opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-09-25 09:44:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Plugins Catalog: Only allow admins to access plugins catalog (#57101)

Browse Source 
* feat(plugins-catalog): only allow admins to access plugins catalog routes

* add backend check

* fix(plugins-catalog): update route role access to include server admins

Co-authored-by: Will Browne <will.browne@grafana.com>
This commit is contained in:
Jack Westbrook
2022-11-30 09:41:28 +01:00
committed by GitHub
parent c72322874d
commit 207b2993b2
3 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/api/api.go
View File

@ -117,10 +117,10 @@ func (hs *HTTPServer) registerRoutes() {
r.Get("/live/pipeline", reqGrafanaAdmin, hs.Index)
r.Get("/live/cloud", reqGrafanaAdmin, hs.Index)
r.Get("/plugins", reqSignedIn, hs.Index)
r.Get("/plugins/:id/", reqSignedIn, hs.Index)
r.Get("/plugins/:id/edit", reqSignedIn, hs.Index) // deprecated
r.Get("/plugins/:id/page/:page", reqSignedIn, hs.Index)
r.Get("/plugins", middleware.CanAdminPlugins(hs.Cfg), hs.Index)
r.Get("/plugins/:id/", middleware.CanAdminPlugins(hs.Cfg), hs.Index)
r.Get("/plugins/:id/edit", middleware.CanAdminPlugins(hs.Cfg), hs.Index) // deprecated
r.Get("/plugins/:id/page/:page", middleware.CanAdminPlugins(hs.Cfg), hs.Index)
// App Root Page
appPluginIDScope := plugins.ScopeProvider.GetResourceScope(ac.Parameter(":id"))
r.Get("/a/:id/*", authorize(reqSignedIn, ac.EvalPermission(plugins.ActionAppAccess, appPluginIDScope)), hs.Index)