apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Access Control: Make it possible to exclude role grants (#91647)

Browse Source
pull/91688/head
Alexander Zobnin 11 months ago committed by GitHub
parent 89ee970ec3
commit 0e5d7633f7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 5 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      pkg/api/accesscontrol.go
  2. 1
      pkg/services/accesscontrol/models.go

2
pkg/api/accesscontrol.go
Unescape View File

@ -442,6 +442,8 @@ func (hs *HTTPServer) declareFixedRoles() error {
}, },
}, },
Grants: []string{"Editor"}, Grants: []string{"Editor"},
// Don't grant fixed:folders:creator to Admin
Exclude: []string{"Admin"},
} }
foldersReaderRole := ac.RoleRegistration{ foldersReaderRole := ac.RoleRegistration{

1
pkg/services/accesscontrol/models.go
Unescape View File

@ -28,6 +28,7 @@ var (
type RoleRegistration struct { type RoleRegistration struct {
Role RoleDTO Role RoleDTO
Grants []string Grants []string
Exclude []string
} }
// Role is the model for Role in RBAC. // Role is the model for Role in RBAC.

Write Preview
Loading…
Cancel
Save