acimpl

package

v11.1.4-modfix Latest Latest Go to latest Published: Aug 20, 2024 License: AGPL-3.0 Imports: 28 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/minicali/grafana

Documentation ¶

Index ¶

Variables
func PermissionMatchesSearchOptions(permission accesscontrol.Permission, ...) bool
type AccessControl
- func ProvideAccessControl(features featuremgmt.FeatureToggles) *AccessControl
- func (a *AccessControl) Evaluate(ctx context.Context, user identity.Requester, ...) (bool, error)
- func (a *AccessControl) RegisterScopeAttributeResolver(prefix string, resolver accesscontrol.ScopeAttributeResolver)
type GetPermissionsFn
type Service
- func ProvideOSSService(cfg *setting.Cfg, store accesscontrol.Store, ...) *Service
- func ProvideService(cfg *setting.Cfg, db db.DB, routeRegister routing.RouteRegister, ...) (*Service, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var OSSRolesPrefixes = []string{accesscontrol.ManagedRolePrefix, accesscontrol.ExternalServiceRolePrefix}

View Source

var SharedWithMeFolderPermission = accesscontrol.Permission{
	Action: dashboards.ActionFoldersRead,
	Scope:  dashboards.ScopeFoldersProvider.GetResourceScopeUID(folder.SharedWithMeFolderUID),
}

Functions ¶

func PermissionMatchesSearchOptions ¶

func PermissionMatchesSearchOptions(permission accesscontrol.Permission, searchOptions *accesscontrol.SearchOptions) bool

Types ¶

type AccessControl ¶

type AccessControl struct {
	// contains filtered or unexported fields
}

func ProvideAccessControl ¶

func ProvideAccessControl(features featuremgmt.FeatureToggles) *AccessControl

func (*AccessControl) Evaluate ¶

func (a *AccessControl) Evaluate(ctx context.Context, user identity.Requester, evaluator accesscontrol.Evaluator) (bool, error)

func (*AccessControl) RegisterScopeAttributeResolver ¶

func (a *AccessControl) RegisterScopeAttributeResolver(prefix string, resolver accesscontrol.ScopeAttributeResolver)

type GetPermissionsFn ¶

type GetPermissionsFn = func() ([]accesscontrol.Permission, error)

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service is the service implementing role based access control.

func ProvideOSSService ¶

func ProvideOSSService(cfg *setting.Cfg, store accesscontrol.Store, actionResolver accesscontrol.ActionResolver, cache *localcache.CacheService, features featuremgmt.FeatureToggles, tracer tracing.Tracer) *Service

func ProvideService ¶

func ProvideService(cfg *setting.Cfg, db db.DB, routeRegister routing.RouteRegister, cache *localcache.CacheService,
	accessControl accesscontrol.AccessControl, actionResolver accesscontrol.ActionResolver, features featuremgmt.FeatureToggles, tracer tracing.Tracer) (*Service, error)

func (*Service) ClearUserPermissionCache ¶

func (s *Service) ClearUserPermissionCache(user identity.Requester)

func (*Service) DeclareFixedRoles ¶

func (s *Service) DeclareFixedRoles(registrations ...accesscontrol.RoleRegistration) error

DeclareFixedRoles allow the caller to declare, to the service, fixed roles and their assignments to organization roles ("Viewer", "Editor", "Admin") or "Grafana Admin"

func (*Service) DeclarePluginRoles ¶

func (s *Service) DeclarePluginRoles(ctx context.Context, ID, name string, regs []plugins.RoleRegistration) error

DeclarePluginRoles allow the caller to declare, to the service, plugin roles and their assignments to organization roles ("Viewer", "Editor", "Admin") or "Grafana Admin"

func (*Service) DeleteExternalServiceRole ¶

func (s *Service) DeleteExternalServiceRole(ctx context.Context, externalServiceID string) error

func (*Service) DeleteTeamPermissions ¶

func (s *Service) DeleteTeamPermissions(ctx context.Context, orgID int64, teamID int64) error

func (*Service) DeleteUserPermissions ¶

func (s *Service) DeleteUserPermissions(ctx context.Context, orgID int64, userID int64) error

func (*Service) GetRoleByName ¶

func (s *Service) GetRoleByName(ctx context.Context, orgID int64, roleName string) (*accesscontrol.RoleDTO, error)

func (*Service) GetUsageStats ¶

func (s *Service) GetUsageStats(_ context.Context) map[string]any

func (*Service) GetUserPermissions ¶

func (s *Service) GetUserPermissions(ctx context.Context, user identity.Requester, options accesscontrol.Options) ([]accesscontrol.Permission, error)

GetUserPermissions returns user permissions based on built-in roles

func (*Service) RegisterFixedRoles ¶

func (s *Service) RegisterFixedRoles(ctx context.Context) error

RegisterFixedRoles registers all declared roles in RAM

func (*Service) SaveExternalServiceRole ¶

func (s *Service) SaveExternalServiceRole(ctx context.Context, cmd accesscontrol.SaveExternalServiceRoleCommand) error

func (*Service) SearchUserPermissions ¶

func (s *Service) SearchUserPermissions(ctx context.Context, orgID int64, searchOptions accesscontrol.SearchOptions) ([]accesscontrol.Permission, error)

func (*Service) SearchUsersPermissions ¶

func (s *Service) SearchUsersPermissions(ctx context.Context, usr identity.Requester,
	options accesscontrol.SearchOptions) (map[int64][]accesscontrol.Permission, error)

TODO potential changes needed here? SearchUsersPermissions returns all users' permissions filtered by action prefixes

func (*Service) SyncUserRoles ¶

func (*Service) SyncUserRoles(ctx context.Context, orgID int64, cmd accesscontrol.SyncUserRolesCommand) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL