2015-02-12 22:46:14 +08:00
package api
import (
2021-06-14 23:36:48 +08:00
"context"
"net/http"
2021-01-15 21:43:20 +08:00
"github.com/grafana/grafana/pkg/api/response"
2020-03-04 19:57:20 +08:00
"github.com/grafana/grafana/pkg/models"
2021-08-24 17:36:28 +08:00
ac "github.com/grafana/grafana/pkg/services/accesscontrol"
2021-06-14 23:36:48 +08:00
"github.com/grafana/grafana/pkg/setting"
2015-02-12 22:46:14 +08:00
)
2022-07-27 21:54:37 +08:00
// swagger:route GET /admin/settings admin adminGetSettings
//
// Fetch settings.
//
// If you are running Grafana Enterprise and have Fine-grained access control enabled, you need to have a permission with action `settings:read` and scopes: `settings:*`, `settings:auth.saml:` and `settings:auth.saml:enabled` (property level).
//
// Security:
// - basic:
//
// Responses:
// 200: adminGetSettingsResponse
// 401: unauthorisedError
// 403: forbiddenError
2021-06-14 23:36:48 +08:00
func ( hs * HTTPServer ) AdminGetSettings ( c * models . ReqContext ) response . Response {
settings , err := hs . getAuthorizedSettings ( c . Req . Context ( ) , c . SignedInUser , hs . SettingsProvider . Current ( ) )
if err != nil {
return response . Error ( http . StatusForbidden , "Failed to authorize settings" , err )
}
return response . JSON ( http . StatusOK , settings )
2015-02-12 22:46:14 +08:00
}
2016-01-25 03:01:33 +08:00
2022-07-27 21:54:37 +08:00
// swagger:route GET /admin/stats admin adminGetStats
//
// Fetch Grafana Stats.
//
// Only works with Basic Authentication (username and password). See introduction for an explanation.
// If you are running Grafana Enterprise and have Fine-grained access control enabled, you need to have a permission with action `server:stats:read`.
//
// Responses:
// 200: adminGetStatsResponse
// 401: unauthorisedError
// 403: forbiddenError
// 500: internalServerError
2022-02-05 00:53:58 +08:00
func ( hs * HTTPServer ) AdminGetStats ( c * models . ReqContext ) response . Response {
2020-03-04 19:57:20 +08:00
statsQuery := models . GetAdminStatsQuery { }
2016-01-25 03:01:33 +08:00
2022-02-05 00:53:58 +08:00
if err := hs . SQLStore . GetAdminStats ( c . Req . Context ( ) , & statsQuery ) ; err != nil {
2021-01-15 21:43:20 +08:00
return response . Error ( 500 , "Failed to get admin stats from database" , err )
2016-01-25 13:18:17 +08:00
}
2022-04-15 20:01:58 +08:00
return response . JSON ( http . StatusOK , statsQuery . Result )
2016-01-25 03:01:33 +08:00
}
2021-06-14 23:36:48 +08:00
func ( hs * HTTPServer ) getAuthorizedSettings ( ctx context . Context , user * models . SignedInUser , bag setting . SettingsBag ) ( setting . SettingsBag , error ) {
if hs . AccessControl . IsDisabled ( ) {
return bag , nil
}
2021-08-24 17:36:28 +08:00
eval := func ( scope string ) ( bool , error ) {
return hs . AccessControl . Evaluate ( ctx , user , ac . EvalPermission ( ac . ActionSettingsRead , scope ) )
2021-06-14 23:36:48 +08:00
}
2021-08-24 17:36:28 +08:00
ok , err := eval ( ac . ScopeSettingsAll )
2021-06-14 23:36:48 +08:00
if err != nil {
return nil , err
}
if ok {
return bag , nil
}
authorizedBag := make ( setting . SettingsBag )
for section , keys := range bag {
2021-08-24 17:36:28 +08:00
ok , err := eval ( ac . Scope ( "settings" , section , "*" ) )
2021-06-14 23:36:48 +08:00
if err != nil {
return nil , err
}
if ok {
authorizedBag [ section ] = keys
continue
}
for key := range keys {
2021-08-24 17:36:28 +08:00
ok , err := eval ( ac . Scope ( "settings" , section , key ) )
2021-06-14 23:36:48 +08:00
if err != nil {
return nil , err
}
if ok {
if _ , exists := authorizedBag [ section ] ; ! exists {
authorizedBag [ section ] = make ( map [ string ] string )
}
authorizedBag [ section ] [ key ] = bag [ section ] [ key ]
}
}
}
return authorizedBag , nil
}
2022-07-27 21:54:37 +08:00
// swagger:response adminGetSettingsResponse
type GetSettingsResponse struct {
// in:body
Body setting . SettingsBag ` json:"body" `
}
// swagger:response adminGetStatsResponse
type GetStatsResponse struct {
// in:body
Body models . AdminStats ` json:"body" `
}
