Fixed anonymous access mode, Closes #1586

2025-02-25 18:55:37 -06:00 · 2015-03-11 17:34:11 +01:00 · 2015-03-11 17:34:11 +01:00 · 477e035f2e
commit 477e035f2e
parent f3d4d2782f
6 changed files with 25 additions and 31 deletions
--- a/conf/defaults.ini
+++ b/conf/defaults.ini
@ -75,7 +75,7 @@ auto_assign_org_role = Viewer
 ; enable anonymous access
 enabled = false
 ; specify organization name that should be used for unauthenticated users
-org_name = main
+org_name = Main org.
 ; specify role for unauthenticated users
 org_role = Viewer

--- a/pkg/api/dataproxy.go
+++ b/pkg/api/dataproxy.go
@ -47,15 +47,11 @@ func NewReverseProxy(ds *m.DataSource, proxyPath string) *httputil.ReverseProxy
 // TODO: need to cache datasources
 func ProxyDataSourceRequest(c *middleware.Context) {
 	id := c.ParamsInt64(":id")
+	query := m.GetDataSourceByIdQuery{Id: id, OrgId: c.OrgId}

-	query := m.GetDataSourceByIdQuery{
-		Id:    id,
-		OrgId: c.OrgId,
-	}
-
-	err := bus.Dispatch(&query)
-	if err != nil {
+	if err := bus.Dispatch(&query); err != nil {
 		c.JsonApiErr(500, "Unable to load datasource meta data", err)
+		return
 	}

 	proxyPath := c.Params("*")
--- a/pkg/api/frontendsettings.go
+++ b/pkg/api/frontendsettings.go
@ -16,7 +16,7 @@ import (
 func getFrontendSettingsMap(c *middleware.Context) (map[string]interface{}, error) {
 	orgDataSources := make([]*m.DataSource, 0)

-	if c.IsSignedIn {
+	if c.OrgId != 0 {
 		query := m.GetDataSourcesQuery{OrgId: c.OrgId}
 		err := bus.Dispatch(&query)

--- a/pkg/middleware/auth.go
+++ b/pkg/middleware/auth.go
@ -23,7 +23,7 @@ func getRequestUserId(c *Context) int64 {
 	}

 	// TODO: figure out a way to secure this
-	if c.Query("render") == "1" {
+	if c.Req.URL.Query().Get("render") == "1" {
 		userId := c.QueryInt64(SESS_KEY_USERID)
 		c.Session.Set(SESS_KEY_USERID, userId)
 		return userId
@ -75,7 +75,7 @@ func Auth(options *AuthOptions) macaron.Handler {
 			return
 		}

-		if !c.IsSignedIn && options.ReqSignedIn && !c.HasAnonymousAccess {
+		if !c.IsSignedIn && options.ReqSignedIn && !c.AllowAnonymous {
 			c.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+c.Req.RequestURI), 0, setting.AppSubUrl+"/")
 			authDenied(c)
 			return
--- a/pkg/middleware/middleware.go
+++ b/pkg/middleware/middleware.go
@ -1,7 +1,6 @@
 package middleware

 import (
-	"encoding/json"
 	"strconv"
 	"strings"

@ -21,18 +20,18 @@ type Context struct {

 	Session session.Store

-	IsSignedIn         bool
-	HasAnonymousAccess bool
+	IsSignedIn     bool
+	AllowAnonymous bool
 }

 func GetContextHandler() macaron.Handler {
 	return func(c *macaron.Context, sess session.Store) {
 		ctx := &Context{
-			Context:            c,
-			Session:            sess,
-			SignedInUser:       &m.SignedInUser{},
-			IsSignedIn:         false,
-			HasAnonymousAccess: false,
+			Context:        c,
+			Session:        sess,
+			SignedInUser:   &m.SignedInUser{},
+			IsSignedIn:     false,
+			AllowAnonymous: false,
 		}

 		// try get account id from request
@ -76,12 +75,10 @@ func GetContextHandler() macaron.Handler {
 		} else if setting.AnonymousEnabled {
 			orgQuery := m.GetOrgByNameQuery{Name: setting.AnonymousOrgName}
 			if err := bus.Dispatch(&orgQuery); err != nil {
-				if err == m.ErrOrgNotFound {
-					log.Error(3, "Anonymous access organization name does not exist", nil)
-				}
+				log.Error(3, "Anonymous access organization error", nil)
 			} else {
 				ctx.IsSignedIn = false
-				ctx.HasAnonymousAccess = true
+				ctx.AllowAnonymous = true
 				ctx.SignedInUser = &m.SignedInUser{}
 				ctx.OrgRole = m.RoleType(setting.AnonymousOrgRole)
 				ctx.OrgId = orgQuery.Result.Id
@ -141,9 +138,3 @@ func (ctx *Context) JsonApiErr(status int, message string, err error) {

 	ctx.JSON(status, resp)
 }
-
-func (ctx *Context) JsonBody(model interface{}) bool {
-	b, _ := ctx.Req.Body().Bytes()
-	err := json.Unmarshal(b, &model)
-	return err == nil
-}
--- a/src/app/partials/sidemenu.html
+++ b/src/app/partials/sidemenu.html
@ -28,7 +28,7 @@

 	<ul class="sidemenu sidemenu-small" style="margin-top:50px" ng-if="!systemSection">

-		<li>
+		<li ng-if="contextSrv.user.isSignedIn">
 			<a href="profile" class="sidemenu-item">
 				<img ng-src="{{contextSrv.user.gravatarUrl}}">
 				<span class="sidemenu-item-text">{{contextSrv.user.name}}</span>
@ -61,12 +61,19 @@
 	   	</a>
 		</li>

-		<li>
+		<li ng-if="contextSrv.isSignedIn">
 			<a href="logout" class="sidemenu-item" target="_self">
 				<span class="icon-circle sidemenu-icon"><i class="fa fa-fw fa-sign-out"></i></span>
 				<span class="sidemenu-item-text">Sign out</span>
 	   	</a>
 		</li>
+
+		<li ng-if="!contextSrv.isSignedIn">
+			<a href="login" class="sidemenu-item" target="_self">
+				<span class="icon-circle sidemenu-icon"><i class="fa fa-fw fa-sign-in"></i></span>
+				<span class="sidemenu-item-text">Sign in</span>
+	   	</a>
+		</li>
 	</ul>

 	<ul class="sidemenu sidemenu-small" style="margin-top:50px" ng-if="systemSection">