PMM-14880 anonymous role

[fabio-silva]

PMM-14880

Allow org roles to anonymous users

Tied to percona/grafana#886

[codecov]

Codecov Report

❌ Patch coverage is 53.33333% with 63 lines in your changes missing coverage. Please review.
✅ Project coverage is 47.82%. Comparing base (fdc8177) to head (53ca5b2).

Files with missing lines	Patch %	Lines
managed/services/user/current_http.go	0.00%	32 Missing ⚠️
managed/services/grafana/client.go	74.46%	12 Missing and 12 partials ⚠️
managed/cmd/pmm-managed/main.go	0.00%	5 Missing ⚠️
managed/services/grafana/auth_server.go	50.00%	2 Missing ⚠️

Additional details and impacted files

@@                    Coverage Diff                     @@
##           PMM-14880-rta-pmm-demo    #5170      +/-   ##
==========================================================
+ Coverage                   47.79%   47.82%   +0.02%     
==========================================================
  Files                         410      411       +1     
  Lines                       41974    42106     +132     
==========================================================
+ Hits                        20062    20136      +74     
- Misses                      19935    19981      +46     
- Partials                     1977     1989      +12     

Flag	Coverage Δ
managed	47.75% <53.33%> (+0.03%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[fabio-silva]

We need profiling on this one.
CC @maxkondr

[maxkondr]

there is a separate method introduced getFrontendSettings for this

[maxkondr]

are all fields needed in these structs

[maxkondr]

in this method the result from API endpoint /api/frontend/settings is parsed into frontendSettings struct, but the same endpoint call in getFrontendSettings is parsed into frontendSettingsFull struct. What is the purpose?

[maxkondr]

not sure these fields are required here

[maxkondr]

1. looks like no need to call Cause() because errors.As() iterates though errors chain
2. seems the condition shall be

if (errors.As(err, &cErr) && cErr.Code != http.StatusUnauthorized) || hasAuthHeaders(authHeaders) {

because cErr.Code has value only in case errors.As() call was successful

[maxkondr]

in pmm-managed the following way for printing errors is used:

Suggested change

	h.l.WithError(err).Warn("failed to get current user")
	h.l.Errorf("failed to get current user: %v", err)

[maxkondr]

Suggested change

	h.l.WithError(err).Warn("failed to get current user orgs")
	h.l.Errorf("failed to get current user orgs: %v", err)

[maxkondr]

looks like errors.Cause() is not needed here

[maxkondr]

I think it is better to return an Unauthorized error here and decrease the number of variations (empty user w/ error vs empty user w/o error, etc). Anything (wrong credentials, other errors, not properly configured anonymous mode) - returns error

[maxkondr]

the same regarding error as in GetCurrentUser