|
@@ -6,6 +6,7 @@ import (
|
|
|
"net/http"
|
|
"net/http"
|
|
|
"net/http/httputil"
|
|
"net/http/httputil"
|
|
|
"net/url"
|
|
"net/url"
|
|
|
|
|
+ "strings"
|
|
|
"time"
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/grafana/grafana/pkg/api/cloudwatch"
|
|
"github.com/grafana/grafana/pkg/api/cloudwatch"
|
|
@@ -107,6 +108,13 @@ func ProxyDataSourceRequest(c *middleware.Context) {
|
|
|
|
|
|
|
|
proxyPath := c.Params("*")
|
|
proxyPath := c.Params("*")
|
|
|
|
|
|
|
|
|
|
+ if ds.Type == m.DS_PROMETHEUS {
|
|
|
|
|
+ if !(c.Req.Request.Method == "GET" && strings.Index(proxyPath, "api/") == 0) {
|
|
|
|
|
+ c.JsonApiErr(403, "GET is only allowed on proxied Prometheus datasource", nil)
|
|
|
|
|
+ return
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
if ds.Type == m.DS_ES {
|
|
if ds.Type == m.DS_ES {
|
|
|
if c.Req.Request.Method == "DELETE" {
|
|
if c.Req.Request.Method == "DELETE" {
|
|
|
c.JsonApiErr(403, "Deletes not allowed on proxied Elasticsearch datasource", nil)
|
|
c.JsonApiErr(403, "Deletes not allowed on proxied Elasticsearch datasource", nil)
|
Mitsuhiro Tanda