From 15a9a6cd693343e90276ba6d581086d839a2e918 Mon Sep 17 00:00:00 2001 From: Joey Orlando Date: Thu, 18 Jan 2024 16:28:53 -0500 Subject: [PATCH] [DOCS] fix column ordering in RBAC roles tables (#3715) # Which issue(s) this PR fixes Column ordering was mixed up. **Before** Screenshot 2024-01-18 at 11 10 25 **After** Screenshot 2024-01-18 at 11 16 07 --- .../user-and-team-management/_index.md | 62 +++++++++---------- ...gin_json_rbac_roles_into_markdown_table.py | 2 +- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/docs/sources/user-and-team-management/_index.md b/docs/sources/user-and-team-management/_index.md index 6786013e..5c7610e4 100644 --- a/docs/sources/user-and-team-management/_index.md +++ b/docs/sources/user-and-team-management/_index.md @@ -60,37 +60,37 @@ objects specific groups of users can see (see ["Manage Teams in Grafana OnCall"] -| Role | Description | Granted Actions | Basic Roles Granted To | -| ---------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| Admin | Read/write access to everything in OnCall | Grafana Admin, Admin | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.alert-groups:write`

`grafana-oncall-app.alert-groups:direct-paging`

`grafana-oncall-app.integrations:read`

`grafana-oncall-app.integrations:write`

`grafana-oncall-app.integrations:test`

`grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.escalation-chains:write`

`grafana-oncall-app.schedules:read`

`grafana-oncall-app.schedules:write`

`grafana-oncall-app.schedules:export`

`grafana-oncall-app.chatops:read`

`grafana-oncall-app.chatops:write`

`grafana-oncall-app.chatops:update-settings`

`grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.outgoing-webhooks:write`

`grafana-oncall-app.maintenance:read`

`grafana-oncall-app.maintenance:write`

`grafana-oncall-app.api-keys:read`

`grafana-oncall-app.api-keys:write`

`grafana-oncall-app.notifications:read`

`grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.notification-settings:write`

`grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write`

`grafana-oncall-app.user-settings:admin`

`grafana-oncall-app.other-settings:read`

`grafana-oncall-app.other-settings:write` | -| Editor | Similar to the Admin role, minus the abilities to: create Integrations, create Escalation Chains, create Outgoing Webhooks, update ChatOps settings, update other user's settings, and update general OnCall setings. | Editor | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.alert-groups:write`

`grafana-oncall-app.alert-groups:direct-paging`

`grafana-oncall-app.integrations:read`

`grafana-oncall-app.integrations:test`

`grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.schedules:read`

`grafana-oncall-app.schedules:write`

`grafana-oncall-app.schedules:export`

`grafana-oncall-app.chatops:read`

`grafana-oncall-app.chatops:write`

`grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.maintenance:read`

`grafana-oncall-app.maintenance:write`

`grafana-oncall-app.notifications:read`

`grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.notification-settings:write`

`grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write`

`grafana-oncall-app.other-settings:read` | -| Reader | Read-only access to everything in OnCall | Viewer | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.integrations:read`

`grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.schedules:read`

`grafana-oncall-app.chatops:read`

`grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.maintenance:read`

`grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.user-settings:read`

`grafana-oncall-app.other-settings:read` | -| Notifications Receiver | Grants the ability to receive OnCall alert notifications. By virtue, also grants the user the ability to edit their own OnCall settings. | N/A | `grafana-oncall-app.notifications:read`

`grafana-oncall-app.user-settings:write` | -| OnCaller | Grants read access to everything in OnCall. In addition, grants edit access to Alert Groups and Schedules | N/A | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.alert-groups:write`

`grafana-oncall-app.integrations:read`

`grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.schedules:read`

`grafana-oncall-app.schedules:write`

`grafana-oncall-app.chatops:read`

`grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.maintenance:read`

`grafana-oncall-app.notifications:read`

`grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.user-settings:read`

`grafana-oncall-app.other-settings:read` | -| Alert Groups Reader | Read-only access to OnCall Alert Groups | N/A | `grafana-oncall-app.alert-groups:read` | -| Alert Groups Editor | Read access to OnCall Alert Groups + ability to act on Alert Groups (ie. ack, resolve, etc) | N/A | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.alert-groups:write` | -| Alert Groups Direct Paging | Grants the ability to be able to manually create new Alert Groups (aka Direct Paging) | N/A | `grafana-oncall-app.alert-groups:direct-paging` | -| Integrations Reader | Read-only access to OnCall Integrations | N/A | `grafana-oncall-app.integrations:read` | -| Integrations Editor | Read/write access to OnCall Integrations | N/A | `grafana-oncall-app.integrations:read`

`grafana-oncall-app.integrations:write`

`grafana-oncall-app.integrations:test` | -| Escalation Chains Reader | Read-only access to OnCall Escalation Chains | N/A | `grafana-oncall-app.escalation-chains:read` | -| Escalation Chains Editor | Read/write access to OnCall Escalation Chains | N/A | `grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.escalation-chains:write` | -| Schedules Reader | Read-only access to OnCall Schedules | N/A | `grafana-oncall-app.schedules:read` | -| Schedules Editor | Read/write access to OnCall Schedules | N/A | `grafana-oncall-app.schedules:read`

`grafana-oncall-app.schedules:write`

`grafana-oncall-app.schedules:export` | -| ChatOps Reader | Read-only access to OnCall ChatOps | N/A | `grafana-oncall-app.chatops:read` | -| ChatOps Editor | Read/write access to OnCall ChatOps | N/A | `grafana-oncall-app.chatops:read`

`grafana-oncall-app.chatops:write`

`grafana-oncall-app.chatops:update-settings` | -| Outgoing Webhooks Reader | Read-only access to OnCall Outgoing Webhooks | N/A | `grafana-oncall-app.outgoing-webhooks:read` | -| Outgoing Webhooks Editor | Read/write access to OnCall Outgoing Webhooks | N/A | `grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.outgoing-webhooks:write` | -| Maintenance Reader | Read-only access to OnCall Maintenance | N/A | `grafana-oncall-app.maintenance:read` | -| Maintenance Editor | Read/write access to OnCall Maintenance | N/A | `grafana-oncall-app.maintenance:read`

`grafana-oncall-app.maintenance:write` | -| API Keys Reader | Read-only access to OnCall API Keys | N/A | `grafana-oncall-app.api-keys:read` | -| API Keys Editor | Read/write access to OnCall API Keys. Also grants access to be able to consume the API. | N/A | `grafana-oncall-app.api-keys:read`

`grafana-oncall-app.api-keys:write` | -| Notification Settings Reader | Read-only access to OnCall Notification Settings | N/A | `grafana-oncall-app.notification-settings:read` | -| Notification Settings Editor | Read/write access to OnCall Notification Settings | N/A | `grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.notification-settings:write` | -| User Settings Reader | Read-only access to own OnCall User Settings | N/A | `grafana-oncall-app.user-settings:read` | -| User Settings Editor | Read/write access to own OnCall User Settings + ability to view basic information about other OnCall users | N/A | `grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write` | -| User Settings Admin | Read/write access to your own, plus other's OnCall User Settings | N/A | `grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write`

`grafana-oncall-app.user-settings:admin` | -| Settings Reader | Read-only access to OnCall Settings | N/A | `grafana-oncall-app.other-settings:read` | -| Settings Editor | Read/write access to OnCall Settings | N/A | `grafana-oncall-app.other-settings:read`

`grafana-oncall-app.other-settings:write` | +| Role | Description | Granted Actions | Basic Roles Granted To | +| ---------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------- | +| Admin | Read/write access to everything in OnCall | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.alert-groups:write`

`grafana-oncall-app.alert-groups:direct-paging`

`grafana-oncall-app.integrations:read`

`grafana-oncall-app.integrations:write`

`grafana-oncall-app.integrations:test`

`grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.escalation-chains:write`

`grafana-oncall-app.schedules:read`

`grafana-oncall-app.schedules:write`

`grafana-oncall-app.schedules:export`

`grafana-oncall-app.chatops:read`

`grafana-oncall-app.chatops:write`

`grafana-oncall-app.chatops:update-settings`

`grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.outgoing-webhooks:write`

`grafana-oncall-app.maintenance:read`

`grafana-oncall-app.maintenance:write`

`grafana-oncall-app.api-keys:read`

`grafana-oncall-app.api-keys:write`

`grafana-oncall-app.notifications:read`

`grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.notification-settings:write`

`grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write`

`grafana-oncall-app.user-settings:admin`

`grafana-oncall-app.other-settings:read`

`grafana-oncall-app.other-settings:write` | Grafana Admin, Admin | +| Editor | Similar to the Admin role, minus the abilities to: create Integrations, create Escalation Chains, create Outgoing Webhooks, update ChatOps settings, update other user's settings, and update general OnCall setings. | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.alert-groups:write`

`grafana-oncall-app.alert-groups:direct-paging`

`grafana-oncall-app.integrations:read`

`grafana-oncall-app.integrations:test`

`grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.schedules:read`

`grafana-oncall-app.schedules:write`

`grafana-oncall-app.schedules:export`

`grafana-oncall-app.chatops:read`

`grafana-oncall-app.chatops:write`

`grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.maintenance:read`

`grafana-oncall-app.maintenance:write`

`grafana-oncall-app.notifications:read`

`grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.notification-settings:write`

`grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write`

`grafana-oncall-app.other-settings:read` | Editor | +| Reader | Read-only access to everything in OnCall | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.integrations:read`

`grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.schedules:read`

`grafana-oncall-app.chatops:read`

`grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.maintenance:read`

`grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.user-settings:read`

`grafana-oncall-app.other-settings:read` | Viewer | +| Notifications Receiver | Grants the ability to receive OnCall alert notifications. By virtue, also grants the user the ability to edit their own OnCall settings. | `grafana-oncall-app.notifications:read`

`grafana-oncall-app.user-settings:write` | N/A | +| OnCaller | Grants read access to everything in OnCall. In addition, grants edit access to Alert Groups, Schedules and own settings | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.alert-groups:write`

`grafana-oncall-app.alert-groups:direct-paging`

`grafana-oncall-app.integrations:read`

`grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.schedules:read`

`grafana-oncall-app.schedules:write`

`grafana-oncall-app.chatops:read`

`grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.maintenance:read`

`grafana-oncall-app.notifications:read`

`grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write`

`grafana-oncall-app.other-settings:read` | N/A | +| Alert Groups Reader | Read-only access to OnCall Alert Groups | `grafana-oncall-app.alert-groups:read` | N/A | +| Alert Groups Editor | Read access to OnCall Alert Groups + ability to act on Alert Groups (ie. ack, resolve, etc) | `grafana-oncall-app.alert-groups:read`

`grafana-oncall-app.alert-groups:write` | N/A | +| Alert Groups Direct Paging | Grants the ability to be able to manually create new Alert Groups (aka Direct Paging) | `grafana-oncall-app.alert-groups:direct-paging` | N/A | +| Integrations Reader | Read-only access to OnCall Integrations | `grafana-oncall-app.integrations:read` | N/A | +| Integrations Editor | Read/write access to OnCall Integrations | `grafana-oncall-app.integrations:read`

`grafana-oncall-app.integrations:write`

`grafana-oncall-app.integrations:test` | N/A | +| Escalation Chains Reader | Read-only access to OnCall Escalation Chains | `grafana-oncall-app.escalation-chains:read` | N/A | +| Escalation Chains Editor | Read/write access to OnCall Escalation Chains | `grafana-oncall-app.escalation-chains:read`

`grafana-oncall-app.escalation-chains:write` | N/A | +| Schedules Reader | Read-only access to OnCall Schedules | `grafana-oncall-app.schedules:read` | N/A | +| Schedules Editor | Read/write access to OnCall Schedules | `grafana-oncall-app.schedules:read`

`grafana-oncall-app.schedules:write`

`grafana-oncall-app.schedules:export` | N/A | +| ChatOps Reader | Read-only access to OnCall ChatOps | `grafana-oncall-app.chatops:read` | N/A | +| ChatOps Editor | Read/write access to OnCall ChatOps | `grafana-oncall-app.chatops:read`

`grafana-oncall-app.chatops:write`

`grafana-oncall-app.chatops:update-settings` | N/A | +| Outgoing Webhooks Reader | Read-only access to OnCall Outgoing Webhooks | `grafana-oncall-app.outgoing-webhooks:read` | N/A | +| Outgoing Webhooks Editor | Read/write access to OnCall Outgoing Webhooks | `grafana-oncall-app.outgoing-webhooks:read`

`grafana-oncall-app.outgoing-webhooks:write` | N/A | +| Maintenance Reader | Read-only access to OnCall Maintenance | `grafana-oncall-app.maintenance:read` | N/A | +| Maintenance Editor | Read/write access to OnCall Maintenance | `grafana-oncall-app.maintenance:read`

`grafana-oncall-app.maintenance:write` | N/A | +| API Keys Reader | Read-only access to OnCall API Keys | `grafana-oncall-app.api-keys:read` | N/A | +| API Keys Editor | Read/write access to OnCall API Keys. Also grants access to be able to consume the API. | `grafana-oncall-app.api-keys:read`

`grafana-oncall-app.api-keys:write` | N/A | +| Notification Settings Reader | Read-only access to OnCall Notification Settings | `grafana-oncall-app.notification-settings:read` | N/A | +| Notification Settings Editor | Read/write access to OnCall Notification Settings | `grafana-oncall-app.notification-settings:read`

`grafana-oncall-app.notification-settings:write` | N/A | +| User Settings Reader | Read-only access to own OnCall User Settings | `grafana-oncall-app.user-settings:read` | N/A | +| User Settings Editor | Read/write access to own OnCall User Settings + ability to view basic information about other OnCall users | `grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write` | N/A | +| User Settings Admin | Read/write access to your own, plus other's OnCall User Settings | `grafana-oncall-app.user-settings:read`

`grafana-oncall-app.user-settings:write`

`grafana-oncall-app.user-settings:admin` | N/A | +| Settings Reader | Read-only access to OnCall Settings | `grafana-oncall-app.other-settings:read` | N/A | +| Settings Editor | Read/write access to OnCall Settings | `grafana-oncall-app.other-settings:read`

`grafana-oncall-app.other-settings:write` | N/A | diff --git a/docs/sources/user-and-team-management/convert_plugin_json_rbac_roles_into_markdown_table.py b/docs/sources/user-and-team-management/convert_plugin_json_rbac_roles_into_markdown_table.py index 3735fb34..d0e760dc 100644 --- a/docs/sources/user-and-team-management/convert_plugin_json_rbac_roles_into_markdown_table.py +++ b/docs/sources/user-and-team-management/convert_plugin_json_rbac_roles_into_markdown_table.py @@ -35,6 +35,6 @@ with open("../../../grafana-plugin/src/plugin.json") as ifp: if idx != num_permissions: permissions += "

" - txt += f"| {role['name']} | {role['description']} | {basic_role_grants} | {permissions}\n" + txt += f"| {role['name']} | {role['description']} | {permissions} | {basic_role_grants}\n" subprocess.run("pbcopy", text=True, input=txt)