Skip to content

Insights/user permissions

Administrator requested to merge insights/user-permissions into main

Created by: coury-clark

Closes https://github.com/sourcegraph/sourcegraph/issues/24438

To summarize this PR, previously any backend insights were unrestricted based on user / org permissions, and the GraphQL API would return all insights to all users. In preparation for building an API for insights and dashboards, we obviously had to solve this problem.

  1. Permission grant associations for insight views to user, org, and global
    1. Eventually this will get partitioned into more granular permission levels, but for now everyone is assumed to have read / write to match feature parity of frontend insights.
    2. Insights defined in a users private settings will get associated with that user ID
    3. Insights defined in an org will get associated with that org ID, and any user in that org can view them
  2. The sync job from settings -> the database had to be updated to capture permissions updates as insights move between dashboards.
    1. The sync job will now just optimistically delete and replace any insight view that is defined in settings. This will still leave dangling insights that have been removed from the dashboard, but that's okay for the interm without an API.

New DDL looks like this: CleanShot 2021-09-15 at 15 38 39@2x

Merge request reports

Loading