* first go at update implementation
* template tests
* SQL tests
* more tests
* set namespace for read resource permissions
* fix a bug with perms being removed right after they're added
* remove unwanted changes
* fix tests and check error
* PR feedback
* Update pkg/registry/apis/iam/resourcepermission/sql.go
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* WIP: List
* make toV0ResourcePermissions work with an ordered list of assignments to ensure consistency in the results
* Test templates
* Split list query in two. I clearly need scopePatterns
* Add pagination with offsets
* Remove unecessary comment
* implement listiterator
* add listiterator tests
* return the correct resource version
* use SkipIntegrationTestInShortMode
* No need for the extra check on pagination being correctly set
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Spec is out of date
* Remove wrong comment
* Add a test for the pagination token
---------
Co-authored-by: mohammad-hamid <mohammad.hamid@grafana.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Extract from #108753
Co-Authored-By: mohammad-hamid <mohammad.hamid@grafana.com>
* Tackle create
Co-Authored-By: mohammad-hamid <mohammad.hamid@grafana.com>
* WIP use identity store to resolve role names
* WIP
* create role
* Remove unecessary comments
* comments
* sql templates
* test role insert tplt
* Add tests 😅
* Test permission insert template
* Test permission delete template
* Test assignment_insert template
* Manually test insertion
* Remove delete permissions. This is a create case we don't have permissions for that resource
* generate name handled by the apiserver library
* Remove comment and conversion
* Small renaming nits
* changes from main
* Add storage backend tests
* Add test to sql
* Test role contains a unique permission
* linting
* Account for pr feedback
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Reuse mappers
* Move function to models
* Add check between name and spec resource
* Check if the resource does not already exist
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* fix query
* Check basic roles
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Account for error
* Make struct names consistent
* Nit. I prefer createAndAssignManagedRole
* Remove notifyign
* log errors instead of returning them
* Fix exist query join
* Test errors
* Remove dup
---------
Co-authored-by: mohammad-hamid <mohammad.hamid@grafana.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* resource permissions get
* address review feedback
* address comments
- read using rp name
- narrow by scope and actionsets
- update sql tests
* align with verb simplification
* keep original format to avoid conflicts
* add sqltests
* cleanup
* Remove unecessary errors
* Move query template to queries
* Use splitN to make sure we have three parts
* Revert user permission management for now. We don't need it
* Revert error change
* group permissions by resource
* extract parse scope
* Move sql_test
* Move & test parseScope
* Add tests to getResourcePermission
* Linting
* Use namespace
* Add test to the backend
* Ongoing tests
* Remove pagination, fix query boolean, insert basic role binding
* Linting
* Straightened the created and updated times
* error handling and uniformization with other backend
* Restore comments to avoid later conflicts
* Integration testing
* switch to function, no need to make it a method
* isServiceAccount should default to FALSE instead of TRUE :surprised:
* PR feedback
* Sort spec permissions
* Shouldn't happen but double proofing
---------
Co-authored-by: Gabriel Mabille <gabriel.mabille@grafana.com>
* Extract from #108753
Co-Authored-By: mohammad-hamid <mohammad.hamid@grafana.com>
* Tackle create
Co-Authored-By: mohammad-hamid <mohammad.hamid@grafana.com>
* WIP use identity store to resolve role names
* Commit empty service for now
* Clean
* For now only show name and created at
---------
Co-authored-by: mohammad-hamid <mohammad.hamid@grafana.com>
Ieva
Gabriel MABILLE
mohammad-hamid