API: Cache-Control (browser caching) for datasource resources: part 2 (#63060)

* Check if header string contains "public" or "private" target values

pkg/middleware/middleware.go

@@ -109,10 +109,11 @@ func allowCacheControl(rw web.ResponseWriter) bool {
 	foundPrivate := false
 	foundPublic := false
 	for _, val := range ccHeaderValues {
-		if val == "private" {
+		strings.Contains(val, "private")
+		if strings.Contains(val, "private") {
 			foundPrivate = true
 		}
-		if val == "public" {
+		if strings.Contains(val, "public") {
 			foundPublic = true
 		}
 	}

pkg/middleware/middleware_test.go

@@ -158,15 +158,15 @@ func TestMiddlewareContext(t *testing.T) {
 
 	middlewareScenario(t, "middleware should pass cache-control on resources with private cache control", func(t *testing.T, sc *scenarioContext) {
 		sc = sc.fakeReq("GET", "/api/datasources/1/resources/foo")
-		sc.resp.Header().Add("Cache-Control", "private")
+		sc.resp.Header().Add("Cache-Control", "private, max-age=86400")
 		sc.resp.Header().Add("X-Grafana-Cache", "true")
 		sc.exec()
-		assert.Equal(t, "private", sc.resp.Header().Get("Cache-Control"))
+		assert.Equal(t, "private, max-age=86400", sc.resp.Header().Get("Cache-Control"))
 	})
 
 	middlewareScenario(t, "middleware should not pass cache-control on resources with public cache control", func(t *testing.T, sc *scenarioContext) {
 		sc = sc.fakeReq("GET", "/api/datasources/1/resources/foo")
-		sc.resp.Header().Add("Cache-Control", "public")
+		sc.resp.Header().Add("Cache-Control", "public, max-age=86400, private")
 		sc.resp.Header().Add("X-Grafana-Cache", "true")
 		sc.exec()
 		assert.Equal(t, noStore, sc.resp.Header().Get("Cache-Control"))