diff --git a/pkg/middleware/auth.go b/pkg/middleware/auth.go index 1492fc8f660b..9da43b7fc17d 100644 --- a/pkg/middleware/auth.go +++ b/pkg/middleware/auth.go @@ -119,15 +119,17 @@ func AdminOrFeatureEnabled(enabled bool) macaron.Handler { } } +// SnapshotPublicModeOrSignedIn creates a middleware that allows access +// if snapshot public mode is enabled or if user is signed in. func SnapshotPublicModeOrSignedIn(cfg *setting.Cfg) macaron.Handler { return func(c *models.ReqContext) { if cfg.SnapshotPublicMode { return } - _, err := c.Invoke(ReqSignedIn) - if err != nil { - c.JsonApiErr(500, "Failed to invoke required signed in middleware", err) + if !c.IsSignedIn { + notAuthorized(c) + return } } } diff --git a/pkg/middleware/auth_test.go b/pkg/middleware/auth_test.go index c464db681f7c..a1dced4e56bb 100644 --- a/pkg/middleware/auth_test.go +++ b/pkg/middleware/auth_test.go @@ -87,11 +87,22 @@ func TestMiddlewareAuth(t *testing.T) { middlewareScenario(t, "Snapshot public mode disabled and unauthenticated request should return 401", func( t *testing.T, sc *scenarioContext) { - sc.m.Get("/api/snapshot", SnapshotPublicModeOrSignedIn(sc.cfg), sc.defaultHandler) + sc.m.Get("/api/snapshot", func(c *models.ReqContext) { + c.IsSignedIn = false + }, SnapshotPublicModeOrSignedIn(sc.cfg), sc.defaultHandler) sc.fakeReq("GET", "/api/snapshot").exec() assert.Equal(t, 401, sc.resp.Code) }) + middlewareScenario(t, "Snapshot public mode disabled and authenticated request should return 200", func( + t *testing.T, sc *scenarioContext) { + sc.m.Get("/api/snapshot", func(c *models.ReqContext) { + c.IsSignedIn = true + }, SnapshotPublicModeOrSignedIn(sc.cfg), sc.defaultHandler) + sc.fakeReq("GET", "/api/snapshot").exec() + assert.Equal(t, 200, sc.resp.Code) + }) + middlewareScenario(t, "Snapshot public mode enabled and unauthenticated request should return 200", func( t *testing.T, sc *scenarioContext) { sc.cfg.SnapshotPublicMode = true diff --git a/public/app/features/dashboard/components/ShareModal/ShareModal.tsx b/public/app/features/dashboard/components/ShareModal/ShareModal.tsx index a5e1951b7331..1de8c0c6d06c 100644 --- a/public/app/features/dashboard/components/ShareModal/ShareModal.tsx +++ b/public/app/features/dashboard/components/ShareModal/ShareModal.tsx @@ -6,21 +6,7 @@ import { ShareSnapshot } from './ShareSnapshot'; import { ShareExport } from './ShareExport'; import { ShareEmbed } from './ShareEmbed'; import { ShareModalTabModel } from './types'; - -const shareCommonTabs: ShareModalTabModel[] = [ - { label: 'Link', value: 'link', component: ShareLink }, - { label: 'Snapshot', value: 'snapshot', component: ShareSnapshot }, -]; - -// prettier-ignore -const shareDashboardTabs: ShareModalTabModel[] = [ - { label: 'Export', value: 'export', component: ShareExport }, -]; - -// prettier-ignore -const sharePanelTabs: ShareModalTabModel[] = [ - { label: 'Embed', value: 'embed', component: ShareEmbed }, -]; +import { contextSrv } from 'app/core/core'; const customDashboardTabs: ShareModalTabModel[] = []; const customPanelTabs: ShareModalTabModel[] = []; @@ -43,13 +29,18 @@ function getInitialState(props: Props): State { function getTabs(props: Props) { const { panel } = props; - const tabs = [...shareCommonTabs]; + + const tabs: ShareModalTabModel[] = [{ label: 'Link', value: 'link', component: ShareLink }]; + + if (contextSrv.isSignedIn) { + tabs.push({ label: 'Snapshot', value: 'snapshot', component: ShareSnapshot }); + } if (panel) { - tabs.push(...sharePanelTabs); + tabs.push({ label: 'Embed', value: 'embed', component: ShareEmbed }); tabs.push(...customPanelTabs); } else { - tabs.push(...shareDashboardTabs); + tabs.push({ label: 'Export', value: 'export', component: ShareExport }); tabs.push(...customDashboardTabs); }