Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
b371f2d9
Unverified
Commit
b371f2d9
authored
Oct 22, 2018
by
Marcus Efraimsson
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
add debug logging of folder/dashbord permission checks
parent
8be4490e
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
19 additions
and
4 deletions
+19
-4
pkg/services/guardian/guardian.go
+19
-4
No files found.
pkg/services/guardian/guardian.go
View file @
b371f2d9
...
@@ -40,7 +40,7 @@ var New = func(dashId int64, orgId int64, user *m.SignedInUser) DashboardGuardia
...
@@ -40,7 +40,7 @@ var New = func(dashId int64, orgId int64, user *m.SignedInUser) DashboardGuardia
user
:
user
,
user
:
user
,
dashId
:
dashId
,
dashId
:
dashId
,
orgId
:
orgId
,
orgId
:
orgId
,
log
:
log
.
New
(
"
guardians.dashboard
"
),
log
:
log
.
New
(
"
dashboard.permissions
"
),
}
}
}
}
...
@@ -66,15 +66,30 @@ func (g *dashboardGuardianImpl) CanAdmin() (bool, error) {
...
@@ -66,15 +66,30 @@ func (g *dashboardGuardianImpl) CanAdmin() (bool, error) {
func
(
g
*
dashboardGuardianImpl
)
HasPermission
(
permission
m
.
PermissionType
)
(
bool
,
error
)
{
func
(
g
*
dashboardGuardianImpl
)
HasPermission
(
permission
m
.
PermissionType
)
(
bool
,
error
)
{
if
g
.
user
.
OrgRole
==
m
.
ROLE_ADMIN
{
if
g
.
user
.
OrgRole
==
m
.
ROLE_ADMIN
{
return
true
,
nil
return
g
.
logHasPermissionResult
(
permission
,
true
,
nil
)
}
}
acl
,
err
:=
g
.
GetAcl
()
acl
,
err
:=
g
.
GetAcl
()
if
err
!=
nil
{
if
err
!=
nil
{
return
false
,
err
return
g
.
logHasPermissionResult
(
permission
,
false
,
err
)
}
result
,
err
:=
g
.
checkAcl
(
permission
,
acl
)
return
g
.
logHasPermissionResult
(
permission
,
result
,
err
)
}
func
(
g
*
dashboardGuardianImpl
)
logHasPermissionResult
(
permission
m
.
PermissionType
,
hasPermission
bool
,
err
error
)
(
bool
,
error
)
{
if
err
!=
nil
{
return
hasPermission
,
err
}
if
hasPermission
{
g
.
log
.
Debug
(
"User granted access to execute action"
,
"userId"
,
g
.
user
.
UserId
,
"orgId"
,
g
.
orgId
,
"uname"
,
g
.
user
.
Login
,
"dashId"
,
g
.
dashId
,
"action"
,
permission
)
}
else
{
g
.
log
.
Debug
(
"User denied access to execute action"
,
"userId"
,
g
.
user
.
UserId
,
"orgId"
,
g
.
orgId
,
"uname"
,
g
.
user
.
Login
,
"dashId"
,
g
.
dashId
,
"action"
,
permission
)
}
}
return
g
.
checkAcl
(
permission
,
acl
)
return
hasPermission
,
err
}
}
func
(
g
*
dashboardGuardianImpl
)
checkAcl
(
permission
m
.
PermissionType
,
acl
[]
*
m
.
DashboardAclInfoDTO
)
(
bool
,
error
)
{
func
(
g
*
dashboardGuardianImpl
)
checkAcl
(
permission
m
.
PermissionType
,
acl
[]
*
m
.
DashboardAclInfoDTO
)
(
bool
,
error
)
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment