mirror of
https://github.com/netdata/netdata.git
synced 2025-04-30 23:50:04 +00:00
84474006d4
* wip of migrating to bitmap permissions * replace role with bitmapped permissions * formatting permissions using macros * accept view and edit permissions for all dynamic configuration * work on older compilers * parse the header in hex * agreed permissions updates * map permissions to old roles * new permissions management * fix function rename * build libdatachannel when enabled - currently for code maintainance * dyncfg now keeps 2 sets of statuses, to keep track of what happens to dyncfg and what actually happens with the plugin * complete the additions of jobs and solve unittests * fix renumbering of ACL bits * processes function shows the cmdline based on permissions and the presence of the sensitive data permission * now the agent returns 412 when authorization is missing, 403 when authorization exists but permissions are not enough, 451 when access control list prevents the user from accessing the dashboard * enable cmdline on processes with thhe HTTP_ACCESS_VIEW_AGENT_CONFIG permission * by default functions require anonymous-data access * fix compilation on debian * fix left-over renamed define * updated schema for alerts * updated permissions * require a name when loading json payloads, if the name is not provided by dyncfg
21 lines
608 B
C
21 lines
608 B
C
// SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
#ifndef NETDATA_HTTP_AUTH_H
|
|
#define NETDATA_HTTP_AUTH_H
|
|
|
|
#include "web_api.h"
|
|
|
|
struct web_client;
|
|
|
|
extern bool netdata_is_protected_by_bearer;
|
|
|
|
bool extract_bearer_token_from_request(struct web_client *w, char *dst, size_t dst_len);
|
|
|
|
time_t bearer_create_token(uuid_t *uuid, struct web_client *w);
|
|
bool web_client_bearer_token_auth(struct web_client *w, const char *v);
|
|
|
|
static inline bool http_access_user_has_enough_access_level_for_endpoint(HTTP_ACCESS user, HTTP_ACCESS endpoint) {
|
|
return ((user & endpoint) == endpoint);
|
|
}
|
|
|
|
#endif //NETDATA_HTTP_AUTH_H
|