Simplified single org settings, now auto_assign_org, and auto_assign_org_role,…

Simplified single org settings, now auto_assign_org, and auto_assign_org_role, new [users] config section, Closes #1585

conf/defaults.ini

@@ -60,24 +60,24 @@ secret_key = SW2YcwTIb9zpOOhoPsMm
 login_remember_days = 7
 cookie_username = grafana_user
 cookie_remember_name = grafana_remember
-; disable user signup / registration
-disable_user_signup = false
 
-[account.single]
-; Enable this feature to auto assign new users to a single account, suitable for NON multi tenant setups
-enabled = true
-; Name of default account
-account_name = main
-; Default role new users will be automatically assigned
-default_role = Editor
+[users]
+; disable user signup / registration
+allow_sign_up = true
+; Allow non admin users to create organizations
+allow_org_create = true
+# Set to true to automatically assign new users to the default organization (id 1)
+auto_assign_org = true
+; Default role new users will be automatically assigned (if disabled above is set to true)
+auto_assign_org_role = Viewer
 
 [auth.anonymous]
 ; enable anonymous access
 enabled = false
-; specify account name that should be used for unauthenticated users
-account_name = main
+; specify organization name that should be used for unauthenticated users
+org_name = main
 ; specify role for unauthenticated users
-account_role = Viewer
+org_role = Viewer
 
 [auth.github]
 enabled = false

pkg/api/login.go

@@ -25,7 +25,7 @@ func LoginView(c *middleware.Context) {
 	settings := c.Data["Settings"].(map[string]interface{})
 	settings["googleAuthEnabled"] = setting.OAuthService.Google
 	settings["githubAuthEnabled"] = setting.OAuthService.GitHub
-	settings["disableUserSignUp"] = setting.DisableUserSignUp
+	settings["disableUserSignUp"] = !setting.AllowUserSignUp
 
 	// Check auto-login.
 	uname := c.GetCookie(setting.CookieUserName)

pkg/api/login_oauth.go

@@ -56,7 +56,7 @@ func OAuthLogin(ctx *middleware.Context) {
 
 	// create account if missing
 	if err == m.ErrUserNotFound {
-		if setting.DisableUserSignUp {
+		if !setting.AllowUserSignUp {
 			ctx.Redirect(setting.AppSubUrl + "/login")
 			return
 		}

pkg/api/signup.go

@@ -9,7 +9,7 @@ import (
 
 // POST /api/user/signup
 func SignUp(c *middleware.Context, cmd m.CreateUserCommand) {
-	if setting.DisableUserSignUp {
+	if !setting.AllowUserSignUp {
 		c.JsonApiErr(401, "User signup is disabled", nil)
 		return
 	}

pkg/services/sqlstore/org_test.go

@@ -15,9 +15,8 @@ func TestAccountDataAccess(t *testing.T) {
 		InitTestDB(t)
 
 		Convey("Given single org mode", func() {
-			setting.SingleOrgMode = true
-			setting.DefaultOrgName = "test"
-			setting.DefaultOrgRole = "Viewer"
+			setting.AutoAssignOrg = true
+			setting.AutoAssignOrgRole = "Viewer"
 
 			Convey("Users should be added to default organization", func() {
 				ac1cmd := m.CreateUserCommand{Login: "ac1", Email: "ac1@test.com", Name: "ac1 name"}
@@ -39,8 +38,7 @@ func TestAccountDataAccess(t *testing.T) {
 		})
 
 		Convey("Given two saved users", func() {
-			setting.SingleOrgMode = false
-			setting.DefaultOrgName = "test"
+			setting.AutoAssignOrg = false
 
 			ac1cmd := m.CreateUserCommand{Login: "ac1", Email: "ac1@test.com", Name: "ac1 name"}
 			ac2cmd := m.CreateUserCommand{Login: "ac2", Email: "ac2@test.com", Name: "ac2 name", IsAdmin: true}

pkg/services/sqlstore/user.go

@@ -33,15 +33,17 @@ func init() {
 func getOrgIdForNewUser(userEmail string, sess *session) (int64, error) {
 	var org m.Org
 
-	if setting.SingleOrgMode {
-		has, err := sess.Where("name=?", setting.DefaultOrgName).Get(&org)
+	if setting.AutoAssignOrg {
+		// right now auto assign to org with id 1
+		has, err := sess.Where("id=?", 1).Get(&org)
 		if err != nil {
 			return 0, err
 		}
 		if has {
 			return org.Id, nil
 		} else {
-			org.Name = setting.DefaultOrgName
+			org.Name = "Main org."
+			org.Id = 1
 		}
 	} else {
 		org.Name = userEmail
@@ -97,8 +99,8 @@ func CreateUser(cmd *m.CreateUserCommand) error {
 			Updated: time.Now(),
 		}
 
-		if setting.SingleOrgMode && !user.IsAdmin {
-			orgUser.Role = m.RoleType(setting.DefaultOrgRole)
+		if setting.AutoAssignOrg && !user.IsAdmin {
+			orgUser.Role = m.RoleType(setting.AutoAssignOrgRole)
 		}
 
 		if _, err = sess.Insert(&orgUser); err != nil {

pkg/setting/setting.go

@@ -64,12 +64,12 @@ var (
 	LogInRememberDays  int
 	CookieUserName     string
 	CookieRememberName string
-	DisableUserSignUp  bool
 
-	// single organization
-	SingleOrgMode  bool
-	DefaultOrgName string
-	DefaultOrgRole string
+	// User settings
+	AllowUserSignUp    bool
+	AllowUserOrgCreate bool
+	AutoAssignOrg      bool
+	AutoAssignOrgRole  string
 
 	// Http auth
 	AdminUser     string
@@ -214,16 +214,15 @@ func NewConfigContext(config string) {
 	LogInRememberDays = security.Key("login_remember_days").MustInt()
 	CookieUserName = security.Key("cookie_username").String()
 	CookieRememberName = security.Key("cookie_remember_name").String()
-	DisableUserSignUp = security.Key("disable_user_signup").MustBool(false)
-
 	// admin
 	AdminUser = security.Key("admin_user").String()
 	AdminPassword = security.Key("admin_password").String()
 
-	// single account
-	SingleOrgMode = Cfg.Section("organization.single").Key("enabled").MustBool(false)
-	DefaultOrgName = Cfg.Section("organization.single").Key("org_name").MustString("main")
-	DefaultOrgRole = Cfg.Section("organization.single").Key("default_role").In("Editor", []string{"Editor", "Admin", "Viewer"})
+	users := Cfg.Section("users")
+	AllowUserSignUp = users.Key("allow_sign_up").MustBool(true)
+	AllowUserOrgCreate = users.Key("allow_org_create").MustBool(true)
+	AutoAssignOrg = users.Key("auto_assign_org").MustBool(true)
+	AutoAssignOrgRole = users.Key("auto_assign_org_role").In("Editor", []string{"Editor", "Admin", "Viewer"})
 
 	// anonymous access
 	AnonymousEnabled = Cfg.Section("auth.anonymous").Key("enabled").MustBool(false)