opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-03 01:22:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

AccessControl: Add access control actions and scopes to team update and delete

Browse Source 
* AccessControl: Add access control actions and scopes to team update and delete

* AccessControl: Add tests for AC guards in update/delete

* AccessControl: add fixed role for team writer

* AccessControl: ensure team related AC is deleted with team

* Update pkg/api/team_test.go
This commit is contained in:
J Guerreiro
2022-01-27 15:16:44 +00:00
committed by GitHub
parent 1a9c293984
commit cb6e5ae8ce
7 changed files with 132 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/api/team_members_test.go
View File

@ -196,7 +196,7 @@ func TestAddTeamMembersAPIEndpoint_FGAC(t *testing.T) {
setInitCtxSignedInOrgAdmin(sc.initCtx)
newUserId = createUser(sc.db, testOrgId, t)
input = strings.NewReader(fmt.Sprintf(createTeamCmd, newUserId))
input = strings.NewReader(fmt.Sprintf(teamCmd, newUserId))
t.Run("Access control prevents from adding a team member with the wrong permissions", func(t *testing.T) {
setAccessControlPermissions(sc.acmock, []*accesscontrol.Permission{{Action: accesscontrol.ActionTeamsPermissionsRead, Scope: "teams:id:1"}}, 1)
response := callAPI(sc.server, http.MethodPost, fmt.Sprintf(teamMemberAddRoute, "1"), input, t)