IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Access control: Enable data source view for partial permissions (#44695)

Browse Source 
* Return correct value

* Remove scope all requirement

* Only add dashboard sub nav if user is admin
This commit is contained in:
Karl Persson 2022-02-01 15:00:05 +01:00 committed by GitHub
parent bc24fdcf8d
commit e93e1bdd2b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/api/datasources.go
View File

@ -606,5 +606,5 @@ func filterDatasourcesByQueryPermission(ctx context.Context, user *models.Signed
return datasources, nil
}
return query.Datasources, nil
return query.Result, nil
}

6
pkg/api/roles.go
View File

@ -256,7 +256,7 @@ func (hs *HTTPServer) declareFixedRoles() error {
// dataSourcesConfigurationAccessEvaluator is used to protect the "Configure > Data sources" tab access
var dataSourcesConfigurationAccessEvaluator = accesscontrol.EvalAll(
accesscontrol.EvalPermission(ActionDatasourcesRead, ScopeDatasourcesAll),
accesscontrol.EvalPermission(ActionDatasourcesRead),
accesscontrol.EvalAny(
accesscontrol.EvalPermission(ActionDatasourcesCreate),
accesscontrol.EvalPermission(ActionDatasourcesDelete),
@ -266,14 +266,14 @@ var dataSourcesConfigurationAccessEvaluator = accesscontrol.EvalAll(
// dataSourcesNewAccessEvaluator is used to protect the "Configure > Data sources > New" page access
var dataSourcesNewAccessEvaluator = accesscontrol.EvalAll(
accesscontrol.EvalPermission(ActionDatasourcesRead, ScopeDatasourcesAll),
accesscontrol.EvalPermission(ActionDatasourcesRead),
accesscontrol.EvalPermission(ActionDatasourcesCreate),
accesscontrol.EvalPermission(ActionDatasourcesWrite),
)
// dataSourcesEditAccessEvaluator is used to protect the "Configure > Data sources > Edit" page access
var dataSourcesEditAccessEvaluator = accesscontrol.EvalAll(
accesscontrol.EvalPermission(ActionDatasourcesRead, ScopeDatasourcesAll),
accesscontrol.EvalPermission(ActionDatasourcesRead),
accesscontrol.EvalPermission(ActionDatasourcesWrite),
)

2
public/app/features/datasources/state/navModel.ts
View File

@ -39,7 +39,7 @@ export function buildNavModel(dataSource: DataSourceSettings, plugin: GenericDat
}
}
if (pluginMeta.includes && hasDashboards(pluginMeta.includes)) {
if (pluginMeta.includes && hasDashboards(pluginMeta.includes) && contextSrv.hasRole('Admin')) {
navModel.children!.push({
active: false,
icon: 'apps',