Change functions for access control (#3184)

# What this PR does Update calls used for access control to match changes in Grafana: grafana/grafana#76187 grafana/grafana#76237 ## Which issue(s) this PR fixes ## Checklist - [x] Unit, integration, and e2e (if applicable) tests updated - [x] Documentation added (or `pr:no public docs` PR label added if not required) - [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not required)
grafana · Oct 23, 2023 · 0d22ae7 · 0d22ae7
1 parent c0318b5
commit 0d22ae7
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 17 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -15,6 +15,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Discard old pending network requests in the UI (Users/Schedules) [#3172](https://github.com/grafana/oncall/pull/3172)
 - Fix resolution note source for mobile app by @vadimkerr ([#3174](https://github.com/grafana/oncall/pull/3174))
+- Fix references to removed access control functions in Grafana @mderynck ([#3184](https://github.com/grafana/oncall/pull/3184))
 
 ## v1.3.45 (2023-10-19)
 

diff --git a/grafana-plugin/src/components/Unauthorized/Unauthorized.test.tsx b/grafana-plugin/src/components/Unauthorized/Unauthorized.test.tsx
@@ -14,7 +14,7 @@ jest.mock('grafana/app/core/core', () => ({
 
 describe('Unauthorized', () => {
   test.each([true, false])('renders properly - access control enabled: %s', (accessControlEnabled) => {
-    contextSrv.accessControlEnabled = () => accessControlEnabled;
+    contextSrv.licensedAccessControlEnabled = () => accessControlEnabled;
     const tree = renderer
       .create(
         <Unauthorized
@@ -31,7 +31,7 @@ describe('Unauthorized', () => {
   test.each([OrgRole.Admin, OrgRole.Editor, OrgRole.Viewer])(
     'renders properly the grammar for different roles - %s',
     (role) => {
-      contextSrv.accessControlEnabled = () => false;
+      contextSrv.licensedAccessControlEnabled = () => false;
       const tree = renderer
         .create(
           <Unauthorized

diff --git a/grafana-plugin/src/components/Unauthorized/index.tsx b/grafana-plugin/src/components/Unauthorized/index.tsx
@@ -24,7 +24,7 @@ const Unauthorized: FC<Props> = ({ requiredUserAction: { permission, fallbackMin
       </Text.Title>
       <Text.Title level={4}>
         You do not have access to view this page.{' '}
-        {contextSrv.accessControlEnabled()
+        {contextSrv.licensedAccessControlEnabled()
           ? `You are missing the ${permission} permission.`
           : `You must be at least a${
               fallbackMinimumRoleRequired === OrgRole.Viewer ? '' : 'n'

diff --git a/grafana-plugin/src/index.d.ts b/grafana-plugin/src/index.d.ts
@@ -27,7 +27,7 @@ declare module 'grafana/app/core/core' {
       permissions?: Record<string, boolean>;
     };
 
-    hasAccess(action: string, fallBack: boolean): boolean;
-    accessControlEnabled(): boolean;
+    hasPermission(action: string): boolean;
+    licensedAccessControlEnabled(): boolean;
   };
 }
diff --git a/grafana-plugin/src/state/rootBaseStore/index.ts b/grafana-plugin/src/state/rootBaseStore/index.ts
@@ -1,4 +1,3 @@
-import { OrgRole } from '@grafana/data';
 import { locationService } from '@grafana/runtime';
 import { contextSrv } from 'grafana/app/core/core';
 import { action, observable } from 'mobx';
@@ -204,11 +203,13 @@ export class RootBaseStore {
         '😞 Grafana OnCall is available for authorized users only, please sign in to proceed.'
       );
     }
+
     // If the plugin is not installed in the OnCall backend, or token is not valid, then we need to install it
     if (!is_installed || !token_ok) {
       if (!allow_signup) {
         return this.setupPluginError('🚫 OnCall has temporarily disabled signup of new users. Please try again later.');
       }
+
       const missingPermissions = this.checkMissingSetupPermissions();
       if (missingPermissions.length === 0) {
         try {
@@ -225,7 +226,7 @@ export class RootBaseStore {
           );
         }
       } else {
-        if (contextSrv.accessControlEnabled()) {
+        if (contextSrv.licensedAccessControlEnabled()) {
           return this.setupPluginError(
             '🚫 User is missing permission(s) ' +
               missingPermissions.join(', ') +
@@ -254,7 +255,6 @@ export class RootBaseStore {
   }
 
   checkMissingSetupPermissions() {
-    const fallback = contextSrv.user.orgRole === OrgRole.Admin && !contextSrv.accessControlEnabled();
     const setupRequiredPermissions = [
       'plugins:write',
       'org.users:read',
@@ -263,7 +263,7 @@ export class RootBaseStore {
       'apikeys:delete',
     ];
     return setupRequiredPermissions.filter(function (permission) {
-      return !contextSrv.hasAccess(permission, fallback);
+      return !contextSrv.hasPermission(permission);
     });
   }
 

diff --git a/grafana-plugin/src/state/rootBaseStore/rootBaseStore.test.ts b/grafana-plugin/src/state/rootBaseStore/rootBaseStore.test.ts
@@ -142,8 +142,8 @@ describe('rootBaseStore', () => {
     const rootBaseStore = new RootBaseStore();
 
     contextSrv.user.orgRole = OrgRole.Viewer;
-    contextSrv.accessControlEnabled = jest.fn().mockReturnValue(false);
-    contextSrv.hasAccess = jest.fn().mockReturnValue(false);
+    contextSrv.licensedAccessControlEnabled = jest.fn().mockReturnValue(false);
+    contextSrv.hasPermission = jest.fn().mockReturnValue(false);
 
     PluginState.updatePluginStatus = jest.fn().mockResolvedValueOnce({
       is_user_anonymous: false,
@@ -180,8 +180,8 @@ describe('rootBaseStore', () => {
     const mockedLoadCurrentUser = jest.fn();
 
     contextSrv.user.orgRole = OrgRole.Admin;
-    contextSrv.accessControlEnabled = jest.fn().mockResolvedValueOnce(false);
-    contextSrv.hasAccess = jest.fn().mockReturnValue(true);
+    contextSrv.licensedAccessControlEnabled = jest.fn().mockResolvedValueOnce(false);
+    contextSrv.hasPermission = jest.fn().mockReturnValue(true);
 
     PluginState.updatePluginStatus = jest.fn().mockResolvedValueOnce({
       ...scenario,
@@ -218,14 +218,14 @@ describe('rootBaseStore', () => {
       missing_permissions: ['plugins:write', 'org.users:read', 'teams:read', 'apikeys:create', 'apikeys:delete'],
       expected_result: false,
     },
-  ])('signup is allowed, accessControlEnabled, various roles and permissions', async (scenario) => {
+  ])('signup is allowed, licensedAccessControlEnabled, various roles and permissions', async (scenario) => {
     // mocks/setup
     const onCallApiUrl = 'http://asdfasdf.com';
     const rootBaseStore = new RootBaseStore();
     const mockedLoadCurrentUser = jest.fn();
 
     contextSrv.user.orgRole = scenario.role;
-    contextSrv.accessControlEnabled = jest.fn().mockReturnValue(true);
+    contextSrv.licensedAccessControlEnabled = jest.fn().mockReturnValue(true);
     rootBaseStore.checkMissingSetupPermissions = jest.fn().mockImplementation(() => scenario.missing_permissions);
 
     PluginState.updatePluginStatus = jest.fn().mockResolvedValueOnce({
@@ -268,8 +268,8 @@ describe('rootBaseStore', () => {
     const humanReadableErrorMsg = 'asdfasldkfjaksdjflk';
 
     contextSrv.user.orgRole = OrgRole.Admin;
-    contextSrv.accessControlEnabled = jest.fn().mockReturnValue(false);
-    contextSrv.hasAccess = jest.fn().mockReturnValue(true);
+    contextSrv.licensedAccessControlEnabled = jest.fn().mockReturnValue(false);
+    contextSrv.hasPermission = jest.fn().mockReturnValue(true);
 
     PluginState.updatePluginStatus = jest.fn().mockResolvedValueOnce({
       is_user_anonymous: false,