Influxdata
/
chronograf
mirror of https://github.com/influxdata/chronograf.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
7,395 Commits
296 Branches
122 Tags
181 MiB
Commit Graph

73 Commits (8283859e99b04b05b547d52865990a3358920214)

Author SHA1 Message Date
Michael Desa 096ef058eb Allow user to delete themselves 
Previously users were prevented from removing themselves.

Connect https://github.com/influxdata/chronograf/issues/2711
 2018-02-07 09:46:08 -05:00
Michael Desa 2d7828b602 Nest user routes under organization 
Add global user routes
 2018-01-16 16:45:58 -05:00
Michael Desa 4afb444579 Allow UpdateUser to accept empty roles 2018-01-12 12:37:30 -05:00
Michael Desa d74d8f35f9 Add wildcard role and validate users roles in CRUD 
The server may now specify a '*' to indicate that the server should
retrieve the organizations default role and assign it to the user.
 2018-01-12 12:27:55 -05:00
Michael Desa 0d6a508a00 Modify CRUD user handlers for global operations 
Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.
 2018-01-09 13:43:33 -05:00
Michael Desa 95297303be Check specific case when SA changes their status 
SA - SuperAdmin
 2017-12-20 16:34:31 -08:00
Michael Desa 14af1aa115 Prevent SuperAdmin from modifying their own status 
Previously it was possible for SuperAdmins to remove their own status.
This could create an application state where there were no super admins.
This is not an acceptable application state.
 2017-12-20 15:17:08 -08:00
Michael Desa d8d20547ab Change Organization ID to string from uint64 2017-12-19 10:13:43 -08:00
Jared Scheib 933291918b Reference known issue #2601 in Admin creating SuperAdmin response 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-12-15 15:05:27 -08:00
Michael Desa 4223767c53 Use serverContext for getting Config in NewUser 2017-12-14 13:34:19 -08:00
Michael Desa 61ef8937ba Add comment clarifying UsersStore Add method 2017-12-14 11:36:26 -08:00
Michael Desa da605ac138 Set SuperAdmin for NewUsers based on ConfigSetting 2017-12-14 11:11:51 -08:00
Michael Desa 15a1c45cf1 Allow admins to update a superadmins roles 2017-12-04 16:53:30 -05:00
Michael Desa 6ca8bf5089 Accept name,provider,scheme in UpdateUser if unchanged 2017-11-22 15:20:48 -05:00
Michael Desa 8f7363b3f4 Ensure that organzation on role is valid org id 2017-11-22 15:03:15 -05:00
Michael Desa ec20267c2f Disallow empty organization id create/update user 2017-11-22 14:49:44 -05:00
Michael Desa e83bfe87e5 Prevent user from deleteing themselves 2017-11-10 11:09:16 -05:00
Michael Desa cbbf9d96d7 Add comments suggested from PR review 
Add tests to server/stores_test.go
 2017-11-07 13:59:40 -05:00
Michael Desa 859d94ab15 Move user roles and role names to roles package 2017-11-06 11:27:13 -05:00
Michael Desa 833e98ce73 Pull out setting super admin into a single func 2017-11-06 11:15:49 -05:00
Michael Desa 9af3089914 Allow SuperAdmins to promoted and demoted 2017-11-06 11:15:48 -05:00
Michael Desa 271aebb40f Prevent duplicate organization roles in user CRUD 2017-11-03 12:06:18 -04:00
Jared Scheib fe6e0682ca Add SuperAdmin to userResponse 2017-11-02 16:24:16 -07:00
Michael Desa 3f55da7503 Change nil check to len == 0 check for userRequest 2017-11-01 12:38:26 -04:00
Michael Desa 7af7d65802 Change function signature of hasSuperAdminContext 2017-11-01 10:39:09 -04:00
Michael Desa 72422803c4 Add superAdmin to users CRUD 2017-11-01 09:12:19 -04:00
Michael Desa a9d5bf9c05 WIP cleanup 2017-10-31 20:58:40 -04:00
Michael Desa 5f63e2738a Refactor data stores into a common interface 2017-10-31 16:41:17 -04:00
Jared Scheib 5bed2cfc4f Merge remote-tracking branch 'origin/multitenancy' into multitenancy_orgs 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-26 18:21:30 -04:00
Michael Desa bf6c77ee5f Provide route to change current users organization 
Add current Organization to JWT.
Use OrganizationUsersStore to retrieve Users that are not me.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-26 18:06:52 -04:00
Jared Scheib 9a6ab1bf9d Lowercase Provider & Scheme & Role values for consistency 
The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.
 2017-10-24 16:17:59 -07:00
Michael de Sa dad08a7389 Modify ValidUpdate to ensure only User Roles can be updated 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-24 14:28:35 -07:00
Michael Desa f1ad32a367 Add missing returns in http hanlder methods 2017-10-20 15:42:51 -04:00
Jared Scheib c994e8c5ac Set Scheme to be OAuth2 explicitly for all users 
Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-19 14:32:33 -05:00
Michael Desa 0d235f646d Generalize chronograf.UsersStore Get method 
The `Get` method on the UsersStore was generalize by changing the second
parameter to a struct. This allows the Store to retrieve users by more
than simply their name.

-Get(ctx context.Context, name string) (*User, error)
+Get(ctx context.Context, q UserQuery) (*User, error)
 2017-10-18 14:17:42 -04:00
Jared Scheib 5d4ac3c167 Lowercase string consts for role names 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-16 19:42:57 -05:00
Michael de Sa 7a45bba4f7 Place user role consts and vars in server package 
This also decouples the bolt tests from the server package.

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-16 18:43:56 -05:00
Jared Scheib 8e298437c5 Replace string slices of role names with slices of chronograf.Role 
This effectively reinstants rolly polly as king.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-16 18:26:08 -05:00
Michael de Sa 2f1e128c61 Suggest valid options in Invalid Role error message 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-16 15:56:43 -05:00
Jared Scheib 351f762ed2 Remove unnecessary logic in ValidRoles guard 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-16 13:58:16 -05:00
Jared Scheib 2281adb33d Modify chronograf user roles to only use role name 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-16 14:44:34 -04:00
Jared Scheib 84be5f7128 Modify User req & res to receive & give Role names only 
Role members are fully explicated for CRUD operations.
Also adds validation for Roles on requests.
Also returns an empty array in JSON when a User has no roles.
 2017-10-16 14:18:34 -04:00
Jared Scheib 25faaa02df Add Roles to Users CRUD 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-12 17:42:30 -07:00
Michael de Sa 04a9af37f3 Refactor setting writer Location header 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-11 10:14:57 -07:00
Jared Scheib e2ce0cda0d Refactor applying writer location header into helper func 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-10 14:40:45 -07:00
Michael de Sa 64381c28ba Remove omitempty for Provider & Scheme in userRequest and userResponse 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-10 14:25:45 -07:00
Michael de Sa 04f4c4b917 Use more idiomatic error message method 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-10 14:21:43 -07:00
Michael de Sa a122d5537c Add comments on ValidUpdate for future considerations 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-10 14:19:28 -07:00
Jared Scheib 1b250ebfa9 Make name on userResponse required 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-10 14:15:31 -07:00
Jared Scheib 35d6f0b8c3 Use string IDs in JSON res and req for Users 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-10 12:27:55 -07:00