IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Worked on anonymous access

Browse Source
This commit is contained in:
Torkel Ödegaard 2015-01-27 15:45:27 +01:00
parent 757b185398
commit a5e450a0dd
7 changed files with 66 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
conf/grafana.ini
View File

@ -59,9 +59,9 @@ default_role = Editor
; enable anonymous access ; enable anonymous access
enabled = false enabled = false
; specify account name that should be used for unauthenticated users ; specify account name that should be used for unauthenticated users
account = main account_name = main
; specify role for unauthenticated users ; specify role for unauthenticated users
role = Viewer account_role = Viewer
[auth.github] [auth.github]
enabled = false enabled = false

15
pkg/middleware/auth.go
View File

@ -6,7 +6,6 @@ import (
"github.com/Unknwon/macaron" "github.com/Unknwon/macaron"
"github.com/torkelo/grafana-pro/pkg/log"
m "github.com/torkelo/grafana-pro/pkg/models" m "github.com/torkelo/grafana-pro/pkg/models"
"github.com/torkelo/grafana-pro/pkg/setting" "github.com/torkelo/grafana-pro/pkg/setting"
) )
@ -70,17 +69,15 @@ func RoleAuth(roles ...m.RoleType) macaron.Handler {
func Auth(options *AuthOptions) macaron.Handler { func Auth(options *AuthOptions) macaron.Handler {
return func(c *Context) { return func(c *Context) {
if !c.IsSignedIn && options.ReqSignedIn {
log.Info("AppSubUrl: %v", setting.AppSubUrl)
c.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+c.Req.RequestURI), 0, setting.AppSubUrl+"/")
authDenied(c)
return
}
if !c.IsGrafanaAdmin && options.ReqGrafanaAdmin { if !c.IsGrafanaAdmin && options.ReqGrafanaAdmin {
authDenied(c) authDenied(c)
return return
} }
if !c.IsSignedIn && options.ReqSignedIn && !c.HasAnonymousAccess {
c.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+c.Req.RequestURI), 0, setting.AppSubUrl+"/")
authDenied(c)
return
}
} }
} }

19
pkg/middleware/middleware.go
View File

@ -21,6 +21,7 @@ type Context struct {
Session session.Store Session session.Store
IsSignedIn bool IsSignedIn bool
HasAnonymousAccess bool
} }
func GetContextHandler() macaron.Handler { func GetContextHandler() macaron.Handler {
@ -28,6 +29,9 @@ func GetContextHandler() macaron.Handler {
ctx := &Context{ ctx := &Context{
Context: c, Context: c,
Session: sess, Session: sess,
SignedInUser: &m.SignedInUser{},
IsSignedIn: false,
HasAnonymousAccess: false,
} }
// try get account id from request // try get account id from request
@ -36,8 +40,8 @@ func GetContextHandler() macaron.Handler {
if err := bus.Dispatch(&query); err != nil { if err := bus.Dispatch(&query); err != nil {
log.Error(3, "Failed to get user by id, %v, %v", userId, err) log.Error(3, "Failed to get user by id, %v, %v", userId, err)
} else { } else {
ctx.IsSignedIn = true
ctx.SignedInUser = query.Result ctx.SignedInUser = query.Result
ctx.IsSignedIn = true
} }
} else if key := getApiKey(ctx); key != "" { } else if key := getApiKey(ctx); key != "" {
// Try API Key auth // Try API Key auth
@ -56,6 +60,19 @@ func GetContextHandler() macaron.Handler {
ctx.ApiKeyId = keyInfo.Id ctx.ApiKeyId = keyInfo.Id
ctx.AccountId = keyInfo.AccountId ctx.AccountId = keyInfo.AccountId
} }
} else if setting.AnonymousEnabled {
accountQuery := m.GetAccountByNameQuery{Name: setting.AnonymousAccountName}
if err := bus.Dispatch(&accountQuery); err != nil {
if err == m.ErrAccountNotFound {
log.Error(3, "Anonymous access account name does not exist", nil)
}
} else {
ctx.IsSignedIn = false
ctx.HasAnonymousAccess = true
ctx.SignedInUser = &m.SignedInUser{}
ctx.AccountRole = m.RoleType(setting.AnonymousAccountRole)
ctx.AccountId = accountQuery.Result.Id
}
} }
c.Map(ctx) c.Map(ctx)

5
pkg/models/account.go
View File

@ -43,6 +43,11 @@ type GetAccountByIdQuery struct {
Result *Account Result *Account
} }
type GetAccountByNameQuery struct {
Name string
Result *Account
}
type AccountDTO struct { type AccountDTO struct {
Id int64 `json:"id"` Id int64 `json:"id"`
Name string `json:"name"` Name string `json:"name"`

3
pkg/models/user.go
View File

@ -84,6 +84,9 @@ type SearchUsersQuery struct {
// DTO & Projections // DTO & Projections
type SignedInUser struct { type SignedInUser struct {
IsSignedIn bool
IsAnonymous bool
UserId int64 UserId int64
AccountId int64 AccountId int64
AccountName string AccountName string

20
pkg/services/sqlstore/account.go
View File

@ -10,13 +10,14 @@ import (
) )
func init() { func init() {
bus.AddHandler("sql", GetAccount) bus.AddHandler("sql", GetAccountById)
bus.AddHandler("sql", CreateAccount) bus.AddHandler("sql", CreateAccount)
bus.AddHandler("sql", SetUsingAccount) bus.AddHandler("sql", SetUsingAccount)
bus.AddHandler("sql", UpdateAccount) bus.AddHandler("sql", UpdateAccount)
bus.AddHandler("sql", GetAccountByName)
} }
func GetAccount(query *m.GetAccountByIdQuery) error { func GetAccountById(query *m.GetAccountByIdQuery) error {
var account m.Account var account m.Account
exists, err := x.Id(query.Id).Get(&account) exists, err := x.Id(query.Id).Get(&account)
if err != nil { if err != nil {
@ -31,6 +32,21 @@ func GetAccount(query *m.GetAccountByIdQuery) error {
return nil return nil
} }
func GetAccountByName(query *m.GetAccountByNameQuery) error {
var account m.Account
exists, err := x.Where("name=?", query.Name).Get(&account)
if err != nil {
return err
}
if !exists {
return m.ErrAccountNotFound
}
query.Result = &account
return nil
}
func CreateAccount(cmd *m.CreateAccountCommand) error { func CreateAccount(cmd *m.CreateAccountCommand) error {
return inTransaction(func(sess *xorm.Session) error { return inTransaction(func(sess *xorm.Session) error {

20
pkg/setting/setting.go
View File

@ -72,8 +72,10 @@ var (
// Http auth // Http auth
AdminUser string AdminUser string
AdminPassword string AdminPassword string
Anonymous bool
AnonymousAccountId int64 AnonymousEnabled bool
AnonymousAccountName string
AnonymousAccountRole string
// Session settings. // Session settings.
SessionOptions session.Options SessionOptions session.Options
@ -195,17 +197,19 @@ func NewConfigContext() {
CookieUserName = security.Key("cookie_username").String() CookieUserName = security.Key("cookie_username").String()
CookieRememberName = security.Key("cookie_remember_name").String() CookieRememberName = security.Key("cookie_remember_name").String()
// admin
AdminUser = security.Key("admin_user").String()
AdminPassword = security.Key("admin_password").String()
// single account // single account
SingleAccountMode = Cfg.Section("account.single").Key("enabled").MustBool(false) SingleAccountMode = Cfg.Section("account.single").Key("enabled").MustBool(false)
DefaultAccountName = Cfg.Section("account.single").Key("account_name").MustString("main") DefaultAccountName = Cfg.Section("account.single").Key("account_name").MustString("main")
DefaultAccountRole = Cfg.Section("account.single").Key("default_role").In("Editor", []string{"Editor", "Admin", "Viewer"}) DefaultAccountRole = Cfg.Section("account.single").Key("default_role").In("Editor", []string{"Editor", "Admin", "Viewer"})
// admin // anonymous access
AdminUser = security.Key("admin_user").String() AnonymousEnabled = Cfg.Section("auth.anonymous").Key("enabled").MustBool(false)
AdminPassword = security.Key("admin_password").String() AnonymousAccountName = Cfg.Section("auth.anonymous").Key("account_name").String()
AnonymousAccountRole = Cfg.Section("auth.anonymous").Key("account_role").String()
// Anonymous = Cfg.MustBool("auth", "anonymous", false)
// AnonymousAccountId = Cfg.MustInt64("auth", "anonymous_account_id", 0)
// PhantomJS rendering // PhantomJS rendering
ImagesDir = "data/png" ImagesDir = "data/png"