75d6c659f3
Allow SuperAdmins to change into any organization
2017-12-15 16:05:56 -08:00
fbc224107e
Reference known issue #2601 in Admin creating SuperAdmin response
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-12-15 15:05:27 -08:00
bd3aec99ad
Allow users to toggle between coloring text or background with single stat thresholds
2017-12-14 19:07:19 -08:00
1f6f78d3fd
Use serverContext for getting Config in NewUser
2017-12-14 13:34:19 -08:00
c42ebb3a86
Bump version to 1.4.0.0-beta2
2017-12-14 12:47:41 -08:00
a91b3ef104
Bump version to 1.4.0.0-beta2
2017-12-14 12:45:44 -08:00
f86004cda3
Add comment clarifying UsersStore Add method
2017-12-14 11:36:26 -08:00
e8861e9b74
Set SuperAdmin for NewUsers based on ConfigSetting
2017-12-14 11:11:51 -08:00
0e1bcfc9c6
Merge pull request #2355 from influxdata/multitenancy_all_users_superadmin_toggle
...
UI Toggle & API for SuperAdminFirstUserOnly server config
2017-12-14 10:54:18 -08:00
27fe23b161
Add comment about firstUser superAdmin logic
2017-12-14 10:46:55 -08:00
4369c9d708
Add SuperAdmin to default org, even if private
...
Add user to default org if org is public
2017-12-13 17:38:57 -08:00
2b60043016
Prevent users joining default org if private
2017-12-13 16:59:02 -08:00
058f5fbc20
Rename superAdminFirstUserOnly to superAdminNewUsers & flip default logic accordingly
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-12-13 14:49:49 -08:00
a54712f600
Add config.self & config.auth routes, update client routes & make PATCH a PUT
2017-12-13 13:54:23 -08:00
6059f155a1
Remove SuperAdminFirstUserOnly CLI flag
...
Wire up boltdb config store
2017-12-13 11:55:36 -08:00
c718847014
Wire up bolt db ConfigStore in Server
2017-12-13 10:46:08 -08:00
9c989083a8
Add PUT /config/:section route
2017-12-13 09:28:39 -08:00
d0f63ca0e0
Add /config/:section endpoint
2017-12-13 09:04:44 -08:00
17460e397b
Implement Config GET service method
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-12-12 17:06:57 -08:00
1e42cd6e0e
Add /config link to AllRoutes handler
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-12-12 15:11:30 -08:00
49c8868e67
Prevent user joining private default org
...
Previously, if an organization was private and a user was removed from
the default organization, then they would be re-added. This behavior was
so left over from when we thought of the default organization as the
place where all users would exist. This PR removes that behavior.
There is one piece of odd behavior where a user's "current organization"
will be the default organization, but they will have no role in the
default organization.
2017-12-12 13:15:53 -08:00
ed7f38c943
Merge branch 'master' into multiple-event-handlers
2017-12-08 12:20:40 -08:00
05fc484864
Update bumpversion with 1.4.0.0-beta1
2017-12-07 14:38:28 -06:00
31f012ff8f
Merge branch 'master' into multitenancy
2017-12-06 19:05:16 -08:00
14e8e70484
Merge branch 'multitenancy' into multitenancy_reset_current_org
2017-12-05 18:47:05 -08:00
903e461d40
Merge branch 'master' into multiple-event-handlers
2017-12-05 16:18:01 -08:00
ff1cde524b
Merge branch 'multitenancy' into multitenancy_fix_layouts
2017-12-05 16:03:05 -08:00
8ff0e2947b
Remove Create/Update/Delete logic for Layouts
2017-12-05 17:11:16 -05:00
c9471d4084
Remove /mappings in place of /layouts
...
Remove POST/PUT/DELETE methods to /layouts
2017-12-05 17:07:09 -05:00
9b87433ddf
Merge branch 'multitenancy' into multitenancy_reset_current_org
2017-12-05 13:37:46 -08:00
e5afdc3c23
Merge pull request #2410 from influxdata/gauge-cell-type
...
Gauge Dashboard Cell
2017-12-05 13:26:02 -08:00
4f43d2a137
Merge branch 'master' into multitenancy
2017-12-05 13:00:48 -08:00
86843f73d3
Merge branch 'master' into feature/add-meta-auth
2017-12-05 14:37:47 -06:00
6025c1224a
Merge branch 'master' into gauge-cell-type
2017-12-05 12:12:16 -08:00
c9e579acb2
Merge remote-tracking branch 'origin/master' into multitenancy
2017-12-05 11:43:23 -08:00
8cfc6bbbae
Allow for empty MetaURL in UpdateSource
...
Currently, if an empty source is supplied, then the source's meta url
will not be updated. Now, if the MetaURL is supplied and is different
than the one that is currently on the source, the value will be updated.
Even in the case of empty string meta urls.
2017-12-05 13:04:31 -05:00
ef1cadb7a4
Add basic auth or JWT tokens for meta queries
2017-12-04 18:07:08 -06:00
9a701a0a65
Allow admins to update a superadmins roles
2017-12-04 16:53:30 -05:00
67cda93a63
Merge branch 'master' into fix/basepath-logout
2017-12-04 15:00:07 -06:00
c474193181
Will not supply roles if there is no metaURL
2017-12-02 12:11:52 -08:00
d6d7081b1e
Update oauth logout to include basepath
2017-12-01 15:35:39 -06:00
2a21a31d68
Return 422 error instead of 500 for bad alert rule data
...
Signed-off-by: Chris Goller <goller@gmail.com>
2017-12-01 11:15:57 -08:00
ecdaf84961
Provide more verbose error for alert rule json parsing
...
Signed-off-by: Chris Goller <goller@gmail.com>
2017-12-01 11:05:38 -08:00
76b61a146e
Merge branch 'multitenancy' into multitenancy_reset_current_org
2017-11-30 19:07:40 -08:00
7588dcbf63
Complete 9ef1e57 by removing Role concept from sources in server
2017-11-30 19:03:56 -08:00
851149b397
Rename AlertHandlers to AlertNodes
2017-11-30 16:16:44 -08:00
f728c24764
Update kapacitor rule response to have empty arrays
...
Signed-off-by: Deniz Kusefoglu <denizk@gmail.com>
2017-11-30 16:32:47 -06:00
a81498f57a
Change NewUsersNotSuperAdmin to SuperAdminFirstUserOnly
2017-11-30 15:01:52 -05:00
a841419bfb
Update patching of enterprise users allow incremental updating of fields
2017-11-30 12:41:50 -06:00
a2df431c0d
Make first user SuperAdmin
2017-11-30 12:56:13 -05:00
57b876ad36
Unscope sources by role
...
Previously, as a misunderstanding of
https://github.com/influxdata/chronograf/issues/1915 we allowed
sources to be scoped by role within an organization. This was incorrect.
We no longer user the roles implementation of a chronograf.SourcesStore
and just use the organizations store.
We've left the code around a roles SourcesStore in place, since it may
be useful to us in the future. It may be worth removing if it is
determined that this behavior is not desirable.
2017-11-29 17:32:41 -05:00
3a07920d4c
Merge branch 'master' into gauge-cell-type
...
Conflicts:
bolt/internal/internal.pb.go
bolt/internal/internal.proto
server/cells.go
2017-11-27 16:08:42 -06:00
a455bac3ce
Accept name,provider,scheme in UpdateUser if unchanged
2017-11-22 15:20:48 -05:00
942671b604
Ensure that organzation on role is valid org id
2017-11-22 15:03:15 -05:00
5fa2e212fa
Disallow empty organization id create/update user
2017-11-22 14:49:44 -05:00
688bdbd2a8
Change HTTP Status 401 to 403 in AuthorizedUser
...
This signals to the front end that a user must go through another ouath
flow.
2017-11-21 18:55:26 -05:00
881bd11cf8
Return HTTP Status 403 if org not found in /me
...
Fix returning non-standard status from AuthorizedUser
2017-11-21 18:53:42 -05:00
0e72c0d16b
Add GENERIC_API_KEY to override of oauth2 responses to support azure
2017-11-21 16:55:03 -06:00
82fecbd91c
Fix broken test due to stupid new line
2017-11-21 11:34:26 -08:00
5280589505
Handle nil cell in validateDashboardRequest
2017-11-21 11:27:48 -08:00
6f6cde7179
Merge branch 'master' into feature/time-cop
2017-11-21 10:29:31 -08:00
862c1fcade
Update invalid swagger information for cell hex color length
2017-11-21 12:22:02 -06:00
8181e1eaf7
Add colors to all cells
2017-11-21 12:16:23 -06:00
78705185f4
Add mock.Store to queries test
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-11-16 13:01:20 -08:00
59fb016a4e
Merge branch 'master' into multitenancy
2017-11-14 00:05:18 -08:00
505e4fad57
Add organizations to newDashboardResponse tests
2017-11-13 23:37:50 -08:00
9b56045f8f
Add Organization ID to dashboards response
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-13 23:28:41 -08:00
579f946f00
Fix tests broken in 96a362cb
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-11-13 23:10:26 -08:00
7117835c52
Fix wording suggested in PR
2017-11-13 20:49:07 -08:00
4e51963399
Add option to specify users are create as super admin
2017-11-13 20:44:50 -08:00
1a235d881b
Use default organization default role in me
...
Forbid users from application if they have no roles and were not
explicitly added in private organization
2017-11-13 19:28:15 -08:00
338916a340
Address PR feedback.
2017-11-13 18:08:50 -08:00
0424f9f92e
Make Public values explicit
2017-11-13 12:15:53 -08:00
37d351f63b
Sew up failing tests
2017-11-13 11:47:34 -08:00
1aebbf2bd4
Clear test noise
2017-11-10 18:45:25 -08:00
9eccded4b2
Reuse chronograf.Organization type
2017-11-10 18:31:30 -08:00
6d2c7e18d1
Rename whitelistOnly => public
2017-11-10 18:23:41 -08:00
5fbf1e140a
Persist whitelistOnly changes to default organization
2017-11-10 16:43:11 -08:00
3a270747e2
Add test for queryConfig validation
2017-11-10 16:02:35 -08:00
4880e876ee
Add processing of incoming queryConfig
2017-11-10 16:02:08 -08:00
638e36c197
Change MeOrganization to UpdateMe
2017-11-10 16:17:46 -05:00
6493902265
Check WhitelistOnly setting on default org in Me
...
Set DefaultOrganizationWhitelistOnly to false
Set DefaultOrganizationRole on new user in Me
2017-11-10 16:15:29 -05:00
b110a28278
Add WhitelistOnly to organizations
...
Fix adding default role to organization
2017-11-10 15:57:48 -05:00
e2ac7f8bf0
Use raw organizations store is user is super admin
2017-11-10 15:33:28 -05:00
cc6f703f5d
Fix updating default role on organization
2017-11-10 14:55:21 -05:00
e98e1896ae
WIP Add shifts to queryConifg on backend
2017-11-10 11:06:48 -08:00
f228e2860d
Expose some organization routes to admins
...
Cleanup tests appropriately
Prevent Admins from patching organizations
2017-11-10 12:48:10 -05:00
81017173d7
Fix ValidSourceRequestComment
2017-11-10 12:20:58 -05:00
04b9294c4d
Fix ValidSourceRequest to modify pointer when needed
...
Add tests for Store.SourcesAll
2017-11-10 12:15:04 -05:00
722d96f495
Change UserKey to UserContextKey
2017-11-10 11:28:19 -05:00
3ce6e46b75
Add user that made the request to organization
...
Previously, when an org was created it had no users. Now when an
organization is created, the user that made the request is added to the
organization with the admin role.
If there are any errors when adding the user the organization, we make a
best effort attempt to delete the organization. However it is still
possilbe that an organization would be created, but have no users if our
best effort fails.
2017-11-10 11:20:56 -05:00
590b1857d5
Change UserKey to UserContextKey
...
Fix name of arguments in tests
2017-11-10 11:18:06 -05:00
9a0fa10d8a
Sort users organizations on me response by org ID
2017-11-10 11:09:16 -05:00
94d9d5345e
Prevent user from deleteing themselves
2017-11-10 11:09:16 -05:00
f25c22444c
Put entire user on context
2017-11-10 11:09:16 -05:00
35be59a71a
Differentiate between SuperAdminContext and ServerContext
...
Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.
This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.
2017-11-10 11:09:16 -05:00
d41a89debf
Refactor and simplify auto group by (:interval:) template variable
2017-11-09 10:02:24 -08:00
3f87dd6e77
Refactor and simplify auto group by (:interval:) template variable
2017-11-08 11:27:35 -06:00
25bea7c39a
Merge pull request #2249 from influxdata/multitenancy_scoped_sources
...
Sources are scoped by users role in organization
2017-11-07 12:05:12 -08:00
f7ad499011
Add verification that user does not have more than one role in org
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-11-07 15:02:31 -05:00
e69045d468
Remove super admin from store/sources tests
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-11-07 14:57:37 -05:00
bc13ca5ff4
Add clarifying comments about how roles, organization, and context are used to filter resources
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-07 14:56:55 -05:00
4f7f9c2757
Change SuperAdminRoleName to SuperAdminStatus
...
SuperAdmin is not a role type, but it a status of a user that is
tangentially related to a users role in an organization. This renames
the variable to reflect that difference.
2017-11-07 13:59:51 -05:00
d40a374274
Add comments suggested from PR review
...
Add tests to server/stores_test.go
2017-11-07 13:59:40 -05:00
c50422eb39
Modify mock store & json on superadmin-creates-SA user to reflect true SA status
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-06 11:17:27 -08:00
bd4d5c6cc3
Fix role related tests after rebase
2017-11-06 11:31:44 -05:00
9b194168a6
Move user roles and role names to roles package
2017-11-06 11:27:13 -05:00
4781cb3673
Allow update of sources.Role in server.UpdateSource
2017-11-06 11:25:51 -05:00
f3f183f685
Add role ctx where appropriate in AuthorizedUser
2017-11-06 11:25:46 -05:00
9ee3b431db
Add roles implementation of sources store
...
Minimal test coverage of Update/Delete/Add methods was done since they
do not involve any filtering. The filtering for them should have
happened at the API level.
2017-11-06 11:24:13 -05:00
f0d19277a3
Pull out setting super admin into a single func
2017-11-06 11:15:49 -05:00
3565eda4a1
Allow SuperAdmins to promoted and demoted
2017-11-06 11:15:48 -05:00
49232f009e
Add default org check even when no auth is used
2017-11-06 10:17:17 -05:00
f75de68607
Remove DefaultOrganization Name in tests mock store
2017-11-06 10:17:17 -05:00
7200aaf9f9
Add default org logic to OrganizationsStore
...
Update resource handlers to appropriate consume default organization IDs
2017-11-06 10:14:12 -05:00
09f79f3a3e
Grant user role in default org if added via API
...
When users are created via the API they are only given roles in orgs
that are explicitly set. Additionally the roles must be roles that
belong to the current organization (unless they are a super admin).
This leads to a situation where a user may not be a part of the default
organization. If this is the case, we detect it when the user hits /me
and add the user to the default org.
2017-11-06 09:46:00 -05:00
63f7d8205c
Add default role to chronograf.Organization
2017-11-06 09:46:00 -05:00
02762a95e5
Update queries endpoint comment
2017-11-04 20:19:08 -05:00
167c0c06a8
Prevent duplicate organization roles in user CRUD
2017-11-03 12:06:18 -04:00
aabefe3ac1
Fix me tests with proper IDs
2017-11-03 09:47:54 -04:00
4baa65629a
Fix links in me request
2017-11-03 09:39:21 -04:00
450a965019
Properly pass organization context to handlers
2017-11-03 09:13:03 -04:00
b67b2e8d6e
Fix over-stringification of organization on roles
2017-11-02 21:52:30 -04:00
500843a867
Add SuperAdmin to userResponse
2017-11-02 16:24:16 -07:00
cdd2c826b9
Fix rendering of templated queries to the /queries endpoint
2017-11-02 17:57:02 -05:00
311c68f457
Add CurrentOrganization & Organizations to me resp
...
Remove CurrentOrganization from chronograf.User
2017-11-02 11:59:53 -04:00
986f86d99c
Fix relevant go-vet/go-lint for server package
2017-11-01 16:43:31 -04:00
aa2087ec43
Add exhaustive test for AuthorizedUser
2017-11-01 16:38:17 -04:00
65028027fd
Add comments to DataStore interface and implemntn
2017-11-01 14:24:40 -04:00
eb845b1630
Fix routes tests
2017-11-01 14:09:58 -04:00
2e0911dbd9
Add organizations and users routes to allRoutes
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-01 12:59:07 -04:00
40feb4ae94
Change nil check to len == 0 check for userRequest
2017-11-01 12:38:26 -04:00
46987558e0
Remove unused code
2017-11-01 12:35:09 -04:00
569978b4f7
Add parseOrganizationID method
2017-11-01 12:34:00 -04:00
e7a94c18d6
Add comments throughout codebase
2017-11-01 12:30:42 -04:00
a8a115ec50
Change function signature of hasSuperAdminContext
2017-11-01 10:39:09 -04:00
4c0469cb07
Change OrganizationID to Organization in Me req
2017-11-01 10:37:32 -04:00
0e18f8778b
User explicit type when setting context
2017-11-01 09:49:02 -04:00
3ad2305c33
Add superAdmin to users CRUD
2017-11-01 09:12:19 -04:00
708c37dc67
WIP cleanup
2017-10-31 20:58:40 -04:00
e7e17537a1
WIP make app usable by frontend
2017-10-31 19:50:03 -04:00
f863bf2042
Add support for super admin
2017-10-31 18:27:24 -04:00
2bd2c81bb7
Add noop implementation of each source type
2017-10-31 18:07:42 -04:00
cf64b2e506
Remove RawUsers from DataStore
2017-10-31 17:49:35 -04:00
00b79a45eb
Add org param to New Organizaiton methods
2017-10-31 17:40:58 -04:00
36e14cb111
Refactor data stores into a common interface
2017-10-31 16:41:17 -04:00
bea2caaa7f
Move organization resouces to their own package
2017-10-30 14:31:19 -04:00
1082b264fe
Use organization stores
2017-10-30 12:05:59 -04:00
cbc22b10d7
Test authorized User in the context of Organization
...
Make principal explicit arg in auth tests.
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 13:54:28 -07:00
cf58974927
Add organization field to principal in auth tests
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 13:19:43 -07:00
Michael Desa
Jared Scheib
Alex P
Nathan Haugo
Jared Scheib
Deniz Kusefoglu
Chris Goller
Andrew Watkins
Deniz Kusefoglu
Luke Morris