public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

apply security patch: v11.1.x/0001-Alerting-Fix-permission-on-external-rule-write-endpo.patch

Browse Source 
commit 0c592dfe8f7ac36607dbe888178228ba226995ad
Author: Alex Weaver <weaver.alex.d@gmail.com>
Date:   Thu Aug 22 11:54:30 2024 -0500

    Alerting: Fix permission on external rule write endpoint
This commit is contained in:
github-actions[bot]
2024-09-27 08:16:54 +00:00
parent aac8b983c2
commit dec1389471
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/services/ngalert/api/authorization.go
+1 -1
View File
@@ -112,7 +112,7 @@ func (api *API) authorize(method, path string) web.Handler {
case http.MethodGet + "/api/ruler/{DatasourceUID}/api/v1/rules":
eval = ac.EvalPermission(ac.ActionAlertingRuleExternalRead, datasources.ScopeProvider.GetResourceScopeUID(ac.Parameter(":DatasourceUID")))
case http.MethodPost + "/api/ruler/{DatasourceUID}/api/v1/rules/{Namespace}":
eval = ac.EvalPermission(ac.ActionAlertingInstancesExternalWrite, datasources.ScopeProvider.GetResourceScopeUID(ac.Parameter(":DatasourceUID")))
eval = ac.EvalPermission(ac.ActionAlertingRuleExternalWrite, datasources.ScopeProvider.GetResourceScopeUID(ac.Parameter(":DatasourceUID")))
// Lotex Prometheus-compatible Paths
case http.MethodGet + "/api/prometheus/{DatasourceUID}/api/v1/rules":