public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allows posting to prom rules endpoints via ds_proxy (#32946)

Browse Source 
* allows posting to prom rules endpoints via ds_proxy

* prom proxy routes via plugin and fix proxy route matching bug

* bump ci
This commit is contained in:
Owen Diehl
2021-04-14 13:06:20 -04:00
committed by GitHub
parent b3ac63dad7
commit dadccdda06
3 changed files with 96 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/api/pluginproxy/ds_proxy.go
+17 -16
View File
@@ -246,18 +246,6 @@ func (proxy *DataSourceProxy) validateRequest() error {
return errors.New("target URL is not a valid target")
}
if proxy.ds.Type == models.DS_PROMETHEUS {
if proxy.ctx.Req.Request.Method == "DELETE" {
return errors.New("deletes not allowed on proxied Prometheus datasource")
}
if proxy.ctx.Req.Request.Method == "PUT" {
return errors.New("puts not allowed on proxied Prometheus datasource")
}
if proxy.ctx.Req.Request.Method == "POST" && !(proxy.proxyPath == "api/v1/query" || proxy.proxyPath == "api/v1/query_range" || proxy.proxyPath == "api/v1/series" || proxy.proxyPath == "api/v1/labels" || proxy.proxyPath == "api/v1/query_exemplars") {
return errors.New("posts not allowed on proxied Prometheus datasource except on /query, /query_range, /series and /labels")
}
}
if proxy.ds.Type == models.DS_ES {
if proxy.ctx.Req.Request.Method == "DELETE" {
return errors.New("deletes not allowed on proxied Elasticsearch datasource")
@@ -278,16 +266,29 @@ func (proxy *DataSourceProxy) validateRequest() error {
continue
}
// route match
if !strings.HasPrefix(proxy.proxyPath, route.Path) {
continue
}
if route.ReqRole.IsValid() {
if !proxy.ctx.HasUserRole(route.ReqRole) {
return errors.New("plugin proxy route access denied")
}
}
if strings.HasPrefix(proxy.proxyPath, route.Path) {
proxy.route = route
break
}
proxy.route = route
return nil
}
}
// Trailing validation below this point for routes that were not matched
if proxy.ds.Type == models.DS_PROMETHEUS {
if proxy.ctx.Req.Request.Method == "DELETE" {
return errors.New("non allow-listed DELETEs not allowed on proxied Prometheus datasource")
}
if proxy.ctx.Req.Request.Method == "PUT" {
return errors.New("non allow-listed PUTs not allowed on proxied Prometheus datasource")
}
}