590b1857d5
Change UserKey to UserContextKey
...
Fix name of arguments in tests
2017-11-10 11:18:06 -05:00
9a0fa10d8a
Sort users organizations on me response by org ID
2017-11-10 11:09:16 -05:00
94d9d5345e
Prevent user from deleteing themselves
2017-11-10 11:09:16 -05:00
f25c22444c
Put entire user on context
2017-11-10 11:09:16 -05:00
35be59a71a
Differentiate between SuperAdminContext and ServerContext
...
Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.
This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.
2017-11-10 11:09:16 -05:00
25bea7c39a
Merge pull request #2249 from influxdata/multitenancy_scoped_sources
...
Sources are scoped by users role in organization
2017-11-07 12:05:12 -08:00
f7ad499011
Add verification that user does not have more than one role in org
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-11-07 15:02:31 -05:00
e69045d468
Remove super admin from store/sources tests
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-11-07 14:57:37 -05:00
bc13ca5ff4
Add clarifying comments about how roles, organization, and context are used to filter resources
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-07 14:56:55 -05:00
4f7f9c2757
Change SuperAdminRoleName to SuperAdminStatus
...
SuperAdmin is not a role type, but it a status of a user that is
tangentially related to a users role in an organization. This renames
the variable to reflect that difference.
2017-11-07 13:59:51 -05:00
d40a374274
Add comments suggested from PR review
...
Add tests to server/stores_test.go
2017-11-07 13:59:40 -05:00
c50422eb39
Modify mock store & json on superadmin-creates-SA user to reflect true SA status
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-06 11:17:27 -08:00
bd4d5c6cc3
Fix role related tests after rebase
2017-11-06 11:31:44 -05:00
9b194168a6
Move user roles and role names to roles package
2017-11-06 11:27:13 -05:00
4781cb3673
Allow update of sources.Role in server.UpdateSource
2017-11-06 11:25:51 -05:00
f3f183f685
Add role ctx where appropriate in AuthorizedUser
2017-11-06 11:25:46 -05:00
9ee3b431db
Add roles implementation of sources store
...
Minimal test coverage of Update/Delete/Add methods was done since they
do not involve any filtering. The filtering for them should have
happened at the API level.
2017-11-06 11:24:13 -05:00
f0d19277a3
Pull out setting super admin into a single func
2017-11-06 11:15:49 -05:00
3565eda4a1
Allow SuperAdmins to promoted and demoted
2017-11-06 11:15:48 -05:00
49232f009e
Add default org check even when no auth is used
2017-11-06 10:17:17 -05:00
f75de68607
Remove DefaultOrganization Name in tests mock store
2017-11-06 10:17:17 -05:00
7200aaf9f9
Add default org logic to OrganizationsStore
...
Update resource handlers to appropriate consume default organization IDs
2017-11-06 10:14:12 -05:00
09f79f3a3e
Grant user role in default org if added via API
...
When users are created via the API they are only given roles in orgs
that are explicitly set. Additionally the roles must be roles that
belong to the current organization (unless they are a super admin).
This leads to a situation where a user may not be a part of the default
organization. If this is the case, we detect it when the user hits /me
and add the user to the default org.
2017-11-06 09:46:00 -05:00
63f7d8205c
Add default role to chronograf.Organization
2017-11-06 09:46:00 -05:00
167c0c06a8
Prevent duplicate organization roles in user CRUD
2017-11-03 12:06:18 -04:00
aabefe3ac1
Fix me tests with proper IDs
2017-11-03 09:47:54 -04:00
4baa65629a
Fix links in me request
2017-11-03 09:39:21 -04:00
450a965019
Properly pass organization context to handlers
2017-11-03 09:13:03 -04:00
b67b2e8d6e
Fix over-stringification of organization on roles
2017-11-02 21:52:30 -04:00
500843a867
Add SuperAdmin to userResponse
2017-11-02 16:24:16 -07:00
311c68f457
Add CurrentOrganization & Organizations to me resp
...
Remove CurrentOrganization from chronograf.User
2017-11-02 11:59:53 -04:00
986f86d99c
Fix relevant go-vet/go-lint for server package
2017-11-01 16:43:31 -04:00
aa2087ec43
Add exhaustive test for AuthorizedUser
2017-11-01 16:38:17 -04:00
65028027fd
Add comments to DataStore interface and implemntn
2017-11-01 14:24:40 -04:00
eb845b1630
Fix routes tests
2017-11-01 14:09:58 -04:00
2e0911dbd9
Add organizations and users routes to allRoutes
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-01 12:59:07 -04:00
40feb4ae94
Change nil check to len == 0 check for userRequest
2017-11-01 12:38:26 -04:00
46987558e0
Remove unused code
2017-11-01 12:35:09 -04:00
569978b4f7
Add parseOrganizationID method
2017-11-01 12:34:00 -04:00
e7a94c18d6
Add comments throughout codebase
2017-11-01 12:30:42 -04:00
a8a115ec50
Change function signature of hasSuperAdminContext
2017-11-01 10:39:09 -04:00
4c0469cb07
Change OrganizationID to Organization in Me req
2017-11-01 10:37:32 -04:00
0e18f8778b
User explicit type when setting context
2017-11-01 09:49:02 -04:00
3ad2305c33
Add superAdmin to users CRUD
2017-11-01 09:12:19 -04:00
708c37dc67
WIP cleanup
2017-10-31 20:58:40 -04:00
e7e17537a1
WIP make app usable by frontend
2017-10-31 19:50:03 -04:00
f863bf2042
Add support for super admin
2017-10-31 18:27:24 -04:00
2bd2c81bb7
Add noop implementation of each source type
2017-10-31 18:07:42 -04:00
cf64b2e506
Remove RawUsers from DataStore
2017-10-31 17:49:35 -04:00
00b79a45eb
Add org param to New Organizaiton methods
2017-10-31 17:40:58 -04:00
Michael Desa
Jared Scheib
Jared Scheib