Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
a3a79165
Unverified
Commit
a3a79165
authored
May 23, 2019
by
Alexander Zobnin
Committed by
GitHub
May 23, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Auth: Logout disabled user (#17166)
* Feature: revoke user token when disabled * Chore: fix linter error
parent
c87b2c99
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
26 additions
and
18 deletions
+26
-18
pkg/api/admin_users.go
+13
-12
pkg/api/admin_users_test.go
+11
-4
pkg/api/api.go
+2
-2
No files found.
pkg/api/admin_users.go
View file @
a3a79165
...
@@ -112,43 +112,44 @@ func AdminDeleteUser(c *models.ReqContext) {
...
@@ -112,43 +112,44 @@ func AdminDeleteUser(c *models.ReqContext) {
}
}
// POST /api/admin/users/:id/disable
// POST /api/admin/users/:id/disable
func
AdminDisableUser
(
c
*
models
.
ReqContext
)
{
func
(
server
*
HTTPServer
)
AdminDisableUser
(
c
*
models
.
ReqContext
)
Response
{
userID
:=
c
.
ParamsInt64
(
":id"
)
userID
:=
c
.
ParamsInt64
(
":id"
)
// External users shouldn't be disabled from API
// External users shouldn't be disabled from API
authInfoQuery
:=
&
models
.
GetAuthInfoQuery
{
UserId
:
userID
}
authInfoQuery
:=
&
models
.
GetAuthInfoQuery
{
UserId
:
userID
}
if
err
:=
bus
.
Dispatch
(
authInfoQuery
);
err
!=
models
.
ErrUserNotFound
{
if
err
:=
bus
.
Dispatch
(
authInfoQuery
);
err
!=
models
.
ErrUserNotFound
{
c
.
JsonApiErr
(
500
,
"Could not disable external user"
,
nil
)
return
Error
(
500
,
"Could not disable external user"
,
nil
)
return
}
}
disableCmd
:=
models
.
DisableUserCommand
{
UserId
:
userID
,
IsDisabled
:
true
}
disableCmd
:=
models
.
DisableUserCommand
{
UserId
:
userID
,
IsDisabled
:
true
}
if
err
:=
bus
.
Dispatch
(
&
disableCmd
);
err
!=
nil
{
if
err
:=
bus
.
Dispatch
(
&
disableCmd
);
err
!=
nil
{
c
.
JsonApiErr
(
500
,
"Failed to disable user"
,
err
)
return
Error
(
500
,
"Failed to disable user"
,
err
)
return
}
err
:=
server
.
AuthTokenService
.
RevokeAllUserTokens
(
c
.
Req
.
Context
(),
userID
)
if
err
!=
nil
{
return
Error
(
500
,
"Failed to disable user"
,
err
)
}
}
c
.
JsonOK
(
"User disabled"
)
return
Success
(
"User disabled"
)
}
}
// POST /api/admin/users/:id/enable
// POST /api/admin/users/:id/enable
func
AdminEnableUser
(
c
*
models
.
ReqContext
)
{
func
AdminEnableUser
(
c
*
models
.
ReqContext
)
Response
{
userID
:=
c
.
ParamsInt64
(
":id"
)
userID
:=
c
.
ParamsInt64
(
":id"
)
// External users shouldn't be disabled from API
// External users shouldn't be disabled from API
authInfoQuery
:=
&
models
.
GetAuthInfoQuery
{
UserId
:
userID
}
authInfoQuery
:=
&
models
.
GetAuthInfoQuery
{
UserId
:
userID
}
if
err
:=
bus
.
Dispatch
(
authInfoQuery
);
err
!=
models
.
ErrUserNotFound
{
if
err
:=
bus
.
Dispatch
(
authInfoQuery
);
err
!=
models
.
ErrUserNotFound
{
c
.
JsonApiErr
(
500
,
"Could not enable external user"
,
nil
)
return
Error
(
500
,
"Could not enable external user"
,
nil
)
return
}
}
disableCmd
:=
models
.
DisableUserCommand
{
UserId
:
userID
,
IsDisabled
:
false
}
disableCmd
:=
models
.
DisableUserCommand
{
UserId
:
userID
,
IsDisabled
:
false
}
if
err
:=
bus
.
Dispatch
(
&
disableCmd
);
err
!=
nil
{
if
err
:=
bus
.
Dispatch
(
&
disableCmd
);
err
!=
nil
{
c
.
JsonApiErr
(
500
,
"Failed to enable user"
,
err
)
return
Error
(
500
,
"Failed to enable user"
,
err
)
return
}
}
c
.
JsonOK
(
"User enabled"
)
return
Success
(
"User enabled"
)
}
}
// POST /api/admin/users/:id/logout
// POST /api/admin/users/:id/logout
...
...
pkg/api/admin_users_test.go
View file @
a3a79165
...
@@ -222,16 +222,23 @@ func adminDisableUserScenario(desc string, action string, url string, routePatte
...
@@ -222,16 +222,23 @@ func adminDisableUserScenario(desc string, action string, url string, routePatte
Convey
(
desc
+
" "
+
url
,
func
()
{
Convey
(
desc
+
" "
+
url
,
func
()
{
defer
bus
.
ClearBusHandlers
()
defer
bus
.
ClearBusHandlers
()
fakeAuthTokenService
:=
auth
.
NewFakeUserAuthTokenService
()
hs
:=
HTTPServer
{
Bus
:
bus
.
GetBus
(),
AuthTokenService
:
fakeAuthTokenService
,
}
sc
:=
setupScenarioContext
(
url
)
sc
:=
setupScenarioContext
(
url
)
sc
.
defaultHandler
=
Wrap
(
func
(
c
*
m
.
ReqContext
)
{
sc
.
defaultHandler
=
Wrap
(
func
(
c
*
m
.
ReqContext
)
Response
{
sc
.
context
=
c
sc
.
context
=
c
sc
.
context
.
UserId
=
TestUserID
sc
.
context
.
UserId
=
TestUserID
if
action
==
"enable"
{
if
action
==
"enable"
{
AdminEnableUser
(
c
)
return
AdminEnableUser
(
c
)
}
else
{
AdminDisableUser
(
c
)
}
}
return
hs
.
AdminDisableUser
(
c
)
})
})
sc
.
m
.
Post
(
routePattern
,
sc
.
defaultHandler
)
sc
.
m
.
Post
(
routePattern
,
sc
.
defaultHandler
)
...
...
pkg/api/api.go
View file @
a3a79165
...
@@ -381,8 +381,8 @@ func (hs *HTTPServer) registerRoutes() {
...
@@ -381,8 +381,8 @@ func (hs *HTTPServer) registerRoutes() {
adminRoute
.
Put
(
"/users/:id/password"
,
bind
(
dtos
.
AdminUpdateUserPasswordForm
{}),
AdminUpdateUserPassword
)
adminRoute
.
Put
(
"/users/:id/password"
,
bind
(
dtos
.
AdminUpdateUserPasswordForm
{}),
AdminUpdateUserPassword
)
adminRoute
.
Put
(
"/users/:id/permissions"
,
bind
(
dtos
.
AdminUpdateUserPermissionsForm
{}),
AdminUpdateUserPermissions
)
adminRoute
.
Put
(
"/users/:id/permissions"
,
bind
(
dtos
.
AdminUpdateUserPermissionsForm
{}),
AdminUpdateUserPermissions
)
adminRoute
.
Delete
(
"/users/:id"
,
AdminDeleteUser
)
adminRoute
.
Delete
(
"/users/:id"
,
AdminDeleteUser
)
adminRoute
.
Post
(
"/users/:id/disable"
,
AdminDisableUser
)
adminRoute
.
Post
(
"/users/:id/disable"
,
Wrap
(
hs
.
AdminDisableUser
)
)
adminRoute
.
Post
(
"/users/:id/enable"
,
AdminEnableUser
)
adminRoute
.
Post
(
"/users/:id/enable"
,
Wrap
(
AdminEnableUser
)
)
adminRoute
.
Get
(
"/users/:id/quotas"
,
Wrap
(
GetUserQuotas
))
adminRoute
.
Get
(
"/users/:id/quotas"
,
Wrap
(
GetUserQuotas
))
adminRoute
.
Put
(
"/users/:id/quotas/:target"
,
bind
(
m
.
UpdateUserQuotaCmd
{}),
Wrap
(
UpdateUserQuota
))
adminRoute
.
Put
(
"/users/:id/quotas/:target"
,
bind
(
m
.
UpdateUserQuotaCmd
{}),
Wrap
(
UpdateUserQuota
))
adminRoute
.
Get
(
"/stats"
,
AdminGetStats
)
adminRoute
.
Get
(
"/stats"
,
AdminGetStats
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment