Previously, as a misunderstanding of
https://github.com/influxdata/chronograf/issues/1915 we allowed
sources to be scoped by role within an organization. This was incorrect.
We no longer user the roles implementation of a chronograf.SourcesStore
and just use the organizations store.
We've left the code around a roles SourcesStore in place, since it may
be useful to us in the future. It may be worth removing if it is
determined that this behavior is not desirable.
Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.
This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.
Minimal test coverage of Update/Delete/Add methods was done since they
do not involve any filtering. The filtering for them should have
happened at the API level.
Michael Desa
Jared Scheib