opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-29 17:42:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
60,980 Commits 2,380 Branches 619 Tags
Commit Graph

8 Commits

Author SHA1 Message Date
Misi
c6a6b9fdd2 IAM: Create and delete user from the legacy store (#107694) 
* Add Create for User + DualWriter setup

* Add delete User

* Fix delete + access check

* Add tests for delete user

* Add tests for create user

* Fixes

* Use sqlx session to fix database locked issues

* wip authz checks

* legacyAccessClient

* Update legacyAccessClient, add tests for create user

* Close rows before running other queries

* Use ExecWithReturningId

* Verify deletion in the tests

* Add Validate and Mutate

* Other changes

* Address feedback

* Update tests

---------

Co-authored-by: Gabriel Mabille <gabriel.mabille@grafana.com>
 2025-07-17 11:50:40 +02:00
Karl Persson
fa74d1c36d Authn: Sync authlib and update how we construct authn client interceptor (#101124) 
* Sync authlib and update how we construct authn client interceptor

* Remove namespace from checker
 2025-02-26 09:22:09 +01:00
Ryan McKinley
680e6bc1f8 Authlib: Use types package rather than claims (#99243) 2025-01-21 12:06:55 +03:00
Karl Persson
c593b20465 Zanana: Add custom verb for get_permissions and set_permissions. (#98616) 
* Add custom verb for get_permissions and update_permissions.

Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
 2025-01-10 11:49:26 +01:00
Karl Persson
a82d01214d Auth: Update authlib (#94947) 
* Update authlib
 2024-10-18 13:36:21 +02:00
Karl Persson
0160f4f72c RBAC: Add legacy authorization checks to service accounts (#93753) 
* Extract a helper funtion to perform list with authorization checks

* Add k8s verb to utils package

* Construct default mapping when no custom mapping is passed

* Configure authorization checks for service accounts

* Fix helper and add filtering to service accounts
 2024-09-27 15:53:11 +02:00
Karl Persson
c28b37a67b RBAC: Add option to skip rbac check for specified verbs (#93654) 
* Add option to skip rbac check for specified verbs
 2024-09-24 15:13:04 +02:00
Karl Persson
2e38329026 RBAC: Add required component to perform access control checks for user api when running single tenant (#93104) 
* Unexport store and create new constructor function

* Add ResourceAuthorizer and LegacyAccessClient

* Configure checks for user store

* List with checks if AccessClient is configured

* Allow system user service account to read all users

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
 2024-09-23 11:26:44 +02:00