devhong/grafana_bak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
grafana_bak/pkg/services/authz/rbac/store/permission_query.sql
devhong 0f6332c6c2 grafane 생성
2025-04-01 10:38:02 +09:00

22 lines
935 B
SQL
Raw Blame History

SELECT p.kind, p.attribute, p.identifier, p.scope FROM {{ .Ident .PermissionTable }} as p
WHERE
{{ if .Query.ActionSets }}
p.action IN ({{ .ArgList .Query.ActionSets }}, {{ .Arg .Query.Action }})
{{ else }}
p.action = {{ .Arg .Query.Action }}
{{ end }}
AND p.role_id IN (
SELECT role_id FROM {{ .Ident .BuiltinRoleTable }} as br WHERE (br.role = {{ .Arg .Query.Role }} AND (br.org_id = {{ .Arg .Query.OrgID }} OR br.org_id = 0))
{{ if .Query.IsServerAdmin }}
OR (br.role = 'Grafana Admin')
{{ end }}
{{ if .Query.UserID }}
UNION
SELECT role_id FROM {{ .Ident .UserRoleTable }} as ur WHERE ur.user_id = {{ .Arg .Query.UserID }} AND (ur.org_id = {{ .Arg .Query.OrgID }} OR ur.org_id = 0)
{{ end }}
{{ if .Query.TeamIDs }}
UNION
SELECT role_id FROM {{ .Ident .TeamRoleTable }} as tr WHERE tr.team_id IN ({{ .ArgList .Query.TeamIDs }}) AND tr.org_id = {{ .Arg .Query.OrgID }}
{{ end }}
)
Reference in New Issue View Git Blame Copy Permalink