opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-30 07:42:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

teams: editors can work with teams.

Browse Source
This commit is contained in:
Leonard Gram
2019-03-06 10:27:38 +01:00
parent efbd93f824
commit 22e098b830
3 changed files with 22 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/api/api.go
View File

@ -14,6 +14,7 @@ func (hs *HTTPServer) registerRoutes() {
reqGrafanaAdmin := middleware.ReqGrafanaAdmin reqGrafanaAdmin := middleware.ReqGrafanaAdmin
reqEditorRole := middleware.ReqEditorRole reqEditorRole := middleware.ReqEditorRole
reqOrgAdmin := middleware.ReqOrgAdmin reqOrgAdmin := middleware.ReqOrgAdmin
reqAdminOrEditorCanAdmin := middleware.EditorCanAdmin(hs.Cfg.EditorsCanOwn)
redirectFromLegacyDashboardURL := middleware.RedirectFromLegacyDashboardURL() redirectFromLegacyDashboardURL := middleware.RedirectFromLegacyDashboardURL()
redirectFromLegacyDashboardSoloURL := middleware.RedirectFromLegacyDashboardSoloURL() redirectFromLegacyDashboardSoloURL := middleware.RedirectFromLegacyDashboardSoloURL()
quota := middleware.Quota(hs.QuotaService) quota := middleware.Quota(hs.QuotaService)
@ -41,8 +42,8 @@ func (hs *HTTPServer) registerRoutes() {
r.Get("/org/users", reqOrgAdmin, hs.Index) r.Get("/org/users", reqOrgAdmin, hs.Index)
r.Get("/org/users/new", reqOrgAdmin, hs.Index) r.Get("/org/users/new", reqOrgAdmin, hs.Index)
r.Get("/org/users/invite", reqOrgAdmin, hs.Index) r.Get("/org/users/invite", reqOrgAdmin, hs.Index)
r.Get("/org/teams", reqOrgAdmin, hs.Index) r.Get("/org/teams", reqAdminOrEditorCanAdmin, hs.Index)
r.Get("/org/teams/*", reqOrgAdmin, hs.Index) r.Get("/org/teams/*", reqAdminOrEditorCanAdmin, hs.Index)
r.Get("/org/apikeys/", reqOrgAdmin, hs.Index) r.Get("/org/apikeys/", reqOrgAdmin, hs.Index)
r.Get("/dashboard/import/", reqSignedIn, hs.Index) r.Get("/dashboard/import/", reqSignedIn, hs.Index)
r.Get("/configuration", reqGrafanaAdmin, hs.Index) r.Get("/configuration", reqGrafanaAdmin, hs.Index)
@ -161,7 +162,7 @@ func (hs *HTTPServer) registerRoutes() {
teamsRoute.Delete("/:teamId/members/:userId", Wrap(RemoveTeamMember)) teamsRoute.Delete("/:teamId/members/:userId", Wrap(RemoveTeamMember))
teamsRoute.Get("/:teamId/preferences", Wrap(GetTeamPreferences)) teamsRoute.Get("/:teamId/preferences", Wrap(GetTeamPreferences))
teamsRoute.Put("/:teamId/preferences", bind(dtos.UpdatePrefsCmd{}), Wrap(UpdateTeamPreferences)) teamsRoute.Put("/:teamId/preferences", bind(dtos.UpdatePrefsCmd{}), Wrap(UpdateTeamPreferences))
}, reqOrgAdmin) }, reqAdminOrEditorCanAdmin)
// team without requirement of user to be org admin // team without requirement of user to be org admin
apiRoute.Group("/teams", func(teamsRoute routing.RouteRegister) { apiRoute.Group("/teams", func(teamsRoute routing.RouteRegister) {

17
pkg/middleware/auth.go
View File

@ -86,3 +86,20 @@ func Auth(options *AuthOptions) macaron.Handler {
} }
} }
} }
func EditorCanAdmin(enabled bool) macaron.Handler {
return func(c *m.ReqContext) {
ok := false
if c.OrgRole == m.ROLE_ADMIN {
ok = true
}
if c.OrgRole == m.ROLE_EDITOR && enabled {
ok = true
}
if !ok {
accessForbidden(c)
}
}
}

2
public/app/routes/routes.ts
View File

@ -207,7 +207,7 @@ export function setupAngularRoutes($routeProvider, $locationProvider) {
.when('/org/teams/edit/:id/:page?', { .when('/org/teams/edit/:id/:page?', {
template: '<react-container />', template: '<react-container />',
resolve: { resolve: {
roles: () => ['Admin'], roles: () => (config.editorsCanOwn ? ['Editor', 'Admin'] : ['Admin']),
component: () => TeamPages, component: () => TeamPages,
}, },
}) })