mirror of
https://git.mirrors.martin98.com/https://github.com/SigNoz/signoz
synced 2025-07-29 05:32:02 +08:00
a9618886b9
* fix: support multitenancy in dashboards * fix: support multitenancy in saved views * fix: move migrations to provider file * fix: remove getUserFromClaims and use new errors * fix: remove getUserFromClaims and use new errors * fix: use new errors in dashboards.go * Update ee/query-service/app/api/dashboard.go Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com> * fix: minor changes --------- Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
82 lines
2.1 KiB
Go
82 lines
2.1 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/pkg/errors"
|
|
"go.signoz.io/signoz/pkg/query-service/constants"
|
|
"go.signoz.io/signoz/pkg/query-service/dao"
|
|
"go.signoz.io/signoz/pkg/types"
|
|
"go.signoz.io/signoz/pkg/types/authtypes"
|
|
)
|
|
|
|
type Group struct {
|
|
GroupID string
|
|
GroupName string
|
|
}
|
|
|
|
type AuthCache struct {
|
|
AdminGroupId string
|
|
EditorGroupId string
|
|
ViewerGroupId string
|
|
}
|
|
|
|
var AuthCacheObj AuthCache
|
|
|
|
// InitAuthCache reads the DB and initialize the auth cache.
|
|
func InitAuthCache(ctx context.Context) error {
|
|
|
|
setGroupId := func(groupName string, dest *string) error {
|
|
group, err := dao.DB().GetGroupByName(ctx, groupName)
|
|
if err != nil {
|
|
return errors.Wrapf(err.Err, "failed to get group %s", groupName)
|
|
}
|
|
*dest = group.ID
|
|
return nil
|
|
}
|
|
|
|
if err := setGroupId(constants.AdminGroup, &AuthCacheObj.AdminGroupId); err != nil {
|
|
return err
|
|
}
|
|
if err := setGroupId(constants.EditorGroup, &AuthCacheObj.EditorGroupId); err != nil {
|
|
return err
|
|
}
|
|
if err := setGroupId(constants.ViewerGroup, &AuthCacheObj.ViewerGroupId); err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func GetUserFromReqContext(ctx context.Context) (*types.GettableUser, error) {
|
|
claims, ok := authtypes.ClaimsFromContext(ctx)
|
|
if !ok {
|
|
return nil, errors.New("no claims found in context")
|
|
}
|
|
|
|
user := &types.GettableUser{
|
|
User: types.User{
|
|
ID: claims.UserID,
|
|
GroupID: claims.GroupID,
|
|
Email: claims.Email,
|
|
OrgID: claims.OrgID,
|
|
},
|
|
}
|
|
return user, nil
|
|
}
|
|
|
|
func IsSelfAccessRequest(user *types.GettableUser, id string) bool { return user.ID == id }
|
|
|
|
func IsViewer(user *types.GettableUser) bool { return user.GroupID == AuthCacheObj.ViewerGroupId }
|
|
func IsEditor(user *types.GettableUser) bool { return user.GroupID == AuthCacheObj.EditorGroupId }
|
|
func IsAdmin(user *types.GettableUser) bool { return user.GroupID == AuthCacheObj.AdminGroupId }
|
|
|
|
func IsAdminV2(claims authtypes.Claims) bool { return claims.GroupID == AuthCacheObj.AdminGroupId }
|
|
|
|
func ValidatePassword(password string) error {
|
|
if len(password) < minimumPasswordLength {
|
|
return errors.Errorf("Password should be atleast %d characters.", minimumPasswordLength)
|
|
}
|
|
return nil
|
|
}
|