IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

teams: viewers and editors can view teams

Browse Source
This commit is contained in:
Hugo Häggmark 2019-03-13 10:38:09 +01:00 committed by Leonard Gram
parent c420af16b1
commit 782b5b6a3a
5 changed files with 15 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/api/api.go
View File

@ -14,7 +14,7 @@ func (hs *HTTPServer) registerRoutes() {
reqGrafanaAdmin := middleware.ReqGrafanaAdmin reqGrafanaAdmin := middleware.ReqGrafanaAdmin
reqEditorRole := middleware.ReqEditorRole reqEditorRole := middleware.ReqEditorRole
reqOrgAdmin := middleware.ReqOrgAdmin reqOrgAdmin := middleware.ReqOrgAdmin
reqAdminOrEditorCanAdmin := middleware.EditorCanAdmin(hs.Cfg.EditorsCanAdmin) reqAdminOrCanAdmin := middleware.AdminOrCanAdmin(hs.Cfg.EditorsCanAdmin)
redirectFromLegacyDashboardURL := middleware.RedirectFromLegacyDashboardURL() redirectFromLegacyDashboardURL := middleware.RedirectFromLegacyDashboardURL()
redirectFromLegacyDashboardSoloURL := middleware.RedirectFromLegacyDashboardSoloURL() redirectFromLegacyDashboardSoloURL := middleware.RedirectFromLegacyDashboardSoloURL()
quota := middleware.Quota(hs.QuotaService) quota := middleware.Quota(hs.QuotaService)
@ -42,8 +42,8 @@ func (hs *HTTPServer) registerRoutes() {
r.Get("/org/users", reqOrgAdmin, hs.Index) r.Get("/org/users", reqOrgAdmin, hs.Index)
r.Get("/org/users/new", reqOrgAdmin, hs.Index) r.Get("/org/users/new", reqOrgAdmin, hs.Index)
r.Get("/org/users/invite", reqOrgAdmin, hs.Index) r.Get("/org/users/invite", reqOrgAdmin, hs.Index)
r.Get("/org/teams", reqAdminOrEditorCanAdmin, hs.Index) r.Get("/org/teams", reqAdminOrCanAdmin, hs.Index)
r.Get("/org/teams/*", reqAdminOrEditorCanAdmin, hs.Index) r.Get("/org/teams/*", reqAdminOrCanAdmin, hs.Index)
r.Get("/org/apikeys/", reqOrgAdmin, hs.Index) r.Get("/org/apikeys/", reqOrgAdmin, hs.Index)
r.Get("/dashboard/import/", reqSignedIn, hs.Index) r.Get("/dashboard/import/", reqSignedIn, hs.Index)
r.Get("/configuration", reqGrafanaAdmin, hs.Index) r.Get("/configuration", reqGrafanaAdmin, hs.Index)
@ -163,7 +163,7 @@ func (hs *HTTPServer) registerRoutes() {
teamsRoute.Delete("/:teamId/members/:userId", Wrap(hs.RemoveTeamMember)) teamsRoute.Delete("/:teamId/members/:userId", Wrap(hs.RemoveTeamMember))
teamsRoute.Get("/:teamId/preferences", Wrap(GetTeamPreferences)) teamsRoute.Get("/:teamId/preferences", Wrap(GetTeamPreferences))
teamsRoute.Put("/:teamId/preferences", bind(dtos.UpdatePrefsCmd{}), Wrap(UpdateTeamPreferences)) teamsRoute.Put("/:teamId/preferences", bind(dtos.UpdatePrefsCmd{}), Wrap(UpdateTeamPreferences))
}, reqAdminOrEditorCanAdmin) }, reqAdminOrCanAdmin)
// team without requirement of user to be org admin // team without requirement of user to be org admin
apiRoute.Group("/teams", func(teamsRoute routing.RouteRegister) { apiRoute.Group("/teams", func(teamsRoute routing.RouteRegister) {

9
pkg/api/index.go
View File

@ -327,7 +327,7 @@ func (hs *HTTPServer) setIndexViewData(c *m.ReqContext) (*dtos.IndexViewData, er
}) })
} }
if c.OrgRole == m.ROLE_EDITOR && hs.Cfg.EditorsCanAdmin { if (c.OrgRole == m.ROLE_EDITOR || c.OrgRole == m.ROLE_VIEWER) && hs.Cfg.EditorsCanAdmin {
cfgNode := &dtos.NavLink{ cfgNode := &dtos.NavLink{
Id: "cfg", Id: "cfg",
Text: "Configuration", Text: "Configuration",
@ -342,13 +342,6 @@ func (hs *HTTPServer) setIndexViewData(c *m.ReqContext) (*dtos.IndexViewData, er
Icon: "gicon gicon-team", Icon: "gicon gicon-team",
Url: setting.AppSubUrl + "/org/teams", Url: setting.AppSubUrl + "/org/teams",
}, },
{
Text: "Plugins",
Id: "plugins",
Description: "View and configure plugins",
Icon: "gicon gicon-plugins",
Url: setting.AppSubUrl + "/plugins",
},
}, },
} }

5
pkg/api/team.go
View File

@ -11,6 +11,11 @@ import (
// POST /api/teams // POST /api/teams
func (hs *HTTPServer) CreateTeam(c *m.ReqContext, cmd m.CreateTeamCommand) Response { func (hs *HTTPServer) CreateTeam(c *m.ReqContext, cmd m.CreateTeamCommand) Response {
cmd.OrgId = c.OrgId cmd.OrgId = c.OrgId
if c.OrgRole == m.ROLE_VIEWER {
return Error(403, "Not allowed to create team.", nil)
}
if err := bus.Dispatch(&cmd); err != nil { if err := bus.Dispatch(&cmd); err != nil {
if err == m.ErrTeamNameTaken { if err == m.ErrTeamNameTaken {
return Error(409, "Team name taken", err) return Error(409, "Team name taken", err)

11
pkg/middleware/auth.go
View File

@ -87,18 +87,13 @@ func Auth(options *AuthOptions) macaron.Handler {
} }
} }
func EditorCanAdmin(enabled bool) macaron.Handler { func AdminOrCanAdmin(enabled bool) macaron.Handler {
return func(c *m.ReqContext) { return func(c *m.ReqContext) {
ok := false
if c.OrgRole == m.ROLE_ADMIN { if c.OrgRole == m.ROLE_ADMIN {
ok = true return
} }
if c.OrgRole == m.ROLE_EDITOR && enabled { if !enabled {
ok = true
}
if !ok {
accessForbidden(c) accessForbidden(c)
} }
} }

4
public/app/routes/routes.ts
View File

@ -195,7 +195,7 @@ export function setupAngularRoutes($routeProvider, $locationProvider) {
.when('/org/teams', { .when('/org/teams', {
template: '<react-container />', template: '<react-container />',
resolve: { resolve: {
roles: () => ['Editor', 'Admin'], roles: () => (config.editorsCanAdmin ? [] : ['Editor', 'Admin']),
component: () => TeamList, component: () => TeamList,
}, },
}) })
@ -207,7 +207,7 @@ export function setupAngularRoutes($routeProvider, $locationProvider) {
.when('/org/teams/edit/:id/:page?', { .when('/org/teams/edit/:id/:page?', {
template: '<react-container />', template: '<react-container />',
resolve: { resolve: {
roles: () => (config.editorsCanAdmin ? ['Editor', 'Admin'] : ['Admin']), roles: () => (config.editorsCanAdmin ? [] : ['Admin']),
component: () => TeamPages, component: () => TeamPages,
}, },
}) })