// Check if user is authorized to perform request.
func authorizeRequest(r *http.Request, user auth.User) error {
// Now that we have a user authorize the request
rp, err := requiredPrivilegeForHTTPMethod(r.Method)
if err != nil {
return err
}
action := auth.Action{
Resource: auth.APIResource(strings.TrimPrefix(r.URL.Path, BasePath)),
Privilege: rp,
}
return user.AuthorizeAction(action)
}
// serveWriteLine receives incoming series data in line protocol format and writes it to the database.
func (h *Handler) serveWriteLine(w http.ResponseWriter, r *http.Request, body []byte, user auth.User) {
precision := r.FormValue("precision")
if precision == "" {
precision = "n"
}
points, err := models.ParsePointsWithPrecision(body, time.Now().UTC(), precision)
if err != nil {
if err.Error() == "EOF" {
w.WriteHeader(http.StatusOK)
return
}
h.writeError(w, influxql.Result{Err: err}, http.StatusBadRequest)
return
}
database := r.FormValue("db")
if database == "" {
h.writeError(w, influxql.Result{Err: fmt.Errorf("database is required")}, http.StatusBadRequest)
return
}
action := auth.Action{
Resource: auth.DatabaseResource(database),
Privilege: auth.WritePrivilege,
}
if err := user.AuthorizeAction(action); err != nil {
h.writeError(w, influxql.Result{Err: fmt.Errorf("%q user is not authorized to write to database %q", user.Name(), database)}, http.StatusUnauthorized)
return
}
// Write points.
if err := h.PointsWriter.WritePoints(
database,
r.FormValue("rp"),
models.ConsistencyLevelAll,
points,
); influxdb.IsClientError(err) {
h.statMap.Add(statPointsWrittenFail, int64(len(points)))
h.writeError(w, influxql.Result{Err: err}, http.StatusBadRequest)
return
} else if err != nil {
h.statMap.Add(statPointsWrittenFail, int64(len(points)))
h.writeError(w, influxql.Result{Err: err}, http.StatusInternalServerError)
return
}
h.statMap.Add(statPointsWrittenOK, int64(len(points)))
w.WriteHeader(http.StatusNoContent)
}
// Check if user is authorized to perform request.
func authorizeRequest(r *http.Request, user auth.User) error {
// Now that we have a user authorize the request
rp, err := requiredPrivilegeForHTTPMethod(r.Method)
if err != nil {
return err
}
action := auth.Action{
Resource: auth.APIResource(strings.TrimPrefix(r.URL.Path, BasePath)),
Privilege: rp,
}
err = user.AuthorizeAction(action)
if err != nil {
if mp, ok := err.(missingPrivilege); ok {
return fmt.Errorf("user %s does not have \"%v\" privilege for API endpoint %q", user.Name(), mp.MissingPrivlege(), r.URL.Path)
} else {
return err
}
}
return nil
}
