Influxdata
/
chronograf
mirror of https://github.com/influxdata/chronograf.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
6,076 Commits
297 Branches
122 Tags
182 MiB
Commit Graph

544 Commits (95dd68b8addcc82e7c4ee1446524b1509fef7fcb)

Author SHA1 Message Date
Michael Desa f2591c9eb1 Change HTTP Status 401 to 403 in AuthorizedUser 
This signals to the front end that a user must go through another ouath
flow.
 2017-11-21 18:55:26 -05:00
Michael Desa cf82990623 Return HTTP Status 403 if org not found in /me 
Fix returning non-standard status from AuthorizedUser
 2017-11-21 18:53:42 -05:00
Jared Scheib 9b89e42777 Add mock.Store to queries test 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-11-16 13:01:20 -08:00
Jared Scheib f38b80a30d Merge branch 'master' into multitenancy 2017-11-14 00:05:18 -08:00
Michael Desa 489127cecb Add organizations to newDashboardResponse tests 2017-11-13 23:37:50 -08:00
Jared Scheib 05c76d3c52 Add Organization ID to dashboards response 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-11-13 23:28:41 -08:00
Michael de Sa 65bc529831 Fix tests broken in 96a362cb 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-11-13 23:10:26 -08:00
Michael Desa fdc6dc4aa3 Fix wording suggested in PR 2017-11-13 20:49:07 -08:00
Michael Desa 011b0bfb73 Add option to specify users are create as super admin 2017-11-13 20:44:50 -08:00
Michael Desa 5b64cb4dc3 Use default organization default role in me 
Forbid users from application if they have no roles and were not
explicitly added in private organization
 2017-11-13 19:28:15 -08:00
Luke Morris b3d0d6eeee Address PR feedback. 2017-11-13 18:08:50 -08:00
Luke Morris b543e64ef1 Make Public values explicit 2017-11-13 12:15:53 -08:00
Luke Morris b731481fdc Sew up failing tests 2017-11-13 11:47:34 -08:00
Luke Morris 65ae474a5c Clear test noise 2017-11-10 18:45:25 -08:00
Luke Morris 43338cbdcb Reuse chronograf.Organization type 2017-11-10 18:31:30 -08:00
Luke Morris 31277c432c Rename whitelistOnly => public 2017-11-10 18:23:41 -08:00
Luke Morris 5ff6bfb32e Persist whitelistOnly changes to default organization 2017-11-10 16:43:11 -08:00
Michael Desa d53fcea236 Change MeOrganization to UpdateMe 2017-11-10 16:17:46 -05:00
Michael Desa 173d1f2d71 Check WhitelistOnly setting on default org in Me 
Set DefaultOrganizationWhitelistOnly to false

Set DefaultOrganizationRole on new user in Me
 2017-11-10 16:15:29 -05:00
Michael Desa dc1ee40bc6 Add WhitelistOnly to organizations 
Fix adding default role to organization
 2017-11-10 15:57:48 -05:00
Michael Desa 89ca72952c Use raw organizations store is user is super admin 2017-11-10 15:33:28 -05:00
Michael Desa fe6f3bd673 Fix updating default role on organization 2017-11-10 14:55:21 -05:00
Michael Desa 85bb71033c Expose some organization routes to admins 
Cleanup tests appropriately

Prevent Admins from patching organizations
 2017-11-10 12:48:10 -05:00
Michael Desa 8e9673380f Fix ValidSourceRequestComment 2017-11-10 12:20:58 -05:00
Michael Desa d9a29cab89 Fix ValidSourceRequest to modify pointer when needed 
Add tests for Store.SourcesAll
 2017-11-10 12:15:04 -05:00
Michael Desa 7123eea6dc Change UserKey to UserContextKey 2017-11-10 11:28:19 -05:00
Michael Desa fbff6cea76 Add user that made the request to organization 
Previously, when an org was created it had no users. Now when an
organization is created, the user that made the request is added to the
organization with the admin role.

If there are any errors when adding the user the organization, we make a
best effort attempt to delete the organization. However it is still
possilbe that an organization would be created, but have no users if our
best effort fails.
 2017-11-10 11:20:56 -05:00
Michael Desa 1832ecb4f7 Change UserKey to UserContextKey 
Fix name of arguments in tests
 2017-11-10 11:18:06 -05:00
Michael Desa 39910a08af Sort users organizations on me response by org ID 2017-11-10 11:09:16 -05:00
Michael Desa e83bfe87e5 Prevent user from deleteing themselves 2017-11-10 11:09:16 -05:00
Michael Desa 71851d142f Put entire user on context 2017-11-10 11:09:16 -05:00
Michael Desa 4e46b4b2c7 Differentiate between SuperAdminContext and ServerContext 
Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.
 2017-11-10 11:09:16 -05:00
Jared Scheib 355649b885
Merge pull request #2249 from influxdata/multitenancy_scoped_sources 
Sources are scoped by users role in organization
 2017-11-07 12:05:12 -08:00
Michael de Sa 5062773e4e Add verification that user does not have more than one role in org 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-11-07 15:02:31 -05:00
Michael de Sa 85329d0bc6 Remove super admin from store/sources tests 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-11-07 14:57:37 -05:00
Jared Scheib 4df7e38779 Add clarifying comments about how roles, organization, and context are used to filter resources 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-11-07 14:56:55 -05:00
Michael Desa 6f66dd8a47 Change SuperAdminRoleName to SuperAdminStatus 
SuperAdmin is not a role type, but it a status of a user that is
tangentially related to a users role in an organization. This renames
the variable to reflect that difference.
 2017-11-07 13:59:51 -05:00
Michael Desa cbbf9d96d7 Add comments suggested from PR review 
Add tests to server/stores_test.go
 2017-11-07 13:59:40 -05:00
Jared Scheib b7533c0030 Modify mock store & json on superadmin-creates-SA user to reflect true SA status 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-11-06 11:17:27 -08:00
Michael Desa 9a548983d0 Fix role related tests after rebase 2017-11-06 11:31:44 -05:00
Michael Desa 859d94ab15 Move user roles and role names to roles package 2017-11-06 11:27:13 -05:00
Michael Desa 14459c7f7b Allow update of sources.Role in server.UpdateSource 2017-11-06 11:25:51 -05:00
Michael Desa 5e1ad82660 Add role ctx where appropriate in AuthorizedUser 2017-11-06 11:25:46 -05:00
Michael Desa f71e6a4b55 Add roles implementation of sources store 
Minimal test coverage of Update/Delete/Add methods was done since they
do not involve any filtering. The filtering for them should have
happened at the API level.
 2017-11-06 11:24:13 -05:00
Michael Desa 833e98ce73 Pull out setting super admin into a single func 2017-11-06 11:15:49 -05:00
Michael Desa 9af3089914 Allow SuperAdmins to promoted and demoted 2017-11-06 11:15:48 -05:00
Michael Desa c7e49001d4 Add default org check even when no auth is used 2017-11-06 10:17:17 -05:00
Michael Desa 66c779c193 Remove DefaultOrganization Name in tests mock store 2017-11-06 10:17:17 -05:00
Michael Desa 3370774e8f Add default org logic to OrganizationsStore 
Update resource handlers to appropriate consume default organization IDs
 2017-11-06 10:14:12 -05:00
Michael Desa 3ddd253d68 Grant user role in default org if added via API 
When users are created via the API they are only given roles in orgs
that are explicitly set. Additionally the roles must be roles that
belong to the current organization (unless they are a super admin).

This leads to a situation where a user may not be a part of the default
organization. If this is the case, we detect it when the user hits /me
and add the user to the default org.
 2017-11-06 09:46:00 -05:00