grafana/pkg/api/admin_users.go

package api

import (
	"github.com/grafana/grafana/pkg/api/dtos"
	"github.com/grafana/grafana/pkg/bus"
	"github.com/grafana/grafana/pkg/metrics"
	m "github.com/grafana/grafana/pkg/models"
	"github.com/grafana/grafana/pkg/util"
)

func AdminCreateUser(c *m.ReqContext, form dtos.AdminCreateUserForm) {
	cmd := m.CreateUserCommand{
		Login:    form.Login,
		Email:    form.Email,
		Password: form.Password,
		Name:     form.Name,
	}

	if len(cmd.Login) == 0 {
		cmd.Login = cmd.Email
		if len(cmd.Login) == 0 {
			c.JsonApiErr(400, "Validation error, need specify either username or email", nil)
			return
		}
	}

	if len(cmd.Password) < 4 {
		c.JsonApiErr(400, "Password is missing or too short", nil)
		return
	}

	if err := bus.Dispatch(&cmd); err != nil {
		c.JsonApiErr(500, "failed to create user", err)
		return
	}

	metrics.M_Api_Admin_User_Create.Inc()

	user := cmd.Result

	result := m.UserIdDTO{
		Message: "User created",
		Id:      user.Id,
	}

	c.JSON(200, result)
}

func AdminUpdateUserPassword(c *m.ReqContext, form dtos.AdminUpdateUserPasswordForm) {
	userID := c.ParamsInt64(":id")

	if len(form.Password) < 4 {
		c.JsonApiErr(400, "New password too short", nil)
		return
	}

	userQuery := m.GetUserByIdQuery{Id: userID}

	if err := bus.Dispatch(&userQuery); err != nil {
		c.JsonApiErr(500, "Could not read user from database", err)
		return
	}

	passwordHashed := util.EncodePassword(form.Password, userQuery.Result.Salt)

	cmd := m.ChangeUserPasswordCommand{
		UserId:      userID,
		NewPassword: passwordHashed,
	}

	if err := bus.Dispatch(&cmd); err != nil {
		c.JsonApiErr(500, "Failed to update user password", err)
		return
	}

	c.JsonOK("User password updated")
}

// PUT /api/admin/users/:id/permissions
func AdminUpdateUserPermissions(c *m.ReqContext, form dtos.AdminUpdateUserPermissionsForm) {
	userID := c.ParamsInt64(":id")

	cmd := m.UpdateUserPermissionsCommand{
		UserId:         userID,
		IsGrafanaAdmin: form.IsGrafanaAdmin,
	}

	if err := bus.Dispatch(&cmd); err != nil {
		if err == m.ErrLastGrafanaAdmin {
			c.JsonApiErr(400, m.ErrLastGrafanaAdmin.Error(), nil)
			return
		}

		c.JsonApiErr(500, "Failed to update user permissions", err)
		return
	}

	c.JsonOK("User permissions updated")
}

func AdminDeleteUser(c *m.ReqContext) {
	userID := c.ParamsInt64(":id")

	cmd := m.DeleteUserCommand{UserId: userID}

	if err := bus.Dispatch(&cmd); err != nil {
		c.JsonApiErr(500, "Failed to delete user", err)
		return
	}

	c.JsonOK("User deleted")
}
Refactoring of auth middleware, and starting work on account admin 2015-01-15 05:16:54 -06:00			`package api`

			`import (`
Worked on user admin features, can now create and edit users as a grafana admin user, #1446 2015-02-10 08:36:51 -06:00			`"github.com/grafana/grafana/pkg/api/dtos"`
Changed go package path 2015-02-05 03:37:13 -06:00			`"github.com/grafana/grafana/pkg/bus"`
Added server metrics 2015-03-22 14:14:00 -05:00			`"github.com/grafana/grafana/pkg/metrics"`
Changed go package path 2015-02-05 03:37:13 -06:00			`m "github.com/grafana/grafana/pkg/models"`
Added change password ability to admin > edit user view, #1446 2015-02-23 04:24:22 -06:00			`"github.com/grafana/grafana/pkg/util"`
Refactoring of auth middleware, and starting work on account admin 2015-01-15 05:16:54 -06:00			`)`

rename Context to ReqContext 2018-03-07 10:54:50 -06:00			`func AdminCreateUser(c *m.ReqContext, form dtos.AdminCreateUserForm) {`
Worked on user admin features, can now create and edit users as a grafana admin user, #1446 2015-02-10 08:36:51 -06:00			`cmd := m.CreateUserCommand{`
			`Login: form.Login,`
			`Email: form.Email,`
			`Password: form.Password,`
			`Name: form.Name,`
			`}`

			`if len(cmd.Login) == 0 {`
			`cmd.Login = cmd.Email`
			`if len(cmd.Login) == 0 {`
			`c.JsonApiErr(400, "Validation error, need specify either username or email", nil)`
			`return`
			`}`
			`}`

			`if len(cmd.Password) < 4 {`
			`c.JsonApiErr(400, "Password is missing or too short", nil)`
			`return`
			`}`

			`if err := bus.Dispatch(&cmd); err != nil {`
			`c.JsonApiErr(500, "failed to create user", err)`
			`return`
			`}`

convert old metrics to prom metrics 2017-09-06 04:23:52 -05:00			`metrics.M_Api_Admin_User_Create.Inc()`
Added server metrics 2015-03-22 14:14:00 -05:00
fixed gofmt tests 2015-11-16 09:28:38 -06:00			`user := cmd.Result`
/api/admin/users returns user ID 2015-11-16 08:55:02 -06:00
fixed gofmt tests 2015-11-16 09:28:38 -06:00			`result := m.UserIdDTO{`
			`Message: "User created",`
			`Id: user.Id,`
			`}`
/api/admin/users returns user ID 2015-11-16 08:55:02 -06:00
fixed gofmt tests 2015-11-16 09:28:38 -06:00			`c.JSON(200, result)`
Worked on user admin features, can now create and edit users as a grafana admin user, #1446 2015-02-10 08:36:51 -06:00			`}`

rename Context to ReqContext 2018-03-07 10:54:50 -06:00			`func AdminUpdateUserPassword(c *m.ReqContext, form dtos.AdminUpdateUserPasswordForm) {`
Make golint happier 2018-03-22 06:37:35 -05:00			`userID := c.ParamsInt64(":id")`
Added change password ability to admin > edit user view, #1446 2015-02-23 04:24:22 -06:00
			`if len(form.Password) < 4 {`
			`c.JsonApiErr(400, "New password too short", nil)`
			`return`
			`}`

Make golint happier 2018-03-22 06:37:35 -05:00			`userQuery := m.GetUserByIdQuery{Id: userID}`
Added change password ability to admin > edit user view, #1446 2015-02-23 04:24:22 -06:00
			`if err := bus.Dispatch(&userQuery); err != nil {`
			`c.JsonApiErr(500, "Could not read user from database", err)`
			`return`
			`}`

			`passwordHashed := util.EncodePassword(form.Password, userQuery.Result.Salt)`

			`cmd := m.ChangeUserPasswordCommand{`
Make golint happier 2018-03-22 06:37:35 -05:00			`UserId: userID,`
Added change password ability to admin > edit user view, #1446 2015-02-23 04:24:22 -06:00			`NewPassword: passwordHashed,`
			`}`

			`if err := bus.Dispatch(&cmd); err != nil {`
			`c.JsonApiErr(500, "Failed to update user password", err)`
			`return`
			`}`

			`c.JsonOK("User password updated")`
			`}`

feat: #11067 prevent removing last grafana admin permissions 2018-12-01 11:28:10 -06:00			`// PUT /api/admin/users/:id/permissions`
rename Context to ReqContext 2018-03-07 10:54:50 -06:00			`func AdminUpdateUserPermissions(c *m.ReqContext, form dtos.AdminUpdateUserPermissionsForm) {`
Make golint happier 2018-03-22 06:37:35 -05:00			`userID := c.ParamsInt64(":id")`
Added permissions section to admin > edit user view, an admin can now make another user admin, Closes #1517 2015-02-26 08:43:48 -06:00
			`cmd := m.UpdateUserPermissionsCommand{`
Make golint happier 2018-03-22 06:37:35 -05:00			`UserId: userID,`
Added permissions section to admin > edit user view, an admin can now make another user admin, Closes #1517 2015-02-26 08:43:48 -06:00			`IsGrafanaAdmin: form.IsGrafanaAdmin,`
			`}`

			`if err := bus.Dispatch(&cmd); err != nil {`
feat: #11067 prevent removing last grafana admin permissions 2018-12-01 11:28:10 -06:00			`if err == m.ErrLastGrafanaAdmin {`
			`c.JsonApiErr(400, m.ErrLastGrafanaAdmin.Error(), nil)`
			`return`
			`}`

Added permissions section to admin > edit user view, an admin can now make another user admin, Closes #1517 2015-02-26 08:43:48 -06:00			`c.JsonApiErr(500, "Failed to update user permissions", err)`
			`return`
			`}`

			`c.JsonOK("User permissions updated")`
			`}`

rename Context to ReqContext 2018-03-07 10:54:50 -06:00			`func AdminDeleteUser(c *m.ReqContext) {`
Make golint happier 2018-03-22 06:37:35 -05:00			`userID := c.ParamsInt64(":id")`
Added delete user action to user admin api, and made it work in UI, Closes #1466, #1446 2015-02-11 09:47:22 -06:00
Make golint happier 2018-03-22 06:37:35 -05:00			`cmd := m.DeleteUserCommand{UserId: userID}`
Added delete user action to user admin api, and made it work in UI, Closes #1466, #1446 2015-02-11 09:47:22 -06:00
			`if err := bus.Dispatch(&cmd); err != nil {`
			`c.JsonApiErr(500, "Failed to delete user", err)`
			`return`
			`}`

fixed gofmt tests 2015-11-16 09:28:38 -06:00			`c.JsonOK("User deleted")`
Added delete user action to user admin api, and made it work in UI, Closes #1466, #1446 2015-02-11 09:47:22 -06:00			`}`