Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
8f20b13f
Unverified
Commit
8f20b13f
authored
Feb 17, 2021
by
Marcus Efraimsson
Committed by
GitHub
Feb 17, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Snapshots: Disallow anonymous user to create snapshots (#31263)
parent
b5cbbc3d
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
26 additions
and
22 deletions
+26
-22
pkg/middleware/auth.go
+5
-3
pkg/middleware/auth_test.go
+12
-1
public/app/features/dashboard/components/ShareModal/ShareModal.tsx
+9
-18
No files found.
pkg/middleware/auth.go
View file @
8f20b13f
...
...
@@ -119,15 +119,17 @@ func AdminOrFeatureEnabled(enabled bool) macaron.Handler {
}
}
// SnapshotPublicModeOrSignedIn creates a middleware that allows access
// if snapshot public mode is enabled or if user is signed in.
func
SnapshotPublicModeOrSignedIn
(
cfg
*
setting
.
Cfg
)
macaron
.
Handler
{
return
func
(
c
*
models
.
ReqContext
)
{
if
cfg
.
SnapshotPublicMode
{
return
}
_
,
err
:=
c
.
Invoke
(
ReqSignedIn
)
if
err
!=
nil
{
c
.
JsonApiErr
(
500
,
"Failed to invoke required signed in middleware"
,
err
)
if
!
c
.
IsSignedIn
{
notAuthorized
(
c
)
return
}
}
}
pkg/middleware/auth_test.go
View file @
8f20b13f
...
...
@@ -87,11 +87,22 @@ func TestMiddlewareAuth(t *testing.T) {
middlewareScenario
(
t
,
"Snapshot public mode disabled and unauthenticated request should return 401"
,
func
(
t
*
testing
.
T
,
sc
*
scenarioContext
)
{
sc
.
m
.
Get
(
"/api/snapshot"
,
SnapshotPublicModeOrSignedIn
(
sc
.
cfg
),
sc
.
defaultHandler
)
sc
.
m
.
Get
(
"/api/snapshot"
,
func
(
c
*
models
.
ReqContext
)
{
c
.
IsSignedIn
=
false
},
SnapshotPublicModeOrSignedIn
(
sc
.
cfg
),
sc
.
defaultHandler
)
sc
.
fakeReq
(
"GET"
,
"/api/snapshot"
)
.
exec
()
assert
.
Equal
(
t
,
401
,
sc
.
resp
.
Code
)
})
middlewareScenario
(
t
,
"Snapshot public mode disabled and authenticated request should return 200"
,
func
(
t
*
testing
.
T
,
sc
*
scenarioContext
)
{
sc
.
m
.
Get
(
"/api/snapshot"
,
func
(
c
*
models
.
ReqContext
)
{
c
.
IsSignedIn
=
true
},
SnapshotPublicModeOrSignedIn
(
sc
.
cfg
),
sc
.
defaultHandler
)
sc
.
fakeReq
(
"GET"
,
"/api/snapshot"
)
.
exec
()
assert
.
Equal
(
t
,
200
,
sc
.
resp
.
Code
)
})
middlewareScenario
(
t
,
"Snapshot public mode enabled and unauthenticated request should return 200"
,
func
(
t
*
testing
.
T
,
sc
*
scenarioContext
)
{
sc
.
cfg
.
SnapshotPublicMode
=
true
...
...
public/app/features/dashboard/components/ShareModal/ShareModal.tsx
View file @
8f20b13f
...
...
@@ -6,21 +6,7 @@ import { ShareSnapshot } from './ShareSnapshot';
import
{
ShareExport
}
from
'./ShareExport'
;
import
{
ShareEmbed
}
from
'./ShareEmbed'
;
import
{
ShareModalTabModel
}
from
'./types'
;
const
shareCommonTabs
:
ShareModalTabModel
[]
=
[
{
label
:
'Link'
,
value
:
'link'
,
component
:
ShareLink
},
{
label
:
'Snapshot'
,
value
:
'snapshot'
,
component
:
ShareSnapshot
},
];
// prettier-ignore
const
shareDashboardTabs
:
ShareModalTabModel
[]
=
[
{
label
:
'Export'
,
value
:
'export'
,
component
:
ShareExport
},
];
// prettier-ignore
const
sharePanelTabs
:
ShareModalTabModel
[]
=
[
{
label
:
'Embed'
,
value
:
'embed'
,
component
:
ShareEmbed
},
];
import
{
contextSrv
}
from
'app/core/core'
;
const
customDashboardTabs
:
ShareModalTabModel
[]
=
[];
const
customPanelTabs
:
ShareModalTabModel
[]
=
[];
...
...
@@ -43,13 +29,18 @@ function getInitialState(props: Props): State {
function
getTabs
(
props
:
Props
)
{
const
{
panel
}
=
props
;
const
tabs
=
[...
shareCommonTabs
];
const
tabs
:
ShareModalTabModel
[]
=
[{
label
:
'Link'
,
value
:
'link'
,
component
:
ShareLink
}];
if
(
contextSrv
.
isSignedIn
)
{
tabs
.
push
({
label
:
'Snapshot'
,
value
:
'snapshot'
,
component
:
ShareSnapshot
});
}
if
(
panel
)
{
tabs
.
push
(
...
sharePanelTabs
);
tabs
.
push
(
{
label
:
'Embed'
,
value
:
'embed'
,
component
:
ShareEmbed
}
);
tabs
.
push
(...
customPanelTabs
);
}
else
{
tabs
.
push
(
...
shareDashboardTabs
);
tabs
.
push
(
{
label
:
'Export'
,
value
:
'export'
,
component
:
ShareExport
}
);
tabs
.
push
(...
customDashboardTabs
);
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment