IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7601 from grafana/redirect_on_new_orgid

Browse Source 
middlware: change org when url contains orgid
This commit is contained in:
Carl Bergquist 2017-02-17 15:31:17 +01:00 committed by GitHub
commit 24474ba41a
6 changed files with 120 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/api/http_server.go
View File

@ -150,6 +150,7 @@ func (hs *HttpServer) newMacaron() *macaron.Macaron {
m.Use(middleware.GetContextHandler()) m.Use(middleware.GetContextHandler())
m.Use(middleware.Sessioner(&setting.SessionOptions)) m.Use(middleware.Sessioner(&setting.SessionOptions))
m.Use(middleware.RequestMetrics()) m.Use(middleware.RequestMetrics())
m.Use(middleware.OrgRedirect())
// needs to be after context handler // needs to be after context handler
if setting.EnforceDomain { if setting.EnforceDomain {

1
pkg/middleware/middleware_test.go
View File

@ -326,6 +326,7 @@ func middlewareScenario(desc string, fn scenarioFunc) {
// mock out gc goroutine // mock out gc goroutine
startSessionGC = func() {} startSessionGC = func() {}
sc.m.Use(Sessioner(&session.Options{})) sc.m.Use(Sessioner(&session.Options{}))
sc.m.Use(OrgRedirect())
sc.defaultHandler = func(c *Context) { sc.defaultHandler = func(c *Context) {
sc.context = c sc.context = c

41
pkg/middleware/org_redirect.go Normal file
View File

@ -0,0 +1,41 @@
package middleware
import (
"net/http"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/models"
"gopkg.in/macaron.v1"
)
func OrgRedirect() macaron.Handler {
return func(res http.ResponseWriter, req *http.Request, c *macaron.Context) {
orgId := c.QueryInt64("orgId")
if orgId == 0 {
return
}
ctx, ok := c.Data["ctx"].(*Context)
if !ok || !ctx.IsSignedIn {
return
}
if orgId == ctx.OrgId {
return
}
cmd := models.SetUsingOrgCommand{UserId: ctx.UserId, OrgId: orgId}
if err := bus.Dispatch(&cmd); err != nil {
if ctx.IsApiRequest() {
ctx.JsonApiErr(404, "Not found", nil)
} else {
ctx.Error(404, "Not found")
}
return
}
c.Redirect(c.Req.URL.String(), 302)
}
}

60
pkg/middleware/org_redirect_test.go Normal file
View File

@ -0,0 +1,60 @@
package middleware
import (
"testing"
"fmt"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/models"
. "github.com/smartystreets/goconvey/convey"
)
func TestOrgRedirectMiddleware(t *testing.T) {
Convey("Can redirect to correct org", t, func() {
middlewareScenario("when setting a correct org for the user", func(sc *scenarioContext) {
sc.fakeReq("GET", "/").handler(func(c *Context) {
c.Session.Set(SESS_KEY_USERID, int64(12))
}).exec()
bus.AddHandler("test", func(query *models.SetUsingOrgCommand) error {
return nil
})
bus.AddHandler("test", func(query *models.GetSignedInUserQuery) error {
query.Result = &models.SignedInUser{OrgId: 1, UserId: 12}
return nil
})
sc.m.Get("/", sc.defaultHandler)
sc.fakeReq("GET", "/?orgId=3").exec()
Convey("change org and redirect", func() {
So(sc.resp.Code, ShouldEqual, 302)
})
})
middlewareScenario("when setting an invalid org for user", func(sc *scenarioContext) {
sc.fakeReq("GET", "/").handler(func(c *Context) {
c.Session.Set(SESS_KEY_USERID, int64(12))
}).exec()
bus.AddHandler("test", func(query *models.SetUsingOrgCommand) error {
return fmt.Errorf("")
})
bus.AddHandler("test", func(query *models.GetSignedInUserQuery) error {
query.Result = &models.SignedInUser{OrgId: 1, UserId: 12}
return nil
})
sc.m.Get("/", sc.defaultHandler)
sc.fakeReq("GET", "/?orgId=3").exec()
Convey("not allowed to change org", func() {
So(sc.resp.Code, ShouldEqual, 404)
})
})
})
}

2
pkg/services/alerting/eval_context.go
View File

@ -113,7 +113,7 @@ func (c *EvalContext) GetRuleUrl() (string, error) {
if slug, err := c.GetDashboardSlug(); err != nil { if slug, err := c.GetDashboardSlug(); err != nil {
return "", err return "", err
} else { } else {
ruleUrl := fmt.Sprintf("%sdashboard/db/%s?fullscreen&edit&tab=alert&panelId=%d", setting.AppUrl, slug, c.Rule.PanelId) ruleUrl := fmt.Sprintf("%sdashboard/db/%s?fullscreen&edit&tab=alert&panelId=%d&orgId=%d", setting.AppUrl, slug, c.Rule.PanelId, c.Rule.OrgId)
return ruleUrl, nil return ruleUrl, nil
} }
} }

16
pkg/services/sqlstore/user.go
View File

@ -6,6 +6,8 @@ import (
"github.com/go-xorm/xorm" "github.com/go-xorm/xorm"
"fmt"
"github.com/grafana/grafana/pkg/bus" "github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/events" "github.com/grafana/grafana/pkg/events"
m "github.com/grafana/grafana/pkg/models" m "github.com/grafana/grafana/pkg/models"
@ -260,6 +262,20 @@ func ChangeUserPassword(cmd *m.ChangeUserPasswordCommand) error {
} }
func SetUsingOrg(cmd *m.SetUsingOrgCommand) error { func SetUsingOrg(cmd *m.SetUsingOrgCommand) error {
getOrgsForUserCmd := &m.GetUserOrgListQuery{UserId: cmd.UserId}
GetUserOrgList(getOrgsForUserCmd)
valid := false
for _, other := range getOrgsForUserCmd.Result {
if other.OrgId == cmd.OrgId {
valid = true
}
}
if !valid {
return fmt.Errorf("user does not belong ot org")
}
return inTransaction(func(sess *xorm.Session) error { return inTransaction(func(sess *xorm.Session) error {
user := m.User{} user := m.User{}
sess.Id(cmd.UserId).Get(&user) sess.Id(cmd.UserId).Get(&user)