diff --git a/docker/n9eetc/webapi.conf b/docker/n9eetc/webapi.conf index b8ee1516..62d7e68b 100644 --- a/docker/n9eetc/webapi.conf +++ b/docker/n9eetc/webapi.conf @@ -72,6 +72,10 @@ RedisKeyPrefix = "/jwt/" [BasicAuth] user001 = "ccc26da7b9aba533cbb263a36c07dcc5" +[AnonymousAccess] +PromQuerier = false +AlertDetail = false + [LDAP] Enable = false Host = "ldap.example.org" diff --git a/etc/webapi.conf b/etc/webapi.conf index cb16c515..7f2e3aad 100644 --- a/etc/webapi.conf +++ b/etc/webapi.conf @@ -72,6 +72,10 @@ RedisKeyPrefix = "/jwt/" [BasicAuth] user001 = "ccc26da7b9aba533cbb263a36c07dcc5" +[AnonymousAccess] +PromQuerier = false +AlertDetail = false + [LDAP] Enable = false Host = "ldap.example.org" diff --git a/src/webapi/config/config.go b/src/webapi/config/config.go index 8d4b2622..77b1f52c 100644 --- a/src/webapi/config/config.go +++ b/src/webapi/config/config.go @@ -74,22 +74,23 @@ func MustLoad(fpaths ...string) { } type Config struct { - RunMode string - I18N string - AdminRole string - ContactKeys []ContactKey - NotifyChannels []string - Log logx.Config - HTTP httpx.Config - JWTAuth JWTAuth - BasicAuth gin.Accounts - LDAP ldapx.LdapSection - Redis storage.RedisConfig - Gorm storage.Gorm - MySQL storage.MySQL - Postgres storage.Postgres - Clusters []prom.Options - Ibex Ibex + RunMode string + I18N string + AdminRole string + ContactKeys []ContactKey + NotifyChannels []string + Log logx.Config + HTTP httpx.Config + JWTAuth JWTAuth + BasicAuth gin.Accounts + AnonymousAccess AnonymousAccess + LDAP ldapx.LdapSection + Redis storage.RedisConfig + Gorm storage.Gorm + MySQL storage.MySQL + Postgres storage.Postgres + Clusters []prom.Options + Ibex Ibex } type ContactKey struct { @@ -104,6 +105,11 @@ type JWTAuth struct { RedisKeyPrefix string } +type AnonymousAccess struct { + PromQuerier bool + AlertDetail bool +} + type Ibex struct { Address string BasicAuthUser string diff --git a/src/webapi/router/router.go b/src/webapi/router/router.go index 29f1a13e..586053ae 100644 --- a/src/webapi/router/router.go +++ b/src/webapi/router/router.go @@ -100,7 +100,11 @@ func configRoute(r *gin.Engine, version string) { pages := r.Group(pagesPrefix) { - pages.Any("/prometheus/*url", prometheusProxy) + if config.C.AnonymousAccess.PromQuerier { + pages.Any("/prometheus/*url", prometheusProxy) + } else { + pages.Any("/prometheus/*url", jwtAuth(), prometheusProxy) + } pages.GET("/version", func(c *gin.Context) { c.String(200, version) @@ -201,12 +205,17 @@ func configRoute(r *gin.Engine, version string) { // pages.GET("/busi-group/:id/collect-rule/:crid", jwtAuth(), user(), bgro(), collectRuleGet) // pages.PUT("/busi-group/:id/collect-rule/:crid", jwtAuth(), user(), bgrw(), collectRulePut) + pages.GET("/busi-group/:id/alert-his-events", jwtAuth(), user(), bgro(), alertHisEventGets) pages.GET("/busi-group/:id/alert-cur-events", jwtAuth(), user(), bgro(), alertCurEventGets) pages.DELETE("/busi-group/:id/alert-cur-events", jwtAuth(), user(), bgrw(), alertCurEventDel) - pages.GET("/alert-cur-event/:eid", alertCurEventGet) - pages.GET("/busi-group/:id/alert-his-events", jwtAuth(), user(), bgro(), alertHisEventGets) - pages.GET("/alert-his-event/:eid", alertHisEventGet) + if config.C.AnonymousAccess.AlertDetail { + pages.GET("/alert-cur-event/:eid", alertCurEventGet) + pages.GET("/alert-his-event/:eid", alertHisEventGet) + } else { + pages.GET("/alert-cur-event/:eid", jwtAuth(), alertCurEventGet) + pages.GET("/alert-his-event/:eid", jwtAuth(), alertHisEventGet) + } pages.GET("/busi-group/:id/task-tpls", jwtAuth(), user(), bgro(), taskTplGets) pages.POST("/busi-group/:id/task-tpls", jwtAuth(), user(), bgrw(), taskTplAdd)