public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

AuthN: User Quota (#61540)

Browse Source 
* remove reqContext from quota checks in login

* add guards for nil ScopeParams
This commit is contained in:
Jo
2023-01-16 10:54:15 +00:00
committed by GitHub
parent a4c2237d16
commit dcfeab2c73
8 changed files with 30 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/services/authn/authnimpl/usersync/usersync.go
+15
View File
@@ -9,6 +9,7 @@ import (
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/authn"
"github.com/grafana/grafana/pkg/services/login"
"github.com/grafana/grafana/pkg/services/org"
"github.com/grafana/grafana/pkg/services/quota"
"github.com/grafana/grafana/pkg/services/user"
)
@@ -44,6 +45,20 @@ func (s *UserSync) SyncUser(ctx context.Context, id *authn.Identity, _ *authn.Re
return login.ErrSignupNotAllowed
}
// quota check (FIXME: (jguer) this should be done in the user service)
// we may insert in both user and org_user tables
// therefore we need to query check quota for both user and org services
for _, srv := range []string{user.QuotaTargetSrv, org.QuotaTargetSrv} {
limitReached, errLimit := s.quotaService.CheckQuotaReached(ctx, quota.TargetSrv(srv), nil)
if errLimit != nil {
s.log.Warn("error getting user quota.", "error", errLimit)
return login.ErrGettingUserQuota
}
if limitReached {
return login.ErrUsersQuotaReached
}
}
// create user
var errCreate error
usr, errCreate = s.createUser(ctx, id)