) * simplify url parsing (cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d) * check csrf for GET requests, only compare origin (cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709) * parse content type properly (cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0) * mentioned get in the comment (cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345) * add content-type: application/json to test HTTP requests * fix pluginproxy test * Fix linter when comparing errors Co-authored-by: Kevin Minehart <kmineh0151@gmail.com> Co-authored-by: Dan Cech <dcech@grafana.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com> Co-authored-by: Vardan Torosyan <vardants@gmail.com>
3 years ago
// FilterIgnoreUser is used in a get / search teams query when the caller does not want to filter teams by user ID / membership
const FilterIgnoreUser int64 = 0
AuthZ: Improve team ID fetching for signedInUser (#78378) * improve team ID fetching for signedInUser * remove inner join * rename func * nit: remove extra params * nit: spacing and wrapping
2 years ago
type GetTeamIDsByUserQuery struct {
OrgID int64
UserID int64 `json:"userId"`
}
refactor: rename User Groups to Teams
8 years ago
type GetTeamsByUserQuery struct {
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
OrgID int64
UserID int64 `json:"userId"`
Auth: Move Team service to SignedInUserInterface (#72674) * move SignedInUser to specific file * add primitive interface for signedInUser
2 years ago
SignedInUser identity.Requester
WIP: user group additions
8 years ago
}
refactor: rename User Groups to Teams
8 years ago
type SearchTeamsQuery struct {
teams: team listing shows only your teams (editors).
6 years ago
Query string
Name string
Limit int
Page int
Chore: Move team models to models pkg (#61262) * Chore: Move team models to models pkg * Fix ACL tests * More ACL tests * Change Id to ID in conflict user command test * Remove team from models * Fix ac test lint
2 years ago
OrgID int64 `xorm:"org_id"`
Team: Support `sort` query param for teams search endpoint (#75622) * Teams: Implement backend sorting * Add docs * Make name ordering case insensitive * lint * Fix no lowercasing on memberCount * Add test to double check the filters or correctly OrderBy
2 years ago
SortOpts []model.SortOption
Teams: Search by team ids (#77730) * Teams: Search by team ids * Add tests * Fix tests
2 years ago
TeamIds []int64
Auth: Move Team service to SignedInUserInterface (#72674) * move SignedInUser to specific file * add primitive interface for signedInUser
2 years ago
SignedInUser identity.Requester
Add an option to hide certain users in the UI (#28942) * Add an option to hide certain users in the UI * revert changes for admin users routes * fix sqlstore function name * Improve slice management Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Hidden users: convert slice to map * filter with user logins instead of IDs * put HiddenUsers in Cfg struct * hide hidden users from dashboards/folders permissions list * Update conf/defaults.ini Co-authored-by: Torkel Ödegaard <torkel@grafana.com> * fix params order * fix tests * fix dashboard/folder update with hidden user * add team tests * add dashboard and folder permissions tests * fixes after merge * fix tests * API: add test for org users endpoints * update hidden users management for dashboard / folder permissions * improve dashboard / folder permissions tests * fixes after merge * Guardian: add hidden acl tests * API: add team members tests * fix team sql syntax for postgres * api tests update * fix linter error * fix tests errors after merge Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Torkel Ödegaard <torkel@grafana.com> Co-authored-by: Leonard Gram <leo@xlson.com>
5 years ago
HiddenUsers map[string]struct{}
WIP: add user group search
8 years ago
}
Refactor team pages to react & design change (#12574) * Rewriting team pages in react * teams to react progress * teams: getting team by id returns same DTO as search, needed for AvatarUrl * teams: progress on new team pages * fix: team test * listing team members and removing team members now works * teams: team member page now works * ux: fixed adding team member issue * refactoring TeamPicker to conform to react coding styles better * teams: very close to being done with team page rewrite * minor style tweak * ux: polish to team pages * feature: team pages in react & everything working * fix: removed flickering when changing tabs by always rendering PageHeader
7 years ago
type TeamDTO struct {
Authz: Remove use of SignedInUser copy for permission evaluation (#78448) * remove use of SignedInUserCopies * add extra safety to not cross assign permissions unwind circular dependency dashboardacl->dashboardaccess fix missing import * correctly set teams for permissions * fix missing inits * nit: check err * exit early for api keys
2 years ago
ID int64 `json:"id" xorm:"id"`
UID string `json:"uid" xorm:"uid"`
OrgID int64 `json:"orgId" xorm:"org_id"`
Name string `json:"name"`
Email string `json:"email"`
AvatarURL string `json:"avatarUrl"`
MemberCount int64 `json:"memberCount"`
Permission dashboardaccess.PermissionType `json:"permission"`
AccessControl map[string]bool `json:"accessControl"`
teams: add team count when searching for team closes #10207
8 years ago
}
refactor: rename User Groups to Teams
8 years ago
type SearchTeamQueryResult struct {
Refactor team pages to react & design change (#12574) * Rewriting team pages in react * teams to react progress * teams: getting team by id returns same DTO as search, needed for AvatarUrl * teams: progress on new team pages * fix: team test * listing team members and removing team members now works * teams: team member page now works * ux: fixed adding team member issue * refactoring TeamPicker to conform to react coding styles better * teams: very close to being done with team page rewrite * minor style tweak * ux: polish to team pages * feature: team pages in react & everything working * fix: removed flickering when changing tabs by always rendering PageHeader
7 years ago
TotalCount int64 `json:"totalCount"`
Teams []*TeamDTO `json:"teams"`
Page int `json:"page"`
PerPage int `json:"perPage"`
WIP: add usergroup commands and queries
8 years ago
}
API: Restrict anonymous user information access (#18422) Existing /api/alert-notifications now requires at least editor access. Existing /api/alert-notifiers now requires at least editor access. New /api/alert-notifications/lookup returns less information than /api/alert-notifications and can be access by any authenticated user. Existing /api/org/users now requires org admin role. New /api/org/users/lookup returns less information than /api/org/users and can be access by users that are org admins, admin in any folder or admin of any team. UserPicker component now uses /api/org/users/lookup instead of /api/org/users. Fixes #17318
6 years ago
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
// TeamMember model
type TeamMember struct {
ID int64 `xorm:"pk autoincr 'id'"`
OrgID int64 `xorm:"org_id"`
TeamID int64 `xorm:"team_id"`
UserID int64 `xorm:"user_id"`
External bool // Signals that the membership has been created by an external systems, such as LDAP
Authz: Remove use of SignedInUser copy for permission evaluation (#78448) * remove use of SignedInUserCopies * add extra safety to not cross assign permissions unwind circular dependency dashboardacl->dashboardaccess fix missing import * correctly set teams for permissions * fix missing inits * nit: check err * exit early for api keys
2 years ago
Permission dashboardaccess.PermissionType
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
Created time.Time
Updated time.Time
}
// ---------------------
// COMMANDS
type AddTeamMemberCommand struct {
Authz: Remove use of SignedInUser copy for permission evaluation (#78448) * remove use of SignedInUserCopies * add extra safety to not cross assign permissions unwind circular dependency dashboardacl->dashboardaccess fix missing import * correctly set teams for permissions * fix missing inits * nit: check err * exit early for api keys
2 years ago
UserID int64 `json:"userId" binding:"Required"`
Permission dashboardaccess.PermissionType `json:"-"`
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
}
type UpdateTeamMemberCommand struct {
Authz: Remove use of SignedInUser copy for permission evaluation (#78448) * remove use of SignedInUserCopies * add extra safety to not cross assign permissions unwind circular dependency dashboardacl->dashboardaccess fix missing import * correctly set teams for permissions * fix missing inits * nit: check err * exit early for api keys
2 years ago
Permission dashboardaccess.PermissionType `json:"permission"`
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
}
Team: Add an endpoint for bulk team membership updates (#87441) * add an endpoint for bulk team membership updates * update comment * schema gen * test fix * add swagger parameter definition
1 year ago
type SetTeamMembershipsCommand struct {
Members []string `json:"members"`
Admins []string `json:"admins"`
}
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
type RemoveTeamMemberCommand struct {
OrgID int64 `json:"-"`
UserID int64
TeamID int64
}
// ----------------------
// QUERIES
type GetTeamMembersQuery struct {
OrgID int64
TeamID int64
add uid to team table (#66920) * add uid to team table * concat * add prefix to transition uids --------- Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2 years ago
TeamUID string
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
UserID int64
External bool
Chore: Implement requester in util pkg (#74105) implement requester changes that do not impact functionality
2 years ago
SignedInUser identity.Requester
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
}
// ----------------------
// Projections and DTOs
type TeamMemberDTO struct {
Authz: Remove use of SignedInUser copy for permission evaluation (#78448) * remove use of SignedInUserCopies * add extra safety to not cross assign permissions unwind circular dependency dashboardacl->dashboardaccess fix missing import * correctly set teams for permissions * fix missing inits * nit: check err * exit early for api keys
2 years ago
OrgID int64 `json:"orgId" xorm:"org_id"`
TeamID int64 `json:"teamId" xorm:"team_id"`
TeamUID string `json:"teamUID" xorm:"uid"`
UserID int64 `json:"userId" xorm:"user_id"`
External bool `json:"-"`
AuthModule string `json:"auth_module"`
Email string `json:"email"`
Name string `json:"name"`
Login string `json:"login"`
AvatarURL string `json:"avatarUrl" xorm:"avatar_url"`
Labels []string `json:"labels"`
Permission dashboardaccess.PermissionType `json:"permission"`
Chore: Move tem member models to team pkg (#61294) * Chore: Move tem member models to team pkg * Fix test lint
2 years ago
}