Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
5ec07db1
Commit
5ec07db1
authored
Jan 15, 2015
by
Torkel Ödegaard
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactoring of auth middleware, and starting work on account admin
parent
67b93518
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
126 additions
and
70 deletions
+126
-70
pkg/api/admin_accounts.go
+20
-0
pkg/api/api.go
+16
-10
pkg/middleware/auth.go
+34
-57
pkg/middleware/middleware.go
+30
-3
pkg/models/account.go
+14
-0
pkg/stores/sqlstore/accounts.go
+12
-0
No files found.
pkg/api/admin_accounts.go
0 → 100644
View file @
5ec07db1
package
api
import
(
"github.com/torkelo/grafana-pro/pkg/bus"
"github.com/torkelo/grafana-pro/pkg/middleware"
m
"github.com/torkelo/grafana-pro/pkg/models"
)
func
AdminSearchAccounts
(
c
*
middleware
.
Context
)
{
// query := c.QueryStrings("q")
// page := c.QueryStrings("p")
query
:=
m
.
SearchAccountsQuery
{
Query
:
""
,
Page
:
0
,
Limit
:
20
}
if
err
:=
bus
.
Dispatch
(
&
query
);
err
!=
nil
{
c
.
JsonApiErr
(
500
,
"Failed to fetch collaboratos"
,
err
)
return
}
c
.
JSON
(
200
,
query
.
Result
)
}
pkg/api/api.go
View file @
5ec07db1
...
...
@@ -9,20 +9,21 @@ import (
// Register adds http routes
func
Register
(
m
*
macaron
.
Macaron
)
{
auth
:=
middleware
.
Auth
()
reqSignedIn
:=
middleware
.
Auth
(
&
middleware
.
AuthOptions
{
ReqSignedIn
:
true
})
reqAdmin
:=
middleware
.
Auth
(
&
middleware
.
AuthOptions
{
ReqSignedIn
:
true
,
ReqAdmin
:
false
})
// not logged in views
m
.
Get
(
"/"
,
auth
,
Index
)
m
.
Get
(
"/"
,
reqSignedIn
,
Index
)
m
.
Post
(
"/logout"
,
LogoutPost
)
m
.
Post
(
"/login"
,
LoginPost
)
m
.
Get
(
"/login/:name"
,
OAuthLogin
)
m
.
Get
(
"/login"
,
Index
)
// authed views
m
.
Get
(
"/account/"
,
auth
,
Index
)
m
.
Get
(
"/account/datasources/"
,
auth
,
Index
)
m
.
Get
(
"/admin"
,
auth
,
Index
)
m
.
Get
(
"/dashboard/*"
,
auth
,
Index
)
m
.
Get
(
"/account/"
,
reqSignedIn
,
Index
)
m
.
Get
(
"/account/datasources/"
,
reqSignedIn
,
Index
)
m
.
Get
(
"/admin"
,
reqSignedIn
,
Index
)
m
.
Get
(
"/dashboard/*"
,
reqSignedIn
,
Index
)
// sign up
m
.
Get
(
"/signup"
,
Index
)
...
...
@@ -47,7 +48,7 @@ func Register(m *macaron.Macaron) {
m
.
Group
(
"/datasources"
,
func
()
{
m
.
Combo
(
"/"
)
.
Get
(
GetDataSources
)
.
Put
(
AddDataSource
)
.
Post
(
UpdateDataSource
)
m
.
Delete
(
"/:id"
,
DeleteDataSource
)
m
.
Any
(
"/proxy/:id/*"
,
auth
,
ProxyDataSourceRequest
)
m
.
Any
(
"/proxy/:id/*"
,
reqSignedIn
,
ProxyDataSourceRequest
)
})
// Dashboard
m
.
Group
(
"/dashboard"
,
func
()
{
...
...
@@ -57,11 +58,16 @@ func Register(m *macaron.Macaron) {
// Search
m
.
Get
(
"/search/"
,
Search
)
// metrics
m
.
Get
(
"/metrics/test"
,
auth
,
GetTestMetrics
)
},
auth
)
m
.
Get
(
"/metrics/test"
,
GetTestMetrics
)
},
reqSignedIn
)
// admin api
m
.
Group
(
"/api/admin"
,
func
()
{
m
.
Get
(
"/accounts"
,
AdminSearchAccounts
)
},
reqAdmin
)
// rendering
m
.
Get
(
"/render/*"
,
auth
,
RenderToPng
)
m
.
Get
(
"/render/*"
,
reqSignedIn
,
RenderToPng
)
m
.
NotFound
(
NotFound
)
}
...
...
pkg/middleware/auth.go
View file @
5ec07db1
...
...
@@ -12,27 +12,44 @@ import (
"github.com/torkelo/grafana-pro/pkg/setting"
)
func
authGetRequestAccountId
(
c
*
Context
)
(
int64
,
error
)
{
type
AuthOptions
struct
{
ReqAdmin
bool
ReqSignedIn
bool
}
func
getRequestAccountId
(
c
*
Context
)
(
int64
,
error
)
{
accountId
:=
c
.
Session
.
Get
(
"accountId"
)
urlQuery
:=
c
.
Req
.
URL
.
Query
()
if
accountId
!=
nil
{
return
accountId
.
(
int64
),
nil
}
// TODO: check that this is a localhost request
// localhost render query
urlQuery
:=
c
.
Req
.
URL
.
Query
()
if
len
(
urlQuery
[
"render"
])
>
0
{
accId
,
_
:=
strconv
.
ParseInt
(
urlQuery
[
"accountId"
][
0
],
10
,
64
)
c
.
Session
.
Set
(
"accountId"
,
accId
)
accountId
=
accId
}
if
accountId
==
nil
{
if
setting
.
Anonymous
{
return
setting
.
AnonymousAccountId
,
nil
// check api token
header
:=
c
.
Req
.
Header
.
Get
(
"Authorization"
)
parts
:=
strings
.
SplitN
(
header
,
" "
,
2
)
if
len
(
parts
)
==
2
||
parts
[
0
]
==
"Bearer"
{
token
:=
parts
[
1
]
userQuery
:=
m
.
GetAccountByTokenQuery
{
Token
:
token
}
if
err
:=
bus
.
Dispatch
(
&
userQuery
);
err
!=
nil
{
return
-
1
,
err
}
return
userQuery
.
Result
.
Id
,
nil
}
return
-
1
,
errors
.
New
(
"Auth: session account id not found"
)
// anonymous gues user
if
setting
.
Anonymous
{
return
setting
.
AnonymousAccountId
,
nil
}
return
accountId
.
(
int64
),
nil
return
-
1
,
errors
.
New
(
"Auth: session account id not found"
)
}
func
authDenied
(
c
*
Context
)
{
...
...
@@ -43,57 +60,17 @@ func authDenied(c *Context) {
c
.
Redirect
(
setting
.
AppSubUrl
+
"/login"
)
}
func
authByToken
(
c
*
Context
)
{
header
:=
c
.
Req
.
Header
.
Get
(
"Authorization"
)
parts
:=
strings
.
SplitN
(
header
,
" "
,
2
)
if
len
(
parts
)
!=
2
||
parts
[
0
]
!=
"Bearer"
{
return
}
token
:=
parts
[
1
]
userQuery
:=
m
.
GetAccountByTokenQuery
{
Token
:
token
}
if
err
:=
bus
.
Dispatch
(
&
userQuery
);
err
!=
nil
{
return
}
usingQuery
:=
m
.
GetAccountByIdQuery
{
Id
:
userQuery
.
Result
.
UsingAccountId
}
if
err
:=
bus
.
Dispatch
(
&
usingQuery
);
err
!=
nil
{
return
}
c
.
UserAccount
=
userQuery
.
Result
c
.
Account
=
usingQuery
.
Result
}
func
authBySession
(
c
*
Context
)
{
accountId
,
err
:=
authGetRequestAccountId
(
c
)
if
err
!=
nil
&&
c
.
Req
.
URL
.
Path
!=
"/login"
{
authDenied
(
c
)
return
}
userQuery
:=
m
.
GetAccountByIdQuery
{
Id
:
accountId
}
if
err
:=
bus
.
Dispatch
(
&
userQuery
);
err
!=
nil
{
authDenied
(
c
)
return
}
usingQuery
:=
m
.
GetAccountByIdQuery
{
Id
:
userQuery
.
Result
.
UsingAccountId
}
if
err
:=
bus
.
Dispatch
(
&
usingQuery
);
err
!=
nil
{
authDenied
(
c
)
return
}
func
Auth
(
options
*
AuthOptions
)
macaron
.
Handler
{
return
func
(
c
*
Context
)
{
c
.
UserAccount
=
userQuery
.
Result
c
.
Account
=
usingQuery
.
Result
}
if
!
c
.
IsSignedIn
&&
options
.
ReqSignedIn
{
authDenied
(
c
)
return
}
func
Auth
()
macaron
.
Handler
{
return
func
(
c
*
Context
)
{
authByToken
(
c
)
if
c
.
UserAccount
==
nil
{
authBySession
(
c
)
if
!
c
.
IsAdmin
&&
options
.
ReqAdmin
{
authDenied
(
c
)
return
}
}
}
pkg/middleware/middleware.go
View file @
5ec07db1
...
...
@@ -8,8 +8,9 @@ import (
"github.com/Unknwon/macaron"
"github.com/macaron-contrib/session"
"github.com/torkelo/grafana-pro/pkg/bus"
"github.com/torkelo/grafana-pro/pkg/log"
"github.com/torkelo/grafana-pro/pkg/models"
m
"github.com/torkelo/grafana-pro/pkg/models"
"github.com/torkelo/grafana-pro/pkg/setting"
)
...
...
@@ -17,8 +18,11 @@ type Context struct {
*
macaron
.
Context
Session
session
.
Store
Account
*
models
.
Account
UserAccount
*
models
.
Account
IsSignedIn
bool
IsAdmin
bool
Account
*
m
.
Account
UserAccount
*
m
.
Account
}
func
(
c
*
Context
)
GetAccountId
()
int64
{
...
...
@@ -32,6 +36,29 @@ func GetContextHandler() macaron.Handler {
Session
:
sess
,
}
// try get account id from request
if
accountId
,
err
:=
getRequestAccountId
(
ctx
);
err
==
nil
{
// fetch user
userQuery
:=
m
.
GetAccountByIdQuery
{
Id
:
accountId
}
if
err
:=
bus
.
Dispatch
(
&
userQuery
);
err
!=
nil
{
log
.
Error
(
3
,
"Failed to get user by id, %v, %v"
,
accountId
,
err
)
}
else
{
// fetch using account
ctx
.
UserAccount
=
userQuery
.
Result
usingQuery
:=
m
.
GetAccountByIdQuery
{
Id
:
ctx
.
UserAccount
.
UsingAccountId
}
if
err
:=
bus
.
Dispatch
(
&
usingQuery
);
err
!=
nil
{
log
.
Error
(
3
,
"Faild to get account's using account, account: %v, usingAccountId: %v, err:%v"
,
accountId
,
ctx
.
UserAccount
.
Id
,
err
)
}
else
{
ctx
.
Account
=
usingQuery
.
Result
}
}
}
if
ctx
.
Account
!=
nil
{
ctx
.
IsSignedIn
=
true
ctx
.
IsAdmin
=
ctx
.
Account
.
IsAdmin
}
c
.
Map
(
ctx
)
}
}
...
...
pkg/models/account.go
View file @
5ec07db1
...
...
@@ -68,6 +68,14 @@ type GetAccountByLoginQuery struct {
Result
*
Account
}
type
SearchAccountsQuery
struct
{
Query
string
Page
int
Limit
int
Result
[]
*
AccountSearchHitDTO
}
// ------------------------
// DTO & Projections
...
...
@@ -84,6 +92,12 @@ type CollaboratorDTO struct {
Role
string
`json:"role"`
}
type
AccountSearchHitDTO
struct
{
Id
int64
`json:"id"`
Name
string
`json:"name"`
Email
string
`json:"email"`
}
type
AccountDTO
struct
{
Email
string
`json:"email"`
Name
string
`json:"name"`
...
...
pkg/stores/sqlstore/accounts.go
View file @
5ec07db1
...
...
@@ -19,6 +19,7 @@ func init() {
bus
.
AddHandler
(
"sql"
,
GetAccountByToken
)
bus
.
AddHandler
(
"sql"
,
AddCollaborator
)
bus
.
AddHandler
(
"sql"
,
RemoveCollaborator
)
bus
.
AddHandler
(
"sql"
,
SearchAccounts
)
}
func
CreateAccount
(
cmd
*
m
.
CreateAccountCommand
)
error
{
...
...
@@ -173,3 +174,14 @@ func GetOtherAccounts(query *m.GetOtherAccountsQuery) error {
err
:=
sess
.
Find
(
&
query
.
Result
)
return
err
}
func
SearchAccounts
(
query
*
m
.
SearchAccountsQuery
)
error
{
query
.
Result
=
make
([]
*
m
.
AccountSearchHitDTO
,
0
)
sess
:=
x
.
Table
(
"account"
)
sess
.
Where
(
"email LIKE ?"
,
query
.
Query
+
"%"
)
sess
.
Limit
(
query
.
Limit
,
query
.
Limit
*
query
.
Page
)
sess
.
Cols
(
"id"
,
"email"
,
"name"
)
err
:=
sess
.
Find
(
&
query
.
Result
)
return
err
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment