opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-03 02:42:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Alerting: Fix fine-grained rule access control to use 403 for authorization error (#79239)

Browse Source 
* use 403 for authorization error
* update silences API
* add ForbiddenError to rule API responses
This commit is contained in:
Yuri Tseretyan
2023-12-07 13:43:58 -05:00
committed by GitHub
parent aa12c6c772
commit 2be7605794
17 changed files with 629 additions and 444 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/tests/api/alerting/api_backtesting_test.go
View File

@ -124,7 +124,7 @@ func TestBacktesting(t *testing.T) {
t.Run("fail if can't query data sources", func(t *testing.T) {
status, body := testUserApiCli.SubmitRuleForBacktesting(t, queryRequest)
require.Contains(t, body, "user is not authorized to access rule group")
require.Equalf(t, http.StatusUnauthorized, status, "Response: %s", body)
require.Equalf(t, http.StatusForbidden, status, "Response: %s", body)
})
})
}