IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Access Control: Allow dashboard admins to query org users (#51652)

Browse Source 
* allow dashboard admins to query org users

* rename one more variable
This commit is contained in:
Ieva
2022-07-04 10:43:06 +01:00
committed by GitHub
parent 3df34fe064
commit 75873d05d7
10 changed files with 26 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/middleware/auth.go
View File

@@ -192,18 +192,18 @@ func shouldForceLogin(c *models.ReqContext) bool {
return forceLogin
}
func OrgAdminFolderAdminOrTeamAdmin(ss sqlstore.Store, ds dashboards.DashboardService) func(c *models.ReqContext) {
func OrgAdminDashOrFolderAdminOrTeamAdmin(ss sqlstore.Store, ds dashboards.DashboardService) func(c *models.ReqContext) {
return func(c *models.ReqContext) {
if c.OrgRole == models.ROLE_ADMIN {
return
}
hasAdminPermissionInFoldersQuery := models.HasAdminPermissionInFoldersQuery{SignedInUser: c.SignedInUser}
if err := ds.HasAdminPermissionInFolders(c.Req.Context(), &hasAdminPermissionInFoldersQuery); err != nil {
hasAdminPermissionInDashOrFoldersQuery := models.HasAdminPermissionInDashboardsOrFoldersQuery{SignedInUser: c.SignedInUser}
if err := ds.HasAdminPermissionInDashboardsOrFolders(c.Req.Context(), &hasAdminPermissionInDashOrFoldersQuery); err != nil {
c.JsonApiErr(500, "Failed to check if user is a folder admin", err)
}
if hasAdminPermissionInFoldersQuery.Result {
if hasAdminPermissionInDashOrFoldersQuery.Result {
return
}