Affected by GO-2022-0342 and 27 other vulnerabilities

GO-2022-0342: Grafana XSS in Dashboard Text Panel in github.com/grafana/grafana

GO-2022-0707: Grafana Authentication Bypass in github.com/grafana/grafana

GO-2024-2483: Grafana XSS via adding a link in General feature in github.com/grafana/grafana

GO-2024-2510: Grafana Cross-site Scripting (XSS) in github.com/grafana/grafana

GO-2024-2513: Grafana information disclosure in github.com/grafana/grafana

GO-2024-2515: Grafana XSS via the OpenTSDB datasource in github.com/grafana/grafana

GO-2024-2516: Grafana XSS via a column style in github.com/grafana/grafana

GO-2024-2517: Grafana XSS in header column rename in github.com/grafana/grafana

GO-2024-2519: Grafana world readable configuration files in github.com/grafana/grafana

GO-2024-2520: Grafana XSS via a query alias for the ElasticSearch datasource in github.com/grafana/grafana

GO-2024-2523: Grafana stored XSS in github.com/grafana/grafana

GO-2024-2629: Grafana's users with permissions to create a data source can CRUD all data sources in github.com/grafana/grafana

GO-2024-2661: Arbitrary file read in github.com/grafana/grafana

GO-2024-2697: Grafana: Users outside an organization can delete a snapshot with its key in github.com/grafana/grafana

GO-2024-2843: Grafana Email addresses and usernames can not be trusted in github.com/grafana/grafana

GO-2024-2844: Grafana User enumeration via forget password in github.com/grafana/grafana

GO-2024-2847: Grafana Escalation from admin to server admin when auth proxy is used in github.com/grafana/grafana

GO-2024-2848: Grafana when using email as a username can block other users from signing in in github.com/grafana/grafana

GO-2024-2851: Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins in github.com/grafana/grafana

GO-2024-2852: Grafana account takeover via OAuth vulnerability in github.com/grafana/grafana

GO-2024-2854: Grafana folders admin only permission privilege escalation in github.com/grafana/grafana

GO-2024-2855: Grafana Plugin signature bypass in github.com/grafana/grafana

GO-2024-2856: Grafana Race condition allowing privilege escalation in github.com/grafana/grafana

GO-2024-2857: Grafana Stored Cross-site Scripting in Unified Alerting in github.com/grafana/grafana

GO-2024-2867: Grafana Spoofing originalUrl of snapshots in github.com/grafana/grafana

GO-2024-3079: Grafana plugin data sources vulnerable to access control bypass in github.com/grafana/grafana

GO-2024-3215: Grafana Command Injection And Local File Inclusion Via Sql Expressions in github.com/grafana/grafana

GO-2024-3240: Grafana org admin can delete pending invites in different org in github.com/grafana/grafana

quota

package

v0.0.0-kmdagger3 Latest Latest Go to latest Published: Jun 12, 2023 License: AGPL-3.0 Imports: 6 Imported by: 316

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/grafana/grafana

Documentation ¶

Index ¶

Variables
type Context
- func FromContext(ctx context.Context, targetToSrv *TargetToSrv) Context
type Item
type Map
- func (m *Map) Get(tag Tag) (int64, bool)
- func (m *Map) Iter() <-chan Item
- func (m *Map) Merge(l2 *Map)
- func (m *Map) Scopes() (map[Scope]struct{}, error)
- func (m *Map) Services() (map[TargetSrv]struct{}, error)
- func (m *Map) Set(tag Tag, limit int64)
- func (m *Map) Targets() (map[Target]struct{}, error)
type NewUsageReporter
type Quota
type QuotaDTO
- func (dto QuotaDTO) Tag() (Tag, error)
type Scope
- func (s Scope) Validate() error
type ScopeParameters
type Service
type Tag
- func NewTag(srv TargetSrv, t Target, scope Scope) (Tag, error)
- func (t Tag) GetScope() (Scope, error)
- func (t Tag) GetSrv() (TargetSrv, error)
- func (t Tag) GetTarget() (Target, error)
type Target
type TargetSrv
type TargetToSrv
- func NewTargetToSrv() *TargetToSrv
- func (m *TargetToSrv) Get(target Target) (TargetSrv, bool)
- func (m *TargetToSrv) Set(target Target, srv TargetSrv)
type UpdateQuotaCmd
type UsageReporterFunc

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrBadRequest = errutil.NewBase(errutil.StatusBadRequest, "quota.bad-request")

View Source

var ErrDisabled = errutil.NewBase(errutil.StatusForbidden, "quota.disabled", errutil.WithPublicMessage("Quotas not enabled"))

View Source

var ErrFailedToGetScope = errutil.NewBase(errutil.StatusInternal, "quota.failed-get-scope")

View Source

var ErrInvalidScope = errutil.NewBase(errutil.StatusBadRequest, "quota.invalid-scope")

View Source

var ErrInvalidTagFormat = errutil.NewBase(errutil.StatusInternal, "quota.invalid-invalid-tag-format")

View Source

var ErrInvalidTarget = errutil.NewBase(errutil.StatusInternal, "quota.invalid-target-table")

View Source

var ErrInvalidTargetSrv = errutil.NewBase(errutil.StatusBadRequest, "quota.invalid-target")

View Source

var ErrTargetSrvConflict = errutil.NewBase(errutil.StatusBadRequest, "quota.target-srv-conflict")

View Source

var ErrUsageFoundForTarget = errutil.NewBase(errutil.StatusNotFound, "quota.missing-target-usage")

Functions ¶

This section is empty.

Types ¶

type Context ¶

type Context struct {
	context.Context
	TargetToSrv *TargetToSrv
}

func FromContext ¶

func FromContext(ctx context.Context, targetToSrv *TargetToSrv) Context

type Item ¶

type Item struct {
	Tag   Tag
	Value int64
}

type Map ¶

type Map struct {
	// contains filtered or unexported fields
}

func (*Map) Get ¶

func (m *Map) Get(tag Tag) (int64, bool)

func (*Map) Iter ¶

func (m *Map) Iter() <-chan Item

func (*Map) Merge ¶

func (m *Map) Merge(l2 *Map)

func (*Map) Scopes ¶

func (m *Map) Scopes() (map[Scope]struct{}, error)

func (*Map) Services ¶

func (m *Map) Services() (map[TargetSrv]struct{}, error)

func (*Map) Set ¶

func (m *Map) Set(tag Tag, limit int64)

func (*Map) Targets ¶

func (m *Map) Targets() (map[Target]struct{}, error)

type NewUsageReporter ¶

type NewUsageReporter struct {
	TargetSrv     TargetSrv
	DefaultLimits *Map
	Reporter      UsageReporterFunc
}

type Quota ¶

type Quota struct {
	Id      int64
	OrgId   int64
	UserId  int64
	Target  string
	Limit   int64
	Created time.Time
	Updated time.Time
}

type QuotaDTO ¶

type QuotaDTO struct {
	OrgId   int64  `json:"org_id,omitempty"`
	UserId  int64  `json:"user_id,omitempty"`
	Target  string `json:"target"`
	Limit   int64  `json:"limit"`
	Used    int64  `json:"used"`
	Service string `json:"-"`
	Scope   string `json:"-"`
}

func (QuotaDTO) Tag ¶

func (dto QuotaDTO) Tag() (Tag, error)

type Scope ¶

type Scope string

const (
	GlobalScope Scope = "global"
	OrgScope    Scope = "org"
	UserScope   Scope = "user"
)

func (Scope) Validate ¶

func (s Scope) Validate() error

type ScopeParameters ¶

type ScopeParameters struct {
	OrgID  int64
	UserID int64
}

type Service ¶

type Service interface {
	// GetQuotasByScope returns the quota for the specific scope (global, organization, user)
	// If the scope is organization, the ID is expected to be the organisation ID.
	// If the scope is user, the id is expected to be the user ID.
	GetQuotasByScope(ctx context.Context, scope Scope, ID int64) ([]QuotaDTO, error)
	// Update overrides the quota for a specific scope (global, organization, user).
	// If the cmd.OrgID is set, then the organization quota are updated.
	// If the cmd.UseID is set, then the user quota are updated.
	Update(ctx context.Context, cmd *UpdateQuotaCmd) error
	// QuotaReached is called by the quota middleware for applying quota enforcement to API handlers
	QuotaReached(c *contextmodel.ReqContext, targetSrv TargetSrv) (bool, error)
	// CheckQuotaReached checks if the quota limitations have been reached for a specific service
	CheckQuotaReached(ctx context.Context, targetSrv TargetSrv, scopeParams *ScopeParameters) (bool, error)
	// DeleteQuotaForUser deletes custom quota limitations for the user
	DeleteQuotaForUser(ctx context.Context, userID int64) error

	// RegisterQuotaReporter registers a service UsageReporterFunc, targets and their default limits
	RegisterQuotaReporter(e *NewUsageReporter) error
}

type Tag ¶

type Tag string

Tag is a string with the format <srv>:<target>:<scope>

func NewTag ¶

func NewTag(srv TargetSrv, t Target, scope Scope) (Tag, error)

func (Tag) GetScope ¶

func (t Tag) GetScope() (Scope, error)

func (Tag) GetSrv ¶

func (t Tag) GetSrv() (TargetSrv, error)

func (Tag) GetTarget ¶

func (t Tag) GetTarget() (Target, error)

type Target ¶

type Target string

type TargetSrv ¶

type TargetSrv string

type TargetToSrv ¶

type TargetToSrv struct {
	// contains filtered or unexported fields
}

func NewTargetToSrv ¶

func NewTargetToSrv() *TargetToSrv

func (*TargetToSrv) Get ¶

func (m *TargetToSrv) Get(target Target) (TargetSrv, bool)

func (*TargetToSrv) Set ¶

func (m *TargetToSrv) Set(target Target, srv TargetSrv)

type UpdateQuotaCmd ¶

type UpdateQuotaCmd struct {
	Target string `json:"target"`
	Limit  int64  `json:"limit"`
	OrgID  int64  `json:"-"`
	UserID int64  `json:"-"`
}

type UsageReporterFunc ¶

type UsageReporterFunc func(ctx context.Context, scopeParams *ScopeParameters) (*Map, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
quotaimpl
quotatest

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL