grafana/pkg/api/admin_users.go

136 lines
3.2 KiB
Go
Raw Normal View History

package api
import (
"github.com/grafana/grafana/pkg/api/dtos"
2015-02-05 03:37:13 -06:00
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/infra/metrics"
2015-02-05 03:37:13 -06:00
m "github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/util"
)
2018-03-07 10:54:50 -06:00
func AdminCreateUser(c *m.ReqContext, form dtos.AdminCreateUserForm) {
cmd := m.CreateUserCommand{
Login: form.Login,
Email: form.Email,
Password: form.Password,
Name: form.Name,
}
if len(cmd.Login) == 0 {
cmd.Login = cmd.Email
if len(cmd.Login) == 0 {
c.JsonApiErr(400, "Validation error, need specify either username or email", nil)
return
}
}
if len(cmd.Password) < 4 {
c.JsonApiErr(400, "Password is missing or too short", nil)
return
}
if err := bus.Dispatch(&cmd); err != nil {
c.JsonApiErr(500, "failed to create user", err)
return
}
2017-09-06 04:23:52 -05:00
metrics.M_Api_Admin_User_Create.Inc()
2015-03-22 14:14:00 -05:00
2015-11-16 09:28:38 -06:00
user := cmd.Result
2015-11-16 08:55:02 -06:00
2015-11-16 09:28:38 -06:00
result := m.UserIdDTO{
Message: "User created",
Id: user.Id,
}
2015-11-16 08:55:02 -06:00
2015-11-16 09:28:38 -06:00
c.JSON(200, result)
}
2018-03-07 10:54:50 -06:00
func AdminUpdateUserPassword(c *m.ReqContext, form dtos.AdminUpdateUserPasswordForm) {
2018-03-22 06:37:35 -05:00
userID := c.ParamsInt64(":id")
if len(form.Password) < 4 {
c.JsonApiErr(400, "New password too short", nil)
return
}
2018-03-22 06:37:35 -05:00
userQuery := m.GetUserByIdQuery{Id: userID}
if err := bus.Dispatch(&userQuery); err != nil {
c.JsonApiErr(500, "Could not read user from database", err)
return
}
passwordHashed := util.EncodePassword(form.Password, userQuery.Result.Salt)
cmd := m.ChangeUserPasswordCommand{
2018-03-22 06:37:35 -05:00
UserId: userID,
NewPassword: passwordHashed,
}
if err := bus.Dispatch(&cmd); err != nil {
c.JsonApiErr(500, "Failed to update user password", err)
return
}
c.JsonOK("User password updated")
}
// PUT /api/admin/users/:id/permissions
2018-03-07 10:54:50 -06:00
func AdminUpdateUserPermissions(c *m.ReqContext, form dtos.AdminUpdateUserPermissionsForm) {
2018-03-22 06:37:35 -05:00
userID := c.ParamsInt64(":id")
cmd := m.UpdateUserPermissionsCommand{
2018-03-22 06:37:35 -05:00
UserId: userID,
IsGrafanaAdmin: form.IsGrafanaAdmin,
}
if err := bus.Dispatch(&cmd); err != nil {
if err == m.ErrLastGrafanaAdmin {
c.JsonApiErr(400, m.ErrLastGrafanaAdmin.Error(), nil)
return
}
c.JsonApiErr(500, "Failed to update user permissions", err)
return
}
c.JsonOK("User permissions updated")
}
2018-03-07 10:54:50 -06:00
func AdminDeleteUser(c *m.ReqContext) {
2018-03-22 06:37:35 -05:00
userID := c.ParamsInt64(":id")
2018-03-22 06:37:35 -05:00
cmd := m.DeleteUserCommand{UserId: userID}
if err := bus.Dispatch(&cmd); err != nil {
c.JsonApiErr(500, "Failed to delete user", err)
return
}
2015-11-16 09:28:38 -06:00
c.JsonOK("User deleted")
}
// POST /api/admin/users/:id/logout
func (server *HTTPServer) AdminLogoutUser(c *m.ReqContext) Response {
userID := c.ParamsInt64(":id")
if c.UserId == userID {
return Error(400, "You cannot logout yourself", nil)
}
return server.logoutUserFromAllDevicesInternal(c.Req.Context(), userID)
}
// GET /api/admin/users/:id/auth-tokens
func (server *HTTPServer) AdminGetUserAuthTokens(c *m.ReqContext) Response {
userID := c.ParamsInt64(":id")
return server.getUserAuthTokensInternal(c, userID)
}
// POST /api/admin/users/:id/revoke-auth-token
func (server *HTTPServer) AdminRevokeUserAuthToken(c *m.ReqContext, cmd m.RevokeAuthTokenCmd) Response {
userID := c.ParamsInt64(":id")
return server.revokeUserAuthTokenInternal(c, userID, cmd)
}