apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: Ensure we check the user identity for search (#100190)

Browse Source 
Ensure we check the user identity for search
pull/100035/head^2
Georges Chaudy 4 months ago committed by GitHub
parent c43517d278
commit 6e748a9ee7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 5
      pkg/registry/apis/dashboard/authorizer.go

5
pkg/registry/apis/dashboard/authorizer.go
Unescape View File

@ -16,7 +16,7 @@ func GetAuthorizer(dashboardService dashboards.DashboardService, l log.Logger) a
return authorizer.AuthorizerFunc( return authorizer.AuthorizerFunc(
func(ctx context.Context, attr authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) { func(ctx context.Context, attr authorizer.Attributes) (authorized authorizer.Decision, reason string, err error) {
// Use the standard authorizer // Use the standard authorizer
if !attr.IsResourceRequest() || attr.GetResource() == "search" { if !attr.IsResourceRequest() {
return authorizer.DecisionNoOpinion, "", nil return authorizer.DecisionNoOpinion, "", nil
} }
@ -25,7 +25,8 @@ func GetAuthorizer(dashboardService dashboards.DashboardService, l log.Logger) a
return authorizer.DecisionDeny, "", err return authorizer.DecisionDeny, "", err
} }
if attr.GetName() == "" { // Allow search and list requests
if attr.GetResource() == "search" || attr.GetName() == "" {
return authorizer.DecisionNoOpinion, "", nil return authorizer.DecisionNoOpinion, "", nil
} }

Write Preview
Loading…
Cancel
Save