root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 254 Packages Projects Releases Wiki Activity

[release-11.4.3] Service Accounts: Do not show error pop-ups for Service Account and Renderer UI flows (#101790) 

* Service Accounts: Don't show error pop-ups for Service Account and Renderer UI flows (#101679)

don't show error pop-ups for SAs and renderer

(cherry picked from commit f0d260ba5b)

* Service Accounts: Don't show error pop-ups for Service Account and Renderer UI flows (#101776)

* don't show error pop-ups for SAs and renderer

* only hide non 4xx error pop'ups

* linting

(cherry picked from commit 392124de00)
This commit is contained in:
Ieva 2025-03-07 15:09:10 +00:00 committed by GitHub
parent 2b9a49a63e
commit 3d185ab56c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 22 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
pkg/api/user.go
View File

@ -150,7 +150,7 @@ func (hs *HTTPServer) UpdateSignedInUser(c *contextmodel.ReqContext) response.Re
cmd.Email = strings.TrimSpace(cmd.Email) cmd.Email = strings.TrimSpace(cmd.Email)
cmd.Login = strings.TrimSpace(cmd.Login) cmd.Login = strings.TrimSpace(cmd.Login)
userID, errResponse := getUserID(c) userID, errResponse := hs.getUserID(c)
if errResponse != nil { if errResponse != nil {
return errResponse return errResponse
} }
@ -350,7 +350,7 @@ func (hs *HTTPServer) UpdateUserEmail(c *contextmodel.ReqContext) response.Respo
// 403: forbiddenError // 403: forbiddenError
// 500: internalServerError // 500: internalServerError
func (hs *HTTPServer) GetSignedInUserOrgList(c *contextmodel.ReqContext) response.Response { func (hs *HTTPServer) GetSignedInUserOrgList(c *contextmodel.ReqContext) response.Response {
userID, errResponse := getUserID(c) userID, errResponse := hs.getUserID(c)
if errResponse != nil { if errResponse != nil {
return errResponse return errResponse
} }
@ -370,7 +370,7 @@ func (hs *HTTPServer) GetSignedInUserOrgList(c *contextmodel.ReqContext) respons
// 403: forbiddenError // 403: forbiddenError
// 500: internalServerError // 500: internalServerError
func (hs *HTTPServer) GetSignedInUserTeamList(c *contextmodel.ReqContext) response.Response { func (hs *HTTPServer) GetSignedInUserTeamList(c *contextmodel.ReqContext) response.Response {
userID, errResponse := getUserID(c) userID, errResponse := hs.getUserID(c)
if errResponse != nil { if errResponse != nil {
return errResponse return errResponse
} }
@ -480,7 +480,7 @@ func (hs *HTTPServer) UserSetUsingOrg(c *contextmodel.ReqContext) response.Respo
return response.Error(http.StatusBadRequest, "id is invalid", err) return response.Error(http.StatusBadRequest, "id is invalid", err)
} }
userID, errResponse := getUserID(c) userID, errResponse := hs.getUserID(c)
if errResponse != nil { if errResponse != nil {
return errResponse return errResponse
} }
@ -505,7 +505,8 @@ func (hs *HTTPServer) ChangeActiveOrgAndRedirectToHome(c *contextmodel.ReqContex
} }
if !c.SignedInUser.IsIdentityType(claims.TypeUser) { if !c.SignedInUser.IsIdentityType(claims.TypeUser) {
c.JsonApiErr(http.StatusForbidden, "Endpoint only available for users", nil) hs.log.Debug("Requested endpoint only available to users")
c.JsonApiErr(http.StatusNotModified, "Endpoint only available for users", nil)
return return
} }
@ -549,7 +550,7 @@ func (hs *HTTPServer) ChangeUserPassword(c *contextmodel.ReqContext) response.Re
return response.Error(http.StatusBadRequest, "bad request data", err) return response.Error(http.StatusBadRequest, "bad request data", err)
} }
userID, errResponse := getUserID(c) userID, errResponse := hs.getUserID(c)
if errResponse != nil { if errResponse != nil {
return errResponse return errResponse
} }
@ -585,7 +586,7 @@ func (hs *HTTPServer) SetHelpFlag(c *contextmodel.ReqContext) response.Response
return response.Error(http.StatusBadRequest, "id is invalid", err) return response.Error(http.StatusBadRequest, "id is invalid", err)
} }
userID, errResponse := getUserID(c) userID, errResponse := hs.getUserID(c)
if errResponse != nil { if errResponse != nil {
return errResponse return errResponse
} }
@ -615,7 +616,7 @@ func (hs *HTTPServer) SetHelpFlag(c *contextmodel.ReqContext) response.Response
// 403: forbiddenError // 403: forbiddenError
// 500: internalServerError // 500: internalServerError
func (hs *HTTPServer) ClearHelpFlags(c *contextmodel.ReqContext) response.Response { func (hs *HTTPServer) ClearHelpFlags(c *contextmodel.ReqContext) response.Response {
userID, errResponse := getUserID(c) userID, errResponse := hs.getUserID(c)
if errResponse != nil { if errResponse != nil {
return errResponse return errResponse
} }
@ -628,9 +629,10 @@ func (hs *HTTPServer) ClearHelpFlags(c *contextmodel.ReqContext) response.Respon
return response.JSON(http.StatusOK, &util.DynMap{"message": "Help flag set", "helpFlags1": flags}) return response.JSON(http.StatusOK, &util.DynMap{"message": "Help flag set", "helpFlags1": flags})
} }
func getUserID(c *contextmodel.ReqContext) (int64, *response.NormalResponse) { func (hs *HTTPServer) getUserID(c *contextmodel.ReqContext) (int64, *response.NormalResponse) {
if !c.SignedInUser.IsIdentityType(claims.TypeUser) { if !c.SignedInUser.IsIdentityType(claims.TypeUser) {
return 0, response.Error(http.StatusForbidden, "Endpoint only available for users", nil) hs.log.Debug("Requested endpoint only available to users")
return 0, response.Error(http.StatusNotModified, "Endpoint only available for users", nil)
} }
userID, err := c.SignedInUser.GetInternalID() userID, err := c.SignedInUser.GetInternalID()

10
public/app/core/services/backend_srv.ts
View File

@ -269,6 +269,16 @@ export class BackendSrv implements BackendService {
} }
showErrorAlert(config: BackendSrvRequest, err: FetchError) { showErrorAlert(config: BackendSrvRequest, err: FetchError) {
// do not show non-user error alerts for api keys or render tokens, they are used for kiosk mode and reporting and can't react to error pop-ups
if (
(err.status < 400 || err.status >= 500) &&
this.dependencies.contextSrv.isSignedIn &&
(this.dependencies.contextSrv.user.authenticatedBy === 'apikey' ||
this.dependencies.contextSrv.user.authenticatedBy === 'render')
) {
return;
}
if (config.showErrorAlert === false) { if (config.showErrorAlert === false) {
return; return;
} }