opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-02 22:24:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

Snapshots: Disallow anonymous user to create snapshots (#31263)

Browse Source
This commit is contained in:
Marcus Efraimsson
2021-02-17 09:51:50 +01:00
committed by GitHub
parent b5cbbc3db1
commit 8f20b13f1c
3 changed files with 26 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
pkg/middleware/auth_test.go
View File

@ -87,11 +87,22 @@ func TestMiddlewareAuth(t *testing.T) {
middlewareScenario(t, "Snapshot public mode disabled and unauthenticated request should return 401", func(
t *testing.T, sc *scenarioContext) {
sc.m.Get("/api/snapshot", SnapshotPublicModeOrSignedIn(sc.cfg), sc.defaultHandler)
sc.m.Get("/api/snapshot", func(c *models.ReqContext) {
c.IsSignedIn = false
}, SnapshotPublicModeOrSignedIn(sc.cfg), sc.defaultHandler)
sc.fakeReq("GET", "/api/snapshot").exec()
assert.Equal(t, 401, sc.resp.Code)
})
middlewareScenario(t, "Snapshot public mode disabled and authenticated request should return 200", func(
t *testing.T, sc *scenarioContext) {
sc.m.Get("/api/snapshot", func(c *models.ReqContext) {
c.IsSignedIn = true
}, SnapshotPublicModeOrSignedIn(sc.cfg), sc.defaultHandler)
sc.fakeReq("GET", "/api/snapshot").exec()
assert.Equal(t, 200, sc.resp.Code)
})
middlewareScenario(t, "Snapshot public mode enabled and unauthenticated request should return 200", func(
t *testing.T, sc *scenarioContext) {
sc.cfg.SnapshotPublicMode = true