IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-11 08:05:43 -06:00
Code Issues Packages Projects Releases Wiki Activity

Access control: Redirect non-API calls (#41100)

Browse Source
This commit is contained in:
Emil Tullstedt 2021-11-04 09:59:52 +01:00 committed by GitHub
parent 5afaf8930c
commit 3b637f4b44
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/services/accesscontrol/middleware/middleware.go
View File

@ -7,6 +7,7 @@ import (
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/accesscontrol"
"github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/util"
"github.com/grafana/grafana/pkg/web"
)
@ -46,6 +47,12 @@ func Deny(c *models.ReqContext, evaluator accesscontrol.Evaluator, err error) {
)
}
if !c.IsApiRequest() {
// TODO(emil): I'd like to show a message after this redirect, not sure how that can be done?
c.Redirect(setting.AppSubUrl + "/")
return
}
// If the user triggers an error in the access control system, we
// don't want the user to be aware of that, so the user gets the
// same information from the system regardless of if it's an