Commit b46f8bad by Torkel Ödegaard

Added check for allow_user_org_create, updated admin docs

parent 8982dc5e
......@@ -22,7 +22,7 @@ cert_file =
cert_key =
[analytics]
# Server reporting, sends usage counters to stats.grafana.org (https).
# Server reporting, sends usage counters to stats.grafana.org every 24 hours.
# No ip addresses are being tracked, only simple counters to track
# running instances, dashboard and error counts. It is very helpful to us.
# Change this option to false to disable reporting.
......
......@@ -48,7 +48,7 @@ pages:
- ['reference/scripting.md', 'Reference', 'Scripted dashboards']
- ['reference/playlist.md', 'Reference', 'Playlist']
- ['reference/export_import.md', 'Reference', 'Import & Export']
- ['reference/admin.md', 'Reference', 'Grafana Admin']
- ['reference/admin.md', 'Reference', 'Administration']
- ['reference/http_api.md', 'Reference', 'HTTP API']
- ['datasources/graphite.md', 'Data Sources', 'Graphite']
......
----
page_title: Grafana Admin
page_description: Grafana Admin guide
page_title: Administration
page_description: Grafana Administration
page_keywords: grafana, admin, administration, documentation
---
# Administration
Grafana has two levels of administrators:
* Organizational administrators: These admins can manage users within specific organizations in a particular Grafana installation
* Grafana administrators: These super admins can manage users across all organizations in a Grafana installation. They can also change and access system-wide settings.
# Organizational Administrators
## Organizational Administrators
Note: If Grafana is configured with users.allow_org_create = true, any User of any Organization will be able to start their own Organization and become the administrator of that Organization.
As an Organizational administrator, you can add `Data Sources`, add Users to your Organization and
modify Organization details and options.
As an Organizational administrator, you can manage all Users within your Organization.
> *Note*: If Grafana is configured with `users.allow_org_create = true`, any User of any Organization will be able to
> start their own Organization and become the administrator of that Organization.
# Grafana Administrators
As a Grafana Administrator, you have complete access to any Organization or User in that instance of Grafana.
## Grafana Administrators
<img src="/img/v2/admin_sidenav.png" class="right" style="margin-left: 15px">
As a Grafana Administrator, you have complete access to any Organization or User in that instance of Grafana.
When performing actions as a Grafana admin, the sidebar will change it's apperance as below to indicate you are performing global server administration.
[screenshot]
From the Grafana Server Admin page, you can access the System Info page which summarizes all of the backend configuration settings of the Grafana server.
# Why would I have multiple Organizations?
## Why would I have multiple Organizations?
In many cases, a Grafana installation will only have one Organization. There's no need to create multiple Organizations if you want all your users to have access to the same set of dashboards and data. In a multitenant deployment, Organizations can be used to provide a full Grafana experience to different sets of users from a single Grafana instance, at the convenience of the Grafana Administrator.
In many cases, a Grafana installation will only have one Organization. There's no need to create multiple Organizations
if you want all your users to have access to the same set of dashboards and data. In a multitenant deployment,
Organizations can be used to provide a full Grafana experience to different sets of users from a single Grafana instance,
at the convenience of the Grafana Administrator.
......@@ -5,6 +5,7 @@ import (
"github.com/grafana/grafana/pkg/metrics"
"github.com/grafana/grafana/pkg/middleware"
m "github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/setting"
)
func GetOrg(c *middleware.Context) {
......@@ -29,8 +30,12 @@ func GetOrg(c *middleware.Context) {
}
func CreateOrg(c *middleware.Context, cmd m.CreateOrgCommand) {
cmd.UserId = c.UserId
if !setting.AllowUserOrgCreate && !c.IsGrafanaAdmin {
c.JsonApiErr(401, "Access denied", nil)
return
}
cmd.UserId = c.UserId
if err := bus.Dispatch(&cmd); err != nil {
c.JsonApiErr(500, "Failed to create organization", err)
return
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment