IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Viewers with viewers_can_edit should be able to access /explore (#15787)

Browse Source 
* fix: Viewers with viewers_can_edit should be able to access /explore #15773

* refactoring initial PR a bit to simplify function and reduce duplication
This commit is contained in:
Johannes Schill
2019-03-05 12:41:01 +01:00
committed by Torkel Ödegaard
parent be8f60b0bf
commit a81d5486b0
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/middleware/auth.go
View File

@@ -4,7 +4,7 @@ import (
"net/url"
"strings"
"gopkg.in/macaron.v1"
macaron "gopkg.in/macaron.v1"
m "github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/setting"
@@ -52,6 +52,12 @@ func notAuthorized(c *m.ReqContext) {
c.Redirect(setting.AppSubUrl + "/login")
}
func EnsureEditorOrViewerCanEdit(c *m.ReqContext) {
if !c.SignedInUser.HasRole(m.ROLE_EDITOR) && !setting.ViewersCanEdit {
accessForbidden(c)
}
}
func RoleAuth(roles ...m.RoleType) macaron.Handler {
return func(c *m.ReqContext) {
ok := false