Beispiel #1
0
// Check if user is authorized to perform request.
func authorizeRequest(r *http.Request, user auth.User) error {
	// Now that we have a user authorize the request
	rp, err := requiredPrivilegeForHTTPMethod(r.Method)
	if err != nil {
		return err
	}
	action := auth.Action{
		Resource:  auth.APIResource(strings.TrimPrefix(r.URL.Path, BasePath)),
		Privilege: rp,
	}
	return user.AuthorizeAction(action)
}
Beispiel #2
0
// serveWriteLine receives incoming series data in line protocol format and writes it to the database.
func (h *Handler) serveWriteLine(w http.ResponseWriter, r *http.Request, body []byte, user auth.User) {
	precision := r.FormValue("precision")
	if precision == "" {
		precision = "n"
	}

	points, err := models.ParsePointsWithPrecision(body, time.Now().UTC(), precision)
	if err != nil {
		if err.Error() == "EOF" {
			w.WriteHeader(http.StatusOK)
			return
		}
		h.writeError(w, influxql.Result{Err: err}, http.StatusBadRequest)
		return
	}

	database := r.FormValue("db")
	if database == "" {
		h.writeError(w, influxql.Result{Err: fmt.Errorf("database is required")}, http.StatusBadRequest)
		return
	}

	action := auth.Action{
		Resource:  auth.DatabaseResource(database),
		Privilege: auth.WritePrivilege,
	}
	if err := user.AuthorizeAction(action); err != nil {
		h.writeError(w, influxql.Result{Err: fmt.Errorf("%q user is not authorized to write to database %q", user.Name(), database)}, http.StatusUnauthorized)
		return
	}

	// Write points.
	if err := h.PointsWriter.WritePoints(
		database,
		r.FormValue("rp"),
		models.ConsistencyLevelAll,
		points,
	); influxdb.IsClientError(err) {
		h.statMap.Add(statPointsWrittenFail, int64(len(points)))
		h.writeError(w, influxql.Result{Err: err}, http.StatusBadRequest)
		return
	} else if err != nil {
		h.statMap.Add(statPointsWrittenFail, int64(len(points)))
		h.writeError(w, influxql.Result{Err: err}, http.StatusInternalServerError)
		return
	}

	h.statMap.Add(statPointsWrittenOK, int64(len(points)))
	w.WriteHeader(http.StatusNoContent)
}
Beispiel #3
0
// Check if user is authorized to perform request.
func authorizeRequest(r *http.Request, user auth.User) error {
	// Now that we have a user authorize the request
	rp, err := requiredPrivilegeForHTTPMethod(r.Method)
	if err != nil {
		return err
	}
	action := auth.Action{
		Resource:  auth.APIResource(strings.TrimPrefix(r.URL.Path, BasePath)),
		Privilege: rp,
	}
	err = user.AuthorizeAction(action)
	if err != nil {
		if mp, ok := err.(missingPrivilege); ok {
			return fmt.Errorf("user %s does not have \"%v\" privilege for API endpoint %q", user.Name(), mp.MissingPrivlege(), r.URL.Path)
		} else {
			return err
		}
	}
	return nil
}