IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-01-13 09:32:12 -06:00
Code Issues Packages Projects Releases Wiki Activity

Snapshots: Fix usage of sign in link from the snapshot page (#31986)

Browse Source 
Fix redirect to login page from snapshot page when not authenticated.

Fixes #28547
This commit is contained in:
Marcus Efraimsson 2021-03-16 16:46:34 +01:00 committed by GitHub
parent 669a616797
commit a97637a133
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/api/api.go
View File

@ -18,6 +18,7 @@ var plog = log.New("api")
// registerRoutes registers all API HTTP routes. // registerRoutes registers all API HTTP routes.
func (hs *HTTPServer) registerRoutes() { func (hs *HTTPServer) registerRoutes() {
reqNoAuth := middleware.NoAuth()
reqSignedIn := middleware.ReqSignedIn reqSignedIn := middleware.ReqSignedIn
reqSignedInNoAnonymous := middleware.ReqSignedInNoAnonymous reqSignedInNoAnonymous := middleware.ReqSignedInNoAnonymous
reqGrafanaAdmin := middleware.ReqGrafanaAdmin reqGrafanaAdmin := middleware.ReqGrafanaAdmin
@ -118,7 +119,7 @@ func (hs *HTTPServer) registerRoutes() {
r.Post("/api/user/password/reset", bind(dtos.ResetUserPasswordForm{}), routing.Wrap(ResetPassword)) r.Post("/api/user/password/reset", bind(dtos.ResetUserPasswordForm{}), routing.Wrap(ResetPassword))
// dashboard snapshots // dashboard snapshots
r.Get("/dashboard/snapshot/*", hs.Index) r.Get("/dashboard/snapshot/*", reqNoAuth, hs.Index)
r.Get("/dashboard/snapshots/", reqSignedIn, hs.Index) r.Get("/dashboard/snapshots/", reqSignedIn, hs.Index)
// api renew session based on cookie // api renew session based on cookie

30
pkg/middleware/auth.go
View File

@ -76,13 +76,8 @@ func RoleAuth(roles ...models.RoleType) macaron.Handler {
func Auth(options *AuthOptions) macaron.Handler { func Auth(options *AuthOptions) macaron.Handler {
return func(c *models.ReqContext) { return func(c *models.ReqContext) {
forceLogin := false forceLogin := false
if c.AllowAnonymous { if c.AllowAnonymous {
forceLoginParam, err := strconv.ParseBool(c.Req.URL.Query().Get("forceLogin")) forceLogin = shouldForceLogin(c)
if err == nil {
forceLogin = forceLoginParam
}
if !forceLogin { if !forceLogin {
orgIDValue := c.Req.URL.Query().Get("orgId") orgIDValue := c.Req.URL.Query().Get("orgId")
orgID, err := strconv.ParseInt(orgIDValue, 10, 64) orgID, err := strconv.ParseInt(orgIDValue, 10, 64)
@ -137,3 +132,26 @@ func SnapshotPublicModeOrSignedIn(cfg *setting.Cfg) macaron.Handler {
} }
} }
} }
// NoAuth creates a middleware that doesn't require any authentication.
// If forceLogin param is set it will redirect the user to the login page.
func NoAuth() macaron.Handler {
return func(c *models.ReqContext) {
if shouldForceLogin(c) {
notAuthorized(c)
return
}
}
}
// shouldForceLogin checks if user should be enforced to login.
// Returns true if forceLogin parameter is set.
func shouldForceLogin(c *models.ReqContext) bool {
forceLogin := false
forceLoginParam, err := strconv.ParseBool(c.Req.URL.Query().Get("forceLogin"))
if err == nil {
forceLogin = forceLoginParam
}
return forceLogin
}