From a4e32e521dd8f4a617e0e6355f17b13bf8adb046 Mon Sep 17 00:00:00 2001 From: Richard LT Date: Fri, 16 Apr 2021 15:13:34 +0200 Subject: [PATCH] feat: /mon/status returns details only for maintainer (#5795) --- engine/api/api_routes.go | 2 +- engine/api/status.go | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/engine/api/api_routes.go b/engine/api/api_routes.go index f4a010f79d..d793204c66 100644 --- a/engine/api/api_routes.go +++ b/engine/api/api_routes.go @@ -129,7 +129,7 @@ func (api *API) InitRouter() { r.Handle("/broadcast/{id}/mark", Scope(sdk.AuthConsumerScopeProject), r.POST(api.postMarkAsReadBroadcastHandler)) // Overall health - r.Handle("/mon/status", ScopeNone(), r.GET(api.statusHandler, service.OverrideAuth(service.NoAuthMiddleware))) + r.Handle("/mon/status", ScopeNone(), r.GET(api.statusHandler, service.OverrideAuth(api.authOptionalMiddleware))) r.Handle("/mon/version", ScopeNone(), r.GET(service.VersionHandler, service.OverrideAuth(service.NoAuthMiddleware))) r.Handle("/mon/db/migrate", ScopeNone(), r.GET(api.getMonDBStatusMigrateHandler, service.OverrideAuth(api.authAdminMiddleware))) r.Handle("/mon/metrics", ScopeNone(), r.GET(service.GetPrometheustMetricsHandler(api), service.OverrideAuth(service.NoAuthMiddleware))) diff --git a/engine/api/status.go b/engine/api/status.go index f479676af5..cfc0a7b4b6 100644 --- a/engine/api/status.go +++ b/engine/api/status.go @@ -48,11 +48,18 @@ func (api *API) statusHandler() service.Handler { status = http.StatusServiceUnavailable } + // Always load services to ensure that database connection is ok. srvs, err := services.LoadAll(ctx, api.mustDB(), services.LoadOptions.WithStatus) if err != nil { return err } + // If there is a valid session and user is maintainer, allows to get status details. + currentConsumer := getAPIConsumer(ctx) + if currentConsumer == nil || !isMaintainer(ctx) { + return service.WriteJSON(w, nil, status) + } + mStatus := api.computeGlobalStatus(srvs) return service.WriteJSON(w, mStatus, status) }