IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-10 23:55:47 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12108 from grafana/davkal/12001-explore-permissions

Browse Source 
Restrict Explore UI to Editor and Admin roles
This commit is contained in:
David 2018-06-04 16:01:39 +02:00 committed by GitHub
commit b5c53aae97
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 50 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/api/api.go
View File

@ -77,6 +77,9 @@ func (hs *HTTPServer) registerRoutes() {
r.Get("/dashboards/", reqSignedIn, Index) r.Get("/dashboards/", reqSignedIn, Index)
r.Get("/dashboards/*", reqSignedIn, Index) r.Get("/dashboards/*", reqSignedIn, Index)
r.Get("/explore/", reqEditorRole, Index)
r.Get("/explore/*", reqEditorRole, Index)
r.Get("/playlists/", reqSignedIn, Index) r.Get("/playlists/", reqSignedIn, Index)
r.Get("/playlists/*", reqSignedIn, Index) r.Get("/playlists/*", reqSignedIn, Index)
r.Get("/alerting/", reqSignedIn, Index) r.Get("/alerting/", reqSignedIn, Index)

2
pkg/api/index.go
View File

@ -128,7 +128,7 @@ func setIndexViewData(c *m.ReqContext) (*dtos.IndexViewData, error) {
Children: dashboardChildNavs, Children: dashboardChildNavs,
}) })
if setting.ExploreEnabled { if setting.ExploreEnabled && (c.OrgRole == m.ROLE_ADMIN || c.OrgRole == m.ROLE_EDITOR) {
data.NavTree = append(data.NavTree, &dtos.NavLink{ data.NavTree = append(data.NavTree, &dtos.NavLink{
Text: "Explore", Text: "Explore",
Id: "explore", Id: "explore",

33
public/app/core/services/keybindingSrv.ts
View File

@ -14,7 +14,7 @@ export class KeybindingSrv {
timepickerOpen = false; timepickerOpen = false;
/** @ngInject */ /** @ngInject */
constructor(private $rootScope, private $location, private datasourceSrv, private timeSrv) { constructor(private $rootScope, private $location, private datasourceSrv, private timeSrv, private contextSrv) {
// clear out all shortcuts on route change // clear out all shortcuts on route change
$rootScope.$on('$routeChangeSuccess', () => { $rootScope.$on('$routeChangeSuccess', () => {
Mousetrap.reset(); Mousetrap.reset();
@ -177,21 +177,24 @@ export class KeybindingSrv {
} }
}); });
this.bind('x', async () => { // jump to explore if permissions allow
if (dashboard.meta.focusPanelId) { if (this.contextSrv.isEditor) {
const panel = dashboard.getPanelById(dashboard.meta.focusPanelId); this.bind('x', async () => {
const datasource = await this.datasourceSrv.get(panel.datasource); if (dashboard.meta.focusPanelId) {
if (datasource && datasource.supportsExplore) { const panel = dashboard.getPanelById(dashboard.meta.focusPanelId);
const range = this.timeSrv.timeRangeForUrl(); const datasource = await this.datasourceSrv.get(panel.datasource);
const state = { if (datasource && datasource.supportsExplore) {
...datasource.getExploreState(panel), const range = this.timeSrv.timeRangeForUrl();
range, const state = {
}; ...datasource.getExploreState(panel),
const exploreState = encodePathComponent(JSON.stringify(state)); range,
this.$location.url(`/explore/${exploreState}`); };
const exploreState = encodePathComponent(JSON.stringify(state));
this.$location.url(`/explore/${exploreState}`);
}
} }
} });
}); }
// delete panel // delete panel
this.bind('p r', () => { this.bind('p r', () => {

8
public/app/features/panel/metrics_panel_ctrl.ts
View File

@ -1,9 +1,9 @@
import config from 'app/core/config';
import $ from 'jquery'; import $ from 'jquery';
import _ from 'lodash'; import _ from 'lodash';
import config from 'app/core/config';
import kbn from 'app/core/utils/kbn'; import kbn from 'app/core/utils/kbn';
import { PanelCtrl } from 'app/features/panel/panel_ctrl'; import { PanelCtrl } from 'app/features/panel/panel_ctrl';
import * as rangeUtil from 'app/core/utils/rangeutil'; import * as rangeUtil from 'app/core/utils/rangeutil';
import * as dateMath from 'app/core/utils/datemath'; import * as dateMath from 'app/core/utils/datemath';
import { encodePathComponent } from 'app/core/utils/location_util'; import { encodePathComponent } from 'app/core/utils/location_util';
@ -16,6 +16,7 @@ class MetricsPanelCtrl extends PanelCtrl {
datasourceName: any; datasourceName: any;
$q: any; $q: any;
$timeout: any; $timeout: any;
contextSrv: any;
datasourceSrv: any; datasourceSrv: any;
timeSrv: any; timeSrv: any;
templateSrv: any; templateSrv: any;
@ -37,6 +38,7 @@ class MetricsPanelCtrl extends PanelCtrl {
// make metrics tab the default // make metrics tab the default
this.editorTabIndex = 1; this.editorTabIndex = 1;
this.$q = $injector.get('$q'); this.$q = $injector.get('$q');
this.contextSrv = $injector.get('contextSrv');
this.datasourceSrv = $injector.get('datasourceSrv'); this.datasourceSrv = $injector.get('datasourceSrv');
this.timeSrv = $injector.get('timeSrv'); this.timeSrv = $injector.get('timeSrv');
this.templateSrv = $injector.get('templateSrv'); this.templateSrv = $injector.get('templateSrv');
@ -312,7 +314,7 @@ class MetricsPanelCtrl extends PanelCtrl {
getAdditionalMenuItems() { getAdditionalMenuItems() {
const items = []; const items = [];
if (this.datasource && this.datasource.supportsExplore) { if (this.contextSrv.isEditor && this.datasource && this.datasource.supportsExplore) {
items.push({ items.push({
text: 'Explore', text: 'Explore',
click: 'ctrl.explore();', click: 'ctrl.explore();',

3
public/app/features/panel/specs/metrics_panel_ctrl.jest.ts
View File

@ -24,8 +24,9 @@ describe('MetricsPanelCtrl', () => {
}); });
}); });
describe('and has datasource set that supports explore', () => { describe('and has datasource set that supports explore and user has powers', () => {
beforeEach(() => { beforeEach(() => {
ctrl.contextSrv = { isEditor: true };
ctrl.datasource = { supportsExplore: true }; ctrl.datasource = { supportsExplore: true };
additionalItems = ctrl.getAdditionalMenuItems(); additionalItems = ctrl.getAdditionalMenuItems();
}); });

20
public/app/routes/ReactContainer.tsx
View File

@ -6,6 +6,7 @@ import coreModule from 'app/core/core_module';
import { store } from 'app/stores/store'; import { store } from 'app/stores/store';
import { BackendSrv } from 'app/core/services/backend_srv'; import { BackendSrv } from 'app/core/services/backend_srv';
import { DatasourceSrv } from 'app/features/plugins/datasource_srv'; import { DatasourceSrv } from 'app/features/plugins/datasource_srv';
import { ContextSrv } from 'app/core/services/context_srv';
function WrapInProvider(store, Component, props) { function WrapInProvider(store, Component, props) {
return ( return (
@ -16,16 +17,31 @@ function WrapInProvider(store, Component, props) {
} }
/** @ngInject */ /** @ngInject */
export function reactContainer($route, $location, backendSrv: BackendSrv, datasourceSrv: DatasourceSrv) { export function reactContainer(
$route,
$location,
backendSrv: BackendSrv,
datasourceSrv: DatasourceSrv,
contextSrv: ContextSrv
) {
return { return {
restrict: 'E', restrict: 'E',
template: '', template: '',
link(scope, elem) { link(scope, elem) {
let component = $route.current.locals.component; // Check permissions for this component
const { roles } = $route.current.locals;
if (roles && roles.length) {
if (!roles.some(r => contextSrv.hasRole(r))) {
$location.url('/');
}
}
let { component } = $route.current.locals;
// Dynamic imports return whole module, need to extract default export // Dynamic imports return whole module, need to extract default export
if (component.default) { if (component.default) {
component = component.default; component = component.default;
} }
const props = { const props = {
backendSrv: backendSrv, backendSrv: backendSrv,
datasourceSrv: datasourceSrv, datasourceSrv: datasourceSrv,

1
public/app/routes/routes.ts
View File

@ -113,6 +113,7 @@ export function setupAngularRoutes($routeProvider, $locationProvider) {
.when('/explore/:initial?', { .when('/explore/:initial?', {
template: '<react-container />', template: '<react-container />',
resolve: { resolve: {
roles: () => ['Editor', 'Admin'],
component: () => import(/* webpackChunkName: "explore" */ 'app/containers/Explore/Wrapper'), component: () => import(/* webpackChunkName: "explore" */ 'app/containers/Explore/Wrapper'),
}, },
}) })

2
public/test/specs/helpers.ts
View File

@ -11,6 +11,7 @@ export function ControllerTestContext() {
this.$element = {}; this.$element = {};
this.$sanitize = {}; this.$sanitize = {};
this.annotationsSrv = {}; this.annotationsSrv = {};
this.contextSrv = {};
this.timeSrv = new TimeSrvStub(); this.timeSrv = new TimeSrvStub();
this.templateSrv = new TemplateSrvStub(); this.templateSrv = new TemplateSrvStub();
this.datasourceSrv = { this.datasourceSrv = {
@ -27,6 +28,7 @@ export function ControllerTestContext() {
this.providePhase = function(mocks) { this.providePhase = function(mocks) {
return angularMocks.module(function($provide) { return angularMocks.module(function($provide) {
$provide.value('contextSrv', self.contextSrv);
$provide.value('datasourceSrv', self.datasourceSrv); $provide.value('datasourceSrv', self.datasourceSrv);
$provide.value('annotationsSrv', self.annotationsSrv); $provide.value('annotationsSrv', self.annotationsSrv);
$provide.value('timeSrv', self.timeSrv); $provide.value('timeSrv', self.timeSrv);