5f0ef591ea
Merge branch 'master' into feature/mappings
2018-02-09 11:42:07 -08:00
c17e124b27
Replace Public functionality with Mappings feature
2018-02-08 17:53:34 -08:00
5f44034584
WIP remove public logic from organizations
2018-02-08 16:01:00 -08:00
c270b3371d
Pseudo code for removal of Public
2018-02-08 10:59:54 -08:00
64f670e819
Add correct implementation of mappings
2018-02-05 14:54:39 -05:00
6168dc3e06
Nest user routes under organization
...
Add global user routes
2018-01-16 16:45:58 -05:00
6b11afe433
Apply mapping to user in /me
2018-01-11 16:10:27 -05:00
732810fe64
Fix mappings on me response
2018-01-10 16:34:04 -05:00
be3b76629a
Add mappings to organizations
...
Add links to organization response on me
2018-01-10 15:56:13 -05:00
903e7033f4
Give SuperAdmin DefaultRole on PUT /me
...
Previously, SuperAdmins were given the admin role in an organization
when they switched into it (via a PUT to /me). This is undesireable for
the comonitoring organization. This PR gives SuperAdmins the default
role for the organization when they switch into it.
2017-12-20 14:20:24 -08:00
f26d2f0f35
Change Organization ID to string from uint64
2017-12-19 10:13:43 -08:00
0fa542b6b1
Minor tweaks based on PR review
2017-12-18 12:59:04 -08:00
75d6c659f3
Allow SuperAdmins to change into any organization
2017-12-15 16:05:56 -08:00
0e1bcfc9c6
Merge pull request #2355 from influxdata/multitenancy_all_users_superadmin_toggle
...
UI Toggle & API for SuperAdminFirstUserOnly server config
2017-12-14 10:54:18 -08:00
27fe23b161
Add comment about firstUser superAdmin logic
2017-12-14 10:46:55 -08:00
4369c9d708
Add SuperAdmin to default org, even if private
...
Add user to default org if org is public
2017-12-13 17:38:57 -08:00
2b60043016
Prevent users joining default org if private
2017-12-13 16:59:02 -08:00
058f5fbc20
Rename superAdminFirstUserOnly to superAdminNewUsers & flip default logic accordingly
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-12-13 14:49:49 -08:00
6059f155a1
Remove SuperAdminFirstUserOnly CLI flag
...
Wire up boltdb config store
2017-12-13 11:55:36 -08:00
49c8868e67
Prevent user joining private default org
...
Previously, if an organization was private and a user was removed from
the default organization, then they would be re-added. This behavior was
so left over from when we thought of the default organization as the
place where all users would exist. This PR removes that behavior.
There is one piece of odd behavior where a user's "current organization"
will be the default organization, but they will have no role in the
default organization.
2017-12-12 13:15:53 -08:00
76b61a146e
Merge branch 'multitenancy' into multitenancy_reset_current_org
2017-11-30 19:07:40 -08:00
a81498f57a
Change NewUsersNotSuperAdmin to SuperAdminFirstUserOnly
2017-11-30 15:01:52 -05:00
a2df431c0d
Make first user SuperAdmin
2017-11-30 12:56:13 -05:00
881bd11cf8
Return HTTP Status 403 if org not found in /me
...
Fix returning non-standard status from AuthorizedUser
2017-11-21 18:53:42 -05:00
4e51963399
Add option to specify users are create as super admin
2017-11-13 20:44:50 -08:00
1a235d881b
Use default organization default role in me
...
Forbid users from application if they have no roles and were not
explicitly added in private organization
2017-11-13 19:28:15 -08:00
338916a340
Address PR feedback.
2017-11-13 18:08:50 -08:00
6d2c7e18d1
Rename whitelistOnly => public
2017-11-10 18:23:41 -08:00
638e36c197
Change MeOrganization to UpdateMe
2017-11-10 16:17:46 -05:00
6493902265
Check WhitelistOnly setting on default org in Me
...
Set DefaultOrganizationWhitelistOnly to false
Set DefaultOrganizationRole on new user in Me
2017-11-10 16:15:29 -05:00
f228e2860d
Expose some organization routes to admins
...
Cleanup tests appropriately
Prevent Admins from patching organizations
2017-11-10 12:48:10 -05:00
9a0fa10d8a
Sort users organizations on me response by org ID
2017-11-10 11:09:16 -05:00
35be59a71a
Differentiate between SuperAdminContext and ServerContext
...
Previously, the server just hijacked the super admin context in order to
get raw access to the underlying data stores, this introduces a way to
specify the it is explicitly the server making the request and no longer
hijack the super admin context.
This also adds test coverage to ensure that the correct values are being
set on context in the AuthorizedUser method.
2017-11-10 11:09:16 -05:00
bd4d5c6cc3
Fix role related tests after rebase
2017-11-06 11:31:44 -05:00
9b194168a6
Move user roles and role names to roles package
2017-11-06 11:27:13 -05:00
7200aaf9f9
Add default org logic to OrganizationsStore
...
Update resource handlers to appropriate consume default organization IDs
2017-11-06 10:14:12 -05:00
09f79f3a3e
Grant user role in default org if added via API
...
When users are created via the API they are only given roles in orgs
that are explicitly set. Additionally the roles must be roles that
belong to the current organization (unless they are a super admin).
This leads to a situation where a user may not be a part of the default
organization. If this is the case, we detect it when the user hits /me
and add the user to the default org.
2017-11-06 09:46:00 -05:00
4baa65629a
Fix links in me request
2017-11-03 09:39:21 -04:00
311c68f457
Add CurrentOrganization & Organizations to me resp
...
Remove CurrentOrganization from chronograf.User
2017-11-02 11:59:53 -04:00
46987558e0
Remove unused code
2017-11-01 12:35:09 -04:00
569978b4f7
Add parseOrganizationID method
2017-11-01 12:34:00 -04:00
4c0469cb07
Change OrganizationID to Organization in Me req
2017-11-01 10:37:32 -04:00
0e18f8778b
User explicit type when setting context
2017-11-01 09:49:02 -04:00
3ad2305c33
Add superAdmin to users CRUD
2017-11-01 09:12:19 -04:00
708c37dc67
WIP cleanup
2017-10-31 20:58:40 -04:00
e7e17537a1
WIP make app usable by frontend
2017-10-31 19:50:03 -04:00
cf64b2e506
Remove RawUsers from DataStore
2017-10-31 17:49:35 -04:00
36e14cb111
Refactor data stores into a common interface
2017-10-31 16:41:17 -04:00
32a65aa307
Slightly DRYer code for getting fields off Principal
...
Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 12:48:51 -07:00
cff3ae798d
Test MeOrganization for valid org with invalid user, and invalid org
...
Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 10:14:14 -07:00
Luke Morris
Iris Scholten
Michael Desa
Jared Scheib
Jared Scheib