Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
7,447 Commits
188 Branches
453 Tags
378 MiB
Commit Graph

73 Commits (bda43293f6a63cf7c0b3c3dc99783280a36c14ee)

Author SHA1 Message Date
Michael Desa 1890fd6b08 Allow user to delete themselves 
Previously users were prevented from removing themselves.

Connect https://github.com/influxdata/chronograf/issues/2711
 2018-02-07 09:46:08 -05:00
Michael Desa 6168dc3e06 Nest user routes under organization 
Add global user routes
 2018-01-16 16:45:58 -05:00
Michael Desa a48019b643 Allow UpdateUser to accept empty roles 2018-01-12 12:37:30 -05:00
Michael Desa f7f86f0ea6 Add wildcard role and validate users roles in CRUD 
The server may now specify a '*' to indicate that the server should
retrieve the organizations default role and assign it to the user.
 2018-01-12 12:27:55 -05:00
Michael Desa 1c33580f99 Modify CRUD user handlers for global operations 
Add raw query param middleware performing raw ops

This commit introduces middleware that allows SuperAdmin Users to
specify a query param `raw=true` which will give them raw access to the
data store. Raw access means that it is not in behind the usual
organization facade.

Currently, only the user routes use this middleware.
 2018-01-09 13:43:33 -05:00
Michael Desa 979ad34ed0 Check specific case when SA changes their status 
SA - SuperAdmin
 2017-12-20 16:34:31 -08:00
Michael Desa 0cc30d927f Prevent SuperAdmin from modifying their own status 
Previously it was possible for SuperAdmins to remove their own status.
This could create an application state where there were no super admins.
This is not an acceptable application state.
 2017-12-20 15:17:08 -08:00
Michael Desa f26d2f0f35 Change Organization ID to string from uint64 2017-12-19 10:13:43 -08:00
Jared Scheib fbc224107e Reference known issue #2601 in Admin creating SuperAdmin response 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-12-15 15:05:27 -08:00
Michael Desa 1f6f78d3fd Use serverContext for getting Config in NewUser 2017-12-14 13:34:19 -08:00
Michael Desa f86004cda3 Add comment clarifying UsersStore Add method 2017-12-14 11:36:26 -08:00
Michael Desa e8861e9b74 Set SuperAdmin for NewUsers based on ConfigSetting 2017-12-14 11:11:51 -08:00
Michael Desa 9a701a0a65 Allow admins to update a superadmins roles 2017-12-04 16:53:30 -05:00
Michael Desa a455bac3ce Accept name,provider,scheme in UpdateUser if unchanged 2017-11-22 15:20:48 -05:00
Michael Desa 942671b604 Ensure that organzation on role is valid org id 2017-11-22 15:03:15 -05:00
Michael Desa 5fa2e212fa Disallow empty organization id create/update user 2017-11-22 14:49:44 -05:00
Michael Desa 94d9d5345e Prevent user from deleteing themselves 2017-11-10 11:09:16 -05:00
Michael Desa d40a374274 Add comments suggested from PR review 
Add tests to server/stores_test.go
 2017-11-07 13:59:40 -05:00
Michael Desa 9b194168a6 Move user roles and role names to roles package 2017-11-06 11:27:13 -05:00
Michael Desa f0d19277a3 Pull out setting super admin into a single func 2017-11-06 11:15:49 -05:00
Michael Desa 3565eda4a1 Allow SuperAdmins to promoted and demoted 2017-11-06 11:15:48 -05:00
Michael Desa 167c0c06a8 Prevent duplicate organization roles in user CRUD 2017-11-03 12:06:18 -04:00
Jared Scheib 500843a867 Add SuperAdmin to userResponse 2017-11-02 16:24:16 -07:00
Michael Desa 40feb4ae94 Change nil check to len == 0 check for userRequest 2017-11-01 12:38:26 -04:00
Michael Desa a8a115ec50 Change function signature of hasSuperAdminContext 2017-11-01 10:39:09 -04:00
Michael Desa 3ad2305c33 Add superAdmin to users CRUD 2017-11-01 09:12:19 -04:00
Michael Desa 708c37dc67 WIP cleanup 2017-10-31 20:58:40 -04:00
Michael Desa 36e14cb111 Refactor data stores into a common interface 2017-10-31 16:41:17 -04:00
Jared Scheib d6d3463208 Merge remote-tracking branch 'origin/multitenancy' into multitenancy_orgs 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-26 18:21:30 -04:00
Michael Desa 5e08464ecf Provide route to change current users organization 
Add current Organization to JWT.
Use OrganizationUsersStore to retrieve Users that are not me.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-26 18:06:52 -04:00
Jared Scheib f283702fe0 Lowercase Provider & Scheme & Role values for consistency 
The client was being sent lowercase values for Role & Provider,
but not Scheme. This change makes all the above lowercase.
 2017-10-24 16:17:59 -07:00
Michael de Sa 2137191d5f Modify ValidUpdate to ensure only User Roles can be updated 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-24 14:28:35 -07:00
Michael Desa ee255f319d Add missing returns in http hanlder methods 2017-10-20 15:42:51 -04:00
Jared Scheib 19369b38cc Set Scheme to be OAuth2 explicitly for all users 
Add Provider to Users authenticated via /me

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-19 14:32:33 -05:00
Michael Desa 246e65e598 Generalize chronograf.UsersStore Get method 
The `Get` method on the UsersStore was generalize by changing the second
parameter to a struct. This allows the Store to retrieve users by more
than simply their name.

-Get(ctx context.Context, name string) (*User, error)
+Get(ctx context.Context, q UserQuery) (*User, error)
 2017-10-18 14:17:42 -04:00
Jared Scheib c924771fb9 Lowercase string consts for role names 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-16 19:42:57 -05:00
Michael de Sa c390678e43 Place user role consts and vars in server package 
This also decouples the bolt tests from the server package.

Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-16 18:43:56 -05:00
Jared Scheib de6068228b Replace string slices of role names with slices of chronograf.Role 
This effectively reinstants rolly polly as king.

Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-16 18:26:08 -05:00
Michael de Sa 93e3e68272 Suggest valid options in Invalid Role error message 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-16 15:56:43 -05:00
Jared Scheib 74b4ad2c86 Remove unnecessary logic in ValidRoles guard 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-16 13:58:16 -05:00
Jared Scheib 263ff93f9b Modify chronograf user roles to only use role name 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-16 14:44:34 -04:00
Jared Scheib a928d1518c Modify User req & res to receive & give Role names only 
Role members are fully explicated for CRUD operations.
Also adds validation for Roles on requests.
Also returns an empty array in JSON when a User has no roles.
 2017-10-16 14:18:34 -04:00
Jared Scheib de3dcf24c0 Add Roles to Users CRUD 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-12 17:42:30 -07:00
Michael de Sa a8c50620f3 Refactor setting writer Location header 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-11 10:14:57 -07:00
Jared Scheib eca9614cda Refactor applying writer location header into helper func 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-10 14:40:45 -07:00
Michael de Sa e00f4512d2 Remove omitempty for Provider & Scheme in userRequest and userResponse 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-10 14:25:45 -07:00
Michael de Sa a46e3ab7c2 Use more idiomatic error message method 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-10 14:21:43 -07:00
Michael de Sa 85dde0cebe Add comments on ValidUpdate for future considerations 
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
 2017-10-10 14:19:28 -07:00
Jared Scheib af5d21028c Make name on userResponse required 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-10 14:15:31 -07:00
Jared Scheib 2d88f15fdf Use string IDs in JSON res and req for Users 
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
 2017-10-10 12:27:55 -07:00