Fontend handling of account role to hide user actions and links that the user…

Fontend handling of account role to hide user actions and links that the user does not have access to

Fontend handling of account role to hide user actions and links that the user…
Fontend handling of account role to hide user actions and links that the user does not have access to
1cff5644 · Torkel Ödegaard · aa261bbe · 1cff5644 · c75e6692 · 1cff5644
Commit 1cff5644 authored Jan 28, 2015 by Torkel Ödegaard
Hide whitespace changes
Inline Side-by-side

Showing with 23 additions and 22 deletions

conf/grafana.ini
+3 -1

grafana
+1 -1

pkg/api/api.go
+10 -13

pkg/api/dtos/models.go
+8 -7

pkg/middleware/auth.go
+1 -0

No files found.
--- a/conf/grafana.ini
+++ b/conf/grafana.ini
@@ -46,6 +46,8 @@ secret_key = SW2YcwTIb9zpOOhoPsMm
 login_remember_days = 7
 cookie_username = grafana_user
 cookie_remember_name = grafana_remember
+; disable user signup / registration
+disable_user_signup = false

 [account.single]
 ; Enable this feature to auto assign new users to a single account, suitable for NON multi tenant setups
@@ -57,7 +59,7 @@ default_role = Editor

 [auth.anonymous]
 ; enable anonymous access
-enabled = false
+enabled = true
 ; specify account name that should be used for unauthenticated users
 account_name = main
 ; specify role for unauthenticated users

--- a/grafana @ c75e6692
+++ b/grafana @ c75e6692
-Subproject commit 017eab8dcd182b8c19f65657fc3d46e30545b7ff
+Subproject commit c75e669204ffd050e3ef23fdab516c425f7fb668
--- a/pkg/api/api.go
+++ b/pkg/api/api.go
@@ -31,7 +31,7 @@ func Register(r *macaron.Macaron) {
 	r.Get("/account/users/", reqSignedIn, Index)
 	r.Get("/account/apikeys/", reqSignedIn, Index)
 	r.Get("/account/import/", reqSignedIn, Index)
-	r.Get("/admin/users", reqSignedIn, Index)
+	r.Get("/admin/users", reqGrafanaAdmin, Index)
 	r.Get("/dashboard/*", reqSignedIn, Index)

 	// sign up
@@ -104,18 +104,15 @@ func setIndexViewData(c *middleware.Context) error {
 		return err
 	}

-	currentUser := &dtos.CurrentUser{}
-
-	if c.IsSignedIn {
-		currentUser = &dtos.CurrentUser{
-			Login:            c.Login,
-			Email:            c.Email,
-			Name:             c.Name,
-			UsingAccountName: c.AccountName,
-			GravatarUrl:      dtos.GetGravatarUrl(c.Email),
-			IsGrafanaAdmin:   c.IsGrafanaAdmin,
-			Role:             c.AccountRole,
-		}
+	currentUser := &dtos.CurrentUser{
+		IsSignedIn:     c.IsSignedIn,
+		Login:          c.Login,
+		Email:          c.Email,
+		Name:           c.Name,
+		AccountName:    c.AccountName,
+		AccountRole:    c.AccountRole,
+		GravatarUrl:    dtos.GetGravatarUrl(c.Email),
+		IsGrafanaAdmin: c.IsGrafanaAdmin,
 	}

 	c.Data["User"] = currentUser

--- a/pkg/api/dtos/models.go
+++ b/pkg/api/dtos/models.go
@@ -15,13 +15,14 @@ type LoginCommand struct {
 }

 type CurrentUser struct {
-	Login            string     `json:"login"`
-	Email            string     `json:"email"`
-	Role             m.RoleType `json:"role"`
-	Name             string     `json:"name"`
-	UsingAccountName string     `json:"usingAccountName"`
-	IsGrafanaAdmin   bool       `json:"isGrafanaAdmin"`
-	GravatarUrl      string     `json:"gravatarUrl"`
+	IsSignedIn     bool       `json:"isSignedIn"`
+	Login          string     `json:"login"`
+	Email          string     `json:"email"`
+	Name           string     `json:"name"`
+	AccountRole    m.RoleType `json:"accountRole"`
+	AccountName    string     `json:"acountName"`
+	IsGrafanaAdmin bool       `json:"isGrafanaAdmin"`
+	GravatarUrl    string     `json:"gravatarUrl"`
 }

 type DataSource struct {

--- a/pkg/middleware/auth.go
+++ b/pkg/middleware/auth.go
@@ -70,6 +70,7 @@ func RoleAuth(roles ...m.RoleType) macaron.Handler {
 func Auth(options *AuthOptions) macaron.Handler {
 	return func(c *Context) {
 		if !c.IsGrafanaAdmin && options.ReqGrafanaAdmin {
+			c.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+c.Req.RequestURI), 0, setting.AppSubUrl+"/")
 			authDenied(c)
 			return
 		}