338916a340
Address PR feedback.
2017-11-13 18:08:50 -08:00
0424f9f92e
Make Public values explicit
2017-11-13 12:15:53 -08:00
37d351f63b
Sew up failing tests
2017-11-13 11:47:34 -08:00
1aebbf2bd4
Clear test noise
2017-11-10 18:45:25 -08:00
9eccded4b2
Reuse chronograf.Organization type
2017-11-10 18:31:30 -08:00
6d2c7e18d1
Rename whitelistOnly => public
2017-11-10 18:23:41 -08:00
5fbf1e140a
Persist whitelistOnly changes to default organization
2017-11-10 16:43:11 -08:00
3a270747e2
Add test for queryConfig validation
2017-11-10 16:02:35 -08:00
4880e876ee
Add processing of incoming queryConfig
2017-11-10 16:02:08 -08:00
638e36c197
Change MeOrganization to UpdateMe
2017-11-10 16:17:46 -05:00
6493902265
Check WhitelistOnly setting on default org in Me
...
Set DefaultOrganizationWhitelistOnly to false
Set DefaultOrganizationRole on new user in Me
2017-11-10 16:15:29 -05:00
b110a28278
Add WhitelistOnly to organizations
...
Fix adding default role to organization
2017-11-10 15:57:48 -05:00
e2ac7f8bf0
Use raw organizations store is user is super admin
2017-11-10 15:33:28 -05:00
cc6f703f5d
Fix updating default role on organization
2017-11-10 14:55:21 -05:00
e98e1896ae
WIP Add shifts to queryConifg on backend
2017-11-10 11:06:48 -08:00
f228e2860d
Expose some organization routes to admins
...
Cleanup tests appropriately
Prevent Admins from patching organizations
2017-11-10 12:48:10 -05:00
81017173d7
Fix ValidSourceRequestComment
2017-11-10 12:20:58 -05:00
04b9294c4d
Fix ValidSourceRequest to modify pointer when needed
...
Add tests for Store.SourcesAll
2017-11-10 12:15:04 -05:00
722d96f495
Change UserKey to UserContextKey
2017-11-10 11:28:19 -05:00
3ce6e46b75
Add user that made the request to organization
...
Previously, when an org was created it had no users. Now when an
organization is created, the user that made the request is added to the
organization with the admin role.
If there are any errors when adding the user the organization, we make a
best effort attempt to delete the organization. However it is still
possilbe that an organization would be created, but have no users if our
best effort fails.
2017-11-10 11:20:56 -05:00
590b1857d5
Change UserKey to UserContextKey
...
Fix name of arguments in tests
2017-11-10 11:18:06 -05:00
9a0fa10d8a
Sort users organizations on me response by org ID
2017-11-10 11:09:16 -05:00
94d9d5345e
Prevent user from deleteing themselves
2017-11-10 11:09:16 -05:00
f25c22444c
Put entire user on context
2017-11-10 11:09:16 -05:00
35be59a71a
Differentiate between SuperAdminContext and ServerContext
...
Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.
This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.
2017-11-10 11:09:16 -05:00
d41a89debf
Refactor and simplify auto group by (:interval:) template variable
2017-11-09 10:02:24 -08:00
3f87dd6e77
Refactor and simplify auto group by (:interval:) template variable
2017-11-08 11:27:35 -06:00
25bea7c39a
Merge pull request #2249 from influxdata/multitenancy_scoped_sources
...
Sources are scoped by users role in organization
2017-11-07 12:05:12 -08:00
f7ad499011
Add verification that user does not have more than one role in org
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-11-07 15:02:31 -05:00
e69045d468
Remove super admin from store/sources tests
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-11-07 14:57:37 -05:00
bc13ca5ff4
Add clarifying comments about how roles, organization, and context are used to filter resources
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-07 14:56:55 -05:00
4f7f9c2757
Change SuperAdminRoleName to SuperAdminStatus
...
SuperAdmin is not a role type, but it a status of a user that is
tangentially related to a users role in an organization. This renames
the variable to reflect that difference.
2017-11-07 13:59:51 -05:00
d40a374274
Add comments suggested from PR review
...
Add tests to server/stores_test.go
2017-11-07 13:59:40 -05:00
c50422eb39
Modify mock store & json on superadmin-creates-SA user to reflect true SA status
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-06 11:17:27 -08:00
bd4d5c6cc3
Fix role related tests after rebase
2017-11-06 11:31:44 -05:00
9b194168a6
Move user roles and role names to roles package
2017-11-06 11:27:13 -05:00
4781cb3673
Allow update of sources.Role in server.UpdateSource
2017-11-06 11:25:51 -05:00
f3f183f685
Add role ctx where appropriate in AuthorizedUser
2017-11-06 11:25:46 -05:00
9ee3b431db
Add roles implementation of sources store
...
Minimal test coverage of Update/Delete/Add methods was done since they
do not involve any filtering. The filtering for them should have
happened at the API level.
2017-11-06 11:24:13 -05:00
f0d19277a3
Pull out setting super admin into a single func
2017-11-06 11:15:49 -05:00
3565eda4a1
Allow SuperAdmins to promoted and demoted
2017-11-06 11:15:48 -05:00
49232f009e
Add default org check even when no auth is used
2017-11-06 10:17:17 -05:00
f75de68607
Remove DefaultOrganization Name in tests mock store
2017-11-06 10:17:17 -05:00
7200aaf9f9
Add default org logic to OrganizationsStore
...
Update resource handlers to appropriate consume default organization IDs
2017-11-06 10:14:12 -05:00
09f79f3a3e
Grant user role in default org if added via API
...
When users are created via the API they are only given roles in orgs
that are explicitly set. Additionally the roles must be roles that
belong to the current organization (unless they are a super admin).
This leads to a situation where a user may not be a part of the default
organization. If this is the case, we detect it when the user hits /me
and add the user to the default org.
2017-11-06 09:46:00 -05:00
63f7d8205c
Add default role to chronograf.Organization
2017-11-06 09:46:00 -05:00
02762a95e5
Update queries endpoint comment
2017-11-04 20:19:08 -05:00
167c0c06a8
Prevent duplicate organization roles in user CRUD
2017-11-03 12:06:18 -04:00
aabefe3ac1
Fix me tests with proper IDs
2017-11-03 09:47:54 -04:00
4baa65629a
Fix links in me request
2017-11-03 09:39:21 -04:00
450a965019
Properly pass organization context to handlers
2017-11-03 09:13:03 -04:00
b67b2e8d6e
Fix over-stringification of organization on roles
2017-11-02 21:52:30 -04:00
500843a867
Add SuperAdmin to userResponse
2017-11-02 16:24:16 -07:00
cdd2c826b9
Fix rendering of templated queries to the /queries endpoint
2017-11-02 17:57:02 -05:00
311c68f457
Add CurrentOrganization & Organizations to me resp
...
Remove CurrentOrganization from chronograf.User
2017-11-02 11:59:53 -04:00
986f86d99c
Fix relevant go-vet/go-lint for server package
2017-11-01 16:43:31 -04:00
aa2087ec43
Add exhaustive test for AuthorizedUser
2017-11-01 16:38:17 -04:00
65028027fd
Add comments to DataStore interface and implemntn
2017-11-01 14:24:40 -04:00
eb845b1630
Fix routes tests
2017-11-01 14:09:58 -04:00
2e0911dbd9
Add organizations and users routes to allRoutes
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-11-01 12:59:07 -04:00
40feb4ae94
Change nil check to len == 0 check for userRequest
2017-11-01 12:38:26 -04:00
46987558e0
Remove unused code
2017-11-01 12:35:09 -04:00
569978b4f7
Add parseOrganizationID method
2017-11-01 12:34:00 -04:00
e7a94c18d6
Add comments throughout codebase
2017-11-01 12:30:42 -04:00
a8a115ec50
Change function signature of hasSuperAdminContext
2017-11-01 10:39:09 -04:00
4c0469cb07
Change OrganizationID to Organization in Me req
2017-11-01 10:37:32 -04:00
0e18f8778b
User explicit type when setting context
2017-11-01 09:49:02 -04:00
3ad2305c33
Add superAdmin to users CRUD
2017-11-01 09:12:19 -04:00
708c37dc67
WIP cleanup
2017-10-31 20:58:40 -04:00
e7e17537a1
WIP make app usable by frontend
2017-10-31 19:50:03 -04:00
f863bf2042
Add support for super admin
2017-10-31 18:27:24 -04:00
2bd2c81bb7
Add noop implementation of each source type
2017-10-31 18:07:42 -04:00
cf64b2e506
Remove RawUsers from DataStore
2017-10-31 17:49:35 -04:00
00b79a45eb
Add org param to New Organizaiton methods
2017-10-31 17:40:58 -04:00
36e14cb111
Refactor data stores into a common interface
2017-10-31 16:41:17 -04:00
bea2caaa7f
Move organization resouces to their own package
2017-10-30 14:31:19 -04:00
1082b264fe
Use organization stores
2017-10-30 12:05:59 -04:00
cbc22b10d7
Test authorized User in the context of Organization
...
Make principal explicit arg in auth tests.
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 13:54:28 -07:00
cf58974927
Add organization field to principal in auth tests
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 13:19:43 -07:00
32a65aa307
Slightly DRYer code for getting fields off Principal
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 12:48:51 -07:00
cff3ae798d
Test MeOrganization for valid org with invalid user, and invalid org
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 10:14:14 -07:00
4c968b0ff5
Validate Organization and that User belongs to Org in MeOrganization
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 10:02:02 -07:00
5c4407cbaf
Test MeOrganization for setting and changing current org
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-26 16:03:01 -07:00
6dd9f52c47
Change organization in meOrganizationRequest to currentOrganization
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-26 16:02:29 -07:00
30d1739e35
Move Mock Authenticator into mocks package
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-26 15:46:06 -07:00
3152471f7c
Fix logger and redirector to be flushers allowing HTTP chunking
2017-10-26 17:38:20 -05:00
f94eed49f5
Fix kapacitor proxy to accept url query parameters
2017-10-26 17:38:03 -05:00
10e45721b4
Add flush interval to kapacitor proxy to fix buffering
2017-10-26 17:37:28 -05:00
d6d3463208
Merge remote-tracking branch 'origin/multitenancy' into multitenancy_orgs
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-26 18:21:30 -04:00
5e08464ecf
Provide route to change current users organization
...
Add current Organization to JWT.
Use OrganizationUsersStore to retrieve Users that are not me.
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-26 18:06:52 -04:00
c720f8a9cb
Merge pull request #2140 from influxdata/feature/kapa-insecure
...
Add insecure ssl support to connect to kapacitor
2017-10-26 10:40:28 -04:00
cf530eddc6
Update Organization comments on resources
...
Remove `omitempty` on Organization field
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-25 14:56:08 -04:00
4786964b54
Add Organization guard to server/kapacitors
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-25 14:48:19 -04:00
e909ce9a1e
Add Organizations to Dashboards
2017-10-25 14:00:06 -04:00
57468b5fbe
Add Organization to layouts
2017-10-25 12:52:56 -04:00
ef079a1899
Add Organization to Sources
2017-10-25 11:51:15 -04:00
bb67361cf1
Merge branch 'multitenancy' into multitenancy_lowercase_fields
2017-10-24 18:01:32 -07:00
aa8742662f
Merge branch 'master' into multitenancy
2017-10-24 17:58:15 -07:00
74fdcc1c39
Add scheme to me/AuthorizedUser tests
2017-10-24 16:21:24 -07:00
f283702fe0
Lowercase Provider & Scheme & Role values for consistency
...
The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.
2017-10-24 16:17:59 -07:00
Luke Morris
Andrew Watkins
Michael Desa
Chris Goller
Jared Scheib
Jared Scheib
Nathan Haugo