Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
6,720 Commits
216 Branches
453 Tags
355 MiB
Commit Graph

45 Commits (7f5b641a772b62ff41ac74d892b7cf3f42f6bd2b)

Author SHA1 Message Date
Michael Desa f26d2f0f35 Change Organization ID to string from uint64 2017-12-19 10:13:43 -08:00
Jared Scheib 0e1bcfc9c6 Merge pull request #2355 from influxdata/multitenancy_all_users_superadmin_toggle 
UI Toggle & API for SuperAdminFirstUserOnly server config
 2017-12-14 10:54:18 -08:00
Michael Desa 4369c9d708 Add SuperAdmin to default org, even if private 
Add user to default org if org is public
 2017-12-13 17:38:57 -08:00
Michael Desa 2b60043016 Prevent users joining default org if private 2017-12-13 16:59:02 -08:00
Jared Scheib 058f5fbc20 Rename superAdminFirstUserOnly to superAdminNewUsers & flip default logic accordingly 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-12-13 14:49:49 -08:00
Michael Desa 6059f155a1 Remove SuperAdminFirstUserOnly CLI flag 
Wire up boltdb config store
 2017-12-13 11:55:36 -08:00
Michael Desa 49c8868e67 Prevent user joining private default org 
Previously, if an organization was private and a user was removed from
the default organization, then they would be re-added. This behavior was
so left over from when we thought of the default organization as the
place where all users would exist. This PR removes that behavior.

There is one piece of odd behavior where a user's "current organization"
will be the default organization, but they will have no role in the
default organization.
 2017-12-12 13:15:53 -08:00
Jared Scheib 76b61a146e Merge branch 'multitenancy' into multitenancy_reset_current_org 2017-11-30 19:07:40 -08:00
Michael Desa a81498f57a Change NewUsersNotSuperAdmin to SuperAdminFirstUserOnly 2017-11-30 15:01:52 -05:00
Michael Desa a2df431c0d Make first user SuperAdmin 2017-11-30 12:56:13 -05:00
Michael Desa 881bd11cf8 Return HTTP Status 403 if org not found in /me 
Fix returning non-standard status from AuthorizedUser
 2017-11-21 18:53:42 -05:00
Michael de Sa 579f946f00 Fix tests broken in 96a362cb 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-11-13 23:10:26 -08:00
Michael Desa 4e51963399 Add option to specify users are create as super admin 2017-11-13 20:44:50 -08:00
Michael Desa 1a235d881b Use default organization default role in me 
Forbid users from application if they have no roles and were not
explicitly added in private organization
 2017-11-13 19:28:15 -08:00
Luke Morris 338916a340 Address PR feedback. 2017-11-13 18:08:50 -08:00
Luke Morris 0424f9f92e Make Public values explicit 2017-11-13 12:15:53 -08:00
Luke Morris 37d351f63b Sew up failing tests 2017-11-13 11:47:34 -08:00
Luke Morris 1aebbf2bd4 Clear test noise 2017-11-10 18:45:25 -08:00
Luke Morris 6d2c7e18d1 Rename whitelistOnly => public 2017-11-10 18:23:41 -08:00
Michael Desa 638e36c197 Change MeOrganization to UpdateMe 2017-11-10 16:17:46 -05:00
Michael Desa 6493902265 Check WhitelistOnly setting on default org in Me 
Set DefaultOrganizationWhitelistOnly to false

Set DefaultOrganizationRole on new user in Me
 2017-11-10 16:15:29 -05:00
Michael Desa 9a0fa10d8a Sort users organizations on me response by org ID 2017-11-10 11:09:16 -05:00
Michael Desa 35be59a71a Differentiate between SuperAdminContext and ServerContext 
Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.

This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.
 2017-11-10 11:09:16 -05:00
Michael Desa 9b194168a6 Move user roles and role names to roles package 2017-11-06 11:27:13 -05:00
Michael Desa f75de68607 Remove DefaultOrganization Name in tests mock store 2017-11-06 10:17:17 -05:00
Michael Desa 7200aaf9f9 Add default org logic to OrganizationsStore 
Update resource handlers to appropriate consume default organization IDs
 2017-11-06 10:14:12 -05:00
Michael Desa 09f79f3a3e Grant user role in default org if added via API 
When users are created via the API they are only given roles in orgs
that are explicitly set. Additionally the roles must be roles that
belong to the current organization (unless they are a super admin).

This leads to a situation where a user may not be a part of the default
organization. If this is the case, we detect it when the user hits /me
and add the user to the default org.
 2017-11-06 09:46:00 -05:00
Michael Desa aabefe3ac1 Fix me tests with proper IDs 2017-11-03 09:47:54 -04:00
Michael Desa b67b2e8d6e Fix over-stringification of organization on roles 2017-11-02 21:52:30 -04:00
Michael Desa 311c68f457 Add CurrentOrganization & Organizations to me resp 
Remove CurrentOrganization from chronograf.User
 2017-11-02 11:59:53 -04:00
Michael Desa 4c0469cb07 Change OrganizationID to Organization in Me req 2017-11-01 10:37:32 -04:00
Michael Desa 3ad2305c33 Add superAdmin to users CRUD 2017-11-01 09:12:19 -04:00
Michael Desa 36e14cb111 Refactor data stores into a common interface 2017-10-31 16:41:17 -04:00
Michael de Sa cff3ae798d Test MeOrganization for valid org with invalid user, and invalid org 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-27 10:14:14 -07:00
Jared Scheib 4c968b0ff5 Validate Organization and that User belongs to Org in MeOrganization 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-27 10:02:02 -07:00
Michael de Sa 5c4407cbaf Test MeOrganization for setting and changing current org 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-26 16:03:01 -07:00
Jared Scheib d6d3463208 Merge remote-tracking branch 'origin/multitenancy' into multitenancy_orgs 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-26 18:21:30 -04:00
Michael Desa 5e08464ecf Provide route to change current users organization 
Add current Organization to JWT.
Use OrganizationUsersStore to retrieve Users that are not me.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-26 18:06:52 -04:00
Jared Scheib f283702fe0 Lowercase Provider & Scheme & Role values for consistency 
The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.
 2017-10-24 16:17:59 -07:00
Jared Scheib 19369b38cc Set Scheme to be OAuth2 explicitly for all users 
Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-19 14:32:33 -05:00
Michael Desa a0d300d280 Use new chonograf.UserStore Get method when needed 
Refactor tests that were dependent of old implementation of UsersStore
 2017-10-18 14:45:33 -04:00
Michael Desa 246e65e598 Generalize chronograf.UsersStore Get method 
The `Get` method on the UsersStore was generalize by changing the second
parameter to a struct. This allows the Store to retrieve users by more
than simply their name.

-Get(ctx context.Context, name string) (*User, error)
+Get(ctx context.Context, q UserQuery) (*User, error)
 2017-10-18 14:17:42 -04:00
Michael de Sa 84f6702edf Modify /me to match User via UsersStore.All & principal's Issuer 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-16 19:58:02 -05:00
Jared Scheib eb6c212023 Implement CRUD routes & operations for Chronograf User 
Move source Users code into source_users and source_users_test files.
Use the UsersStore for both InfluxDB and Chronograf users.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-09 14:16:24 -07:00
Chris Goller e8da54a6c3 Update user/role responses to return empty arrays 2017-03-10 13:24:48 -06:00