filter insight api index privilege
This commit is contained in:
liugq
parent
7336ebc208
commit
c385f58d66
|
|
@ -12,9 +12,9 @@ type InsightAPI struct {
|
||||||
|
|
||||||
func InitAPI() {
|
func InitAPI() {
|
||||||
insight := InsightAPI{}
|
insight := InsightAPI{}
|
||||||
api.HandleAPIMethod(api.POST, "/elasticsearch/:id/visualization/metadata", insight.HandleGetMetadata)
|
api.HandleAPIMethod(api.POST, "/elasticsearch/:id/visualization/metadata", insight.RequireLogin(insight.HandleGetMetadata))
|
||||||
api.HandleAPIMethod(api.POST, "/elasticsearch/:id/visualization/data", insight.HandleGetMetricData)
|
api.HandleAPIMethod(api.POST, "/elasticsearch/:id/visualization/data", insight.RequireLogin(insight.HandleGetMetricData))
|
||||||
api.HandleAPIMethod(api.POST, "/elasticsearch/:id/visualization/preview", insight.HandleGetPreview)
|
api.HandleAPIMethod(api.POST, "/elasticsearch/:id/visualization/preview", insight.RequireLogin(insight.HandleGetPreview))
|
||||||
|
|
||||||
api.HandleAPIMethod(api.GET, "/insight/visualization/:visualization_id", insight.getVisualization)
|
api.HandleAPIMethod(api.GET, "/insight/visualization/:visualization_id", insight.getVisualization)
|
||||||
api.HandleAPIMethod(api.POST, "/insight/visualization", insight.createVisualization)
|
api.HandleAPIMethod(api.POST, "/insight/visualization", insight.createVisualization)
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,10 @@ func (h *InsightAPI) HandleGetPreview(w http.ResponseWriter, req *http.Request,
|
||||||
}, http.StatusInternalServerError)
|
}, http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
if reqBody.IndexPattern != "" && !h.IsIndexAllowed(req, clusterID, reqBody.IndexPattern){
|
||||||
|
h.WriteError(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
|
||||||
|
return
|
||||||
|
}
|
||||||
if reqBody.ViewID != "" {
|
if reqBody.ViewID != "" {
|
||||||
view := elastic.View{
|
view := elastic.View{
|
||||||
ID: reqBody.ViewID,
|
ID: reqBody.ViewID,
|
||||||
|
|
@ -129,9 +133,11 @@ func (h *InsightAPI) HandleGetMetadata(w http.ResponseWriter, req *http.Request,
|
||||||
err := h.DecodeJSON(req, &reqBody)
|
err := h.DecodeJSON(req, &reqBody)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err)
|
log.Error(err)
|
||||||
h.WriteJSON(w, util.MapStr{
|
h.WriteError(w, err.Error(), http.StatusInternalServerError)
|
||||||
"error": err.Error(),
|
return
|
||||||
}, http.StatusInternalServerError)
|
}
|
||||||
|
if reqBody.IndexPattern != "" && !h.IsIndexAllowed(req, clusterID, reqBody.IndexPattern){
|
||||||
|
h.WriteError(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
var fieldsFormat map[string]string
|
var fieldsFormat map[string]string
|
||||||
|
|
@ -141,9 +147,7 @@ func (h *InsightAPI) HandleGetMetadata(w http.ResponseWriter, req *http.Request,
|
||||||
}
|
}
|
||||||
exists, err := orm.Get(&view)
|
exists, err := orm.Get(&view)
|
||||||
if err != nil || !exists {
|
if err != nil || !exists {
|
||||||
h.WriteJSON(w, util.MapStr{
|
h.WriteError(w, err.Error(), http.StatusNotFound)
|
||||||
"error": err.Error(),
|
|
||||||
}, http.StatusNotFound)
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
reqBody.IndexPattern = view.Title
|
reqBody.IndexPattern = view.Title
|
||||||
|
|
@ -159,9 +163,7 @@ func (h *InsightAPI) HandleGetMetadata(w http.ResponseWriter, req *http.Request,
|
||||||
fieldsMeta, err := getMetadataByIndexPattern(clusterID, reqBody.IndexPattern, reqBody.TimeField, reqBody.Filter, fieldsFormat)
|
fieldsMeta, err := getMetadataByIndexPattern(clusterID, reqBody.IndexPattern, reqBody.TimeField, reqBody.Filter, fieldsFormat)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err)
|
log.Error(err)
|
||||||
h.WriteJSON(w, util.MapStr{
|
h.WriteError(w, err.Error(), http.StatusInternalServerError)
|
||||||
"error": err.Error(),
|
|
||||||
}, http.StatusInternalServerError)
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
h.WriteJSON(w, fieldsMeta, http.StatusOK)
|
h.WriteJSON(w, fieldsMeta, http.StatusOK)
|
||||||
|
|
@ -172,19 +174,19 @@ func (h *InsightAPI) HandleGetMetricData(w http.ResponseWriter, req *http.Reques
|
||||||
err := h.DecodeJSON(req, &reqBody)
|
err := h.DecodeJSON(req, &reqBody)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err)
|
log.Error(err)
|
||||||
h.WriteJSON(w, util.MapStr{
|
h.WriteError(w, err.Error(), http.StatusInternalServerError)
|
||||||
"error": err.Error(),
|
|
||||||
}, http.StatusInternalServerError)
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
clusterID := ps.MustGetParameter("id")
|
clusterID := ps.MustGetParameter("id")
|
||||||
|
if !h.IsIndexAllowed(req, clusterID, reqBody.IndexPattern){
|
||||||
|
h.WriteError(w, http.StatusText(http.StatusForbidden), http.StatusForbidden)
|
||||||
|
return
|
||||||
|
}
|
||||||
reqBody.ClusterId = clusterID
|
reqBody.ClusterId = clusterID
|
||||||
metricData, err := getMetricData(&reqBody)
|
metricData, err := getMetricData(&reqBody)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error(err)
|
log.Error(err)
|
||||||
h.WriteJSON(w, util.MapStr{
|
h.WriteError(w, err.Error(), http.StatusInternalServerError)
|
||||||
"error": err.Error(),
|
|
||||||
}, http.StatusInternalServerError)
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue