user

package
v11.1.4-modfix Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 20, 2024 License: AGPL-3.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	QuotaTargetSrv string = "user"
	QuotaTarget    string = "user"
)
View Source 
const (
	GlobalOrgID = int64(0)
)

Variables

View Source 
var (
	ErrCaseInsensitive   = errors.New("case insensitive conflict")
	ErrUserNotFound      = errors.New("user not found")
	ErrUserAlreadyExists = errors.New("user already exists")
	ErrLastGrafanaAdmin  = errors.New("cannot remove last grafana admin")
	ErrProtectedUser     = errors.New("cannot adopt protected user")
	ErrNoUniqueID        = errors.New("identifying id not found")
	ErrLastSeenUpToDate  = errors.New("last seen is already up to date")
	ErrUpdateInvalidID   = errors.New("unable to update invalid id")
)
View Source 
var (
	ErrEmailConflict         = errutil.Conflict("user.email-conflict", errutil.WithPublicMessage("Email is already being used"))
	ErrEmptyUsernameAndEmail = errutil.BadRequest(
		"user.empty-username-and-email", errutil.WithPublicMessage("Need to specify either username or email"),
	)
	ErrPasswordMissmatch = errutil.BadRequest("user.password-missmatch", errutil.WithPublicMessage("Invalid old password"))
)
View Source 
var (
	ErrPasswordTooShort       = errutil.BadRequest("password.password-policy-too-short", errutil.WithPublicMessage("New password is too short"))
	ErrPasswordPolicyInfringe = errutil.BadRequest("password.password-policy-infringe", errutil.WithPublicMessage("New password doesn't comply with the password policy"))
	MinPasswordLength         = 12
)

Functions

func ValidatePassword 

func ValidatePassword(newPassword string, config *setting.Cfg) error

ValidatePassword checks if a new password meets the required criteria based on the given configuration. If BasicAuthStrongPasswordPolicy is disabled, it only checks for password length. Otherwise, it ensures the password meets the minimum length requirement and contains at least one uppercase letter, one lowercase letter, one number, and one symbol.

Types

type AdminCreateUserResponse 

type AdminCreateUserResponse struct {
	ID      int64  `json:"id"`
	Message string `json:"message"`
}

type AnalyticsSettings 

type AnalyticsSettings struct {
	Identifier         string
	IntercomIdentifier string
}

type AuthModuleConversion 

type AuthModuleConversion []string

implement Conversion interface to define custom field mapping (xorm feature)

func (*AuthModuleConversion) FromDB 

func (auth *AuthModuleConversion) FromDB(data []byte) error

func (*AuthModuleConversion) ToDB 

func (auth *AuthModuleConversion) ToDB() ([]byte, error)

Just a stub, we don't want to write to database

type BatchDisableUsersCommand 

type BatchDisableUsersCommand struct {
	UserIDs    []int64 `xorm:"user_ids"`
	IsDisabled bool
}

type ChangeUserPasswordCommand 

type ChangeUserPasswordCommand struct {
	OldPassword Password `json:"oldPassword"`
	NewPassword Password `json:"newPassword"`
}

type CompleteEmailVerifyCommand 

type CompleteEmailVerifyCommand struct {
	User identity.Requester
	Code string
}

type CreateUserCommand 

type CreateUserCommand struct {
	UID              string
	Email            string
	Login            string
	Name             string
	Company          string
	OrgID            int64
	OrgName          string
	Password         Password
	EmailVerified    bool
	IsAdmin          bool
	IsDisabled       bool
	SkipOrgSetup     bool
	DefaultOrgRole   string
	IsServiceAccount bool
}

type DeleteUserCommand 

type DeleteUserCommand struct {
	UserID int64
}

type ErrCaseInsensitiveLoginConflict 

type ErrCaseInsensitiveLoginConflict struct {
	Users []User
}

func (*ErrCaseInsensitiveLoginConflict) Error 

func (e *ErrCaseInsensitiveLoginConflict) Error() string

func (*ErrCaseInsensitiveLoginConflict) Unwrap 

func (e *ErrCaseInsensitiveLoginConflict) Unwrap() error

type Filter 

type Filter interface {
	WhereCondition() *WhereCondition
	InCondition() *InCondition
	JoinCondition() *JoinCondition
}

type FilterHandler 

type FilterHandler func(params []string) (Filter, error)

type GetSignedInUserQuery 

type GetSignedInUserQuery struct {
	UserID int64 `xorm:"user_id"`
	Login  string
	Email  string
	OrgID  int64 `xorm:"org_id"`
}

type GetUserByEmailQuery 

type GetUserByEmailQuery struct {
	Email string
}

type GetUserByIDQuery 

type GetUserByIDQuery struct {
	ID int64
}

type GetUserByLoginQuery 

type GetUserByLoginQuery struct {
	LoginOrEmail string
}

type GetUserProfileQuery 

type GetUserProfileQuery struct {
	UserID int64
}

type HelpFlags1 

type HelpFlags1 uint64
const (
	HelpFlagGettingStartedPanelDismissed HelpFlags1 = 1 << iota
	HelpFlagDashboardHelp1
)

func (*HelpFlags1) AddFlag 

func (f *HelpFlags1) AddFlag(flag HelpFlags1)

func (HelpFlags1) HasFlag 

func (f HelpFlags1) HasFlag(flag HelpFlags1) bool

type InCondition 

type InCondition struct {
	Condition string
	Params    any
}

type JoinCondition 

type JoinCondition struct {
	Operator string
	Table    string
	Params   string
}

type Password 

type Password string

func NewPassword 

func NewPassword(newPassword string, config *setting.Cfg) (Password, error)

func (Password) Hash 

func (p Password) Hash(salt string) (Password, error)

func (Password) Validate 

func (p Password) Validate(config *setting.Cfg) error

type SearchUserFilter 

type SearchUserFilter interface {
	GetFilter(filterName string, params []string) Filter
	GetFilterList() map[string]FilterHandler
}

type SearchUserQueryResult 

type SearchUserQueryResult struct {
	TotalCount int64               `json:"totalCount"`
	Users      []*UserSearchHitDTO `json:"users"`
	Page       int                 `json:"page"`
	PerPage    int                 `json:"perPage"`
}

type SearchUsersQuery 

type SearchUsersQuery struct {
	SignedInUser identity.Requester
	OrgID        int64 `xorm:"org_id"`
	Query        string
	Page         int
	Limit        int
	AuthModule   string
	SortOpts     []model.SortOption
	Filters      []Filter

	IsDisabled *bool
}

type Service 

type Service interface {
	registry.ProvidesUsageStats
	Create(context.Context, *CreateUserCommand) (*User, error)
	CreateServiceAccount(context.Context, *CreateUserCommand) (*User, error)
	Delete(context.Context, *DeleteUserCommand) error
	GetByID(context.Context, *GetUserByIDQuery) (*User, error)
	GetByLogin(context.Context, *GetUserByLoginQuery) (*User, error)
	GetByEmail(context.Context, *GetUserByEmailQuery) (*User, error)
	Update(context.Context, *UpdateUserCommand) error
	UpdateLastSeenAt(context.Context, *UpdateUserLastSeenAtCommand) error
	GetSignedInUser(context.Context, *GetSignedInUserQuery) (*SignedInUser, error)
	Search(context.Context, *SearchUsersQuery) (*SearchUserQueryResult, error)
	BatchDisableUsers(context.Context, *BatchDisableUsersCommand) error
	GetProfile(context.Context, *GetUserProfileQuery) (*UserProfileDTO, error)
}

type SignedInUser 

type SignedInUser struct {
	UserID        int64  `xorm:"user_id"`
	UserUID       string `xorm:"user_uid"`
	OrgID         int64  `xorm:"org_id"`
	OrgName       string
	OrgRole       roletype.RoleType
	Login         string
	Name          string
	Email         string
	EmailVerified bool
	// AuthID will be set if user signed in using external method
	AuthID string
	// AuthenticatedBy be set if user signed in using external method
	AuthenticatedBy  string
	ApiKeyID         int64 `xorm:"api_key_id"`
	IsServiceAccount bool  `xorm:"is_service_account"`
	IsGrafanaAdmin   bool
	IsAnonymous      bool
	IsDisabled       bool
	HelpFlags1       HelpFlags1
	LastSeenAt       time.Time
	Teams            []int64
	// Permissions grouped by orgID and actions
	Permissions map[int64]map[string][]string `json:"-"`
	// IDToken is a signed token representing the identity that can be forwarded to plugins and external services.
	// Will only be set when featuremgmt.FlagIdForwarding is enabled.
	IDToken      string `json:"-" xorm:"-"`
	NamespacedID identity.NamespaceID
}

func (*SignedInUser) GetAuthID 

func (u *SignedInUser) GetAuthID() string

func (*SignedInUser) GetAuthenticatedBy 

func (u *SignedInUser) GetAuthenticatedBy() string

func (*SignedInUser) GetCacheKey 

func (u *SignedInUser) GetCacheKey() string

GetCacheKey returns a unique key for the entity. Add an extra prefix to avoid collisions with other caches

func (*SignedInUser) GetDisplayName 

func (u *SignedInUser) GetDisplayName() string

GetDisplayName returns the display name of the active entity The display name is the name if it is set, otherwise the login or email

func (*SignedInUser) GetEmail 

func (u *SignedInUser) GetEmail() string

GetEmail returns the email of the active entity Can be empty.

func (*SignedInUser) GetGlobalPermissions 

func (u *SignedInUser) GetGlobalPermissions() map[string][]string

GetGlobalPermissions returns the permissions of the active entity that are available across all organizations

func (*SignedInUser) GetID 

func (u *SignedInUser) GetID() identity.NamespaceID

GetID returns namespaced id for the entity

func (*SignedInUser) GetIDToken 

func (u *SignedInUser) GetIDToken() string

func (*SignedInUser) GetIsGrafanaAdmin 

func (u *SignedInUser) GetIsGrafanaAdmin() bool

GetIsGrafanaAdmin returns true if the user is a server admin

func (*SignedInUser) GetLogin 

func (u *SignedInUser) GetLogin() string

GetLogin returns the login of the active entity Can be empty if the user is anonymous

func (*SignedInUser) GetNamespacedID 

func (u *SignedInUser) GetNamespacedID() (identity.Namespace, string)

GetNamespacedID returns the namespace and ID of the active entity The namespace is one of the constants defined in pkg/services/auth/identity

func (*SignedInUser) GetOrgID 

func (u *SignedInUser) GetOrgID() int64

GetOrgID returns the ID of the active organization

func (*SignedInUser) GetOrgName 

func (u *SignedInUser) GetOrgName() string

DEPRECATED: GetOrgName returns the name of the active organization Retrieve the organization name from the organization service instead of using this method.

func (*SignedInUser) GetOrgRole 

func (u *SignedInUser) GetOrgRole() roletype.RoleType

GetOrgRole returns the role of the active entity in the active organization

func (*SignedInUser) GetPermissions 

func (u *SignedInUser) GetPermissions() map[string][]string

GetPermissions returns the permissions of the active entity

func (*SignedInUser) GetTeams 

func (u *SignedInUser) GetTeams() []int64

DEPRECATED: GetTeams returns the teams the entity is a member of Retrieve the teams from the team service instead of using this method.

func (*SignedInUser) GetUID 

func (u *SignedInUser) GetUID() identity.NamespaceID

GetUID returns namespaced uid for the entity

func (*SignedInUser) HasRole 

func (u *SignedInUser) HasRole(role roletype.RoleType) bool

func (*SignedInUser) HasUniqueId 

func (u *SignedInUser) HasUniqueId() bool

HasUniqueId returns true if the entity has a unique id

func (*SignedInUser) IsApiKeyUser 

func (u *SignedInUser) IsApiKeyUser() bool

func (*SignedInUser) IsAuthenticatedBy 

func (u *SignedInUser) IsAuthenticatedBy(providers ...string) bool

func (*SignedInUser) IsEmailVerified 

func (u *SignedInUser) IsEmailVerified() bool

func (*SignedInUser) IsNil 

func (u *SignedInUser) IsNil() bool

FIXME: remove this method once all services are using an interface

func (*SignedInUser) IsRealUser 

func (u *SignedInUser) IsRealUser() bool

IsRealUser returns true if the entity is a real user and not a service account

func (*SignedInUser) IsServiceAccountUser 

func (u *SignedInUser) IsServiceAccountUser() bool

IsServiceAccountUser returns true if the entity is a service account

func (*SignedInUser) NameOrFallback 

func (u *SignedInUser) NameOrFallback() string

func (*SignedInUser) ShouldUpdateLastSeenAt 

func (u *SignedInUser) ShouldUpdateLastSeenAt() bool

type StartVerifyEmailCommand 

type StartVerifyEmailCommand struct {
	User   User
	Email  string
	Action UpdateEmailActionType
}

type UpdateEmailActionType 

type UpdateEmailActionType string
const (
	EmailUpdateAction UpdateEmailActionType = "email-update"
	LoginUpdateAction UpdateEmailActionType = "login-update"
)

type UpdateUserCommand 

type UpdateUserCommand struct {
	Name  string `json:"name"`
	Email string `json:"email"`
	Login string `json:"login"`
	Theme string `json:"theme"`

	UserID         int64 `json:"-"`
	IsDisabled     *bool `json:"-"`
	EmailVerified  *bool `json:"-"`
	IsGrafanaAdmin *bool `json:"-"`
	// If password is included it will be validated, hashed and updated for user.
	Password *Password `json:"-"`
	// If old password is included it will be validated against users current password.
	OldPassword *Password `json:"-"`
	// If OrgID is included update current org for user
	OrgID      *int64      `json:"-"`
	HelpFlags1 *HelpFlags1 `json:"-"`
}

type UpdateUserLastSeenAtCommand 

type UpdateUserLastSeenAtCommand struct {
	UserID int64
	OrgID  int64
}

type User 

type User struct {
	ID            int64  `xorm:"pk autoincr 'id'"`
	UID           string `json:"uid" xorm:"uid"`
	Version       int
	Email         string
	Name          string
	Login         string
	Password      Password
	Salt          string
	Rands         string
	Company       string
	EmailVerified bool
	Theme         string
	HelpFlags1    HelpFlags1 `xorm:"help_flags1"`
	IsDisabled    bool

	IsAdmin          bool
	IsServiceAccount bool
	OrgID            int64 `xorm:"org_id"`

	Created    time.Time
	Updated    time.Time
	LastSeenAt time.Time
}

func (*User) NameOrFallback 

func (u *User) NameOrFallback() string

type UserProfileDTO 

type UserProfileDTO struct {
	ID                             int64           `json:"id"`
	UID                            string          `json:"uid"`
	Email                          string          `json:"email"`
	Name                           string          `json:"name"`
	Login                          string          `json:"login"`
	Theme                          string          `json:"theme"`
	OrgID                          int64           `json:"orgId,omitempty"`
	IsGrafanaAdmin                 bool            `json:"isGrafanaAdmin"`
	IsDisabled                     bool            `json:"isDisabled"`
	IsExternal                     bool            `json:"isExternal"`
	IsExternallySynced             bool            `json:"isExternallySynced"`
	IsGrafanaAdminExternallySynced bool            `json:"isGrafanaAdminExternallySynced"`
	AuthLabels                     []string        `json:"authLabels"`
	UpdatedAt                      time.Time       `json:"updatedAt"`
	CreatedAt                      time.Time       `json:"createdAt"`
	AvatarURL                      string          `json:"avatarUrl"`
	AccessControl                  map[string]bool `json:"accessControl,omitempty"`
}

type UserSearchHitDTO 

type UserSearchHitDTO struct {
	ID            int64                `json:"id" xorm:"id"`
	UID           string               `json:"uid" xorm:"id"`
	Name          string               `json:"name"`
	Login         string               `json:"login"`
	Email         string               `json:"email"`
	AvatarURL     string               `json:"avatarUrl" xorm:"avatar_url"`
	IsAdmin       bool                 `json:"isAdmin"`
	IsDisabled    bool                 `json:"isDisabled"`
	LastSeenAt    time.Time            `json:"lastSeenAt"`
	LastSeenAtAge string               `json:"lastSeenAtAge"`
	AuthLabels    []string             `json:"authLabels"`
	AuthModule    AuthModuleConversion `json:"-"`
}

type Verifier 

type Verifier interface {
	Start(ctx context.Context, cmd StartVerifyEmailCommand) error
	Complete(ctx context.Context, cmd CompleteEmailVerifyCommand) error
}

type WhereCondition 

type WhereCondition struct {
	Condition string
	Params    any
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.