Ejemplo n.º 1
0
func init() {
	bus.AddHandler("sql", SaveDashboard)
	bus.AddHandler("sql", GetDashboard)
	bus.AddHandler("sql", DeleteDashboard)
	bus.AddHandler("sql", SearchDashboards)
	bus.AddHandler("sql", GetDashboardTags)
}
Ejemplo n.º 2
0
func ldapAutherScenario(desc string, fn scenarioFunc) {
	Convey(desc, func() {
		defer bus.ClearBusHandlers()

		sc := &scenarioContext{}

		bus.AddHandler("test", func(cmd *m.CreateUserCommand) error {
			sc.createUserCmd = cmd
			sc.createUserCmd.Result = m.User{Login: cmd.Login}
			return nil
		})

		bus.AddHandler("test", func(cmd *m.AddOrgUserCommand) error {
			sc.addOrgUserCmd = cmd
			return nil
		})

		bus.AddHandler("test", func(cmd *m.UpdateOrgUserCommand) error {
			sc.updateOrgUserCmd = cmd
			return nil
		})

		bus.AddHandler("test", func(cmd *m.RemoveOrgUserCommand) error {
			sc.removeOrgUserCmd = cmd
			return nil
		})

		fn(sc)
	})
}
Ejemplo n.º 3
0
func Init() error {
	initMailQueue()

	bus.AddHandler("email", sendResetPasswordEmail)
	bus.AddHandler("email", validateResetPasswordCode)
	bus.AddHandler("email", sendEmailCommandHandler)

	bus.AddEventListener(signUpStartedHandler)
	bus.AddEventListener(signUpCompletedHandler)

	mailTemplates = template.New("name")
	mailTemplates.Funcs(template.FuncMap{
		"Subject": subjectTemplateFunc,
	})

	templatePattern := filepath.Join(setting.StaticRootPath, setting.Smtp.TemplatesPattern)
	_, err := mailTemplates.ParseGlob(templatePattern)
	if err != nil {
		return err
	}

	if !util.IsEmail(setting.Smtp.FromAddress) {
		return errors.New("Invalid email address for smpt from_adress config")
	}

	if setting.EmailCodeValidMinutes == 0 {
		setting.EmailCodeValidMinutes = 120
	}

	return nil
}
Ejemplo n.º 4
0
func init() {
	bus.AddHandler("sql", GetApiKeys)
	bus.AddHandler("sql", GetApiKeyById)
	bus.AddHandler("sql", GetApiKeyByName)
	bus.AddHandler("sql", DeleteApiKey)
	bus.AddHandler("sql", AddApiKey)
}
Ejemplo n.º 5
0
func TestSearch(t *testing.T) {

	Convey("Given search query", t, func() {
		jsonDashIndex = NewJsonDashIndex("../../../public/dashboards/")
		query := Query{Limit: 2000}

		bus.AddHandler("test", func(query *FindPersistedDashboardsQuery) error {
			query.Result = HitList{
				&Hit{Id: 16, Title: "CCAA", Tags: []string{"BB", "AA"}},
				&Hit{Id: 10, Title: "AABB", Tags: []string{"CC", "AA"}},
				&Hit{Id: 15, Title: "BBAA", Tags: []string{"EE", "AA", "BB"}},
			}
			return nil
		})

		bus.AddHandler("test", func(query *m.GetUserStarsQuery) error {
			query.Result = map[int64]bool{10: true, 12: true}
			return nil
		})

		Convey("That is empty", func() {
			err := searchHandler(&query)
			So(err, ShouldBeNil)

			Convey("should return sorted results", func() {
				So(query.Result[0].Title, ShouldEqual, "AABB")
				So(query.Result[1].Title, ShouldEqual, "BBAA")
				So(query.Result[2].Title, ShouldEqual, "CCAA")
			})

			Convey("should return sorted tags", func() {
				So(query.Result[1].Tags[0], ShouldEqual, "AA")
				So(query.Result[1].Tags[1], ShouldEqual, "BB")
				So(query.Result[1].Tags[2], ShouldEqual, "EE")
			})
		})

		Convey("That filters by tag", func() {
			query.Tags = []string{"BB", "AA"}
			err := searchHandler(&query)
			So(err, ShouldBeNil)

			Convey("should return correct results", func() {
				So(len(query.Result), ShouldEqual, 2)
				So(query.Result[0].Title, ShouldEqual, "BBAA")
				So(query.Result[1].Title, ShouldEqual, "CCAA")
			})

		})
	})
}
Ejemplo n.º 6
0
func (sc *scenarioContext) userQueryReturns(user *m.User) {
	bus.AddHandler("test", func(query *m.GetUserByLoginQuery) error {
		if user == nil {
			return m.ErrUserNotFound
		} else {
			query.Result = user
			return nil
		}
	})
}
Ejemplo n.º 7
0
func init() {
	bus.AddHandler("sql", GetOrgQuotaByTarget)
	bus.AddHandler("sql", GetOrgQuotas)
	bus.AddHandler("sql", UpdateOrgQuota)
	bus.AddHandler("sql", GetUserQuotaByTarget)
	bus.AddHandler("sql", GetUserQuotas)
	bus.AddHandler("sql", UpdateUserQuota)
	bus.AddHandler("sql", GetGlobalQuotaByTarget)
}
Ejemplo n.º 8
0
func init() {
	bus.AddHandler("sql", GetOrgById)
	bus.AddHandler("sql", CreateOrg)
	bus.AddHandler("sql", UpdateOrg)
	bus.AddHandler("sql", UpdateOrgAddress)
	bus.AddHandler("sql", GetOrgByName)
	bus.AddHandler("sql", SearchOrgs)
	bus.AddHandler("sql", DeleteOrg)
}
Ejemplo n.º 9
0
func init() {
	bus.AddHandler("sql", GetDataSources)
	bus.AddHandler("sql", AddDataSource)
	bus.AddHandler("sql", DeleteDataSource)
	bus.AddHandler("sql", UpdateDataSource)
	bus.AddHandler("sql", GetDataSourceById)
	bus.AddHandler("sql", GetDataSourceByName)
}
Ejemplo n.º 10
0
func Init() {
	bus.AddHandler("search", searchHandler)

	jsonIndexCfg, _ := setting.Cfg.GetSection("dashboards.json")

	if jsonIndexCfg == nil {
		log.Fatal("Config section missing: dashboards.json")
		return
	}

	jsonIndexEnabled := jsonIndexCfg.Key("enabled").MustBool(false)

	if jsonIndexEnabled {
		jsonFilesPath := jsonIndexCfg.Key("path").String()
		if !filepath.IsAbs(jsonFilesPath) {
			jsonFilesPath = filepath.Join(setting.HomePath, jsonFilesPath)
		}

		jsonDashIndex = NewJsonDashIndex(jsonFilesPath)
		go jsonDashIndex.updateLoop()
	}
}
Ejemplo n.º 11
0
func TestMiddlewareQuota(t *testing.T) {

	Convey("Given the grafana quota middleware", t, func() {
		getSessionCount = func() int {
			return 4
		}

		setting.AnonymousEnabled = false
		setting.Quota = setting.QuotaSettings{
			Enabled: true,
			Org: &setting.OrgQuota{
				User:       5,
				Dashboard:  5,
				DataSource: 5,
				ApiKey:     5,
			},
			User: &setting.UserQuota{
				Org: 5,
			},
			Global: &setting.GlobalQuota{
				Org:        5,
				User:       5,
				Dashboard:  5,
				DataSource: 5,
				ApiKey:     5,
				Session:    5,
			},
		}

		middlewareScenario("with user not logged in", func(sc *scenarioContext) {
			bus.AddHandler("globalQuota", func(query *m.GetGlobalQuotaByTargetQuery) error {
				query.Result = &m.GlobalQuotaDTO{
					Target: query.Target,
					Limit:  query.Default,
					Used:   4,
				}
				return nil
			})
			Convey("global quota not reached", func() {
				sc.m.Get("/user", Quota("user"), sc.defaultHandler)
				sc.fakeReq("GET", "/user").exec()
				So(sc.resp.Code, ShouldEqual, 200)
			})
			Convey("global quota reached", func() {
				setting.Quota.Global.User = 4
				sc.m.Get("/user", Quota("user"), sc.defaultHandler)
				sc.fakeReq("GET", "/user").exec()
				So(sc.resp.Code, ShouldEqual, 403)
			})
			Convey("global session quota not reached", func() {
				setting.Quota.Global.Session = 10
				sc.m.Get("/user", Quota("session"), sc.defaultHandler)
				sc.fakeReq("GET", "/user").exec()
				So(sc.resp.Code, ShouldEqual, 200)
			})
			Convey("global session quota reached", func() {
				setting.Quota.Global.Session = 1
				sc.m.Get("/user", Quota("session"), sc.defaultHandler)
				sc.fakeReq("GET", "/user").exec()
				So(sc.resp.Code, ShouldEqual, 403)
			})
		})

		middlewareScenario("with user logged in", func(sc *scenarioContext) {
			// log us in, so we have a user_id and org_id in the context
			sc.fakeReq("GET", "/").handler(func(c *Context) {
				c.Session.Set(SESS_KEY_USERID, int64(12))
			}).exec()

			bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
				query.Result = &m.SignedInUser{OrgId: 2, UserId: 12}
				return nil
			})
			bus.AddHandler("globalQuota", func(query *m.GetGlobalQuotaByTargetQuery) error {
				query.Result = &m.GlobalQuotaDTO{
					Target: query.Target,
					Limit:  query.Default,
					Used:   4,
				}
				return nil
			})
			bus.AddHandler("userQuota", func(query *m.GetUserQuotaByTargetQuery) error {
				query.Result = &m.UserQuotaDTO{
					Target: query.Target,
					Limit:  query.Default,
					Used:   4,
				}
				return nil
			})
			bus.AddHandler("orgQuota", func(query *m.GetOrgQuotaByTargetQuery) error {
				query.Result = &m.OrgQuotaDTO{
					Target: query.Target,
					Limit:  query.Default,
					Used:   4,
				}
				return nil
			})
			Convey("global datasource quota reached", func() {
				setting.Quota.Global.DataSource = 4
				sc.m.Get("/ds", Quota("data_source"), sc.defaultHandler)
				sc.fakeReq("GET", "/ds").exec()
				So(sc.resp.Code, ShouldEqual, 403)
			})
			Convey("user Org quota not reached", func() {
				setting.Quota.User.Org = 5
				sc.m.Get("/org", Quota("org"), sc.defaultHandler)
				sc.fakeReq("GET", "/org").exec()
				So(sc.resp.Code, ShouldEqual, 200)
			})
			Convey("user Org quota reached", func() {
				setting.Quota.User.Org = 4
				sc.m.Get("/org", Quota("org"), sc.defaultHandler)
				sc.fakeReq("GET", "/org").exec()
				So(sc.resp.Code, ShouldEqual, 403)
			})
			Convey("org dashboard quota not reached", func() {
				setting.Quota.Org.Dashboard = 10
				sc.m.Get("/dashboard", Quota("dashboard"), sc.defaultHandler)
				sc.fakeReq("GET", "/dashboard").exec()
				So(sc.resp.Code, ShouldEqual, 200)
			})
			Convey("org dashboard quota reached", func() {
				setting.Quota.Org.Dashboard = 4
				sc.m.Get("/dashboard", Quota("dashboard"), sc.defaultHandler)
				sc.fakeReq("GET", "/dashboard").exec()
				So(sc.resp.Code, ShouldEqual, 403)
			})
			Convey("org dashboard quota reached but quotas disabled", func() {
				setting.Quota.Org.Dashboard = 4
				setting.Quota.Enabled = false
				sc.m.Get("/dashboard", Quota("dashboard"), sc.defaultHandler)
				sc.fakeReq("GET", "/dashboard").exec()
				So(sc.resp.Code, ShouldEqual, 200)
			})

		})

	})
}
Ejemplo n.º 12
0
func (sc *scenarioContext) userOrgsQueryReturns(orgs []*m.UserOrgDTO) {
	bus.AddHandler("test", func(query *m.GetUserOrgListQuery) error {
		query.Result = orgs
		return nil
	})
}
Ejemplo n.º 13
0
func init() {
	bus.AddHandler("sql", CreateTempUser)
	bus.AddHandler("sql", GetTempUsersQuery)
	bus.AddHandler("sql", UpdateTempUserStatus)
	bus.AddHandler("sql", GetTempUserByCode)
}
Ejemplo n.º 14
0
func init() {
	bus.AddHandler("sql", CreateUser)
	bus.AddHandler("sql", GetUserById)
	bus.AddHandler("sql", UpdateUser)
	bus.AddHandler("sql", ChangeUserPassword)
	bus.AddHandler("sql", GetUserByLogin)
	bus.AddHandler("sql", SetUsingOrg)
	bus.AddHandler("sql", GetUserProfile)
	bus.AddHandler("sql", GetSignedInUser)
	bus.AddHandler("sql", SearchUsers)
	bus.AddHandler("sql", GetUserOrgList)
	bus.AddHandler("sql", DeleteUser)
	bus.AddHandler("sql", SetUsingOrg)
	bus.AddHandler("sql", UpdateUserPermissions)
}
Ejemplo n.º 15
0
func init() {
	bus.AddHandler("sql", CreateDashboardSnapshot)
	bus.AddHandler("sql", GetDashboardSnapshot)
	bus.AddHandler("sql", DeleteDashboardSnapshot)
}
Ejemplo n.º 16
0
func TestMiddlewareContext(t *testing.T) {

	Convey("Given the grafana middleware", t, func() {
		middlewareScenario("middleware should add context to injector", func(sc *scenarioContext) {
			sc.fakeReq("GET", "/").exec()
			So(sc.context, ShouldNotBeNil)
		})

		middlewareScenario("Default middleware should allow get request", func(sc *scenarioContext) {
			sc.fakeReq("GET", "/").exec()
			So(sc.resp.Code, ShouldEqual, 200)
		})

		middlewareScenario("Non api request should init session", func(sc *scenarioContext) {
			sc.fakeReq("GET", "/").exec()
			So(sc.resp.Header().Get("Set-Cookie"), ShouldContainSubstring, "grafana_sess")
		})

		middlewareScenario("Invalid api key", func(sc *scenarioContext) {
			sc.apiKey = "invalid_key_test"
			sc.fakeReq("GET", "/").exec()

			Convey("Should not init session", func() {
				So(sc.resp.Header().Get("Set-Cookie"), ShouldBeEmpty)
			})

			Convey("Should return 401", func() {
				So(sc.resp.Code, ShouldEqual, 401)
				So(sc.respJson["message"], ShouldEqual, "Invalid API key")
			})
		})

		middlewareScenario("Using basic auth", func(sc *scenarioContext) {

			bus.AddHandler("test", func(query *m.GetUserByLoginQuery) error {
				query.Result = &m.User{
					Password: util.EncodePassword("myPass", "salt"),
					Salt:     "salt",
				}
				return nil
			})

			bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
				query.Result = &m.SignedInUser{OrgId: 2, UserId: 12}
				return nil
			})

			setting.BasicAuthEnabled = true
			authHeader := util.GetBasicAuthHeader("myUser", "myPass")
			sc.fakeReq("GET", "/").withAuthoriziationHeader(authHeader).exec()

			Convey("Should init middleware context with user", func() {
				So(sc.context.IsSignedIn, ShouldEqual, true)
				So(sc.context.OrgId, ShouldEqual, 2)
				So(sc.context.UserId, ShouldEqual, 12)
			})
		})

		middlewareScenario("Valid api key", func(sc *scenarioContext) {
			keyhash := util.EncodePassword("v5nAwpMafFP6znaS4urhdWDLS5511M42", "asd")

			bus.AddHandler("test", func(query *m.GetApiKeyByNameQuery) error {
				query.Result = &m.ApiKey{OrgId: 12, Role: m.ROLE_EDITOR, Key: keyhash}
				return nil
			})

			sc.fakeReq("GET", "/").withValidApiKey().exec()

			Convey("Should return 200", func() {
				So(sc.resp.Code, ShouldEqual, 200)
			})

			Convey("Should init middleware context", func() {
				So(sc.context.IsSignedIn, ShouldEqual, true)
				So(sc.context.OrgId, ShouldEqual, 12)
				So(sc.context.OrgRole, ShouldEqual, m.ROLE_EDITOR)
			})
		})

		middlewareScenario("Valid api key, but does not match db hash", func(sc *scenarioContext) {
			keyhash := "something_not_matching"

			bus.AddHandler("test", func(query *m.GetApiKeyByNameQuery) error {
				query.Result = &m.ApiKey{OrgId: 12, Role: m.ROLE_EDITOR, Key: keyhash}
				return nil
			})

			sc.fakeReq("GET", "/").withValidApiKey().exec()

			Convey("Should return api key invalid", func() {
				So(sc.resp.Code, ShouldEqual, 401)
				So(sc.respJson["message"], ShouldEqual, "Invalid API key")
			})
		})

		middlewareScenario("UserId in session", func(sc *scenarioContext) {

			sc.fakeReq("GET", "/").handler(func(c *Context) {
				c.Session.Set(SESS_KEY_USERID, int64(12))
			}).exec()

			bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
				query.Result = &m.SignedInUser{OrgId: 2, UserId: 12}
				return nil
			})

			sc.fakeReq("GET", "/").exec()

			Convey("should init context with user info", func() {
				So(sc.context.IsSignedIn, ShouldBeTrue)
				So(sc.context.UserId, ShouldEqual, 12)
			})
		})

		middlewareScenario("When anonymous access is enabled", func(sc *scenarioContext) {
			setting.AnonymousEnabled = true
			setting.AnonymousOrgName = "test"
			setting.AnonymousOrgRole = string(m.ROLE_EDITOR)

			bus.AddHandler("test", func(query *m.GetOrgByNameQuery) error {
				So(query.Name, ShouldEqual, "test")

				query.Result = &m.Org{Id: 2, Name: "test"}
				return nil
			})

			sc.fakeReq("GET", "/").exec()

			Convey("should init context with org info", func() {
				So(sc.context.UserId, ShouldEqual, 0)
				So(sc.context.OrgId, ShouldEqual, 2)
				So(sc.context.OrgRole, ShouldEqual, m.ROLE_EDITOR)
			})

			Convey("context signed in should be false", func() {
				So(sc.context.IsSignedIn, ShouldBeFalse)
			})
		})

		middlewareScenario("When auth_proxy is enabled enabled and user exists", func(sc *scenarioContext) {
			setting.AuthProxyEnabled = true
			setting.AuthProxyHeaderName = "X-WEBAUTH-USER"
			setting.AuthProxyHeaderProperty = "username"

			bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
				query.Result = &m.SignedInUser{OrgId: 2, UserId: 12}
				return nil
			})

			sc.fakeReq("GET", "/")
			sc.req.Header.Add("X-WEBAUTH-USER", "torkelo")
			sc.exec()

			Convey("should init context with user info", func() {
				So(sc.context.IsSignedIn, ShouldBeTrue)
				So(sc.context.UserId, ShouldEqual, 12)
				So(sc.context.OrgId, ShouldEqual, 2)
			})
		})

		middlewareScenario("When auth_proxy is enabled enabled and user does not exists", func(sc *scenarioContext) {
			setting.AuthProxyEnabled = true
			setting.AuthProxyHeaderName = "X-WEBAUTH-USER"
			setting.AuthProxyHeaderProperty = "username"
			setting.AuthProxyAutoSignUp = true

			bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
				if query.UserId > 0 {
					query.Result = &m.SignedInUser{OrgId: 4, UserId: 33}
					return nil
				} else {
					return m.ErrUserNotFound
				}
			})

			var createUserCmd *m.CreateUserCommand
			bus.AddHandler("test", func(cmd *m.CreateUserCommand) error {
				createUserCmd = cmd
				cmd.Result = m.User{Id: 33}
				return nil
			})

			sc.fakeReq("GET", "/")
			sc.req.Header.Add("X-WEBAUTH-USER", "torkelo")
			sc.exec()

			Convey("Should create user if auto sign up is enabled", func() {
				So(sc.context.IsSignedIn, ShouldBeTrue)
				So(sc.context.UserId, ShouldEqual, 33)
				So(sc.context.OrgId, ShouldEqual, 4)

			})
		})

	})
}
Ejemplo n.º 17
0
func init() {
	bus.AddHandler("sql", AddOrgUser)
	bus.AddHandler("sql", RemoveOrgUser)
	bus.AddHandler("sql", GetOrgUsers)
	bus.AddHandler("sql", UpdateOrgUser)
}
Ejemplo n.º 18
0
func init() {
	bus.AddHandler("sql", GetSystemStats)
	bus.AddHandler("sql", GetDataSourceStats)
}
Ejemplo n.º 19
0
func init() {
	bus.AddHandler("sql", StarDashboard)
	bus.AddHandler("sql", UnstarDashboard)
	bus.AddHandler("sql", GetUserStars)
	bus.AddHandler("sql", IsStarredByUser)
}
Ejemplo n.º 20
0
func Init() {
	bus.AddHandler("auth", AuthenticateUser)
	loadLdapConfig()
}