Documentation ¶
Index ¶
- Variables
- type DashboardPermissionsService
- type DatasourcePermissionsService
- func (e DatasourcePermissionsService) DeleteResourcePermissions(ctx context.Context, orgID int64, resourceID string) error
- func (e DatasourcePermissionsService) GetPermissions(ctx context.Context, user identity.Requester, resourceID string) ([]accesscontrol.ResourcePermission, error)
- func (e DatasourcePermissionsService) MapActions(permission accesscontrol.ResourcePermission) string
- func (e DatasourcePermissionsService) SetBuiltInRolePermission(ctx context.Context, orgID int64, builtInRole string, resourceID string, ...) (*accesscontrol.ResourcePermission, error)
- func (e DatasourcePermissionsService) SetPermissions(ctx context.Context, orgID int64, resourceID string, ...) ([]accesscontrol.ResourcePermission, error)
- func (e DatasourcePermissionsService) SetTeamPermission(ctx context.Context, orgID, teamID int64, resourceID, permission string) (*accesscontrol.ResourcePermission, error)
- func (e DatasourcePermissionsService) SetUserPermission(ctx context.Context, orgID int64, user accesscontrol.User, ...) (*accesscontrol.ResourcePermission, error)
- type FolderPermissionsService
- type ServiceAccountPermissionsService
- type TeamPermissionsService
Constants ¶
This section is empty.
Variables ¶
View Source
var ( TeamMemberActions = []string{ accesscontrol.ActionTeamsRead, } TeamAdminActions = []string{ accesscontrol.ActionTeamsRead, accesscontrol.ActionTeamsDelete, accesscontrol.ActionTeamsWrite, accesscontrol.ActionTeamsPermissionsRead, accesscontrol.ActionTeamsPermissionsWrite, } )
View Source
var ( ServiceAccountEditActions = []string{ serviceaccounts.ActionRead, serviceaccounts.ActionWrite, } ServiceAccountAdminActions = []string{ serviceaccounts.ActionRead, serviceaccounts.ActionWrite, serviceaccounts.ActionDelete, serviceaccounts.ActionPermissionsRead, serviceaccounts.ActionPermissionsWrite, } )
View Source
var DashboardAdminActions = append(DashboardEditActions, []string{dashboards.ActionDashboardsPermissionsRead, dashboards.ActionDashboardsPermissionsWrite}...)
View Source
var DashboardEditActions = append(DashboardViewActions, []string{dashboards.ActionDashboardsWrite, dashboards.ActionDashboardsDelete}...)
View Source
var DashboardViewActions = []string{dashboards.ActionDashboardsRead}
View Source
var DatasourceQueryActions = []string{ datasources.ActionRead, datasources.ActionQuery, }
DatasourceQueryActions contains permissions to read information about a data source and submit arbitrary queries to it.
View Source
var FolderAdminActions = append(FolderEditActions, []string{dashboards.ActionFoldersPermissionsRead, dashboards.ActionFoldersPermissionsWrite}...)
View Source
var FolderEditActions = append(FolderViewActions, []string{ dashboards.ActionFoldersWrite, dashboards.ActionFoldersDelete, dashboards.ActionDashboardsCreate, accesscontrol.ActionAlertingRuleCreate, accesscontrol.ActionAlertingRuleUpdate, accesscontrol.ActionAlertingRuleDelete, accesscontrol.ActionAlertingSilencesCreate, accesscontrol.ActionAlertingSilencesWrite, libraryelements.ActionLibraryPanelsCreate, libraryelements.ActionLibraryPanelsWrite, libraryelements.ActionLibraryPanelsDelete, }...)
View Source
var FolderViewActions = []string{dashboards.ActionFoldersRead, accesscontrol.ActionAlertingRuleRead, libraryelements.ActionLibraryPanelsRead, accesscontrol.ActionAlertingSilencesRead}
Functions ¶
This section is empty.
Types ¶
type DashboardPermissionsService ¶
type DashboardPermissionsService struct {
*resourcepermissions.Service
}
func ProvideDashboardPermissions ¶
func ProvideDashboardPermissions( cfg *setting.Cfg, features featuremgmt.FeatureToggles, router routing.RouteRegister, sql db.DB, ac accesscontrol.AccessControl, license licensing.Licensing, dashboardStore dashboards.Store, folderService folder.Service, service accesscontrol.Service, teamService team.Service, userService user.Service, actionSetService resourcepermissions.ActionSetService, ) (*DashboardPermissionsService, error)
type DatasourcePermissionsService ¶
type DatasourcePermissionsService struct {
// contains filtered or unexported fields
}
func ProvideDatasourcePermissionsService ¶
func ProvideDatasourcePermissionsService(cfg *setting.Cfg, features featuremgmt.FeatureToggles, db db.DB) *DatasourcePermissionsService
func (DatasourcePermissionsService) DeleteResourcePermissions ¶
func (DatasourcePermissionsService) GetPermissions ¶
func (e DatasourcePermissionsService) GetPermissions(ctx context.Context, user identity.Requester, resourceID string) ([]accesscontrol.ResourcePermission, error)
func (DatasourcePermissionsService) MapActions ¶
func (e DatasourcePermissionsService) MapActions(permission accesscontrol.ResourcePermission) string
func (DatasourcePermissionsService) SetBuiltInRolePermission ¶
func (e DatasourcePermissionsService) SetBuiltInRolePermission(ctx context.Context, orgID int64, builtInRole string, resourceID string, permission string) (*accesscontrol.ResourcePermission, error)
func (DatasourcePermissionsService) SetPermissions ¶
func (e DatasourcePermissionsService) SetPermissions(ctx context.Context, orgID int64, resourceID string, commands ...accesscontrol.SetResourcePermissionCommand) ([]accesscontrol.ResourcePermission, error)
SetPermissions sets managed permissions for a datasource in OSS. This ensures that Viewers and Editors maintain query access to a data source if an OSS/unlicensed instance is upgraded to Enterprise/licensed. https://github.com/grafana/identity-access-team/issues/672
func (DatasourcePermissionsService) SetTeamPermission ¶
func (e DatasourcePermissionsService) SetTeamPermission(ctx context.Context, orgID, teamID int64, resourceID, permission string) (*accesscontrol.ResourcePermission, error)
func (DatasourcePermissionsService) SetUserPermission ¶
func (e DatasourcePermissionsService) SetUserPermission(ctx context.Context, orgID int64, user accesscontrol.User, resourceID, permission string) (*accesscontrol.ResourcePermission, error)
type FolderPermissionsService ¶
type FolderPermissionsService struct {
*resourcepermissions.Service
}
func ProvideFolderPermissions ¶
func ProvideFolderPermissions( cfg *setting.Cfg, features featuremgmt.FeatureToggles, router routing.RouteRegister, sql db.DB, accesscontrol accesscontrol.AccessControl, license licensing.Licensing, dashboardStore dashboards.Store, folderService folder.Service, service accesscontrol.Service, teamService team.Service, userService user.Service, actionSetService resourcepermissions.ActionSetService, ) (*FolderPermissionsService, error)
type ServiceAccountPermissionsService ¶
type ServiceAccountPermissionsService struct {
*resourcepermissions.Service
}
func ProvideServiceAccountPermissions ¶
func ProvideServiceAccountPermissions( cfg *setting.Cfg, features featuremgmt.FeatureToggles, router routing.RouteRegister, sql db.DB, ac accesscontrol.AccessControl, license licensing.Licensing, serviceAccountRetrieverService *retriever.Service, service accesscontrol.Service, teamService team.Service, userService user.Service, actionSetService resourcepermissions.ActionSetService, ) (*ServiceAccountPermissionsService, error)
type TeamPermissionsService ¶
type TeamPermissionsService struct {
*resourcepermissions.Service
}
func ProvideTeamPermissions ¶
func ProvideTeamPermissions( cfg *setting.Cfg, features featuremgmt.FeatureToggles, router routing.RouteRegister, sql db.DB, ac accesscontrol.AccessControl, license licensing.Licensing, service accesscontrol.Service, teamService team.Service, userService user.Service, actionSetService resourcepermissions.ActionSetService, ) (*TeamPermissionsService, error)
Click to show internal directories.
Click to hide internal directories.