mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
Api Key role is now correcty added do middleware context
This commit is contained in:
Torkel Ödegaard
@@ -1,13 +1,11 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/Unknwon/macaron"
|
||||
|
||||
"github.com/torkelo/grafana-pro/pkg/bus"
|
||||
m "github.com/torkelo/grafana-pro/pkg/models"
|
||||
"github.com/torkelo/grafana-pro/pkg/setting"
|
||||
)
|
||||
@@ -17,11 +15,11 @@ type AuthOptions struct {
|
||||
ReqSignedIn bool
|
||||
}
|
||||
|
||||
func getRequestAccountId(c *Context) (int64, error) {
|
||||
func getRequestAccountId(c *Context) int64 {
|
||||
accountId := c.Session.Get("accountId")
|
||||
|
||||
if accountId != nil {
|
||||
return accountId.(int64), nil
|
||||
return accountId.(int64)
|
||||
}
|
||||
|
||||
// localhost render query
|
||||
@@ -32,24 +30,18 @@ func getRequestAccountId(c *Context) (int64, error) {
|
||||
accountId = accId
|
||||
}
|
||||
|
||||
// check api token
|
||||
return 0
|
||||
}
|
||||
|
||||
func getApiToken(c *Context) string {
|
||||
header := c.Req.Header.Get("Authorization")
|
||||
parts := strings.SplitN(header, " ", 2)
|
||||
if len(parts) == 2 || parts[0] == "Bearer" {
|
||||
token := parts[1]
|
||||
userQuery := m.GetAccountByTokenQuery{Token: token}
|
||||
if err := bus.Dispatch(&userQuery); err != nil {
|
||||
return -1, err
|
||||
}
|
||||
return userQuery.Result.Id, nil
|
||||
return token
|
||||
}
|
||||
|
||||
// anonymous gues user
|
||||
if setting.Anonymous {
|
||||
return setting.AnonymousAccountId, nil
|
||||
}
|
||||
|
||||
return -1, errors.New("Auth: session account id not found")
|
||||
return ""
|
||||
}
|
||||
|
||||
func authDenied(c *Context) {
|
||||
|
||||
@@ -31,7 +31,7 @@ func GetContextHandler() macaron.Handler {
|
||||
}
|
||||
|
||||
// try get account id from request
|
||||
if accountId, err := getRequestAccountId(ctx); err == nil {
|
||||
if accountId := getRequestAccountId(ctx); accountId != 0 {
|
||||
query := m.GetSignedInUserQuery{AccountId: accountId}
|
||||
if err := bus.Dispatch(&query); err != nil {
|
||||
log.Error(3, "Failed to get user by id, %v, %v", accountId, err)
|
||||
@@ -39,6 +39,28 @@ func GetContextHandler() macaron.Handler {
|
||||
ctx.IsSignedIn = true
|
||||
ctx.SignInUser = query.Result
|
||||
}
|
||||
} else if token := getApiToken(ctx); token != "" {
|
||||
// Try API Key auth
|
||||
tokenQuery := m.GetTokenByTokenQuery{Token: token}
|
||||
if err := bus.Dispatch(&tokenQuery); err != nil {
|
||||
ctx.JsonApiErr(401, "Invalid token", err)
|
||||
return
|
||||
} else {
|
||||
tokenInfo := tokenQuery.Result
|
||||
query := m.GetSignedInUserQuery{AccountId: tokenInfo.AccountId}
|
||||
if err := bus.Dispatch(&query); err != nil {
|
||||
ctx.JsonApiErr(401, "Invalid token", err)
|
||||
return
|
||||
}
|
||||
|
||||
ctx.IsSignedIn = true
|
||||
ctx.SignInUser = query.Result
|
||||
|
||||
// api key role
|
||||
ctx.SignInUser.UserRole = tokenInfo.Role
|
||||
ctx.SignInUser.UsingAccountId = ctx.SignInUser.AccountId
|
||||
ctx.SignInUser.UsingAccountName = ctx.SignInUser.UserName
|
||||
}
|
||||
}
|
||||
|
||||
c.Map(ctx)
|
||||
|
||||
Reference in New Issue
Block a user