ossaccesscontrol

package
v0.0.85-test Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 8, 2023 License: AGPL-3.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	TeamMemberActions = []string{
		accesscontrol.ActionTeamsRead,
	}

	TeamAdminActions = []string{
		accesscontrol.ActionTeamsRead,
		accesscontrol.ActionTeamsDelete,
		accesscontrol.ActionTeamsWrite,
		accesscontrol.ActionTeamsPermissionsRead,
		accesscontrol.ActionTeamsPermissionsWrite,
	}
)
View Source 
var DashboardAdminActions = append(DashboardEditActions, []string{accesscontrol.ActionDashboardsPermissionsRead, accesscontrol.ActionDashboardsPermissionsWrite}...)
View Source 
var DashboardEditActions = append(DashboardViewActions, []string{accesscontrol.ActionDashboardsWrite, accesscontrol.ActionDashboardsDelete}...)
View Source 
var DashboardViewActions = []string{accesscontrol.ActionDashboardsRead}
View Source 
var FolderAdminActions = append(FolderEditActions, []string{dashboards.ActionFoldersPermissionsRead, dashboards.ActionFoldersPermissionsWrite}...)
View Source 
var FolderEditActions = append(FolderViewActions, []string{
	dashboards.ActionFoldersWrite,
	dashboards.ActionFoldersDelete,
	dashboards.ActionDashboardsCreate,
	accesscontrol.ActionAlertingRuleCreate,
	accesscontrol.ActionAlertingRuleUpdate,
	accesscontrol.ActionAlertingRuleDelete,
}...)
View Source 
var FolderViewActions = []string{dashboards.ActionFoldersRead, accesscontrol.ActionAlertingRuleRead}

Functions

func ProvideDashboardPermissions 

func ProvideDashboardPermissions(
	cfg *setting.Cfg, router routing.RouteRegister, sql *sqlstore.SQLStore,
	ac accesscontrol.AccessControl, store resourcepermissions.Store,
) (*resourcepermissions.Service, error)

func ProvideFolderPermissions 

func ProvideFolderPermissions(
	cfg *setting.Cfg, router routing.RouteRegister, sql *sqlstore.SQLStore,
	accesscontrol accesscontrol.AccessControl, store resourcepermissions.Store,
) (*resourcepermissions.Service, error)

func ProvideTeamPermissions 

func ProvideTeamPermissions(
	cfg *setting.Cfg, router routing.RouteRegister, sql *sqlstore.SQLStore,
	ac accesscontrol.AccessControl, store resourcepermissions.Store,
) (*resourcepermissions.Service, error)

Types

type OSSAccessControlService 

type OSSAccessControlService struct {
	// contains filtered or unexported fields
}

OSSAccessControlService is the service implementing role based access control.

func ProvideOSSAccessControl 

func ProvideOSSAccessControl(features featuremgmt.FeatureToggles, provider accesscontrol.PermissionsProvider) *OSSAccessControlService

ProvideOSSAccessControl creates an oss implementation of access control without usage stats registration

func ProvideService 

func ProvideService(features featuremgmt.FeatureToggles, usageStats usagestats.Service,
	provider accesscontrol.PermissionsProvider, routeRegister routing.RouteRegister) (*OSSAccessControlService, error)

func (*OSSAccessControlService) DeclareFixedRoles 

func (ac *OSSAccessControlService) DeclareFixedRoles(registrations ...accesscontrol.RoleRegistration) error

DeclareFixedRoles allow the caller to declare, to the service, fixed roles and their assignments to organization roles ("Viewer", "Editor", "Admin") or "Grafana Admin"

func (*OSSAccessControlService) Evaluate 

func (ac *OSSAccessControlService) Evaluate(ctx context.Context, user *models.SignedInUser, evaluator accesscontrol.Evaluator) (bool, error)

Evaluate evaluates access to the given resources

func (*OSSAccessControlService) GetUserBuiltInRoles 

func (ac *OSSAccessControlService) GetUserBuiltInRoles(user *models.SignedInUser) []string

func (*OSSAccessControlService) GetUserPermissions 

func (ac *OSSAccessControlService) GetUserPermissions(ctx context.Context, user *models.SignedInUser, _ accesscontrol.Options) ([]*accesscontrol.Permission, error)

GetUserPermissions returns user permissions based on built-in roles

func (*OSSAccessControlService) GetUserRoles 

func (ac *OSSAccessControlService) GetUserRoles(ctx context.Context, user *models.SignedInUser) ([]*accesscontrol.RoleDTO, error)

GetUserRoles returns user permissions based on built-in roles

func (*OSSAccessControlService) IsDisabled 

func (ac *OSSAccessControlService) IsDisabled() bool

func (*OSSAccessControlService) RegisterAttributeScopeResolver 

func (ac *OSSAccessControlService) RegisterAttributeScopeResolver(scopePrefix string, resolver accesscontrol.AttributeScopeResolveFunc)

RegisterAttributeScopeResolver allows the caller to register scope resolvers for a specific scope prefix (ex: datasources:name:)

func (*OSSAccessControlService) RegisterFixedRoles 

func (ac *OSSAccessControlService) RegisterFixedRoles() error

RegisterFixedRoles registers all declared roles in RAM

type PermissionsServices 

type PermissionsServices struct {
	// contains filtered or unexported fields
}

func ProvidePermissionsServices 

func ProvidePermissionsServices(
	cfg *setting.Cfg, router routing.RouteRegister, sql *sqlstore.SQLStore,
	ac accesscontrol.AccessControl, store resourcepermissions.Store,
) (*PermissionsServices, error)

func (*PermissionsServices) GetDashboardService 

func (s *PermissionsServices) GetDashboardService() accesscontrol.PermissionsService

func (*PermissionsServices) GetDataSourceService 

func (s *PermissionsServices) GetDataSourceService() accesscontrol.PermissionsService

func (*PermissionsServices) GetFolderService 

func (s *PermissionsServices) GetFolderService() accesscontrol.PermissionsService

func (*PermissionsServices) GetTeamService 

func (s *PermissionsServices) GetTeamService() accesscontrol.PermissionsService

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.