func GetDashboardSnapshot(c *middleware.Context) { key := c.Params(":key") query := &m.GetDashboardSnapshotQuery{Key: key} err := bus.Dispatch(query) if err != nil { c.JsonApiErr(500, "Failed to get dashboard snapshot", err) return } snapshot := query.Result // expired snapshots should also be removed from db if snapshot.Expires.Before(time.Now()) { c.JsonApiErr(404, "Dashboard snapshot not found", err) return } dto := dtos.DashboardFullWithMeta{ Dashboard: snapshot.Dashboard, Meta: dtos.DashboardMeta{ Type: m.DashTypeSnapshot, IsSnapshot: true, Created: snapshot.Created, Expires: snapshot.Expires, }, } metrics.M_Api_Dashboard_Snapshot_Get.Inc(1) c.Resp.Header().Set("Cache-Control", "public, max-age=3600") c.JSON(200, dto) }
func GetDashboard(c *middleware.Context) { metrics.M_Api_Dashboard_Get.Inc(1) slug := strings.ToLower(c.Params(":slug")) query := m.GetDashboardQuery{Slug: slug, OrgId: c.OrgId} err := bus.Dispatch(&query) if err != nil { c.JsonApiErr(404, "Dashboard not found", nil) return } isStarred, err := isDasboardStarredByUser(c, query.Result.Id) if err != nil { c.JsonApiErr(500, "Error while checking if dashboard was starred by user", err) return } dash := query.Result dto := dtos.DashboardFullWithMeta{ Dashboard: dash.Data, Meta: dtos.DashboardMeta{ IsStarred: isStarred, Slug: slug, Type: m.DashTypeDB, CanStar: c.IsSignedIn, CanSave: c.OrgRole == m.ROLE_ADMIN || c.OrgRole == m.ROLE_EDITOR, CanEdit: canEditDashboard(c.OrgRole), Created: dash.Created, Updated: dash.Updated, }, } c.JSON(200, dto) }
func RenderToPng(c *middleware.Context) { queryReader := util.NewUrlQueryReader(c.Req.URL) queryParams := fmt.Sprintf("?%s", c.Req.URL.RawQuery) sessionId := c.Session.ID() // Handle api calls authenticated without session if sessionId == "" && c.ApiKeyId != 0 { c.Session.Start(c) c.Session.Set(middleware.SESS_KEY_APIKEY, c.ApiKeyId) // release will make sure the new session is persisted before // we spin up phantomjs c.Session.Release() // cleanup session after render is complete defer func() { c.Session.Destory(c) }() } renderOpts := &renderer.RenderOpts{ Url: c.Params("*") + queryParams, Width: queryReader.Get("width", "800"), Height: queryReader.Get("height", "400"), SessionId: c.Session.ID(), } renderOpts.Url = setting.ToAbsUrl(renderOpts.Url) pngPath, err := renderer.RenderToPng(renderOpts) if err != nil { c.Handle(500, "Failed to render to png", err) return } c.Resp.Header().Set("Content-Type", "image/png") http.ServeFile(c.Resp, c.Req.Request, pngPath) }
func RevokeInvite(c *middleware.Context) Response { if ok, rsp := updateTempUserStatus(c.Params(":code"), m.TmpUserRevoked); !ok { return rsp } return ApiSuccess("Invite revoked") }
func DeleteDashboardSnapshot(c *middleware.Context) { key := c.Params(":key") cmd := &m.DeleteDashboardSnapshotCommand{DeleteKey: key} if err := bus.Dispatch(cmd); err != nil { c.JsonApiErr(500, "Failed to delete dashboard snapshot", err) return } c.JSON(200, util.DynMap{"message": "Snapshot deleted. It might take an hour before it's cleared from a CDN cache."}) }
func GetDashboardFromJsonFile(c *middleware.Context) { file := c.Params(":file") dashboard := search.GetDashboardFromJsonIndex(file) if dashboard == nil { c.JsonApiErr(404, "Dashboard not found", nil) return } dash := dtos.DashboardFullWithMeta{Dashboard: dashboard.Data} dash.Meta.Type = m.DashTypeJson dash.Meta.CanEdit = canEditDashboard(c.OrgRole) c.JSON(200, &dash) }
func UpdateUserQuota(c *middleware.Context, cmd m.UpdateUserQuotaCmd) Response { if !setting.Quota.Enabled { return ApiError(404, "Quotas not enabled", nil) } cmd.UserId = c.ParamsInt64(":id") cmd.Target = c.Params(":target") if _, ok := setting.Quota.User.ToMap()[cmd.Target]; !ok { return ApiError(404, "Invalid quota target", nil) } if err := bus.Dispatch(&cmd); err != nil { return ApiError(500, "Failed to update org quotas", err) } return ApiSuccess("Organization quota updated") }
func DeleteDashboard(c *middleware.Context) { slug := c.Params(":slug") query := m.GetDashboardQuery{Slug: slug, OrgId: c.OrgId} if err := bus.Dispatch(&query); err != nil { c.JsonApiErr(404, "Dashboard not found", nil) return } cmd := m.DeleteDashboardCommand{Slug: slug, OrgId: c.OrgId} if err := bus.Dispatch(&cmd); err != nil { c.JsonApiErr(500, "Failed to delete dashboard", err) return } var resp = map[string]interface{}{"title": query.Result.Title} c.JSON(200, resp) }
func GetInviteInfoByCode(c *middleware.Context) Response { query := m.GetTempUserByCodeQuery{Code: c.Params(":code")} if err := bus.Dispatch(&query); err != nil { if err == m.ErrTempUserNotFound { return ApiError(404, "Invite not found", nil) } return ApiError(500, "Failed to get invite", err) } invite := query.Result return Json(200, dtos.InviteInfo{ Email: invite.Email, Name: invite.Name, Username: invite.Email, InvitedBy: util.StringsFallback3(invite.InvitedByName, invite.InvitedByLogin, invite.InvitedByEmail), }) }
func ProxyDataSourceRequest(c *middleware.Context) { ds, err := getDatasource(c.ParamsInt64(":id"), c.OrgId) if err != nil { c.JsonApiErr(500, "Unable to load datasource meta data", err) return } targetUrl, _ := url.Parse(ds.Url) if len(setting.DataProxyWhiteList) > 0 { if _, exists := setting.DataProxyWhiteList[targetUrl.Host]; !exists { c.JsonApiErr(403, "Data proxy hostname and ip are not included in whitelist", nil) return } } if ds.Type == m.DS_CLOUDWATCH { cloudwatch.HandleRequest(c, ds) } else { proxyPath := c.Params("*") proxy := NewReverseProxy(ds, proxyPath, targetUrl) proxy.Transport = dataProxyTransport proxy.ServeHTTP(c.RW(), c.Req.Request) } }
func OAuthLogin(ctx *middleware.Context) { if setting.OAuthService == nil { ctx.Handle(404, "login.OAuthLogin(oauth service not enabled)", nil) return } name := ctx.Params(":name") connect, ok := social.SocialMap[name] if !ok { ctx.Handle(404, "login.OAuthLogin(social login not enabled)", errors.New(name)) return } code := ctx.Query("code") if code == "" { ctx.Redirect(connect.AuthCodeURL("", oauth2.AccessTypeOnline)) return } // handle call back token, err := connect.Exchange(oauth2.NoContext, code) if err != nil { ctx.Handle(500, "login.OAuthLogin(NewTransportWithCode)", err) return } log.Trace("login.OAuthLogin(Got token)") userInfo, err := connect.UserInfo(token) if err != nil { if err == social.ErrMissingTeamMembership { ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required Github team membership not fulfilled")) } else if err == social.ErrMissingOrganizationMembership { ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required Github organization membership not fulfilled")) } else { ctx.Handle(500, fmt.Sprintf("login.OAuthLogin(get info from %s)", name), err) } return } log.Trace("login.OAuthLogin(social login): %s", userInfo) // validate that the email is allowed to login to grafana if !connect.IsEmailAllowed(userInfo.Email) { log.Info("OAuth login attempt with unallowed email, %s", userInfo.Email) ctx.Redirect(setting.AppSubUrl + "/login?failedMsg=" + url.QueryEscape("Required email domain not fulfilled")) return } userQuery := m.GetUserByLoginQuery{LoginOrEmail: userInfo.Email} err = bus.Dispatch(&userQuery) // create account if missing if err == m.ErrUserNotFound { if !connect.IsSignupAllowed() { ctx.Redirect(setting.AppSubUrl + "/login") return } limitReached, err := middleware.QuotaReached(ctx, "user") if err != nil { ctx.Handle(500, "Failed to get user quota", err) return } if limitReached { ctx.Redirect(setting.AppSubUrl + "/login") return } cmd := m.CreateUserCommand{ Login: userInfo.Email, Email: userInfo.Email, Name: userInfo.Name, Company: userInfo.Company, } if err = bus.Dispatch(&cmd); err != nil { ctx.Handle(500, "Failed to create account", err) return } userQuery.Result = &cmd.Result } else if err != nil { ctx.Handle(500, "Unexpected error", err) } // login loginUserWithUser(userQuery.Result, ctx) metrics.M_Api_Login_OAuth.Inc(1) ctx.Redirect(setting.AppSubUrl + "/") }