Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alerting: Editor role can access all provisioning API #85022

Merged
merged 5 commits into from
Mar 22, 2024
Merged

Alerting: Editor role can access all provisioning API #85022

merged 5 commits into from
Mar 22, 2024

Conversation

yuri-tceretian
Copy link
Contributor

@yuri-tceretian yuri-tceretian commented Mar 22, 2024
edited
Loading

What is this feature?
After PR #77007 is merged the Editor role can access the provisioning rule API. This PR adds the ability to access notification provisioning APIs.
Also, it introduces a new action alert.provisioning.provenance:write which controls whether the user can access provisioning write APIs. This action is given to Editor role by default.

In Grafana Enterprise, it can be removed in order to prevent Editors from using provisioning APIs.

Why do we need this feature?
Give access to Editor role to alerting provisioning API and provide ability to disable that in Grafana Enterprise.

Who is this feature for?
Related to #77007

Special notes for your reviewer:

Please check that:

  • It works as expected from a user's perspective.
  • If this is a pre-GA feature, it is behind a feature toggle.
  • The docs are updated, and if this is a notable improvement, it's added to our What's New doc.

@grafana-delivery-bot grafana-delivery-bot bot added this to the 11.0.x milestone Mar 22, 2024
@yuri-tceretian yuri-tceretian changed the title Alerting: give Editor role access to provisioning API Alerting: give Editor role access to all provisioning API Mar 22, 2024
@yuri-tceretian yuri-tceretian force-pushed the yuri-tceretian/provisioner-permission branch from 83954c0 to bc54d68 Compare March 22, 2024 19:57
@yuri-tceretian yuri-tceretian self-assigned this Mar 22, 2024
@yuri-tceretian yuri-tceretian added area/alerting Grafana Alerting area/auth/rbac Grafana role-based access control add to changelog no-backport Skip backport of PR labels Mar 22, 2024
@yuri-tceretian yuri-tceretian changed the title Alerting: give Editor role access to all provisioning API Alerting: Editor role can access all provisioning API Mar 22, 2024
@yuri-tceretian yuri-tceretian marked this pull request as ready for review March 22, 2024 20:10
@yuri-tceretian yuri-tceretian requested a review from a team as a code owner March 22, 2024 20:10
@yuri-tceretian yuri-tceretian requested review from a team, rwwiv, JacobsonMT and grobinson-grafana and removed request for a team March 22, 2024 20:10
@yuri-tceretian yuri-tceretian force-pushed the yuri-tceretian/provisioner-permission branch from f179ba5 to be84dc1 Compare March 22, 2024 20:57
@yuri-tceretian yuri-tceretian enabled auto-merge (squash) March 22, 2024 22:04
@yuri-tceretian yuri-tceretian merged commit 48de865 into main Mar 22, 2024
12 checks passed
@yuri-tceretian yuri-tceretian deleted the yuri-tceretian/provisioner-permission branch March 22, 2024 22:14
@ashharrison90 ashharrison90 removed this from the 11.0.x milestone Mar 25, 2024
@ashharrison90 ashharrison90 added this to the 11.1.x milestone Mar 25, 2024
ashharrison90 pushed a commit that referenced this pull request Mar 26, 2024
@yuri-tceretian @ashharrison90
Alerting: Editor role can access all provisioning API (#85022)
553fc73
ashharrison90 pushed a commit that referenced this pull request Mar 26, 2024
@yuri-tceretian @ashharrison90
Alerting: Editor role can access all provisioning API (#85022)
2480fed
@ashharrison90 ashharrison90 modified the milestones: 11.1.x, 11.0.x Mar 26, 2024
@yuri-tceretian yuri-tceretian mentioned this pull request Apr 8, 2024
Merged
@nelakolundzija
Copy link

Screenshot 2024-04-16 at 13 41 40

can this be done for admin api provisions too so that editor can reload alerts this is needed for new alerting and provisioning

@papagian papagian mentioned this pull request Apr 29, 2024
Closed
3 tasks
@yuri-tceretian yuri-tceretian mentioned this pull request Jun 13, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JacobsonMT JacobsonMT JacobsonMT approved these changes

@rwwiv rwwiv Awaiting requested review from rwwiv

@grobinson-grafana grobinson-grafana Awaiting requested review from grobinson-grafana

Assignees

@yuri-tceretian yuri-tceretian

Labels
add to changelog add to what's new area/alerting Grafana Alerting area/auth/rbac Grafana role-based access control area/backend no-backport Skip backport of PR
Projects
Alerting
Status: Done
Milestone
11.0.0-preview
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@yuri-tceretian @nelakolundzija @JacobsonMT @ashharrison90 @fabrizio-grafana