1/** 2 * UserPermission is a map storing permissions in a form of 3 * { 4 * action: { scope: scope } 5 * } 6 */ 7export type UserPermission = { 8 [key: string]: { [key: string]: string }; 9}; 10 11// Permission actions 12export enum AccessControlAction { 13 UsersRead = 'users:read', 14 UsersWrite = 'users:write', 15 UsersTeamRead = 'users.teams:read', 16 UsersAuthTokenList = 'users.authtoken:list', 17 UsersAuthTokenUpdate = 'users.authtoken:update', 18 UsersPasswordUpdate = 'users.password:update', 19 UsersDelete = 'users:delete', 20 UsersCreate = 'users:create', 21 UsersEnable = 'users:enable', 22 UsersDisable = 'users:disable', 23 UsersPermissionsUpdate = 'users.permissions:update', 24 UsersLogout = 'users:logout', 25 UsersQuotasList = 'users.quotas:list', 26 UsersQuotasUpdate = 'users.quotas:update', 27 28 OrgsRead = 'orgs:read', 29 OrgsPreferencesRead = 'orgs.preferences:read', 30 OrgsWrite = 'orgs:write', 31 OrgsPreferencesWrite = 'orgs.preferences:write', 32 OrgsCreate = 'orgs:create', 33 OrgsDelete = 'orgs:delete', 34 OrgUsersRead = 'org.users:read', 35 OrgUsersAdd = 'org.users:add', 36 OrgUsersRemove = 'org.users:remove', 37 OrgUsersRoleUpdate = 'org.users.role:update', 38 39 LDAPUsersRead = 'ldap.user:read', 40 LDAPUsersSync = 'ldap.user:sync', 41 LDAPStatusRead = 'ldap.status:read', 42 43 DataSourcesExplore = 'datasources:explore', 44 DataSourcesRead = 'datasources:read', 45 DataSourcesCreate = 'datasources:create', 46 DataSourcesWrite = 'datasources:write', 47 DataSourcesDelete = 'datasources:delete', 48 DataSourcesPermissionsRead = 'datasources.permissions:read', 49 50 ActionServerStatsRead = 'server.stats:read', 51} 52 53export interface Role { 54 uid: string; 55 name: string; 56 displayName: string; 57 description: string; 58 group: string; 59 global: boolean; 60 delegatable?: boolean; 61 version: number; 62 created: string; 63 updated: string; 64} 65